Previously down network interfaces without an IPv4 address are
removed from the posix api that lists network interfaces.
That means if you bound a vhost listen socket to a particular
interface, it will fail at startup time.
This patch adds these vhosts to a list, starts the vhost without
a listen socket, and checks to see if the vhost's network interface
has appeared while the rest of lws is running.
If it appears, the listen socket is opened on the network interface
and the vhost becomes reachable.
This replaces the existing, unreleased lws_set_timer(wsi, secs) with
lws_set_timer_usecs(wsi, usecs).
wsi with a timer waiting are added to a linked-list sorted by the
timer trigger time.
1) poll() timeout (ie, poll wait) is trimmed to the nearest ms of the
first waiting timer if the default poll wait is longer than the
interval until the first waiting timer.
The linked-list of waiting timers is checked every entry and exit
from poll()... if no timers waiting or none reached their time
this costs almost nothing.
2) libuv: the earliest hrtimer is checked after every IO, again this
is costing nothing if the list head is NULL. If the case there
are hrtimers on the list, it costs a getimeofday (a VDSO in linux)
and more only if any of the timers have fired.
In addition on entry to libuv idle, if there are any waiting hrtimers
on the list, a libuv timer is used to force a wake in case we stay
idle (the libuv timer has ms resolution).
3) libev: not implemented
4) libevent: not implemented
Warnings are logged in the api is used on an event backend without
support. Patches welcome to add support similarly to libuv.
This is just an internal mass change of LWS_NO_EXTENSIONS to
LWS_WITHOUT_EXTENSIONS to match the public name and eliminate
all instances of LWS_NO_EXTENSIONS.
Until now LWS_CALLBACK_CLIENT_CONNECTION_ERROR handling could only
take place on protocols[0].
This patch changes LWS_CALLBACK_CLIENT_CONNECTION_ERROR to be sent
to the protocol the client connection was bound to... if nothing
better that is still protocols[0], but if you created the client
connection using info.local_protocol_name, it will now be sent to
the bound protocol handler instead.
Until now LWS_CALLBACK_CLOSED has served the same for
client and server connections. This introduces a new
LWS_CALLBACK_CLIENT_CLOSE which is sent on established
ws client connections, insread of LWS_CALLBACK_CLOSED.
LWS_CALLBACK_CLOSED continues to be sent when server
ws connections close.
This adds a new api lws_set_timer(wsi, secs), which schedules
a callback LWS_CALLBACK_TIMER secs seconds into the future.
The timer can be continuously deferred by calling lws_set_timer()
again before it expires.
Calling lws_set_timer(wsi, -1) cancels any pending timer.
ESP32 module price is now within range of 8266 price.
ESP32 capability and OS support is hugely better than 8266,
we can support mbedtls tls, http/2 etc with ESP32.
I'm no longer testing on ESP8266... there's no more
user traffic... it's time to go.
LWIP_SOCKET_OFFSET is now nonzero, which I handled a while back.
But the C api support for it is broken in esp-idf.
select() takes unmodified fds, but FD_SET / FD_ISSET etc must have the
offset subtracted on their args.
With this we are working on current HEAD esp-idf.
This provides platform-independent support for time discontiguities.
On embedded without battery RTC, commonly we only get time after
NTP completes. This makes the cert checking happen when we have
a reasonable time and introduces lws_compare_time_t() to correctly
compare time_t s that may sit on either side of a time discontiguity.
The union used to make a lot of sense to save space between
mutually exclusive modes. But the fact the http2 struct
contains the http1 struct as well as it appearing in the
union means the http1 struct belongs outside the union.
This patch
- eliminates the union
- puts the http_related struct directly in struct lws
- removes http_related from h2
- puts h2 directly in struct lws if enabled for build
- changes ws to be a pointer, allocated if we upgrade to ws
(the ws part contains a 135 byte char array for ping / close)
Again all of this is entirely private / internal and doesn't affect
any apis.
Migrate what used to be in lws_hdr_related into either the ah
or the wsi, and eliminate it along with the three different ways
used to access things inside it.
Eg wsi->u.hdr.ah and wsi->u.http.ah become wsi->ah
These changes are internal-only, in private-libwebsockets.h and lib.
After startup, and once per day, check the validity dates on our ssl certs,
and broadcast callbacks with the information so interested plugins can
know.
If our clock is < May 2016, we don't try to judge the certs, because clearly
we don't know what time it is.
- Add platform helpers for pipe creation.
- Change the direct-to-fds implementation to create a wsi for each
pt and use the normal apis to bind it to the event loop.
- Modifiy context creation and destroy to create and remove the
event pipe wsis.
- Create the event pipe wsis during context create if using the
default poll() event loop, or when the other event loops start
otherwise.
- Add handler that calls back user code with
LWS_CALLBACK_EVENT_WAIT_CANCELLED
This patch allows you to call `lws_cancel_service(struct lws_context *context)`
from another thread.
It's very cheap for the other thread to call and is safe without
locking.
Every use protocol receives a LWS_CALLBACK_EVENT_WAIT_CANCELLED from
the main thread serialized normally in the event loop.
This enables selected things from -Wextra, can't use -Wextra because it is
fussy enough to complain about unused params on functions... they are
there for a reason.
-Wsign-compare
-Wignored-qualifiers
not -Wimplicit-fallthrough=3 ... only on gcc 7
-Wtype-limits
-Wuninitialized
not -Wclobbered ... only on gcc 7ish
fix the warnings everywhere they were found.
- introduce lib/tls/mbedtls lib/tls/openssl
- move wrapper into lib/tls/mbedtls/wrapper
- introduce private helpers to hide backend
This patch doesn't replace or remove the wrapper, it moves it
to lib/tls/mbedtls/wrapper.
But it should be now that the ONLY functions directly consuming
wrapper apis are isolated in
- lib/tls/mbedtls/client.c (180 lines)
- lib/tls/mbedtls/server.c (317 lines)
- lib/tls/mbedtls/ssl.c (325 lines)
In particular there are no uses of openssl or mbedtls-related
constants outside of ./lib/tls any more.
HTTP/2 support is now able to serve the test server, complete with
websockets, from a single vhost.
- This works the same with both OpenSSL and mbedTLS.
- POST is now wired up and works (also for file upload).
- CGI is wired up and works.
- Redirect is adapted and works
- lwsws works.
- URI urldecode, sanitation and argument parsing wired up for :path
valgrind clean (aside from openssl-style false uninit data usage in mbedtls send occasionally)
h2spec reports:
$ h2spec -h 127.0.0.1 -p 7681 -t -k -o 1
...
145 tests, 145 passed, 0 skipped, 0 failed"
Incorporates:
- "https://github.com/warmcat/libwebsockets/pull/1039
Fixes issue with -Werror=unused-variable flag
- 2c843a1395
ssl: fix infinite loop on client cert verification failure
Signed-off-by: Petar Paradzik <petar.paradzik@sartura.hr>"
Caused and fixes Coverity 184887 - 184892
The mbedTLS / OpenSSL wrapper spins for the duration of the
handshake, which is a slow 31ms on my x86_64 box (by comparison
it's ~1ms on actual OpenSSL on the same box).
This doesn't change the 31ms but it stops us spinning during the
accept and has us retry on POLLIN instead like OpenSSL.
Note this also fixes the endemic mismatches in returncode
between mbedTLS and OpenSSL semantics...
