Subject: [PATCH] remove LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY
callback
When a certificate for a TLS connection is provided, but a private
key is not, the SSL_CTX initialization exits early, before the
CONTEXT_REQUIRES_PRIVATE_KEY callback can be issued.
Remove the now obsolete callback and update the vhost
field description to state that the LOAD_EXTRA_SERVER_VERIFY_CERTS
callback should be used instead.
Subject: [PATCH] lib/secure-streams: Fix clang build error
`-Wunused-but-set-variable`
When building with clang-15, I got the following error:
```
error: variable 'm' set but not used [-Werror,-Wunused-but-set-variable]
int n, m = 0;
^
```
Let's just remove the `m` variable here, it's not used.
Signed-off-by: Ammar Faizi <ammarfaizi2@gnuweeb.org>
openssl can be built without threads resulting in the following build
failure:
-- Looking for HMAC_CTX_new
-- Looking for HMAC_CTX_new - not found
[...]
In file included from /home/buildroot/autobuild/instance-0/output-1/build/libwebsockets-4.3.1/include/libwebsockets.h:661,
from /home/buildroot/autobuild/instance-0/output-1/build/libwebsockets-4.3.1/lib/core/./private-lib-core.h:140,
from /home/buildroot/autobuild/instance-0/output-1/build/libwebsockets-4.3.1/lib/plat/unix/unix-misc.c:28:
/home/buildroot/autobuild/instance-0/output-1/build/libwebsockets-4.3.1/include/libwebsockets/lws-genhash.h:85:18: error: field 'ctx' has incomplete type
85 | HMAC_CTX ctx;
| ^~~
To fix this build failure, don't unconditionally add pthread if openssl
has been found through pkg-config as openssl.pc will contain the
appropriate dependencies (i.e. -lpthread but also -lz or -latomic)
Fixes:
- http://autobuild.buildroot.org/results/2ae9e3249b6fcc9e6c30e7783e264fc6599e61df
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Several examples trim their buffer with an extra LWS_PRE from the end...
actually end should point to end the end of buf without a second LWS_PRE
reservation.
https://github.com/warmcat/libwebsockets/issues/2629
881 case LWS_CALLBACK_MQTT_UNSUBSCRIBE_TIMEOUT:
>>> CID 392688: (REVERSE_INULL)
>>> Null-checking "wsi" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
882 if (!wsi || !wsi->mqtt)
883 return -1;
wsi can't be NULL for a callback specific to a wsi.
Blows on Centos 7 / 8 in Sai with
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c: In function âexpand_metadataâ:
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c:304:2: error: missing braces around initializer [-Werror=missing-braces]
lws_strexp_t exp = {0};
^
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c:304:2: error: (near initialization for âexp.nameâ) [-Werror=missing-braces]
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c:304:2: error: missing initializer for field âcbâ of âlws_strexp_tâ [-Werror=missing-field-initializers]
In file included from /home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/include/libwebsockets.h:737:0,
from /home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/core/./private-lib-core.h:146,
from /home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c:25:
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/include/libwebsockets/lws-tokenize.h:196:23: note: âcbâ declared here
lws_strexp_expand_cb cb;
^
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c: In function âsecstream_mqtt_shadow_subscribeâ:
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c:441:2: error: âforâ loop initial declarations are only allowed in C99 mode
for (unsigned int i = 0; i < suffixes_len; i++) {
^
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c:441:2: note: use option -std=c99 or -std=gnu99 to compile your code
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c: In function âsecstream_mqttâ:
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c:481:2: error: missing braces around initializer [-Werror=missing-braces]
lws_strexp_t exp = {0};
^
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c:481:2: error: (near initialization for âexp.nameâ) [-Werror=missing-braces]
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c:481:2: error: missing initializer for field âcbâ of âlws_strexp_tâ [-Werror=missing-field-initializers]
In file included from /home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/include/libwebsockets.h:737:0,
from /home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/core/./private-lib-core.h:146,
from /home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c:25:
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/include/libwebsockets/lws-tokenize.h:196:23: note: âcbâ declared here
lws_strexp_expand_cb cb;
^
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c:677:27: error: conversion to âuint32_tâ from âsize_tâ may alter its value [-Werror=conversion]
uint32_t acc_n = strlen(LWS_MQTT_SHADOW_RESP_ACCEPTED_STR);
^
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c:678:27: error: conversion to âuint32_tâ from âsize_tâ may alter its value [-Werror=conversion]
uint32_t rej_n = strlen(LWS_MQTT_SHADOW_RESP_REJECTED_STR);
^
/home/sai/big-long-dir-to-make-rpm-happy-o/jobs/0-0.0/libwebsockets/lib/secure-streams/protocols/ss-mqtt.c:680:4: error: âforâ loop initial declarations are only allowed in C99 mode
for (uint32_t i = 0; i < h->u.mqtt.shadow_sub.num_topics; i++) {
little additional cleaning and conversion to modern lwsl_xxx_yyy(xxx, ...)
Use pkg-config to search for wolfssl.pc which is available since version
3.3.3 and
a50af85e95
This will avoid setting manually LWS_WOLFSSL_{INCLUDE_DIRS,LIBRARIES}
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fix the following build failure without C++ raised since version 4.2.0
and
962e9ee345:
CMake Error at /nvmedata/autobuild/instance-11/output-1/per-package/libwebsockets/host/share/cmake-3.18/Modules/CMakeTestCXXCompiler.cmake:59 (message):
The C++ compiler
"/usr/bin/clang++"
is not able to compile a simple test program.
Fixes:
- http://autobuild.buildroot.org/results/550e7f7d54adf74f8cc078be5b91b3567d622ede
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
This adds setting QOS_NACK_REMOTE state when QoS 1/2 PUBLISH
transmissions and all retries are unacked and failed. Also this
allows state transitions between QOS_ACK_REMOTE and QOS_NACK_REMOTE.
This sets the CONNECTED state after Birth topic is processed if
the stream has defined a Birth topic to avoid any confict when
the connection is not stable and the Birth is delayed.
This fixes CMake error "mode MATCH needs at least 5 arguments total to
command" while configuring when no OpenSSL executable was found.
Tested under Windows using VS2019.
