This allows handling of the unusal but foreseeable situation were
the client provides a zero length output buffer, for example, if
the input buffer was also zero length.
Leave the http minilex as it is, and add an improved version in lib/misc
- get a list of strings from stdin and emit C header to stdout
- support ambiguous terminals (xxx and xxx-something) correctly regardless
of introduction order
- add generic parser in lib/misc
minilex doesn't build as part of lws since it's only needed by developers,
there's a one-line build documented at a comment at the top of
lib/misc/minilex.c
This patch checks for the env var SSLKEYLOGFILE=path, if present, then
client connection tls secrets are appended into path.vhostname.
This allows decryption of captured encrypted data for debugging purposes.
SSKEYLOGFILE=path env var method is the same as provided by Firefox and
Chrome for this purpose.
Although many of the examples must be run from the example directory as
cwd, everyone getting started probably wants to try the examples, cmake
knows how to do it, so let's enable it by default.
Coverity does not understand that once we checked that the header has
a non-zero length, the associated pointer can never be NULL. Add a
pointless check to make it happy.
continue here makes no difference than using break, but continue gets us a
pointless complaint "statement continue does not have any effect" and break
does not.
Coverity gets antsy that we were checking wsi->a.protocol for NULL earlier
then start using it... explicitly bail if it's NULL before we start using
it.
->san is a union, in this case we set the type to indicate we use
SAN_OTHER_NAME member, but set the unstructured_name union member, that is
smaller.
This doesn't cause any problem, since the union has space for it. But
Coverity noticed, it is wrong, so fix it.
Coverity doesn't understand that since we already handled
akid.keyIdentifier.MBEDTLS_PRIVATE(len) being zero, we don't need to
check for akid.keyIdentifier.MBEDTLS_PRIVATE(p) being NULL.
So explicitly check it, even though it is a NOP.
We also need to report CGI_TERMINATED when reaping children that closed by
themselves. Keep an extra copy of the pid outside of the lws_spawn object
so it's still around by then.
Disconnect wants to keep a copy of the description string, but it is never
freed. Make it ephemeral just for the ->disconnect_reason() op so it is
cleaned out correctly.
The sshd example has gotten crufted a few different ways.
Adapt the test-sshd protocol and callbacks to not collide with the plugin
ssh-demo exports, for BUILTIN case.
Do not build a static copy of ssh-base for test-sshd if PLUGINS_BUILTIN is
going to provide it via lws import.
Add pvo for ssh-base to enable it on to the test-sshd vhost.
Banner staging in buf[] shared some of source and dest when it was copied
in, move it up a bit to avoid this.
Add note about rsa key disable workaround on Fedora.
test-sshd uses CGI (and requires it enabled to build) because it predates
lws_spawn... lws cgi was migrated to lws_spawn, really the test=sshd needs
rewriting to use lws_spawn directly instead of cgi.
For plugins that handle PROTOCOL_INIT, we have to iterate any PLUGINS_BUILTIN
plugins as if we had just discovered and loaded them from plugin files, so
they bind to vhosts appropriately.
Add some private helpers to keep the guts from duplication in plat.
