1) This makes lwsws run a parent process with the original permissions.
But this process is only able to respond to SIGHUP, it doesn't do anything
else.
2) You can send this parent process a SIGHUP now to cause it to
- close listening sockets in existing lwsws processes
- mark those processes as to exit when the number of active connections
on the falls to zero
- spawn a fresh child process from scratch, using latest configuration
file content, latest plugins, etc. It can now reopen listening sockets
if it chooses to, or open different listen ports or whatever.
Notes:
1) lws_context_destroy() has been split into two pieces... the reason for
the split is the first part closes the per-vhost protocols, but since
they may have created libuv objects in the per-vhost protocol storage,
these cannot be freed until after the loop has been run.
That's the purpose of the second part of the context destruction,
lws_context_destroy2().
For compatibility, if you are not using libuv, the first part calls the
second part. However if you are using libuv, you must now call the
second part from your own main.c after the first part.
This adds a context creation-time member that points to something
that should be freed when the context is destroyed.
It's in preparation for context deprecation, when a context might
be destroyed asynchronously... a related external with the
lifetime of thee context should also be freed at that time.
Adapt lwsws to use it with the context "strings" (also used for
aligned structs created by the config) allocation.
This should allow adding vhosts "late", ie, after the server is up and
running with its initial vhost(s). The necessary housekeeping is folded
into lws_create_vhost() itself so it should be transparent.
Notice though that at the point the server starts to do service after it
starts initially, if it was requested that the UID / GID change, that
is performed at that point and is not reversible.
So vhosts added "late" find themselves running under the unprivileged
UID / GID from the very start, whereas vhosts added "early" initially
run under the UID / GID the process started with. If protocols the
vhost uses want to, eg, open privileged files at init and then use
them unprivileged, that will fail if the vhost is added late because
the initial privs are already gone.
AG: also deal with lws_protocol_init() on late vhost init (does the
callbacks for per vh protocol creation), add comments
This adds a new member to the context creation info struct "ws_ping_pong_interval".
If nonzero, it sets the number of seconds that established ws connections are
allowed to be idle before a PING is forced to be sent. If zero (the default) then
tracking of idle connection is disabled for backwards compatibility.
Timeouts cover both the period between decision to send the ping and it being
sent (because it needs the socket to become writeable), and the period between
the ping being sent and the PONG coming back.
INFO debug logs are issues when the timeout stuff is operating.
You can test the server side by running the test server hacked to set ws_ping_pong_interval
and debug log mask of 15. Both the mirror protocol and the server-status protocol are
idle if nothing is happening and will trigger the PING / PONG testing. (You can also
test using lwsws and /etc/lwsws/conf with "ws-pingpong-secs": "20" in the global section)
For client, run the test client with -n -P 20 for 20s interval. -n stops the test client
writing using the mirror protocol, so it will be idle and trigger the PING / PONGs.
The timeout interval may be up to +10s late, as lws checks for affected connections every
10s.
This makes it easy for user code to choose the size of the per-thread
buffer used by various things in lws, including file transfer chunking.
Previously it was 4096, if you leave info.pt_serv_buf_size as zero that
is still the default.
With some caveats, you can increase transfer efficiency by increasing it
to, eg, 128KiB, if that makes sense for your memory situation.
Signed-off-by: Andy Green <andy@warmcat.com>
Also add lwsws "enable-client-ssl": "1" vhost option to match.
Client cert iclient ssl is not supported in lwsws, if someone wants it, it can be added.
Signed-off-by: Andy Green <andy@warmcat.com>
Actually lwsws doesn't need his own protocol handler even for http
any more. The default http handler in lws should do everything.
Move the cgi routing into lws default http protocol handler, and
delete lwsws one. Remove all protocols from lwsws so the lws
default one gets used.
With this, and the earlier move of lejp into lws, lwsws itself
becomes 15.5KB of x86_64 (mainly conf parsing).
Signed-off-by: Andy Green <andy@warmcat.com>
If for some reason we exit before the protocol init action
(which is delayed for libuv) we should not send the protocol
destroy messages
Signed-off-by: Andy Green <andy@warmcat.com>
Move the dummy stub protocol into the library as the default
if NULL protocols given, since that is likely to become popular.
Signed-off-by: Andy Green <andy@warmcat.com>
There's no reason to not have the mounts linked list init also in the info
struct, rather than provide as a paramater to lws_create_vhost(). Now
is a good time to normalize that since this api only exists in master.
This also allows oldstyle "do everything at context creation time in one
vhost" guys to leverage mounts.
Also there's no reason the mounts linked-list pointer and all uses in lws
are non-const, so make them all explicitly const *.
Update the info struct docs to clarify which members are used when creating
a vhost and which for context creation.
Signed-off-by: Andy Green <andy@warmcat.com>
This allows mounts to define the caching policy of the files inside them.
Support is added in lwsws for controlling it from the config files.
The api for serializing a mount struct opaquely is removed and lws_http_mount struct
made public... it was getting out of control trying to hide the options.
Signed-off-by: Andy Green <andy@warmcat.com>
This trades off a couple of wsi pointers for vastly increased speed
for the callback when writeable "all protocol" variants when there
are many kinds of wsi active.
Signed-off-by: Andy Green <andy@warmcat.com>
This adds the ability to store apache-compatible logs to a file given at
vhost-creation time.
lwsws conf can set it per-vhost using "access-log": "<filepath>"
The feature defaults to disabled at cmake, it can be set independently but
LWS_WITH_LWSWS set it on.
Signed-off-by: Andy Green <andy@warmcat.com>
This adds support for dynamically loaded plugins at runtime, which
can expose their own protocols or extensions transparently.
With these changes lwsws defaults to OFF in cmake, and if enabled it
automatically enables plugins and libuv support.
Signed-off-by: Andy Green <andy@warmcat.com>
This patch splits out some lws_context members into a new lws_vhost struct.
- ssl state and options per vhost
- SSL_CTX for serving and client per vhost
- protocols[] per vhost
- extensions[] per vhost
lws_context maintains a linked list of lws_vhosts.
The same lws_context_creation_info struct is used to regulate both the
context creation and to create vhosts: for backward compatibility if you
didn't provide the new LWS_SERVER_OPTION_EXPLICIT_VHOSTS option, then
a default vhost is created at context creation time using the same info
data as the context itself.
If you will have multiple vhosts though, you should give the
LWS_SERVER_OPTION_EXPLICIT_VHOSTS option at context creation time,
create the context first and then the vhosts afterwards using
lws_create_vhost(contest, &info);
Although there is a lot of housekeeping to implement this change, there
is almost no additional overhead if you don't use multiple vhosts and
very little api impact (no changes to test apps).
Signed-off-by: Andy Green <andy@warmcat.com>
https://github.com/warmcat/libwebsockets/issues/468
Adds lws_check_opt() to regularize multibit flag checking.
There's a new context creation flag LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT,
this is included automatically if you give any other SSL-related option flag.
If you give no SSL-related option flag, nor this one directly, then even
though SSL support may be compiled in, it is never initialized nor used for the
whole lifetime of the lws context.
Conversely in order to prepare the context to use SSL, even though, eg, you
are not listening on SSL but will use SSL client connections later, you can
give this flag explicitly to make sure SSL is initialized.
Signed-off-by: Andy Green <andy@warmcat.com>
This adds an info member that allows the user code to
set the library's network action timeout in seconds.
If left at the default 0, the build-time default
AWAITING_TIMEOUT continues to be used.
As suggested
https://github.com/warmcat/libwebsockets/issues/427
Signed-off-by: Andy Green <andy.green@linaro.org>
