Mirrors/libwebsockets
1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-16 00:00:07 +01:00
Code Issues Releases Wiki Activity
2603 commits 20 branches 97 tags 50 MiB
Commit graph

16 commits

Author SHA1 Message Date
Andy Green
de064fd65a refactor: core code in lib/core and private-libwebsockets.h to core/private.h 
This commit is coverity-clean as tested

cmake .. -DLWS_WITH_MINIMAL_EXAMPLES=1 -DLWS_WITHOUT_EXTENSIONS=1 -DLWS_WITH_ACME=1 -DLWS_WITH_LWSWS=1 -DLWS_WITH_LIBUV=1 -DLWS_WITH_HTTP2=1 -DLWS_WITHOUT_CLIENT=0 -DLWS_WITHOUT_SERVER=0 -DLWS_UNIX_SOCK=1 -DLWS_WITH_TLS=0 -DLWS_WITH_MBEDTLS=0 -DLWS_WITH_CGI=1 -DCMAKE_BUILD_TYPE=DEBUG -DLWS_WITH_GENERIC_SESSIONS=1 -DLWS_WITH_RANGES=1 -DLWS_ROLE_WS=1 -DLWS_MAX_SMP=16 -DLWS_ROLE_H1=1 -DLWS_WITH_WOLFSSL=0 -DLWS_WITH_LIBEV=0 -DLWS_WITH_LIBEVENT=1
 2018-05-03 10:49:36 +08:00
Andy Green
a01ad0dd20 hrtimer: add support for libevent and libev 2018-05-02 19:27:33 +08:00
Andy Green
bce8cca042 refactor: also migrate tls to the ops struct and private.h pattern 
Several new ops are planned for tls... so better to bite the bullet and
clean it out to the same level as roles + event-libs first.

Also adds a new travis target "mbedtls" and all the tests except
autobahn against mbedtls build.
 2018-05-02 12:10:36 +08:00
Andy Green
7ff8f023d1 context info struct: make lws usage all const 2018-04-27 08:37:20 +08:00
Andy Green
16e2f09710 refactor mode and states into roles and states 2018-04-06 12:22:19 +08:00
Andy Green
9a51bd0a63 LWS_TLS_CERT_INFO_OPAQUE_PUBLIC_KEY 2018-04-06 10:38:04 +08:00
Andy Green
302f8fad82 h2 ws: fixes against chrome 2018-04-06 10:38:02 +08:00
Andy Green
7bc6383759 LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT: fixes after tls refactor 
https://github.com/warmcat/libwebsockets/issues/1191
 2018-02-27 07:48:25 +08:00
Andy Green
d58d749b30 acme: adaptations through plat for esp32 2017-12-11 13:30:12 +08:00
Andy Green
91a821c793 esp32: align with esp-idf changes 
LWIP_SOCKET_OFFSET is now nonzero, which I handled a while back.

But the C api support for it is broken in esp-idf.

select() takes unmodified fds, but FD_SET / FD_ISSET etc must have the
offset subtracted on their args.

With this we are working on current HEAD esp-idf.
 2017-12-01 11:37:36 +08:00
Andy Green
5b74d7108b gcov: add in cmake and adapt defaults 
1) Introduce LWS_WITH_GCOV to build with gcc / clang coverage instrumentation.

$ cd build
$ make clean && rm -f `find . -name "*.gcno" -o -name "*.gcda"` && make -j16 && sudo make install && sudo /usr/local/bin/libwebsockets-test-server -s
...
$ gcov `find . -name *.c.gcno | grep -v test-apps` -b | sed "/\.h.\$/,/^$/d"

The above are available in two helper scripts

 - scripts/build-gcov.sh
 - scripts/gcov.sh

2)

CMake defaults changed:

 - LWS_WITH_ZIP_FOPS: OFF
 - LWS_WITH_RANGES: OFF
 - LWS_WITHOUT_EXTENSIONS: ON
 - LWS_WITH_ZLIB: OFF

New CMake controls that default-OFF:

 - LWS_WITH_GENHASH
 - LWS_WITH_GENRSA

these are implied by LWS_WITH_JWS (which is implied by LWS_WITH_ACME)

3) rename ./lib/tls/XXX/server.c and client.c to XXX-server.c / XXX-client.c.

This is because gcov dumps its results using the .c filename part only,
the copies overwrite each other if there are different .c files in the tree
with the same filename part.

4) Add onetime test-client mode and test to ./test-apps/attack.sh

5) Add gcov howto in READMEs/README.build.md using attack.sh
 2017-12-01 11:37:35 +08:00
Andy Green
1f37ec0be9 add selfsigned cert generation api 2017-11-26 19:17:11 +08:00
Petar Paradzik
a552de400a ssl: add support for checking cert existance and verification 
Signed-off-by: Petar Paradzik <petar.paradzik@sartura.hr>
 2017-11-26 19:16:17 +08:00
Andy Green
00ffebfd24 tls: add x509 query api 
This adds a single api on lws that allows querying elements from the
peer certificate on a connection.

The api works the same regardless of the TLS backend.
 2017-11-26 19:16:17 +08:00
Andy Green
6bc92f7592 wrapper: untrash partial sends before WANT 
1) The original wrapper logic for accounting for partial
sends on mbedtls is broken... adapt it

2) mbedtls has an additional restriction you MUST come
back to retry with EXACTLY the unsent part that you
originally asked for, or it loses coherency in the TLS
tunnel.

3) the wrapper is inconsistent between read WANT state
dynamically reported from mbedtls apis and the
SSL_want() api results.  Check both on read.
 2017-11-10 10:59:58 +08:00
Andy Green
89cb55ea58 tls: split out common, openssl and mbedtls code 
- introduce lib/tls/mbedtls lib/tls/openssl
 - move wrapper into lib/tls/mbedtls/wrapper
 - introduce private helpers to hide backend

This patch doesn't replace or remove the wrapper, it moves it
to lib/tls/mbedtls/wrapper.

But it should be now that the ONLY functions directly consuming
wrapper apis are isolated in

  - lib/tls/mbedtls/client.c (180 lines)
  - lib/tls/mbedtls/server.c (317 lines)
  - lib/tls/mbedtls/ssl.c    (325 lines)

In particular there are no uses of openssl or mbedtls-related
constants outside of ./lib/tls any more.
 2017-10-25 07:17:29 +08:00