If you encounter an h1 transaction with no content length and you
parsed the headers, it actually means a hangup subsequently is an
indication of a correct transaction completion. So take care to
do the _COMPLETION callback under those circumstances too.
Unlike any other sockaddr variant it turns out when sockaddr_un reports its
sizeof() to connect() or listen(), it is trimmed to the used length of the
sun_path[] member not including any trailing 0x00.
Until now we worked fine, but our actual UDS paths have a large number of
trailing 0x00 (shown as @ in most tools). Clients and servers can still
interoperate if they both have this broken name.
This patch fixes it to trim the sockaddr_un to the path length so the name
is as you would expect.
When most of ss-h2 was combined into ss-h1 during development, the h2 difference
about needing HTTP_FINAL to signal h2 FIN flag was accidentally dropped. In
many cases the peer can infer it, from, eg, content-length reached. But we need
to replace explicitly doing it to cover all cases.
There is no way to allocate a client wsi mux sid before the headers are
send, because we don't know the order in which new wsi headers will be sent
and so seen by the peer.
The peer inisists that sid indexes only increase... we cannot allocat sids
monotonically at the client and then send them disordered...
X509_VERYFY_PARAM_Set1_host of openSSL allows the third argument, which
is the length of the hostname string, to be 0. Then, it assumes hostname
is a null-terminated C string. BoringSSL enforces the actual length to
be specified, and the hostname string should end with a null char.
Just provide the length, making both OpenSSL and BoringSSL happy.
By default this doesn't change any existing logging behaviour at all.
But it allows you to define cmake options to force or force-disable the
build of individual log levels using new cmake option bitfields
LWS_LOGGING_BITFIELD_SET and LWS_LOGGING_BITFIELD_CLEAR.
Eg, -DLWS_LOGGING_BITFIELD_SET="(LLL_INFO)" can force INFO log level
built even in release mode. -DLWS_LOGGING_BITFIELD_CLEAR="(LLL_NOTICE)"
will likewise remove NOTICE logging from the build regardless of
DEBUG or RELEASE mode.
LWS builds OK on iOS SDK as unix type plat, except it
doesn't have net/route.h.
Detect we're building on iOS at CMake and export a
preprocessor define we can use to snip out the missing
include.
When libwebsockets is included as a subdirectory in other projects that rely on a minimum CMake version of 3.x, a CMP0048 policy warning will be raised due to the project not specifying a version in the project call.
This patch silences the warning by explicitly setting the policy within libwebsockets to NEW if it has already been forwarded as such, without any further impact on the behavior of CMake.
Secure Streams is an optional layer on top of lws that separates policy
like endpoint selection and tls cert validation into a device JSON
policy document.
Code that wants to open a client connection just specifies a streamtype name,
and no longer deals with details like the endpoint, the protocol (!) or anything
else other than payloads and optionally generic metadata; the JSON policy
contains all the details for each streamtype. h1, h2, ws and mqtt client
connections are supported.
Logical secure streams outlive any particular connection and supports "nailed-up"
connectivity regardless of underlying connection stability.
Adds client support for MQTT QoS0 and QoS1, compatible with AWS IoT
Supports stream binding where independent client connections to the
same endpoint can mux on a single tcp + tls connection with topic
routing managed internally.
Headers related to ws or h2 are now elided if the ws or h2 role
is not enabled for build. In addition, a new build-time option
LWS_WITH_HTTP_UNCOMMON_HEADERS on by default allows removal of
less-common http headers to shrink the parser footprint.
Minilex is adapted to produce 8 different versions of the lex
table, chosen at build-time according to which headers are
included in the build.
If you don't need the unusual headers, or aren't using h2 or ws,
this chops down the size of the ah and the rodata needed to hold
the parsing table from 87 strings / pointers to 49, and the
parsing table from 1177 to 696 bytes.
The vfork optimized spawn, stdxxx and terminal handling in the cgi
implementation is quite mature and sophisticated, and useful for
other things unrelated to cgi. Break it out into its own public
api under LWS_WITH_SPAWN, off by default.
Expand it so the parent wsi is optional, and the role and protocol
bindings for stdxxx pipes can be set. Allow optional sul timeout
and external lws_dll2 owner for extant children.
Remove inline style from minimal http-server-cgi
From eventfd man page:
Applications can use an eventfd file descriptor instead of a pipe (see
pipe(2)) in all cases where a pipe is used simply to signal events.
The kernel overhead of an eventfd file descriptor is much lower than
that of a pipe, and only one file descriptor is required
(versus the two required for a pipe).
This provides support to build lws using the linkit 7697 public SDK
from here https://docs.labs.mediatek.com/resource/mt7687-mt7697/en/downloads
This toolchain has some challenges, its int32_t / uint32_t are long,
so assumptions about format strings for those being %u / %d / %x all
break. This fixes all the cases for the features enabled by the
default cmake settings.
Since version 3.1.0 and commit aa4143aebd,
-pthread is unconditionally added to CMAKE_REQUIRED_FLAGS even if
pthread.h is not found, this will result in a build failure with openssl
if the toolchain doesn't support threads:
[ 5%] Building C object CMakeFiles/websockets_shared.dir/lib/core/lws_dll2.c.o
In file included from /home/buildroot/autobuild/instance-2/output-1/build/libwebsockets-3.2.0/include/libwebsockets.h:570,
from /home/buildroot/autobuild/instance-2/output-1/build/libwebsockets-3.2.0/lib/core/private.h:130,
from /home/buildroot/autobuild/instance-2/output-1/build/libwebsockets-3.2.0/lib/core/lws_dll2.c:22:
/home/buildroot/autobuild/instance-2/output-1/build/libwebsockets-3.2.0/include/libwebsockets/lws-genhash.h:79:18: error: field 'ctx' has incomplete type
HMAC_CTX ctx;
^~~
This build failure is raised because openssl functions are not correcly
detected:
Determining if the function SSL_CTX_set1_param exists failed with the following output:
Change Dir: /home/buildroot/autobuild/instance-2/output-1/build/libwebsockets-3.2.0/CMakeFiles/CMakeTmp
Run Build Command(s):/usr/bin/make cmTC_06946/fast && make[1]: Entering directory '/home/buildroot/autobuild/instance-2/output-1/build/libwebsockets-3.2.0/CMakeFiles/CMakeTmp'
/usr/bin/make -f CMakeFiles/cmTC_06946.dir/build.make CMakeFiles/cmTC_06946.dir/build
make[2]: Entering directory '/home/buildroot/autobuild/instance-2/output-1/build/libwebsockets-3.2.0/CMakeFiles/CMakeTmp'
Building C object CMakeFiles/cmTC_06946.dir/CheckFunctionExists.c.o
/home/buildroot/autobuild/instance-2/output-1/host/bin/arm-linux-gcc --sysroot=/home/buildroot/autobuild/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabihf/sysroot -DKEYWORD=__inline -Wall -Wsign-compare -Wuninitialized -Werror -Wundef -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -DCHECK_FUNCTION_EXISTS=SSL_CTX_set1_param -pthread -DNDEBUG -o CMakeFiles/cmTC_06946.dir/CheckFunctionExists.c.o -c /home/buildroot/autobuild/instance-2/output-1/host/share/cmake-3.15/Modules/CheckFunctionExists.c
Linking C executable cmTC_06946
/home/buildroot/autobuild/instance-2/output-1/host/bin/cmake -E cmake_link_script CMakeFiles/cmTC_06946.dir/link.txt --verbose=1
/home/buildroot/autobuild/instance-2/output-1/host/bin/arm-linux-gcc --sysroot=/home/buildroot/autobuild/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabihf/sysroot -Wall -Wsign-compare -Wuninitialized -Werror -Wundef -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -DCHECK_FUNCTION_EXISTS=SSL_CTX_set1_param -pthread -DNDEBUG CMakeFiles/cmTC_06946.dir/CheckFunctionExists.c.o -o cmTC_06946 /home/buildroot/autobuild/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabihf/sysroot/usr/lib/libssl.so /home/buildroot/autobuild/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabihf/sysroot/usr/lib/libcrypto.so -lssl -lcrypto -lm -lcap
/home/buildroot/autobuild/instance-2/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabihf/8.3.0/../../../../arm-buildroot-linux-uclibcgnueabihf/bin/ld: cannot find -lpthread
collect2: error: ld returned 1 exit status
CMakeFiles/cmTC_06946.dir/build.make:88: recipe for target 'cmTC_06946' failed
Fixes:
- http://autobuild.buildroot.org/results/6186b4718db285edadf7203d00ed72f8d76a31e4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
openssl can depends on -latomic so use pkg-config (if available) to
retrieve these static dependencies otherwise build will fail because
HMAC_CTX_new test will return a wrong result
Fixes:
- http://autobuild.buildroot.org/results/65d0528b208c0a470264f7e2433be89425971dd7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Generic lws_system IPv4 DHCP client
- netif and route control via lib/plat apis
- linux plat pieces implemented
- Uses raw ip socket for UDP broadcast and rx
- security-aware
- usual stuff plus up to 4 x dns server
If it's enabled for build, it holds the system
state at DHCP until at least one registered interface
has acquired a set of IP / mask / router / DNS server
It uses PF_PACKET which is Linux-only atm. But those
areas are isolated into plat code.
TODOs
- lease timing and reacquire
- plat pieces for other than Linux
Move libev workaround outside the
if ((LWS_ROLE_H1 OR LWS_ROLE_H2) AND NOT LWS_WITHOUT_TESTAPPS) block
otherwise build fails on:
/home/naourr/work/instance-1/output-1/build/libwebsockets-3.2.0/lib/event-libs/libev/libev.c: In function 'lws_ev_hrtimer_cb':
/home/naourr/work/instance-1/output-1/build/libwebsockets-3.2.0/lib/event-libs/libev/libev.c:34:3: error: dereferencing type-punned pointer will break strict-aliasing rules [-Werror=strict-aliasing]
ev_timer_set(&pt->ev.hrtimer, ((float)us) / 1000000.0, 0);
^~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/b5a2188dce90f3ca9bf0cc7a043c1a946b8e288f
AG: this doesn't really fix anything... the spew is intentionally part of libev.
It just hides the spew... since the maintainer won't fix it
this is the only way AFAIK. Other than don't use libev.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
