During client redirect we "reset" the wsi to the redirect address,
involving closing the current fd that was told to redirect (it will
usually be a completely different server or port).
With libuv and its two-stage close that's not trivial. This solves
the problem we will "reset" (overwrite) where the handle lives in the
wsi with new a new connection / handle by having it copied out into
an allocated watcher struct, which is freed in the uv close callback.
To confirm it the minimal ws client example gets some new options, the
original problem was replicated with this
$ lws-minimal-ws-client-echo -s invalid.url.com -p 80
https://github.com/warmcat/libwebsockets/issues/1390
You can build lws without support for ws, with -DLWS_ROLE_WS=0.
This is thanks to the role ops isolating all the ws-specific business
in the ws role.
Also retire more test apps replaced by minmal-examples.
This replaces the old test-app for echo with separate client and server
minimal versions.
The autobahn test script is made more autonomous and tests both
client and server.
This converts several of the selftests to return a status in their exit code
about whether they 'worked'.
A small bash script framework is added, with a selftest.sh in the mininmal
example dirs that support it, and a ./minimal-examples/selftests.sh script
that can be run from the build dir with no args that discovers and runs all
the selftest.sh scripts underneath.
That is also integrated into travis and the enabled tests must pass now for
travis to pass. Travis does not have a modern libuv so it can't run a
couple of tests which are nulled out if it sees it's running in travis env.
Since new roles may be incompatible with http, add support for
alpn names at the role struct, automatic generation of the
default list of alpn names that servers advertise, and the
ability to override the used alpn names per-vhost and per-
client connection.
This not only lets you modulate visibility or use of h2,
but also enables vhosts that only offer non-http roles,
as well as restricting http role vhosts to only alpn
identifiers related to http roles.
This adds h2 http support for the client api.
The public client api requires no changes, it will detect by
ALPN if the server can handle http/2, if so, it will use it.
Multiple client connections using the lws api will be mapped on
to the same single http/2 + tls socket using http/2 streams
that are serviced simultaneously where possible.
AG: unlike openssl, mbedtls does not load the system trust store.
So this change will make client tls operations that work OK on openssl fail on
mbedtls unless you provide the correct CA cert.
This allows lws to distinguish between untrusted CAs, hostname
mismatches, expired certificates.
NOTE: LCCSCF_ALLOW_SELFSIGNED actually allows for untrusted CAs, and
will also skip hostname verification. This is somewhat a limitiation of
the current lws verification process.
AG: improve error reporting up to the CLIENT_CONNECTION_ERROR argument
and add a note specific to mbedtls in the test client. Adapt the test
client to note the CA requirement if built with mbedTLS. Adapt the
minimal test clients to have the CAs available and use them if mbedTLS.
This adds an lws cmake option that builds all the minimal examples as part of lws,
it's useful for QA.
It adds a macro to examples that depend on a particular lws configuration to understand
they should just null out their project definition in builds where the lws configuration
requirement is not met, and we are building as part of lws.
It also adapts all the example library additions to select the just-built-but-not-yet-installed
library in the case it is built as part of lws. If built standalone, it now uses the cmake
platform-abstracted way to add the library requirement too.
