Generic sessions has been overdue some love to align it with
the progress in the rest of lws.
1) Strict Content Security Policy
2) http2 compatibility
3) fixes and additions for use in a separate process via unix domain socket
4) work on ws and http proxying in lws
5) add minimal example
This enables selected things from -Wextra, can't use -Wextra because it is
fussy enough to complain about unused params on functions... they are
there for a reason.
-Wsign-compare
-Wignored-qualifiers
not -Wimplicit-fallthrough=3 ... only on gcc 7
-Wtype-limits
-Wuninitialized
not -Wclobbered ... only on gcc 7ish
fix the warnings everywhere they were found.
- introduce lib/tls/mbedtls lib/tls/openssl
- move wrapper into lib/tls/mbedtls/wrapper
- introduce private helpers to hide backend
This patch doesn't replace or remove the wrapper, it moves it
to lib/tls/mbedtls/wrapper.
But it should be now that the ONLY functions directly consuming
wrapper apis are isolated in
- lib/tls/mbedtls/client.c (180 lines)
- lib/tls/mbedtls/server.c (317 lines)
- lib/tls/mbedtls/ssl.c (325 lines)
In particular there are no uses of openssl or mbedtls-related
constants outside of ./lib/tls any more.
Thanks to Fabrice Gilot for reporting the problem that led to uncovering this.
Due to a misunderstanding of the return value of snprintf (it is not truncated according
to the max size passed in) in several places relying on snprintf to truncate the length
overflows are possible.
This patch wraps snprintf with a new lws_snprintf() which does truncate its length to allow
the buffer limiting scheme to work properly.
All users should update with these fixes.
