Mbedtls mbedtls_x509_crt_parse() returns 0 for success which is good.
But it has a complicated idea about what to return on fail... if it
couldn't make even one cert from the data, then it returns a negative
return indicating the parsing problem and there is nothing to free.
If it managed to parse at least one cert, instead it retuns a positive
number indicating the number of certs it didn't parse successfully,
and there is something to free.
Adapt the code to understand this quirk.
This differentiates between client connections for retry / writeable requests
and explicit lws_ss_client_connect() api calls. The former effectively uses
retry / backoff, and the latter resets the retry / backoff.
If you receive ALL_RETRIES_FAILED due to the retry policy, you can do whatever
you need to do there and call lws_ss_client_connect() to try to connect again
with a fresh, reset retry / backoff state.
If the client connection attempt fails early, we report it will a NULL
return from the client connection api. If it fails later, perhaps after
more times around the event loop, we report it as a CONNECTION_ERROR.
This patch makes sure we don't do CONNECTION_ERROR flow if in fact we
are still in the client_connect_via_info() and in a position to report
the failure by returning NULL from there, without it under some
conditions we will do both a CONNECTION_ERROR and return NULL.
If you encounter an h1 transaction with no content length and you
parsed the headers, it actually means a hangup subsequently is an
indication of a correct transaction completion. So take care to
do the _COMPLETION callback under those circumstances too.
Unlike any other sockaddr variant it turns out when sockaddr_un reports its
sizeof() to connect() or listen(), it is trimmed to the used length of the
sun_path[] member not including any trailing 0x00.
Until now we worked fine, but our actual UDS paths have a large number of
trailing 0x00 (shown as @ in most tools). Clients and servers can still
interoperate if they both have this broken name.
This patch fixes it to trim the sockaddr_un to the path length so the name
is as you would expect.
When most of ss-h2 was combined into ss-h1 during development, the h2 difference
about needing HTTP_FINAL to signal h2 FIN flag was accidentally dropped. In
many cases the peer can infer it, from, eg, content-length reached. But we need
to replace explicitly doing it to cover all cases.
There is no way to allocate a client wsi mux sid before the headers are
send, because we don't know the order in which new wsi headers will be sent
and so seen by the peer.
The peer inisists that sid indexes only increase... we cannot allocat sids
monotonically at the client and then send them disordered...
You can disconnect the stream by returning -1 from tx(). You can
give up your chance to send anything by returning 1 from tx().
Returning 0 sends `*len` amount of the provided buffer.
Returning <0 from rx() also disconnects the stream.
X509_VERYFY_PARAM_Set1_host of openSSL allows the third argument, which
is the length of the hostname string, to be 0. Then, it assumes hostname
is a null-terminated C string. BoringSSL enforces the actual length to
be specified, and the hostname string should end with a null char.
Just provide the length, making both OpenSSL and BoringSSL happy.
By default this doesn't change any existing logging behaviour at all.
But it allows you to define cmake options to force or force-disable the
build of individual log levels using new cmake option bitfields
LWS_LOGGING_BITFIELD_SET and LWS_LOGGING_BITFIELD_CLEAR.
Eg, -DLWS_LOGGING_BITFIELD_SET="(LLL_INFO)" can force INFO log level
built even in release mode. -DLWS_LOGGING_BITFIELD_CLEAR="(LLL_NOTICE)"
will likewise remove NOTICE logging from the build regardless of
DEBUG or RELEASE mode.
LWS builds OK on iOS SDK as unix type plat, except it
doesn't have net/route.h.
Detect we're building on iOS at CMake and export a
preprocessor define we can use to snip out the missing
include.
When libwebsockets is included as a subdirectory in other projects that rely on a minimum CMake version of 3.x, a CMP0048 policy warning will be raised due to the project not specifying a version in the project call.
This patch silences the warning by explicitly setting the policy within libwebsockets to NEW if it has already been forwarded as such, without any further impact on the behavior of CMake.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Is this file also licensed under MIT license, I don’t see a license header like the other files in this repo?
Rate limiting does not work correctly with VS server, the last
block of rx data is not coming. Disable it for now so the
returned data comes as rapidly as the server can send and the
client receive.
read has a tight leash on the states it's happy to turn up there,
it's good to be like that but it turns out LRS_FLUSHING_BEFORE_CLOSE
should be whitelisted since it can happen under some transient
conditions and is valid.
https://github.com/warmcat/libwebsockets/issues/1872
If a user sets a default filename for a http mount (.def in lws_http_mount),
eg. 'default.html', then a GET request for '/' correctly forwards to
'/default.html'.
However, without this commit the default filename is not taken into account for subdirectories. Thus,
GET subdir/
will forward to
'subdir/index.html'
instead of the expected
'subdir/default.html'
This commit changes the behavior such that the user-provided default filename is also used for subdirectories.