Since CONNECTING is async and may take a while, there's nothing actually
wrong if the application asks to write again in the meanwhile and provokes
POLL.
This patch adapts the recent change about serializing the number of
simultaneous tls handshakes allowed to 1, so you can set the number in the
context creation info, and the accounting for it is handled by counters
same as the overally tls restriction.
The name of the context info var to control it changes to simultaneous_ssl_handshake_restriction
which is now a count, the default 0 means no limit.
The count rejects tls connection attempts when the tls borrow is attempted,
and separately hands back the hs borrow from the tls borrow when the
connection attempt fails or succeeds.
mbedtls validation was broken by an earlier patch on main... fix it and add
a CI test also using the wrong CA cert so this can be caught straight away
from now on.
This provides very memory-efficient CBOR stream parsing
and writing.
The parser converts pieces of CBOR into callbacks that define
the structure and collate string and blobs into buffer chunks
for extensible and easy access.
It is fragementation-safe and does not need all the CBOR in
the same place at one time, chunks of CBOR are parsed and
discarded as provided.
It does not allocate and just needs a few hundred bytes of
stack for even huge CBOR objects. Huge strings and blobs
are handled without needing memory to hold them atomically.
Includes ./minimal-examples/api-tests/api-test-lecp that
unit tests it against 82 official example CBORs and
26 additional test vectors from COSE (just checking the CBOR
parsing).
The writing apis allow printf style semantics with a variety
of CBOR-aware %-formats. The apis write into a context that
manages output buffer usage, if the output buffer fills,
then the apis return with an AGAIN code that lets you issue
and reset the output buffer and repeat the api all to issue
more output. The subsequent calls can occur much later or
from a different function context, so this is perfect for
WRITEABLE-mediated output from the network parts of lws.
See ./READMEs/README.cbor-lecp.md
--test404 sends us instead to httpbin.org/status/404
--test404red goes to warmcat.com/noexist.html which is handled as a
redirect to a 404 page (served with a 200...), streamtype
allows redirects to be followed
--test404redref same as above but streamtype disallows redirect follow
These should all produce CONMON results for the first response, be it 404
or 302 and whether the 302 was followed or not, and whether the client
goes via the proxy or not.
