Mirrors/libwebsockets
1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-16 00:00:07 +01:00
Code Issues Releases Wiki Activity
libwebsockets/minimal-examples/secure-streams/minimal-secure-streams-proxy
History
Andy Green 06662a64fa LE-root-cert-update 
warmcat.com and libwebsockets.org use Let's Encrypt certificates... LE
have changed their CA signing arrangements and after 2021-01-12 (the
point I renewed the LE server certs and received one signed using the
new arrangements) it's required to trust new root certs for the examples
to connect to warmcat.com and libwebsockets.org.

https://letsencrypt.org/2020/09/17/new-root-and-intermediates.html

This updates the in-tree CA copies, the remote policies on warmcat.com
have also been updated.

Just goes to show for real client infrastructure, you need to run your own
CA (that doesn't have to be trusted by anything outside the clients)
where you can control the CA lifetime.
2021-01-13 04:32:13 +00:00
..
CMakeLists.txt cmake: latest cmake shows dep warnings for scripts < 2.8.12 2020-12-06 19:44:54 +00:00
main.c LE-root-cert-update 2021-01-13 04:32:13 +00:00
README.md client: secure streams 2020-03-04 12:17:49 +00:00

README.md

lws minimal secure streams proxy

Operates as a secure streams proxy, by default on a listening unix domain socket "proxy.ss.lws" in the Linux abstract namespace.

Give -p to have it listen on a specific tcp port instead.

build

 $ cmake . && make

usage

Commandline option Meaning
-d Debug verbosity in decimal, eg, -d15
-f Force connecting to the wrong endpoint to check backoff retry flow
-p If not given, proxy listens on a Unix Domain Socket, if given listen on specified tcp port
-i Optionally specify the UDS path (no -p) or network interface to bind to (if -p also given) 
[2020/02/26 15:41:27:5768] U: LWS secure streams Proxy [-d<verb>]
[2020/02/26 15:41:27:5770] N: lws_ss_policy_set:     2.064KiB, pad 70%: hardcoded
[2020/02/26 15:41:27:5771] N: lws_tls_client_create_vhost_context: using mem client CA cert 1391
[2020/02/26 15:41:27:8681] N: lws_ss_policy_set:     4.512KiB, pad 15%: updated
[2020/02/26 15:41:27:8682] N: lws_tls_client_create_vhost_context: using mem client CA cert 837
[2020/02/26 15:41:27:8683] N: lws_tls_client_create_vhost_context: using mem client CA cert 1043
[2020/02/26 15:41:27:8684] N: lws_tls_client_create_vhost_context: using mem client CA cert 1167
[2020/02/26 15:41:27:8684] N: lws_tls_client_create_vhost_context: using mem client CA cert 1391
[2020/02/26 15:41:28:4226] N: ss_api_amazon_auth_rx: acquired 567-byte api.amazon.com auth token, exp 3600s