Mirrors/libwebsockets
1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-16 00:00:07 +01:00
Code Issues Releases Wiki Activity
libwebsockets/minimal-examples/http-server/minimal-http-server-tls-mem
History
Andy Green 498a4e2bd7 sul: all timed objects use a single pt sul list 
wsi timeout, wsi hrtimer, sequencer timeout and vh-protocol timer
all now participate on a single sorted us list.

The whole idea of polling wakes is thrown out, poll waits ignore the
timeout field and always use infinite timeouts.

Introduce a public api that can schedule its own callback from the event
loop with us resolution (usually ms is all the platform can do).

Upgrade timeouts and sequencer timeouts to also be able to use us resolution.

Introduce a prepared fakewsi in the pt, so we don't have to allocate
one on the heap when we need it.

Directly handle vh-protocol timer if LWS_MAX_SMP == 1
2019-08-09 10:12:09 +01:00
..
mount-origin vhost info: add memory buffer cert support 2019-03-12 11:57:43 +08:00
CMakeLists.txt vhost info: add memory buffer cert support 2019-03-12 11:57:43 +08:00
minimal-http-server-tls-mem.c sul: all timed objects use a single pt sul list 2019-08-09 10:12:09 +01:00
README.md vhost info: add memory buffer cert support 2019-03-12 11:57:43 +08:00

README.md

lws minimal http server with tls and certs from memory

This is the same as the minimal-http-server-tls example, but shows how to init the vhost with both PEM or DER certs from memory instead of files.

The server listens on port 7681 (initialized with PEM in-memory certs) and port 7682 (initialized with DER in-memory certs).

build

 $ cmake . && make

usage

 $ ./lws-minimal-http-server-tls-mem
[2019/02/14 14:46:40:9783] USER: LWS minimal http server TLS | visit https://localhost:7681
[2019/02/14 14:46:40:9784] NOTICE:  Using SSL mode
[2019/02/14 14:46:40:9784] NOTICE: lws_tls_server_vhost_backend_init: vh first: mem CA OK
parsing as der
[2019/02/14 14:46:40:9849] NOTICE: no client cert required
[2019/02/14 14:46:40:9849] NOTICE: created client ssl context for first
[2019/02/14 14:46:40:9849] NOTICE:  Using SSL mode
[2019/02/14 14:46:40:9850] NOTICE: lws_tls_server_vhost_backend_init: vh second: mem CA OK
parsing as der
[2019/02/14 14:46:40:9894] NOTICE: no client cert required
[2019/02/14 14:46:40:9894] NOTICE: created client ssl context for second
[2019/02/14 14:46:40:9894] NOTICE:    vhost first: cert expiry: 36167d
[2019/02/14 14:46:40:9894] NOTICE:    vhost second: cert expiry: 36167d
[2018/03/20 13:23:14:0207] NOTICE:    vhost default: cert expiry: 730459d

Visit https://127.0.0.1:7681 and https://127.0.0.1:7682

Because it uses a selfsigned certificate, you will have to make an exception for it in your browser.

Certificate creation

The selfsigned certs provided were created with

echo -e "GB\nErewhon\nAll around\nlibwebsockets-test\n\nlocalhost\nnone@invalid.org\n" | openssl req -new -newkey rsa:4096 -days 36500 -nodes -x509 -keyout "localhost-100y.key" -out "localhost-100y.cert"

they cover "localhost" and last 100 years from 2018-03-20.

You can replace them with commercial certificates matching your hostname.

The der content was made from PEM like this

 $ cat ../minimal-http-server-tls/localhost-100y.key | grep -v ^- | base64 -d | hexdump -C  | tr -s ' ' | cut -d' ' -f2- | cut -d' ' -f-16 | sed "s/|.*//g" | sed "s/0000.*//g" | sed "s/^/0x/g" | sed "s/\ /\,\ 0x/g" | sed "s/\$/,/g" | sed "s/0x,//g"

HTTP/2

If you built lws with -DLWS_WITH_HTTP2=1 at cmake, this simple server is also http/2 capable out of the box. If the index.html was loaded over http/2, it will display an HTTP 2 png.