Commit graph

61 commits

Author SHA1 Message Date
Andy Green
4a9c23e9ec coverity 182069: coverity confused by use of bool as array index 2017-07-28 14:25:25 +08:00
Andy Green
855453d1ae lws_meta: explicitly declare all of lws_protocols members for ESP32 2017-07-27 08:27:34 +08:00
Andy Green
c9da1ffa2e appveyor: remove cache 2017-07-19 15:29:38 +08:00
Andy Green
6f11c1361a lws-meta 2017-07-19 08:59:42 +08:00
Andy Green
faa1526b39 lws-vhost-destroy
Adds a new api lws_vhost_destroy(struct lws_vhost *) which allows dynamic removal of vhosts.

The external api calls two parts of internal helpers that get reused for context destroy.

The second part is called deferred by 5s... this is to ensure that event library objects
composed into structs owned by the vhost all have a chance to complete their close
asynchronously.  That should happen immediately, but it requires us to return to the
event loop first.

The vhost being removed is deleted from the context vhost list by the first part, and does
not block further removals or creation during the delay for the deferred freeing of the
vhost memory.

Part 1:

 - if the vhost owned a listen socket needed by other vhosts listening on same iface + port, the listen
   socket is first handed off to another vhost so it stays alive

 - all wsi still open on the vhost are forcibly closed (including any listen socket still attached)

 - inform all active protocols on the vhost they should destroy themselves

 - remove vhost from context vhost list (can no longer be found by incoming connections)

 - add to a "being destroyed" context list and schedule the second part to be called in 5s

Part 2:

 - remove us from the being destroyed list

 - free all allocations owned by the vhost

 - zero down the vhost and free the vhost itself


In libwebsockets-test-server, you can send it a SIGUSR1 to have it toggle the creation and destruction of
a second vhost on port + 1.
2017-07-19 08:51:43 +08:00
Andy Green
632a0acc99 clean: fixes for appveyor warnings 2017-07-19 04:25:20 +08:00
Andy Green
e2a926de2f linkedlist helpers 2017-07-09 10:11:59 +08:00
Andy Green
05d74e45dc mirror: multiple mirror contexts by mirror= url arg
By default mirror acts the same as before.

However if you access the test server with a url containing "?mirror=<name>", the session will bind to
a mirror instance private to "?mirror=<name>".  Only sessions that used the same 'mirror=' name can
share the drawings, mirror instances with a different name (including the default "" name) are unaffected.
2017-07-08 16:03:40 +08:00
Andy Green
8f16f92cac plugins: group 2017-05-16 20:21:47 +08:00
Andy Green
b2f8bc5638 esp32: multi ap slots 2017-05-13 10:26:59 +08:00
Andy Green
54236bd437 esp32: multi ap slots plus PEM certs and parallel build fixes 2017-05-11 15:02:01 +08:00
Andy Green
5468812946 esp32: reapply pending count just for esp32 2017-05-07 08:19:55 +08:00
Andy Green
6384eb79e0 esp32: return random length from lws_get_random 2017-04-28 11:54:27 +08:00
Andy Green
2b9fff73f9 boilerplate: add back missing Lesser that cut-and-pasted itself around 2017-04-06 23:01:34 +08:00
Andy Green
36e04f33f5 esp32: ROMFS use checksum as mtime so ETAG caching works 2017-04-05 10:44:28 +08:00
Andy Green
d1dda25c6d esp32: allow no factory upload info 2017-04-04 08:46:51 +08:00
Andy Green
30195eb79d esp32: dont require factory button if no ssl certs yet 2017-04-03 11:56:33 +08:00
Andy Green
00ae90978b esp32: separate factory setup 2017-03-31 20:05:10 +08:00
Andy Green
9287f7d1b3 ext: pmd: improve dealing with partial input usage with drain
https://github.com/warmcat/libwebsockets/issues/841
2017-03-20 19:07:19 +08:00
Andy Green
e0572d3bef esp32: move helper code into lws 2017-03-10 14:31:43 +08:00
Andy Green
4219a3281d server-name: add_server_header add LWSAHH_FLAG_NO_SERVER_NAME
Also clean up usage of status code defines in lws
2017-03-08 07:51:47 +08:00
Andy Green
205ccedf6e raw: enable server and client raw sockets 2017-03-07 16:06:05 +08:00
Per Bothner
60f4569bb8 adopt: allow binding to parent at same time
- if protocol set, allocate own user_space

   If the child wsi wants the parent wsi user_space, it can use

       lws_wsi_user(lws_get_parent(child_wsi))

 - raw file close processing handles parent-child relationship
2017-03-03 07:36:08 +08:00
Andy Green
be8d791b5e adoption: make union for socket and file fds
This lets lws support adopting raw file FDs and raw socket fds.

A test plugin creates a FIFO and prints data sent on it, using
the lws event loop.
2017-03-01 10:01:53 +08:00
Andy Green
cde0371a83 coverity 175438: server status plugin: off-by-one if you generate 32KB of content 2017-02-07 00:51:25 +08:00
Andy Green
ce37ee9624 gcc- format strings: debug and extra plugins 2017-02-05 22:30:27 +08:00
Andy Green
be9fb919d1 context deprecation
1) This makes lwsws run a parent process with the original permissions.
But this process is only able to respond to SIGHUP, it doesn't do anything
else.

2) You can send this parent process a SIGHUP now to cause it to

 - close listening sockets in existing lwsws processes

 - mark those processes as to exit when the number of active connections
   on the falls to zero

 - spawn a fresh child process from scratch, using latest configuration
   file content, latest plugins, etc.  It can now reopen listening sockets
   if it chooses to, or open different listen ports or whatever.

Notes:

1) lws_context_destroy() has been split into two pieces... the reason for
the split is the first part closes the per-vhost protocols, but since
they may have created libuv objects in the per-vhost protocol storage,
these cannot be freed until after the loop has been run.

That's the purpose of the second part of the context destruction,
lws_context_destroy2().

For compatibility, if you are not using libuv, the first part calls the
second part.  However if you are using libuv, you must now call the
second part from your own main.c after the first part.
2016-12-20 14:37:07 +08:00
Andy Green
b1d4d3bb9e lwsgt: fix check against forgot password flow defeating existing pw check
https://github.com/warmcat/libwebsockets/issues/706

This fixes a problem where the check for the existing pw was
skipped when a logged-in user is changing his password.

It's not good but because the user has to be logged in, it only affected
the situation someone changes his password on his logged in session.
2016-12-20 14:37:07 +08:00
Andy Green
a496700b3a lws_snprintf
Thanks to Fabrice Gilot for reporting the problem that led to uncovering this.

Due to a misunderstanding of the return value of snprintf (it is not truncated according
to the max size passed in) in several places relying on snprintf to truncate the length
overflows are possible.

This patch wraps snprintf with a new lws_snprintf() which does truncate its length to allow
the buffer limiting scheme to work properly.

All users should update with these fixes.
2016-09-15 02:22:57 +08:00
Andy Green
b8199ba4ab generic-table: format-security
https://github.com/warmcat/libwebsockets/issues/624
2016-09-10 04:54:20 +08:00
Andy Green
2083674aa0 lws_status protect against pss list changing 2016-09-10 04:54:20 +08:00
Andy Green
72502e86f5 coverity 169276-9 - false positive assuming 8b char: char limits index size 2016-08-28 09:49:30 +08:00
Andy Green
d11bee7fc5 coverity 169274 - lwsgt dirlisting ignore files that cant be statted 2016-08-28 09:44:15 +08:00
Andy Green
e0212b8c85 coverity 169275 - lwsgt check string bounds 2016-08-28 09:44:15 +08:00
Andy Green
16f3e4cacf coverity 169267 - lwsgt strncpy may fill buffer without NUL 2016-08-28 09:10:40 +08:00
Andy Green
e35d91a860 per-vhost headers and lwsws conf support
This l;ets you add per-vhost arbitrary headers on served files, eg

     "headers": [{
        "X-Content-Type-Options": "nosniff",
        "X-XSS-Protection": "1; mode=block",
        "x-frame-options": "SAMEORIGIN"
        }],
2016-08-27 17:07:06 +08:00
Andy Green
7acf76cd3d esp8266 initial support 2016-08-10 21:20:23 +08:00
Andy Green
0fa6821214 Plugin server-status cleanup 2016-08-10 21:20:23 +08:00
Andy Green
2671b7469a plugins-dim-webpage-when-connection-lost 2016-07-14 08:57:28 +08:00
Andy Green
722cc4a366 plugin table dirlisting 2016-07-14 08:57:28 +08:00
Andy Green
4e75ae3b4e protocol-lws-messageboard
This is a simple messageboard built on top of lwsgs

Signed-off-by: Andy Green <andy@warmcat.com>
2016-06-28 14:51:44 +08:00
Andy Green
7a2fc442b6 protocol generic sessions
Signed-off-by: Andy Green <andy@warmcat.com>
2016-06-18 06:44:31 +08:00
Andy Green
c55fd27d75 introduce urlencode decode and sql escape public apis
This adds

 - simple lws_urlencode()
 - simple lws_urldecode()
 - simple lws_sql_purify

Those expect the data to all be there and process it up until
the first '\0'.

There is also a larger opaque apis for handling POST_BODY urldecode.  To
enable these, you need to give cmake -DLWS_WITH_STATEFUL_URLDECODE=1 (or
arrange any larger feature that relies on it sets that in CMakeLists.txt)

 - stateful urldecode with parameter array

These have create / process / destroy semantics on a struct that maintains
decode state.

Stateful urldecode is capable of dealing with large POST data in multiple
POST_BODY callbacks cleanly, eg, file transfer by POST.

Stateful urldecode with parameter array wraps the above with a canned
callback that stores the urldecoded data and indexes them in a pointer
array matching an array of parameter names.

You may also pass it an optional callback when creating it, that will recieve
uploaded file content.

The test html is updated to support both urlencoded and multipart forms,
with some javascript to do clientside validation of an arbitrary 100KB
file size limit (there is no file size limit in the apis).

Signed-off-by: Andy Green <andy@warmcat.com>
2016-06-14 12:04:38 +08:00
Andy Green
488e05a6b4 plugins add win modifiers before libwebsockets.h for dll export flag
Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-26 07:52:20 +08:00
Andy Green
82e883f7ad clean correct file comment at top and remove pointless LWS_CALLBACK_HTTP
Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-21 15:18:30 +08:00
Andy Green
81a5a125f4 deprecate misnamed lws_vhost_get add lws_get_vhost
All the other simple accessors begin lws_get_...

Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-17 13:47:44 +08:00
Andy Green
3dcbf6abc1 deprecate duplicated lws_protocol_get
Use the identical lws_get_protocol()

Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-17 13:33:58 +08:00
Andy Green
bf31c1bc87 win32 libuv related build fixes
https://github.com/warmcat/libwebsockets/issues/526

On master, cleanups and refactor mean the last two problems already
don't exist (array is gone from main.c and http.c is deleted)

Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-13 08:20:12 +08:00
Andy Green
2700d1c0c3 protocol_client_loopback_test
This is used to confirm that SSL client connections can coexist with
a vhost doing serving.

To set it up,

/*
 * This is a bit fiddly...
 *
 * 0) If you want the wss:// test to work, make sure the vhost is marked with
 *    enable-client-ssl if using lwsws, or call lws_init_vhost_client_ssl() on
 *    the vhost if you're doing it by hand.
 *
 * 1) enable the protocol on a vhost
 *
 *      "ws-protocols": [{
 *     "client-loopback-test": {
 *      "status": "ok"
 *     },  ...
 *
 *     the vhost should listen on 80 (ws://) or 443 (wss://)
 *
 * 2) mount the http part of the test one level down on the same vhost, eg
 *   {
 *      "mountpoint": "/c",
 *      "origin": "callback://client-loopback-test"
 *   }
 *
 * 3) Use a browser to visit the mountpoint with a URI attached for looping
 *    back, eg, if testing on localhost
 *
 *    http://localhost/c/ws://localhost
 *    https://localhost/c/wss://localhost
 *
 * 4) The HTTP part of this test protocol will try to do the requested
 *    ws client connection, to the same test protocol on the same
 *    server.
 */

Results should look like this

lwsws[29938]: client connection to localhost:443 with ssl: 1 started
lwsws[29938]: server part: LWS_CALLBACK_ESTABLISHED
lwsws[29938]: checking client ext permessage-deflate
lwsws[29938]: instantiating client ext permessage-deflate
lwsws[29938]: Client connection established
lwsws[29938]: Client connection received 7 from server 'Made it'

Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-12 21:14:13 +08:00
Andy Green
b24aaeb822 add protocol plugin for post demo
Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-09 10:05:43 +08:00