1) There's now a .fops pointer that can be set in the context creation info. If set, the array of
fops it points to (terminated by an entry with .open = NULL) is walked to find out the best vfs filesystem
path match (comparing the vfs path to fops.path_prefix) for which fops to use.
If none given (.fops is NULL in info) then behaviour is as before, fops are the platform-provided one only.
2) The built in fileserving now walks any array of fops looking for the best fops match automatically.
3) lws_plat_file_... apis are renamed to lws_vfs_file_...
Basically we support openssl api compatibles only.
If we ever try something different we need a shim making it openssl api or a proper abstraction layer added first.
Thanks to Fabrice Gilot for reporting the problem that led to uncovering this.
Due to a misunderstanding of the return value of snprintf (it is not truncated according
to the max size passed in) in several places relying on snprintf to truncate the length
overflows are possible.
This patch wraps snprintf with a new lws_snprintf() which does truncate its length to allow
the buffer limiting scheme to work properly.
All users should update with these fixes.
When using http/1.1+ keepalive and mounts, the relationship between
a connection and a protocol becomes dynamic. The same connection might
visit different bits of the url space served by different mounts using
different protocols.
This patch ensures protocols can cleanly manage their per-connection
allocations by using the following callbacks when the protocol changes
LWS_CALLBACK_HTTP_BIND_PROTOCOL
LWS_CALLBACK_HTTP_DROP_PROTOCOL
For example if the pss wants to malloc stuff at runtime, it should do it
in LWS_CALLBACK_HTTP_BIND_PROTOCOL or later, and clean it up in
...DROP_PROTOCOL.
Signed-off-by: Andy Green <andy@warmcat.com>
This adds
- simple lws_urlencode()
- simple lws_urldecode()
- simple lws_sql_purify
Those expect the data to all be there and process it up until
the first '\0'.
There is also a larger opaque apis for handling POST_BODY urldecode. To
enable these, you need to give cmake -DLWS_WITH_STATEFUL_URLDECODE=1 (or
arrange any larger feature that relies on it sets that in CMakeLists.txt)
- stateful urldecode with parameter array
These have create / process / destroy semantics on a struct that maintains
decode state.
Stateful urldecode is capable of dealing with large POST data in multiple
POST_BODY callbacks cleanly, eg, file transfer by POST.
Stateful urldecode with parameter array wraps the above with a canned
callback that stores the urldecoded data and indexes them in a pointer
array matching an array of parameter names.
You may also pass it an optional callback when creating it, that will recieve
uploaded file content.
The test html is updated to support both urlencoded and multipart forms,
with some javascript to do clientside validation of an arbitrary 100KB
file size limit (there is no file size limit in the apis).
Signed-off-by: Andy Green <andy@warmcat.com>
https://github.com/warmcat/libwebsockets/issues/501
This demonstrates how to do a 303 redirect on POST and provide
the results there, in both libwebsockets-test-server and the
plugin version.
Signed-off-by: Andy Green <andy@warmcat.com>
If you enable -DLWS_WITH_HTTP_PROXY=1 at cmake, the test server has a
new URI path http://localhost:7681/proxytest If you visit here, a client
connection to http://example.com:80 is spawned, and the results piped on
to your original connection.
Also with LWS_WITH_HTTP_PROXY enabled at cmake, lws wants to link to an
additional library, "libhubbub". This allows lws to do html rewriting on the
fly, adjusting proxied urls in a lightweight and fast way.
Connections must hold an ah for the whole time they are
processing one header set, even if eg, the headers are
fragmented and it involves network roundtrip times.
However on http1.1 / keepalive, it must drop the ah when
there are no more header sets to deal with, and reacquire
the ah later when more data appears. It's because the
time between header sets / http1.1 requests is unbounded
and the ah would be tied up forever.
But in the case that we got pipelined http1.1 requests,
even partial already buffered, we must keep the ah,
resetting it instead of dropping it. Because we store
the rx data conveniently in a per-tsi buffer since it only
does one thing at a time per thread, we cannot go back to
the event loop to await a new ah inside one service action.
But no problem since we definitely already have an ah,
let's just reuse it at http completion time if more rx is
already buffered.
NB: attack.sh makes request with echo | nc, this
accidentally sends a trailing '\n' from the echo showing
this problem. With this patch attack.sh can complete well.
Signed-off-by: Andy Green <andy.green@linaro.org>
Since struct lws (wsi) now has his own context pointer,
we were able to remove the need for passing context
almost everywhere in the apis.
In turn, that means there's no real use for context being
passed to every callback; in the rare cases context is
needed user code can get it with lws_get_ctx(wsi)
Signed-off-by: Andy Green <andy.green@linaro.org>
Extend the cleanout caused by wsi having a context pointer
into the public api.
There's no point keeping the 1.5 compatibility work,
we have changed the api in several places and
rebuilt wasn't going to be enough a while ago.
Signed-off-by: Andy Green <andy.green@linaro.org>
This makes the URI argument processing split each parameter into
a "fragment". Processing header content as fragments already exists
in lws, because it's legal to deliver header content by repeating
the header.
Now there's an api to access individual fragments, also add the
code to the test server to print each URI argument separately.
Adapt attack.sh to parse the fragments.
Signed-off-by: Andy Green <andy.green@linaro.org>
Having the lws_context alone doesn't let us track state or act different
by wsi, which is the most interesting usecase. Eg not only simply track
file position / decompression state per wsi but also act differently
according to wsi authentication state / associated cookies.
Signed-off-by: Andy Green <andy.green@linaro.org>
This is a rewrite of the patch from Soapyman here
https://github.com/warmcat/libwebsockets/pull/363
The main changes compared to Soapyman's original patch are
- There's no new stuff in the info struct user code does any overrides
it may want to do explicitly after lws_context_create returns
- User overrides for file ops can call through (subclass) to the original
platform implementation using lws_get_fops_plat()
- A typedef is provided for plat-specific fd type
- Public helpers are provided to allow user code to be platform-independent
about file access, using the lws platform file operations underneath:
static inline lws_filefd_type
lws_plat_file_open(struct lws_plat_file_ops *fops, const char *filename,
unsigned long *filelen, int flags)
static inline int
lws_plat_file_close(struct lws_plat_file_ops *fops, lws_filefd_type fd)
static inline unsigned long
lws_plat_file_seek_cur(struct lws_plat_file_ops *fops, lws_filefd_type fd,
long offset_from_cur_pos)
static inline int
lws_plat_file_read(struct lws_plat_file_ops *fops, lws_filefd_type fd,
unsigned long *amount, unsigned char *buf, unsigned long len)
static inline int
lws_plat_file_write(struct lws_plat_file_ops *fops, lws_filefd_type fd,
unsigned long *amount, unsigned char *buf, unsigned long len)
There's example documentation and implementation in the test server.
Signed-off-by: Andy Green <andy.green@linaro.org>
This nukes all the oldstyle prefixes except in the compatibility code.
struct libwebsockets becomes struct lws too.
The api docs are updated accordingly as are the READMEs that mention
those apis.
Signed-off-by: Andy Green <andy.green@linaro.org>
Change all internal uses of rationalized public apis to reflect the
new names.
Theer are a few things that got changed as side effect of search/replace
matches, but these are almost all internal. I added a compatibility define
for the public enum that got renamed.
Theoretically existing code should not notice the difference from these
two patches. And new code will find the new names.
https://github.com/warmcat/libwebsockets/issues/357
Signed-off-by: Andy Green <andy.green@linaro.org>
