At the time callback LWS_CALLBACK_FILTER_NETWORK_CONNECTION is called,
there is no client connection information yet, so the parameter wsi
still pointing to the main server connection. Add an description of
this behavior to the documentation.
To enable this code you need to force LWS_HAS_PPOLL to de defined.
#defining it at the top of libwebsockets.c is enough.
Signed-off-by: Andy Green <andy.green@linaro.org>
This provides a single place for pollfd event changing,
external locking for that and extpoll management.
It saves about 85 lines of duplication and simplifies the callers.
Signed-off-by: Andy Green <andy.green@linaro.org>
This adds two new callbacks in protocols[0] that are optional for allowing limited thread
access to libwebsockets, LWS_CALLBACK_LOCK_POLL and LWS_CALLBACK_UNLOCK_POLL.
If you use them, they protect internal and external poll list changes, but if you want to use
external thread access to libwebsocket_callback_on_writable() you have to implement your
locking here even if you don't use external poll support.
If you will use another thread for this, take a lot of care about managing your list of
live wsi by doing it from ESTABLISHED and CLOSED callbacks (with your own locking).
Signed-off-by: Andy Green <andy.green@linaro.org>
If enabled one listening socket will accept both SSL and plain HTTP connections.
Do not enable if you regard SSL handshake as some kind of security, eg, use
client-side certs to restrict access.
AG: changed flag names, added extra comments, changelog, add -a in test server
Signed-off-by: James Devine <fxmulder@gmail.com>
Signed-off-by: Andy Green <andy@warmcat.com>
This patch deploys the truncated send work to buffer output in case
either send() or the SSL send return a temporary "unable to send"
condition even though they signalled as writeable.
I added a by-default #if 0 test jig which enforces only half of what
you want to send is sendable, this is working when enabled.
One subtle change is that the pipe reports choked if there is any
pending remaining truncated send. Otherwise it should be transparent.
Hopefully...
Signed-off-by: Andy Green <andy.green@linaro.org>
We can't force the wsi state to HTTP_BODY without considering the callback
may already have set the state to sending a file.
This fixes the bug that we can get stalled in the test app at
"choked before able to send whole file"
Signed-off-by: Andy Green <andy.green@linaro.org>
The only part that actually goes to this label is inside such an ifdef,
so building without extension support makes gcc bail out since an unused
label is considered an error in this project.
Svetlin wrote on github
According to RFC2616, all header field names in both HTTP requests and HTTP responses are case-insensitive. But libwebsockets uses a case-sensitive compare.
Reproduce:
Run libwebsockets against a server that sends all of its HTTP header field names in lower-case (for example: https://github.com/extend/cowboy). libwebsockets reports an error. The expected behavior is no errors reported and a successful handshake procedure.
This changes the parser reference table in minilex to all lower case.
The code to walk the parser tables then just forces a tolower on the incoming chars.
This (and minilex tables) only applies to header names.
Reported-by: svetlin-mladnov <?@github>
Signed-off-by: Andy Green <andy.green@linaro.org>
If the URI coming from the client contains '?' then
- the URI part is terminated with a '\0'
- the remainder of the URI goes in a new header WSI_TOKEN_HTTP_URI_ARGS
- the remainder of the URI is not subject to path sanitization measures (it
still has %xx processing done on it)
In the test server, http requests now also dump header information to stderr.
The attack.sh script is simplified and can now parse the test server header dumps.
Signed-off-by: Andy Green <andy.green@linaro.org>
This translates %xx in the GET uri and removes /.. and /... type sequences along with
translating // or /// etc to /.
Since the result is hopefully secure, it also changes the test server to actually use
the uri path pasted on a resource directory without whitelisting.
Signed-off-by: Andy Green <andy.green@linaro.org>
