Commit graph

1579 commits

Author SHA1 Message Date
Andy Green
7a1327977a add locking callback for fds
This adds two new callbacks in protocols[0] that are optional for allowing limited thread
access to libwebsockets, LWS_CALLBACK_LOCK_POLL and LWS_CALLBACK_UNLOCK_POLL.

If you use them, they protect internal and external poll list changes, but if you want to use
external thread access to libwebsocket_callback_on_writable() you have to implement your
locking here even if you don't use external poll support.

If you will use another thread for this, take a lot of care about managing your list of
live wsi by doing it from ESTABLISHED and CLOSED callbacks (with your own locking).

Signed-off-by: Andy Green <andy.green@linaro.org>
2013-12-18 09:48:26 +08:00
James Devine
5b34c975ae Optionally allow non-SSL connections on same port as SSL
If enabled one listening socket will accept both SSL and plain HTTP connections.

Do not enable if you regard SSL handshake as some kind of security, eg, use
client-side certs to restrict access.

AG: changed flag names, added extra comments, changelog, add -a in test server

Signed-off-by: James Devine <fxmulder@gmail.com>
Signed-off-by: Andy Green <andy@warmcat.com>
2013-12-14 11:41:29 +08:00
James Chen
4ebedc2c30 windows use msvc baestd and ssize_t from there
Signed-off-by: James Chen <jianhua.chen@cocos2d-x.org>
2013-12-14 11:35:01 +08:00
Christian Wyss
8ff88e9df0 distinguish error from truncation
Signed-off-by: Christian Wyss <christian.wyss@gfk.com>
2013-12-10 21:34:30 +08:00
John Harrison
8d5793bc16 ie10 lws url workaround
Signed-off-by: John Harrison <john@h-agtec.com>
2013-12-10 21:20:03 +08:00
mroszko
793e7c07d8 NO_EXTENSIONS fixes
Trac #52

Signed-off-by: Andy Green <andy.green@linaro.org>
2013-12-10 21:15:00 +08:00
Andy Green
2764eba89f handle EAGAIN during send
This patch deploys the truncated send work to buffer output in case
either send() or the SSL send return a temporary "unable to send"
condition even though they signalled as writeable.

I added a by-default #if 0 test jig which enforces only half of what
you want to send is sendable, this is working when enabled.

One subtle change is that the pipe reports choked if there is any
pending remaining truncated send.  Otherwise it should be transparent.

Hopefully...

Signed-off-by: Andy Green <andy.green@linaro.org>
2013-12-09 14:16:17 +08:00
Andy Green
aa08492021 solve broken partial file sends
We can't force the wsi state to HTTP_BODY without considering the callback
may already have set the state to sending a file.

This fixes the bug that we can get stalled in the test app at
"choked before able to send whole file"

Signed-off-by: Andy Green <andy.green@linaro.org>
2013-12-09 11:27:07 +08:00
Andy Green
ca15338545 interpret zero rx buffer size as default in http
Reported by pystub

https://github.com/warmcat/libwebsockets/pull/33#issuecomment-29578258

Signed-off-by: Andy Green <andy.green@linaro.org>
2013-12-08 21:26:52 +08:00
Andreas Pakulat
944a78dc58 protect the label with an ifdef
The only part that actually goes to this label is inside such an ifdef,
so building without extension support makes gcc bail out since an unused
label is considered an error in this project.
2013-11-24 14:28:48 +08:00
Jonti
e01cb9a49d Subject: [PATCH] Fixed the logging of OpenSSL errors to report the correct
details for the current OpenSSL error
2013-11-24 14:24:02 +08:00
kapejod
ce64fb0f58 Support for HTTP POST.
Rewritten by Andy Green to use chunks, add timeout, use extra states in handshake not parser.

Signed-off-by: Andy Green <andy@warmcat.com>
2013-11-24 10:36:37 +08:00
prasannateamf1
b353a458cd support for client authentication based on certs 2013-11-24 10:25:09 +08:00
Andy Green
909a3720c7 case insensitive http headers
Svetlin wrote on github

According to RFC2616, all header field names in both HTTP requests and HTTP responses are case-insensitive. But libwebsockets uses a case-sensitive compare.

Reproduce:
Run libwebsockets against a server that sends all of its HTTP header field names in lower-case (for example: https://github.com/extend/cowboy). libwebsockets reports an error. The expected behavior is no errors reported and a successful handshake procedure.


This changes the parser reference table in minilex to all lower case.

The code to walk the parser tables then just forces a tolower on the incoming chars.

This (and minilex tables) only applies to header names.

Reported-by: svetlin-mladnov <?@github>
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-11-13 08:03:05 +08:00
Andy Green
1e3f7b8de9 introduce uri args
If the URI coming from the client contains '?' then

 - the URI part is terminated with a '\0'

 - the remainder of the URI goes in a new header WSI_TOKEN_HTTP_URI_ARGS

 - the remainder of the URI is not subject to path sanitization measures (it
    still has %xx processing done on it)

In the test server, http requests now also dump header information to stderr.

The attack.sh script is simplified and can now parse the test server header dumps.

Signed-off-by: Andy Green <andy.green@linaro.org>
2013-11-13 07:45:17 +08:00
Andy Green
d3f6873942 back up directory paths properly
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-11-13 06:53:21 +08:00
Andy Green
4e7a13314d real http status codes update attack.sh
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-11-11 07:30:33 +08:00
Andy Green
6f42910987 uri santitation fixes deal with single dot update attack.sh
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-11-11 06:14:52 +08:00
Andy Green
b1a9e508cd translate and protect uri test sever use uri path
This translates %xx in the GET uri and removes /.. and /... type sequences along with
translating // or /// etc to /.

Since the result is hopefully secure, it also changes the test server to actually use
the uri path pasted on a resource directory without whitelisting.

Signed-off-by: Andy Green <andy.green@linaro.org>
2013-11-10 15:15:21 +08:00
Andy Green
19895bcfd4 introduce LWS_CALLBACK_FILTER_HTTP_CONNECTION
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-11-09 11:59:56 +08:00
Andy Green
6cd8880f23 add cookie example to test server
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-11-09 11:48:42 +08:00
Andy Green
7900256c8a allow other headers in http send file
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-11-09 11:40:38 +08:00
Andy Green
84fd949e05 make ah available in http callback properly
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-11-09 11:40:32 +08:00
Andy Green
cc13c6f187 improve minilex use external parsing header
Clean up minilex
Move the header output to stdout
Introduce lexfile.h as the header output
Use lexfile.h in both minilex itself and lws
Add the following header support

       "Accept:",
       "If-Modified-Since:",
       "Accept-Encoding:",
       "Accept-Language:",
       "Pragma:",
       "Cache-Control:",
       "Authorization:",
       "Cookie:",
       "Content-Type:",
       "Date:",
       "Range:",
       "Referer:"

Signed-off-by: Andy Green <andy.green@linaro.org>
2013-11-09 10:09:09 +08:00
Graham Newton
7ee4f890a3 windows workaround unsigned fd in emulated poll
A common practise to temporarily disable a socket in a poll call is to negate the socket fd.  poll should then ignore the socket.
emulated_poll does this with the following code:
        if (poll_fd->fd < 0 || !poll_fd->events)
            goto skip1;

However on Windows the fd field in WSAPOLLFD is unsigned int!!!  So the check for a negative fd value always fails.
This results in select returning an error with an error code of 10038 -- Socket operation on nonsocket.
The fix is to type cast fd like so:
        if ((int)poll_fd->fd < 0 || !poll_fd->events)

This may be the cause of some high CPU load reports.  I noticed the load being 50% with my application running on Windows XP.

Signed-off-by: Graham Newton <gnewton@peavey-eu.com>
2013-11-09 08:11:41 +08:00
Andy Green
d1eac60f81 interface improve visibility fail if not found
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-11-09 08:07:38 +08:00
Andreas Pakulat
dae94d8adc Windows Fix usage in Windows XP targetting projects
This is important since this stuff is in publicly included headers
and even though the usage of the WSAPoll API is a runtime decision
the public headers may be used in code that needs to build with
_WIN32_WINNT=0x0501 to support WinXP.

When building a project using libwebsockets with that define set
to 0x0501 winsock.h will not define the WSAPOLLFD struct causing that
project to fail to compile.
2013-11-04 10:18:14 +08:00
Andy Green
29338d9ef3 unixify websock w32.h line endings
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-11-04 10:17:50 +08:00
Andreas Pakulat
fe8589c07c Windows Fix include for win32helpers
The installed headers are all in the same directory, so no relative
path possible there. The cmake files already add the win32helpers
directory to the include paths, so this builds just fine.
2013-11-04 10:12:08 +08:00
Andreas Pakulat
7e8674007d Windows Fix installing the dll
Without a runtime install directory, cmake won't install the dll at
all. Only the import library was installed. So fix that.
2013-11-04 10:08:42 +08:00
Andreas Pakulat
68bd4bd7bf Support _WIN32 in addition to WIN32 define
MSVC8 and MSVC9 set only _WIN32, so support that define as well to be able
to compile libwebsockets with those compilers.
2013-11-04 10:04:31 +08:00
Andreas Pakulat
39ceebcfbf Drop wsockcompat.h header its not part of msvc
I don't see a wsockcompat.h anywhere in MSVC9 or MSVC8 and their
corresponding sdk's. It does not seem like this is a standard windows
header, so better drop that and add the compat-defines to the same
place that already has other WSA compat defines.
2013-11-04 09:53:59 +08:00
Graham Newton
b1aa1d3389 handle HUP on any mode socket
I am using libwebsockets on Windows 7 in external poll mode.
I am finding that if I present a socket fd on a normal HTTP connection
(LWS_CONNMODE_HTTP_SERVING:) to libwebsocket_service_fd with just a HUP
event, the event doesn't get handled but revents gets cleared indicating
that the event has been handled.  Should it be handled in the same way
as LWS_CONNMODE_WS_SERVING?

(Modified by AG to apply to all sockets)

Signed-off-by: Andy Green <andy.green@linaro.org>
Signed-off-by: Graham Newton <gnewton@peavey-eu.com>
2013-11-04 09:47:06 +08:00
Andy Green
9b8a29f8ca trac41 WIN32 add wsockcompat.h
Using Windows 7 64 bit, cloned repo on 20130926. Using Qt creator and Microsoft Visual C++ Compiler 9.0 (x86).
Result (errors from compile output): D:\Projects\CDPStudioAPI\libwebsockets_orig\lib\client-handshake.c:87: error: C2065: 'EALREADY' : undeclared identifier
D:\Projects\CDPStudioAPI\libwebsockets_orig\lib\client-handshake.c:87: error: C2065: 'EINPROGRESS' : undeclared identifier
Possible solution is to use wsockcompat.h (compatibility header for using EALREADY, EINPROGRESS etc in older versions of Windows SDK). Compiled fine when I #included wsockcompat.h into client-handshake.c

Reported-by: mart22n via Trac 41
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-10-26 21:18:44 +08:00
Andy Green
81877e6a4c v1.2.3 changelog update
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-10-26 20:36:08 +08:00
Markus Elfring
7521233176 make header protection unique remove __prefix
Signed-off-by: Markus Elfring <markus.elfring@web.de>
2013-10-26 20:23:00 +08:00
Markus Elfring
299244f7fc fix cmake quoting
A few parameters (like "${PROJECT_BINARY_DIR}/lws_config.h" and "${PROJECT_SOURCE_DIR}/lib") are passed to CMake commands in your build script without enclosing them by quotation marks. I see that these places will result in build difficulties if the contents of the used variables will contain special characters like spaces.

Signed-off-by: Markus Elfring <markus.elfring@web.de>
2013-10-26 20:03:43 +08:00
shys
cfa8ac34c7 cover-proxy-read-EAGAIN.patch
Subject: [PATCH] Because of nonblocking sockets reading from  proxy might not
 work in one turn. We should check for EAGAIN.
2013-10-25 22:30:25 +08:00
shys
5efcb3f7de Subject: [PATCH] Additional check for EISONN. On iOS "if (connect()) == -1 ||
errno == EISCONN)" doesn't work.
2013-10-25 22:28:28 +08:00
shys
6b5c1af439 Subject: [PATCH] On iOS with nonblocking sockets I experience SSL error which
is not really an error (
 http://lists.freeradius.org/pipermail/freeradius-users/2009-August/040155.html
 ). Added check for that. Additional fixes for comments and logging.
2013-10-25 22:26:36 +08:00
u0u0
44e260e004 fix origin
And fix client header of Origin, add prefix "http://" to make a valid URI, to make golang websocket server happy.
2013-10-25 22:17:21 +08:00
Andy Green
36efd82da6 defer changing to proxy uri until connected
Reported-by: shyswork
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-10-25 22:07:57 +08:00
Andy Green
6811457323 add EISCONN handling to client connect attempt
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-10-24 22:32:06 +08:00
shys
24f4eb648b wait ssl connect completion on client proxy path
Subject: [PATCH] We can ran into situation (at least on iOS) when with openssl
 nonblocking BIO and http proxy we don't perform ssl_connect straight away so
 we need to retry until we finish ssl_connect. If we don't do that we will
 fail in LWS_CONNMODE_WS_CLIENT_WAITING_PROXY_REPLY when testing for "HTTP/1.0
 200" successful connection.

Signed-off-by: shys <shyswork@zoho.com>
2013-10-24 22:27:08 +08:00
shys
b4e800e333 manual proxy forcing api
add function to manually setup proxy. Useful on iOS where
 getenv doesn't return proxy settings

Simplified by AG

Signed-off-by: shys <shyswork@zoho.com>
Signed-off-by: Andy Green <andy@warmcat.com>
2013-10-24 22:12:03 +08:00
Arokux X
e0b3d13fbf CMAKE help if cwd not git dir
Hi all,

please consider applying the patch below. The git is called in some
different directory and that is why fails. I'm not sure why it was
called in different directory, maybe because I build libwebsockets
with CMake's ExternalProject.

Best,
Arokux

Signed-off-by: Arokux X <arokux@gmail.com>
2013-10-24 21:53:39 +08:00
Andy Green
8d15cf4a14 fix typo in NO_SERVER case
Reported-by: shyswork via github
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-10-24 21:47:06 +08:00
Andy Green
8b2d6f0ee7 use compatible_close for sockets
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-10-22 06:49:30 +08:00
Andy Green
0c0bf4a985 fix clean return path user code handle
Signed-off-by: Andy Green <andy.green@linaro.org>
2013-10-18 19:23:06 +08:00
Andy Green
1f4267bda8 add explicit error for partial send
This patch adds code to handle the situation that a prepared user buffer could not all be sent on the
socket at once.  There are two kinds of situation to handle

1) User code handles it: The connection only has extensions active that do not rewrite the buffer.
In this case, the patch caused libwebsocket_write() to simply return the amount of user buffer that
was consumed (this is specifically the amount of user buffer used in sending what was accepted,
nothing else).  So user code can just advance its buffer that much and resume sending when the socket
is writable again.  This continues the frame rather than starting a new one or new fragment.

2) The connections has extensions active which actually send something quite different than what the
user buffer contains, for example a compression extension.  In this case, libwebsockets will dynamically
malloc a buffer to contain a copy of the remaining unsent data, request notifiction when writeable again,
and automatically spill and free this buffer with the highest priority before passing on the writable
notification to anything else.  For this situation, the call to write will return that it used the
whole user buffer, even though part is still rebuffered.

This patch should enable libwebsockets to detect the two cases and take the appropriate action.

There are also two choices for user code to deal with partial sends.

1) Leave the no_buffer_all_partial_tx member in the protocol struct at zero.  The library will dyamically
buffer anything you send that did not get completely written to the socket, and automatically spill it next
time the socket is writable.  You can use this method if your sent frames are relatvely small and unlikely to get
truncated anyway.

2) Set the no_buffer_all_partial_tx member in the protocol struct.  User code now needs to take care of the
return value from libwebsocket_write() and deal with resending the remainder if not all of the requested amount
got sent.  You should use this method if you are sending large messages and want to maximize throughput and efficiency.

Since the new member no_buffer_all_partial_tx will be zero by default, this patch will auto-rebuffer any
partial sends by default.  That's good for most cases but if you attempt to send large blocks, make sure you
follow option 2) above.

Signed-off-by: Andy Green <andy.green@linaro.org>
2013-10-17 08:09:19 +08:00