My Browsers send as Subprotocols e.g. chat, superchat, mySubprotocol (with spaces after the ,). Libwebsockets now checked if ' mySubprotocol' was equal to 'mySubprotocol' which failed. With this fix the leading space is ignored and uses 'mySubprotocol' for comparision.
The `listen` call can fail with EADDRINUSE after bind() succeeds, for
example because another process called listen on that port in the
meantime, or under some circumstances with IPv6-mapped-IPv4. This was
causing EINVAL on accept, with an infinite loop in case of libuv.
A reproducible example was to run nc -l -p 5555 ( OpenBSD netcat (Debian
patchlevel 1)) before starting test-server
Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
From linux ipv6(7) manual (section `Note`):
SOL_IP, SOL_IPV6, SOL_ICMPV6 and other SOL_* socket options are
nonportable variants of IPPROTO_*. See also ip(7).
Ref: http://man7.org/linux/man-pages/man7/ipv6.7.html
There are two kinds of reaason to call lws_header_table_reset(), one is we are reallocating
a destroyed ah to another wsi, and the other is we are moving to the next pipelined header set
still on the same wsi, and we need a "weaker" reset that only clears down the state related
to the header parsing, not everything about the ah context including the ah rx buffer.
This patch moves the ah rxbuffer rxpos and rxlen resetting out of lws_header_table_reset() and to
be the responsibility of the caller. Callers who are moving the ah to another wsi are
patched to deal with resetting rxpos and rxlen and lws_http_transaction_completed() who only
resets the ah when moving to the next pipelined headers, no longer wrongly clears the ah rxbuf.
https://github.com/warmcat/libwebsockets/issues/638
Thanks to Fabrice Gilot for reporting the problem that led to uncovering this.
Due to a misunderstanding of the return value of snprintf (it is not truncated according
to the max size passed in) in several places relying on snprintf to truncate the length
overflows are possible.
This patch wraps snprintf with a new lws_snprintf() which does truncate its length to allow
the buffer limiting scheme to work properly.
All users should update with these fixes.
RFC2616 only says that any HTTP/1.1 message containing an entity-body
SHOULD include a Content-Type header field defining the media type of
that body.
RFC2119 defines SHOULD as: This word mean that there may exist valid
reasons in particular circumstances to ignore a particular item, but
the full implications must be understood and carefully weighed before
choosing a different course.
AG: this isn't an oversight, it's paranoia about sending out /etc/passwd
or /etc/shadow accidentally.
I agree it should be allowed if people really want to override it. But
the default should remain like it is I think.
I adapted the patch to allow the extra mimetype "*": "" to be declared on
a mount, as a wildcard match that serves the file without a Content-Type.
This adds a new member to the context creation info struct "ws_ping_pong_interval".
If nonzero, it sets the number of seconds that established ws connections are
allowed to be idle before a PING is forced to be sent. If zero (the default) then
tracking of idle connection is disabled for backwards compatibility.
Timeouts cover both the period between decision to send the ping and it being
sent (because it needs the socket to become writeable), and the period between
the ping being sent and the PONG coming back.
INFO debug logs are issues when the timeout stuff is operating.
You can test the server side by running the test server hacked to set ws_ping_pong_interval
and debug log mask of 15. Both the mirror protocol and the server-status protocol are
idle if nothing is happening and will trigger the PING / PONG testing. (You can also
test using lwsws and /etc/lwsws/conf with "ws-pingpong-secs": "20" in the global section)
For client, run the test client with -n -P 20 for 20s interval. -n stops the test client
writing using the mirror protocol, so it will be idle and trigger the PING / PONGs.
The timeout interval may be up to +10s late, as lws checks for affected connections every
10s.
When using http/1.1+ keepalive and mounts, the relationship between
a connection and a protocol becomes dynamic. The same connection might
visit different bits of the url space served by different mounts using
different protocols.
This patch ensures protocols can cleanly manage their per-connection
allocations by using the following callbacks when the protocol changes
LWS_CALLBACK_HTTP_BIND_PROTOCOL
LWS_CALLBACK_HTTP_DROP_PROTOCOL
For example if the pss wants to malloc stuff at runtime, it should do it
in LWS_CALLBACK_HTTP_BIND_PROTOCOL or later, and clean it up in
...DROP_PROTOCOL.
Signed-off-by: Andy Green <andy@warmcat.com>
This adds
- simple lws_urlencode()
- simple lws_urldecode()
- simple lws_sql_purify
Those expect the data to all be there and process it up until
the first '\0'.
There is also a larger opaque apis for handling POST_BODY urldecode. To
enable these, you need to give cmake -DLWS_WITH_STATEFUL_URLDECODE=1 (or
arrange any larger feature that relies on it sets that in CMakeLists.txt)
- stateful urldecode with parameter array
These have create / process / destroy semantics on a struct that maintains
decode state.
Stateful urldecode is capable of dealing with large POST data in multiple
POST_BODY callbacks cleanly, eg, file transfer by POST.
Stateful urldecode with parameter array wraps the above with a canned
callback that stores the urldecoded data and indexes them in a pointer
array matching an array of parameter names.
You may also pass it an optional callback when creating it, that will recieve
uploaded file content.
The test html is updated to support both urlencoded and multipart forms,
with some javascript to do clientside validation of an arbitrary 100KB
file size limit (there is no file size limit in the apis).
Signed-off-by: Andy Green <andy@warmcat.com>
Server ipv6 support disable is now controlled by vhost->options rather
than context->options, allowing it to be set per-vhost.
Signed-off-by: Andy Green <andy@warmcat.com>
This makes it easy for user code to choose the size of the per-thread
buffer used by various things in lws, including file transfer chunking.
Previously it was 4096, if you leave info.pt_serv_buf_size as zero that
is still the default.
With some caveats, you can increase transfer efficiency by increasing it
to, eg, 128KiB, if that makes sense for your memory situation.
Signed-off-by: Andy Green <andy@warmcat.com>
There's no reason to not have the mounts linked list init also in the info
struct, rather than provide as a paramater to lws_create_vhost(). Now
is a good time to normalize that since this api only exists in master.
This also allows oldstyle "do everything at context creation time in one
vhost" guys to leverage mounts.
Also there's no reason the mounts linked-list pointer and all uses in lws
are non-const, so make them all explicitly const *.
Update the info struct docs to clarify which members are used when creating
a vhost and which for context creation.
Signed-off-by: Andy Green <andy@warmcat.com>
