Openssl v1.0.2 and above have support for checking the hostname
the client side connected to against the hostname on the cert the
server presented.
This enables that feature if the necessary API is available in the
openssl version, meaning the connection will fail at ssl negotiation if the
cert isn't for the requested server
It's very easy to test, add a fake entry to /etc/hosts for the server IP with
a different name, using that will fail at ssl but using the correct dns name
matching the certificate will work.
This adds
- simple lws_urlencode()
- simple lws_urldecode()
- simple lws_sql_purify
Those expect the data to all be there and process it up until
the first '\0'.
There is also a larger opaque apis for handling POST_BODY urldecode. To
enable these, you need to give cmake -DLWS_WITH_STATEFUL_URLDECODE=1 (or
arrange any larger feature that relies on it sets that in CMakeLists.txt)
- stateful urldecode with parameter array
These have create / process / destroy semantics on a struct that maintains
decode state.
Stateful urldecode is capable of dealing with large POST data in multiple
POST_BODY callbacks cleanly, eg, file transfer by POST.
Stateful urldecode with parameter array wraps the above with a canned
callback that stores the urldecoded data and indexes them in a pointer
array matching an array of parameter names.
You may also pass it an optional callback when creating it, that will recieve
uploaded file content.
The test html is updated to support both urlencoded and multipart forms,
with some javascript to do clientside validation of an arbitrary 100KB
file size limit (there is no file size limit in the apis).
Signed-off-by: Andy Green <andy@warmcat.com>
lejp is already in lws as part of lwsws. However it's too generally useful
to just put directly in lwsws, it will lead to multiple copies of the source
in differet subprojects.
This moves it directly into lws, lwsws now gets it from there.
Like lwsws, by default at cmake it is disabled. Selecting LWS_WITH_LWSWS now
selects LWS_WITH_LEJP and you can set that at cmake individually as well.
Signed-off-by: Andy Green <andy@warmcat.com>
This adds the ability to store apache-compatible logs to a file given at
vhost-creation time.
lwsws conf can set it per-vhost using "access-log": "<filepath>"
The feature defaults to disabled at cmake, it can be set independently but
LWS_WITH_LWSWS set it on.
Signed-off-by: Andy Green <andy@warmcat.com>
This adds support for dynamically loaded plugins at runtime, which
can expose their own protocols or extensions transparently.
With these changes lwsws defaults to OFF in cmake, and if enabled it
automatically enables plugins and libuv support.
Signed-off-by: Andy Green <andy@warmcat.com>
polarssl is the old name for mbedtls. Unfortunately the two are confused in eg,
Fedora. For our purposes, polarssl or mbedtls < 2.0 has includes in
/usr/include/polarssl and polarssl_ apis and we call that "polarssl".
polarssl or mbedtls >=2.0 has includes in /usr/include/mbedtls and mbedtls_ apis,
we call that "mbedtls".
This has to be spelled out clearly because eg Fedora has a package "mbedtls" which
is 1.3.x and has the polarssl_ apis and include path. We will deal with that as
"polarssl" despite the package name then.
This patch lets you use LWS_USE_POLARSSL or LWS_USE_MBEDTLS and set the include and
library path like this
cmake .. -DLWS_USE_POLARSSL=1 -DLWS_POLARSSL_INCLUDE_DIRS=/usr/include -DLWS_POLARSSL_LIBRARIES=/usr/lib64/libmbedtls.so.9
This patch adds the cmake support and adapts [private-]libwebsockets.h but doesn't
modify the apis in ssl[-*].c yet.
Signed-off-by: Andy Green <andy@warmcat.com>
If you enable -DLWS_WITH_HTTP_PROXY=1 at cmake, the test server has a
new URI path http://localhost:7681/proxytest If you visit here, a client
connection to http://example.com:80 is spawned, and the results piped on
to your original connection.
Also with LWS_WITH_HTTP_PROXY enabled at cmake, lws wants to link to an
additional library, "libhubbub". This allows lws to do html rewriting on the
fly, adjusting proxied urls in a lightweight and fast way.
This gets the libuv stuff plumbed in and working.
Currently it's only workable for some service thread, and there
is an isolated valgrind problem left
==28425== 128 bytes in 1 blocks are definitely lost in loss record 3 of 3
==28425== at 0x4C28C50: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==28425== by 0x4C2AB1E: realloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==28425== by 0x58BBB27: maybe_resize (core.c:748)
==28425== by 0x58BBB27: uv__io_start (core.c:787)
==28425== by 0x58C1B80: uv__signal_loop_once_init (signal.c:225)
==28425== by 0x58C1B80: uv_signal_init (signal.c:260)
==28425== by 0x58BF7A6: uv_loop_init (loop.c:66)
==28425== by 0x4157F5: lws_uv_initloop (libuv.c:89)
==28425== by 0x405536: main (test-server-libuv.c:284)
libuv wants to sign off on all libuv 'handles' that will close, and
callback to do the close confirmation asynchronously. The wsi close function
is adapted when libuv is in use to work with libuv accordingly and exit the uv
loop the number of remaining wsi is zero.
Signed-off-by: Andy Green <andy.green@linaro.org>
This adds support for multithreaded service to lws without adding any
threading or locking code in the library.
At context creation time you can request split the service part of the
context into n service domains, which are load-balanced so that the most
idle one gets the next listen socket accept.
There's a single listen socket on one port still.
User code may then spawn n threads doing n service loops / poll()s
simultaneously. Locking is only required (I think) in the existing
FD lock callbacks already handled by the pthreads server example,
and that locking takes place in user code. So the library remains
completely agnostic about the threading / locking scheme.
And by default, it's completely compatible with one service thread
so no changes are required by people uninterested in multithreaded
service.
However for people interested in extremely lightweight mass http[s]/
ws[s] service with minimum provisioning, the library can now do
everything out of the box.
To test it, just try
$ libwebsockets-test-server-pthreads -j 8
where -j controls the number of service threads
Signed-off-by: Andy Green <andy.green@linaro.org>
Extend the cleanout caused by wsi having a context pointer
into the public api.
There's no point keeping the 1.5 compatibility work,
we have changed the api in several places and
rebuilt wasn't going to be enough a while ago.
Signed-off-by: Andy Green <andy.green@linaro.org>
This changeset adds a few preprocessor macros to lws_config.h to allow
a user of libwebsockets to determine at compile time which version of
lws they are compiling against.
This exposes the already existing LWS_LIBRARY_VERSION_MAJOR and _MINOR
values, and adds LWS_LIBRARY_VERSION_PATCH. This suggests that future
minor bugfix release versions of lws would be e.g. 1.6.0 -> 1.6.1 rather
than the style used previously: 1.2 -> 1.21.
The way this is currently set up means new minor revisions (with
_PATCH==0) always end with .0 but I could change this if preferred.
The most important addition is LWS_LIBRARY_VERSION_NUMBER, which
produces a number of the form 1005001 for version 1.5.1 - i.e. each part
major, minor, patch can extend from 0-999. This macro allows a very easy
compile time comparison of version numbers.
This is off by default, use
-D LWS_WITH_OLD_API_WRAPPERS=1
on cmake to get the old api names exported from the library as wrappers
around the new api names.
This allows the library to continue to be compatible with apps that are
not rebuilt with the new libwebsockets.h api compatibility defines.
Signed-off-by: Andy Green <andy.green@linaro.org>
Commit 173e9c4e made LWS_SEND_BUFFER_SIZE a multiple of a certain
value returned by _LWS_PAD_SIZE macro. This macro expanded to
"sizeof(void *)" on non-x86_64 architectures, which made it
unsuitable to use LWS_SEND_BUFFER_SIZE in preprocessor #if
expressions in the library user code.
This patch preserves the padding logic since commit 173e9c4e but
makes it more preprocessor-friendly for applications using
libwebsockets by setting _LWS_PAD_SIZE to the size of "void *"
determined by cmake when libwebsockets is configured for the
target platform.
Signed-off-by: Alexander Lukichev <alexander.lukichev@gmail.com>
is no problem on a unix system with sys/types.h
However on Windows it will result in a #undef pid_t ... When libwebsockets is used with pthreads32 which typedefs pid_t itself, it will fail to build with some weird errors.
Also since we're exporitng these macros to the entire world via libwebsockets.h we should not define a VERSION macro. Which is defined improperly anyway.
Since we include lws_config.h in the public headers, at least our HAVE_ macros should be kind of unique, so that we don't get redefinitions when used with other libraries using config files as well.
This patch lets libwebsockets use the lastest version of wolfSSL (the new name for CyaSSL).
The reason for the patch is that allthough wolfSSL provides compatibility headers for (old) projects using CyaSSL,
these are incomplete and do not work for libwebsockets.
The patch also fixes a typo in CMakeLists.txt where CYASSL_LIBRARIES was added to include_directories() instead of CYASSL_INCLUDE_DIRS.
Signed-off-by: ABruines <alexander.bruines@gmail.com>
* Default CMAKE_BUILD_TYPE to Release
* Use CMAKE_BUILD_TYPE to define _DEBUG (NDEBUG is more standard though,
but cmake defines it)
* Drop LWS_WITHOUT_DEBUG (use CMAKE_BUILD_TYPE for that)
* Drop LWS_NO_EXTERNAL_POLL (was not used)
* Drop CMAKE_BUILD (CMake is the only build system now)
* Add LWS_WITH_STATIC and LWS_WITH_SHARED to choose what version(s) to
build
* Add LWS_XXX_LIBRARIES and LWS_XXX_INCLUDE_DIRS for each library
dependency (zlib, openssl, libev, cyassl)
* Support setting of XXX_LIBRARIES, XXX_LIBRARIES and XXX_INCLUDE_DIRS
by parent project (when included with add_subdirectory())
* Rename LWS_USE_EXTERNAL_ZLIB to LWS_USE_BUNDLED_ZLIB and default it to
NO (since it's Windows only)
* Default LWS_WITHOUT_DAEMONIZE to NO (since network lib shouldn't know
how to do it anyway)
* Rename config.h.cmake to lws_config.h.in
* Rename shared library to websockets_shared so linker will not be
confused
* Fix inline keyword detection in clang
* Explicitly set MACOSX_RPATH to YES on MacOS
