Commit graph

37 commits

Author SHA1 Message Date
Andy Green
6be573f2c9 v2.2.0 2017-03-08 14:15:01 +08:00
Andy Green
58a26ebf45 lejp-conf: add timeout-secs 2017-01-02 19:57:54 +08:00
Andy Green
be9fb919d1 context deprecation
1) This makes lwsws run a parent process with the original permissions.
But this process is only able to respond to SIGHUP, it doesn't do anything
else.

2) You can send this parent process a SIGHUP now to cause it to

 - close listening sockets in existing lwsws processes

 - mark those processes as to exit when the number of active connections
   on the falls to zero

 - spawn a fresh child process from scratch, using latest configuration
   file content, latest plugins, etc.  It can now reopen listening sockets
   if it chooses to, or open different listen ports or whatever.

Notes:

1) lws_context_destroy() has been split into two pieces... the reason for
the split is the first part closes the per-vhost protocols, but since
they may have created libuv objects in the per-vhost protocol storage,
these cannot be freed until after the loop has been run.

That's the purpose of the second part of the context destruction,
lws_context_destroy2().

For compatibility, if you are not using libuv, the first part calls the
second part.  However if you are using libuv, you must now call the
second part from your own main.c after the first part.
2016-12-20 14:37:07 +08:00
Andy Green
ee94621b40 basic-auth 2016-12-16 22:08:13 +08:00
Andy Green
3b93e344f6 Add reject service keywords list 2016-10-13 06:32:57 +08:00
Andy Green
4cfe81dfba ubuntu: fix uv detection for lwsws 2016-10-05 14:00:55 +08:00
Andy Green
e35d91a860 per-vhost headers and lwsws conf support
This l;ets you add per-vhost arbitrary headers on served files, eg

     "headers": [{
        "X-Content-Type-Options": "nosniff",
        "X-XSS-Protection": "1; mode=block",
        "x-frame-options": "SAMEORIGIN"
        }],
2016-08-27 17:07:06 +08:00
Patrick Gansterer
387e50bd8f Allow serving files without known mimetype
RFC2616 only says that any HTTP/1.1 message containing an entity-body
SHOULD include a Content-Type header field defining the media type of
that body.
RFC2119 defines SHOULD as: This word mean that there may exist valid
reasons in particular circumstances to ignore a particular item, but
the full implications must be understood and carefully weighed before
choosing a different course.

AG: this isn't an oversight, it's paranoia about sending out /etc/passwd
or /etc/shadow accidentally.

I agree it should be allowed if people really want to override it.  But
the default should remain like it is I think.

I adapted the patch to allow the extra mimetype "*": "" to be declared on
a mount, as a wildcard match that serves the file without a Content-Type.
2016-08-14 19:28:29 +08:00
Andy Green
f32d25051c ws ping pong on idle connections
This adds a new member to the context creation info struct "ws_ping_pong_interval".

If nonzero, it sets the number of seconds that established ws connections are
allowed to be idle before a PING is forced to be sent.  If zero (the default) then
tracking of idle connection is disabled for backwards compatibility.

Timeouts cover both the period between decision to send the ping and it being
sent (because it needs the socket to become writeable), and the period between
the ping being sent and the PONG coming back.

INFO debug logs are issues when the timeout stuff is operating.

You can test the server side by running the test server hacked to set ws_ping_pong_interval
and debug log mask of 15.  Both the mirror protocol and the server-status protocol are
idle if nothing is happening and will trigger the PING / PONG testing.  (You can also
test using lwsws and /etc/lwsws/conf with "ws-pingpong-secs": "20" in the global section)

For client, run the test client with -n -P 20 for 20s interval.  -n stops the test client
writing using the mirror protocol, so it will be idle and trigger the PING / PONGs.

The timeout interval may be up to +10s late, as lws checks for affected connections every
10s.
2016-08-10 21:20:23 +08:00
Andy Green
02f880d9b6 doxygen use sections 2016-07-14 08:57:28 +08:00
Andy Green
0aa382f6fb lejp-conf: substitute _lws_ddir_ with install dir 2016-07-14 08:57:28 +08:00
Andy Green
cd6a70672b lejp_conf: pmo as alias for cgi-env
Since cgi-env only applies for cgi types, we can
re-use it for generic per-mount options (pmo)
2016-07-14 08:57:28 +08:00
Andy Green
014481e912 documentation convert to doxygen
Signed-off-by: Andy Green <andy@warmcat.com>
2016-07-14 08:57:27 +08:00
Andy Green
1ec8ba893a openssl allow set clear of ssl options from info 2016-06-10 11:09:27 +08:00
Andy Green
011f915dd0 ipv6only add lejp conf and flag docs
Signed-off-by: Andy Green <andy@warmcat.com>
2016-06-04 09:01:28 +08:00
Andy Green
2dc7ddecfd ipv6 move disable to vhost option
Server ipv6 support disable is now controlled by vhost->options rather
than context->options, allowing it to be set per-vhost.



Signed-off-by: Andy Green <andy@warmcat.com>
2016-06-03 21:19:40 +08:00
Andy Green
34b8161e04 lwsws update example conf to be 7681 no ssl test server
It's going to be much easier to transition to lwsws
if the example config exactly matches what used to be
seen from the default test server.

# mkdir -p /etc/lwsws/conf.d /var/log/lwsws
# cp ./lwsws/etc-lwsws-conf-EXAMPLE /etc/lwsws/conf
# cp ./lwsws/etc-lwsws-conf.d-localhost-EXAMPLE /etc/lwsws/conf.d/test-server
# sudo lwsws

Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-17 08:54:42 +08:00
Andy Green
8ef14c0e0a lwsws conf mount extra mimetypes
This patch adds the ability to provide extra mimtypes on a mount.

lwsws conf learns how to do them.

Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-14 10:22:56 +08:00
Andy Green
6954daabd2 lwsws conf allow setting cipher list and ecdh curve
Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-14 09:50:34 +08:00
Andy Green
fb8be0507e add lws_init_vhost_client_ssl api to allow client ssl use on a vhost
Also add lwsws "enable-client-ssl": "1" vhost option to match.

Client cert iclient ssl is not supported in lwsws, if someone wants it, it can be added.

Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-12 21:14:13 +08:00
Andy Green
b24aaeb822 add protocol plugin for post demo
Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-09 10:05:43 +08:00
Andy Green
f6585285cb protocol plugins set default
Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-06 14:24:59 +08:00
Andy Green
cae57ad98d plugins_dir convert to array
If OOT lws plugins will be packaged as separate projects,
they're going to want to install their plugins somewhere
that makes sense for the package instead of one big lws
plugin dir.

This patch changes info to have a const char ** to a NULL
terminated array of directories it should search for
plugins.  lwsws knows about this and you can add to the
dir array using config fragments like

{
  "global": {
   "plugin-dir": "/usr/local/share/coherent-timeline/plugins"
  }
}

if the config fragment in /etc/lwsws/conf.d/ is also managed by the
package with the plugin, it can very cleanly add and remove itself
from lwsws based on package install status.

Signed-off-by: Andy Green <andy@warmcat.com>
2016-05-02 10:03:25 +08:00
Andy Green
734f10a19b logs document logrotate configuration for lwsws
After discussion here

https://libwebsockets.org/pipermail/libwebsockets/2016-April/002304.html

Signed-off-by: Andy Green <andy@warmcat.com>
2016-04-26 19:07:17 +08:00
Andy Green
42e8b189dc http cache policy
This allows mounts to define the caching policy of the files inside them.

Support is added in lwsws for controlling it from the config files.

The api for serializing a mount struct opaquely is removed and lws_http_mount struct
made public... it was getting out of control trying to hide the options.

Signed-off-by: Andy Green <andy@warmcat.com>
2016-04-22 08:53:49 +08:00
Andy Green
980614035f plugin lws server status
Signed-off-by: Andy Green <andy@warmcat.com>
2016-04-18 20:05:43 +08:00
Andy Green
b21c20b5ff context settable server string
Signed-off-by: Andy Green <andy@warmcat.com>
2016-04-15 13:58:24 +08:00
Andy Green
2f0bc93d46 lws access log option and lwsws conf
This adds the ability to store apache-compatible logs to a file given at
vhost-creation time.

lwsws conf can set it per-vhost using "access-log": "<filepath>"

The feature defaults to disabled at cmake, it can be set independently but
LWS_WITH_LWSWS set it on.

Signed-off-by: Andy Green <andy@warmcat.com>
2016-04-15 13:58:24 +08:00
Andy Green
868b9f2ecb strict transport security vhost option flag and lwsws conf support
Signed-off-by: Andy Green <andy@warmcat.com>
2016-04-14 21:27:38 +08:00
Andy Green
a1ab201436 lwsws conf unix sockets support vhost conf option
Signed-off-by: Andy Green <andy@warmcat.com>
2016-04-14 21:27:38 +08:00
Andy Green
1042b34127 lwsws conf move interface to be vhost attribute
Signed-off-by: Andy Green <andy@warmcat.com>
2016-04-14 21:27:38 +08:00
Andy Green
b46e4a866d vhost keepalive timeout
Signed-off-by: Andy Green <andy@warmcat.com>
2016-04-14 20:59:16 +08:00
Andy Green
f5efa74cb7 cgi post
Signed-off-by: Andy Green <andy@warmcat.com>
2016-04-13 11:53:40 +08:00
Andy Green
a5e73a1a4b lwsws cgi integration
Signed-off-by: Andy Green <andy@warmcat.com>
2016-04-13 11:53:40 +08:00
Andy Green
37098ae2a2 lwsws protocol filter and options
Signed-off-by: Andy Green <andy@warmcat.com>
2016-04-08 16:13:14 +08:00
Andy Green
020770566e plugins
This adds support for dynamically loaded plugins at runtime, which
can expose their own protocols or extensions transparently.

With these changes lwsws defaults to OFF in cmake, and if enabled it
automatically enables plugins and libuv support.

Signed-off-by: Andy Green <andy@warmcat.com>
2016-04-07 09:38:08 +08:00
Andy Green
cd0c696a0d lwsws Libwebsockets Web Server
This makes a start on the LibWebSockets WebServer.

The app cmake build support and JSON config parsing are implemented and
the app can start, create the vhosts, listen and serve file:// mounts on
them.

Signed-off-by: Andy Green <andy@warmcat.com>
2016-03-28 10:49:57 +08:00