roubustness handle problems in read loop better

[profile/ivi/libwebsockets.git] / README.build

Building the library and test apps
----------------------------------

You need to regenerate the autotools and libtoolize stuff for your system

$ ./autogen.sh

Then for a Fedora x86_86 box, the following config line was
needed:

 ./configure --prefix=/usr --libdir=/usr/lib64 --enable-openssl

For Apple systems, Christopher Baker reported that this is needed
(and I was told separately enabling openssl makes trouble somehow)

./configure CC="gcc -arch i386 -arch x86_64" CXX="g++ -arch i386 -arch
x86_64" CPP="gcc -E" CXXCPP="g++ -E" --enable-nofork

For mingw build, I did the following to get working build, ping test is
disabled when building this way

1) install mingw64_w32 compiler packages from Fedora
2) additionally install mingw64-zlib package
3) ./configure --prefix=/usr --enable-mingw --host=x86_64-w64-mingw32
4) make

For uClibc, you will likely need --enable-builtin-getifaddrs

For cross-building, here's an example using the Linaro ARM toolchain

./configure --prefix=/usr --host=arm-linux-gnueabi --without-client --without-extensions

you can build cross with client and extensions perfectly well, but
apart from the size shrink this has the nice characteristic that no
non-toolchain libraries are needed to build it.


otherwise if /usr/local/... and /usr/local/lib are OK then...

$ ./configure
$ make clean
$ make && sudo make install
$ libwebsockets-test-server

should be enough to get a test server listening on port 7861.


Configure script options
------------------------

There are several other possible configure options

--enable-libcrypto      by default libwebsockets uses its own
                        built-in md5 and sha-1 implementation for
                        simplicity.  However the libcrypto ones
                        may be faster, and in a distro context it
                        may be highly desirable to use a common
                        library implementation for ease of security
                        upgrades.  Give this configure option
                        to disable the built-in ones and force use
                        of the libcrypto (part of openssl) ones.

--with-client-cert-dir=dir   tells the client ssl support where to
                             look for trust certificates to validate
                             the remote certificate against.

--enable-noping         Don't try to build the ping test app
                        It needs some unixy environment that
                        may choke in other build contexts, this
                        lets you cleanly stop it being built
                        
--enable-builtin-getifaddrs  if your libc lacks getifaddrs, you can build an
                        implementation into the library.  By default your libc
                        one is used.

--without-testapps      Just build the library not the test apps

--without-client        Don't build the client part of the library nor the
                        test apps that need the client part.  Useful to
                        minimize library footprint for embedded server-only
                        case

--without-server        Don't build the server part of the library nor the
                        test apps that need the server part.  Useful to
                        minimize library footprint for embedded client-only
                        case

--without-daemonize     Don't build daemonize.c / lws_daemonize

--disable-debug         Remove all debug logging below lwsl_notice in severity
                        from the code -- it's not just defeated from logging
                        but removed from compilation

--without-extensions    Remove all code and data around protocol extensions.
                        This reduces the code footprint considerably but
                        you will lose extension features like compression.
                        However that may be irrelevant for embedded use and
                        the code / data size / speed improvements may be
                        critical.

--with-latency          Builds the latency-tracking code into the library...
                        this slows your library down a bit but is very useful
                        to find the cause of unexpected latencies occurring
                        inside the library.  See README.test-apps for more
                        info


Externally configurable important constants
-------------------------------------------

You can control these from configure by just setting them as commandline
args throgh CFLAGS, eg

./configure CFLAGS="-DLWS_MAX_ZLIB_CONN_BUFFER=8192"


They all have reasonable defaults usable for all use-cases except resource-
constrained, so you only need to take care about them if you want to tune them
to the amount of memory available.

 - LWS_MAX_HEADER_NAME_LENGTH default 64: max characters in an HTTP header
name that libwebsockets can cope with

 - LWS_MAX_HEADER_LEN default 4096: largest HTTP header value string length
libwebsockets can cope with

 - LWS_INITIAL_HDR_ALLOC default 256: amount of memory to allocate initially,
tradeoff between taking too much and needless realloc

 - LWS_ADDITIONAL_HDR_ALLOC default 64: how much to additionally realloc if
the header value string keeps coming

 - MAX_USER_RX_BUFFER default 4096: max amount of user rx data to buffer at a
time and pass to user callback LWS_CALLBACK_RECEIVE or
LWS_CALLBACK_CLIENT_RECEIVE.  Large frames are passed to the user callback
in chunks of this size.  Tradeoff between per-connection static memory
allocation and if you expect to deal with large frames, how much you can
see at once which can affect efficiency.

 - MAX_BROADCAST_PAYLOAD default 4096: largest amount of user tx data we can
broadcast at a time

 - LWS_MAX_PROTOCOLS default 10: largest amount of different protocols the
server can serve

 - LWS_MAX_EXTENSIONS_ACTIVE default 10: largest amount of extensions we can
choose to have active on one connection

 - SPEC_LATEST_SUPPORTED default 13: only change if you want to remove support
for later protocol versions... unlikely

 - AWAITING_TIMEOUT default 5: after this many seconds without a response, the
server will hang up on the client

 - CIPHERS_LIST_STRING default "DEFAULT": SSL Cipher selection.  It's advisable
to tweak the ciphers allowed to be negotiated on secure connections for
performance reasons, otherwise a slow algorithm may be selected by the two
endpoints and the server could expend most of its time just encrypting and
decrypting data, severely limiting the amount of messages it will be able to
handle per second.  For example::

    "RC4-MD5:RC4-SHA:AES128-SHA:AES256-SHA:HIGH:!DSS:!aNULL"

 - SYSTEM_RANDOM_FILEPATH default "/dev/urandom": if your random device differs
you can set it here

 - LWS_MAX_ZLIB_CONN_BUFFER  maximum size a compression buffer is allowed to
grow to before closing the connection.  Some limit is needed or any connecton
can exhaust all server memory by sending it 4G buffers full of zeros which the
server is expect to expand atomically.  Default is 64KBytes.

 - LWS_SOMAXCONN  maximum number of pending connect requests the listening
socket can cope with.  Default is SOMAXCONN.  If you need to use synthetic
tests that just spam hundreds of connect requests at once without dropping
any, you can try messing with these as well as ulimit (see later)
(courtesy Edwin van der Oetelaar)

echo "2048 64512" > /proc/sys/net/ipv4/ip_local_port_range
echo "1" > /proc/sys/net/ipv4/tcp_tw_recycle
echo "1" > /proc/sys/net/ipv4/tcp_tw_reuse
echo "10" > /proc/sys/net/ipv4/tcp_fin_timeout
echo "65536" > /proc/sys/net/core/somaxconn
echo "65536" > /proc/sys/net/ipv4/tcp_max_syn_backlog
echo "262144" > /proc/sys/net/netfilter/nf_conntrack_max


Memory efficiency
-----------------

Update at 35f332bb46464feb87eb

Embedded server-only configuration without extensions (ie, no compression
on websocket connections), but with full v13 websocket features and http
server, built on ARM Cortex-A9:

./configure --without-client --without-extensions --disable-debug --enable-nofork --without-daemonize

.text   .rodata .data   .bss
11476   2664    288     4

Context Creation, 1024 fd limit[2]: 12288 (12 bytes per fd)
Per-connection [3]: 4400 bytes


This shows the impact of the major configuration with/without options at
13ba5bbc633ea962d46d using Ubuntu ARM on a PandaBoard ES.

These are accounting for static allocations from the library elf, there are
additional dynamic allocations via malloc

Static allocations, ARM9
                                .text   .rodata .data   .bss
 All (no without)               35024   9940    336     4104
 without client                 25684   7144    336     4104
 without client, exts           21652   6288    288     4104
 without client, exts, debug[1] 19756   3768    288     4104
 without server                 30304   8160    336     4104
 without server, exts           25382   7204    288     4104
 without server, exts, debug[1] 23712   4256    288     4104

Dynamic allocations: ARM9 (32 bit)

 Context Creation, 1024 fd limit[2] in ulimit:  12288  (12 bytes per fd)
 Per-connection (excluding headers[3]):          8740

Dynamic allocations: x86_64 (64 bit)

 Context Creation, 1024 fd limit[2] in ulimit:  16384  (16 bytes per fd)
 Per-connection (excluding headers[3]):          9224

[1] --disable-debug only removes messages below lwsl_notice.  Since that is
the default logging level the impact is not noticable, error, warn and notice
logs are all still there.

[2] 1024 fd per process is the default limit (set by ulimit) in at least Fedora
and Ubuntu.

[3] known headers are retained via additional mallocs for the lifetime of the
connection