10 There's a new member in the info struct used to control context creation,
11 ssl_private_key_password, which allows passing into lws the passphrase on
14 There's a new member in struct protocols, id, which is ignored by lws but can
15 be used by the user code to mark the selected protocol by user-defined version
16 or capabliity flag information, for the case multiple versions of a protocol are
20 v1.3-chrome37-firefox30
21 =======================
24 CMakeLists.txt | 447 +++--
28 cmake/LibwebsocketsConfig.cmake.in | 17 +
29 cmake/LibwebsocketsConfigVersion.cmake.in | 11 +
31 cross-ming.cmake | 31 +
32 cross-openwrt-makefile | 91 +
33 lib/client-handshake.c | 205 ++-
34 lib/client-parser.c | 58 +-
36 lib/context.c | 341 ++++
37 lib/extension-deflate-frame.c | 2 +-
38 lib/extension.c | 178 ++
39 lib/handshake.c | 287 +---
40 lib/lextable.h | 338 ++++
42 lib/libwebsockets.c | 2089 +++--------------------
43 lib/libwebsockets.h | 253 ++-
44 lib/lws-plat-unix.c | 404 +++++
45 lib/lws-plat-win.c | 358 ++++
46 lib/minilex.c | 530 +++---
47 lib/output.c | 445 ++---
48 lib/parsers.c | 682 ++++----
49 lib/pollfd.c | 239 +++
50 lib/private-libwebsockets.h | 501 +++++-
51 lib/server-handshake.c | 274 +--
52 lib/server.c | 858 ++++++++--
53 lib/service.c | 517 ++++++
55 lib/ssl-http2.c | 78 +
56 lib/ssl.c | 571 +++++++
57 test-server/attack.sh | 101 +-
58 test-server/test-client.c | 9 +-
59 test-server/test-echo.c | 17 +-
60 test-server/test-fraggle.c | 7 -
61 test-server/test-ping.c | 12 +-
62 test-server/test-server.c | 330 ++--
63 test-server/test.html | 4 +-
64 win32port/client/client.vcxproj | 259 ---
65 win32port/client/client.vcxproj.filters | 39 -
66 .../libwebsocketswin32.vcxproj.filters | 93 -
67 win32port/server/server.vcxproj | 276 ---
68 win32port/server/server.vcxproj.filters | 51 -
69 win32port/win32helpers/gettimeofday.h | 59 +-
70 win32port/win32helpers/netdb.h | 1 -
71 win32port/win32helpers/strings.h | 0
72 win32port/win32helpers/sys/time.h | 1 -
73 win32port/win32helpers/unistd.h | 0
74 win32port/win32helpers/websock-w32.c | 104 --
75 win32port/win32helpers/websock-w32.h | 62 -
76 win32port/win32port.sln | 100 --
77 win32port/zlib/gzio.c | 3 +-
78 55 files changed, 6779 insertions(+), 5059 deletions(-)
84 POST method is supported
86 The protocol 0 / HTTP callback can now get two new kinds of callback,
87 LWS_CALLBACK_HTTP_BODY (in and len are a chunk of the body of the HTTP request)
88 and LWS_CALLBACK_HTTP_BODY_COMPLETION (the expected amount of body has arrived
89 and been passed to the user code already). These callbacks are used with the
90 post method (see the test server for details).
92 The period between the HTTP header completion and the completion of the body
93 processing is protected by a 5s timeout.
95 The chunks are stored in a malloc'd buffer of size protocols[0].rx_buffer_size.
98 New server option you can enable from user code
99 LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT allows non-SSL connections to
100 also be accepted on an SSL listening port. It's disabled unless you enable
104 Two new callbacks are added in protocols[0] that are optional for allowing
105 limited thread access to libwebsockets, LWS_CALLBACK_LOCK_POLL and
106 LWS_CALLBACK_UNLOCK_POLL.
108 If you use them, they protect internal and external poll list changes, but if
109 you want to use external thread access to libwebsocket_callback_on_writable()
110 you have to implement your locking here even if you don't use external
113 If you will use another thread for this, take a lot of care about managing
114 your list of live wsi by doing it from ESTABLISHED and CLOSED callbacks
115 (with your own locking).
117 If you configure cmake with -DLWS_WITH_LIBEV=1 then the code allowing the libev
118 eventloop instead of the default poll() one will also be compiled in. But to
119 use it, you must also set the LWS_SERVER_OPTION_LIBEV flag on the context
120 creation info struct options member.
122 IPV6 is supported and enabled by default except for Windows, you can disable
123 the support at build-time by giving -DLWS_IPV6=, and disable use of it even if
124 compiled in by making sure the flag LWS_SERVER_OPTION_DISABLE_IPV6 is set on
125 the context creation info struct options member.
127 You can give LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS option flag to
128 guarantee the OS CAs will not be used, even if that support was selected at
131 Optional "token limits" may be enforced by setting the member "token_limits"
132 in struct lws_context_creation_info to point to a struct lws_token_limits.
133 NULL means no token limits used for compatibility.
139 Extra optional argument to libwebsockets_serve_http_file() allows injecion
140 of HTTP headers into the canned response. Eg, cookies may be added like
141 that without getting involved in having to send the header by hand.
143 A new info member http_proxy_address may be used at context creation time to
144 set the http proxy. If non-NULL, it overrides http_proxy environment var.
146 Cmake supports LWS_SSL_CLIENT_USE_OS_CA_CERTS defaulting to on, which gets
147 the client to use the OS CA Roots. If you're worried somebody with the
148 ability to forge for force creation of a client cert from the root CA in
149 your OS, you should disable this since your selfsigned $0 cert is a lot safer
153 v1.23-chrome32-firefox24
154 ========================
157 CMakeLists.txt | 573 ++++++++----
158 COPYING | 503 -----------
159 INSTALL | 365 --------
161 README.build | 371 ++------
162 README.coding | 63 ++
163 autogen.sh | 1578 ---------------------------------
165 cmake/FindGit.cmake | 163 ++++
166 cmake/FindOpenSSLbins.cmake | 15 +-
167 cmake/UseRPMTools.cmake | 176 ++++
168 config.h.cmake | 25 +-
169 configure.ac | 226 -----
170 cross-arm-linux-gnueabihf.cmake | 28 +
171 lib/Makefile.am | 89 --
172 lib/base64-decode.c | 98 +-
173 lib/client-handshake.c | 123 ++-
174 lib/client-parser.c | 19 +-
175 lib/client.c | 145 ++-
176 lib/daemonize.c | 4 +-
177 lib/extension.c | 2 +-
178 lib/getifaddrs.h | 4 +-
179 lib/handshake.c | 76 +-
180 lib/libwebsockets.c | 491 ++++++----
181 lib/libwebsockets.h | 164 ++--
182 lib/output.c | 214 ++++-
183 lib/parsers.c | 102 +--
184 lib/private-libwebsockets.h | 66 +-
185 lib/server-handshake.c | 5 +-
188 libwebsockets-api-doc.html | 249 +++---
189 libwebsockets.pc.in | 11 -
190 libwebsockets.spec | 14 +-
192 scripts/FindLibWebSockets.cmake | 33 +
193 scripts/kernel-doc | 1 +
194 test-server/Makefile.am | 131 ---
195 test-server/leaf.jpg | Bin 0 -> 2477518 bytes
196 test-server/test-client.c | 78 +-
197 test-server/test-echo.c | 33 +-
198 test-server/test-fraggle.c | 26 +-
199 test-server/test-ping.c | 15 +-
200 test-server/test-server.c | 197 +++-
201 test-server/test.html | 5 +-
202 win32port/win32helpers/gettimeofday.c | 74 +-
203 win32port/win32helpers/websock-w32.h | 6 +-
204 48 files changed, 2493 insertions(+), 4212 deletions(-)
210 - You can now call libwebsocket_callback_on_writable() on http connectons,
211 and get a LWS_CALLBACK_HTTP_WRITEABLE callback, the same way you can
212 regulate writes with a websocket protocol connection.
214 - A new member in the context creation parameter struct "ssl_cipher_list" is
215 added, replacing CIPHERS_LIST_STRING. NULL means use the ssl library
216 default list of ciphers.
218 - Not really an api addition, but libwebsocket_service_fd() will now zero
219 the revents field of the pollfd it was called with if it handled the
220 descriptor. So you can tell if it is a non-lws fd by checking revents
221 after the service call... if it's still nonzero, the descriptor
222 belongs to you and you need to take care of it.
224 - libwebsocket_rx_flow_allow_all_protocol(protocol) will unthrottle all
225 connections with the established protocol. It's designed to be
226 called from user server code when it sees it can accept more input
227 and may have throttled connections using the server rx flow apis
228 while it was unable to accept any other input The user server code
229 then does not have to try to track while connections it choked, this
230 will free up all of them in one call.
232 - there's a new, optional callback LWS_CALLBACK_CLOSED_HTTP which gets
233 called when an HTTP protocol socket closes
235 - for LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION callback, the user_space alloc
236 has already been done before the callback happens. That means we can
237 use the user parameter to the callback to contain the user pointer, and
238 move the protocol name to the "in" parameter. The docs for this
239 callback are also updated to reflect how to check headers in there.
241 - libwebsocket_client_connect() is now properly nonblocking and async. See
242 README.coding and test-client.c for information on the callbacks you
243 can rely on controlling the async connection period with.
245 - if your OS does not support the http_proxy environment variable convention
246 (eg, reportedly OSX), you can use a new api libwebsocket_set_proxy()
247 to set the proxy details inbetween context creation and the connection
248 action. For OSes that support http_proxy, that's used automatically.
253 - the external poll callbacks now get the socket descriptor coming from the
254 "in" parameter. The user parameter provides the user_space for the
255 wsi as it normally does on the other callbacks.
256 LWS_CALLBACK_FILTER_NETWORK_CONNECTION also has the socket descriptor
257 delivered by @in now instead of @user.
259 - libwebsocket_write() now returns -1 for error, or the amount of data
260 actually accepted for send. Under load, the OS may signal it is
261 ready to send new data on the socket, but have only a restricted
262 amount of memory to buffer the packet compared to usual.
268 - libwebsocket_ensure_user_space() is removed from the public api, if you
269 were using it to get user_space, you need to adapt your code to only
270 use user_space inside the user callback.
272 - CIPHERS_LIST_STRING is removed
274 - autotools build has been removed. See README.build for info on how to
275 use CMake for your platform
278 v1.21-chrome26-firefox18
279 ========================
281 - Fixes buffer overflow bug in max frame size handling if you used the
282 default protocol buffer size. If you declared rx_buffer_size in your
283 protocol, which is recommended anyway, your code was unaffected.
285 v1.2-chrome26-firefox18
286 =======================
292 CMakeLists.txt | 544 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
293 LICENSE | 526 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
296 README.build | 258 ++++++++++++++++++++++++++++++++-----
297 README.coding | 52 ++++++++
298 changelog | 136 ++++++++++++++++++++
299 cmake/FindOpenSSLbins.cmake | 33 +++++
300 config.h.cmake | 173 +++++++++++++++++++++++++
301 configure.ac | 22 +++-
302 lib/Makefile.am | 20 ++-
303 lib/base64-decode.c | 2 +-
304 lib/client-handshake.c | 190 +++++++++++-----------------
305 lib/client-parser.c | 88 +++++++------
306 lib/client.c | 384 ++++++++++++++++++++++++++++++-------------------------
307 lib/daemonize.c | 32 +++--
308 lib/extension-deflate-frame.c | 58 +++++----
309 lib/extension-deflate-stream.c | 19 ++-
310 lib/extension-deflate-stream.h | 4 +-
311 lib/extension.c | 11 +-
312 lib/getifaddrs.c | 315 +++++++++++++++++++++++-----------------------
313 lib/getifaddrs.h | 30 ++---
314 lib/handshake.c | 124 +++++++++++-------
315 lib/libwebsockets.c | 736 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------------------------------
316 lib/libwebsockets.h | 237 ++++++++++++++++++++++------------
317 lib/output.c | 192 +++++++++++-----------------
318 lib/parsers.c | 966 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------------------------------------------------
319 lib/private-libwebsockets.h | 225 +++++++++++++++++++++------------
320 lib/server-handshake.c | 82 ++++++------
321 lib/server.c | 96 +++++++-------
322 libwebsockets-api-doc.html | 189 ++++++++++++++++++----------
323 libwebsockets.spec | 17 +--
324 test-server/attack.sh | 148 ++++++++++++++++++++++
325 test-server/test-client.c | 125 +++++++++---------
326 test-server/test-echo.c | 31 +++--
327 test-server/test-fraggle.c | 32 ++---
328 test-server/test-ping.c | 52 ++++----
329 test-server/test-server.c | 129 ++++++++++++-------
330 win32port/libwebsocketswin32/libwebsocketswin32.vcxproj | 279 ----------------------------------------
331 win32port/libwebsocketswin32/libwebsocketswin32.vcxproj.filters | 23 +++-
332 41 files changed, 4398 insertions(+), 2219 deletions(-)
338 - lws_get_library_version() returns a const char * with a string like
339 "1.1 9e7f737", representing the library version from configure.ac
340 and the git HEAD hash the library was built from
342 - TCP Keepalive can now optionally be applied to all lws sockets, on Linux
343 also with controllable timeout, number of probes and probe interval.
344 (On BSD type OS, you can only use system default settings for the
345 timing and retries, although enabling it is supported by setting
346 ka_time to nonzero, the exact value has no meaning.)
347 This enables detection of idle connections which are logically okay,
348 but are in fact dead, due to network connectivity issues at the server,
349 client, or any intermediary. By default it's not enabled, but you
350 can enable it by setting a non-zero timeout (in seconds) at the new
351 ka_time member at context creation time.
353 - Two new optional user callbacks added, LWS_CALLBACK_PROTOCOL_DESTROY which
354 is called one-time per protocol as the context is being destroyed, and
355 LWS_CALLBACK_PROTOCOL_INIT which is called when the context is created
356 and the protocols are added, again it's a one-time affair.
357 This lets you manage per-protocol allocations properly including
358 cleaning up after yourself when the server goes down.
363 - libwebsocket_create_context() has changed from taking a ton of parameters
364 to just taking a pointer to a struct containing the parameters. The
365 struct lws_context_creation_info is in libwebsockets.h, the members
366 are in the same order as when they were parameters to the call
367 previously. The test apps are all updated accordingly so you can
368 see example code there.
370 - Header tokens are now deleted after the websocket connection is
371 established. Not just the header data is saved, but the pointer and
372 length array is also removed from (union) scope saving several hundred
373 bytes per connection once it is established
375 - struct libwebsocket_protocols has a new member rx_buffer_size, this
376 controls rx buffer size per connection of that protocol now. Sources
377 for apps built against older versions of the library won't declare
378 this in their protocols, defaulting it to 0. Zero buffer is legal,
379 it causes a default buffer to be allocated (currently 4096)
381 If you want to receive only atomic frames in your user callback, you
382 should set this to greater than your largest frame size. If a frame
383 comes that exceeds that, no error occurs but the callback happens as
384 soon as the buffer limit is reached, and again if it is reached again
385 or the frame completes. You can detect that has happened by seeing
386 there is still frame content pending using
387 libwebsockets_remaining_packet_payload()
389 By correctly setting this, you can save a lot of memory when your
390 protocol has small frames (see the test server and client sources).
392 - LWS_MAX_HEADER_LEN now defaults to 1024 and is the total amount of known
393 header payload lws can cope with, that includes the GET URL, origin
394 etc. Headers not understood by lws are ignored and their payload
395 not included in this.
401 - The configuration-time option MAX_USER_RX_BUFFER has been replaced by a
402 buffer size chosen per-protocol. For compatibility, there's a default
403 of 4096 rx buffer, but user code should set the appropriate size for
406 - LWS_INITIAL_HDR_ALLOC and LWS_ADDITIONAL_HDR_ALLOC are no longer needed
407 and have been removed. There's a new header management scheme that
408 handles them in a much more compact way.
410 - libwebsockets_hangup_on_client() is removed. If you want to close the
411 connection you must do so from the user callback and by returning
414 - libwebsocket_close_and_free_session() is now private to the library code
415 only and not exposed for user code. If you want to close the
416 connection, you must do so from the user callback by returning -1
423 - Cmake project file added, aimed initially at Windows support: this replaces
424 the visual studio project files that were in the tree until now.
426 - CyaSSL now supported in place of OpenSSL (--use-cyassl on configure)
428 - PATH_MAX or MAX_PATH no longer needed
430 - cutomizable frame rx buffer size by protocol
432 - optional TCP keepalive so dead peers can be detected, can be enabled at
433 context-creation time
435 - valgrind-clean: no SSL or CyaSSL: completely clean. With OpenSSL, 88 bytes
436 lost at OpenSSL library init and symptomless reports of uninitialized
437 memory usage... seems to be a known and ignored problem at OpenSSL
439 - By default debug is enabled and the library is built for -O0 -g to faclitate
440 that. Use --disable-debug configure option to build instead with -O4
441 and no -g (debug info), obviously providing best performance and
444 - 1.0 introduced some code to try to not deflate small frames, however this
445 seems to break when confronted with a mixture of frames above and
446 below the threshold, so it's removed. Veto the compression extension
447 in your user callback if you will typically have very small frames.
449 - There are many memory usage improvements, both a reduction in malloc/
450 realloc and architectural changes. A websocket connection now
451 consumes only 296 bytes with SSL or 272 bytes without on x86_64,
452 during header processing an additional 1262 bytes is allocated in a
453 single malloc, but is freed when the websocket connection starts.
454 The RX frame buffer defined by the protocol in user
455 code is also allocated per connection, this represents the largest
456 frame you can receive atomically in that protocol.
458 - On ARM9 build, just http+ws server no extensions or ssl, <12Kbytes .text
459 and 112 bytes per connection (+1328 only during header processing)
462 v1.1-chrome26-firefox18
463 =======================
469 README-test-server | 291 ---
470 README.build | 239 ++
471 README.coding | 138 ++
473 README.test-apps | 272 +++
474 configure.ac | 116 +-
475 lib/Makefile.am | 55 +-
476 lib/base64-decode.c | 5 +-
477 lib/client-handshake.c | 121 +-
478 lib/client-parser.c | 394 ++++
479 lib/client.c | 807 +++++++
480 lib/daemonize.c | 212 ++
481 lib/extension-deflate-frame.c | 132 +-
482 lib/extension-deflate-stream.c | 12 +-
483 lib/extension-x-google-mux.c | 1223 ----------
484 lib/extension-x-google-mux.h | 96 -
485 lib/extension.c | 8 -
486 lib/getifaddrs.c | 271 +++
487 lib/getifaddrs.h | 76 +
488 lib/handshake.c | 582 +----
489 lib/libwebsockets.c | 2493 ++++++---------------
490 lib/libwebsockets.h | 115 +-
492 lib/minilex.c | 440 ++++
493 lib/output.c | 628 ++++++
494 lib/parsers.c | 2016 +++++------------
495 lib/private-libwebsockets.h | 284 +--
496 lib/server-handshake.c | 275 +++
497 lib/server.c | 377 ++++
498 libwebsockets-api-doc.html | 300 +--
500 test-server/Makefile.am | 111 +-
501 test-server/libwebsockets.org-logo.png | Bin 0 -> 7029 bytes
502 test-server/test-client.c | 45 +-
503 test-server/test-echo.c | 330 +++
504 test-server/test-fraggle.c | 20 +-
505 test-server/test-ping.c | 22 +-
506 test-server/test-server-extpoll.c | 554 -----
507 test-server/test-server.c | 349 ++-
508 test-server/test.html | 3 +-
509 win32port/zlib/ZLib.vcxproj | 749 ++++---
510 win32port/zlib/ZLib.vcxproj.filters | 188 +-
511 win32port/zlib/adler32.c | 348 ++-
512 win32port/zlib/compress.c | 160 +-
513 win32port/zlib/crc32.c | 867 ++++----
514 win32port/zlib/crc32.h | 882 ++++----
515 win32port/zlib/deflate.c | 3799 +++++++++++++++-----------------
516 win32port/zlib/deflate.h | 688 +++---
517 win32port/zlib/gzclose.c | 50 +-
518 win32port/zlib/gzguts.h | 325 ++-
519 win32port/zlib/gzlib.c | 1157 +++++-----
520 win32port/zlib/gzread.c | 1242 ++++++-----
521 win32port/zlib/gzwrite.c | 1096 +++++----
522 win32port/zlib/infback.c | 1272 ++++++-----
523 win32port/zlib/inffast.c | 680 +++---
524 win32port/zlib/inffast.h | 22 +-
525 win32port/zlib/inffixed.h | 188 +-
526 win32port/zlib/inflate.c | 2976 +++++++++++++------------
527 win32port/zlib/inflate.h | 244 +-
528 win32port/zlib/inftrees.c | 636 +++---
529 win32port/zlib/inftrees.h | 124 +-
530 win32port/zlib/trees.c | 2468 +++++++++++----------
531 win32port/zlib/trees.h | 256 +--
532 win32port/zlib/uncompr.c | 118 +-
533 win32port/zlib/zconf.h | 934 ++++----
534 win32port/zlib/zlib.h | 3357 ++++++++++++++--------------
535 win32port/zlib/zutil.c | 642 +++---
536 win32port/zlib/zutil.h | 526 ++---
537 69 files changed, 19556 insertions(+), 20145 deletions(-)
542 - libwebsockets_serve_http_file() now takes a context as first argument
544 - libwebsockets_get_peer_addresses() now takes a context and wsi as first
551 - lwsl_...() logging apis, default to stderr but retargetable by user code;
552 may be used also by user code
554 - lws_set_log_level() set which logging apis are able to emit (defaults to
555 notice, warn, err severities), optionally set the emit callback
557 - lwsl_emit_syslog() helper callback emits to syslog
559 - lws_daemonize() helper code that forks the app into a headless daemon
560 properly, maintains a lock file with pid in suitable for sysvinit etc to
563 - LWS_CALLBACK_HTTP_FILE_COMPLETION callback added since http file
564 transfer is now asynchronous (see test server code)
566 - lws_frame_is_binary() from a wsi pointer, let you know if the received
567 data was sent in BINARY mode
573 - libwebsockets_fork_service_loop() - no longer supported (had intractable problems)
574 arrange your code to act from the user callback instead from same
575 process context as the service loop
577 - libwebsockets_broadcast() - use libwebsocket_callback_on_writable[_all_protocol]()
578 instead from same process context as the service loop. See the test apps
581 - x-google-mux() removed until someone wants it
583 - pre -v13 (ancient) protocol support removed
589 - echo test server and client compatible with echo.websocket.org added
591 - many new configure options (see README.build) to reduce footprint of the
592 library to what you actually need, eg, --without-client and
595 - http + websocket server can build to as little as 12K .text for ARM
597 - no more MAX_CLIENTS limitation; adapts to support the max number of fds
598 allowed to the process by ulimit, defaults to 1024 on Fedora and
599 Ubuntu. Use ulimit to control this without needing to configure
600 the library. Code here is smaller and faster.
602 - adaptive ratio of listen socket to connection socket service allows
603 good behaviour under Apache ab test load. Tested with thousands
604 of simultaneous connections
606 - reduction in per-connection memory footprint by moving to a union to hold
607 mutually-exclusive state for the connection
609 - robustness: Out of Memory taken care of for all allocation code now
611 - internal getifaddrs option if your toolchain lacks it (some uclibc)
613 - configurable memory limit for deflate operations
615 - improvements in SSL code nonblocking operation, possible hang solved,
616 some SSL operations broken down into pollable states so there is
617 no library blocking, timeout coverage for SSL_connect
619 - extpoll test server merged into single test server source
621 - robustness: library should deal with all recoverable socket conditions
623 - rx flowcontrol for backpressure notification fixed and implmeneted
624 correctly in the test server
626 - optimal lexical parser added for header processing; all headers in a
627 single 276-byte state table
629 - latency tracking api added (configure --with-latency)
631 - Improved in-tree documentation, REAME.build, README.coding,
632 README.test-apps, changelog
637 v1.0-chrome25-firefox17 (6cd1ea9b005933f)