X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=changelog;h=e1f4830636b4f567ee54da128fb1bf784118f713;hb=refs%2Fheads%2Fupstream;hp=3142d559be8c4a01875e7cf896377765d34aa081;hpb=cd0c696a0d879f66c8142ace0619b944efd08915;p=platform%2Fupstream%2Flibwebsockets.git diff --git a/changelog b/changelog index 3142d55..e1f4830 100644 --- a/changelog +++ b/changelog @@ -1,1453 +1,730 @@ Changelog --------- -Fixes ------ - -1) MAJOR (Windows-only) fix assert firing - -2) MAJOR http:/1.1 connections handled by lws_return_http_status() did not -get sent a content-length resulting in the link hanging until the peer closed -it. attack.sh updated to add a test for this. - -3) MINOR An error about hdr struct in _lws_ws_related is corrected, it's not -known to affect anything until after it was fixed - -4) MINOR During the close shutdown wait state introduced at v1.7, if something -requests callback on writeable for the socket it will busywait until the -socket closes - -5) MAJOR Although the test server has done it for a few versions already, it -is now required for the user code to explicitly call - - if (lws_http_transaction_completed(wsi)) - return -1; +v4.3.0 +====== -when it finishes replying to a transaction in http. Previously the library -did it for you, but that disallowed large, long transfers with multiple -trips around the event loop (and cgi...). + - Add full CBOR stream parsing and writing support, with huge + amount of test vectors and resumable printf type write apis + See ./READMEs/README.cbor-lecp.md + - Add COSE key and signing / validation support with huge amount of + test vectors + cose_sign[1] ES256/384/512, RS256/384/512 + cose_mac0 HS256/384/512 + See ./READMEs/README.cbor-cose.md + - JIT Trust: for constrained devices, provides a way to determine the + trusted CA certs the peer requires, and instantiate just those. + This allows generic client browsing without the overhead of ~130 + x.509 CA certs in memory permanently. + See ./READMEs/README.jit-trust.md + - Add support for client Netscape cookie jar with caching + - Secure Streams: issue LWSSSCS_EVENT_WAIT_CANCELLED state() when + lws_cancel_service() called, so cross-thread events can be handled + in SS + - Actively assert() on attempt to destroy SS handles still active in + the call stack, use DESTROY_ME returns instead so caller can choose + how to handle it. + - Improved Client Connection Error report strings for tls errors + - SMP: Use a private fakewsi for PROTOCOL_INIT so pts cannot try to + use the same one concurrently + - MbedTLS v3 support for all release changes, as well as retaining + support for v2.x + - MQTT client: support QoS2 + - Event lib ops can now be set at context creation time directly, + bringing full event lib hooking to custom event loops. See + minimal-http-server-eventlib-custom + - Extra APIs to recover AKID and SKID from x.509 in mbedtls and openssl + - Improve http redirect to handle h2-> h2 cleanly + - IPv4+6 listen sockets on vhosts are now done with two separate + sockets bound individually to AF_INET and AF_INET6 addresses, + handled by the same vhost listen flow. + - Improved tls restriction handling + - Log contexts: allow objects to log into local logging contexts, by + lws_context, vhost, wsi and ss handle. Each context has its own + emit function and log level. See ./READMEs/README.logging.md + - Upgrade compiler checking to default to -Werror -Wall -Wextra + - Fault injection apis now also support pseudo-random number binding + within a specified range, eg, + --fault-injection "f1(10%),f1_delay(123..456)" + - Remove LWS_WITH_DEPRECATED_THINGS, remove master branch + - Interface binding now uses ipv6 scoring to select bind address + +v4.2.0 +====== -6) MAJOR connections on ah waiting list that closed did not get removed from -the waiting list... + - Sai coverage upgrades, 495 builds on 27 platforms, including OSX M1, + Xenial, Bionic and Focal Ubuntu, Debian Sid and Buster on both 32 and + 64-bit OS, and NetBSD, Solaris, FreeBSD, Windows, ESP32. + Ctest run on more scenarios including all LWS_WITH_DISTRO_RECOMMENDED. + More tests use valgrind if available on platform. + - RFC7231 date and time parsing and retry-after wired up to lws_retry + - `LWS_WITH_SUL_DEBUGGING` checks that no sul belonging to Secure Streams + and wsi objects are left registered on destruction + - Netlink monitoring on Linux dynamically tracks interface address and + routing changes, and immediately closes connections on invalidated + routes. + - RFC6724 DNS results sorting over ipv4 + ipv6 results, according to + available dynamic route information + - Support new event library, sdevent (systemd native loop), via + `LWS_WITH_SDEVENT` + - Reduce .rodata cost of role structs by making them sparse + - Additional Secure Streams QA tests and runtime state transition + validation + - SMD-over-ss-proxy documentation and helpers to simplify forwarding + - SSPC stream buffering at proxy and client set from policy by streamtype + - Trigger Captive Portal Detection if DNS resolution fails + - Switch all logs related to wsi and Secure Streams to use unique, + descriptive tags instead of pointers (which may be reallocated) + - Use NOITCE logging for Secure Streams and wsi lifecycle logging using + tags + - Update SSPC serialization to include versioning on initial handshake, + and pass client pid to proxy so related objects are tagged with it + - Enable errors on -Wconversion pedantic type-related build issues + throughout the lws sources and upgrade every affected cast. + - Windows remove WSA event implementation and replace with WSAPoll, with + a pair of UDP sockets instead of pipe() for `lws_cancel_service()` + - `lws_strcmp_wildcard()` helper that understand "x*", "x*y", "x*y*" etc + - `LWS_WITH_PLUGINS_BUILTIN` cmake option just builds plugins into the main + library image directly + - Secure Streams proxy supports policy for flow control between proxy and + clients + - libressl also supported along with boringssl, wolfssl + - prepared for openssl v3 compatibility, for main function and GENCRYPTO + - Fault injection apis can confirm operation of 48 error paths and counting + - `LWS_WITH_SYS_METRICS` keeps stats and reports them to user-defined + function, compatible with openmetrics + - windows platform knows how to prepare openssl with system trust store certs + - `LWS_WITH_SYS_CONMON` allows selected client connections to make precise + measurements of connection performance and DNS results, and report them in a struct + - New native support for uloop event loop (OpenWRT loop) + - More options around JWT + - Support TLS session caching and reuse by default, on both OpenSSL and + mbedtls + - Many fixes and improvements... + +v4.1.0 +====== -7) MAJOR since we added the ability to hold an ah across http keepalive -transactions where more headers had already arrived, we broke the ability -to tell if more headers had arrived. Result was if the browser didn't -close the keepalive, we retained ah for the lifetime of the keepalive, -using up the pool. + - NEW: travis / appveyor / bintray are replaced by Sai + https://libwebsockets.org/sai/ which for lws currently does 193 builds per + git push on 16 platforms, all self-hosted. The homebrew bash scripts used + to select Minimal examples are replaced by CTest. Platforms currently + include Fedora/AMD/GCC, Windows/AMD/mingw32, Windows/AMD/mingw64, Android/ + aarch64/LLVM, esp-idf (on WROVER-KIT and HELTEC physical boards), Fedora/ + RISCV (on QEMU)/GCC, CentOS8/AMD/GCC, Gentoo/AMD/GCC, Bionic/AMD/GCC, + Linkit 7697, Focal/AMD/GCC, Windows (on QEMU)/AMD/MSVC, + Focal/aarch64-RPI4/GCC, iOS/aarch64/LLVM and OSX/AMD/LLVM. + + - NEW: The single CMakeLists.txt has been refactored and modernized into smaller + CMakeLists.txt in the subdirectory along with the code that is being managed + for build by it. Build options are still listed in the top level as before + but the new way is much more maintainable. + + - NEW: event lib support on Unix is now built into dynamically loaded plugins + and brought in at runtime, allowing all of the support to be built in + isolation without conflicts, and separately packaged with individual + dependencies. See ./READMEs/event-libs.md for details and how to force + the old static build into lws method. + + - NEW: Captive Portal Detection. Lws can determine if the active default + route is able to connect to the internet, or is in a captive portal type + situation, by trying to connect to a remote server that will respond in an + unusual way, like provide a 204. + + - NEW: Secure streams: Support system trust store if it exists + Build on Windows + Support lws raw socket protocol in SS + Support Unix Domain Socket transport + + - NEW: Windows: Support Unix Domain Sockets same as other platforms + + - NEW: Windows: Build using native pthreads, async dns, ipv6 on MSVC + + - NEW: lws_struct: BLOB support + + - NEW: lws_sul: Now provides two sorted timer domains, a default one as + before, and another whose scheduled events are capable to wake the system from suspend + + - NEW: System Message Distribution: lws_smd provides a very lightweight way + to pass short messages between subsystems both in RTOS type case where the + subsystems are all on the lws event loop, and in the case participants are in + different processes, using Secure Streams proxying. Participants register a bitmap + of message classes they care about; if no particpant cares about a particular message, + it is rejected at allocation time for the sender, making it cheap to provide messages + speculatively. See lib/system/smd/README.md for full details. + + - NEW: lws_drivers: wrappers for SDK driver abstractions (or actual drivers) + See lib/drivers/README.md, example implementations + minimal-examples/embedded/esp32/esp-wrover-kit + - generic gpio + - generic LED (by name) lib/drivers/led/README.md + - generic PWM, sophisticated interpolated table + sequencers with crossfade + - generic button (by name), with debounce and press classification + emitting rich SMD click, long-click, double-click, + down, repeat, up JSON messages + lib/drivers/button/README.md + - bitbang i2c on generic gpio (hw support can use same + abstract API) + - bitbang spi on generic gpio (hw support can use same + abstract API) + - generic display object, can be wired up to controller + drivers that hook up by generic i2c or spi, + generic backlight PWM sequencing and + blanking timer support + - generic settings storage: get and set blobs by name + - generic network device: netdev abstract class with + WIFI / Ethernet implementations + using underlying SDK APIs; + generic 80211 Scan managements + and credentials handling via + lws_settings + This is the new way to provide embedded platform + functionality that was in the past done like + esp32-factory. Unlike the old way, the new way has no + native apis in it and can be built on other SDK / SoCs + the same. + + - NEW: Security-aware JWS JWT (JSON Web Tokens) apis are provided on top of the existing + JOSE / JWS apis. All the common algorithms are available along with some + high level apis like lws http cookie -> JWT struct -> lws http cookie. + + - REMOVED: esp32-helper and friends used by esp32-factory now lws_drivers + exists + + - REMOVED: generic sessions and friends now JWT is provided + +v4.0.0 +====== -8) MAJOR windows-only-POLLHUP was not coming + - NEW: Lws is now under the MIT license, see ./LICENSE for details + + - NEW: GLIB native event loop support, lws + gtk example -9) Client should not send ext hdr if no exts + - NEW: native lws MQTT client... supports client stream binding like h2 when + multiple logical connections are going to the same endpoint over MQTT, they + transparently and independently share the one connection + tls tunnel + + - NEW: "Secure Streams"... if you are making a device with client connections + to the internet or cloud, this allows separation of the communications + policy (endpoints, tls cert validation, protocols, etc) from the code, with + the goal you can combine streams, change protocols and cloud provision, and + reflect that in the device's JSON policy document without having to change + any code. + + - NEW: lws_system: New lightweight and efficient Asynchronous DNS resolver + implementation for both A and AAAA records, supports recursive (without + recursion in code) lookups, caching, and getaddrinfo() compatible results + scheme (from cache directly without per-consumer allocation). Able to + perform DNS lookups without introducing latency in the event loop. + + - NEW: lws_system: ntpclient implementation with interface for setting system + time via lws_system ops + + - NEW: lws_system: dhcpclient implementation + + - NEW: Connection validity tracking, autoproduce PING/PONG for protocols that + support it if not informed that the connection has passed data in both + directions recently enough -Changes -------- + - NEW: lws_retry: standardized exponential backoff and retry timing based + around backoff table and lws_sul -1) MINOR test-server gained some new switches + - NEW: there are official public helpers for unaligned de/serialization of all + common types, see eh, lws_ser_wu16be() in include/libwebsockets/lws-misc.h - -C use external SSL cert file - -K use external SSL key file - -A use external SSL CA cert file + - NEW: lws_tls_client_vhost_extra_cert_mem() api allows attaching extra certs + to a client vhost from DER in memory - -u set effective uid - -g set effective gid - -together you can use them like this to have the test-server work with the -usual purchased SSL certs from an official CA. + - NEW: lws_system: generic blobs support passing auth tokens, per-connection + client certs etc from platform into lws - --ssl -C your.crt -K your.key -A your.cer -u 99 -g 99 + - NEW: public helpers to consume and produce ipv4/6 addresses in a clean way, + along with lws_sockaddr46 type now public. See eg, lws_sockaddr46-based + lws_sa46_parse_numeric_address(), lws_write_numeric_address() + in include/libwebsockets/lws-network-helper.h -2) MINOR the OpenSSL magic to setup ECDH cipher usage is implemented in the -library, and the ciphers restricted to use ECDH only. -Using this, the lws test server can score an A at SSLLABS test - -3) MINOR STS (SSL always) header is added to the test server if you use --ssl. With -that, we score A+ at SSLLABS test - -4) MINOR daemonize function (disabled at cmake by default) is updated to work -with systemd - -5) MINOR example systemd .service file now provided for test server -(not installed by default) + - Improved client redirect handling, h2 compatibility + + - NEW: lwsac: additional features for constant folding support (strings that + already are in the lwsac can be pointed to without copying again), backfill + (look for gaps in previous chunks that could take a new use size), and + lwsac_extend() so last use() can attempt to use more unallocated chunk space -6) test server html is updated with tabs and a new live server monitoring -feature. Input sanitization added to the js. + - NEW: lws_humanize: apis for reporting scalar quanties like 1234 as "1.234KB" + with the scaled symbol strings passed in by caller -7) client connections attempted when no ah is free no longer fail, they are -just deferred until an ah becomes available. + - NEW: freertos: support lws_cancel_service() by using UDP pair bound to lo, + since it doesn't have logical pipes -8) The test client pays attention to if you give it an http:/ or https:// -protocol string to its argument in URL format. If so, it stays in http[s] -client mode and doesn't upgrade to ws[s], allowing you to do generic http client -operations. Receiving transfer-encoding: chunked is supported. + - NEW: "esp32" plat, which implemented freertos plat compatibility on esp32, is + renamed to "freertos" plat, targeting esp32 and other freertos platforms -9) If you enable -DLWS_WITH_HTTP_PROXY=1 at cmake, the test server has a -new URI path http://localhost:7681/proxytest If you visit here, a client -connection to http://example.com:80 is spawned, and the results piped on -to your original connection. + - NEW: base64 has an additional api supporting stateful decode, where the input + is not all in the same place at the same time and can be processed + incrementally -10) Also with LWS_WITH_HTTP_PROXY enabled at cmake, lws wants to link to an -additional library, "libhubbub". This allows lws to do html rewriting on the -fly, adjusting proxied urls in a lightweight and fast way. + - NEW: lws ws proxy: support RFC8441 + + - NEW: lws_spawn_piped apis: generic support for vforking a process with child + wsis attached to its stdin, stdout and stderr via pipes. When processes are + reaped, a specified callback is triggered. Currently Linux + OSX. + + - NEW: lws_fsmount apis: Linux-only overlayfs mount and unmount management for + aggregating read-only layers with disposable, changeable upper layer fs -11) There's a new context creation flag LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT, -this is included automatically if you give any other SSL-related option flag. -If you give no SSL-related option flag, nor this one directly, then even -though SSL support may be compiled in, it is never initialized nor used for the -whole lifetime of the lws context. + - Improvements for RTOS / small build case bring the footprint of lws v4 below + that of v3.1 on ARM + + - lws_tokenize: flag specifying # should mark rest of line as comment -Conversely in order to prepare the context to use SSL, even though, eg, you -are not listening on SSL but will use SSL client connections later, you must -give this flag explicitly to make sure SSL is initialized. + - NEW: minimal example for integrating libasound / alsa via raw file + - lws_struct: sqlite and json / lejp translation now usable -User API additions ------------------- -1) MINOR APIBREAK There's a new member in struct lws_context_creation_info, ecdh_curve, -which lets you set the name of the ECDH curve OpenSSL should use. By -default (if you leave ecdh_curve NULL) it will use "prime256v1" +v3.2.0 +====== -2) MINOR NEWAPI It was already possible to adopt a foreign socket that had not -been read from using lws_adopt_socket() since v1.7. Now you can adopt a -partially-used socket if you don't need SSL, by passing it what you read -so it can drain that before reading from the socket. + - This is the last planned release under LGPLv2+SLE. It's not planned to be + maintained like previous releases, please switch to master for the latest + stuff or continue to use v3.1-stable until the next release under the + new MIT license. -LWS_VISIBLE LWS_EXTERN struct lws * -lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd, - const char *readbuf, size_t len); + - NEW: completely refactored scheduler with a unified, sorted us-resolution + linked-list implementation. All polled checks like timeout are migrated + to use the new timers, which also work on the event lib implementations. + Faster operation, us-resolution timeouts and generic scheduled callbacks + from the event loop. -3) MINOR NEWAPI CGI type "network io" subprocess execution is now possible from -a simple api. + - NEW: lws_dsh specialized buffer memory allocator that can borrow space + from other cooperating buffers on the same list. -LWS_VISIBLE LWS_EXTERN int -lws_cgi(struct lws *wsi, char * const *exec_array, int script_uri_path_len, - int timeout_secs); + - NEW: lws_sequencer allows managing multi-connection processes and + retries -LWS_VISIBLE LWS_EXTERN int -lws_cgi_kill(struct lws *wsi); + - NEW: memory buffer cert support -To use it, you must first set the cmake option + - NEW: LWS_WITH_NETWORK in CMake... can be configured without any network- + related code at all -$ cmake .. -DLWS_WITH_CGI=1 + - NEW: builds on QNX 6.5 and SmartOS -See test-server-http.c and test server path + - NEW: JOSE / JWK / JWS / JWE support, for all common ciphers and algs, + works on OpenSSL and mbedtls backends -http://localhost:7681/cgitest + - NEW: gencrypto now has genaes and genec in addition to genrsa, works + on OpenSSL and mbedtls backends -stdin gets http body, you can test it with wget + - NEW: raw_proxy role -$ echo hello > hello.txt -$ wget http://localhost:7681/cgitest --post-file=hello.txt -O- --quiet -lwstest script -read="hello" + - NEW: Basic Auth works on ws connections -The test script returns text/html table showing /proc/meminfo. But the cgi -support is complete enough to run cgit cgi. + - CHANGE: REMOVED: LWS_WITH_GENRSA, LWS_WITH_GENHASH, LWS_WITH_GENEC, + LWS_WITH_GENAES have all been removed and combined into LWS_WITH_GENCRYPTO -4) There is a helper api for forming logging timestamps + - CHANGE: REMOVED: LWS_WITH_JWS, LWS_WITH_JWE have been removed and combined + into LWS_WITH_JOSE -LWS_VISIBLE int -lwsl_timestamp(int level, char *p, int len) +v3.1.0 +====== -this generates this kind of timestamp for use as logging preamble + - CHANGE: REMOVED: lws_client_connect() and lws_client_connect_extended() + compatibility apis for lws_client_connect_via_info() have been marked as + deprecated for several versions and are now removed. Use + lws_client_connect_via_info() directly instead. + + - CHANGE: CMAKE: + - LWS_WITH_HTTP2: now defaults ON + + - CHANGE: Minimal examples updated to use Content Security Policy best + practices, using + `LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE` vhost + option flag and disabling of inline style and scripts. A side-effect of + this is that buffers used to marshal headers have to be prepared to take + more content than previously... LWS_RECOMMENDED_MIN_HEADER_SPACE (2048 + currently) is available for user (and internal) use to logically tie the + buffer size to this usecase (and follow future increases). + + - NEW: CMAKE + - LWS_FOR_GITOHASHI: sets various cmake options suitable for gitohashi + - LWS_WITH_ASAN: for Linux, enable build with ASAN + + Don't forget LWS_WITH_DISTRO_RECOMMENDED, which enables a wide range of lws + options suitable for a distro build of the library. + + - NEW: lws threadpool - lightweight pool of pthreads integrated to lws wsi, with + all synchronization to event loop handled internally, queue for excess tasks + [threadpool docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/threadpool) + [threadpool minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/ws-server/minimal-ws-server-threadpool) + Cmake config: `-DLWS_WITH_THREADPOOL=1` + + - NEW: libdbus support integrated on lws event loop + [lws dbus docs](https://libwebsockets.org/git/libwebsockets/tree/lib/roles/dbus) + [lws dbus client minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-client) + [lws dbus server minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-server) + Cmake config: `-DLWS_ROLE_DBUS=1` + + - NEW: lws allocated chunks (lwsac) - helpers for optimized mass allocation of small + objects inside a few larger malloc chunks... if you need to allocate a lot of + inter-related structs for a limited time, this removes per-struct allocation + library overhead completely and removes the need for any destruction handling + [lwsac docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/lwsac) + [lwsac minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lwsac) + Cmake Config: `-DLWS_WITH_LWSAC=1` + + - NEW: lws tokenizer - helper api for robustly tokenizing your own strings without + allocating or adding complexity. Configurable by flags for common delimiter + sets and comma-separated-lists in the tokenizer. Detects and reports syntax + errors. + [lws_tokenize docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-tokenize.h) + [lws_tokenize minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lws_tokenize) + + - NEW: lws full-text search - optimized trie generation, serialization, + autocomplete suggestion generation and instant global search support extensible + to huge corpuses of UTF-8 text while remaining super lightweight on resources. + [full-text search docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/fts) + [full-text search minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-fts) + [demo](https://libwebsockets.org/ftsdemo/) + [demo sources](https://libwebsockets.org/git/libwebsockets/tree/plugins/protocol_fulltext_demo.c) + Cmake config: `-DLWS_WITH_FTS=1 -DLWS_WITH_LWSAC=1` + + - NEW: gzip + brotli http server-side compression - h1 and h2 automatic advertising + of server compression and application to files with mimetypes "text/*", + "application/javascript" and "image/svg.xml". + Cmake config: `-DLWS_WITH_HTTP_STREAM_COMPRESSION=1`, `-DLWS_WITH_HTTP_BROTLI=1` + + - NEW: managed disk cache - API for managing a directory containing cached files + with hashed names, and automatic deletion of LRU files once the cache is + above a given limit. + [lws diskcache docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-diskcache.h) + Cmake config: `-DLWS_WITH_DISKCACHE=1` + + - NEW: http reverse proxy - lws mounts support proxying h1 or h2 requests to + a local or remote IP, or unix domain socket over h1. This allows microservice + type architectures where parts of the common URL space are actually handled + by external processes which may be remote or on the same machine. + [lws gitohashi serving](https://libwebsockets.org/git/) is handled this way. + CMake config: `-DLWS_WITH_HTTP_PROXY=1` + + - NEW: lws_buflist - internally several types of ad-hoc malloc'd buffer have + been replaced by a new, exported api `struct lws_buflist`. This allows + multiple buffers to be chained and drawn down in strict FIFO order. + + - NEW: In the case of h1 upgrade, the connection header is checked to contain + "upgrade". The vhost flag LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK + also causes the Host: header to be confirmed to match the vhost name and + listen port. + + - NEW: If no 404 redirect for `lws_return_http_status()` is specified for the vhost, + the status page produced will try to bring in a stylesheet `/error.css`. This allows + you to produce styled 404 or other error pages with logos, graphics etc. See + https://libwebsockets.org/git/badrepo for an example of what you can do with it. -lwsts[13116]: [2016/01/25 14:52:52:8386] NOTICE: Initial logging level 7 +v3.0.0 +====== -5) struct lws_client_connect_info has a new member + - CHANGE: Clients used to call LWS_CALLBACK_CLOSED same as servers... + LWS_CALLBACK_CLIENT_CLOSED has been introduced and is called for clients + now. + + - CHANGE: LWS_CALLBACK_CLIENT_CONNECTION_ERROR used to only be directed at + protocols[0]. However in many cases, the protocol to bind to was provided + at client connection info time and the wsi bound accordingly. In those + cases, CONNECTION_ERROR is directed at the bound protocol, not protcols[0] + any more. - const char *method + - CHANGE: CMAKE: the following cmake defaults have changed with this version: -If it's NULL, then everything happens as before, lws_client_connect_via_info() -makes a ws or wss connection to the address given. - -If you set method to a valid http method like "GET", though, then this method -is used and the connection remains in http[s], it's not upgraded to ws[s]. - -So with this, you can perform http[s] client operations as well as ws[s] ones. - -There are 4 new related callbacks - - LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP = 44, - LWS_CALLBACK_CLOSED_CLIENT_HTTP = 45, - LWS_CALLBACK_RECEIVE_CLIENT_HTTP = 46, - LWS_CALLBACK_COMPLETED_CLIENT_HTTP = 47, - -6) struct lws_client_connect_info has a new member - - const char *parent_wsi + - LWS_WITH_ZIP_FOPS: now defaults OFF + - LWS_WITH_RANGES: now defaults OFF + - LWS_WITH_ZLIB: now defaults OFF + - LWS_WITHOUT_EXTENSIONS: now defaults ON + + - CHANGE: REMOVED: lws_alloc_vfs_file() (read a file to malloc buffer) -if non-NULL, the client wsi is set to be a child of parent_wsi. This ensures -if parent_wsi closes, then the client child is closed just before. - -7) If you're using SSL, there's a new context creation-time option flag -LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS. If you give this, non-ssl -connections to the server listen port are accepted and receive a 301 -redirect to / on the same host and port using https:// - -New application lwsws ---------------------- - -A libwebsockets-based general webserver is built by default now, lwsws. + - CHANGE: REMOVED: lws_read() (no longer useful outside of lws internals) + + - CHANGE: REMOVED: ESP8266... ESP32 is now within the same price range and much + more performant + + - CHANGE: soname bump... don't forget to `ldconfig` + + - NEW: all event libraries support "foreign" loop integration where lws itself + if just a temporary user of the loop unrelated to the actual loop lifecycle. + + See `minimal-http-server-eventlib-foreign` for example code demonstrating + this for all the event libraries. + + Internal loop in lws is also supported and demonstrated by + `minimal-http-server-eventlib`. + + - NEW: ws-over-h2 support. This is a new RFC-on-the-way supported by Chrome + and shortly firefox that allows ws connections to be multiplexed back to the + server on the same tcp + tls wrapper h2 connection that the html and scripts + came in on. This is hugely faster that discrete connections. + + - NEW: UDP socket adoption and related event callbacks + + - NEW: Multi-client connection binding, queuing and pipelining support. + + Lws detects multiple client connections to the same server and port, and + optimizes how it handles them according to the server type and provided + flags. For http/1.0, all occur with individual parallel connections. For + http/1.1, you can enable keepalive pipelining, so the connections occur + sequentially on a single network connection. For http/2, they all occur + as parallel streams within a single h2 network connection. + + See minimal-http-client-multi for example code. + + - NEW: High resolution timer API for wsi, get a callback on your wsi with + LWS_CALLBACK_TIMER, set and reset the timer with lws_set_timer_usecs(wsi, us) + Actual resolution depends on event backend. Works with all backends, poll, + libuv, libevent, and libev. + + - NEW: Protocols can arrange vhost-protocol instance specific callbacks with + second resolution using `lws_timed_callback_vh_protocol()` + + - NEW: ACME client plugin for self-service TLS certificates + + - NEW: RFC7517 JSON Web Keys RFC7638 JWK thumbprint, and RFC7515 JSON Web + signatures support + + - NEW: lws_cancel_service() now provides a generic way to synchronize events + from other threads, which appear as a LWS_CALLBACK_EVENT_WAIT_CANCELLED + callback on all protocols. This is compatible with all the event libraries. + + - NEW: support BSD poll() where changes to the poll wait while waiting are + undone. + + - NEW: Introduce generic hash, hmac and RSA apis that operate the same + regardless of OpenSSL or mbedTLS tls backend + + - NEW: Introduce X509 element query api that works the same regardless of + OpenSSL or mbedTLS tls backend + + - NEW: Introduce over 30 "minimal examples" in ./minimal-examples... these + replace most of the old test servers + + - test-echo -> minimal-ws-server-echo and minimal-ws-client-echo -It's configured by JSON, by default in + - test-server-libuv / -libevent / -libev -> + minimal-https-server-eventlib / -eventlib-foreign / -eventlib-demos - /etc/lwsws/conf + - test-server-v2.0 -> folded into all the minimal servers -which contains global lws context settings like this + - test-server direct http serving -> minimal-http-server-dynamic + + The minimal examples allow individual standalone build using their own + small CMakeLists.txt. + + - NEW: lws now detects any back-to-back writes that did not go through the + event loop inbetween and reports them. This will flag any possibility of + failure rather than wait until the problem happens. + + - NEW: CMake has LWS_WITH_DISTRO_RECOMMENDED to select features that are + appropriate for distros + + - NEW: Optional vhost URL `error_document_404` if given causes a redirect there + instead of serve the default 404 page. + + - NEW: lws_strncpy() wrapper guarantees NUL in copied string even if it was + truncated to fit. + + - NEW: for client connections, local protocol binding name can be separated + from the ws subprotocol name if needed, using .local_protocol_name -{ - "global": { - "uid": "99", - "gid": "99", - "interface": "eth0", - "count-threads": "1" - } -} + - NEW: Automatic detection of time discontiguities + + - NEW: Applies TCP_USER_TIMEOUT for Linux tcp keepalive where available + + - QA: 1600 tests run on each commit in Travis CI, including almost all + Autobahn in client and server mode, various h2load tests, h2spec, attack.sh + the minimal example selftests and others. - /etc/lwsws/conf.d/* + - QA: fix small warnings introduced on gcc8.x (eg, Fedora 28) + + - QA: Add most of -Wextra on gcc (-Wsign-compare, -Wignored-qualifiers, + -Wtype-limits, -Wuninitialized) + + - QA: clean out warnings on windows + + - QA: pass all 146 h2spec tests now on strict + + - QA: introduce 35 selftests that operate different minimal examples against + each other and confirm the results. + + - QA: LWS_WITH_MINIMAL_EXAMPLES allows mass build of all relevant minimal- + examples with the LWS build, for CI and to make all the example binaries + available from the lws build dir ./bin + + - REFACTOR: the lws source directory layout in ./lib has been radically + improved, and there are now README.md files in selected subdirs with extra + documentation of interest to people working on lws itself. -which contains zero or more files describing vhosts, like this + - REFACTOR: pipelined transactions return to the event loop before starting the + next part. + + - REFACTOR: TLS: replace all TLS library constants with generic LWS ones and + adapt all the TLS library code to translate to these common ones. + + Isolated all the tls-related private stuff in `./lib/tls/private.h`, and all + the mbedTLS stuff in `./lib/tls/mbedtls` + openSSL stuff in + `./lib/tls/openssl` + + - REFACTOR: the various kinds of wsi possible with lws have been extracted + from the main code and isolated into "roles" in `./lib/roles` which + communicate with the core code via an ops struct. Everything related to + ah is migrated to the http role. + + wsi modes are eliminated and replaced by the ops pointer for the role the + wsi is performing. Generic states for wsi are available to control the + lifecycle using core code. + + Adding new "roles" is now much easier with the changes and ops struct to + plug into. -{ - "vhosts": [ - { "name": "warmcat.com", - "port": "443", - "host-ssl-key": "/etc/pki/tls/private/warmcat.com.key", - "host-ssl-cert": "/etc/pki/tls/certs/warmcat.com.crt", - "host-ssl-ca": "/etc/pki/tls/certs/warmcat.com.cer", - "mounts": [ - { "/": [ - { "home": "file:///var/www/warmcat.com" }, - { "default": "index.html" } - ] - } - ] - } - ] -} + - REFACTOR: reduce four different kinds of buffer management in lws into a + generic scatter-gather struct lws_buflist. + - REFACTOR: close notifications go through event loop -v1.7.0 +v2.4.0 ====== -Extension Changes ------------------ - -1) There is now a "permessage-deflate" / RFC7692 implementation. It's very -similar to "deflate-frame" we have offered for a long while; deflate-frame is -now provided as an alias of permessage-deflate. - -The main differences are that the new permessage-deflate implementation: - - - properly performs streaming respecting input and output buffer limits. The - old deflate-frame implementation could only work on complete deflate input - and produce complete inflate output for each frame. The new implementation - only mallocs buffers at initialization. - - - goes around the event loop after each input package is processed allowing - interleaved output processing. The RX flow control api can be used to - force compressed input processing to match the rate of compressed output - processing (test--echo shows an example of how to do this). - - - when being "deflate-frame" for compatibility he uses the same default zlib - settings as the old "deflate-frame", but instead of exponentially increasing - malloc allocations until the whole output will fit, he observes the default - input and output chunking buffer sizes of "permessage-deflate", that's - 1024 in and 1024 out at a time. - -2) deflate-stream has been disabled for many versions (for over a year) and is -now removed. Browsers are now standardizing on "permessage-deflate" / RFC7692 - -3) struct lws_extension is simplified, and lws extensions now have a public -api (their callback) for use in user code to compose extensions and options -the user code wants. lws_get_internal_exts() is deprecated but kept around -as a NOP. The changes allow one extension implementation to go by different -names and allows the user client code to control option offers per-ext. - -The test client and server are updated to use the new way. If you use -the old way it should still work, but extensions will be disabled until you -update your code. - -Extensions are now responsible for allocating and per-instance private struct -at instance construction time and freeing it when the instance is destroyed. -Not needing to know the size means the extension's struct can be opaque -to user code. - - -User api additions ------------------- - -1) The info struct gained three new members - - - max_http_header_data: 0 for default (1024) or set the maximum amount of known - http header payload that lws can deal with. Payload in unknown http - headers is dropped silently. If for some reason you need to send huge - cookies or other HTTP-level headers, you can now increase this at context- - creation time. - - - max_http_header_pool: 0 for default (16) or set the maximum amount of http - headers that can be tracked by lws in this context. For the server, if - the header pool is completely in use then accepts on the listen socket - are disabled until one becomes free. For the client, if you simultaneously - have pending connects for more than this number of client connections, - additional connects will fail until some of the pending connections timeout - or complete. - - - timeout_secs: 0 for default (currently 20s), or set the library's - network activity timeout to the given number of seconds - -HTTP header processing in lws only exists until just after the first main -callback after the HTTP handshake... for ws connections that is ESTABLISHED and -for HTTP connections the HTTP callback. - -So these settings are not related to the maximum number of simultaneous -connections, but the number of HTTP handshakes that may be expected or ongoing, -or have just completed, at one time. The reason it's useful is it changes the -memory allocation for header processing to be one-time at context creation -instead of every time there is a new connection, and gives you control over -the peak allocation. - -Setting max_http_header_pool to 1 is fine it will just queue incoming -connections before the accept as necessary, you can still have as many -simultaneous post-header connections as you like. Since the http header -processing is completed and the allocation released after ESTABLISHED or the -HTTP callback, even with a pool of 1 many connections can be handled rapidly. - -2) There is a new callback that allows the user code to get acccess to the -optional close code + aux data that may have been sent by the peer. - -LWS_CALLBACK_WS_PEER_INITIATED_CLOSE: - The peer has sent an unsolicited Close WS packet. @in and - @len are the optional close code (first 2 bytes, network - order) and the optional additional information which is not - defined in the standard, and may be a string or non-human- - readble data. - If you return 0 lws will echo the close and then close the - connection. If you return nonzero lws will just close the - connection. - -As usual not handling it does the right thing, if you're not interested in it -just ignore it. - -The test server has "open and close" testing buttons at the bottom, if you -open and close that connection, on close it will send a close code 3000 decimal -and the string "Bye!" as the aux data. - -The test server dumb-increment callback handles this callback reason and prints - -lwsts[15714]: LWS_CALLBACK_WS_PEER_INITIATED_CLOSE: len 6 -lwsts[15714]: 0: 0x0B -lwsts[15714]: 1: 0xB8 -lwsts[15714]: 2: 0x42 -lwsts[15714]: 3: 0x79 -lwsts[15714]: 4: 0x65 -lwsts[15714]: 5: 0x21 + - HTTP/2 server support is now mature and usable! LWS_WITH_HTTP2=1 enables it. + Uses ALPN to serve HTTP/2, HTTP/1 and ws[s] connections all from the same + listen port seamlessly. (Requires ALPN-capable OpenSSL 1.1 or mbedTLS). -3) There is a new API to allow the user code to control the content of the -close frame sent when about to return nonzero from the user callback to -indicate the connection should close. - -/** - * lws_close_reason - Set reason and aux data to send with Close packet - * If you are going to return nonzero from the callback - * requesting the connection to close, you can optionally - * call this to set the reason the peer will be told if - * possible. - * - * @wsi: The websocket connection to set the close reason on - * @status: A valid close status from websocket standard - * @buf: NULL or buffer containing up to 124 bytes of auxiliary data - * @len: Length of data in @buf to send - */ -LWS_VISIBLE LWS_EXTERN void -lws_close_reason(struct lws *wsi, enum lws_close_status status, - unsigned char *buf, size_t len); - -An extra button is added to the "open and close" test server page that requests -that the test server close the connection from his end. - -The test server code will do so by - - lws_close_reason(wsi, LWS_CLOSE_STATUS_GOINGAWAY, - (unsigned char *)"seeya", 5); - return -1; - -The browser shows the close code and reason he received - -websocket connection CLOSED, code: 1001, reason: seeya - -4) There's a new context creation time option flag - -LWS_SERVER_OPTION_VALIDATE_UTF8 - -if you set it in info->options, then TEXT and CLOSE frames will get checked to -confirm that they contain valid UTF-8. If they don't, the connection will get -closed by lws. - -5) ECDH Certs are now supported. Enable the CMake option - -cmake .. -DLWS_SSL_SERVER_WITH_ECDH_CERT=1 - -**and** the info->options flag - -LWS_SERVER_OPTION_SSL_ECDH - -to build in support and select it at runtime. - -6) There's a new api lws_parse_uri() that simplifies chopping up -https://xxx:yyy/zzz uris into parts nicely. The test client now uses this -to allow proper uris as well as the old address style. - -7) SMP support is integrated into LWS without any internal threading. It's -very simple to use, libwebsockets-test-server-pthread shows how to do it, -use -j argument there to control the number of service threads up to 32. - -Two new members are added to the info struct - - unsigned int count_threads; - unsigned int fd_limit_per_thread; - -leave them at the default 0 to get the normal singlethreaded service loop. - -Set count_threads to n to tell lws you will have n simultaneous service threads -operating on the context. - -There is still a single listen socket on one port, no matter how many -service threads. - -When a connection is made, it is accepted by the service thread with the least -connections active to perform load balancing. - -The user code is responsible for spawning n threads running the service loop -associated to a specific tsi (Thread Service Index, 0 .. n - 1). See -the libwebsockets-test-server-pthread for how to do. - -If you leave fd_limit_per_thread at 0, then the process limit of fds is shared -between the service threads; if you process was allowed 1024 fds overall then -each thread is limited to 1024 / n. - -You can set fd_limit_per_thread to a nonzero number to control this manually, eg -the overall supported fd limit is less than the process allowance. - -You can control the context basic data allocation for multithreading from Cmake -using -DLWS_MAX_SMP=, if not given it's set to 32. The serv_buf allocation -for the threads (currently 4096) is made at runtime only for active threads. - -Because lws will limit the requested number of actual threads supported -according to LWS_MAX_SMP, there is an api lws_get_count_threads(context) to -discover how many threads were actually allowed when the context was created. - -It's required to implement locking in the user code in the same way that -libwebsockets-test-server-pthread does it, for the FD locking callbacks. - -If LWS_MAX_SMP=1, then there is no code related to pthreads compiled in the -library. If more than 1, a small amount of pthread mutex code is built into -the library. - -8) New API - -LWS_VISIBLE struct lws * -lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd) - -allows foreign sockets accepted by non-lws code to be adopted by lws as if they -had just been accepted by lws' own listen socket. - -9) X-Real-IP: header has been added as WSI_TOKEN_HTTP_X_REAL_IP - -10) Libuv support is added, there are new related user apis - -typedef void (lws_uv_signal_cb_t)(uv_loop_t *l, uv_signal_t *w, int revents); - -LWS_VISIBLE LWS_EXTERN int -lws_uv_sigint_cfg(struct lws_context *context, int use_uv_sigint, - lws_uv_signal_cb_t *cb); - -LWS_VISIBLE LWS_EXTERN int -lws_uv_initloop(struct lws_context *context, uv_loop_t *loop, int tsi); - -LWS_VISIBLE void -lws_uv_sigint_cb(uv_loop_t *loop, uv_signal_t *watcher, int revents); - -and CMAKE option - -LWS_WITH_LIBUV - - -User api changes ----------------- - -1) LWS_SEND_BUFFER_POST_PADDING is now 0 and deprecated. You can remove it; if -you still use it, obviously it does nothing. Old binary code with nonzero -LWS_SEND_BUFFER_POST_PADDING is perfectly compatible, the old code just -allocated a buffer bigger than the library is going to use. - -The example apps no longer use LWS_SEND_BUFFER_POST_PADDING. - -The only path who made use of it was sending with LWS_WRITE_CLOSE ---> - -2) Because of lws_close_reason() formalizing handling close frames, -LWS_WRITE_CLOSE is removed from libwebsockets.h. It was only of use to send -close frames...close frame content should be managed using lws_close_reason() -now. - -3) We check for invalid CLOSE codes and complain about protocol violation in -our close code. But it changes little since we were in the middle of closing -anyway. - -4) zero-length RX frames and zero length TX frames are now allowed. - -5) Pings and close used to be limited to 124 bytes, the correct limit is 125 -so that is now also allowed. - -6) LWS_PRE is provided as a synonym for LWS_SEND_BUFFER_PRE_PADDING, either is -valid to use now. - -7) There's generic support for RFC7462 style extension options built into the -library now. As a consequence, a field "options" is added to lws_extension. -It can be NULL if there are no options on the extension. Extension internal -info is part of the public abi because extensions may be implemented outside -the library. - -8) WSI_TOKEN_PROXY enum was accidentally defined to collide with another token -of value 73. That's now corrected and WSI_TOKEN_PROXY moved to his own place at -77. - -9) With the addition of libuv support, libev is not the only event loop -library in town and his api names must be elaborated with _ev_ - - Callback typedef: lws_signal_cb ---> lws_ev_signal_cb_t - lws_sigint_cfg --> lws_ev_sigint_cfg - lws_initloop --> lws_ev_initloop - lws_sigint_cb --> lws_ev_sigint_cb - -10) Libev support is made compatible with multithreaded service, -lws_ev_initloop (was lws_initloop) gets an extra argument for the -thread service index (use 0 if you will just have 1 service thread). - -LWS_VISIBLE LWS_EXTERN int -lws_ev_initloop(struct lws_context *context, ev_loop_t *loop, int tsi); - - -v1.6.0-chrome48-firefox42 -======================= - -Major API improvements ----------------------- - -v1.6.0 has many cleanups and improvements in the API. Although at first it -looks pretty drastic, user code will only need four actions to update it. - - - Do the three search/replaces in your user code, /libwebsocket_/lws_/, - /libwebsockets_/lws_/, and /struct\ libwebsocket/struct\ lws/ - - - Remove the context parameter from your user callbacks - - - Remove context as the first parameter from the "Eleven APIS" listed in the - User Api Changes section - - - Add lws_get_context(wsi) as the first parameter on the "Three APIS" listed - in the User Api Changes section, and anywhere else you still need context - -That's it... generally only a handful of the 14 affected APIs are actually in -use in your user code and you can find them quickest by compiling and visiting -the errors each in turn. And the end results are much cleaner, more -predictable and maintainable. - - -User api additions ------------------- - -1) lws now exposes his internal platform file abstraction in a way that can be -both used by user code to make it platform-agnostic, and be overridden or -subclassed by user code. This allows things like handling the URI "directory -space" as a virtual filesystem that may or may not be backed by a regular -filesystem. One example use is serving files from inside large compressed -archive storage without having to unpack anything except the file being -requested. - -The test server shows how to use it, basically the platform-specific part of -lws prepares a file operations structure that lives in the lws context. - -Helpers are provided to also leverage these platform-independent file handling -apis - -static inline lws_filefd_type -lws_plat_file_open(struct lws *wsi, const char *filename, - unsigned long *filelen, int flags) -static inline int -lws_plat_file_close(struct lws *wsi, lws_filefd_type fd) - -static inline unsigned long -lws_plat_file_seek_cur(struct lws *wsi, lws_filefd_type fd, long offset) - -static inline int -lws_plat_file_read(struct lws *wsi, lws_filefd_type fd, unsigned long *amount, - unsigned char *buf, unsigned long len) - -static inline int -lws_plat_file_write(struct lws *wsi, lws_filefd_type fd, unsigned long *amount, - unsigned char *buf, unsigned long len) - -The user code can also override or subclass the file operations, to either -wrap or replace them. An example is shown in test server. - -A wsi can be associated with the file activity, allowing per-connection -authentication and state to be used when interpreting the file request. - -2) A new API void * lws_wsi_user(struct lws *wsi) lets you get the pointer to -the user data associated with the wsi, just from the wsi. - -3) URI argument handling. Libwebsockets parses and protects URI arguments -like test.html?arg1=1&arg2=2, it decodes %xx uriencoding format and reduces -path attacks like ../.../../etc/passwd so they cannot go behind the web -server's /. There is a list of confirmed attacks we're proof against in -./test-server/attack.sh. - -There is a new API lws_hdr_copy_fragment that should be used now to access -the URI arguments (it returns the fragments length) - - while (lws_hdr_copy_fragment(wsi, buf, sizeof(buf), - WSI_TOKEN_HTTP_URI_ARGS, n) > 0) { - lwsl_info("URI Arg %d: %s\n", ++n, buf); - } - -For the example above, calling with n=0 will return "arg1=1" and n=1 "arg2=2". -All legal uriencodings will have been reduced in those strings. - -lws_hdr_copy_fragment() returns the length of the x=y fragment, so it's also -possible to deal with arguments containing %00. If you don't care about that, -the returned string has '\0' appended to simplify processing. - - -User api changes ----------------- - -1) Three APIS - - - lws_callback_on_writable_all_protocol(const struct lws_protocols *protocol) - - lws_callback_all_protocol(const struct lws_protocols *protocol) - - lws_rx_flow_allow_all_protocol(lws_rx_flow_allow_all_protocol) - -Now take an additional pointer to the lws_context in their first argument. - -The reason for this change is struct lws_protocols has been changed to remove -members that lws used for private storage: so the protocols struct in now -truly const and may be reused serially or simultaneously by different contexts. - -2) Eleven APIs - -LWS_VISIBLE LWS_EXTERN int -lws_add_http_header_by_name(struct lws_context *context, - struct lws *wsi, - const unsigned char *name, - const unsigned char *value, - int length, - unsigned char **p, - unsigned char *end); -LWS_VISIBLE LWS_EXTERN int -lws_finalize_http_header(struct lws_context *context, - struct lws *wsi, - unsigned char **p, - unsigned char *end); -LWS_VISIBLE LWS_EXTERN int -lws_add_http_header_by_token(struct lws_context *context, - struct lws *wsi, - enum lws_token_indexes token, - const unsigned char *value, - int length, - unsigned char **p, - unsigned char *end); -LWS_VISIBLE LWS_EXTERN int -lws_add_http_header_content_length(struct lws_context *context, - struct lws *wsi, - unsigned long content_length, - unsigned char **p, - unsigned char *end); -LWS_VISIBLE LWS_EXTERN int -lws_add_http_header_status(struct lws_context *context, struct lws *wsi, - unsigned int code, unsigned char **p, - unsigned char *end); - -LWS_VISIBLE LWS_EXTERN int -lws_serve_http_file(struct lws_context *context, struct lws *wsi, - const char *file, const char *content_type, - const char *other_headers, int other_headers_len); -LWS_VISIBLE LWS_EXTERN int -lws_serve_http_file_fragment(struct lws_context *context, struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN int -lws_return_http_status(struct lws_context *context, struct lws *wsi, - unsigned int code, const char *html_body); - -LWS_VISIBLE LWS_EXTERN int -lws_callback_on_writable(const struct lws_context *context, struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN void -lws_get_peer_addresses(struct lws_context *context, struct lws *wsi, - lws_sockfd_type fd, char *name, int name_len, - char *rip, int rip_len); - -LWS_VISIBLE LWS_EXTERN int -lws_read(struct lws_context *context, struct lws *wsi, - unsigned char *buf, size_t len); - -no longer require their initial struct lws_context * parameter. - -3) Several older apis start with libwebsocket_ or libwebsockets_ while newer ones -all begin lws_. These apis have been changed to all begin with lws_. - -To convert, search-replace - - - libwebsockets_/lws_ - - libwebsocket_/lws_ - - struct\ libwebsocket/struct\ lws + - LWS_WITH_MBEDTLS=1 at CMake now builds and works against mbedTLS instead of + OpenSSL. Most things work identically, although on common targets where + OpenSSL has acceleration, mbedTLS is many times slower in operation. However + it is a lot smaller codewise. + + - Generic hash apis introduced that work the same on mbedTLS or OpenSSL backend -4) context parameter removed from user callback. - -Since almost all apis no longer need the context as a parameter, it's no longer -provided at the user callback directly. - -However if you need it, for ALL callbacks wsi is valid and has a valid context -pointer you can recover using lws_get_context(wsi). + - LWS_WITH_PEER_LIMITS tracks IPs across all vhosts and allows restrictions on + both the number of simultaneous connections and wsi in use for any single IP + + - lws_ring apis provide a generic single- or multi-tail ringbuffer... mirror + protocol now uses this. Features include ring elements may be sized to fit + structs in the ringbuffer, callback when no tail any longer needs an element + and it can be deleted, and zerocopy options to write new members directly + into the ringbuffer, and use the ringbuffer element by address too. + + - abstract ssh 2 server plugin included, with both plugin and standalone + demos provided. You can bind the plugin to a vhost and also serve full- + strength ssh from the vhost. IO from the ssh server is controlled by an + "ops" struct of callbacks for tx, rx, auth etc. + + - Many fixes, cleanups, source refactors and other improvements. -v1.5-chrome47-firefox41 -======================= +v2.3.0 +====== -User api changes ----------------- + - ESP32 OpenSSL support for client and server -LWS_CALLBACK_CLIENT_CONNECTION_ERROR may provide an error string if in is -non-NULL. If so, the string has length len. + - ESP32 4 x WLAN credential slots may be configured -LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED is available to relax the requirement -for peer certs if you are using the option to require client certs. + - Libevent event loop support -LWS_WITHOUT_BUILTIN_SHA1 cmake option forces lws to use SHA1() defined -externally, eg, byOpenSSL, and disables build of libwebsockets_SHA1() + - SOCKS5 proxy support + - lws_meta protocol for websocket connection multiplexing -v1.4-chrome43-firefox36 -======================= + - lws_vhost_destroy() added... allows dynamic removal of listening + vhosts. Vhosts with shared listen sockets adopt the listen socket + automatically if the owner is destroyed. -User api additions ------------------- + - IPv6 on Windows -There's a new member in the info struct used to control context creation, -ssl_private_key_password, which allows passing into lws the passphrase on -an SSL cetificate + - Improved CGI handling suitable for general CGI scripting, eg, PHP -There's a new member in struct protocols, id, which is ignored by lws but can -be used by the user code to mark the selected protocol by user-defined version -or capabliity flag information, for the case multiple versions of a protocol are -supported. + - Convert even the "old style" test servers to use statically included + plugin sources -int lws_is_ssl(wsi) added to allow user code to know if the connection was made -over ssl or not. If LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT is used, both -ssl and non-ssl connections are possible and may need to be treated differently -in the user code. + - LWS_WITH_STATS cmake option dumps resource usage and timing information + every few seconds to debug log, including latency information about + delay from asking for writeable callback to getting it -int lws_partial_buffered(wsi) added... should be checked after any -libwebsocket_write that will be followed by another libwebsocket_write inside -the same writeable callback. If set, you can't do any more writes until the -writeable callback is called again. If you only do one write per writeable callback, -you can ignore this. + - Large (> 2GB) files may be served -HTTP2-related: HTTP2 changes how headers are handled, lws now has new version- -agnositic header creation APIs. These do the right thing depending on each -connection's HTTP version without the user code having to know or care, except -to make sure to use the new APIs for headers (test-server is updated to use -them already, so look there for examples) - -The APIs "render" the headers into a user-provided buffer and bump *p as it -is used. If *p reaches end, then the APIs return nonzero for error. - -LWS_VISIBLE LWS_EXTERN int -lws_add_http_header_status(struct libwebsocket_context *context, - struct libwebsocket *wsi, - unsigned int code, - unsigned char **p, - unsigned char *end); - -Start a response header reporting status like 200, 500, etc - -LWS_VISIBLE LWS_EXTERN int -lws_add_http_header_by_name(struct libwebsocket_context *context, - struct libwebsocket *wsi, - const unsigned char *name, - const unsigned char *value, - int length, - unsigned char **p, - unsigned char *end); - -Add a header like name: value in HTTP1.x - -LWS_VISIBLE LWS_EXTERN int -lws_finalize_http_header(struct libwebsocket_context *context, - struct libwebsocket *wsi, - unsigned char **p, - unsigned char *end); - -Finish off the headers, like add the extra \r\n in HTTP1.x - -LWS_VISIBLE LWS_EXTERN int -lws_add_http_header_by_token(struct libwebsocket_context *context, - struct libwebsocket *wsi, - enum lws_token_indexes token, - const unsigned char *value, - int length, - unsigned char **p, - unsigned char *end); - -Add a header by using a lws token as the name part. In HTTP2, this can be -compressed to one or two bytes. - - -User api removal ----------------- - -protocols struct member no_buffer_all_partial_tx is removed. Under some -conditions like rewriting extension such as compression in use, the built-in -partial send buffering is the only way to deal with the problem, so turning -it off is deprecated. - - -User api changes ----------------- - -HTTP2-related: API libwebsockets_serve_http_file() takes an extra parameter at -the end now - -int other_headers_len) - -If you are providing other headers, they must be generated using the new -HTTP-version-agnostic APIs, and you must provide the length of them using this -additional parameter. - -struct lws_context_creation_info now has an additional member -SSL_CTX *provided_client_ssl_ctx you may set to an externally-initialized -SSL_CTX managed outside lws. Defaulting to zero keeps the existing behaviour of -lws managing the context, if you memset the struct to 0 or have as a filescope -initialized struct in bss, no need to change anything. - - -v1.3-chrome37-firefox30 -======================= - - .gitignore | 1 - - CMakeLists.txt | 447 +++-- - README.build | 35 +- - README.coding | 14 + - changelog | 66 + - cmake/LibwebsocketsConfig.cmake.in | 17 + - cmake/LibwebsocketsConfigVersion.cmake.in | 11 + - config.h.cmake | 18 + - cross-ming.cmake | 31 + - cross-openwrt-makefile | 91 + - lib/client-handshake.c | 205 ++- - lib/client-parser.c | 58 +- - lib/client.c | 158 +- - lib/context.c | 341 ++++ - lib/extension-deflate-frame.c | 2 +- - lib/extension.c | 178 ++ - lib/handshake.c | 287 +--- - lib/lextable.h | 338 ++++ - lib/libev.c | 175 ++ - lib/libwebsockets.c | 2089 +++-------------------- - lib/libwebsockets.h | 253 ++- - lib/lws-plat-unix.c | 404 +++++ - lib/lws-plat-win.c | 358 ++++ - lib/minilex.c | 530 +++--- - lib/output.c | 445 ++--- - lib/parsers.c | 682 ++++---- - lib/pollfd.c | 239 +++ - lib/private-libwebsockets.h | 501 +++++- - lib/server-handshake.c | 274 +-- - lib/server.c | 858 ++++++++-- - lib/service.c | 517 ++++++ - lib/sha-1.c | 38 +- - lib/ssl-http2.c | 78 + - lib/ssl.c | 571 +++++++ - test-server/attack.sh | 101 +- - test-server/test-client.c | 9 +- - test-server/test-echo.c | 17 +- - test-server/test-fraggle.c | 7 - - test-server/test-ping.c | 12 +- - test-server/test-server.c | 330 ++-- - test-server/test.html | 4 +- - win32port/client/client.vcxproj | 259 --- - win32port/client/client.vcxproj.filters | 39 - - .../libwebsocketswin32.vcxproj.filters | 93 - - win32port/server/server.vcxproj | 276 --- - win32port/server/server.vcxproj.filters | 51 - - win32port/win32helpers/gettimeofday.h | 59 +- - win32port/win32helpers/netdb.h | 1 - - win32port/win32helpers/strings.h | 0 - win32port/win32helpers/sys/time.h | 1 - - win32port/win32helpers/unistd.h | 0 - win32port/win32helpers/websock-w32.c | 104 -- - win32port/win32helpers/websock-w32.h | 62 - - win32port/win32port.sln | 100 -- - win32port/zlib/gzio.c | 3 +- - 55 files changed, 6779 insertions(+), 5059 deletions(-) - - -User api additions ------------------- - -POST method is supported - -The protocol 0 / HTTP callback can now get two new kinds of callback, -LWS_CALLBACK_HTTP_BODY (in and len are a chunk of the body of the HTTP request) -and LWS_CALLBACK_HTTP_BODY_COMPLETION (the expected amount of body has arrived -and been passed to the user code already). These callbacks are used with the -post method (see the test server for details). - -The period between the HTTP header completion and the completion of the body -processing is protected by a 5s timeout. - -The chunks are stored in a malloc'd buffer of size protocols[0].rx_buffer_size. - - -New server option you can enable from user code -LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT allows non-SSL connections to -also be accepted on an SSL listening port. It's disabled unless you enable -it explicitly. - - -Two new callbacks are added in protocols[0] that are optional for allowing -limited thread access to libwebsockets, LWS_CALLBACK_LOCK_POLL and -LWS_CALLBACK_UNLOCK_POLL. - -If you use them, they protect internal and external poll list changes, but if -you want to use external thread access to libwebsocket_callback_on_writable() -you have to implement your locking here even if you don't use external -poll support. - -If you will use another thread for this, take a lot of care about managing -your list of live wsi by doing it from ESTABLISHED and CLOSED callbacks -(with your own locking). - -If you configure cmake with -DLWS_WITH_LIBEV=1 then the code allowing the libev -eventloop instead of the default poll() one will also be compiled in. But to -use it, you must also set the LWS_SERVER_OPTION_LIBEV flag on the context -creation info struct options member. - -IPV6 is supported and enabled by default except for Windows, you can disable -the support at build-time by giving -DLWS_IPV6=, and disable use of it even if -compiled in by making sure the flag LWS_SERVER_OPTION_DISABLE_IPV6 is set on -the context creation info struct options member. - -You can give LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS option flag to -guarantee the OS CAs will not be used, even if that support was selected at -build-time. - -Optional "token limits" may be enforced by setting the member "token_limits" -in struct lws_context_creation_info to point to a struct lws_token_limits. -NULL means no token limits used for compatibility. - - -User api changes ----------------- - -Extra optional argument to libwebsockets_serve_http_file() allows injecion -of HTTP headers into the canned response. Eg, cookies may be added like -that without getting involved in having to send the header by hand. - -A new info member http_proxy_address may be used at context creation time to -set the http proxy. If non-NULL, it overrides http_proxy environment var. - -Cmake supports LWS_SSL_CLIENT_USE_OS_CA_CERTS defaulting to on, which gets -the client to use the OS CA Roots. If you're worried somebody with the -ability to forge for force creation of a client cert from the root CA in -your OS, you should disable this since your selfsigned $0 cert is a lot safer -then... - - -v1.23-chrome32-firefox24 -======================== - - Android.mk | 29 + - CMakeLists.txt | 573 ++++++++---- - COPYING | 503 ----------- - INSTALL | 365 -------- - Makefile.am | 13 - - README.build | 371 ++------ - README.coding | 63 ++ - autogen.sh | 1578 --------------------------------- - changelog | 69 ++ - cmake/FindGit.cmake | 163 ++++ - cmake/FindOpenSSLbins.cmake | 15 +- - cmake/UseRPMTools.cmake | 176 ++++ - config.h.cmake | 25 +- - configure.ac | 226 ----- - cross-arm-linux-gnueabihf.cmake | 28 + - lib/Makefile.am | 89 -- - lib/base64-decode.c | 98 +- - lib/client-handshake.c | 123 ++- - lib/client-parser.c | 19 +- - lib/client.c | 145 ++- - lib/daemonize.c | 4 +- - lib/extension.c | 2 +- - lib/getifaddrs.h | 4 +- - lib/handshake.c | 76 +- - lib/libwebsockets.c | 491 ++++++---- - lib/libwebsockets.h | 164 ++-- - lib/output.c | 214 ++++- - lib/parsers.c | 102 +-- - lib/private-libwebsockets.h | 66 +- - lib/server-handshake.c | 5 +- - lib/server.c | 29 +- - lib/sha-1.c | 2 +- - libwebsockets-api-doc.html | 249 +++--- - libwebsockets.pc.in | 11 - - libwebsockets.spec | 14 +- - m4/ignore-me | 2 - - scripts/FindLibWebSockets.cmake | 33 + - scripts/kernel-doc | 1 + - test-server/Makefile.am | 131 --- - test-server/leaf.jpg | Bin 0 -> 2477518 bytes - test-server/test-client.c | 78 +- - test-server/test-echo.c | 33 +- - test-server/test-fraggle.c | 26 +- - test-server/test-ping.c | 15 +- - test-server/test-server.c | 197 +++- - test-server/test.html | 5 +- - win32port/win32helpers/gettimeofday.c | 74 +- - win32port/win32helpers/websock-w32.h | 6 +- - 48 files changed, 2493 insertions(+), 4212 deletions(-) - - -User api additions ------------------- - - - You can now call libwebsocket_callback_on_writable() on http connectons, - and get a LWS_CALLBACK_HTTP_WRITEABLE callback, the same way you can - regulate writes with a websocket protocol connection. - - - A new member in the context creation parameter struct "ssl_cipher_list" is - added, replacing CIPHERS_LIST_STRING. NULL means use the ssl library - default list of ciphers. - - - Not really an api addition, but libwebsocket_service_fd() will now zero - the revents field of the pollfd it was called with if it handled the - descriptor. So you can tell if it is a non-lws fd by checking revents - after the service call... if it's still nonzero, the descriptor - belongs to you and you need to take care of it. - - - libwebsocket_rx_flow_allow_all_protocol(protocol) will unthrottle all - connections with the established protocol. It's designed to be - called from user server code when it sees it can accept more input - and may have throttled connections using the server rx flow apis - while it was unable to accept any other input The user server code - then does not have to try to track while connections it choked, this - will free up all of them in one call. - - - there's a new, optional callback LWS_CALLBACK_CLOSED_HTTP which gets - called when an HTTP protocol socket closes - - - for LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION callback, the user_space alloc - has already been done before the callback happens. That means we can - use the user parameter to the callback to contain the user pointer, and - move the protocol name to the "in" parameter. The docs for this - callback are also updated to reflect how to check headers in there. - - - libwebsocket_client_connect() is now properly nonblocking and async. See - README.coding and test-client.c for information on the callbacks you - can rely on controlling the async connection period with. - - - if your OS does not support the http_proxy environment variable convention - (eg, reportedly OSX), you can use a new api libwebsocket_set_proxy() - to set the proxy details in between context creation and the connection - action. For OSes that support http_proxy, that's used automatically. - -User api changes ----------------- - - - the external poll callbacks now get the socket descriptor coming from the - "in" parameter. The user parameter provides the user_space for the - wsi as it normally does on the other callbacks. - LWS_CALLBACK_FILTER_NETWORK_CONNECTION also has the socket descriptor - delivered by @in now instead of @user. - - - libwebsocket_write() now returns -1 for error, or the amount of data - actually accepted for send. Under load, the OS may signal it is - ready to send new data on the socket, but have only a restricted - amount of memory to buffer the packet compared to usual. - - -User api removal ----------------- - - - libwebsocket_ensure_user_space() is removed from the public api, if you - were using it to get user_space, you need to adapt your code to only - use user_space inside the user callback. - - - CIPHERS_LIST_STRING is removed - - - autotools build has been removed. See README.build for info on how to - use CMake for your platform - - -v1.21-chrome26-firefox18 -======================== - - - Fixes buffer overflow bug in max frame size handling if you used the - default protocol buffer size. If you declared rx_buffer_size in your - protocol, which is recommended anyway, your code was unaffected. - -v1.2-chrome26-firefox18 -======================= - -Diffstat --------- - - .gitignore | 16 +++ - CMakeLists.txt | 544 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - LICENSE | 526 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - Makefile.am | 1 + - README | 20 +++ - README.build | 258 ++++++++++++++++++++++++++++++++----- - README.coding | 52 ++++++++ - changelog | 136 ++++++++++++++++++++ - cmake/FindOpenSSLbins.cmake | 33 +++++ - config.h.cmake | 173 +++++++++++++++++++++++++ - configure.ac | 22 +++- - lib/Makefile.am | 20 ++- - lib/base64-decode.c | 2 +- - lib/client-handshake.c | 190 +++++++++++----------------- - lib/client-parser.c | 88 +++++++------ - lib/client.c | 384 ++++++++++++++++++++++++++++++------------------------- - lib/daemonize.c | 32 +++-- - lib/extension-deflate-frame.c | 58 +++++---- - lib/extension-deflate-stream.c | 19 ++- - lib/extension-deflate-stream.h | 4 +- - lib/extension.c | 11 +- - lib/getifaddrs.c | 315 +++++++++++++++++++++++----------------------- - lib/getifaddrs.h | 30 ++--- - lib/handshake.c | 124 +++++++++++------- - lib/libwebsockets.c | 736 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-------------------------------------- - lib/libwebsockets.h | 237 ++++++++++++++++++++++------------ - lib/output.c | 192 +++++++++++----------------- - lib/parsers.c | 966 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---------------------------------------------------------------- - lib/private-libwebsockets.h | 225 +++++++++++++++++++++------------ - lib/server-handshake.c | 82 ++++++------ - lib/server.c | 96 +++++++------- - libwebsockets-api-doc.html | 189 ++++++++++++++++++---------- - libwebsockets.spec | 17 +-- - test-server/attack.sh | 148 ++++++++++++++++++++++ - test-server/test-client.c | 125 +++++++++--------- - test-server/test-echo.c | 31 +++-- - test-server/test-fraggle.c | 32 ++--- - test-server/test-ping.c | 52 ++++---- - test-server/test-server.c | 129 ++++++++++++------- - win32port/libwebsocketswin32/libwebsocketswin32.vcxproj | 279 ---------------------------------------- - win32port/libwebsocketswin32/libwebsocketswin32.vcxproj.filters | 23 +++- - 41 files changed, 4398 insertions(+), 2219 deletions(-) - - -User api additions ------------------- - - - lws_get_library_version() returns a const char * with a string like - "1.1 9e7f737", representing the library version from configure.ac - and the git HEAD hash the library was built from - - - TCP Keepalive can now optionally be applied to all lws sockets, on Linux - also with controllable timeout, number of probes and probe interval. - (On BSD type OS, you can only use system default settings for the - timing and retries, although enabling it is supported by setting - ka_time to nonzero, the exact value has no meaning.) - This enables detection of idle connections which are logically okay, - but are in fact dead, due to network connectivity issues at the server, - client, or any intermediary. By default it's not enabled, but you - can enable it by setting a non-zero timeout (in seconds) at the new - ka_time member at context creation time. - - - Two new optional user callbacks added, LWS_CALLBACK_PROTOCOL_DESTROY which - is called one-time per protocol as the context is being destroyed, and - LWS_CALLBACK_PROTOCOL_INIT which is called when the context is created - and the protocols are added, again it's a one-time affair. - This lets you manage per-protocol allocations properly including - cleaning up after yourself when the server goes down. - -User api changes ----------------- - - - libwebsocket_create_context() has changed from taking a ton of parameters - to just taking a pointer to a struct containing the parameters. The - struct lws_context_creation_info is in libwebsockets.h, the members - are in the same order as when they were parameters to the call - previously. The test apps are all updated accordingly so you can - see example code there. - - - Header tokens are now deleted after the websocket connection is - established. Not just the header data is saved, but the pointer and - length array is also removed from (union) scope saving several hundred - bytes per connection once it is established - - - struct libwebsocket_protocols has a new member rx_buffer_size, this - controls rx buffer size per connection of that protocol now. Sources - for apps built against older versions of the library won't declare - this in their protocols, defaulting it to 0. Zero buffer is legal, - it causes a default buffer to be allocated (currently 4096) - - If you want to receive only atomic frames in your user callback, you - should set this to greater than your largest frame size. If a frame - comes that exceeds that, no error occurs but the callback happens as - soon as the buffer limit is reached, and again if it is reached again - or the frame completes. You can detect that has happened by seeing - there is still frame content pending using - libwebsockets_remaining_packet_payload() - - By correctly setting this, you can save a lot of memory when your - protocol has small frames (see the test server and client sources). - - - LWS_MAX_HEADER_LEN now defaults to 1024 and is the total amount of known - header payload lws can cope with, that includes the GET URL, origin - etc. Headers not understood by lws are ignored and their payload - not included in this. - - -User api removals ------------------ - - - The configuration-time option MAX_USER_RX_BUFFER has been replaced by a - buffer size chosen per-protocol. For compatibility, there's a default - of 4096 rx buffer, but user code should set the appropriate size for - the protocol frames. - - - LWS_INITIAL_HDR_ALLOC and LWS_ADDITIONAL_HDR_ALLOC are no longer needed - and have been removed. There's a new header management scheme that - handles them in a much more compact way. - - - libwebsockets_hangup_on_client() is removed. If you want to close the - connection you must do so from the user callback and by returning - -1 from there. - - - libwebsocket_close_and_free_session() is now private to the library code - only and not exposed for user code. If you want to close the - connection, you must do so from the user callback by returning -1 - from there. - - -New features ------------- - - - Cmake project file added, aimed initially at Windows support: this replaces - the visual studio project files that were in the tree until now. - - - CyaSSL now supported in place of OpenSSL (--use-cyassl on configure) - - - PATH_MAX or MAX_PATH no longer needed - - - cutomizable frame rx buffer size by protocol - - - optional TCP keepalive so dead peers can be detected, can be enabled at - context-creation time - - - valgrind-clean: no SSL or CyaSSL: completely clean. With OpenSSL, 88 bytes - lost at OpenSSL library init and symptomless reports of uninitialized - memory usage... seems to be a known and ignored problem at OpenSSL - - - By default debug is enabled and the library is built for -O0 -g to faclitate - that. Use --disable-debug configure option to build instead with -O4 - and no -g (debug info), obviously providing best performance and - reduced binary size. - - - 1.0 introduced some code to try to not deflate small frames, however this - seems to break when confronted with a mixture of frames above and - below the threshold, so it's removed. Veto the compression extension - in your user callback if you will typically have very small frames. - - - There are many memory usage improvements, both a reduction in malloc/ - realloc and architectural changes. A websocket connection now - consumes only 296 bytes with SSL or 272 bytes without on x86_64, - during header processing an additional 1262 bytes is allocated in a - single malloc, but is freed when the websocket connection starts. - The RX frame buffer defined by the protocol in user - code is also allocated per connection, this represents the largest - frame you can receive atomically in that protocol. - - - On ARM9 build, just http+ws server no extensions or ssl, <12Kbytes .text - and 112 bytes per connection (+1328 only during header processing) - - -v1.1-chrome26-firefox18 -======================= - -Diffstat --------- - - Makefile.am | 4 + - README-test-server | 291 --- - README.build | 239 ++ - README.coding | 138 ++ - README.rst | 72 - - README.test-apps | 272 +++ - configure.ac | 116 +- - lib/Makefile.am | 55 +- - lib/base64-decode.c | 5 +- - lib/client-handshake.c | 121 +- - lib/client-parser.c | 394 ++++ - lib/client.c | 807 +++++++ - lib/daemonize.c | 212 ++ - lib/extension-deflate-frame.c | 132 +- - lib/extension-deflate-stream.c | 12 +- - lib/extension-x-google-mux.c | 1223 ---------- - lib/extension-x-google-mux.h | 96 - - lib/extension.c | 8 - - lib/getifaddrs.c | 271 +++ - lib/getifaddrs.h | 76 + - lib/handshake.c | 582 +---- - lib/libwebsockets.c | 2493 ++++++--------------- - lib/libwebsockets.h | 115 +- - lib/md5.c | 217 -- - lib/minilex.c | 440 ++++ - lib/output.c | 628 ++++++ - lib/parsers.c | 2016 +++++------------ - lib/private-libwebsockets.h | 284 +-- - lib/server-handshake.c | 275 +++ - lib/server.c | 377 ++++ - libwebsockets-api-doc.html | 300 +-- - m4/ignore-me | 2 + - test-server/Makefile.am | 111 +- - test-server/libwebsockets.org-logo.png | Bin 0 -> 7029 bytes - test-server/test-client.c | 45 +- - test-server/test-echo.c | 330 +++ - test-server/test-fraggle.c | 20 +- - test-server/test-ping.c | 22 +- - test-server/test-server-extpoll.c | 554 ----- - test-server/test-server.c | 349 ++- - test-server/test.html | 3 +- - win32port/zlib/ZLib.vcxproj | 749 ++++--- - win32port/zlib/ZLib.vcxproj.filters | 188 +- - win32port/zlib/adler32.c | 348 ++- - win32port/zlib/compress.c | 160 +- - win32port/zlib/crc32.c | 867 ++++---- - win32port/zlib/crc32.h | 882 ++++---- - win32port/zlib/deflate.c | 3799 +++++++++++++++----------------- - win32port/zlib/deflate.h | 688 +++--- - win32port/zlib/gzclose.c | 50 +- - win32port/zlib/gzguts.h | 325 ++- - win32port/zlib/gzlib.c | 1157 +++++----- - win32port/zlib/gzread.c | 1242 ++++++----- - win32port/zlib/gzwrite.c | 1096 +++++---- - win32port/zlib/infback.c | 1272 ++++++----- - win32port/zlib/inffast.c | 680 +++--- - win32port/zlib/inffast.h | 22 +- - win32port/zlib/inffixed.h | 188 +- - win32port/zlib/inflate.c | 2976 +++++++++++++------------ - win32port/zlib/inflate.h | 244 +- - win32port/zlib/inftrees.c | 636 +++--- - win32port/zlib/inftrees.h | 124 +- - win32port/zlib/trees.c | 2468 +++++++++++---------- - win32port/zlib/trees.h | 256 +-- - win32port/zlib/uncompr.c | 118 +- - win32port/zlib/zconf.h | 934 ++++---- - win32port/zlib/zlib.h | 3357 ++++++++++++++-------------- - win32port/zlib/zutil.c | 642 +++--- - win32port/zlib/zutil.h | 526 ++--- - 69 files changed, 19556 insertions(+), 20145 deletions(-) - -user api changes ----------------- - - - libwebsockets_serve_http_file() now takes a context as first argument - - - libwebsockets_get_peer_addresses() now takes a context and wsi as first - two arguments - - -user api additions ------------------- - - - lwsl_...() logging apis, default to stderr but retargetable by user code; - may be used also by user code - - - lws_set_log_level() set which logging apis are able to emit (defaults to - notice, warn, err severities), optionally set the emit callback - - - lwsl_emit_syslog() helper callback emits to syslog - - - lws_daemonize() helper code that forks the app into a headless daemon - properly, maintains a lock file with pid in suitable for sysvinit etc to - control lifecycle - - - LWS_CALLBACK_HTTP_FILE_COMPLETION callback added since http file - transfer is now asynchronous (see test server code) - - - lws_frame_is_binary() from a wsi pointer, let you know if the received - data was sent in BINARY mode - - -user api removals ------------------ - - - libwebsockets_fork_service_loop() - no longer supported (had intractable problems) - arrange your code to act from the user callback instead from same - process context as the service loop - - - libwebsockets_broadcast() - use libwebsocket_callback_on_writable[_all_protocol]() - instead from same process context as the service loop. See the test apps - for examples. - - - x-google-mux() removed until someone wants it - - - pre -v13 (ancient) protocol support removed + - LWS_WITH_HTTP_PROXY Cmake option adds proxying mounts + - Workaround for libev build by disabling -Werror on the test app -New features ------------- + - HTTP2 support disabled since no way to serve websockets on it - - echo test server and client compatible with echo.websocket.org added - - many new configure options (see README.build) to reduce footprint of the - library to what you actually need, eg, --without-client and - --without-server +v2.2.0 +====== - - http + websocket server can build to as little as 12K .text for ARM +Major new features - - no more MAX_CLIENTS limitation; adapts to support the max number of fds - allowed to the process by ulimit, defaults to 1024 on Fedora and - Ubuntu. Use ulimit to control this without needing to configure - the library. Code here is smaller and faster. + - A mount can be protected by Basic Auth... in lwsws it looks like this - - adaptive ratio of listen socket to connection socket service allows - good behaviour under Apache ab test load. Tested with thousands - of simultaneous connections + ``` +{ + "mountpoint": "/basic-auth", + "origin": "file://_lws_ddir_/libwebsockets-test-server/private", + "basic-auth": "/var/www/balogins-private" +} +``` - - reduction in per-connection memory footprint by moving to a union to hold - mutually-exclusive state for the connection +The text file named in `basic-auth` contains user:password information +one per line. - - robustness: Out of Memory taken care of for all allocation code now +See README.lwsws.md for more information. - - internal getifaddrs option if your toolchain lacks it (some uclibc) + - RFC7233 RANGES support in lws server... both single and multipart. + This allows seeking for multimedia file serving and download resume. + It's enabled by default but can be disabled by CMake option. - - configurable memory limit for deflate operations + - On Linux, lwsws can reload configuration without dropping ongoing + connections, when sent a SIGHUP. The old configuration drops its + listen sockets so the new configuration can listen on them. + New connections connect to the server instance with the new + configuration. When all old connections eventually close, the old + instance automatically exits. This is equivalent to + `systemctl reload apache` - - improvements in SSL code nonblocking operation, possible hang solved, - some SSL operations broken down into pollable states so there is - no library blocking, timeout coverage for SSL_connect + - New `adopt` api allow adoption including SSL negotiation and + for raw sockets and file descriptors. - - extpoll test server merged into single test server source + - Chunked transfer encoding supported for client and server - - robustness: library should deal with all recoverable socket conditions + - Adaptations to allow operations inside OPTEE Secure World - - rx flowcontrol for backpressure notification fixed and implmeneted - correctly in the test server + - ESP32 initial port - able to do all test server functions. See + README.build.md - - optimal lexical parser added for header processing; all headers in a - single 276-byte state table + - Serving gzipped files from inside a ZIP file is supported... this + includes directly serving the gzipped content if the client + indicated it could accept it (ie, almost all browsers) saving + bandwidth and time. For clients that can't accept it, lws + automatically decompresses and serves the content in memory- + efficient chunks. Only a few hundred bytes of heap are needed + to serve any size file from inside the zip. See README.coding.md - - latency tracking api added (configure --with-latency) + - RAW file descriptors may now be adopted into the lws event loop, + independent of event backend (including poll service). + See README.coding.md - - Improved in-tree documentation, REAME.build, README.coding, - README.test-apps, changelog + - RAW server socket descriptors may now be enabled on the vhost if + the first thing sent on the connection is not a valid http method. + The user code can associate these with a specific protocol per + vhost, and RAW-specific callbacks appear there for creation, rx, + writable and close. See libwebsockets-test-server-v2.0 for an example. + See README.coding.md - - Many small fixes + - RAW client connections are now possible using the method "RAW". + After connection, the socket is associated to the protocol + named in the client connection info and RAW-specific callbacks + appear there for creation, rx, writable and close. + See libwebsockets-test-client (with raw://) for an example. + See README.coding.md -v1.0-chrome25-firefox17 (6cd1ea9b005933f) +(for earlier changelogs, see the tagged releases)