Andy Green [Sun, 13 Jan 2013 03:05:30 +0000 (11:05 +0800)]
deal with SSL_ERROR_WANT_ in client connect action
"4b0e01f Retry SSL_connect when SSL_get_error requests it. " from David Galeano
noticed the problem that client connect may receive SSL_ERROR_WANT_* from
SSL_connect, which is basically WOULDBLOCK. That patch tried to deal with it
by blocking in a while(1) until the condition went away.
That's problematic because of it blocks service of anything else (including
the host application sockets in the external socket poll sharing case) for
up to 5s controlled by conditions at one client.
After fiddling with and researching this, the actual problem with the code is
we are not getting the SSL layer error correctly, it is not contained in the
code returned from the Connect api directly.
I was unable to get a renegotiation forced on my modern SSL libs, it complained
about protocol error are reopened the connection instead. So I think the stuff
found in the docs and the web about the SSL_ERROR_WANT_ is probably not something
we will see in reality (if we check the right error code...)
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Sun, 13 Jan 2013 03:58:18 +0000 (11:58 +0800)]
add longlived option to test client
Needed to confirm pending timeouts won't kill the connection, by default
it spams the server with connections that live less than 5s
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 14 Jan 2013 05:10:55 +0000 (13:10 +0800)]
logging ensure everyone has a newline
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 14 Jan 2013 07:35:02 +0000 (15:35 +0800)]
replace ifdefs around close socket with compatible_close
Signed-off-by: Andy Green <andy.green@linaro.org>
Larry Hayes [Mon, 14 Jan 2013 17:03:58 +0000 (01:03 +0800)]
ssl client certs fix crash
I run a web socket server that requires clients to present a certificate.
context_ssl_ = libwebsocket_create_context(wssPort_, wssIpAddr_.c_str(), protocols_ssl,
libwebsocket_internal_extensions,
cert_path.c_str(), key_path.c_str(), -1, -1,
LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT);
I am getting a crash in the OpenSSL_verify_callback().
The SSL_get_ex_data() call is returning NULL
I could not find a call to SSL_set_ex_data() for server mode operation.
Has anyone seen this crash in the newer versions?
Signed-off-by: Larry Hayes <larry.hayes@prodeasystems.com>
Andy Green [Sun, 13 Jan 2013 01:53:18 +0000 (09:53 +0800)]
absorb README.rst into main README and code
Some of the advice in README.rst became deprecated with recent patches,
the (good) advice about http connection close is better demonstrated
in the code and API docs, and the remainder can go in the main README,
which will have to be refactored itself at some point.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Sat, 12 Jan 2013 15:42:17 +0000 (23:42 +0800)]
expose compiletime constants to setting from configure
This patch allows control of the main compiletime constants in libwebsockets
from the configure commandline.
README is updated with documentation on what's available, how to set them
and the defaults.
The constants are logged with "info" severity (not visible by default) at
context create time.
The zlib constant previously exposed like this is moved to private-libwebsockets.h
so it can be printed along with the rest.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Sat, 12 Jan 2013 15:09:36 +0000 (23:09 +0800)]
renable deflate frame buffer expansion fixing DoS
This reverts the removal of the deflate_frame code that was crashing after porting
David Galeano's code: he pointed out there's a typo in the merged version causing
the crash which is fixed here.
However the fixed code has a problem, there's no limit (other than int size) to the
amount of memory it will try to malloc, which can allow a DoS of the server by the
client sending malicious compression states that inflate to a large amount. I have
added checking for OOM already that will avert the segfault that would otherwise follow
but the server will be unusuable if malicious connections were made repeatedly each
forcing it to allocate large buffers and cause small allocations on other connections
to fail.
The patch changes the code to use realloc(), and introduces a configurable limit
on the amount of memory one connection may need for zlib before the server hangs
up the connection. It defaults to 64KBytes but can be set from ./configure as
described now in the README.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Sat, 12 Jan 2013 15:31:39 +0000 (23:31 +0800)]
fix config enable name for getifaddrs
copy-paste...
Signed-off-by: Andy Green <andy.green@linaro.org>
David [Sat, 12 Jan 2013 12:39:47 +0000 (20:39 +0800)]
introduce getifaddrs for toolchains without it
David found that uclibc did not provide this slightly esoteric api
and provided one from BSD that can be built by the library internally.
AG: Made contingent on configure option --enable-builtin-getifaddrs
Signed-off-by: David <cymerio@gmail.com>
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Sat, 12 Jan 2013 05:21:08 +0000 (13:21 +0800)]
audit and make all malloc check for OOM
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Sat, 12 Jan 2013 01:25:07 +0000 (09:25 +0800)]
logging add timestamp
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Sat, 12 Jan 2013 01:17:42 +0000 (09:17 +0800)]
logging extend level set api to allow setting emission function
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 10 Jan 2013 14:56:15 +0000 (22:56 +0800)]
update README with info on new logging scheme
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 10 Jan 2013 14:28:59 +0000 (22:28 +0800)]
allow enabling debug contexts from test apps
Adds a -d switch to everything so you can set the log level bitfeld.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 10 Jan 2013 11:50:35 +0000 (19:50 +0800)]
introduce logging api and convert all library output to use it
- multiple debug context calls lwsl_ err, warn, debug, parser, ext, client
- api added to set which contexts output to stderr using a bitfield log_level
- --disable-debug on configure removes all code that is not err or warn severity
- err and warn contexts always output to stderr unless disabled by log_level
- err and warn enabled by default in log_level
Signed-off-by: Andy Green <andy@warmcat.com>
Aaron Zinman [Thu, 10 Jan 2013 04:35:18 +0000 (12:35 +0800)]
compile in xcode, privatize debug macro
Andy Green [Thu, 10 Jan 2013 04:35:18 +0000 (12:35 +0800)]
update soname and configure to v1.0
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 10 Jan 2013 04:36:59 +0000 (12:36 +0800)]
correct autotools warning
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 10 Jan 2013 04:26:13 +0000 (12:26 +0800)]
zlib code add OOM checks remove buffer expansion on rx path
Here testing with the test serer and chrome 25, the buffer expansion
code on Rx was triggered by a valid no data output condition and looped
until it exhausted all memory.
This patch adds OOM check to all malloc()s and removes the buffer expansion
code on the rx path... leaving the code on tx path for now.
Signed-off-by: Andy Green <andy.green@linaro.org>
David Galeano [Thu, 10 Jan 2013 02:45:24 +0000 (10:45 +0800)]
Avoid leaking a socket when SSL_accept fails.
David Galeano [Thu, 10 Jan 2013 02:42:45 +0000 (10:42 +0800)]
Print error string on accept failure.
David Galeano [Thu, 10 Jan 2013 02:41:10 +0000 (10:41 +0800)]
Increased MAX_BROADCAST_PAYLOAD to match MAX_USER_RX_BUFFER.
David Galeano [Thu, 10 Jan 2013 02:39:57 +0000 (10:39 +0800)]
Added README file with some useful tips for using the library.
David Galeano [Thu, 10 Jan 2013 02:38:21 +0000 (10:38 +0800)]
Added support for continuation frames on the server.
David Galeano [Thu, 10 Jan 2013 02:37:29 +0000 (10:37 +0800)]
Close connection if LWS_CALLBACK_HTTP returns non-zero.
David Galeano [Thu, 10 Jan 2013 02:35:32 +0000 (10:35 +0800)]
Fixed to keep reading data until the SSL internal buffer is empty.
Before this fix only 2048 bytes were read,
the rest were buffered inside SSL until another message arrived!!!
David Galeano [Thu, 10 Jan 2013 02:26:05 +0000 (10:26 +0800)]
Added no-cache headers to client handshake:
http://www.ietf.org/mail-archive/web/hybi/current/msg09841.html
David Galeano [Thu, 10 Jan 2013 02:24:32 +0000 (10:24 +0800)]
Separate compression levels for server and client,
increased the later one to zlib default (6).
David Galeano [Thu, 10 Jan 2013 02:22:47 +0000 (10:22 +0800)]
More correct handling of inflate result.
David Galeano [Thu, 10 Jan 2013 02:20:01 +0000 (10:20 +0800)]
Fixed crash when HTTP requests method is not GET.
David Galeano [Thu, 10 Jan 2013 02:18:59 +0000 (10:18 +0800)]
Check if macro SSL_OP_NO_COMPRESSION is defined before trying to use it.
David Galeano [Thu, 10 Jan 2013 02:18:17 +0000 (10:18 +0800)]
Using size_t instead of int for deflate-frame offsets and length.
David Galeano [Thu, 10 Jan 2013 02:15:19 +0000 (10:15 +0800)]
Added private macro CIPHERS_LIST_STRING to define ciphers list string.
David Galeano [Thu, 10 Jan 2013 02:14:12 +0000 (10:14 +0800)]
When choosing a cipher, use the server's preferences.
David Galeano [Thu, 10 Jan 2013 02:13:19 +0000 (10:13 +0800)]
Pass URI length to LWS_CALLBACK_HTTP.
David Galeano [Thu, 10 Jan 2013 02:11:57 +0000 (10:11 +0800)]
Disable compression for SSL socket,
it is a waste of CPU when using compression extensions.
David Galeano [Thu, 10 Jan 2013 02:11:21 +0000 (10:11 +0800)]
Using "SSL_CTX_use_certificate_chain_file" instead of "SSL_CTX_use_certificate_file"
to support server certificates signed by intermediaries.
David Galeano [Thu, 10 Jan 2013 02:08:50 +0000 (10:08 +0800)]
Better definition of "debug" macro for Win32 builds.
David Galeano [Thu, 10 Jan 2013 02:07:16 +0000 (10:07 +0800)]
Use __inline for Win32 builds.
David Galeano [Thu, 10 Jan 2013 02:06:38 +0000 (10:06 +0800)]
Avoid checking choked pipe if no extension has more data to write.
David Galeano [Thu, 10 Jan 2013 02:03:42 +0000 (10:03 +0800)]
zlib update 1.2.7
Signed-off-by: Andy Green <andy.green@linaro.org>
David Galeano [Thu, 10 Jan 2013 01:58:24 +0000 (09:58 +0800)]
Set listen backlog to SOMAXCONN.
David Galeano [Thu, 10 Jan 2013 01:54:10 +0000 (09:54 +0800)]
Fixed operator precedence bug.
David Galeano [Thu, 10 Jan 2013 01:51:15 +0000 (09:51 +0800)]
Avoid deflate of small packets.
David Galeano [Thu, 10 Jan 2013 01:41:06 +0000 (09:41 +0800)]
Support compressed packets bigger than MAX_USER_RX_BUFFER.
(AG adapted style and removed logging stuff)
David Galeano [Wed, 9 Jan 2013 11:49:50 +0000 (19:49 +0800)]
Allow extensions when no protocol was specified.
David Galeano [Wed, 9 Jan 2013 10:21:33 +0000 (18:21 +0800)]
Added extension "deflate-frame".
Using by default instead of "deflate-stream".
David Galeano [Wed, 9 Jan 2013 10:06:55 +0000 (18:06 +0800)]
Added support for extensions that only manipulate application data.
David Galeano [Wed, 9 Jan 2013 10:03:28 +0000 (18:03 +0800)]
Fixed deflate-stream extension.
When the output buffer was exhausted the input buffer was discarded
without checking if zlib had actually consumed all the input,
now we copy the remaining input data for the next call.
David Galeano [Wed, 9 Jan 2013 10:01:23 +0000 (18:01 +0800)]
Added private macro AWAITING_TIMEOUT instead of harcoded value 5.
David Galeano [Wed, 9 Jan 2013 08:35:18 +0000 (16:35 +0800)]
Fixed spacing.
David Galeano [Wed, 9 Jan 2013 08:25:54 +0000 (16:25 +0800)]
Added context creation parameter for CA certificates file.
David Galeano [Wed, 9 Jan 2013 08:17:04 +0000 (16:17 +0800)]
Return NULL if the handshake failed to complete,
libwebsocket_service_fd closes and frees the websocket in that case.
David Galeano [Wed, 9 Jan 2013 07:46:11 +0000 (15:46 +0800)]
Ignoring linux build files
David Galeano [Wed, 9 Jan 2013 07:39:50 +0000 (15:39 +0800)]
Use feature check rather than browser check.
David Galeano [Wed, 9 Jan 2013 07:31:46 +0000 (15:31 +0800)]
Changed client handshake to use "Origin" instead of "Sec-WebSocket-Origin" as defined by RFC 6455 when using version 13 of the protocol.
David Galeano [Wed, 9 Jan 2013 07:29:00 +0000 (15:29 +0800)]
Fixed compiler warnings on Windows.
David Galeano [Wed, 9 Jan 2013 07:26:08 +0000 (15:26 +0800)]
Added new status codes from RFC 6455.
David Galeano [Wed, 9 Jan 2013 07:25:05 +0000 (15:25 +0800)]
Fixed compiler warning on Windows.
Artem Baguinski [Wed, 9 Jan 2013 07:16:52 +0000 (15:16 +0800)]
required version of autoconf can be lower
David Galeano [Wed, 9 Jan 2013 07:14:31 +0000 (15:14 +0800)]
Static variable is now const.
Andy Green [Mon, 22 Oct 2012 11:29:57 +0000 (12:29 +0100)]
add context construction option to skip server hostname lookup
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Fri, 19 Oct 2012 10:36:28 +0000 (18:36 +0800)]
add missing docs for new context user pointer
Signed-off-by: Andy Green <andy.green@linaro.org>
Alon Levy [Fri, 19 Oct 2012 09:21:57 +0000 (11:21 +0200)]
libwebsocket_service_fd: EAGAIN is harmless, treat like EINTR
Only tested on linux.
Signed-off-by: Alon Levy <alevy@redhat.com>
Alon Levy [Fri, 19 Oct 2012 09:21:56 +0000 (11:21 +0200)]
libwebsocket_context: add userspace pointer for use before wsi creation
Signed-off-by: Alon Levy <alevy@redhat.com>
Alon Levy [Fri, 19 Oct 2012 09:21:55 +0000 (11:21 +0200)]
lib/Makefile.am: whitespace fix
Signed-off-by: Alon Levy <alevy@redhat.com>
Alon Levy [Fri, 19 Oct 2012 09:21:54 +0000 (11:21 +0200)]
add pkg-config file libwebsockets.pc
Signed-off-by: Alon Levy <alevy@redhat.com>
Anders Brander [Wed, 17 Oct 2012 12:23:28 +0000 (14:23 +0200)]
Added test.html favicon.ico to EXTRA_DIST.
Anders Brander [Wed, 17 Oct 2012 11:48:59 +0000 (13:48 +0200)]
Add missing .h files to sources.
Anders Brander [Wed, 17 Oct 2012 11:47:47 +0000 (13:47 +0200)]
Add kernel doc to extra_dist.
Andy Green [Wed, 17 Oct 2012 12:10:44 +0000 (20:10 +0800)]
always taking an interest in ppid wont hurt
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Sun, 7 Oct 2012 12:44:02 +0000 (20:44 +0800)]
remove depcomp
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Sun, 7 Oct 2012 12:40:35 +0000 (20:40 +0800)]
stop being so fragile on socket lifecycle
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Sat, 6 Oct 2012 07:17:01 +0000 (15:17 +0800)]
use autogen.sh
Signed-off-by: Andy Green <andy.green@linaro.org>
Rusty Lynch [Wed, 5 Sep 2012 23:15:16 +0000 (16:15 -0700)]
Updating changelog
Rusty Lynch [Thu, 23 Aug 2012 02:28:37 +0000 (19:28 -0700)]
Adding Tizen packaging files
Andy Green [Fri, 20 Jul 2012 05:00:12 +0000 (13:00 +0800)]
add not about autoreconf and libtoolize
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Fri, 20 Jul 2012 04:58:38 +0000 (12:58 +0800)]
restore accept error as closure signal
Signed-off-by: Andy Green <andy.green@linaro.org>
Artem Baguinski [Wed, 14 Dec 2011 21:14:03 +0000 (22:14 +0100)]
check for prctl, poll parent PID if not present
this allows forking code to be used on non-linux systems
Paulo Roberto Urio [Mon, 4 Jun 2012 02:52:19 +0000 (10:52 +0800)]
Fixing uninitialised memory
These were found with valgrind tool.
Signed-off-by: Paulo Roberto Urio <paulourio@gmail.com>
Paulo Roberto Urio [Mon, 4 Jun 2012 01:04:33 +0000 (09:04 +0800)]
some toolchains need stddef
Signed-off-by: Paulo Roberto Urio <paulourio@gmail.com>
Andy Green [Mon, 4 Jun 2012 00:53:26 +0000 (08:53 +0800)]
add missing sa_data init to canonical hostname code
Shay noticed we're no longer initializing the initial lookup of
server canonical hostname correctly
Reported-by: Shay Zuker <shay@boxee.tv>
Signed-off-by: Andy Green <andy.green@linaro.org>
Paulo Roberto Urio [Mon, 4 Jun 2012 00:40:28 +0000 (08:40 +0800)]
Fixed segfault in libwebsocket_context_destroy.
When creating a context with NULL extensions list,
a segmentation fault was yelled when trying to
destroy the context. This checks if the
extension list is NULL before go through the list.
Signed-off-by: Paulo Roberto Urio <paulourio@gmail.com>
Tobias Maier [Wed, 30 May 2012 04:46:42 +0000 (12:46 +0800)]
sockets were left open if connection could not be
established resulting in a mass of unusable open file
descriptors
Signed-off-by: Tobias Maier <tobias.maier@netplace.com>
yuval tal [Mon, 21 May 2012 02:16:06 +0000 (10:16 +0800)]
link lz explicitly for mips
fix link error since libz is not linked in
Signed-off-by: yuval tal <yuvalt@boxee.tv>
Andrew Chambers [Sun, 20 May 2012 00:17:09 +0000 (08:17 +0800)]
null exception with null extensions list
I was under the impression extensions could be null, so heres a patch to fix this error in libwebsockets. Cheers!
Signed-off-by: Andrew Chambers <andrewchamberss@gmail.com>
--
Andy Green [Sun, 20 May 2012 00:17:02 +0000 (08:17 +0800)]
refresh autotools stuff
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 3 May 2012 04:48:14 +0000 (12:48 +0800)]
update test html now mozilla uses normal ws apis
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 3 May 2012 04:32:38 +0000 (12:32 +0800)]
start migration to getnameinfo
Signed-off-by: Andy Green <andy.green@linaro.org>
Ken Atherton [Thu, 3 May 2012 03:45:04 +0000 (11:45 +0800)]
openssl allow connect multiple packets for SSL_connect
Ken found over the internet with real delays, SSL_connect can
fail to work. This patch adapts his workaround to stay in the
connect state until we either run out of time for the connect
or succeed.
Signed-off-by: Andy Green <andy.green@linaro.org>
Signed-off-by: Ken Atherton <katherton@echofirst.com>
Andy Green [Thu, 3 May 2012 03:17:08 +0000 (11:17 +0800)]
cleanup extra wrapping needed on braced define
Signed-off-by: Andy Green <andy.green@linaro.org>
Peter Hillier [Tue, 1 May 2012 22:09:45 +0000 (06:09 +0800)]
android toolchain SHA1 endian fix
Android toolchain needs an extra include if it's not to confuse
SHA-1 code probably with incorrect endian-ness from missing /bits/
Signed-off-by: Peter Hillier <peterhillier@yahoo.com>
Signed-off-by: Andy Green <andy@warmcat.com>
David Brooks [Tue, 1 May 2012 22:02:45 +0000 (06:02 +0800)]
ssize_t needs help on windows
ssize_t is needed, but absent in Windows.
This patch typedefs it to an int in that case as recommended by Tobias.
Signed-off-by: Andy Green <andy@warmcat.com>
Signed-off-by: David Brooks <dave@bcs.co.nz>
Signed-off-by: Tobias Maier <tobias.maier@netplace.com>
Reported-by: Rich Gossweiler <rich.gossweiler@gmail.com>
David Brooks [Fri, 20 Apr 2012 04:19:01 +0000 (12:19 +0800)]
introduce libwebsocket_client_connect_extended
Signed-off-by: David Brooks <dave@bcs.co.nz>
Signed-off-by: Andy Green <andy@warmcat.com>
--
David Brooks [Fri, 20 Apr 2012 04:18:47 +0000 (12:18 +0800)]
introduce LWS_CALLBACK_CLIENT_CONNECTION_ERROR
Signed-off-by: David Brooks <dave@bcs.co.nz>
Signed-off-by: Andy Green <andy@warmcat.com>
--
David Brooks [Fri, 20 Apr 2012 04:16:52 +0000 (12:16 +0800)]
set connection callback before connection completed to allow early messages
Signed-off-by: David Brooks <dave@bcs.co.nz>
Signed-off-by: Andy Green <andy@warmcat.com>
--
lib/client-handshake.c | 19 +++++++++++++++++++
1 files changed, 19 insertions(+), 0 deletions(-)
David Brooks [Fri, 20 Apr 2012 04:13:50 +0000 (12:13 +0800)]
improve callback prototypes to use single definition
Not sure all compilers can hack this, but give it a try
Signed-off-by: David Brooks <dave@bcs.co.nz>
Signed-off-by: Andy Green <andy@warmcat.com>
--
David Brooks [Fri, 20 Apr 2012 04:13:37 +0000 (12:13 +0800)]
reduce debug spew
Signed-off-by: David Brooks <dave@bcs.co.nz>
Signed-off-by: Andy Green <andy@warmcat.com>
--
Pasi Mankinen [Fri, 13 Apr 2012 23:28:19 +0000 (07:28 +0800)]
workaround osx compiler bug
Signed-off-by: Pasi Mankinen <pasi.t.mankinen@student.jyu.fi>
projects / profile / ivi / libwebsockets.git / log