platform/upstream/libwebsockets.git
7 years agocontext new option LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN
Andy Green [Mon, 23 Jan 2017 11:52:27 +0000 (19:52 +0800)]
context new option LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN

https://github.com/warmcat/libwebsockets/issues/757

7 years agossl pass real wsi to verify cert cb
Denis Osvald [Mon, 23 Jan 2017 11:35:00 +0000 (19:35 +0800)]
ssl pass real wsi to verify cert cb

Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
7 years agossl expose public wsi->ssl getter
Denis Osvald [Mon, 23 Jan 2017 11:34:46 +0000 (19:34 +0800)]
ssl expose public wsi->ssl getter

Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
7 years agowindows: reduce C99isms to something MS compiler can understand
Andy Green [Tue, 17 Jan 2017 23:20:09 +0000 (07:20 +0800)]
windows: reduce C99isms to something MS compiler can understand

7 years agoplat-optee and boringssl adaptations
Andy Green [Mon, 16 Jan 2017 23:01:02 +0000 (07:01 +0800)]
plat-optee and boringssl adaptations

7 years agowin32 fixes
Andy Green [Mon, 16 Jan 2017 22:51:11 +0000 (06:51 +0800)]
win32 fixes

https://github.com/warmcat/libwebsockets/issues/750

7 years agoignore leading spaces when checking for a suitable subprotocol
Tobias [Mon, 16 Jan 2017 11:01:25 +0000 (12:01 +0100)]
ignore leading spaces when checking for a suitable subprotocol

My Browsers send as Subprotocols e.g. chat, superchat, mySubprotocol (with spaces after the ,). Libwebsockets now checked if ' mySubprotocol' was equal to 'mySubprotocol' which failed. With this fix the leading space is ignored and uses 'mySubprotocol' for comparision.

7 years agossl: add LWS_CALLBACK_OPENSSL_PERFORM_SERVER_CERT_VERIFICATION
Namowen [Tue, 10 Jan 2017 01:31:23 +0000 (09:31 +0800)]
ssl: add LWS_CALLBACK_OPENSSL_PERFORM_SERVER_CERT_VERIFICATION

7 years agossl: wolfssl doesn't have clear options
Andy Green [Tue, 10 Jan 2017 01:14:44 +0000 (09:14 +0800)]
ssl: wolfssl doesn't have clear options

https://github.com/warmcat/libwebsockets/issues/741

7 years agossl-correct-option-clear-availability-version
Hai Vu [Tue, 10 Jan 2017 01:10:49 +0000 (09:10 +0800)]
ssl-correct-option-clear-availability-version

https://github.com/warmcat/libwebsockets/issues/744

7 years agossl: correct version detection
Andy Green [Sat, 7 Jan 2017 03:29:32 +0000 (11:29 +0800)]
ssl: correct version detection

7 years agopolarssl: turn off missing tlsext
Andy Green [Sat, 7 Jan 2017 02:24:16 +0000 (10:24 +0800)]
polarssl: turn off missing tlsext

7 years agoopenssl: deal with missing OPENSSL_NO_TLSEXT on ancient versions
Andy Green [Fri, 6 Jan 2017 01:49:28 +0000 (09:49 +0800)]
openssl: deal with missing OPENSSL_NO_TLSEXT on ancient versions

7 years agocmake: boringssl helper
Andy Green [Wed, 4 Jan 2017 12:23:10 +0000 (20:23 +0800)]
cmake: boringssl helper

7 years agoclient: MORE_SERVICE is not an error
Andy Green [Wed, 4 Jan 2017 11:59:38 +0000 (19:59 +0800)]
client: MORE_SERVICE is not an error

7 years agocgi: 5s grace to send buffered if chunked
Andy Green [Tue, 3 Jan 2017 00:18:37 +0000 (08:18 +0800)]
cgi: 5s grace to send buffered if chunked

7 years agoserver: check listen(2) return value
Denis Osvald [Mon, 2 Jan 2017 16:33:26 +0000 (17:33 +0100)]
server: check listen(2) return value

The `listen` call can fail with EADDRINUSE after bind() succeeds, for
example because another process called listen on that port in the
meantime, or under some circumstances with IPv6-mapped-IPv4. This was
causing EINVAL on accept, with an infinite loop in case of libuv.

A reproducible example was to run nc -l -p 5555 ( OpenBSD netcat (Debian
patchlevel 1)) before starting test-server

Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
7 years agolejp-conf: add timeout-secs
Andy Green [Mon, 2 Jan 2017 11:57:54 +0000 (19:57 +0800)]
lejp-conf: add timeout-secs

7 years agowindows: remove preprocessor business for [v]snprintf
Andy Green [Wed, 28 Dec 2016 07:23:34 +0000 (15:23 +0800)]
windows: remove preprocessor business for [v]snprintf

https://github.com/warmcat/libwebsockets/issues/731

7 years agolws_plat_service_tsi: accessing context before checking for NULL
namowen [Fri, 23 Dec 2016 23:57:34 +0000 (07:57 +0800)]
lws_plat_service_tsi: accessing context before checking for NULL

https://github.com/warmcat/libwebsockets/issues/730

7 years agotest server: add -P secs to allow pingpong test
Andy Green [Fri, 23 Dec 2016 23:37:40 +0000 (07:37 +0800)]
test server: add -P secs to allow pingpong test

7 years agoESP8266: LWS_POSIX fixes for basic auth and deprecated context
Andy Green [Thu, 22 Dec 2016 03:32:34 +0000 (11:32 +0800)]
ESP8266: LWS_POSIX fixes for basic auth and deprecated context

7 years agossl-server: Add CONTEXT_PORT_NO_LISTEN_SERVER
Alan Conway [Wed, 21 Dec 2016 01:32:44 +0000 (09:32 +0800)]
ssl-server: Add CONTEXT_PORT_NO_LISTEN_SERVER

Special port setting to disable listening for a server using socket adoption.
This contrasts with CONTEXT_PORT_NO_LISTEN which does the same for a client.

In particular, server-side SSL is not disabled by CONTEXT_PORT_NO_LISTEN_SERVER
as it is by CONTEXT_PORT_NO_LISTEN.

7 years agossl: improved error reporting for SSL_accept.
Alan Conway [Wed, 21 Dec 2016 01:32:25 +0000 (09:32 +0800)]
ssl: improved error reporting for SSL_accept.

The return value from SSL_get_error() is an integer switch value, not an error
code that can be interpreted by ERR_error_string()

Report the error code name, plus errno information if available for
SSL_ERROR_SYSCALL as per man page for SSL_get_error().

7 years agoserver: expose lws_adopt_socket_vhost() as public API
Alan Conway [Wed, 21 Dec 2016 01:32:16 +0000 (09:32 +0800)]
server: expose lws_adopt_socket_vhost() as public API

Allows a socket to be adopted and associated with an existing vhost.
Also added corresponding  lws_adopt_socket_vhost_readbuf()

7 years agocontext deprecation
Andy Green [Thu, 15 Dec 2016 23:37:43 +0000 (07:37 +0800)]
context deprecation

1) This makes lwsws run a parent process with the original permissions.
But this process is only able to respond to SIGHUP, it doesn't do anything
else.

2) You can send this parent process a SIGHUP now to cause it to

 - close listening sockets in existing lwsws processes

 - mark those processes as to exit when the number of active connections
   on the falls to zero

 - spawn a fresh child process from scratch, using latest configuration
   file content, latest plugins, etc.  It can now reopen listening sockets
   if it chooses to, or open different listen ports or whatever.

Notes:

1) lws_context_destroy() has been split into two pieces... the reason for
the split is the first part closes the per-vhost protocols, but since
they may have created libuv objects in the per-vhost protocol storage,
these cannot be freed until after the loop has been run.

That's the purpose of the second part of the context destruction,
lws_context_destroy2().

For compatibility, if you are not using libuv, the first part calls the
second part.  However if you are using libuv, you must now call the
second part from your own main.c after the first part.

7 years agouv: dont try to touch watcher until after loop initialized
Andy Green [Fri, 16 Dec 2016 00:41:16 +0000 (08:41 +0800)]
uv: dont try to touch watcher until after loop initialized

7 years agoecho: fix debug build
Namowen [Thu, 15 Dec 2016 23:02:59 +0000 (07:02 +0800)]
echo: fix debug build

https://github.com/warmcat/libwebsockets/issues/716#issuecomment-267377856

7 years agoclient ssl hostname check: trim any port on host header
Andy Green [Thu, 15 Dec 2016 05:22:40 +0000 (13:22 +0800)]
client ssl hostname check: trim any port on host header

7 years agotest-client: fix broken protocol names
Andy Green [Thu, 15 Dec 2016 05:25:25 +0000 (13:25 +0800)]
test-client: fix broken protocol names

7 years agoipv6-allow-binding-to-ipv6-address-in-iface
Andy Green [Thu, 15 Dec 2016 01:58:20 +0000 (09:58 +0800)]
ipv6-allow-binding-to-ipv6-address-in-iface

ipv4 and ipv6 binding to a named interface works OK.  ipv4 binding to an IP also
works, but we need some extra ipv6 magic to identify the ipv6 interface from an
ipv6 address.

This patch based on code from "user3546716" at
http://stackoverflow.com/questions/13504934/binding-sockets-to-ipv6-addresses

adds the necessary magic.

https://github.com/warmcat/libwebsockets/issues/717

7 years agoclient: if NULL protocol vhost same linked list entry
Andy Green [Thu, 15 Dec 2016 00:33:53 +0000 (08:33 +0800)]
client: if NULL protocol vhost same linked list entry

Lws maintains a linked-list of wsi that are on the same vhost protocol...
it walks it to perform ..._all_protocol() type apis.

Client connections also participate in this list, but in the case the
selected protocol is not given during negotation (a legal case where
the server default protocol is selected) we missed adding the new
ws negotiated client wsi to the list.

This patch makes sure we add the wsi to the vhost protocols[0] list
in that case.

https://github.com/warmcat/libwebsockets/issues/716

7 years agoclient: avoid possible NULL deref on error path
Andy Green [Mon, 12 Dec 2016 12:37:28 +0000 (20:37 +0800)]
client: avoid possible NULL deref on error path

https://github.com/warmcat/libwebsockets/issues/672

7 years agoRFC7233 HTTP Ranges support for server
Andy Green [Mon, 12 Dec 2016 05:36:25 +0000 (13:36 +0800)]
RFC7233 HTTP Ranges support for server

This adds a serverside implementation of RFC7233 HTTP ranges.

 - LWS_WITH_RANGES is on by default at cmake

 - Accept-Ranges: bytes is added if LWS_WITH_RANGES is enabled

 - Both single ranges and multipart (2+) ranges are supported

Test with curl like this

Single

$ $ curl -s -r 64-95  http://localhost:7681/libwebsockets.org-logo.png  | hexdump -C
00000000  2e 01 fd 9d 12 27 00 00  00 19 74 45 58 74 53 6f  |.....'....tEXtSo|
00000010  66 74 77 61 72 65 00 77  77 77 2e 69 6e 6b 73 63  |ftware.www.inksc|

Multipart

$ curl -s -r 64-95,128-143  http://localhost:7681/libwebsockets.org-logo.png  | hexdump -C

00000000  5f 6c 77 73 0d 0a 43 6f  6e 74 65 6e 74 2d 54 79  |_lws..Content-Ty|
00000010  70 65 3a 20 69 6d 61 67  65 2f 70 6e 67 0d 0a 43  |pe: image/png..C|
00000020  6f 6e 74 65 6e 74 2d 52  61 6e 67 65 3a 20 62 79  |ontent-Range: by|
00000030  74 65 73 20 36 34 2d 39  35 2f 37 30 32 39 0d 0a  |tes 64-95/7029..|
00000040  0d 0a 2e 01 fd 9d 12 27  00 00 00 19 74 45 58 74  |.......'....tEXt|
00000050  53 6f 66 74 77 61 72 65  00 77 77 77 2e 69 6e 6b  |Software.www.ink|
00000060  73 63 5f 6c 77 73 0d 0a  43 6f 6e 74 65 6e 74 2d  |sc_lws..Content-|
00000070  54 79 70 65 3a 20 69 6d  61 67 65 2f 70 6e 67 0d  |Type: image/png.|
00000080  0a 43 6f 6e 74 65 6e 74  2d 52 61 6e 67 65 3a 20  |.Content-Range: |
00000090  62 79 74 65 73 20 31 32  38 2d 31 34 33 2f 37 30  |bytes 128-143/70|
000000a0  32 39 0d 0a 0d 0a 05 14  50 40 05 15 a5 c4 60 43  |29......P@....`C|
000000b0  91 c4 4a d4 c4 fc 5f 6c  77 73 0d 00              |..J..._lws..|

The corresponding header part is like this

0x0030:            4854 5450 2f31 2e31 2032 3036      HTTP/1.1.206
0x0040:  200d 0a73 6572 7665 723a 206c 7773 7773  ...server:.lwsws
0x0050:  0d0a 636f 6e74 656e 742d 7479 7065 3a20  ..content-type:.
0x0060:  6d75 6c74 6970 6172 742f 6279 7465 7261  multipart/bytera
0x0070:  6e67 6573 0d0a 6163 6365 7074 2d72 616e  nges..accept-ran
0x0080:  6765 733a 2062 7974 6573 0d0a 636f 6e74  ges:.bytes..cont
0x0090:  656e 742d 6c65 6e67 7468 3a20 3138 380d  ent-length:.188.
0x00a0:  0a63 6163 6865 2d63 6f6e 7472 6f6c 3a20  .cache-control:.
0x00b0:  7072 6976 6174 6520 6d61 782d 6167 653a  private.max-age:
0x00c0:  2036 300d 0a63 6f6e 6e65 6374 696f 6e3a  .60..connection:
0x00d0:  206b 6565 702d 616c 6976 650d 0a65 7461  .keep-alive..eta
0x00e0:  673a 2030 3030 3031 4237 3535 3444 3433  g:.00001B7554D43
0x00f0:  3033 330d 0a0d 0a                        033....

7 years agoclean: usused accidental global wsi
Andy Green [Thu, 8 Dec 2016 23:05:03 +0000 (07:05 +0800)]
clean: usused accidental global wsi

https://github.com/warmcat/libwebsockets/issues/708

7 years agolwsgt: fix check against forgot password flow defeating existing pw check
Andy Green [Thu, 8 Dec 2016 09:32:08 +0000 (17:32 +0800)]
lwsgt: fix check against forgot password flow defeating existing pw check

https://github.com/warmcat/libwebsockets/issues/706

This fixes a problem where the check for the existing pw was
skipped when a logged-in user is changing his password.

It's not good but because the user has to be logged in, it only affected
the situation someone changes his password on his logged in session.

7 years agotoken:x-forwarded-for
Andy Green [Thu, 8 Dec 2016 00:14:15 +0000 (08:14 +0800)]
token:x-forwarded-for

https://github.com/warmcat/libwebsockets/issues/702

7 years agocontext: external_baggage_free_on_destroy
Andy Green [Sat, 3 Dec 2016 23:34:05 +0000 (07:34 +0800)]
context: external_baggage_free_on_destroy

This adds a context creation-time member that points to something
that should be freed when the context is destroyed.

It's in preparation for context deprecation, when a context might
be destroyed asynchronously... a related external with the
lifetime of thee context should also be freed at that time.

Adapt lwsws to use it with the context "strings" (also used for
aligned structs created by the config) allocation.

7 years agobasic-auth
Andy Green [Sat, 3 Dec 2016 07:13:15 +0000 (15:13 +0800)]
basic-auth

7 years agojust finalize startup once
Andy Green [Sat, 3 Dec 2016 07:23:00 +0000 (15:23 +0800)]
just finalize startup once

7 years agovhost: allow adding vhosts after server init
Bablooos [Tue, 29 Nov 2016 23:05:13 +0000 (07:05 +0800)]
vhost: allow adding vhosts after server init

This should allow adding vhosts "late", ie, after the server is up and
running with its initial vhost(s).  The necessary housekeeping is folded
into lws_create_vhost() itself so it should be transparent.

Notice though that at the point the server starts to do service after it
starts initially, if it was requested that the UID / GID change, that
is performed at that point and is not reversible.

So vhosts added "late" find themselves running under the unprivileged
UID / GID from the very start, whereas vhosts added "early" initially
run under the UID / GID the process started with.  If protocols the
vhost uses want to, eg, open privileged files at init and then use
them unprivileged, that will fail if the vhost is added late because
the initial privs are already gone.

AG: also deal with lws_protocol_init() on late vhost init (does the
callbacks for per vh protocol creation), add comments

7 years agoUpdate CMakeLists.txt for BSD + libdl
Bablooos [Tue, 29 Nov 2016 12:45:37 +0000 (20:45 +0800)]
Update CMakeLists.txt for BSD + libdl

Fixing build failure of libwebsockets-test-fraggle  on FreeBSD when LWS_WITH_PLUGINS.
Solution: FreeBSD has no libdl

7 years agogeneric-sessions: move auth level check to after mount protocol selection
Andy Green [Sat, 26 Nov 2016 12:46:04 +0000 (20:46 +0800)]
generic-sessions: move auth level check to after mount protocol selection

7 years agows-server: restrict returned Sec-Websocket-Protocol to the chosen name only
Andy Green [Sat, 26 Nov 2016 01:50:40 +0000 (09:50 +0800)]
ws-server: restrict returned Sec-Websocket-Protocol to the chosen name only

https://libwebsockets.org/pipermail/libwebsockets/2016-November/002948.html

Updated to fix a problem with no protocol

https://github.com/warmcat/libwebsockets/issues/705

7 years agoserver: portable option for setsockopt
Iblis Lin [Wed, 23 Nov 2016 15:02:13 +0000 (23:02 +0800)]
server: portable option for setsockopt

From linux ipv6(7) manual (section `Note`):

        SOL_IP, SOL_IPV6, SOL_ICMPV6 and other SOL_* socket options are
        nonportable variants of IPPROTO_*.  See also ip(7).

Ref: http://man7.org/linux/man-pages/man7/ipv6.7.html

7 years agoclient stash: update path variable to larger size
sjames1958gm [Mon, 21 Nov 2016 15:23:17 +0000 (09:23 -0600)]
client stash: update path variable to larger size

7 years agolws_socket_bind: use lws_sockfd_type
Andy Green [Wed, 16 Nov 2016 00:59:47 +0000 (08:59 +0800)]
lws_socket_bind: use lws_sockfd_type

7 years agoclient: protect againt losing ah by lws_client_connect_2
Andy Green [Tue, 15 Nov 2016 08:33:18 +0000 (16:33 +0800)]
client: protect againt losing ah by lws_client_connect_2

7 years agopost file upload: dont lose sight of end of upload just because we hit end of incomin...
Andy Green [Mon, 14 Nov 2016 10:13:39 +0000 (18:13 +0800)]
post file upload: dont lose sight of end of upload just because we hit end of incoming post data

7 years agodocs update
Andy Green [Mon, 14 Nov 2016 10:12:31 +0000 (18:12 +0800)]
docs update

7 years agoAdded flag to allow expired certificates.
Joachim Bauch [Fri, 11 Nov 2016 11:19:53 +0000 (12:19 +0100)]
Added flag to allow expired certificates.

7 years agoBetter support for MINW32
Rainer Poisel [Mon, 7 Nov 2016 20:36:05 +0000 (21:36 +0100)]
Better support for MINW32

7 years agoFrom 7f84bc3e864b52eb13c670362a4b53bc3505393e Mon Sep 17 00:00:00 2001
Yannick Kiekens [Thu, 3 Nov 2016 09:03:18 +0000 (10:03 +0100)]
From 7f84bc3e864b52eb13c670362a4b53bc3505393e Mon Sep 17 00:00:00 2001
Subject: [PATCH] Fix typo in lws_create_context documentation

7 years agoclient: add lws_http_client_http_response api
Andy Green [Fri, 21 Oct 2016 15:12:21 +0000 (23:12 +0800)]
client: add lws_http_client_http_response api

7 years agoclient: treat 304 like 200
Andy Green [Fri, 21 Oct 2016 14:39:00 +0000 (22:39 +0800)]
client: treat 304 like 200

7 years agoalias lws_plat_service_tsi to lws_service_tsi in public api
Andy Green [Thu, 20 Oct 2016 01:09:56 +0000 (09:09 +0800)]
alias lws_plat_service_tsi to lws_service_tsi in public api

Via Dosvald

lws_service_tsi() which has been around a while actually just
calls through to lws_plat_service_tsi(), meaning there is no
need to expose both apis.

Rename the internal lws_plat_service_tsi() to _lws_plat_service_tsi()
and replace the api export with a #define to lws_service_tsi for
compatibility's sake.

8 years agoAdd reject service keywords list
Andy Green [Wed, 12 Oct 2016 22:32:57 +0000 (06:32 +0800)]
Add reject service keywords list

8 years agoadjust_timeout: with default lws_plat_service_tsi allow beings passed 0 timeout
Andy Green [Mon, 10 Oct 2016 12:34:34 +0000 (20:34 +0800)]
adjust_timeout: with default lws_plat_service_tsi allow beings passed 0 timeout

Some people are calling service with zero timeout, taking care of
not busywaiting by some other external arrangements.

Adapt the forced service signalling to survive this.

8 years agosome compilers need void param explicitly
Joerg Pommnitz [Mon, 10 Oct 2016 12:10:39 +0000 (20:10 +0800)]
some compilers need void param explicitly

8 years agoCorrect the library name of LIBHUBBUB_LIBRARIES
Yuchen Xie [Mon, 10 Oct 2016 12:10:34 +0000 (20:10 +0800)]
Correct the library name of LIBHUBBUB_LIBRARIES

It should be `hubbub` in `find_library` to make the function work.

8 years agodocs: explain lws_write handling of truncated sends better
Andy Green [Sat, 8 Oct 2016 10:08:03 +0000 (18:08 +0800)]
docs: explain lws_write handling of truncated sends better

8 years agopublicly document lws_service_fd timeout servicing
Denis Osvald [Fri, 7 Oct 2016 09:27:46 +0000 (11:27 +0200)]
publicly document lws_service_fd timeout servicing

Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
8 years agotest-server-extpoll: add 1-per-second timeout servicing
Denis Osvald [Thu, 6 Oct 2016 13:45:25 +0000 (15:45 +0200)]
test-server-extpoll: add 1-per-second timeout servicing

Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
8 years agotest-server-extpoll: check for forced service before looping again
Denis Osvald [Fri, 7 Oct 2016 08:57:02 +0000 (10:57 +0200)]
test-server-extpoll: check for forced service before looping again

Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
8 years agov2.1.0
Andy Green [Thu, 6 Oct 2016 13:48:20 +0000 (21:48 +0800)]
v2.1.0

Bump soname to 9

8 years agoextpoll: expose forced service apis
Andy Green [Thu, 6 Oct 2016 19:19:17 +0000 (03:19 +0800)]
extpoll: expose forced service apis

8 years agoupdate attack.sh
Andy Green [Thu, 6 Oct 2016 12:40:28 +0000 (20:40 +0800)]
update attack.sh

Lws cares about trailing \n on a lot of these tests now.  Make it check it still cares on one and remove
the trailing \n on the others.

There's 2 changes in the results about /..//?, it seems to apply / to uri arg 1.  But it doesn't seem
to make a problem so just adapt the results for now.

8 years agoubuntu: fix uv detection for lwsws
Andy Green [Wed, 5 Oct 2016 05:49:46 +0000 (13:49 +0800)]
ubuntu: fix uv detection for lwsws

8 years agotravis: explicitly point to openssl on osx
Andy Green [Wed, 5 Oct 2016 01:52:39 +0000 (09:52 +0800)]
travis: explicitly point to openssl on osx

One day this started failing at CMake autofind. This forces it to look at the right place.

8 years agofix cosmetic if end if name tag error
Andy Green [Wed, 5 Oct 2016 02:15:16 +0000 (10:15 +0800)]
fix cosmetic if end if name tag error

8 years agoclosing drops any pending ah rx immediately
Andy Green [Tue, 4 Oct 2016 10:05:10 +0000 (18:05 +0800)]
closing drops any pending ah rx immediately

8 years agoport forced service checking from libuv
Andy Green [Tue, 4 Oct 2016 00:39:14 +0000 (08:39 +0800)]
port forced service checking from libuv

Related to second part of

https://github.com/warmcat/libwebsockets/issues/638

8 years agopost form parsing fix retry as new boundary start needed after mismatching boundary
Andy Green [Tue, 4 Oct 2016 00:24:00 +0000 (08:24 +0800)]
post form parsing fix retry as new boundary start needed after mismatching boundary

https://github.com/warmcat/libwebsockets/issues/641

8 years agoRemove the cleanup functions with OpenSSL 1.1.
Peter Pentchev [Sat, 1 Oct 2016 23:21:20 +0000 (02:21 +0300)]
Remove the cleanup functions with OpenSSL 1.1.

The thread support in OpenSSL has been rewritten almost completely
and the cleanup functions are now executed automatically.

8 years agoSubject: Fix some typographical and grammatical errors.
Peter Pentchev [Sat, 1 Oct 2016 23:21:03 +0000 (02:21 +0300)]
Subject: Fix some typographical and grammatical errors.

8 years agolws_header_table_reset: make caller responsibility to clear down ah rx buffer
Andy Green [Thu, 29 Sep 2016 02:31:06 +0000 (10:31 +0800)]
lws_header_table_reset: make caller responsibility to clear down ah rx buffer

There are two kinds of reaason to call lws_header_table_reset(), one is we are reallocating
a destroyed ah to another wsi, and the other is we are moving to the next pipelined header set
still on the same wsi, and we need a "weaker" reset that only clears down the state related
to the header parsing, not everything about the ah context including the ah rx buffer.

This patch moves the ah rxbuffer rxpos and rxlen resetting out of lws_header_table_reset() and to
be the responsibility of the caller.  Callers who are moving the ah to another wsi are
patched to deal with resetting rxpos and rxlen and lws_http_transaction_completed() who only
resets the ah when moving to the next pipelined headers, no longer wrongly clears the ah rxbuf.

https://github.com/warmcat/libwebsockets/issues/638

8 years agoAdded option to build the static library with PIC
Brown, Matthew [Mon, 26 Sep 2016 21:32:40 +0000 (05:32 +0800)]
Added option to build the static library with PIC

8 years agofix build problem on systems without X509_VERIFY_PARAM type
Benjamin Ness [Mon, 26 Sep 2016 19:18:16 +0000 (14:18 -0500)]
fix build problem on systems without X509_VERIFY_PARAM type

8 years agoAdd SVG to lws_get_mimetype()
Patrick Gansterer [Thu, 22 Sep 2016 22:04:40 +0000 (00:04 +0200)]
Add SVG to lws_get_mimetype()

8 years agolwsws license to cc0
Andy Green [Mon, 19 Sep 2016 11:16:47 +0000 (19:16 +0800)]
lwsws license to cc0

https://github.com/warmcat/libwebsockets/issues/629

8 years agolws_snprintf
Andy Green [Wed, 14 Sep 2016 18:22:57 +0000 (02:22 +0800)]
lws_snprintf

Thanks to Fabrice Gilot for reporting the problem that led to uncovering this.

Due to a misunderstanding of the return value of snprintf (it is not truncated according
to the max size passed in) in several places relying on snprintf to truncate the length
overflows are possible.

This patch wraps snprintf with a new lws_snprintf() which does truncate its length to allow
the buffer limiting scheme to work properly.

All users should update with these fixes.

8 years agohandle rx flow control active when consuming payload
Andy Green [Fri, 9 Sep 2016 20:43:07 +0000 (04:43 +0800)]
handle rx flow control active when consuming payload

https://github.com/warmcat/libwebsockets/issues/622

8 years agogeneric-table: format-security
Andy Green [Fri, 9 Sep 2016 20:27:27 +0000 (04:27 +0800)]
generic-table: format-security

https://github.com/warmcat/libwebsockets/issues/624

8 years agolws_status protect against pss list changing
Andy Green [Fri, 9 Sep 2016 14:15:43 +0000 (22:15 +0800)]
lws_status protect against pss list changing

8 years agoadopt_socket_vhost: error path doesn't remove us from timeout list
Andy Green [Fri, 9 Sep 2016 00:29:32 +0000 (08:29 +0800)]
adopt_socket_vhost: error path doesn't remove us from timeout list

As found by "github user 7"

https://github.com/warmcat/libwebsockets/issues/621

8 years agoDo not use ps fax on Solaris.
Fredrik Skogman [Thu, 8 Sep 2016 22:51:43 +0000 (06:51 +0800)]
Do not use ps fax on Solaris.

8 years agoUpdated test programs to build on Solaris. Some whitespaces cleanup.
Fredrik Skogman [Thu, 8 Sep 2016 22:50:41 +0000 (06:50 +0800)]
Updated test programs to build on Solaris. Some whitespaces cleanup.

8 years agoAdded build support for Solaris.
Fredrik Skogman [Thu, 8 Sep 2016 22:49:44 +0000 (06:49 +0800)]
Added build support for Solaris.

8 years agoCheck for sys/sockio.h.
Fredrik Skogman [Thu, 8 Sep 2016 22:48:24 +0000 (06:48 +0800)]
Check for sys/sockio.h.

8 years agoclient http: extra read notification after close
Andy Green [Tue, 6 Sep 2016 07:36:51 +0000 (15:36 +0800)]
client http: extra read notification after close

https://github.com/warmcat/libwebsockets/issues/620

8 years agowindows: WCHAR in lws_plat_inet_ntop needs double the final allocation
Andy Green [Mon, 5 Sep 2016 07:03:37 +0000 (15:03 +0800)]
windows: WCHAR in lws_plat_inet_ntop needs double the final allocation

https://github.com/warmcat/libwebsockets/issues/619

8 years agocoverity 169276-9 - false positive assuming 8b char: char limits index size
Andy Green [Sun, 28 Aug 2016 01:39:21 +0000 (09:39 +0800)]
coverity 169276-9 - false positive assuming 8b char: char limits index size

8 years agocoverity 169274 - lwsgt dirlisting ignore files that cant be statted
Andy Green [Sun, 28 Aug 2016 01:34:27 +0000 (09:34 +0800)]
coverity 169274 - lwsgt dirlisting ignore files that cant be statted

8 years agocoverity 169273 - off-by-one on cgi chunking swallow limit
Andy Green [Sun, 28 Aug 2016 01:28:55 +0000 (09:28 +0800)]
coverity 169273 - off-by-one on cgi chunking swallow limit

8 years agocoverity 169272 - off-by-one possible on CGI buffer limit
Andy Green [Sun, 28 Aug 2016 01:24:06 +0000 (09:24 +0800)]
coverity 169272 - off-by-one possible on CGI buffer limit

8 years agocoverity 169271 - take care about sockfd of -1 on close
Andy Green [Sun, 28 Aug 2016 01:21:56 +0000 (09:21 +0800)]
coverity 169271 - take care about sockfd of -1 on close

8 years agocoverity 169269 - dont issue NULL cce
Andy Green [Sun, 28 Aug 2016 01:18:17 +0000 (09:18 +0800)]
coverity 169269 - dont issue NULL cce

8 years agocoverity 169268 + 169270- dead code plus repeat NULL check on error path
Andy Green [Sun, 28 Aug 2016 01:15:26 +0000 (09:15 +0800)]
coverity 169268 + 169270- dead code plus repeat NULL check on error path

8 years agocoverity 169275 - lwsgt check string bounds
Andy Green [Sun, 28 Aug 2016 01:12:39 +0000 (09:12 +0800)]
coverity 169275 - lwsgt check string bounds

8 years agocoverity 169267 - lwsgt strncpy may fill buffer without NUL
Andy Green [Sun, 28 Aug 2016 01:10:40 +0000 (09:10 +0800)]
coverity 169267 - lwsgt strncpy may fill buffer without NUL