Graydon, Tracy [Fri, 31 Jan 2014 23:43:11 +0000 (18:43 -0500)]
Add the .gbs.conf needed to submit from new branch
Kevron Rees [Tue, 18 Jun 2013 18:09:28 +0000 (11:09 -0700)]
updated chlog for push to tizen
Kevron Rees [Mon, 3 Jun 2013 18:04:37 +0000 (11:04 -0700)]
sumbitting to tizen
Rusty Lynch [Fri, 10 May 2013 20:56:58 +0000 (13:56 -0700)]
Switching to cmake based builds
The autogen.sh script in this project is pretty horrific and
no longer building on Tizen 3.0 so switch over to the cmake build
along with a quick fix
Kevron Rees [Thu, 7 Mar 2013 21:38:40 +0000 (13:38 -0800)]
updated chlog
Kevron Rees [Thu, 7 Mar 2013 21:37:49 +0000 (13:37 -0800)]
Merge branch '2.0' of tizen:profile/ivi/libwebsockets into 2.0
Kevron Rees [Thu, 7 Mar 2013 21:23:11 +0000 (13:23 -0800)]
pkgconfig install
Kevron Rees [Thu, 7 Mar 2013 21:15:28 +0000 (13:15 -0800)]
updated spec fixed pkgconfig
Kevron Rees [Thu, 7 Mar 2013 21:10:40 +0000 (13:10 -0800)]
updated spec enabled ssl
Kevron Rees [Thu, 7 Mar 2013 21:08:22 +0000 (13:08 -0800)]
updated spec
Kevron Rees [Thu, 7 Mar 2013 21:07:32 +0000 (13:07 -0800)]
updated spec
Arokux B [Tue, 5 Mar 2013 00:41:47 +0000 (08:41 +0800)]
fix win32helpers gettimeofday epoch
Signed-off-by: Arokux B <arokux@gmail.com>
Andy Green [Thu, 28 Feb 2013 09:11:29 +0000 (17:11 +0800)]
trace 22 fix zero length close from client
close() from javascript api in Chrome and Firefox doesn't do the
right thing. It's because the payload is zero-length (with a frame
key...) This fixes it.
Reported-by: 巫书轶
Signed-off-by: Andy Green <andy.green@linaro.org>
Arokux B [Thu, 28 Feb 2013 01:25:02 +0000 (09:25 +0800)]
cmake mingw no need for websock w32
2. Comment out this line
http://git.warmcat.com/cgi-bin/cgit/libwebsockets/tree/CMakeLists.txt#n279
the file websock-w32.c is already compiled indirectly from libwebsockets.c
Signed-off-by: Arokux B <arokux@gmail.com>
Andy Green [Thu, 28 Feb 2013 01:22:38 +0000 (09:22 +0800)]
normalize formatting in gettimeofday
Signed-off-by: Andy Green <andy.green@linaro.org>
Arokux B [Thu, 28 Feb 2013 01:18:38 +0000 (09:18 +0800)]
fix win32 gettimeofday for mingw
here are the problems that I found while compiling libwebsockets with
CMake using as a generator MinGW Makefiles.
1. In http://git.warmcat.com/cgi-bin/cgit/libwebsockets/plain/win32port/win32helpers/gettimeofday.c
Remove spaces around time.h, otherwise it looks for " time.h " and
fails with "No such file ..."
I also needed to comment out
struct timezone
{
int tz_minuteswest; /* minutes W of Greenwich */
int tz_dsttime; /* type of dst correction */
};
It is already declared in mingw's time.h
Signed-off-by: Arokux B <arokux@gmail.com>
Andy Green [Tue, 26 Feb 2013 03:58:45 +0000 (11:58 +0800)]
cmake lib lib64 problem
As discussed here, there's a semi-standardized way to inform
cmake that the install target wants its libs in .../lib64
https://code.google.com/p/bullet/issues/detail?id=174
this patch adds the necessary fiddling
Signed-off-by: Andy Green <andy.green@linaro.org>
Luc [Sat, 23 Feb 2013 03:01:21 +0000 (11:01 +0800)]
fix mime type on leaf header
Signed-off-by: Luc <luc@honk-honk.com>
Andy Green [Sat, 23 Feb 2013 02:50:10 +0000 (10:50 +0800)]
reflect send completeness in lws_write return
under load, writing packet sizes to the socket that are normally fine
can do partial writes, eg asking to write 4096 may only take 2800 of
it and return 2800 from the actual send.
Until now lws assumed that if it was safe to send, it could take any
size buffer, that's not the case under load.
This patch changes lws_write to return the amount actually taken...
that and the meaning of it becomes tricky when dealing with
compressed links, the amount taken and the amount sent differ. Also
there is no way to recover at the moment from a protocol-encoded
frame only being partially accepted... however for http file send
content it can and does recover now.
Small frames don't have to take any care about it but large atomic
sends (> 2K) have been seen to fail under load.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Fri, 22 Feb 2013 01:54:35 +0000 (09:54 +0800)]
move ssl cipher list from compiletime to context creation time option
More flexible this way... NULL for the new member means use
the ssl library default set of ciphers, so as long as your info
struct is zerod by bss or memset, you don't need to do anything
about this change unless you want to set the cipher list.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Fri, 22 Feb 2013 01:38:54 +0000 (09:38 +0800)]
remove MAX_HEADER_NAME_LENGTH from header
Still lurking aound as a ghost after all real usess of it
were removed with the minilex changes.
Signed-off-by: Andy Green <andy.green@linaro.org>
Joakim Soderberg [Fri, 22 Feb 2013 01:28:17 +0000 (09:28 +0800)]
Fix running test programs from within visual studio.
Copy test-server data to a path so that we can run the test-server from
within visual studio without having to copy stuff around.
Joakim Soderberg [Fri, 22 Feb 2013 01:28:15 +0000 (09:28 +0800)]
Print SSL error codes as well as the string.
CYASSL doesn't compile with the error strings in some configurations, so
it is nice to have the error code on SSL errors as well.
Joakim Söderberg [Fri, 22 Feb 2013 01:28:13 +0000 (09:28 +0800)]
Set the _DEBUG macro for CMake also.
Joakim Soderberg [Fri, 22 Feb 2013 01:28:11 +0000 (09:28 +0800)]
Fixed ssl cert generation on Windows.
Joakim Soderberg [Fri, 22 Feb 2013 01:28:08 +0000 (09:28 +0800)]
Added CPack support + some more.
- "make dist" will now produce a tar.gz file. This includes everything (not really what we want but a start).
- Got rid of a bunch of defines and variables that aren't used.
- Added the option LINK_TESTAPPS_DYNAMIC that enables linking to the shared library version of the lib for the test apps, instead of doing it statically like the default is.
- Fixed proper support for the --prefix stuff (-DCMAKE_INSTALL_PREFIX for cmake). (Don't specify /usr/local explicitly, that is the default anyway and will break other platforms).
- Note: I noticed a problem with the "INSTALL_DATADIR" define used by the test-apps. Since we hard code the path to the certs using this, doing "DESTDIR=/bla make install" will result in not being able to use the SSL mode for the test-apps since they won't find the certs. (This also applies to the autoconf project). Fixed this by setting "../share" as the default location instead of using the prefix.
Joakim Soderberg [Fri, 22 Feb 2013 01:28:06 +0000 (09:28 +0800)]
BUGFIX: Fixed bug for installing test-apps for CMake.
Appending to the TEST_APP_LIST variable function did not work from within the create_test_app function (It would create a function scope variable with the same name and discard it). We instead need to use a macro for this.
The previous commit also removed the duplicate install for the test-apps (because we want all the install steps in one place in the file for clarity). That change made it obvious that the TEST_APP_LIST never gets populated.
Joakim Soderberg [Fri, 22 Feb 2013 01:28:04 +0000 (09:28 +0800)]
Fixed CMake compile options.
Fixed so that the build options for the CMake project works:
- The test apps used the LWS_NO_EXTENSIONS define, so they needed lws_config.h included when building using CMake.
- Rename some options so that individual test apps can be turned off.
- Separate building the test-client/test-server and compiling the server/client parts into the lib.
- Don't include server or client specific sources into the build if they shouldn't be built.
- Added an error if both client and server parts are excluded at the same time (makes no sense).
- Removed duplicate install targets for the test apps.
- Commented out the WITH_LIBCRYPTO option since it isn't used at the moment.
Joakim Soderberg [Fri, 22 Feb 2013 01:28:02 +0000 (09:28 +0800)]
getifaddrs missing more user friendly in CMake.
Don't require the user to enable using the built-in BSD getifaddrs implementation on systems such as uclibc that lacks it manually.
Instead if getifaddrs doesn't exist, use the BSD one automatically, except if the user explicitly tells the user not to do this using WITHOUT_BUILTIN_GETIFADDRS (which will result in a compilation error, but at least with a nice error message explaining why).
Joakim Soderberg [Fri, 22 Feb 2013 01:27:59 +0000 (09:27 +0800)]
Fix LWS_NO_SERVER build.
"int n" was used also when server parts are not compiled, so don't put it inside the LWS_NO_SERVER ifdef.
Joakim Soderberg [Fri, 22 Feb 2013 01:27:57 +0000 (09:27 +0800)]
Bugfix compiling for cross compiling.
! does not mean NOT, use NOT instead :)
Larry Hayes [Fri, 22 Feb 2013 01:16:20 +0000 (09:16 +0800)]
keepalive swap interval and probes
The interval and probes members for setting keepalive options
per-connection on Linux were swapped.
Signed-off-by: Larry Hayes <lhayesg@gmail.com>
Edwin van den Oetelaar [Wed, 20 Feb 2013 12:56:59 +0000 (20:56 +0800)]
provide socketfd at in param for LWS_CALLBACK_FILTER_NETWORK_CONNECTION
Signed-off-by: Edwin van den Oetelaar <oetelaar.automatisering@gmail.com>
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Wed, 20 Feb 2013 11:11:31 +0000 (19:11 +0800)]
trac 18 deal with service connection timing out
While looking at http://libwebsockets.org/trac/ticket/18
noticed the flow for timeout in service_fd will do bad things
if the fd we came to service has timed out. It gets freed and
then "serviced'.
Reported-by: Joakim Soderberg <joakim.soderberg@gmail.com>
Signed-off-by: Andy Green <andy.green@linaro.org>
Edwin van den Oetelaar [Tue, 19 Feb 2013 18:08:51 +0000 (02:08 +0800)]
cmake fix for older cmake
AG this wasn't needed on cmake 2.8.10.2 but did not make any
problem either
Signed-off-by: Edwin van den Oetelaar <oetelaar.automatisering@gmail.com>
Andy Green [Tue, 19 Feb 2013 11:19:51 +0000 (19:19 +0800)]
update missed extpoll calls to use correct args for ssl
http://libwebsockets.org/trac/ticket/15#comment:16
Reported-by: Joakim Soderberg <joakim.soderberg@gmail.com>
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 19 Feb 2013 02:26:39 +0000 (10:26 +0800)]
cmake docs add note about prefix
Signed-off-by: Andy Green <andy.green@linaro.org>
Joakim Söderberg [Tue, 19 Feb 2013 02:14:54 +0000 (10:14 +0800)]
Create the "doc" dir before generating docs.
The documentation wouldn't be generated if the path didn't exist.
Joakim Söderberg [Tue, 19 Feb 2013 02:14:37 +0000 (10:14 +0800)]
Added "make install" support to the CMake project.
- Does everything as the autoconf script does (I think).
- Generates SSL certs for the test-server
- Installs all test apps.
- Defaults to /usr/local/
- "DESTDIR=/bla make install" works
- Append "libwebsockets" to start of the test-app names like the autoconf stuff does.
- Only tested on OSX so far...
Andy Green [Tue, 19 Feb 2013 02:01:48 +0000 (10:01 +0800)]
trac 17 update set_log_level api notice
http://libwebsockets.org/trac/ticket/17
Reported-by: dbrnz
Signed-off-by: Andy Green <andy.green@linaro.org>
Edwin van den Oetelaar [Mon, 18 Feb 2013 12:20:05 +0000 (20:20 +0800)]
move cms cmake addition to cmake module paths earlier
Signed-off-by: Edwin van den Oetelaar <oetelaar.automatisering@gmail.com>
Andy Green [Mon, 18 Feb 2013 10:34:10 +0000 (18:34 +0800)]
add FindGit.cmake
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 18 Feb 2013 08:54:26 +0000 (16:54 +0800)]
document ensure_user_space going private
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 18 Feb 2013 08:30:10 +0000 (16:30 +0800)]
remove lws_ensure_user_space from public api change return
The function has a logical problem when the size of the requested
allocation is 0, it will return NULL which is overloaded as
failure.
Actually the whole function is evil as an api, this patch moves
it out of the public API space and fixes it to return 0 for
success or 1 for fail. Private code does not need to to return
wsi->user_space and public code should only get that from the
callback as discussed on trac recently.
Thanks to Edwin for debugging the problem.
Reported-by: Edwin van den Oetelaar <oetelaar.automatisering@gmail.com>
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 18 Feb 2013 04:08:15 +0000 (12:08 +0800)]
update arm build stats
Clean out the historical numbers, update info
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 18 Feb 2013 04:02:18 +0000 (12:02 +0800)]
trim proxy ads plus hostname stg
128 should be fine for hostname and proxy ads
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 18 Feb 2013 03:32:49 +0000 (11:32 +0800)]
restrict http send buffer to 4096
send() is able to complete but not send everything asked...
we don't deal with that yet. On an ARM9 board, leaf.jpg
failed because the send() only accepted 7240 of 8192... not
a failure but it implies reporting partial send to the
caller. Work around by keeping the send buffer at 4096.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 18 Feb 2013 02:43:18 +0000 (10:43 +0800)]
fix no extensions build
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 18 Feb 2013 02:38:45 +0000 (10:38 +0800)]
migrate client hs and c_port into ah
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 18 Feb 2013 02:34:25 +0000 (10:34 +0800)]
minor type optimizations
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 18 Feb 2013 02:29:22 +0000 (10:29 +0800)]
remove current_alloc_len
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 18 Feb 2013 02:22:42 +0000 (10:22 +0800)]
remove header name buffer
The header name buffer and its max length handling has actually
been unused since the minilex parser was introduced. We hold
parsing state in the lex-type parts and don't need to store or
worry about max length, since the parser will let us know as
soon as it can't be a match for the valid header names.
This strips it out reducing the per-connection allocation for
x86_64 with default configure from 224 to 160.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 18 Feb 2013 01:48:31 +0000 (09:48 +0800)]
handle http union transition properly
There's no proper transition to http union state until now.
It only becomes apparant there's a problem when you try to
return -1 from the HTTP callback, during the close action
it will try to close() a nonsense, nonzero fd pointer in
the uninitialized u.http union member.
This patch takes a copy of the allocated headers struct from
the u.hdr union state, transitions to u.http clearing down u
and then calls the HTTP callback with URI args pointing to
the still-in-scope ah allocation. After the call, the copy ah
is freed.
That makes sure we are in the correct union state while still
giving the HTTP callback access to the URI without having to
copy it around.
Reported-by: Edwin can den Oetelaar <oetelaar.automatisering@gmail.com>
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Sun, 17 Feb 2013 01:14:08 +0000 (09:14 +0800)]
test server kill skt with minus 1
The client spams the server with mirror protocol content
and then closes the connection. However the server wants to
send that content back to all the mirror protocol
connections, including the one that closed.
The result is during the send back phase we usually see an
error trying to send to the close client connection. Because
we don't return -1, we don't close it on server side and the
error repeats a lot before finally closing. This is a side-
effect of a recent patch to drain pending input before
really closing a dead connection.
This patch just changes it to return -1 on the failed send
attempt assertively closing the connection.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Sat, 16 Feb 2013 02:17:52 +0000 (10:17 +0800)]
handle any POLLIN before error
See if this can impact http://libwebsockets.org/trac/ticket/16
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Fri, 15 Feb 2013 14:48:58 +0000 (22:48 +0800)]
close if we tried to close politely just close next time
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Fri, 15 Feb 2013 14:36:30 +0000 (22:36 +0800)]
api change deliver socket fd to in param of extpoll callbacks
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Fri, 15 Feb 2013 14:32:53 +0000 (22:32 +0800)]
problems in lws_handle_POLLOUT_event should just close
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Fri, 15 Feb 2013 14:31:55 +0000 (22:31 +0800)]
robustness protect and document ensure_user_space
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Fri, 15 Feb 2013 02:25:58 +0000 (10:25 +0800)]
README.coding add note about closing connections
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 14 Feb 2013 15:06:37 +0000 (23:06 +0800)]
add by hand http send example
This adds a demonstration of how to use the http nonblocking
send action to the test server.
If you ask for /leaf.jpg from the test server, it will send
"by hand" a 2.4MB jpeg in HTTP, including the headers. See
the test server sources to see how it is done.
Although it's a file, and a jpeg image, actually the exact
same scheme will work for any data or mime type.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 14 Feb 2013 15:18:10 +0000 (23:18 +0800)]
create user alloc for http if requested
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 14 Feb 2013 14:23:54 +0000 (22:23 +0800)]
introduce LWS_CALLBACK_HTTP_WRITEABLE
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 14 Feb 2013 09:11:22 +0000 (17:11 +0800)]
just get hostname into canonical_hostname
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 14 Feb 2013 06:15:58 +0000 (14:15 +0800)]
fragge able to send chunks larger than rx buffer
This now exercises the code for dealing with rx that spills over
the rx buffer. Single fraggle uses the default rx buffer size
of 4096, it also now exercises code around that.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 14 Feb 2013 03:25:44 +0000 (11:25 +0800)]
unstaged server changes
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 14 Feb 2013 03:23:49 +0000 (11:23 +0800)]
update 1.21 changelog
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Thu, 14 Feb 2013 02:18:31 +0000 (10:18 +0800)]
check for default protocol rx buf limit
This fixes
http://libwebsockets.org/trac/ticket/13
When using the default rx protocol buffer, the check is
performed against 0 not the default length. That's the
case both in client and server code...
There's no problem if you actually give a max frame size
in the protocol definition.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Wed, 13 Feb 2013 03:54:08 +0000 (11:54 +0800)]
update changelog
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Wed, 13 Feb 2013 03:44:20 +0000 (11:44 +0800)]
fix missing cr from closing log
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Wed, 13 Feb 2013 01:34:53 +0000 (09:34 +0800)]
update echo to use externsion getting api
Signed-off-by: Andy Green <andy.green@linaro.org>
Joakim Soderberg [Wed, 13 Feb 2013 01:29:26 +0000 (09:29 +0800)]
Fixed DLL compilation on Windows for CMake.
- Define LWS_DLL and LWS_INTERNAL when websockets_shared is compiled.
- The websocket_shared target compiles to websocket.lib / websocket.dll
(websocket.lib contains the exported functions for websocket.dll, and is
the file that is linked to when a program wants to use the dll)
- The websocket target compiles to websocket_static.lib on windows.
- Replaced any "extern" with "LWS_EXTERN" on libwebsockets.h for proper
DLL function exports.
- Created a LIB_LIST with all the libwebsocket dependencies, instead of
multiple calls to target_link_libraries, only one call is made for both
the static and shared library version. This makes it easy to add other
variants if wanted in the future.
- Added ZLIB as a dependency for the libs, so that the build order will be
correct at all times.
- Added a dependency for the websockets lib to the test apps, so it is
built before them.
- Fixed the test-server-extpoll app to include the emulated_poll, and link
to winsock on Windows.
- Removed the global export of libwebsocket_internal_extensions, and added
a function libwebsocket_get_internal_extensions() that returns it
instead. Using the global would not work with the DLL export on Windows.
Joakim Soderberg [Wed, 13 Feb 2013 01:29:17 +0000 (09:29 +0800)]
Fixed soname and build shared lib for CMake.
- Build a shared version of the library (used to be only static).
- Set the so version name properly since the ABI has changed for version 1.2
Joakim Soderberg [Wed, 13 Feb 2013 01:29:09 +0000 (09:29 +0800)]
Added so-version information to the lib.
Andy Green [Wed, 13 Feb 2013 01:08:43 +0000 (09:08 +0800)]
disable fstack usage
It's only workable on gcc 4.6+... and in fact it's only
going to be interesting typically to the maintainer, so it's
commented out in Makefile.am.
Currently the worst remaining ones for x86_64 are
libwebsockets.c:2250:6:_lws_log 496 static
libwebsockets.c:2203:13:lwsl_emit_stderr 352 static
client.c:700:1:libwebsockets_generate_client_handshake 320 static
server.c:42:1:libwebsockets_decode_ssl_error 288 static
server-handshake.c:31:1:handshake_0405 272 static
client.c:368:1:lws_client_interpret_server_handshake 272 static
libwebsockets.c:447:1:libwebsockets_get_peer_addresses 256 static
daemonize.c:93:1:lws_daemonize 240 static
output.c:536:5:libwebsockets_serve_http_file 224 static
sha-1.c:131:1:sha1_step 192 static
sha-1.c:316:1:SHA1 160 static
libwebsockets.c:1604:1:libwebsocket_create_context 160 static
The top two there are error assembly buffers, they could be made
static but then they won't be usable from threaded user code.
Reported-by: Anders Brander <anders@brander.dk>
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 12 Feb 2013 14:44:43 +0000 (22:44 +0800)]
echo test app needs different lockfile
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 12 Feb 2013 07:48:00 +0000 (15:48 +0800)]
update rpm specfile
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 12 Feb 2013 04:56:05 +0000 (12:56 +0800)]
introduce attack script
Seems like it would be a good idea to try to mess with the
server at least before someone else does it for us
Just run the script
$ test-server/attack.sh
it will spawn a test server and fire things at it. If you
see the end result
---- survived
then you should be OK.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 12 Feb 2013 05:10:19 +0000 (13:10 +0800)]
security disallow repeated GET
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 12 Feb 2013 04:52:39 +0000 (12:52 +0800)]
security harden http parser a bit
Drop the connection during parsing for a few more cases that can't be legit.
Take care about trying to free rxflow_buffer only if we reached a connmode
where it exists
Change behaviour on setting unknown HTTP method to kill connection
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 12 Feb 2013 04:53:36 +0000 (12:53 +0800)]
fix another escaape runon
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 12 Feb 2013 02:50:49 +0000 (10:50 +0800)]
add cyassl keepalive valgrind minimal mem to changelog
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 12 Feb 2013 02:36:39 +0000 (10:36 +0800)]
bump version to 1.2 and soname to 3
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 12 Feb 2013 02:19:08 +0000 (10:19 +0800)]
api make close api private only
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 12 Feb 2013 02:15:25 +0000 (10:15 +0800)]
api remove hangup_on_client
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 12 Feb 2013 02:10:32 +0000 (10:10 +0800)]
update test echo for iface info member namechange
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 12 Feb 2013 02:07:22 +0000 (10:07 +0800)]
eliminate snprintf
The two cases where I introduced snprintf are either already
safe for buffer overflow or can be made so with one extra
statement, allowing sprintf.
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Tue, 12 Feb 2013 02:13:02 +0000 (10:13 +0800)]
fix info struct api docs for iface vs interface
Signed-off-by: Andy Green <andy.green@linaro.org>
Joakim Soderberg [Mon, 11 Feb 2013 16:52:23 +0000 (17:52 +0100)]
Fixed compilation on Windows.
Andy Green [Mon, 11 Feb 2013 14:40:39 +0000 (22:40 +0800)]
update memory performance info
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 11 Feb 2013 13:43:41 +0000 (21:43 +0800)]
fix ssl reject path for freeing header allocation
If the SSL connection failed before the headers came, we were not
dealing with deallocating the header malloc. This takes care of it.
Using CyaSSL, we are then valgrind-clean for ssl client and server.
With OpenSSL, there is 88 bytes lost at init that never changes or
gets recovered. AFAIK there's nothing to do about that.
OpenSSL also blows these during operation
==1059== Conditional jump or move depends on uninitialised value(s)
==1059== at 0x4A0B131: bcmp (mc_replace_strmem.c:935)
==1059== by 0x3014CDDBA8: ??? (in /usr/lib64/libcrypto.so.1.0.1c)
==1059== by 0x3015430852: tls1_enc (in /usr/lib64/libssl.so.1.0.1c)
==1059== by 0x3015428CEC: ssl3_read_bytes (in /usr/lib64/libssl.so.1.0.1c)
==1059== by 0x30154264C5: ??? (in /usr/lib64/libssl.so.1.0.1c)
==1059== by 0x4C3C596: lws_server_socket_service (server.c:153)
==1059== by 0x4C32C1E: libwebsocket_service_fd (libwebsockets.c:927)
==1059== by 0x4C33270: libwebsocket_service (libwebsockets.c:1225)
==1059== by 0x401C84: main (in /usr/bin/libwebsockets-test-server)
However googling around
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/60021
http://www.openssl.org/support/faq.html#PROG13
(also the next FAQ down)
it seems OpenSSL have a relaxed attitude to this and it's expected.
It's interesting CyaSSL works fine but doesn't have that problem...
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 11 Feb 2013 12:10:56 +0000 (20:10 +0800)]
fix busted debug format in ssl mode
CyaSSL blows (symptomless?) uninitialized memory accesses in
valgrind when using SSL_get_version()... don't need to do it...
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 11 Feb 2013 12:03:59 +0000 (20:03 +0800)]
fix string escape runon
Oh well it was a big patch to just be cosmetic ^^
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 11 Feb 2013 11:36:15 +0000 (19:36 +0800)]
fix without server
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 11 Feb 2013 09:13:32 +0000 (17:13 +0800)]
style cleanup
This brings the library sources into compliance with checkpatch
style except for three or four exceptions like WIN32 related stuff
and one long string constant I don't want to break into multiple
sprintf calls.
There should be no functional or compilability change from all
this (hopefully).
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 11 Feb 2013 06:50:45 +0000 (14:50 +0800)]
valgrind openssl destroy as far as possible
OpenSSL doesn't seem to have a way to close out three allocations
it creates during SSL library init.
Even after doing the magic incantations suggested on the openssl list, we're
left with these. Well, 88 bytes from ssl init is probably not critical,
but it's annoying
==15206== HEAP SUMMARY:
==15206== in use at exit: 88 bytes in 3 blocks
==15206== total heap usage: 13,566 allocs, 13,563 frees, 5,933,134 bytes allocated
==15206==
==15206== 24 bytes in 1 blocks are still reachable in loss record 1 of 3
==15206== at 0x4A06409: malloc (vg_replace_malloc.c:270)
==15206== by 0x3014C612B2: CRYPTO_malloc (in /usr/lib64/libcrypto.so.1.0.1c)
==15206== by 0x3015441B38: ??? (in /usr/lib64/libssl.so.1.0.1c)
==15206== by 0x3015443A78: SSL_COMP_get_compression_methods (in /usr/lib64/libssl.so.1.0.1c)
==15206== by 0x301544932B: SSL_library_init (in /usr/lib64/libssl.so.1.0.1c)
==15206== by 0x4C340D4: libwebsocket_create_context (libwebsockets.c:1796)
==15206== by 0x401C08: main (in /usr/bin/libwebsockets-test-server)
==15206==
==15206== 32 bytes in 1 blocks are still reachable in loss record 2 of 3
==15206== at 0x4A06409: malloc (vg_replace_malloc.c:270)
==15206== by 0x3014C612B2: CRYPTO_malloc (in /usr/lib64/libcrypto.so.1.0.1c)
==15206== by 0x3014CC91BE: sk_new (in /usr/lib64/libcrypto.so.1.0.1c)
==15206== by 0x3015441AF9: ??? (in /usr/lib64/libssl.so.1.0.1c)
==15206== by 0x3015443A78: SSL_COMP_get_compression_methods (in /usr/lib64/libssl.so.1.0.1c)
==15206== by 0x301544932B: SSL_library_init (in /usr/lib64/libssl.so.1.0.1c)
==15206== by 0x4C340D4: libwebsocket_create_context (libwebsockets.c:1796)
==15206== by 0x401C08: main (in /usr/bin/libwebsockets-test-server)
==15206==
==15206== 32 bytes in 1 blocks are still reachable in loss record 3 of 3
==15206== at 0x4A06409: malloc (vg_replace_malloc.c:270)
==15206== by 0x3014C612B2: CRYPTO_malloc (in /usr/lib64/libcrypto.so.1.0.1c)
==15206== by 0x3014CC91DC: sk_new (in /usr/lib64/libcrypto.so.1.0.1c)
==15206== by 0x3015441AF9: ??? (in /usr/lib64/libssl.so.1.0.1c)
==15206== by 0x3015443A78: SSL_COMP_get_compression_methods (in /usr/lib64/libssl.so.1.0.1c)
==15206== by 0x301544932B: SSL_library_init (in /usr/lib64/libssl.so.1.0.1c)
==15206== by 0x4C340D4: libwebsocket_create_context (libwebsockets.c:1796)
==15206== by 0x401C08: main (in /usr/bin/libwebsockets-test-server)
==15206==
==15206== LEAK SUMMARY:
==15206== definitely lost: 0 bytes in 0 blocks
==15206== indirectly lost: 0 bytes in 0 blocks
==15206== possibly lost: 0 bytes in 0 blocks
==15206== still reachable: 88 bytes in 3 blocks
==15206== suppressed: 0 bytes in 0 blocks
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 11 Feb 2013 06:32:02 +0000 (14:32 +0800)]
valgrind client close in a controlled way on SIGINT
With this, both the test server and client are valgrind-clean
tested with a chrome session also active to the server
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 11 Feb 2013 06:32:48 +0000 (14:32 +0800)]
valgrind eliminate uninitialized warning on close
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 11 Feb 2013 06:12:32 +0000 (14:12 +0800)]
valgrind also deallocate rx buf on close when client
Signed-off-by: Andy Green <andy.green@linaro.org>
Andy Green [Mon, 11 Feb 2013 06:08:50 +0000 (14:08 +0800)]
valgrind dont close things directly in the callback
Signed-off-by: Andy Green <andy.green@linaro.org>