Changelog
---------
-Fixes
------
-
-1) MAJOR (Windows-only) fix assert firing
-
-2) MAJOR http:/1.1 connections handled by lws_return_http_status() did not
-get sent a content-length resulting in the link hanging until the peer closed
-it. attack.sh updated to add a test for this.
-
-3) MINOR An error about hdr struct in _lws_ws_related is corrected, it's not
-known to affect anything until after it was fixed
-
-4) MINOR During the close shutdown wait state introduced at v1.7, if something
-requests callback on writeable for the socket it will busywait until the
-socket closes
-
-5) MAJOR Although the test server has done it for a few versions already, it
-is now required for the user code to explicitly call
-
- if (lws_http_transaction_completed(wsi))
- return -1;
+v4.3.0
+======
-when it finishes replying to a transaction in http. Previously the library
-did it for you, but that disallowed large, long transfers with multiple
-trips around the event loop (and cgi...).
+ - Add full CBOR stream parsing and writing support, with huge
+ amount of test vectors and resumable printf type write apis
+ See ./READMEs/README.cbor-lecp.md
+ - Add COSE key and signing / validation support with huge amount of
+ test vectors
+ cose_sign[1] ES256/384/512, RS256/384/512
+ cose_mac0 HS256/384/512
+ See ./READMEs/README.cbor-cose.md
+ - JIT Trust: for constrained devices, provides a way to determine the
+ trusted CA certs the peer requires, and instantiate just those.
+ This allows generic client browsing without the overhead of ~130
+ x.509 CA certs in memory permanently.
+ See ./READMEs/README.jit-trust.md
+ - Add support for client Netscape cookie jar with caching
+ - Secure Streams: issue LWSSSCS_EVENT_WAIT_CANCELLED state() when
+ lws_cancel_service() called, so cross-thread events can be handled
+ in SS
+ - Actively assert() on attempt to destroy SS handles still active in
+ the call stack, use DESTROY_ME returns instead so caller can choose
+ how to handle it.
+ - Improved Client Connection Error report strings for tls errors
+ - SMP: Use a private fakewsi for PROTOCOL_INIT so pts cannot try to
+ use the same one concurrently
+ - MbedTLS v3 support for all release changes, as well as retaining
+ support for v2.x
+ - MQTT client: support QoS2
+ - Event lib ops can now be set at context creation time directly,
+ bringing full event lib hooking to custom event loops. See
+ minimal-http-server-eventlib-custom
+ - Extra APIs to recover AKID and SKID from x.509 in mbedtls and openssl
+ - Improve http redirect to handle h2-> h2 cleanly
+ - IPv4+6 listen sockets on vhosts are now done with two separate
+ sockets bound individually to AF_INET and AF_INET6 addresses,
+ handled by the same vhost listen flow.
+ - Improved tls restriction handling
+ - Log contexts: allow objects to log into local logging contexts, by
+ lws_context, vhost, wsi and ss handle. Each context has its own
+ emit function and log level. See ./READMEs/README.logging.md
+ - Upgrade compiler checking to default to -Werror -Wall -Wextra
+ - Fault injection apis now also support pseudo-random number binding
+ within a specified range, eg,
+ --fault-injection "f1(10%),f1_delay(123..456)"
+ - Remove LWS_WITH_DEPRECATED_THINGS, remove master branch
+ - Interface binding now uses ipv6 scoring to select bind address
+
+v4.2.0
+======
-6) MAJOR connections on ah waiting list that closed did not get removed from
-the waiting list...
+ - Sai coverage upgrades, 495 builds on 27 platforms, including OSX M1,
+ Xenial, Bionic and Focal Ubuntu, Debian Sid and Buster on both 32 and
+ 64-bit OS, and NetBSD, Solaris, FreeBSD, Windows, ESP32.
+ Ctest run on more scenarios including all LWS_WITH_DISTRO_RECOMMENDED.
+ More tests use valgrind if available on platform.
+ - RFC7231 date and time parsing and retry-after wired up to lws_retry
+ - `LWS_WITH_SUL_DEBUGGING` checks that no sul belonging to Secure Streams
+ and wsi objects are left registered on destruction
+ - Netlink monitoring on Linux dynamically tracks interface address and
+ routing changes, and immediately closes connections on invalidated
+ routes.
+ - RFC6724 DNS results sorting over ipv4 + ipv6 results, according to
+ available dynamic route information
+ - Support new event library, sdevent (systemd native loop), via
+ `LWS_WITH_SDEVENT`
+ - Reduce .rodata cost of role structs by making them sparse
+ - Additional Secure Streams QA tests and runtime state transition
+ validation
+ - SMD-over-ss-proxy documentation and helpers to simplify forwarding
+ - SSPC stream buffering at proxy and client set from policy by streamtype
+ - Trigger Captive Portal Detection if DNS resolution fails
+ - Switch all logs related to wsi and Secure Streams to use unique,
+ descriptive tags instead of pointers (which may be reallocated)
+ - Use NOITCE logging for Secure Streams and wsi lifecycle logging using
+ tags
+ - Update SSPC serialization to include versioning on initial handshake,
+ and pass client pid to proxy so related objects are tagged with it
+ - Enable errors on -Wconversion pedantic type-related build issues
+ throughout the lws sources and upgrade every affected cast.
+ - Windows remove WSA event implementation and replace with WSAPoll, with
+ a pair of UDP sockets instead of pipe() for `lws_cancel_service()`
+ - `lws_strcmp_wildcard()` helper that understand "x*", "x*y", "x*y*" etc
+ - `LWS_WITH_PLUGINS_BUILTIN` cmake option just builds plugins into the main
+ library image directly
+ - Secure Streams proxy supports policy for flow control between proxy and
+ clients
+ - libressl also supported along with boringssl, wolfssl
+ - prepared for openssl v3 compatibility, for main function and GENCRYPTO
+ - Fault injection apis can confirm operation of 48 error paths and counting
+ - `LWS_WITH_SYS_METRICS` keeps stats and reports them to user-defined
+ function, compatible with openmetrics
+ - windows platform knows how to prepare openssl with system trust store certs
+ - `LWS_WITH_SYS_CONMON` allows selected client connections to make precise
+ measurements of connection performance and DNS results, and report them in a struct
+ - New native support for uloop event loop (OpenWRT loop)
+ - More options around JWT
+ - Support TLS session caching and reuse by default, on both OpenSSL and
+ mbedtls
+ - Many fixes and improvements...
+
+v4.1.0
+======
-7) MAJOR since we added the ability to hold an ah across http keepalive
-transactions where more headers had already arrived, we broke the ability
-to tell if more headers had arrived. Result was if the browser didn't
-close the keepalive, we retained ah for the lifetime of the keepalive,
-using up the pool.
+ - NEW: travis / appveyor / bintray are replaced by Sai
+ https://libwebsockets.org/sai/ which for lws currently does 193 builds per
+ git push on 16 platforms, all self-hosted. The homebrew bash scripts used
+ to select Minimal examples are replaced by CTest. Platforms currently
+ include Fedora/AMD/GCC, Windows/AMD/mingw32, Windows/AMD/mingw64, Android/
+ aarch64/LLVM, esp-idf (on WROVER-KIT and HELTEC physical boards), Fedora/
+ RISCV (on QEMU)/GCC, CentOS8/AMD/GCC, Gentoo/AMD/GCC, Bionic/AMD/GCC,
+ Linkit 7697, Focal/AMD/GCC, Windows (on QEMU)/AMD/MSVC,
+ Focal/aarch64-RPI4/GCC, iOS/aarch64/LLVM and OSX/AMD/LLVM.
+
+ - NEW: The single CMakeLists.txt has been refactored and modernized into smaller
+ CMakeLists.txt in the subdirectory along with the code that is being managed
+ for build by it. Build options are still listed in the top level as before
+ but the new way is much more maintainable.
+
+ - NEW: event lib support on Unix is now built into dynamically loaded plugins
+ and brought in at runtime, allowing all of the support to be built in
+ isolation without conflicts, and separately packaged with individual
+ dependencies. See ./READMEs/event-libs.md for details and how to force
+ the old static build into lws method.
+
+ - NEW: Captive Portal Detection. Lws can determine if the active default
+ route is able to connect to the internet, or is in a captive portal type
+ situation, by trying to connect to a remote server that will respond in an
+ unusual way, like provide a 204.
+
+ - NEW: Secure streams: Support system trust store if it exists
+ Build on Windows
+ Support lws raw socket protocol in SS
+ Support Unix Domain Socket transport
+
+ - NEW: Windows: Support Unix Domain Sockets same as other platforms
+
+ - NEW: Windows: Build using native pthreads, async dns, ipv6 on MSVC
+
+ - NEW: lws_struct: BLOB support
+
+ - NEW: lws_sul: Now provides two sorted timer domains, a default one as
+ before, and another whose scheduled events are capable to wake the system from suspend
+
+ - NEW: System Message Distribution: lws_smd provides a very lightweight way
+ to pass short messages between subsystems both in RTOS type case where the
+ subsystems are all on the lws event loop, and in the case participants are in
+ different processes, using Secure Streams proxying. Participants register a bitmap
+ of message classes they care about; if no particpant cares about a particular message,
+ it is rejected at allocation time for the sender, making it cheap to provide messages
+ speculatively. See lib/system/smd/README.md for full details.
+
+ - NEW: lws_drivers: wrappers for SDK driver abstractions (or actual drivers)
+ See lib/drivers/README.md, example implementations
+ minimal-examples/embedded/esp32/esp-wrover-kit
+ - generic gpio
+ - generic LED (by name) lib/drivers/led/README.md
+ - generic PWM, sophisticated interpolated table
+ sequencers with crossfade
+ - generic button (by name), with debounce and press classification
+ emitting rich SMD click, long-click, double-click,
+ down, repeat, up JSON messages
+ lib/drivers/button/README.md
+ - bitbang i2c on generic gpio (hw support can use same
+ abstract API)
+ - bitbang spi on generic gpio (hw support can use same
+ abstract API)
+ - generic display object, can be wired up to controller
+ drivers that hook up by generic i2c or spi,
+ generic backlight PWM sequencing and
+ blanking timer support
+ - generic settings storage: get and set blobs by name
+ - generic network device: netdev abstract class with
+ WIFI / Ethernet implementations
+ using underlying SDK APIs;
+ generic 80211 Scan managements
+ and credentials handling via
+ lws_settings
+ This is the new way to provide embedded platform
+ functionality that was in the past done like
+ esp32-factory. Unlike the old way, the new way has no
+ native apis in it and can be built on other SDK / SoCs
+ the same.
+
+ - NEW: Security-aware JWS JWT (JSON Web Tokens) apis are provided on top of the existing
+ JOSE / JWS apis. All the common algorithms are available along with some
+ high level apis like lws http cookie -> JWT struct -> lws http cookie.
+
+ - REMOVED: esp32-helper and friends used by esp32-factory now lws_drivers
+ exists
+
+ - REMOVED: generic sessions and friends now JWT is provided
+
+v4.0.0
+======
-8) MAJOR windows-only-POLLHUP was not coming
+ - NEW: Lws is now under the MIT license, see ./LICENSE for details
+
+ - NEW: GLIB native event loop support, lws + gtk example
+ - NEW: native lws MQTT client... supports client stream binding like h2 when
+ multiple logical connections are going to the same endpoint over MQTT, they
+ transparently and independently share the one connection + tls tunnel
+
+ - NEW: "Secure Streams"... if you are making a device with client connections
+ to the internet or cloud, this allows separation of the communications
+ policy (endpoints, tls cert validation, protocols, etc) from the code, with
+ the goal you can combine streams, change protocols and cloud provision, and
+ reflect that in the device's JSON policy document without having to change
+ any code.
+
+ - NEW: lws_system: New lightweight and efficient Asynchronous DNS resolver
+ implementation for both A and AAAA records, supports recursive (without
+ recursion in code) lookups, caching, and getaddrinfo() compatible results
+ scheme (from cache directly without per-consumer allocation). Able to
+ perform DNS lookups without introducing latency in the event loop.
+
+ - NEW: lws_system: ntpclient implementation with interface for setting system
+ time via lws_system ops
+
+ - NEW: lws_system: dhcpclient implementation
+
+ - NEW: Connection validity tracking, autoproduce PING/PONG for protocols that
+ support it if not informed that the connection has passed data in both
+ directions recently enough
-Changes
--------
+ - NEW: lws_retry: standardized exponential backoff and retry timing based
+ around backoff table and lws_sul
-1) MINOR test-server gained some new switches
+ - NEW: there are official public helpers for unaligned de/serialization of all
+ common types, see eh, lws_ser_wu16be() in include/libwebsockets/lws-misc.h
- -C <file> use external SSL cert file
- -K <file> use external SSL key file
- -A <file> use external SSL CA cert file
+ - NEW: lws_tls_client_vhost_extra_cert_mem() api allows attaching extra certs
+ to a client vhost from DER in memory
- -u <uid> set effective uid
- -g <gid> set effective gid
-
-together you can use them like this to have the test-server work with the
-usual purchased SSL certs from an official CA.
-
- --ssl -C your.crt -K your.key -A your.cer -u 99 -g 99
-
-2) MINOR the OpenSSL magic to setup ECDH cipher usage is implemented in the
-library, and the ciphers restricted to use ECDH only.
-Using this, the lws test server can score an A at SSLLABS test
-
-3) MINOR STS (SSL always) header is added to the test server if you use --ssl. With
-that, we score A+ at SSLLABS test
-
-4) MINOR daemonize function (disabled at cmake by default) is updated to work
-with systemd
-
-5) MINOR example systemd .service file now provided for test server
-(not installed by default)
-
-6) test server html is updated with tabs and a new live server monitoring
-feature. Input sanitization added to the js.
-
-7) client connections attempted when no ah is free no longer fail, they are
-just deferred until an ah becomes available.
-
-8) The test client pays attention to if you give it an http:/ or https://
-protocol string to its argument in URL format. If so, it stays in http[s]
-client mode and doesn't upgrade to ws[s], allowing you to do generic http client
-operations.
-
-
-User API additions
-------------------
-
-1) MINOR APIBREAK There's a new member in struct lws_context_creation_info, ecdh_curve,
-which lets you set the name of the ECDH curve OpenSSL should use. By
-default (if you leave ecdh_curve NULL) it will use "prime256v1"
-
-2) MINOR NEWAPI It was already possible to adopt a foreign socket that had not
-been read from using lws_adopt_socket() since v1.7. Now you can adopt a
-partially-used socket if you don't need SSL, by passing it what you read
-so it can drain that before reading from the socket.
-
-LWS_VISIBLE LWS_EXTERN struct lws *
-lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd,
- const char *readbuf, size_t len);
-
-3) MINOR NEWAPI CGI type "network io" subprocess execution is now possible from
-a simple api.
-
-LWS_VISIBLE LWS_EXTERN int
-lws_cgi(struct lws *wsi, char * const *exec_array, int timeout_secs);
-
-LWS_VISIBLE LWS_EXTERN int
-lws_cgi_kill(struct lws *wsi);
-
-To use it, you must first set the cmake option
-
-$ cmake .. -DLWS_WITH_CGI=1
-
-See test-server-http.c and test server path
-
-http://localhost:7681/cgitest
+ - NEW: lws_system: generic blobs support passing auth tokens, per-connection
+ client certs etc from platform into lws
-stdin gets http body, you can test it with wget
+ - NEW: public helpers to consume and produce ipv4/6 addresses in a clean way,
+ along with lws_sockaddr46 type now public. See eg, lws_sockaddr46-based
+ lws_sa46_parse_numeric_address(), lws_write_numeric_address()
+ in include/libwebsockets/lws-network-helper.h
-$ echo hello > hello.txt
-$ wget http://localhost:7681/cgitest --post-file=hello.txt -O- --quiet
-lwstest script
-read="hello"
-
-4) There is a helper api for forming logging timestamps
-
-LWS_VISIBLE int
-lwsl_timestamp(int level, char *p, int len)
-
-this generates this kind of timestamp for use as logging preamble
-
-lwsts[13116]: [2016/01/25 14:52:52:8386] NOTICE: Initial logging level 7
-
-5) struct lws_client_connect_info has a new member
-
- const char *method
+ - Improved client redirect handling, h2 compatibility
-If it's NULL, then everything happens as before, lws_client_connect_via_info()
-makes a ws or wss connection to the address given.
-
-If you set method to a valid http method like "GET", though, then this method
-is used and the connection remains in http[s], it's not upgraded to ws[s].
-
-So with this, you can perform http[s] client operations as well as ws[s] ones.
-
-There are 4 new related callbacks
-
- LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP = 44,
- LWS_CALLBACK_CLOSED_CLIENT_HTTP = 45,
- LWS_CALLBACK_RECEIVE_CLIENT_HTTP = 46,
- LWS_CALLBACK_COMPLETED_CLIENT_HTTP = 47,
-
-
-v1.7.0
-======
-
-Extension Changes
------------------
-
-1) There is now a "permessage-deflate" / RFC7692 implementation. It's very
-similar to "deflate-frame" we have offered for a long while; deflate-frame is
-now provided as an alias of permessage-deflate.
-
-The main differences are that the new permessage-deflate implementation:
-
- - properly performs streaming respecting input and output buffer limits. The
- old deflate-frame implementation could only work on complete deflate input
- and produce complete inflate output for each frame. The new implementation
- only mallocs buffers at initialization.
-
- - goes around the event loop after each input package is processed allowing
- interleaved output processing. The RX flow control api can be used to
- force compressed input processing to match the rate of compressed output
- processing (test--echo shows an example of how to do this).
-
- - when being "deflate-frame" for compatibility he uses the same default zlib
- settings as the old "deflate-frame", but instead of exponentially increasing
- malloc allocations until the whole output will fit, he observes the default
- input and output chunking buffer sizes of "permessage-deflate", that's
- 1024 in and 1024 out at a time.
-
-2) deflate-stream has been disabled for many versions (for over a year) and is
-now removed. Browsers are now standardizing on "permessage-deflate" / RFC7692
-
-3) struct lws_extension is simplified, and lws extensions now have a public
-api (their callback) for use in user code to compose extensions and options
-the user code wants. lws_get_internal_exts() is deprecated but kept around
-as a NOP. The changes allow one extension implementation to go by different
-names and allows the user client code to control option offers per-ext.
-
-The test client and server are updated to use the new way. If you use
-the old way it should still work, but extensions will be disabled until you
-update your code.
-
-Extensions are now responsible for allocating and per-instance private struct
-at instance construction time and freeing it when the instance is destroyed.
-Not needing to know the size means the extension's struct can be opaque
-to user code.
-
-
-User api additions
-------------------
-
-1) The info struct gained three new members
-
- - max_http_header_data: 0 for default (1024) or set the maximum amount of known
- http header payload that lws can deal with. Payload in unknown http
- headers is dropped silently. If for some reason you need to send huge
- cookies or other HTTP-level headers, you can now increase this at context-
- creation time.
-
- - max_http_header_pool: 0 for default (16) or set the maximum amount of http
- headers that can be tracked by lws in this context. For the server, if
- the header pool is completely in use then accepts on the listen socket
- are disabled until one becomes free. For the client, if you simultaneously
- have pending connects for more than this number of client connections,
- additional connects will fail until some of the pending connections timeout
- or complete.
-
- - timeout_secs: 0 for default (currently 20s), or set the library's
- network activity timeout to the given number of seconds
-
-HTTP header processing in lws only exists until just after the first main
-callback after the HTTP handshake... for ws connections that is ESTABLISHED and
-for HTTP connections the HTTP callback.
-
-So these settings are not related to the maximum number of simultaneous
-connections, but the number of HTTP handshakes that may be expected or ongoing,
-or have just completed, at one time. The reason it's useful is it changes the
-memory allocation for header processing to be one-time at context creation
-instead of every time there is a new connection, and gives you control over
-the peak allocation.
-
-Setting max_http_header_pool to 1 is fine it will just queue incoming
-connections before the accept as necessary, you can still have as many
-simultaneous post-header connections as you like. Since the http header
-processing is completed and the allocation released after ESTABLISHED or the
-HTTP callback, even with a pool of 1 many connections can be handled rapidly.
-
-2) There is a new callback that allows the user code to get acccess to the
-optional close code + aux data that may have been sent by the peer.
-
-LWS_CALLBACK_WS_PEER_INITIATED_CLOSE:
- The peer has sent an unsolicited Close WS packet. @in and
- @len are the optional close code (first 2 bytes, network
- order) and the optional additional information which is not
- defined in the standard, and may be a string or non-human-
- readble data.
- If you return 0 lws will echo the close and then close the
- connection. If you return nonzero lws will just close the
- connection.
-
-As usual not handling it does the right thing, if you're not interested in it
-just ignore it.
-
-The test server has "open and close" testing buttons at the bottom, if you
-open and close that connection, on close it will send a close code 3000 decimal
-and the string "Bye!" as the aux data.
-
-The test server dumb-increment callback handles this callback reason and prints
-
-lwsts[15714]: LWS_CALLBACK_WS_PEER_INITIATED_CLOSE: len 6
-lwsts[15714]: 0: 0x0B
-lwsts[15714]: 1: 0xB8
-lwsts[15714]: 2: 0x42
-lwsts[15714]: 3: 0x79
-lwsts[15714]: 4: 0x65
-lwsts[15714]: 5: 0x21
-
-3) There is a new API to allow the user code to control the content of the
-close frame sent when about to return nonzero from the user callback to
-indicate the connection should close.
-
-/**
- * lws_close_reason - Set reason and aux data to send with Close packet
- * If you are going to return nonzero from the callback
- * requesting the connection to close, you can optionally
- * call this to set the reason the peer will be told if
- * possible.
- *
- * @wsi: The websocket connection to set the close reason on
- * @status: A valid close status from websocket standard
- * @buf: NULL or buffer containing up to 124 bytes of auxiliary data
- * @len: Length of data in @buf to send
- */
-LWS_VISIBLE LWS_EXTERN void
-lws_close_reason(struct lws *wsi, enum lws_close_status status,
- unsigned char *buf, size_t len);
-
-An extra button is added to the "open and close" test server page that requests
-that the test server close the connection from his end.
-
-The test server code will do so by
-
- lws_close_reason(wsi, LWS_CLOSE_STATUS_GOINGAWAY,
- (unsigned char *)"seeya", 5);
- return -1;
-
-The browser shows the close code and reason he received
-
-websocket connection CLOSED, code: 1001, reason: seeya
-
-4) There's a new context creation time option flag
-
-LWS_SERVER_OPTION_VALIDATE_UTF8
-
-if you set it in info->options, then TEXT and CLOSE frames will get checked to
-confirm that they contain valid UTF-8. If they don't, the connection will get
-closed by lws.
-
-5) ECDH Certs are now supported. Enable the CMake option
+ - NEW: lwsac: additional features for constant folding support (strings that
+ already are in the lwsac can be pointed to without copying again), backfill
+ (look for gaps in previous chunks that could take a new use size), and
+ lwsac_extend() so last use() can attempt to use more unallocated chunk space
-cmake .. -DLWS_SSL_SERVER_WITH_ECDH_CERT=1
+ - NEW: lws_humanize: apis for reporting scalar quanties like 1234 as "1.234KB"
+ with the scaled symbol strings passed in by caller
-**and** the info->options flag
+ - NEW: freertos: support lws_cancel_service() by using UDP pair bound to lo,
+ since it doesn't have logical pipes
-LWS_SERVER_OPTION_SSL_ECDH
+ - NEW: "esp32" plat, which implemented freertos plat compatibility on esp32, is
+ renamed to "freertos" plat, targeting esp32 and other freertos platforms
-to build in support and select it at runtime.
+ - NEW: base64 has an additional api supporting stateful decode, where the input
+ is not all in the same place at the same time and can be processed
+ incrementally
-6) There's a new api lws_parse_uri() that simplifies chopping up
-https://xxx:yyy/zzz uris into parts nicely. The test client now uses this
-to allow proper uris as well as the old address style.
-
-7) SMP support is integrated into LWS without any internal threading. It's
-very simple to use, libwebsockets-test-server-pthread shows how to do it,
-use -j <n> argument there to control the number of service threads up to 32.
-
-Two new members are added to the info struct
-
- unsigned int count_threads;
- unsigned int fd_limit_per_thread;
-
-leave them at the default 0 to get the normal singlethreaded service loop.
-
-Set count_threads to n to tell lws you will have n simultaneous service threads
-operating on the context.
-
-There is still a single listen socket on one port, no matter how many
-service threads.
-
-When a connection is made, it is accepted by the service thread with the least
-connections active to perform load balancing.
-
-The user code is responsible for spawning n threads running the service loop
-associated to a specific tsi (Thread Service Index, 0 .. n - 1). See
-the libwebsockets-test-server-pthread for how to do.
-
-If you leave fd_limit_per_thread at 0, then the process limit of fds is shared
-between the service threads; if you process was allowed 1024 fds overall then
-each thread is limited to 1024 / n.
-
-You can set fd_limit_per_thread to a nonzero number to control this manually, eg
-the overall supported fd limit is less than the process allowance.
-
-You can control the context basic data allocation for multithreading from Cmake
-using -DLWS_MAX_SMP=, if not given it's set to 32. The serv_buf allocation
-for the threads (currently 4096) is made at runtime only for active threads.
-
-Because lws will limit the requested number of actual threads supported
-according to LWS_MAX_SMP, there is an api lws_get_count_threads(context) to
-discover how many threads were actually allowed when the context was created.
-
-It's required to implement locking in the user code in the same way that
-libwebsockets-test-server-pthread does it, for the FD locking callbacks.
-
-If LWS_MAX_SMP=1, then there is no code related to pthreads compiled in the
-library. If more than 1, a small amount of pthread mutex code is built into
-the library.
-
-8) New API
-
-LWS_VISIBLE struct lws *
-lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd)
-
-allows foreign sockets accepted by non-lws code to be adopted by lws as if they
-had just been accepted by lws' own listen socket.
-
-9) X-Real-IP: header has been added as WSI_TOKEN_HTTP_X_REAL_IP
-
-10) Libuv support is added, there are new related user apis
-
-typedef void (lws_uv_signal_cb_t)(uv_loop_t *l, uv_signal_t *w, int revents);
-
-LWS_VISIBLE LWS_EXTERN int
-lws_uv_sigint_cfg(struct lws_context *context, int use_uv_sigint,
- lws_uv_signal_cb_t *cb);
+ - NEW: lws ws proxy: support RFC8441
+
+ - NEW: lws_spawn_piped apis: generic support for vforking a process with child
+ wsis attached to its stdin, stdout and stderr via pipes. When processes are
+ reaped, a specified callback is triggered. Currently Linux + OSX.
+
+ - NEW: lws_fsmount apis: Linux-only overlayfs mount and unmount management for
+ aggregating read-only layers with disposable, changeable upper layer fs
-LWS_VISIBLE LWS_EXTERN int
-lws_uv_initloop(struct lws_context *context, uv_loop_t *loop, int tsi);
+ - Improvements for RTOS / small build case bring the footprint of lws v4 below
+ that of v3.1 on ARM
+
+ - lws_tokenize: flag specifying # should mark rest of line as comment
-LWS_VISIBLE void
-lws_uv_sigint_cb(uv_loop_t *loop, uv_signal_t *watcher, int revents);
+ - NEW: minimal example for integrating libasound / alsa via raw file
-and CMAKE option
+ - lws_struct: sqlite and json / lejp translation now usable
-LWS_WITH_LIBUV
+v3.2.0
+======
-User api changes
-----------------
+ - This is the last planned release under LGPLv2+SLE. It's not planned to be
+ maintained like previous releases, please switch to master for the latest
+ stuff or continue to use v3.1-stable until the next release under the
+ new MIT license.
-1) LWS_SEND_BUFFER_POST_PADDING is now 0 and deprecated. You can remove it; if
-you still use it, obviously it does nothing. Old binary code with nonzero
-LWS_SEND_BUFFER_POST_PADDING is perfectly compatible, the old code just
-allocated a buffer bigger than the library is going to use.
+ - NEW: completely refactored scheduler with a unified, sorted us-resolution
+ linked-list implementation. All polled checks like timeout are migrated
+ to use the new timers, which also work on the event lib implementations.
+ Faster operation, us-resolution timeouts and generic scheduled callbacks
+ from the event loop.
-The example apps no longer use LWS_SEND_BUFFER_POST_PADDING.
+ - NEW: lws_dsh specialized buffer memory allocator that can borrow space
+ from other cooperating buffers on the same list.
-The only path who made use of it was sending with LWS_WRITE_CLOSE --->
+ - NEW: lws_sequencer allows managing multi-connection processes and
+ retries
-2) Because of lws_close_reason() formalizing handling close frames,
-LWS_WRITE_CLOSE is removed from libwebsockets.h. It was only of use to send
-close frames...close frame content should be managed using lws_close_reason()
-now.
+ - NEW: memory buffer cert support
-3) We check for invalid CLOSE codes and complain about protocol violation in
-our close code. But it changes little since we were in the middle of closing
-anyway.
+ - NEW: LWS_WITH_NETWORK in CMake... can be configured without any network-
+ related code at all
-4) zero-length RX frames and zero length TX frames are now allowed.
+ - NEW: builds on QNX 6.5 and SmartOS
-5) Pings and close used to be limited to 124 bytes, the correct limit is 125
-so that is now also allowed.
+ - NEW: JOSE / JWK / JWS / JWE support, for all common ciphers and algs,
+ works on OpenSSL and mbedtls backends
-6) LWS_PRE is provided as a synonym for LWS_SEND_BUFFER_PRE_PADDING, either is
-valid to use now.
+ - NEW: gencrypto now has genaes and genec in addition to genrsa, works
+ on OpenSSL and mbedtls backends
-7) There's generic support for RFC7462 style extension options built into the
-library now. As a consequence, a field "options" is added to lws_extension.
-It can be NULL if there are no options on the extension. Extension internal
-info is part of the public abi because extensions may be implemented outside
-the library.
+ - NEW: raw_proxy role
-8) WSI_TOKEN_PROXY enum was accidentally defined to collide with another token
-of value 73. That's now corrected and WSI_TOKEN_PROXY moved to his own place at
-77.
+ - NEW: Basic Auth works on ws connections
-9) With the addition of libuv support, libev is not the only event loop
-library in town and his api names must be elaborated with _ev_
+ - CHANGE: REMOVED: LWS_WITH_GENRSA, LWS_WITH_GENHASH, LWS_WITH_GENEC,
+ LWS_WITH_GENAES have all been removed and combined into LWS_WITH_GENCRYPTO
- Callback typedef: lws_signal_cb ---> lws_ev_signal_cb_t
- lws_sigint_cfg --> lws_ev_sigint_cfg
- lws_initloop --> lws_ev_initloop
- lws_sigint_cb --> lws_ev_sigint_cb
+ - CHANGE: REMOVED: LWS_WITH_JWS, LWS_WITH_JWE have been removed and combined
+ into LWS_WITH_JOSE
-10) Libev support is made compatible with multithreaded service,
-lws_ev_initloop (was lws_initloop) gets an extra argument for the
-thread service index (use 0 if you will just have 1 service thread).
+v3.1.0
+======
-LWS_VISIBLE LWS_EXTERN int
-lws_ev_initloop(struct lws_context *context, ev_loop_t *loop, int tsi);
+ - CHANGE: REMOVED: lws_client_connect() and lws_client_connect_extended()
+ compatibility apis for lws_client_connect_via_info() have been marked as
+ deprecated for several versions and are now removed. Use
+ lws_client_connect_via_info() directly instead.
+
+ - CHANGE: CMAKE:
+ - LWS_WITH_HTTP2: now defaults ON
+
+ - CHANGE: Minimal examples updated to use Content Security Policy best
+ practices, using
+ `LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE` vhost
+ option flag and disabling of inline style and scripts. A side-effect of
+ this is that buffers used to marshal headers have to be prepared to take
+ more content than previously... LWS_RECOMMENDED_MIN_HEADER_SPACE (2048
+ currently) is available for user (and internal) use to logically tie the
+ buffer size to this usecase (and follow future increases).
+
+ - NEW: CMAKE
+ - LWS_FOR_GITOHASHI: sets various cmake options suitable for gitohashi
+ - LWS_WITH_ASAN: for Linux, enable build with ASAN
+
+ Don't forget LWS_WITH_DISTRO_RECOMMENDED, which enables a wide range of lws
+ options suitable for a distro build of the library.
+
+ - NEW: lws threadpool - lightweight pool of pthreads integrated to lws wsi, with
+ all synchronization to event loop handled internally, queue for excess tasks
+ [threadpool docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/threadpool)
+ [threadpool minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/ws-server/minimal-ws-server-threadpool)
+ Cmake config: `-DLWS_WITH_THREADPOOL=1`
+
+ - NEW: libdbus support integrated on lws event loop
+ [lws dbus docs](https://libwebsockets.org/git/libwebsockets/tree/lib/roles/dbus)
+ [lws dbus client minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-client)
+ [lws dbus server minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-server)
+ Cmake config: `-DLWS_ROLE_DBUS=1`
+
+ - NEW: lws allocated chunks (lwsac) - helpers for optimized mass allocation of small
+ objects inside a few larger malloc chunks... if you need to allocate a lot of
+ inter-related structs for a limited time, this removes per-struct allocation
+ library overhead completely and removes the need for any destruction handling
+ [lwsac docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/lwsac)
+ [lwsac minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lwsac)
+ Cmake Config: `-DLWS_WITH_LWSAC=1`
+
+ - NEW: lws tokenizer - helper api for robustly tokenizing your own strings without
+ allocating or adding complexity. Configurable by flags for common delimiter
+ sets and comma-separated-lists in the tokenizer. Detects and reports syntax
+ errors.
+ [lws_tokenize docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-tokenize.h)
+ [lws_tokenize minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lws_tokenize)
+
+ - NEW: lws full-text search - optimized trie generation, serialization,
+ autocomplete suggestion generation and instant global search support extensible
+ to huge corpuses of UTF-8 text while remaining super lightweight on resources.
+ [full-text search docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/fts)
+ [full-text search minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-fts)
+ [demo](https://libwebsockets.org/ftsdemo/)
+ [demo sources](https://libwebsockets.org/git/libwebsockets/tree/plugins/protocol_fulltext_demo.c)
+ Cmake config: `-DLWS_WITH_FTS=1 -DLWS_WITH_LWSAC=1`
+
+ - NEW: gzip + brotli http server-side compression - h1 and h2 automatic advertising
+ of server compression and application to files with mimetypes "text/*",
+ "application/javascript" and "image/svg.xml".
+ Cmake config: `-DLWS_WITH_HTTP_STREAM_COMPRESSION=1`, `-DLWS_WITH_HTTP_BROTLI=1`
+
+ - NEW: managed disk cache - API for managing a directory containing cached files
+ with hashed names, and automatic deletion of LRU files once the cache is
+ above a given limit.
+ [lws diskcache docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-diskcache.h)
+ Cmake config: `-DLWS_WITH_DISKCACHE=1`
+
+ - NEW: http reverse proxy - lws mounts support proxying h1 or h2 requests to
+ a local or remote IP, or unix domain socket over h1. This allows microservice
+ type architectures where parts of the common URL space are actually handled
+ by external processes which may be remote or on the same machine.
+ [lws gitohashi serving](https://libwebsockets.org/git/) is handled this way.
+ CMake config: `-DLWS_WITH_HTTP_PROXY=1`
+
+ - NEW: lws_buflist - internally several types of ad-hoc malloc'd buffer have
+ been replaced by a new, exported api `struct lws_buflist`. This allows
+ multiple buffers to be chained and drawn down in strict FIFO order.
+
+ - NEW: In the case of h1 upgrade, the connection header is checked to contain
+ "upgrade". The vhost flag LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK
+ also causes the Host: header to be confirmed to match the vhost name and
+ listen port.
+
+ - NEW: If no 404 redirect for `lws_return_http_status()` is specified for the vhost,
+ the status page produced will try to bring in a stylesheet `/error.css`. This allows
+ you to produce styled 404 or other error pages with logos, graphics etc. See
+ https://libwebsockets.org/git/badrepo for an example of what you can do with it.
+v3.0.0
+======
-v1.6.0-chrome48-firefox42
-=======================
+ - CHANGE: Clients used to call LWS_CALLBACK_CLOSED same as servers...
+ LWS_CALLBACK_CLIENT_CLOSED has been introduced and is called for clients
+ now.
+
+ - CHANGE: LWS_CALLBACK_CLIENT_CONNECTION_ERROR used to only be directed at
+ protocols[0]. However in many cases, the protocol to bind to was provided
+ at client connection info time and the wsi bound accordingly. In those
+ cases, CONNECTION_ERROR is directed at the bound protocol, not protcols[0]
+ any more.
-Major API improvements
-----------------------
+ - CHANGE: CMAKE: the following cmake defaults have changed with this version:
+
+ - LWS_WITH_ZIP_FOPS: now defaults OFF
+ - LWS_WITH_RANGES: now defaults OFF
+ - LWS_WITH_ZLIB: now defaults OFF
+ - LWS_WITHOUT_EXTENSIONS: now defaults ON
+
+ - CHANGE: REMOVED: lws_alloc_vfs_file() (read a file to malloc buffer)
+
+ - CHANGE: REMOVED: lws_read() (no longer useful outside of lws internals)
+
+ - CHANGE: REMOVED: ESP8266... ESP32 is now within the same price range and much
+ more performant
+
+ - CHANGE: soname bump... don't forget to `ldconfig`
+
+ - NEW: all event libraries support "foreign" loop integration where lws itself
+ if just a temporary user of the loop unrelated to the actual loop lifecycle.
+
+ See `minimal-http-server-eventlib-foreign` for example code demonstrating
+ this for all the event libraries.
+
+ Internal loop in lws is also supported and demonstrated by
+ `minimal-http-server-eventlib`.
+
+ - NEW: ws-over-h2 support. This is a new RFC-on-the-way supported by Chrome
+ and shortly firefox that allows ws connections to be multiplexed back to the
+ server on the same tcp + tls wrapper h2 connection that the html and scripts
+ came in on. This is hugely faster that discrete connections.
+
+ - NEW: UDP socket adoption and related event callbacks
+
+ - NEW: Multi-client connection binding, queuing and pipelining support.
+
+ Lws detects multiple client connections to the same server and port, and
+ optimizes how it handles them according to the server type and provided
+ flags. For http/1.0, all occur with individual parallel connections. For
+ http/1.1, you can enable keepalive pipelining, so the connections occur
+ sequentially on a single network connection. For http/2, they all occur
+ as parallel streams within a single h2 network connection.
+
+ See minimal-http-client-multi for example code.
+
+ - NEW: High resolution timer API for wsi, get a callback on your wsi with
+ LWS_CALLBACK_TIMER, set and reset the timer with lws_set_timer_usecs(wsi, us)
+ Actual resolution depends on event backend. Works with all backends, poll,
+ libuv, libevent, and libev.
+
+ - NEW: Protocols can arrange vhost-protocol instance specific callbacks with
+ second resolution using `lws_timed_callback_vh_protocol()`
+
+ - NEW: ACME client plugin for self-service TLS certificates
+
+ - NEW: RFC7517 JSON Web Keys RFC7638 JWK thumbprint, and RFC7515 JSON Web
+ signatures support
+
+ - NEW: lws_cancel_service() now provides a generic way to synchronize events
+ from other threads, which appear as a LWS_CALLBACK_EVENT_WAIT_CANCELLED
+ callback on all protocols. This is compatible with all the event libraries.
+
+ - NEW: support BSD poll() where changes to the poll wait while waiting are
+ undone.
+
+ - NEW: Introduce generic hash, hmac and RSA apis that operate the same
+ regardless of OpenSSL or mbedTLS tls backend
+
+ - NEW: Introduce X509 element query api that works the same regardless of
+ OpenSSL or mbedTLS tls backend
+
+ - NEW: Introduce over 30 "minimal examples" in ./minimal-examples... these
+ replace most of the old test servers
+
+ - test-echo -> minimal-ws-server-echo and minimal-ws-client-echo
-v1.6.0 has many cleanups and improvements in the API. Although at first it
-looks pretty drastic, user code will only need four actions to update it.
+ - test-server-libuv / -libevent / -libev ->
+ minimal-https-server-eventlib / -eventlib-foreign / -eventlib-demos
- - Do the three search/replaces in your user code, /libwebsocket_/lws_/,
- /libwebsockets_/lws_/, and /struct\ libwebsocket/struct\ lws/
+ - test-server-v2.0 -> folded into all the minimal servers
- - Remove the context parameter from your user callbacks
+ - test-server direct http serving -> minimal-http-server-dynamic
+
+ The minimal examples allow individual standalone build using their own
+ small CMakeLists.txt.
+
+ - NEW: lws now detects any back-to-back writes that did not go through the
+ event loop inbetween and reports them. This will flag any possibility of
+ failure rather than wait until the problem happens.
+
+ - NEW: CMake has LWS_WITH_DISTRO_RECOMMENDED to select features that are
+ appropriate for distros
+
+ - NEW: Optional vhost URL `error_document_404` if given causes a redirect there
+ instead of serve the default 404 page.
+
+ - NEW: lws_strncpy() wrapper guarantees NUL in copied string even if it was
+ truncated to fit.
+
+ - NEW: for client connections, local protocol binding name can be separated
+ from the ws subprotocol name if needed, using .local_protocol_name
- - Remove context as the first parameter from the "Eleven APIS" listed in the
- User Api Changes section
+ - NEW: Automatic detection of time discontiguities
+
+ - NEW: Applies TCP_USER_TIMEOUT for Linux tcp keepalive where available
+
+ - QA: 1600 tests run on each commit in Travis CI, including almost all
+ Autobahn in client and server mode, various h2load tests, h2spec, attack.sh
+ the minimal example selftests and others.
- - Add lws_get_context(wsi) as the first parameter on the "Three APIS" listed
- in the User Api Changes section, and anywhere else you still need context
+ - QA: fix small warnings introduced on gcc8.x (eg, Fedora 28)
+
+ - QA: Add most of -Wextra on gcc (-Wsign-compare, -Wignored-qualifiers,
+ -Wtype-limits, -Wuninitialized)
+
+ - QA: clean out warnings on windows
+
+ - QA: pass all 146 h2spec tests now on strict
+
+ - QA: introduce 35 selftests that operate different minimal examples against
+ each other and confirm the results.
+
+ - QA: LWS_WITH_MINIMAL_EXAMPLES allows mass build of all relevant minimal-
+ examples with the LWS build, for CI and to make all the example binaries
+ available from the lws build dir ./bin
+
+ - REFACTOR: the lws source directory layout in ./lib has been radically
+ improved, and there are now README.md files in selected subdirs with extra
+ documentation of interest to people working on lws itself.
-That's it... generally only a handful of the 14 affected APIs are actually in
-use in your user code and you can find them quickest by compiling and visiting
-the errors each in turn. And the end results are much cleaner, more
-predictable and maintainable.
+ - REFACTOR: pipelined transactions return to the event loop before starting the
+ next part.
+
+ - REFACTOR: TLS: replace all TLS library constants with generic LWS ones and
+ adapt all the TLS library code to translate to these common ones.
+
+ Isolated all the tls-related private stuff in `./lib/tls/private.h`, and all
+ the mbedTLS stuff in `./lib/tls/mbedtls` + openSSL stuff in
+ `./lib/tls/openssl`
+
+ - REFACTOR: the various kinds of wsi possible with lws have been extracted
+ from the main code and isolated into "roles" in `./lib/roles` which
+ communicate with the core code via an ops struct. Everything related to
+ ah is migrated to the http role.
+
+ wsi modes are eliminated and replaced by the ops pointer for the role the
+ wsi is performing. Generic states for wsi are available to control the
+ lifecycle using core code.
+
+ Adding new "roles" is now much easier with the changes and ops struct to
+ plug into.
+ - REFACTOR: reduce four different kinds of buffer management in lws into a
+ generic scatter-gather struct lws_buflist.
-User api additions
-------------------
+ - REFACTOR: close notifications go through event loop
-1) lws now exposes his internal platform file abstraction in a way that can be
-both used by user code to make it platform-agnostic, and be overridden or
-subclassed by user code. This allows things like handling the URI "directory
-space" as a virtual filesystem that may or may not be backed by a regular
-filesystem. One example use is serving files from inside large compressed
-archive storage without having to unpack anything except the file being
-requested.
-The test server shows how to use it, basically the platform-specific part of
-lws prepares a file operations structure that lives in the lws context.
+v2.4.0
+======
-Helpers are provided to also leverage these platform-independent file handling
-apis
+ - HTTP/2 server support is now mature and usable! LWS_WITH_HTTP2=1 enables it.
+ Uses ALPN to serve HTTP/2, HTTP/1 and ws[s] connections all from the same
+ listen port seamlessly. (Requires ALPN-capable OpenSSL 1.1 or mbedTLS).
-static inline lws_filefd_type
-lws_plat_file_open(struct lws *wsi, const char *filename,
- unsigned long *filelen, int flags)
-static inline int
-lws_plat_file_close(struct lws *wsi, lws_filefd_type fd)
-
-static inline unsigned long
-lws_plat_file_seek_cur(struct lws *wsi, lws_filefd_type fd, long offset)
-
-static inline int
-lws_plat_file_read(struct lws *wsi, lws_filefd_type fd, unsigned long *amount,
- unsigned char *buf, unsigned long len)
-
-static inline int
-lws_plat_file_write(struct lws *wsi, lws_filefd_type fd, unsigned long *amount,
- unsigned char *buf, unsigned long len)
-
-The user code can also override or subclass the file operations, to either
-wrap or replace them. An example is shown in test server.
-
-A wsi can be associated with the file activity, allowing per-connection
-authentication and state to be used when interpreting the file request.
-
-2) A new API void * lws_wsi_user(struct lws *wsi) lets you get the pointer to
-the user data associated with the wsi, just from the wsi.
-
-3) URI argument handling. Libwebsockets parses and protects URI arguments
-like test.html?arg1=1&arg2=2, it decodes %xx uriencoding format and reduces
-path attacks like ../.../../etc/passwd so they cannot go behind the web
-server's /. There is a list of confirmed attacks we're proof against in
-./test-server/attack.sh.
-
-There is a new API lws_hdr_copy_fragment that should be used now to access
-the URI arguments (it returns the fragments length)
-
- while (lws_hdr_copy_fragment(wsi, buf, sizeof(buf),
- WSI_TOKEN_HTTP_URI_ARGS, n) > 0) {
- lwsl_info("URI Arg %d: %s\n", ++n, buf);
- }
-
-For the example above, calling with n=0 will return "arg1=1" and n=1 "arg2=2".
-All legal uriencodings will have been reduced in those strings.
-
-lws_hdr_copy_fragment() returns the length of the x=y fragment, so it's also
-possible to deal with arguments containing %00. If you don't care about that,
-the returned string has '\0' appended to simplify processing.
-
-
-User api changes
-----------------
-
-1) Three APIS
-
- - lws_callback_on_writable_all_protocol(const struct lws_protocols *protocol)
- - lws_callback_all_protocol(const struct lws_protocols *protocol)
- - lws_rx_flow_allow_all_protocol(lws_rx_flow_allow_all_protocol)
-
-Now take an additional pointer to the lws_context in their first argument.
-
-The reason for this change is struct lws_protocols has been changed to remove
-members that lws used for private storage: so the protocols struct in now
-truly const and may be reused serially or simultaneously by different contexts.
-
-2) Eleven APIs
-
-LWS_VISIBLE LWS_EXTERN int
-lws_add_http_header_by_name(struct lws_context *context,
- struct lws *wsi,
- const unsigned char *name,
- const unsigned char *value,
- int length,
- unsigned char **p,
- unsigned char *end);
-LWS_VISIBLE LWS_EXTERN int
-lws_finalize_http_header(struct lws_context *context,
- struct lws *wsi,
- unsigned char **p,
- unsigned char *end);
-LWS_VISIBLE LWS_EXTERN int
-lws_add_http_header_by_token(struct lws_context *context,
- struct lws *wsi,
- enum lws_token_indexes token,
- const unsigned char *value,
- int length,
- unsigned char **p,
- unsigned char *end);
-LWS_VISIBLE LWS_EXTERN int
-lws_add_http_header_content_length(struct lws_context *context,
- struct lws *wsi,
- unsigned long content_length,
- unsigned char **p,
- unsigned char *end);
-LWS_VISIBLE LWS_EXTERN int
-lws_add_http_header_status(struct lws_context *context, struct lws *wsi,
- unsigned int code, unsigned char **p,
- unsigned char *end);
-
-LWS_VISIBLE LWS_EXTERN int
-lws_serve_http_file(struct lws_context *context, struct lws *wsi,
- const char *file, const char *content_type,
- const char *other_headers, int other_headers_len);
-LWS_VISIBLE LWS_EXTERN int
-lws_serve_http_file_fragment(struct lws_context *context, struct lws *wsi);
-
-LWS_VISIBLE LWS_EXTERN int
-lws_return_http_status(struct lws_context *context, struct lws *wsi,
- unsigned int code, const char *html_body);
-
-LWS_VISIBLE LWS_EXTERN int
-lws_callback_on_writable(const struct lws_context *context, struct lws *wsi);
-
-LWS_VISIBLE LWS_EXTERN void
-lws_get_peer_addresses(struct lws_context *context, struct lws *wsi,
- lws_sockfd_type fd, char *name, int name_len,
- char *rip, int rip_len);
-
-LWS_VISIBLE LWS_EXTERN int
-lws_read(struct lws_context *context, struct lws *wsi,
- unsigned char *buf, size_t len);
-
-no longer require their initial struct lws_context * parameter.
-
-3) Several older apis start with libwebsocket_ or libwebsockets_ while newer ones
-all begin lws_. These apis have been changed to all begin with lws_.
-
-To convert, search-replace
-
- - libwebsockets_/lws_
- - libwebsocket_/lws_
- - struct\ libwebsocket/struct\ lws
+ - LWS_WITH_MBEDTLS=1 at CMake now builds and works against mbedTLS instead of
+ OpenSSL. Most things work identically, although on common targets where
+ OpenSSL has acceleration, mbedTLS is many times slower in operation. However
+ it is a lot smaller codewise.
+
+ - Generic hash apis introduced that work the same on mbedTLS or OpenSSL backend
-4) context parameter removed from user callback.
-
-Since almost all apis no longer need the context as a parameter, it's no longer
-provided at the user callback directly.
-
-However if you need it, for ALL callbacks wsi is valid and has a valid context
-pointer you can recover using lws_get_context(wsi).
+ - LWS_WITH_PEER_LIMITS tracks IPs across all vhosts and allows restrictions on
+ both the number of simultaneous connections and wsi in use for any single IP
+
+ - lws_ring apis provide a generic single- or multi-tail ringbuffer... mirror
+ protocol now uses this. Features include ring elements may be sized to fit
+ structs in the ringbuffer, callback when no tail any longer needs an element
+ and it can be deleted, and zerocopy options to write new members directly
+ into the ringbuffer, and use the ringbuffer element by address too.
+
+ - abstract ssh 2 server plugin included, with both plugin and standalone
+ demos provided. You can bind the plugin to a vhost and also serve full-
+ strength ssh from the vhost. IO from the ssh server is controlled by an
+ "ops" struct of callbacks for tx, rx, auth etc.
+
+ - Many fixes, cleanups, source refactors and other improvements.
-v1.5-chrome47-firefox41
-=======================
+v2.3.0
+======
-User api changes
-----------------
+ - ESP32 OpenSSL support for client and server
-LWS_CALLBACK_CLIENT_CONNECTION_ERROR may provide an error string if in is
-non-NULL. If so, the string has length len.
+ - ESP32 4 x WLAN credential slots may be configured
-LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED is available to relax the requirement
-for peer certs if you are using the option to require client certs.
+ - Libevent event loop support
-LWS_WITHOUT_BUILTIN_SHA1 cmake option forces lws to use SHA1() defined
-externally, eg, byOpenSSL, and disables build of libwebsockets_SHA1()
+ - SOCKS5 proxy support
+ - lws_meta protocol for websocket connection multiplexing
-v1.4-chrome43-firefox36
-=======================
+ - lws_vhost_destroy() added... allows dynamic removal of listening
+ vhosts. Vhosts with shared listen sockets adopt the listen socket
+ automatically if the owner is destroyed.
-User api additions
-------------------
+ - IPv6 on Windows
-There's a new member in the info struct used to control context creation,
-ssl_private_key_password, which allows passing into lws the passphrase on
-an SSL cetificate
+ - Improved CGI handling suitable for general CGI scripting, eg, PHP
-There's a new member in struct protocols, id, which is ignored by lws but can
-be used by the user code to mark the selected protocol by user-defined version
-or capabliity flag information, for the case multiple versions of a protocol are
-supported.
+ - Convert even the "old style" test servers to use statically included
+ plugin sources
-int lws_is_ssl(wsi) added to allow user code to know if the connection was made
-over ssl or not. If LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT is used, both
-ssl and non-ssl connections are possible and may need to be treated differently
-in the user code.
+ - LWS_WITH_STATS cmake option dumps resource usage and timing information
+ every few seconds to debug log, including latency information about
+ delay from asking for writeable callback to getting it
-int lws_partial_buffered(wsi) added... should be checked after any
-libwebsocket_write that will be followed by another libwebsocket_write inside
-the same writeable callback. If set, you can't do any more writes until the
-writeable callback is called again. If you only do one write per writeable callback,
-you can ignore this.
+ - Large (> 2GB) files may be served
-HTTP2-related: HTTP2 changes how headers are handled, lws now has new version-
-agnositic header creation APIs. These do the right thing depending on each
-connection's HTTP version without the user code having to know or care, except
-to make sure to use the new APIs for headers (test-server is updated to use
-them already, so look there for examples)
-
-The APIs "render" the headers into a user-provided buffer and bump *p as it
-is used. If *p reaches end, then the APIs return nonzero for error.
-
-LWS_VISIBLE LWS_EXTERN int
-lws_add_http_header_status(struct libwebsocket_context *context,
- struct libwebsocket *wsi,
- unsigned int code,
- unsigned char **p,
- unsigned char *end);
-
-Start a response header reporting status like 200, 500, etc
-
-LWS_VISIBLE LWS_EXTERN int
-lws_add_http_header_by_name(struct libwebsocket_context *context,
- struct libwebsocket *wsi,
- const unsigned char *name,
- const unsigned char *value,
- int length,
- unsigned char **p,
- unsigned char *end);
-
-Add a header like name: value in HTTP1.x
-
-LWS_VISIBLE LWS_EXTERN int
-lws_finalize_http_header(struct libwebsocket_context *context,
- struct libwebsocket *wsi,
- unsigned char **p,
- unsigned char *end);
-
-Finish off the headers, like add the extra \r\n in HTTP1.x
-
-LWS_VISIBLE LWS_EXTERN int
-lws_add_http_header_by_token(struct libwebsocket_context *context,
- struct libwebsocket *wsi,
- enum lws_token_indexes token,
- const unsigned char *value,
- int length,
- unsigned char **p,
- unsigned char *end);
-
-Add a header by using a lws token as the name part. In HTTP2, this can be
-compressed to one or two bytes.
-
-
-User api removal
-----------------
-
-protocols struct member no_buffer_all_partial_tx is removed. Under some
-conditions like rewriting extension such as compression in use, the built-in
-partial send buffering is the only way to deal with the problem, so turning
-it off is deprecated.
-
-
-User api changes
-----------------
-
-HTTP2-related: API libwebsockets_serve_http_file() takes an extra parameter at
-the end now
-
-int other_headers_len)
-
-If you are providing other headers, they must be generated using the new
-HTTP-version-agnostic APIs, and you must provide the length of them using this
-additional parameter.
-
-struct lws_context_creation_info now has an additional member
-SSL_CTX *provided_client_ssl_ctx you may set to an externally-initialized
-SSL_CTX managed outside lws. Defaulting to zero keeps the existing behaviour of
-lws managing the context, if you memset the struct to 0 or have as a filescope
-initialized struct in bss, no need to change anything.
-
-
-v1.3-chrome37-firefox30
-=======================
-
- .gitignore | 1 -
- CMakeLists.txt | 447 +++--
- README.build | 35 +-
- README.coding | 14 +
- changelog | 66 +
- cmake/LibwebsocketsConfig.cmake.in | 17 +
- cmake/LibwebsocketsConfigVersion.cmake.in | 11 +
- config.h.cmake | 18 +
- cross-ming.cmake | 31 +
- cross-openwrt-makefile | 91 +
- lib/client-handshake.c | 205 ++-
- lib/client-parser.c | 58 +-
- lib/client.c | 158 +-
- lib/context.c | 341 ++++
- lib/extension-deflate-frame.c | 2 +-
- lib/extension.c | 178 ++
- lib/handshake.c | 287 +---
- lib/lextable.h | 338 ++++
- lib/libev.c | 175 ++
- lib/libwebsockets.c | 2089 +++--------------------
- lib/libwebsockets.h | 253 ++-
- lib/lws-plat-unix.c | 404 +++++
- lib/lws-plat-win.c | 358 ++++
- lib/minilex.c | 530 +++---
- lib/output.c | 445 ++---
- lib/parsers.c | 682 ++++----
- lib/pollfd.c | 239 +++
- lib/private-libwebsockets.h | 501 +++++-
- lib/server-handshake.c | 274 +--
- lib/server.c | 858 ++++++++--
- lib/service.c | 517 ++++++
- lib/sha-1.c | 38 +-
- lib/ssl-http2.c | 78 +
- lib/ssl.c | 571 +++++++
- test-server/attack.sh | 101 +-
- test-server/test-client.c | 9 +-
- test-server/test-echo.c | 17 +-
- test-server/test-fraggle.c | 7 -
- test-server/test-ping.c | 12 +-
- test-server/test-server.c | 330 ++--
- test-server/test.html | 4 +-
- win32port/client/client.vcxproj | 259 ---
- win32port/client/client.vcxproj.filters | 39 -
- .../libwebsocketswin32.vcxproj.filters | 93 -
- win32port/server/server.vcxproj | 276 ---
- win32port/server/server.vcxproj.filters | 51 -
- win32port/win32helpers/gettimeofday.h | 59 +-
- win32port/win32helpers/netdb.h | 1 -
- win32port/win32helpers/strings.h | 0
- win32port/win32helpers/sys/time.h | 1 -
- win32port/win32helpers/unistd.h | 0
- win32port/win32helpers/websock-w32.c | 104 --
- win32port/win32helpers/websock-w32.h | 62 -
- win32port/win32port.sln | 100 --
- win32port/zlib/gzio.c | 3 +-
- 55 files changed, 6779 insertions(+), 5059 deletions(-)
-
-
-User api additions
-------------------
-
-POST method is supported
-
-The protocol 0 / HTTP callback can now get two new kinds of callback,
-LWS_CALLBACK_HTTP_BODY (in and len are a chunk of the body of the HTTP request)
-and LWS_CALLBACK_HTTP_BODY_COMPLETION (the expected amount of body has arrived
-and been passed to the user code already). These callbacks are used with the
-post method (see the test server for details).
-
-The period between the HTTP header completion and the completion of the body
-processing is protected by a 5s timeout.
-
-The chunks are stored in a malloc'd buffer of size protocols[0].rx_buffer_size.
-
-
-New server option you can enable from user code
-LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT allows non-SSL connections to
-also be accepted on an SSL listening port. It's disabled unless you enable
-it explicitly.
-
-
-Two new callbacks are added in protocols[0] that are optional for allowing
-limited thread access to libwebsockets, LWS_CALLBACK_LOCK_POLL and
-LWS_CALLBACK_UNLOCK_POLL.
-
-If you use them, they protect internal and external poll list changes, but if
-you want to use external thread access to libwebsocket_callback_on_writable()
-you have to implement your locking here even if you don't use external
-poll support.
-
-If you will use another thread for this, take a lot of care about managing
-your list of live wsi by doing it from ESTABLISHED and CLOSED callbacks
-(with your own locking).
-
-If you configure cmake with -DLWS_WITH_LIBEV=1 then the code allowing the libev
-eventloop instead of the default poll() one will also be compiled in. But to
-use it, you must also set the LWS_SERVER_OPTION_LIBEV flag on the context
-creation info struct options member.
-
-IPV6 is supported and enabled by default except for Windows, you can disable
-the support at build-time by giving -DLWS_IPV6=, and disable use of it even if
-compiled in by making sure the flag LWS_SERVER_OPTION_DISABLE_IPV6 is set on
-the context creation info struct options member.
-
-You can give LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS option flag to
-guarantee the OS CAs will not be used, even if that support was selected at
-build-time.
-
-Optional "token limits" may be enforced by setting the member "token_limits"
-in struct lws_context_creation_info to point to a struct lws_token_limits.
-NULL means no token limits used for compatibility.
-
-
-User api changes
-----------------
-
-Extra optional argument to libwebsockets_serve_http_file() allows injecion
-of HTTP headers into the canned response. Eg, cookies may be added like
-that without getting involved in having to send the header by hand.
-
-A new info member http_proxy_address may be used at context creation time to
-set the http proxy. If non-NULL, it overrides http_proxy environment var.
-
-Cmake supports LWS_SSL_CLIENT_USE_OS_CA_CERTS defaulting to on, which gets
-the client to use the OS CA Roots. If you're worried somebody with the
-ability to forge for force creation of a client cert from the root CA in
-your OS, you should disable this since your selfsigned $0 cert is a lot safer
-then...
-
-
-v1.23-chrome32-firefox24
-========================
-
- Android.mk | 29 +
- CMakeLists.txt | 573 ++++++++----
- COPYING | 503 -----------
- INSTALL | 365 --------
- Makefile.am | 13 -
- README.build | 371 ++------
- README.coding | 63 ++
- autogen.sh | 1578 ---------------------------------
- changelog | 69 ++
- cmake/FindGit.cmake | 163 ++++
- cmake/FindOpenSSLbins.cmake | 15 +-
- cmake/UseRPMTools.cmake | 176 ++++
- config.h.cmake | 25 +-
- configure.ac | 226 -----
- cross-arm-linux-gnueabihf.cmake | 28 +
- lib/Makefile.am | 89 --
- lib/base64-decode.c | 98 +-
- lib/client-handshake.c | 123 ++-
- lib/client-parser.c | 19 +-
- lib/client.c | 145 ++-
- lib/daemonize.c | 4 +-
- lib/extension.c | 2 +-
- lib/getifaddrs.h | 4 +-
- lib/handshake.c | 76 +-
- lib/libwebsockets.c | 491 ++++++----
- lib/libwebsockets.h | 164 ++--
- lib/output.c | 214 ++++-
- lib/parsers.c | 102 +--
- lib/private-libwebsockets.h | 66 +-
- lib/server-handshake.c | 5 +-
- lib/server.c | 29 +-
- lib/sha-1.c | 2 +-
- libwebsockets-api-doc.html | 249 +++---
- libwebsockets.pc.in | 11 -
- libwebsockets.spec | 14 +-
- m4/ignore-me | 2 -
- scripts/FindLibWebSockets.cmake | 33 +
- scripts/kernel-doc | 1 +
- test-server/Makefile.am | 131 ---
- test-server/leaf.jpg | Bin 0 -> 2477518 bytes
- test-server/test-client.c | 78 +-
- test-server/test-echo.c | 33 +-
- test-server/test-fraggle.c | 26 +-
- test-server/test-ping.c | 15 +-
- test-server/test-server.c | 197 +++-
- test-server/test.html | 5 +-
- win32port/win32helpers/gettimeofday.c | 74 +-
- win32port/win32helpers/websock-w32.h | 6 +-
- 48 files changed, 2493 insertions(+), 4212 deletions(-)
-
-
-User api additions
-------------------
-
- - You can now call libwebsocket_callback_on_writable() on http connectons,
- and get a LWS_CALLBACK_HTTP_WRITEABLE callback, the same way you can
- regulate writes with a websocket protocol connection.
-
- - A new member in the context creation parameter struct "ssl_cipher_list" is
- added, replacing CIPHERS_LIST_STRING. NULL means use the ssl library
- default list of ciphers.
-
- - Not really an api addition, but libwebsocket_service_fd() will now zero
- the revents field of the pollfd it was called with if it handled the
- descriptor. So you can tell if it is a non-lws fd by checking revents
- after the service call... if it's still nonzero, the descriptor
- belongs to you and you need to take care of it.
-
- - libwebsocket_rx_flow_allow_all_protocol(protocol) will unthrottle all
- connections with the established protocol. It's designed to be
- called from user server code when it sees it can accept more input
- and may have throttled connections using the server rx flow apis
- while it was unable to accept any other input The user server code
- then does not have to try to track while connections it choked, this
- will free up all of them in one call.
-
- - there's a new, optional callback LWS_CALLBACK_CLOSED_HTTP which gets
- called when an HTTP protocol socket closes
-
- - for LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION callback, the user_space alloc
- has already been done before the callback happens. That means we can
- use the user parameter to the callback to contain the user pointer, and
- move the protocol name to the "in" parameter. The docs for this
- callback are also updated to reflect how to check headers in there.
-
- - libwebsocket_client_connect() is now properly nonblocking and async. See
- README.coding and test-client.c for information on the callbacks you
- can rely on controlling the async connection period with.
-
- - if your OS does not support the http_proxy environment variable convention
- (eg, reportedly OSX), you can use a new api libwebsocket_set_proxy()
- to set the proxy details in between context creation and the connection
- action. For OSes that support http_proxy, that's used automatically.
-
-User api changes
-----------------
-
- - the external poll callbacks now get the socket descriptor coming from the
- "in" parameter. The user parameter provides the user_space for the
- wsi as it normally does on the other callbacks.
- LWS_CALLBACK_FILTER_NETWORK_CONNECTION also has the socket descriptor
- delivered by @in now instead of @user.
-
- - libwebsocket_write() now returns -1 for error, or the amount of data
- actually accepted for send. Under load, the OS may signal it is
- ready to send new data on the socket, but have only a restricted
- amount of memory to buffer the packet compared to usual.
-
-
-User api removal
-----------------
-
- - libwebsocket_ensure_user_space() is removed from the public api, if you
- were using it to get user_space, you need to adapt your code to only
- use user_space inside the user callback.
-
- - CIPHERS_LIST_STRING is removed
-
- - autotools build has been removed. See README.build for info on how to
- use CMake for your platform
-
-
-v1.21-chrome26-firefox18
-========================
-
- - Fixes buffer overflow bug in max frame size handling if you used the
- default protocol buffer size. If you declared rx_buffer_size in your
- protocol, which is recommended anyway, your code was unaffected.
-
-v1.2-chrome26-firefox18
-=======================
-
-Diffstat
---------
-
- .gitignore | 16 +++
- CMakeLists.txt | 544 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- LICENSE | 526 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- Makefile.am | 1 +
- README | 20 +++
- README.build | 258 ++++++++++++++++++++++++++++++++-----
- README.coding | 52 ++++++++
- changelog | 136 ++++++++++++++++++++
- cmake/FindOpenSSLbins.cmake | 33 +++++
- config.h.cmake | 173 +++++++++++++++++++++++++
- configure.ac | 22 +++-
- lib/Makefile.am | 20 ++-
- lib/base64-decode.c | 2 +-
- lib/client-handshake.c | 190 +++++++++++-----------------
- lib/client-parser.c | 88 +++++++------
- lib/client.c | 384 ++++++++++++++++++++++++++++++-------------------------
- lib/daemonize.c | 32 +++--
- lib/extension-deflate-frame.c | 58 +++++----
- lib/extension-deflate-stream.c | 19 ++-
- lib/extension-deflate-stream.h | 4 +-
- lib/extension.c | 11 +-
- lib/getifaddrs.c | 315 +++++++++++++++++++++++-----------------------
- lib/getifaddrs.h | 30 ++---
- lib/handshake.c | 124 +++++++++++-------
- lib/libwebsockets.c | 736 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------------------------------
- lib/libwebsockets.h | 237 ++++++++++++++++++++++------------
- lib/output.c | 192 +++++++++++-----------------
- lib/parsers.c | 966 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------------------------------------------------
- lib/private-libwebsockets.h | 225 +++++++++++++++++++++------------
- lib/server-handshake.c | 82 ++++++------
- lib/server.c | 96 +++++++-------
- libwebsockets-api-doc.html | 189 ++++++++++++++++++----------
- libwebsockets.spec | 17 +--
- test-server/attack.sh | 148 ++++++++++++++++++++++
- test-server/test-client.c | 125 +++++++++---------
- test-server/test-echo.c | 31 +++--
- test-server/test-fraggle.c | 32 ++---
- test-server/test-ping.c | 52 ++++----
- test-server/test-server.c | 129 ++++++++++++-------
- win32port/libwebsocketswin32/libwebsocketswin32.vcxproj | 279 ----------------------------------------
- win32port/libwebsocketswin32/libwebsocketswin32.vcxproj.filters | 23 +++-
- 41 files changed, 4398 insertions(+), 2219 deletions(-)
-
-
-User api additions
-------------------
-
- - lws_get_library_version() returns a const char * with a string like
- "1.1 9e7f737", representing the library version from configure.ac
- and the git HEAD hash the library was built from
-
- - TCP Keepalive can now optionally be applied to all lws sockets, on Linux
- also with controllable timeout, number of probes and probe interval.
- (On BSD type OS, you can only use system default settings for the
- timing and retries, although enabling it is supported by setting
- ka_time to nonzero, the exact value has no meaning.)
- This enables detection of idle connections which are logically okay,
- but are in fact dead, due to network connectivity issues at the server,
- client, or any intermediary. By default it's not enabled, but you
- can enable it by setting a non-zero timeout (in seconds) at the new
- ka_time member at context creation time.
-
- - Two new optional user callbacks added, LWS_CALLBACK_PROTOCOL_DESTROY which
- is called one-time per protocol as the context is being destroyed, and
- LWS_CALLBACK_PROTOCOL_INIT which is called when the context is created
- and the protocols are added, again it's a one-time affair.
- This lets you manage per-protocol allocations properly including
- cleaning up after yourself when the server goes down.
-
-User api changes
-----------------
-
- - libwebsocket_create_context() has changed from taking a ton of parameters
- to just taking a pointer to a struct containing the parameters. The
- struct lws_context_creation_info is in libwebsockets.h, the members
- are in the same order as when they were parameters to the call
- previously. The test apps are all updated accordingly so you can
- see example code there.
-
- - Header tokens are now deleted after the websocket connection is
- established. Not just the header data is saved, but the pointer and
- length array is also removed from (union) scope saving several hundred
- bytes per connection once it is established
-
- - struct libwebsocket_protocols has a new member rx_buffer_size, this
- controls rx buffer size per connection of that protocol now. Sources
- for apps built against older versions of the library won't declare
- this in their protocols, defaulting it to 0. Zero buffer is legal,
- it causes a default buffer to be allocated (currently 4096)
-
- If you want to receive only atomic frames in your user callback, you
- should set this to greater than your largest frame size. If a frame
- comes that exceeds that, no error occurs but the callback happens as
- soon as the buffer limit is reached, and again if it is reached again
- or the frame completes. You can detect that has happened by seeing
- there is still frame content pending using
- libwebsockets_remaining_packet_payload()
-
- By correctly setting this, you can save a lot of memory when your
- protocol has small frames (see the test server and client sources).
-
- - LWS_MAX_HEADER_LEN now defaults to 1024 and is the total amount of known
- header payload lws can cope with, that includes the GET URL, origin
- etc. Headers not understood by lws are ignored and their payload
- not included in this.
-
-
-User api removals
------------------
-
- - The configuration-time option MAX_USER_RX_BUFFER has been replaced by a
- buffer size chosen per-protocol. For compatibility, there's a default
- of 4096 rx buffer, but user code should set the appropriate size for
- the protocol frames.
-
- - LWS_INITIAL_HDR_ALLOC and LWS_ADDITIONAL_HDR_ALLOC are no longer needed
- and have been removed. There's a new header management scheme that
- handles them in a much more compact way.
-
- - libwebsockets_hangup_on_client() is removed. If you want to close the
- connection you must do so from the user callback and by returning
- -1 from there.
-
- - libwebsocket_close_and_free_session() is now private to the library code
- only and not exposed for user code. If you want to close the
- connection, you must do so from the user callback by returning -1
- from there.
-
-
-New features
-------------
-
- - Cmake project file added, aimed initially at Windows support: this replaces
- the visual studio project files that were in the tree until now.
-
- - CyaSSL now supported in place of OpenSSL (--use-cyassl on configure)
-
- - PATH_MAX or MAX_PATH no longer needed
-
- - cutomizable frame rx buffer size by protocol
-
- - optional TCP keepalive so dead peers can be detected, can be enabled at
- context-creation time
-
- - valgrind-clean: no SSL or CyaSSL: completely clean. With OpenSSL, 88 bytes
- lost at OpenSSL library init and symptomless reports of uninitialized
- memory usage... seems to be a known and ignored problem at OpenSSL
-
- - By default debug is enabled and the library is built for -O0 -g to faclitate
- that. Use --disable-debug configure option to build instead with -O4
- and no -g (debug info), obviously providing best performance and
- reduced binary size.
-
- - 1.0 introduced some code to try to not deflate small frames, however this
- seems to break when confronted with a mixture of frames above and
- below the threshold, so it's removed. Veto the compression extension
- in your user callback if you will typically have very small frames.
-
- - There are many memory usage improvements, both a reduction in malloc/
- realloc and architectural changes. A websocket connection now
- consumes only 296 bytes with SSL or 272 bytes without on x86_64,
- during header processing an additional 1262 bytes is allocated in a
- single malloc, but is freed when the websocket connection starts.
- The RX frame buffer defined by the protocol in user
- code is also allocated per connection, this represents the largest
- frame you can receive atomically in that protocol.
-
- - On ARM9 build, just http+ws server no extensions or ssl, <12Kbytes .text
- and 112 bytes per connection (+1328 only during header processing)
-
-
-v1.1-chrome26-firefox18
-=======================
-
-Diffstat
---------
-
- Makefile.am | 4 +
- README-test-server | 291 ---
- README.build | 239 ++
- README.coding | 138 ++
- README.rst | 72 -
- README.test-apps | 272 +++
- configure.ac | 116 +-
- lib/Makefile.am | 55 +-
- lib/base64-decode.c | 5 +-
- lib/client-handshake.c | 121 +-
- lib/client-parser.c | 394 ++++
- lib/client.c | 807 +++++++
- lib/daemonize.c | 212 ++
- lib/extension-deflate-frame.c | 132 +-
- lib/extension-deflate-stream.c | 12 +-
- lib/extension-x-google-mux.c | 1223 ----------
- lib/extension-x-google-mux.h | 96 -
- lib/extension.c | 8 -
- lib/getifaddrs.c | 271 +++
- lib/getifaddrs.h | 76 +
- lib/handshake.c | 582 +----
- lib/libwebsockets.c | 2493 ++++++---------------
- lib/libwebsockets.h | 115 +-
- lib/md5.c | 217 --
- lib/minilex.c | 440 ++++
- lib/output.c | 628 ++++++
- lib/parsers.c | 2016 +++++------------
- lib/private-libwebsockets.h | 284 +--
- lib/server-handshake.c | 275 +++
- lib/server.c | 377 ++++
- libwebsockets-api-doc.html | 300 +--
- m4/ignore-me | 2 +
- test-server/Makefile.am | 111 +-
- test-server/libwebsockets.org-logo.png | Bin 0 -> 7029 bytes
- test-server/test-client.c | 45 +-
- test-server/test-echo.c | 330 +++
- test-server/test-fraggle.c | 20 +-
- test-server/test-ping.c | 22 +-
- test-server/test-server-extpoll.c | 554 -----
- test-server/test-server.c | 349 ++-
- test-server/test.html | 3 +-
- win32port/zlib/ZLib.vcxproj | 749 ++++---
- win32port/zlib/ZLib.vcxproj.filters | 188 +-
- win32port/zlib/adler32.c | 348 ++-
- win32port/zlib/compress.c | 160 +-
- win32port/zlib/crc32.c | 867 ++++----
- win32port/zlib/crc32.h | 882 ++++----
- win32port/zlib/deflate.c | 3799 +++++++++++++++-----------------
- win32port/zlib/deflate.h | 688 +++---
- win32port/zlib/gzclose.c | 50 +-
- win32port/zlib/gzguts.h | 325 ++-
- win32port/zlib/gzlib.c | 1157 +++++-----
- win32port/zlib/gzread.c | 1242 ++++++-----
- win32port/zlib/gzwrite.c | 1096 +++++----
- win32port/zlib/infback.c | 1272 ++++++-----
- win32port/zlib/inffast.c | 680 +++---
- win32port/zlib/inffast.h | 22 +-
- win32port/zlib/inffixed.h | 188 +-
- win32port/zlib/inflate.c | 2976 +++++++++++++------------
- win32port/zlib/inflate.h | 244 +-
- win32port/zlib/inftrees.c | 636 +++---
- win32port/zlib/inftrees.h | 124 +-
- win32port/zlib/trees.c | 2468 +++++++++++----------
- win32port/zlib/trees.h | 256 +--
- win32port/zlib/uncompr.c | 118 +-
- win32port/zlib/zconf.h | 934 ++++----
- win32port/zlib/zlib.h | 3357 ++++++++++++++--------------
- win32port/zlib/zutil.c | 642 +++---
- win32port/zlib/zutil.h | 526 ++---
- 69 files changed, 19556 insertions(+), 20145 deletions(-)
-
-user api changes
-----------------
-
- - libwebsockets_serve_http_file() now takes a context as first argument
-
- - libwebsockets_get_peer_addresses() now takes a context and wsi as first
- two arguments
-
-
-user api additions
-------------------
-
- - lwsl_...() logging apis, default to stderr but retargetable by user code;
- may be used also by user code
-
- - lws_set_log_level() set which logging apis are able to emit (defaults to
- notice, warn, err severities), optionally set the emit callback
-
- - lwsl_emit_syslog() helper callback emits to syslog
-
- - lws_daemonize() helper code that forks the app into a headless daemon
- properly, maintains a lock file with pid in suitable for sysvinit etc to
- control lifecycle
-
- - LWS_CALLBACK_HTTP_FILE_COMPLETION callback added since http file
- transfer is now asynchronous (see test server code)
-
- - lws_frame_is_binary() from a wsi pointer, let you know if the received
- data was sent in BINARY mode
-
-
-user api removals
------------------
-
- - libwebsockets_fork_service_loop() - no longer supported (had intractable problems)
- arrange your code to act from the user callback instead from same
- process context as the service loop
-
- - libwebsockets_broadcast() - use libwebsocket_callback_on_writable[_all_protocol]()
- instead from same process context as the service loop. See the test apps
- for examples.
-
- - x-google-mux() removed until someone wants it
-
- - pre -v13 (ancient) protocol support removed
+ - LWS_WITH_HTTP_PROXY Cmake option adds proxying mounts
+ - Workaround for libev build by disabling -Werror on the test app
-New features
-------------
+ - HTTP2 support disabled since no way to serve websockets on it
- - echo test server and client compatible with echo.websocket.org added
- - many new configure options (see README.build) to reduce footprint of the
- library to what you actually need, eg, --without-client and
- --without-server
+v2.2.0
+======
- - http + websocket server can build to as little as 12K .text for ARM
+Major new features
- - no more MAX_CLIENTS limitation; adapts to support the max number of fds
- allowed to the process by ulimit, defaults to 1024 on Fedora and
- Ubuntu. Use ulimit to control this without needing to configure
- the library. Code here is smaller and faster.
+ - A mount can be protected by Basic Auth... in lwsws it looks like this
- - adaptive ratio of listen socket to connection socket service allows
- good behaviour under Apache ab test load. Tested with thousands
- of simultaneous connections
+ ```
+{
+ "mountpoint": "/basic-auth",
+ "origin": "file://_lws_ddir_/libwebsockets-test-server/private",
+ "basic-auth": "/var/www/balogins-private"
+}
+```
- - reduction in per-connection memory footprint by moving to a union to hold
- mutually-exclusive state for the connection
+The text file named in `basic-auth` contains user:password information
+one per line.
- - robustness: Out of Memory taken care of for all allocation code now
+See README.lwsws.md for more information.
- - internal getifaddrs option if your toolchain lacks it (some uclibc)
+ - RFC7233 RANGES support in lws server... both single and multipart.
+ This allows seeking for multimedia file serving and download resume.
+ It's enabled by default but can be disabled by CMake option.
- - configurable memory limit for deflate operations
+ - On Linux, lwsws can reload configuration without dropping ongoing
+ connections, when sent a SIGHUP. The old configuration drops its
+ listen sockets so the new configuration can listen on them.
+ New connections connect to the server instance with the new
+ configuration. When all old connections eventually close, the old
+ instance automatically exits. This is equivalent to
+ `systemctl reload apache`
- - improvements in SSL code nonblocking operation, possible hang solved,
- some SSL operations broken down into pollable states so there is
- no library blocking, timeout coverage for SSL_connect
+ - New `adopt` api allow adoption including SSL negotiation and
+ for raw sockets and file descriptors.
- - extpoll test server merged into single test server source
+ - Chunked transfer encoding supported for client and server
- - robustness: library should deal with all recoverable socket conditions
+ - Adaptations to allow operations inside OPTEE Secure World
- - rx flowcontrol for backpressure notification fixed and implmeneted
- correctly in the test server
+ - ESP32 initial port - able to do all test server functions. See
+ README.build.md
- - optimal lexical parser added for header processing; all headers in a
- single 276-byte state table
+ - Serving gzipped files from inside a ZIP file is supported... this
+ includes directly serving the gzipped content if the client
+ indicated it could accept it (ie, almost all browsers) saving
+ bandwidth and time. For clients that can't accept it, lws
+ automatically decompresses and serves the content in memory-
+ efficient chunks. Only a few hundred bytes of heap are needed
+ to serve any size file from inside the zip. See README.coding.md
- - latency tracking api added (configure --with-latency)
+ - RAW file descriptors may now be adopted into the lws event loop,
+ independent of event backend (including poll service).
+ See README.coding.md
- - Improved in-tree documentation, REAME.build, README.coding,
- README.test-apps, changelog
+ - RAW server socket descriptors may now be enabled on the vhost if
+ the first thing sent on the connection is not a valid http method.
+ The user code can associate these with a specific protocol per
+ vhost, and RAW-specific callbacks appear there for creation, rx,
+ writable and close. See libwebsockets-test-server-v2.0 for an example.
+ See README.coding.md
- - Many small fixes
+ - RAW client connections are now possible using the method "RAW".
+ After connection, the socket is associated to the protocol
+ named in the client connection info and RAW-specific callbacks
+ appear there for creation, rx, writable and close.
+ See libwebsockets-test-client (with raw://) for an example.
+ See README.coding.md
-v1.0-chrome25-firefox17 (6cd1ea9b005933f)
+(for earlier changelogs, see the tagged releases)