Changelog
---------
-v1.4-chrome43-firefox36
-=======================
+v4.3.0
+======
+
+ - Add full CBOR stream parsing and writing support, with huge
+ amount of test vectors and resumable printf type write apis
+ See ./READMEs/README.cbor-lecp.md
+ - Add COSE key and signing / validation support with huge amount of
+ test vectors
+ cose_sign[1] ES256/384/512, RS256/384/512
+ cose_mac0 HS256/384/512
+ See ./READMEs/README.cbor-cose.md
+ - JIT Trust: for constrained devices, provides a way to determine the
+ trusted CA certs the peer requires, and instantiate just those.
+ This allows generic client browsing without the overhead of ~130
+ x.509 CA certs in memory permanently.
+ See ./READMEs/README.jit-trust.md
+ - Add support for client Netscape cookie jar with caching
+ - Secure Streams: issue LWSSSCS_EVENT_WAIT_CANCELLED state() when
+ lws_cancel_service() called, so cross-thread events can be handled
+ in SS
+ - Actively assert() on attempt to destroy SS handles still active in
+ the call stack, use DESTROY_ME returns instead so caller can choose
+ how to handle it.
+ - Improved Client Connection Error report strings for tls errors
+ - SMP: Use a private fakewsi for PROTOCOL_INIT so pts cannot try to
+ use the same one concurrently
+ - MbedTLS v3 support for all release changes, as well as retaining
+ support for v2.x
+ - MQTT client: support QoS2
+ - Event lib ops can now be set at context creation time directly,
+ bringing full event lib hooking to custom event loops. See
+ minimal-http-server-eventlib-custom
+ - Extra APIs to recover AKID and SKID from x.509 in mbedtls and openssl
+ - Improve http redirect to handle h2-> h2 cleanly
+ - IPv4+6 listen sockets on vhosts are now done with two separate
+ sockets bound individually to AF_INET and AF_INET6 addresses,
+ handled by the same vhost listen flow.
+ - Improved tls restriction handling
+ - Log contexts: allow objects to log into local logging contexts, by
+ lws_context, vhost, wsi and ss handle. Each context has its own
+ emit function and log level. See ./READMEs/README.logging.md
+ - Upgrade compiler checking to default to -Werror -Wall -Wextra
+ - Fault injection apis now also support pseudo-random number binding
+ within a specified range, eg,
+ --fault-injection "f1(10%),f1_delay(123..456)"
+ - Remove LWS_WITH_DEPRECATED_THINGS, remove master branch
+ - Interface binding now uses ipv6 scoring to select bind address
+
+v4.2.0
+======
+
+ - Sai coverage upgrades, 495 builds on 27 platforms, including OSX M1,
+ Xenial, Bionic and Focal Ubuntu, Debian Sid and Buster on both 32 and
+ 64-bit OS, and NetBSD, Solaris, FreeBSD, Windows, ESP32.
+ Ctest run on more scenarios including all LWS_WITH_DISTRO_RECOMMENDED.
+ More tests use valgrind if available on platform.
+ - RFC7231 date and time parsing and retry-after wired up to lws_retry
+ - `LWS_WITH_SUL_DEBUGGING` checks that no sul belonging to Secure Streams
+ and wsi objects are left registered on destruction
+ - Netlink monitoring on Linux dynamically tracks interface address and
+ routing changes, and immediately closes connections on invalidated
+ routes.
+ - RFC6724 DNS results sorting over ipv4 + ipv6 results, according to
+ available dynamic route information
+ - Support new event library, sdevent (systemd native loop), via
+ `LWS_WITH_SDEVENT`
+ - Reduce .rodata cost of role structs by making them sparse
+ - Additional Secure Streams QA tests and runtime state transition
+ validation
+ - SMD-over-ss-proxy documentation and helpers to simplify forwarding
+ - SSPC stream buffering at proxy and client set from policy by streamtype
+ - Trigger Captive Portal Detection if DNS resolution fails
+ - Switch all logs related to wsi and Secure Streams to use unique,
+ descriptive tags instead of pointers (which may be reallocated)
+ - Use NOITCE logging for Secure Streams and wsi lifecycle logging using
+ tags
+ - Update SSPC serialization to include versioning on initial handshake,
+ and pass client pid to proxy so related objects are tagged with it
+ - Enable errors on -Wconversion pedantic type-related build issues
+ throughout the lws sources and upgrade every affected cast.
+ - Windows remove WSA event implementation and replace with WSAPoll, with
+ a pair of UDP sockets instead of pipe() for `lws_cancel_service()`
+ - `lws_strcmp_wildcard()` helper that understand "x*", "x*y", "x*y*" etc
+ - `LWS_WITH_PLUGINS_BUILTIN` cmake option just builds plugins into the main
+ library image directly
+ - Secure Streams proxy supports policy for flow control between proxy and
+ clients
+ - libressl also supported along with boringssl, wolfssl
+ - prepared for openssl v3 compatibility, for main function and GENCRYPTO
+ - Fault injection apis can confirm operation of 48 error paths and counting
+ - `LWS_WITH_SYS_METRICS` keeps stats and reports them to user-defined
+ function, compatible with openmetrics
+ - windows platform knows how to prepare openssl with system trust store certs
+ - `LWS_WITH_SYS_CONMON` allows selected client connections to make precise
+ measurements of connection performance and DNS results, and report them in a struct
+ - New native support for uloop event loop (OpenWRT loop)
+ - More options around JWT
+ - Support TLS session caching and reuse by default, on both OpenSSL and
+ mbedtls
+ - Many fixes and improvements...
+
+v4.1.0
+======
+
+ - NEW: travis / appveyor / bintray are replaced by Sai
+ https://libwebsockets.org/sai/ which for lws currently does 193 builds per
+ git push on 16 platforms, all self-hosted. The homebrew bash scripts used
+ to select Minimal examples are replaced by CTest. Platforms currently
+ include Fedora/AMD/GCC, Windows/AMD/mingw32, Windows/AMD/mingw64, Android/
+ aarch64/LLVM, esp-idf (on WROVER-KIT and HELTEC physical boards), Fedora/
+ RISCV (on QEMU)/GCC, CentOS8/AMD/GCC, Gentoo/AMD/GCC, Bionic/AMD/GCC,
+ Linkit 7697, Focal/AMD/GCC, Windows (on QEMU)/AMD/MSVC,
+ Focal/aarch64-RPI4/GCC, iOS/aarch64/LLVM and OSX/AMD/LLVM.
+
+ - NEW: The single CMakeLists.txt has been refactored and modernized into smaller
+ CMakeLists.txt in the subdirectory along with the code that is being managed
+ for build by it. Build options are still listed in the top level as before
+ but the new way is much more maintainable.
+
+ - NEW: event lib support on Unix is now built into dynamically loaded plugins
+ and brought in at runtime, allowing all of the support to be built in
+ isolation without conflicts, and separately packaged with individual
+ dependencies. See ./READMEs/event-libs.md for details and how to force
+ the old static build into lws method.
+
+ - NEW: Captive Portal Detection. Lws can determine if the active default
+ route is able to connect to the internet, or is in a captive portal type
+ situation, by trying to connect to a remote server that will respond in an
+ unusual way, like provide a 204.
+
+ - NEW: Secure streams: Support system trust store if it exists
+ Build on Windows
+ Support lws raw socket protocol in SS
+ Support Unix Domain Socket transport
+
+ - NEW: Windows: Support Unix Domain Sockets same as other platforms
+
+ - NEW: Windows: Build using native pthreads, async dns, ipv6 on MSVC
+
+ - NEW: lws_struct: BLOB support
+
+ - NEW: lws_sul: Now provides two sorted timer domains, a default one as
+ before, and another whose scheduled events are capable to wake the system from suspend
+
+ - NEW: System Message Distribution: lws_smd provides a very lightweight way
+ to pass short messages between subsystems both in RTOS type case where the
+ subsystems are all on the lws event loop, and in the case participants are in
+ different processes, using Secure Streams proxying. Participants register a bitmap
+ of message classes they care about; if no particpant cares about a particular message,
+ it is rejected at allocation time for the sender, making it cheap to provide messages
+ speculatively. See lib/system/smd/README.md for full details.
+
+ - NEW: lws_drivers: wrappers for SDK driver abstractions (or actual drivers)
+ See lib/drivers/README.md, example implementations
+ minimal-examples/embedded/esp32/esp-wrover-kit
+ - generic gpio
+ - generic LED (by name) lib/drivers/led/README.md
+ - generic PWM, sophisticated interpolated table
+ sequencers with crossfade
+ - generic button (by name), with debounce and press classification
+ emitting rich SMD click, long-click, double-click,
+ down, repeat, up JSON messages
+ lib/drivers/button/README.md
+ - bitbang i2c on generic gpio (hw support can use same
+ abstract API)
+ - bitbang spi on generic gpio (hw support can use same
+ abstract API)
+ - generic display object, can be wired up to controller
+ drivers that hook up by generic i2c or spi,
+ generic backlight PWM sequencing and
+ blanking timer support
+ - generic settings storage: get and set blobs by name
+ - generic network device: netdev abstract class with
+ WIFI / Ethernet implementations
+ using underlying SDK APIs;
+ generic 80211 Scan managements
+ and credentials handling via
+ lws_settings
+ This is the new way to provide embedded platform
+ functionality that was in the past done like
+ esp32-factory. Unlike the old way, the new way has no
+ native apis in it and can be built on other SDK / SoCs
+ the same.
+
+ - NEW: Security-aware JWS JWT (JSON Web Tokens) apis are provided on top of the existing
+ JOSE / JWS apis. All the common algorithms are available along with some
+ high level apis like lws http cookie -> JWT struct -> lws http cookie.
+
+ - REMOVED: esp32-helper and friends used by esp32-factory now lws_drivers
+ exists
+
+ - REMOVED: generic sessions and friends now JWT is provided
+
+v4.0.0
+======
+
+ - NEW: Lws is now under the MIT license, see ./LICENSE for details
+
+ - NEW: GLIB native event loop support, lws + gtk example
+
+ - NEW: native lws MQTT client... supports client stream binding like h2 when
+ multiple logical connections are going to the same endpoint over MQTT, they
+ transparently and independently share the one connection + tls tunnel
+
+ - NEW: "Secure Streams"... if you are making a device with client connections
+ to the internet or cloud, this allows separation of the communications
+ policy (endpoints, tls cert validation, protocols, etc) from the code, with
+ the goal you can combine streams, change protocols and cloud provision, and
+ reflect that in the device's JSON policy document without having to change
+ any code.
+
+ - NEW: lws_system: New lightweight and efficient Asynchronous DNS resolver
+ implementation for both A and AAAA records, supports recursive (without
+ recursion in code) lookups, caching, and getaddrinfo() compatible results
+ scheme (from cache directly without per-consumer allocation). Able to
+ perform DNS lookups without introducing latency in the event loop.
+
+ - NEW: lws_system: ntpclient implementation with interface for setting system
+ time via lws_system ops
+
+ - NEW: lws_system: dhcpclient implementation
+
+ - NEW: Connection validity tracking, autoproduce PING/PONG for protocols that
+ support it if not informed that the connection has passed data in both
+ directions recently enough
+
+ - NEW: lws_retry: standardized exponential backoff and retry timing based
+ around backoff table and lws_sul
+
+ - NEW: there are official public helpers for unaligned de/serialization of all
+ common types, see eh, lws_ser_wu16be() in include/libwebsockets/lws-misc.h
+
+ - NEW: lws_tls_client_vhost_extra_cert_mem() api allows attaching extra certs
+ to a client vhost from DER in memory
+
+ - NEW: lws_system: generic blobs support passing auth tokens, per-connection
+ client certs etc from platform into lws
+
+ - NEW: public helpers to consume and produce ipv4/6 addresses in a clean way,
+ along with lws_sockaddr46 type now public. See eg, lws_sockaddr46-based
+ lws_sa46_parse_numeric_address(), lws_write_numeric_address()
+ in include/libwebsockets/lws-network-helper.h
+
+ - Improved client redirect handling, h2 compatibility
+
+ - NEW: lwsac: additional features for constant folding support (strings that
+ already are in the lwsac can be pointed to without copying again), backfill
+ (look for gaps in previous chunks that could take a new use size), and
+ lwsac_extend() so last use() can attempt to use more unallocated chunk space
+
+ - NEW: lws_humanize: apis for reporting scalar quanties like 1234 as "1.234KB"
+ with the scaled symbol strings passed in by caller
+
+ - NEW: freertos: support lws_cancel_service() by using UDP pair bound to lo,
+ since it doesn't have logical pipes
+
+ - NEW: "esp32" plat, which implemented freertos plat compatibility on esp32, is
+ renamed to "freertos" plat, targeting esp32 and other freertos platforms
+
+ - NEW: base64 has an additional api supporting stateful decode, where the input
+ is not all in the same place at the same time and can be processed
+ incrementally
+
+ - NEW: lws ws proxy: support RFC8441
+
+ - NEW: lws_spawn_piped apis: generic support for vforking a process with child
+ wsis attached to its stdin, stdout and stderr via pipes. When processes are
+ reaped, a specified callback is triggered. Currently Linux + OSX.
+
+ - NEW: lws_fsmount apis: Linux-only overlayfs mount and unmount management for
+ aggregating read-only layers with disposable, changeable upper layer fs
+
+ - Improvements for RTOS / small build case bring the footprint of lws v4 below
+ that of v3.1 on ARM
+
+ - lws_tokenize: flag specifying # should mark rest of line as comment
+
+ - NEW: minimal example for integrating libasound / alsa via raw file
+
+ - lws_struct: sqlite and json / lejp translation now usable
+
+
+v3.2.0
+======
+
+ - This is the last planned release under LGPLv2+SLE. It's not planned to be
+ maintained like previous releases, please switch to master for the latest
+ stuff or continue to use v3.1-stable until the next release under the
+ new MIT license.
+
+ - NEW: completely refactored scheduler with a unified, sorted us-resolution
+ linked-list implementation. All polled checks like timeout are migrated
+ to use the new timers, which also work on the event lib implementations.
+ Faster operation, us-resolution timeouts and generic scheduled callbacks
+ from the event loop.
+
+ - NEW: lws_dsh specialized buffer memory allocator that can borrow space
+ from other cooperating buffers on the same list.
+
+ - NEW: lws_sequencer allows managing multi-connection processes and
+ retries
+
+ - NEW: memory buffer cert support
+
+ - NEW: LWS_WITH_NETWORK in CMake... can be configured without any network-
+ related code at all
+
+ - NEW: builds on QNX 6.5 and SmartOS
+
+ - NEW: JOSE / JWK / JWS / JWE support, for all common ciphers and algs,
+ works on OpenSSL and mbedtls backends
+
+ - NEW: gencrypto now has genaes and genec in addition to genrsa, works
+ on OpenSSL and mbedtls backends
+
+ - NEW: raw_proxy role
+
+ - NEW: Basic Auth works on ws connections
+
+ - CHANGE: REMOVED: LWS_WITH_GENRSA, LWS_WITH_GENHASH, LWS_WITH_GENEC,
+ LWS_WITH_GENAES have all been removed and combined into LWS_WITH_GENCRYPTO
+
+ - CHANGE: REMOVED: LWS_WITH_JWS, LWS_WITH_JWE have been removed and combined
+ into LWS_WITH_JOSE
+
+v3.1.0
+======
+
+ - CHANGE: REMOVED: lws_client_connect() and lws_client_connect_extended()
+ compatibility apis for lws_client_connect_via_info() have been marked as
+ deprecated for several versions and are now removed. Use
+ lws_client_connect_via_info() directly instead.
+
+ - CHANGE: CMAKE:
+ - LWS_WITH_HTTP2: now defaults ON
+
+ - CHANGE: Minimal examples updated to use Content Security Policy best
+ practices, using
+ `LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE` vhost
+ option flag and disabling of inline style and scripts. A side-effect of
+ this is that buffers used to marshal headers have to be prepared to take
+ more content than previously... LWS_RECOMMENDED_MIN_HEADER_SPACE (2048
+ currently) is available for user (and internal) use to logically tie the
+ buffer size to this usecase (and follow future increases).
+
+ - NEW: CMAKE
+ - LWS_FOR_GITOHASHI: sets various cmake options suitable for gitohashi
+ - LWS_WITH_ASAN: for Linux, enable build with ASAN
+
+ Don't forget LWS_WITH_DISTRO_RECOMMENDED, which enables a wide range of lws
+ options suitable for a distro build of the library.
+
+ - NEW: lws threadpool - lightweight pool of pthreads integrated to lws wsi, with
+ all synchronization to event loop handled internally, queue for excess tasks
+ [threadpool docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/threadpool)
+ [threadpool minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/ws-server/minimal-ws-server-threadpool)
+ Cmake config: `-DLWS_WITH_THREADPOOL=1`
+
+ - NEW: libdbus support integrated on lws event loop
+ [lws dbus docs](https://libwebsockets.org/git/libwebsockets/tree/lib/roles/dbus)
+ [lws dbus client minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-client)
+ [lws dbus server minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-server)
+ Cmake config: `-DLWS_ROLE_DBUS=1`
+
+ - NEW: lws allocated chunks (lwsac) - helpers for optimized mass allocation of small
+ objects inside a few larger malloc chunks... if you need to allocate a lot of
+ inter-related structs for a limited time, this removes per-struct allocation
+ library overhead completely and removes the need for any destruction handling
+ [lwsac docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/lwsac)
+ [lwsac minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lwsac)
+ Cmake Config: `-DLWS_WITH_LWSAC=1`
+
+ - NEW: lws tokenizer - helper api for robustly tokenizing your own strings without
+ allocating or adding complexity. Configurable by flags for common delimiter
+ sets and comma-separated-lists in the tokenizer. Detects and reports syntax
+ errors.
+ [lws_tokenize docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-tokenize.h)
+ [lws_tokenize minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lws_tokenize)
+
+ - NEW: lws full-text search - optimized trie generation, serialization,
+ autocomplete suggestion generation and instant global search support extensible
+ to huge corpuses of UTF-8 text while remaining super lightweight on resources.
+ [full-text search docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/fts)
+ [full-text search minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-fts)
+ [demo](https://libwebsockets.org/ftsdemo/)
+ [demo sources](https://libwebsockets.org/git/libwebsockets/tree/plugins/protocol_fulltext_demo.c)
+ Cmake config: `-DLWS_WITH_FTS=1 -DLWS_WITH_LWSAC=1`
+
+ - NEW: gzip + brotli http server-side compression - h1 and h2 automatic advertising
+ of server compression and application to files with mimetypes "text/*",
+ "application/javascript" and "image/svg.xml".
+ Cmake config: `-DLWS_WITH_HTTP_STREAM_COMPRESSION=1`, `-DLWS_WITH_HTTP_BROTLI=1`
+
+ - NEW: managed disk cache - API for managing a directory containing cached files
+ with hashed names, and automatic deletion of LRU files once the cache is
+ above a given limit.
+ [lws diskcache docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-diskcache.h)
+ Cmake config: `-DLWS_WITH_DISKCACHE=1`
+
+ - NEW: http reverse proxy - lws mounts support proxying h1 or h2 requests to
+ a local or remote IP, or unix domain socket over h1. This allows microservice
+ type architectures where parts of the common URL space are actually handled
+ by external processes which may be remote or on the same machine.
+ [lws gitohashi serving](https://libwebsockets.org/git/) is handled this way.
+ CMake config: `-DLWS_WITH_HTTP_PROXY=1`
+
+ - NEW: lws_buflist - internally several types of ad-hoc malloc'd buffer have
+ been replaced by a new, exported api `struct lws_buflist`. This allows
+ multiple buffers to be chained and drawn down in strict FIFO order.
+
+ - NEW: In the case of h1 upgrade, the connection header is checked to contain
+ "upgrade". The vhost flag LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK
+ also causes the Host: header to be confirmed to match the vhost name and
+ listen port.
+
+ - NEW: If no 404 redirect for `lws_return_http_status()` is specified for the vhost,
+ the status page produced will try to bring in a stylesheet `/error.css`. This allows
+ you to produce styled 404 or other error pages with logos, graphics etc. See
+ https://libwebsockets.org/git/badrepo for an example of what you can do with it.
+
+v3.0.0
+======
+
+ - CHANGE: Clients used to call LWS_CALLBACK_CLOSED same as servers...
+ LWS_CALLBACK_CLIENT_CLOSED has been introduced and is called for clients
+ now.
+
+ - CHANGE: LWS_CALLBACK_CLIENT_CONNECTION_ERROR used to only be directed at
+ protocols[0]. However in many cases, the protocol to bind to was provided
+ at client connection info time and the wsi bound accordingly. In those
+ cases, CONNECTION_ERROR is directed at the bound protocol, not protcols[0]
+ any more.
+
+ - CHANGE: CMAKE: the following cmake defaults have changed with this version:
+
+ - LWS_WITH_ZIP_FOPS: now defaults OFF
+ - LWS_WITH_RANGES: now defaults OFF
+ - LWS_WITH_ZLIB: now defaults OFF
+ - LWS_WITHOUT_EXTENSIONS: now defaults ON
+
+ - CHANGE: REMOVED: lws_alloc_vfs_file() (read a file to malloc buffer)
+
+ - CHANGE: REMOVED: lws_read() (no longer useful outside of lws internals)
+
+ - CHANGE: REMOVED: ESP8266... ESP32 is now within the same price range and much
+ more performant
+
+ - CHANGE: soname bump... don't forget to `ldconfig`
+
+ - NEW: all event libraries support "foreign" loop integration where lws itself
+ if just a temporary user of the loop unrelated to the actual loop lifecycle.
+
+ See `minimal-http-server-eventlib-foreign` for example code demonstrating
+ this for all the event libraries.
+
+ Internal loop in lws is also supported and demonstrated by
+ `minimal-http-server-eventlib`.
+
+ - NEW: ws-over-h2 support. This is a new RFC-on-the-way supported by Chrome
+ and shortly firefox that allows ws connections to be multiplexed back to the
+ server on the same tcp + tls wrapper h2 connection that the html and scripts
+ came in on. This is hugely faster that discrete connections.
+
+ - NEW: UDP socket adoption and related event callbacks
+
+ - NEW: Multi-client connection binding, queuing and pipelining support.
+
+ Lws detects multiple client connections to the same server and port, and
+ optimizes how it handles them according to the server type and provided
+ flags. For http/1.0, all occur with individual parallel connections. For
+ http/1.1, you can enable keepalive pipelining, so the connections occur
+ sequentially on a single network connection. For http/2, they all occur
+ as parallel streams within a single h2 network connection.
+
+ See minimal-http-client-multi for example code.
+
+ - NEW: High resolution timer API for wsi, get a callback on your wsi with
+ LWS_CALLBACK_TIMER, set and reset the timer with lws_set_timer_usecs(wsi, us)
+ Actual resolution depends on event backend. Works with all backends, poll,
+ libuv, libevent, and libev.
+
+ - NEW: Protocols can arrange vhost-protocol instance specific callbacks with
+ second resolution using `lws_timed_callback_vh_protocol()`
+
+ - NEW: ACME client plugin for self-service TLS certificates
+
+ - NEW: RFC7517 JSON Web Keys RFC7638 JWK thumbprint, and RFC7515 JSON Web
+ signatures support
+
+ - NEW: lws_cancel_service() now provides a generic way to synchronize events
+ from other threads, which appear as a LWS_CALLBACK_EVENT_WAIT_CANCELLED
+ callback on all protocols. This is compatible with all the event libraries.
+
+ - NEW: support BSD poll() where changes to the poll wait while waiting are
+ undone.
+
+ - NEW: Introduce generic hash, hmac and RSA apis that operate the same
+ regardless of OpenSSL or mbedTLS tls backend
+
+ - NEW: Introduce X509 element query api that works the same regardless of
+ OpenSSL or mbedTLS tls backend
+
+ - NEW: Introduce over 30 "minimal examples" in ./minimal-examples... these
+ replace most of the old test servers
+
+ - test-echo -> minimal-ws-server-echo and minimal-ws-client-echo
+
+ - test-server-libuv / -libevent / -libev ->
+ minimal-https-server-eventlib / -eventlib-foreign / -eventlib-demos
+
+ - test-server-v2.0 -> folded into all the minimal servers
+
+ - test-server direct http serving -> minimal-http-server-dynamic
+
+ The minimal examples allow individual standalone build using their own
+ small CMakeLists.txt.
+
+ - NEW: lws now detects any back-to-back writes that did not go through the
+ event loop inbetween and reports them. This will flag any possibility of
+ failure rather than wait until the problem happens.
+
+ - NEW: CMake has LWS_WITH_DISTRO_RECOMMENDED to select features that are
+ appropriate for distros
+
+ - NEW: Optional vhost URL `error_document_404` if given causes a redirect there
+ instead of serve the default 404 page.
+
+ - NEW: lws_strncpy() wrapper guarantees NUL in copied string even if it was
+ truncated to fit.
+
+ - NEW: for client connections, local protocol binding name can be separated
+ from the ws subprotocol name if needed, using .local_protocol_name
+
+ - NEW: Automatic detection of time discontiguities
+
+ - NEW: Applies TCP_USER_TIMEOUT for Linux tcp keepalive where available
+
+ - QA: 1600 tests run on each commit in Travis CI, including almost all
+ Autobahn in client and server mode, various h2load tests, h2spec, attack.sh
+ the minimal example selftests and others.
+
+ - QA: fix small warnings introduced on gcc8.x (eg, Fedora 28)
+
+ - QA: Add most of -Wextra on gcc (-Wsign-compare, -Wignored-qualifiers,
+ -Wtype-limits, -Wuninitialized)
+
+ - QA: clean out warnings on windows
+
+ - QA: pass all 146 h2spec tests now on strict
+
+ - QA: introduce 35 selftests that operate different minimal examples against
+ each other and confirm the results.
+
+ - QA: LWS_WITH_MINIMAL_EXAMPLES allows mass build of all relevant minimal-
+ examples with the LWS build, for CI and to make all the example binaries
+ available from the lws build dir ./bin
+
+ - REFACTOR: the lws source directory layout in ./lib has been radically
+ improved, and there are now README.md files in selected subdirs with extra
+ documentation of interest to people working on lws itself.
+
+ - REFACTOR: pipelined transactions return to the event loop before starting the
+ next part.
+
+ - REFACTOR: TLS: replace all TLS library constants with generic LWS ones and
+ adapt all the TLS library code to translate to these common ones.
+
+ Isolated all the tls-related private stuff in `./lib/tls/private.h`, and all
+ the mbedTLS stuff in `./lib/tls/mbedtls` + openSSL stuff in
+ `./lib/tls/openssl`
+
+ - REFACTOR: the various kinds of wsi possible with lws have been extracted
+ from the main code and isolated into "roles" in `./lib/roles` which
+ communicate with the core code via an ops struct. Everything related to
+ ah is migrated to the http role.
+
+ wsi modes are eliminated and replaced by the ops pointer for the role the
+ wsi is performing. Generic states for wsi are available to control the
+ lifecycle using core code.
+
+ Adding new "roles" is now much easier with the changes and ops struct to
+ plug into.
+
+ - REFACTOR: reduce four different kinds of buffer management in lws into a
+ generic scatter-gather struct lws_buflist.
+
+ - REFACTOR: close notifications go through event loop
+
+
+v2.4.0
+======
+
+ - HTTP/2 server support is now mature and usable! LWS_WITH_HTTP2=1 enables it.
+ Uses ALPN to serve HTTP/2, HTTP/1 and ws[s] connections all from the same
+ listen port seamlessly. (Requires ALPN-capable OpenSSL 1.1 or mbedTLS).
+
+ - LWS_WITH_MBEDTLS=1 at CMake now builds and works against mbedTLS instead of
+ OpenSSL. Most things work identically, although on common targets where
+ OpenSSL has acceleration, mbedTLS is many times slower in operation. However
+ it is a lot smaller codewise.
+
+ - Generic hash apis introduced that work the same on mbedTLS or OpenSSL backend
+
+ - LWS_WITH_PEER_LIMITS tracks IPs across all vhosts and allows restrictions on
+ both the number of simultaneous connections and wsi in use for any single IP
+
+ - lws_ring apis provide a generic single- or multi-tail ringbuffer... mirror
+ protocol now uses this. Features include ring elements may be sized to fit
+ structs in the ringbuffer, callback when no tail any longer needs an element
+ and it can be deleted, and zerocopy options to write new members directly
+ into the ringbuffer, and use the ringbuffer element by address too.
+
+ - abstract ssh 2 server plugin included, with both plugin and standalone
+ demos provided. You can bind the plugin to a vhost and also serve full-
+ strength ssh from the vhost. IO from the ssh server is controlled by an
+ "ops" struct of callbacks for tx, rx, auth etc.
+
+ - Many fixes, cleanups, source refactors and other improvements.
+
+
+v2.3.0
+======
+
+ - ESP32 OpenSSL support for client and server
+
+ - ESP32 4 x WLAN credential slots may be configured
+
+ - Libevent event loop support
+
+ - SOCKS5 proxy support
+
+ - lws_meta protocol for websocket connection multiplexing
+
+ - lws_vhost_destroy() added... allows dynamic removal of listening
+ vhosts. Vhosts with shared listen sockets adopt the listen socket
+ automatically if the owner is destroyed.
+
+ - IPv6 on Windows
+
+ - Improved CGI handling suitable for general CGI scripting, eg, PHP
+
+ - Convert even the "old style" test servers to use statically included
+ plugin sources
+
+ - LWS_WITH_STATS cmake option dumps resource usage and timing information
+ every few seconds to debug log, including latency information about
+ delay from asking for writeable callback to getting it
+
+ - Large (> 2GB) files may be served
+
+ - LWS_WITH_HTTP_PROXY Cmake option adds proxying mounts
+
+ - Workaround for libev build by disabling -Werror on the test app
-User api additions
-------------------
+ - HTTP2 support disabled since no way to serve websockets on it
-There's a new member in the info struct used to control context creation,
-ssl_private_key_password, which allows passing into lws the passphrase on
-an SSL cetificate
-There's a new member in struct protocols, id, which is ignored by lws but can
-be used by the user code to mark the selected protocol by user-defined version
-or capabliity flag information, for the case multiple versions of a protocol are
-supported.
-
-int lws_is_ssl(wsi) added to allow user code to know if the connection was made
-over ssl or not. If LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT is used, both
-ssl and non-ssl connections are possible and may need to be treated differently
-in the user code.
-
-int lws_partial_buffered(wsi) added... should be checked after any
-libwebsocket_write that will be followed by another libwebsocket_write inside
-the same writeable callback. If set, you can't do any more writes until the
-writeable callback is called again. If you only do one write per writeable callback,
-you can ignore this.
-
-HTTP2-related: HTTP2 changes how headers are handled, lws now has new version-
-agnositic header creation APIs. These do the right thing depending on each
-connection's HTTP version without the user code having to know or care, except
-to make sure to use the new APIs for headers (test-server is updated to use
-them already, so look there for examples)
-
-The APIs "render" the headers into a user-provided buffer and bump *p as it
-is used. If *p reaches end, then the APIs return nonzero for error.
-
-LWS_VISIBLE LWS_EXTERN int
-lws_add_http_header_status(struct libwebsocket_context *context,
- struct libwebsocket *wsi,
- unsigned int code,
- unsigned char **p,
- unsigned char *end);
-
-Start a response header reporting status like 200, 500, etc
-
-LWS_VISIBLE LWS_EXTERN int
-lws_add_http_header_by_name(struct libwebsocket_context *context,
- struct libwebsocket *wsi,
- const unsigned char *name,
- const unsigned char *value,
- int length,
- unsigned char **p,
- unsigned char *end);
-
-Add a header like name: value in HTTP1.x
-
-LWS_VISIBLE LWS_EXTERN int
-lws_finalize_http_header(struct libwebsocket_context *context,
- struct libwebsocket *wsi,
- unsigned char **p,
- unsigned char *end);
-
-Finish off the headers, like add the extra \r\n in HTTP1.x
-
-LWS_VISIBLE LWS_EXTERN int
-lws_add_http_header_by_token(struct libwebsocket_context *context,
- struct libwebsocket *wsi,
- enum lws_token_indexes token,
- const unsigned char *value,
- int length,
- unsigned char **p,
- unsigned char *end);
-
-Add a header by using a lws token as the name part. In HTTP2, this can be
-compressed to one or two bytes.
-
-
-User api removal
-----------------
-
-protocols struct member no_buffer_all_partial_tx is removed. Under some
-conditions like rewriting extention such as compression in use, the built-in
-partial send buffering is the only way to deal with the problem, so turning
-it off is deprecated.
-
-
-User api changes
-----------------
-
-HTTP2-related: API libwebsockets_serve_http_file() takes an extra parameter at
-the end now
-
-int other_headers_len)
-
-If you are providing other headers, they must be generated using the new
-HTTP-version-agnostic APIs, and you must provide the length of them using this
-additional parameter.
-
-struct lws_context_creation_info now has an additional member
-SSL_CTX *provided_client_ssl_ctx you may set to an externally-initialized
-SSL_CTX managed outside lws. Defaulting to zero keeps the existing behaviour of
-lws managing the context, if you memset the struct to 0 or have as a filescope
-initialized struct in bss, no need to change anything.
-
-
-v1.3-chrome37-firefox30
-=======================
-
- .gitignore | 1 -
- CMakeLists.txt | 447 +++--
- README.build | 35 +-
- README.coding | 14 +
- changelog | 66 +
- cmake/LibwebsocketsConfig.cmake.in | 17 +
- cmake/LibwebsocketsConfigVersion.cmake.in | 11 +
- config.h.cmake | 18 +
- cross-ming.cmake | 31 +
- cross-openwrt-makefile | 91 +
- lib/client-handshake.c | 205 ++-
- lib/client-parser.c | 58 +-
- lib/client.c | 158 +-
- lib/context.c | 341 ++++
- lib/extension-deflate-frame.c | 2 +-
- lib/extension.c | 178 ++
- lib/handshake.c | 287 +---
- lib/lextable.h | 338 ++++
- lib/libev.c | 175 ++
- lib/libwebsockets.c | 2089 +++--------------------
- lib/libwebsockets.h | 253 ++-
- lib/lws-plat-unix.c | 404 +++++
- lib/lws-plat-win.c | 358 ++++
- lib/minilex.c | 530 +++---
- lib/output.c | 445 ++---
- lib/parsers.c | 682 ++++----
- lib/pollfd.c | 239 +++
- lib/private-libwebsockets.h | 501 +++++-
- lib/server-handshake.c | 274 +--
- lib/server.c | 858 ++++++++--
- lib/service.c | 517 ++++++
- lib/sha-1.c | 38 +-
- lib/ssl-http2.c | 78 +
- lib/ssl.c | 571 +++++++
- test-server/attack.sh | 101 +-
- test-server/test-client.c | 9 +-
- test-server/test-echo.c | 17 +-
- test-server/test-fraggle.c | 7 -
- test-server/test-ping.c | 12 +-
- test-server/test-server.c | 330 ++--
- test-server/test.html | 4 +-
- win32port/client/client.vcxproj | 259 ---
- win32port/client/client.vcxproj.filters | 39 -
- .../libwebsocketswin32.vcxproj.filters | 93 -
- win32port/server/server.vcxproj | 276 ---
- win32port/server/server.vcxproj.filters | 51 -
- win32port/win32helpers/gettimeofday.h | 59 +-
- win32port/win32helpers/netdb.h | 1 -
- win32port/win32helpers/strings.h | 0
- win32port/win32helpers/sys/time.h | 1 -
- win32port/win32helpers/unistd.h | 0
- win32port/win32helpers/websock-w32.c | 104 --
- win32port/win32helpers/websock-w32.h | 62 -
- win32port/win32port.sln | 100 --
- win32port/zlib/gzio.c | 3 +-
- 55 files changed, 6779 insertions(+), 5059 deletions(-)
-
-
-User api additions
-------------------
-
-POST method is supported
-
-The protocol 0 / HTTP callback can now get two new kinds of callback,
-LWS_CALLBACK_HTTP_BODY (in and len are a chunk of the body of the HTTP request)
-and LWS_CALLBACK_HTTP_BODY_COMPLETION (the expected amount of body has arrived
-and been passed to the user code already). These callbacks are used with the
-post method (see the test server for details).
-
-The period between the HTTP header completion and the completion of the body
-processing is protected by a 5s timeout.
-
-The chunks are stored in a malloc'd buffer of size protocols[0].rx_buffer_size.
-
-
-New server option you can enable from user code
-LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT allows non-SSL connections to
-also be accepted on an SSL listening port. It's disabled unless you enable
-it explicitly.
-
-
-Two new callbacks are added in protocols[0] that are optional for allowing
-limited thread access to libwebsockets, LWS_CALLBACK_LOCK_POLL and
-LWS_CALLBACK_UNLOCK_POLL.
-
-If you use them, they protect internal and external poll list changes, but if
-you want to use external thread access to libwebsocket_callback_on_writable()
-you have to implement your locking here even if you don't use external
-poll support.
-
-If you will use another thread for this, take a lot of care about managing
-your list of live wsi by doing it from ESTABLISHED and CLOSED callbacks
-(with your own locking).
-
-If you configure cmake with -DLWS_WITH_LIBEV=1 then the code allowing the libev
-eventloop instead of the default poll() one will also be compiled in. But to
-use it, you must also set the LWS_SERVER_OPTION_LIBEV flag on the context
-creation info struct options member.
-
-IPV6 is supported and enabled by default except for Windows, you can disable
-the support at build-time by giving -DLWS_IPV6=, and disable use of it even if
-compiled in by making sure the flag LWS_SERVER_OPTION_DISABLE_IPV6 is set on
-the context creation info struct options member.
-
-You can give LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS option flag to
-guarantee the OS CAs will not be used, even if that support was selected at
-build-time.
-
-Optional "token limits" may be enforced by setting the member "token_limits"
-in struct lws_context_creation_info to point to a struct lws_token_limits.
-NULL means no token limits used for compatibility.
-
-
-User api changes
-----------------
-
-Extra optional argument to libwebsockets_serve_http_file() allows injecion
-of HTTP headers into the canned response. Eg, cookies may be added like
-that without getting involved in having to send the header by hand.
-
-A new info member http_proxy_address may be used at context creation time to
-set the http proxy. If non-NULL, it overrides http_proxy environment var.
-
-Cmake supports LWS_SSL_CLIENT_USE_OS_CA_CERTS defaulting to on, which gets
-the client to use the OS CA Roots. If you're worried somebody with the
-ability to forge for force creation of a client cert from the root CA in
-your OS, you should disable this since your selfsigned $0 cert is a lot safer
-then...
-
-
-v1.23-chrome32-firefox24
-========================
-
- Android.mk | 29 +
- CMakeLists.txt | 573 ++++++++----
- COPYING | 503 -----------
- INSTALL | 365 --------
- Makefile.am | 13 -
- README.build | 371 ++------
- README.coding | 63 ++
- autogen.sh | 1578 ---------------------------------
- changelog | 69 ++
- cmake/FindGit.cmake | 163 ++++
- cmake/FindOpenSSLbins.cmake | 15 +-
- cmake/UseRPMTools.cmake | 176 ++++
- config.h.cmake | 25 +-
- configure.ac | 226 -----
- cross-arm-linux-gnueabihf.cmake | 28 +
- lib/Makefile.am | 89 --
- lib/base64-decode.c | 98 +-
- lib/client-handshake.c | 123 ++-
- lib/client-parser.c | 19 +-
- lib/client.c | 145 ++-
- lib/daemonize.c | 4 +-
- lib/extension.c | 2 +-
- lib/getifaddrs.h | 4 +-
- lib/handshake.c | 76 +-
- lib/libwebsockets.c | 491 ++++++----
- lib/libwebsockets.h | 164 ++--
- lib/output.c | 214 ++++-
- lib/parsers.c | 102 +--
- lib/private-libwebsockets.h | 66 +-
- lib/server-handshake.c | 5 +-
- lib/server.c | 29 +-
- lib/sha-1.c | 2 +-
- libwebsockets-api-doc.html | 249 +++---
- libwebsockets.pc.in | 11 -
- libwebsockets.spec | 14 +-
- m4/ignore-me | 2 -
- scripts/FindLibWebSockets.cmake | 33 +
- scripts/kernel-doc | 1 +
- test-server/Makefile.am | 131 ---
- test-server/leaf.jpg | Bin 0 -> 2477518 bytes
- test-server/test-client.c | 78 +-
- test-server/test-echo.c | 33 +-
- test-server/test-fraggle.c | 26 +-
- test-server/test-ping.c | 15 +-
- test-server/test-server.c | 197 +++-
- test-server/test.html | 5 +-
- win32port/win32helpers/gettimeofday.c | 74 +-
- win32port/win32helpers/websock-w32.h | 6 +-
- 48 files changed, 2493 insertions(+), 4212 deletions(-)
-
-
-User api additions
-------------------
-
- - You can now call libwebsocket_callback_on_writable() on http connectons,
- and get a LWS_CALLBACK_HTTP_WRITEABLE callback, the same way you can
- regulate writes with a websocket protocol connection.
-
- - A new member in the context creation parameter struct "ssl_cipher_list" is
- added, replacing CIPHERS_LIST_STRING. NULL means use the ssl library
- default list of ciphers.
-
- - Not really an api addition, but libwebsocket_service_fd() will now zero
- the revents field of the pollfd it was called with if it handled the
- descriptor. So you can tell if it is a non-lws fd by checking revents
- after the service call... if it's still nonzero, the descriptor
- belongs to you and you need to take care of it.
-
- - libwebsocket_rx_flow_allow_all_protocol(protocol) will unthrottle all
- connections with the established protocol. It's designed to be
- called from user server code when it sees it can accept more input
- and may have throttled connections using the server rx flow apis
- while it was unable to accept any other input The user server code
- then does not have to try to track while connections it choked, this
- will free up all of them in one call.
-
- - there's a new, optional callback LWS_CALLBACK_CLOSED_HTTP which gets
- called when an HTTP protocol socket closes
-
- - for LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION callback, the user_space alloc
- has already been done before the callback happens. That means we can
- use the user parameter to the callback to contain the user pointer, and
- move the protocol name to the "in" parameter. The docs for this
- callback are also updated to reflect how to check headers in there.
-
- - libwebsocket_client_connect() is now properly nonblocking and async. See
- README.coding and test-client.c for information on the callbacks you
- can rely on controlling the async connection period with.
-
- - if your OS does not support the http_proxy environment variable convention
- (eg, reportedly OSX), you can use a new api libwebsocket_set_proxy()
- to set the proxy details inbetween context creation and the connection
- action. For OSes that support http_proxy, that's used automatically.
-
-User api changes
-----------------
-
- - the external poll callbacks now get the socket descriptor coming from the
- "in" parameter. The user parameter provides the user_space for the
- wsi as it normally does on the other callbacks.
- LWS_CALLBACK_FILTER_NETWORK_CONNECTION also has the socket descriptor
- delivered by @in now instead of @user.
-
- - libwebsocket_write() now returns -1 for error, or the amount of data
- actually accepted for send. Under load, the OS may signal it is
- ready to send new data on the socket, but have only a restricted
- amount of memory to buffer the packet compared to usual.
-
-
-User api removal
-----------------
-
- - libwebsocket_ensure_user_space() is removed from the public api, if you
- were using it to get user_space, you need to adapt your code to only
- use user_space inside the user callback.
-
- - CIPHERS_LIST_STRING is removed
-
- - autotools build has been removed. See README.build for info on how to
- use CMake for your platform
-
-
-v1.21-chrome26-firefox18
-========================
-
- - Fixes buffer overflow bug in max frame size handling if you used the
- default protocol buffer size. If you declared rx_buffer_size in your
- protocol, which is recommended anyway, your code was unaffected.
-
-v1.2-chrome26-firefox18
-=======================
-
-Diffstat
---------
-
- .gitignore | 16 +++
- CMakeLists.txt | 544 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- LICENSE | 526 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- Makefile.am | 1 +
- README | 20 +++
- README.build | 258 ++++++++++++++++++++++++++++++++-----
- README.coding | 52 ++++++++
- changelog | 136 ++++++++++++++++++++
- cmake/FindOpenSSLbins.cmake | 33 +++++
- config.h.cmake | 173 +++++++++++++++++++++++++
- configure.ac | 22 +++-
- lib/Makefile.am | 20 ++-
- lib/base64-decode.c | 2 +-
- lib/client-handshake.c | 190 +++++++++++-----------------
- lib/client-parser.c | 88 +++++++------
- lib/client.c | 384 ++++++++++++++++++++++++++++++-------------------------
- lib/daemonize.c | 32 +++--
- lib/extension-deflate-frame.c | 58 +++++----
- lib/extension-deflate-stream.c | 19 ++-
- lib/extension-deflate-stream.h | 4 +-
- lib/extension.c | 11 +-
- lib/getifaddrs.c | 315 +++++++++++++++++++++++-----------------------
- lib/getifaddrs.h | 30 ++---
- lib/handshake.c | 124 +++++++++++-------
- lib/libwebsockets.c | 736 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------------------------------
- lib/libwebsockets.h | 237 ++++++++++++++++++++++------------
- lib/output.c | 192 +++++++++++-----------------
- lib/parsers.c | 966 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------------------------------------------------
- lib/private-libwebsockets.h | 225 +++++++++++++++++++++------------
- lib/server-handshake.c | 82 ++++++------
- lib/server.c | 96 +++++++-------
- libwebsockets-api-doc.html | 189 ++++++++++++++++++----------
- libwebsockets.spec | 17 +--
- test-server/attack.sh | 148 ++++++++++++++++++++++
- test-server/test-client.c | 125 +++++++++---------
- test-server/test-echo.c | 31 +++--
- test-server/test-fraggle.c | 32 ++---
- test-server/test-ping.c | 52 ++++----
- test-server/test-server.c | 129 ++++++++++++-------
- win32port/libwebsocketswin32/libwebsocketswin32.vcxproj | 279 ----------------------------------------
- win32port/libwebsocketswin32/libwebsocketswin32.vcxproj.filters | 23 +++-
- 41 files changed, 4398 insertions(+), 2219 deletions(-)
-
-
-User api additions
-------------------
-
- - lws_get_library_version() returns a const char * with a string like
- "1.1 9e7f737", representing the library version from configure.ac
- and the git HEAD hash the library was built from
-
- - TCP Keepalive can now optionally be applied to all lws sockets, on Linux
- also with controllable timeout, number of probes and probe interval.
- (On BSD type OS, you can only use system default settings for the
- timing and retries, although enabling it is supported by setting
- ka_time to nonzero, the exact value has no meaning.)
- This enables detection of idle connections which are logically okay,
- but are in fact dead, due to network connectivity issues at the server,
- client, or any intermediary. By default it's not enabled, but you
- can enable it by setting a non-zero timeout (in seconds) at the new
- ka_time member at context creation time.
-
- - Two new optional user callbacks added, LWS_CALLBACK_PROTOCOL_DESTROY which
- is called one-time per protocol as the context is being destroyed, and
- LWS_CALLBACK_PROTOCOL_INIT which is called when the context is created
- and the protocols are added, again it's a one-time affair.
- This lets you manage per-protocol allocations properly including
- cleaning up after yourself when the server goes down.
-
-User api changes
-----------------
-
- - libwebsocket_create_context() has changed from taking a ton of parameters
- to just taking a pointer to a struct containing the parameters. The
- struct lws_context_creation_info is in libwebsockets.h, the members
- are in the same order as when they were parameters to the call
- previously. The test apps are all updated accordingly so you can
- see example code there.
-
- - Header tokens are now deleted after the websocket connection is
- established. Not just the header data is saved, but the pointer and
- length array is also removed from (union) scope saving several hundred
- bytes per connection once it is established
-
- - struct libwebsocket_protocols has a new member rx_buffer_size, this
- controls rx buffer size per connection of that protocol now. Sources
- for apps built against older versions of the library won't declare
- this in their protocols, defaulting it to 0. Zero buffer is legal,
- it causes a default buffer to be allocated (currently 4096)
-
- If you want to receive only atomic frames in your user callback, you
- should set this to greater than your largest frame size. If a frame
- comes that exceeds that, no error occurs but the callback happens as
- soon as the buffer limit is reached, and again if it is reached again
- or the frame completes. You can detect that has happened by seeing
- there is still frame content pending using
- libwebsockets_remaining_packet_payload()
-
- By correctly setting this, you can save a lot of memory when your
- protocol has small frames (see the test server and client sources).
-
- - LWS_MAX_HEADER_LEN now defaults to 1024 and is the total amount of known
- header payload lws can cope with, that includes the GET URL, origin
- etc. Headers not understood by lws are ignored and their payload
- not included in this.
-
-
-User api removals
------------------
-
- - The configuration-time option MAX_USER_RX_BUFFER has been replaced by a
- buffer size chosen per-protocol. For compatibility, there's a default
- of 4096 rx buffer, but user code should set the appropriate size for
- the protocol frames.
-
- - LWS_INITIAL_HDR_ALLOC and LWS_ADDITIONAL_HDR_ALLOC are no longer needed
- and have been removed. There's a new header management scheme that
- handles them in a much more compact way.
-
- - libwebsockets_hangup_on_client() is removed. If you want to close the
- connection you must do so from the user callback and by returning
- -1 from there.
-
- - libwebsocket_close_and_free_session() is now private to the library code
- only and not exposed for user code. If you want to close the
- connection, you must do so from the user callback by returning -1
- from there.
-
-
-New features
-------------
-
- - Cmake project file added, aimed initially at Windows support: this replaces
- the visual studio project files that were in the tree until now.
-
- - CyaSSL now supported in place of OpenSSL (--use-cyassl on configure)
-
- - PATH_MAX or MAX_PATH no longer needed
-
- - cutomizable frame rx buffer size by protocol
-
- - optional TCP keepalive so dead peers can be detected, can be enabled at
- context-creation time
-
- - valgrind-clean: no SSL or CyaSSL: completely clean. With OpenSSL, 88 bytes
- lost at OpenSSL library init and symptomless reports of uninitialized
- memory usage... seems to be a known and ignored problem at OpenSSL
-
- - By default debug is enabled and the library is built for -O0 -g to faclitate
- that. Use --disable-debug configure option to build instead with -O4
- and no -g (debug info), obviously providing best performance and
- reduced binary size.
-
- - 1.0 introduced some code to try to not deflate small frames, however this
- seems to break when confronted with a mixture of frames above and
- below the threshold, so it's removed. Veto the compression extension
- in your user callback if you will typically have very small frames.
-
- - There are many memory usage improvements, both a reduction in malloc/
- realloc and architectural changes. A websocket connection now
- consumes only 296 bytes with SSL or 272 bytes without on x86_64,
- during header processing an additional 1262 bytes is allocated in a
- single malloc, but is freed when the websocket connection starts.
- The RX frame buffer defined by the protocol in user
- code is also allocated per connection, this represents the largest
- frame you can receive atomically in that protocol.
-
- - On ARM9 build, just http+ws server no extensions or ssl, <12Kbytes .text
- and 112 bytes per connection (+1328 only during header processing)
-
-
-v1.1-chrome26-firefox18
-=======================
-
-Diffstat
---------
-
- Makefile.am | 4 +
- README-test-server | 291 ---
- README.build | 239 ++
- README.coding | 138 ++
- README.rst | 72 -
- README.test-apps | 272 +++
- configure.ac | 116 +-
- lib/Makefile.am | 55 +-
- lib/base64-decode.c | 5 +-
- lib/client-handshake.c | 121 +-
- lib/client-parser.c | 394 ++++
- lib/client.c | 807 +++++++
- lib/daemonize.c | 212 ++
- lib/extension-deflate-frame.c | 132 +-
- lib/extension-deflate-stream.c | 12 +-
- lib/extension-x-google-mux.c | 1223 ----------
- lib/extension-x-google-mux.h | 96 -
- lib/extension.c | 8 -
- lib/getifaddrs.c | 271 +++
- lib/getifaddrs.h | 76 +
- lib/handshake.c | 582 +----
- lib/libwebsockets.c | 2493 ++++++---------------
- lib/libwebsockets.h | 115 +-
- lib/md5.c | 217 --
- lib/minilex.c | 440 ++++
- lib/output.c | 628 ++++++
- lib/parsers.c | 2016 +++++------------
- lib/private-libwebsockets.h | 284 +--
- lib/server-handshake.c | 275 +++
- lib/server.c | 377 ++++
- libwebsockets-api-doc.html | 300 +--
- m4/ignore-me | 2 +
- test-server/Makefile.am | 111 +-
- test-server/libwebsockets.org-logo.png | Bin 0 -> 7029 bytes
- test-server/test-client.c | 45 +-
- test-server/test-echo.c | 330 +++
- test-server/test-fraggle.c | 20 +-
- test-server/test-ping.c | 22 +-
- test-server/test-server-extpoll.c | 554 -----
- test-server/test-server.c | 349 ++-
- test-server/test.html | 3 +-
- win32port/zlib/ZLib.vcxproj | 749 ++++---
- win32port/zlib/ZLib.vcxproj.filters | 188 +-
- win32port/zlib/adler32.c | 348 ++-
- win32port/zlib/compress.c | 160 +-
- win32port/zlib/crc32.c | 867 ++++----
- win32port/zlib/crc32.h | 882 ++++----
- win32port/zlib/deflate.c | 3799 +++++++++++++++-----------------
- win32port/zlib/deflate.h | 688 +++---
- win32port/zlib/gzclose.c | 50 +-
- win32port/zlib/gzguts.h | 325 ++-
- win32port/zlib/gzlib.c | 1157 +++++-----
- win32port/zlib/gzread.c | 1242 ++++++-----
- win32port/zlib/gzwrite.c | 1096 +++++----
- win32port/zlib/infback.c | 1272 ++++++-----
- win32port/zlib/inffast.c | 680 +++---
- win32port/zlib/inffast.h | 22 +-
- win32port/zlib/inffixed.h | 188 +-
- win32port/zlib/inflate.c | 2976 +++++++++++++------------
- win32port/zlib/inflate.h | 244 +-
- win32port/zlib/inftrees.c | 636 +++---
- win32port/zlib/inftrees.h | 124 +-
- win32port/zlib/trees.c | 2468 +++++++++++----------
- win32port/zlib/trees.h | 256 +--
- win32port/zlib/uncompr.c | 118 +-
- win32port/zlib/zconf.h | 934 ++++----
- win32port/zlib/zlib.h | 3357 ++++++++++++++--------------
- win32port/zlib/zutil.c | 642 +++---
- win32port/zlib/zutil.h | 526 ++---
- 69 files changed, 19556 insertions(+), 20145 deletions(-)
-
-user api changes
-----------------
-
- - libwebsockets_serve_http_file() now takes a context as first argument
-
- - libwebsockets_get_peer_addresses() now takes a context and wsi as first
- two arguments
-
-
-user api additions
-------------------
-
- - lwsl_...() logging apis, default to stderr but retargetable by user code;
- may be used also by user code
-
- - lws_set_log_level() set which logging apis are able to emit (defaults to
- notice, warn, err severities), optionally set the emit callback
-
- - lwsl_emit_syslog() helper callback emits to syslog
-
- - lws_daemonize() helper code that forks the app into a headless daemon
- properly, maintains a lock file with pid in suitable for sysvinit etc to
- control lifecycle
-
- - LWS_CALLBACK_HTTP_FILE_COMPLETION callback added since http file
- transfer is now asynchronous (see test server code)
-
- - lws_frame_is_binary() from a wsi pointer, let you know if the received
- data was sent in BINARY mode
-
-
-user api removals
------------------
-
- - libwebsockets_fork_service_loop() - no longer supported (had intractable problems)
- arrange your code to act from the user callback instead from same
- process context as the service loop
-
- - libwebsockets_broadcast() - use libwebsocket_callback_on_writable[_all_protocol]()
- instead from same process context as the service loop. See the test apps
- for examples.
-
- - x-google-mux() removed until someone wants it
-
- - pre -v13 (ancient) protocol support removed
+v2.2.0
+======
+Major new features
-New features
-------------
+ - A mount can be protected by Basic Auth... in lwsws it looks like this
- - echo test server and client compatible with echo.websocket.org added
+ ```
+{
+ "mountpoint": "/basic-auth",
+ "origin": "file://_lws_ddir_/libwebsockets-test-server/private",
+ "basic-auth": "/var/www/balogins-private"
+}
+```
- - many new configure options (see README.build) to reduce footprint of the
- library to what you actually need, eg, --without-client and
- --without-server
+The text file named in `basic-auth` contains user:password information
+one per line.
- - http + websocket server can build to as little as 12K .text for ARM
+See README.lwsws.md for more information.
- - no more MAX_CLIENTS limitation; adapts to support the max number of fds
- allowed to the process by ulimit, defaults to 1024 on Fedora and
- Ubuntu. Use ulimit to control this without needing to configure
- the library. Code here is smaller and faster.
+ - RFC7233 RANGES support in lws server... both single and multipart.
+ This allows seeking for multimedia file serving and download resume.
+ It's enabled by default but can be disabled by CMake option.
- - adaptive ratio of listen socket to connection socket service allows
- good behaviour under Apache ab test load. Tested with thousands
- of simultaneous connections
+ - On Linux, lwsws can reload configuration without dropping ongoing
+ connections, when sent a SIGHUP. The old configuration drops its
+ listen sockets so the new configuration can listen on them.
+ New connections connect to the server instance with the new
+ configuration. When all old connections eventually close, the old
+ instance automatically exits. This is equivalent to
+ `systemctl reload apache`
- - reduction in per-connection memory footprint by moving to a union to hold
- mutually-exclusive state for the connection
+ - New `adopt` api allow adoption including SSL negotiation and
+ for raw sockets and file descriptors.
- - robustness: Out of Memory taken care of for all allocation code now
+ - Chunked transfer encoding supported for client and server
- - internal getifaddrs option if your toolchain lacks it (some uclibc)
+ - Adaptations to allow operations inside OPTEE Secure World
- - configurable memory limit for deflate operations
+ - ESP32 initial port - able to do all test server functions. See
+ README.build.md
- - improvements in SSL code nonblocking operation, possible hang solved,
- some SSL operations broken down into pollable states so there is
- no library blocking, timeout coverage for SSL_connect
+ - Serving gzipped files from inside a ZIP file is supported... this
+ includes directly serving the gzipped content if the client
+ indicated it could accept it (ie, almost all browsers) saving
+ bandwidth and time. For clients that can't accept it, lws
+ automatically decompresses and serves the content in memory-
+ efficient chunks. Only a few hundred bytes of heap are needed
+ to serve any size file from inside the zip. See README.coding.md
- - extpoll test server merged into single test server source
+ - RAW file descriptors may now be adopted into the lws event loop,
+ independent of event backend (including poll service).
+ See README.coding.md
- - robustness: library should deal with all recoverable socket conditions
+ - RAW server socket descriptors may now be enabled on the vhost if
+ the first thing sent on the connection is not a valid http method.
+ The user code can associate these with a specific protocol per
+ vhost, and RAW-specific callbacks appear there for creation, rx,
+ writable and close. See libwebsockets-test-server-v2.0 for an example.
+ See README.coding.md
- - rx flowcontrol for backpressure notification fixed and implmeneted
- correctly in the test server
+ - RAW client connections are now possible using the method "RAW".
+ After connection, the socket is associated to the protocol
+ named in the client connection info and RAW-specific callbacks
+ appear there for creation, rx, writable and close.
+ See libwebsockets-test-client (with raw://) for an example.
+ See README.coding.md
- - optimal lexical parser added for header processing; all headers in a
- single 276-byte state table
- - latency tracking api added (configure --with-latency)
-
- - Improved in-tree documentation, REAME.build, README.coding,
- README.test-apps, changelog
-
- - Many small fixes
-
-
-v1.0-chrome25-firefox17 (6cd1ea9b005933f)
+(for earlier changelogs, see the tagged releases)
projects / platform / upstream / libwebsockets.git / blobdiff