-
Notifications
You must be signed in to change notification settings - Fork 1.5k
/
changelog
741 lines (561 loc) · 32.9 KB
/
changelog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
Changelog
---------
v4.4.0
======
- API CHANGE: VFS open() has an extra file_ops pointer at the beginning.
The other args shift along one and are otherwise unchanged. The new
file_ops is the active file_ops the callback belongs to, the original
file_ops that's the second arg now remains the platform file_ops ptr. If you
don't define your own VFS implementation, you don't need to care.
v4.3.0
======
- Add full CBOR stream parsing and writing support, with huge
amount of test vectors and resumable printf type write apis
See ./READMEs/README.cbor-lecp.md
- Add COSE key and signing / validation support with huge amount of
test vectors
cose_sign[1] ES256/384/512, RS256/384/512
cose_mac0 HS256/384/512
See ./READMEs/README.cbor-cose.md
- JIT Trust: for constrained devices, provides a way to determine the
trusted CA certs the peer requires, and instantiate just those.
This allows generic client browsing without the overhead of ~130
x.509 CA certs in memory permanently.
See ./READMEs/README.jit-trust.md
- Add support for client Netscape cookie jar with caching
- Secure Streams: issue LWSSSCS_EVENT_WAIT_CANCELLED state() when
lws_cancel_service() called, so cross-thread events can be handled
in SS
- Actively assert() on attempt to destroy SS handles still active in
the call stack, use DESTROY_ME returns instead so caller can choose
how to handle it.
- Improved Client Connection Error report strings for tls errors
- SMP: Use a private fakewsi for PROTOCOL_INIT so pts cannot try to
use the same one concurrently
- MbedTLS v3 support for all release changes, as well as retaining
support for v2.x
- MQTT client: support QoS2
- Event lib ops can now be set at context creation time directly,
bringing full event lib hooking to custom event loops. See
minimal-http-server-eventlib-custom
- Extra APIs to recover AKID and SKID from x.509 in mbedtls and openssl
- Improve http redirect to handle h2-> h2 cleanly
- IPv4+6 listen sockets on vhosts are now done with two separate
sockets bound individually to AF_INET and AF_INET6 addresses,
handled by the same vhost listen flow.
- Improved tls restriction handling
- Log contexts: allow objects to log into local logging contexts, by
lws_context, vhost, wsi and ss handle. Each context has its own
emit function and log level. See ./READMEs/README.logging.md
- Upgrade compiler checking to default to -Werror -Wall -Wextra
- Fault injection apis now also support pseudo-random number binding
within a specified range, eg,
--fault-injection "f1(10%),f1_delay(123..456)"
- Remove LWS_WITH_DEPRECATED_THINGS, remove master branch
- Interface binding now uses ipv6 scoring to select bind address
v4.2.0
======
- Sai coverage upgrades, 495 builds on 27 platforms, including OSX M1,
Xenial, Bionic and Focal Ubuntu, Debian Sid and Buster on both 32 and
64-bit OS, and NetBSD, Solaris, FreeBSD, Windows, ESP32.
Ctest run on more scenarios including all LWS_WITH_DISTRO_RECOMMENDED.
More tests use valgrind if available on platform.
- RFC7231 date and time parsing and retry-after wired up to lws_retry
- `LWS_WITH_SUL_DEBUGGING` checks that no sul belonging to Secure Streams
and wsi objects are left registered on destruction
- Netlink monitoring on Linux dynamically tracks interface address and
routing changes, and immediately closes connections on invalidated
routes.
- RFC6724 DNS results sorting over ipv4 + ipv6 results, according to
available dynamic route information
- Support new event library, sdevent (systemd native loop), via
`LWS_WITH_SDEVENT`
- Reduce .rodata cost of role structs by making them sparse
- Additional Secure Streams QA tests and runtime state transition
validation
- SMD-over-ss-proxy documentation and helpers to simplify forwarding
- SSPC stream buffering at proxy and client set from policy by streamtype
- Trigger Captive Portal Detection if DNS resolution fails
- Switch all logs related to wsi and Secure Streams to use unique,
descriptive tags instead of pointers (which may be reallocated)
- Use NOITCE logging for Secure Streams and wsi lifecycle logging using
tags
- Update SSPC serialization to include versioning on initial handshake,
and pass client pid to proxy so related objects are tagged with it
- Enable errors on -Wconversion pedantic type-related build issues
throughout the lws sources and upgrade every affected cast.
- Windows remove WSA event implementation and replace with WSAPoll, with
a pair of UDP sockets instead of pipe() for `lws_cancel_service()`
- `lws_strcmp_wildcard()` helper that understand "x*", "x*y", "x*y*" etc
- `LWS_WITH_PLUGINS_BUILTIN` cmake option just builds plugins into the main
library image directly
- Secure Streams proxy supports policy for flow control between proxy and
clients
- libressl also supported along with boringssl, wolfssl
- prepared for openssl v3 compatibility, for main function and GENCRYPTO
- Fault injection apis can confirm operation of 48 error paths and counting
- `LWS_WITH_SYS_METRICS` keeps stats and reports them to user-defined
function, compatible with openmetrics
- windows platform knows how to prepare openssl with system trust store certs
- `LWS_WITH_SYS_CONMON` allows selected client connections to make precise
measurements of connection performance and DNS results, and report them in a struct
- New native support for uloop event loop (OpenWRT loop)
- More options around JWT
- Support TLS session caching and reuse by default, on both OpenSSL and
mbedtls
- Many fixes and improvements...
v4.1.0
======
- NEW: travis / appveyor / bintray are replaced by Sai
https://libwebsockets.org/sai/ which for lws currently does 193 builds per
git push on 16 platforms, all self-hosted. The homebrew bash scripts used
to select Minimal examples are replaced by CTest. Platforms currently
include Fedora/AMD/GCC, Windows/AMD/mingw32, Windows/AMD/mingw64, Android/
aarch64/LLVM, esp-idf (on WROVER-KIT and HELTEC physical boards), Fedora/
RISCV (on QEMU)/GCC, CentOS8/AMD/GCC, Gentoo/AMD/GCC, Bionic/AMD/GCC,
Linkit 7697, Focal/AMD/GCC, Windows (on QEMU)/AMD/MSVC,
Focal/aarch64-RPI4/GCC, iOS/aarch64/LLVM and OSX/AMD/LLVM.
- NEW: The single CMakeLists.txt has been refactored and modernized into smaller
CMakeLists.txt in the subdirectory along with the code that is being managed
for build by it. Build options are still listed in the top level as before
but the new way is much more maintainable.
- NEW: event lib support on Unix is now built into dynamically loaded plugins
and brought in at runtime, allowing all of the support to be built in
isolation without conflicts, and separately packaged with individual
dependencies. See ./READMEs/event-libs.md for details and how to force
the old static build into lws method.
- NEW: Captive Portal Detection. Lws can determine if the active default
route is able to connect to the internet, or is in a captive portal type
situation, by trying to connect to a remote server that will respond in an
unusual way, like provide a 204.
- NEW: Secure streams: Support system trust store if it exists
Build on Windows
Support lws raw socket protocol in SS
Support Unix Domain Socket transport
- NEW: Windows: Support Unix Domain Sockets same as other platforms
- NEW: Windows: Build using native pthreads, async dns, ipv6 on MSVC
- NEW: lws_struct: BLOB support
- NEW: lws_sul: Now provides two sorted timer domains, a default one as
before, and another whose scheduled events are capable to wake the system from suspend
- NEW: System Message Distribution: lws_smd provides a very lightweight way
to pass short messages between subsystems both in RTOS type case where the
subsystems are all on the lws event loop, and in the case participants are in
different processes, using Secure Streams proxying. Participants register a bitmap
of message classes they care about; if no particpant cares about a particular message,
it is rejected at allocation time for the sender, making it cheap to provide messages
speculatively. See lib/system/smd/README.md for full details.
- NEW: lws_drivers: wrappers for SDK driver abstractions (or actual drivers)
See lib/drivers/README.md, example implementations
minimal-examples/embedded/esp32/esp-wrover-kit
- generic gpio
- generic LED (by name) lib/drivers/led/README.md
- generic PWM, sophisticated interpolated table
sequencers with crossfade
- generic button (by name), with debounce and press classification
emitting rich SMD click, long-click, double-click,
down, repeat, up JSON messages
lib/drivers/button/README.md
- bitbang i2c on generic gpio (hw support can use same
abstract API)
- bitbang spi on generic gpio (hw support can use same
abstract API)
- generic display object, can be wired up to controller
drivers that hook up by generic i2c or spi,
generic backlight PWM sequencing and
blanking timer support
- generic settings storage: get and set blobs by name
- generic network device: netdev abstract class with
WIFI / Ethernet implementations
using underlying SDK APIs;
generic 80211 Scan managements
and credentials handling via
lws_settings
This is the new way to provide embedded platform
functionality that was in the past done like
esp32-factory. Unlike the old way, the new way has no
native apis in it and can be built on other SDK / SoCs
the same.
- NEW: Security-aware JWS JWT (JSON Web Tokens) apis are provided on top of the existing
JOSE / JWS apis. All the common algorithms are available along with some
high level apis like lws http cookie -> JWT struct -> lws http cookie.
- REMOVED: esp32-helper and friends used by esp32-factory now lws_drivers
exists
- REMOVED: generic sessions and friends now JWT is provided
v4.0.0
======
- NEW: Lws is now under the MIT license, see ./LICENSE for details
- NEW: GLIB native event loop support, lws + gtk example
- NEW: native lws MQTT client... supports client stream binding like h2 when
multiple logical connections are going to the same endpoint over MQTT, they
transparently and independently share the one connection + tls tunnel
- NEW: "Secure Streams"... if you are making a device with client connections
to the internet or cloud, this allows separation of the communications
policy (endpoints, tls cert validation, protocols, etc) from the code, with
the goal you can combine streams, change protocols and cloud provision, and
reflect that in the device's JSON policy document without having to change
any code.
- NEW: lws_system: New lightweight and efficient Asynchronous DNS resolver
implementation for both A and AAAA records, supports recursive (without
recursion in code) lookups, caching, and getaddrinfo() compatible results
scheme (from cache directly without per-consumer allocation). Able to
perform DNS lookups without introducing latency in the event loop.
- NEW: lws_system: ntpclient implementation with interface for setting system
time via lws_system ops
- NEW: lws_system: dhcpclient implementation
- NEW: Connection validity tracking, autoproduce PING/PONG for protocols that
support it if not informed that the connection has passed data in both
directions recently enough
- NEW: lws_retry: standardized exponential backoff and retry timing based
around backoff table and lws_sul
- NEW: there are official public helpers for unaligned de/serialization of all
common types, see eh, lws_ser_wu16be() in include/libwebsockets/lws-misc.h
- NEW: lws_tls_client_vhost_extra_cert_mem() api allows attaching extra certs
to a client vhost from DER in memory
- NEW: lws_system: generic blobs support passing auth tokens, per-connection
client certs etc from platform into lws
- NEW: public helpers to consume and produce ipv4/6 addresses in a clean way,
along with lws_sockaddr46 type now public. See eg, lws_sockaddr46-based
lws_sa46_parse_numeric_address(), lws_write_numeric_address()
in include/libwebsockets/lws-network-helper.h
- Improved client redirect handling, h2 compatibility
- NEW: lwsac: additional features for constant folding support (strings that
already are in the lwsac can be pointed to without copying again), backfill
(look for gaps in previous chunks that could take a new use size), and
lwsac_extend() so last use() can attempt to use more unallocated chunk space
- NEW: lws_humanize: apis for reporting scalar quanties like 1234 as "1.234KB"
with the scaled symbol strings passed in by caller
- NEW: freertos: support lws_cancel_service() by using UDP pair bound to lo,
since it doesn't have logical pipes
- NEW: "esp32" plat, which implemented freertos plat compatibility on esp32, is
renamed to "freertos" plat, targeting esp32 and other freertos platforms
- NEW: base64 has an additional api supporting stateful decode, where the input
is not all in the same place at the same time and can be processed
incrementally
- NEW: lws ws proxy: support RFC8441
- NEW: lws_spawn_piped apis: generic support for vforking a process with child
wsis attached to its stdin, stdout and stderr via pipes. When processes are
reaped, a specified callback is triggered. Currently Linux + OSX.
- NEW: lws_fsmount apis: Linux-only overlayfs mount and unmount management for
aggregating read-only layers with disposable, changeable upper layer fs
- Improvements for RTOS / small build case bring the footprint of lws v4 below
that of v3.1 on ARM
- lws_tokenize: flag specifying # should mark rest of line as comment
- NEW: minimal example for integrating libasound / alsa via raw file
- lws_struct: sqlite and json / lejp translation now usable
v3.2.0
======
- This is the last planned release under LGPLv2+SLE. It's not planned to be
maintained like previous releases, please switch to master for the latest
stuff or continue to use v3.1-stable until the next release under the
new MIT license.
- NEW: completely refactored scheduler with a unified, sorted us-resolution
linked-list implementation. All polled checks like timeout are migrated
to use the new timers, which also work on the event lib implementations.
Faster operation, us-resolution timeouts and generic scheduled callbacks
from the event loop.
- NEW: lws_dsh specialized buffer memory allocator that can borrow space
from other cooperating buffers on the same list.
- NEW: lws_sequencer allows managing multi-connection processes and
retries
- NEW: memory buffer cert support
- NEW: LWS_WITH_NETWORK in CMake... can be configured without any network-
related code at all
- NEW: builds on QNX 6.5 and SmartOS
- NEW: JOSE / JWK / JWS / JWE support, for all common ciphers and algs,
works on OpenSSL and mbedtls backends
- NEW: gencrypto now has genaes and genec in addition to genrsa, works
on OpenSSL and mbedtls backends
- NEW: raw_proxy role
- NEW: Basic Auth works on ws connections
- CHANGE: REMOVED: LWS_WITH_GENRSA, LWS_WITH_GENHASH, LWS_WITH_GENEC,
LWS_WITH_GENAES have all been removed and combined into LWS_WITH_GENCRYPTO
- CHANGE: REMOVED: LWS_WITH_JWS, LWS_WITH_JWE have been removed and combined
into LWS_WITH_JOSE
v3.1.0
======
- CHANGE: REMOVED: lws_client_connect() and lws_client_connect_extended()
compatibility apis for lws_client_connect_via_info() have been marked as
deprecated for several versions and are now removed. Use
lws_client_connect_via_info() directly instead.
- CHANGE: CMAKE:
- LWS_WITH_HTTP2: now defaults ON
- CHANGE: Minimal examples updated to use Content Security Policy best
practices, using
`LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE` vhost
option flag and disabling of inline style and scripts. A side-effect of
this is that buffers used to marshal headers have to be prepared to take
more content than previously... LWS_RECOMMENDED_MIN_HEADER_SPACE (2048
currently) is available for user (and internal) use to logically tie the
buffer size to this usecase (and follow future increases).
- NEW: CMAKE
- LWS_FOR_GITOHASHI: sets various cmake options suitable for gitohashi
- LWS_WITH_ASAN: for Linux, enable build with ASAN
Don't forget LWS_WITH_DISTRO_RECOMMENDED, which enables a wide range of lws
options suitable for a distro build of the library.
- NEW: lws threadpool - lightweight pool of pthreads integrated to lws wsi, with
all synchronization to event loop handled internally, queue for excess tasks
[threadpool docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/threadpool)
[threadpool minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/ws-server/minimal-ws-server-threadpool)
Cmake config: `-DLWS_WITH_THREADPOOL=1`
- NEW: libdbus support integrated on lws event loop
[lws dbus docs](https://libwebsockets.org/git/libwebsockets/tree/lib/roles/dbus)
[lws dbus client minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-client)
[lws dbus server minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-server)
Cmake config: `-DLWS_ROLE_DBUS=1`
- NEW: lws allocated chunks (lwsac) - helpers for optimized mass allocation of small
objects inside a few larger malloc chunks... if you need to allocate a lot of
inter-related structs for a limited time, this removes per-struct allocation
library overhead completely and removes the need for any destruction handling
[lwsac docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/lwsac)
[lwsac minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lwsac)
Cmake Config: `-DLWS_WITH_LWSAC=1`
- NEW: lws tokenizer - helper api for robustly tokenizing your own strings without
allocating or adding complexity. Configurable by flags for common delimiter
sets and comma-separated-lists in the tokenizer. Detects and reports syntax
errors.
[lws_tokenize docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-tokenize.h)
[lws_tokenize minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lws_tokenize)
- NEW: lws full-text search - optimized trie generation, serialization,
autocomplete suggestion generation and instant global search support extensible
to huge corpuses of UTF-8 text while remaining super lightweight on resources.
[full-text search docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/fts)
[full-text search minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-fts)
[demo](https://libwebsockets.org/ftsdemo/)
[demo sources](https://libwebsockets.org/git/libwebsockets/tree/plugins/protocol_fulltext_demo.c)
Cmake config: `-DLWS_WITH_FTS=1 -DLWS_WITH_LWSAC=1`
- NEW: gzip + brotli http server-side compression - h1 and h2 automatic advertising
of server compression and application to files with mimetypes "text/*",
"application/javascript" and "image/svg.xml".
Cmake config: `-DLWS_WITH_HTTP_STREAM_COMPRESSION=1`, `-DLWS_WITH_HTTP_BROTLI=1`
- NEW: managed disk cache - API for managing a directory containing cached files
with hashed names, and automatic deletion of LRU files once the cache is
above a given limit.
[lws diskcache docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-diskcache.h)
Cmake config: `-DLWS_WITH_DISKCACHE=1`
- NEW: http reverse proxy - lws mounts support proxying h1 or h2 requests to
a local or remote IP, or unix domain socket over h1. This allows microservice
type architectures where parts of the common URL space are actually handled
by external processes which may be remote or on the same machine.
[lws gitohashi serving](https://libwebsockets.org/git/) is handled this way.
CMake config: `-DLWS_WITH_HTTP_PROXY=1`
- NEW: lws_buflist - internally several types of ad-hoc malloc'd buffer have
been replaced by a new, exported api `struct lws_buflist`. This allows
multiple buffers to be chained and drawn down in strict FIFO order.
- NEW: In the case of h1 upgrade, the connection header is checked to contain
"upgrade". The vhost flag LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK
also causes the Host: header to be confirmed to match the vhost name and
listen port.
- NEW: If no 404 redirect for `lws_return_http_status()` is specified for the vhost,
the status page produced will try to bring in a stylesheet `/error.css`. This allows
you to produce styled 404 or other error pages with logos, graphics etc. See
https://libwebsockets.org/git/badrepo for an example of what you can do with it.
v3.0.0
======
- CHANGE: Clients used to call LWS_CALLBACK_CLOSED same as servers...
LWS_CALLBACK_CLIENT_CLOSED has been introduced and is called for clients
now.
- CHANGE: LWS_CALLBACK_CLIENT_CONNECTION_ERROR used to only be directed at
protocols[0]. However in many cases, the protocol to bind to was provided
at client connection info time and the wsi bound accordingly. In those
cases, CONNECTION_ERROR is directed at the bound protocol, not protcols[0]
any more.
- CHANGE: CMAKE: the following cmake defaults have changed with this version:
- LWS_WITH_ZIP_FOPS: now defaults OFF
- LWS_WITH_RANGES: now defaults OFF
- LWS_WITH_ZLIB: now defaults OFF
- LWS_WITHOUT_EXTENSIONS: now defaults ON
- CHANGE: REMOVED: lws_alloc_vfs_file() (read a file to malloc buffer)
- CHANGE: REMOVED: lws_read() (no longer useful outside of lws internals)
- CHANGE: REMOVED: ESP8266... ESP32 is now within the same price range and much
more performant
- CHANGE: soname bump... don't forget to `ldconfig`
- NEW: all event libraries support "foreign" loop integration where lws itself
if just a temporary user of the loop unrelated to the actual loop lifecycle.
See `minimal-http-server-eventlib-foreign` for example code demonstrating
this for all the event libraries.
Internal loop in lws is also supported and demonstrated by
`minimal-http-server-eventlib`.
- NEW: ws-over-h2 support. This is a new RFC-on-the-way supported by Chrome
and shortly firefox that allows ws connections to be multiplexed back to the
server on the same tcp + tls wrapper h2 connection that the html and scripts
came in on. This is hugely faster that discrete connections.
- NEW: UDP socket adoption and related event callbacks
- NEW: Multi-client connection binding, queuing and pipelining support.
Lws detects multiple client connections to the same server and port, and
optimizes how it handles them according to the server type and provided
flags. For http/1.0, all occur with individual parallel connections. For
http/1.1, you can enable keepalive pipelining, so the connections occur
sequentially on a single network connection. For http/2, they all occur
as parallel streams within a single h2 network connection.
See minimal-http-client-multi for example code.
- NEW: High resolution timer API for wsi, get a callback on your wsi with
LWS_CALLBACK_TIMER, set and reset the timer with lws_set_timer_usecs(wsi, us)
Actual resolution depends on event backend. Works with all backends, poll,
libuv, libevent, and libev.
- NEW: Protocols can arrange vhost-protocol instance specific callbacks with
second resolution using `lws_timed_callback_vh_protocol()`
- NEW: ACME client plugin for self-service TLS certificates
- NEW: RFC7517 JSON Web Keys RFC7638 JWK thumbprint, and RFC7515 JSON Web
signatures support
- NEW: lws_cancel_service() now provides a generic way to synchronize events
from other threads, which appear as a LWS_CALLBACK_EVENT_WAIT_CANCELLED
callback on all protocols. This is compatible with all the event libraries.
- NEW: support BSD poll() where changes to the poll wait while waiting are
undone.
- NEW: Introduce generic hash, hmac and RSA apis that operate the same
regardless of OpenSSL or mbedTLS tls backend
- NEW: Introduce X509 element query api that works the same regardless of
OpenSSL or mbedTLS tls backend
- NEW: Introduce over 30 "minimal examples" in ./minimal-examples... these
replace most of the old test servers
- test-echo -> minimal-ws-server-echo and minimal-ws-client-echo
- test-server-libuv / -libevent / -libev ->
minimal-https-server-eventlib / -eventlib-foreign / -eventlib-demos
- test-server-v2.0 -> folded into all the minimal servers
- test-server direct http serving -> minimal-http-server-dynamic
The minimal examples allow individual standalone build using their own
small CMakeLists.txt.
- NEW: lws now detects any back-to-back writes that did not go through the
event loop inbetween and reports them. This will flag any possibility of
failure rather than wait until the problem happens.
- NEW: CMake has LWS_WITH_DISTRO_RECOMMENDED to select features that are
appropriate for distros
- NEW: Optional vhost URL `error_document_404` if given causes a redirect there
instead of serve the default 404 page.
- NEW: lws_strncpy() wrapper guarantees NUL in copied string even if it was
truncated to fit.
- NEW: for client connections, local protocol binding name can be separated
from the ws subprotocol name if needed, using .local_protocol_name
- NEW: Automatic detection of time discontiguities
- NEW: Applies TCP_USER_TIMEOUT for Linux tcp keepalive where available
- QA: 1600 tests run on each commit in Travis CI, including almost all
Autobahn in client and server mode, various h2load tests, h2spec, attack.sh
the minimal example selftests and others.
- QA: fix small warnings introduced on gcc8.x (eg, Fedora 28)
- QA: Add most of -Wextra on gcc (-Wsign-compare, -Wignored-qualifiers,
-Wtype-limits, -Wuninitialized)
- QA: clean out warnings on windows
- QA: pass all 146 h2spec tests now on strict
- QA: introduce 35 selftests that operate different minimal examples against
each other and confirm the results.
- QA: LWS_WITH_MINIMAL_EXAMPLES allows mass build of all relevant minimal-
examples with the LWS build, for CI and to make all the example binaries
available from the lws build dir ./bin
- REFACTOR: the lws source directory layout in ./lib has been radically
improved, and there are now README.md files in selected subdirs with extra
documentation of interest to people working on lws itself.
- REFACTOR: pipelined transactions return to the event loop before starting the
next part.
- REFACTOR: TLS: replace all TLS library constants with generic LWS ones and
adapt all the TLS library code to translate to these common ones.
Isolated all the tls-related private stuff in `./lib/tls/private.h`, and all
the mbedTLS stuff in `./lib/tls/mbedtls` + openSSL stuff in
`./lib/tls/openssl`
- REFACTOR: the various kinds of wsi possible with lws have been extracted
from the main code and isolated into "roles" in `./lib/roles` which
communicate with the core code via an ops struct. Everything related to
ah is migrated to the http role.
wsi modes are eliminated and replaced by the ops pointer for the role the
wsi is performing. Generic states for wsi are available to control the
lifecycle using core code.
Adding new "roles" is now much easier with the changes and ops struct to
plug into.
- REFACTOR: reduce four different kinds of buffer management in lws into a
generic scatter-gather struct lws_buflist.
- REFACTOR: close notifications go through event loop
v2.4.0
======
- HTTP/2 server support is now mature and usable! LWS_WITH_HTTP2=1 enables it.
Uses ALPN to serve HTTP/2, HTTP/1 and ws[s] connections all from the same
listen port seamlessly. (Requires ALPN-capable OpenSSL 1.1 or mbedTLS).
- LWS_WITH_MBEDTLS=1 at CMake now builds and works against mbedTLS instead of
OpenSSL. Most things work identically, although on common targets where
OpenSSL has acceleration, mbedTLS is many times slower in operation. However
it is a lot smaller codewise.
- Generic hash apis introduced that work the same on mbedTLS or OpenSSL backend
- LWS_WITH_PEER_LIMITS tracks IPs across all vhosts and allows restrictions on
both the number of simultaneous connections and wsi in use for any single IP
- lws_ring apis provide a generic single- or multi-tail ringbuffer... mirror
protocol now uses this. Features include ring elements may be sized to fit
structs in the ringbuffer, callback when no tail any longer needs an element
and it can be deleted, and zerocopy options to write new members directly
into the ringbuffer, and use the ringbuffer element by address too.
- abstract ssh 2 server plugin included, with both plugin and standalone
demos provided. You can bind the plugin to a vhost and also serve full-
strength ssh from the vhost. IO from the ssh server is controlled by an
"ops" struct of callbacks for tx, rx, auth etc.
- Many fixes, cleanups, source refactors and other improvements.
v2.3.0
======
- ESP32 OpenSSL support for client and server
- ESP32 4 x WLAN credential slots may be configured
- Libevent event loop support
- SOCKS5 proxy support
- lws_meta protocol for websocket connection multiplexing
- lws_vhost_destroy() added... allows dynamic removal of listening
vhosts. Vhosts with shared listen sockets adopt the listen socket
automatically if the owner is destroyed.
- IPv6 on Windows
- Improved CGI handling suitable for general CGI scripting, eg, PHP
- Convert even the "old style" test servers to use statically included
plugin sources
- LWS_WITH_STATS cmake option dumps resource usage and timing information
every few seconds to debug log, including latency information about
delay from asking for writeable callback to getting it
- Large (> 2GB) files may be served
- LWS_WITH_HTTP_PROXY Cmake option adds proxying mounts
- Workaround for libev build by disabling -Werror on the test app
- HTTP2 support disabled since no way to serve websockets on it
v2.2.0
======
Major new features
- A mount can be protected by Basic Auth... in lwsws it looks like this
```
{
"mountpoint": "/basic-auth",
"origin": "file://_lws_ddir_/libwebsockets-test-server/private",
"basic-auth": "/var/www/balogins-private"
}
```
The text file named in `basic-auth` contains user:password information
one per line.
See README.lwsws.md for more information.
- RFC7233 RANGES support in lws server... both single and multipart.
This allows seeking for multimedia file serving and download resume.
It's enabled by default but can be disabled by CMake option.
- On Linux, lwsws can reload configuration without dropping ongoing
connections, when sent a SIGHUP. The old configuration drops its
listen sockets so the new configuration can listen on them.
New connections connect to the server instance with the new
configuration. When all old connections eventually close, the old
instance automatically exits. This is equivalent to
`systemctl reload apache`
- New `adopt` api allow adoption including SSL negotiation and
for raw sockets and file descriptors.
- Chunked transfer encoding supported for client and server
- Adaptations to allow operations inside OPTEE Secure World
- ESP32 initial port - able to do all test server functions. See
README.build.md
- Serving gzipped files from inside a ZIP file is supported... this
includes directly serving the gzipped content if the client
indicated it could accept it (ie, almost all browsers) saving
bandwidth and time. For clients that can't accept it, lws
automatically decompresses and serves the content in memory-
efficient chunks. Only a few hundred bytes of heap are needed
to serve any size file from inside the zip. See README.coding.md
- RAW file descriptors may now be adopted into the lws event loop,
independent of event backend (including poll service).
See README.coding.md
- RAW server socket descriptors may now be enabled on the vhost if
the first thing sent on the connection is not a valid http method.
The user code can associate these with a specific protocol per
vhost, and RAW-specific callbacks appear there for creation, rx,
writable and close. See libwebsockets-test-server-v2.0 for an example.
See README.coding.md
- RAW client connections are now possible using the method "RAW".
After connection, the socket is associated to the protocol
named in the client connection info and RAW-specific callbacks
appear there for creation, rx, writable and close.
See libwebsockets-test-client (with raw://) for an example.
See README.coding.md
(for earlier changelogs, see the tagged releases)