changelog

Changelog
---------

(since v1.23)

User api additions
------------------

POST method is supported

The protocol 0 / HTTP callback can now get two new kinds of callback,
LWS_CALLBACK_HTTP_BODY (in and len are a chunk of the body of the HTTP request)
and LWS_CALLBACK_HTTP_BODY_COMPLETION (the expected amount of body has arrived
and been passed to the user code already).  These callbacks are used with the
post method (see the test server for details).

The period between the HTTP header completion and the completion of the body
processing is protected by a 5s timeout.

The chunks are stored in a malloc'd buffer of size protocols[0].rx_buffer_size.


New server option you can enable from user code
LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT allows non-SSL connections to
also be accepted on an SSL listening port.  It's disabled unless you enable
it explicitly.


Two new callbacks are added in protocols[0] that are optional for allowing
limited thread access to libwebsockets, LWS_CALLBACK_LOCK_POLL and
LWS_CALLBACK_UNLOCK_POLL.

If you use them, they protect internal and external poll list changes, but if
you want to use external thread access to libwebsocket_callback_on_writable()
you have to implement your locking here even if you don't use external
poll support.

If you will use another thread for this, take a lot of care about managing
your list of live wsi by doing it from ESTABLISHED and CLOSED callbacks
(with your own locking).



User api changes
----------------

Extra optional argument to libwebsockets_serve_http_file() allows injecion
of HTTP headers into the canned response.  Eg, cookies may be added like
that without getting involved in having to send the header by hand.

A new info member http_proxy_address may be used at context creation time to
set the http proxy.  If non-NULL, it overrides http_proxy environment var.

Cmake supports LWS_SSL_CLIENT_USE_OS_CA_CERTS defaulting to on, which gets
the client to use the OS CA Roots.  If you're worried somebody with the
ability to forge for force creation of a client cert from the root CA in
your OS, you should disable this since your selfsigned $0 cert is a lot safer
then...


v1.23-chrome32-firefox24
========================

 Android.mk                            |   29 +
 CMakeLists.txt                        |  573 ++++++++----
 COPYING                               |  503 -----------
 INSTALL                               |  365 --------
 Makefile.am                           |   13 -
 README.build                          |  371 ++------
 README.coding                         |   63 ++
 autogen.sh                            | 1578 ---------------------------------
 changelog                             |   69 ++
 cmake/FindGit.cmake                   |  163 ++++
 cmake/FindOpenSSLbins.cmake           |   15 +-
 cmake/UseRPMTools.cmake               |  176 ++++
 config.h.cmake                        |   25 +-
 configure.ac                          |  226 -----
 cross-arm-linux-gnueabihf.cmake       |   28 +
 lib/Makefile.am                       |   89 --
 lib/base64-decode.c                   |   98 +-
 lib/client-handshake.c                |  123 ++-
 lib/client-parser.c                   |   19 +-
 lib/client.c                          |  145 ++-
 lib/daemonize.c                       |    4 +-
 lib/extension.c                       |    2 +-
 lib/getifaddrs.h                      |    4 +-
 lib/handshake.c                       |   76 +-
 lib/libwebsockets.c                   |  491 ++++++----
 lib/libwebsockets.h                   |  164 ++--
 lib/output.c                          |  214 ++++-
 lib/parsers.c                         |  102 +--
 lib/private-libwebsockets.h           |   66 +-
 lib/server-handshake.c                |    5 +-
 lib/server.c                          |   29 +-
 lib/sha-1.c                           |    2 +-
 libwebsockets-api-doc.html            |  249 +++---
 libwebsockets.pc.in                   |   11 -
 libwebsockets.spec                    |   14 +-
 m4/ignore-me                          |    2 -
 scripts/FindLibWebSockets.cmake       |   33 +
 scripts/kernel-doc                    |    1 +
 test-server/Makefile.am               |  131 ---
 test-server/leaf.jpg                  |  Bin 0 -> 2477518 bytes
 test-server/test-client.c             |   78 +-
 test-server/test-echo.c               |   33 +-
 test-server/test-fraggle.c            |   26 +-
 test-server/test-ping.c               |   15 +-
 test-server/test-server.c             |  197 +++-
 test-server/test.html                 |    5 +-
 win32port/win32helpers/gettimeofday.c |   74 +-
 win32port/win32helpers/websock-w32.h  |    6 +-
 48 files changed, 2493 insertions(+), 4212 deletions(-)


User api additions
------------------

 - You can now call libwebsocket_callback_on_writable() on http connectons,
 	and get a LWS_CALLBACK_HTTP_WRITEABLE callback, the same way you can
	regulate writes with a websocket protocol connection.

 - A new member in the context creation parameter struct "ssl_cipher_list" is
 	added, replacing CIPHERS_LIST_STRING.  NULL means use the ssl library
	default list of ciphers.

 - Not really an api addition, but libwebsocket_service_fd() will now zero
 	the revents field of the pollfd it was called with if it handled the
	descriptor.  So you can tell if it is a non-lws fd by checking revents
	after the service call... if it's still nonzero, the descriptor
	belongs to you and you need to take care of it.

 - libwebsocket_rx_flow_allow_all_protocol(protocol) will unthrottle all
 	connections with the established protocol.  It's designed to be
	called from user server code when it sees it can accept more input
	and may have throttled connections using the server rx flow apis
	while it was unable to accept any other input  The user server code
	then does not have to try to track while connections it choked, this
	will free up all of them in one call.

 - there's a new, optional callback LWS_CALLBACK_CLOSED_HTTP which gets
	called when an HTTP protocol socket closes

 - for LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION callback, the user_space alloc
	has already been done before the callback happens.  That means we can
	use the user parameter to the callback to contain the user pointer, and
	move the protocol name to the "in" parameter.  The docs for this
	callback are also updated to reflect how to check headers in there.

 - libwebsocket_client_connect() is now properly nonblocking and async.  See
	README.coding and test-client.c for information on the callbacks you
	can rely on controlling the async connection period with.

 - if your OS does not support the http_proxy environment variable convention
 	(eg, reportedly OSX), you can use a new api libwebsocket_set_proxy()
 	to set the proxy details inbetween context creation and the connection
 	action.  For OSes that support http_proxy, that's used automatically.

User api changes
----------------

 - the external poll callbacks now get the socket descriptor coming from the
 	"in" parameter.  The user parameter provides the user_space for the
	wsi as it normally does on the other callbacks.
	LWS_CALLBACK_FILTER_NETWORK_CONNECTION also has the socket descriptor
	delivered by @in now instead of @user.

 - libwebsocket_write() now returns -1 for error, or the amount of data
 	actually accepted for send.  Under load, the OS may signal it is
	ready to send new data on the socket, but have only a restricted
	amount of memory to buffer the packet compared to usual.


User api removal
----------------

 - libwebsocket_ensure_user_space() is removed from the public api, if you
 	were using it to get user_space, you need to adapt your code to only
	use user_space inside the user callback.

 - CIPHERS_LIST_STRING is removed

 - autotools build has been removed.  See README.build for info on how to
 	use CMake for your platform


v1.21-chrome26-firefox18
========================

 - Fixes buffer overflow bug in max frame size handling if you used the
 	default protocol buffer size.  If you declared rx_buffer_size in your
	protocol, which is recommended anyway, your code was unaffected.

v1.2-chrome26-firefox18
=======================

Diffstat
--------

 .gitignore                                                      |  16 +++
 CMakeLists.txt                                                  | 544 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 LICENSE                                                         | 526 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 Makefile.am                                                     |   1 +
 README                                                          |  20 +++
 README.build                                                    | 258 ++++++++++++++++++++++++++++++++-----
 README.coding                                                   |  52 ++++++++
 changelog                                                       | 136 ++++++++++++++++++++
 cmake/FindOpenSSLbins.cmake                                     |  33 +++++
 config.h.cmake                                                  | 173 +++++++++++++++++++++++++
 configure.ac                                                    |  22 +++-
 lib/Makefile.am                                                 |  20 ++-
 lib/base64-decode.c                                             |   2 +-
 lib/client-handshake.c                                          | 190 +++++++++++-----------------
 lib/client-parser.c                                             |  88 +++++++------
 lib/client.c                                                    | 384 ++++++++++++++++++++++++++++++-------------------------
 lib/daemonize.c                                                 |  32 +++--
 lib/extension-deflate-frame.c                                   |  58 +++++----
 lib/extension-deflate-stream.c                                  |  19 ++-
 lib/extension-deflate-stream.h                                  |   4 +-
 lib/extension.c                                                 |  11 +-
 lib/getifaddrs.c                                                | 315 +++++++++++++++++++++++-----------------------
 lib/getifaddrs.h                                                |  30 ++---
 lib/handshake.c                                                 | 124 +++++++++++-------
 lib/libwebsockets.c                                             | 736 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------------------------------
 lib/libwebsockets.h                                             | 237 ++++++++++++++++++++++------------
 lib/output.c                                                    | 192 +++++++++++-----------------
 lib/parsers.c                                                   | 966 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------------------------------------------------
 lib/private-libwebsockets.h                                     | 225 +++++++++++++++++++++------------
 lib/server-handshake.c                                          |  82 ++++++------
 lib/server.c                                                    |  96 +++++++-------
 libwebsockets-api-doc.html                                      | 189 ++++++++++++++++++----------
 libwebsockets.spec                                              |  17 +--
 test-server/attack.sh                                           | 148 ++++++++++++++++++++++
 test-server/test-client.c                                       | 125 +++++++++---------
 test-server/test-echo.c                                         |  31 +++--
 test-server/test-fraggle.c                                      |  32 ++---
 test-server/test-ping.c                                         |  52 ++++----
 test-server/test-server.c                                       | 129 ++++++++++++-------
 win32port/libwebsocketswin32/libwebsocketswin32.vcxproj         | 279 ----------------------------------------
 win32port/libwebsocketswin32/libwebsocketswin32.vcxproj.filters |  23 +++-
 41 files changed, 4398 insertions(+), 2219 deletions(-)


User api additions
------------------

 - lws_get_library_version() returns a const char * with a string like
 	 "1.1 9e7f737", representing the library version from configure.ac
	 and the git HEAD hash the library was built from

 - TCP Keepalive can now optionally be applied to all lws sockets, on Linux
 	also with controllable timeout, number of probes and probe interval.
	(On BSD type OS, you can only use system default settings for the
	timing and retries, although enabling it is supported by setting
	ka_time to nonzero, the exact value has no meaning.)
	This enables detection of idle connections which are logically okay,
	but are in fact dead, due to network connectivity issues at the server,
	client, or any intermediary.  By default it's not enabled, but you
	can enable it by setting a non-zero timeout (in seconds) at the new
	ka_time member at context creation time.

 - Two new optional user callbacks added, LWS_CALLBACK_PROTOCOL_DESTROY which
 	is called one-time per protocol as the context is being destroyed, and
	LWS_CALLBACK_PROTOCOL_INIT which is called when the context is created
	and the protocols are added, again it's a one-time affair.
	This lets you manage per-protocol allocations properly including
	cleaning up after yourself when the server goes down.

User api changes
----------------

 - libwebsocket_create_context() has changed from taking a ton of parameters
	to just taking a pointer to a struct containing the parameters.  The
	struct lws_context_creation_info is in libwebsockets.h, the members
	are in the same order as when they were parameters to the call
	previously.  The test apps are all updated accordingly so you can
	see example code there.

 - Header tokens are now deleted after the websocket connection is
	established.  Not just the header data is saved, but the pointer and
	length array is also removed from (union) scope saving several hundred
	bytes per connection once it is established

 - struct libwebsocket_protocols has a new member rx_buffer_size, this
	controls rx buffer size per connection of that protocol now.  Sources
	for apps built against older versions of the library won't declare
	this in their protocols, defaulting it to 0.  Zero buffer is legal,
	it causes a default buffer to be allocated (currently 4096)

	If you want to receive only atomic frames in your user callback, you
	should set this to greater than your largest frame size.  If a frame
	comes that exceeds that, no error occurs but the callback happens as
	soon as the buffer limit is reached, and again if it is reached again
	or the frame completes.  You can detect that has happened by seeing
	there is still frame content pending using
	libwebsockets_remaining_packet_payload()

	By correctly setting this, you can save a lot of memory when your
	protocol has small frames (see the test server and client sources).

 - LWS_MAX_HEADER_LEN now defaults to 1024 and is the total amount of known
 	header payload lws can cope with, that includes the GET URL, origin
	etc.  Headers not understood by lws are ignored and their payload
	not included in this.


User api removals
-----------------

 - The configuration-time option MAX_USER_RX_BUFFER has been replaced by a
	buffer size chosen per-protocol.  For compatibility, there's a default
	of 4096 rx buffer, but user code should set the appropriate size for
	the protocol frames.

 - LWS_INITIAL_HDR_ALLOC and LWS_ADDITIONAL_HDR_ALLOC are no longer needed
 	and have been removed.  There's a new header management scheme that
	handles them in a much more compact way.

 - libwebsockets_hangup_on_client() is removed.  If you want to close the
 	connection you must do so from the user callback and by returning
	-1 from there.

 - libwebsocket_close_and_free_session() is now private to the library code
 	only and not exposed for user code.  If you want to close the
	connection, you must do so from the user callback by returning -1
	from there.


New features
------------

 - Cmake project file added, aimed initially at Windows support: this replaces
	the visual studio project files that were in the tree until now.

 - CyaSSL now supported in place of OpenSSL (--use-cyassl on configure)

 - PATH_MAX or MAX_PATH no longer needed

 - cutomizable frame rx buffer size by protocol

 - optional TCP keepalive so dead peers can be detected, can be enabled at
 	context-creation time

 - valgrind-clean: no SSL or CyaSSL: completely clean.  With OpenSSL, 88 bytes
 	lost at OpenSSL library init and symptomless reports of uninitialized
	memory usage... seems to be a known and ignored problem at OpenSSL

 - By default debug is enabled and the library is built for -O0 -g to faclitate
	that.  Use --disable-debug configure option to build instead with -O4
	and no -g (debug info), obviously providing best performance and
	reduced binary size.

 - 1.0 introduced some code to try to not deflate small frames, however this
 	seems to break when confronted with a mixture of frames above and
	below the threshold, so it's removed.  Veto the compression extension
	in your user callback if you will typically have very small frames.

 - There are many memory usage improvements, both a reduction in malloc/
 	realloc and architectural changes.  A websocket connection now
	consumes only 296 bytes with SSL or 272 bytes without on x86_64,
	during header processing an additional 1262 bytes is allocated in a
	single malloc, but is freed when the websocket connection starts.
	The RX frame buffer defined by the protocol in user
	code is also allocated per connection, this represents the largest
	frame you can receive atomically in that protocol.

 - On ARM9 build, just http+ws server no extensions or ssl, <12Kbytes .text
 	and 112 bytes per connection (+1328 only during header processing)


v1.1-chrome26-firefox18
=======================

Diffstat
--------

 Makefile.am                            |    4 +
 README-test-server                     |  291 ---
 README.build                           |  239 ++
 README.coding                          |  138 ++
 README.rst                             |   72 -
 README.test-apps                       |  272 +++
 configure.ac                           |  116 +-
 lib/Makefile.am                        |   55 +-
 lib/base64-decode.c                    |    5 +-
 lib/client-handshake.c                 |  121 +-
 lib/client-parser.c                    |  394 ++++
 lib/client.c                           |  807 +++++++
 lib/daemonize.c                        |  212 ++
 lib/extension-deflate-frame.c          |  132 +-
 lib/extension-deflate-stream.c         |   12 +-
 lib/extension-x-google-mux.c           | 1223 ----------
 lib/extension-x-google-mux.h           |   96 -
 lib/extension.c                        |    8 -
 lib/getifaddrs.c                       |  271 +++
 lib/getifaddrs.h                       |   76 +
 lib/handshake.c                        |  582 +----
 lib/libwebsockets.c                    | 2493 ++++++---------------
 lib/libwebsockets.h                    |  115 +-
 lib/md5.c                              |  217 --
 lib/minilex.c                          |  440 ++++
 lib/output.c                           |  628 ++++++
 lib/parsers.c                          | 2016 +++++------------
 lib/private-libwebsockets.h            |  284 +--
 lib/server-handshake.c                 |  275 +++
 lib/server.c                           |  377 ++++
 libwebsockets-api-doc.html             |  300 +--
 m4/ignore-me                           |    2 +
 test-server/Makefile.am                |  111 +-
 test-server/libwebsockets.org-logo.png |  Bin 0 -> 7029 bytes
 test-server/test-client.c              |   45 +-
 test-server/test-echo.c                |  330 +++
 test-server/test-fraggle.c             |   20 +-
 test-server/test-ping.c                |   22 +-
 test-server/test-server-extpoll.c      |  554 -----
 test-server/test-server.c              |  349 ++-
 test-server/test.html                  |    3 +-
 win32port/zlib/ZLib.vcxproj            |  749 ++++---
 win32port/zlib/ZLib.vcxproj.filters    |  188 +-
 win32port/zlib/adler32.c               |  348 ++-
 win32port/zlib/compress.c              |  160 +-
 win32port/zlib/crc32.c                 |  867 ++++----
 win32port/zlib/crc32.h                 |  882 ++++----
 win32port/zlib/deflate.c               | 3799 +++++++++++++++-----------------
 win32port/zlib/deflate.h               |  688 +++---
 win32port/zlib/gzclose.c               |   50 +-
 win32port/zlib/gzguts.h                |  325 ++-
 win32port/zlib/gzlib.c                 | 1157 +++++-----
 win32port/zlib/gzread.c                | 1242 ++++++-----
 win32port/zlib/gzwrite.c               | 1096 +++++----
 win32port/zlib/infback.c               | 1272 ++++++-----
 win32port/zlib/inffast.c               |  680 +++---
 win32port/zlib/inffast.h               |   22 +-
 win32port/zlib/inffixed.h              |  188 +-
 win32port/zlib/inflate.c               | 2976 +++++++++++++------------
 win32port/zlib/inflate.h               |  244 +-
 win32port/zlib/inftrees.c              |  636 +++---
 win32port/zlib/inftrees.h              |  124 +-
 win32port/zlib/trees.c                 | 2468 +++++++++++----------
 win32port/zlib/trees.h                 |  256 +--
 win32port/zlib/uncompr.c               |  118 +-
 win32port/zlib/zconf.h                 |  934 ++++----
 win32port/zlib/zlib.h                  | 3357 ++++++++++++++--------------
 win32port/zlib/zutil.c                 |  642 +++---
 win32port/zlib/zutil.h                 |  526 ++---
 69 files changed, 19556 insertions(+), 20145 deletions(-)

user api changes
----------------

 - libwebsockets_serve_http_file() now takes a context as first argument

 - libwebsockets_get_peer_addresses() now takes a context and wsi as first
	two arguments


user api additions
------------------

 - lwsl_...() logging apis, default to stderr but retargetable by user code;
	may be used also by user code

 - lws_set_log_level() set which logging apis are able to emit (defaults to
	notice, warn, err severities), optionally set the emit callback

 - lwsl_emit_syslog() helper callback emits to syslog

 - lws_daemonize() helper code that forks the app into a headless daemon
	properly, maintains a lock file with pid in suitable for sysvinit etc to
	control lifecycle

 - LWS_CALLBACK_HTTP_FILE_COMPLETION callback added since http file
	transfer is now asynchronous (see test server code)

 - lws_frame_is_binary() from a wsi pointer, let you know if the received
	data was sent in BINARY mode


user api removals
-----------------

 - libwebsockets_fork_service_loop() - no longer supported (had intractable problems)
	arrange your code to act from the user callback instead from same
	process context as the service loop

 - libwebsockets_broadcast() - use libwebsocket_callback_on_writable[_all_protocol]()
	instead from same process context as the service loop.  See the test apps
	for examples.

 - x-google-mux() removed until someone wants it

 - pre -v13 (ancient) protocol support removed


New features
------------

 - echo test server and client compatible with echo.websocket.org added

 - many new configure options (see README.build) to reduce footprint of the
	library to what you actually need, eg, --without-client and
	--without-server

 - http + websocket server can build to as little as 12K .text for ARM

 - no more MAX_CLIENTS limitation; adapts to support the max number of fds
	allowed to the process by ulimit, defaults to 1024 on Fedora and
	Ubuntu.  Use ulimit to control this without needing to configure
	the library.  Code here is smaller and faster.

 - adaptive ratio of listen socket to connection socket service allows
	good behaviour under Apache ab test load.  Tested with thousands
	of simultaneous connections

 - reduction in per-connection memory footprint by moving to a union to hold
	mutually-exclusive state for the connection

 - robustness: Out of Memory taken care of for all allocation code now

 - internal getifaddrs option if your toolchain lacks it (some uclibc)

 - configurable memory limit for deflate operations

 - improvements in SSL code nonblocking operation, possible hang solved,
	some SSL operations broken down into pollable states so there is
	no library blocking, timeout coverage for SSL_connect

 - extpoll test server merged into single test server source

 - robustness: library should deal with all recoverable socket conditions

 - rx flowcontrol for backpressure notification fixed and implmeneted
	correctly in the test server

 - optimal lexical parser added for header processing; all headers in a
	single 276-byte state table

 - latency tracking api added (configure --with-latency)

 - Improved in-tree documentation, REAME.build, README.coding,
	README.test-apps, changelog

 - Many small fixes


v1.0-chrome25-firefox17 (6cd1ea9b005933f)