1Changelog 2--------- 3 4v4.2.0 5====== 6 7 - Sai coverage upgrades, 495 builds on 27 platforms, including OSX M1, 8 Xenial, Bionic and Focal Ubuntu, Debian Sid and Buster on both 32 and 9 64-bit OS, and NetBSD, Solaris, FreeBSD, Windows, ESP32. 10 Ctest run on more scenarios including all LWS_WITH_DISTRO_RECOMMENDED. 11 More tests use valgrind if available on platform. 12 - RFC7231 date and time parsing and retry-after wired up to lws_retry 13 - `LWS_WITH_SUL_DEBUGGING` checks that no sul belonging to Secure Streams 14 and wsi objects are left registered on destruction 15 - Netlink monitoring on Linux dynamically tracks interface address and 16 routing changes, and immediately closes connections on invalidated 17 routes. 18 - RFC6724 DNS results sorting over ipv4 + ipv6 results, according to 19 available dynamic route information 20 - Support new event library, sdevent (systemd native loop), via 21 `LWS_WITH_SDEVENT` 22 - Reduce .rodata cost of role structs by making them sparse 23 - Additional Secure Streams QA tests and runtime state transition 24 validation 25 - SMD-over-ss-proxy documentation and helpers to simplify forwarding 26 - SSPC stream buffering at proxy and client set from policy by streamtype 27 - Trigger Captive Portal Detection if DNS resolution fails 28 - Switch all logs related to wsi and Secure Streams to use unique, 29 descriptive tags instead of pointers (which may be reallocated) 30 - Use NOITCE logging for Secure Streams and wsi lifecycle logging using 31 tags 32 - Update SSPC serialization to include versioning on initial handshake, 33 and pass client pid to proxy so related objects are tagged with it 34 - Enable errors on -Wconversion pedantic type-related build issues 35 throughout the lws sources and upgrade every affected cast. 36 - Windows remove WSA event implementation and replace with WSAPoll, with 37 a pair of UDP sockets instead of pipe() for `lws_cancel_service()` 38 - `lws_strcmp_wildcard()` helper that understand "x*", "x*y", "x*y*" etc 39 - `LWS_WITH_PLUGINS_BUILTIN` cmake option just builds plugins into the main 40 library image directly 41 - Secure Streams proxy supports policy for flow control between proxy and 42 clients 43 - libressl also supported along with boringssl, wolfssl 44 - prepared for openssl v3 compatibility, for main function and GENCRYPTO 45 - Fault injection apis can confirm operation of 48 error paths and counting 46 - `LWS_WITH_SYS_METRICS` keeps stats and reports them to user-defined 47 function, compatible with openmetrics 48 - windows platform knows how to prepare openssl with system trust store certs 49 - `LWS_WITH_SYS_CONMON` allows selected client connections to make precise 50 measurements of connection performance and DNS results, and report them in a struct 51 - New native support for uloop event loop (OpenWRT loop) 52 - More options around JWT 53 - Support TLS session caching and reuse by default, on both OpenSSL and 54 mbedtls 55 - Many fixes and improvements... 56 57v4.1.0 58====== 59 60 - NEW: travis / appveyor / bintray are replaced by Sai 61 https://libwebsockets.org/sai/ which for lws currently does 193 builds per 62 git push on 16 platforms, all self-hosted. The homebrew bash scripts used 63 to select Minimal examples are replaced by CTest. Platforms currently 64 include Fedora/AMD/GCC, Windows/AMD/mingw32, Windows/AMD/mingw64, Android/ 65 aarch64/LLVM, esp-idf (on WROVER-KIT and HELTEC physical boards), Fedora/ 66 RISCV (on QEMU)/GCC, CentOS8/AMD/GCC, Gentoo/AMD/GCC, Bionic/AMD/GCC, 67 Linkit 7697, Focal/AMD/GCC, Windows (on QEMU)/AMD/MSVC, 68 Focal/aarch64-RPI4/GCC, iOS/aarch64/LLVM and OSX/AMD/LLVM. 69 70 - NEW: The single CMakeLists.txt has been refactored and modernized into smaller 71 CMakeLists.txt in the subdirectory along with the code that is being managed 72 for build by it. Build options are still listed in the top level as before 73 but the new way is much more maintainable. 74 75 - NEW: event lib support on Unix is now built into dynamically loaded plugins 76 and brought in at runtime, allowing all of the support to be built in 77 isolation without conflicts, and separately packaged with individual 78 dependencies. See ./READMEs/event-libs.md for details and how to force 79 the old static build into lws method. 80 81 - NEW: Captive Portal Detection. Lws can determine if the active default 82 route is able to connect to the internet, or is in a captive portal type 83 situation, by trying to connect to a remote server that will respond in an 84 unusual way, like provide a 204. 85 86 - NEW: Secure streams: Support system trust store if it exists 87 Build on Windows 88 Support lws raw socket protocol in SS 89 Support Unix Domain Socket transport 90 91 - NEW: Windows: Support Unix Domain Sockets same as other platforms 92 93 - NEW: Windows: Build using native pthreads, async dns, ipv6 on MSVC 94 95 - NEW: lws_struct: BLOB support 96 97 - NEW: lws_sul: Now provides two sorted timer domains, a default one as 98 before, and another whose scheduled events are capable to wake the system from suspend 99 100 - NEW: System Message Distribution: lws_smd provides a very lightweight way 101 to pass short messages between subsystems both in RTOS type case where the 102 subsystems are all on the lws event loop, and in the case participants are in 103 different processes, using Secure Streams proxying. Participants register a bitmap 104 of message classes they care about; if no particpant cares about a particular message, 105 it is rejected at allocation time for the sender, making it cheap to provide messages 106 speculatively. See lib/system/smd/README.md for full details. 107 108 - NEW: lws_drivers: wrappers for SDK driver abstractions (or actual drivers) 109 See lib/drivers/README.md, example implementations 110 minimal-examples/embedded/esp32/esp-wrover-kit 111 - generic gpio 112 - generic LED (by name) lib/drivers/led/README.md 113 - generic PWM, sophisticated interpolated table 114 sequencers with crossfade 115 - generic button (by name), with debounce and press classification 116 emitting rich SMD click, long-click, double-click, 117 down, repeat, up JSON messages 118 lib/drivers/button/README.md 119 - bitbang i2c on generic gpio (hw support can use same 120 abstract API) 121 - bitbang spi on generic gpio (hw support can use same 122 abstract API) 123 - generic display object, can be wired up to controller 124 drivers that hook up by generic i2c or spi, 125 generic backlight PWM sequencing and 126 blanking timer support 127 - generic settings storage: get and set blobs by name 128 - generic network device: netdev abstract class with 129 WIFI / Ethernet implementations 130 using underlying SDK APIs; 131 generic 80211 Scan managements 132 and credentials handling via 133 lws_settings 134 This is the new way to provide embedded platform 135 functionality that was in the past done like 136 esp32-factory. Unlike the old way, the new way has no 137 native apis in it and can be built on other SDK / SoCs 138 the same. 139 140 - NEW: Security-aware JWS JWT (JSON Web Tokens) apis are provided on top of the existing 141 JOSE / JWS apis. All the common algorithms are available along with some 142 high level apis like lws http cookie -> JWT struct -> lws http cookie. 143 144 - REMOVED: esp32-helper and friends used by esp32-factory now lws_drivers 145 exists 146 147 - REMOVED: generic sessions and friends now JWT is provided 148 149v4.0.0 150====== 151 152 - NEW: Lws is now under the MIT license, see ./LICENSE for details 153 154 - NEW: GLIB native event loop support, lws + gtk example 155 156 - NEW: native lws MQTT client... supports client stream binding like h2 when 157 multiple logical connections are going to the same endpoint over MQTT, they 158 transparently and independently share the one connection + tls tunnel 159 160 - NEW: "Secure Streams"... if you are making a device with client connections 161 to the internet or cloud, this allows separation of the communications 162 policy (endpoints, tls cert validation, protocols, etc) from the code, with 163 the goal you can combine streams, change protocols and cloud provision, and 164 reflect that in the device's JSON policy document without having to change 165 any code. 166 167 - NEW: lws_system: New lightweight and efficient Asynchronous DNS resolver 168 implementation for both A and AAAA records, supports recursive (without 169 recursion in code) lookups, caching, and getaddrinfo() compatible results 170 scheme (from cache directly without per-consumer allocation). Able to 171 perform DNS lookups without introducing latency in the event loop. 172 173 - NEW: lws_system: ntpclient implementation with interface for setting system 174 time via lws_system ops 175 176 - NEW: lws_system: dhcpclient implementation 177 178 - NEW: Connection validity tracking, autoproduce PING/PONG for protocols that 179 support it if not informed that the connection has passed data in both 180 directions recently enough 181 182 - NEW: lws_retry: standardized exponential backoff and retry timing based 183 around backoff table and lws_sul 184 185 - NEW: there are official public helpers for unaligned de/serialization of all 186 common types, see eh, lws_ser_wu16be() in include/libwebsockets/lws-misc.h 187 188 - NEW: lws_tls_client_vhost_extra_cert_mem() api allows attaching extra certs 189 to a client vhost from DER in memory 190 191 - NEW: lws_system: generic blobs support passing auth tokens, per-connection 192 client certs etc from platform into lws 193 194 - NEW: public helpers to consume and produce ipv4/6 addresses in a clean way, 195 along with lws_sockaddr46 type now public. See eg, lws_sockaddr46-based 196 lws_sa46_parse_numeric_address(), lws_write_numeric_address() 197 in include/libwebsockets/lws-network-helper.h 198 199 - Improved client redirect handling, h2 compatibility 200 201 - NEW: lwsac: additional features for constant folding support (strings that 202 already are in the lwsac can be pointed to without copying again), backfill 203 (look for gaps in previous chunks that could take a new use size), and 204 lwsac_extend() so last use() can attempt to use more unallocated chunk space 205 206 - NEW: lws_humanize: apis for reporting scalar quanties like 1234 as "1.234KB" 207 with the scaled symbol strings passed in by caller 208 209 - NEW: freertos: support lws_cancel_service() by using UDP pair bound to lo, 210 since it doesn't have logical pipes 211 212 - NEW: "esp32" plat, which implemented freertos plat compatibility on esp32, is 213 renamed to "freertos" plat, targeting esp32 and other freertos platforms 214 215 - NEW: base64 has an additional api supporting stateful decode, where the input 216 is not all in the same place at the same time and can be processed 217 incrementally 218 219 - NEW: lws ws proxy: support RFC8441 220 221 - NEW: lws_spawn_piped apis: generic support for vforking a process with child 222 wsis attached to its stdin, stdout and stderr via pipes. When processes are 223 reaped, a specified callback is triggered. Currently Linux + OSX. 224 225 - NEW: lws_fsmount apis: Linux-only overlayfs mount and unmount management for 226 aggregating read-only layers with disposable, changeable upper layer fs 227 228 - Improvements for RTOS / small build case bring the footprint of lws v4 below 229 that of v3.1 on ARM 230 231 - lws_tokenize: flag specifying # should mark rest of line as comment 232 233 - NEW: minimal example for integrating libasound / alsa via raw file 234 235 - lws_struct: sqlite and json / lejp translation now usable 236 237 238v3.2.0 239====== 240 241 - This is the last planned release under LGPLv2+SLE. It's not planned to be 242 maintained like previous releases, please switch to master for the latest 243 stuff or continue to use v3.1-stable until the next release under the 244 new MIT license. 245 246 - NEW: completely refactored scheduler with a unified, sorted us-resolution 247 linked-list implementation. All polled checks like timeout are migrated 248 to use the new timers, which also work on the event lib implementations. 249 Faster operation, us-resolution timeouts and generic scheduled callbacks 250 from the event loop. 251 252 - NEW: lws_dsh specialized buffer memory allocator that can borrow space 253 from other cooperating buffers on the same list. 254 255 - NEW: lws_sequencer allows managing multi-connection processes and 256 retries 257 258 - NEW: memory buffer cert support 259 260 - NEW: LWS_WITH_NETWORK in CMake... can be configured without any network- 261 related code at all 262 263 - NEW: builds on QNX 6.5 and SmartOS 264 265 - NEW: JOSE / JWK / JWS / JWE support, for all common ciphers and algs, 266 works on OpenSSL and mbedtls backends 267 268 - NEW: gencrypto now has genaes and genec in addition to genrsa, works 269 on OpenSSL and mbedtls backends 270 271 - NEW: raw_proxy role 272 273 - NEW: Basic Auth works on ws connections 274 275 - CHANGE: REMOVED: LWS_WITH_GENRSA, LWS_WITH_GENHASH, LWS_WITH_GENEC, 276 LWS_WITH_GENAES have all been removed and combined into LWS_WITH_GENCRYPTO 277 278 - CHANGE: REMOVED: LWS_WITH_JWS, LWS_WITH_JWE have been removed and combined 279 into LWS_WITH_JOSE 280 281v3.1.0 282====== 283 284 - CHANGE: REMOVED: lws_client_connect() and lws_client_connect_extended() 285 compatibility apis for lws_client_connect_via_info() have been marked as 286 deprecated for several versions and are now removed. Use 287 lws_client_connect_via_info() directly instead. 288 289 - CHANGE: CMAKE: 290 - LWS_WITH_HTTP2: now defaults ON 291 292 - CHANGE: Minimal examples updated to use Content Security Policy best 293 practices, using 294 `LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE` vhost 295 option flag and disabling of inline style and scripts. A side-effect of 296 this is that buffers used to marshal headers have to be prepared to take 297 more content than previously... LWS_RECOMMENDED_MIN_HEADER_SPACE (2048 298 currently) is available for user (and internal) use to logically tie the 299 buffer size to this usecase (and follow future increases). 300 301 - NEW: CMAKE 302 - LWS_FOR_GITOHASHI: sets various cmake options suitable for gitohashi 303 - LWS_WITH_ASAN: for Linux, enable build with ASAN 304 305 Don't forget LWS_WITH_DISTRO_RECOMMENDED, which enables a wide range of lws 306 options suitable for a distro build of the library. 307 308 - NEW: lws threadpool - lightweight pool of pthreads integrated to lws wsi, with 309 all synchronization to event loop handled internally, queue for excess tasks 310 [threadpool docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/threadpool) 311 [threadpool minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/ws-server/minimal-ws-server-threadpool) 312 Cmake config: `-DLWS_WITH_THREADPOOL=1` 313 314 - NEW: libdbus support integrated on lws event loop 315 [lws dbus docs](https://libwebsockets.org/git/libwebsockets/tree/lib/roles/dbus) 316 [lws dbus client minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-client) 317 [lws dbus server minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-server) 318 Cmake config: `-DLWS_ROLE_DBUS=1` 319 320 - NEW: lws allocated chunks (lwsac) - helpers for optimized mass allocation of small 321 objects inside a few larger malloc chunks... if you need to allocate a lot of 322 inter-related structs for a limited time, this removes per-struct allocation 323 library overhead completely and removes the need for any destruction handling 324 [lwsac docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/lwsac) 325 [lwsac minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lwsac) 326 Cmake Config: `-DLWS_WITH_LWSAC=1` 327 328 - NEW: lws tokenizer - helper api for robustly tokenizing your own strings without 329 allocating or adding complexity. Configurable by flags for common delimiter 330 sets and comma-separated-lists in the tokenizer. Detects and reports syntax 331 errors. 332 [lws_tokenize docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-tokenize.h) 333 [lws_tokenize minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lws_tokenize) 334 335 - NEW: lws full-text search - optimized trie generation, serialization, 336 autocomplete suggestion generation and instant global search support extensible 337 to huge corpuses of UTF-8 text while remaining super lightweight on resources. 338 [full-text search docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/fts) 339 [full-text search minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-fts) 340 [demo](https://libwebsockets.org/ftsdemo/) 341 [demo sources](https://libwebsockets.org/git/libwebsockets/tree/plugins/protocol_fulltext_demo.c) 342 Cmake config: `-DLWS_WITH_FTS=1 -DLWS_WITH_LWSAC=1` 343 344 - NEW: gzip + brotli http server-side compression - h1 and h2 automatic advertising 345 of server compression and application to files with mimetypes "text/*", 346 "application/javascript" and "image/svg.xml". 347 Cmake config: `-DLWS_WITH_HTTP_STREAM_COMPRESSION=1`, `-DLWS_WITH_HTTP_BROTLI=1` 348 349 - NEW: managed disk cache - API for managing a directory containing cached files 350 with hashed names, and automatic deletion of LRU files once the cache is 351 above a given limit. 352 [lws diskcache docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-diskcache.h) 353 Cmake config: `-DLWS_WITH_DISKCACHE=1` 354 355 - NEW: http reverse proxy - lws mounts support proxying h1 or h2 requests to 356 a local or remote IP, or unix domain socket over h1. This allows microservice 357 type architectures where parts of the common URL space are actually handled 358 by external processes which may be remote or on the same machine. 359 [lws gitohashi serving](https://libwebsockets.org/git/) is handled this way. 360 CMake config: `-DLWS_WITH_HTTP_PROXY=1` 361 362 - NEW: lws_buflist - internally several types of ad-hoc malloc'd buffer have 363 been replaced by a new, exported api `struct lws_buflist`. This allows 364 multiple buffers to be chained and drawn down in strict FIFO order. 365 366 - NEW: In the case of h1 upgrade, the connection header is checked to contain 367 "upgrade". The vhost flag LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK 368 also causes the Host: header to be confirmed to match the vhost name and 369 listen port. 370 371 - NEW: If no 404 redirect for `lws_return_http_status()` is specified for the vhost, 372 the status page produced will try to bring in a stylesheet `/error.css`. This allows 373 you to produce styled 404 or other error pages with logos, graphics etc. See 374 https://libwebsockets.org/git/badrepo for an example of what you can do with it. 375 376v3.0.0 377====== 378 379 - CHANGE: Clients used to call LWS_CALLBACK_CLOSED same as servers... 380 LWS_CALLBACK_CLIENT_CLOSED has been introduced and is called for clients 381 now. 382 383 - CHANGE: LWS_CALLBACK_CLIENT_CONNECTION_ERROR used to only be directed at 384 protocols[0]. However in many cases, the protocol to bind to was provided 385 at client connection info time and the wsi bound accordingly. In those 386 cases, CONNECTION_ERROR is directed at the bound protocol, not protcols[0] 387 any more. 388 389 - CHANGE: CMAKE: the following cmake defaults have changed with this version: 390 391 - LWS_WITH_ZIP_FOPS: now defaults OFF 392 - LWS_WITH_RANGES: now defaults OFF 393 - LWS_WITH_ZLIB: now defaults OFF 394 - LWS_WITHOUT_EXTENSIONS: now defaults ON 395 396 - CHANGE: REMOVED: lws_alloc_vfs_file() (read a file to malloc buffer) 397 398 - CHANGE: REMOVED: lws_read() (no longer useful outside of lws internals) 399 400 - CHANGE: REMOVED: ESP8266... ESP32 is now within the same price range and much 401 more performant 402 403 - CHANGE: soname bump... don't forget to `ldconfig` 404 405 - NEW: all event libraries support "foreign" loop integration where lws itself 406 if just a temporary user of the loop unrelated to the actual loop lifecycle. 407 408 See `minimal-http-server-eventlib-foreign` for example code demonstrating 409 this for all the event libraries. 410 411 Internal loop in lws is also supported and demonstrated by 412 `minimal-http-server-eventlib`. 413 414 - NEW: ws-over-h2 support. This is a new RFC-on-the-way supported by Chrome 415 and shortly firefox that allows ws connections to be multiplexed back to the 416 server on the same tcp + tls wrapper h2 connection that the html and scripts 417 came in on. This is hugely faster that discrete connections. 418 419 - NEW: UDP socket adoption and related event callbacks 420 421 - NEW: Multi-client connection binding, queuing and pipelining support. 422 423 Lws detects multiple client connections to the same server and port, and 424 optimizes how it handles them according to the server type and provided 425 flags. For http/1.0, all occur with individual parallel connections. For 426 http/1.1, you can enable keepalive pipelining, so the connections occur 427 sequentially on a single network connection. For http/2, they all occur 428 as parallel streams within a single h2 network connection. 429 430 See minimal-http-client-multi for example code. 431 432 - NEW: High resolution timer API for wsi, get a callback on your wsi with 433 LWS_CALLBACK_TIMER, set and reset the timer with lws_set_timer_usecs(wsi, us) 434 Actual resolution depends on event backend. Works with all backends, poll, 435 libuv, libevent, and libev. 436 437 - NEW: Protocols can arrange vhost-protocol instance specific callbacks with 438 second resolution using `lws_timed_callback_vh_protocol()` 439 440 - NEW: ACME client plugin for self-service TLS certificates 441 442 - NEW: RFC7517 JSON Web Keys RFC7638 JWK thumbprint, and RFC7515 JSON Web 443 signatures support 444 445 - NEW: lws_cancel_service() now provides a generic way to synchronize events 446 from other threads, which appear as a LWS_CALLBACK_EVENT_WAIT_CANCELLED 447 callback on all protocols. This is compatible with all the event libraries. 448 449 - NEW: support BSD poll() where changes to the poll wait while waiting are 450 undone. 451 452 - NEW: Introduce generic hash, hmac and RSA apis that operate the same 453 regardless of OpenSSL or mbedTLS tls backend 454 455 - NEW: Introduce X509 element query api that works the same regardless of 456 OpenSSL or mbedTLS tls backend 457 458 - NEW: Introduce over 30 "minimal examples" in ./minimal-examples... these 459 replace most of the old test servers 460 461 - test-echo -> minimal-ws-server-echo and minimal-ws-client-echo 462 463 - test-server-libuv / -libevent / -libev -> 464 minimal-https-server-eventlib / -eventlib-foreign / -eventlib-demos 465 466 - test-server-v2.0 -> folded into all the minimal servers 467 468 - test-server direct http serving -> minimal-http-server-dynamic 469 470 The minimal examples allow individual standalone build using their own 471 small CMakeLists.txt. 472 473 - NEW: lws now detects any back-to-back writes that did not go through the 474 event loop inbetween and reports them. This will flag any possibility of 475 failure rather than wait until the problem happens. 476 477 - NEW: CMake has LWS_WITH_DISTRO_RECOMMENDED to select features that are 478 appropriate for distros 479 480 - NEW: Optional vhost URL `error_document_404` if given causes a redirect there 481 instead of serve the default 404 page. 482 483 - NEW: lws_strncpy() wrapper guarantees NUL in copied string even if it was 484 truncated to fit. 485 486 - NEW: for client connections, local protocol binding name can be separated 487 from the ws subprotocol name if needed, using .local_protocol_name 488 489 - NEW: Automatic detection of time discontiguities 490 491 - NEW: Applies TCP_USER_TIMEOUT for Linux tcp keepalive where available 492 493 - QA: 1600 tests run on each commit in Travis CI, including almost all 494 Autobahn in client and server mode, various h2load tests, h2spec, attack.sh 495 the minimal example selftests and others. 496 497 - QA: fix small warnings introduced on gcc8.x (eg, Fedora 28) 498 499 - QA: Add most of -Wextra on gcc (-Wsign-compare, -Wignored-qualifiers, 500 -Wtype-limits, -Wuninitialized) 501 502 - QA: clean out warnings on windows 503 504 - QA: pass all 146 h2spec tests now on strict 505 506 - QA: introduce 35 selftests that operate different minimal examples against 507 each other and confirm the results. 508 509 - QA: LWS_WITH_MINIMAL_EXAMPLES allows mass build of all relevant minimal- 510 examples with the LWS build, for CI and to make all the example binaries 511 available from the lws build dir ./bin 512 513 - REFACTOR: the lws source directory layout in ./lib has been radically 514 improved, and there are now README.md files in selected subdirs with extra 515 documentation of interest to people working on lws itself. 516 517 - REFACTOR: pipelined transactions return to the event loop before starting the 518 next part. 519 520 - REFACTOR: TLS: replace all TLS library constants with generic LWS ones and 521 adapt all the TLS library code to translate to these common ones. 522 523 Isolated all the tls-related private stuff in `./lib/tls/private.h`, and all 524 the mbedTLS stuff in `./lib/tls/mbedtls` + openSSL stuff in 525 `./lib/tls/openssl` 526 527 - REFACTOR: the various kinds of wsi possible with lws have been extracted 528 from the main code and isolated into "roles" in `./lib/roles` which 529 communicate with the core code via an ops struct. Everything related to 530 ah is migrated to the http role. 531 532 wsi modes are eliminated and replaced by the ops pointer for the role the 533 wsi is performing. Generic states for wsi are available to control the 534 lifecycle using core code. 535 536 Adding new "roles" is now much easier with the changes and ops struct to 537 plug into. 538 539 - REFACTOR: reduce four different kinds of buffer management in lws into a 540 generic scatter-gather struct lws_buflist. 541 542 - REFACTOR: close notifications go through event loop 543 544 545v2.4.0 546====== 547 548 - HTTP/2 server support is now mature and usable! LWS_WITH_HTTP2=1 enables it. 549 Uses ALPN to serve HTTP/2, HTTP/1 and ws[s] connections all from the same 550 listen port seamlessly. (Requires ALPN-capable OpenSSL 1.1 or mbedTLS). 551 552 - LWS_WITH_MBEDTLS=1 at CMake now builds and works against mbedTLS instead of 553 OpenSSL. Most things work identically, although on common targets where 554 OpenSSL has acceleration, mbedTLS is many times slower in operation. However 555 it is a lot smaller codewise. 556 557 - Generic hash apis introduced that work the same on mbedTLS or OpenSSL backend 558 559 - LWS_WITH_PEER_LIMITS tracks IPs across all vhosts and allows restrictions on 560 both the number of simultaneous connections and wsi in use for any single IP 561 562 - lws_ring apis provide a generic single- or multi-tail ringbuffer... mirror 563 protocol now uses this. Features include ring elements may be sized to fit 564 structs in the ringbuffer, callback when no tail any longer needs an element 565 and it can be deleted, and zerocopy options to write new members directly 566 into the ringbuffer, and use the ringbuffer element by address too. 567 568 - abstract ssh 2 server plugin included, with both plugin and standalone 569 demos provided. You can bind the plugin to a vhost and also serve full- 570 strength ssh from the vhost. IO from the ssh server is controlled by an 571 "ops" struct of callbacks for tx, rx, auth etc. 572 573 - Many fixes, cleanups, source refactors and other improvements. 574 575 576v2.3.0 577====== 578 579 - ESP32 OpenSSL support for client and server 580 581 - ESP32 4 x WLAN credential slots may be configured 582 583 - Libevent event loop support 584 585 - SOCKS5 proxy support 586 587 - lws_meta protocol for websocket connection multiplexing 588 589 - lws_vhost_destroy() added... allows dynamic removal of listening 590 vhosts. Vhosts with shared listen sockets adopt the listen socket 591 automatically if the owner is destroyed. 592 593 - IPv6 on Windows 594 595 - Improved CGI handling suitable for general CGI scripting, eg, PHP 596 597 - Convert even the "old style" test servers to use statically included 598 plugin sources 599 600 - LWS_WITH_STATS cmake option dumps resource usage and timing information 601 every few seconds to debug log, including latency information about 602 delay from asking for writeable callback to getting it 603 604 - Large (> 2GB) files may be served 605 606 - LWS_WITH_HTTP_PROXY Cmake option adds proxying mounts 607 608 - Workaround for libev build by disabling -Werror on the test app 609 610 - HTTP2 support disabled since no way to serve websockets on it 611 612 613v2.2.0 614====== 615 616Major new features 617 618 - A mount can be protected by Basic Auth... in lwsws it looks like this 619 620 ``` 621{ 622 "mountpoint": "/basic-auth", 623 "origin": "file://_lws_ddir_/libwebsockets-test-server/private", 624 "basic-auth": "/var/www/balogins-private" 625} 626``` 627 628The text file named in `basic-auth` contains user:password information 629one per line. 630 631See README.lwsws.md for more information. 632 633 - RFC7233 RANGES support in lws server... both single and multipart. 634 This allows seeking for multimedia file serving and download resume. 635 It's enabled by default but can be disabled by CMake option. 636 637 - On Linux, lwsws can reload configuration without dropping ongoing 638 connections, when sent a SIGHUP. The old configuration drops its 639 listen sockets so the new configuration can listen on them. 640 New connections connect to the server instance with the new 641 configuration. When all old connections eventually close, the old 642 instance automatically exits. This is equivalent to 643 `systemctl reload apache` 644 645 - New `adopt` api allow adoption including SSL negotiation and 646 for raw sockets and file descriptors. 647 648 - Chunked transfer encoding supported for client and server 649 650 - Adaptations to allow operations inside OPTEE Secure World 651 652 - ESP32 initial port - able to do all test server functions. See 653 README.build.md 654 655 - Serving gzipped files from inside a ZIP file is supported... this 656 includes directly serving the gzipped content if the client 657 indicated it could accept it (ie, almost all browsers) saving 658 bandwidth and time. For clients that can't accept it, lws 659 automatically decompresses and serves the content in memory- 660 efficient chunks. Only a few hundred bytes of heap are needed 661 to serve any size file from inside the zip. See README.coding.md 662 663 - RAW file descriptors may now be adopted into the lws event loop, 664 independent of event backend (including poll service). 665 See README.coding.md 666 667 - RAW server socket descriptors may now be enabled on the vhost if 668 the first thing sent on the connection is not a valid http method. 669 The user code can associate these with a specific protocol per 670 vhost, and RAW-specific callbacks appear there for creation, rx, 671 writable and close. See libwebsockets-test-server-v2.0 for an example. 672 See README.coding.md 673 674 - RAW client connections are now possible using the method "RAW". 675 After connection, the socket is associated to the protocol 676 named in the client connection info and RAW-specific callbacks 677 appear there for creation, rx, writable and close. 678 See libwebsockets-test-client (with raw://) for an example. 679 See README.coding.md 680 681 682(for earlier changelogs, see the tagged releases) 683