• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * lws-minimal-secure-streams-avs
3  *
4  * Written in 2019-2020 by Andy Green <andy@warmcat.com>
5  *
6  * This file is made available under the Creative Commons CC0 1.0
7  * Universal Public Domain Dedication.
8  */
9 
10 #include <libwebsockets.h>
11 #include <string.h>
12 #include <signal.h>
13 
14 extern int
15 avs_example_start(struct lws_context *context);
16 
17 int interrupted, bad = 1;
18 static lws_state_notify_link_t nl;
19 static const char * const default_ss_policy =
20 	"{"
21 	  "\"release\":"			"\"01234567\","
22 	  "\"product\":"			"\"myproduct\","
23 	  "\"schema-version\":"			"1,"
24 //	  "\"via-socks5\":"                     "\"127.0.0.1:1080\","
25 	  "\"retry\": ["	/* named backoff / retry strategies */
26 		"{\"default\": {"
27 			"\"backoff\": ["	 "1000,"
28 						 "2000,"
29 						 "3000,"
30 						 "5000,"
31 						"10000"
32 				"],"
33 			"\"conceal\":"		"5,"
34 			"\"jitterpc\":"		"20,"
35 			"\"svalidping\":"	"60,"
36 			"\"svalidhup\":"	"64"
37 		"}}"
38 	  "],"
39 	  "\"certs\": [" /* named individual certificates in BASE64 DER */
40 		"{\"digicert_global_root_g2\": \"" /* api.amazon.com 2038-01 */
41 	"MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh"
42 	"MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3"
43 	"d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH"
44 	"MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT"
45 	"MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j"
46 	"b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG"
47 	"9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI"
48 	"2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx"
49 	"1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ"
50 	"q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz"
51 	"tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ"
52 	"vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP"
53 	"BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV"
54 	"5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY"
55 	"1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4"
56 	"NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG"
57 	"Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91"
58 	"8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe"
59 	"pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl"
60 	"MrY="
61 		"\"},"
62 		"{\"digicert_global_ca_g2\": \"" /* api.amazon.com 2028-08 */
63 	"MIIEizCCA3OgAwIBAgIQDI7gyQ1qiRWIBAYe4kH5rzANBgkqhkiG9w0BAQsFADBh"
64 	"MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3"
65 	"d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH"
66 	"MjAeFw0xMzA4MDExMjAwMDBaFw0yODA4MDExMjAwMDBaMEQxCzAJBgNVBAYTAlVT"
67 	"MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFURpZ2lDZXJ0IEdsb2Jh"
68 	"bCBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANNIfL7zBYZd"
69 	"W9UvhU5L4IatFaxhz1uvPmoKR/uadpFgC4przc/cV35gmAvkVNlW7SHMArZagV+X"
70 	"au4CLyMnuG3UsOcGAngLH1ypmTb+u6wbBfpXzYEQQGfWMItYNdSWYb7QjHqXnxr5"
71 	"IuYUL6nG6AEfq/gmD6yOTSwyOR2Bm40cZbIc22GoiS9g5+vCShjEbyrpEJIJ7RfR"
72 	"ACvmfe8EiRROM6GyD5eHn7OgzS+8LOy4g2gxPR/VSpAQGQuBldYpdlH5NnbQtwl6"
73 	"OErXb4y/E3w57bqukPyV93t4CTZedJMeJfD/1K2uaGvG/w/VNfFVbkhJ+Pi474j4"
74 	"8V4Rd6rfArMCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0P"
75 	"AQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29j"
76 	"c3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmw0LmRp"
77 	"Z2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwN6A1oDOGMWh0dHA6"
78 	"Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwPQYD"
79 	"VR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2lj"
80 	"ZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFCRuKy3QapJRUSVpAaqaR6aJ50AgMB8GA1Ud"
81 	"IwQYMBaAFE4iVCAYlebjbuYP+vq5Eu0GF485MA0GCSqGSIb3DQEBCwUAA4IBAQAL"
82 	"OYSR+ZfrqoGvhOlaOJL84mxZvzbIRacxAxHhBsCsMsdaVSnaT0AC9aHesO3ewPj2"
83 	"dZ12uYf+QYB6z13jAMZbAuabeGLJ3LhimnftiQjXS8X9Q9ViIyfEBFltcT8jW+rZ"
84 	"8uckJ2/0lYDblizkVIvP6hnZf1WZUXoOLRg9eFhSvGNoVwvdRLNXSmDmyHBwW4co"
85 	"atc7TlJFGa8kBpJIERqLrqwYElesA8u49L3KJg6nwd3jM+/AVTANlVlOnAM2BvjA"
86 	"jxSZnE0qnsHhfTuvcqdFuhOWKU4Z0BqYBvQ3lBetoxi6PrABDJXWKTUgNX31EGDk"
87 	"92hiHuwZ4STyhxGs6QiA"
88 		"\"},"
89 		"{\"starfield_services_root_ca\": \""
90 	"MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx"
91 	"EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT"
92 	"HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs"
93 	"ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5"
94 	"MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD"
95 	"VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy"
96 	"ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy"
97 	"dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI"
98 	"hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p"
99 	"OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2"
100 	"8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K"
101 	"Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe"
102 	"hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk"
103 	"6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw"
104 	"DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q"
105 	"AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI"
106 	"bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB"
107 	"ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z"
108 	"qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd"
109 	"iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn"
110 	"0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN"
111 	"sSi6"
112 		"\"},"
113 		"{\"starfield_class_2_ca\": \""
114 	"MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl"
115 	"MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp"
116 	"U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw"
117 	"NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE"
118 	"ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp"
119 	"ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3"
120 	"DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf"
121 	"8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN"
122 	"+lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0"
123 	"X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa"
124 	"K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA"
125 	"1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G"
126 	"A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR"
127 	"zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0"
128 	"YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD"
129 	"bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w"
130 	"DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3"
131 	"L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D"
132 	"eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl"
133 	"xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp"
134 	"VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY"
135 	"WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q="
136 		"\"}"
137 	  "],"
138 	  "\"trust_stores\": [" /* named cert chains */
139 		"{"  /* chain for alexa.na.gateway.devices.a2z.com */
140 			"\"name\": \"avs_via_starfield\","
141 			"\"stack\": ["
142 				"\"starfield_class_2_ca\","
143 				"\"starfield_services_root_ca\""
144 			"]"
145 		"},"
146 		"{" /* chain for api.amazon.com */
147 			"\"name\": \"api_amazon_com\","
148 			"\"stack\": ["
149 				"\"digicert_global_ca_g2\","
150 				"\"digicert_global_root_g2\""
151 			"]"
152 		"}"
153 	  "],"
154 	  "\"auth\": [" /* available auth type bindings */
155 		"{"
156 		  "\"name\":"		"\"lwa\","
157 		  "\"streamtype\":"	"\"api_amazon_com_lwa\","
158 		  "\"blob\":"		"0"
159 		"}"
160 	  "],"
161 	  "\"s\": [" /* the supported stream types */
162 		"{\"api_amazon_com_lwa\": {"
163 			"\"endpoint\":"			"\"api.amazon.com\","
164 			"\"port\":"			"443,"
165 			"\"protocol\":"			"\"h1\","
166 			"\"http_method\":"		"\"POST\","
167 			"\"http_url\":"			"\"auth/o2/token\","
168 			"\"opportunistic\":"		"true,"
169 			"\"tls\":"			"true,"
170 			"\"h2q_oflow_txcr\":"		"true,"
171 			"\"http_www_form_urlencoded\":"	"true,"
172 			"\"http_no_content_length\":"	"true,"
173 			"\"retry\":"			"\"default\","
174 			"\"tls_trust_store\":"		"\"api_amazon_com\""
175 		"}},"
176 		"{\"avs_event\": {"
177 			"\"endpoint\":"			"\"alexa.na.gateway.devices.a2z.com\","
178 			"\"port\":"			"443,"
179 			"\"protocol\":"			"\"h2\","
180 			"\"http_method\":"		"\"GET\","
181 			"\"http_url\":"			"\"v20160207/directives\","
182 			"\"h2q_oflow_txcr\":"		"true,"
183 			"\"http_auth_header\":"		"\"authorization:\","
184 			"\"http_auth_preamble\":"	"\"Bearer \","
185 			"\"use_auth\":"			"\"lwa\","
186 			"\"nailed_up\":"		"true,"
187 			"\"long_poll\":"		"true,"
188 			"\"retry\":"			"\"default\","
189 			"\"tls\":"			"true,"
190 			"\"tls_trust_store\":"		"\"avs_via_starfield\""
191 		"}},"
192 		"{\"avs_metadata\": {"
193 			"\"endpoint\":"			"\"alexa.na.gateway.devices.a2z.com\","
194 			"\"port\":"			"443,"
195 			"\"protocol\":"			"\"h2\","
196 			"\"http_method\":"		"\"POST\","
197 			"\"http_url\":"			"\"v20160207/events\","
198 			"\"http_no_content_length\":"	"true,"
199 			"\"h2q_oflow_txcr\":"		"true,"
200 			"\"use_auth\":"			"\"lwa\","
201 			"\"http_auth_header\":"		"\"authorization:\","
202 			"\"http_auth_preamble\":"	"\"Bearer \","
203 			"\"http_multipart_name\":"	"\"metadata\","
204 			"\"http_mime_content_type\":"	"\"application/json; charset=UTF-8\","
205 #if 1
206 			"\"http_multipart_ss_in\":"	"true,"
207 #endif
208 			"\"rideshare\":"		"\"avs_audio\","
209 			"\"retry\":"			"\"default\","
210 			"\"tls\":"			"true,"
211 			"\"tls_trust_store\":"		"\"avs_via_starfield\""
212 		"}},"
213 		"{\"avs_audio\": {"
214 			"\"endpoint\":"			"\"alexa.na.gateway.devices.a2z.com\","
215 			"\"port\":"			"443,"
216 			"\"protocol\":"			"\"h2\","
217 			"\"http_method\":"		"\"POST\","
218 			"\"http_url\":"			"\"v20160207/events\","
219 			"\"http_no_content_length\":"	"true,"
220 			"\"tls\":"			"true,"
221 			"\"h2q_oflow_txcr\":"		"true,"
222 #if 1
223 			"\"http_multipart_ss_in\":"	"true,"
224 #endif
225 			"\"use_auth\":"			"\"lwa\","
226 			"\"http_auth_header\":"		"\"authorization:\","
227 			"\"http_auth_preamble\":"	"\"Bearer \","
228 			"\"http_multipart_name\":"	"\"audio\","
229 			"\"http_mime_content_type\":"	"\"application/octet-stream\","
230 			"\"retry\":"			"\"default\","
231 			"\"tls_trust_store\":"		"\"avs_via_starfield\""
232 		"}}"
233 	  "]"
234 	"}"
235 ;
236 
237 static const char *canned_root_token_payload =
238 	"grant_type=refresh_token"
239 	"&refresh_token=Atzr|IwEBIJedGXjDqsU_vMxykqOMg"
240 	"SHfYe3CPcedueWEMWSDMaDnEmiW8RlR1Kns7Cb4B-TOSnqp7ifVsY4BMY2B8tpHfO39XP"
241 	"zfu9HapGjTR458IyHX44FE71pWJkGZ79uVBpljP4sazJuk8XS3Oe_yLnm_DIO6fU1nU3Y"
242 	"0flYmsOiOAQE_gRk_pdlmEtHnpMA-9rLw3mkY5L89Ty9kUygBsiFaYatouROhbsTn8-jW"
243 	"k1zZLUDpT6ICtBXSnrCIg0pUbZevPFhTwdXd6eX-u4rq0W-XaDvPWFO7au-iPb4Zk5eZE"
244 	"iX6sissYrtNmuEXc2uHu7MnQO1hHCaTdIO2CANVumf-PHSD8xseamyh04sLV5JgFzY45S"
245 	"KvKMajiUZuLkMokOx86rjC2Hdkx5DO7G-dbG1ufBDG-N79pFMSs7Ck5pc283IdLoJkCQc"
246 	"AGvTX8o8I29QqkcGou-9TKhOJmpX8As94T61ok0UqqEKPJ7RhfQHHYdCtsdwxgvfVr9qI"
247 	"xL_hDCcTho8opCVX-6QhJHl6SQFlTw13"
248 	"&client_id="
249 		"amzn1.application-oa2-client.4823334c434b4190a2b5a42c07938a2d";
250 
251 static int
app_system_state_nf(lws_state_manager_t * mgr,lws_state_notify_link_t * link,int current,int target)252 app_system_state_nf(lws_state_manager_t *mgr, lws_state_notify_link_t *link,
253 		    int current, int target)
254 {
255 	struct lws_context *context = lws_system_context_from_system_mgr(mgr);
256 	lws_system_blob_t *ab = lws_system_get_blob(context,
257 				LWS_SYSBLOB_TYPE_AUTH, 1 /* AUTH_IDX_ROOT */);
258 	size_t size;
259 
260 	/*
261 	 * For the things we care about, let's notice if we are trying to get
262 	 * past them when we haven't solved them yet, and make the system
263 	 * state wait while we trigger the dependent action.
264 	 */
265 	switch (target) {
266 	case LWS_SYSTATE_REGISTERED:
267 		size = lws_system_blob_get_size(ab);
268 		if (size)
269 			break;
270 
271 		/* let's register our canned root token so auth can use it */
272 		lws_system_blob_direct_set(ab,
273 				(const uint8_t *)canned_root_token_payload,
274 				strlen(canned_root_token_payload));
275 		break;
276 	case LWS_SYSTATE_OPERATIONAL:
277 		if (current == LWS_SYSTATE_OPERATIONAL)
278 			avs_example_start(context);
279 		break;
280 	case LWS_SYSTATE_POLICY_INVALID:
281 		/*
282 		 * This is a NOP since we used direct set... but in a real
283 		 * system this could easily change to be done on the heap, then
284 		 * this would be important
285 		 */
286 		lws_system_blob_destroy(lws_system_get_blob(context,
287 					LWS_SYSBLOB_TYPE_AUTH,
288 					1 /* AUTH_IDX_ROOT */));
289 		break;
290 	}
291 
292 	return 0;
293 }
294 
295 static void
sigint_handler(int sig)296 sigint_handler(int sig)
297 {
298 	interrupted = 1;
299 }
300 
301 static lws_state_notify_link_t * const app_notifier_list[] = {
302 	&nl, NULL
303 };
304 
main(int argc,const char ** argv)305 int main(int argc, const char **argv)
306 {
307 	struct lws_context_creation_info info;
308 	struct lws_context *context;
309 	int n = 0;
310 
311 	signal(SIGINT, sigint_handler);
312 	memset(&info, 0, sizeof info); /* otherwise uninitialized garbage */
313 	lws_cmdline_option_handle_builtin(argc, argv, &info);
314 
315 	lwsl_user("LWS secure streams - AVS test [-d<verb>]\n");
316 
317 	info.options = LWS_SERVER_OPTION_EXPLICIT_VHOSTS |
318 		       LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT;
319 	info.fd_limit_per_thread = 1 + 6 + 1;
320 	info.pss_policies_json = default_ss_policy;
321 	info.port = CONTEXT_PORT_NO_LISTEN;
322 
323 #if defined(LWS_SS_USE_SSPC)
324 	{
325 		const char *p;
326 
327 		/* connect to ssproxy via UDS by default, else via
328 		 * tcp connection to this port */
329 		if ((p = lws_cmdline_option(argc, argv, "-p")))
330 			info.ss_proxy_port = atoi(p);
331 
332 		/* UDS "proxy.ss.lws" in abstract namespace, else this socket
333 		 * path; when -p given this can specify the network interface
334 		 * to bind to */
335 		if ((p = lws_cmdline_option(argc, argv, "-i")))
336 			info.ss_proxy_bind = p;
337 
338 		/* if -p given, -a specifies the proxy address to connect to */
339 		if ((p = lws_cmdline_option(argc, argv, "-a")))
340 			info.ss_proxy_address = p;
341 	}
342 #endif
343 
344 	/* integrate us with lws system state management when context created */
345 	nl.name = "app";
346 	nl.notify_cb = app_system_state_nf;
347 	info.register_notifier_list = app_notifier_list;
348 
349 	puts(default_ss_policy);
350 
351 	context = lws_create_context(&info);
352 	if (!context) {
353 		lwsl_err("lws init failed\n");
354 		return 1;
355 	}
356 
357 	/* the event loop */
358 
359 	while (n >= 0 && !interrupted)
360 		n = lws_service(context, 0);
361 
362 	lws_context_destroy(context);
363 	lwsl_user("Completed: %s\n", bad ? "failed" : "OK");
364 
365 	return bad;
366 }
367