/* * lws-minimal-secure-streams * * Written in 2010-2021 by Andy Green * * This file is made available under the Creative Commons CC0 1.0 * Universal Public Domain Dedication. * * * This demonstrates a minimal http client using secure streams api. * * It visits https://warmcat.com/ and receives the html page there. * * This example is built two different ways from the same source... one includes * the policy everything needed to fulfil the stream directly. The other -client * variant has no policy itself and some other minor init changes, and connects * to the -proxy example to actually get the connection done. * * In the -client build case, the example does not even init the tls libraries * since the proxy part will take care of all that. */ #include #include #include // #define FORCE_OS_TRUST_STORE /* * uncomment to force network traffic through 127.0.0.1:1080 * * On your local machine, you can run a SOCKS5 proxy like this * * $ ssh -N -D 0.0.0.0:1080 localhost -v * * If enabled, this also fetches a remote policy that also * specifies that all traffic should go through the remote * proxy. */ // #define VIA_LOCALHOST_SOCKS static int interrupted, bad = 1, force_cpd_fail_portal, force_cpd_fail_no_internet, test_respmap, test_ots, budget = 1, predicted_good = 1, good, orig_budget; static unsigned int timeout_ms = 8000; static lws_state_notify_link_t nl; struct lws_context *context; static lws_sorted_usec_list_t sul_timeout; /* for each process to complete */ /* * If the -proxy app is fulfilling our connection, then we don't need to have * the policy in the client. * * When we build with LWS_SS_USE_SSPC, the apis hook up to a proxy process over * a Unix Domain Socket. To test that, you need to separately run the * ./lws-minimal-secure-streams-proxy test app on the same machine. */ #if !defined(LWS_SS_USE_SSPC) static const char * const default_ss_policy = "{" "\"release\":" "\"01234567\"," "\"product\":" "\"myproduct\"," "\"schema-version\":" "1," #if defined(VIA_LOCALHOST_SOCKS) "\"via-socks5\":" "\"127.0.0.1:1080\"," #endif "\"retry\": [" /* named backoff / retry strategies */ "{\"default\": {" "\"backoff\": [" "1000," "2000," "3000," "5000," "10000" "]," "\"conceal\":" "5," "\"jitterpc\":" "20," "\"svalidping\":" "30," "\"svalidhup\":" "35" "}}" "]," "\"certs\": [" /* named individual certificates in BASE64 DER */ /* * Let's Encrypt certs for warmcat.com / libwebsockets.org * * We fetch the real policy from there using SS and switch to * using that. */ #if !defined(FORCE_OS_TRUST_STORE) "{\"isrg_root_x1\": \"" "MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw" "TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh" "cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4" "WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu" "ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY" "MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc" "h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+" "0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U" "A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW" "T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH" "B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC" "B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv" "KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn" "OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn" "jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw" "qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI" "rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV" "HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq" "hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL" "ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ" "3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK" "NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5" "ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur" "TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC" "jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc" "oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq" "4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA" "mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d" "emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=" "\"}" #endif "]," "\"trust_stores\": [" /* named cert chains */ #if !defined(FORCE_OS_TRUST_STORE) "{" "\"name\": \"le_via_isrg\"," "\"stack\": [" "\"isrg_root_x1\"" "]" "}" #endif "]," "\"s\": [" #if !defined(LWS_WITH_SS_DIRECT_PROTOCOL_STR) /* * "fetch_policy" decides from where the real policy * will be fetched, if present. Otherwise the initial * policy is treated as the whole, hardcoded, policy. */ "{\"fetch_policy\": {" "\"endpoint\":" "\"warmcat.com\"," "\"port\":" "443," "\"protocol\":" "\"h1\"," "\"http_method\":" "\"GET\"," #if defined(VIA_LOCALHOST_SOCKS) "\"http_url\":" "\"policy/minimal-proxy-socks.json\"," #else "\"http_url\":" "\"policy/minimal-proxy-v4.2-v2.json\"," #endif "\"tls\":" "true," "\"opportunistic\":" "true," #if !defined(FORCE_OS_TRUST_STORE) "\"tls_trust_store\":" "\"le_via_isrg\"," #endif "\"retry\":" "\"default\"" #else "{\"mintest\": {" "\"endpoint\": \"warmcat.com\"," "\"port\": 443," "\"protocol\": \"h1\"," "\"http_method\": \"GET\"," "\"http_url\": \"index.html?uptag=${uptag}\"," "\"metadata\": [{" " \"uptag\": \"X-Upload-Tag:\"" "}, {" " \"xctype\": \"X-Content-Type:\"" "}]," "\"tls\": true," "\"opportunistic\": true," "\"retry\": \"default\"," "\"timeout_ms\": 2000," "\"direct_proto_str\": true," "\"tls_trust_store\": \"le_via_isrg\"" #endif "}},{" /* * "captive_portal_detect" describes * what to do in order to check if the path to * the Internet is being interrupted by a * captive portal. If there's a larger policy * fetched from elsewhere, it should also include * this since it needs to be done at least after * every DHCP acquisition */ "\"captive_portal_detect\": {" "\"endpoint\": \"connectivitycheck.android.com\"," "\"http_url\": \"generate_204\"," "\"port\": 80," "\"protocol\": \"h1\"," "\"http_method\": \"GET\"," "\"opportunistic\": true," "\"http_expect\": 204," "\"http_fail_redirect\": true" "}}" "]}" ; #endif typedef struct myss { struct lws_ss_handle *ss; void *opaque_data; /* ... application specific state ... */ lws_sorted_usec_list_t sul; size_t amt; struct lws_genhash_ctx hash_ctx; } myss_t; static int create_ss(struct lws_context *cx); #if !defined(LWS_SS_USE_SSPC) static const char *canned_root_token_payload = "grant_type=refresh_token" "&refresh_token=Atzr|IwEBIJedGXjDqsU_vMxykqOMg" "SHfYe3CPcedueWEMWSDMaDnEmiW8RlR1Kns7Cb4B-TOSnqp7ifVsY4BMY2B8tpHfO39XP" "zfu9HapGjTR458IyHX44FE71pWJkGZ79uVBpljP4sazJuk8XS3Oe_yLnm_DIO6fU1nU3Y" "0flYmsOiOAQE_gRk_pdlmEtHnpMA-9rLw3mkY5L89Ty9kUygBsiFaYatouROhbsTn8-jW" "k1zZLUDpT6ICtBXSnrCIg0pUbZevPFhTwdXd6eX-u4rq0W-XaDvPWFO7au-iPb4Zk5eZE" "iX6sissYrtNmuEXc2uHu7MnQO1hHCaTdIO2CANVumf-PHSD8xseamyh04sLV5JgFzY45S" "KvKMajiUZuLkMokOx86rjC2Hdkx5DO7G-dbG1ufBDG-N79pFMSs7Ck5pc283IdLoJkCQc" "AGvTX8o8I29QqkcGou-9TKhOJmpX8As94T61ok0UqqEKPJ7RhfQHHYdCtsdwxgvfVr9qI" "xL_hDCcTho8opCVX-6QhJHl6SQFlTw13" "&client_id=" "amzn1.application-oa2-client.4823334c434b4190a2b5a42c07938a2d"; #endif static void process_timeout(lws_sorted_usec_list_t *sul) { lwsl_err("%s: process timed out\n", __func__); exit(1); } /* secure streams payload interface */ static lws_ss_state_return_t myss_rx(void *userobj, const uint8_t *buf, size_t len, int flags) { if (flags & LWSSS_FLAG_PERF_JSON) return LWSSSSRET_OK; #if !defined(LWS_WITH_SS_DIRECT_PROTOCOL_STR) myss_t *m = (myss_t *)userobj; const char *md_srv = "not set", *md_test = "not set"; size_t md_srv_len = 7, md_test_len = 7; lws_ss_get_metadata(m->ss, "srv", (const void **)&md_srv, &md_srv_len); lws_ss_get_metadata(m->ss, "test", (const void **)&md_test, &md_test_len); lwsl_ss_user(m->ss, "len %d, flags: %d, srv: %.*s, test: %.*s", (int)len, flags, (int)md_srv_len, md_srv, (int)md_test_len, md_test); lwsl_hexdump_ss_info(m->ss, buf, len); #endif /* * If we received the whole message, for our example it means * we are done. */ if (flags & LWSSS_FLAG_EOM) { bad = 0; } return LWSSSSRET_OK; } static lws_ss_state_return_t myss_tx(void *userobj, lws_ss_tx_ordinal_t ord, uint8_t *buf, size_t *len, int *flags) { //myss_t *m = (myss_t *)userobj; /* in this example, we don't send stuff */ return LWSSSSRET_TX_DONT_SEND; } static lws_ss_state_return_t myss_state(void *userobj, void *sh, lws_ss_constate_t state, lws_ss_tx_ordinal_t ack) { myss_t *m = (myss_t *)userobj; #if defined(LWS_WITH_SS_DIRECT_PROTOCOL_STR) const char *md_test = "not set"; size_t md_test_len = 7; int i; static const char * imd_test_keys[8] = { "server:", "content-security-policy:", "strict-transport-security:", "test-custom-header:", "x-xss-protection:", "x-content-type-options:", "x-frame-options:", "x-non-exist:", }; #endif lwsl_ss_user(m->ss, "%s (%d), ord 0x%x", lws_ss_state_name((int)state), state, (unsigned int)ack); switch (state) { case LWSSSCS_CREATING: return lws_ss_client_connect(m->ss); case LWSSSCS_CONNECTING: lws_ss_start_timeout(m->ss, timeout_ms); if (lws_ss_set_metadata(m->ss, "uptag", "myuptag123", 10)) /* can fail, eg due to OOM, retry later if so */ return LWSSSSRET_DISCONNECT_ME; #if !defined(LWS_WITH_SS_DIRECT_PROTOCOL_STR) if (lws_ss_set_metadata(m->ss, "ctype", "myctype", 7)) /* can fail, eg due to OOM, retry later if so */ return LWSSSSRET_DISCONNECT_ME; #else if (lws_ss_set_metadata(m->ss, "X-Test-Type1:", "myctype1", 8)) /* can fail, eg due to OOM, retry later if so */ return LWSSSSRET_DISCONNECT_ME; if (lws_ss_set_metadata(m->ss, "X-Test-Type2:", "myctype2", 8)) /* can fail, eg due to OOM, retry later if so */ return LWSSSSRET_DISCONNECT_ME; if (lws_ss_set_metadata(m->ss, "Content-Type:", "myctype", 7)) /* can fail, eg due to OOM, retry later if so */ return LWSSSSRET_DISCONNECT_ME; #endif break; case LWSSSCS_ALL_RETRIES_FAILED: /* if we're out of retries, we want to close the app and FAIL */ interrupted = 1; bad = 2; break; case LWSSSCS_CONNECTED: #if defined(LWS_WITH_SS_DIRECT_PROTOCOL_STR) lwsl_cx_user(context, "get direct metadata"); for (i = 0; i < 8; i++) { md_test = "not set"; lws_ss_get_metadata(m->ss, imd_test_keys[i], (const void **)&md_test, &md_test_len); lwsl_ss_user(m->ss, " test key:[%s], got [%s]", imd_test_keys[i], md_test); } #endif break; case LWSSSCS_QOS_ACK_REMOTE: /* transaction assertively succeeded */ lwsl_ss_notice(m->ss, "LWSSSCS_QOS_ACK_REMOTE"); good++; break; /* disconnected will move us on */ case LWSSSCS_QOS_NACK_REMOTE: /* transaction assertively failed */ lwsl_ss_notice(m->ss, "LWSSSCS_QOS_NACK_REMOTE"); break; /* disconnected will move us on */ case LWSSSCS_DISCONNECTED: /* attempt is over */ if (budget) create_ss(context); else interrupted = 1; return LWSSSSRET_DESTROY_ME; case LWSSSCS_TIMEOUT: lwsl_ss_notice(m->ss, "LWSSSCS_TIMEOUT"); bad = 3; if (budget) create_ss(context); else interrupted = 1; return LWSSSSRET_DESTROY_ME; case LWSSSCS_USER_BASE: lwsl_ss_notice(m->ss, "LWSSSCS_USER_BASE"); break; default: break; } return LWSSSSRET_OK; } #if defined(LWS_WITH_SECURE_STREAMS_BUFFER_DUMP) static void myss_headers_dump(void *userobj, const uint8_t *buf, size_t len, int done) { lwsl_cx_user(context, "%lu done: %s", len, done ? "true" : "false"); lwsl_hexdump_err(buf, len); } #endif static int create_ss(struct lws_context *cx) { lws_ss_info_t ssi; budget--; lwsl_cx_notice(cx, "starting"); /* We're making an outgoing secure stream ourselves */ memset(&ssi, 0, sizeof(ssi)); ssi.handle_offset = offsetof(myss_t, ss); ssi.opaque_user_data_offset = offsetof(myss_t, opaque_data); ssi.rx = myss_rx; ssi.tx = myss_tx; ssi.state = myss_state; #if defined(LWS_WITH_SECURE_STREAMS_BUFFER_DUMP) ssi.dump = myss_headers_dump; #endif ssi.user_alloc = sizeof(myss_t); ssi.streamtype = test_ots ? "mintest-ots" : (test_respmap ? "respmap" : "mintest"); if (lws_ss_create(cx, 0, &ssi, NULL, NULL, NULL, NULL)) { lwsl_cx_err(context, "failed to create ss"); return -1; } lwsl_cx_notice(cx, "started"); return 0; } static int app_system_state_nf(lws_state_manager_t *mgr, lws_state_notify_link_t *link, int current, int target) { struct lws_context *cx = lws_system_context_from_system_mgr(mgr); #if !defined(LWS_SS_USE_SSPC) lws_system_blob_t *ab = lws_system_get_blob(context, LWS_SYSBLOB_TYPE_AUTH, 1 /* AUTH_IDX_ROOT */); size_t size; #endif /* * For the things we care about, let's notice if we are trying to get * past them when we haven't solved them yet, and make the system * state wait while we trigger the dependent action. */ switch (target) { #if !defined(LWS_SS_USE_SSPC) /* * The proxy takes responsibility for this stuff if we get things * done through that */ case LWS_SYSTATE_INITIALIZED: /* overlay on the hardcoded policy */ case LWS_SYSTATE_POLICY_VALID: /* overlay on the loaded policy */ if (target != current) break; if (force_cpd_fail_portal) /* this makes it look like we're behind a captive portal * because the overriden address does a redirect */ lws_ss_policy_overlay(context, "{\"s\": [{\"captive_portal_detect\": {" "\"endpoint\": \"google.com\"," "\"http_url\": \"/\"," "\"port\": 80" "}}]}"); if (force_cpd_fail_no_internet) /* this looks like no internet, because the overridden * port doesn't have anything that will connect to us */ lws_ss_policy_overlay(context, "{\"s\": [{\"captive_portal_detect\": {" "\"endpoint\": \"warmcat.com\"," "\"http_url\": \"/\"," "\"port\": 999" "}}]}"); break; case LWS_SYSTATE_REGISTERED: size = lws_system_blob_get_size(ab); if (size) break; /* let's register our canned root token so auth can use it */ lws_system_blob_direct_set(ab, (const uint8_t *)canned_root_token_payload, strlen(canned_root_token_payload)); break; #endif case LWS_SYSTATE_OPERATIONAL: if (current == LWS_SYSTATE_OPERATIONAL) { create_ss(cx); } break; } return 0; } static lws_state_notify_link_t * const app_notifier_list[] = { &nl, NULL }; #if defined(LWS_WITH_SYS_METRICS) static int my_metric_report(lws_metric_pub_t *mp) { lws_metric_bucket_t *sub = mp->u.hist.head; char buf[192]; do { if (lws_metrics_format(mp, &sub, buf, sizeof(buf))) lwsl_cx_user(context, "%s: %s\n", __func__, buf); } while ((mp->flags & LWSMTFL_REPORT_HIST) && sub); /* 0 = leave metric to accumulate, 1 = reset the metric */ return 1; } static const lws_system_ops_t system_ops = { .metric_report = my_metric_report, }; #endif static void sigint_handler(int sig) { interrupted = 1; } static lws_log_cx_t my_log_cx = { .lll_flags = LLLF_LOG_CONTEXT_AWARE | LLL_ERR | LLL_WARN | LLL_NOTICE | LLL_USER, .refcount_cb = lws_log_use_cx_file, .u.emit_cx = lws_log_emit_cx_file, }; int main(int argc, const char **argv) { struct lws_context_creation_info info; int n = 0, expected = 0, concurrent = 1; char cxname[16], logpath[128]; const char *p; signal(SIGINT, sigint_handler); memset(&info, 0, sizeof info); lws_cmdline_option_handle_builtin(argc, argv, &info); if ((p = lws_cmdline_option(argc, argv, "-c"))) concurrent = atoi(p); if (concurrent < 0 || concurrent > 100) return 1; if ((p = lws_cmdline_option(argc, argv, "-d"))) my_log_cx.lll_flags = (uint32_t)(LLLF_LOG_CONTEXT_AWARE | atoi(p)); lws_strncpy(cxname, "ctx0", sizeof(cxname)); for (n = 0; n < concurrent - 1; n++) { if (fork()) { #if defined(WIN32) Sleep(1); #else usleep(1000); #endif lws_snprintf(cxname, sizeof(cxname), "ctx%d", n + 1); break; } } /* * Arrange that each process's context logs to a different file */ info.log_cx = &my_log_cx; info.vhost_name = cxname; lws_snprintf(logpath, sizeof(logpath), "/tmp/%s.log", cxname); my_log_cx.opaque = (void *)logpath; lwsl_user("LWS secure streams test client [-d]\n"); /* these options are mutually exclusive if given */ if (lws_cmdline_option(argc, argv, "--force-portal")) force_cpd_fail_portal = 1; if (lws_cmdline_option(argc, argv, "--force-no-internet")) force_cpd_fail_no_internet = 1; if (lws_cmdline_option(argc, argv, "--respmap")) test_respmap = 1; if (lws_cmdline_option(argc, argv, "--ots")) /* * Use a streamtype that relies on the OS trust store for * validation */ test_ots = 1; if ((p = lws_cmdline_option(argc, argv, "--timeout_ms"))) timeout_ms = (unsigned int)atoi(p); if ((p = lws_cmdline_option(argc, argv, "--budget"))) budget = atoi(p); predicted_good = budget; orig_budget = budget; if ((p = lws_cmdline_option(argc, argv, "--pass-limit"))) predicted_good = atoi(p); info.fd_limit_per_thread = 1 + 26 + 1; info.port = CONTEXT_PORT_NO_LISTEN; #if defined(LWS_SS_USE_SSPC) info.protocols = lws_sspc_protocols; { const char *p; /* connect to ssproxy via UDS by default, else via * tcp connection to this port */ if ((p = lws_cmdline_option(argc, argv, "-p"))) info.ss_proxy_port = (uint16_t)atoi(p); /* UDS "proxy.ss.lws" in abstract namespace, else this socket * path; when -p given this can specify the network interface * to bind to */ if ((p = lws_cmdline_option(argc, argv, "-i"))) info.ss_proxy_bind = p; /* if -p given, -a specifies the proxy address to connect to */ if ((p = lws_cmdline_option(argc, argv, "-a"))) info.ss_proxy_address = p; } #else info.pss_policies_json = default_ss_policy; info.options = LWS_SERVER_OPTION_EXPLICIT_VHOSTS | LWS_SERVER_OPTION_H2_JUST_FIX_WINDOW_UPDATE_OVERFLOW | LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT; #endif #if defined(LWS_WITH_MBEDTLS) /* uncomment to force mbedtls to load a system trust store like * openssl does * * info.mbedtls_client_preload_filepath = * "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem"; */ #endif /* integrate us with lws system state management when context created */ nl.name = "app"; nl.notify_cb = app_system_state_nf; info.register_notifier_list = app_notifier_list; #if defined(LWS_WITH_SYS_METRICS) info.system_ops = &system_ops; info.metrics_prefix = "ssmex"; #endif /* create the context */ context = lws_create_context(&info); if (!context) { lwsl_err("lws init failed\n"); goto bail; } /* timeout for each forked process */ lws_sul_schedule(context, 0, &sul_timeout, process_timeout, (lws_usec_t)((lws_usec_t)budget * (lws_usec_t)timeout_ms * LWS_US_PER_MS)); #if !defined(LWS_SS_USE_SSPC) /* * If we're being a proxied client, the proxy does all this */ /* * Set the related lws_system blobs * * ...direct_set() sets a pointer, so the thing pointed to has to have * a suitable lifetime, eg, something that already exists on the heap or * a const string in .rodata like this */ lws_system_blob_direct_set(lws_system_get_blob(context, LWS_SYSBLOB_TYPE_DEVICE_SERIAL, 0), (const uint8_t *)"SN12345678", 10); lws_system_blob_direct_set(lws_system_get_blob(context, LWS_SYSBLOB_TYPE_DEVICE_FW_VERSION, 0), (const uint8_t *)"v0.01", 5); /* * ..._heap_append() appends to a buflist kind of arrangement on heap, * just one block is fine, otherwise it will concatenate the fragments * in the order they were appended (and take care of freeing them at * context destroy time). ..._heap_empty() is also available to remove * everything that was already allocated. * * Here we use _heap_append() just so it's tested as well as direct set. */ lws_system_blob_heap_append(lws_system_get_blob(context, LWS_SYSBLOB_TYPE_DEVICE_TYPE, 0), (const uint8_t *)"spacerocket", 11); #endif /* the event loop */ n = 0; while (n >= 0 && !interrupted) n = lws_service(context, 0); lws_sul_cancel(&sul_timeout); lws_context_destroy(context); bail: lwsl_user(" good: %d / %d budget, pass limit %d\n", good, orig_budget, predicted_good); if (good < predicted_good) bad = 1; if ((p = lws_cmdline_option(argc, argv, "--expected-exit"))) expected = atoi(p); if (bad == expected) { lwsl_user("Completed: OK (seen expected %d)\n", expected); return 0; } else lwsl_err("Completed: failed: exit %d, expected %d\n", bad, expected); return 1; }