1Changelog 2--------- 3 4v4.3.0 5====== 6 7 - Add full CBOR stream parsing and writing support, with huge 8 amount of test vectors and resumable printf type write apis 9 See ./READMEs/README.cbor-lecp.md 10 - Add COSE key and signing / validation support with huge amount of 11 test vectors 12 cose_sign[1] ES256/384/512, RS256/384/512 13 cose_mac0 HS256/384/512 14 See ./READMEs/README.cbor-cose.md 15 - JIT Trust: for constrained devices, provides a way to determine the 16 trusted CA certs the peer requires, and instantiate just those. 17 This allows generic client browsing without the overhead of ~130 18 x.509 CA certs in memory permanently. 19 See ./READMEs/README.jit-trust.md 20 - Add support for client Netscape cookie jar with caching 21 - Secure Streams: issue LWSSSCS_EVENT_WAIT_CANCELLED state() when 22 lws_cancel_service() called, so cross-thread events can be handled 23 in SS 24 - Actively assert() on attempt to destroy SS handles still active in 25 the call stack, use DESTROY_ME returns instead so caller can choose 26 how to handle it. 27 - Improved Client Connection Error report strings for tls errors 28 - SMP: Use a private fakewsi for PROTOCOL_INIT so pts cannot try to 29 use the same one concurrently 30 - MbedTLS v3 support for all release changes, as well as retaining 31 support for v2.x 32 - MQTT client: support QoS2 33 - Event lib ops can now be set at context creation time directly, 34 bringing full event lib hooking to custom event loops. See 35 minimal-http-server-eventlib-custom 36 - Extra APIs to recover AKID and SKID from x.509 in mbedtls and openssl 37 - Improve http redirect to handle h2-> h2 cleanly 38 - IPv4+6 listen sockets on vhosts are now done with two separate 39 sockets bound individually to AF_INET and AF_INET6 addresses, 40 handled by the same vhost listen flow. 41 - Improved tls restriction handling 42 - Log contexts: allow objects to log into local logging contexts, by 43 lws_context, vhost, wsi and ss handle. Each context has its own 44 emit function and log level. See ./READMEs/README.logging.md 45 - Upgrade compiler checking to default to -Werror -Wall -Wextra 46 - Fault injection apis now also support pseudo-random number binding 47 within a specified range, eg, 48 --fault-injection "f1(10%),f1_delay(123..456)" 49 - Remove LWS_WITH_DEPRECATED_THINGS, remove master branch 50 - Interface binding now uses ipv6 scoring to select bind address 51 52v4.2.0 53====== 54 55 - Sai coverage upgrades, 495 builds on 27 platforms, including OSX M1, 56 Xenial, Bionic and Focal Ubuntu, Debian Sid and Buster on both 32 and 57 64-bit OS, and NetBSD, Solaris, FreeBSD, Windows, ESP32. 58 Ctest run on more scenarios including all LWS_WITH_DISTRO_RECOMMENDED. 59 More tests use valgrind if available on platform. 60 - RFC7231 date and time parsing and retry-after wired up to lws_retry 61 - `LWS_WITH_SUL_DEBUGGING` checks that no sul belonging to Secure Streams 62 and wsi objects are left registered on destruction 63 - Netlink monitoring on Linux dynamically tracks interface address and 64 routing changes, and immediately closes connections on invalidated 65 routes. 66 - RFC6724 DNS results sorting over ipv4 + ipv6 results, according to 67 available dynamic route information 68 - Support new event library, sdevent (systemd native loop), via 69 `LWS_WITH_SDEVENT` 70 - Reduce .rodata cost of role structs by making them sparse 71 - Additional Secure Streams QA tests and runtime state transition 72 validation 73 - SMD-over-ss-proxy documentation and helpers to simplify forwarding 74 - SSPC stream buffering at proxy and client set from policy by streamtype 75 - Trigger Captive Portal Detection if DNS resolution fails 76 - Switch all logs related to wsi and Secure Streams to use unique, 77 descriptive tags instead of pointers (which may be reallocated) 78 - Use NOITCE logging for Secure Streams and wsi lifecycle logging using 79 tags 80 - Update SSPC serialization to include versioning on initial handshake, 81 and pass client pid to proxy so related objects are tagged with it 82 - Enable errors on -Wconversion pedantic type-related build issues 83 throughout the lws sources and upgrade every affected cast. 84 - Windows remove WSA event implementation and replace with WSAPoll, with 85 a pair of UDP sockets instead of pipe() for `lws_cancel_service()` 86 - `lws_strcmp_wildcard()` helper that understand "x*", "x*y", "x*y*" etc 87 - `LWS_WITH_PLUGINS_BUILTIN` cmake option just builds plugins into the main 88 library image directly 89 - Secure Streams proxy supports policy for flow control between proxy and 90 clients 91 - libressl also supported along with boringssl, wolfssl 92 - prepared for openssl v3 compatibility, for main function and GENCRYPTO 93 - Fault injection apis can confirm operation of 48 error paths and counting 94 - `LWS_WITH_SYS_METRICS` keeps stats and reports them to user-defined 95 function, compatible with openmetrics 96 - windows platform knows how to prepare openssl with system trust store certs 97 - `LWS_WITH_SYS_CONMON` allows selected client connections to make precise 98 measurements of connection performance and DNS results, and report them in a struct 99 - New native support for uloop event loop (OpenWRT loop) 100 - More options around JWT 101 - Support TLS session caching and reuse by default, on both OpenSSL and 102 mbedtls 103 - Many fixes and improvements... 104 105v4.1.0 106====== 107 108 - NEW: travis / appveyor / bintray are replaced by Sai 109 https://libwebsockets.org/sai/ which for lws currently does 193 builds per 110 git push on 16 platforms, all self-hosted. The homebrew bash scripts used 111 to select Minimal examples are replaced by CTest. Platforms currently 112 include Fedora/AMD/GCC, Windows/AMD/mingw32, Windows/AMD/mingw64, Android/ 113 aarch64/LLVM, esp-idf (on WROVER-KIT and HELTEC physical boards), Fedora/ 114 RISCV (on QEMU)/GCC, CentOS8/AMD/GCC, Gentoo/AMD/GCC, Bionic/AMD/GCC, 115 Linkit 7697, Focal/AMD/GCC, Windows (on QEMU)/AMD/MSVC, 116 Focal/aarch64-RPI4/GCC, iOS/aarch64/LLVM and OSX/AMD/LLVM. 117 118 - NEW: The single CMakeLists.txt has been refactored and modernized into smaller 119 CMakeLists.txt in the subdirectory along with the code that is being managed 120 for build by it. Build options are still listed in the top level as before 121 but the new way is much more maintainable. 122 123 - NEW: event lib support on Unix is now built into dynamically loaded plugins 124 and brought in at runtime, allowing all of the support to be built in 125 isolation without conflicts, and separately packaged with individual 126 dependencies. See ./READMEs/event-libs.md for details and how to force 127 the old static build into lws method. 128 129 - NEW: Captive Portal Detection. Lws can determine if the active default 130 route is able to connect to the internet, or is in a captive portal type 131 situation, by trying to connect to a remote server that will respond in an 132 unusual way, like provide a 204. 133 134 - NEW: Secure streams: Support system trust store if it exists 135 Build on Windows 136 Support lws raw socket protocol in SS 137 Support Unix Domain Socket transport 138 139 - NEW: Windows: Support Unix Domain Sockets same as other platforms 140 141 - NEW: Windows: Build using native pthreads, async dns, ipv6 on MSVC 142 143 - NEW: lws_struct: BLOB support 144 145 - NEW: lws_sul: Now provides two sorted timer domains, a default one as 146 before, and another whose scheduled events are capable to wake the system from suspend 147 148 - NEW: System Message Distribution: lws_smd provides a very lightweight way 149 to pass short messages between subsystems both in RTOS type case where the 150 subsystems are all on the lws event loop, and in the case participants are in 151 different processes, using Secure Streams proxying. Participants register a bitmap 152 of message classes they care about; if no particpant cares about a particular message, 153 it is rejected at allocation time for the sender, making it cheap to provide messages 154 speculatively. See lib/system/smd/README.md for full details. 155 156 - NEW: lws_drivers: wrappers for SDK driver abstractions (or actual drivers) 157 See lib/drivers/README.md, example implementations 158 minimal-examples/embedded/esp32/esp-wrover-kit 159 - generic gpio 160 - generic LED (by name) lib/drivers/led/README.md 161 - generic PWM, sophisticated interpolated table 162 sequencers with crossfade 163 - generic button (by name), with debounce and press classification 164 emitting rich SMD click, long-click, double-click, 165 down, repeat, up JSON messages 166 lib/drivers/button/README.md 167 - bitbang i2c on generic gpio (hw support can use same 168 abstract API) 169 - bitbang spi on generic gpio (hw support can use same 170 abstract API) 171 - generic display object, can be wired up to controller 172 drivers that hook up by generic i2c or spi, 173 generic backlight PWM sequencing and 174 blanking timer support 175 - generic settings storage: get and set blobs by name 176 - generic network device: netdev abstract class with 177 WIFI / Ethernet implementations 178 using underlying SDK APIs; 179 generic 80211 Scan managements 180 and credentials handling via 181 lws_settings 182 This is the new way to provide embedded platform 183 functionality that was in the past done like 184 esp32-factory. Unlike the old way, the new way has no 185 native apis in it and can be built on other SDK / SoCs 186 the same. 187 188 - NEW: Security-aware JWS JWT (JSON Web Tokens) apis are provided on top of the existing 189 JOSE / JWS apis. All the common algorithms are available along with some 190 high level apis like lws http cookie -> JWT struct -> lws http cookie. 191 192 - REMOVED: esp32-helper and friends used by esp32-factory now lws_drivers 193 exists 194 195 - REMOVED: generic sessions and friends now JWT is provided 196 197v4.0.0 198====== 199 200 - NEW: Lws is now under the MIT license, see ./LICENSE for details 201 202 - NEW: GLIB native event loop support, lws + gtk example 203 204 - NEW: native lws MQTT client... supports client stream binding like h2 when 205 multiple logical connections are going to the same endpoint over MQTT, they 206 transparently and independently share the one connection + tls tunnel 207 208 - NEW: "Secure Streams"... if you are making a device with client connections 209 to the internet or cloud, this allows separation of the communications 210 policy (endpoints, tls cert validation, protocols, etc) from the code, with 211 the goal you can combine streams, change protocols and cloud provision, and 212 reflect that in the device's JSON policy document without having to change 213 any code. 214 215 - NEW: lws_system: New lightweight and efficient Asynchronous DNS resolver 216 implementation for both A and AAAA records, supports recursive (without 217 recursion in code) lookups, caching, and getaddrinfo() compatible results 218 scheme (from cache directly without per-consumer allocation). Able to 219 perform DNS lookups without introducing latency in the event loop. 220 221 - NEW: lws_system: ntpclient implementation with interface for setting system 222 time via lws_system ops 223 224 - NEW: lws_system: dhcpclient implementation 225 226 - NEW: Connection validity tracking, autoproduce PING/PONG for protocols that 227 support it if not informed that the connection has passed data in both 228 directions recently enough 229 230 - NEW: lws_retry: standardized exponential backoff and retry timing based 231 around backoff table and lws_sul 232 233 - NEW: there are official public helpers for unaligned de/serialization of all 234 common types, see eh, lws_ser_wu16be() in include/libwebsockets/lws-misc.h 235 236 - NEW: lws_tls_client_vhost_extra_cert_mem() api allows attaching extra certs 237 to a client vhost from DER in memory 238 239 - NEW: lws_system: generic blobs support passing auth tokens, per-connection 240 client certs etc from platform into lws 241 242 - NEW: public helpers to consume and produce ipv4/6 addresses in a clean way, 243 along with lws_sockaddr46 type now public. See eg, lws_sockaddr46-based 244 lws_sa46_parse_numeric_address(), lws_write_numeric_address() 245 in include/libwebsockets/lws-network-helper.h 246 247 - Improved client redirect handling, h2 compatibility 248 249 - NEW: lwsac: additional features for constant folding support (strings that 250 already are in the lwsac can be pointed to without copying again), backfill 251 (look for gaps in previous chunks that could take a new use size), and 252 lwsac_extend() so last use() can attempt to use more unallocated chunk space 253 254 - NEW: lws_humanize: apis for reporting scalar quanties like 1234 as "1.234KB" 255 with the scaled symbol strings passed in by caller 256 257 - NEW: freertos: support lws_cancel_service() by using UDP pair bound to lo, 258 since it doesn't have logical pipes 259 260 - NEW: "esp32" plat, which implemented freertos plat compatibility on esp32, is 261 renamed to "freertos" plat, targeting esp32 and other freertos platforms 262 263 - NEW: base64 has an additional api supporting stateful decode, where the input 264 is not all in the same place at the same time and can be processed 265 incrementally 266 267 - NEW: lws ws proxy: support RFC8441 268 269 - NEW: lws_spawn_piped apis: generic support for vforking a process with child 270 wsis attached to its stdin, stdout and stderr via pipes. When processes are 271 reaped, a specified callback is triggered. Currently Linux + OSX. 272 273 - NEW: lws_fsmount apis: Linux-only overlayfs mount and unmount management for 274 aggregating read-only layers with disposable, changeable upper layer fs 275 276 - Improvements for RTOS / small build case bring the footprint of lws v4 below 277 that of v3.1 on ARM 278 279 - lws_tokenize: flag specifying # should mark rest of line as comment 280 281 - NEW: minimal example for integrating libasound / alsa via raw file 282 283 - lws_struct: sqlite and json / lejp translation now usable 284 285 286v3.2.0 287====== 288 289 - This is the last planned release under LGPLv2+SLE. It's not planned to be 290 maintained like previous releases, please switch to master for the latest 291 stuff or continue to use v3.1-stable until the next release under the 292 new MIT license. 293 294 - NEW: completely refactored scheduler with a unified, sorted us-resolution 295 linked-list implementation. All polled checks like timeout are migrated 296 to use the new timers, which also work on the event lib implementations. 297 Faster operation, us-resolution timeouts and generic scheduled callbacks 298 from the event loop. 299 300 - NEW: lws_dsh specialized buffer memory allocator that can borrow space 301 from other cooperating buffers on the same list. 302 303 - NEW: lws_sequencer allows managing multi-connection processes and 304 retries 305 306 - NEW: memory buffer cert support 307 308 - NEW: LWS_WITH_NETWORK in CMake... can be configured without any network- 309 related code at all 310 311 - NEW: builds on QNX 6.5 and SmartOS 312 313 - NEW: JOSE / JWK / JWS / JWE support, for all common ciphers and algs, 314 works on OpenSSL and mbedtls backends 315 316 - NEW: gencrypto now has genaes and genec in addition to genrsa, works 317 on OpenSSL and mbedtls backends 318 319 - NEW: raw_proxy role 320 321 - NEW: Basic Auth works on ws connections 322 323 - CHANGE: REMOVED: LWS_WITH_GENRSA, LWS_WITH_GENHASH, LWS_WITH_GENEC, 324 LWS_WITH_GENAES have all been removed and combined into LWS_WITH_GENCRYPTO 325 326 - CHANGE: REMOVED: LWS_WITH_JWS, LWS_WITH_JWE have been removed and combined 327 into LWS_WITH_JOSE 328 329v3.1.0 330====== 331 332 - CHANGE: REMOVED: lws_client_connect() and lws_client_connect_extended() 333 compatibility apis for lws_client_connect_via_info() have been marked as 334 deprecated for several versions and are now removed. Use 335 lws_client_connect_via_info() directly instead. 336 337 - CHANGE: CMAKE: 338 - LWS_WITH_HTTP2: now defaults ON 339 340 - CHANGE: Minimal examples updated to use Content Security Policy best 341 practices, using 342 `LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE` vhost 343 option flag and disabling of inline style and scripts. A side-effect of 344 this is that buffers used to marshal headers have to be prepared to take 345 more content than previously... LWS_RECOMMENDED_MIN_HEADER_SPACE (2048 346 currently) is available for user (and internal) use to logically tie the 347 buffer size to this usecase (and follow future increases). 348 349 - NEW: CMAKE 350 - LWS_FOR_GITOHASHI: sets various cmake options suitable for gitohashi 351 - LWS_WITH_ASAN: for Linux, enable build with ASAN 352 353 Don't forget LWS_WITH_DISTRO_RECOMMENDED, which enables a wide range of lws 354 options suitable for a distro build of the library. 355 356 - NEW: lws threadpool - lightweight pool of pthreads integrated to lws wsi, with 357 all synchronization to event loop handled internally, queue for excess tasks 358 [threadpool docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/threadpool) 359 [threadpool minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/ws-server/minimal-ws-server-threadpool) 360 Cmake config: `-DLWS_WITH_THREADPOOL=1` 361 362 - NEW: libdbus support integrated on lws event loop 363 [lws dbus docs](https://libwebsockets.org/git/libwebsockets/tree/lib/roles/dbus) 364 [lws dbus client minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-client) 365 [lws dbus server minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-server) 366 Cmake config: `-DLWS_ROLE_DBUS=1` 367 368 - NEW: lws allocated chunks (lwsac) - helpers for optimized mass allocation of small 369 objects inside a few larger malloc chunks... if you need to allocate a lot of 370 inter-related structs for a limited time, this removes per-struct allocation 371 library overhead completely and removes the need for any destruction handling 372 [lwsac docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/lwsac) 373 [lwsac minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lwsac) 374 Cmake Config: `-DLWS_WITH_LWSAC=1` 375 376 - NEW: lws tokenizer - helper api for robustly tokenizing your own strings without 377 allocating or adding complexity. Configurable by flags for common delimiter 378 sets and comma-separated-lists in the tokenizer. Detects and reports syntax 379 errors. 380 [lws_tokenize docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-tokenize.h) 381 [lws_tokenize minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lws_tokenize) 382 383 - NEW: lws full-text search - optimized trie generation, serialization, 384 autocomplete suggestion generation and instant global search support extensible 385 to huge corpuses of UTF-8 text while remaining super lightweight on resources. 386 [full-text search docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/fts) 387 [full-text search minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-fts) 388 [demo](https://libwebsockets.org/ftsdemo/) 389 [demo sources](https://libwebsockets.org/git/libwebsockets/tree/plugins/protocol_fulltext_demo.c) 390 Cmake config: `-DLWS_WITH_FTS=1 -DLWS_WITH_LWSAC=1` 391 392 - NEW: gzip + brotli http server-side compression - h1 and h2 automatic advertising 393 of server compression and application to files with mimetypes "text/*", 394 "application/javascript" and "image/svg.xml". 395 Cmake config: `-DLWS_WITH_HTTP_STREAM_COMPRESSION=1`, `-DLWS_WITH_HTTP_BROTLI=1` 396 397 - NEW: managed disk cache - API for managing a directory containing cached files 398 with hashed names, and automatic deletion of LRU files once the cache is 399 above a given limit. 400 [lws diskcache docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-diskcache.h) 401 Cmake config: `-DLWS_WITH_DISKCACHE=1` 402 403 - NEW: http reverse proxy - lws mounts support proxying h1 or h2 requests to 404 a local or remote IP, or unix domain socket over h1. This allows microservice 405 type architectures where parts of the common URL space are actually handled 406 by external processes which may be remote or on the same machine. 407 [lws gitohashi serving](https://libwebsockets.org/git/) is handled this way. 408 CMake config: `-DLWS_WITH_HTTP_PROXY=1` 409 410 - NEW: lws_buflist - internally several types of ad-hoc malloc'd buffer have 411 been replaced by a new, exported api `struct lws_buflist`. This allows 412 multiple buffers to be chained and drawn down in strict FIFO order. 413 414 - NEW: In the case of h1 upgrade, the connection header is checked to contain 415 "upgrade". The vhost flag LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK 416 also causes the Host: header to be confirmed to match the vhost name and 417 listen port. 418 419 - NEW: If no 404 redirect for `lws_return_http_status()` is specified for the vhost, 420 the status page produced will try to bring in a stylesheet `/error.css`. This allows 421 you to produce styled 404 or other error pages with logos, graphics etc. See 422 https://libwebsockets.org/git/badrepo for an example of what you can do with it. 423 424v3.0.0 425====== 426 427 - CHANGE: Clients used to call LWS_CALLBACK_CLOSED same as servers... 428 LWS_CALLBACK_CLIENT_CLOSED has been introduced and is called for clients 429 now. 430 431 - CHANGE: LWS_CALLBACK_CLIENT_CONNECTION_ERROR used to only be directed at 432 protocols[0]. However in many cases, the protocol to bind to was provided 433 at client connection info time and the wsi bound accordingly. In those 434 cases, CONNECTION_ERROR is directed at the bound protocol, not protcols[0] 435 any more. 436 437 - CHANGE: CMAKE: the following cmake defaults have changed with this version: 438 439 - LWS_WITH_ZIP_FOPS: now defaults OFF 440 - LWS_WITH_RANGES: now defaults OFF 441 - LWS_WITH_ZLIB: now defaults OFF 442 - LWS_WITHOUT_EXTENSIONS: now defaults ON 443 444 - CHANGE: REMOVED: lws_alloc_vfs_file() (read a file to malloc buffer) 445 446 - CHANGE: REMOVED: lws_read() (no longer useful outside of lws internals) 447 448 - CHANGE: REMOVED: ESP8266... ESP32 is now within the same price range and much 449 more performant 450 451 - CHANGE: soname bump... don't forget to `ldconfig` 452 453 - NEW: all event libraries support "foreign" loop integration where lws itself 454 if just a temporary user of the loop unrelated to the actual loop lifecycle. 455 456 See `minimal-http-server-eventlib-foreign` for example code demonstrating 457 this for all the event libraries. 458 459 Internal loop in lws is also supported and demonstrated by 460 `minimal-http-server-eventlib`. 461 462 - NEW: ws-over-h2 support. This is a new RFC-on-the-way supported by Chrome 463 and shortly firefox that allows ws connections to be multiplexed back to the 464 server on the same tcp + tls wrapper h2 connection that the html and scripts 465 came in on. This is hugely faster that discrete connections. 466 467 - NEW: UDP socket adoption and related event callbacks 468 469 - NEW: Multi-client connection binding, queuing and pipelining support. 470 471 Lws detects multiple client connections to the same server and port, and 472 optimizes how it handles them according to the server type and provided 473 flags. For http/1.0, all occur with individual parallel connections. For 474 http/1.1, you can enable keepalive pipelining, so the connections occur 475 sequentially on a single network connection. For http/2, they all occur 476 as parallel streams within a single h2 network connection. 477 478 See minimal-http-client-multi for example code. 479 480 - NEW: High resolution timer API for wsi, get a callback on your wsi with 481 LWS_CALLBACK_TIMER, set and reset the timer with lws_set_timer_usecs(wsi, us) 482 Actual resolution depends on event backend. Works with all backends, poll, 483 libuv, libevent, and libev. 484 485 - NEW: Protocols can arrange vhost-protocol instance specific callbacks with 486 second resolution using `lws_timed_callback_vh_protocol()` 487 488 - NEW: ACME client plugin for self-service TLS certificates 489 490 - NEW: RFC7517 JSON Web Keys RFC7638 JWK thumbprint, and RFC7515 JSON Web 491 signatures support 492 493 - NEW: lws_cancel_service() now provides a generic way to synchronize events 494 from other threads, which appear as a LWS_CALLBACK_EVENT_WAIT_CANCELLED 495 callback on all protocols. This is compatible with all the event libraries. 496 497 - NEW: support BSD poll() where changes to the poll wait while waiting are 498 undone. 499 500 - NEW: Introduce generic hash, hmac and RSA apis that operate the same 501 regardless of OpenSSL or mbedTLS tls backend 502 503 - NEW: Introduce X509 element query api that works the same regardless of 504 OpenSSL or mbedTLS tls backend 505 506 - NEW: Introduce over 30 "minimal examples" in ./minimal-examples... these 507 replace most of the old test servers 508 509 - test-echo -> minimal-ws-server-echo and minimal-ws-client-echo 510 511 - test-server-libuv / -libevent / -libev -> 512 minimal-https-server-eventlib / -eventlib-foreign / -eventlib-demos 513 514 - test-server-v2.0 -> folded into all the minimal servers 515 516 - test-server direct http serving -> minimal-http-server-dynamic 517 518 The minimal examples allow individual standalone build using their own 519 small CMakeLists.txt. 520 521 - NEW: lws now detects any back-to-back writes that did not go through the 522 event loop inbetween and reports them. This will flag any possibility of 523 failure rather than wait until the problem happens. 524 525 - NEW: CMake has LWS_WITH_DISTRO_RECOMMENDED to select features that are 526 appropriate for distros 527 528 - NEW: Optional vhost URL `error_document_404` if given causes a redirect there 529 instead of serve the default 404 page. 530 531 - NEW: lws_strncpy() wrapper guarantees NUL in copied string even if it was 532 truncated to fit. 533 534 - NEW: for client connections, local protocol binding name can be separated 535 from the ws subprotocol name if needed, using .local_protocol_name 536 537 - NEW: Automatic detection of time discontiguities 538 539 - NEW: Applies TCP_USER_TIMEOUT for Linux tcp keepalive where available 540 541 - QA: 1600 tests run on each commit in Travis CI, including almost all 542 Autobahn in client and server mode, various h2load tests, h2spec, attack.sh 543 the minimal example selftests and others. 544 545 - QA: fix small warnings introduced on gcc8.x (eg, Fedora 28) 546 547 - QA: Add most of -Wextra on gcc (-Wsign-compare, -Wignored-qualifiers, 548 -Wtype-limits, -Wuninitialized) 549 550 - QA: clean out warnings on windows 551 552 - QA: pass all 146 h2spec tests now on strict 553 554 - QA: introduce 35 selftests that operate different minimal examples against 555 each other and confirm the results. 556 557 - QA: LWS_WITH_MINIMAL_EXAMPLES allows mass build of all relevant minimal- 558 examples with the LWS build, for CI and to make all the example binaries 559 available from the lws build dir ./bin 560 561 - REFACTOR: the lws source directory layout in ./lib has been radically 562 improved, and there are now README.md files in selected subdirs with extra 563 documentation of interest to people working on lws itself. 564 565 - REFACTOR: pipelined transactions return to the event loop before starting the 566 next part. 567 568 - REFACTOR: TLS: replace all TLS library constants with generic LWS ones and 569 adapt all the TLS library code to translate to these common ones. 570 571 Isolated all the tls-related private stuff in `./lib/tls/private.h`, and all 572 the mbedTLS stuff in `./lib/tls/mbedtls` + openSSL stuff in 573 `./lib/tls/openssl` 574 575 - REFACTOR: the various kinds of wsi possible with lws have been extracted 576 from the main code and isolated into "roles" in `./lib/roles` which 577 communicate with the core code via an ops struct. Everything related to 578 ah is migrated to the http role. 579 580 wsi modes are eliminated and replaced by the ops pointer for the role the 581 wsi is performing. Generic states for wsi are available to control the 582 lifecycle using core code. 583 584 Adding new "roles" is now much easier with the changes and ops struct to 585 plug into. 586 587 - REFACTOR: reduce four different kinds of buffer management in lws into a 588 generic scatter-gather struct lws_buflist. 589 590 - REFACTOR: close notifications go through event loop 591 592 593v2.4.0 594====== 595 596 - HTTP/2 server support is now mature and usable! LWS_WITH_HTTP2=1 enables it. 597 Uses ALPN to serve HTTP/2, HTTP/1 and ws[s] connections all from the same 598 listen port seamlessly. (Requires ALPN-capable OpenSSL 1.1 or mbedTLS). 599 600 - LWS_WITH_MBEDTLS=1 at CMake now builds and works against mbedTLS instead of 601 OpenSSL. Most things work identically, although on common targets where 602 OpenSSL has acceleration, mbedTLS is many times slower in operation. However 603 it is a lot smaller codewise. 604 605 - Generic hash apis introduced that work the same on mbedTLS or OpenSSL backend 606 607 - LWS_WITH_PEER_LIMITS tracks IPs across all vhosts and allows restrictions on 608 both the number of simultaneous connections and wsi in use for any single IP 609 610 - lws_ring apis provide a generic single- or multi-tail ringbuffer... mirror 611 protocol now uses this. Features include ring elements may be sized to fit 612 structs in the ringbuffer, callback when no tail any longer needs an element 613 and it can be deleted, and zerocopy options to write new members directly 614 into the ringbuffer, and use the ringbuffer element by address too. 615 616 - abstract ssh 2 server plugin included, with both plugin and standalone 617 demos provided. You can bind the plugin to a vhost and also serve full- 618 strength ssh from the vhost. IO from the ssh server is controlled by an 619 "ops" struct of callbacks for tx, rx, auth etc. 620 621 - Many fixes, cleanups, source refactors and other improvements. 622 623 624v2.3.0 625====== 626 627 - ESP32 OpenSSL support for client and server 628 629 - ESP32 4 x WLAN credential slots may be configured 630 631 - Libevent event loop support 632 633 - SOCKS5 proxy support 634 635 - lws_meta protocol for websocket connection multiplexing 636 637 - lws_vhost_destroy() added... allows dynamic removal of listening 638 vhosts. Vhosts with shared listen sockets adopt the listen socket 639 automatically if the owner is destroyed. 640 641 - IPv6 on Windows 642 643 - Improved CGI handling suitable for general CGI scripting, eg, PHP 644 645 - Convert even the "old style" test servers to use statically included 646 plugin sources 647 648 - LWS_WITH_STATS cmake option dumps resource usage and timing information 649 every few seconds to debug log, including latency information about 650 delay from asking for writeable callback to getting it 651 652 - Large (> 2GB) files may be served 653 654 - LWS_WITH_HTTP_PROXY Cmake option adds proxying mounts 655 656 - Workaround for libev build by disabling -Werror on the test app 657 658 - HTTP2 support disabled since no way to serve websockets on it 659 660 661v2.2.0 662====== 663 664Major new features 665 666 - A mount can be protected by Basic Auth... in lwsws it looks like this 667 668 ``` 669{ 670 "mountpoint": "/basic-auth", 671 "origin": "file://_lws_ddir_/libwebsockets-test-server/private", 672 "basic-auth": "/var/www/balogins-private" 673} 674``` 675 676The text file named in `basic-auth` contains user:password information 677one per line. 678 679See README.lwsws.md for more information. 680 681 - RFC7233 RANGES support in lws server... both single and multipart. 682 This allows seeking for multimedia file serving and download resume. 683 It's enabled by default but can be disabled by CMake option. 684 685 - On Linux, lwsws can reload configuration without dropping ongoing 686 connections, when sent a SIGHUP. The old configuration drops its 687 listen sockets so the new configuration can listen on them. 688 New connections connect to the server instance with the new 689 configuration. When all old connections eventually close, the old 690 instance automatically exits. This is equivalent to 691 `systemctl reload apache` 692 693 - New `adopt` api allow adoption including SSL negotiation and 694 for raw sockets and file descriptors. 695 696 - Chunked transfer encoding supported for client and server 697 698 - Adaptations to allow operations inside OPTEE Secure World 699 700 - ESP32 initial port - able to do all test server functions. See 701 README.build.md 702 703 - Serving gzipped files from inside a ZIP file is supported... this 704 includes directly serving the gzipped content if the client 705 indicated it could accept it (ie, almost all browsers) saving 706 bandwidth and time. For clients that can't accept it, lws 707 automatically decompresses and serves the content in memory- 708 efficient chunks. Only a few hundred bytes of heap are needed 709 to serve any size file from inside the zip. See README.coding.md 710 711 - RAW file descriptors may now be adopted into the lws event loop, 712 independent of event backend (including poll service). 713 See README.coding.md 714 715 - RAW server socket descriptors may now be enabled on the vhost if 716 the first thing sent on the connection is not a valid http method. 717 The user code can associate these with a specific protocol per 718 vhost, and RAW-specific callbacks appear there for creation, rx, 719 writable and close. See libwebsockets-test-server-v2.0 for an example. 720 See README.coding.md 721 722 - RAW client connections are now possible using the method "RAW". 723 After connection, the socket is associated to the protocol 724 named in the client connection info and RAW-specific callbacks 725 appear there for creation, rx, writable and close. 726 See libwebsockets-test-client (with raw://) for an example. 727 See README.coding.md 728 729 730(for earlier changelogs, see the tagged releases) 731