1Changelog 2--------- 3 4v4.0.0 5====== 6 7 - NEW: Lws is now under the MIT license, see ./LICENSE for details 8 9 - NEW: GLIB native event loop support, lws + gtk example 10 11 - NEW: native lws MQTT client... supports client stream binding like h2 when 12 multiple logical connections are going to the same endpoint over MQTT, they 13 transparently and independently share the one connection + tls tunnel 14 15 - NEW: "Secure Streams"... if you are making a device with client connections 16 to the internet or cloud, this allows separation of the communications 17 policy (endpoints, tls cert validation, protocols, etc) from the code, with 18 the goal you can combine streams, change protocols and cloud provision, and 19 reflect that in the device's JSON policy document without having to change 20 any code. 21 22 - NEW: lws_system: New lightweight and efficient Asynchronous DNS resolver 23 implementation for both A and AAAA records, supports recursive (without 24 recursion in code) lookups, caching, and getaddrinfo() compatible results 25 scheme (from cache directly without per-consumer allocation). Able to 26 perform DNS lookups without introducing latency in the event loop. 27 28 - NEW: lws_system: ntpclient implementation with interface for setting system 29 time via lws_system ops 30 31 - NEW: lws_system: dhcpclient implementation 32 33 - NEW: Connection validity tracking, autoproduce PING/PONG for protocols that 34 support it if not informed that the connection has passed data in both 35 directions recently enough 36 37 - NEW: lws_retry: standardized exponential backoff and retry timing based 38 around backoff table and lws_sul 39 40 - NEW: there are official public helpers for unaligned de/serialization of all 41 common types, see eh, lws_ser_wu16be() in include/libwebsockets/lws-misc.h 42 43 - NEW: lws_tls_client_vhost_extra_cert_mem() api allows attaching extra certs 44 to a client vhost from DER in memory 45 46 - NEW: lws_system: generic blobs support passing auth tokens, per-connection 47 client certs etc from platform into lws 48 49 - NEW: public helpers to consume and produce ipv4/6 addresses in a clean way, 50 along with lws_sockaddr46 type now public. See eg, lws_sockaddr46-based 51 lws_sa46_parse_numeric_address(), lws_write_numeric_address() 52 in include/libwebsockets/lws-network-helper.h 53 54 - Improved client redirect handling, h2 compatibility 55 56 - NEW: lwsac: additional features for constant folding support (strings that 57 already are in the lwsac can be pointed to without copying again), backfill 58 (look for gaps in previous chunks that could take a new use size), and 59 lwsac_extend() so last use() can attempt to use more unallocated chunk space 60 61 - NEW: lws_humanize: apis for reporting scalar quanties like 1234 as "1.234KB" 62 with the scaled symbol strings passed in by caller 63 64 - NEW: freertos: support lws_cancel_service() by using UDP pair bound to lo, 65 since it doesn't have logical pipes 66 67 - NEW: "esp32" plat, which implemented freertos plat compatibility on esp32, is 68 renamed to "freertos" plat, targeting esp32 and other freertos platforms 69 70 - NEW: base64 has an additional api supporting stateful decode, where the input 71 is not all in the same place at the same time and can be processed 72 incrementally 73 74 - NEW: lws ws proxy: support RFC8441 75 76 - NEW: lws_spawn_piped apis: generic support for vforking a process with child 77 wsis attached to its stdin, stdout and stderr via pipes. When processes are 78 reaped, a specified callback is triggered. Currently Linux + OSX. 79 80 - NEW: lws_fsmount apis: Linux-only overlayfs mount and unmount management for 81 aggregating read-only layers with disposable, changeable upper layer fs 82 83 - Improvements for RTOS / small build case bring the footprint of lws v4 below 84 that of v3.1 on ARM 85 86 - lws_tokenize: flag specifying # should mark rest of line as comment 87 88 - NEW: minimal example for integrating libasound / alsa via raw file 89 90 - lws_struct: sqlite and json / lejp translation now usable 91 92 93v3.2.0 94====== 95 96 - This is the last planned release under LGPLv2+SLE. It's not planned to be 97 maintained like previous releases, please switch to master for the latest 98 stuff or continue to use v3.1-stable until the next release under the 99 new MIT license. 100 101 - NEW: completely refactored scheduler with a unified, sorted us-resolution 102 linked-list implementation. All polled checks like timeout are migrated 103 to use the new timers, which also work on the event lib implementations. 104 Faster operation, us-resolution timeouts and generic scheduled callbacks 105 from the event loop. 106 107 - NEW: lws_dsh specialized buffer memory allocator that can borrow space 108 from other cooperating buffers on the same list. 109 110 - NEW: lws_sequencer allows managing multi-connection processes and 111 retries 112 113 - NEW: memory buffer cert support 114 115 - NEW: LWS_WITH_NETWORK in CMake... can be configured without any network- 116 related code at all 117 118 - NEW: builds on QNX 6.5 and SmartOS 119 120 - NEW: JOSE / JWK / JWS / JWE support, for all common ciphers and algs, 121 works on OpenSSL and mbedtls backends 122 123 - NEW: gencrypto now has genaes and genec in addition to genrsa, works 124 on OpenSSL and mbedtls backends 125 126 - NEW: raw_proxy role 127 128 - NEW: Basic Auth works on ws connections 129 130 - CHANGE: REMOVED: LWS_WITH_GENRSA, LWS_WITH_GENHASH, LWS_WITH_GENEC, 131 LWS_WITH_GENAES have all been removed and combined into LWS_WITH_GENCRYPTO 132 133 - CHANGE: REMOVED: LWS_WITH_JWS, LWS_WITH_JWE have been removed and combined 134 into LWS_WITH_JOSE 135 136v3.1.0 137====== 138 139 - CHANGE: REMOVED: lws_client_connect() and lws_client_connect_extended() 140 compatibility apis for lws_client_connect_via_info() have been marked as 141 deprecated for several versions and are now removed. Use 142 lws_client_connect_via_info() directly instead. 143 144 - CHANGE: CMAKE: 145 - LWS_WITH_HTTP2: now defaults ON 146 147 - CHANGE: Minimal examples updated to use Content Security Policy best 148 practices, using 149 `LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE` vhost 150 option flag and disabling of inline style and scripts. A side-effect of 151 this is that buffers used to marshal headers have to be prepared to take 152 more content than previously... LWS_RECOMMENDED_MIN_HEADER_SPACE (2048 153 currently) is available for user (and internal) use to logically tie the 154 buffer size to this usecase (and follow future increases). 155 156 - NEW: CMAKE 157 - LWS_FOR_GITOHASHI: sets various cmake options suitable for gitohashi 158 - LWS_WITH_ASAN: for Linux, enable build with ASAN 159 160 Don't forget LWS_WITH_DISTRO_RECOMMENDED, which enables a wide range of lws 161 options suitable for a distro build of the library. 162 163 - NEW: lws threadpool - lightweight pool of pthreads integrated to lws wsi, with 164 all synchronization to event loop handled internally, queue for excess tasks 165 [threadpool docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/threadpool) 166 [threadpool minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/ws-server/minimal-ws-server-threadpool) 167 Cmake config: `-DLWS_WITH_THREADPOOL=1` 168 169 - NEW: libdbus support integrated on lws event loop 170 [lws dbus docs](https://libwebsockets.org/git/libwebsockets/tree/lib/roles/dbus) 171 [lws dbus client minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-client) 172 [lws dbus server minimal examples](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/dbus-server) 173 Cmake config: `-DLWS_ROLE_DBUS=1` 174 175 - NEW: lws allocated chunks (lwsac) - helpers for optimized mass allocation of small 176 objects inside a few larger malloc chunks... if you need to allocate a lot of 177 inter-related structs for a limited time, this removes per-struct allocation 178 library overhead completely and removes the need for any destruction handling 179 [lwsac docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/lwsac) 180 [lwsac minimal example](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lwsac) 181 Cmake Config: `-DLWS_WITH_LWSAC=1` 182 183 - NEW: lws tokenizer - helper api for robustly tokenizing your own strings without 184 allocating or adding complexity. Configurable by flags for common delimiter 185 sets and comma-separated-lists in the tokenizer. Detects and reports syntax 186 errors. 187 [lws_tokenize docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-tokenize.h) 188 [lws_tokenize minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-lws_tokenize) 189 190 - NEW: lws full-text search - optimized trie generation, serialization, 191 autocomplete suggestion generation and instant global search support extensible 192 to huge corpuses of UTF-8 text while remaining super lightweight on resources. 193 [full-text search docs](https://libwebsockets.org/git/libwebsockets/tree/lib/misc/fts) 194 [full-text search minimal example / api test](https://libwebsockets.org/git/libwebsockets/tree/minimal-examples/api-tests/api-test-fts) 195 [demo](https://libwebsockets.org/ftsdemo/) 196 [demo sources](https://libwebsockets.org/git/libwebsockets/tree/plugins/protocol_fulltext_demo.c) 197 Cmake config: `-DLWS_WITH_FTS=1 -DLWS_WITH_LWSAC=1` 198 199 - NEW: gzip + brotli http server-side compression - h1 and h2 automatic advertising 200 of server compression and application to files with mimetypes "text/*", 201 "application/javascript" and "image/svg.xml". 202 Cmake config: `-DLWS_WITH_HTTP_STREAM_COMPRESSION=1`, `-DLWS_WITH_HTTP_BROTLI=1` 203 204 - NEW: managed disk cache - API for managing a directory containing cached files 205 with hashed names, and automatic deletion of LRU files once the cache is 206 above a given limit. 207 [lws diskcache docs](https://libwebsockets.org/git/libwebsockets/tree/include/libwebsockets/lws-diskcache.h) 208 Cmake config: `-DLWS_WITH_DISKCACHE=1` 209 210 - NEW: http reverse proxy - lws mounts support proxying h1 or h2 requests to 211 a local or remote IP, or unix domain socket over h1. This allows microservice 212 type architectures where parts of the common URL space are actually handled 213 by external processes which may be remote or on the same machine. 214 [lws gitohashi serving](https://libwebsockets.org/git/) is handled this way. 215 CMake config: `-DLWS_WITH_HTTP_PROXY=1` 216 217 - NEW: lws_buflist - internally several types of ad-hoc malloc'd buffer have 218 been replaced by a new, exported api `struct lws_buflist`. This allows 219 multiple buffers to be chained and drawn down in strict FIFO order. 220 221 - NEW: In the case of h1 upgrade, the connection header is checked to contain 222 "upgrade". The vhost flag LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK 223 also causes the Host: header to be confirmed to match the vhost name and 224 listen port. 225 226 - NEW: If no 404 redirect for `lws_return_http_status()` is specified for the vhost, 227 the status page produced will try to bring in a stylesheet `/error.css`. This allows 228 you to produce styled 404 or other error pages with logos, graphics etc. See 229 https://libwebsockets.org/git/badrepo for an example of what you can do with it. 230 231v3.0.0 232====== 233 234 - CHANGE: Clients used to call LWS_CALLBACK_CLOSED same as servers... 235 LWS_CALLBACK_CLIENT_CLOSED has been introduced and is called for clients 236 now. 237 238 - CHANGE: LWS_CALLBACK_CLIENT_CONNECTION_ERROR used to only be directed at 239 protocols[0]. However in many cases, the protocol to bind to was provided 240 at client connection info time and the wsi bound accordingly. In those 241 cases, CONNECTION_ERROR is directed at the bound protocol, not protcols[0] 242 any more. 243 244 - CHANGE: CMAKE: the following cmake defaults have changed with this version: 245 246 - LWS_WITH_ZIP_FOPS: now defaults OFF 247 - LWS_WITH_RANGES: now defaults OFF 248 - LWS_WITH_ZLIB: now defaults OFF 249 - LWS_WITHOUT_EXTENSIONS: now defaults ON 250 251 - CHANGE: REMOVED: lws_alloc_vfs_file() (read a file to malloc buffer) 252 253 - CHANGE: REMOVED: lws_read() (no longer useful outside of lws internals) 254 255 - CHANGE: REMOVED: ESP8266... ESP32 is now within the same price range and much 256 more performant 257 258 - CHANGE: soname bump... don't forget to `ldconfig` 259 260 - NEW: all event libraries support "foreign" loop integration where lws itself 261 if just a temporary user of the loop unrelated to the actual loop lifecycle. 262 263 See `minimal-http-server-eventlib-foreign` for example code demonstrating 264 this for all the event libraries. 265 266 Internal loop in lws is also supported and demonstrated by 267 `minimal-http-server-eventlib`. 268 269 - NEW: ws-over-h2 support. This is a new RFC-on-the-way supported by Chrome 270 and shortly firefox that allows ws connections to be multiplexed back to the 271 server on the same tcp + tls wrapper h2 connection that the html and scripts 272 came in on. This is hugely faster that discrete connections. 273 274 - NEW: UDP socket adoption and related event callbacks 275 276 - NEW: Multi-client connection binding, queuing and pipelining support. 277 278 Lws detects multiple client connections to the same server and port, and 279 optimizes how it handles them according to the server type and provided 280 flags. For http/1.0, all occur with individual parallel connections. For 281 http/1.1, you can enable keepalive pipelining, so the connections occur 282 sequentially on a single network connection. For http/2, they all occur 283 as parallel streams within a single h2 network connection. 284 285 See minimal-http-client-multi for example code. 286 287 - NEW: High resolution timer API for wsi, get a callback on your wsi with 288 LWS_CALLBACK_TIMER, set and reset the timer with lws_set_timer_usecs(wsi, us) 289 Actual resolution depends on event backend. Works with all backends, poll, 290 libuv, libevent, and libev. 291 292 - NEW: Protocols can arrange vhost-protocol instance specific callbacks with 293 second resolution using `lws_timed_callback_vh_protocol()` 294 295 - NEW: ACME client plugin for self-service TLS certificates 296 297 - NEW: RFC7517 JSON Web Keys RFC7638 JWK thumbprint, and RFC7515 JSON Web 298 signatures support 299 300 - NEW: lws_cancel_service() now provides a generic way to synchronize events 301 from other threads, which appear as a LWS_CALLBACK_EVENT_WAIT_CANCELLED 302 callback on all protocols. This is compatible with all the event libraries. 303 304 - NEW: support BSD poll() where changes to the poll wait while waiting are 305 undone. 306 307 - NEW: Introduce generic hash, hmac and RSA apis that operate the same 308 regardless of OpenSSL or mbedTLS tls backend 309 310 - NEW: Introduce X509 element query api that works the same regardless of 311 OpenSSL or mbedTLS tls backend 312 313 - NEW: Introduce over 30 "minimal examples" in ./minimal-examples... these 314 replace most of the old test servers 315 316 - test-echo -> minimal-ws-server-echo and minimal-ws-client-echo 317 318 - test-server-libuv / -libevent / -libev -> 319 minimal-https-server-eventlib / -eventlib-foreign / -eventlib-demos 320 321 - test-server-v2.0 -> folded into all the minimal servers 322 323 - test-server direct http serving -> minimal-http-server-dynamic 324 325 The minimal examples allow individual standalone build using their own 326 small CMakeLists.txt. 327 328 - NEW: lws now detects any back-to-back writes that did not go through the 329 event loop inbetween and reports them. This will flag any possibility of 330 failure rather than wait until the problem happens. 331 332 - NEW: CMake has LWS_WITH_DISTRO_RECOMMENDED to select features that are 333 appropriate for distros 334 335 - NEW: Optional vhost URL `error_document_404` if given causes a redirect there 336 instead of serve the default 404 page. 337 338 - NEW: lws_strncpy() wrapper guarantees NUL in copied string even if it was 339 truncated to fit. 340 341 - NEW: for client connections, local protocol binding name can be separated 342 from the ws subprotocol name if needed, using .local_protocol_name 343 344 - NEW: Automatic detection of time discontiguities 345 346 - NEW: Applies TCP_USER_TIMEOUT for Linux tcp keepalive where available 347 348 - QA: 1600 tests run on each commit in Travis CI, including almost all 349 Autobahn in client and server mode, various h2load tests, h2spec, attack.sh 350 the minimal example selftests and others. 351 352 - QA: fix small warnings introduced on gcc8.x (eg, Fedora 28) 353 354 - QA: Add most of -Wextra on gcc (-Wsign-compare, -Wignored-qualifiers, 355 -Wtype-limits, -Wuninitialized) 356 357 - QA: clean out warnings on windows 358 359 - QA: pass all 146 h2spec tests now on strict 360 361 - QA: introduce 35 selftests that operate different minimal examples against 362 each other and confirm the results. 363 364 - QA: LWS_WITH_MINIMAL_EXAMPLES allows mass build of all relevant minimal- 365 examples with the LWS build, for CI and to make all the example binaries 366 available from the lws build dir ./bin 367 368 - REFACTOR: the lws source directory layout in ./lib has been radically 369 improved, and there are now README.md files in selected subdirs with extra 370 documentation of interest to people working on lws itself. 371 372 - REFACTOR: pipelined transactions return to the event loop before starting the 373 next part. 374 375 - REFACTOR: TLS: replace all TLS library constants with generic LWS ones and 376 adapt all the TLS library code to translate to these common ones. 377 378 Isolated all the tls-related private stuff in `./lib/tls/private.h`, and all 379 the mbedTLS stuff in `./lib/tls/mbedtls` + openSSL stuff in 380 `./lib/tls/openssl` 381 382 - REFACTOR: the various kinds of wsi possible with lws have been extracted 383 from the main code and isolated into "roles" in `./lib/roles` which 384 communicate with the core code via an ops struct. Everything related to 385 ah is migrated to the http role. 386 387 wsi modes are eliminated and replaced by the ops pointer for the role the 388 wsi is performing. Generic states for wsi are available to control the 389 lifecycle using core code. 390 391 Adding new "roles" is now much easier with the changes and ops struct to 392 plug into. 393 394 - REFACTOR: reduce four different kinds of buffer management in lws into a 395 generic scatter-gather struct lws_buflist. 396 397 - REFACTOR: close notifications go through event loop 398 399 400v2.4.0 401====== 402 403 - HTTP/2 server support is now mature and usable! LWS_WITH_HTTP2=1 enables it. 404 Uses ALPN to serve HTTP/2, HTTP/1 and ws[s] connections all from the same 405 listen port seamlessly. (Requires ALPN-capable OpenSSL 1.1 or mbedTLS). 406 407 - LWS_WITH_MBEDTLS=1 at CMake now builds and works against mbedTLS instead of 408 OpenSSL. Most things work identically, although on common targets where 409 OpenSSL has acceleration, mbedTLS is many times slower in operation. However 410 it is a lot smaller codewise. 411 412 - Generic hash apis introduced that work the same on mbedTLS or OpenSSL backend 413 414 - LWS_WITH_PEER_LIMITS tracks IPs across all vhosts and allows restrictions on 415 both the number of simultaneous connections and wsi in use for any single IP 416 417 - lws_ring apis provide a generic single- or multi-tail ringbuffer... mirror 418 protocol now uses this. Features include ring elements may be sized to fit 419 structs in the ringbuffer, callback when no tail any longer needs an element 420 and it can be deleted, and zerocopy options to write new members directly 421 into the ringbuffer, and use the ringbuffer element by address too. 422 423 - abstract ssh 2 server plugin included, with both plugin and standalone 424 demos provided. You can bind the plugin to a vhost and also serve full- 425 strength ssh from the vhost. IO from the ssh server is controlled by an 426 "ops" struct of callbacks for tx, rx, auth etc. 427 428 - Many fixes, cleanups, source refactors and other improvements. 429 430 431v2.3.0 432====== 433 434 - ESP32 OpenSSL support for client and server 435 436 - ESP32 4 x WLAN credential slots may be configured 437 438 - Libevent event loop support 439 440 - SOCKS5 proxy support 441 442 - lws_meta protocol for websocket connection multiplexing 443 444 - lws_vhost_destroy() added... allows dynamic removal of listening 445 vhosts. Vhosts with shared listen sockets adopt the listen socket 446 automatically if the owner is destroyed. 447 448 - IPv6 on Windows 449 450 - Improved CGI handling suitable for general CGI scripting, eg, PHP 451 452 - Convert even the "old style" test servers to use statically included 453 plugin sources 454 455 - LWS_WITH_STATS cmake option dumps resource usage and timing information 456 every few seconds to debug log, including latency information about 457 delay from asking for writeable callback to getting it 458 459 - Large (> 2GB) files may be served 460 461 - LWS_WITH_HTTP_PROXY Cmake option adds proxying mounts 462 463 - Workaround for libev build by disabling -Werror on the test app 464 465 - HTTP2 support disabled since no way to serve websockets on it 466 467 468v2.2.0 469====== 470 471Major new features 472 473 - A mount can be protected by Basic Auth... in lwsws it looks like this 474 475 ``` 476{ 477 "mountpoint": "/basic-auth", 478 "origin": "file://_lws_ddir_/libwebsockets-test-server/private", 479 "basic-auth": "/var/www/balogins-private" 480} 481``` 482 483The text file named in `basic-auth` contains user:password information 484one per line. 485 486See README.lwsws.md for more information. 487 488 - RFC7233 RANGES support in lws server... both single and multipart. 489 This allows seeking for multimedia file serving and download resume. 490 It's enabled by default but can be disabled by CMake option. 491 492 - On Linux, lwsws can reload configuration without dropping ongoing 493 connections, when sent a SIGHUP. The old configuration drops its 494 listen sockets so the new configuration can listen on them. 495 New connections connect to the server instance with the new 496 configuration. When all old connections eventually close, the old 497 instance automatically exits. This is equivalent to 498 `systemctl reload apache` 499 500 - New `adopt` api allow adoption including SSL negotiation and 501 for raw sockets and file descriptors. 502 503 - Chunked transfer encoding supported for client and server 504 505 - Adaptations to allow operations inside OPTEE Secure World 506 507 - ESP32 initial port - able to do all test server functions. See 508 README.build.md 509 510 - Serving gzipped files from inside a ZIP file is supported... this 511 includes directly serving the gzipped content if the client 512 indicated it could accept it (ie, almost all browsers) saving 513 bandwidth and time. For clients that can't accept it, lws 514 automatically decompresses and serves the content in memory- 515 efficient chunks. Only a few hundred bytes of heap are needed 516 to serve any size file from inside the zip. See README.coding.md 517 518 - RAW file descriptors may now be adopted into the lws event loop, 519 independent of event backend (including poll service). 520 See README.coding.md 521 522 - RAW server socket descriptors may now be enabled on the vhost if 523 the first thing sent on the connection is not a valid http method. 524 The user code can associate these with a specific protocol per 525 vhost, and RAW-specific callbacks appear there for creation, rx, 526 writable and close. See libwebsockets-test-server-v2.0 for an example. 527 See README.coding.md 528 529 - RAW client connections are now possible using the method "RAW". 530 After connection, the socket is associated to the protocol 531 named in the client connection info and RAW-specific callbacks 532 appear there for creation, rx, writable and close. 533 See libwebsockets-test-client (with raw://) for an example. 534 See README.coding.md 535 536 537(for earlier changelogs, see the tagged releases) 538