libwebsockets
Lightweight C library for HTML5 websockets
lws-context-vhost.h
Go to the documentation of this file.
1 /*
2  * libwebsockets - small server side websockets and web server implementation
3  *
4  * Copyright (C) 2010 - 2021 Andy Green <andy@warmcat.com>
5  *
6  * Permission is hereby granted, free of charge, to any person obtaining a copy
7  * of this software and associated documentation files (the "Software"), to
8  * deal in the Software without restriction, including without limitation the
9  * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
10  * sell copies of the Software, and to permit persons to whom the Software is
11  * furnished to do so, subject to the following conditions:
12  *
13  * The above copyright notice and this permission notice shall be included in
14  * all copies or substantial portions of the Software.
15  *
16  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
22  * IN THE SOFTWARE.
23  */
24 
39 
40 /*
41  * NOTE: These public enums are part of the abi. If you want to add one,
42  * add it at where specified so existing users are unaffected.
43  */
44 
45 
46 #define LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT ((1ll << 1) | \
47  (1ll << 12))
51 #define LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME (1ll << 2)
53 #define LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT ((1ll << 3) | \
54  (1ll << 12))
61 #define LWS_SERVER_OPTION_LIBEV (1ll << 4)
63 #define LWS_SERVER_OPTION_DISABLE_IPV6 (1ll << 5)
65 #define LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS (1ll << 6)
68 #define LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED (1ll << 7)
70 #define LWS_SERVER_OPTION_VALIDATE_UTF8 (1ll << 8)
72 #define LWS_SERVER_OPTION_SSL_ECDH ((1ll << 9) | \
73  (1ll << 12))
75 #define LWS_SERVER_OPTION_LIBUV (1ll << 10)
77 #define LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS ((1ll << 11) |\
78  (1ll << 12))
88 #define LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT (1ll << 12)
90 #define LWS_SERVER_OPTION_EXPLICIT_VHOSTS (1ll << 13)
93 #define LWS_SERVER_OPTION_UNIX_SOCK (1ll << 14)
95 #define LWS_SERVER_OPTION_STS (1ll << 15)
98 #define LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY (1ll << 16)
100 #define LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE (1ll << 17)
102 #define LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN (1ll << 18)
108 #define LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN (1ll << 19)
115 #define LWS_SERVER_OPTION_FALLBACK_TO_RAW /* use below name */ (1ll << 20)
116 #define LWS_SERVER_OPTION_FALLBACK_TO_APPLY_LISTEN_ACCEPT_CONFIG (1ll << 20)
129 #define LWS_SERVER_OPTION_LIBEVENT (1ll << 21)
132 #define LWS_SERVER_OPTION_ONLY_RAW /* Use below name instead */ (1ll << 22)
133 #define LWS_SERVER_OPTION_ADOPT_APPLY_LISTEN_ACCEPT_CONFIG (1ll << 22)
146 #define LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE (1ll << 23)
152 #define LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX (1ll << 24)
159 #define LWS_SERVER_OPTION_SKIP_PROTOCOL_INIT (1ll << 25)
164 #define LWS_SERVER_OPTION_IGNORE_MISSING_CERT (1ll << 26)
170 #define LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK (1ll << 27)
181 #define LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE (1ll << 28)
198 #define LWS_SERVER_OPTION_ALLOW_HTTP_ON_HTTPS_LISTENER (1ll << 29)
206 #define LWS_SERVER_OPTION_FAIL_UPON_UNABLE_TO_BIND (1ll << 30)
211 #define LWS_SERVER_OPTION_H2_JUST_FIX_WINDOW_UPDATE_OVERFLOW (1ll << 31)
215 #define LWS_SERVER_OPTION_VH_H2_HALF_CLOSED_LONG_POLL (1ll << 32)
221 #define LWS_SERVER_OPTION_GLIB (1ll << 33)
224 #define LWS_SERVER_OPTION_H2_PRIOR_KNOWLEDGE (1ll << 34)
229 #define LWS_SERVER_OPTION_NO_LWS_SYSTEM_STATES (1ll << 35)
233 #define LWS_SERVER_OPTION_SS_PROXY (1ll << 36)
236 #define LWS_SERVER_OPTION_SDEVENT (1ll << 37)
239 #define LWS_SERVER_OPTION_ULOOP (1ll << 38)
242 #define LWS_SERVER_OPTION_DISABLE_TLS_SESSION_CACHE (1ll << 39)
246  /****** add new things just above ---^ ******/
247 
248 
249 #define lws_check_opt(c, f) ((((uint64_t)c) & ((uint64_t)f)) == ((uint64_t)f))
250 
251 struct lws_plat_file_ops;
252 struct lws_ss_policy;
253 struct lws_ss_plugin;
254 struct lws_metric_policy;
255 struct lws_sss_ops;
256 
257 typedef int (*lws_context_ready_cb_t)(struct lws_context *context);
258 
259 #if defined(LWS_WITH_NETWORK)
260 typedef int (*lws_peer_limits_notify_t)(struct lws_context *ctx,
261  lws_sockfd_type sockfd,
262  lws_sockaddr46 *sa46);
263 #endif
264 
275 #if defined(LWS_WITH_NETWORK)
276  const char *iface;
283  const struct lws_protocols *protocols;
289 #if defined(LWS_ROLE_WS)
290  const struct lws_extension *extensions;
293 #endif
294 #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2)
295  const struct lws_token_limits *token_limits;
298  const char *http_proxy_address;
302  const struct lws_protocol_vhost_options *headers;
306  const struct lws_protocol_vhost_options *reject_service_keywords;
313  const struct lws_protocol_vhost_options *pvo;
316  const char *log_filepath;
319  const struct lws_http_mount *mounts;
321  const char *server_string;
325  const char *error_document_404;
329  int port;
339  unsigned int http_proxy_port;
341  unsigned int max_http_header_data2;
346  unsigned int max_http_header_pool2;
352  int keepalive_timeout;
356  uint32_t http2_settings[7];
363  unsigned short max_http_header_data;
366  unsigned short max_http_header_pool;
374 #endif
375 
376 #if defined(LWS_WITH_TLS)
377  const char *ssl_private_key_password;
382  const char *ssl_cert_filepath;
394  const char *ssl_private_key_filepath;
413  const char *ssl_ca_filepath;
422  const char *ssl_cipher_list;
432  const char *ecdh_curve;
435  const char *tls1_3_plus_cipher_list;
443  const void *server_ssl_cert_mem;
447  const void *server_ssl_private_key_mem;
452  const void *server_ssl_ca_mem;
457  long ssl_options_set;
459  long ssl_options_clear;
461  int simultaneous_ssl_restriction;
464  int simultaneous_ssl_handshake_restriction;
466  int ssl_info_event_mask;
472  unsigned int server_ssl_cert_mem_len;
475  unsigned int server_ssl_private_key_mem_len;
477  unsigned int server_ssl_ca_mem_len;
480  const char *alpn;
489 #if defined(LWS_WITH_CLIENT)
490  const char *client_ssl_private_key_password;
493  const char *client_ssl_cert_filepath;
496  const void *client_ssl_cert_mem;
499  unsigned int client_ssl_cert_mem_len;
502  const char *client_ssl_private_key_filepath;
508  const void *client_ssl_key_mem;
511  const char *client_ssl_ca_filepath;
513  const void *client_ssl_ca_mem;
517  const char *client_ssl_cipher_list;
521  const char *client_tls_1_3_plus_cipher_list;
528  long ssl_client_options_set;
530  long ssl_client_options_clear;
534  unsigned int client_ssl_ca_mem_len;
537  unsigned int client_ssl_key_mem_len;
541 #endif
542 
543 #if !defined(LWS_WITH_MBEDTLS)
544  SSL_CTX *provided_client_ssl_ctx;
549 #else /* WITH_MBEDTLS */
550  const char *mbedtls_client_preload_filepath;
560 #endif
561 #endif
562 
563  int ka_time;
566  int ka_probes;
570  int ka_interval;
573  unsigned int timeout_secs;
578  unsigned int connect_timeout_secs;
582  int bind_iface;
593  unsigned int timeout_secs_ah_idle;
596 #endif /* WITH_NETWORK */
597 
598 #if defined(LWS_WITH_TLS_SESSIONS)
599  uint32_t tls_session_timeout;
602  uint32_t tls_session_cache_max;
605 #endif
606 
607  gid_t gid;
610  uid_t uid;
613  uint64_t options;
615  void *user;
624  unsigned int count_threads;
626  unsigned int fd_limit_per_thread;
642  const char *vhost_name;
649 #if defined(LWS_WITH_PLUGINS)
650  const char * const *plugin_dirs;
653 #endif
663  unsigned int pt_serv_buf_size;
669 #if defined(LWS_WITH_FILE_OPS)
670  const struct lws_plat_file_ops *fops;
677 #endif
678 
679 #if defined(LWS_WITH_SOCKS5)
680  const char *socks_proxy_address;
684  unsigned int socks_proxy_port;
688 #endif
689 
690 #if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
691  cap_value_t caps[4];
698  char count_caps;
701 #endif
716  void (*signal_cb)(void *event_lib_handle, int signum);
722  struct lws_context **pcontext;
728  void (*finalize)(struct lws_vhost *vh, void *arg);
737  const char *listen_accept_role;
746  const struct lws_protocols **pprotocols;
757  const char *username;
759  const char *groupname;
761  const char *unix_socket_perms;
772 #if defined(LWS_WITH_SYS_STATE)
773  lws_state_notify_link_t * const *register_notifier_list;
777 #endif
778 #if defined(LWS_WITH_SECURE_STREAMS)
779 #if defined(LWS_WITH_SECURE_STREAMS_STATIC_POLICY_ONLY)
780  const struct lws_ss_policy *pss_policies;
782 #else
783  const char *pss_policies_json;
790 #endif
791  const struct lws_ss_plugin **pss_plugins;
794  const char *ss_proxy_bind;
799  const char *ss_proxy_address;
801  uint16_t ss_proxy_port; /* 0 = if connecting to ss proxy, do it via a
802  * Unix Domain Socket, "+@proxy.ss.lws" if ss_proxy_bind is NULL else
803  * the socket path given in ss_proxy_bind (start it with a + or +@);
804  * nonzero means connect via a tcp socket to the tcp address in
805  * ss_proxy_bind and the given port */
806  const struct lws_transport_proxy_ops *txp_ops_ssproxy;
809  const void *txp_ssproxy_info;
811  const struct lws_transport_client_ops *txp_ops_sspc;
814 #endif
815 
816 #if defined(LWS_WITH_SECURE_STREAMS_PROXY_API)
817 #endif
818 
823 #if defined(LWS_WITH_PEER_LIMITS)
824  lws_peer_limits_notify_t pl_notify_cb;
831  unsigned short ip_limit_ah;
839  unsigned short ip_limit_wsi;
847 #endif /* PEER_LIMITS */
848 
849 #if defined(LWS_WITH_SYS_FAULT_INJECTION)
850  lws_fi_ctx_t fic;
857 #endif
858 
859 #if defined(LWS_WITH_SYS_SMD)
860  lws_smd_notification_cb_t early_smd_cb;
867  void *early_smd_opaque;
868  lws_smd_class_t early_smd_class_filter;
869  lws_usec_t smd_ttl_us;
874  uint16_t smd_queue_depth;
877 #endif
878 
879 #if defined(LWS_WITH_SYS_METRICS)
880  const struct lws_metric_policy *metrics_policies;
882  const char *metrics_prefix;
889 #endif
890 
907 #if defined(LWS_WITH_TLS_JIT_TRUST)
908  size_t jitt_cache_max_footprint;
911  int vh_idle_grace_ms;
914 #endif
915 
920 #if defined(LWS_WITH_CACHE_NSCOOKIEJAR) && defined(LWS_WITH_CLIENT)
921  const char *http_nsc_filepath;
924  size_t http_nsc_heap_max_footprint;
927  size_t http_nsc_heap_max_items;
930  size_t http_nsc_heap_max_payload;
933 #endif
934 
935 #if defined(LWS_WITH_SYS_ASYNC_DNS)
936  const char **async_dns_servers;
942 #endif
943 
944 #if defined(WIN32)
945  unsigned int win32_connect_check_interval_usec;
950 #endif
951 
952  /* Add new things just above here ---^
953  * This is part of the ABI, don't needlessly break compatibility
954  *
955  * The below is to ensure later library versions with new
956  * members added above will see 0 (default) even if the app
957  * was not built against the newer headers.
958  */
959 
960  void *_unused[2];
961 };
962 
997 LWS_VISIBLE LWS_EXTERN struct lws_context *
999 
1000 
1010 lws_context_destroy(struct lws_context *context);
1011 
1012 typedef int (*lws_reload_func)(void);
1013 
1037 lws_context_deprecate(struct lws_context *context, lws_reload_func cb);
1038 
1040 lws_context_is_deprecated(struct lws_context *context);
1041 
1060 lws_set_proxy(struct lws_vhost *vhost, const char *proxy);
1061 
1080 lws_set_socks(struct lws_vhost *vhost, const char *socks);
1081 
1082 struct lws_vhost;
1083 
1093 LWS_VISIBLE LWS_EXTERN struct lws_vhost *
1094 lws_create_vhost(struct lws_context *context,
1095  const struct lws_context_creation_info *info);
1096 
1116 lws_vhost_destroy(struct lws_vhost *vh);
1117 
1134  char **config_strings, int *len);
1135 
1152 lwsws_get_config_vhosts(struct lws_context *context,
1153  struct lws_context_creation_info *info, const char *d,
1154  char **config_strings, int *len);
1155 
1161 LWS_VISIBLE LWS_EXTERN struct lws_vhost *
1162 lws_get_vhost(struct lws *wsi);
1163 
1169 LWS_VISIBLE LWS_EXTERN const char *
1170 lws_get_vhost_name(struct lws_vhost *vhost);
1171 
1180 LWS_VISIBLE LWS_EXTERN struct lws_vhost *
1181 lws_get_vhost_by_name(struct lws_context *context, const char *name);
1182 
1189 lws_get_vhost_port(struct lws_vhost *vhost);
1190 
1196 LWS_VISIBLE LWS_EXTERN void *
1197 lws_get_vhost_user(struct lws_vhost *vhost);
1198 
1204 LWS_VISIBLE LWS_EXTERN const char *
1205 lws_get_vhost_iface(struct lws_vhost *vhost);
1206 
1215 LWS_VISIBLE LWS_EXTERN void *
1216 lws_vhost_user(struct lws_vhost *vhost);
1217 
1227 LWS_VISIBLE LWS_EXTERN void *
1228 lws_context_user(struct lws_context *context);
1229 
1230 LWS_VISIBLE LWS_EXTERN const char *
1231 lws_vh_tag(struct lws_vhost *vh);
1232 
1235  const char *sspol);
1236 
1238 lws_default_loop_exit(struct lws_context *cx);
1239 
1242 
1244 lws_cmdline_passfail(int argc, const char **argv, int actual);
1245 
1262 lws_context_is_being_destroyed(struct lws_context *context);
1263 
1270 
1279  const char *name;
1280  const char *value;
1281 };
1282 
1295 };
1296 
1303  LWSAUTHM_BASIC_AUTH_CALLBACK = 1 << 28
1304 };
1305 
1307 #define AUTH_MODE_MASK 0xF0000000
1308 
1316  const char *mountpoint;
1318  const char *origin;
1320  const char *def;
1322  const char *protocol;
1338  unsigned int auth_mask;
1341  unsigned int cache_reusable:1;
1342  unsigned int cache_revalidate:1;
1343  unsigned int cache_intermediaries:1;
1344  unsigned int cache_no:1;
1346  unsigned char origin_protocol;
1347  unsigned char mountpoint_len;
1352  /* Add new things just above here ---^
1353  * This is part of the ABI, don't needlessly break compatibility
1354  */
1355 };
1356 
const struct lws_protocol_vhost_options * next
const struct lws_protocol_vhost_options * options
LWS_VISIBLE LWS_EXTERN struct lws_vhost * lws_get_vhost(struct lws *wsi)
LWS_VISIBLE LWS_EXTERN void lws_context_deprecate(struct lws_context *context, lws_reload_func cb)
LWS_VISIBLE LWS_EXTERN void lws_context_default_loop_run_destroy(struct lws_context *cx)
int(* lws_reload_func)(void)
LWS_VISIBLE LWS_EXTERN int lwsws_get_config_vhosts(struct lws_context *context, struct lws_context_creation_info *info, const char *d, char **config_strings, int *len)
LWS_VISIBLE LWS_EXTERN const char * lws_get_vhost_name(struct lws_vhost *vhost)
LWS_VISIBLE LWS_EXTERN int lws_cmdline_passfail(int argc, const char **argv, int actual)
LWS_VISIBLE LWS_EXTERN void * lws_get_vhost_user(struct lws_vhost *vhost)
LWS_VISIBLE LWS_EXTERN const char * lws_vh_tag(struct lws_vhost *vh)
LWS_VISIBLE LWS_EXTERN struct lws_vhost * lws_get_vhost_by_name(struct lws_context *context, const char *name)
LWS_VISIBLE LWS_EXTERN int lws_set_proxy(struct lws_vhost *vhost, const char *proxy)
LWS_VISIBLE LWS_EXTERN void lws_default_loop_exit(struct lws_context *cx)
LWS_VISIBLE LWS_EXTERN const char * lws_get_vhost_iface(struct lws_vhost *vhost)
LWS_VISIBLE LWS_EXTERN void lws_context_destroy(struct lws_context *context)
LWS_VISIBLE LWS_EXTERN int lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d, char **config_strings, int *len)
LWS_VISIBLE LWS_EXTERN int lws_set_socks(struct lws_vhost *vhost, const char *socks)
LWS_VISIBLE LWS_EXTERN struct lws_context * lws_create_context(const struct lws_context_creation_info *info)
LWS_VISIBLE LWS_EXTERN int lws_get_vhost_port(struct lws_vhost *vhost)
LWS_VISIBLE LWS_EXTERN struct lws_vhost * lws_create_vhost(struct lws_context *context, const struct lws_context_creation_info *info)
LWS_VISIBLE LWS_EXTERN void lws_vhost_destroy(struct lws_vhost *vh)
LWS_VISIBLE LWS_EXTERN void * lws_vhost_user(struct lws_vhost *vhost)
LWS_VISIBLE LWS_EXTERN void _lws_context_info_defaults(struct lws_context_creation_info *info, const char *sspol)
LWS_VISIBLE LWS_EXTERN void * lws_context_user(struct lws_context *context)
LWS_VISIBLE LWS_EXTERN int lws_context_is_deprecated(struct lws_context *context)
LWS_VISIBLE LWS_EXTERN int lws_context_is_being_destroyed(struct lws_context *context)
int(* lws_context_ready_cb_t)(struct lws_context *context)
const struct lws_http_mount * mount_next
const char * protocol
const struct lws_protocol_vhost_options * interpret
const char * origin
unsigned int cache_no
const char * basic_auth_login_file
const struct lws_protocol_vhost_options * extra_mimetypes
unsigned int auth_mask
unsigned char origin_protocol
unsigned int cache_reusable
const char * mountpoint
unsigned int cache_intermediaries
unsigned char mountpoint_len
unsigned int cache_revalidate
const struct lws_protocol_vhost_options * cgienv
lws_mount_protocols
lws_authentication_mode
@ LWSMPRO_CGI
@ LWSMPRO_HTTP
@ LWSMPRO_FILE
@ LWSMPRO_REDIR_HTTPS
@ LWSMPRO_CALLBACK
@ LWSMPRO_REDIR_HTTP
@ LWSMPRO_HTTPS
@ LWSAUTHM_BASIC_AUTH_CALLBACK
@ LWSAUTHM_DEFAULT
unsigned short uint16_t
unsigned int uint32_t
#define LWS_EXTERN
int64_t lws_usec_t
int lws_sockfd_type
#define LWS_VISIBLE
int(* lws_smd_notification_cb_t)(void *opaque, lws_smd_class_t _class, lws_usec_t timestamp, void *buf, size_t len)
Definition: lws-smd.h:185
uint32_t lws_smd_class_t
Definition: lws-smd.h:31
const lws_system_ops_t * system_ops
const struct lws_plugin_evlib * event_lib_custom
void(* finalize)(struct lws_vhost *vh, void *arg)
const struct lws_protocols ** pprotocols
struct lws_context ** pcontext
const lws_retry_bo_t * retry_and_idle_policy
void(* signal_cb)(void *event_lib_handle, int signum)