libwebsockets
Lightweight C library for HTML5 websockets
Loading...
Searching...
No Matches
lws-context-vhost.h
Go to the documentation of this file.
1/*
2 * libwebsockets - small server side websockets and web server implementation
3 *
4 * Copyright (C) 2010 - 2021 Andy Green <andy@warmcat.com>
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to
8 * deal in the Software without restriction, including without limitation the
9 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
10 * sell copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
22 * IN THE SOFTWARE.
23 */
24
39
40/*
41 * NOTE: These public enums are part of the abi. If you want to add one,
42 * add it at where specified so existing users are unaffected.
43 */
44
45
46#define LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT ((1ll << 1) | \
47 (1ll << 12))
48
51#define LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME (1ll << 2)
53#define LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT ((1ll << 3) | \
54 (1ll << 12))
55
61#define LWS_SERVER_OPTION_LIBEV (1ll << 4)
63#define LWS_SERVER_OPTION_DISABLE_IPV6 (1ll << 5)
65#define LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS (1ll << 6)
68#define LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED (1ll << 7)
70#define LWS_SERVER_OPTION_VALIDATE_UTF8 (1ll << 8)
72#define LWS_SERVER_OPTION_SSL_ECDH ((1ll << 9) | \
73 (1ll << 12))
74
75#define LWS_SERVER_OPTION_LIBUV (1ll << 10)
77#define LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS ((1ll << 11) |\
78 (1ll << 12))
79
88#define LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT (1ll << 12)
90#define LWS_SERVER_OPTION_EXPLICIT_VHOSTS (1ll << 13)
93#define LWS_SERVER_OPTION_UNIX_SOCK (1ll << 14)
95#define LWS_SERVER_OPTION_STS (1ll << 15)
98#define LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY (1ll << 16)
100#define LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE (1ll << 17)
102#define LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN (1ll << 18)
108#define LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN (1ll << 19)
115#define LWS_SERVER_OPTION_FALLBACK_TO_RAW /* use below name */ (1ll << 20)
116#define LWS_SERVER_OPTION_FALLBACK_TO_APPLY_LISTEN_ACCEPT_CONFIG (1ll << 20)
128
129#define LWS_SERVER_OPTION_LIBEVENT (1ll << 21)
131
132#define LWS_SERVER_OPTION_ONLY_RAW /* Use below name instead */ (1ll << 22)
133#define LWS_SERVER_OPTION_ADOPT_APPLY_LISTEN_ACCEPT_CONFIG (1ll << 22)
146#define LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE (1ll << 23)
152#define LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX (1ll << 24)
159#define LWS_SERVER_OPTION_SKIP_PROTOCOL_INIT (1ll << 25)
164#define LWS_SERVER_OPTION_IGNORE_MISSING_CERT (1ll << 26)
170#define LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK (1ll << 27)
181#define LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE (1ll << 28)
197
198#define LWS_SERVER_OPTION_ALLOW_HTTP_ON_HTTPS_LISTENER (1ll << 29)
206#define LWS_SERVER_OPTION_FAIL_UPON_UNABLE_TO_BIND (1ll << 30)
210
211#define LWS_SERVER_OPTION_H2_JUST_FIX_WINDOW_UPDATE_OVERFLOW (1ll << 31)
214
215#define LWS_SERVER_OPTION_VH_H2_HALF_CLOSED_LONG_POLL (1ll << 32)
220
221#define LWS_SERVER_OPTION_GLIB (1ll << 33)
223
224#define LWS_SERVER_OPTION_H2_PRIOR_KNOWLEDGE (1ll << 34)
228
229#define LWS_SERVER_OPTION_NO_LWS_SYSTEM_STATES (1ll << 35)
232
233#define LWS_SERVER_OPTION_SS_PROXY (1ll << 36)
235
236#define LWS_SERVER_OPTION_SDEVENT (1ll << 37)
238
239#define LWS_SERVER_OPTION_ULOOP (1ll << 38)
241
242#define LWS_SERVER_OPTION_DISABLE_TLS_SESSION_CACHE (1ll << 39)
244
245
246 /****** add new things just above ---^ ******/
247
248
249#define lws_check_opt(c, f) ((((uint64_t)c) & ((uint64_t)f)) == ((uint64_t)f))
250
251struct lws_plat_file_ops;
252struct lws_ss_policy;
253struct lws_ss_plugin;
254struct lws_metric_policy;
255struct lws_sss_ops;
256
257typedef int (*lws_context_ready_cb_t)(struct lws_context *context);
258
259#if defined(LWS_WITH_NETWORK)
260typedef int (*lws_peer_limits_notify_t)(struct lws_context *ctx,
261 lws_sockfd_type sockfd,
262 lws_sockaddr46 *sa46);
263#endif
264
275#if defined(LWS_WITH_NETWORK)
276 const char *iface;
283 const struct lws_protocols *protocols;
289#if defined(LWS_ROLE_WS)
290 const struct lws_extension *extensions;
293#endif
294#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2)
295 const struct lws_token_limits *token_limits;
298 const char *http_proxy_address;
302 const struct lws_protocol_vhost_options *headers;
305
306 const struct lws_protocol_vhost_options *reject_service_keywords;
313 const struct lws_protocol_vhost_options *pvo;
316 const char *log_filepath;
319 const struct lws_http_mount *mounts;
321 const char *server_string;
324
325 const char *error_document_404;
329 int port;
341
342 unsigned int http_proxy_port;
344 unsigned int max_http_header_data2;
349 unsigned int max_http_header_pool2;
354
355 int keepalive_timeout;
359 uint32_t http2_settings[7];
365
366 unsigned short max_http_header_data;
369 unsigned short max_http_header_pool;
376
377#endif
378
379#if defined(LWS_WITH_TLS)
380 const char *ssl_private_key_password;
385 const char *ssl_cert_filepath;
397 const char *ssl_private_key_filepath;
416 const char *ssl_ca_filepath;
425 const char *ssl_cipher_list;
435 const char *ecdh_curve;
438 const char *tls1_3_plus_cipher_list;
445
446 const void *server_ssl_cert_mem;
450 const void *server_ssl_private_key_mem;
455 const void *server_ssl_ca_mem;
459
460 long ssl_options_set;
462 long ssl_options_clear;
464 int simultaneous_ssl_restriction;
467 int simultaneous_ssl_handshake_restriction;
469 int ssl_info_event_mask;
475 unsigned int server_ssl_cert_mem_len;
478 unsigned int server_ssl_private_key_mem_len;
480 unsigned int server_ssl_ca_mem_len;
482
483 const char *alpn;
490
491
492#if defined(LWS_WITH_CLIENT)
493 const char *client_ssl_private_key_password;
496 const char *client_ssl_cert_filepath;
499 const void *client_ssl_cert_mem;
502 unsigned int client_ssl_cert_mem_len;
505 const char *client_ssl_private_key_filepath;
511 const void *client_ssl_key_mem;
514 const char *client_ssl_ca_filepath;
516 const void *client_ssl_ca_mem;
519
520 const char *client_ssl_cipher_list;
524 const char *client_tls_1_3_plus_cipher_list;
530
531 long ssl_client_options_set;
533 long ssl_client_options_clear;
535
536
537 unsigned int client_ssl_ca_mem_len;
540 unsigned int client_ssl_key_mem_len;
543
544#endif
545
546#if !defined(LWS_WITH_MBEDTLS)
547 SSL_CTX *provided_client_ssl_ctx;
552#else /* WITH_MBEDTLS */
553 const char *mbedtls_client_preload_filepath;
563#endif
564#endif
565
566 int ka_time;
569 int ka_probes;
573 int ka_interval;
576 unsigned int timeout_secs;
581 unsigned int connect_timeout_secs;
585 int bind_iface;
596 unsigned int timeout_secs_ah_idle;
599#endif /* WITH_NETWORK */
600
601#if defined(LWS_WITH_TLS_SESSIONS)
602 uint32_t tls_session_timeout;
605 uint32_t tls_session_cache_max;
608#endif
609
610 gid_t gid;
613 uid_t uid;
616 uint64_t options;
618 void *user;
627 unsigned int count_threads;
645 const char *vhost_name;
652#if defined(LWS_WITH_PLUGINS)
653 const char * const *plugin_dirs;
656#endif
664
665
666 unsigned int pt_serv_buf_size;
672#if defined(LWS_WITH_FILE_OPS)
673 const struct lws_plat_file_ops *fops;
680#endif
681
682#if defined(LWS_WITH_SOCKS5)
683 const char *socks_proxy_address;
687 unsigned int socks_proxy_port;
691#endif
692
693#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
694 cap_value_t caps[4];
701 char count_caps;
704#endif
719 void (*signal_cb)(void *event_lib_handle, int signum);
725 struct lws_context **pcontext;
731 void (*finalize)(struct lws_vhost *vh, void *arg);
749 const struct lws_protocols **pprotocols;
759
760 const char *username;
762 const char *groupname;
764 const char *unix_socket_perms;
775#if defined(LWS_WITH_SYS_STATE)
776 lws_state_notify_link_t * const *register_notifier_list;
780#endif
781#if defined(LWS_WITH_SECURE_STREAMS)
782#if defined(LWS_WITH_SECURE_STREAMS_STATIC_POLICY_ONLY)
783 const struct lws_ss_policy *pss_policies;
785#else
786 const char *pss_policies_json;
793#endif
794 const struct lws_ss_plugin **pss_plugins;
797 const char *ss_proxy_bind;
802 const char *ss_proxy_address;
804 uint16_t ss_proxy_port; /* 0 = if connecting to ss proxy, do it via a
805 * Unix Domain Socket, "+@proxy.ss.lws" if ss_proxy_bind is NULL else
806 * the socket path given in ss_proxy_bind (start it with a + or +@);
807 * nonzero means connect via a tcp socket to the tcp address in
808 * ss_proxy_bind and the given port */
809 const struct lws_transport_proxy_ops *txp_ops_ssproxy;
812 const void *txp_ssproxy_info;
814 const struct lws_transport_client_ops *txp_ops_sspc;
817#endif
818
819#if defined(LWS_WITH_SECURE_STREAMS_PROXY_API)
820#endif
821
826#if defined(LWS_WITH_PEER_LIMITS)
827 lws_peer_limits_notify_t pl_notify_cb;
834 unsigned short ip_limit_ah;
842 unsigned short ip_limit_wsi;
849
850#endif /* PEER_LIMITS */
851
852#if defined(LWS_WITH_SYS_FAULT_INJECTION)
853 lws_fi_ctx_t fic;
860#endif
861
862#if defined(LWS_WITH_SYS_SMD)
863 lws_smd_notification_cb_t early_smd_cb;
870 void *early_smd_opaque;
871 lws_smd_class_t early_smd_class_filter;
872 lws_usec_t smd_ttl_us;
877 uint16_t smd_queue_depth;
880#endif
881
882#if defined(LWS_WITH_SYS_METRICS)
883 const struct lws_metric_policy *metrics_policies;
885 const char *metrics_prefix;
892#endif
893
899
909
910#if defined(LWS_WITH_TLS_JIT_TRUST)
911 size_t jitt_cache_max_footprint;
914 int vh_idle_grace_ms;
917#endif
918
922
923#if defined(LWS_WITH_CACHE_NSCOOKIEJAR) && defined(LWS_WITH_CLIENT)
924 const char *http_nsc_filepath;
926
927 size_t http_nsc_heap_max_footprint;
930 size_t http_nsc_heap_max_items;
933 size_t http_nsc_heap_max_payload;
936#endif
937
938#if defined(LWS_WITH_SYS_ASYNC_DNS)
939 const char **async_dns_servers;
945#endif
946
947#if defined(WIN32)
948 unsigned int win32_connect_check_interval_usec;
953#endif
954
961
969
970#if defined(LWS_WITH_NETWORK)
971 const char *wol_if;
973#endif
974
975 /* Add new things just above here ---^
976 * This is part of the ABI, don't needlessly break compatibility
977 *
978 * The below is to ensure later library versions with new
979 * members added above will see 0 (default) even if the app
980 * was not built against the newer headers.
981 */
982
983 void *_unused[2];
984};
985
1020LWS_VISIBLE LWS_EXTERN struct lws_context *
1022
1023
1033lws_context_destroy(struct lws_context *context);
1034
1035typedef int (*lws_reload_func)(void);
1036
1060lws_context_deprecate(struct lws_context *context, lws_reload_func cb);
1061
1063lws_context_is_deprecated(struct lws_context *context);
1064
1083lws_set_proxy(struct lws_vhost *vhost, const char *proxy);
1084
1103lws_set_socks(struct lws_vhost *vhost, const char *socks);
1104
1105struct lws_vhost;
1106
1116LWS_VISIBLE LWS_EXTERN struct lws_vhost *
1117lws_create_vhost(struct lws_context *context,
1118 const struct lws_context_creation_info *info);
1119
1139lws_vhost_destroy(struct lws_vhost *vh);
1140
1157 char **config_strings, int *len);
1158
1175lwsws_get_config_vhosts(struct lws_context *context,
1176 struct lws_context_creation_info *info, const char *d,
1177 char **config_strings, int *len);
1178
1184LWS_VISIBLE LWS_EXTERN struct lws_vhost *
1185lws_get_vhost(struct lws *wsi);
1186
1192LWS_VISIBLE LWS_EXTERN const char *
1193lws_get_vhost_name(struct lws_vhost *vhost);
1194
1203LWS_VISIBLE LWS_EXTERN struct lws_vhost *
1204lws_get_vhost_by_name(struct lws_context *context, const char *name);
1205
1212lws_get_vhost_port(struct lws_vhost *vhost);
1213
1220lws_get_vhost_user(struct lws_vhost *vhost);
1221
1227LWS_VISIBLE LWS_EXTERN const char *
1228lws_get_vhost_iface(struct lws_vhost *vhost);
1229
1239lws_vhost_user(struct lws_vhost *vhost);
1240
1251lws_context_user(struct lws_context *context);
1252
1253LWS_VISIBLE LWS_EXTERN const char *
1254lws_vh_tag(struct lws_vhost *vh);
1255
1258 const char *sspol);
1259
1261lws_default_loop_exit(struct lws_context *cx);
1262
1265
1267lws_cmdline_passfail(int argc, const char **argv, int actual);
1268
1280lws_systemd_inherited_fd(unsigned int index,
1281 struct lws_context_creation_info *info);
1282
1299lws_context_is_being_destroyed(struct lws_context *context);
1300
1307
1319
1334
1343
1345#define AUTH_MODE_MASK 0xF0000000
1346
1354 const char *mountpoint;
1356 const char *origin;
1358 const char *def;
1360 const char *protocol;
1362
1371
1376 unsigned int auth_mask;
1378
1379 unsigned int cache_reusable:1;
1380 unsigned int cache_revalidate:1;
1381 unsigned int cache_intermediaries:1;
1382 unsigned int cache_no:1;
1383
1384 unsigned char origin_protocol;
1385 unsigned char mountpoint_len;
1386
1389
1390 const char *cgi_chroot_path;
1392
1393 const char *cgi_wd;
1397
1406 unsigned int keepalive_timeout;
1410
1411 /* Add new things just above here ---^
1412 * This is part of the ABI, don't needlessly break compatibility
1413 */
1414};
1415
1417lws_vhost_set_mounts(struct lws_vhost *v, const struct lws_http_mount *mounts);
1418
const lws_system_ops_t * system_ops
const struct lws_plugin_evlib * event_lib_custom
void(* finalize)(struct lws_vhost *vh, void *arg)
const struct lws_protocols ** pprotocols
struct lws_context ** pcontext
const lws_retry_bo_t * retry_and_idle_policy
const struct lws_protocol_vhost_options * next
void(* signal_cb)(void *event_lib_handle, int signum)
const struct lws_protocol_vhost_options * options
LWS_VISIBLE LWS_EXTERN void lws_context_deprecate(struct lws_context *context, lws_reload_func cb)
LWS_VISIBLE LWS_EXTERN void lws_context_default_loop_run_destroy(struct lws_context *cx)
int(* lws_reload_func)(void)
LWS_VISIBLE LWS_EXTERN struct lws_vhost * lws_get_vhost(struct lws *wsi)
LWS_VISIBLE LWS_EXTERN int lwsws_get_config_vhosts(struct lws_context *context, struct lws_context_creation_info *info, const char *d, char **config_strings, int *len)
LWS_VISIBLE LWS_EXTERN struct lws_vhost * lws_create_vhost(struct lws_context *context, const struct lws_context_creation_info *info)
LWS_VISIBLE LWS_EXTERN int lws_cmdline_passfail(int argc, const char **argv, int actual)
LWS_VISIBLE LWS_EXTERN void * lws_vhost_user(struct lws_vhost *vhost)
LWS_VISIBLE LWS_EXTERN int lws_set_proxy(struct lws_vhost *vhost, const char *proxy)
LWS_VISIBLE LWS_EXTERN struct lws_context * lws_create_context(const struct lws_context_creation_info *info)
LWS_VISIBLE LWS_EXTERN void lws_default_loop_exit(struct lws_context *cx)
LWS_VISIBLE LWS_EXTERN void lws_context_destroy(struct lws_context *context)
LWS_VISIBLE LWS_EXTERN int lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d, char **config_strings, int *len)
LWS_VISIBLE LWS_EXTERN int lws_set_socks(struct lws_vhost *vhost, const char *socks)
LWS_VISIBLE LWS_EXTERN const char * lws_vh_tag(struct lws_vhost *vh)
LWS_VISIBLE LWS_EXTERN const char * lws_get_vhost_name(struct lws_vhost *vhost)
LWS_VISIBLE LWS_EXTERN struct lws_vhost * lws_get_vhost_by_name(struct lws_context *context, const char *name)
LWS_VISIBLE LWS_EXTERN int lws_get_vhost_port(struct lws_vhost *vhost)
LWS_VISIBLE LWS_EXTERN void lws_vhost_destroy(struct lws_vhost *vh)
LWS_VISIBLE LWS_EXTERN const char * lws_get_vhost_iface(struct lws_vhost *vhost)
LWS_VISIBLE LWS_EXTERN int lws_systemd_inherited_fd(unsigned int index, struct lws_context_creation_info *info)
LWS_VISIBLE LWS_EXTERN void _lws_context_info_defaults(struct lws_context_creation_info *info, const char *sspol)
LWS_VISIBLE LWS_EXTERN int lws_context_is_deprecated(struct lws_context *context)
LWS_VISIBLE LWS_EXTERN int lws_context_is_being_destroyed(struct lws_context *context)
LWS_VISIBLE LWS_EXTERN void * lws_context_user(struct lws_context *context)
LWS_VISIBLE LWS_EXTERN void * lws_get_vhost_user(struct lws_vhost *vhost)
int(* lws_context_ready_cb_t)(struct lws_context *context)
struct lws_log_cx lws_log_cx_t
const struct lws_http_mount * mount_next
const char * protocol
const struct lws_protocol_vhost_options * interpret
unsigned int keepalive_timeout
unsigned int cache_no
const char * basic_auth_login_file
const struct lws_protocol_vhost_options * extra_mimetypes
unsigned int auth_mask
unsigned char origin_protocol
unsigned int cache_reusable
const char * mountpoint
unsigned int cache_intermediaries
const char * cgi_chroot_path
unsigned char mountpoint_len
const struct lws_protocol_vhost_options * headers
unsigned int cache_revalidate
const struct lws_protocol_vhost_options * cgienv
lws_mount_protocols
LWS_VISIBLE LWS_EXTERN void lws_vhost_set_mounts(struct lws_vhost *v, const struct lws_http_mount *mounts)
lws_authentication_mode
@ LWSMPRO_NO_MOUNT
@ LWSMPRO_CGI
@ LWSMPRO_HTTP
@ LWSMPRO_FILE
@ LWSMPRO_REDIR_HTTPS
@ LWSMPRO_CALLBACK
@ LWSMPRO_REDIR_HTTP
@ LWSMPRO_HTTPS
@ LWSAUTHM_BASIC_AUTH_CALLBACK
@ LWSAUTHM_DEFAULT
unsigned short uint16_t
unsigned int uint32_t
#define LWS_EXTERN
int64_t lws_usec_t
int lws_sockfd_type
#define LWS_VISIBLE
struct lws_retry_bo lws_retry_bo_t
int(* lws_smd_notification_cb_t)(void *opaque, lws_smd_class_t _class, lws_usec_t timestamp, void *buf, size_t len)
Definition lws-smd.h:185
uint32_t lws_smd_class_t
Definition lws-smd.h:31
struct lws_system_ops lws_system_ops_t