libwebsockets
Lightweight C library for HTML5 websockets
lws-context-vhost.h
1 /*
2  * libwebsockets - small server side websockets and web server implementation
3  *
4  * Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
5  *
6  * Permission is hereby granted, free of charge, to any person obtaining a copy
7  * of this software and associated documentation files (the "Software"), to
8  * deal in the Software without restriction, including without limitation the
9  * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
10  * sell copies of the Software, and to permit persons to whom the Software is
11  * furnished to do so, subject to the following conditions:
12  *
13  * The above copyright notice and this permission notice shall be included in
14  * all copies or substantial portions of the Software.
15  *
16  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
22  * IN THE SOFTWARE.
23  */
24 
38 
40 /*
41  * NOTE: These public enums are part of the abi. If you want to add one,
42  * add it at where specified so existing users are unaffected.
43  */
44 
45 
46 #define LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT ((1ll << 1) | \
47  (1ll << 12))
48 
51 #define LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME (1ll << 2)
52 
53 #define LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT ((1ll << 3) | \
54  (1ll << 12))
55 
61 #define LWS_SERVER_OPTION_LIBEV (1ll << 4)
62 
63 #define LWS_SERVER_OPTION_DISABLE_IPV6 (1ll << 5)
64 
65 #define LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS (1ll << 6)
66 
68 #define LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED (1ll << 7)
69 
70 #define LWS_SERVER_OPTION_VALIDATE_UTF8 (1ll << 8)
71 
72 #define LWS_SERVER_OPTION_SSL_ECDH ((1ll << 9) | \
73  (1ll << 12))
74 
75 #define LWS_SERVER_OPTION_LIBUV (1ll << 10)
76 
77 #define LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS ((1ll << 11) |\
78  (1ll << 12))
79 
88 #define LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT (1ll << 12)
89 
90 #define LWS_SERVER_OPTION_EXPLICIT_VHOSTS (1ll << 13)
91 
93 #define LWS_SERVER_OPTION_UNIX_SOCK (1ll << 14)
94 
95 #define LWS_SERVER_OPTION_STS (1ll << 15)
96 
98 #define LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY (1ll << 16)
99 
100 #define LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE (1ll << 17)
101 
102 #define LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN (1ll << 18)
103 
108 #define LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN (1ll << 19)
109 
115 #define LWS_SERVER_OPTION_FALLBACK_TO_RAW /* use below name */ (1ll << 20)
116 #define LWS_SERVER_OPTION_FALLBACK_TO_APPLY_LISTEN_ACCEPT_CONFIG (1ll << 20)
117 
129 #define LWS_SERVER_OPTION_LIBEVENT (1ll << 21)
130 
132 #define LWS_SERVER_OPTION_ONLY_RAW /* Use below name instead */ (1ll << 22)
133 #define LWS_SERVER_OPTION_ADOPT_APPLY_LISTEN_ACCEPT_CONFIG (1ll << 22)
134 
146 #define LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE (1ll << 23)
147 
152 #define LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX (1ll << 24)
153 
159 #define LWS_SERVER_OPTION_SKIP_PROTOCOL_INIT (1ll << 25)
160 
164 #define LWS_SERVER_OPTION_IGNORE_MISSING_CERT (1ll << 26)
165 
170 #define LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK (1ll << 27)
171 
181 #define LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE (1ll << 28)
182 
198 #define LWS_SERVER_OPTION_ALLOW_HTTP_ON_HTTPS_LISTENER (1ll << 29)
199 
206 #define LWS_SERVER_OPTION_FAIL_UPON_UNABLE_TO_BIND (1ll << 30)
207 
211 #define LWS_SERVER_OPTION_H2_JUST_FIX_WINDOW_UPDATE_OVERFLOW (1ll << 31)
212 
215 #define LWS_SERVER_OPTION_VH_H2_HALF_CLOSED_LONG_POLL (1ll << 32)
216 
221  /****** add new things just above ---^ ******/
222 
223 
224 #define lws_check_opt(c, f) ((((uint64_t)c) & ((uint64_t)f)) == ((uint64_t)f))
225 
226 struct lws_plat_file_ops;
227 
238  int port;
247  const char *iface;
254  const struct lws_protocols *protocols;
260  const struct lws_extension *extensions;
271  const char *ssl_cert_filepath;
297  const char *ssl_ca_filepath;
306  const char *ssl_cipher_list;
316  const char *http_proxy_address;
320  unsigned int http_proxy_port;
322  int gid;
325  int uid;
328  uint64_t options;
330  void *user;
339  int ka_time;
349 #if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS)
350  SSL_CTX *provided_client_ssl_ctx;
355 #else /* maintain structure layout either way */
357 #endif
358 
359  unsigned short max_http_header_data;
362  unsigned short max_http_header_pool;
370  unsigned int count_threads;
372  unsigned int fd_limit_per_thread;
388  unsigned int timeout_secs;
393  const char *ecdh_curve;
396  const char *vhost_name;
400  const char * const *plugin_dirs;
410  const char *log_filepath;
413  const struct lws_http_mount *mounts;
415  const char *server_string;
418  unsigned int pt_serv_buf_size;
424  unsigned int max_http_header_data2;
433  unsigned short ws_ping_pong_interval;
470  const void *client_ssl_cert_mem;
484  const void *client_ssl_ca_mem;
487  unsigned int client_ssl_ca_mem_len;
496  const struct lws_plat_file_ops *fops;
506  const char *socks_proxy_address;
510  unsigned int socks_proxy_port;
512 #if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
513  cap_value_t caps[4];
520  char count_caps;
523 #endif
541  unsigned int timeout_secs_ah_idle;
544  unsigned short ip_limit_ah;
552  unsigned short ip_limit_wsi;
559  uint32_t http2_settings[7];
565  const char *error_document_404;
569  const char *alpn;
590  void (*signal_cb)(void *event_lib_handle, int signum);
596  struct lws_context **pcontext;
602  void (*finalize)(struct lws_vhost *vh, void *arg);
611  unsigned int max_http_header_pool2;
635  const char *listen_accept_role;
644  const struct lws_protocols **pprotocols;
655  const void *server_ssl_cert_mem;
669  const void *server_ssl_ca_mem;
673  unsigned int server_ssl_ca_mem_len;
675  const char *username;
677  const char *groupname;
679  const char *unix_socket_perms;
686  det_lat_buf_cb_t detailed_latency_cb;
696  /* Add new things just above here ---^
697  * This is part of the ABI, don't needlessly break compatibility
698  *
699  * The below is to ensure later library versions with new
700  * members added above will see 0 (default) even if the app
701  * was not built against the newer headers.
702  */
703 
704  void *_unused[4];
705 };
706 
741 LWS_VISIBLE LWS_EXTERN struct lws_context *
743 
744 
753 LWS_VISIBLE LWS_EXTERN void
754 lws_context_destroy(struct lws_context *context);
755 
756 typedef int (*lws_reload_func)(void);
757 
780 LWS_VISIBLE LWS_EXTERN void
781 lws_context_deprecate(struct lws_context *context, lws_reload_func cb);
782 
783 LWS_VISIBLE LWS_EXTERN int
784 lws_context_is_deprecated(struct lws_context *context);
785 
803 LWS_VISIBLE LWS_EXTERN int
804 lws_set_proxy(struct lws_vhost *vhost, const char *proxy);
805 
823 LWS_VISIBLE LWS_EXTERN int
824 lws_set_socks(struct lws_vhost *vhost, const char *socks);
825 
826 struct lws_vhost;
827 
837 LWS_VISIBLE LWS_EXTERN struct lws_vhost *
838 lws_create_vhost(struct lws_context *context,
839  const struct lws_context_creation_info *info);
840 
859 LWS_VISIBLE LWS_EXTERN void
860 lws_vhost_destroy(struct lws_vhost *vh);
861 
876 LWS_VISIBLE LWS_EXTERN int
877 lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d,
878  char **config_strings, int *len);
879 
895 LWS_VISIBLE LWS_EXTERN int
896 lwsws_get_config_vhosts(struct lws_context *context,
897  struct lws_context_creation_info *info, const char *d,
898  char **config_strings, int *len);
899 
905 LWS_VISIBLE LWS_EXTERN struct lws_vhost *
906 lws_get_vhost(struct lws *wsi);
907 
913 LWS_VISIBLE LWS_EXTERN const char *
914 lws_get_vhost_name(struct lws_vhost *vhost);
915 
924 LWS_VISIBLE LWS_EXTERN struct lws_vhost *
925 lws_get_vhost_by_name(struct lws_context *context, const char *name);
926 
932 LWS_VISIBLE LWS_EXTERN int
933 lws_get_vhost_port(struct lws_vhost *vhost);
934 
940 LWS_VISIBLE LWS_EXTERN void *
941 lws_get_vhost_user(struct lws_vhost *vhost);
942 
948 LWS_VISIBLE LWS_EXTERN const char *
949 lws_get_vhost_iface(struct lws_vhost *vhost);
950 
958 LWS_VISIBLE LWS_EXTERN int
959 lws_json_dump_vhost(const struct lws_vhost *vh, char *buf, int len);
960 
971 LWS_VISIBLE LWS_EXTERN int
972 lws_json_dump_context(const struct lws_context *context, char *buf, int len,
973  int hide_vhosts);
974 
983 LWS_VISIBLE LWS_EXTERN void *
984 lws_vhost_user(struct lws_vhost *vhost);
985 
995 LWS_VISIBLE LWS_EXTERN void *
996 lws_context_user(struct lws_context *context);
997 
1003 
1013  const char *name;
1014  const char *value;
1015 };
1016 
1029 };
1030 
1038  const char *mountpoint;
1040  const char *origin;
1042  const char *def;
1044  const char *protocol;
1060  unsigned int auth_mask;
1063  unsigned int cache_reusable:1;
1064  unsigned int cache_revalidate:1;
1065  unsigned int cache_intermediaries:1;
1067  unsigned char origin_protocol;
1068  unsigned char mountpoint_len;
1073  /* Add new things just above here ---^
1074  * This is part of the ABI, don't needlessly break compatibility
1075  *
1076  * The below is to ensure later library versions with new
1077  * members added above will see 0 (default) even if the app
1078  * was not built against the newer headers.
1079  */
1080 
1081  void *_unused[2];
1082 };
1083 
LWS_VISIBLE LWS_EXTERN const char * lws_get_vhost_iface(struct lws_vhost *vhost)
Definition: lws-context-vhost.h:1025
const char * groupname
Definition: lws-context-vhost.h:677
unsigned int auth_mask
Definition: lws-context-vhost.h:1060
const char * listen_accept_role
Definition: lws-context-vhost.h:635
void ** foreign_loops
Definition: lws-context-vhost.h:576
const char * client_ssl_private_key_password
Definition: lws-context-vhost.h:464
void(* signal_cb)(void *event_lib_handle, int signum)
Definition: lws-context-vhost.h:590
unsigned short ip_limit_wsi
Definition: lws-context-vhost.h:552
unsigned int cache_intermediaries
Definition: lws-context-vhost.h:1065
const struct lws_http_mount * mounts
Definition: lws-context-vhost.h:413
int ssl_info_event_mask
Definition: lws-context-vhost.h:535
const char * value
Definition: lws-context-vhost.h:1014
const char * protocol
Definition: lws-context-vhost.h:1044
const void * server_ssl_ca_mem
Definition: lws-context-vhost.h:669
LWS_VISIBLE LWS_EXTERN int lws_json_dump_vhost(const struct lws_vhost *vh, char *buf, int len)
int cache_max_age
Definition: lws-context-vhost.h:1058
long ssl_options_clear
Definition: lws-context-vhost.h:431
LWS_VISIBLE LWS_EXTERN struct lws_context * lws_create_context(const struct lws_context_creation_info *info)
void(* finalize)(struct lws_vhost *vh, void *arg)
Definition: lws-context-vhost.h:602
Definition: lws-context-vhost.h:237
const char * client_ssl_private_key_filepath
Definition: lws-context-vhost.h:476
LWS_VISIBLE LWS_EXTERN void lws_context_destroy(struct lws_context *context)
LWS_VISIBLE LWS_EXTERN void lws_context_deprecate(struct lws_context *context, lws_reload_func cb)
const lws_system_ops_t * system_ops
Definition: lws-context-vhost.h:683
uint64_t options
Definition: lws-context-vhost.h:328
unsigned int pt_serv_buf_size
Definition: lws-context-vhost.h:418
int ka_time
Definition: lws-context-vhost.h:339
unsigned short ws_ping_pong_interval
Definition: lws-context-vhost.h:433
LWS_VISIBLE LWS_EXTERN int lws_set_socks(struct lws_vhost *vhost, const char *socks)
const char * client_ssl_cert_filepath
Definition: lws-context-vhost.h:467
Definition: lws-context-vhost.h:1010
const void * client_ssl_cert_mem
Definition: lws-context-vhost.h:470
uint32_t http2_settings[7]
Definition: lws-context-vhost.h:559
Definition: lws-context-vhost.h:1035
const char * def
Definition: lws-context-vhost.h:1042
unsigned int client_ssl_ca_mem_len
Definition: lws-context-vhost.h:487
Definition: lws-context-vhost.h:1023
const char * username
Definition: lws-context-vhost.h:675
LWS_VISIBLE LWS_EXTERN int lws_json_dump_context(const struct lws_context *context, char *buf, int len, int hide_vhosts)
const void * server_ssl_private_key_mem
Definition: lws-context-vhost.h:662
const char * ssl_private_key_password
Definition: lws-context-vhost.h:266
const struct lws_http_mount * mount_next
Definition: lws-context-vhost.h:1036
LWS_VISIBLE LWS_EXTERN int lws_get_vhost_port(struct lws_vhost *vhost)
const struct lws_protocol_vhost_options * extra_mimetypes
Definition: lws-context-vhost.h:1051
unsigned int server_ssl_private_key_mem_len
Definition: lws-context-vhost.h:667
unsigned int socks_proxy_port
Definition: lws-context-vhost.h:510
unsigned int cache_reusable
Definition: lws-context-vhost.h:1063
const char * client_ssl_cipher_list
Definition: lws-context-vhost.h:491
void * provided_client_ssl_ctx
Definition: lws-context-vhost.h:356
LWS_VISIBLE LWS_EXTERN struct lws_vhost * lws_get_vhost(struct lws *wsi)
int ka_probes
Definition: lws-context-vhost.h:342
Definition: lws-ws-ext.h:139
const lws_retry_bo_t * retry_and_idle_policy
Definition: lws-context-vhost.h:691
struct lws_context ** pcontext
Definition: lws-context-vhost.h:596
unsigned char origin_protocol
Definition: lws-context-vhost.h:1067
const char * log_filepath
Definition: lws-context-vhost.h:410
unsigned int timeout_secs_ah_idle
Definition: lws-context-vhost.h:541
const char * unix_socket_perms
Definition: lws-context-vhost.h:679
const void * server_ssl_cert_mem
Definition: lws-context-vhost.h:655
LWS_VISIBLE LWS_EXTERN void lws_vhost_destroy(struct lws_vhost *vh)
const char *const * plugin_dirs
Definition: lws-context-vhost.h:400
const char * error_document_404
Definition: lws-context-vhost.h:565
const struct lws_protocol_vhost_options * cgienv
Definition: lws-context-vhost.h:1047
const char * name
Definition: lws-context-vhost.h:1013
unsigned char mountpoint_len
Definition: lws-context-vhost.h:1068
Definition: lws-context-vhost.h:1024
const struct lws_extension * extensions
Definition: lws-context-vhost.h:260
const struct lws_protocols * protocols
Definition: lws-context-vhost.h:254
LWS_VISIBLE LWS_EXTERN int lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d, char **config_strings, int *len)
const char * ssl_cipher_list
Definition: lws-context-vhost.h:306
const char * mountpoint
Definition: lws-context-vhost.h:1038
const char * http_proxy_address
Definition: lws-context-vhost.h:316
int simultaneous_ssl_restriction
Definition: lws-context-vhost.h:503
const struct lws_plat_file_ops * fops
Definition: lws-context-vhost.h:496
const char * ssl_cert_filepath
Definition: lws-context-vhost.h:271
const char * ecdh_curve
Definition: lws-context-vhost.h:393
LWS_VISIBLE LWS_EXTERN const char * lws_get_vhost_name(struct lws_vhost *vhost)
int cgi_timeout
Definition: lws-context-vhost.h:1056
const char * tls1_3_plus_cipher_list
Definition: lws-context-vhost.h:622
Definition: lws-context-vhost.h:1026
LWS_VISIBLE LWS_EXTERN int lwsws_get_config_vhosts(struct lws_context *context, struct lws_context_creation_info *info, const char *d, char **config_strings, int *len)
unsigned int cache_revalidate
Definition: lws-context-vhost.h:1064
long ssl_client_options_set
Definition: lws-context-vhost.h:617
const struct lws_protocol_vhost_options * reject_service_keywords
Definition: lws-context-vhost.h:449
Definition: lws-system.h:47
const char * socks_proxy_address
Definition: lws-context-vhost.h:506
Definition: lws-retry.h:25
LWS_VISIBLE LWS_EXTERN void * lws_vhost_user(struct lws_vhost *vhost)
Definition: lws-protocols-plugins.h:44
unsigned int count_threads
Definition: lws-context-vhost.h:370
const char * server_string
Definition: lws-context-vhost.h:415
const char * vhost_name
Definition: lws-context-vhost.h:396
Definition: lws-context-vhost.h:1027
unsigned int fd_limit_per_thread
Definition: lws-context-vhost.h:372
LWS_VISIBLE LWS_EXTERN void * lws_get_vhost_user(struct lws_vhost *vhost)
int ka_interval
Definition: lws-context-vhost.h:346
LWS_VISIBLE LWS_EXTERN struct lws_vhost * lws_create_vhost(struct lws_context *context, const struct lws_context_creation_info *info)
int uid
Definition: lws-context-vhost.h:325
LWS_VISIBLE LWS_EXTERN void * lws_context_user(struct lws_context *context)
void * _unused[4]
Definition: lws-context-vhost.h:704
void * _unused[2]
Definition: lws-context-vhost.h:1081
unsigned int http_proxy_port
Definition: lws-context-vhost.h:320
unsigned int timeout_secs
Definition: lws-context-vhost.h:388
int port
Definition: lws-context-vhost.h:238
const struct lws_protocols ** pprotocols
Definition: lws-context-vhost.h:644
const struct lws_protocol_vhost_options * options
Definition: lws-context-vhost.h:1012
int keepalive_timeout
Definition: lws-context-vhost.h:406
const struct lws_protocol_vhost_options * headers
Definition: lws-context-vhost.h:445
Definition: lws-http.h:336
const struct lws_protocol_vhost_options * pvo
Definition: lws-context-vhost.h:403
const char * basic_auth_login_file
Definition: lws-context-vhost.h:1070
const char * iface
Definition: lws-context-vhost.h:247
Definition: lws-vfs.h:95
unsigned int max_http_header_pool2
Definition: lws-context-vhost.h:611
const void * client_ssl_ca_mem
Definition: lws-context-vhost.h:484
const char * client_tls_1_3_plus_cipher_list
Definition: lws-context-vhost.h:629
const char * origin
Definition: lws-context-vhost.h:1040
const char * listen_accept_protocol
Definition: lws-context-vhost.h:640
LWS_VISIBLE LWS_EXTERN int lws_set_proxy(struct lws_vhost *vhost, const char *proxy)
unsigned int server_ssl_cert_mem_len
Definition: lws-context-vhost.h:659
long ssl_client_options_clear
Definition: lws-context-vhost.h:619
long ssl_options_set
Definition: lws-context-vhost.h:429
det_lat_buf_cb_t detailed_latency_cb
Definition: lws-context-vhost.h:686
lws_mount_protocols
Definition: lws-context-vhost.h:1021
const char * client_ssl_ca_filepath
Definition: lws-context-vhost.h:482
unsigned int max_http_header_data2
Definition: lws-context-vhost.h:424
Definition: lws-context-vhost.h:1022
const struct lws_protocol_vhost_options * interpret
Definition: lws-context-vhost.h:1053
unsigned short max_http_header_data
Definition: lws-context-vhost.h:359
void * external_baggage_free_on_destroy
Definition: lws-context-vhost.h:456
unsigned short ip_limit_ah
Definition: lws-context-vhost.h:544
const struct lws_token_limits * token_limits
Definition: lws-context-vhost.h:263
Definition: lws-context-vhost.h:1028
const char * alpn
Definition: lws-context-vhost.h:569
void * user
Definition: lws-context-vhost.h:330
const char * detailed_latency_filepath
Definition: lws-context-vhost.h:689
unsigned short max_http_header_pool
Definition: lws-context-vhost.h:362
const char * ssl_private_key_filepath
Definition: lws-context-vhost.h:283
const struct lws_protocol_vhost_options * next
Definition: lws-context-vhost.h:1011
const char * ssl_ca_filepath
Definition: lws-context-vhost.h:297
unsigned int server_ssl_ca_mem_len
Definition: lws-context-vhost.h:673
int gid
Definition: lws-context-vhost.h:322
int bind_iface
Definition: lws-context-vhost.h:524
LWS_VISIBLE LWS_EXTERN struct lws_vhost * lws_get_vhost_by_name(struct lws_context *context, const char *name)
unsigned int client_ssl_cert_mem_len
Definition: lws-context-vhost.h:473
void * finalize_arg
Definition: lws-context-vhost.h:607