[Libwebsockets] SegFault for Websocket Server on Multiple Network Interface

Andy Green andy at warmcat.com
Sat Jul 15 13:26:04 CEST 2017



On 07/15/2017 06:10 PM, techi eth wrote:
> Thanks a lot for looking by yourself.
> 
> I will wait for your update to test.

It's getting late here, so I pushed what I have on master without 
testing it outside of context closure.  However for context closure it 
has zero leaks on valgrind with lwsws (libuv) or libwebsockets-test-server.

Even if it makes problems, it should be simpler to debug and work with 
than doing it from scratch.

It's simply

LWS_VISIBLE LWS_EXTERN void
lws_vhost_destroy(struct lws_vhost *vh);

anyway give it a try and see what happens.

-Andy


> Thanks
> 
> On Sat, Jul 15, 2017 at 3:35 PM, Andy Green <andy at warmcat.com 
> <mailto:andy at warmcat.com>> wrote:
> 
> 
> 
>     On 07/15/2017 05:57 PM, techi eth wrote:
> 
>         I was trying to understand lws code to create functionality for
>         stopping vhost from past few days. I know it will not be so easy
>         without knowing full overview of code flow & data structure.
> 
> 
>         I have just implemented small patch which will actually stop the
>         server attached to vhost based on interface However I am not
>         sure I am doing right way or not.I haven't tested completely
>         patch so it is not advice to use by anyone.
> 
> 
>         It will be helpful if you will give some hint for implementation
>         so that it will be easy & right direction for me to implement.
> 
>         If you have any implementation done on same then please share i
>         will be able to test to confirm.
> 
>         I have one doubt when I have created two server (One on each
>         network interface) why I am getting fds_count 3. (I was
>         expecting fds_count 2 one for each server)
> 
>     There is a pipe created for each service thread, so we can interrupt
>     a poll() wait from another thread.  Otherwise, changes to POLLOUT
>     etc (ie, request for writable callback) would not be recognized by
>     the service thread until the next time we enter poll().
> 
>     I just started on this today myself... others are asking for it on
>     github.
> 
>     It's done but I need to figure out a way to add it to a test app so
>     we can know it does what it is supposed to.
> 
>     I confirmed it can do the context close OK on poll() and libuv which
>     was my main worry.
> 
>     I'll send an update later.
> 
>     -Andy
> 
> 
>         Thanks
> 
> 
>         On Wed, Jul 12, 2017 at 4:09 PM, techi eth <techieth at gmail.com
>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>>> wrote:
> 
>              I confirm with test that lws will have need individual
>         interface
>              server stop/start when IP or WiFi changes on a network
>         interface. It
>              will be listening on old IP only & never come on new IP.
> 
>              It will also not practical to use reload because other
>         interface is
>              working well & needs to be in listen as long as application
>         wants’.
> 
>              I am using lws from long time & found it is very robust &
>         most of
>              the required interface is available for application use. If you
>              think above is practical case than check for consideration.
>              I have started looking lws code for required changes.
> 
>              On Wed, Jul 12, 2017 at 12:54 PM, Andy Green
>         <andy at warmcat.com <mailto:andy at warmcat.com>
>              <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>> wrote:
> 
> 
> 
>                  On 07/12/2017 03:14 PM, techi eth wrote:
> 
>                      I can think of below use cases.
> 
>                      1)On particular point application do not want
>         listening  on
>                      one of interface because it doesn’t want to allow
>         connection
>                      due to application need or security reason.
> 
> 
>                  You can just hang up on it.
> 
>                      2)One network interface was completely shut down as
>         it is
>                      only required for initial configuration. Interface will
>                      never ever come up again.
> 
> 
>                  Then you will need to restart or 'reload' the whole server.
> 
>                      3)In the case of WiFi possibly we are switching to
>         different
>                      WiFi so we will get altogether different network
>         IP. In this
>                      case we need to stop current server & try again
>         starting
>                      server once we get connected to other WiFi.
> 
> 
>                  Okay...
> 
>                      4)IP got changed due to dynamic IP allocation by
>         router.
> 
> 
>                  Okay...
> 
>                      Please correct me if it will justify the stop
>         server case.
> 
> 
>                  Sure.  Feel free to send me a patch implementing it.
> 
>                  'reload' is quite interesting.... it's implemented in
>         lwsws.         Basically it drops the listen sockets on the
>         existing serving
>                  process, starts a new one with fresh listen sockets
>         (bound again
>                  to whatever), but leaves the old one server up until
>         there are
>                  no connections left.  When the last connection drops,
>         the old
>                  server instance exits.
> 
>                  -Andy
> 
>                      On Wed, Jul 12, 2017 at 12:26 PM, Andy Green
>                      <andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>> wrote:
> 
> 
> 
>                           On 07/12/2017 02:45 PM, techi eth wrote:
> 
>                               Thanks for confirmation.
>                               I can see from test also it will be two socket
>                               lws_get_socket_fd(wsi) will confirm the same.
>                               If it will two listen socket which means two
>                      websocket server.
>                               Is their any way i can force stop once server
>                      listening or both
>                               due to application need ?
> 
> 
>                           This is the third time you ask the same thing.
> 
>                           No.
> 
> 
>                           Can you explain why you think you need to stop the
>                      vhost listening?
> 
>                           -Andy
> 
> 
> 
>                               On Wed, Jul 12, 2017 at 11:41 AM, Andy Green
>                      <andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>>> wrote:
> 
> 
> 
>                                    On July 12, 2017 2:05:02 PM
>         GMT+08:00, techi eth
>                               <techieth at gmail.com
>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>>>
>                                    <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>> <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>>>>> wrote:
>                                    >Sorry but I am bit confuse from your
>         single
>                      socket statement.
>                                    >
>                                    >Here I have two IP address (Due to two
>                      different network
>                               interface) so
>                                    >I
>                                    >think there should be two socket
>         however if
>                      vhost concept
>                               is based on
>                                    >single socket working on port
>         sharing then I
>                      think this
>                               may work.
> 
>                                    I think it will indeed be two listen
>         sockets
>                      then, each
>                               bound to one
>                                    ip or interface.
> 
>                                    Typically vhosts are all piled on the
>         same
>                      listen socket +
>                               port.
> 
>                                    >I am not sure how it will behave
>         when concurrent
>                               read/write happen on
>                                    >single socket by the multiple client
>         from
>                      multiple network
>                               at same
>                                    >time.
> 
>                                    There is no problem with it.  By
>         default lws
>                      binds to all
>                               interfaces
>                                    at the port (with one socket), this
>         appears as
>                      0.0.0.0 listen
>                                    address in netstat.  So it is easy to
>         confirm.
> 
>                                    >
>                                    >If network connection go down (I have
>                      rejected connection
>                               & callback
>                                    >closed
>                                    >) & up again shall i need to create
>         vhost again ?
> 
>                                    No.
> 
>                                    -Andy
> 
>                                     >
>                                     >Thanks
>                                     >
>                                     >On Tue, Jul 11, 2017 at 4:48 PM,
>         Andy Green
>                               <andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>>> wrote:
>                                     >
>                                     >>
>                                     >>
>                                     >> On 07/11/2017 07:05 PM, techi eth
>         wrote:
>                                     >>
>                                     >>> Thanks for your input.
>                                     >>>
>                                     >>> On rejecting connection in
>         callback will
>                      cleanup all the
>                                    resources &
>                                     >>> close listening socket ?
>                                     >>>
>                                     >>
>                                     >> No.  It will close the connection.
>                                     >>
>                                     >> If you want to add the capability to
>                      dynamically remove
>                               vhosts, by
>                                     >all
>                                     >> means, send me a patch.
>                                     >>
>                                     >> Is there any function available
>         in lws  like
>                                     >_/context/_destroy(),which
>                                     >>> will call from application to do
>         the job ?
>                                     >>>
>                                     >>
>                                     >> You seem a bit confused about
>         this listen
>                      socket business.
>                                     >>
>                                     >> If both vhosts listen on :443,
>         there is
>                      only ONE listen
>                               socket open
>                                     >on
>                                     >> :443.  If both vhosts opened
>         their own
>                      listen socket,
>                               how would the
>                                     >tcp
>                                     >> layer know which vhost socket
>         should get the
>                               connection?  It would
>                                     >have to
>                                     >> decide before we could fetch
>         headers or
>                      whatever.  It
>                               couldn't work.
>                                     >>
>                                     >> If you close the single shared listen
>                      socket, no vhost
>                               can receive
>                                     >> anything.
>                                     >>
>                                     >> When the secure connection comes,
>         it uses
>                      a TLS trick
>                               called SNI to
>                                     >get
>                                     >> the hostname the client was using to
>                      connect before the
>                               secure
>                                    tunnel
>                                     >is
>                                     >> set up.  From that, it decides
>         which vhost
>                      he was
>                               trying to connect
>                                     >to,
>                                     >> sets up the TLS tunnel using the
>         correct
>                      vhost's
>                               certificates, and
>                                     >binds
>                                     >> the connection to the right vhost.
>                                     >>
>                                     >> If you want one of the vhosts to
>         start
>                      rejecting
>                               connections,
>                                    you can
>                                     >use
>                                     >> lws_get_vhost(wsi) once the wsi
>         has bound to a
>                               particular vhost and
>                                     >act
>                                     >> differently if it is the 'down'
>         vhost the
>                      wsi is bound to.
>                                     >>
>                                     >> -Andy
>                                     >>
>                                     >> On Tue, Jul 11, 2017 at 3:02 PM,
>         Andy Green
>                               <andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>                                     ><mailto:
>                                     >>> andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>> wrote:
>                                     >>>
>                                     >>>
>                                     >>>
>                                     >>>     On 07/11/2017 05:25 PM,
>         techi eth wrote:
>                                     >>>
>                                     >>>         Hi,
>                                     >>>
>                                     >>>         Now i am able to run
>         both the SSL
>                      server.
>                               Thanks for input.
>                                     >>>         Could you please check
>         attached
>                      file & let me
>                               know i am
>                                     >right in
>                                     >>>         using libwebsocket.
>                                     >>>
>                                     >>>
>                                     >>>     I don't have time to look at
>         users'
>                      code.  Unless
>                               I feel I owe
>                                     >them
>                                     >>>     for contributions, mowing my
>         lawn or
>                      whatever.
>                                     >>>
>                                     >>>         I would just like to
>         know how to
>                      stop one
>                               server listening
>                                     >on
>                                     >>> vhost.
>                                     >>>
>                                     >>>
>                                     >>>     I assume you want to do it
>                      dynamically... the
>                               closest you
>                                    can do
>                                     >>>     easily is reject the
>         connection in an
>                      early callback.
>                                     >>>
>                                     >>>     If you handle the http
>         callback, you
>                      can also have
>                               it decide to
>                                     >>>     respond with a redirect or a
>         500 page
>                      or whatever.
>                                     >>>
>                                     >>>     -Andy
>                                     >>>
>                                     >>>         Thanks
>                                     >>>
>                                     >>>         On Mon, Jul 10, 2017 at
>         3:27 PM,
>                      techi eth
>                                     ><techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>> <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>>>
>                               <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>> <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>>>>
>                                     >>>       
>           <mailto:techieth at gmail.com <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com <mailto:techieth at gmail.com>>
>                               <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>>> <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com <mailto:techieth at gmail.com>>
>                               <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>>>>>
>                                    <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>> <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>>>
>                               <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>> <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>>>>
>                                     >>>       
>           <mailto:techieth at gmail.com <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com <mailto:techieth at gmail.com>>
>                               <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>>>
>                                    <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>> <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>
>                      <mailto:techieth at gmail.com
>         <mailto:techieth at gmail.com>>>>>>>
>                               wrote:
>                                     >>>
>                                     >>>              I have tried test as
>                      suggested by you now
>                               I don’t see
>                                     >>> segfault
>                                     >>>              anymore however I
>         am not
>                      able to connect
>                               over server.
>                                     >>>
>                                     >>>              Could you please check
>                      attached test code &
>                                    detaild lws
>                                     >log
>                                     >>>         & give
>                                     >>>              me hint what is
>         wrong in code.
>                                     >>>
>                                     >>>              Thanks for your input.
>                                     >>>
>                                     >>>              On Sat, Jul 8, 2017
>         at 4:28
>                      PM, Andy Green
>                                     >>>         <andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>
>                                     >>>             
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>>>
>                                     >wrote:
>                                     >>>
>                                     >>>
>                                     >>>
>                                     >>>                  On 07/08/2017
>         06:51 PM,
>                      techi eth wrote:
>                                     >>>
>                                     >>>                      Thanks for
>         your input.
>                                     >>>                      Having two
>         context
>                      is not right
>                               or technically
>                                     >>>         complex ?
>                                     >>>
>                                     >>>                      I was
>         running two
>                      server without
>                               SSL mode from
>                                     >past
>                                     >>>         1 month
>                                     >>>                      & it is
>         working fine
>                      with two
>                               context.
>                                     >>>
>                                     >>>
>                                     >>>                  Well... if you
>         want two
>                      contexts you
>                               better fix
>                                     >your
>                                     >>>         segfault.         You're
>         always
>                      free to do
>                               what you prefer
>                                     >(and
>                                     >>>         I am free to
>                                     >>>                  ignore your
>         problems
>                      with it).
>                                     >>>
>                                     >>>                  From:
>                                     >>>
>                                     >>>                    - the POV SNI
>         won't
>                      work sharing
>                               port 443,
>                                     >because
>                                     >>>         the two
>                                     >>>                  vhosts you
>         created by
>                      having two
>                               contexts don't
>                                     >know
>                                     >>>         about each
>                                     >>>                  other
>                                     >>>
>                                     >>>                    - the POV you
>         only
>                      have one set of
>                               fds in your
>                                     >>>         process, the
>                                     >>>                  context holds a
>         lookup
>                      table for all
>                               of them
>                                     >>>
>                                     >>>                    - the POV you
>         only
>                      need to service
>                               (ie, wait in
>                                     >poll
>                                     >>>         or epoll)
>                                     >>>                  for one set of
>         fds, not
>                      have an idle
>                               context
>                                     >increase
>                                     >>> your
>                                     >>>                  service latency on
>                      handling service
>                               for an active
>                                     >>>         context every time
>                                     >>>
>                                     >>>                  ...you should
>         have one
>                      context and
>                               two vhosts.
>                                     >>>
>                                     >>>                  That's
>         literally what
>                      the vhosts are
>                               for.  It's
>                                     >easy to
>                                     >>>         do, and
>                                     >>>                  from lws
>         perspective
>                      "the right thing".
>                                     >>>
>                                     >>>                  -Andy
>                                     >>>
>                                     >>>                      On Sat, Jul
>         8, 2017
>                      at 3:59 PM,
>                               Andy Green
>                                     >>>         <andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>
>                                     >>>                               
>           <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>                                     ><mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>>
>                                     >>>         <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>
>                                     >>>                               
>           <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>                                     >>>         <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>>>>>>
>                                    wrote:
>                                     >>>
>                                     >>>
>                                     >>>
>                                     >>>                           On
>         07/08/2017
>                      06:12 PM,
>                               techi eth wrote:
>                                     >>>
>                                     >>>                               It
>         is with two
>                               context.One context
>                                     >each
>                                     >>>         for one
>                                     >>>                      network
>         interface.
>                                     >>>
>                                     >>>
>                                     >>>                           I can
>         suggest
>                      you don't do that.
>                                     >>>
>                                     >>>                           Let's
>         leave
>                      aside how I am
>                               supposed to
>                                     >guess
>                                     >>>         what you
>                                     >>>                      have done to
>                                     >>>                         
>           service both.
>                                     >>>
>                                     >>>                           The
>         network
>                      interface to
>                               bind to is an
>                                     >>>         attribute of the
>                                     >>>                      vhost, not
>                                     >>>                           the
>         context.
>                                     >>>
>                                     >>>                           By
>         default, for
>                               compatibility lws creates
>                                     >you
>                                     >>>         one vhost
>                                     >>>                      called
>                                     >>>                         
>           "default" when
>                      you create
>                               the context.
>                                     >>>
>                                     >>>                           If you
>         set the
>                      option bit
>                                     >>>                               
>           LWS_SERVER_OPTION_EXPLICIT_VHOSTS
>                               when you
>                                     >>>                           create the
>                      context, creating
>                               the context
>                                     >does
>                                     >>> not
>                                     >>>                      create any
>         vhosts.
>                                     >>>
>                                     >>>                         
>           Instead you can
>                      use the same
>                                     >>>         lws_context_creation_info
>                                     >>>                      struct to
>                                     >>>                           create
>         as many
>                      vhosts as you
>                               want and
>                                     >attach
>                                     >>>         them to
>                                     >>>                      the context
>                                     >>>                         
>           yourself, using
>                                     >>>
>                                     >>>                           LWS_EXTERN
>                      LWS_VISIBLE
>                               struct lws_vhost *
>                                     >>>                                 
>               lws_create_vhost(struct
>                               lws_context
>                                     >*context,
>                                     >>>                                 
>                                 struct
>                                     >>>       
>           lws_context_creation_info *info);
>                                     >>>
>                                     >>>                           You
>         can mostly
>                      re-use your
>                               existing info
>                                     >struct
>                                     >>>                      contents,
>         changing
>                                     >>>                           .iface and
>                      .name to reflect
>                               the vhost
>                                     >hostname
>                                     >>>         (ie,
>                                     >>>                     
>         "warmcat.com <http://warmcat.com>
>                      <http://warmcat.com> <http://warmcat.com>
>                               <http://warmcat.com>
>                                    <http://warmcat.com> <
>                                     >>> http://warmcat.com>
>                                     >>>                                 
>               <http://warmcat.com>" if people
>                                    reached it
>                                     >by
>                                     >>>         typing
>                                     >>>                     
>         "warmcat.com <http://warmcat.com>
>                      <http://warmcat.com> <http://warmcat.com>
>                               <http://warmcat.com>
>                                    <http://warmcat.com> <
>                                     >>> http://warmcat.com>
>                                     >>>                                 
>               <http://warmcat.com>" in
>                               their browser).
>                                     >And
>                                     >>>         changing the
>                                     >>>                           protocols,
>                      mounts etc
>                               according to what
>                                     >you
>                                     >>>         want to be
>                                     >>>                      available.
>                                     >>>
>                                     >>>                           Both
>         can be on
>                      port 443, lws
>                               will use SNI
>                                     >to
>                                     >>>         match the
>                                     >>>                      hostname the
>                                     >>>                           client
>         had used
>                      to reach it
>                               to decide
>                                     >which
>                                     >>>         vhost to
>                                     >>>                      give them.
>                                     >>>
>                                     >>>                           Each
>         vhost can
>                      be told to
>                               use different
>                                     >SSL
>                                     >>>         certs and
>                                     >>>                      keys.  Lws
>                                     >>>                           will
>         sort it out.
>                                     >>>
>                                     >>>                           So... one
>                      context.  Two vhosts.
>                                     >>>
>                                     >>> https://warmcat.com and
>         https://libwebsockets.org are two
>                                     >>>                      vhosts on
>                                     >>>                           the
>         same lws
>                      server using
>                               this method.
>                                     >>>
>                                     >>>                           -Andy
>                                     >>>
>                                     >>>
>                                     >>>
>                                     >>>                               On
>         Sat, Jul
>                      8, 2017 at
>                               3:31 PM, Andy
>                                     >Green
>                                     >>>                     
>         <andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>
>                                     >>>         <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>>
>                                     >>>                                 
>                   <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>                                     >>>         <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>                                     >>>         <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>>>>>
>                                     >>>                               
>           <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>                                     ><mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>
>                                     >>>         <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>>
>                                     >>>                                 
>                   <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>                                     >>>         <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>>>
>                                     >>>                               
>           <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                                    <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>                                     >>>         <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>
>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>                               <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>
>                      <mailto:andy at warmcat.com
>         <mailto:andy at warmcat.com>>>>>>>>>
>                                    wrote:
>                                     >>>
>                                     >>>
>                                     >>>
>                                     >>>                                 
>            On
>                      07/08/2017 05:44 PM,
>                                    techi eth
>                                     >>> wrote:
>                                     >>>
>                                     >>>                                 
>                           OpenSSL version
>                               : 1.0.2h
> 
> 



More information about the Libwebsockets mailing list