[Libwebsockets] SegFault for Websocket Server on Multiple Network Interface

Andy Green andy at warmcat.com
Sun Jul 16 03:34:04 CEST 2017



On 07/15/2017 07:26 PM, Andy Green wrote:
> 
> 
> On 07/15/2017 06:10 PM, techi eth wrote:
>> Thanks a lot for looking by yourself.
>>
>> I will wait for your update to test.
> 
> It's getting late here, so I pushed what I have on master without 
> testing it outside of context closure.  However for context closure it 
> has zero leaks on valgrind with lwsws (libuv) or libwebsockets-test-server.
> 
> Even if it makes problems, it should be simpler to debug and work with 
> than doing it from scratch.
> 
> It's simply
> 
> LWS_VISIBLE LWS_EXTERN void
> lws_vhost_destroy(struct lws_vhost *vh);
> 
> anyway give it a try and see what happens.

I added support in libwebsockets-test-server and 
libwebsockets-test-server-v2.0 to respond to getting a SIGUSR1 (ie, kill 
-SIGUSR1 <test server pid> ) by toggling a second vhost on and off, on 
port + 1.  So by default, port 7682.  The extra vhost is disabled from 
the start so the first SIGUSR1 creates it and the next destroys it etc.

As expected libuv two-part handle closing made problems.  But after some 
adaptations it is now valgrind-clean (+ / - one "still reachable" to do 
with plugins with libuv) in both.

Windows doesn't have SIGUSR1 (amazing...)... this should not be any 
different for windows and it works on Linux.

Otherwise it works as intended.

-Andy

> -Andy
> 
> 
>> Thanks
>>
>> On Sat, Jul 15, 2017 at 3:35 PM, Andy Green <andy at warmcat.com 
>> <mailto:andy at warmcat.com>> wrote:
>>
>>
>>
>>     On 07/15/2017 05:57 PM, techi eth wrote:
>>
>>         I was trying to understand lws code to create functionality for
>>         stopping vhost from past few days. I know it will not be so easy
>>         without knowing full overview of code flow & data structure.
>>
>>
>>         I have just implemented small patch which will actually stop the
>>         server attached to vhost based on interface However I am not
>>         sure I am doing right way or not.I haven't tested completely
>>         patch so it is not advice to use by anyone.
>>
>>
>>         It will be helpful if you will give some hint for implementation
>>         so that it will be easy & right direction for me to implement.
>>
>>         If you have any implementation done on same then please share i
>>         will be able to test to confirm.
>>
>>         I have one doubt when I have created two server (One on each
>>         network interface) why I am getting fds_count 3. (I was
>>         expecting fds_count 2 one for each server)
>>
>>     There is a pipe created for each service thread, so we can interrupt
>>     a poll() wait from another thread.  Otherwise, changes to POLLOUT
>>     etc (ie, request for writable callback) would not be recognized by
>>     the service thread until the next time we enter poll().
>>
>>     I just started on this today myself... others are asking for it on
>>     github.
>>
>>     It's done but I need to figure out a way to add it to a test app so
>>     we can know it does what it is supposed to.
>>
>>     I confirmed it can do the context close OK on poll() and libuv which
>>     was my main worry.
>>
>>     I'll send an update later.
>>
>>     -Andy
>>
>>
>>         Thanks
>>
>>
>>         On Wed, Jul 12, 2017 at 4:09 PM, techi eth <techieth at gmail.com
>>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>> wrote:
>>
>>              I confirm with test that lws will have need individual
>>         interface
>>              server stop/start when IP or WiFi changes on a network
>>         interface. It
>>              will be listening on old IP only & never come on new IP.
>>
>>              It will also not practical to use reload because other
>>         interface is
>>              working well & needs to be in listen as long as application
>>         wants’.
>>
>>              I am using lws from long time & found it is very robust &
>>         most of
>>              the required interface is available for application use. 
>> If you
>>              think above is practical case than check for consideration.
>>              I have started looking lws code for required changes.
>>
>>              On Wed, Jul 12, 2017 at 12:54 PM, Andy Green
>>         <andy at warmcat.com <mailto:andy at warmcat.com>
>>              <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>> wrote:
>>
>>
>>
>>                  On 07/12/2017 03:14 PM, techi eth wrote:
>>
>>                      I can think of below use cases.
>>
>>                      1)On particular point application do not want
>>         listening  on
>>                      one of interface because it doesn’t want to allow
>>         connection
>>                      due to application need or security reason.
>>
>>
>>                  You can just hang up on it.
>>
>>                      2)One network interface was completely shut down as
>>         it is
>>                      only required for initial configuration. 
>> Interface will
>>                      never ever come up again.
>>
>>
>>                  Then you will need to restart or 'reload' the whole 
>> server.
>>
>>                      3)In the case of WiFi possibly we are switching to
>>         different
>>                      WiFi so we will get altogether different network
>>         IP. In this
>>                      case we need to stop current server & try again
>>         starting
>>                      server once we get connected to other WiFi.
>>
>>
>>                  Okay...
>>
>>                      4)IP got changed due to dynamic IP allocation by
>>         router.
>>
>>
>>                  Okay...
>>
>>                      Please correct me if it will justify the stop
>>         server case.
>>
>>
>>                  Sure.  Feel free to send me a patch implementing it.
>>
>>                  'reload' is quite interesting.... it's implemented in
>>         lwsws.         Basically it drops the listen sockets on the
>>         existing serving
>>                  process, starts a new one with fresh listen sockets
>>         (bound again
>>                  to whatever), but leaves the old one server up until
>>         there are
>>                  no connections left.  When the last connection drops,
>>         the old
>>                  server instance exits.
>>
>>                  -Andy
>>
>>                      On Wed, Jul 12, 2017 at 12:26 PM, Andy Green
>>                      <andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>> wrote:
>>
>>
>>
>>                           On 07/12/2017 02:45 PM, techi eth wrote:
>>
>>                               Thanks for confirmation.
>>                               I can see from test also it will be two 
>> socket
>>                               lws_get_socket_fd(wsi) will confirm the 
>> same.
>>                               If it will two listen socket which means 
>> two
>>                      websocket server.
>>                               Is their any way i can force stop once 
>> server
>>                      listening or both
>>                               due to application need ?
>>
>>
>>                           This is the third time you ask the same thing.
>>
>>                           No.
>>
>>
>>                           Can you explain why you think you need to 
>> stop the
>>                      vhost listening?
>>
>>                           -Andy
>>
>>
>>
>>                               On Wed, Jul 12, 2017 at 11:41 AM, Andy 
>> Green
>>                      <andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>> wrote:
>>
>>
>>
>>                                    On July 12, 2017 2:05:02 PM
>>         GMT+08:00, techi eth
>>                               <techieth at gmail.com
>>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>
>>                                    <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>>> wrote:
>>                                    >Sorry but I am bit confuse from your
>>         single
>>                      socket statement.
>>                                    >
>>                                    >Here I have two IP address (Due to 
>> two
>>                      different network
>>                               interface) so
>>                                    >I
>>                                    >think there should be two socket
>>         however if
>>                      vhost concept
>>                               is based on
>>                                    >single socket working on port
>>         sharing then I
>>                      think this
>>                               may work.
>>
>>                                    I think it will indeed be two listen
>>         sockets
>>                      then, each
>>                               bound to one
>>                                    ip or interface.
>>
>>                                    Typically vhosts are all piled on the
>>         same
>>                      listen socket +
>>                               port.
>>
>>                                    >I am not sure how it will behave
>>         when concurrent
>>                               read/write happen on
>>                                    >single socket by the multiple client
>>         from
>>                      multiple network
>>                               at same
>>                                    >time.
>>
>>                                    There is no problem with it.  By
>>         default lws
>>                      binds to all
>>                               interfaces
>>                                    at the port (with one socket), this
>>         appears as
>>                      0.0.0.0 listen
>>                                    address in netstat.  So it is easy to
>>         confirm.
>>
>>                                    >
>>                                    >If network connection go down (I have
>>                      rejected connection
>>                               & callback
>>                                    >closed
>>                                    >) & up again shall i need to create
>>         vhost again ?
>>
>>                                    No.
>>
>>                                    -Andy
>>
>>                                     >
>>                                     >Thanks
>>                                     >
>>                                     >On Tue, Jul 11, 2017 at 4:48 PM,
>>         Andy Green
>>                               <andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>> wrote:
>>                                     >
>>                                     >>
>>                                     >>
>>                                     >> On 07/11/2017 07:05 PM, techi eth
>>         wrote:
>>                                     >>
>>                                     >>> Thanks for your input.
>>                                     >>>
>>                                     >>> On rejecting connection in
>>         callback will
>>                      cleanup all the
>>                                    resources &
>>                                     >>> close listening socket ?
>>                                     >>>
>>                                     >>
>>                                     >> No.  It will close the connection.
>>                                     >>
>>                                     >> If you want to add the 
>> capability to
>>                      dynamically remove
>>                               vhosts, by
>>                                     >all
>>                                     >> means, send me a patch.
>>                                     >>
>>                                     >> Is there any function available
>>         in lws  like
>>                                     >_/context/_destroy(),which
>>                                     >>> will call from application to do
>>         the job ?
>>                                     >>>
>>                                     >>
>>                                     >> You seem a bit confused about
>>         this listen
>>                      socket business.
>>                                     >>
>>                                     >> If both vhosts listen on :443,
>>         there is
>>                      only ONE listen
>>                               socket open
>>                                     >on
>>                                     >> :443.  If both vhosts opened
>>         their own
>>                      listen socket,
>>                               how would the
>>                                     >tcp
>>                                     >> layer know which vhost socket
>>         should get the
>>                               connection?  It would
>>                                     >have to
>>                                     >> decide before we could fetch
>>         headers or
>>                      whatever.  It
>>                               couldn't work.
>>                                     >>
>>                                     >> If you close the single shared 
>> listen
>>                      socket, no vhost
>>                               can receive
>>                                     >> anything.
>>                                     >>
>>                                     >> When the secure connection comes,
>>         it uses
>>                      a TLS trick
>>                               called SNI to
>>                                     >get
>>                                     >> the hostname the client was 
>> using to
>>                      connect before the
>>                               secure
>>                                    tunnel
>>                                     >is
>>                                     >> set up.  From that, it decides
>>         which vhost
>>                      he was
>>                               trying to connect
>>                                     >to,
>>                                     >> sets up the TLS tunnel using the
>>         correct
>>                      vhost's
>>                               certificates, and
>>                                     >binds
>>                                     >> the connection to the right vhost.
>>                                     >>
>>                                     >> If you want one of the vhosts to
>>         start
>>                      rejecting
>>                               connections,
>>                                    you can
>>                                     >use
>>                                     >> lws_get_vhost(wsi) once the wsi
>>         has bound to a
>>                               particular vhost and
>>                                     >act
>>                                     >> differently if it is the 'down'
>>         vhost the
>>                      wsi is bound to.
>>                                     >>
>>                                     >> -Andy
>>                                     >>
>>                                     >> On Tue, Jul 11, 2017 at 3:02 PM,
>>         Andy Green
>>                               <andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com 
>> <mailto:andy at warmcat.com>>>>
>>                                     ><mailto:
>>                                     >>> andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>> wrote:
>>                                     >>>
>>                                     >>>
>>                                     >>>
>>                                     >>>     On 07/11/2017 05:25 PM,
>>         techi eth wrote:
>>                                     >>>
>>                                     >>>         Hi,
>>                                     >>>
>>                                     >>>         Now i am able to run
>>         both the SSL
>>                      server.
>>                               Thanks for input.
>>                                     >>>         Could you please check
>>         attached
>>                      file & let me
>>                               know i am
>>                                     >right in
>>                                     >>>         using libwebsocket.
>>                                     >>>
>>                                     >>>
>>                                     >>>     I don't have time to look at
>>         users'
>>                      code.  Unless
>>                               I feel I owe
>>                                     >them
>>                                     >>>     for contributions, mowing my
>>         lawn or
>>                      whatever.
>>                                     >>>
>>                                     >>>         I would just like to
>>         know how to
>>                      stop one
>>                               server listening
>>                                     >on
>>                                     >>> vhost.
>>                                     >>>
>>                                     >>>
>>                                     >>>     I assume you want to do it
>>                      dynamically... the
>>                               closest you
>>                                    can do
>>                                     >>>     easily is reject the
>>         connection in an
>>                      early callback.
>>                                     >>>
>>                                     >>>     If you handle the http
>>         callback, you
>>                      can also have
>>                               it decide to
>>                                     >>>     respond with a redirect or a
>>         500 page
>>                      or whatever.
>>                                     >>>
>>                                     >>>     -Andy
>>                                     >>>
>>                                     >>>         Thanks
>>                                     >>>
>>                                     >>>         On Mon, Jul 10, 2017 at
>>         3:27 PM,
>>                      techi eth
>>                                     ><techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>
>>                               <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>>
>>                                     >>>           
>> <mailto:techieth at gmail.com <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com 
>> <mailto:techieth at gmail.com>>
>>                               <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com 
>> <mailto:techieth at gmail.com>>
>>                               <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>>>
>>                                    <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>
>>                               <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>>
>>                                     >>>           
>> <mailto:techieth at gmail.com <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com 
>> <mailto:techieth at gmail.com>>
>>                               <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>
>>                                    <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                      <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>>>>>
>>                               wrote:
>>                                     >>>
>>                                     >>>              I have tried test as
>>                      suggested by you now
>>                               I don’t see
>>                                     >>> segfault
>>                                     >>>              anymore however I
>>         am not
>>                      able to connect
>>                               over server.
>>                                     >>>
>>                                     >>>              Could you please 
>> check
>>                      attached test code &
>>                                    detaild lws
>>                                     >log
>>                                     >>>         & give
>>                                     >>>              me hint what is
>>         wrong in code.
>>                                     >>>
>>                                     >>>              Thanks for your 
>> input.
>>                                     >>>
>>                                     >>>              On Sat, Jul 8, 2017
>>         at 4:28
>>                      PM, Andy Green
>>                                     >>>         <andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>
>>                                     >>>         
>> <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>>>
>>                                     >wrote:
>>                                     >>>
>>                                     >>>
>>                                     >>>
>>                                     >>>                  On 07/08/2017
>>         06:51 PM,
>>                      techi eth wrote:
>>                                     >>>
>>                                     >>>                      Thanks for
>>         your input.
>>                                     >>>                      Having two
>>         context
>>                      is not right
>>                               or technically
>>                                     >>>         complex ?
>>                                     >>>
>>                                     >>>                      I was
>>         running two
>>                      server without
>>                               SSL mode from
>>                                     >past
>>                                     >>>         1 month
>>                                     >>>                      & it is
>>         working fine
>>                      with two
>>                               context.
>>                                     >>>
>>                                     >>>
>>                                     >>>                  Well... if you
>>         want two
>>                      contexts you
>>                               better fix
>>                                     >your
>>                                     >>>         segfault.         You're
>>         always
>>                      free to do
>>                               what you prefer
>>                                     >(and
>>                                     >>>         I am free to
>>                                     >>>                  ignore your
>>         problems
>>                      with it).
>>                                     >>>
>>                                     >>>                  From:
>>                                     >>>
>>                                     >>>                    - the POV SNI
>>         won't
>>                      work sharing
>>                               port 443,
>>                                     >because
>>                                     >>>         the two
>>                                     >>>                  vhosts you
>>         created by
>>                      having two
>>                               contexts don't
>>                                     >know
>>                                     >>>         about each
>>                                     >>>                  other
>>                                     >>>
>>                                     >>>                    - the POV you
>>         only
>>                      have one set of
>>                               fds in your
>>                                     >>>         process, the
>>                                     >>>                  context holds a
>>         lookup
>>                      table for all
>>                               of them
>>                                     >>>
>>                                     >>>                    - the POV you
>>         only
>>                      need to service
>>                               (ie, wait in
>>                                     >poll
>>                                     >>>         or epoll)
>>                                     >>>                  for one set of
>>         fds, not
>>                      have an idle
>>                               context
>>                                     >increase
>>                                     >>> your
>>                                     >>>                  service 
>> latency on
>>                      handling service
>>                               for an active
>>                                     >>>         context every time
>>                                     >>>
>>                                     >>>                  ...you should
>>         have one
>>                      context and
>>                               two vhosts.
>>                                     >>>
>>                                     >>>                  That's
>>         literally what
>>                      the vhosts are
>>                               for.  It's
>>                                     >easy to
>>                                     >>>         do, and
>>                                     >>>                  from lws
>>         perspective
>>                      "the right thing".
>>                                     >>>
>>                                     >>>                  -Andy
>>                                     >>>
>>                                     >>>                      On Sat, Jul
>>         8, 2017
>>                      at 3:59 PM,
>>                               Andy Green
>>                                     >>>         <andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>
>>                                     >>>           
>> <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com 
>> <mailto:andy at warmcat.com>>>>
>>                                     ><mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>>
>>                                     >>>         <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>
>>                                     >>>           
>> <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com 
>> <mailto:andy at warmcat.com>>>>
>>                                     >>>         <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>>>>>
>>                                    wrote:
>>                                     >>>
>>                                     >>>
>>                                     >>>
>>                                     >>>                           On
>>         07/08/2017
>>                      06:12 PM,
>>                               techi eth wrote:
>>                                     >>>
>>                                     >>>                               It
>>         is with two
>>                               context.One context
>>                                     >each
>>                                     >>>         for one
>>                                     >>>                      network
>>         interface.
>>                                     >>>
>>                                     >>>
>>                                     >>>                           I can
>>         suggest
>>                      you don't do that.
>>                                     >>>
>>                                     >>>                           Let's
>>         leave
>>                      aside how I am
>>                               supposed to
>>                                     >guess
>>                                     >>>         what you
>>                                     >>>                      have done to
>>                                     >>>           service both.
>>                                     >>>
>>                                     >>>                           The
>>         network
>>                      interface to
>>                               bind to is an
>>                                     >>>         attribute of the
>>                                     >>>                      vhost, not
>>                                     >>>                           the
>>         context.
>>                                     >>>
>>                                     >>>                           By
>>         default, for
>>                               compatibility lws creates
>>                                     >you
>>                                     >>>         one vhost
>>                                     >>>                      called
>>                                     >>>           "default" when
>>                      you create
>>                               the context.
>>                                     >>>
>>                                     >>>                           If you
>>         set the
>>                      option bit
>>                                     >>>           
>> LWS_SERVER_OPTION_EXPLICIT_VHOSTS
>>                               when you
>>                                     >>>                           
>> create the
>>                      context, creating
>>                               the context
>>                                     >does
>>                                     >>> not
>>                                     >>>                      create any
>>         vhosts.
>>                                     >>>
>>                                     >>>           Instead you can
>>                      use the same
>>                                     >>>         lws_context_creation_info
>>                                     >>>                      struct to
>>                                     >>>                           create
>>         as many
>>                      vhosts as you
>>                               want and
>>                                     >attach
>>                                     >>>         them to
>>                                     >>>                      the context
>>                                     >>>           yourself, using
>>                                     >>>
>>                                     >>>                           
>> LWS_EXTERN
>>                      LWS_VISIBLE
>>                               struct lws_vhost *
>>                                     >>>               
>> lws_create_vhost(struct
>>                               lws_context
>>                                     >*context,
>>                                     >>> 
>>                                 struct
>>                                     >>>           
>> lws_context_creation_info *info);
>>                                     >>>
>>                                     >>>                           You
>>         can mostly
>>                      re-use your
>>                               existing info
>>                                     >struct
>>                                     >>>                      contents,
>>         changing
>>                                     >>>                           
>> .iface and
>>                      .name to reflect
>>                               the vhost
>>                                     >hostname
>>                                     >>>         (ie,
>>                                     >>>         "warmcat.com 
>> <http://warmcat.com>
>>                      <http://warmcat.com> <http://warmcat.com>
>>                               <http://warmcat.com>
>>                                    <http://warmcat.com> <
>>                                     >>> http://warmcat.com>
>>                                     >>>               
>> <http://warmcat.com>" if people
>>                                    reached it
>>                                     >by
>>                                     >>>         typing
>>                                     >>>         "warmcat.com 
>> <http://warmcat.com>
>>                      <http://warmcat.com> <http://warmcat.com>
>>                               <http://warmcat.com>
>>                                    <http://warmcat.com> <
>>                                     >>> http://warmcat.com>
>>                                     >>>               
>> <http://warmcat.com>" in
>>                               their browser).
>>                                     >And
>>                                     >>>         changing the
>>                                     >>>                           
>> protocols,
>>                      mounts etc
>>                               according to what
>>                                     >you
>>                                     >>>         want to be
>>                                     >>>                      available.
>>                                     >>>
>>                                     >>>                           Both
>>         can be on
>>                      port 443, lws
>>                               will use SNI
>>                                     >to
>>                                     >>>         match the
>>                                     >>>                      hostname the
>>                                     >>>                           client
>>         had used
>>                      to reach it
>>                               to decide
>>                                     >which
>>                                     >>>         vhost to
>>                                     >>>                      give them.
>>                                     >>>
>>                                     >>>                           Each
>>         vhost can
>>                      be told to
>>                               use different
>>                                     >SSL
>>                                     >>>         certs and
>>                                     >>>                      keys.  Lws
>>                                     >>>                           will
>>         sort it out.
>>                                     >>>
>>                                     >>>                           
>> So... one
>>                      context.  Two vhosts.
>>                                     >>>
>>                                     >>> https://warmcat.com and
>>         https://libwebsockets.org are two
>>                                     >>>                      vhosts on
>>                                     >>>                           the
>>         same lws
>>                      server using
>>                               this method.
>>                                     >>>
>>                                     >>>                           -Andy
>>                                     >>>
>>                                     >>>
>>                                     >>>
>>                                     >>>                               On
>>         Sat, Jul
>>                      8, 2017 at
>>                               3:31 PM, Andy
>>                                     >Green
>>                                     >>>         <andy at warmcat.com 
>> <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com 
>> <mailto:andy at warmcat.com>>>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com 
>> <mailto:andy at warmcat.com>>>>>
>>                                     >>>         <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>>
>>                                     >>>                   
>> <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com 
>> <mailto:andy at warmcat.com>>>>
>>                                     >>>         <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>>                                     >>>         <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>>>>
>>                                     >>>           
>> <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com 
>> <mailto:andy at warmcat.com>>>>
>>                                     ><mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>
>>                                     >>>         <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>>
>>                                     >>>                   
>> <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com 
>> <mailto:andy at warmcat.com>>>>
>>                                     >>>         <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>>
>>                                     >>>           
>> <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                                    <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com 
>> <mailto:andy at warmcat.com>>>>
>>                                     >>>         <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                               <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                      <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>>>>>>
>>                                    wrote:
>>                                     >>>
>>                                     >>>
>>                                     >>>
>>                                     >>>            On
>>                      07/08/2017 05:44 PM,
>>                                    techi eth
>>                                     >>> wrote:
>>                                     >>>
>>                                     >>>                           
>> OpenSSL version
>>                               : 1.0.2h
>>
>>
> _______________________________________________
> Libwebsockets mailing list
> Libwebsockets at ml.libwebsockets.org
> https://libwebsockets.org/mailman/listinfo/libwebsockets



More information about the Libwebsockets mailing list