[Libwebsockets] SegFault for Websocket Server on Multiple Network Interface

techi eth techieth at gmail.com
Mon Jul 17 14:26:34 CEST 2017


Please find attached patch over test_server.Base test server code work fine
with one interface but with two interface i am seeing problem.
Please check attached patch & point me for issue.I have run below command
to start test server.

./test_server -ssl -d 2047 --ssl-cert /opt/test_certs/gw_cert.pem --ssl-key
/opt/test_certs/gw_key.pem --ssl-ca /opt/test_certs/gw_root_cert.pem

Below log give you hint about vhost destroy called once we get connected>
--------------------------------------------------------------------------------------------------------------------
fWebsocketWrapServer1CB : callback reason = 0,WSI=434424
fWebsocketWrapServer1CB : LWS_CALLBACK_ESTABLISHED,Client
IP=192.168.50.102,Socket ID =9
Calling LWS VHOST DESTROY
lwsts[588]: lws_vhost_destroy1
lwsts[588]: lws_close_free_wsi: 0x62fb8
lwsts[588]: lws_close_free_wsi: real just_kill_connection: 0x62fb8 (sockfd
7)
fWebsocketWrapServer1CB : callback reason = 35,WSI=405432
lwsts[588]: lws_same_vh_protocol_remove: removing same prot wsi 0x62fb8
lwsts[588]: remove_wsi_socket_from_fds: wsi=0x62fb8, sock=7, fds pos=1, end
guy pos=4, endfd=0
fWebsocketWrapServer1CB : callback reason = 33,WSI=405432
fWebsocketWrapServer1CB : callback reason = 36,WSI=405432
lwsts[588]: not calling back closed mode=10 state=0
fWebsocketWrapServer1CB : callback reason = 30,WSI=405432
fWebsocketWrapServer1CB :LWS_CALLBACK_WSI_DESTROY
lwsts[588]: ah det due to close
lwsts[588]: lws_free_wsi: 0x62fb8, remaining wsi 2
lwsts[588]: lws_close_free_wsi: 0x6a0f8
lwsts[588]: lws_close_free_wsi: real just_kill_connection: 0x6a0f8 (sockfd
9)
fWebsocketWrapServer1CB : callback reason = 35,WSI=434424
lwsts[588]: lws_same_vh_protocol_remove: removing same prot wsi 0x6a0f8
lwsts[588]: have prev 0x5b3a8, setting him to our next (nil)
lwsts[588]: remove_wsi_socket_from_fds: wsi=0x6a0f8, sock=9, fds pos=1, end
guy pos=3, endfd=9
fWebsocketWrapServer1CB : callback reason = 33,WSI=434424
fWebsocketWrapServer1CB : callback reason = 36,WSI=434424
lwsts[588]: lws_close_free_wsi: doing LWS_CALLBACK_HTTP_DROP_PROTOCOL for
0x6a0f8 prot BB-GW-01
fWebsocketWrapServer1CB : callback reason = 50,WSI=434424
lwsts[588]: calling back CLOSED
fWebsocketWrapServer1CB : callback reason = 4,WSI=434424
fWebsocketWrapServer1CB :LWS_CALLBACK_CLOSED
fWebsocketWrapServer1CB : callback reason = 30,WSI=434424
fWebsocketWrapServer1CB :LWS_CALLBACK_WSI_DESTROY
lwsts[588]: ah det due to close
lwsts[588]: lws_header_table_detach: wsi 0x6a0f8: ah 0x3b3c0 (tsi=0, count
= 1)
lwsts[588]: lws_header_table_detach: wsi 0x6a0f8: ah 0x3b3c0 (tsi=0, count
= 0)
lwsts[588]: lws_free_wsi: 0x6a0f8, remaining wsi 1
fWebsocketWrapServer1CB : callback reason = 28,WSI=-1092213224
lwsts[588]: accepted v13 connection
lwsts[588]: lws_header_table_detach: wsi 0x6a0f8: ah 0xb6dbcb68 (tsi=0,
count = 0)
*** Error in `./Libwebsocket_TestServer': free(): invalid pointer:
0x0006a0f0 ***
Aborted
--------------------------------------------------------------------------------------------------------------------

Note : You may need to change cert path based on your certificate set.

Thanks

On Mon, Jul 17, 2017 at 4:29 PM, Andy Green <andy at warmcat.com> wrote:

>
>
> On 07/17/2017 06:51 PM, techi eth wrote:
>
>> Test Server is not designed for handling two network interface server
>> setup however i will modify & test the same & update you by patch.
>>
>> I don't want you to debug code but it will be straight forward call of
>> lws & pretty simple for handling two different network interface.
>> Additionally you can check debug log attached by me to give hint why it
>> has aborted.
>>
>
> I looked at your log, but it's related to ah.  I never saw anything like
> that with the test server.
>
> I suggest you first confirm the test server and the SIGUSR1 stuff works
> for you.
>
> Then whatever problem you have is somewhere between what the test server
> does and what your code does.
>
> In that case, you should be able to align the test server with your code
> until you can give me a patch on the test server I can reproduce it with
> (or you find out what you should be doing differently).
>
> -Andy
>
> Thanks
>>
>> On Mon, Jul 17, 2017 at 3:30 PM, Andy Green <andy at warmcat.com <mailto:
>> andy at warmcat.com>> wrote:
>>
>>
>>
>>     On 07/17/2017 05:43 PM, techi eth wrote:
>>
>>         I have just started testing latest update given by you on master.
>>
>>         In one of my test where once client get connected I am
>>         destroying vhost & this is resulted abort in programme.
>>
>>         Could you please check is this issue or my test is not correct ?
>>
>>
>>     No... it's not my problem to debug your code.
>>
>>         I have attached detailed log & test file for reference.
>>
>>
>>     Can you reproduce this with the test server?  Or a patch on the test
>>     server where I can reproduce it myself?
>>
>>     -Andy
>>
>>         On Sat, Jul 15, 2017 at 4:56 PM, Andy Green <andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>> wrote:
>>
>>
>>
>>              On 07/15/2017 06:10 PM, techi eth wrote:
>>
>>                  Thanks a lot for looking by yourself.
>>
>>                  I will wait for your update to test.
>>
>>
>>              It's getting late here, so I pushed what I have on master
>>         without
>>              testing it outside of context closure.  However for context
>>         closure
>>              it has zero leaks on valgrind with lwsws (libuv) or
>>              libwebsockets-test-server.
>>
>>              Even if it makes problems, it should be simpler to debug
>>         and work
>>              with than doing it from scratch.
>>
>>              It's simply
>>
>>              LWS_VISIBLE LWS_EXTERN void
>>              lws_vhost_destroy(struct lws_vhost *vh);
>>
>>              anyway give it a try and see what happens.
>>
>>              -Andy
>>
>>
>>                  Thanks
>>
>>                  On Sat, Jul 15, 2017 at 3:35 PM, Andy Green
>>         <andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>>         wrote:
>>
>>
>>
>>                       On 07/15/2017 05:57 PM, techi eth wrote:
>>
>>                           I was trying to understand lws code to create
>>                  functionality for
>>                           stopping vhost from past few days. I know it
>>         will not
>>                  be so easy
>>                           without knowing full overview of code flow &
>> data
>>                  structure.
>>
>>
>>                           I have just implemented small patch which will
>>         actually
>>                  stop the
>>                           server attached to vhost based on interface
>>         However I
>>                  am not
>>                           sure I am doing right way or not.I haven't
>> tested
>>                  completely
>>                           patch so it is not advice to use by anyone.
>>
>>
>>                           It will be helpful if you will give some hint
>> for
>>                  implementation
>>                           so that it will be easy & right direction for
>>         me to
>>                  implement.
>>
>>                           If you have any implementation done on same
>>         then please
>>                  share i
>>                           will be able to test to confirm.
>>
>>                           I have one doubt when I have created two
>>         server (One on
>>                  each
>>                           network interface) why I am getting fds_count
>>         3. (I was
>>                           expecting fds_count 2 one for each server)
>>
>>                       There is a pipe created for each service thread,
>>         so we can
>>                  interrupt
>>                       a poll() wait from another thread.  Otherwise,
>>         changes to
>>                  POLLOUT
>>                       etc (ie, request for writable callback) would not be
>>                  recognized by
>>                       the service thread until the next time we enter
>>         poll().
>>
>>                       I just started on this today myself... others are
>>         asking
>>                  for it on
>>                       github.
>>
>>                       It's done but I need to figure out a way to add it
>>         to a
>>                  test app so
>>                       we can know it does what it is supposed to.
>>
>>                       I confirmed it can do the context close OK on
>>         poll() and
>>                  libuv which
>>                       was my main worry.
>>
>>                       I'll send an update later.
>>
>>                       -Andy
>>
>>
>>                           Thanks
>>
>>
>>                           On Wed, Jul 12, 2017 at 4:09 PM, techi eth
>>                  <techieth at gmail.com <mailto:techieth at gmail.com>
>>         <mailto:techieth at gmail.com <mailto:techieth at gmail.com>>
>>                           <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>
>>                  <mailto:techieth at gmail.com <mailto:techieth at gmail.com>
>>         <mailto:techieth at gmail.com <mailto:techieth at gmail.com>>
>>                           <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                  <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>>> wrote:
>>
>>                                I confirm with test that lws will have
>>         need individual
>>                           interface
>>                                server stop/start when IP or WiFi changes
>>         on a network
>>                           interface. It
>>                                will be listening on old IP only & never
>>         come on
>>                  new IP.
>>
>>                                It will also not practical to use reload
>>         because other
>>                           interface is
>>                                working well & needs to be in listen as
>>         long as
>>                  application
>>                           wants’.
>>
>>                                I am using lws from long time & found it
>>         is very
>>                  robust &
>>                           most of
>>                                the required interface is available for
>>                  application use. If you
>>                                think above is practical case than check
>> for
>>                  consideration.
>>                                I have started looking lws code for
>>         required changes.
>>
>>                                On Wed, Jul 12, 2017 at 12:54 PM, Andy
>> Green
>>                           <andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                                <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>> wrote:
>>
>>
>>
>>                                    On 07/12/2017 03:14 PM, techi eth
>> wrote:
>>
>>                                        I can think of below use cases.
>>
>>                                        1)On particular point application
>>         do not want
>>                           listening  on
>>                                        one of interface because it
>>         doesn’t want
>>                  to allow
>>                           connection
>>                                        due to application need or
>>         security reason.
>>
>>
>>                                    You can just hang up on it.
>>
>>                                        2)One network interface was
>>         completely
>>                  shut down as
>>                           it is
>>                                        only required for initial
>>         configuration.
>>                  Interface will
>>                                        never ever come up again.
>>
>>
>>                                    Then you will need to restart or
>>         'reload' the
>>                  whole server.
>>
>>                                        3)In the case of WiFi possibly we
>> are
>>                  switching to
>>                           different
>>                                        WiFi so we will get altogether
>>         different
>>                  network
>>                           IP. In this
>>                                        case we need to stop current
>>         server & try
>>                  again
>>                           starting
>>                                        server once we get connected to
>>         other WiFi.
>>
>>
>>                                    Okay...
>>
>>                                        4)IP got changed due to dynamic IP
>>                  allocation by
>>                           router.
>>
>>
>>                                    Okay...
>>
>>                                        Please correct me if it will
>>         justify the stop
>>                           server case.
>>
>>
>>                                    Sure.  Feel free to send me a patch
>>                  implementing it.
>>
>>                                    'reload' is quite interesting.... it's
>>                  implemented in
>>                           lwsws.         Basically it drops the listen
>>         sockets on the
>>                           existing serving
>>                                    process, starts a new one with fresh
>>         listen
>>                  sockets
>>                           (bound again
>>                                    to whatever), but leaves the old one
>>         server up
>>                  until
>>                           there are
>>                                    no connections left.  When the last
>>         connection
>>                  drops,
>>                           the old
>>                                    server instance exits.
>>
>>                                    -Andy
>>
>>                                        On Wed, Jul 12, 2017 at 12:26 PM,
>>         Andy Green
>>                                        <andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>>                                        <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>> wrote:
>>
>>
>>
>>                                             On 07/12/2017 02:45 PM,
>>         techi eth wrote:
>>
>>                                                 Thanks for confirmation.
>>                                                 I can see from test also
>>         it will
>>                  be two socket
>>                                                 lws_get_socket_fd(wsi)
>> will
>>                  confirm the same.
>>                                                 If it will two listen
>> socket
>>                  which means two
>>                                        websocket server.
>>                                                 Is their any way i can
>>         force stop
>>                  once server
>>                                        listening or both
>>                                                 due to application need ?
>>
>>
>>                                             This is the third time you
>>         ask the
>>                  same thing.
>>
>>                                             No.
>>
>>
>>                                             Can you explain why you
>>         think you
>>                  need to stop the
>>                                        vhost listening?
>>
>>                                             -Andy
>>
>>
>>
>>                                                 On Wed, Jul 12, 2017 at
>>         11:41 AM,
>>                  Andy Green
>>                                        <andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>>                                                 <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>>
>>                                        <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>>                                                 <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                                        <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>>>>
>>                  wrote:
>>
>>
>>
>>                                                      On July 12, 2017
>>         2:05:02 PM
>>                           GMT+08:00, techi eth
>>                                                 <techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                  <mailto:techieth at gmail.com <mailto:techieth at gmail.com>>
>>                           <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>
>>                  <mailto:techieth at gmail.com <mailto:techieth at gmail.com>
>>         <mailto:techieth at gmail.com <mailto:techieth at gmail.com>>
>>                           <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>>
>>                                        <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                  <mailto:techieth at gmail.com <mailto:techieth at gmail.com>>
>>                           <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>
>>                  <mailto:techieth at gmail.com <mailto:techieth at gmail.com>
>>         <mailto:techieth at gmail.com <mailto:techieth at gmail.com>>
>>                           <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>>>
>>                                                             <mailto:
>> techieth at gmail.com <mailto:techieth at gmail.com>
>>                  <mailto:techieth at gmail.com <mailto:techieth at gmail.com>>
>>                           <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>
>>                                        <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                  <mailto:techieth at gmail.com <mailto:techieth at gmail.com>>
>>                           <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                  <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                  <mailto:techieth at gmail.com <mailto:techieth at gmail.com>>
>>                           <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com> <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>
>>                                        <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                  <mailto:techieth at gmail.com <mailto:techieth at gmail.com>>
>>                           <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>
>>                  <mailto:techieth at gmail.com
>>         <mailto:techieth at gmail.com>>>>>>> wrote:
>>                                                      >Sorry but I am bit
>>         confuse
>>                  from your
>>                           single
>>                                        socket statement.
>>                                                      >
>>                                                      >Here I have two IP
>>         address
>>                  (Due to two
>>                                        different network
>>                                                 interface) so
>>                                                      >I
>>                                                      >think there should
>>         be two
>>                  socket
>>                           however if
>>                                        vhost concept
>>                                                 is based on
>>                                                      >single socket
>>         working on port
>>                           sharing then I
>>                                        think this
>>                                                 may work.
>>
>>                                                      I think it will
>>         indeed be
>>                  two listen
>>                           sockets
>>                                        then, each
>>                                                 bound to one
>>                                                      ip or interface.
>>
>>                                                      Typically vhosts
>>         are all
>>                  piled on the
>>                           same
>>                                        listen socket +
>>                                                 port.
>>
>>                                                      >I am not sure how
>>         it will
>>                  behave
>>                           when concurrent
>>                                                 read/write happen on
>>                                                      >single socket by the
>>                  multiple client
>>                           from
>>                                        multiple network
>>                                                 at same
>>                                                      >time.
>>
>>                                                      There is no problem
>>         with it.  By
>>                           default lws
>>                                        binds to all
>>                                                 interfaces
>>                                                      at the port (with one
>>                  socket), this
>>                           appears as
>>                                        0.0.0.0 listen
>>                                                      address in
>>         netstat.  So it
>>                  is easy to
>>                           confirm.
>>
>>                                                      >
>>                                                      >If network
>>         connection go
>>                  down (I have
>>                                        rejected connection
>>                                                 & callback
>>                                                      >closed
>>                                                      >) & up again shall
>>         i need
>>                  to create
>>                           vhost again ?
>>
>>                                                      No.
>>
>>                                                      -Andy
>>
>>                                                       >
>>                                                       >Thanks
>>                                                       >
>>                                                       >On Tue, Jul 11,
>>         2017 at
>>                  4:48 PM,
>>                           Andy Green
>>                                                 <andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>
>>                                        <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>
>>                                                             <mailto:
>> andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                                        <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                                        <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>>>>
>>                  wrote:
>>                                                       >
>>                                                       >>
>>                                                       >>
>>                                                       >> On 07/11/2017
>>         07:05 PM,
>>                  techi eth
>>                           wrote:
>>                                                       >>
>>                                                       >>> Thanks for
>>         your input.
>>                                                       >>>
>>                                                       >>> On rejecting
>>         connection in
>>                           callback will
>>                                        cleanup all the
>>                                                      resources &
>>                                                       >>> close
>>         listening socket ?
>>                                                       >>>
>>                                                       >>
>>                                                       >> No.  It will
>>         close the
>>                  connection.
>>                                                       >>
>>                                                       >> If you want to
>>         add the
>>                  capability to
>>                                        dynamically remove
>>                                                 vhosts, by
>>                                                       >all
>>                                                       >> means, send me
>>         a patch.
>>                                                       >>
>>                                                       >> Is there any
>>         function
>>                  available
>>                           in lws  like
>>
>> >_/context/_destroy(),which
>>                                                       >>> will call from
>>                  application to do
>>                           the job ?
>>                                                       >>>
>>                                                       >>
>>                                                       >> You seem a bit
>>         confused
>>                  about
>>                           this listen
>>                                        socket business.
>>                                                       >>
>>                                                       >> If both vhosts
>>         listen on
>>                  :443,
>>                           there is
>>                                        only ONE listen
>>                                                 socket open
>>                                                       >on
>>                                                       >> :443.  If both
>>         vhosts opened
>>                           their own
>>                                        listen socket,
>>                                                 how would the
>>                                                       >tcp
>>                                                       >> layer know
>>         which vhost
>>                  socket
>>                           should get the
>>                                                 connection?  It would
>>                                                       >have to
>>                                                       >> decide before
>>         we could fetch
>>                           headers or
>>                                        whatever.  It
>>                                                 couldn't work.
>>                                                       >>
>>                                                       >> If you close
>>         the single
>>                  shared listen
>>                                        socket, no vhost
>>                                                 can receive
>>                                                       >> anything.
>>                                                       >>
>>                                                       >> When the secure
>>                  connection comes,
>>                           it uses
>>                                        a TLS trick
>>                                                 called SNI to
>>                                                       >get
>>                                                       >> the hostname
>>         the client
>>                  was using to
>>                                        connect before the
>>                                                 secure
>>                                                      tunnel
>>                                                       >is
>>                                                       >> set up.  From
>>         that, it
>>                  decides
>>                           which vhost
>>                                        he was
>>                                                 trying to connect
>>                                                       >to,
>>                                                       >> sets up the TLS
>>         tunnel
>>                  using the
>>                           correct
>>                                        vhost's
>>                                                 certificates, and
>>                                                       >binds
>>                                                       >> the connection
>>         to the
>>                  right vhost.
>>                                                       >>
>>                                                       >> If you want one
>>         of the
>>                  vhosts to
>>                           start
>>                                        rejecting
>>                                                 connections,
>>                                                      you can
>>                                                       >use
>>                                                       >>
>>         lws_get_vhost(wsi) once
>>                  the wsi
>>                           has bound to a
>>                                                 particular vhost and
>>                                                       >act
>>                                                       >> differently if
>>         it is the
>>                  'down'
>>                           vhost the
>>                                        wsi is bound to.
>>                                                       >>
>>                                                       >> -Andy
>>                                                       >>
>>                                                       >> On Tue, Jul 11,
>>         2017 at
>>                  3:02 PM,
>>                           Andy Green
>>                                                 <andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>
>>                                        <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>
>>                                                             <mailto:
>> andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                                        <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                                        <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>>
>>                                                       ><mailto:
>>                                                       >>>
>>         andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                                        <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                                        <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>
>>                                                 <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>>>
>>                                        <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
>>                           <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
>>         <mailto:andy at warmcat.com>>
>>                  <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
>>         <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>>>> wrote:
>>                                                       >>>
>>                                                       >>>
>>                                                       >>>
>>                                                       >>>     On
>>         07/11/2017 05:25 PM,
>>                           techi eth wrote:
>>                                                       >>>
>>                                                       >>>         Hi,
>>                                                       >>>
>>                                                       >>>         Now i
>>         am able
>>                  to run
>>                           both the SSL
>>                                        server.
>>                                                 Thanks for input.
>>                                                       >>>         Could
>> you
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://libwebsockets.org/pipermail/libwebsockets/attachments/20170717/e7eaa718/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: libwebsocket_test_server_vhost_destroy_issue.patch
Type: application/octet-stream
Size: 9860 bytes
Desc: not available
URL: <https://libwebsockets.org/pipermail/libwebsockets/attachments/20170717/e7eaa718/attachment-0002.obj>


More information about the Libwebsockets mailing list