diff options
author | Andy Green <andy@warmcat.com> | 2020-02-29 12:37:24 +0000 |
---|---|---|
committer | Andy Green <andy@warmcat.com> | 2020-03-04 12:17:49 +0000 |
commit | 28ce32af64d8c32f51463aa6723a43fe4985d613 (patch) | |
tree | 8f90534b18e350595871f44e33a9304528ed3966 /README.md | |
parent | 9d099ba7be75d12290f2d541e33fbab924c7a961 (diff) | |
download | libwebsockets-28ce32af64d8c32f51463aa6723a43fe4985d613.tar.gz |
client: secure streams
Secure Streams is an optional layer on top of lws that separates policy
like endpoint selection and tls cert validation into a device JSON
policy document.
Code that wants to open a client connection just specifies a streamtype name,
and no longer deals with details like the endpoint, the protocol (!) or anything
else other than payloads and optionally generic metadata; the JSON policy
contains all the details for each streamtype. h1, h2, ws and mqtt client
connections are supported.
Logical secure streams outlive any particular connection and supports "nailed-up"
connectivity regardless of underlying connection stability.
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 20 |
1 files changed, 20 insertions, 0 deletions
@@ -16,6 +16,26 @@ various scenarios, CC0-licensed (public domain) for cut-and-paste, allow you to News ---- +## Introducing Secure Streams client support + +Secure Streams is an optional layer above lws (`-DLWS_WITH_SECURE_STREAMS=1`) that +separates connectivity policy into a JSON document, which can be part of the +firmware or fetched at boot time. + +Code no longer deals with details like endpoint specification or tls cert stack used +to validate the remote server, it's all specified in JSON, eg, see +[this example](https://warmcat.com/policy/minimal-proxy.json). Even the protocol to use to talk to the +server, between h1, h2, ws or MQTT, is specified in the policy JSON and the code +itself just deals with payloads and optionally metadata, making it possible to +switch endpoints, update certs and even switch communication protocols by just +editing the JSON policy and leaving the code alone. + +Logical Secure Stream connections outlive any underlying lws connection, and support +"nailed-up" connection reacquisition and exponential backoff management. + +See [./lib/secure-streams/README.md](https://libwebsockets.org/git/libwebsockets/tree/lib/secure-streams/README.md) and the related minimal examples +for more details. + ## mqtt client support If you enable `-DLWS_ROLE_MQTT=1`, lws can now support QoS0 and QoS1 MQTT client |