From 6379e25fe4aa9ef43c7311202c6487cc6440b07b Mon Sep 17 00:00:00 2001 From: Steve Kim Date: Wed, 8 Apr 2020 14:45:01 -0700 Subject: build libsockets into a static library with Soong Bug: 152085202 Test: built, tested with a minimal ws-proxy example Change-Id: Ic88709fbfa640e0ab9cbd4fcd4cf58e680816cf1 --- Android.bp | 154 ++++++++++++++++++++++++++++++++++ Android.mk | 2 + CMakeAndroidLists.txt.template | 12 +++ CMakeLists.txt | 19 ++++- gen_lws_config_h.sh | 121 +++++++++++++++++++++++++++ include/lws_config.h | 174 +++++++++++++++++++++++++++++++++++++++ include/lws_config_private.h | 123 +++++++++++++++++++++++++++ lib/tls/openssl/openssl-client.c | 17 +++- 8 files changed, 616 insertions(+), 6 deletions(-) create mode 100644 Android.bp create mode 100644 Android.mk create mode 100644 CMakeAndroidLists.txt.template create mode 100755 gen_lws_config_h.sh create mode 100644 include/lws_config.h create mode 100644 include/lws_config_private.h diff --git a/Android.bp b/Android.bp new file mode 100644 index 00000000..5b1f0a4e --- /dev/null +++ b/Android.bp @@ -0,0 +1,154 @@ +// Copyright (C) 2020 The Android Open Source Project +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Common variables. +libwebsocketsSrcFiles = [ + "lib/core-net/adopt.c", + "lib/core-net/client.c", + "lib/core-net/close.c", + "lib/core-net/connect.c", + "lib/core-net/dummy-callback.c", + "lib/core-net/network.c", + "lib/core-net/output.c", + "lib/core-net/pollfd.c", + "lib/core-net/sequencer.c", + "lib/core-net/server.c", + "lib/core-net/service.c", + "lib/core-net/sorted-usec-list.c", + "lib/core-net/state.c", + "lib/core-net/stats.c", + "lib/core-net/vhost.c", + "lib/core-net/wsi-timeout.c", + "lib/core-net/wsi.c", + "lib/core/alloc.c", + "lib/core/buflist.c", + "lib/core/context.c", + "lib/core/libwebsockets.c", + "lib/core/logs.c", + "lib/core/lws_dll2.c", + "lib/core/vfs.c", + "lib/event-libs/poll/poll.c", + "lib/misc/base64-decode.c", + "lib/misc/dir.c", + "lib/misc/lejp.c", + "lib/misc/lws-ring.c", + "lib/misc/lwsac/cached-file.c", + "lib/misc/lwsac/lwsac.c", + "lib/misc/sha-1.c", + "lib/plat/unix/unix-caps.c", + "lib/plat/unix/unix-fds.c", + "lib/plat/unix/unix-file.c", + "lib/plat/unix/unix-init.c", + "lib/plat/unix/unix-misc.c", + "lib/plat/unix/unix-pipe.c", + "lib/plat/unix/unix-service.c", + "lib/plat/unix/unix-sockets.c", + "lib/roles/h1/ops-h1.c", + "lib/roles/h2/hpack.c", + "lib/roles/h2/http2.c", + "lib/roles/h2/ops-h2.c", + "lib/roles/http/client/client-handshake.c", + "lib/roles/http/client/client-http.c", + "lib/roles/http/header.c", + "lib/roles/http/parsers.c", + "lib/roles/http/server/lejp-conf.c", + "lib/roles/http/server/lws-spa.c", + "lib/roles/http/server/server.c", + "lib/roles/listen/ops-listen.c", + "lib/roles/pipe/ops-pipe.c", + "lib/roles/raw-file/ops-raw-file.c", + "lib/roles/raw-skt/ops-raw-skt.c", + "lib/roles/ws/client-parser-ws.c", + "lib/roles/ws/client-ws.c", + "lib/roles/ws/ops-ws.c", + "lib/roles/ws/server-ws.c", + "lib/system/system.c", + "lib/tls/openssl/openssl-client.c", + "lib/tls/openssl/openssl-server.c", + "lib/tls/openssl/openssl-ssl.c", + "lib/tls/openssl/openssl-tls.c", + "lib/tls/openssl/openssl-x509.c", + "lib/tls/tls-client.c", + "lib/tls/tls-network.c", + "lib/tls/tls-server.c", + "lib/tls/tls.c", +] + +libwebsocketsIncludePath = [ + "plugins", + "lib/core", + "lib/core-net", + "lib/event-libs", + "lib/abstract", + "lib/tls", + "lib/roles", + "lib/event-libs/libuv", + "lib/event-libs/poll", + "lib/event-libs/libevent", + "lib/event-libs/glib", + "lib/event-libs/libev", + "lib/jose/jwe", + "lib/jose/jws", + "lib/jose", + "lib/misc", + "lib/roles/http", + "lib/roles/http/compression", + "lib/roles/h1", + "lib/roles/h2", + "lib/roles/ws", + "lib/roles/cgi", + "lib/roles/dbus", + "lib/roles/raw-proxy", + "lib/abstract", + "lib/system/async-dns", + "lib/roles/mqtt", + "lib/plat/unix", + "lib", +] + +cc_library_static { + name: "libwebsockets", + srcs: libwebsocketsSrcFiles, + local_include_dirs: libwebsocketsIncludePath, + export_include_dirs: ["include"], + static_libs: ["libcrypto", "libssl", "libcap"], + host_supported: true, + device_supported: false, + target: { + android: { + enabled: false, + }, + darwin: { + enabled: false, + }, + host: { + cflags: [ + "-Wall", + "-Wsign-compare", + "-Wstrict-aliasing", + "-Wuninitialized", + "-Werror", + "-fvisibility=hidden", + "-Wundef", + "-Wtype-limits", + "-Wignored-qualifiers", + "-Wno-deprecated-declarations", + "-pthread", + "-Wno-error=unused-command-line-argument", + "-Wno-error=unused-parameter", + "-Wno-error=implicit-function-declaration", + ], + }, + }, +} diff --git a/Android.mk b/Android.mk new file mode 100644 index 00000000..3391d632 --- /dev/null +++ b/Android.mk @@ -0,0 +1,2 @@ +# Empty Android.mk to shadow libwebsockets/contrib/Android.mk +# and libwebsockets/test-apps/android/app/src/main/jni/Android.mk diff --git a/CMakeAndroidLists.txt.template b/CMakeAndroidLists.txt.template new file mode 100644 index 00000000..2c3c9f78 --- /dev/null +++ b/CMakeAndroidLists.txt.template @@ -0,0 +1,12 @@ +# to keep this from working as is +DO-NOT-BUILD-ME-AS-IS +set(ANDROID_SRC_ROOT_DIR "____android_src_root_dir____") +set(BUILD_LIBSSL_DIR "____build_libssl_dir____") +set(BUILD_LIBCRYPTO_DIR "____build_libcrypto_dir____") +set(BUILD_LIBCAP_DIR "____build_libcap_dir____") + +set(BUILD_BORINGSSL_INCDIR "${ANDROID_SRC_ROOT_DIR}/external/boringssl/include") +set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error=implicit-function-declaration") +set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DBORINGSSL_IMPLEMENTATION") +set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -I${BUILD_BORINGSSL_INCDIR}") +set(CMAKE_REQUIRED_LINK_OPTIONS "-L${BUILD_LIBSSL_DIR} -L${BUILD_LIBCRYPTO_DIR} -L${BUILD_LIBCAP_DIR}") diff --git a/CMakeLists.txt b/CMakeLists.txt index 3abeda51..380f228b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -22,6 +22,10 @@ project(libwebsockets C) option(LWS_WITH_DISTRO_RECOMMENDED "Enable features recommended for distro packaging" OFF) option(LWS_FOR_GITOHASHI "Enable features recommended for use with gitohashi" OFF) +# variables for libwebsockets build as x86-64 host library in Android +include(CMakeAndroidLists.txt) +# end of variables for libwebsockets build as x86-64 host library in Android + # # Major individual features # @@ -72,7 +76,7 @@ option(LWS_WITH_SECURE_STREAMS_SYS_AUTH_API_AMAZON_COM "Auth support for api.ama # option(LWS_WITH_SSL "Include SSL support (defaults to OpenSSL or similar, mbedTLS if LWS_WITH_MBEDTLS is set)" ON) option(LWS_WITH_MBEDTLS "Use mbedTLS (>=2.0) replacement for OpenSSL. When setting this, you also may need to specify LWS_MBEDTLS_LIBRARIES and LWS_MBEDTLS_INCLUDE_DIRS" OFF) -option(LWS_WITH_BORINGSSL "Use BoringSSL replacement for OpenSSL" OFF) +option(LWS_WITH_BORINGSSL "Use BoringSSL replacement for OpenSSL" ON) option(LWS_WITH_CYASSL "Use CyaSSL replacement for OpenSSL. When setting this, you also need to specify LWS_CYASSL_LIBRARIES and LWS_CYASSL_INCLUDE_DIRS" OFF) option(LWS_WITH_WOLFSSL "Use wolfSSL replacement for OpenSSL. When setting this, you also need to specify LWS_WOLFSSL_LIBRARIES and LWS_WOLFSSL_INCLUDE_DIRS" OFF) option(LWS_SSL_CLIENT_USE_OS_CA_CERTS "SSL support should make use of the OS-installed CA root certs" ON) @@ -88,7 +92,7 @@ option(LWS_WITH_GLIB "Compile with support for glib event loop" OFF) # Static / Dynamic build options # option(LWS_WITH_STATIC "Build the static version of the library" ON) -option(LWS_WITH_SHARED "Build the shared version of the library" ON) +option(LWS_WITH_SHARED "Build the shared version of the library" OFF) option(LWS_LINK_TESTAPPS_DYNAMIC "Link the test apps to the shared version of the library. Default is to link statically" OFF) option(LWS_STATIC_PIC "Build the static version of the library with position-independent code" OFF) # @@ -105,7 +109,7 @@ option(LWS_PLAT_ANDROID "Android flavour of unix platform" OFF) # option(LWS_WITHOUT_CLIENT "Don't build the client part of the library" OFF) option(LWS_WITHOUT_SERVER "Don't build the server part of the library" OFF) -option(LWS_WITHOUT_TESTAPPS "Don't build the libwebsocket-test-apps" OFF) +option(LWS_WITHOUT_TESTAPPS "Don't build the libwebsocket-test-apps" ON) option(LWS_WITHOUT_TEST_SERVER "Don't build the test server" OFF) option(LWS_WITHOUT_TEST_SERVER_EXTPOLL "Don't build the test server version that uses external poll" OFF) option(LWS_WITHOUT_TEST_PING "Don't build the ping test application" OFF) @@ -1989,7 +1993,14 @@ if (LWS_WITH_SSL) find_package(OpenSSL REQUIRED) list(APPEND OPENSSL_LIBRARIES ${PC_OPENSSL_LIBRARIES}) endif() - set(OPENSSL_INCLUDE_DIRS "${OPENSSL_INCLUDE_DIR}") + set(OPENSSL_INCLUDE_DIRS "${OPENSSL_INCLUDE_DIRS}") + endif() + + if (LWS_WITH_BORINGSSL) + list(APPEND OPENSSL_LIBRARIES "${BUILD_LIBSSL_DIR}/libssl.a") + list(APPEND OPENSSL_LIBRARIES "${BUILD_LIBCRYPTO_DIR}/libcrypto.a") + list(APPEND OPENSSL_LIBRARIES "${BUILD_LIBCAP_DIR}/libcap.a") + set(OPENSSL_INCLUDE_DIRS "${BUILD_BORINGSSL_INCDIR}" ${OPENSSL_INCLUDE_DIRS}) endif() message("OpenSSL include dir: ${OPENSSL_INCLUDE_DIRS}") diff --git a/gen_lws_config_h.sh b/gen_lws_config_h.sh new file mode 100755 index 00000000..9d8d6d52 --- /dev/null +++ b/gen_lws_config_h.sh @@ -0,0 +1,121 @@ +#!/bin/bash +# +# lws_config{,_private}.h are created by running cmake +# We are not allowed to use cmake to do the Android build +# These files for now have to be created offline +# +debug_mode="false" +if [[ $1 == "debug" ]] || [[ $1 == "-d" ]]; then + debug_mode="true" +fi + +function remove_trailing_slash { + if [[ $1 == "/" ]]; then + echo $i + else + echo ${1%/} + fi +} + +set -o errexit +MY_LOCATION="$( cd -P "$( dirname "$SOURCE" )" >/dev/null 2>&1 && pwd )" +MY_LOCATION=$(remove_trailing_slash $MY_LOCATION) +CMAKE_LIST_FILE="$MY_LOCATION/CMakeLists.txt" + +ANDROID_ROOTDIR="$(realpath $MY_LOCATION/../..)" +ANDROID_ROOTDIR=$(remove_trailing_slash $ANDROID_ROOTDIR) + +BUILD_DIR=$MY_LOCATION/build_dir + +# included by CMakeLists.txt +CMAKE_ANDROID_FILE="$MY_LOCATION/CMakeAndroidLists.txt" + +# used to generate CMAKE_ANDROID_FILE +CMAKE_ANDROID_FILE_TEMPLATE="$MY_LOCATION/CMakeAndroidLists.txt.template" + +function find_lib_path() { + # find the library in the out directory, and returns the directory's absolute path + # + # $1 -> libname + # $2 -> optional, lib file extension + local libext=${2:-".a"} + local libname="$1$libext" + local res=`find ${ANDROID_ROOTDIR}/out -type f | egrep "$libname$" | egrep "$(uname -m)" | egrep -i "$(uname -s)"` + echo $res +} + +function sed_in_cmake_android() { + # replace in-place 'from' with 'to' in CMAKE_ANDROID_FILE + # + # $1: from + # $2: to + # $3: CMAKE_ANDROID_FILE + # + local cmake_android_file=${3:-"${CMAKE_ANDROID_FILE}"} + local from="____""$1""____" + local to=$(echo $2 | sed -r 's/\//\\\//g') + if [[ $debug_mode == "true" ]]; then + echo "${FUNCNAME[0]} replaces in $cmake_android_file " + echo " " $from + echo "with " $to + fi + sed -i "s/$from/$to/g" $cmake_android_file +} + +function create_android_list() { + # + # by filling out the form in CMAKE_ANDROID_FILE_TEMPLATE, + # create CMAKE_ANDROID_FILE that is included in CMakeLists.txt + # + # The CMAKE_ANDROID_FILE defines libray/include directories for + # libraries provided by somewhere in Android Root + # + rm -f ${CMAKE_ANDROID_FILE} || true + cp -f ${CMAKE_ANDROID_FILE_TEMPLATE} ${CMAKE_ANDROID_FILE} + sed_in_cmake_android "android_src_root_dir" ${ANDROID_ROOTDIR} ${CMAKE_ANDROID_FILE} + libs=("libssl" "libcrypto" "libcap") + for lib in ${libs[@]}; do + local libfile_path=$(find_lib_path $lib) + local libpath=$(dirname ${libfile_path}) + libpath=$(remove_trailing_slash $libpath) + str_to_replae="build_""$lib""_dir" + sed_in_cmake_android "$str_to_replae" $libpath ${CMAKE_ANDROID_FILE} + done +} + +# build required modules ahead by installing & build fake_module + +# create CMakeAndroidLists.txt +create_android_list + +extension=$(date | md5sum | cut -d ' ' -f 1) +cp -f $CMAKE_LIST_FILE $CMAKE_LIST_FILE.$extension + +# make CMakeLists.txt buildable +sed -i 's/DO-NOT-BUILD-ME-AS-IS//g' ${CMAKE_ANDROID_FILE} + +# replace CHECK_FUNCTION_EXISTS with check_function_exists +sed -i 's/CHECK_FUNCTION_EXISTS/check_function_exists/g' $CMAKE_LIST_FILE + +# run cmake to configure +rm -fr $BUILD_DIR || true +LIBWEBSOCKETS_SRC_ROOT=$MY_LOCATION +mkdir -p $BUILD_DIR + +if [[ $debug_mode == "true" ]]; then + pushd $BUILD_DIR + cmake VERBOSE=1 .. + popd +else + (pushd $BUILD_DIR > /dev/null 2>&1; cmake .. > /dev/null 2>&1; popd > /dev/null 2>&1) +fi + +cp -f $BUILD_DIR/lws_config.h $LIBWEBSOCKETS_SRC_ROOT/include +cp -f $BUILD_DIR/lws_config_private.h $LIBWEBSOCKETS_SRC_ROOT/include + +# clean up +if [[ $debug_mode != "true" ]]; then + rm -fr $BUILD_DIR || true + rm -f $CMAKE_ANDROID_FILE || true + mv -f $CMAKE_LIST_FILE.$extension $CMAKE_LIST_FILE +fi diff --git a/include/lws_config.h b/include/lws_config.h new file mode 100644 index 00000000..b0b36ee4 --- /dev/null +++ b/include/lws_config.h @@ -0,0 +1,174 @@ +/* lws_config.h Generated from lws_config.h.in */ + +#ifndef NDEBUG + #ifndef _DEBUG + #define _DEBUG + #endif +#endif + +#define LWS_INSTALL_DATADIR "/usr/local/share" +#define LWS_LIBRARY_VERSION_MAJOR 4 +#define LWS_LIBRARY_VERSION_MINOR 0 +#define LWS_LIBRARY_VERSION_PATCH 1 +/* LWS_LIBRARY_VERSION_NUMBER looks like 1005001 for e.g. version 1.5.1 */ +#define LWS_LIBRARY_VERSION_NUMBER (LWS_LIBRARY_VERSION_MAJOR * 1000000) + \ + (LWS_LIBRARY_VERSION_MINOR * 1000) + \ + LWS_LIBRARY_VERSION_PATCH +#define LWS_MAX_SMP 1 + +/* #undef LWS_LIBRARY_VERSION_NUMBER */ + +/* #undef LWS_AVOID_SIGPIPE_IGN */ +/* #undef LWS_BUILD_HASH */ +/* #undef LWS_BUILTIN_GETIFADDRS */ +#define LWS_CLIENT_HTTP_PROXYING +/* #undef LWS_FALLBACK_GETHOSTBYNAME */ +#define LWS_HAS_INTPTR_T +#define LWS_HAS_GETOPT_LONG +/* #undef LWS_HAVE__ATOI64 */ +#define LWS_HAVE_ATOLL +#define LWS_HAVE_BN_bn2binpad +#define LWS_HAVE_CLOCK_GETTIME +/* #undef LWS_HAVE_EC_POINT_get_affine_coordinates */ +#define LWS_HAVE_ECDSA_SIG_set0 +#define LWS_HAVE_EVP_MD_CTX_free +/* #undef LWS_HAVE_EVP_aes_128_wrap */ +/* #undef LWS_HAVE_EVP_aes_128_cfb8 */ +/* #undef LWS_HAVE_EVP_aes_128_cfb128 */ +/* #undef LWS_HAVE_EVP_aes_192_cfb8 */ +/* #undef LWS_HAVE_EVP_aes_192_cfb128 */ +/* #undef LWS_HAVE_EVP_aes_256_cfb8 */ +/* #undef LWS_HAVE_EVP_aes_256_cfb128 */ +/* #undef LWS_HAVE_EVP_aes_128_xts */ +#define LWS_HAVE_EXECVPE +#define LWS_HAVE_LIBCAP +#define LWS_HAVE_HMAC_CTX_new +#define LWS_HAVE_MALLOC_H +#define LWS_HAVE_MALLOC_TRIM +#define LWS_HAVE_MALLOC_USABLE_SIZE +/* #undef LWS_HAVE_mbedtls_net_init */ +/* #undef LWS_HAVE_mbedtls_ssl_conf_alpn_protocols */ +/* #undef LWS_HAVE_mbedtls_ssl_get_alpn_protocol */ +/* #undef LWS_HAVE_mbedtls_ssl_conf_sni */ +/* #undef LWS_HAVE_mbedtls_ssl_set_hs_ca_chain */ +/* #undef LWS_HAVE_mbedtls_ssl_set_hs_own_cert */ +/* #undef LWS_HAVE_mbedtls_ssl_set_hs_authmode */ +/* #undef LWS_HAVE_MBEDTLS_NET_SOCKETS */ +/* #undef LWS_HAVE_NEW_UV_VERSION_H */ +#define LWS_HAVE_OPENSSL_ECDH_H +#define LWS_HAVE_PIPE2 +#define LWS_HAVE_EVENTFD +#define LWS_HAVE_PTHREAD_H +#define LWS_HAVE_RSA_SET0_KEY +#define LWS_HAVE_RSA_verify_pss_mgf1 +/* #undef LWS_HAVE_SSL_CTX_get0_certificate */ +/* #undef LWS_HAVE_SSL_CTX_set1_param */ +/* #undef LWS_HAVE_SSL_CTX_set_ciphersuites */ +/* #undef LWS_HAVE_SSL_EXTRA_CHAIN_CERTS */ +/* #undef LWS_HAVE_SSL_get0_alpn_selected */ +#define LWS_HAVE_SSL_CTX_EVP_PKEY_new_raw_private_key +/* #undef LWS_HAVE_SSL_set_alpn_protos */ +/* #undef LWS_HAVE_SSL_SET_INFO_CALLBACK */ +/* #undef LWS_HAVE__STAT32I64 */ +#define LWS_HAVE_STDINT_H +#define LWS_HAVE_SYS_CAPABILITY_H +/* #undef LWS_HAVE_TLS_CLIENT_METHOD */ +/* #undef LWS_HAVE_TLSV1_2_CLIENT_METHOD */ +/* #undef LWS_HAVE_UV_VERSION_H */ +#define LWS_HAVE_VFORK +#define LWS_HAVE_X509_get_key_usage +#define LWS_HAVE_X509_VERIFY_PARAM_set1_host +#define LWS_LIBRARY_VERSION "4.0.1" +/* #undef LWS_MINGW_SUPPORT */ +/* #undef LWS_NO_CLIENT */ +#define LWS_NO_DAEMONIZE +#define LWS_OPENSSL_CLIENT_CERTS "../share" +#define LWS_OPENSSL_SUPPORT +/* #undef LWS_PLAT_OPTEE */ +#define LWS_PLAT_UNIX +/* #undef LWS_PLAT_FREERTOS */ +/* #undef LWS_ROLE_CGI */ +/* #undef LWS_ROLE_DBUS */ +#define LWS_ROLE_H1 +#define LWS_ROLE_H2 +#define LWS_ROLE_RAW +#define LWS_ROLE_RAW_FILE +/* #undef LWS_ROLE_RAW_PROXY */ +#define LWS_ROLE_WS +/* #undef LWS_ROLE_MQTT */ +/* #undef LWS_SHA1_USE_OPENSSL_NAME */ +#define LWS_SSL_CLIENT_USE_OS_CA_CERTS +/* #undef LWS_SSL_SERVER_WITH_ECDH_CERT */ +/* #undef LWS_WITH_ABSTRACT */ +/* #undef LWS_WITH_ACCESS_LOG */ +/* #undef LWS_WITH_ACME */ +/* #undef LWS_WITH_ALSA */ +/* #undef LWS_WITH_SYS_ASYNC_DNS */ +#define LWS_WITH_BORINGSSL +/* #undef LWS_WITH_CGI */ +#define LWS_WITH_CUSTOM_HEADERS +/* #undef LWS_WITH_DEPRECATED_LWS_DLL */ +/* #undef LWS_WITH_DETAILED_LATENCY */ +#define LWS_WITH_DIR +/* #undef LWS_WITH_ESP32 */ +/* #undef LWS_HAVE_EVBACKEND_LINUXAIO */ +/* #undef LWS_HAVE_EVBACKEND_IOURING */ +/* #undef LWS_WITH_EXTERNAL_POLL */ +#define LWS_WITH_FILE_OPS +/* #undef LWS_WITH_FSMOUNT */ +/* #undef LWS_WITH_FTS */ +/* #undef LWS_WITH_GENCRYPTO */ +/* #undef LWS_WITH_GENERIC_SESSIONS */ +/* #undef LWS_WITH_GLIB */ +/* #undef LWS_WITH_GTK */ +#define LWS_WITH_HTTP2 +#define LWS_WITH_HTTP_BASIC_AUTH +/* #undef LWS_WITH_HTTP_BROTLI */ +/* #undef LWS_WITH_HTTP_PROXY */ +/* #undef LWS_WITH_HTTP_STREAM_COMPRESSION */ +#define LWS_WITH_HTTP_UNCOMMON_HEADERS +/* #undef LWS_WITH_IPV6 */ +/* #undef LWS_WITH_JOSE */ +#define LWS_WITH_LEJP +/* #undef LWS_WITH_LIBEV */ +/* #undef LWS_WITH_LIBEVENT */ +/* #undef LWS_WITH_LIBUV */ +#define LWS_WITH_LWSAC +#define LWS_LOGS_TIMESTAMP +/* #undef LWS_WITH_MBEDTLS */ +/* #undef LWS_WITH_MINIZ */ +#define LWS_WITH_NETWORK +/* #undef LWS_WITH_NO_LOGS */ +#define LWS_WITH_CLIENT +#define LWS_WITHOUT_EXTENSIONS +#define LWS_WITH_SERVER +/* #undef LWS_WITH_SPAWN */ +/* #undef LWS_WITH_PEER_LIMITS */ +/* #undef LWS_WITH_PLUGINS */ +/* #undef LWS_WITH_POLARSSL */ +#define LWS_WITH_POLL +/* #undef LWS_WITH_RANGES */ +/* #undef LWS_WITH_SECURE_STREAMS */ +/* #undef LWS_WITH_SECURE_STREAMS_SYS_AUTH_API_AMAZON_COM */ +/* #undef LWS_WITH_SECURE_STREAMS_PROXY_API */ +/* #undef LWS_WITH_SELFTESTS */ +#define LWS_WITH_SEQUENCER +/* #undef LWS_WITH_SERVER_STATUS */ +/* #undef LWS_WITH_SMTP */ +/* #undef LWS_WITH_SOCKS5 */ +/* #undef LWS_WITH_STATEFUL_URLDECODE */ +/* #undef LWS_WITH_STATS */ +/* #undef LWS_WITH_STRUCT_SQLITE3 */ +/* #undef LWS_WITH_STRUCT_JSON */ +/* #undef LWS_WITH_SQLITE3 */ +/* #undef LWS_WITH_SYS_NTPCLIENT */ +/* #undef LWS_WITH_SYS_DHCP_CLIENT */ +/* #undef LWS_WITH_THREADPOOL */ +#define LWS_WITH_TLS +#define LWS_WITH_UDP +/* #undef LWS_WITH_UNIX_SOCK */ +/* #undef LWS_WITH_ZIP_FOPS */ +/* #undef USE_OLD_CYASSL */ +/* #undef USE_WOLFSSL */ + + diff --git a/include/lws_config_private.h b/include/lws_config_private.h new file mode 100644 index 00000000..bbf8bf9e --- /dev/null +++ b/include/lws_config_private.h @@ -0,0 +1,123 @@ +/* lws_config_private.h.in. Private compilation options. */ + +#ifndef NDEBUG + #ifndef _DEBUG + #define _DEBUG + #endif +#endif + +/* Define to 1 to use CyaSSL as a replacement for OpenSSL. + * LWS_OPENSSL_SUPPORT needs to be set also for this to work. */ +/* #undef USE_CYASSL */ + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_DLFCN_H + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_FCNTL_H + +/* Define to 1 if you have the `fork' function. */ +#define LWS_HAVE_FORK + +/* Define to 1 if you have the `getenv’ function. */ +#define LWS_HAVE_GETENV + +/* Define to 1 if you have the header file. */ +/* #undef LWS_HAVE_IN6ADDR_H */ + +/* Define to 1 if your system has a GNU libc compatible `malloc' function, and + to 0 otherwise. */ +#define LWS_HAVE_MALLOC + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_MEMORY_H + +/* Define to 1 if you have the `memset' function. */ +#define LWS_HAVE_MEMSET + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_NETINET_IN_H + +/* Define to 1 if your system has a GNU libc compatible `realloc' function, + and to 0 otherwise. */ +#define LWS_HAVE_REALLOC + +/* Define to 1 if you have the `socket' function. */ +#define LWS_HAVE_SOCKET + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_STDINT_H + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_STDLIB_H + +/* Define to 1 if you have the `strerror' function. */ +#define LWS_HAVE_STRERROR + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_STRINGS_H + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_STRING_H + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_SYS_PRCTL_H + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_SYS_SOCKET_H + +/* Define to 1 if you have the header file. */ +/* #undef LWS_HAVE_SYS_SOCKIO_H */ + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_SYS_STAT_H + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_SYS_TYPES_H + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_UNISTD_H + +#define LWS_HAVE_TCP_USER_TIMEOUT + +/* Define to 1 if you have the `vfork' function. */ +#define LWS_HAVE_VFORK + +/* Define to 1 if you have the header file. */ +/* #undef LWS_HAVE_VFORK_H */ + +/* Define to 1 if `fork' works. */ +#define LWS_HAVE_WORKING_FORK + +/* Define to 1 if `vfork' works. */ +#define LWS_HAVE_WORKING_VFORK + +/* Define to 1 if execvpe() exists */ +#define LWS_HAVE_EXECVPE + +/* Define to 1 if you have the header file. */ +/* #undef LWS_HAVE_ZLIB_H */ + +#define LWS_HAVE_GETLOADAVG + +/* Define to the sub-directory in which libtool stores uninstalled libraries. + */ +#undef LT_OBJDIR // We're not using libtool + +/* Define to rpl_malloc if the replacement function should be used. */ +/* #undef malloc */ + +/* Define to rpl_realloc if the replacement function should be used. */ +/* #undef realloc */ + +/* Define to 1 if we have getifaddrs */ +#define LWS_HAVE_GETIFADDRS + +/* Define if the inline keyword doesn't exist. */ +/* #undef inline */ + +/* #undef LWS_WITH_ZLIB */ +#define LWS_HAS_PTHREAD_SETNAME_NP + +/* Defined if you have the header file. */ +#define LWS_HAVE_INTTYPES_H diff --git a/lib/tls/openssl/openssl-client.c b/lib/tls/openssl/openssl-client.c index 9a258b10..a66c23b2 100644 --- a/lib/tls/openssl/openssl-client.c +++ b/lib/tls/openssl/openssl-client.c @@ -21,6 +21,7 @@ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS * IN THE SOFTWARE. */ +#include #include "private-lib-core.h" #include "private-lib-tls-openssl.h" @@ -195,8 +196,20 @@ lws_ssl_client_bio_create(struct lws *wsi) X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); #endif // Handle the case where the hostname is an IP address. - if (!X509_VERIFY_PARAM_set1_ip_asc(param, hostname)) - X509_VERIFY_PARAM_set1_host(param, hostname, 0); + if (!X509_VERIFY_PARAM_set1_ip_asc(param, hostname)) { +#if defined (LWS_WITH_BORINGSSL) + // boringssl does not allow null-terminated string, + // so hostname_len should not be 0 + // but exactly the same as len(hostname) excluding null + const int hostname_len = strnlen(hostname, sizeof(hostname)); +#else + // openssl allows null-terminated string for hostname + // in that case, hostname_len being 0 indicates hostname + // is a null-terminated string + const int hostname_len = 0; +#endif + X509_VERIFY_PARAM_set1_host(param, hostname, hostname_len); + } } #else if (!(wsi->tls.use_ssl & LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK)) { -- cgit v1.2.3