libwebsockets-3.1.0 windows 编译

/* * libwebsockets - small server side websockets and web server implementation * * Copyright (C) 2010-2018 Andy Green <[email protected]> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation: * version 2.1 of the License. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301 USA * * included from libwebsockets.h */ /*! \defgroup context-and-vhost context and vhost related functions * ##Context and Vhost releated functions * \ingroup lwsapi * * * LWS requires that there is one context, in which you may define multiple * vhosts. Each vhost is a virtual host, with either its own listen port * or sharing an existing one. Each vhost has its own SSL context that can * be set up individually or left disabled. * * If you don't care about multiple "site" support, you can ignore it and * lws will create a single default vhost at context creation time. */ ///@{ /* * NOTE: These public enums are part of the abi. If you want to add one, * add it at where specified so existing users are unaffected. */ /** enum lws_context_options - context and vhost options */ enum lws_context_options { LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT = (1 << 1) | (1 << 12), /**< (VH) Don't allow the connection unless the client has a * client cert that we recognize; provides * LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT */ LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME = (1 << 2), /**< (CTX) Don't try to get the server's hostname */ LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT = (1 << 3) | (1 << 12), /**< (VH) Allow non-SSL (plaintext) connections on the same * port as SSL is listening... undermines the security of SSL; * provides LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT */ LWS_SERVER_OPTION_LIBEV = (1 << 4), /**< (CTX) Use libev event loop */ LWS_SERVER_OPTION_DISABLE_IPV6 = (1 << 5), /**< (VH) Disable IPV6 support */ LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS = (1 << 6), /**< (VH) Don't load OS CA certs, you will need to load your * own CA cert(s) */ LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED = (1 << 7), /**< (VH) Accept connections with no valid Cert (eg, selfsigned) */ LWS_SERVER_OPTION_VALIDATE_UTF8 = (1 << 8), /**< (VH) Check UT-8 correctness */ LWS_SERVER_OPTION_SSL_ECDH = (1 << 9) | (1 << 12), /**< (VH) initialize ECDH ciphers */ LWS_SERVER_OPTION_LIBUV = (1 << 10), /**< (CTX) Use libuv event loop */ LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS = (1 << 11) | (1 << 12), /**< (VH) Use http redirect to force http to https * (deprecated: use mount redirection) */ LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT = (1 << 12), /**< (CTX) Initialize the SSL library at all */ LWS_SERVER_OPTION_EXPLICIT_VHOSTS = (1 << 13), /**< (CTX) Only create the context when calling context * create api, implies user code will create its own vhosts */ LWS_SERVER_OPTION_UNIX_SOCK = (1 << 14), /**< (VH) Use Unix socket */ LWS_SERVER_OPTION_STS = (1 << 15), /**< (VH) Send Strict Transport Security header, making * clients subsequently go to https even if user asked for http */ LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY = (1 << 16), /**< (VH) Enable LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE to take effect */ LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE = (1 << 17), /**< (VH) if set, only ipv6 allowed on the vhost */ LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN = (1 << 18), /**< (CTX) Libuv only: Do not spin on SIGSEGV / SIGFPE. A segfault * normally makes the lib spin so you can attach a debugger to it * even if it happened without a debugger in place. You can disable * that by giving this option. */ LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN = (1 << 19), /**< For backwards-compatibility reasons, by default * lws prepends "http://" to the origin you give in the client * connection info struct. If you give this flag when you create * the context, only the string you give in the client connect * info for .origin (if any) will be used directly. */ LWS_SERVER_OPTION_FALLBACK_TO_RAW = (1 << 20), /**< (VH) if invalid http is coming in the first line, */ LWS_SERVER_OPTION_LIBEVENT = (1 << 21), /**< (CTX) Use libevent event loop */ LWS_SERVER_OPTION_ONLY_RAW = (1 << 22), /**< (VH) All connections to this vhost / port are RAW as soon as * the connection is accepted, no HTTP is going to be coming. */ LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE = (1 << 23), /**< (VH) Set to allow multiple listen sockets on one interface + * address + port. The default is to strictly allow only one * listen socket at a time. This is automatically selected if you * have multiple service threads. */ LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX = (1 << 24), /**< (VH) Force setting up the vhost SSL_CTX, even though the user * code doesn't explicitly provide a cert in the info struct. It * implies the user code is going to provide a cert at the * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS callback, which * provides the vhost SSL_CTX * in the user parameter. */ LWS_SERVER_OPTION_SKIP_PROTOCOL_INIT = (1 << 25), /**< (VH) You probably don't want this. It forces this vhost to not * call LWS_CALLBACK_PROTOCOL_INIT on its protocols. It's used in the * special case of a temporary vhost bound to a single protocol. */ LWS_SERVER_OPTION_IGNORE_MISSING_CERT = (1 << 26), /**< (VH) Don't fail if the vhost TLS cert or key are missing, just * continue. The vhost won't be able to serve anything, but if for * example the ACME plugin was configured to fetch a cert, this lets * you bootstrap your vhost from having no cert to start with. */ LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK = (1 << 27), /**< (VH) On this vhost, if the connection is being upgraded, insist * that there's a Host: header and that the contents match the vhost * name + port (443 / 80 are assumed if no :port given based on if the * connection is using TLS). * * By default, without this flag, on upgrade lws just checks that the * Host: header was given without checking the contents... this is to * allow lax hostname mappings like localhost / 127.0.0.1, and CNAME * mappings like www.mysite.com / mysite.com */ LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE = (1 << 28), /**< (VH) Send lws default HTTP headers recommended by Mozilla * Observatory for security. This is a helper option that sends canned * headers on each http response enabling a VERY strict Content Security * Policy. The policy is so strict, for example it won't let the page * run its own inline JS nor show images or take CSS from a different * server. In many cases your JS only comes from your server as do the * image sources and CSS, so that is what you want... attackers hoping * to inject JS into your DOM are completely out of luck since even if * they succeed, it will be rejected for execution by the browser * according to the strict CSP. In other cases you have to deviate from * the complete strictness, in which case don't use this flag: use the * .headers member in the vhost init described in struct * lws_context_creation_info instead to send the adapted headers * yourself. */ /****** add new things just above ---^ ******/ }; #define lws_check_opt(c, f) (((c) & (f)) == (f)) struct lws_plat_file_ops; /** struct lws_context_creation_info - parameters to create context and /or vhost wi