Permalink
Commits on Aug 11, 2018
  1. rxflow: defer end of rxflow buf processing until after lws_rx_sm has …

    jgentner2 authored and lws-team committed Aug 11, 2018
    …finished using it
    
    #1364
Commits on May 26, 2018
  1. lwsl_debug: NOP if no _DEBUG

    qmatt115 authored and lws-team committed May 26, 2018
Commits on May 23, 2018
  1. sshd: fix timingsafe_bcmp

    lws-team committed May 23, 2018
Commits on May 4, 2018
  1. Fix #1249: HTTP requests exhausting server ah pool

    rdumusc authored and lws-team committed May 4, 2018
Commits on Apr 20, 2018
  1. proxy: allow use of at char in passwords

    lws-team committed Apr 20, 2018
    Applies to both http proxy and socks proxy
    
    #1247
Commits on Apr 19, 2018
  1. debug: with debug build and uv, repeat some closes

    lws-team committed Apr 19, 2018
    The closes have to complete after libuv returned to the
    event loop.  So make sure to catch any problem that gets
    introduced where another close entry in the meanwhile is
    unsafe.
    
    #1245
Commits on Apr 18, 2018
  1. tcp keepalive: user TCP_USER_TIMEOUT on linux if extant

    lws-team committed Apr 18, 2018
Commits on Apr 15, 2018
  1. spa: fix potential overrun

    lws-team committed Apr 15, 2018
Commits on Apr 14, 2018
  1. zlib: Avoid pre-decrement of pointer in big-endian CRC calculation

    madler authored and lws-team committed Apr 14, 2018
    There was a small optimization for PowerPCs to pre-increment a
    pointer when accessing a word, instead of post-incrementing. This
    required prefacing the loop with a decrement of the pointer,
    possibly pointing before the object passed. This is not compliant
    with the C standard, for which decrementing a pointer before its
    allocated memory is undefined. When tested on a modern PowerPC
    with a modern compiler, the optimization no longer has any effect.
    Due to all that, and per the recommendation of a security audit of
    the zlib code by Trail of Bits and TrustInSoft, in support of the
    Mozilla Foundation, this "optimization" was removed, in order to
    avoid the possibility of undefined behavior.
    
    https://github.com/madler/zlib/commit/d1d577490c15a0c6862473d7576352a9f18ef811.patch
  2. Subject: zlib: Avoid shifts of negative values inflateMark

    madler authored and lws-team committed Apr 14, 2018
    The C standard says that bit shifts of negative integers is
    undefined.  This casts to unsigned values to assure a known
    result.
    
    https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958.patch
Commits on Apr 6, 2018
  1. sshd: fixes

    lws-team committed Apr 6, 2018
Commits on Apr 3, 2018
  1. DROP_PROTOCOL: make sure can't be called with NULL pss

    lws-team committed Apr 3, 2018
    master already has this
Commits on Mar 29, 2018
  1. libuv: run loop to clean up per-pt objects before exiting

    lws-team committed Mar 29, 2018
Commits on Mar 28, 2018
  1. mingw: also workaround ENOTCONN

    lws-team committed Mar 28, 2018
Commits on Mar 23, 2018
  1. lwsws: fix inherited vhost info

    lws-team committed Mar 23, 2018
Commits on Mar 21, 2018
  1. mbedtls: client: stop spinning on handshake fail

    lws-team committed Mar 21, 2018
Commits on Mar 13, 2018
  1. LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT: protect against zero len…

    lws-team committed Mar 13, 2018
    …gth packet causing spin when deciding if tls or not tls
    
    #1206
  2. Subject: echo client: Fix an off-by-one error in --times handling

    ppentchev authored and lws-team committed Mar 12, 2018
Commits on Mar 8, 2018
  1. v2.4.2

    lws-team committed Mar 8, 2018
  2. Add 'HS: ws upgrade unauthorized' on receiving 401

    joelittlejohn authored and lws-team committed Mar 7, 2018
    In the case that the connection cannot be established because the caller
    is unauthorized, it's likely they have to do something to gain
    authorization before retrying. This change introduces a new message that
    can be checked for to understand more about why the connection has
    failed to establish.
    
    Closes #1200
Commits on Mar 7, 2018
  1. Check status before checking for Sec-WebSocket-Accept

    joelittlejohn authored and lws-team committed Mar 7, 2018
    If the server rejects the attempt to establish a connection by returning
    a response status other than 101, then it will not include the
    Sec-WebSocket-Accept header. We need to check for 101 status (and return
    an appropriate error message) before looking for the accept header.
    
    See #1200
Commits on Feb 27, 2018
  1. LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT: fixes after tls refactor

    Andy Green
    Andy Green committed Feb 27, 2018
Commits on Feb 18, 2018
  1. mbedtls: adapt to deprecated api in 2.7

    lws-team committed Feb 18, 2018
Commits on Feb 6, 2018
  1. pthread: fix destroy call

    lws-team committed Feb 6, 2018
Commits on Feb 5, 2018
  1. openssl: defeat spin on failed accept

    lws-team committed Feb 5, 2018
Commits on Jan 30, 2018
  1. remove u_int64_t

    lws-team committed Jan 30, 2018
Commits on Jan 24, 2018
  1. READMEs: CHANGE callback replaces SET/CLEAR_MODE

    mulander authored and lws-team committed Jan 23, 2018
    LWS_CALLBACK_SET_MODE_POLL_FD and LWS_CALLBACK_CLEAR_MODE_POLL_FD no longer exist.
    
    Updating the documentation to reflect that and point to LWS_CALLBACK_CHANGE_MODE_POLL_FD.
Commits on Jan 22, 2018
  1. close: add LWSS_WAITING_TO_SEND_CLOSE_NOTIFICATION allowed to send

    lws-team committed Jan 22, 2018
Commits on Jan 12, 2018
  1. excessive ah hold: explicitly detach ah

    lws-team committed Jan 12, 2018
  2. test-echo: handle WRITABLE callback when nothing to send

    lws-team committed Jan 12, 2018
  3. excessive ah hold: stop trying to list headers at sentinel

    lws-team committed Jan 12, 2018
    One header earlier than before
    
    #1152
  4. after excessive ah hold detect restart scan

    lws-team committed Jan 12, 2018
    ah is potentially freed after the close
Commits on Jan 4, 2018
Commits on Jan 3, 2018
  1. close: only tell user closed once

    lws-team committed Jan 3, 2018