lwsws Libwebsockets Web Server

This makes a start on the LibWebSockets WebServer.

The app cmake build support and JSON config parsing are implemented and
the app can start, create the vhosts, listen and serve file:// mounts on
them.

Signed-off-by: Andy Green <[email protected]>

CMakeLists.txt

@@ -89,7 +89,7 @@ option(LWS_MBED3 "Platform is MBED3" OFF)
 option(LWS_SSL_SERVER_WITH_ECDH_CERT "Include SSL server use ECDH certificate" OFF)
 option(LWS_WITH_CGI "Include CGI (spawn process with network-connected stdin/out/err) APIs" OFF)
 option(LWS_WITH_HTTP_PROXY "Support for rewriting HTTP proxying" OFF)
-
+option(LWS_WITH_LWSWS "Libwebsockets Webserver" ON)
 
 if (DEFINED YOTTA_WEBSOCKETS_VERSION_STRING)
 
@@ -110,6 +110,11 @@ if (WIN32)
 set(LWS_MAX_SMP 1)
 endif()
 
+
+if (LWS_WITHOUT_SERVER)
+set(LWS_WITH_LWSWS OFF)
+endif()
+
 if (LWS_WITH_HTTP_PROXY AND (LWS_WITHOUT_CLIENT OR LWS_WITHOUT_SERVER))
 	message(FATAL_ERROR "You have to enable both client and server for http proxy")
 endif()
@@ -1065,6 +1070,54 @@ if (NOT LWS_WITHOUT_TESTAPPS)
 	endif()
 endif(NOT LWS_WITHOUT_TESTAPPS)
 
+if (LWS_WITH_LWSWS)
+		list(APPEND LWSWS_SRCS
+			"lwsws/main.c"
+			"lwsws/lejp.c"
+			"lwsws/conf.c"
+			"lwsws/http.c"
+		)
+
+		if (WIN32)
+			list(APPEND LWSWS_SRCS
+				${WIN32_HELPERS_PATH}/getopt.c
+				${WIN32_HELPERS_PATH}/getopt_long.c
+				${WIN32_HELPERS_PATH}/gettimeofday.c
+			)
+
+			list(APPEND LWSWS_HDR
+				${WIN32_HELPERS_PATH}/getopt.h
+				${WIN32_HELPERS_PATH}/gettimeofday.h
+			)
+		endif(WIN32)
+
+		source_group("Headers Private"   FILES ${LWSWS_HDR})
+		source_group("Sources"   FILES ${LWSWS_SRCS})
+		add_executable("lwsws" ${LWSWS_SRCS} ${LWSWS_HDR})
+
+		if (LWS_LINK_TESTAPPS_DYNAMIC)
+			if (NOT LWS_WITH_SHARED)
+				message(FATAL_ERROR "Build of the shared library is disabled. LWS_LINK_TESTAPPS_DYNAMIC must be combined with LWS_WITH_SHARED.")
+			endif()
+			target_link_libraries("lwsws" websockets_shared)
+			add_dependencies("lwsws" websockets_shared)
+		else()
+			if (NOT LWS_WITH_STATIC)
+				message(FATAL_ERROR "Build of the static library is disabled. Disabled LWS_LINK_TESTAPPS_DYNAMIC must be combined with LWS_WITH_STATIC.")
+			endif()
+			target_link_libraries("lwsws" websockets)
+			add_dependencies("lwsws" websockets)
+		endif()
+
+		# Set test app specific defines.
+		set_property(TARGET "lwsws"
+			     PROPERTY COMPILE_DEFINITIONS
+			     INSTALL_DATADIR="${CMAKE_INSTALL_PREFIX}/share"
+		)
+
+
+endif (LWS_WITH_LWSWS)
+
 if (UNIX)
 	# Generate documentation.
 	# TODO: Fix this on Windows.
@@ -1177,6 +1230,12 @@ if (NOT LWS_WITHOUT_TESTAPPS AND NOT LWS_WITHOUT_CLIENT)
 	set(CPACK_COMPONENT_EXAMPLES_DISPLAY_NAME "Example files")
 endif()
 
+# lwsws
+if (LWS_WITH_LWSWS)
+	install(TARGETS lwsws
+		RUNTIME DESTINATION "${LWS_INSTALL_BIN_DIR}" COMPONENT lwsws )
+endif()
+
 # Programs shared files used by the test-server.
 if (NOT LWS_WITHOUT_TESTAPPS AND NOT LWS_WITHOUT_SERVER)
 	install(FILES ${TEST_SERVER_DATA}

LICENSE

@@ -40,6 +40,16 @@ Public Domain (CC-zero) to simplify reuse
 
   - test-server/*.c
   - test-server/*.h
+
+4) lwsws (Libwebsocket web server) is a bundled application that is not
+part of the libwebsockets library, it's a separate application that uses
+the library.  The related sources are in a separate directory.  If you don't
+distribute lwsws, you do not need to observe its license.
+
+  - lwsws/lejp.c        - LGPL2.1
+  - lwsws/lejp.h        - LGPL2.1
+  - lwsws/[all else]    -  GPL2.1
+
 
 
                   GNU LESSER GENERAL PUBLIC LICENSE

README.lwsws.md

@@ -0,0 +1,110 @@
+Libwebsockets Web Server
+------------------------
+
+lwsws is an implementation of a very lightweight, ws-capable generic web
+server, which uses libwebsockets to implement everything underneath.
+
+Configuration
+-------------
+
+lwsws uses JSON config files, there is a single file intended for global
+settings
+
+/etc/lwsws/conf
+
+```
+# these are the server global settings
+# stuff related to vhosts should go in one
+# file per vhost in ../conf.d/
+
+{
+  "global": {
+   "uid": "99",
+   "gid": "99",
+   "interface": "eth0",
+   "count-threads": "1",
+   "init-ssl": "yes"
+ }
+}
+```
+
+and a config directory intended to take one file per vhost
+
+/etc/lwsws/conf.d/warmcat.com
+
+```
+{
+	"vhosts": [{
+		"name": "warmcat.com",
+		"port": "443",
+		"host-ssl-key": "/etc/pki/tls/private/warmcat.com.key",
+		"host-ssl-cert": "/etc/pki/tls/certs/warmcat.com.crt",
+		"host-ssl-ca": "/etc/pki/tls/certs/warmcat.com.cer",
+		"mounts": [{
+			"mountpoint": "/",
+			"origin": "file:///var/www/warmcat.com",
+			"default": "index.html"
+		}]
+	}]
+}
+```
+
+Vhosts
+------
+
+One server can run many vhosts, where SSL is in use SNI is used to match
+the connection to a vhost and its vhost-specific SSL keys during SSL
+negotiation.
+
+Listing multiple vhosts looks something like this
+
+```
+{
+        "vhosts": [{
+                "name": "warmcat.com",
+                "port": "443",
+                "host-ssl-key": "/etc/pki/tls/private/warmcat.com.key",
+                "host-ssl-cert": "/etc/pki/tls/certs/warmcat.com.crt",
+                "host-ssl-ca": "/etc/pki/tls/certs/warmcat.com.cer",
+                "mounts": [{
+                        "mountpoint": "/",
+                        "origin": "file:///var/www/warmcat.com",
+                        "default": "index.html"
+                }]
+        }, {
+                "name": "warmcat2.com",
+                "port": "443",
+                "host-ssl-key": "/etc/pki/tls/private/warmcat.com.key",
+                "host-ssl-cert": "/etc/pki/tls/certs/warmcat.com.crt",
+                "host-ssl-ca": "/etc/pki/tls/certs/warmcat.com.cer",
+                "mounts": [{
+                        "mountpoint": "/",
+                        "origin": "file:///var/www/warmcat2.com",
+                        "default": "index.html"
+                }]
+        }
+]
+}
+```
+
+Vhost name and port
+-------------------
+
+The vhost name field is used to match on incoming SNI or Host: header, so it
+must always be the host name used to reach the vhost externally.
+
+Vhosts may have the same name and different ports, these will each create a
+listening socket on the appropriate port, and they may have the same port and
+different name: these will be treated as true vhosts on one listening socket
+and the active vhost decided at SSL negotiation time (via SNI) or if no SSL,
+then after the Host: header from the client has been parsed.
+
+
+Mounts
+------
+
+Where mounts are given in the vhost definition, then directory contents may
+be auto-served if it matches the mountpoint.
+
+Currently only file:// mount protocol and a fixed set of mimetypes are
+supported.

changelog

@@ -185,6 +185,49 @@ LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS.  If you give this, non-ssl
 connections to the server listen port are accepted and receive a 301
 redirect to / on the same host and port using https://
 
+New application lwsws
+---------------------
+
+A libwebsockets-based general webserver is built by default now, lwsws.
+
+It's configured by JSON, by default in
+
+  /etc/lwsws/conf
+
+which contains global lws context settings like this
+
+{
+  "global": {
+   "uid": "99",
+   "gid": "99",
+   "interface": "eth0",
+   "count-threads": "1"
+ }
+}
+
+  /etc/lwsws/conf.d/*
+
+which contains zero or more files describing vhosts, like this
+
+{
+ "vhosts": [
+  { "name": "warmcat.com",
+    "port": "443",
+    "host-ssl-key": "/etc/pki/tls/private/warmcat.com.key",
+    "host-ssl-cert": "/etc/pki/tls/certs/warmcat.com.crt",
+    "host-ssl-ca": "/etc/pki/tls/certs/warmcat.com.cer",
+    "mounts": [
+      { "/": [
+       { "home": "file:///var/www/warmcat.com" },
+       { "default": "index.html" }
+      ]
+     }
+    ]
+   }
+ ]
+}
+
+
 
 v1.7.0
 ======