| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds few functions to use evhttp-based webserver to handle incoming
WebSockets connections. We've tried to use both libevent and libwebsockets in
our application, but found that we need to have different ports at the same
time to handle standard HTTP and WebSockets traffic. This change can help to
stick only with libevent library.
Implementation was inspired by modified Libevent source code in ipush project
[1].
[1]: https://github.com/sqfasd/ipush/tree/master/deps/libevent-2.0.21-stable
Also, WebSocket-based chat server was added as a sample.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Adds two new callbacks: "prepare" watchers, which fire immediately
before we poll for I/O, and "check" watchers, which fire immediately
after we finish polling and before we process events. This allows other
event loops to be embedded into libevent's, and enables certain
performance monitoring.
Closes: #710
|
| | |
|
| |
|
|
|
|
|
| |
if OpenSSL is in a non standard location, need to pass that information
to any sample that needs it
Closes: #550
|
| | |
|
| |
|
|
|
| |
For people building & installing libevent in a distro, building all these
sample apps are not useful. Add a flag to turn them off.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Now, https-client accepts both:
https://ip.appspot.com/ (matching wildcard certificate)
https://github.com/ (matching non-wildcard certificate)
but still rejects
https://www.kegel.com/ (non-matching wildcard certificate)
which should match the behavior of these sites in a web browser.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The problem is that if you go to a website whose certificate does not
match its hostname, it should fail. Try this in a web browser for
https://www.kegel.com/ for example. Your web browser will say the
certificate is for *.pair.com, not for www.kegel.com, and won't let
you visit it without clicking through a bunch of scary warnings.
However, prior to this commit, https-client was happy to fetch
https://www.kegel.com/ without complaining. That is bad. Now, with
this commit, it will properly complain, which is good:
pelletier@chives:~/src/libevent/sample$ ./https-client https://www.kegel.com/
Got 'MatchNotFound' for hostname 'www.kegel.com' and certificate:
/C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Suite 210/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by pair Networks, Inc./OU=PairWildcardSSL $250,000/CN=*.pair.com
some request failed - no idea which one though!
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
ppelletier@chives:~/src/libevent/sample$
It will still succeed for sites with an exactly-matching certificate,
such as https://github.com/ and that is also good!
However, the problem is that the iSECPartners code doesn't handle
wildcards, which means we reject https://ip.appspot.com/ even though
it is perfectly legitimate, because we don't understand the wildcard:
ppelletier@chives:~/src/libevent/sample$ ./https-client https://ip.appspot.com/
Got 'MatchNotFound' for hostname 'ip.appspot.com' and certificate:
/C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.appspot.com
some request failed - no idea which one though!
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
ppelletier@chives:~/src/libevent/sample$
So, we need to fix this. In other words, "to be continued..."
|
| |
|
|
|
|
|
|
|
| |
This made the difference between segfaulting and not segfaulting for
me when I run https-client, when I've built libevent using an OpenSSL
in a non-standard location.
In the same spirit as 1d9d5110a4aebf5833f6fd78bd0252affde0f4d0 and
d70af27d0152d0a87a25127faf215604beb8ffe0.
|
| |
|
|
|
|
| |
of bufferevent_ssl.
Signed-off-by: Catalin Patulea <catalinp@google.com>
|
| | |
|
| |
|
