etr
diff --git a/‎ChangeLog‎
Lines changed: 22 additions & 0 deletions b/‎ChangeLog‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 4 additions & 4 deletions b/‎README.md‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎configure.ac‎
Lines changed: 28 additions & 12 deletions b/‎configure.ac‎
Lines changed: 28 additions & 12 deletions
diff --git a/‎examples/digest_authentication.cpp‎
Lines changed: 11 additions & 5 deletions b/‎examples/digest_authentication.cpp‎
Lines changed: 11 additions & 5 deletions
diff --git a/‎libhttpserver.pc.in‎
Lines changed: 1 addition & 1 deletion b/‎libhttpserver.pc.in‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Makefile.am‎
Lines changed: 10 additions & 2 deletions b/‎src/Makefile.am‎
Lines changed: 10 additions & 2 deletions
diff --git a/‎src/basic_auth_fail_response.cpp‎
Lines changed: 1 addition & 1 deletion b/‎src/basic_auth_fail_response.cpp‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/digest_auth_fail_response.cpp‎
Lines changed: 7 additions & 3 deletions b/‎src/digest_auth_fail_response.cpp‎
Lines changed: 7 additions & 3 deletions
diff --git a/‎src/empty_response.cpp‎
Lines changed: 32 additions & 0 deletions b/‎src/empty_response.cpp‎
Lines changed: 32 additions & 0 deletions
@@ -1,5 +1,27 @@
 Version 0.20.0
 
+	Raised minimum libmicrohttpd requirement to 1.0.0.
+	Migrated Basic Auth to v3 API (MHD_basic_auth_get_username_password3,
+		MHD_queue_basic_auth_required_response3) with UTF-8 support.
+	Migrated Digest Auth to v3 API (MHD_digest_auth_check3,
+		MHD_digest_auth_check_digest3, MHD_queue_auth_required_response3)
+		with SHA-512/256 support, userhash, nonce binding, and structured
+		digest_auth_result enum. Default algorithm changed to SHA-256.
+	Added new response types: empty_response, pipe_response, iovec_response.
+	Added external event loop integration: webserver::run(), run_wait(),
+		get_fdset(), get_timeout(), add_connection().
+	Added daemon management: quiesce(), get_listen_fd(),
+		get_active_connections(), get_bound_port().
+	Added daemon options: listen_backlog, address_reuse,
+		connection_memory_increment, tcp_fastopen_queue_size,
+		sigpipe_handled_by_app, https_mem_dhparams, https_key_password,
+		https_priorities_append, no_alpn, client_discipline_level.
+	Added startup flags: no_listen_socket, no_thread_safety, turbo,
+		suppress_date_header.
+	Added WebSocket support (conditional on HAVE_WEBSOCKET):
+		websocket_handler, websocket_session, register_ws_resource().
+	Added utility functions: reason_phrase(), is_feature_supported(),
+		get_mhd_version().
 	Added conditional compilation for basic auth (HAVE_BAUTH), mirroring
 		existing HAVE_DAUTH pattern for digest auth. Basic auth support
 		is auto-detected via AC_CHECK_LIB and can be disabled at build time.
 
@@ -80,7 +80,7 @@ libhttpserver can be used without any dependencies aside from libmicrohttpd.
 The minimum versions required are:
 * g++ >= 5.5.0 or clang-3.6
 * C++17 or newer
-* libmicrohttpd >= 0.9.64
+* libmicrohttpd >= 1.0.0
 * [Optionally]: for TLS (HTTPS) support, you'll need [libgnutls](http://www.gnutls.org/).
 * [Optionally]: to compile the code-reference, you'll need [doxygen](http://www.doxygen.nl/).
 
@@ -141,7 +141,7 @@ MSYS2 provides multiple shell environments with different purposes. Understandin
 pacman -S --needed mingw-w64-x86_64-{gcc,libtool,make,pkg-config,doxygen,gnutls,curl} autotools
 ```
 
-4. Build and install [libmicrohttpd](https://www.gnu.org/software/libmicrohttpd/) (>= 0.9.64)
+4. Build and install [libmicrohttpd](https://www.gnu.org/software/libmicrohttpd/) (>= 1.0.0)
 
 5. Build libhttpserver:
 ```bash
@@ -389,7 +389,7 @@ You can also check this example on [github](https://github.com/etr/libhttpserver
 * _.https_mem_trust(**const std::string&** filename):_ String representing the path to a file containing the CA certificate to be used by the HTTPS daemon to authenticate and trust clients certificates. The presence of this option activates the request of certificate to the client. The request to the client is marked optional, and it is the responsibility of the server to check the presence of the certificate if needed. Note that most browsers will only present a client certificate only if they have one matching the specified CA, not sending any certificate otherwise.
 * _.https_priorities(**const std::string&** priority_string):_ SSL/TLS protocol version and ciphers. Must be followed by a string specifying the SSL/TLS protocol versions and ciphers that are acceptable for the application. The string is passed unchanged to gnutls_priority_init. If this option is not specified, `"NORMAL"` is used.
 * _.psk_cred_handler(**psk_cred_handler_callback** handler):_ Sets a callback function for TLS-PSK (Pre-Shared Key) authentication. The callback receives a username and should return the corresponding hex-encoded PSK, or an empty string if the user is unknown. This option requires `use_ssl()`, `cred_type(http::http_utils::PSK)`, and an appropriate `https_priorities()` string that enables PSK cipher suites. PSK authentication allows TLS without certificates by using a shared secret key.
-* _.sni_callback(**sni_callback_t** callback):_ Sets a callback function for SNI (Server Name Indication) support. The callback receives the server name requested by the client and should return a `std::pair<std::string, std::string>` containing the PEM-encoded certificate and key for that server name. Return empty strings to use the default certificate. Requires libmicrohttpd 0.9.71+ with GnuTLS.
+* _.sni_callback(**sni_callback_t** callback):_ Sets a callback function for SNI (Server Name Indication) support. The callback receives the server name requested by the client and should return a `std::pair<std::string, std::string>` containing the PEM-encoded certificate and key for that server name. Return empty strings to use the default certificate. Requires libmicrohttpd 1.0.0+ with GnuTLS.
 
 #### Minimal example using HTTPS
 ```cpp
@@ -1190,7 +1190,7 @@ To use SNI with libhttpserver, configure an SNI callback that returns the certif
     }
 ```
 
-Note: SNI support requires libmicrohttpd 0.9.71 or later compiled with GnuTLS.
+Note: SNI support requires libmicrohttpd 1.0.0 or later compiled with GnuTLS.
 
 [Back to TOC](#table-of-contents)
 
 
@@ -108,18 +108,18 @@ AC_CHECK_HEADER([gnutls/gnutls.h],[have_gnutls="yes"],[AC_MSG_WARN("gnutls/gnutl
 # Checks for libmicrohttpd
 if test x"$host" = x"$build"; then
     AC_CHECK_HEADER([microhttpd.h],
-        AC_CHECK_LIB([microhttpd], [MHD_get_fdset2],
-            [AC_MSG_CHECKING([for libmicrohttpd >= 0.9.64])
+        AC_CHECK_LIB([microhttpd], [MHD_start_daemon],
+            [AC_MSG_CHECKING([for libmicrohttpd >= 1.0.0])
                 AC_COMPILE_IFELSE(
                     [AC_LANG_SOURCE([
                         #include <microhttpd.h>
-                        #if (MHD_VERSION < 0x00096400)
-                        #error needs at least version 0.9.64
+                        #if (MHD_VERSION < 0x01000000)
+                        #error needs at least version 1.0.0
                         #endif
                         int main () { return 0; }
                     ])],
                 [],
-                [AC_MSG_ERROR("libmicrohttpd is too old - install libmicrohttpd >= 0.9.64")]
+                [AC_MSG_ERROR("libmicrohttpd is too old - install libmicrohttpd >= 1.0.0")]
                 )
             ],
             [AC_MSG_ERROR(["libmicrohttpd not found"])]
@@ -133,7 +133,7 @@ if test x"$host" = x"$build"; then
     cond_cross_compile="no"
 else
     AC_CHECK_HEADER([microhttpd.h],
-        AC_CHECK_LIB([microhttpd], [MHD_get_fdset2],
+        AC_CHECK_LIB([microhttpd], [MHD_start_daemon],
             [],
             [AC_MSG_ERROR(["libmicrohttpd not found"])]
         ),
@@ -149,15 +149,22 @@ fi
 AM_CONDITIONAL([COND_CROSS_COMPILE],[test x"$cond_cross_compile" = x"yes"])
 AC_SUBST(COND_CROSS_COMPILE)
 
-# Check for basic auth support in libmicrohttpd
-AC_CHECK_LIB([microhttpd], [MHD_queue_basic_auth_fail_response],
+# Check for basic auth v3 support in libmicrohttpd
+AC_CHECK_LIB([microhttpd], [MHD_basic_auth_get_username_password3],
     [have_bauth="yes"],
-    [have_bauth="no"; AC_MSG_WARN("libmicrohttpd basic auth support not found. Basic auth will be disabled")])
+    [have_bauth="no"; AC_MSG_WARN("libmicrohttpd basic auth v3 support not found. Basic auth will be disabled")])
 
-# Check for digest auth support in libmicrohttpd
-AC_CHECK_LIB([microhttpd], [MHD_queue_auth_fail_response],
+# Check for digest auth v3 support in libmicrohttpd
+AC_CHECK_LIB([microhttpd], [MHD_digest_auth_check3],
     [have_dauth="yes"],
-    [have_dauth="no"; AC_MSG_WARN("libmicrohttpd digest auth support not found. Digest auth will be disabled")])
+    [have_dauth="no"; AC_MSG_WARN("libmicrohttpd digest auth v3 support not found. Digest auth will be disabled")])
+
+# Check for WebSocket support in libmicrohttpd_ws
+AC_CHECK_HEADER([microhttpd_ws.h],
+    [AC_CHECK_LIB([microhttpd_ws], [MHD_websocket_stream_init],
+        [have_websocket="yes"],
+        [have_websocket="no"; AC_MSG_WARN("libmicrohttpd_ws not found. WebSocket support will be disabled")])],
+    [have_websocket="no"; AC_MSG_WARN("microhttpd_ws.h not found. WebSocket support will be disabled")])
 
 AC_MSG_CHECKING([whether to build with TCP_FASTOPEN support])
 AC_ARG_ENABLE([fastopen],
@@ -283,6 +290,14 @@ fi
 
 AM_CONDITIONAL([HAVE_DAUTH],[test x"$have_dauth" = x"yes"])
 
+if test x"$have_websocket" = x"yes"; then
+    AM_CXXFLAGS="$AM_CXXFLAGS -DHAVE_WEBSOCKET"
+    AM_CFLAGS="$AM_CXXFLAGS -DHAVE_WEBSOCKET"
+    LHT_LIBDEPS="$LHT_LIBDEPS -lmicrohttpd_ws"
+fi
+
+AM_CONDITIONAL([HAVE_WEBSOCKET],[test x"$have_websocket" = x"yes"])
+
 DX_HTML_FEATURE(ON)
 DX_CHM_FEATURE(OFF)
 DX_CHI_FEATURE(OFF)
@@ -341,6 +356,7 @@ AC_MSG_NOTICE([Configuration Summary:
   TLS Enabled     :  ${have_gnutls}
   Basic Auth      :  ${have_bauth}
   Digest Auth     :  ${have_dauth}
+  WebSocket       :  ${have_websocket}
   TCP_FASTOPEN    :  ${is_fastopen_supported}
   Static          :  ${static}
   Windows build   :  ${is_windows}
 
@@ -27,15 +27,21 @@
 class digest_resource : public httpserver::http_resource {
  public:
      std::shared_ptr<httpserver::http_response> render_GET(const httpserver::http_request& req) {
+         using httpserver::http::http_utils;
          if (req.get_digested_user() == "") {
-             return std::shared_ptr<httpserver::digest_auth_fail_response>(new httpserver::digest_auth_fail_response("FAIL", "test@example.com", MY_OPAQUE, true));
+             return std::make_shared<httpserver::digest_auth_fail_response>("FAIL", "test@example.com", MY_OPAQUE, true,
+                 http_utils::http_ok, http_utils::text_plain, http_utils::digest_algorithm::MD5);
          } else {
-             bool reload_nonce = false;
-             if (!req.check_digest_auth("test@example.com", "mypass", 300, &reload_nonce)) {
-                 return std::shared_ptr<httpserver::digest_auth_fail_response>(new httpserver::digest_auth_fail_response("FAIL", "test@example.com", MY_OPAQUE, reload_nonce));
+             auto result = req.check_digest_auth("test@example.com", "mypass", 300, 0, http_utils::digest_algorithm::MD5);
+             if (result == http_utils::digest_auth_result::NONCE_STALE) {
+                 return std::make_shared<httpserver::digest_auth_fail_response>("FAIL", "test@example.com", MY_OPAQUE, true,
+                     http_utils::http_ok, http_utils::text_plain, http_utils::digest_algorithm::MD5);
+             } else if (result != http_utils::digest_auth_result::OK) {
+                 return std::make_shared<httpserver::digest_auth_fail_response>("FAIL", "test@example.com", MY_OPAQUE, false,
+                     http_utils::http_ok, http_utils::text_plain, http_utils::digest_algorithm::MD5);
              }
          }
-         return std::shared_ptr<httpserver::string_response>(new httpserver::string_response("SUCCESS", 200, "text/plain"));
+         return std::make_shared<httpserver::string_response>("SUCCESS", 200, "text/plain");
      }
 };
 
 
@@ -6,7 +6,7 @@ includedir=@includedir@
 Name: libhttpserver
 Description: A C++ library for creating an embedded Rest HTTP server
 Version: @VERSION@
-Requires: libmicrohttpd >= 0.9.52
+Requires: libmicrohttpd >= 1.0.0
 Conflicts:
 Libs: -L${libdir} -lhttpserver
 Libs.private: @LHT_LIBDEPS@
 
@@ -19,15 +19,20 @@
 AM_CPPFLAGS = -I../ -I$(srcdir)/httpserver/
 METASOURCES = AUTO
 lib_LTLIBRARIES = libhttpserver.la
-libhttpserver_la_SOURCES = string_utilities.cpp webserver.cpp http_utils.cpp file_info.cpp http_request.cpp http_response.cpp string_response.cpp digest_auth_fail_response.cpp deferred_response.cpp file_response.cpp http_resource.cpp create_webserver.cpp details/http_endpoint.cpp
+libhttpserver_la_SOURCES = string_utilities.cpp webserver.cpp http_utils.cpp file_info.cpp http_request.cpp http_response.cpp string_response.cpp digest_auth_fail_response.cpp deferred_response.cpp file_response.cpp pipe_response.cpp empty_response.cpp iovec_response.cpp http_resource.cpp create_webserver.cpp details/http_endpoint.cpp
 noinst_HEADERS = httpserver/string_utilities.hpp httpserver/details/modded_request.hpp gettext.h
-nobase_include_HEADERS = httpserver.hpp httpserver/create_webserver.hpp httpserver/webserver.hpp httpserver/http_utils.hpp httpserver/file_info.hpp httpserver/details/http_endpoint.hpp httpserver/http_request.hpp httpserver/http_response.hpp httpserver/http_resource.hpp httpserver/string_response.hpp httpserver/digest_auth_fail_response.hpp httpserver/deferred_response.hpp httpserver/file_response.hpp httpserver/http_arg_value.hpp
+nobase_include_HEADERS = httpserver.hpp httpserver/create_webserver.hpp httpserver/webserver.hpp httpserver/http_utils.hpp httpserver/file_info.hpp httpserver/details/http_endpoint.hpp httpserver/http_request.hpp httpserver/http_response.hpp httpserver/http_resource.hpp httpserver/string_response.hpp httpserver/digest_auth_fail_response.hpp httpserver/deferred_response.hpp httpserver/file_response.hpp httpserver/pipe_response.hpp httpserver/empty_response.hpp httpserver/iovec_response.hpp httpserver/http_arg_value.hpp
 
 if HAVE_BAUTH
 libhttpserver_la_SOURCES += basic_auth_fail_response.cpp
 nobase_include_HEADERS += httpserver/basic_auth_fail_response.hpp
 endif
 
+if HAVE_WEBSOCKET
+libhttpserver_la_SOURCES += websocket_handler.cpp
+nobase_include_HEADERS += httpserver/websocket_handler.hpp
+endif
+
 AM_CXXFLAGS += -fPIC -Wall
 
 if COND_GCOV
@@ -38,6 +43,9 @@ endif
 
 if !COND_CROSS_COMPILE
 libhttpserver_la_LIBADD = -lmicrohttpd
+if HAVE_WEBSOCKET
+libhttpserver_la_LIBADD += -lmicrohttpd_ws
+endif
 endif
 
 libhttpserver_la_CFLAGS = $(AM_CFLAGS)
 
@@ -30,7 +30,7 @@ struct MHD_Response;
 namespace httpserver {
 
 int basic_auth_fail_response::enqueue_response(MHD_Connection* connection, MHD_Response* response) {
-    return MHD_queue_basic_auth_fail_response(connection, realm.c_str(), response);
+    return MHD_queue_basic_auth_required_response3(connection, realm.c_str(), prefer_utf8 ? MHD_YES : MHD_NO, response);
 }
 
 }  // namespace httpserver
 
@@ -30,13 +30,17 @@ struct MHD_Response;
 namespace httpserver {
 
 int digest_auth_fail_response::enqueue_response(MHD_Connection* connection, MHD_Response* response) {
-    return MHD_queue_auth_fail_response2(
+    return MHD_queue_auth_required_response3(
         connection,
         realm.c_str(),
         opaque.c_str(),
+        domain.empty() ? nullptr : domain.c_str(),
         response,
-        reload_nonce ? MHD_YES : MHD_NO,
-        static_cast<MHD_DigestAuthAlgorithm>(algorithm));
+        signal_stale ? MHD_YES : MHD_NO,
+        MHD_DIGEST_AUTH_MULT_QOP_ANY_NON_INT,
+        static_cast<MHD_DigestAuthMultiAlgo3>(algorithm),
+        userhash_support ? MHD_YES : MHD_NO,
+        prefer_utf8 ? MHD_YES : MHD_NO);
 }
 
 }  // namespace httpserver
 
@@ -0,0 +1,32 @@
+/*
+     This file is part of libhttpserver
+     Copyright (C) 2011-2019 Sebastiano Merlino
+
+     This library is free software; you can redistribute it and/or
+     modify it under the terms of the GNU Lesser General Public
+     License as published by the Free Software Foundation; either
+     version 2.1 of the License, or (at your option) any later version.
+
+     This library is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Lesser General Public License for more details.
+
+     You should have received a copy of the GNU Lesser General Public
+     License along with this library; if not, write to the Free Software
+     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
+     USA
+*/
+
+#include "httpserver/empty_response.hpp"
+#include <microhttpd.h>
+
+struct MHD_Response;
+
+namespace httpserver {
+
+MHD_Response* empty_response::get_raw_response() {
+    return MHD_create_response_empty(static_cast<MHD_ResponseFlags>(flags));
+}
+
+}  // namespace httpserver
Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@ struct MHD_Response;`
`30`	`30`	`namespace httpserver {`
`31`	`31`
`32`	`32`	`int basic_auth_fail_response::enqueue_response(MHD_Connection* connection, MHD_Response* response) {`
`33`		`- return MHD_queue_basic_auth_fail_response(connection, realm.c_str(), response);`
	`33`	`+ return MHD_queue_basic_auth_required_response3(connection, realm.c_str(), prefer_utf8 ? MHD_YES : MHD_NO, response);`
`34`	`34`	`}`
`35`	`35`
`36`	`36`	`} // namespace httpserver`