diff --git a/.github/workflows/ccpp.yml b/.github/workflows/ccpp.yml index f3c679b0..177e9b92 100644 --- a/.github/workflows/ccpp.yml +++ b/.github/workflows/ccpp.yml @@ -5,24 +5,23 @@ on: - 'docs/**' jobs: -# -# Windows with OpenSSL is working but disabled as it takes 13 minutes (10 for openssl) to build with vcpkg -# -windows_openssl: - runs-on: windows-latest - steps: - - uses: actions/checkout@v1 - - uses: seanmiddleditch/gha-setup-vsdevenv@master - - run: | - vcpkg install zlib:x64-windows - vcpkg install openssl:x64-windows - - run: | - mkdir build - cd build - cmake -DCMAKE_TOOLCHAIN_FILE=c:/vcpkg/scripts/buildsystems/vcpkg.cmake -DCMAKE_CXX_COMPILER=cl.exe -DUSE_OPEN_SSL=1 -DUSE_TLS=1 -DUSE_WS=1 -DUSE_TEST=1 .. - - run: cmake --build build - - # Running the unittest does not work, the binary cannot be found - #- run: ../build/test/ixwebsocket_unittest.exe - # working-directory: test + # + # Windows with OpenSSL is working but disabled as it takes 13 minutes (10 for openssl) to build with vcpkg + # + windows_openssl: + runs-on: windows-latest + steps: + - uses: actions/checkout@v1 + - uses: seanmiddleditch/gha-setup-vsdevenv@master + - run: | + vcpkg install zlib:x64-windows + vcpkg install openssl:x64-windows + - run: | + mkdir build + cd build + cmake -DCMAKE_TOOLCHAIN_FILE=c:/vcpkg/scripts/buildsystems/vcpkg.cmake -DCMAKE_CXX_COMPILER=cl.exe -DUSE_OPEN_SSL=1 -DUSE_TLS=1 -DUSE_WS=1 -DUSE_TEST=1 .. + - run: cmake --build build + # Running the unittest does not work, the binary cannot be found + #- run: ../build/test/ixwebsocket_unittest.exe + # working-directory: test diff --git a/docs/design.md b/docs/design.md index 4fc728d0..7b70d0ba 100644 --- a/docs/design.md +++ b/docs/design.md @@ -38,7 +38,7 @@ The regression test is running after each commit on github actions for multiple ## Limitations -* On Windows and Android certificate validation needs to be setup so that SocketTLSOptions.caFile point to a pem file, such as the one distributed by Firefox. Unless that setup is done connecting to a wss endpoint will display an error. On Windows with mbedtls the message will contain `error in handshake : X509 - Certificate verification failed, e.g. CRL, CA or signature check failed`. +* On Android, or when using MbedTLS certificate validation needs to be setup so that SocketTLSOptions.caFile point to a pem file, such as the one distributed by [Firefox](https://curl.haxx.se/docs/caextract.html). Unless that setup is done connecting to a wss endpoint will display an error. On Windows with mbedtls the message will contain `error in handshake : X509 - Certificate verification failed, e.g. CRL, CA or signature check failed`. * There is no convenient way to embed a ca cert. * Automatic reconnection works at the TCP socket level, and will detect remote end disconnects. However, if the device/computer network become unreachable (by turning off wifi), it is quite hard to reliably and timely detect it at the socket level using `recv` and `send` error codes. [Here](https://stackoverflow.com/questions/14782143/linux-socket-how-to-detect-disconnected-network-in-a-client-program) is a good discussion on the subject. This behavior is consistent with other runtimes such as node.js. One way to detect a disconnected device with low level C code is to do a name resolution with DNS but this can be expensive. Mobile devices have good and reliable API to do that. * The server code is using select to detect incoming data, and creates one OS thread per connection. This is not as scalable as strategies using epoll or kqueue.