try to run the unittest

(still comment the deprecation warning, which we should eventually fix ...)

.github/workflows/ccpp.yml

@@ -1,51 +1,92 @@
 name: unittest
+on:
+  push:
+    paths-ignore:
+    - 'docs/**'
 
-on: [push]
-
-# fake comment to trigger an action 1
 jobs:
   linux:
     runs-on: ubuntu-latest
-    
     steps:
     - uses: actions/checkout@v1
     - name: make test
       run: make test
 
-  mac:
+  mac_tsan_sectransport:
     runs-on: macOS-latest
-
     steps:
     - uses: actions/checkout@v1
+    - name: make test_tsan
+      run: make test_tsan
+
+  mac_tsan_openssl:
+    runs-on: macOS-latest
+    steps:
+    - uses: actions/checkout@v1
+    - name: install openssl
+      run: brew install openssl
     - name: make test
-      run: make test
+      run: make test_tsan_openssl
 
-      #     We don't need to have redis running anymore, as we have our fake limited one
-      #     - name: install redis
-      #       run: brew install redis
-      # 
-      #     - name: start redis server
-      #       run: brew services start redis
+  mac_tsan_mbedtls:
+    runs-on: macOS-latest
+    steps:
+    - uses: actions/checkout@v1
+    - name: install mbedtls
+      run: brew install mbedtls
+    - name: make test
+      run: make test_tsan_mbedtls
+
+  windows_no_tls:
+    runs-on: windows-latest
+    steps:
+    - uses: actions/checkout@v1
+    - uses: seanmiddleditch/gha-setup-vsdevenv@master
+    - run: |
+        mkdir build
+        cd build
+        cmake -DCMAKE_CXX_COMPILER=cl.exe -DUSE_TEST=1 ..
+    - run: cmake --build build
+    - run: |
+        cd test
+        ..\build\test\ixwebsocket_unittest.exe
+
+      # windows_mbedtls:
+      #   runs-on: windows-latest
+      #   steps:
+      #   - uses: actions/checkout@v1
+      #   - uses: seanmiddleditch/gha-setup-vsdevenv@master
+      #   - run: |
+      #       vcpkg install zlib:x64-windows
+      #       vcpkg install mbedtls:x64-windows
+      #   - run: |
+      #       mkdir build
+      #       cd build
+      #       cmake -DCMAKE_TOOLCHAIN_FILE=c:/vcpkg/scripts/buildsystems/vcpkg.cmake -DCMAKE_CXX_COMPILER=cl.exe -DUSE_MBED_TLS=1 -DUSE_TLS=1 -DUSE_WS=1 -DUSE_TEST=1 ..
+      #   - run: cmake --build build
+
+    # Running the unittest does not work, the binary cannot be found
+    #- run: ../build/test/ixwebsocket_unittest.exe
+    # working-directory: test
+
+#
+#   Windows with OpenSSL is working but disabled as it takes 13 minutes (10 for openssl) to build with vcpkg
+#
+#   windows_openssl:
+#     runs-on: windows-latest
+#     steps:
+#     - uses: actions/checkout@v1
+#     - uses: seanmiddleditch/gha-setup-vsdevenv@master
+#     - run: |
+#         vcpkg install zlib:x64-windows
+#         vcpkg install openssl:x64-windows
+#     - run: |
+#         mkdir build
+#         cd build
+#         cmake -DCMAKE_TOOLCHAIN_FILE=c:/vcpkg/scripts/buildsystems/vcpkg.cmake -DCMAKE_CXX_COMPILER=cl.exe -DUSE_OPEN_SSL=1 -DUSE_TLS=1 -DUSE_WS=1 -DUSE_TEST=1 ..
+#     - run: cmake --build build
+# 
+#     # Running the unittest does not work, the binary cannot be found
+#     #- run: ../build/test/ixwebsocket_unittest.exe
+#     # working-directory: test
 
-      #  # Windows does not work yet, I'm stuck at getting CMake to run + finding vcpkg
-      #  win:
-      #    runs-on: windows-2016
-      #
-      #    steps:
-      #    - uses: actions/checkout@v1
-      #
-      #    - name: run cmake
-      #      run: |
-      #        "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvars64.bat"
-      #        mkdir build
-      #        cd build
-      #        cmake -DCMAKE_TOOLCHAIN_FILE=%VCPKG_INSTALLATION_ROOT%\scripts\buildsystems\vcpkg.cmake -DUSE_WS=1 -DUSE_TEST=1 -DUSE_TLS=1 -G"NMake Makefiles" ..
-      #    - name: build
-      #      run: |
-      #        "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvars64.bat"
-      #        cd build
-      #        nmake
-      #    - name: run tests
-      #      run: 
-      #        cd test
-      #        ..\build\test\ixwebsocket_unittest.exe

.github/workflows/mkdocs.yml

@@ -0,0 +1,25 @@
+name: mkdocs
+on:
+  push:
+    paths:
+    - 'docs/**'
+
+jobs:
+  linux:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Python 3.8
+      uses: actions/setup-python@v1
+      with:
+        python-version: 3.8
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install mkdocs
+        pip install mkdocs-material
+        pip install pygments
+    - name: Build doc
+      run: |
+        git pull
+        mkdocs gh-deploy

.travis.yml

@@ -1,59 +0,0 @@
-language: bash
-
-# See https://github.com/amaiorano/vectrexy/blob/master/.travis.yml
-# for ideas on installing vcpkg
-
-matrix:
-  include:
-    # macOS
-    # - os: osx
-    #   env:
-    #     - HOMEBREW_NO_AUTO_UPDATE=1
-    #   compiler: clang
-    #   script:
-    #     - brew install redis
-    #     - brew services start redis
-    #     - brew install mbedtls
-    #     - python test/run.py
-    #     - make ws
-
-    Linux
-    - os: linux
-      dist: bionic
-      before_install:
-        - sudo apt-get install -y libmbedtls-dev
-        - sudo apt-get install -y redis-server
-      script: 
-      - python test/run.py
-      #  - make ws
-      env:
-        - CC=gcc
-        - CXX=g++
-
-    # Clang + Linux disabled for now
-    # - os: linux
-    #   dist: xenial
-    #   script: python test/run.py
-    #   env:
-    #     - CC=clang 
-    #     - CXX=clang++
-
-    # Windows
-    # - os: windows
-    #   env:
-    #     - CMAKE_PATH="/c/Program Files/CMake/bin"
-    #   script: 
-    #     - cd third_party/zlib
-    #     - cmake .
-    #     - cmake --build . --target install
-    #     - cd ../..
-    #     # - cd third_party/mbedtls
-    #     # - cmake .
-    #     # - cmake --build . --target install
-    #     # - cd ../..
-    #     - export PATH=$CMAKE_PATH:$PATH
-    #     - cd test
-    #     - cmake .
-    #     - cmake --build --parallel .
-    #     - ixwebsocket_unittest.exe
-    #     # - python test/run.py

CMake/FindSpdLog.cmake

@@ -0,0 +1,19 @@
+# Find package structure taken from libcurl
+
+include(FindPackageHandleStandardArgs)
+
+find_path(SPDLOG_INCLUDE_DIRS spdlog/spdlog.h)
+find_library(JSONCPP_LIBRARY spdlog)
+
+find_package_handle_standard_args(SPDLOG
+    FOUND_VAR
+    SPDLOG_FOUND
+    REQUIRED_VARS
+      SPDLOG_LIBRARY
+      SPDLOG_INCLUDE_DIRS
+    FAIL_MESSAGE
+      "Could NOT find spdlog"
+)
+
+set(SPDLOG_INCLUDE_DIRS ${SPDLOG_INCLUDE_DIRS})
+set(SPDLOG_LIBRARIES ${SPDLOG_LIBRARY})

CMakeLists.txt

@@ -21,6 +21,7 @@ if ("${CMAKE_CXX_COMPILER_ID}" MATCHES "Clang")
 endif()
 
 set( IXWEBSOCKET_SOURCES
+    ixwebsocket/IXBench.cpp
     ixwebsocket/IXCancellationRequest.cpp
     ixwebsocket/IXConnectionState.cpp
     ixwebsocket/IXDNSLookup.cpp
@@ -36,6 +37,7 @@ set( IXWEBSOCKET_SOURCES
     ixwebsocket/IXSocketFactory.cpp
     ixwebsocket/IXSocketServer.cpp
     ixwebsocket/IXSocketTLSOptions.cpp
+    ixwebsocket/IXUdpSocket.cpp
     ixwebsocket/IXUrlParser.cpp
     ixwebsocket/IXUserAgent.cpp
     ixwebsocket/IXWebSocket.cpp
@@ -52,6 +54,7 @@ set( IXWEBSOCKET_SOURCES
 )
 
 set( IXWEBSOCKET_HEADERS
+    ixwebsocket/IXBench.h
     ixwebsocket/IXCancellationRequest.h
     ixwebsocket/IXConnectionState.h
     ixwebsocket/IXDNSLookup.h
@@ -69,6 +72,7 @@ set( IXWEBSOCKET_HEADERS
     ixwebsocket/IXSocketFactory.h
     ixwebsocket/IXSocketServer.h
     ixwebsocket/IXSocketTLSOptions.h
+    ixwebsocket/IXUdpSocket.h
     ixwebsocket/IXUrlParser.h
     ixwebsocket/IXUtf8Validator.h
     ixwebsocket/IXUserAgent.h
@@ -116,13 +120,14 @@ endif()
 option(USE_TLS "Enable TLS support" FALSE)
 
 if (USE_TLS)
-    if (WIN32)
-        option(USE_MBED_TLS "Use Mbed TLS" ON)
-    else()
-        option(USE_MBED_TLS "Use Mbed TLS" OFF)
-    endif()
+    option(USE_MBED_TLS "Use Mbed TLS" OFF)
     option(USE_OPEN_SSL "Use OpenSSL" OFF)
-    
+
+    # default to mbedtls on windows if nothing is configured
+    if (WIN32 AND NOT USE_OPEN_SSL AND NOT USE_MBED_TLS)
+      option(USE_MBED_TLS "Use Mbed TLS" ON)
+    endif()
+
     if (USE_MBED_TLS)
         list( APPEND IXWEBSOCKET_HEADERS ixwebsocket/IXSocketMbedTLS.h)
         list( APPEND IXWEBSOCKET_SOURCES ixwebsocket/IXSocketMbedTLS.cpp)
@@ -196,7 +201,9 @@ if (USE_TLS AND USE_MBED_TLS)
   endif()
 endif()
 
-find_package(ZLIB)
+if (NOT ZLIB_FOUND)
+  find_package(ZLIB)
+endif()
 if (ZLIB_FOUND)
   include_directories(${ZLIB_INCLUDE_DIRS})
   target_link_libraries(ixwebsocket ${ZLIB_LIBRARIES})
@@ -230,6 +237,7 @@ if (USE_WS OR USE_TEST)
   add_subdirectory(ixcobra)
   add_subdirectory(ixsnake)
   add_subdirectory(ixsentry)
+  add_subdirectory(ixbots)
 
   add_subdirectory(third_party/spdlog spdlog)
 

Dockerfile

@@ -1 +1 @@
-docker/Dockerfile.centos
+docker/Dockerfile.alpine

docker/Dockerfile.alpine

@@ -1,12 +1,13 @@
 FROM alpine:3.11 as build
 
-RUN apk add --no-cache gcc g++ musl-dev linux-headers cmake openssl-dev 
-RUN apk add --no-cache make
-RUN apk add --no-cache zlib-dev
+RUN apk add --no-cache \
+    gcc g++ musl-dev linux-headers \
+    cmake mbedtls-dev make zlib-dev
 
-RUN addgroup -S app && adduser -S -G app app 
-RUN chown -R app:app /opt
-RUN chown -R app:app /usr/local
+RUN addgroup -S app && \
+    adduser -S -G app app && \
+    chown -R app:app /opt && \
+    chown -R app:app /usr/local
 
 # There is a bug in CMake where we cannot build from the root top folder
 # So we build from /opt
@@ -14,22 +15,21 @@ COPY --chown=app:app . /opt
 WORKDIR /opt
 
 USER app
-RUN [ "make", "ws_install" ]
-RUN [ "rm", "-rf", "build" ]
+RUN make ws_mbedtls_install && \
+    sh tools/trim_repo_for_docker.sh
 
 FROM alpine:3.11 as runtime
 
-RUN apk add --no-cache libstdc++
-RUN apk add --no-cache strace
-RUN apk add --no-cache gdb
+RUN apk add --no-cache libstdc++ mbedtls ca-certificates && \
+    addgroup -S app && \
+    adduser -S -G app app
 
-RUN addgroup -S app && adduser -S -G app app 
 COPY --chown=app:app --from=build /usr/local/bin/ws /usr/local/bin/ws
-RUN chmod +x /usr/local/bin/ws
-RUN ldd /usr/local/bin/ws
 
-# Copy source code for gcc
-COPY --chown=app:app --from=build /opt /opt
+# COPY --chown=app:app --from=build /opt /opt
+
+RUN chmod +x /usr/local/bin/ws && \
+    ldd /usr/local/bin/ws
 
 # Now run in usermode
 USER app

docker/Dockerfile.centos

@@ -1,6 +1,9 @@
 FROM centos:8 as build
 
-RUN yum install -y gcc-c++ make cmake zlib-devel openssl-devel redhat-rpm-config 
+RUN yum install -y gcc-c++ make cmake zlib-devel openssl-devel redhat-rpm-config
+
+RUN yum install -y epel-release
+RUN yum install -y mbedtls-devel
 
 RUN groupadd app && useradd -g app app
 RUN chown -R app:app /opt
@@ -12,13 +15,16 @@ COPY --chown=app:app . /opt
 WORKDIR /opt
 
 USER app
-RUN [ "make", "ws_install" ]
+RUN [ "make", "ws_mbedtls_install" ]
 RUN [ "rm", "-rf", "build" ]
 
 FROM centos:8 as runtime
 
 RUN yum install -y gdb strace
 
+RUN yum install -y epel-release
+RUN yum install -y mbedtls
+
 RUN groupadd app && useradd -g app app
 COPY --chown=app:app --from=build /usr/local/bin/ws /usr/local/bin/ws
 RUN chmod +x /usr/local/bin/ws

docker/Dockerfile.debian

@@ -2,14 +2,14 @@
 FROM debian:buster as build
 
 ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update 
-RUN apt-get -y install wget 
+RUN apt-get update
+RUN apt-get -y install wget
 RUN mkdir -p /tmp/cmake
 WORKDIR /tmp/cmake
-RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz 
+RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz
 RUN tar zxf cmake-3.14.0-Linux-x86_64.tar.gz
 
-RUN apt-get -y install g++ 
+RUN apt-get -y install g++
 RUN apt-get -y install libssl-dev
 RUN apt-get -y install libz-dev
 RUN apt-get -y install make
@@ -25,9 +25,9 @@ RUN ["make"]
 FROM debian:buster as runtime
 
 ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update 
-# Runtime 
-RUN apt-get install -y libssl1.1 
+RUN apt-get update
+# Runtime
+RUN apt-get install -y libssl1.1
 RUN apt-get install -y ca-certificates
 RUN ["update-ca-certificates"]
 

docker/Dockerfile.fedora

@@ -8,7 +8,7 @@ RUN yum install -y openssl-devel
 RUN yum install -y wget
 RUN mkdir -p /tmp/cmake
 WORKDIR /tmp/cmake
-RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz 
+RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz
 RUN tar zxf cmake-3.14.0-Linux-x86_64.tar.gz
 
 ARG CMAKE_BIN_PATH=/tmp/cmake/cmake-3.14.0-Linux-x86_64/bin
@@ -27,7 +27,7 @@ FROM fedora:30 as runtime
 
 RUN yum install -y libtsan
 
-RUN groupadd app && useradd -g app app 
+RUN groupadd app && useradd -g app app
 COPY --chown=app:app --from=build /usr/local/bin/ws /usr/local/bin/ws
 RUN chmod +x /usr/local/bin/ws
 RUN ldd /usr/local/bin/ws

docker/Dockerfile.ubuntu_bionic

@@ -2,14 +2,14 @@
 FROM ubuntu:bionic as build
 
 ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update 
-RUN apt-get -y install wget 
+RUN apt-get update
+RUN apt-get -y install wget
 RUN mkdir -p /tmp/cmake
 WORKDIR /tmp/cmake
-RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz 
+RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz
 RUN tar zxf cmake-3.14.0-Linux-x86_64.tar.gz
 
-RUN apt-get -y install g++ 
+RUN apt-get -y install g++
 RUN apt-get -y install libssl-dev
 RUN apt-get -y install libz-dev
 RUN apt-get -y install make

docker/Dockerfile.ubuntu_disco

@@ -2,14 +2,14 @@
 FROM ubuntu:disco as build
 
 ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update 
-RUN apt-get -y install wget 
+RUN apt-get update
+RUN apt-get -y install wget
 RUN mkdir -p /tmp/cmake
 WORKDIR /tmp/cmake
-RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz 
+RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz
 RUN tar zxf cmake-3.14.0-Linux-x86_64.tar.gz
 
-RUN apt-get -y install g++ 
+RUN apt-get -y install g++
 RUN apt-get -y install libssl-dev
 RUN apt-get -y install libz-dev
 RUN apt-get -y install make

docker/Dockerfile.ubuntu_xenial

@@ -2,14 +2,14 @@
 FROM ubuntu:xenial as build
 
 ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update 
-RUN apt-get -y install wget 
+RUN apt-get update
+RUN apt-get -y install wget
 RUN mkdir -p /tmp/cmake
 WORKDIR /tmp/cmake
-RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz 
+RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz
 RUN tar zxf cmake-3.14.0-Linux-x86_64.tar.gz
 
-RUN apt-get -y install g++ 
+RUN apt-get -y install g++
 RUN apt-get -y install libssl-dev
 RUN apt-get -y install libz-dev
 RUN apt-get -y install make

docs/CHANGELOG.md

@@ -1,6 +1,156 @@
 # Changelog
 All changes to this project will be documented in this file.
 
+## [9.2.1] - 2020-04-04
+
+(windows) when using OpenSSL, the system store is used to populate the cacert. No need to ship a cacert.pem file with your app.
+
+## [9.2.0] - 2020-04-04
+
+(windows) ci: windows build with TLS (mbedtls) + verify that we can be build with OpenSSL
+
+## [9.1.9] - 2020-03-30
+
+(cobra to statsd bot) add ability to extract a numerical value and send a timer event to statsd, with the --timer option
+
+## [9.1.8] - 2020-03-29
+
+(cobra to statsd bot) bot init was missing + capture socket error
+
+## [9.1.7] - 2020-03-29
+
+(cobra to statsd bot) add ability to extract a numerical value and send a gauge event to statsd, with the --gauge option
+
+## [9.1.6] - 2020-03-29
+
+(ws cobra subscriber) use a Json::StreamWriter to write to std::cout, and save one std::string allocation for each message printed
+
+## [9.1.5] - 2020-03-29
+
+(docker) trim down docker image (300M -> 12M) / binary built without symbol and size optimization, and source code not copied over
+
+## [9.1.4] - 2020-03-28
+
+(jsoncpp) update bundled copy to version 1.9.3 (at sha 3beb37ea14aec1bdce1a6d542dc464d00f4a6cec)
+
+## [9.1.3] - 2020-03-27
+
+(docker) alpine docker build with release with debug info, and bundle ca-certificates
+
+## [9.1.2] - 2020-03-26
+
+(mac ssl) rename DarwinSSL -> SecureTransport (see this too -> https://github.com/curl/curl/issues/3733)
+
+## [9.1.1] - 2020-03-26
+
+(websocket) fix data race accessing _socket object without mutex protection when calling wakeUpFromPoll in WebSocketTransport.cpp
+
+## [9.1.0] - 2020-03-26
+
+(ixcobra) add explicit event types for handshake, authentication and subscription failure, and handle those by exiting in ws_cobra_subcribe and friends
+
+## [9.0.3] - 2020-03-24
+
+(ws connect) display statistics about how much time it takes to stop the connection
+
+## [9.0.2] - 2020-03-24
+
+(socket) works with unique_ptr<Socket> instead of shared_ptr<Socket> in many places
+
+## [9.0.1] - 2020-03-24
+
+(socket) selectInterrupt member is an unique_ptr instead of being a shared_ptr
+
+## [9.0.0] - 2020-03-23
+
+(websocket) reset per-message deflate codec everytime we connect to a server/client
+
+## [8.3.4] - 2020-03-23
+
+(websocket) fix #167, a long standing issue with sending empty messages with per-message deflate extension (and hopefully other zlib bug)
+
+## [8.3.3] - 2020-03-22
+
+(cobra to statsd) port to windows and add a unittest
+
+## [8.3.2] - 2020-03-20
+
+(websocket+tls) fix hang in tls handshake which could lead to ANR, discovered through unittesting.
+
+## [8.3.1] - 2020-03-20
+
+(cobra) CobraMetricsPublisher can be configure with an ix::CobraConfig + more unittest use SSL in server + client
+
+## [8.3.0] - 2020-03-18
+
+(websocket) Simplify ping/pong based heartbeat implementation
+
+## [8.2.7] - 2020-03-17
+
+(ws) ws connect gains a new option to set the interval at which to send pings
+(ws) ws echo_server gains a new option (-p) to disable responding to pings with pongs
+
+```
+IXWebSocket$ ws connect --ping_interval 2 wss://echo.websocket.org
+Type Ctrl-D to exit prompt...
+Connecting to url: wss://echo.websocket.org
+> ws_connect: connected
+[2020-03-17 23:53:02.726] [info] Uri: /
+[2020-03-17 23:53:02.726] [info] Headers:
+[2020-03-17 23:53:02.727] [info] Connection: Upgrade
+[2020-03-17 23:53:02.727] [info] Date: Wed, 18 Mar 2020 06:45:05 GMT
+[2020-03-17 23:53:02.727] [info] Sec-WebSocket-Accept: 0gtqbxW0aVL/QI/ICpLFnRaiKgA=
+[2020-03-17 23:53:02.727] [info] sec-websocket-extensions:
+[2020-03-17 23:53:02.727] [info] Server: Kaazing Gateway
+[2020-03-17 23:53:02.727] [info] Upgrade: websocket
+[2020-03-17 23:53:04.894] [info] Received pong
+[2020-03-17 23:53:06.859] [info] Received pong
+[2020-03-17 23:53:08.881] [info] Received pong
+[2020-03-17 23:53:10.848] [info] Received pong
+[2020-03-17 23:53:12.898] [info] Received pong
+[2020-03-17 23:53:14.865] [info] Received pong
+[2020-03-17 23:53:16.890] [info] Received pong
+[2020-03-17 23:53:18.853] [info] Received pong
+
+[2020-03-17 23:53:19.388] [info]
+ws_connect: connection closed: code 1000 reason Normal closure
+
+[2020-03-17 23:53:19.502] [info] Received 208 bytes
+[2020-03-17 23:53:19.502] [info] Sent 0 bytes
+```
+
+## [8.2.6] - 2020-03-16
+
+(cobra to sentry bot + docker) default docker file uses mbedtls + ws cobra_to_sentry pass tls options to sentryClient.
+
+## [8.2.5] - 2020-03-13
+
+(cobra client) ws cobra subscribe resubscribe at latest position after being disconnected
+
+## [8.2.4] - 2020-03-13
+
+(cobra client) can subscribe with a position
+
+## [8.2.3] - 2020-03-13
+
+(cobra client) pass the message position to the subscription data callback
+
+## [8.2.2] - 2020-03-12
+
+(openssl tls backend) Fix a hand in OpenSSL when using TLS v1.3 ... by disabling TLS v1.3
+
+## [8.2.1] - 2020-03-11
+
+(cobra) IXCobraConfig struct has tlsOptions and per message deflate options
+
+## [8.2.0] - 2020-03-11
+
+(cobra) add IXCobraConfig struct to pass cobra config around
+
+## [8.1.9] - 2020-03-09
+
+(ws cobra_subscribe) add a --fluentd option to wrap a message in an enveloppe so that fluentd can recognize it
+
 ## [8.1.8] - 2020-03-02
 
 (websocket server) fix regression with disabling zlib extension on the server side. If a client does not support this extension the server will handle it fine. We still need to figure out how to disable the option.
@@ -43,7 +193,7 @@ All changes to this project will be documented in this file.
 
 ## [8.0.6] - 2020-01-31
 
-(snake) add an option to disable answering pongs as response to pings, to test cobra client behavior with hanged connections 
+(snake) add an option to disable answering pongs as response to pings, to test cobra client behavior with hanged connections
 
 ## [8.0.5] - 2020-01-31
 

docs/build.md

@@ -47,12 +47,12 @@ vcpkg install ixwebsocket
 
 Conan is currently supported through a recipe in [Conan Center](https://github.com/conan-io/conan-center-index/tree/master/recipes/ixwebsocket) ([Bintray entry](https://bintray.com/conan/conan-center/ixwebsocket%3A_)).
 
-Package reference 
+Package reference
 
 * Conan 1.21.0 and up: `ixwebsocket/7.9.2`
 * Earlier versions: `ixwebsocket/7.9.2@_/_`
 
-Note that the version listed here might not be the latest one. See Bintray or the recipe itself for the latest version. If you're migrating from the previous, custom Bintray remote, note that the package reference _has_ to be lower-case.  
+Note that the version listed here might not be the latest one. See Bintray or the recipe itself for the latest version. If you're migrating from the previous, custom Bintray remote, note that the package reference _has_ to be lower-case.
 
 ### Docker
 

docs/design.md

@@ -6,7 +6,9 @@ The per message deflate compression option is supported. It can lead to very nic
 
 ### TLS/SSL
 
-Connections can be optionally secured and encrypted with TLS/SSL when using a wss:// endpoint, or using normal un-encrypted socket with ws:// endpoints. AppleSSL is used on iOS and macOS, OpenSSL is used on Android and Linux, mbedTLS is used on Windows.
+Connections can be optionally secured and encrypted with TLS/SSL when using a wss:// endpoint, or using normal un-encrypted socket with ws:// endpoints. AppleSSL is used on iOS and macOS, OpenSSL and mbedTLS can be used on Android, Linux and Windows.
+
+If you are using OpenSSL, try to be on a version higher than 1.1.x as there there are thread safety problems with 1.0.x.
 
 ### Polling and background thread work
 
@@ -26,7 +28,13 @@ The library has an interactive tool which is handy for testing compatibility ith
 
 The unittest tries to be comprehensive, and has been running on multiple platforms, with different sanitizers such as a thread sanitizer to catch data races or the undefined behavior sanitizer.
 
-The regression test is running after each commit on travis.
+The regression test is running after each commit on github actions for multiple configurations.
+
+* Linux
+* macOS with thread sanitizer
+* macOS, with OpenSSL, with thread sanitizer
+* macOS, with MbedTLS, with thread sanitizer
+* Windows, with MbedTLS (the unittest is not run yet)
 
 ## Limitations
 
@@ -73,5 +81,3 @@ Here is a simplistic diagram which explains how the code is structured in term o
 |                       |
 +-----------------------+
 ```
-
-

docs/index.md

@@ -1,4 +1,4 @@
-![Alt text](https://travis-ci.org/machinezone/IXWebSocket.svg?branch=master)
+![Build status](https://github.com/machinezone/IXWebSocket/workflows/unittest/badge.svg)
 
 ## Introduction
 
@@ -13,7 +13,7 @@
 
 ## Example code
 
-```cpp
+```c++
 // Required on Windows
 ix::initNetSystem();
 
@@ -44,7 +44,22 @@ webSocket.send("hello world");
 
 There are 2 main reasons that explain why IXWebSocket got written. First, we needed a C++ cross-platform client library, which should have few dependencies. What looked like the most solid one, [websocketpp](https://github.com/zaphoyd/websocketpp) did depend on boost and this was not an option for us. Secondly, there were other available libraries with fewer dependencies (C ones), but they required calling an explicit poll routine periodically to know if a client had received data from a server, which was not elegant.
 
-We started by solving those 2 problems, then we added server websocket code, then an HTTP client, and finally a very simple HTTP server.
+We started by solving those 2 problems, then we added server websocket code, then an HTTP client, and finally a very simple HTTP server. IXWebSocket comes with a command line utility named ws which is quite handy, and is now packaged with alpine linux. You can install it with `apk add ws`.
+
+* Few dependencies (only zlib)
+* Simple to use ; uses std::string and std::function callbacks.
+* Complete support of the websocket protocol, and basic http support.
+* Client and Server
+* TLS support
+
+## Alternative libraries
+
+There are plenty of great websocket libraries out there, which might work for you. Here are a couple of serious ones.
+
+* [websocketpp](https://github.com/zaphoyd/websocketpp) - C++
+* [beast](https://github.com/boostorg/beast) - C++
+* [libwebsockets](https://libwebsockets.org/) - C
+* [µWebSockets](https://github.com/uNetworking/uWebSockets) - C
 
 ## Contributing
 

docs/packages.md

@@ -0,0 +1,94 @@
+Notes on how we can update the different packages for ixwebsocket.
+
+## VCPKG
+
+Visit the [releases](https://github.com/machinezone/IXWebSocket/releases) page on Github. A tag must have been made first.
+
+Download the latest entry. 
+
+```
+$ cd /tmp
+/tmp$ curl -s -O -L https://github.com/machinezone/IXWebSocket/archive/v9.1.9.tar.gz
+/tmp$
+/tmp$ openssl sha512 v9.1.9.tar.gz
+SHA512(v9.1.9.tar.gz)= f1fd731b5f6a9ce6d6d10bee22a5d9d9baaa8ea0564d6c4cd7eb91dcb88a45c49b2c7fdb75f8640a3589c1b30cee33ef5df8dcbb55920d013394d1e33ddd3c8e
+```
+
+Now go punch those values in the vcpkg ixwebsocket port config files. Here is what the diff look like.
+
+```
+vcpkg$ git diff
+diff --git a/ports/ixwebsocket/CONTROL b/ports/ixwebsocket/CONTROL
+index db9c2adc9..4acae5c3f 100644
+--- a/ports/ixwebsocket/CONTROL
++++ b/ports/ixwebsocket/CONTROL
+@@ -1,5 +1,5 @@
+ Source: ixwebsocket
+-Version: 8.0.5
++Version: 9.1.9
+ Build-Depends: zlib
+ Homepage: https://github.com/machinezone/IXWebSocket
+ Description: Lightweight WebSocket Client and Server + HTTP Client and Server
+diff --git a/ports/ixwebsocket/portfile.cmake b/ports/ixwebsocket/portfile.cmake
+index de082aece..68e523a05 100644
+--- a/ports/ixwebsocket/portfile.cmake
++++ b/ports/ixwebsocket/portfile.cmake
+@@ -1,8 +1,8 @@
+ vcpkg_from_github(
+     OUT_SOURCE_PATH SOURCE_PATH
+     REPO machinezone/IXWebSocket
+-    REF v8.0.5
+-    SHA512 9dcc20d9a0629b92c62a68a8bd7c8206f18dbd9e93289b0b687ec13c478ce9ad1f3563b38c399c8277b0d3812cc78ca725786ba1dedbc3445b9bdb9b689e8add
++    REF v9.1.9
++    SHA512 f1fd731b5f6a9ce6d6d10bee22a5d9d9baaa8ea0564d6c4cd7eb91dcb88a45c49b2c7fdb75f8640a3589c1b30cee33ef5df8dcbb55920d013394d1e33ddd3c8e
+ )
+```
+
+You will need a fork of the vcpkg repo to make a pull request.
+
+```
+git fetch upstream
+git co master
+git reset --hard upstream/master
+git push origin master --force
+```
+
+Make the pull request (I use a new branch to do that).
+
+```
+vcpkg$ git co -b feature/ixwebsocket_9.1.9
+M	ports/ixwebsocket/CONTROL
+M	ports/ixwebsocket/portfile.cmake
+Switched to a new branch 'feature/ixwebsocket_9.1.9'
+vcpkg$
+vcpkg$
+vcpkg$ git commit -am 'ixwebsocket: update to 9.1.9'
+[feature/ixwebsocket_9.1.9 8587a4881] ixwebsocket: update to 9.1.9
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+vcpkg$
+vcpkg$ git push
+fatal: The current branch feature/ixwebsocket_9.1.9 has no upstream branch.
+To push the current branch and set the remote as upstream, use
+
+    git push --set-upstream origin feature/ixwebsocket_9.1.9
+
+vcpkg$ git push --set-upstream origin feature/ixwebsocket_9.1.9
+
+Enumerating objects: 11, done.
+Counting objects: 100% (11/11), done.
+Delta compression using up to 8 threads
+Compressing objects: 100% (6/6), done.
+Writing objects: 100% (6/6), 621 bytes | 621.00 KiB/s, done.
+Total 6 (delta 4), reused 0 (delta 0)
+remote: Resolving deltas: 100% (4/4), completed with 4 local objects.
+remote:
+remote: Create a pull request for 'feature/ixwebsocket_9.1.9' on GitHub by visiting:
+remote:      https://github.com/bsergean/vcpkg/pull/new/feature/ixwebsocket_9.1.9
+remote:
+To https://github.com/bsergean/vcpkg.git
+ * [new branch]          feature/ixwebsocket_9.1.9 -> feature/ixwebsocket_9.1.9
+Branch 'feature/ixwebsocket_9.1.9' set up to track remote branch 'feature/ixwebsocket_9.1.9' from 'origin' by rebasing.
+vcpkg$
+```
+
+Just visit this url, https://github.com/bsergean/vcpkg/pull/new/feature/ixwebsocket_9.1.9, printed on the console, to make the pull request.

docs/usage.md

@@ -35,7 +35,7 @@ webSocket.setUrl(url);
 
 // Optional heart beat, sent every 45 seconds when there is not any traffic
 // to make sure that load balancers do not kill an idle connection.
-webSocket.setHeartBeatPeriod(45);
+webSocket.setPingInterval(45);
 
 // Per message deflate connection is enabled by default. You can tweak its parameters or disable it
 webSocket.disablePerMessageDeflate();
@@ -174,7 +174,7 @@ when there is no any traffic to make sure that load balancers do not kill an
 idle connection.
 
 ```cpp
-webSocket.setHeartBeatPeriod(45);
+webSocket.setPingInterval(45);
 ```
 
 ### Supply extra HTTP headers.
@@ -244,39 +244,6 @@ webSocket.setMaxWaitBetweenReconnectionRetries(5 * 1000); // 5000ms = 5s
 uint32_t m = webSocket.getMaxWaitBetweenReconnectionRetries();
 ```
 
-### TLS support and configuration
-
-To leverage TLS features, the library must be compiled with the option `USE_TLS=1`.
-
-Then, secure sockets are automatically used when connecting to a `wss://*` url.
-
-Additional TLS options can be configured by passing a `ix::SocketTLSOptions` instance to the
-`setTLSOptions` on `ix::WebSocket` (or `ix::WebSocketServer` or `ix::HttpServer`)
-
-```cpp
-webSocket.setTLSOptions({
-    .certFile = "path/to/cert/file.pem",
-    .keyFile = "path/to/key/file.pem",
-    .caFile = "path/to/trust/bundle/file.pem"
-});
-```
-
-Specifying `certFile` and `keyFile` configures the certificate that will be used to communicate with TLS peers.
-
-On a client, this is only necessary for connecting to servers that require a client certificate.
-
-On a server, this is necessary for TLS support.
-
-Specifying `caFile` configures the trusted roots bundle file (in PEM format) that will be used to verify peer certificates.
- - The special value of `SYSTEM` (the default) indicates that the system-configured trust bundle should be used; this is generally what you want when connecting to any publicly exposed API/server.
- - The special value of `NONE` can be used to disable peer verification; this is only recommended to rule out certificate verification when testing connectivity.
-
-For a client, specifying `caFile` can be used if connecting to a server that uses a self-signed cert, or when using a custom CA in an internal environment.
-
-For a server, specifying `caFile` implies that:
-1. You require clients to present a certificate
-1. It must be signed by one of the trusted roots in the file
-
 ## WebSocket server API
 
 ```cpp
@@ -464,3 +431,39 @@ setOnConnectionCallback(
                                               content);
 }
 ```
+
+## TLS support and configuration
+
+To leverage TLS features, the library must be compiled with the option `USE_TLS=1`.
+
+If you are using OpenSSL, try to be on a version higher than 1.1.x as there there are thread safety problems with 1.0.x.
+
+Then, secure sockets are automatically used when connecting to a `wss://*` url.
+
+Additional TLS options can be configured by passing a `ix::SocketTLSOptions` instance to the
+`setTLSOptions` on `ix::WebSocket` (or `ix::WebSocketServer` or `ix::HttpServer`)
+
+```cpp
+webSocket.setTLSOptions({
+    .certFile = "path/to/cert/file.pem",
+    .keyFile = "path/to/key/file.pem",
+    .caFile = "path/to/trust/bundle/file.pem",
+    .tls = true // required in server mode
+});
+```
+
+Specifying `certFile` and `keyFile` configures the certificate that will be used to communicate with TLS peers.
+
+On a client, this is only necessary for connecting to servers that require a client certificate.
+
+On a server, this is necessary for TLS support.
+
+Specifying `caFile` configures the trusted roots bundle file (in PEM format) that will be used to verify peer certificates.
+ - The special value of `SYSTEM` (the default) indicates that the system-configured trust bundle should be used; this is generally what you want when connecting to any publicly exposed API/server.
+ - The special value of `NONE` can be used to disable peer verification; this is only recommended to rule out certificate verification when testing connectivity.
+
+For a client, specifying `caFile` can be used if connecting to a server that uses a self-signed cert, or when using a custom CA in an internal environment.
+
+For a server, specifying `caFile` implies that:
+1. You require clients to present a certificate
+1. It must be signed by one of the trusted roots in the file

ixbots/CMakeLists.txt

@@ -0,0 +1,45 @@
+#
+# Author: Benjamin Sergeant
+# Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+#
+
+set (IXBOTS_SOURCES
+    ixbots/IXCobraToSentryBot.cpp
+    ixbots/IXCobraToStatsdBot.cpp
+    ixbots/IXQueueManager.cpp
+    ixbots/IXStatsdClient.cpp
+)
+
+set (IXBOTS_HEADERS
+    ixbots/IXCobraToSentryBot.h
+    ixbots/IXCobraToStatsdBot.h
+    ixbots/IXQueueManager.h
+    ixbots/IXStatsdClient.h
+)
+
+add_library(ixbots STATIC
+    ${IXBOTS_SOURCES}
+    ${IXBOTS_HEADERS}
+)
+
+find_package(JsonCpp)
+if (NOT JSONCPP_FOUND)
+  set(JSONCPP_INCLUDE_DIRS ../third_party/jsoncpp)
+endif()
+
+find_package(SpdLog)
+if (NOT SPDLOG_FOUND)
+  set(SPDLOG_INCLUDE_DIRS ../third_party/spdlog/include)
+endif()
+
+set(IXBOTS_INCLUDE_DIRS
+    .
+    ..
+    ../ixcore
+    ../ixwebsocket
+    ../ixcobra
+    ../ixsentry
+    ${JSONCPP_INCLUDE_DIRS}
+    ${SPDLOG_INCLUDE_DIRS})
+
+target_include_directories( ixbots PUBLIC ${IXBOTS_INCLUDE_DIRS} )

ixbots/ixbots/IXCobraToSentryBot.cpp

@@ -1,17 +1,14 @@
 /*
- *  ws_cobra_to_sentry.cpp
+ *  IXCobraToSentryBot.cpp
  *  Author: Benjamin Sergeant
  *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
  */
 
-#include <atomic>
+#include "IXCobraToSentryBot.h"
+#include "IXQueueManager.h"
+
 #include <chrono>
-#include <condition_variable>
 #include <ixcobra/IXCobraConnection.h>
-#include <ixsentry/IXSentryClient.h>
-#include <map>
-#include <mutex>
-#include <queue>
 #include <spdlog/spdlog.h>
 #include <sstream>
 #include <thread>
@@ -19,99 +16,19 @@
 
 namespace ix
 {
-    class QueueManager
-    {
-    public:
-        QueueManager(size_t maxQueueSize, std::atomic<bool>& stop)
-            : _maxQueueSize(maxQueueSize)
-            , _stop(stop)
-        {
-        }
-
-        Json::Value pop();
-        void add(Json::Value msg);
-
-    private:
-        std::map<std::string, std::queue<Json::Value>> _queues;
-        std::mutex _mutex;
-        std::condition_variable _condition;
-        size_t _maxQueueSize;
-        std::atomic<bool>& _stop;
-    };
-
-    Json::Value QueueManager::pop()
-    {
-        std::unique_lock<std::mutex> lock(_mutex);
-
-        if (_queues.empty())
-        {
-            Json::Value val;
-            return val;
-        }
-
-        std::vector<std::string> games;
-        for (auto it : _queues)
-        {
-            games.push_back(it.first);
-        }
-
-        std::random_shuffle(games.begin(), games.end());
-        std::string game = games[0];
-
-        _condition.wait(lock, [this] { return !_stop; });
-
-        if (_queues[game].empty())
-        {
-            Json::Value val;
-            return val;
-        }
-
-        auto msg = _queues[game].front();
-        _queues[game].pop();
-        return msg;
-    }
-
-    void QueueManager::add(Json::Value msg)
-    {
-        std::unique_lock<std::mutex> lock(_mutex);
-
-        std::string game;
-        if (msg.isMember("device") && msg["device"].isMember("game"))
-        {
-            game = msg["device"]["game"].asString();
-        }
-
-        if (game.empty()) return;
-
-        // if the sending is not fast enough there is no point
-        // in queuing too many events.
-        if (_queues[game].size() < _maxQueueSize)
-        {
-            _queues[game].push(msg);
-            _condition.notify_one();
-        }
-    }
-
-    int ws_cobra_to_sentry_main(const std::string& appkey,
-                                const std::string& endpoint,
-                                const std::string& rolename,
-                                const std::string& rolesecret,
-                                const std::string& channel,
-                                const std::string& filter,
-                                const std::string& dsn,
-                                bool verbose,
-                                bool strict,
-                                int jobs,
-                                size_t maxQueueSize,
-                                const ix::SocketTLSOptions& tlsOptions)
+    int cobra_to_sentry_bot(const CobraConfig& config,
+                            const std::string& channel,
+                            const std::string& filter,
+                            const std::string& position,
+                            SentryClient& sentryClient,
+                            bool verbose,
+                            bool strict,
+                            size_t maxQueueSize,
+                            bool enableHeartbeat,
+                            int runtime)
     {
         ix::CobraConnection conn;
-        conn.configure(appkey,
-                       endpoint,
-                       rolename,
-                       rolesecret,
-                       ix::WebSocketPerMessageDeflateOptions(true),
-                       tlsOptions);
+        conn.configure(config);
         conn.connect();
 
         Json::FastWriter jsonWriter;
@@ -120,25 +37,30 @@ namespace ix
         std::atomic<bool> errorSending(false);
         std::atomic<bool> stop(false);
         std::atomic<bool> throttled(false);
+        std::atomic<bool> fatalCobraError(false);
 
-        QueueManager queueManager(maxQueueSize, stop);
+        QueueManager queueManager(maxQueueSize);
 
-        auto timer = [&sentCount, &receivedCount] {
-            while (true)
+        auto timer = [&sentCount, &receivedCount, &stop] {
+            while (!stop)
             {
                 spdlog::info("messages received {} sent {}", receivedCount, sentCount);
 
                 auto duration = std::chrono::seconds(1);
                 std::this_thread::sleep_for(duration);
             }
+
+            spdlog::info("timer thread done");
         };
 
         std::thread t1(timer);
 
-        auto heartbeat = [&sentCount, &receivedCount] {
+        auto heartbeat = [&sentCount, &receivedCount, &stop, &enableHeartbeat] {
             std::string state("na");
 
-            while (true)
+            if (!enableHeartbeat) return;
+
+            while (!stop)
             {
                 std::stringstream ss;
                 ss << "messages received " << receivedCount;
@@ -156,20 +78,21 @@ namespace ix
                 auto duration = std::chrono::minutes(1);
                 std::this_thread::sleep_for(duration);
             }
+
+            spdlog::info("heartbeat thread done");
         };
 
         std::thread t2(heartbeat);
 
         auto sentrySender =
-            [&queueManager, verbose, &errorSending, &sentCount, &stop, &throttled, &dsn] {
-                SentryClient sentryClient(dsn);
+            [&queueManager, verbose, &errorSending, &sentCount, &stop, &throttled, &sentryClient] {
 
                 while (true)
                 {
                     Json::Value msg = queueManager.pop();
 
+                    if (stop) break;
                     if (msg.isNull()) continue;
-                    if (stop) return;
 
                     auto ret = sentryClient.send(msg, verbose);
                     HttpResponsePtr response = ret.first;
@@ -241,25 +164,23 @@ namespace ix
                         ++sentCount;
                     }
 
-                    if (stop) return;
+                    if (stop) break;
                 }
+
+                spdlog::info("sentrySender thread done");
             };
 
-        // Create a thread pool
-        spdlog::info("Starting {} sentry sender jobs", jobs);
-        std::vector<std::thread> pool;
-        for (int i = 0; i < jobs; i++)
-        {
-            pool.push_back(std::thread(sentrySender));
-        }
+        std::thread t3(sentrySender);
 
         conn.setEventCallback([&conn,
                                &channel,
                                &filter,
+                               &position,
                                &jsonWriter,
                                verbose,
                                &throttled,
                                &receivedCount,
+                               &fatalCobraError,
                                &queueManager](ix::CobraConnectionEventType eventType,
                                               const std::string& errMsg,
                                               const ix::WebSocketHttpHeaders& headers,
@@ -283,11 +204,12 @@ namespace ix
                 spdlog::info("Subscriber authenticated");
                 conn.subscribe(channel,
                                filter,
+                               position,
                                [&jsonWriter, verbose, &throttled, &receivedCount, &queueManager](
-                                   const Json::Value& msg) {
+                                   const Json::Value& msg, const std::string& position) {
                                    if (verbose)
                                    {
-                                       spdlog::info(jsonWriter.write(msg));
+                                       spdlog::info("Subscriber received message {} -> {}", position, jsonWriter.write(msg));
                                    }
 
                                    // If we cannot send to sentry fast enough, drop the message
@@ -320,26 +242,64 @@ namespace ix
             {
                 spdlog::info("Received websocket pong");
             }
+            else if (eventType == ix::CobraConnection_EventType_Handshake_Error)
+            {
+                spdlog::error("Subscriber: Handshake error: {}", errMsg);
+                fatalCobraError = true;
+            }
+            else if (eventType == ix::CobraConnection_EventType_Authentication_Error)
+            {
+                spdlog::error("Subscriber: Authentication error: {}", errMsg);
+                fatalCobraError = true;
+            }
+            else if (eventType == ix::CobraConnection_EventType_Subscription_Error)
+            {
+                spdlog::error("Subscriber: Subscription error: {}", errMsg);
+                fatalCobraError = true;
+            }
         });
 
-        while (true)
+        // Run forever
+        if (runtime == -1)
         {
-            auto duration = std::chrono::seconds(1);
-            std::this_thread::sleep_for(duration);
+            while (true)
+            {
+                auto duration = std::chrono::seconds(1);
+                std::this_thread::sleep_for(duration);
 
-            if (strict && errorSending) break;
+                if (strict && errorSending) break;
+                if (fatalCobraError) break;
+            }
+        }
+        // Run for a duration, used by unittesting now
+        else
+        {
+            for (int i = 0 ; i < runtime; ++i)
+            {
+                auto duration = std::chrono::seconds(1);
+                std::this_thread::sleep_for(duration);
+
+                if (strict && errorSending) break;
+                if (fatalCobraError) break;
+            }
         }
 
-        conn.disconnect();
-
+        //
+        // Cleanup.
         // join all the bg threads and stop them.
+        //
+        conn.disconnect();
         stop = true;
-        for (int i = 0; i < jobs; i++)
-        {
-            spdlog::error("joining thread {}", i);
-            pool[i].join();
-        }
 
-        return (strict && errorSending) ? 1 : 0;
+        // progress thread
+        t1.join();
+
+        // heartbeat thread
+        if (t2.joinable()) t2.join();
+
+        // sentry sender thread
+        t3.join();
+
+        return ((strict && errorSending) || fatalCobraError) ? -1 : (int) sentCount;
     }
 } // namespace ix

ixbots/ixbots/IXCobraToSentryBot.h

@@ -0,0 +1,24 @@
+/*
+ *  IXCobraToSentryBot.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019-2020 Machine Zone, Inc. All rights reserved.
+ */
+#pragma once
+
+#include <ixcobra/IXCobraConfig.h>
+#include <ixsentry/IXSentryClient.h>
+#include <string>
+
+namespace ix
+{
+    int cobra_to_sentry_bot(const CobraConfig& config,
+                            const std::string& channel,
+                            const std::string& filter,
+                            const std::string& position,
+                            SentryClient& sentryClient,
+                            bool verbose,
+                            bool strict,
+                            size_t maxQueueSize,
+                            bool enableHeartbeat,
+                            int runtime);
+} // namespace ix

ixbots/ixbots/IXCobraToStatsdBot.cpp

@@ -1,9 +1,13 @@
 /*
- *  ws_cobra_to_statsd.cpp
+ *  IXCobraToStatsdBot.cpp
  *  Author: Benjamin Sergeant
  *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
  */
 
+#include "IXCobraToStatsdBot.h"
+#include "IXQueueManager.h"
+#include "IXStatsdClient.h"
+
 #include <atomic>
 #include <chrono>
 #include <condition_variable>
@@ -13,63 +17,6 @@
 #include <thread>
 #include <vector>
 
-#ifndef _WIN32
-#include <statsd_client.h>
-#endif
-
-namespace
-{
-    class QueueManager
-    {
-    public:
-        QueueManager(size_t maxQueueSize, std::atomic<bool>& stop)
-            : _maxQueueSize(maxQueueSize)
-            , _stop(stop)
-        {
-        }
-
-        Json::Value pop();
-        void add(Json::Value msg);
-
-    private:
-        std::queue<Json::Value> _queue;
-        std::mutex _mutex;
-        std::condition_variable _condition;
-        size_t _maxQueueSize;
-        std::atomic<bool>& _stop;
-    };
-
-    Json::Value QueueManager::pop()
-    {
-        std::unique_lock<std::mutex> lock(_mutex);
-
-        if (_queue.empty())
-        {
-            Json::Value val;
-            return val;
-        }
-
-        _condition.wait(lock, [this] { return !_stop; });
-
-        auto msg = _queue.front();
-        _queue.pop();
-        return msg;
-    }
-
-    void QueueManager::add(Json::Value msg)
-    {
-        std::unique_lock<std::mutex> lock(_mutex);
-
-        // if the sending is not fast enough there is no point
-        // in queuing too many events.
-        if (_queue.size() < _maxQueueSize)
-        {
-            _queue.push(msg);
-            _condition.notify_one();
-        }
-    }
-} // namespace
-
 namespace ix
 {
     // fields are command line argument that can be specified multiple times
@@ -93,7 +40,7 @@ namespace ix
     // Extract an attribute from a Json Value.
     // extractAttr("foo.bar", {"foo": {"bar": "baz"}}) => baz
     //
-    std::string extractAttr(const std::string& attr, const Json::Value& jsonValue)
+    Json::Value extractAttr(const std::string& attr, const Json::Value& jsonValue)
     {
         // Split by .
         std::string token;
@@ -106,29 +53,24 @@ namespace ix
             val = val[token];
         }
 
-        return val.asString();
+        return val;
     }
 
-    int ws_cobra_to_statsd_main(const std::string& appkey,
-                                const std::string& endpoint,
-                                const std::string& rolename,
-                                const std::string& rolesecret,
-                                const std::string& channel,
-                                const std::string& filter,
-                                const std::string& host,
-                                int port,
-                                const std::string& prefix,
-                                const std::string& fields,
-                                bool verbose,
-                                const ix::SocketTLSOptions& tlsOptions)
+    int cobra_to_statsd_bot(const ix::CobraConfig& config,
+                            const std::string& channel,
+                            const std::string& filter,
+                            const std::string& position,
+                            StatsdClient& statsdClient,
+                            const std::string& fields,
+                            const std::string& gauge,
+                            const std::string& timer,
+                            bool verbose,
+                            size_t maxQueueSize,
+                            bool enableHeartbeat,
+                            int runtime)
     {
         ix::CobraConnection conn;
-        conn.configure(appkey,
-                       endpoint,
-                       rolename,
-                       rolesecret,
-                       ix::WebSocketPerMessageDeflateOptions(true),
-                       tlsOptions);
+        conn.configure(config);
         conn.connect();
 
         auto tokens = parseFields(fields);
@@ -137,26 +79,30 @@ namespace ix
         std::atomic<uint64_t> sentCount(0);
         std::atomic<uint64_t> receivedCount(0);
         std::atomic<bool> stop(false);
+        std::atomic<bool> fatalCobraError(false);
 
-        size_t maxQueueSize = 1000;
-        QueueManager queueManager(maxQueueSize, stop);
+        QueueManager queueManager(maxQueueSize);
 
-        auto timer = [&sentCount, &receivedCount] {
-            while (true)
+        auto progress = [&sentCount, &receivedCount, &stop] {
+            while (!stop)
             {
                 spdlog::info("messages received {} sent {}", receivedCount, sentCount);
 
                 auto duration = std::chrono::seconds(1);
                 std::this_thread::sleep_for(duration);
             }
+
+            spdlog::info("timer thread done");
         };
 
-        std::thread t1(timer);
+        std::thread t1(progress);
 
-        auto heartbeat = [&sentCount, &receivedCount] {
+        auto heartbeat = [&sentCount, &receivedCount, &stop, &enableHeartbeat] {
             std::string state("na");
 
-            while (true)
+            if (!enableHeartbeat) return;
+
+            while (!stop)
             {
                 std::stringstream ss;
                 ss << "messages received " << receivedCount;
@@ -174,45 +120,88 @@ namespace ix
                 auto duration = std::chrono::minutes(1);
                 std::this_thread::sleep_for(duration);
             }
+
+            spdlog::info("heartbeat thread done");
         };
 
         std::thread t2(heartbeat);
 
-        auto statsdSender = [&queueManager, &host, &port, &sentCount, &tokens, &prefix, &stop] {
-            // statsd client
-            // test with netcat as a server: `nc -ul 8125`
-            bool statsdBatch = true;
-#ifndef _WIN32
-            statsd::StatsdClient statsdClient(host, port, prefix, statsdBatch);
-#else
-            int statsdClient;
-#endif
+        auto statsdSender = [&statsdClient, &queueManager, &sentCount, &tokens, &stop, &gauge, &timer, &fatalCobraError, &verbose] {
             while (true)
             {
                 Json::Value msg = queueManager.pop();
 
-                if (msg.isNull()) continue;
                 if (stop) return;
+                if (msg.isNull()) continue;
 
                 std::string id;
                 for (auto&& attr : tokens)
                 {
                     id += ".";
-                    id += extractAttr(attr, msg);
+                    auto val = extractAttr(attr, msg);
+                    id += val.asString();
+                }
+
+                if (gauge.empty() && timer.empty())
+                {
+                    statsdClient.count(id, 1);
+                }
+                else
+                {
+                    std::string attrName = (!gauge.empty()) ? gauge : timer;
+                    auto val = extractAttr(attrName, msg);
+                    size_t x;
+
+                    if (val.isInt())
+                    {
+                        x = (size_t) val.asInt();
+                    }
+                    else if (val.isInt64())
+                    {
+                        x = (size_t) val.asInt64();
+                    }
+                    else if (val.isUInt())
+                    {
+                        x = (size_t) val.asUInt();
+                    }
+                    else if (val.isUInt64())
+                    {
+                        x = (size_t) val.asUInt64();
+                    }
+                    else if (val.isDouble())
+                    {
+                        x = (size_t) val.asUInt64();
+                    }
+                    else
+                    {
+                        spdlog::error("Gauge {} is not a numberic type", gauge);
+                        fatalCobraError = true;
+                        break;
+                    }
+
+                    if (verbose)
+                    {
+                        spdlog::info("{} - {} -> {}", id, attrName, x);
+                    }
+
+                    if (!gauge.empty())
+                    {
+                        statsdClient.gauge(id, x);
+                    }
+                    else
+                    {
+                        statsdClient.timing(id, x);
+                    }
                 }
 
                 sentCount += 1;
-
-#ifndef _WIN32
-                statsdClient.count(id, 1);
-#endif
             }
         };
 
         std::thread t3(statsdSender);
 
         conn.setEventCallback(
-            [&conn, &channel, &filter, &jsonWriter, verbose, &queueManager, &receivedCount](
+            [&conn, &channel, &filter, &position, &jsonWriter, verbose, &queueManager, &receivedCount, &fatalCobraError](
                 ix::CobraConnectionEventType eventType,
                 const std::string& errMsg,
                 const ix::WebSocketHttpHeaders& headers,
@@ -236,11 +225,12 @@ namespace ix
                     spdlog::info("Subscriber authenticated");
                     conn.subscribe(channel,
                                    filter,
+                                   position,
                                    [&jsonWriter, &queueManager, verbose, &receivedCount](
-                                       const Json::Value& msg) {
+                                       const Json::Value& msg, const std::string& position) {
                                        if (verbose)
                                        {
-                                           spdlog::info(jsonWriter.write(msg));
+                                           spdlog::info("Subscriber received message {} -> {}", position, jsonWriter.write(msg));
                                        }
 
                                        receivedCount++;
@@ -269,14 +259,62 @@ namespace ix
                 {
                     spdlog::info("Received websocket pong");
                 }
+                else if (eventType == ix::CobraConnection_EventType_Handshake_Error)
+                {
+                    spdlog::error("Subscriber: Handshake error: {}", errMsg);
+                    fatalCobraError = true;
+                }
+                else if (eventType == ix::CobraConnection_EventType_Authentication_Error)
+                {
+                    spdlog::error("Subscriber: Authentication error: {}", errMsg);
+                    fatalCobraError = true;
+                }
+                else if (eventType == ix::CobraConnection_EventType_Subscription_Error)
+                {
+                    spdlog::error("Subscriber: Subscription error: {}", errMsg);
+                    fatalCobraError = true;
+                }
             });
 
-        while (true)
+        // Run forever
+        if (runtime == -1)
         {
-            std::chrono::duration<double, std::milli> duration(1000);
-            std::this_thread::sleep_for(duration);
+            while (true)
+            {
+                auto duration = std::chrono::seconds(1);
+                std::this_thread::sleep_for(duration);
+
+                if (fatalCobraError) break;
+            }
+        }
+        // Run for a duration, used by unittesting now
+        else
+        {
+            for (int i = 0 ; i < runtime; ++i)
+            {
+                auto duration = std::chrono::seconds(1);
+                std::this_thread::sleep_for(duration);
+
+                if (fatalCobraError) break;
+            }
         }
 
-        return 0;
+        //
+        // Cleanup.
+        // join all the bg threads and stop them.
+        //
+        conn.disconnect();
+        stop = true;
+
+        // progress thread
+        t1.join();
+
+        // heartbeat thread
+        if (t2.joinable()) t2.join();
+
+        // statsd sender thread
+        t3.join();
+
+        return fatalCobraError ? -1 : (int) sentCount;
     }
 } // namespace ix

ixbots/ixbots/IXCobraToStatsdBot.h

@@ -0,0 +1,27 @@
+/*
+ *  IXCobraToStatsdBot.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019-2020 Machine Zone, Inc. All rights reserved.
+ */
+#pragma once
+
+#include <ixcobra/IXCobraConfig.h>
+#include <ixbots/IXStatsdClient.h>
+#include <string>
+#include <stddef.h>
+
+namespace ix
+{
+    int cobra_to_statsd_bot(const ix::CobraConfig& config,
+                            const std::string& channel,
+                            const std::string& filter,
+                            const std::string& position,
+                            StatsdClient& statsdClient,
+                            const std::string& fields,
+                            const std::string& gauge,
+                            const std::string& timer,
+                            bool verbose,
+                            size_t maxQueueSize,
+                            bool enableHeartbeat,
+                            int runtime);
+} // namespace ix

ixbots/ixbots/IXQueueManager.cpp

@@ -0,0 +1,66 @@
+/*
+ *  IXQueueManager.cpp
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+ */
+
+#include "IXQueueManager.h"
+#include <vector>
+#include <algorithm>
+
+namespace ix
+{
+    Json::Value QueueManager::pop()
+    {
+        std::unique_lock<std::mutex> lock(_mutex);
+
+        if (_queues.empty())
+        {
+            Json::Value val;
+            return val;
+        }
+
+        std::vector<std::string> games;
+        for (auto it : _queues)
+        {
+            games.push_back(it.first);
+        }
+
+        std::random_shuffle(games.begin(), games.end());
+        std::string game = games[0];
+
+        auto duration = std::chrono::seconds(1);
+        _condition.wait_for(lock, duration);
+
+        if (_queues[game].empty())
+        {
+            Json::Value val;
+            return val;
+        }
+
+        auto msg = _queues[game].front();
+        _queues[game].pop();
+        return msg;
+    }
+
+    void QueueManager::add(Json::Value msg)
+    {
+        std::unique_lock<std::mutex> lock(_mutex);
+
+        std::string game;
+        if (msg.isMember("device") && msg["device"].isMember("game"))
+        {
+            game = msg["device"]["game"].asString();
+        }
+
+        if (game.empty()) return;
+
+        // if the sending is not fast enough there is no point
+        // in queuing too many events.
+        if (_queues[game].size() < _maxQueueSize)
+        {
+            _queues[game].push(msg);
+            _condition.notify_one();
+        }
+    }
+}

ixbots/ixbots/IXQueueManager.h

@@ -0,0 +1,35 @@
+/*
+ *  IXQueueManager.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+ */
+
+#pragma once
+
+#include <stddef.h>
+#include <json/json.h>
+#include <mutex>
+#include <condition_variable>
+#include <queue>
+#include <map>
+
+namespace ix
+{
+    class QueueManager
+    {
+    public:
+        QueueManager(size_t maxQueueSize)
+            : _maxQueueSize(maxQueueSize)
+        {
+        }
+
+        Json::Value pop();
+        void add(Json::Value msg);
+
+    private:
+        std::map<std::string, std::queue<Json::Value>> _queues;
+        std::mutex _mutex;
+        std::condition_variable _condition;
+        size_t _maxQueueSize;
+    };
+}

ixbots/ixbots/IXStatsdClient.cpp

@@ -0,0 +1,152 @@
+/*
+ * Copyright (c) 2014, Rex
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice, this
+ *   list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ *   this list of conditions and the following disclaimer in the documentation
+ *   and/or other materials provided with the distribution.
+ *
+ * * Neither the name of the {organization} nor the names of its
+ *   contributors may be used to endorse or promote products derived from
+ *   this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ *  IXStatsdClient.cpp
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2020 Machine Zone, Inc. All rights reserved.
+ */
+
+// Adapted from statsd-client-cpp
+// test with netcat as a server: `nc -ul 8125`
+
+#include "IXStatsdClient.h"
+
+#include <ixwebsocket/IXNetSystem.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdio.h>
+#include <iostream>
+
+namespace ix
+{
+    StatsdClient::StatsdClient(const std::string& host,
+                               int port,
+                               const std::string& prefix)
+    : _host(host)
+      , _port(port)
+      , _prefix(prefix)
+      , _stop(false)
+    {
+        _thread = std::thread([this]
+        {
+            while (!_stop)
+            {
+                flushQueue();
+                std::this_thread::sleep_for(std::chrono::seconds(1));
+            }
+        });
+    }
+
+    StatsdClient::~StatsdClient()
+    {
+        _stop = true;
+        if (_thread.joinable()) _thread.join();
+
+        _socket.close();
+    }
+
+    bool StatsdClient::init(std::string& errMsg)
+    {
+        return _socket.init(_host, _port, errMsg);
+    }
+
+    /* will change the original string */
+    void StatsdClient::cleanup(std::string& key)
+    {
+        size_t pos = key.find_first_of(":|@");
+        while (pos != std::string::npos)
+        {
+            key[pos] = '_';
+            pos = key.find_first_of(":|@");
+        }
+    }
+
+    int StatsdClient::dec(const std::string& key)
+    {
+        return count(key, -1);
+    }
+
+    int StatsdClient::inc(const std::string& key)
+    {
+        return count(key, 1);
+    }
+
+    int StatsdClient::count(const std::string& key, size_t value)
+    {
+        return send(key, value, "c");
+    }
+
+    int StatsdClient::gauge(const std::string& key, size_t value)
+    {
+        return send(key, value, "g");
+    }
+
+    int StatsdClient::timing(const std::string& key, size_t ms)
+    {
+        return send(key, ms, "ms");
+    }
+
+    int StatsdClient::send(std::string key, size_t value, const std::string& type)
+    {
+        cleanup(key);
+
+        char buf[256];
+        snprintf(buf, sizeof(buf), "%s%s:%zd|%s\n",
+                 _prefix.c_str(), key.c_str(), value, type.c_str());
+
+        enqueue(buf);
+        return 0;
+    }
+
+    void StatsdClient::enqueue(const std::string& message)
+    {
+        std::lock_guard<std::mutex> lock(_mutex);
+        _queue.push_back(message);
+    }
+
+    void StatsdClient::flushQueue()
+    {
+        std::lock_guard<std::mutex> lock(_mutex);
+
+        while (!_queue.empty())
+        {
+            auto message = _queue.front();
+            auto ret = _socket.sendto(message);
+            if (ret != 0)
+            {
+                std::cerr << "error: "
+                          << strerror(UdpSocket::getErrno())
+                          << std::endl;
+            }
+            _queue.pop_front();
+        }
+    }
+} // end namespace ix

ixbots/ixbots/IXStatsdClient.h

@@ -0,0 +1,58 @@
+/*
+ *  IXStatsdClient.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2020 Machine Zone, Inc. All rights reserved.
+ */
+
+#pragma once
+
+#include <ixwebsocket/IXUdpSocket.h>
+
+#include <string>
+#include <thread>
+#include <deque>
+#include <mutex>
+#include <atomic>
+
+namespace ix
+{
+    class StatsdClient
+    {
+    public:
+        StatsdClient(const std::string& host="127.0.0.1",
+                     int port=8125,
+                     const std::string& prefix = "");
+        ~StatsdClient();
+
+        bool init(std::string& errMsg);
+        int inc(const std::string& key);
+        int dec(const std::string& key);
+        int count(const std::string& key, size_t value);
+        int gauge(const std::string& key, size_t value);
+        int timing(const std::string& key, size_t ms);
+
+    private:
+        void enqueue(const std::string& message);
+
+        /* (Low Level Api) manually send a message
+         * type = "c", "g" or "ms"
+         */
+        int send(std::string key, size_t value, const std::string& type);
+
+        void cleanup(std::string& key);
+        void flushQueue();
+
+        UdpSocket _socket;
+
+        std::string _host;
+        int _port;
+        std::string _prefix;
+
+        std::atomic<bool> _stop;
+        std::thread _thread;
+        std::mutex _mutex; // for the queue
+
+        std::deque<std::string> _queue;
+    };
+
+} // end namespace ix

ixcobra/CMakeLists.txt

@@ -13,6 +13,7 @@ set (IXCOBRA_HEADERS
     ixcobra/IXCobraConnection.h
     ixcobra/IXCobraMetricsThreadedPublisher.h
     ixcobra/IXCobraMetricsPublisher.h
+    ixcobra/IXCobraConfig.h
 )
 
 add_library(ixcobra STATIC

ixcobra/ixcobra/IXCobraConfig.h

@@ -0,0 +1,35 @@
+/*
+ *  IXCobraConfig.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2020 Machine Zone, Inc. All rights reserved.
+ */
+
+#pragma once
+
+#include <ixwebsocket/IXWebSocketPerMessageDeflateOptions.h>
+#include <ixwebsocket/IXSocketTLSOptions.h>
+
+namespace ix
+{
+    struct CobraConfig
+    {
+        std::string appkey;
+        std::string endpoint;
+        std::string rolename;
+        std::string rolesecret;
+        WebSocketPerMessageDeflateOptions webSocketPerMessageDeflateOptions;
+        SocketTLSOptions socketTLSOptions;
+
+        CobraConfig(const std::string& a = std::string(),
+                    const std::string& e = std::string(),
+                    const std::string& r = std::string(),
+                    const std::string& s = std::string())
+            : appkey(a)
+            , endpoint(e)
+            , rolename(r)
+            , rolesecret(s)
+        {
+            ;
+        }
+    };
+} // namespace ix

ixcobra/ixcobra/IXCobraConnection.cpp

@@ -166,7 +166,8 @@ namespace ix
                     }
                     else if (action == "auth/handshake/error")
                     {
-                        invokeErrorCallback("Handshake error", msg->str);
+                        invokeEventCallback(ix::CobraConnection_EventType_Handshake_Error,
+                                            msg->str);
                     }
                     else if (action == "auth/authenticate/ok")
                     {
@@ -176,7 +177,8 @@ namespace ix
                     }
                     else if (action == "auth/authenticate/error")
                     {
-                        invokeErrorCallback("Authentication error", msg->str);
+                        invokeEventCallback(ix::CobraConnection_EventType_Authentication_Error,
+                                            msg->str);
                     }
                     else if (action == "rtm/subscription/data")
                     {
@@ -191,7 +193,8 @@ namespace ix
                     }
                     else if (action == "rtm/subscribe/error")
                     {
-                        invokeErrorCallback("Subscription error", msg->str);
+                        invokeEventCallback(ix::CobraConnection_EventType_Subscription_Error,
+                                            msg->str);
                     }
                     else if (action == "rtm/unsubscribe/ok")
                     {
@@ -270,10 +273,16 @@ namespace ix
         // This should keep the connection open and prevent some load balancers such as
         // the Amazon one from shutting it down
         _webSocket->setPingInterval(kPingIntervalSecs);
+    }
 
-        // If we don't receive a pong back, declare loss after 3 * N seconds
-        // (will be 90s now), and close and restart the connection
-        _webSocket->setPingTimeout(3 * kPingIntervalSecs);
+    void CobraConnection::configure(const ix::CobraConfig& config)
+    {
+        configure(config.appkey,
+                  config.endpoint,
+                  config.rolename,
+                  config.rolesecret,
+                  config.webSocketPerMessageDeflateOptions,
+                  config.socketTLSOptions);
     }
 
     //
@@ -431,9 +440,12 @@ namespace ix
         if (!body.isMember("messages")) return false;
         Json::Value messages = body["messages"];
 
+        if (!body.isMember("position")) return false;
+        std::string position = body["position"].asString();
+
         for (auto&& msg : messages)
         {
-            cb->second(msg);
+            cb->second(msg, position);
         }
 
         return true;
@@ -552,6 +564,7 @@ namespace ix
 
     void CobraConnection::subscribe(const std::string& channel,
                                     const std::string& filter,
+                                    const std::string& position,
                                     SubscriptionCallback cb)
     {
         // Create and send a subscribe pdu
@@ -563,6 +576,11 @@ namespace ix
             body["filter"] = filter;
         }
 
+        if (!position.empty())
+        {
+            body["position"] = position;
+        }
+
         Json::Value pdu;
         pdu["action"] = "rtm/subscribe";
         pdu["body"] = body;

ixcobra/ixcobra/IXCobraConnection.h

@@ -17,6 +17,12 @@
 #include <unordered_map>
 #include <limits>
 
+#include "IXCobraConfig.h"
+
+#ifdef max
+#undef max
+#endif
+
 namespace ix
 {
     class WebSocket;
@@ -31,7 +37,10 @@ namespace ix
         CobraConnection_EventType_Subscribed = 4,
         CobraConnection_EventType_UnSubscribed = 5,
         CobraConnection_EventType_Published = 6,
-        CobraConnection_EventType_Pong = 7
+        CobraConnection_EventType_Pong = 7,
+        CobraConnection_EventType_Handshake_Error = 8,
+        CobraConnection_EventType_Authentication_Error = 9,
+        CobraConnection_EventType_Subscription_Error = 10
     };
 
     enum CobraConnectionPublishMode
@@ -40,7 +49,7 @@ namespace ix
         CobraConnection_PublishMode_Batch = 1
     };
 
-    using SubscriptionCallback = std::function<void(const Json::Value&)>;
+    using SubscriptionCallback = std::function<void(const Json::Value&, const std::string&)>;
     using EventCallback = std::function<void(CobraConnectionEventType,
                                              const std::string&,
                                              const WebSocketHttpHeaders&,
@@ -67,6 +76,8 @@ namespace ix
                        const WebSocketPerMessageDeflateOptions& webSocketPerMessageDeflateOptions,
                        const SocketTLSOptions& socketTLSOptions);
 
+        void configure(const ix::CobraConfig& config);
+
         /// Set the traffic tracker callback
         static void setTrafficTrackerCallback(const TrafficTrackerCallback& callback);
 
@@ -94,6 +105,7 @@ namespace ix
         // message arrives.
         void subscribe(const std::string& channel,
                        const std::string& filter = std::string(),
+                       const std::string& position = std::string(),
                        SubscriptionCallback cb = nullptr);
 
         /// Unsubscribe from a channel

ixcobra/ixcobra/IXCobraMetricsPublisher.cpp

@@ -27,20 +27,12 @@ namespace ix
         ;
     }
 
-    void CobraMetricsPublisher::configure(const std::string& appkey,
-                                          const std::string& endpoint,
-                                          const std::string& channel,
-                                          const std::string& rolename,
-                                          const std::string& rolesecret,
-                                          bool enablePerMessageDeflate,
-                                          const SocketTLSOptions& socketTLSOptions)
+    void CobraMetricsPublisher::configure(const CobraConfig& config,
+                                          const std::string& channel)
     {
         // Configure the satori connection and start its publish background thread
+        _cobra_metrics_theaded_publisher.configure(config, channel);
         _cobra_metrics_theaded_publisher.start();
-
-        _cobra_metrics_theaded_publisher.configure(appkey, endpoint, channel,
-                                                   rolename, rolesecret,
-                                                   enablePerMessageDeflate, socketTLSOptions);
     }
 
     Json::Value& CobraMetricsPublisher::getGenericAttributes()

ixcobra/ixcobra/IXCobraMetricsPublisher.h

@@ -40,13 +40,8 @@ namespace ix
 
         /// Configuration / set keys, etc...
         /// All input data but the channel name is encrypted with rc4
-        void configure(const std::string& appkey,
-                       const std::string& endpoint,
-                       const std::string& channel,
-                       const std::string& rolename,
-                       const std::string& rolesecret,
-                       bool enablePerMessageDeflate,
-                       const SocketTLSOptions& socketTLSOptions);
+        void configure(const CobraConfig& config,
+                       const std::string& channel);
 
         /// Setter for the list of blacklisted metrics ids.
         /// That list is sorted internally for fast lookups

ixcobra/ixcobra/IXCobraMetricsThreadedPublisher.cpp

@@ -92,22 +92,14 @@ namespace ix
         _thread = std::thread(&CobraMetricsThreadedPublisher::run, this);
     }
 
-    void CobraMetricsThreadedPublisher::configure(const std::string& appkey,
-                                                  const std::string& endpoint,
-                                                  const std::string& channel,
-                                                  const std::string& rolename,
-                                                  const std::string& rolesecret,
-                                                  bool enablePerMessageDeflate,
-                                                  const SocketTLSOptions& socketTLSOptions)
+    void CobraMetricsThreadedPublisher::configure(const CobraConfig& config,
+                                                  const std::string& channel)
     {
+        ix::IXCoreLogger::Log(config.socketTLSOptions.getDescription().c_str());
+
         _channel = channel;
+        _cobra_connection.configure(config);
 
-        ix::IXCoreLogger::Log(socketTLSOptions.getDescription().c_str());
-
-        ix::WebSocketPerMessageDeflateOptions webSocketPerMessageDeflateOptions(enablePerMessageDeflate);
-        _cobra_connection.configure(appkey, endpoint,
-                                    rolename, rolesecret,
-                                    webSocketPerMessageDeflateOptions, socketTLSOptions);
     }
 
     void CobraMetricsThreadedPublisher::pushMessage(MessageKind messageKind)

ixcobra/ixcobra/IXCobraMetricsThreadedPublisher.h

@@ -27,13 +27,8 @@ namespace ix
         ~CobraMetricsThreadedPublisher();
 
         /// Configuration / set keys, etc...
-        void configure(const std::string& appkey,
-                       const std::string& endpoint,
-                       const std::string& channel,
-                       const std::string& rolename,
-                       const std::string& rolesecret,
-                       bool enablePerMessageDeflate,
-                       const SocketTLSOptions& socketTLSOptions);
+        void configure(const CobraConfig& config,
+                       const std::string& channel);
 
         /// Start the worker thread, used for background publishing
         void start();

ixcrypto/CMakeLists.txt

@@ -23,7 +23,7 @@ add_library(ixcrypto STATIC
     ${IXCRYPTO_HEADERS}
 )
 
-set(IXCRYPTO_INCLUDE_DIRS 
+set(IXCRYPTO_INCLUDE_DIRS
     .
     ../ixcore)
 
@@ -31,10 +31,6 @@ target_include_directories( ixcrypto PUBLIC ${IXCRYPTO_INCLUDE_DIRS} )
 
 # hmac computation needs a crypto library
 
-if (WIN32)
-  set(USE_MBED_TLS TRUE)
-endif()
-
 target_compile_definitions(ixcrypto PUBLIC IXCRYPTO_USE_TLS)
 if (USE_MBED_TLS)
     find_package(MbedTLS REQUIRED)
@@ -51,4 +47,3 @@ else()
     target_link_libraries(ixcrypto ${OPENSSL_LIBRARIES})
     target_compile_definitions(ixcrypto PUBLIC IXCRYPTO_USE_OPEN_SSL)
 endif()
-

ixcrypto/ixcrypto/IXHMac.cpp

@@ -14,7 +14,7 @@
 #elif defined(IXCRYPTO_USE_OPEN_SSL)
 # include <openssl/hmac.h>
 #else
-# error "Unsupported configuration"
+# include <assert.h>
 #endif
 
 namespace ix
@@ -40,7 +40,7 @@ namespace ix
              (unsigned char *) data.c_str(), (int) data.size(),
              (unsigned char *) hash, nullptr);
 #else
-#       error "Unsupported configuration"
+        assert(false && "hmac not implemented on this platform");
 #endif
 
         std::string hashString(reinterpret_cast<char*>(hash), hashSize);

ixsentry/ixsentry/IXSentryClient.cpp

@@ -40,6 +40,11 @@ namespace ix
         }
     }
 
+    void SentryClient::setTLSOptions(const SocketTLSOptions& tlsOptions)
+    {
+        _httpClient->setTLSOptions(tlsOptions);
+    }
+
     int64_t SentryClient::getTimestamp()
     {
         const auto tp = std::chrono::system_clock::now();

ixsentry/ixsentry/IXSentryClient.h

@@ -8,6 +8,7 @@
 
 #include <algorithm>
 #include <ixwebsocket/IXHttpClient.h>
+#include <ixwebsocket/IXSocketTLSOptions.h>
 #include <json/json.h>
 #include <regex>
 #include <memory>
@@ -24,6 +25,9 @@ namespace ix
 
         Json::Value parseLuaStackTrace(const std::string& stack);
 
+        // Mostly for testing
+        void setTLSOptions(const SocketTLSOptions& tlsOptions);
+
         void uploadMinidump(
             const std::string& sentryMetadata,
             const std::string& minidumpBytes,

ixsnake/ixsnake/IXRedisClient.cpp

@@ -9,7 +9,6 @@
 #include <cstring>
 #include <iomanip>
 #include <iostream>
-#include <ixwebsocket/IXSocket.h>
 #include <ixwebsocket/IXSocketFactory.h>
 #include <ixwebsocket/IXSocketTLSOptions.h>
 #include <sstream>

ixsnake/ixsnake/IXRedisClient.h

@@ -9,11 +9,12 @@
 #include <atomic>
 #include <functional>
 #include <memory>
+#include <string>
+
+#include <ixwebsocket/IXSocket.h>
 
 namespace ix
 {
-    class Socket;
-
     class RedisClient
     {
     public:
@@ -56,7 +57,7 @@ namespace ix
     private:
         std::string writeString(const std::string& str);
 
-        std::shared_ptr<Socket> _socket;
+        std::unique_ptr<Socket> _socket;
         std::atomic<bool> _stop;
     };
 } // namespace ix

ixsnake/ixsnake/IXRedisServer.cpp

@@ -11,7 +11,6 @@
 #include <ixwebsocket/IXSocket.h>
 #include <ixwebsocket/IXCancellationRequest.h>
 #include <fstream>
-#include <iostream>
 #include <sstream>
 #include <vector>
 
@@ -44,7 +43,7 @@ namespace ix
         SocketServer::stop();
     }
 
-    void RedisServer::handleConnection(std::shared_ptr<Socket> socket,
+    void RedisServer::handleConnection(std::unique_ptr<Socket> socket,
                                        std::shared_ptr<ConnectionState> connectionState)
     {
         _connectedClientsCount++;
@@ -103,13 +102,13 @@ namespace ix
         _connectedClientsCount--;
     }
 
-    void RedisServer::cleanupSubscribers(std::shared_ptr<Socket> socket)
+    void RedisServer::cleanupSubscribers(std::unique_ptr<Socket>& socket)
     {
         std::lock_guard<std::mutex> lock(_mutex);
 
         for (auto&& it : _subscribers)
         {
-            it.second.erase(socket);
+            it.second.erase(socket.get());
         }
 
         for (auto it : _subscribers)
@@ -146,7 +145,7 @@ namespace ix
     }
 
     bool RedisServer::parseRequest(
-        std::shared_ptr<Socket> socket,
+        std::unique_ptr<Socket>& socket,
         std::vector<std::string>& tokens)
     {
         // Parse first line
@@ -188,17 +187,11 @@ namespace ix
             tokens.push_back(readResult.second);
         }
 
-        for (auto&& token : tokens)
-        {
-            std::cerr << token << " ";
-        }
-        std::cerr << std::endl;
-
         return true;
     }
 
     bool RedisServer::handleCommand(
-        std::shared_ptr<Socket> socket,
+        std::unique_ptr<Socket>& socket,
         const std::vector<std::string>& tokens)
     {
         if (tokens.size() != 1) return false;
@@ -237,7 +230,7 @@ namespace ix
     }
 
     bool RedisServer::handleSubscribe(
-        std::shared_ptr<Socket> socket,
+        std::unique_ptr<Socket>& socket,
         const std::vector<std::string>& tokens)
     {
         if (tokens.size() != 2) return false;
@@ -252,13 +245,13 @@ namespace ix
         socket->writeBytes(":1\r\n", cb);
 
         std::lock_guard<std::mutex> lock(_mutex);
-        _subscribers[channel].insert(socket);
+        _subscribers[channel].insert(socket.get());
 
         return true;
     }
 
     bool RedisServer::handlePublish(
-        std::shared_ptr<Socket> socket,
+        std::unique_ptr<Socket>& socket,
         const std::vector<std::string>& tokens)
     {
         if (tokens.size() != 3) return false;

ixsnake/ixsnake/IXRedisServer.h

@@ -37,13 +37,13 @@ namespace ix
         // Subscribers
         // We could store connection states in there, to add better debugging
         // since a connection state has a readable ID
-        std::map<std::string, std::set<std::shared_ptr<Socket>>> _subscribers;
+        std::map<std::string, std::set<Socket*>> _subscribers;
         std::mutex _mutex;
 
         std::atomic<bool> _stopHandlingConnections;
 
         // Methods
-        virtual void handleConnection(std::shared_ptr<Socket>,
+        virtual void handleConnection(std::unique_ptr<Socket>,
                                       std::shared_ptr<ConnectionState> connectionState) final;
         virtual size_t getConnectedClientsCount() final;
 
@@ -51,18 +51,18 @@ namespace ix
         std::string writeString(const std::string& str);
 
         bool parseRequest(
-            std::shared_ptr<Socket> socket,
+            std::unique_ptr<Socket>& socket,
             std::vector<std::string>& tokens);
 
-        bool handlePublish(std::shared_ptr<Socket> socket,
+        bool handlePublish(std::unique_ptr<Socket>& socket,
                            const std::vector<std::string>& tokens);
 
-        bool handleSubscribe(std::shared_ptr<Socket> socket,
+        bool handleSubscribe(std::unique_ptr<Socket>& socket,
                              const std::vector<std::string>& tokens);
 
-        bool handleCommand(std::shared_ptr<Socket> socket,
+        bool handleCommand(std::unique_ptr<Socket>& socket,
                            const std::vector<std::string>& tokens);
 
-        void cleanupSubscribers(std::shared_ptr<Socket> socket);
+        void cleanupSubscribers(std::unique_ptr<Socket>& socket);
     };
 } // namespace ix

ixsnake/ixsnake/IXSnakeProtocol.cpp

@@ -189,7 +189,7 @@ namespace snake
             nlohmann::json response = {
                 {"action", "rtm/subscription/data"},
                 {"id", id++},
-                {"body", {{"subscription_id", subscriptionId}, {"messages", {msg}}}}};
+                {"body", {{"subscription_id", subscriptionId}, {"position", "0-0"}, {"messages", {msg}}}}};
 
             ws->sendText(response.dump());
         };

ixwebsocket/IXBench.cpp

@@ -0,0 +1,44 @@
+/*
+ *  IXBench.cpp
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2017-2020 Machine Zone, Inc. All rights reserved.
+ */
+
+#include "IXBench.h"
+
+#include <iostream>
+
+namespace ix
+{
+    Bench::Bench(const std::string& description)
+        : _description(description)
+        , _start(std::chrono::high_resolution_clock::now())
+        , _reported(false)
+    {
+        ;
+    }
+
+    Bench::~Bench()
+    {
+        if (!_reported)
+        {
+            report();
+        }
+    }
+
+    void Bench::report()
+    {
+        auto now = std::chrono::high_resolution_clock::now();
+        auto milliseconds = std::chrono::duration_cast<std::chrono::milliseconds>(now - _start);
+
+        _ms = milliseconds.count();
+        std::cerr << _description << " completed in " << _ms << "ms" << std::endl;
+
+        _reported = true;
+    }
+
+    uint64_t Bench::getDuration() const
+    {
+        return _ms;
+    }
+} // namespace ix

ixwebsocket/IXBench.h

@@ -0,0 +1,28 @@
+/*
+ *  IXBench.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2017-2020 Machine Zone, Inc. All rights reserved.
+ */
+
+#include <chrono>
+#include <stdint.h>
+#include <string>
+
+namespace ix
+{
+    class Bench
+    {
+    public:
+        Bench(const std::string& description);
+        ~Bench();
+
+        void report();
+        uint64_t getDuration() const;
+
+    private:
+        std::string _description;
+        std::chrono::time_point<std::chrono::high_resolution_clock> _start;
+        uint64_t _ms;
+        bool _reported;
+    };
+} // namespace ix

ixwebsocket/IXHttp.cpp

@@ -92,7 +92,8 @@ namespace ix
         return std::make_tuple(method, requestUri, httpVersion);
     }
 
-    std::tuple<bool, std::string, HttpRequestPtr> Http::parseRequest(std::shared_ptr<Socket> socket)
+    std::tuple<bool, std::string, HttpRequestPtr> Http::parseRequest(
+        std::unique_ptr<Socket>& socket)
     {
         HttpRequestPtr httpRequest;
 
@@ -133,7 +134,7 @@ namespace ix
         return std::make_tuple(true, "", httpRequest);
     }
 
-    bool Http::sendResponse(HttpResponsePtr response, std::shared_ptr<Socket> socket)
+    bool Http::sendResponse(HttpResponsePtr response, std::unique_ptr<Socket>& socket)
     {
         // Write the response to the socket
         std::stringstream ss;

ixwebsocket/IXHttp.h

@@ -115,8 +115,8 @@ namespace ix
     {
     public:
         static std::tuple<bool, std::string, HttpRequestPtr> parseRequest(
-            std::shared_ptr<Socket> socket);
-        static bool sendResponse(HttpResponsePtr response, std::shared_ptr<Socket> socket);
+            std::unique_ptr<Socket>& socket);
+        static bool sendResponse(HttpResponsePtr response, std::unique_ptr<Socket>& socket);
 
         static std::pair<std::string, int> parseStatusLine(const std::string& line);
         static std::tuple<std::string, std::string, std::string> parseRequestLine(

ixwebsocket/IXHttpClient.h

@@ -95,7 +95,7 @@ namespace ix
         std::atomic<bool> _stop;
         std::thread _thread;
 
-        std::shared_ptr<Socket> _socket;
+        std::unique_ptr<Socket> _socket;
         std::mutex _mutex; // to protect accessing the _socket (only one socket per client)
 
         SocketTLSOptions _tlsOptions;

ixwebsocket/IXHttpServer.cpp

@@ -69,7 +69,7 @@ namespace ix
         _onConnectionCallback = callback;
     }
 
-    void HttpServer::handleConnection(std::shared_ptr<Socket> socket,
+    void HttpServer::handleConnection(std::unique_ptr<Socket> socket,
                                       std::shared_ptr<ConnectionState> connectionState)
     {
         _connectedClientsCount++;

ixwebsocket/IXHttpServer.h

@@ -43,7 +43,7 @@ namespace ix
         std::atomic<int> _connectedClientsCount;
 
         // Methods
-        virtual void handleConnection(std::shared_ptr<Socket>,
+        virtual void handleConnection(std::unique_ptr<Socket>,
                                       std::shared_ptr<ConnectionState> connectionState) final;
         virtual size_t getConnectedClientsCount() final;
 

ixwebsocket/IXSelectInterruptFactory.cpp

@@ -14,12 +14,12 @@
 
 namespace ix
 {
-    std::shared_ptr<SelectInterrupt> createSelectInterrupt()
+    SelectInterruptPtr createSelectInterrupt()
     {
 #if defined(__linux__) || defined(__APPLE__)
-        return std::make_shared<SelectInterruptPipe>();
+        return std::make_unique<SelectInterruptPipe>();
 #else
-        return std::make_shared<SelectInterrupt>();
+        return std::make_unique<SelectInterrupt>();
 #endif
     }
 } // namespace ix

ixwebsocket/IXSelectInterruptFactory.h

@@ -11,5 +11,6 @@
 namespace ix
 {
     class SelectInterrupt;
-    std::shared_ptr<SelectInterrupt> createSelectInterrupt();
+    using SelectInterruptPtr = std::unique_ptr<SelectInterrupt>;
+    SelectInterruptPtr createSelectInterrupt();
 } // namespace ix

ixwebsocket/IXSocket.cpp

@@ -46,7 +46,7 @@ namespace ix
     PollResultType Socket::poll(bool readyToRead,
                                 int timeoutMs,
                                 int sockfd,
-                                std::shared_ptr<SelectInterrupt> selectInterrupt)
+                                const SelectInterruptPtr& selectInterrupt)
     {
         //
         // We used to use ::select to poll but on Android 9 we get large fds out of

ixwebsocket/IXSocket.h

@@ -38,6 +38,7 @@ typedef SSIZE_T ssize_t;
 namespace ix
 {
     class SelectInterrupt;
+    using SelectInterruptPtr = std::unique_ptr<SelectInterrupt>;
 
     enum class PollResultType
     {
@@ -66,7 +67,7 @@ namespace ix
         // Virtual methods
         virtual bool accept(std::string& errMsg);
 
-        virtual bool connect(const std::string& url,
+        virtual bool connect(const std::string& host,
                              int port,
                              std::string& errMsg,
                              const CancellationRequest& isCancellationRequested);
@@ -93,7 +94,7 @@ namespace ix
         static PollResultType poll(bool readyToRead,
                                    int timeoutMs,
                                    int sockfd,
-                                   std::shared_ptr<SelectInterrupt> selectInterrupt = nullptr);
+                                   const SelectInterruptPtr& selectInterrupt);
 
 
         // Used as special codes for pipe communication
@@ -112,6 +113,6 @@ namespace ix
         std::vector<uint8_t> _readBuffer;
         static constexpr size_t kChunkSize = 1 << 15;
 
-        std::shared_ptr<SelectInterrupt> _selectInterrupt;
+        SelectInterruptPtr _selectInterrupt;
     };
 } // namespace ix

ixwebsocket/IXSocketAppleSSL.cpp

@@ -164,6 +164,26 @@ namespace ix
         return false;
     }
 
+    OSStatus SocketAppleSSL::tlsHandShake(std::string& errMsg,
+                                          const CancellationRequest& isCancellationRequested)
+    {
+        OSStatus status;
+
+        do
+        {
+            status = SSLHandshake(_sslContext);
+
+            // Interrupt the handshake
+            if (isCancellationRequested())
+            {
+                errMsg = "Cancellation requested";
+                return errSSLInternal;
+            }
+        } while (status == errSSLWouldBlock || status == errSSLServerAuthCompleted);
+
+        return status;
+    }
+
     // No wait support
     bool SocketAppleSSL::connect(const std::string& host,
                                  int port,
@@ -190,26 +210,17 @@ namespace ix
                 Boolean option(1);
                 SSLSetSessionOption(_sslContext, kSSLSessionOptionBreakOnServerAuth, option);
 
-                do
-                {
-                    status = SSLHandshake(_sslContext);
-                } while (status == errSSLWouldBlock || status == errSSLServerAuthCompleted);
+                status = tlsHandShake(errMsg, isCancellationRequested);
 
                 if (status == errSSLServerAuthCompleted)
                 {
                     // proceed with the handshake
-                    do
-                    {
-                        status = SSLHandshake(_sslContext);
-                    } while (status == errSSLWouldBlock || status == errSSLServerAuthCompleted);
+                    status = tlsHandShake(errMsg, isCancellationRequested);
                 }
             }
             else
             {
-                do
-                {
-                    status = SSLHandshake(_sslContext);
-                } while (status == errSSLWouldBlock || status == errSSLServerAuthCompleted);
+                status = tlsHandShake(errMsg, isCancellationRequested);
             }
         }
 

ixwebsocket/IXSocketAppleSSL.h

@@ -37,6 +37,9 @@ namespace ix
         static OSStatus writeToSocket(SSLConnectionRef connection, const void* data, size_t* len);
         static OSStatus readFromSocket(SSLConnectionRef connection, void* data, size_t* len);
 
+        OSStatus tlsHandShake(std::string& errMsg,
+                              const CancellationRequest& isCancellationRequested);
+
         SSLContextRef _sslContext;
         mutable std::mutex _mutex; // AppleSSL routines are not thread-safe
 

ixwebsocket/IXSocketConnect.cpp

@@ -8,6 +8,7 @@
 
 #include "IXDNSLookup.h"
 #include "IXNetSystem.h"
+#include "IXSelectInterrupt.h"
 #include "IXSocket.h"
 #include <fcntl.h>
 #include <string.h>
@@ -64,7 +65,8 @@ namespace ix
 
             int timeoutMs = 10;
             bool readyToRead = false;
-            PollResultType pollResult = Socket::poll(readyToRead, timeoutMs, fd);
+            auto selectInterrupt = std::make_unique<SelectInterrupt>();
+            PollResultType pollResult = Socket::poll(readyToRead, timeoutMs, fd, selectInterrupt);
 
             if (pollResult == PollResultType::Timeout)
             {

ixwebsocket/IXSocketFactory.cpp

@@ -24,28 +24,28 @@
 
 namespace ix
 {
-    std::shared_ptr<Socket> createSocket(bool tls,
+    std::unique_ptr<Socket> createSocket(bool tls,
                                          int fd,
                                          std::string& errorMsg,
                                          const SocketTLSOptions& tlsOptions)
     {
         (void) tlsOptions;
         errorMsg.clear();
-        std::shared_ptr<Socket> socket;
+        std::unique_ptr<Socket> socket;
 
         if (!tls)
         {
-            socket = std::make_shared<Socket>(fd);
+            socket = std::make_unique<Socket>(fd);
         }
         else
         {
 #ifdef IXWEBSOCKET_USE_TLS
 #if defined(IXWEBSOCKET_USE_MBED_TLS)
-            socket = std::make_shared<SocketMbedTLS>(tlsOptions, fd);
+            socket = std::make_unique<SocketMbedTLS>(tlsOptions, fd);
 #elif defined(IXWEBSOCKET_USE_OPEN_SSL)
-            socket = std::make_shared<SocketOpenSSL>(tlsOptions, fd);
+            socket = std::make_unique<SocketOpenSSL>(tlsOptions, fd);
 #elif defined(__APPLE__)
-            socket = std::make_shared<SocketAppleSSL>(tlsOptions, fd);
+            socket = std::make_unique<SocketAppleSSL>(tlsOptions, fd);
 #endif
 #else
             errorMsg = "TLS support is not enabled on this platform.";

ixwebsocket/IXSocketFactory.h

@@ -14,7 +14,7 @@
 namespace ix
 {
     class Socket;
-    std::shared_ptr<Socket> createSocket(bool tls,
+    std::unique_ptr<Socket> createSocket(bool tls,
                                          int fd,
                                          std::string& errorMsg,
                                          const SocketTLSOptions& tlsOptions);

ixwebsocket/IXSocketMbedTLS.cpp

@@ -195,8 +195,17 @@ namespace ix
         int res;
         do
         {
-            std::lock_guard<std::mutex> lock(_mutex);
-            res = mbedtls_ssl_handshake(&_ssl);
+            {
+                std::lock_guard<std::mutex> lock(_mutex);
+                res = mbedtls_ssl_handshake(&_ssl);
+            }
+
+            if (isCancellationRequested())
+            {
+                errMsg = "Cancellation requested";
+                close();
+                return false;
+            }
         } while (res == MBEDTLS_ERR_SSL_WANT_READ || res == MBEDTLS_ERR_SSL_WANT_WRITE);
 
         if (res != 0)

ixwebsocket/IXSocketOpenSSL.cpp

@@ -21,6 +21,57 @@
 #endif
 #define socketerrno errno
 
+#ifdef _WIN32
+namespace
+{
+    bool loadWindowsSystemCertificates(SSL_CTX* ssl, std::string& errorMsg)
+    {
+        DWORD flags = CERT_STORE_READONLY_FLAG | CERT_STORE_OPEN_EXISTING_FLAG |
+                      CERT_SYSTEM_STORE_CURRENT_USER;
+        HCERTSTORE systemStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, flags, L"Root");
+
+        if (!systemStore)
+        {
+            errorMsg = "CertOpenStore failed with ";
+            errorMsg += std::to_string(GetLastError());
+            return false;
+        }
+
+        PCCERT_CONTEXT certificateIterator = NULL;
+        X509_STORE* opensslStore = SSL_CTX_get_cert_store(ssl);
+
+        int certificateCount = 0;
+        while (certificateIterator = CertEnumCertificatesInStore(systemStore, certificateIterator))
+        {
+            X509* x509 = d2i_X509(NULL,
+                                  (const unsigned char**) &certificateIterator->pbCertEncoded,
+                                  certificateIterator->cbCertEncoded);
+
+            if (x509)
+            {
+                if (X509_STORE_add_cert(opensslStore, x509) == 1)
+                {
+                    ++certificateCount;
+                }
+
+                X509_free(x509);
+            }
+        }
+
+        CertFreeCertificateContext(certificateIterator);
+        CertCloseStore(systemStore, 0);
+
+        if (certificateCount == 0)
+        {
+            errorMsg = "No certificates found";
+            return false;
+        }
+
+        return true;
+    }
+} // namespace
+#endif
+
 namespace ix
 {
     const std::string kDefaultCiphers =
@@ -131,8 +182,14 @@ namespace ix
             SSL_CTX_set_mode(ctx,
                              SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
 
-            SSL_CTX_set_options(
-                ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_CIPHER_SERVER_PREFERENCE);
+            int options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_CIPHER_SERVER_PREFERENCE;
+
+#ifdef SSL_OP_NO_TLSv1_3
+            // (partially?) work around hang in openssl 1.1.1b, by disabling TLS V1.3
+            // https://github.com/openssl/openssl/issues/7967
+            options |= SSL_OP_NO_TLSv1_3;
+#endif
+            SSL_CTX_set_options(ctx, options);
         }
         return ctx;
     }
@@ -218,7 +275,9 @@ namespace ix
         return true;
     }
 
-    bool SocketOpenSSL::openSSLClientHandshake(const std::string& host, std::string& errMsg)
+    bool SocketOpenSSL::openSSLClientHandshake(const std::string& host,
+                                               std::string& errMsg,
+                                               const CancellationRequest& isCancellationRequested)
     {
         while (true)
         {
@@ -227,6 +286,12 @@ namespace ix
                 return false;
             }
 
+            if (isCancellationRequested())
+            {
+                errMsg = "Cancellation requested";
+                return false;
+            }
+
             ERR_clear_error();
             int connect_result = SSL_connect(_ssl_connection);
             if (connect_result == 1)
@@ -322,6 +387,12 @@ namespace ix
         {
             if (_tlsOptions.isUsingSystemDefaults())
             {
+#ifdef _WIN32
+                if (!loadWindowsSystemCertificates(_ssl_context, errMsg))
+                {
+                    return false;
+                }
+#else
                 if (SSL_CTX_set_default_verify_paths(_ssl_context) == 0)
                 {
                     auto sslErr = ERR_get_error();
@@ -329,6 +400,7 @@ namespace ix
                     errMsg += ERR_error_string(sslErr, nullptr);
                     return false;
                 }
+#endif
             }
             else if (SSL_CTX_load_verify_locations(
                          _ssl_context, _tlsOptions.caFile.c_str(), NULL) != 1)
@@ -571,7 +643,7 @@ namespace ix
             X509_VERIFY_PARAM* param = SSL_get0_param(_ssl_connection);
             X509_VERIFY_PARAM_set1_host(param, host.c_str(), 0);
 #endif
-            handshakeSuccessful = openSSLClientHandshake(host, errMsg);
+            handshakeSuccessful = openSSLClientHandshake(host, errMsg, isCancellationRequested);
         }
 
         if (!handshakeSuccessful)

ixwebsocket/IXSocketOpenSSL.h

@@ -39,7 +39,9 @@ namespace ix
         void openSSLInitialize();
         std::string getSSLError(int ret);
         SSL_CTX* openSSLCreateContext(std::string& errMsg);
-        bool openSSLClientHandshake(const std::string& hostname, std::string& errMsg);
+        bool openSSLClientHandshake(const std::string& hostname,
+                                    std::string& errMsg,
+                                    const CancellationRequest& isCancellationRequested);
         bool openSSLCheckServerCert(SSL* ssl, const std::string& hostname, std::string& errMsg);
         bool checkHost(const std::string& host, const char* pattern);
         bool handleTLSOptions(std::string& errMsg);

ixwebsocket/IXSocketServer.cpp

@@ -7,6 +7,7 @@
 #include "IXSocketServer.h"
 
 #include "IXNetSystem.h"
+#include "IXSelectInterrupt.h"
 #include "IXSetThreadName.h"
 #include "IXSocket.h"
 #include "IXSocketConnect.h"
@@ -257,7 +258,9 @@ namespace ix
             // Use poll to check whether a new connection is in progress
             int timeoutMs = 10;
             bool readyToRead = true;
-            PollResultType pollResult = Socket::poll(readyToRead, timeoutMs, _serverFd);
+            auto selectInterrupt = std::make_unique<SelectInterrupt>();
+            PollResultType pollResult =
+                Socket::poll(readyToRead, timeoutMs, _serverFd, selectInterrupt);
 
             if (pollResult == PollResultType::Error)
             {
@@ -338,7 +341,8 @@ namespace ix
             std::lock_guard<std::mutex> lock(_connectionsThreadsMutex);
             _connectionsThreads.push_back(std::make_pair(
                 connectionState,
-                std::thread(&SocketServer::handleConnection, this, socket, connectionState)));
+                std::thread(
+                    &SocketServer::handleConnection, this, std::move(socket), connectionState)));
         }
     }
 

ixwebsocket/IXSocketServer.h

@@ -101,7 +101,7 @@ namespace ix
         // the factory to create ConnectionState objects
         ConnectionStateFactory _connectionStateFactory;
 
-        virtual void handleConnection(std::shared_ptr<Socket>,
+        virtual void handleConnection(std::unique_ptr<Socket>,
                                       std::shared_ptr<ConnectionState> connectionState) = 0;
         virtual size_t getConnectedClientsCount() = 0;
 

ixwebsocket/IXUdpSocket.cpp

@@ -0,0 +1,96 @@
+/*
+ *  IXUdpSocket.cpp
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2020 Machine Zone, Inc. All rights reserved.
+ */
+
+#include "IXUdpSocket.h"
+
+#include "IXNetSystem.h"
+#include <cstring>
+#include <sstream>
+
+namespace ix
+{
+    UdpSocket::UdpSocket(int fd)
+        : _sockfd(fd)
+    {
+        ;
+    }
+
+    UdpSocket::~UdpSocket()
+    {
+        close();
+    }
+
+    void UdpSocket::close()
+    {
+        if (_sockfd == -1) return;
+
+        closeSocket(_sockfd);
+        _sockfd = -1;
+    }
+
+    int UdpSocket::getErrno()
+    {
+        int err;
+
+#ifdef _WIN32
+        err = WSAGetLastError();
+#else
+        err = errno;
+#endif
+
+        return err;
+    }
+
+    void UdpSocket::closeSocket(int fd)
+    {
+#ifdef _WIN32
+        closesocket(fd);
+#else
+        ::close(fd);
+#endif
+    }
+
+    bool UdpSocket::init(const std::string& host, int port, std::string& errMsg)
+    {
+        _sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+        if (_sockfd < 0)
+        {
+            errMsg = "Could not create socket";
+            return false;
+        }
+
+        memset(&_server, 0, sizeof(_server));
+        _server.sin_family = AF_INET;
+        _server.sin_port = htons(port);
+
+        // DNS resolution.
+        struct addrinfo hints, *result = nullptr;
+        memset(&hints, 0, sizeof(hints));
+        hints.ai_family = AF_INET;
+        hints.ai_socktype = SOCK_DGRAM;
+
+        int ret = getaddrinfo(host.c_str(), nullptr, &hints, &result);
+        if (ret != 0)
+        {
+            errMsg = strerror(UdpSocket::getErrno());
+            freeaddrinfo(result);
+            close();
+            return false;
+        }
+
+        struct sockaddr_in* host_addr = (struct sockaddr_in*) result->ai_addr;
+        memcpy(&_server.sin_addr, &host_addr->sin_addr, sizeof(struct in_addr));
+        freeaddrinfo(result);
+
+        return true;
+    }
+
+    ssize_t UdpSocket::sendto(const std::string& buffer)
+    {
+        return (ssize_t)::sendto(
+            _sockfd, buffer.data(), buffer.size(), 0, (struct sockaddr*) &_server, sizeof(_server));
+    }
+} // namespace ix

ixwebsocket/IXUdpSocket.h

@@ -0,0 +1,40 @@
+/*
+ *  IXUdpSocket.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2020 Machine Zone, Inc. All rights reserved.
+ */
+
+#pragma once
+
+#include <atomic>
+#include <memory>
+#include <string>
+
+#ifdef _WIN32
+#include <BaseTsd.h>
+typedef SSIZE_T ssize_t;
+#endif
+
+#include "IXNetSystem.h"
+
+namespace ix
+{
+    class UdpSocket
+    {
+    public:
+        UdpSocket(int fd = -1);
+        ~UdpSocket();
+
+        // Virtual methods
+        bool init(const std::string& host, int port, std::string& errMsg);
+        ssize_t sendto(const std::string& buffer);
+        void close();
+
+        static int getErrno();
+        static void closeSocket(int fd);
+
+    private:
+        std::atomic<int> _sockfd;
+        struct sockaddr_in _server;
+    };
+} // namespace ix

ixwebsocket/IXUserAgent.cpp

@@ -71,7 +71,7 @@ namespace ix
 #elif defined(IXWEBSOCKET_USE_OPEN_SSL)
         ss << " ssl/OpenSSL " << OPENSSL_VERSION_TEXT;
 #elif __APPLE__
-        ss << " ssl/DarwinSSL";
+        ss << " ssl/SecureTransport";
 #endif
 #else
         ss << " nossl";

ixwebsocket/IXWebSocket.cpp

@@ -19,7 +19,6 @@ namespace ix
     OnTrafficTrackerCallback WebSocket::_onTrafficTrackerCallback = nullptr;
     const int WebSocket::kDefaultHandShakeTimeoutSecs(60);
     const int WebSocket::kDefaultPingIntervalSecs(-1);
-    const int WebSocket::kDefaultPingTimeoutSecs(-1);
     const bool WebSocket::kDefaultEnablePong(true);
     const uint32_t WebSocket::kDefaultMaxWaitBetweenReconnectionRetries(10 * 1000); // 10s
 
@@ -31,7 +30,6 @@ namespace ix
         , _handshakeTimeoutSecs(kDefaultHandShakeTimeoutSecs)
         , _enablePong(kDefaultEnablePong)
         , _pingIntervalSecs(kDefaultPingIntervalSecs)
-        , _pingTimeoutSecs(kDefaultPingTimeoutSecs)
     {
         _ws.setOnCloseCallback(
             [this](uint16_t code, const std::string& reason, size_t wireSize, bool remote) {
@@ -86,18 +84,6 @@ namespace ix
         return _perMessageDeflateOptions;
     }
 
-    void WebSocket::setHeartBeatPeriod(int heartBeatPeriodSecs)
-    {
-        std::lock_guard<std::mutex> lock(_configMutex);
-        _pingIntervalSecs = heartBeatPeriodSecs;
-    }
-
-    int WebSocket::getHeartBeatPeriod() const
-    {
-        std::lock_guard<std::mutex> lock(_configMutex);
-        return _pingIntervalSecs;
-    }
-
     void WebSocket::setPingInterval(int pingIntervalSecs)
     {
         std::lock_guard<std::mutex> lock(_configMutex);
@@ -110,18 +96,6 @@ namespace ix
         return _pingIntervalSecs;
     }
 
-    void WebSocket::setPingTimeout(int pingTimeoutSecs)
-    {
-        std::lock_guard<std::mutex> lock(_configMutex);
-        _pingTimeoutSecs = pingTimeoutSecs;
-    }
-
-    int WebSocket::getPingTimeout() const
-    {
-        std::lock_guard<std::mutex> lock(_configMutex);
-        return _pingTimeoutSecs;
-    }
-
     void WebSocket::enablePong()
     {
         std::lock_guard<std::mutex> lock(_configMutex);
@@ -186,11 +160,8 @@ namespace ix
     {
         {
             std::lock_guard<std::mutex> lock(_configMutex);
-            _ws.configure(_perMessageDeflateOptions,
-                          _socketTLSOptions,
-                          _enablePong,
-                          _pingIntervalSecs,
-                          _pingTimeoutSecs);
+            _ws.configure(
+                _perMessageDeflateOptions, _socketTLSOptions, _enablePong, _pingIntervalSecs);
         }
 
         WebSocketHttpHeaders headers(_extraHeaders);
@@ -229,21 +200,25 @@ namespace ix
             WebSocketErrorInfo(),
             WebSocketOpenInfo(status.uri, status.headers, status.protocol),
             WebSocketCloseInfo()));
+
+        if (_pingIntervalSecs > 0)
+        {
+            // Send a heart beat right away
+            _ws.sendHeartBeat();
+        }
+
         return status;
     }
 
-    WebSocketInitResult WebSocket::connectToSocket(std::shared_ptr<Socket> socket, int timeoutSecs)
+    WebSocketInitResult WebSocket::connectToSocket(std::unique_ptr<Socket> socket, int timeoutSecs)
     {
         {
             std::lock_guard<std::mutex> lock(_configMutex);
-            _ws.configure(_perMessageDeflateOptions,
-                          _socketTLSOptions,
-                          _enablePong,
-                          _pingIntervalSecs,
-                          _pingTimeoutSecs);
+            _ws.configure(
+                _perMessageDeflateOptions, _socketTLSOptions, _enablePong, _pingIntervalSecs);
         }
 
-        WebSocketInitResult status = _ws.connectToSocket(socket, timeoutSecs);
+        WebSocketInitResult status = _ws.connectToSocket(std::move(socket), timeoutSecs);
         if (!status.success)
         {
             return status;
@@ -256,6 +231,13 @@ namespace ix
                                                WebSocketErrorInfo(),
                                                WebSocketOpenInfo(status.uri, status.headers),
                                                WebSocketCloseInfo()));
+
+        if (_pingIntervalSecs > 0)
+        {
+            // Send a heart beat right away
+            _ws.sendHeartBeat();
+        }
+
         return status;
     }
 

ixwebsocket/IXWebSocket.h

@@ -52,9 +52,7 @@ namespace ix
         void setPerMessageDeflateOptions(
             const WebSocketPerMessageDeflateOptions& perMessageDeflateOptions);
         void setTLSOptions(const SocketTLSOptions& socketTLSOptions);
-        void setHeartBeatPeriod(int heartBeatPeriodSecs);
-        void setPingInterval(int pingIntervalSecs); // alias of setHeartBeatPeriod
-        void setPingTimeout(int pingTimeoutSecs);
+        void setPingInterval(int pingIntervalSecs);
         void enablePong();
         void disablePong();
         void enablePerMessageDeflate();
@@ -94,9 +92,7 @@ namespace ix
 
         const std::string& getUrl() const;
         const WebSocketPerMessageDeflateOptions& getPerMessageDeflateOptions() const;
-        int getHeartBeatPeriod() const;
         int getPingInterval() const;
-        int getPingTimeout() const;
         size_t bufferedAmount() const;
 
         void enableAutomaticReconnection();
@@ -117,7 +113,7 @@ namespace ix
         static void invokeTrafficTrackerCallback(size_t size, bool incoming);
 
         // Server
-        WebSocketInitResult connectToSocket(std::shared_ptr<Socket>, int timeoutSecs);
+        WebSocketInitResult connectToSocket(std::unique_ptr<Socket>, int timeoutSecs);
 
         WebSocketTransport _ws;
 

ixwebsocket/IXWebSocketHandshake.cpp

@@ -21,8 +21,8 @@ namespace ix
 {
     WebSocketHandshake::WebSocketHandshake(
         std::atomic<bool>& requestInitCancellation,
-        std::shared_ptr<Socket> socket,
-        WebSocketPerMessageDeflate& perMessageDeflate,
+        std::unique_ptr<Socket>& socket,
+        WebSocketPerMessageDeflatePtr& perMessageDeflate,
         WebSocketPerMessageDeflateOptions& perMessageDeflateOptions,
         std::atomic<bool>& enablePerMessageDeflate)
         : _requestInitCancellation(requestInitCancellation)
@@ -230,7 +230,7 @@ namespace ix
                 _enablePerMessageDeflate = false;
             }
             // Otherwise try to initialize the deflate engine (zlib)
-            else if (!_perMessageDeflate.init(webSocketPerMessageDeflateOptions))
+            else if (!_perMessageDeflate->init(webSocketPerMessageDeflateOptions))
             {
                 return WebSocketInitResult(
                     false, 0, "Failed to initialize per message deflate engine");
@@ -341,7 +341,7 @@ namespace ix
         {
             _enablePerMessageDeflate = true;
 
-            if (!_perMessageDeflate.init(webSocketPerMessageDeflateOptions))
+            if (!_perMessageDeflate->init(webSocketPerMessageDeflateOptions))
             {
                 return WebSocketInitResult(
                     false, 0, "Failed to initialize per message deflate engine");

ixwebsocket/IXWebSocketHandshake.h

@@ -23,8 +23,8 @@ namespace ix
     {
     public:
         WebSocketHandshake(std::atomic<bool>& requestInitCancellation,
-                           std::shared_ptr<Socket> _socket,
-                           WebSocketPerMessageDeflate& perMessageDeflate,
+                           std::unique_ptr<Socket>& _socket,
+                           WebSocketPerMessageDeflatePtr& perMessageDeflate,
                            WebSocketPerMessageDeflateOptions& perMessageDeflateOptions,
                            std::atomic<bool>& enablePerMessageDeflate);
 
@@ -46,8 +46,8 @@ namespace ix
         bool insensitiveStringCompare(const std::string& a, const std::string& b);
 
         std::atomic<bool>& _requestInitCancellation;
-        std::shared_ptr<Socket> _socket;
-        WebSocketPerMessageDeflate& _perMessageDeflate;
+        std::unique_ptr<Socket>& _socket;
+        WebSocketPerMessageDeflatePtr& _perMessageDeflate;
         WebSocketPerMessageDeflateOptions& _perMessageDeflateOptions;
         std::atomic<bool>& _enablePerMessageDeflate;
     };

ixwebsocket/IXWebSocketHttpHeaders.cpp

@@ -32,7 +32,7 @@ namespace ix
     }
 
     std::pair<bool, WebSocketHttpHeaders> parseHttpHeaders(
-        std::shared_ptr<Socket> socket, const CancellationRequest& isCancellationRequested)
+        std::unique_ptr<Socket>& socket, const CancellationRequest& isCancellationRequested)
     {
         WebSocketHttpHeaders headers;
 

ixwebsocket/IXWebSocketHttpHeaders.h

@@ -29,5 +29,5 @@ namespace ix
     using WebSocketHttpHeaders = std::map<std::string, std::string, CaseInsensitiveLess>;
 
     std::pair<bool, WebSocketHttpHeaders> parseHttpHeaders(
-        std::shared_ptr<Socket> socket, const CancellationRequest& isCancellationRequested);
+        std::unique_ptr<Socket>& socket, const CancellationRequest& isCancellationRequested);
 } // namespace ix

ixwebsocket/IXWebSocketPerMessageDeflate.h

@@ -57,4 +57,6 @@ namespace ix
         std::unique_ptr<WebSocketPerMessageDeflateCompressor> _compressor;
         std::unique_ptr<WebSocketPerMessageDeflateDecompressor> _decompressor;
     };
+
+    using WebSocketPerMessageDeflatePtr = std::unique_ptr<WebSocketPerMessageDeflate>;
 } // namespace ix

ixwebsocket/IXWebSocketPerMessageDeflateCodec.cpp

@@ -89,8 +89,12 @@ namespace ix
 
         if (in.empty())
         {
-            uint8_t buf[6] = {0x02, 0x00, 0x00, 0x00, 0xff, 0xff};
-            out.append((char*) (buf), 6);
+            // See issue #167
+            // The normal buffer size should be 6 but
+            // we remove the 4 octets from the tail (#4)
+            uint8_t buf[2] = {0x02, 0x00};
+            out.append((char*) (buf), 2);
+
             return true;
         }
 

ixwebsocket/IXWebSocketServer.cpp

@@ -71,7 +71,7 @@ namespace ix
         _onConnectionCallback = callback;
     }
 
-    void WebSocketServer::handleConnection(std::shared_ptr<Socket> socket,
+    void WebSocketServer::handleConnection(std::unique_ptr<Socket> socket,
                                            std::shared_ptr<ConnectionState> connectionState)
     {
         setThreadName("WebSocketServer::" + connectionState->getId());
@@ -96,7 +96,7 @@ namespace ix
             _clients.insert(webSocket);
         }
 
-        auto status = webSocket->connectToSocket(socket, _handshakeTimeoutSecs);
+        auto status = webSocket->connectToSocket(std::move(socket), _handshakeTimeoutSecs);
         if (status.success)
         {
             // Process incoming messages and execute callbacks

ixwebsocket/IXWebSocketServer.h

@@ -59,7 +59,7 @@ namespace ix
         const static bool kDefaultEnablePong;
 
         // Methods
-        virtual void handleConnection(std::shared_ptr<Socket> socket,
+        virtual void handleConnection(std::unique_ptr<Socket> socket,
                                       std::shared_ptr<ConnectionState> connectionState) final;
         virtual size_t getConnectedClientsCount() final;
     };

ixwebsocket/IXWebSocketTransport.cpp

@@ -51,26 +51,10 @@
 #include <vector>
 
 
-namespace
-{
-    int greatestCommonDivisor(int a, int b)
-    {
-        while (b != 0)
-        {
-            int t = b;
-            b = a % b;
-            a = t;
-        }
-
-        return a;
-    }
-} // namespace
-
 namespace ix
 {
     const std::string WebSocketTransport::kPingMessage("ixwebsocket::heartbeat");
     const int WebSocketTransport::kDefaultPingIntervalSecs(-1);
-    const int WebSocketTransport::kDefaultPingTimeoutSecs(-1);
     const bool WebSocketTransport::kDefaultEnablePong(true);
     const int WebSocketTransport::kClosingMaximumWaitingDelayInMs(300);
     constexpr size_t WebSocketTransport::kChunkSize;
@@ -89,11 +73,8 @@ namespace ix
         , _closingTimePoint(std::chrono::steady_clock::now())
         , _enablePong(kDefaultEnablePong)
         , _pingIntervalSecs(kDefaultPingIntervalSecs)
-        , _pingTimeoutSecs(kDefaultPingTimeoutSecs)
-        , _pingIntervalOrTimeoutGCDSecs(-1)
-        , _nextGCDTimePoint(std::chrono::steady_clock::now())
+        , _pongReceived(false)
         , _lastSendPingTimePoint(std::chrono::steady_clock::now())
-        , _lastReceivePongTimePoint(std::chrono::steady_clock::now())
     {
         _readbuf.resize(kChunkSize);
     }
@@ -107,29 +88,13 @@ namespace ix
         const WebSocketPerMessageDeflateOptions& perMessageDeflateOptions,
         const SocketTLSOptions& socketTLSOptions,
         bool enablePong,
-        int pingIntervalSecs,
-        int pingTimeoutSecs)
+        int pingIntervalSecs)
     {
         _perMessageDeflateOptions = perMessageDeflateOptions;
         _enablePerMessageDeflate = _perMessageDeflateOptions.enabled();
         _socketTLSOptions = socketTLSOptions;
         _enablePong = enablePong;
         _pingIntervalSecs = pingIntervalSecs;
-        _pingTimeoutSecs = pingTimeoutSecs;
-
-        if (pingIntervalSecs > 0 && pingTimeoutSecs > 0)
-        {
-            _pingIntervalOrTimeoutGCDSecs =
-                greatestCommonDivisor(pingIntervalSecs, pingTimeoutSecs);
-        }
-        else if (_pingTimeoutSecs > 0)
-        {
-            _pingIntervalOrTimeoutGCDSecs = pingTimeoutSecs;
-        }
-        else
-        {
-            _pingIntervalOrTimeoutGCDSecs = pingIntervalSecs;
-        }
     }
 
     // Client
@@ -152,6 +117,7 @@ namespace ix
         std::string errorMsg;
         bool tls = protocol == "wss";
         _socket = createSocket(tls, -1, errorMsg, _socketTLSOptions);
+        _perMessageDeflate = std::make_unique<WebSocketPerMessageDeflate>();
 
         if (!_socket)
         {
@@ -174,7 +140,7 @@ namespace ix
     }
 
     // Server
-    WebSocketInitResult WebSocketTransport::connectToSocket(std::shared_ptr<Socket> socket,
+    WebSocketInitResult WebSocketTransport::connectToSocket(std::unique_ptr<Socket> socket,
                                                             int timeoutSecs)
     {
         std::lock_guard<std::mutex> lock(_socketMutex);
@@ -183,7 +149,8 @@ namespace ix
         _useMask = false;
         _blockingSend = true;
 
-        _socket = socket;
+        _socket = std::move(socket);
+        _perMessageDeflate = std::make_unique<WebSocketPerMessageDeflate>();
 
         WebSocketHandshake webSocketHandshake(_requestInitCancellation,
                                               _socket,
@@ -220,7 +187,8 @@ namespace ix
         }
         else if (readyState == ReadyState::OPEN)
         {
-            initTimePointsAndGCDAfterConnect();
+            initTimePointsAfterConnect();
+            _pongReceived = false;
         }
 
         _readyState = readyState;
@@ -231,22 +199,12 @@ namespace ix
         _onCloseCallback = onCloseCallback;
     }
 
-    void WebSocketTransport::initTimePointsAndGCDAfterConnect()
+    void WebSocketTransport::initTimePointsAfterConnect()
     {
         {
             std::lock_guard<std::mutex> lock(_lastSendPingTimePointMutex);
             _lastSendPingTimePoint = std::chrono::steady_clock::now();
         }
-        {
-            std::lock_guard<std::mutex> lock(_lastReceivePongTimePointMutex);
-            _lastReceivePongTimePoint = std::chrono::steady_clock::now();
-        }
-
-        if (_pingIntervalOrTimeoutGCDSecs > 0)
-        {
-            _nextGCDTimePoint = std::chrono::steady_clock::now() +
-                                std::chrono::seconds(_pingIntervalOrTimeoutGCDSecs);
-        }
     }
 
     // Only consider send PING time points for that computation.
@@ -259,13 +217,12 @@ namespace ix
         return now - _lastSendPingTimePoint > std::chrono::seconds(_pingIntervalSecs);
     }
 
-    bool WebSocketTransport::pingTimeoutExceeded()
+    WebSocketSendInfo WebSocketTransport::sendHeartBeat()
     {
-        if (_pingTimeoutSecs <= 0) return false;
-
-        std::lock_guard<std::mutex> lock(_lastReceivePongTimePointMutex);
-        auto now = std::chrono::steady_clock::now();
-        return now - _lastReceivePongTimePoint > std::chrono::seconds(_pingTimeoutSecs);
+        _pongReceived = false;
+        std::stringstream ss;
+        ss << kPingMessage << "::" << _pingIntervalSecs << "s";
+        return sendPing(ss.str());
     }
 
     bool WebSocketTransport::closingDelayExceeded()
@@ -279,46 +236,32 @@ namespace ix
     {
         if (_readyState == ReadyState::OPEN)
         {
-            // if (1) ping timeout is enabled and (2) duration since last received
-            // ping response (PONG) exceeds the maximum delay, then close the connection
-            if (pingTimeoutExceeded())
+            if (pingIntervalExceeded())
             {
-                close(WebSocketCloseConstants::kInternalErrorCode,
-                      WebSocketCloseConstants::kPingTimeoutMessage);
-            }
-            // If ping is enabled and no ping has been sent for a duration
-            // exceeding our ping interval, send a ping to the server.
-            else if (pingIntervalExceeded())
-            {
-                std::stringstream ss;
-                ss << kPingMessage << "::" << _pingIntervalSecs << "s";
-                sendPing(ss.str());
+                if (!_pongReceived)
+                {
+                    // ping response (PONG) exceeds the maximum delay, close the connection
+                    close(WebSocketCloseConstants::kInternalErrorCode,
+                          WebSocketCloseConstants::kPingTimeoutMessage);
+                }
+                else
+                {
+                    sendHeartBeat();
+                }
             }
         }
 
         // No timeout if state is not OPEN, otherwise computed
         // pingIntervalOrTimeoutGCD (equals to -1 if no ping and no ping timeout are set)
-        int lastingTimeoutDelayInMs =
-            (_readyState != ReadyState::OPEN) ? 0 : _pingIntervalOrTimeoutGCDSecs;
+        int lastingTimeoutDelayInMs = (_readyState != ReadyState::OPEN) ? 0 : _pingIntervalSecs;
 
-        if (_pingIntervalOrTimeoutGCDSecs > 0)
+        if (_pingIntervalSecs > 0)
         {
             // compute lasting delay to wait for next ping / timeout, if at least one set
             auto now = std::chrono::steady_clock::now();
-
-            if (now >= _nextGCDTimePoint)
-            {
-                _nextGCDTimePoint = now + std::chrono::seconds(_pingIntervalOrTimeoutGCDSecs);
-
-                lastingTimeoutDelayInMs = _pingIntervalOrTimeoutGCDSecs * 1000;
-            }
-            else
-            {
-                lastingTimeoutDelayInMs =
-                    (int) std::chrono::duration_cast<std::chrono::milliseconds>(_nextGCDTimePoint -
-                                                                                now)
-                        .count();
-            }
+            lastingTimeoutDelayInMs = (int) std::chrono::duration_cast<std::chrono::milliseconds>(
+                                          now - _lastSendPingTimePoint)
+                                          .count();
         }
 
 #ifdef _WIN32
@@ -626,9 +569,7 @@ namespace ix
             }
             else if (ws.opcode == wsheader_type::PONG)
             {
-                std::lock_guard<std::mutex> lck(_lastReceivePongTimePointMutex);
-                _lastReceivePongTimePoint = std::chrono::steady_clock::now();
-
+                _pongReceived = true;
                 emitMessage(MessageKind::PONG, frameData, false, onMessageCallback);
             }
             else if (ws.opcode == wsheader_type::CLOSE)
@@ -684,7 +625,7 @@ namespace ix
                     // send back the CLOSE frame
                     sendCloseFrame(code, reason);
 
-                    _socket->wakeUpFromPoll(Socket::kCloseRequest);
+                    wakeUpFromPoll(Socket::kCloseRequest);
 
                     bool remote = true;
                     closeSocketAndSwitchToClosedState(code, reason, _rxbuf.size(), remote);
@@ -772,7 +713,7 @@ namespace ix
         if (compressedMessage && messageKind != MessageKind::FRAGMENT)
         {
             std::string decompressedMessage;
-            bool success = _perMessageDeflate.decompress(message, decompressedMessage);
+            bool success = _perMessageDeflate->decompress(message, decompressedMessage);
 
             if (messageKind == MessageKind::MSG_TEXT && !validateUtf8(decompressedMessage))
             {
@@ -826,7 +767,7 @@ namespace ix
 
         if (compress)
         {
-            if (!_perMessageDeflate.compress(message, compressedMessage))
+            if (!_perMessageDeflate->compress(message, compressedMessage))
             {
                 bool success = false;
                 compressionError = true;
@@ -904,7 +845,7 @@ namespace ix
         // Request to flush the send buffer on the background thread if it isn't empty
         if (!isSendBufferEmpty())
         {
-            _socket->wakeUpFromPoll(Socket::kSendRequest);
+            wakeUpFromPoll(Socket::kSendRequest);
 
             // FIXME: we should have a timeout when sending large messages: see #131
             if (_blockingSend && !flushSendBuffer())
@@ -1122,6 +1063,12 @@ namespace ix
         _socket->close();
     }
 
+    bool WebSocketTransport::wakeUpFromPoll(uint64_t wakeUpCode)
+    {
+        std::lock_guard<std::mutex> lock(_socketMutex);
+        return _socket->wakeUpFromPoll(wakeUpCode);
+    }
+
     void WebSocketTransport::closeSocketAndSwitchToClosedState(uint16_t code,
                                                                const std::string& reason,
                                                                size_t closeWireSize,
@@ -1169,8 +1116,9 @@ namespace ix
         setReadyState(ReadyState::CLOSING);
 
         sendCloseFrame(code, reason);
+
         // wake up the poll, but do not close yet
-        _socket->wakeUpFromPoll(Socket::kSendRequest);
+        wakeUpFromPoll(Socket::kSendRequest);
     }
 
     size_t WebSocketTransport::bufferedAmount() const

ixwebsocket/IXWebSocketTransport.h

@@ -75,8 +75,7 @@ namespace ix
         void configure(const WebSocketPerMessageDeflateOptions& perMessageDeflateOptions,
                        const SocketTLSOptions& socketTLSOptions,
                        bool enablePong,
-                       int pingIntervalSecs,
-                       int pingTimeoutSecs);
+                       int pingIntervalSecs);
 
         // Client
         WebSocketInitResult connectToUrl(const std::string& url,
@@ -84,7 +83,7 @@ namespace ix
                                          int timeoutSecs);
 
         // Server
-        WebSocketInitResult connectToSocket(std::shared_ptr<Socket> socket, int timeoutSecs);
+        WebSocketInitResult connectToSocket(std::unique_ptr<Socket> socket, int timeoutSecs);
 
         PollResult poll();
         WebSocketSendInfo sendBinary(const std::string& message,
@@ -106,6 +105,9 @@ namespace ix
         void dispatch(PollResult pollResult, const OnMessageCallback& onMessageCallback);
         size_t bufferedAmount() const;
 
+        // internal
+        WebSocketSendInfo sendHeartBeat();
+
     private:
         std::string _url;
 
@@ -169,7 +171,7 @@ namespace ix
         static constexpr size_t kChunkSize = 1 << 15;
 
         // Underlying TCP socket
-        std::shared_ptr<Socket> _socket;
+        std::unique_ptr<Socket> _socket;
         std::mutex _socketMutex;
 
         // Hold the state of the connection (OPEN, CLOSED, etc...)
@@ -183,7 +185,7 @@ namespace ix
         mutable std::mutex _closeDataMutex;
 
         // Data used for Per Message Deflate compression (with zlib)
-        WebSocketPerMessageDeflate _perMessageDeflate;
+        WebSocketPerMessageDeflatePtr _perMessageDeflate;
         WebSocketPerMessageDeflateOptions _perMessageDeflateOptions;
         std::atomic<bool> _enablePerMessageDeflate;
 
@@ -202,39 +204,24 @@ namespace ix
         static const bool kDefaultEnablePong;
 
         // Optional ping and pong timeout
-        // if both ping interval and timeout are set (> 0),
-        // then use GCD of these value to wait for the lowest time
         int _pingIntervalSecs;
-        int _pingTimeoutSecs;
-        int _pingIntervalOrTimeoutGCDSecs;
+        std::atomic<bool> _pongReceived;
 
         static const int kDefaultPingIntervalSecs;
-        static const int kDefaultPingTimeoutSecs;
         static const std::string kPingMessage;
 
-        // Record time step for ping/ ping timeout to ensure we wait for the right left duration
-        std::chrono::time_point<std::chrono::steady_clock> _nextGCDTimePoint;
-
         // We record when ping are being sent so that we can know when to send the next one
-        // We also record when pong are being sent as a reply to pings, to close the connections
-        // if no pong were received sufficiently fast.
         mutable std::mutex _lastSendPingTimePointMutex;
-        mutable std::mutex _lastReceivePongTimePointMutex;
         std::chrono::time_point<std::chrono::steady_clock> _lastSendPingTimePoint;
-        std::chrono::time_point<std::chrono::steady_clock> _lastReceivePongTimePoint;
 
         // If this function returns true, it is time to send a new ping
         bool pingIntervalExceeded();
-
-        // No PONG data was received through the socket for longer than ping timeout delay
-        bool pingTimeoutExceeded();
+        void initTimePointsAfterConnect();
 
         // after calling close(), if no CLOSE frame answer is received back from the remote, we
         // should close the connexion
         bool closingDelayExceeded();
 
-        void initTimePointsAndGCDAfterConnect();
-
         void sendCloseFrame(uint16_t code, const std::string& reason);
 
         void closeSocketAndSwitchToClosedState(uint16_t code,
@@ -242,6 +229,8 @@ namespace ix
                                                size_t closeWireSize,
                                                bool remote);
 
+        bool wakeUpFromPoll(uint64_t wakeUpCode);
+
         bool flushSendBuffer();
         bool sendOnSocket();
         bool receiveFromSocket();

ixwebsocket/IXWebSocketVersion.h

@@ -6,4 +6,4 @@
 
 #pragma once
 
-#define IX_WEBSOCKET_VERSION "8.1.7"
+#define IX_WEBSOCKET_VERSION "9.2.1"

makefile

@@ -1,5 +1,13 @@
 #
-# This makefile is just used to easily work with docker (linux build)
+# This makefile is used for convenience, and wrap simple cmake commands
+# You don't need to use it as an end user, it is more for developer.
+#
+# * work with docker (linux build)
+# * execute the unittest
+#
+# The default target will install ws, the command line tool coming with
+# IXWebSocket into /usr/local/bin
+#
 #
 all: brew
 
@@ -8,14 +16,23 @@ install: brew
 # Use -DCMAKE_INSTALL_PREFIX= to install into another location
 # on osx it is good practice to make /usr/local user writable
 # sudo chown -R `whoami`/staff /usr/local
+#
+# Release, Debug, MinSizeRel, RelWithDebInfo are the build types
+#
 brew:
 	mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 -DUSE_TEST=1 .. ; make -j 4 install)
 
+# Docker default target. We've add problem with OpenSSL and TLS 1.3 (on the
+# server side ?) and I can't work-around it easily, so we're using mbedtls on
+# Linux for the SSL backend, which works great.
+ws_mbedtls_install:
+	mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=MinSizeRel -DUSE_TLS=1 -DUSE_WS=1 -DUSE_MBED_TLS=1 .. ; make -j 4 install)
+
 ws:
 	mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 .. ; make -j 4)
 
 ws_install:
-	mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 .. ; make -j 4 install)
+	mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=MinSizeRel -DUSE_TLS=1 -DUSE_WS=1 .. ; make -j 4 install)
 
 ws_openssl:
 	mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 -DUSE_OPEN_SSL=1 .. ; make -j 4)
@@ -65,6 +82,8 @@ docker_push:
 	docker push ${LATEST}
 	docker push ${IMG}
 
+deploy: docker docker_push
+
 run:
 	docker run --cap-add sys_ptrace --entrypoint=sh -it bsergean/ws:build
 
@@ -87,12 +106,51 @@ test:
 	mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 -DUSE_TEST=1 .. ; make -j 4)
 	(cd test ; python2.7 run.py -r)
 
-test_openssl:
-	mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_OPEN_SSL=1 -DUSE_TEST=1 .. ; make -j 4)
+test_tsan:
+	mkdir -p build && (cd build && cmake -GXcode -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_TEST=1 .. && xcodebuild -project ixwebsocket.xcodeproj -target ixwebsocket_unittest -enableThreadSanitizer YES)
+	(cd build/test ; ln -sf Debug/ixwebsocket_unittest)
 	(cd test ; python2.7 run.py -r)
 
-test_mbedtls:
+test_ubsan:
+	mkdir -p build && (cd build && cmake -GXcode -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_TEST=1 .. && xcodebuild -project ixwebsocket.xcodeproj -target ixwebsocket_unittest -enableUndefinedBehaviorSanitizer YES)
+	(cd build/test ; ln -sf Debug/ixwebsocket_unittest)
+	(cd test ; python2.7 run.py -r)
+
+test_asan:
+	mkdir -p build && (cd build && cmake -GXcode -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_TEST=1 .. && xcodebuild -project ixwebsocket.xcodeproj -target ixwebsocket_unittest -enableAddressSanitizer YES)
+	(cd build/test ; ln -sf Debug/ixwebsocket_unittest)
+	(cd test ; python2.7 run.py -r)
+
+test_tsan_openssl:
+	mkdir -p build && (cd build && cmake -GXcode -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_TEST=1 -DUSE_OPEN_SSL=1 .. && xcodebuild -project ixwebsocket.xcodeproj -target ixwebsocket_unittest -enableThreadSanitizer YES)
+	(cd build/test ; ln -sf Debug/ixwebsocket_unittest)
+	(cd test ; python2.7 run.py -r)
+
+test_ubsan_openssl:
+	mkdir -p build && (cd build && cmake -GXcode -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_TEST=1 -DUSE_OPEN_SSL=1 .. && xcodebuild -project ixwebsocket.xcodeproj -target ixwebsocket_unittest -enableUndefinedBehaviorSanitizer YES)
+	(cd build/test ; ln -sf Debug/ixwebsocket_unittest)
+	(cd test ; python2.7 run.py -r)
+
+test_tsan_openssl_release:
+	mkdir -p build && (cd build && cmake -GXcode -DCMAKE_BUILD_TYPE=Release -DUSE_TLS=1 -DUSE_TEST=1 -DUSE_OPEN_SSL=1 .. && xcodebuild -project ixwebsocket.xcodeproj -configuration Release -target ixwebsocket_unittest -enableThreadSanitizer YES)
+	(cd build/test ; ln -sf Release/ixwebsocket_unittest)
+	(cd test ; python2.7 run.py -r)
+
+test_tsan_mbedtls:
+	mkdir -p build && (cd build && cmake -GXcode -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_TEST=1 -DUSE_MBED_TLS=1 .. && xcodebuild -project ixwebsocket.xcodeproj -target ixwebsocket_unittest -enableThreadSanitizer YES)
+	(cd build/test ; ln -sf Debug/ixwebsocket_unittest)
+	(cd test ; python2.7 run.py -r)
+
+build_test_openssl:
+	mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_OPEN_SSL=1 -DUSE_TEST=1 .. ; make -j 4)
+
+test_openssl: build_test_openssl
+	(cd test ; python2.7 run.py -r)
+
+build_test_mbedtls:
 	mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_MBED_TLS=1 -DUSE_TEST=1 .. ; make -j 4)
+
+test_mbedtls: build_test_mbedtls
 	(cd test ; python2.7 run.py -r)
 
 test_no_ssl:

test/.certs/selfsigned-client-crt.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDQTCCAimgAwIBAgIUNJBwOQdDle1TI/MHGd+cSpxIllwwDQYJKoZIhvcNAQEL
+BQAwSDEUMBIGA1UECgwLbWFjaGluZXpvbmUxFDASBgNVBAoMC0lYV2ViU29ja2V0
+MRowGAYDVQQDDBFzZWxmc2lnbmVkLWNsaWVudDAeFw0yMDAzMTIyMzA0MzdaFw0y
+MTAzMTIyMzA0MzdaMEgxFDASBgNVBAoMC21hY2hpbmV6b25lMRQwEgYDVQQKDAtJ
+WFdlYlNvY2tldDEaMBgGA1UEAwwRc2VsZnNpZ25lZC1jbGllbnQwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7q6W0f5vRSHaNOuM1VQpY0rC0a5u04J5Z
+nssUD1QfgilY1UEaaR/4K6ILE4oClqeDsQy/7+04Wt6i/ttceB/k1Jk6n0kgdtvA
+CsX1H+nA7JL7ANBZvQ6W2E1mwJieTDSVDgL4YB9qzJQu3PdwZJgm5GTlVK66DMr1
+IH2EYwu73M/ZwOzfgyd7m0TcgkRV8OHiD1dVDERNQR9gzDUsBtCoWPmzXxgPMOSE
+Oq1sEhNC0bPaG3zTDvCv0t4Hti33po/U8PZwOtz2b8StSjS5BnvEDnksAtEZuNEu
+4B3KJN4Oxrtgh7DYdiF7S9Gh0dN6yqtRfDWkGyC9WkyoqpFKCM4fAgMBAAGjIzAh
+MB8GA1UdEQQYMBaCCWxvY2FsaG9zdIIJMTI3LjAuMC4xMA0GCSqGSIb3DQEBCwUA
+A4IBAQB4oIutDYbCRfsyWRAiAY+D9rhYsJYlsQjyml1q2+pCv7BJ1kWsKk7m2VMX
+Tl6CM+PI0zXPpLN6Ot79jf/jxEbDMvqrBgGpYfddvLhyTFnzIZpG8d63RvzPADF6
+lV3x34eZf/EdtrWgZAHK+5oZjtzePGHwKDFIPva9nvJXYIxNwKYWGRX8HSm0OZi2
+FQiaOt6WYLo7ZdefNPS9nugFRM6hfztJe6WvvglKm+BTnHbCSKj5xRuT9iA80+jX
+Zij7po8opY3S+zEZ0eNUCHxMBQ+2Jdq3HxggJ2cFQVRHdvKfwzmavVeGgni75d16
++xFD5nS3g3eIEME+lZ8c8GbL0AJ4
+-----END CERTIFICATE-----

test/.certs/selfsigned-client-key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAu6ultH+b0Uh2jTrjNVUKWNKwtGubtOCeWZ7LFA9UH4IpWNVB
+Gmkf+CuiCxOKApang7EMv+/tOFreov7bXHgf5NSZOp9JIHbbwArF9R/pwOyS+wDQ
+Wb0OlthNZsCYnkw0lQ4C+GAfasyULtz3cGSYJuRk5VSuugzK9SB9hGMLu9zP2cDs
+34Mne5tE3IJEVfDh4g9XVQxETUEfYMw1LAbQqFj5s18YDzDkhDqtbBITQtGz2ht8
+0w7wr9LeB7Yt96aP1PD2cDrc9m/ErUo0uQZ7xA55LALRGbjRLuAdyiTeDsa7YIew
+2HYhe0vRodHTesqrUXw1pBsgvVpMqKqRSgjOHwIDAQABAoIBAQC2q7IESj2x7TWv
+7ITiEZ+bq6DiTOfnnMeldkI3iWAZt0lltVXETlUW6+mznFY2hMwTDE/bt78Qnqqc
+vzNoA2kQBLwNaqP0XJ0zhYkAOwr9hYjflwA2iSZdP7e/b3JeitCX0WakunN6Mh1+
+rAiRtui+2os3CkF0yST4iqKCLSJrvSvvK5fU92aKEaE3k9kznBljvVOJIIRQBUPz
+G8tvtPgpLALrT7XMnGfaCyGS8c1IbFMm84KTxAlVV0bnuGgeYQ2VupqUmZpJjcJ0
+B08hr7vPfxz3UXSOKwYY8TRfmF3X370ky5Ov2I9ddg27V1QoeRTWlL7VMxRtiSer
+hoM5SPKpAoGBAO0vBd1Z6425wGT0PClUbJAVm2OBYMDnl2RmhBK5TAxrKjs9ag08
+65jfVCMD8wDMDhEbvbmzkgRa9BC6AY97JBmyr4m9oGfA7oenuou+a9LYAKqtO0ts
+hxHf2LnpC1HCyh4+l5gohjlUG7gSVu/oBhNTJNKmqUKuQ8v1b6My/JR9AoGBAMqP
+DugL9DusECncKHQbaIEzvEBe+QErcUxXxq+G4LLvFTZVvthHbrZ/0cxm5Ve6rfd2
+krqjYFA3WPOuTcKEUouNeRK2A4V6PbnSdpf0kagN6KbEjK66ZSZs8wnWitghqo7J
+n2IHcSDEEACTyjS7K8HjPx0fQGU1tzkG/7/xs3vLAoGAI61JEoyuE/l26TibvBPI
+6Lt3TjZt2VZ8vUt2XmKk/9E23wZT533canhdbY7whJQtIYGsvjw2oJUV1VZFWdHK
+EluAcBWoBTNOLfWa595S1bpMD2BTZPsELjofnYdifn/wazA7GVYvKnxuVvfbP+cE
+0u9UwKL1HuSbqhhXHJNUzvkCgYAeFRLsqWHTPuGDpfuoCq4BijJqCPDIGLCR2vNZ
+/BkA2fr3f9KBAlLR7be1uI5U8heGCekOqNbT8vRV9Ev+GHK94PvbKIbrWtUx9KzC
+MoMzRyWHJueRx4LgKwwJKQCjypQu8oimIV7Os++AdnJwVF/SQrKL26lPnqOgZ4ax
+9e5m8wKBgQCF626EmJk34+WTGEa5gdTx567Y+1EAbag+7fQSskwiRPvRN2fcg3H8
+ynUAtIgWbrecgKhblXxc7zwJrl41P71uQzCFspgvOPXMxL2xqN+tnTfuz84OXk26
+h1xSdS3e+JYsWUIxqbH1W59S+dC7KtklBAcUxb8DNpDoVjVBeAEqzw==
+-----END RSA PRIVATE KEY-----

test/.certs/trusted-ca-crt.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDYzCCAkugAwIBAgIUD0V1mxoZF9TNpsoyvuHU2zhrg0wwDQYJKoZIhvcNAQEL
+BQAwQTEUMBIGA1UECgwLbWFjaGluZXpvbmUxFDASBgNVBAoMC0lYV2ViU29ja2V0
+MRMwEQYDVQQDDAp0cnVzdGVkLWNhMB4XDTIwMDMxMjIzMDQzN1oXDTMwMDMxMDIz
+MDQzN1owQTEUMBIGA1UECgwLbWFjaGluZXpvbmUxFDASBgNVBAoMC0lYV2ViU29j
+a2V0MRMwEQYDVQQDDAp0cnVzdGVkLWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAr2nVpfIzxsxK76Va+HaBfZ7aqjk90zipzH3/CWuMMN9wzBhg2HPE
+cRreq1vKm2M/L9CZH6y6fnr68n8lW4rDATmbH0GeY4OqI9jw/mfjL4jUsAxwRi4X
+kkk4G2nz1G81LvWLFXXAZlOxeHSZtpPh5OP1tNGiJNL4eGVxjlwFJIFwDvweJ/tW
+J7dh/FTzO0jqh8FheJTeJO64Gflqfln64WRUOPSpO7v4KmyesM/BGwGMfZjcwhs/
+KZT+OKXpPgYhdmAZJE24ftwWTP84DP9wnJbNqTRt0r5ud+q8EusKIjw/Pbf/tPUF
+7J0bkMp4y5/+7MMuIxeZ+s2uHdp6hmwdJQIDAQABo1MwUTAdBgNVHQ4EFgQUPARq
+Vm19yGgWqEnpNT1ILIkfWhEwHwYDVR0jBBgwFoAUPARqVm19yGgWqEnpNT1ILIkf
+WhEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAEIsTvJhs6r2r
+x1xrHKaGo4sSuywJiZqMabvC9g22Xw3Cno5qGVFYWi4k0qjX/j9DN36DyOY1rei+
+kNBnOnLdtdNDltcvaLeA/9SeIhxRYOwjXpPzy9AqHpGZPui988qtptA+DI+IOLAm
+mQyssYC4doDcohMXaI7KumKHojTDAPrF2INJRTF9zWgbsFjvSWU5CY5CNERWCydh
+OXfzFylifScNOppioZL9VTa6At7R+MGg834kMi6WDIvtD6Ibn+pw0bV60aiMhBe8
+8qgZ8lxjGOHlvQrjqdk65smhfaECJcFJxybOSA3Z1f+Y9j/p0e0hyUJM/b/NouaE
+64H6vXczLQ==
+-----END CERTIFICATE-----

test/.certs/trusted-ca-crt.srl

@@ -0,0 +1 @@
+297E3BFAD1F1F96A60A2AF0F48B092E705C0C68A

test/.certs/trusted-ca-key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAr2nVpfIzxsxK76Va+HaBfZ7aqjk90zipzH3/CWuMMN9wzBhg
+2HPEcRreq1vKm2M/L9CZH6y6fnr68n8lW4rDATmbH0GeY4OqI9jw/mfjL4jUsAxw
+Ri4Xkkk4G2nz1G81LvWLFXXAZlOxeHSZtpPh5OP1tNGiJNL4eGVxjlwFJIFwDvwe
+J/tWJ7dh/FTzO0jqh8FheJTeJO64Gflqfln64WRUOPSpO7v4KmyesM/BGwGMfZjc
+whs/KZT+OKXpPgYhdmAZJE24ftwWTP84DP9wnJbNqTRt0r5ud+q8EusKIjw/Pbf/
+tPUF7J0bkMp4y5/+7MMuIxeZ+s2uHdp6hmwdJQIDAQABAoIBAH4sPkUTJjMEl5Iw
++nJlq1bUgKyYZ+QaiehRaLU56qjsz5G+p0qKWu6QSUIw0Fdc2AJopPunnq2DgCYV
+VqW19fZXnUCqTmd+OU93qEEWMM/sODA5gji4xrOufvEZEQ3ov/R7IgPZov73jFv8
+YuR1ErM1VXMuptad+aOANGIVxo0ubDEXKK/zhOfUUXQy7ZsEruJCCIpigULU159r
+sVOq2lwgLz+hClFBIq0IKAKqiPWpw2GtHtU5WtAo3qZEMJkNM5SppjDmS2Wy3qN6
+Gq6sXtlAmLFZAyVpXXklQK3mCaAs5gcV94nm+r++F884obaOtJ126uDdIKlL+A6k
+l41DXwECgYEA4KAswbdoa18J1Ql2QtwW3+knEaUO62JH11RO5VV02uiYv4v4mHmA
+prnl1jsfgbc3qfIlZWDLlNRovKCfQSj/HzOe4Hd+gEPiSYjA77PRqQeYTPXTf0Ml
+IQ3j9z1CdBWNoKJ18CEiIncvjpDYkdFf3RsawcnYXklXRjmm6kIJJzUCgYEAx+oA
+gm/xXK28P/CFksZzsseF5i/1MPdniyP3oY34DlEmDvl9ZA1Z52De8vojfNd9X12M
+ccjiGMMGgknJqncCB+uTWYFy2pWnr9dVVxf+oirAlT1Z03AkT5gxmIZ3FUQw8VkB
+HjKJYD1mpTwoSlc+DR3R0xNdl84nkUI2hxGErDECgYEAjdsZ6MyXGRfP8cYj9V1g
+5M8taStAHM7YZ9hKavJo9cZmkLEoscIpySElUQHNh/HZKW5Ox5M1fiwWaOlXKaNm
+WqIS99b/AKneQmomzjpVcdXmDNRCWOBilllbWkxJp13lL0jqClgiYnm6guJeotgD
+HnN7ll6OUh0nDKZkDxTdCvECgYEAtlQZet2WCKz70GURrjgJNbj7ymFbAvniGekH
+5PSSlJw2Vdn+Hs5+fKTBMmIpE6eF1QCBIxXQAD1/Jj0eDLbVx1t33F5P3kQ32AxQ
+7UoZFtZfJr35uvnAZEeulCmvWloDOVuvxVbaLEhT4cfoB0VidpwHzrcO2XFQbQ8y
+pCW6F0ECgYBbO0NU/Jlu3acIzGwAv69CMo8udwnWrhzGStZD67swdQ/yxHVpx2RH
+0sNk6UfLku8Mal7Pp+RglAmsOZEjSgk1V92J9lXYjYD8IUNwNyRRCpQ8xu0KPgDM
+XGeUca/Ao7jRVcsPOiqFH7wgfEjyzpO85X/K9BoBnA0EcUTOScaqmw==
+-----END RSA PRIVATE KEY-----

test/.certs/trusted-client-crt.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDNzCCAh+gAwIBAgIUKX47+tHx+Wpgoq8PSLCS5wXAxoowDQYJKoZIhvcNAQEL
+BQAwQTEUMBIGA1UECgwLbWFjaGluZXpvbmUxFDASBgNVBAoMC0lYV2ViU29ja2V0
+MRMwEQYDVQQDDAp0cnVzdGVkLWNhMB4XDTIwMDMxMjIzMDQzN1oXDTIxMDMxMjIz
+MDQzN1owRTEUMBIGA1UECgwLbWFjaGluZXpvbmUxFDASBgNVBAoMC0lYV2ViU29j
+a2V0MRcwFQYDVQQDDA50cnVzdGVkLWNsaWVudDCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBALijaV0JhdoRAXnD5fX5W/9nZFb6jor6lIGW56Mdn+11ICYw
+GoJ7ATnygUwfBMepoD5RfJ5pkNxYewo8N5JR+8rb4V9atJCSYQLT8P7Dm2YNMtkq
+mNiRuRLrTqoPYajEzz5ENWSNnsjUB1GMGEpcCvRDgsTF24OsVV9BmLV166BEye7w
+ah+jk1YYJHbEnNT4wzr4drJSGEYh2aRO72yY+ROe49Tz/GVVXfCamcj88z5hOS/+
++nCF/odLLB9Ij4xhR8WwTrwE/TxlkIQRBBPTsNetZjvMQZT+TkKw9nNjdoHiDlz9
+BLOYxovUIB8OtOQQfour8V7nwZ2bL9Pp51mnmBsCAwEAAaMjMCEwHwYDVR0RBBgw
+FoIJbG9jYWxob3N0ggkxMjcuMC4wLjEwDQYJKoZIhvcNAQELBQADggEBAFTus7o2
+fQuSMk52qXUESVWG4ygvd2scV58zRrLxZL7Ug9p4DIJo0cY59l3Vhwn2xDSYlAFi
+1h/qSEGkR2a0U2LzMK7BPSkqqYceSwnUvnwHvCwgH9aL1Rvk/4f1sFfsKegjScle
+wraYsRmpidEZJYICvokHev36mX3fHaZZEU+WIoTvChgu0OtD+qkI4DECywLgtB92
+/geabKC3C5JgiW0Jz8AScWoO2uKHFeuD2nfI1SiAbfMIAmG3RTanbZ8JMEVomVep
+txMNGnojun923KTEScnH3cQfnkJjm2AM5yKgT6I/OHELe9Gg7R0IOJbiPmSru7/k
+x5tBp3iMsZZ26VE=
+-----END CERTIFICATE-----

test/.certs/trusted-client-key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAuKNpXQmF2hEBecPl9flb/2dkVvqOivqUgZbnox2f7XUgJjAa
+gnsBOfKBTB8Ex6mgPlF8nmmQ3Fh7Cjw3klH7ytvhX1q0kJJhAtPw/sObZg0y2SqY
+2JG5EutOqg9hqMTPPkQ1ZI2eyNQHUYwYSlwK9EOCxMXbg6xVX0GYtXXroETJ7vBq
+H6OTVhgkdsSc1PjDOvh2slIYRiHZpE7vbJj5E57j1PP8ZVVd8JqZyPzzPmE5L/76
+cIX+h0ssH0iPjGFHxbBOvAT9PGWQhBEEE9Ow161mO8xBlP5OQrD2c2N2geIOXP0E
+s5jGi9QgHw605BB+i6vxXufBnZsv0+nnWaeYGwIDAQABAoIBAFQ2XAEOLdmW9ghW
+fBUjRX2I56/wGYFz5rXwYPf5tA625BHm0MCAX7/RRn20jBaQ3EBwJBmQZnzJclzp
+uCLpd6E/hlxaX46s5MhIaFuaVc9G59E653mnhTUG09smptE16pwouf2BxlEsu6XK
+8u0/a9Oa0xLydztoJ4wJvB/Ph8eRsbdbfL/ZAe+vk+bEp9ugyec3B5KTc+hWRneH
+BRfe239OX4mEhxNoO1tPJz1hJLjJH5F/iE1wkjSzLr1SI/cSbcbnyYj/kyXmktZw
+uaeFptkT6rB9GO0YunEPzzuQ4EEPpK9F63uu74dGqyW56STq26km7diAHhEpFdp1
+7X0rfHECgYEA5YPtjdqKEn5pQEdehqFnzi3IIu593o7baM6qEyFpMsTP53QCjUKX
+rrImyr2opfFKrXrI0IYXlDgOZApb2sKLoeP/wpfZiGSyqrzj+Y49cNRHjH643ClL
+Ri5eO6TRBukAW1gQFwuVBPbcnswaU6Ah85uTxqj+hO0g18rkuVdf72MCgYEAzfHH
+lb9TMf4DZEoL7GMpc4gDG9V66UWWzXyJB4CWHd6QX1vl6Ow5wE7q3fewD4SNgvDs
+DHZ8oqK2OMKJH/h/tqxyu+g1huajOhPqy1TIt5ncMjS0sguQ+7bQeHASKLxHhjPC
+YdqGMxOBQI5olWGq5U9Td5TYE95qk50KoIyNnekCgYEAkhMwa1tPC0w3UrjZuZga
+yEetHEZsB+0mSgNWjYxzNuO6atYUFbHvdjlepSSmpM74t4bxLn5ZnXU7+4H4SjgN
+xMCm9EPPKJbme/Jyqk9UXW5OB2ZT45PIm+dBBHb2ro43MuvOecxeUOWJLuw6SUUe
+trwrBoJiU1nU0GMKxceNgH8CgYEAzeNMpDG9S7ply6qXVwEf3Kd6bCY1leaDR/Wb
+zMtJyJzL+vmV1RHs/ownFDfeZPUgwGp5olAGdFV1FTOvAS5fB9JJdgBFGxOS1ao5
+zoN5kswYLn0wtNsJXAy9R9rK3Ly2SL2QNGHSTlfOnSqB9e3JeyyeBmvgxaRTKjYS
+/MTng5kCgYAIL79seoBnd9ZSp8A7QUBighxBn6DwrvLgexaysmC0zYqxbatczHk9
+iFbQRmPnFHhUt4URhxyhCoTgd7F0JpxklQODNfseVwtDiDMj8Fu8Tfmn6+9GdFRv
+0QEU+dR3gi98bO6G4IuAFGO9emXho3Snu6odRmh4HZVNOdLCuQe1Cw==
+-----END RSA PRIVATE KEY-----

test/.certs/trusted-server-crt.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDNzCCAh+gAwIBAgIUKX47+tHx+Wpgoq8PSLCS5wXAxokwDQYJKoZIhvcNAQEL
+BQAwQTEUMBIGA1UECgwLbWFjaGluZXpvbmUxFDASBgNVBAoMC0lYV2ViU29ja2V0
+MRMwEQYDVQQDDAp0cnVzdGVkLWNhMB4XDTIwMDMxMjIzMDQzN1oXDTIxMDMxMjIz
+MDQzN1owRTEUMBIGA1UECgwLbWFjaGluZXpvbmUxFDASBgNVBAoMC0lYV2ViU29j
+a2V0MRcwFQYDVQQDDA50cnVzdGVkLXNlcnZlcjCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAMK5XAcHJwVSor1SfoMM5H5aNfNnM4JKq8kfAOl6KlXCsgs3
+bBcrJ24gEG6/goxkgLxhC1SXdbebt3Jay2lxAa9/7Uj87yztozSsctMkxXE0u3R+
+ih+9sP7ctpZ1hrF2Gv+ztd49/mXe1iRLPhkPijGpPlNsfie/TYybrw3WQlGH8jUm
+MnW12QUOzoBrIOCO6uIxFBJ1qiMq5mIBLlYOMj+MQubnQdvaQPNf1zaZWsCVGyTv
+95roHAb/s70Ie4r4ATcubtZs/ftjvzSmJegodTprPAedkrJ/k6Od9as7hpL37605
+haBU5pMyPNMWYi1MwYc9k0R0IpCKdyeX0huHfpkCAwEAAaMjMCEwHwYDVR0RBBgw
+FoIJbG9jYWxob3N0ggkxMjcuMC4wLjEwDQYJKoZIhvcNAQELBQADggEBAI41ZI4Z
+WbPFB1e+wIWQE7O2rJMeTEImjBOtcJEN3bqhsdE3Zqk0fPaE6jNz0Fp4IXqUYXzo
+SGsgBroV6sgknuLo8HdcTLcg8p9qZ3FGFHFQD1QYINn4ykupJZE2KcrIV8BZ/Tiv
+ciFrJ7i/qwpOrTRBV/w47yP3WZ3v8UdBnj5URD0v/yaAfkaReDO59Dlht/wyItQi
+GkDczMqMF1GTqcLqBwZdfpHq7B/UI8sp58a6eR9lOgryYCr+QJn7TcZrYzkcSWzg
+KE6VuzK6+NElvtg1hSST2Rc/RuuKzexsO/PLesVzaU/6NdDwXmpuSxeCiWm1mosA
+xfQZ9fSOQG6reFk=
+-----END CERTIFICATE-----

test/.certs/trusted-server-key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAwrlcBwcnBVKivVJ+gwzkflo182czgkqryR8A6XoqVcKyCzds
+FysnbiAQbr+CjGSAvGELVJd1t5u3clrLaXEBr3/tSPzvLO2jNKxy0yTFcTS7dH6K
+H72w/ty2lnWGsXYa/7O13j3+Zd7WJEs+GQ+KMak+U2x+J79NjJuvDdZCUYfyNSYy
+dbXZBQ7OgGsg4I7q4jEUEnWqIyrmYgEuVg4yP4xC5udB29pA81/XNplawJUbJO/3
+mugcBv+zvQh7ivgBNy5u1mz9+2O/NKYl6Ch1Oms8B52Ssn+To531qzuGkvfvrTmF
+oFTmkzI80xZiLUzBhz2TRHQikIp3J5fSG4d+mQIDAQABAoIBACFw4dwXH11rpqUq
+4K0y7p7AcVl+1LrAhiYBHA/8uf6GdDs25mpIL/paqVfLrejcbbtsUxzQ8hd5N5T9
+AMf371kreB27ynuFyCyInSOjwgDCFJtaC/CNjDMIxpaqUlpxtQtK2qXzMZhfH5mW
+DnERWSNUNG7xR+0djnziU7rlm/gSOxUA2gS/5ik9JXAx0yoML7HWlBbk0PJ5o8Ac
+sy6w/YwJVZAjXyUuYptPy2bK8WpGAsthw6RmW1fdOdDAUC3wz7TIKLuPD0AP9g7j
+u8grDYtD+U3ls1Z1Grow2UUG8CedotzVE8KIhDWi35aNiGIuaMFnnLf2OO/Mgd6G
+V82kkLECgYEA4sBtNsmlfFteFmHPS0s8wzg7lzLN15yifk7kO9GQcsbymXVSgU93
+XnvADAflly382pyMpr7Fb6V126iOx+YQhr6ya116S4UtAKq4kCau3Im6OedKefwx
+B71rST+vuAlUcv2ZcAVRJK8GtQQvwcAeI24ShPOXC+vyFAaaZ5eZo/0CgYEA29dZ
+LcREVlv2Tgy/YJVnZ7EYRGiheuF0rl0d0+Stggj34fSS1cexv3gMF13HBk2HpXfW
+3LfJyj2iGRZE9OUjN0ozVIVZWgZS/cwZbEUyl3o6IK0kPE4fZBaE16Onh4OGXKwr
+XTG+EjmIJRVRawECbLMONj5rHQLdcy+5YIH28c0CgYEA1XSL2y2MCTsBoVRGDf0v
+oB7JihYbTEN5fCnMFLu8nS/HpMqa9nvWRS19plWwvdZe13TTuwyPVACQqE1Oy8M5
+/354+zUuMPWXXa9YuuqPZbCJjIS8yYSsqzqXSocXZcnyo6Uz0g5PSpcxWyorwtqW
+BIhUCrA8ms5sPonQxIAj9AkCgYBd/6g7722g11VrbfvuWjOKnKhZp7tUBU6Ut2/n
+iCHANgF3ddHK4sXXrobM/uX4hfH4CFOwsEzx0oSa4XC+nbL/ExT7kMDxwz59EmXU
+a4oERtjP2/hgaK73ZsGKSol5Yf1zZpJsGLbCqCLUaFcVv6q/u5faDbpS/0Sc2c0T
+vL5QCQKBgQCL6ySxvEb5+zst/kRxXcnefXjoB+LSYsU4zy8WfkcP4r38AAQ2Hn+F
+f3/9BUX+2gNr99VDMjI+TUEf+NdQA/nFu4RbFvJ9Wpw9pXkIJpJkZ9g3Why4Ziji
+h0IrXm5JCet71+EIMwP0LhKJKrXZudlzP4DYMWmA7Avqb3HIdPXd7Q==
+-----END RSA PRIVATE KEY-----

test/.certs/untrusted-ca-crt.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDZzCCAk+gAwIBAgIUBEbp5x1IlwAV6OcQ/4xHk1Y+K4UwDQYJKoZIhvcNAQEL
+BQAwQzEUMBIGA1UECgwLbWFjaGluZXpvbmUxFDASBgNVBAoMC0lYV2ViU29ja2V0
+MRUwEwYDVQQDDAx1bnRydXN0ZWQtY2EwHhcNMjAwMzEyMjMwNDM3WhcNMzAwMzEw
+MjMwNDM3WjBDMRQwEgYDVQQKDAttYWNoaW5lem9uZTEUMBIGA1UECgwLSVhXZWJT
+b2NrZXQxFTATBgNVBAMMDHVudHJ1c3RlZC1jYTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAMmmYROZf/Kg46b/0Zvq4pUY8ghUEA+eYit8dLyUZ/onoW4l
+xl3CK5NhJIer62Olv7QIu8WhU/hYoeE+8lLva9v0HaJgGjKmPQ3tyej319PzIc7o
+uKatrQ0BAi/KReBQOoqAGqa+DBIGAHoi29x4wZ/ZGSjeVManNb58Lz3+caFlZRCW
+8vcrE5J8OcpD+0O/CKM1UJDlTVFSBJS229my5WjxQnfNZeuxRnMxOCah/qaJsZZr
+FdRd0th2mRZtpjM8vZfXuoUcK+XVSENuJKdqFR4hXQU5Xq62ofxz+IiToPHO24zi
+S1lp7ggeIrgZXaz2I+7LmIy6gnZWP6oXE8XcyW8CAwEAAaNTMFEwHQYDVR0OBBYE
+FJLe6w7SsBTwFnIQYjjjH16p/3zDMB8GA1UdIwQYMBaAFJLe6w7SsBTwFnIQYjjj
+H16p/3zDMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAGrHNKNe
+5UqrNPdIXlGwpabOdrhmAc9yN/tXiB386lByktIeOShS6pvD+UuV14PcTXUFGCwW
+2o8I5OE/+O8w+InyWyV7qC7dgeWyEL4qDAuIYmxs71T2VOv/eekYp1Zq/o3kL3hI
+f0oxonJVZXkR4p39L4TCS3z6EiWRJxWlI4LVNcvWgkwJB8w7wIxSbql0Y/EO9yoU
+07u8QHVj7Nth7YteacOpj8jEy42SuWq5sdW7ccMgEfptRSYiVAmgD7mOCaELCBHz
+NVqyLRPkvWqX7apqDy9vR3ZnMiHWEpTPeQqK12GJbVMW53AVEDWKiL0bhrjnY/uS
+dwnpMp7fEUJLXQk=
+-----END CERTIFICATE-----

test/.certs/untrusted-ca-crt.srl

@@ -0,0 +1 @@
+5CB637D0B24622D344F4C956FE5930B22CF87221

test/.certs/untrusted-ca-key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEAyaZhE5l/8qDjpv/Rm+rilRjyCFQQD55iK3x0vJRn+iehbiXG
+XcIrk2Ekh6vrY6W/tAi7xaFT+Fih4T7yUu9r2/QdomAaMqY9De3J6PfX0/Mhzui4
+pq2tDQECL8pF4FA6ioAapr4MEgYAeiLb3HjBn9kZKN5Uxqc1vnwvPf5xoWVlEJby
+9ysTknw5ykP7Q78IozVQkOVNUVIElLbb2bLlaPFCd81l67FGczE4JqH+pomxlmsV
+1F3S2HaZFm2mMzy9l9e6hRwr5dVIQ24kp2oVHiFdBTlerrah/HP4iJOg8c7bjOJL
+WWnuCB4iuBldrPYj7suYjLqCdlY/qhcTxdzJbwIDAQABAoIBAQCWRBLRLTDoWDZs
+6vODEczZOGacCDCTwv3609qV8K1u/3tPfnzMv3YDdH9pTpaxggFSIrPyeN7/EOVI
+2cRwQxQIK2it6Jl9Jt4WdB1jKtW9js+hxVBcfM2ZBChh/oSFvKNzNDUoDjUmdSyD
+11gpeh8ng/s4tj1Mb6wgD6CQvPxmPLsJZ3swxdSFgR5hpXXELtAK+oOlP0Y6SFpi
+d5AyiaMP9imBKQV7qgJSiKWVtSAvMhfCOPaeYM9wPCA9nha6dYGC8Fgh9FklOf2+
+fj+0dqmbWwa3xuEBfZ7oS+uKnzzcBvTxtNz/U8b9bPzTtoJU6Z6P3wLIB5x8DgQ3
+NcDqVbtRAoGBAOnEl1hfHsm1Ni0flugvNSY5pRF9CGQjbTk2tQxEfsPc7LiNZxjF
+NFyJK2wVs17bsCI4PUO9nnMjnCi86SMKj0ifVoroYlMkt4ruY9iQPTLbrJpTBF/X
+LkU77s6TSeOQdzUlVPcIXfTCYwguicpIP6kOcohHplmzdurWtl723GqHAoGBANzT
+1G2h8dS7UtR0GRO4u9QM8jhRFszariovI6eOEKPaVhBhPeiwwcWRq40un7koCLzU
+WA5CV6h1fGQVvN8pjpZdXYUAa26jlnISQLvNgNvwD2b5UjRi4tH2QuV0LOAMiMGs
+vcQtpjM12RNfii/Tdun0mYZ9pcb65T4p5VubM9vZAoGADl4i3y+ZeNRGbCeQ4txj
+6+GHH7gLl/wFborKPeLH18nwUrd+KquUOEvF+3Kp/56JCNFkEpHI91Ks+mQCAEFZ
+5SDF9Ourf2i2Tzevs1PKLyIJTcLkde+HzIGOf+vVksMCUKXmvvgori50X8Bcf65J
+G17j8zRUKRc6q9xegR+zFGkCgYEAtA2UG3/76nSCaO/wsn/hxlh39ytG5+k2MPcW
+nzvanX8cxWZEUEIu/KR1uDvXx+S4mx6YXagCSTziG8kNovgDZt7hrdxVvHRt6ryv
+Q3GgK7RlGpUXTdeDEac1jFlZbaVKrH/oitidtwuk34L67VwCjWf+9gXk8YUI/dKz
+TCoT8qECgYEAyUbioIZuc6iWF2oIk3VuPdWHUvhuhzvYr+gb++P/xIXraEUMI81c
+UFUDOw+jVVF6H0aioD1rRUczF9vJVE1pUZrXHbAViPECr6QgZTl1mluHtxnT8Asq
+7sXS69HdlV+k+P+YZ51qRXRLKZsjwSJwn8fCRWS+7HPdQ3ogIWp1Q+A=
+-----END RSA PRIVATE KEY-----

test/.certs/untrusted-client-crt.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDOzCCAiOgAwIBAgIUXLY30LJGItNE9MlW/lkwsiz4ciEwDQYJKoZIhvcNAQEL
+BQAwQzEUMBIGA1UECgwLbWFjaGluZXpvbmUxFDASBgNVBAoMC0lYV2ViU29ja2V0
+MRUwEwYDVQQDDAx1bnRydXN0ZWQtY2EwHhcNMjAwMzEyMjMwNDM3WhcNMjEwMzEy
+MjMwNDM3WjBHMRQwEgYDVQQKDAttYWNoaW5lem9uZTEUMBIGA1UECgwLSVhXZWJT
+b2NrZXQxGTAXBgNVBAMMEHVudHJ1c3RlZC1jbGllbnQwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQC5SOVG06/37lekGxkBJUt7AN3Xw708jN8XI7DR1sq+
+NPeGN/wEfCUSIHJXQq1fqBJQkYKpyYa9EkvQs2RhrOXahul3ZdX1kP3zxQLvvbxU
+EcB2gMS4B61EqnmBHRMsj+dI91++YSEFE1hkolD3+gQtm0+FVbPoXt5Y3rBAF/l0
+UMvrBsgraB12OHUlqqj8WkUIul37u8XcnsnPWKoigWb2k+/W47LCGsd+haRnulIK
+ADQOsjNs7wy3IV9d8zCifEV0YUT5ZPBg2K2f1lpYfOSobK7JLqgV03HVrkROQfej
+FTvMRtDAxlsa6bHLrGUeBhCNaO7SLj16oo5nMCq4DnTjAgMBAAGjIzAhMB8GA1Ud
+EQQYMBaCCWxvY2FsaG9zdIIJMTI3LjAuMC4xMA0GCSqGSIb3DQEBCwUAA4IBAQDH
+7XbX6dCzUCGj91835gvTPr5FgKrTqocVQ+EtCxJxRVvqB4zj7/80SHxByyWz9XJQ
+IBZmDz298nVqfW6uegq3qU29sG9OAOOg6I0SpWOL9qq/ZKMoEqRv6fHnjHhRiOwT
+isqdZISh1vhoIvcUpNsm1PwpaDxerjeE3oPyuNO0P0lKI5jykO3orDANGvyC8fzx
+jxlDsSXCgmcaPh99752vBe8UlY1M8t4GxsJAV8DXxdDZCYIWMe+/C5aQ2xDvj3+l
+vYht9+yc6ebl5uGOttgWSYPxdryCynDKsdBfXxet9Ix/qdsLF9hwU2JokVDh50J+
+er36eML3WvEO2HuBKTq8
+-----END CERTIFICATE-----

test/.certs/untrusted-client-key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAuUjlRtOv9+5XpBsZASVLewDd18O9PIzfFyOw0dbKvjT3hjf8
+BHwlEiByV0KtX6gSUJGCqcmGvRJL0LNkYazl2obpd2XV9ZD988UC7728VBHAdoDE
+uAetRKp5gR0TLI/nSPdfvmEhBRNYZKJQ9/oELZtPhVWz6F7eWN6wQBf5dFDL6wbI
+K2gddjh1Jaqo/FpFCLpd+7vF3J7Jz1iqIoFm9pPv1uOywhrHfoWkZ7pSCgA0DrIz
+bO8MtyFfXfMwonxFdGFE+WTwYNitn9ZaWHzkqGyuyS6oFdNx1a5ETkH3oxU7zEbQ
+wMZbGumxy6xlHgYQjWju0i49eqKOZzAquA504wIDAQABAoIBAHle6OG2dUShmkNj
+hMOdXI5ciPV3wRRS6yhLNt6eJvzl0WbYcXu2nsn6+ytyAAPzItwoFUGHQ33C6Grz
+uEPLcF3vliuiR7+ulMwEN+I3lZA0eLCntTUfwj6CtUkAdLjyIv1HHi6ljW23uGVj
+dkqaOfZuEG81Lr5+toPci/PQQJYR4btVJJHCXJ6KVx6w8i++fwcRwby9riNhWAzk
+8OhUiSTTsx9sioBk62QRB8Qs0LVR5tGbDSrpQW5Ns9KnH7sayInwEN94PTsPKcqY
+i/oNNZG+qvSf8jG8QiIMdyGx/goVKuQVx5Gev8my5mnfuVM/oXB20T56z2iII64V
+kNh/sNECgYEA3qjAPqTY0rnu2tmvQN1PwAfyENz3XmTVWpVtBvedPj3qiV3mXJGZ
+qQoS0wb/2t/D05GhTxBJARk8foorNzGchMVtECMlGxDAs1vBw6dwSK5hJnw47PQQ
+Q68Vz/zwvrzJgmeijPow87PdpomYECgerTa6BynH8W0ffuSNIJC8Ke8CgYEA1Qd2
+FpwFjUFqhYbcvR3VG8qAMIF8RKLzmQDDZh7liKMeHLypdXRz1ZEa6NFkvsg7qRZh
+ahe/ULubnRhdOxs0JVyZPS0dU3ZmHT9bBcIuLzC//5e1ictXUZspFzIHE9T4suLC
+Xnh2vqQzlEy3iZLx5B6FMzc3ws7LM7q7L2AfqE0CgYAMkvEQWJTaCaAAgeyQuC7J
+xGkaJLBfh0g5LlkS3Kbnne2Bxmi874gC8MuxWSLXxG01pHK8mUnWIwu0ha79FfMl
+2FRZZfKxfZe0SUk++FSx9g8MclVwpDPK7rdHoJwj2Vtz3tBiL7rV+GFbB0gsGWfq
+Fj4ZK3XcH3J44wVJQoMtxwKBgQDM/ZkMuKY+/yvZwaS39vUTARHJm1BRW9y85pcg
+tap6iTx4urL2a1Drue4DCzu+uj9uvjKPPLrEnUNpMADG166eJTTwQXFu1wf8LPMR
+34FBt8+JzBrMtfcYeA5aW7Gjy9Rljv8qmRDq8mcP1aLnp5dMxHG4jvIBa6zt4kot
+lHniIQKBgQDWuMWA2Q1kcKKy7OJszp60jO+ftq306QMoDsPNFLUUUtCxNSrpAeC2
+MVvI4kzIn+6hYsMdRsqDSadosuKE4ZzCPIfuyadiAKTAO5esBJs7KAQFMJXSnfY7
++Zs1QUcdLZAWivO7j3ZASbR8L/1mawlBMgyIaT9YKp1+iW+uzaYgUQ==
+-----END RSA PRIVATE KEY-----

test/CMakeLists.txt

@@ -50,18 +50,22 @@ set (SOURCES
   IXHttpServerTest.cpp
   IXUnityBuildsTest.cpp
   IXHttpTest.cpp
-  IXCobraChatTest.cpp
-  IXCobraMetricsPublisherTest.cpp
   IXDNSLookupTest.cpp
   IXWebSocketSubProtocolTest.cpp
   IXSentryClientTest.cpp
   IXWebSocketChatTest.cpp
+  IXWebSocketBroadcastTest.cpp
 )
 
 # Some unittest don't work on windows yet
+# Windows without TLS does not have hmac yet
 if (UNIX)
   list(APPEND SOURCES
     IXWebSocketCloseTest.cpp
+    IXCobraChatTest.cpp
+    IXCobraMetricsPublisherTest.cpp
+    IXCobraToSentryBotTest.cpp
+    IXCobraToStatsdBotTest.cpp
   )
 endif()
 
@@ -93,12 +97,14 @@ if (JSONCPP_FOUND)
   target_link_libraries(ixwebsocket_unittest ${JSONCPP_LIBRARIES})
 endif()
 
+# library with the most dependencies come first
+target_link_libraries(ixwebsocket_unittest ixbots)
 target_link_libraries(ixwebsocket_unittest ixsnake)
 target_link_libraries(ixwebsocket_unittest ixcobra)
+target_link_libraries(ixwebsocket_unittest ixsentry)
 target_link_libraries(ixwebsocket_unittest ixwebsocket)
 target_link_libraries(ixwebsocket_unittest ixcrypto)
 target_link_libraries(ixwebsocket_unittest ixcore)
-target_link_libraries(ixwebsocket_unittest ixsentry)
 
 target_link_libraries(ixwebsocket_unittest spdlog)
 

test/Catch2/single_include/catch.hpp

@@ -14993,4 +14993,3 @@ using Catch::Detail::Approx;
 // end catch_reenable_warnings.h
 // end catch.hpp
 #endif // TWOBLUECUBES_SINGLE_INCLUDE_CATCH_HPP_INCLUDED
-

test/IXCobraChatTest.cpp

@@ -37,7 +37,9 @@ namespace
     class CobraChat
     {
     public:
-        CobraChat(const std::string& user, const std::string& session, const std::string& endpoint);
+        CobraChat(const std::string& user,
+                  const std::string& session,
+                  const ix::CobraConfig& config);
 
         void subscribe(const std::string& channel);
         void start();
@@ -54,7 +56,7 @@ namespace
     private:
         std::string _user;
         std::string _session;
-        std::string _endpoint;
+        ix::CobraConfig _cobraConfig;
 
         std::queue<Json::Value> _publish_queue;
         mutable std::mutex _queue_mutex;
@@ -72,10 +74,10 @@ namespace
 
     CobraChat::CobraChat(const std::string& user,
                          const std::string& session,
-                         const std::string& endpoint)
+                         const ix::CobraConfig& config)
         : _user(user)
         , _session(session)
-        , _endpoint(endpoint)
+        , _cobraConfig(config)
         , _stop(false)
         , _connectedAndSubscribed(false)
     {
@@ -122,31 +124,38 @@ namespace
     void CobraChat::subscribe(const std::string& channel)
     {
         std::string filter;
-        _conn.subscribe(channel, filter, [this](const Json::Value& msg) {
-            spdlog::info("receive {}", msg.toStyledString());
+        std::string position("$");
 
-            if (!msg.isObject()) return;
-            if (!msg.isMember("user")) return;
-            if (!msg.isMember("text")) return;
-            if (!msg.isMember("session")) return;
+        _conn.subscribe(channel,
+                        filter,
+                        position,
+                        [this](const Json::Value& msg, const std::string& /*position*/) {
+                            spdlog::info("receive {}", msg.toStyledString());
 
-            std::string msg_user = msg["user"].asString();
-            std::string msg_text = msg["text"].asString();
-            std::string msg_session = msg["session"].asString();
+                            if (!msg.isObject()) return;
+                            if (!msg.isMember("user")) return;
+                            if (!msg.isMember("text")) return;
+                            if (!msg.isMember("session")) return;
 
-            // We are not interested in messages
-            // from a different session.
-            if (msg_session != _session) return;
+                            std::string msg_user = msg["user"].asString();
+                            std::string msg_text = msg["text"].asString();
+                            std::string msg_session = msg["session"].asString();
 
-            // We are not interested in our own messages
-            if (msg_user == _user) return;
+                            // We are not interested in messages
+                            // from a different session.
+                            if (msg_session != _session) return;
 
-            _receivedQueue.push(msg);
+                            // We are not interested in our own messages
+                            if (msg_user == _user) return;
 
-            std::stringstream ss;
-            ss << std::endl << msg_user << " > " << msg_text << std::endl << _user << " > ";
-            log(ss.str());
-        });
+                            _receivedQueue.push(msg);
+
+                            std::stringstream ss;
+                            ss << std::endl
+                               << msg_user << " > " << msg_text << std::endl
+                               << _user << " > ";
+                            log(ss.str());
+                        });
     }
 
     void CobraChat::sendMessage(const std::string& text)
@@ -166,19 +175,9 @@ namespace
     //
     void CobraChat::run()
     {
-        // "chat" conf
-        std::string appkey("FC2F10139A2BAc53BB72D9db967b024f");
         std::string channel = _session;
-        std::string role = "_sub";
-        std::string secret = "66B1dA3ED5fA074EB5AE84Dd8CE3b5ba";
-        SocketTLSOptions socketTLSOptions;
 
-        _conn.configure(appkey,
-                        _endpoint,
-                        role,
-                        secret,
-                        ix::WebSocketPerMessageDeflateOptions(true),
-                        socketTLSOptions);
+        _conn.configure(_cobraConfig);
         _conn.connect();
 
         _conn.setEventCallback([this, channel](ix::CobraConnectionEventType eventType,
@@ -218,7 +217,7 @@ namespace
             }
             else if (eventType == ix::CobraConnection_EventType_Published)
             {
-                Logger() << "Subscriber: published message acked: " << msgId;
+                TLogger() << "Subscriber: published message acked: " << msgId;
             }
         });
 
@@ -262,7 +261,7 @@ TEST_CASE("Cobra_chat", "[cobra_chat]")
     SECTION("Exchange and count sent/received messages.")
     {
         int port = getFreePort();
-        snake::AppConfig appConfig = makeSnakeServerConfig(port);
+        snake::AppConfig appConfig = makeSnakeServerConfig(port, true);
 
         // Start a redis server
         ix::RedisServer redisServer(appConfig.redisPort);
@@ -278,13 +277,20 @@ TEST_CASE("Cobra_chat", "[cobra_chat]")
         setupTrafficTrackerCallback();
 
         std::string session = ix::generateSessionId();
+        std::string appkey("FC2F10139A2BAc53BB72D9db967b024f");
+        std::string role = "_sub";
+        std::string secret = "66B1dA3ED5fA074EB5AE84Dd8CE3b5ba";
+        std::string endpoint = makeCobraEndpoint(port, true);
 
-        std::stringstream ss;
-        ss << "ws://localhost:" << port;
-        std::string endpoint = ss.str();
+        ix::CobraConfig config;
+        config.endpoint = endpoint;
+        config.appkey = appkey;
+        config.rolename = role;
+        config.rolesecret = secret;
+        config.socketTLSOptions = makeClientTLSOptions();
 
-        CobraChat chatA("jean", session, endpoint);
-        CobraChat chatB("paul", session, endpoint);
+        CobraChat chatA("jean", session, config);
+        CobraChat chatB("paul", session, config);
 
         chatA.start();
         chatB.start();