session resume wip, for mac only

More test code for #140.

.clang-format

@@ -0,0 +1,47 @@
+# https://releases.llvm.org/7.0.0/tools/clang/docs/ClangFormatStyleOptions.html
+
+---
+Language: Cpp
+
+BasedOnStyle: WebKit
+
+AlignAfterOpenBracket: Align
+AlignOperands: true
+AlignTrailingComments: true
+AllowAllParametersOfDeclarationOnNextLine: true
+AllowShortBlocksOnASingleLine: false
+AllowShortCaseLabelsOnASingleLine: true
+AllowShortFunctionsOnASingleLine: false
+AllowShortIfStatementsOnASingleLine: true
+AllowShortLoopsOnASingleLine: false
+AlwaysBreakTemplateDeclarations: true
+BinPackArguments: false
+BinPackParameters: false
+BreakBeforeBinaryOperators: None
+BreakBeforeBraces: Allman
+BreakConstructorInitializersBeforeComma: true
+ColumnLimit: 100
+ConstructorInitializerAllOnOneLineOrOnePerLine: false
+Cpp11BracedListStyle: true
+FixNamespaceComments: true
+IncludeBlocks:   Regroup
+IncludeCategories:
+  - Regex:           '^["<](stdafx|pch)\.h[">]$'
+    Priority:        -1
+  - Regex:           '^<Windows\.h>$'
+    Priority:        3
+  - Regex:           '^<(WinIoCtl|winhttp|Shellapi)\.h>$'
+    Priority:        4
+  - Regex:           '.*'
+    Priority:        2
+IndentCaseLabels: true
+IndentWidth: 4
+KeepEmptyLinesAtTheStartOfBlocks: false
+MaxEmptyLinesToKeep: 2
+NamespaceIndentation: All
+PenaltyReturnTypeOnItsOwnLine: 1000
+PointerAlignment: Left
+SpaceAfterTemplateKeyword: false
+SpaceAfterCStyleCast: true
+Standard: Cpp11
+UseTab: Never

.dockerignore

@@ -1,3 +1,4 @@
 build
 CMakeCache.txt
 ws/CMakeCache.txt
+test/build

.github/workflows/ccpp.yml

@@ -0,0 +1,50 @@
+name: C/C++ CI
+
+on: [push]
+
+jobs:
+  linux:
+    runs-on: ubuntu-latest
+    
+    steps:
+    - uses: actions/checkout@v1
+    - name: make test
+      run: make test
+
+  mac:
+    runs-on: macOS-latest
+
+    steps:
+    - uses: actions/checkout@v1
+
+    - name: install redis
+      run: brew install redis
+
+    - name: start redis server
+      run: brew services start redis
+
+    - name: make test
+      run: make test
+
+      #  # Windows does not work yet, I'm stuck at getting CMake to run + finding vcpkg
+      #  win:
+      #    runs-on: windows-2016
+      #
+      #    steps:
+      #    - uses: actions/checkout@v1
+      #
+      #    - name: run cmake
+      #      run: |
+      #        "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvars64.bat"
+      #        mkdir build
+      #        cd build
+      #        cmake -DCMAKE_TOOLCHAIN_FILE=%VCPKG_INSTALLATION_ROOT%\scripts\buildsystems\vcpkg.cmake -DUSE_WS=1 -DUSE_TEST=1 -DUSE_TLS=1 -G"NMake Makefiles" ..
+      #    - name: build
+      #      run: |
+      #        "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvars64.bat"
+      #        cd build
+      #        nmake
+      #    - name: run tests
+      #      run: 
+      #        cd test
+      #        ..\build\test\ixwebsocket_unittest.exe

.gitignore

@@ -1 +1,7 @@
 build
+*.pyc
+venv
+ixsnake/ixsnake/.certs/
+site/
+ws/.certs/
+ws/.srl

.pre-commit-config.yaml

@@ -0,0 +1,7 @@
+repos:
+-   repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v2.3.0
+    hooks:
+    -   id: check-yaml
+    -   id: end-of-file-fixer
+    -   id: trailing-whitespace

.travis.yml

@@ -1,17 +1,59 @@
-language: cpp
-dist: xenial
+language: bash
 
-compiler:
-  - gcc
-  - clang
-os:
-  - linux
-  - osx
+# See https://github.com/amaiorano/vectrexy/blob/master/.travis.yml
+# for ideas on installing vcpkg
 
 matrix:
-  exclude:
-    # GCC fails on recent Travis OSX images.
-    - compiler: gcc
-      os: osx
+  include:
+    # macOS
+    # - os: osx
+    #   env:
+    #     - HOMEBREW_NO_AUTO_UPDATE=1
+    #   compiler: clang
+    #   script:
+    #     - brew install redis
+    #     - brew services start redis
+    #     - brew install mbedtls
+    #     - python test/run.py
+    #     - make ws
 
-script: python test/run.py
+    Linux
+    - os: linux
+      dist: bionic
+      before_install:
+        - sudo apt-get install -y libmbedtls-dev
+        - sudo apt-get install -y redis-server
+      script: 
+      - python test/run.py
+      #  - make ws
+      env:
+        - CC=gcc
+        - CXX=g++
+
+    # Clang + Linux disabled for now
+    # - os: linux
+    #   dist: xenial
+    #   script: python test/run.py
+    #   env:
+    #     - CC=clang 
+    #     - CXX=clang++
+
+    # Windows
+    # - os: windows
+    #   env:
+    #     - CMAKE_PATH="/c/Program Files/CMake/bin"
+    #   script: 
+    #     - cd third_party/zlib
+    #     - cmake .
+    #     - cmake --build . --target install
+    #     - cd ../..
+    #     # - cd third_party/mbedtls
+    #     # - cmake .
+    #     # - cmake --build . --target install
+    #     # - cd ../..
+    #     - export PATH=$CMAKE_PATH:$PATH
+    #     - cd test
+    #     - cmake .
+    #     - cmake --build --parallel .
+    #     - ixwebsocket_unittest.exe
+    #     # - python test/run.py

CMake/FindJsonCpp.cmake

@@ -0,0 +1,19 @@
+# Find package structure taken from libcurl
+
+include(FindPackageHandleStandardArgs)
+
+find_path(JSONCPP_INCLUDE_DIRS json/json.h)
+find_library(JSONCPP_LIBRARY jsoncpp)
+
+find_package_handle_standard_args(JSONCPP
+    FOUND_VAR
+      JSONCPP_FOUND
+    REQUIRED_VARS
+      JSONCPP_LIBRARY
+      JSONCPP_INCLUDE_DIRS
+    FAIL_MESSAGE
+      "Could NOT find jsoncpp"
+)
+
+set(JSONCPP_INCLUDE_DIRS ${JSONCPP_INCLUDE_DIRS})
+set(JSONCPP_LIBRARIES ${JSONCPP_LIBRARY})

CMake/FindMbedTLS.cmake

@@ -0,0 +1,13 @@
+find_path(MBEDTLS_INCLUDE_DIRS mbedtls/ssl.h)
+
+find_library(MBEDTLS_LIBRARY mbedtls)
+find_library(MBEDX509_LIBRARY mbedx509)
+find_library(MBEDCRYPTO_LIBRARY mbedcrypto)
+
+set(MBEDTLS_LIBRARIES "${MBEDTLS_LIBRARY}" "${MBEDX509_LIBRARY}" "${MBEDCRYPTO_LIBRARY}")
+
+include(FindPackageHandleStandardArgs)
+find_package_handle_standard_args(MBEDTLS DEFAULT_MSG
+    MBEDTLS_INCLUDE_DIRS MBEDTLS_LIBRARY MBEDX509_LIBRARY MBEDCRYPTO_LIBRARY)
+
+mark_as_advanced(MBEDTLS_INCLUDE_DIRS MBEDTLS_LIBRARY MBEDX509_LIBRARY MBEDCRYPTO_LIBRARY)

CMakeLists.txt

@@ -4,14 +4,15 @@
 #
 
 cmake_minimum_required(VERSION 3.4.1)
+set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/CMake;${CMAKE_MODULE_PATH}")
+
 project(ixwebsocket C CXX)
 
 set (CMAKE_CXX_STANDARD 14)
 set (CXX_STANDARD_REQUIRED ON)
 set (CMAKE_CXX_EXTENSIONS OFF)
 
-# -Wshorten-64-to-32 does not work with clang
-if (NOT WIN32)
+if (UNIX)
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -Wextra -pedantic")
 endif()
 
@@ -20,54 +21,77 @@ if ("${CMAKE_CXX_COMPILER_ID}" MATCHES "Clang")
 endif()
 
 set( IXWEBSOCKET_SOURCES
+    ixwebsocket/IXCancellationRequest.cpp
+    ixwebsocket/IXConnectionState.cpp
+    ixwebsocket/IXDNSLookup.cpp
+    ixwebsocket/IXExponentialBackoff.cpp
+    ixwebsocket/IXHttp.cpp
+    ixwebsocket/IXHttpClient.cpp
+    ixwebsocket/IXHttpServer.cpp
+    ixwebsocket/IXNetSystem.cpp
+    ixwebsocket/IXSelectInterrupt.cpp
+    ixwebsocket/IXSelectInterruptFactory.cpp
     ixwebsocket/IXSocket.cpp
-    ixwebsocket/IXSocketServer.cpp
     ixwebsocket/IXSocketConnect.cpp
     ixwebsocket/IXSocketFactory.cpp
-    ixwebsocket/IXDNSLookup.cpp
-    ixwebsocket/IXCancellationRequest.cpp
-    ixwebsocket/IXNetSystem.cpp
+    ixwebsocket/IXSocketServer.cpp
+    ixwebsocket/IXSocketTLSOptions.cpp
+    ixwebsocket/IXUrlParser.cpp
+    ixwebsocket/IXUserAgent.cpp
     ixwebsocket/IXWebSocket.cpp
-    ixwebsocket/IXWebSocketServer.cpp
-    ixwebsocket/IXWebSocketTransport.cpp
+    ixwebsocket/IXWebSocketCloseConstants.cpp
     ixwebsocket/IXWebSocketHandshake.cpp
+    ixwebsocket/IXWebSocketHttpHeaders.cpp
+    ixwebsocket/IXWebSocketMessageQueue.cpp
     ixwebsocket/IXWebSocketPerMessageDeflate.cpp
     ixwebsocket/IXWebSocketPerMessageDeflateCodec.cpp
     ixwebsocket/IXWebSocketPerMessageDeflateOptions.cpp
-    ixwebsocket/IXWebSocketHttpHeaders.cpp
-    ixwebsocket/IXHttpClient.cpp
-    ixwebsocket/IXUrlParser.cpp
-    ixwebsocket/IXSelectInterrupt.cpp
-    ixwebsocket/IXSelectInterruptFactory.cpp
-    ixwebsocket/IXConnectionState.cpp
+    ixwebsocket/IXWebSocketServer.cpp
+    ixwebsocket/IXWebSocketTransport.cpp
+    ixwebsocket/LUrlParser.cpp
 )
 
 set( IXWEBSOCKET_HEADERS
-    ixwebsocket/IXSocket.h
-    ixwebsocket/IXSocketServer.h
-    ixwebsocket/IXSocketConnect.h
-    ixwebsocket/IXSocketFactory.h
-    ixwebsocket/IXSetThreadName.h
-    ixwebsocket/IXDNSLookup.h
     ixwebsocket/IXCancellationRequest.h
+    ixwebsocket/IXConnectionState.h
+    ixwebsocket/IXDNSLookup.h
+    ixwebsocket/IXExponentialBackoff.h
+    ixwebsocket/IXHttp.h
+    ixwebsocket/IXHttpClient.h
+    ixwebsocket/IXHttpServer.h
     ixwebsocket/IXNetSystem.h
     ixwebsocket/IXProgressCallback.h
+    ixwebsocket/IXSelectInterrupt.h
+    ixwebsocket/IXSelectInterruptFactory.h
+    ixwebsocket/IXSetThreadName.h
+    ixwebsocket/IXSocket.h
+    ixwebsocket/IXSocketConnect.h
+    ixwebsocket/IXSocketFactory.h
+    ixwebsocket/IXSocketServer.h
+    ixwebsocket/IXSocketTLSOptions.h
+    ixwebsocket/IXUrlParser.h
+    ixwebsocket/IXUtf8Validator.h
+    ixwebsocket/IXUserAgent.h
     ixwebsocket/IXWebSocket.h
-    ixwebsocket/IXWebSocketServer.h
-    ixwebsocket/IXWebSocketTransport.h
-    ixwebsocket/IXWebSocketHandshake.h
-    ixwebsocket/IXWebSocketSendInfo.h
+    ixwebsocket/IXWebSocketCloseConstants.h
+    ixwebsocket/IXWebSocketCloseInfo.h
     ixwebsocket/IXWebSocketErrorInfo.h
+    ixwebsocket/IXWebSocketHandshake.h
+    ixwebsocket/IXWebSocketHttpHeaders.h
+    ixwebsocket/IXWebSocketInitResult.h
+    ixwebsocket/IXWebSocketMessage.h
+    ixwebsocket/IXWebSocketMessageQueue.h
+    ixwebsocket/IXWebSocketMessageType.h
+    ixwebsocket/IXWebSocketOpenInfo.h
     ixwebsocket/IXWebSocketPerMessageDeflate.h
     ixwebsocket/IXWebSocketPerMessageDeflateCodec.h
     ixwebsocket/IXWebSocketPerMessageDeflateOptions.h
-    ixwebsocket/IXWebSocketHttpHeaders.h
+    ixwebsocket/IXWebSocketSendInfo.h
+    ixwebsocket/IXWebSocketServer.h
+    ixwebsocket/IXWebSocketTransport.h
+    ixwebsocket/IXWebSocketVersion.h
+    ixwebsocket/LUrlParser.h
     ixwebsocket/libwshandshake.hpp
-    ixwebsocket/IXHttpClient.h
-    ixwebsocket/IXUrlParser.h
-    ixwebsocket/IXSelectInterrupt.h
-    ixwebsocket/IXSelectInterruptFactory.h
-    ixwebsocket/IXConnectionState.h
 )
 
 if (UNIX)
@@ -81,24 +105,32 @@ if (APPLE)
     list( APPEND IXWEBSOCKET_SOURCES ixwebsocket/apple/IXSetThreadName_apple.cpp)
 elseif (WIN32)
     list( APPEND IXWEBSOCKET_SOURCES ixwebsocket/windows/IXSetThreadName_windows.cpp)
+elseif (${CMAKE_SYSTEM_NAME} MATCHES "FreeBSD")
+    list( APPEND IXWEBSOCKET_SOURCES ixwebsocket/freebsd/IXSetThreadName_freebsd.cpp)
 else()
     list( APPEND IXWEBSOCKET_SOURCES ixwebsocket/linux/IXSetThreadName_linux.cpp)
     list( APPEND IXWEBSOCKET_SOURCES ixwebsocket/IXSelectInterruptEventFd.cpp)
     list( APPEND IXWEBSOCKET_HEADERS ixwebsocket/IXSelectInterruptEventFd.h)
 endif()
 
-set(USE_OPEN_SSL FALSE)
-if (USE_TLS)
-    add_definitions(-DIXWEBSOCKET_USE_TLS)
+option(USE_TLS "Enable TLS support" FALSE)
 
-    if (APPLE)
+if (USE_TLS)
+    if (WIN32)
+        option(USE_MBED_TLS "Use Mbed TLS" ON)
+    else()
+        option(USE_MBED_TLS "Use Mbed TLS" OFF)
+    endif()
+    option(USE_OPEN_SSL "Use OpenSSL" OFF)
+    
+    if (USE_MBED_TLS)
+        list( APPEND IXWEBSOCKET_HEADERS ixwebsocket/IXSocketMbedTLS.h)
+        list( APPEND IXWEBSOCKET_SOURCES ixwebsocket/IXSocketMbedTLS.cpp)
+    elseif (APPLE AND NOT USE_OPEN_SSL)
         list( APPEND IXWEBSOCKET_HEADERS ixwebsocket/IXSocketAppleSSL.h)
         list( APPEND IXWEBSOCKET_SOURCES ixwebsocket/IXSocketAppleSSL.cpp)
-    elseif (WIN32)
-        list( APPEND IXWEBSOCKET_HEADERS ixwebsocket/IXSocketSChannel.h)
-        list( APPEND IXWEBSOCKET_SOURCES ixwebsocket/IXSocketSChannel.cpp)
     else()
-        set(USE_OPEN_SSL TRUE)
+        set(USE_OPEN_SSL ON)
         list( APPEND IXWEBSOCKET_HEADERS ixwebsocket/IXSocketOpenSSL.h)
         list( APPEND IXWEBSOCKET_SOURCES ixwebsocket/IXSocketOpenSSL.cpp)
     endif()
@@ -109,34 +141,73 @@ add_library( ixwebsocket STATIC
     ${IXWEBSOCKET_HEADERS}
 )
 
-if (APPLE AND USE_TLS)
+if (USE_TLS)
+    target_compile_definitions(ixwebsocket PUBLIC IXWEBSOCKET_USE_TLS)
+    if (USE_MBED_TLS)
+        target_compile_definitions(ixwebsocket PUBLIC IXWEBSOCKET_USE_MBED_TLS)
+    elseif (USE_OPEN_SSL)
+        target_compile_definitions(ixwebsocket PUBLIC IXWEBSOCKET_USE_OPEN_SSL)
+    endif()
+endif()
+
+if (APPLE AND USE_TLS AND NOT USE_MBED_TLS AND NOT USE_OPEN_SSL)
   target_link_libraries(ixwebsocket "-framework foundation" "-framework security")
 endif()
 
-if (USE_OPEN_SSL)
-  find_package(OpenSSL REQUIRED)
+if (WIN32)
+  target_link_libraries(ixwebsocket wsock32 ws2_32 shlwapi)
+  add_definitions(-D_CRT_SECURE_NO_WARNINGS)
+endif()
+
+if (UNIX)
+  find_package(Threads)
+  target_link_libraries(ixwebsocket ${CMAKE_THREAD_LIBS_INIT})
+endif()
+
+if (USE_TLS AND USE_OPEN_SSL)
+
+  # Help finding Homebrew's OpenSSL on macOS
+  if (APPLE)
+    set(CMAKE_LIBRARY_PATH ${CMAKE_LIBRARY_PATH} /usr/local/opt/openssl/lib)
+    set(CMAKE_INCLUDE_PATH ${CMAKE_INCLUDE_PATH} /usr/local/opt/openssl/include)
+  endif()
+
+  if(NOT OPENSSL_FOUND)
+    find_package(OpenSSL REQUIRED)
+  endif()
   add_definitions(${OPENSSL_DEFINITIONS})
   message(STATUS "OpenSSL: " ${OPENSSL_VERSION})
   include_directories(${OPENSSL_INCLUDE_DIR})
   target_link_libraries(ixwebsocket ${OPENSSL_LIBRARIES})
 endif()
 
-if (WIN32)
+if (USE_TLS AND USE_MBED_TLS)
+  # FIXME I'm not too sure that this USE_VENDORED_THIRD_PARTY thing works
+  if (USE_VENDORED_THIRD_PARTY)
+    set (ENABLE_PROGRAMS OFF)
+    add_subdirectory(third_party/mbedtls)
+    include_directories(third_party/mbedtls/include)
+
+    target_link_libraries(ixwebsocket mbedtls)
+  else()
+    find_package(MbedTLS REQUIRED)
+    target_include_directories(ixwebsocket PUBLIC ${MBEDTLS_INCLUDE_DIRS})
+    target_link_libraries(ixwebsocket ${MBEDTLS_LIBRARIES})
+  endif()
+endif()
+
+find_package(ZLIB)
+if (ZLIB_FOUND)
+  include_directories(${ZLIB_INCLUDE_DIRS})
+  target_link_libraries(ixwebsocket ${ZLIB_LIBRARIES})
+else()
   add_subdirectory(third_party/zlib)
   include_directories(third_party/zlib ${CMAKE_CURRENT_BINARY_DIR}/third_party/zlib)
-  target_link_libraries(ixwebsocket zlibstatic wsock32 ws2_32)
-  add_definitions(-D_CRT_SECURE_NO_WARNINGS)
-
-else()
-  # gcc/Linux needs -pthread
-  find_package(Threads)
-
-  target_link_libraries(ixwebsocket 
-    z ${CMAKE_THREAD_LIBS_INIT})
+  target_link_libraries(ixwebsocket zlibstatic)
 endif()
 
 set( IXWEBSOCKET_INCLUDE_DIRS
-    .
+    ${CMAKE_CURRENT_SOURCE_DIR}
 )
 
 if (CMAKE_CXX_COMPILER_ID MATCHES "MSVC")
@@ -144,7 +215,7 @@ if (CMAKE_CXX_COMPILER_ID MATCHES "MSVC")
     target_compile_options(ixwebsocket PRIVATE /MP)
 endif()
 
-target_include_directories( ixwebsocket PUBLIC ${IXWEBSOCKET_INCLUDE_DIRS} )
+target_include_directories(ixwebsocket PUBLIC ${IXWEBSOCKET_INCLUDE_DIRS})
 
 set_target_properties(ixwebsocket PROPERTIES PUBLIC_HEADER "${IXWEBSOCKET_HEADERS}")
 
@@ -153,6 +224,19 @@ install(TARGETS ixwebsocket
         PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_PREFIX}/include/ixwebsocket/
 )
 
-if (NOT WIN32)
-    add_subdirectory(ws)
+if (USE_WS OR USE_TEST)
+  add_subdirectory(ixcore)
+  add_subdirectory(ixcrypto)
+  add_subdirectory(ixcobra)
+  add_subdirectory(ixsnake)
+  add_subdirectory(ixsentry)
+
+  add_subdirectory(third_party/spdlog spdlog)
+
+  if (USE_WS)
+      add_subdirectory(ws)
+  endif()
+  if (USE_TEST)
+      add_subdirectory(test)
+  endif()
 endif()

DOCKER_VERSION

@@ -1 +0,0 @@
-1.4.3

Dockerfile

@@ -1 +1 @@
-docker/Dockerfile.fedora
+docker/Dockerfile.centos

README.md

@@ -1,423 +1,47 @@
-# General
+## Hello world
 
-![Alt text](https://travis-ci.org/machinezone/IXWebSocket.svg?branch=master)
+![Build status badge](https://travis-ci.org/machinezone/IXWebSocket.svg?branch=master)
 
-## Introduction
+IXWebSocket is a C++ library for WebSocket client and server development. It has minimal dependencies (no boost), is very simple to use and support everything you'll likely need for websocket dev (SSL, deflate compression, compiles on most platforms, etc...). HTTP client and server code is also available, but it hasn't received as much testing.
 
-[*WebSocket*](https://en.wikipedia.org/wiki/WebSocket) is a computer communications protocol, providing full-duplex and bi-directionnal communication channels over a single TCP connection. *IXWebSocket* is a C++ library for client and server Websocket communication, and for client HTTP communication. The code is derived from [easywsclient](https://github.com/dhbaird/easywsclient) and from the [Satori C SDK](https://github.com/satori-com/satori-rtm-sdk-c). It has been tested on the following platforms.
+It is been used on big mobile video game titles sending and receiving tons of messages since 2017 (iOS and Android). It was tested on macOS, iOS, Linux, Android, Windows and FreeBSD. Two important design goals are simplicity and correctness.
 
-* macOS
-* iOS
-* Linux
-* Android
+```cpp
+// Required on Windows
+ix::initNetSystem();
 
-The code was made to compile once on Windows but support is currently broken on this platform.
-
-## Examples
-
-The [*ws*](https://github.com/machinezone/IXWebSocket/tree/master/ws) folder countains many interactive programs for chat, [file transfers](https://github.com/machinezone/IXWebSocket/blob/master/ws/ws_send.cpp), [curl like](https://github.com/machinezone/IXWebSocket/blob/master/ws/ws_http_client.cpp) http clients, demonstrating client and server usage.
-
-Here is what the client API looks like.
-
-```
+// Our websocket object
 ix::WebSocket webSocket;
 
 std::string url("ws://localhost:8080/");
 webSocket.setUrl(url);
 
-// Optional heart beat, sent every 45 seconds when there is not any traffic
-// to make sure that load balancers do not kill an idle connection.
-webSocket.setHeartBeatPeriod(45);
-
-// Setup a callback to be fired when a message or an event (open, close, error) is received
-webSocket.setOnMessageCallback(
-    [](ix::WebSocketMessageType messageType,
-       const std::string& str,
-       size_t wireSize,
-       const ix::WebSocketErrorInfo& error,
-       const ix::WebSocketOpenInfo& openInfo,
-       const ix::WebSocketCloseInfo& closeInfo)
+// Setup a callback to be fired (in a background thread, watch out for race conditions !)
+// when a message or an event (open, close, error) is received
+webSocket.setOnMessageCallback([](const ix::WebSocketMessagePtr& msg)
     {
-        if (messageType == ix::WebSocket_MessageType_Message)
+        if (msg->type == ix::WebSocketMessageType::Message)
         {
-            std::cout << str << std::endl;
+            std::cout << msg->str << std::endl;
         }
-});
+    }
+);
 
 // Now that our callback is setup, we can start our background thread and receive messages
 webSocket.start();
 
-// Send a message to the server (default to BINARY mode)
+// Send a message to the server (default to TEXT mode)
 webSocket.send("hello world");
-
-// The message can be sent in TEXT mode
-webSocket.sendText("hello again");
-
-// ... finally ...
-
-// Stop the connection
-webSocket.stop()
 ```
 
-Here is what the server API looks like. Note that server support is very recent and subject to changes.
+Interested? Go read the [docs](https://machinezone.github.io/IXWebSocket/)! If things don't work as expected, please create an issue on GitHub, or even better a pull request if you know how to fix your problem.
 
-```
-// Run a server on localhost at a given port.
-// Bound host name, max connections and listen backlog can also be passed in as parameters.
-ix::WebSocketServer server(port);
+IXWebSocket is actively being developed, check out the [changelog](https://machinezone.github.io/IXWebSocket/CHANGELOG/) to know what's cooking. If you are looking for a real time messaging service (the chat-like 'server' your websocket code will talk to) with many features such as history, backed by Redis, look at [cobra](https://github.com/machinezone/cobra).
 
-server.setOnConnectionCallback(
-    [&server](std::shared_ptr<WebSocket> webSocket,
-              std::shared_ptr<ConnectionState> connectionState)
-    {
-        webSocket->setOnMessageCallback(
-            [webSocket, connectionState, &server](ix::WebSocketMessageType messageType,
-               const std::string& str,
-               size_t wireSize,
-               const ix::WebSocketErrorInfo& error,
-               const ix::WebSocketOpenInfo& openInfo,
-               const ix::WebSocketCloseInfo& closeInfo)
-            {
-                if (messageType == ix::WebSocket_MessageType_Open)
-                {
-                    std::cerr << "New connection" << std::endl;
+IXWebSocket client code is autobahn compliant beginning with the 6.0.0 version. See the current [test results](https://bsergean.github.io/autobahn/reports/clients/index.html). Some tests are still failing in the server code.
 
-                    // A connection state object is available, and has a default id
-                    // You can subclass ConnectionState and pass an alternate factory
-                    // to override it. It is useful if you want to store custom
-                    // attributes per connection (authenticated bool flag, attributes, etc...)
-                    std::cerr << "id: " << connectionState->getId() << std::endl;
+## Users
 
-                    // The uri the client did connect to.
-                    std::cerr << "Uri: " << openInfo.uri << std::endl;
+If your company or project is using this library, feel free to open an issue or PR to amend this list.
 
-                    std::cerr << "Headers:" << std::endl;
-                    for (auto it : openInfo.headers)
-                    {
-                        std::cerr << it.first << ": " << it.second << std::endl;
-                    }
-                }
-                else if (messageType == ix::WebSocket_MessageType_Message)
-                {
-                    // For an echo server, we just send back to the client whatever was received by the server
-                    // All connected clients are available in an std::set. See the broadcast cpp example.
-                    webSocket->send(str);
-                }
-            }
-        );
-    }
-);
-
-auto res = server.listen();
-if (!res.first)
-{
-    // Error handling
-    return 1;
-}
-
-// Run the server in the background. Server can be stoped by calling server.stop()
-server.start();
-
-// Block until server.stop() is called.
-server.wait();
-
-```
-
-Here is what the HTTP client API looks like. Note that HTTP client support is very recent and subject to changes.
-
-```
-//
-// Preparation
-//
-HttpClient httpClient;
-HttpRequestArgs args;
-
-// Custom headers can be set
-WebSocketHttpHeaders headers;
-headers["Foo"] = "bar";
-args.extraHeaders = headers;
-
-// Timeout options
-args.connectTimeout = connectTimeout;
-args.transferTimeout = transferTimeout;
-
-// Redirect options
-args.followRedirects = followRedirects;
-args.maxRedirects = maxRedirects;
-
-// Misc
-args.compress = compress; // Enable gzip compression
-args.verbose = verbose;
-args.logger = [](const std::string& msg)
-{
-    std::cout << msg;
-};
-
-//
-// Request
-//
-HttpResponse out;
-std::string url = "https://www.google.com";
-
-// HEAD request
-out = httpClient.head(url, args);
-
-// GET request
-out = httpClient.get(url, args);
-
-// POST request with parameters
-HttpParameters httpParameters;
-httpParameters["foo"] = "bar";
-out = httpClient.post(url, httpParameters, args);
-
-// POST request with a body
-out = httpClient.post(url, std::string("foo=bar"), args);
-
-//
-// Result
-//
-auto statusCode = std::get<0>(out);
-auto errorCode = std::get<1>(out);
-auto responseHeaders = std::get<2>(out);
-auto payload = std::get<3>(out);
-auto errorMsg = std::get<4>(out);
-auto uploadSize = std::get<5>(out);
-auto downloadSize = std::get<6>(out);
-```
-
-## Build
-
-CMakefiles for the library and the examples are available. This library has few dependencies, so it is possible to just add the source files into your project. Otherwise the usual way will suffice.
-
-```
-mkdir build # make a build dir so that you can build out of tree.
-cd build
-cmake ..
-make -j
-make install # will install to /usr/local on Unix, on macOS it is a good idea to sudo chown -R `whoami`:staff /usr/local
-```
-
-Headers and a static library will be installed to the target dir.
-
-A [conan](https://conan.io/) file is available at [conan-IXWebSocket](https://github.com/Zinnion/conan-IXWebSocket).
-
-There is a unittest which can be executed by typing `make test`.
-
-There is a Dockerfile for running some code on Linux. To use docker-compose you must make a docker container first.
-
-```
-$ make docker
-...
-$ docker compose up &
-...
-$ docker exec -it ixwebsocket_ws_1 bash
-app@ca2340eb9106:~$ ws --help
-ws is a websocket tool
-...
-```
-
-Finally you can build and install the `ws command line tool` with Homebrew. The homebrew version might be slightly out of date.
-
-```
-brew tap bsergean/IXWebSocket
-brew install IXWebSocket
-```
-
-## Implementation details
-
-### Per Message Deflate compression.
-
-The per message deflate compression option is supported. It can lead to very nice bandbwith savings (20x !) if your messages are similar, which is often the case for example for chat applications. All features of the spec should be supported.
-
-### TLS/SSL
-
-Connections can be optionally secured and encrypted with TLS/SSL when using a wss:// endpoint, or using normal un-encrypted socket with ws:// endpoints. AppleSSL is used on iOS and macOS, and OpenSSL is used on Android and Linux.
-
-### Polling and background thread work
-
-No manual polling to fetch data is required. Data is sent and received instantly by using a background thread for receiving data and the select [system](http://man7.org/linux/man-pages/man2/select.2.html) call to be notified by the OS of incoming data. No timeout is used for select so that the background thread is only woken up when data is available, to optimize battery life. This is also the recommended way of using select according to the select tutorial, section [select law](https://linux.die.net/man/2/select_tut). Read and Writes to the socket are non blocking. Data is sent right away and not enqueued by writing directly to the socket, which is [possible](https://stackoverflow.com/questions/1981372/are-parallel-calls-to-send-recv-on-the-same-socket-valid) since system socket implementations allow concurrent read/writes. However concurrent writes need to be protected with mutex.
-
-### Automatic reconnection
-
-If the remote end (server) breaks the connection, the code will try to perpetually reconnect, by using an exponential backoff strategy, capped at one retry every 10 seconds.
-
-### Large messages
-
-Large frames are broken up into smaller chunks or messages to avoid filling up the os tcp buffers, which is permitted thanks to WebSocket [fragmentation](https://tools.ietf.org/html/rfc6455#section-5.4). Messages up to 1G were sent and received succesfully.
-
-## Limitations
-
-* No utf-8 validation is made when sending TEXT message with sendText()
-* Automatic reconnection works at the TCP socket level, and will detect remote end disconnects. However, if the device/computer network become unreachable (by turning off wifi), it is quite hard to reliably and timely detect it at the socket level using `recv` and `send` error codes. [Here](https://stackoverflow.com/questions/14782143/linux-socket-how-to-detect-disconnected-network-in-a-client-program) is a good discussion on the subject. This behavior is consistent with other runtimes such as node.js. One way to detect a disconnected device with low level C code is to do a name resolution with DNS but this can be expensive. Mobile devices have good and reliable API to do that.
-* The server code is using select to detect incoming data, and creates one OS thread per connection. This is not as scalable as strategies using epoll or kqueue.
-
-## C++ code organization
-
-Here is a simplistic diagram which explains how the code is structured in term of class/modules.
-
-```
-+-----------------------+ --- Public
-|                       | Start the receiving Background thread. Auto reconnection. Simple websocket Ping.
-|  IXWebSocket          | Interface used by C++ test clients. No IX dependencies.
-|                       |
-+-----------------------+
-|                       |
-|  IXWebSocketServer    | Run a server and give each connections its own WebSocket object.
-|                       | Each connection is handled in a new OS thread.
-|                       |
-+-----------------------+ --- Private
-|                       |
-|  IXWebSocketTransport | Low level websocket code, framing, managing raw socket. Adapted from easywsclient.
-|                       |
-+-----------------------+
-|                       |
-|  IXWebSocketHandshake | Establish the connection between client and server.
-|                       |
-+-----------------------+
-|                       |
-|  IXWebSocket          | ws://  Unencrypted Socket handler
-|  IXWebSocketAppleSSL  | wss:// TLS encrypted Socket AppleSSL handler. Used on iOS and macOS
-|  IXWebSocketOpenSSL   | wss:// TLS encrypted Socket OpenSSL handler.  Used on Android and Linux
-|                       |                                               Can be used on macOS too.
-+-----------------------+
-|                       |
-|  IXSocketConnect      | Connect to the remote host (client).
-|                       |
-+-----------------------+
-|                       |
-|  IXDNSLookup          | Does DNS resolution asynchronously so that it can be interrupted.
-|                       |
-+-----------------------+
-```
-
-## API
-
-### Sending messages
-
-`websocket.send("foo")` will send a message.
-
-If the connection was closed and sending failed, the return value will be set to false.
-
-### ReadyState
-
-`getReadyState()` returns the state of the connection. There are 4 possible states.
-
-1. WebSocket_ReadyState_Connecting - The connection is not yet open.
-2. WebSocket_ReadyState_Open       - The connection is open and ready to communicate.
-3. WebSocket_ReadyState_Closing    - The connection is in the process of closing.
-4. WebSocket_MessageType_Close     - The connection is closed or could not be opened.
-
-### Open and Close notifications
-
-The onMessage event will be fired when the connection is opened or closed. This is similar to the [Javascript browser API](https://developer.mozilla.org/en-US/docs/Web/API/WebSocket), which has `open` and `close` events notification that can be registered with the browser `addEventListener`.
-
-```
-webSocket.setOnMessageCallback(
-    [](ix::WebSocketMessageType messageType,
-       const std::string& str,
-       size_t wireSize,
-       const ix::WebSocketErrorInfo& error,
-       const ix::WebSocketOpenInfo& openInfo,
-       const ix::WebSocketCloseInfo& closeInfo)
-    {
-        if (messageType == ix::WebSocket_MessageType_Open)
-        {
-            std::cout << "send greetings" << std::endl;
-
-            // Headers can be inspected (pairs of string/string)
-            std::cout << "Handshake Headers:" << std::endl;
-            for (auto it : headers)
-            {
-                std::cout << it.first << ": " << it.second << std::endl;
-            }
-        }
-        else if (messageType == ix::WebSocket_MessageType_Close)
-        {
-            std::cout << "disconnected" << std::endl;
-
-            // The server can send an explicit code and reason for closing.
-            // This data can be accessed through the closeInfo object.
-            std::cout << closeInfo.code << std::endl;
-            std::cout << closeInfo.reason << std::endl;
-        }
-    }
-);
-```
-
-### Error notification
-
-A message will be fired when there is an error with the connection. The message type will be `ix::WebSocket_MessageType_Error`. Multiple fields will be available on the event to describe the error.
-
-```
-webSocket.setOnMessageCallback(
-    [](ix::WebSocketMessageType messageType,
-       const std::string& str,
-       size_t wireSize,
-       const ix::WebSocketErrorInfo& error,
-       const ix::WebSocketOpenInfo& openInfo,
-       const ix::WebSocketCloseInfo& closeInfo)
-    {
-        if (messageType == ix::WebSocket_MessageType_Error)
-        {
-            std::stringstream ss;
-            ss << "Error: "         << error.reason      << std::endl;
-            ss << "#retries: "      << event.retries     << std::endl;
-            ss << "Wait time(ms): " << event.wait_time   << std::endl;
-            ss << "HTTP Status: "   << event.http_status << std::endl;
-            std::cout << ss.str() << std::endl;
-        }
-    }
-);
-```
-
-### start, stop
-
-1. `websocket.start()` connect to the remote server and starts the message receiving background thread.
-2. `websocket.stop()` disconnect from the remote server and closes the background thread.
-
-### Configuring the remote url
-
-The url can be set and queried after a websocket object has been created. You will have to call `stop` and `start` if you want to disconnect and connect to that new url.
-
-```
-std::string url("wss://example.com");
-websocket.configure(url);
-```
-
-### Ping/Pong support
-
-Ping/pong messages are used to implement keep-alive. 2 message types exists to identify ping and pong messages. Note that when a ping message is received, a pong is instantly send back as requested by the WebSocket spec.
-
-```
-webSocket.setOnMessageCallback(
-    [](ix::WebSocketMessageType messageType,
-       const std::string& str,
-       size_t wireSize,
-       const ix::WebSocketErrorInfo& error,
-       const ix::WebSocketOpenInfo& openInfo,
-       const ix::WebSocketCloseInfo& closeInfo)
-    {
-        if (messageType == ix::WebSocket_MessageType_Ping ||
-            messageType == ix::WebSocket_MessageType_Pong)
-        {
-            std::cout << "pong data: " << str << std::endl;
-        }
-    }
-);
-```
-
-A ping message can be sent to the server, with an optional data string.
-
-```
-websocket.ping("ping data, optional (empty string is ok): limited to 125 bytes long");
-```
-
-### Heartbeat.
-
-You can configure an optional heart beat / keep-alive, sent every 45 seconds
-when there is no any traffic to make sure that load balancers do not kill an
-idle connection.
-
-```
-webSocket.setHeartBeatPeriod(45);
-```
+- [Machine Zone](https://www.mz.com)

SECURITY.md

@@ -0,0 +1,11 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 7.x.x   | :white_check_mark: |
+
+## Reporting a Vulnerability
+
+Users should send an email to bsergean@gmail.com to report a vulnerability.

appveyor.yml

@@ -1,10 +1,22 @@
 image:
 - Visual Studio 2017
-- Ubuntu
 
 install:
-- ls -al
+- cd C:\Tools\vcpkg
+- git pull
+- .\bootstrap-vcpkg.bat
+- cd %APPVEYOR_BUILD_FOLDER%
 - cmd: call "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvars64.bat"
-- python test/run.py
+- vcpkg install zlib:x64-windows
+- vcpkg install mbedtls:x64-windows
+- mkdir build
+- cd build
+- cmake -DCMAKE_TOOLCHAIN_FILE=c:/tools/vcpkg/scripts/buildsystems/vcpkg.cmake -DUSE_WS=1 -DUSE_TEST=1 -DUSE_TLS=1 -G"NMake Makefiles" ..
+- nmake
+- cd ..
+- cd test
+- ..\build\test\ixwebsocket_unittest.exe
+
+cache: c:\tools\vcpkg\installed\
 
 build: off

docker-compose.yml

@@ -1,33 +1,67 @@
 version: "3"
 services:
-  snake:
-    image: bsergean/ws:build
-    entrypoint: ws snake --port 8765 --host 0.0.0.0 --redis_hosts redis1
-    ports:
-      - "8765:8765"
-    networks:
-      - ws-net
-    depends_on:
-      - redis1
+  # snake:
+  #   image: bsergean/ws:build
+  #   entrypoint: ws snake --port 8767 --host 0.0.0.0 --redis_hosts redis1
+  #   ports:
+  #     - "8767:8767"
+  #   networks:
+  #     - ws-net
+  #   depends_on:
+  #     - redis1
 
-  ws:
-    security_opt:
-    - seccomp:unconfined
-    cap_add:
-    - SYS_PTRACE
+  # proxy:
+  #   image: bsergean/ws:build
+  #   entrypoint: strace ws proxy_server --remote_host 'wss://cobra.addsrv.com' --host 0.0.0.0 --port 8765 -v
+  #   ports:
+  #     - "8765:8765"
+  #   networks:
+  #     - ws-net
+
+  #pyproxy:
+  #  image: bsergean/ws_proxy:build
+  #  entrypoint: /usr/bin/ws_proxy.py --remote_url 'wss://cobra.addsrv.com' --host 0.0.0.0 --port 8765
+  #  ports:
+  #    - "8765:8765"
+  #  networks:
+  #    - ws-net
+
+  #      #  ws:
+  #      #    security_opt:
+  #      #    - seccomp:unconfined
+  #      #    cap_add:
+  #      #    - SYS_PTRACE
+  #      #    stdin_open: true
+  #      #    tty: true
+  #      #    image: bsergean/ws:build
+  #      #    entrypoint: sh
+  #      #    networks:
+  #      #      - ws-net
+  #      #    depends_on:
+  #      #      - redis1
+  #      #
+  #      #  redis1:
+  #      #    image: redis:alpine
+  #      #    networks:
+  #      #      - ws-net
+  #      #
+  #      #  statsd:
+  #      #    image: jaconel/statsd
+  #      #    ports:
+  #      #      - "8125:8125"
+  #      #    environment:
+  #      #      - STATSD_DUMP_MSG=true
+  #      #      - GRAPHITE_HOST=127.0.0.1
+  #      #    networks:
+  #      #      - ws-net
+
+  compile:
+    image: alpine
+    entrypoint: sh
     stdin_open: true
     tty: true
-    image: bsergean/ws:build
-    entrypoint: bash
-    networks:
-      - ws-net
-    depends_on:
-      - redis1
-
-  redis1:
-    image: redis:alpine
-    networks:
-      - ws-net
+    volumes:
+      - /Users/bsergeant/src/foss:/home/bsergean/src/foss
 
 networks:
   ws-net:

docker/Dockerfile.alpine

@@ -0,0 +1,39 @@
+FROM alpine:3.11 as build
+
+RUN apk add --no-cache gcc g++ musl-dev linux-headers cmake openssl-dev 
+RUN apk add --no-cache make
+RUN apk add --no-cache zlib-dev
+
+RUN addgroup -S app && adduser -S -G app app 
+RUN chown -R app:app /opt
+RUN chown -R app:app /usr/local
+
+# There is a bug in CMake where we cannot build from the root top folder
+# So we build from /opt
+COPY --chown=app:app . /opt
+WORKDIR /opt
+
+USER app
+RUN [ "make", "ws_install" ]
+RUN [ "rm", "-rf", "build" ]
+
+FROM alpine:3.11 as runtime
+
+RUN apk add --no-cache libstdc++
+RUN apk add --no-cache strace
+RUN apk add --no-cache gdb
+
+RUN addgroup -S app && adduser -S -G app app 
+COPY --chown=app:app --from=build /usr/local/bin/ws /usr/local/bin/ws
+RUN chmod +x /usr/local/bin/ws
+RUN ldd /usr/local/bin/ws
+
+# Copy source code for gcc
+COPY --chown=app:app --from=build /opt /opt
+
+# Now run in usermode
+USER app
+WORKDIR /home/app
+
+ENTRYPOINT ["ws"]
+EXPOSE 8008

docker/Dockerfile.centos

@@ -0,0 +1,35 @@
+FROM centos:8 as build
+
+RUN yum install -y gcc-c++ make cmake zlib-devel openssl-devel redhat-rpm-config 
+
+RUN groupadd app && useradd -g app app
+RUN chown -R app:app /opt
+RUN chown -R app:app /usr/local
+
+# There is a bug in CMake where we cannot build from the root top folder
+# So we build from /opt
+COPY --chown=app:app . /opt
+WORKDIR /opt
+
+USER app
+RUN [ "make", "ws_install" ]
+RUN [ "rm", "-rf", "build" ]
+
+FROM centos:8 as runtime
+
+RUN yum install -y gdb strace
+
+RUN groupadd app && useradd -g app app
+COPY --chown=app:app --from=build /usr/local/bin/ws /usr/local/bin/ws
+RUN chmod +x /usr/local/bin/ws
+RUN ldd /usr/local/bin/ws
+
+# Copy source code for gcc
+COPY --chown=app:app --from=build /opt /opt
+
+# Now run in usermode
+USER app
+WORKDIR /home/app
+
+ENTRYPOINT ["ws"]
+EXPOSE 8008

docker/Dockerfile.fedora

@@ -16,6 +16,7 @@ ENV PATH="${CMAKE_BIN_PATH}:${PATH}"
 
 RUN yum install -y python
 RUN yum install -y libtsan
+RUN yum install -y zlib-devel
 
 COPY . .
 # RUN ["make", "test"]

docker/Dockerfile.ubuntu_bionic

@@ -0,0 +1,23 @@
+# Build time
+FROM ubuntu:bionic as build
+
+ENV DEBIAN_FRONTEND noninteractive
+RUN apt-get update 
+RUN apt-get -y install wget 
+RUN mkdir -p /tmp/cmake
+WORKDIR /tmp/cmake
+RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz 
+RUN tar zxf cmake-3.14.0-Linux-x86_64.tar.gz
+
+RUN apt-get -y install g++ 
+RUN apt-get -y install libssl-dev
+RUN apt-get -y install libz-dev
+RUN apt-get -y install make
+RUN apt-get -y install python
+
+COPY . .
+
+ARG CMAKE_BIN_PATH=/tmp/cmake/cmake-3.14.0-Linux-x86_64/bin
+ENV PATH="${CMAKE_BIN_PATH}:${PATH}"
+
+RUN ["make", "ws"]

docker/Dockerfile.ubuntu_disco

@@ -0,0 +1,24 @@
+# Build time
+FROM ubuntu:disco as build
+
+ENV DEBIAN_FRONTEND noninteractive
+RUN apt-get update 
+RUN apt-get -y install wget 
+RUN mkdir -p /tmp/cmake
+WORKDIR /tmp/cmake
+RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz 
+RUN tar zxf cmake-3.14.0-Linux-x86_64.tar.gz
+
+RUN apt-get -y install g++ 
+RUN apt-get -y install libssl-dev
+RUN apt-get -y install libz-dev
+RUN apt-get -y install make
+RUN apt-get -y install python
+
+COPY . .
+
+ARG CMAKE_BIN_PATH=/tmp/cmake/cmake-3.14.0-Linux-x86_64/bin
+ENV PATH="${CMAKE_BIN_PATH}:${PATH}"
+
+# RUN ["make", "test"]
+CMD ["sh"]

docs/CHANGELOG.md

@@ -0,0 +1,437 @@
+# Changelog
+All changes to this project will be documented in this file.
+
+## [7.9.6] - 2020-01-22
+
+(ws) add a dnslookup sub-command, to get the ip address of a remote host
+
+## [7.9.5] - 2020-01-14
+
+(windows) fix #144, get rid of stubbed/un-implemented windows schannel ssl backend
+
+## [7.9.4] - 2020-01-12
+
+(openssl + mbedssl) fix #140, can send large files with ws send over ssl / still broken with apple ssl
+
+## [7.9.3] - 2020-01-10
+
+(apple ssl) model write method after the OpenSSL one for consistency
+
+## [7.9.2] - 2020-01-06
+
+(apple ssl) unify read and write ssl utility code
+
+## [7.9.1] - 2020-01-06
+
+(websocket client) better error propagation when errors are detected while sending data
+(ws send) detect failures to send big files, terminate in those cases and report error
+
+## [7.9.0] - 2020-01-04
+
+(ws send) add option (-x) to disable per message deflate compression
+
+## [7.8.9] - 2020-01-04
+
+(ws send + receive) handle all message types (ping + pong + fragment) / investigate #140
+
+## [7.8.8] - 2019-12-28
+
+(mbedtls) fix related to private key file parsing and initialization
+
+## [7.8.6] - 2019-12-28
+
+(ws cobra to sentry/statsd) fix for handling null events properly for empty queues + use queue to send data to statsd
+
+## [7.8.5] - 2019-12-28
+
+(ws cobra to sentry) handle null events for empty queues
+
+## [7.8.4] - 2019-12-27
+
+(ws cobra to sentry) game is picked in a fair manner, so that all games get the same share of sent events
+
+## [7.8.3] - 2019-12-27
+
+(ws cobra to sentry) refactor queue related code into a class
+
+## [7.8.2] - 2019-12-25
+
+(ws cobra to sentry) bound the queue size used to hold up cobra messages before they are sent to sentry. Default queue size is a 100 messages. Without such limit the program runs out of memory when a subscriber receive a lot of messages that cannot make it to sentry
+
+## [7.8.1] - 2019-12-25
+
+(ws client) use correct compilation defines so that spdlog is not used as a header only library (reduce binary size and increase compilation speed)
+
+## [7.8.0] - 2019-12-24
+
+(ws client) all commands use spdlog instead of std::cerr or std::cout for logging
+
+## [7.6.5] - 2019-12-24
+
+(cobra client) send a websocket ping every 30s to keep the connection opened
+
+## [7.6.4] - 2019-12-22
+
+(client) error handling, quote url in error case when failing to parse one
+(ws) ws_cobra_publish: register callbacks before connecting
+(doc) mention mbedtls in supported ssl server backend
+
+## [7.6.3] - 2019-12-20
+
+(tls) add a simple description of the TLS configuration routine for debugging
+
+## [7.6.2] - 2019-12-20
+
+(mbedtls) correct support for using own certificate and private key
+
+## [7.6.1] - 2019-12-20
+
+(ws commands) in websocket proxy, disable automatic reconnections + in Dockerfile, use alpine 3.11
+
+## [7.6.0] - 2019-12-19
+
+(cobra) Add TLS options to all cobra commands and classes. Add example to the doc.
+
+## [7.5.8] - 2019-12-18
+
+(cobra-to-sentry) capture application version from device field
+
+## [7.5.7] - 2019-12-18
+
+(tls) Experimental TLS server support with mbedtls (windows) + process cert tlsoption (client + server)
+
+## [7.5.6] - 2019-12-18
+
+(tls servers) Make it clear that apple ssl and mbedtls backends do not support SSL in server mode
+
+## [7.5.5] - 2019-12-17
+
+(tls options client) TLSOptions struct _validated member should be initialized to false
+
+## [7.5.4] - 2019-12-16
+
+(websocket client) improve the error message when connecting to a non websocket server
+
+Before:
+
+```
+Connection error: Got bad status connecting to example.com:443, status: 200, HTTP Status line: HTTP/1.1 200 OK
+```
+
+After:
+
+```
+Connection error: Expecting status 101 (Switching Protocol), got 200 status connecting to example.com:443, HTTP Status line: HTTP/1.1 200 OK
+```
+
+## [7.5.3] - 2019-12-12
+
+(server) attempt at fixing #131 by using blocking writes in server mode
+
+## [7.5.2] - 2019-12-11
+
+(ws) cobra to sentry - created events with sentry tags based on tags present in the cobra messages
+
+## [7.5.1] - 2019-12-06
+
+(mac) convert SSL errors to utf8
+
+## [7.5.0] - 2019-12-05
+
+- (ws) cobra to sentry. Handle Error 429 Too Many Requests and politely wait before sending more data to sentry.
+
+In the example below sentry we are sending data too fast, sentry asks us to slow down which we do. Notice how the sent count stop increasing, while we are waiting for 41 seconds.
+
+```
+[2019-12-05 15:50:33.759] [info] messages received 2449 sent 3
+[2019-12-05 15:50:34.759] [info] messages received 5533 sent 7
+[2019-12-05 15:50:35.759] [info] messages received 8612 sent 11
+[2019-12-05 15:50:36.759] [info] messages received 11562 sent 15
+[2019-12-05 15:50:37.759] [info] messages received 14410 sent 19
+[2019-12-05 15:50:38.759] [info] messages received 17236 sent 23
+[2019-12-05 15:50:39.282] [error] Error sending data to sentry: 429
+[2019-12-05 15:50:39.282] [error] Body: {"exception":[{"stacktrace":{"frames":[{"filename":"WorldScene.lua","function":"WorldScene.lua:1935","lineno":1958},{"filename":"WorldScene.lua","function":"onUpdate_WorldCam","lineno":1921},{"filename":"WorldMapTile.lua","function":"__index","lineno":239}]},"value":"noisytypes: Attempt to call nil(nil,2224139838)!"}],"platform":"python","sdk":{"name":"ws","version":"1.0.0"},"tags":[["game","niso"],["userid","107638363"],["environment","live"]],"timestamp":"2019-12-05T23:50:39Z"}
+
+[2019-12-05 15:50:39.282] [error] Response: {"error_name":"rate_limit","error":"Creation of this event was denied due to rate limiting"}
+[2019-12-05 15:50:39.282] [warning] Error 429 - Too Many Requests. ws will sleep and retry after 41 seconds
+[2019-12-05 15:50:39.760] [info] messages received 18839 sent 25
+[2019-12-05 15:50:40.760] [info] messages received 18839 sent 25
+[2019-12-05 15:50:41.760] [info] messages received 18839 sent 25
+[2019-12-05 15:50:42.761] [info] messages received 18839 sent 25
+[2019-12-05 15:50:43.762] [info] messages received 18839 sent 25
+[2019-12-05 15:50:44.763] [info] messages received 18839 sent 25
+[2019-12-05 15:50:45.768] [info] messages received 18839 sent 25
+```
+
+## [7.4.5] - 2019-12-03
+
+- (ws) #125 / fix build problem when jsoncpp is not installed locally
+
+## [7.4.4] - 2019-12-03
+
+- (ws) #125 / cmake detects an already installed jsoncpp and will try to use this one if present
+
+## [7.4.3] - 2019-12-03
+
+- (http client) use std::unordered_map instead of std::map for HttpParameters and HttpFormDataParameters class aliases
+
+## [7.4.2] - 2019-12-02
+
+- (client) internal IXDNSLookup class requires a valid cancellation request function callback to be passed in
+
+## [7.4.1] - 2019-12-02
+
+- (client) fix an overflow in the exponential back off code
+
+## [7.4.0] - 2019-11-25
+
+- (http client) Add support for multipart HTTP POST upload
+- (ixsentry) Add support for uploading a minidump to sentry
+
+## [7.3.5] - 2019-11-20
+
+- On Darwin SSL, add ability to skip peer verification.
+
+## [7.3.4] - 2019-11-20
+
+- 32-bits compile fix, courtesy of @fcojavmc
+
+## [7.3.1] - 2019-11-16
+
+- ws proxy_server / remote server close not forwarded to the client
+
+## [7.3.0] - 2019-11-15
+
+- New ws command: `ws proxy_server`.
+
+## [7.2.2] - 2019-11-01
+
+- Tag a release + minor reformating.
+
+## [7.2.1] - 2019-10-26
+
+- Add unittest to IXSentryClient to lua backtrace parsing code
+
+## [7.2.0] - 2019-10-24
+
+- Add cobra_metrics_to_redis sub-command to create streams for each cobra metric event being received.
+
+## [7.1.0] - 2019-10-13
+
+- Add client support for websocket subprotocol. Look for the new addSubProtocol method for details.
+
+## [7.0.0] - 2019-10-01
+
+- TLS support in server code, only implemented for the OpenSSL SSL backend for now.
+
+## [6.3.4] - 2019-09-30
+
+- all ws subcommands propagate tls options to servers (unimplemented) or ws or http client (implemented) (contributed by Matt DeBoer)
+
+## [6.3.3] - 2019-09-30
+
+- ws has a --version option
+
+## [6.3.2] - 2019-09-29
+
+- (http + websocket clients) can specify cacert and some other tls options (not implemented on all backend). This makes it so that server certs can finally be validated on windows.
+
+## [6.3.1] - 2019-09-29
+
+- Add ability to use OpenSSL on apple platforms.
+
+## [6.3.0] - 2019-09-28
+
+- ixcobra / fix crash in CobraConnection::publishNext when the queue is empty + handle CobraConnection_PublishMode_Batch in CobraMetricsThreadedPublisher
+
+## [6.2.9] - 2019-09-27
+
+- mbedtls fixes / the unittest now pass on macOS, and hopefully will on Windows/AppVeyor as well.
+
+## [6.2.8] - 2019-09-26
+
+- Http server: add options to ws https to redirect all requests to a given url. POST requests will get a 200 and an empty response.
+
+```
+ws httpd -L --redirect_url https://www.google.com
+```
+
+## [6.2.7] - 2019-09-25
+
+- Stop having ws send subcommand send a binary message in text mode, which would cause error in `make ws_test` shell script test.
+
+## [6.2.6] - 2019-09-24
+
+- Fix 2 race conditions detected with TSan, one in CobraMetricsPublisher::push and another one in WebSocketTransport::sendData (that one was bad).
+
+## [6.2.5] - 2019-09-23
+
+- Add simple Redis Server which is only capable of doing publish / subscribe. New ws redis_server sub-command to use it. The server is used in the unittest, so that we can run on CI in environment where redis isn not available like github actions env.
+
+## [6.2.4] - 2019-09-22
+
+- Add options to configure TLS ; contributed by Matt DeBoer. Only implemented for OpenSSL TLS backend for now.
+
+## [6.2.3] - 2019-09-21
+
+- Fix crash in the Linux unittest in the HTTP client code, in Socket::readBytes
+- Cobra Metrics Publisher code returns the message id of the message that got published, to be used to validated that it got sent properly when receiving an ack.
+
+## [6.2.2] - 2019-09-19
+
+- In DNS lookup code, make sure the weak pointer we use lives through the expected scope (if branch)
+
+## [6.2.1] - 2019-09-17
+
+- On error while doing a client handshake, additionally display port number next to the host name
+
+## [6.2.0] - 2019-09-09
+
+- websocket and http server: server does not close the bound client socket in many cases
+- improve some websocket error messages
+- add a utility function with unittest to parse status line and stop using scanf which triggers warnings on Windows
+- update ws CLI11 (our command line argument parsing library) to the latest, which fix a compiler bug about optional
+
+## [6.1.0] - 2019-09-08
+
+- move poll wrapper on top of select (only used on Windows) to the ix namespace
+
+## [6.0.1] - 2019-09-05
+
+- add cobra metrics publisher + server unittest
+- add cobra client + server unittest
+- ws snake (cobra simple server) add basic support for unsubscription + subscribe send the proper subscription data + redis client subscription can be cancelled
+- IXCobraConnection / pdu handlers can crash if they receive json data which is not an object
+
+## [6.0.0] - 2019-09-04
+
+- all client autobahn test should pass !
+- zlib/deflate has a bug with windowsbits == 8, so we silently upgrade it to 9/ (fix autobahn test 13.X which uses 8 for the windows size)
+
+## [5.2.0] - 2019-09-04
+
+- Fragmentation: for sent messages which are compressed, the continuation fragments should not have the rsv1 bit set (fix all autobahn tests for zlib compression 12.X)
+- Websocket Server / do a case insensitive string search when looking for an Upgrade header whose value is websocket. (some client use WebSocket with some upper-case characters)
+
+## [5.1.9] - 2019-09-03
+
+- ws autobahn / report progress with spdlog::info to get timing info
+- ws autobahn / use condition variables for stopping test case + add more logging on errors
+
+## [5.1.8] - 2019-09-03
+
+- Per message deflate/compression: handle fragmented messages (fix autobahn test: 12.1.X and probably others)
+
+## [5.1.7] - 2019-09-03
+
+- Receiving invalid UTF-8 TEXT message should fail and close the connection (fix remaining autobahn test: 6.X UTF-8 Handling)
+
+## [5.1.6] - 2019-09-03
+
+- Sending invalid UTF-8 TEXT message should fail and close the connection (fix remaining autobahn test: 6.X UTF-8 Handling)
+- Fix failing unittest which was sending binary data in text mode with WebSocket::send to call properly call WebSocket::sendBinary instead.
+- Validate that the reason is proper utf-8. (fix autobahn test 7.5.1)
+- Validate close codes. Autobahn 7.9.*
+
+## [5.1.5] - 2019-09-03
+
+Framentation: data and continuation blocks received out of order (fix autobahn test: 5.9 through 5.20 Fragmentation)
+
+## [5.1.4] - 2019-09-03
+
+Sending invalid UTF-8 TEXT message should fail and close the connection (fix **tons** of autobahn test: 6.X UTF-8 Handling)
+
+## [5.1.3] - 2019-09-03
+
+Message type (TEXT or BINARY) is invalid for received fragmented messages (fix autobahn test: 5.3 through 5.8 Fragmentation)
+
+## [5.1.2] - 2019-09-02
+
+Ping and Pong messages cannot be fragmented (fix autobahn test: 5.1 and 5.2 Fragmentation)
+
+## [5.1.1] - 2019-09-01
+
+Close connections when reserved bits are used (fix autobahn test: 3.X Reserved Bits)
+
+## [5.1.0] - 2019-08-31
+
+- ws autobahn / Add code to test websocket client compliance with the autobahn test-suite
+- add utf-8 validation code, not hooked up properly yet
+- Ping received with a payload too large (> 125 bytes) trigger a connection closure
+- cobra / add tracking about published messages
+- cobra / publish returns a message id, that can be used when
+- cobra / new message type in the message received handler when publish/ok is received (can be used to implement an ack system).
+
+## [5.0.9] - 2019-08-30
+
+- User-Agent header is set when not specified.
+- New option to cap the max wait between reconnection attempts. Still default to 10s. (setMaxWaitBetweenReconnectionRetries).
+
+```
+ws connect --max_wait 5000 ws://example.com # will only wait 5 seconds max between reconnection attempts
+```
+
+## [5.0.7] - 2019-08-23
+- WebSocket: add new option to pass in extra HTTP headers when connecting.
+- `ws connect` add new option (-H, works like [curl](https://stackoverflow.com/questions/356705/how-to-send-a-header-using-a-http-request-through-a-curl-call)) to pass in extra HTTP headers when connecting
+
+If you run against `ws echo_server` you will see the headers being received printed in the terminal.
+```
+ws connect -H "foo: bar" -H "baz: buz" ws://127.0.0.1:8008
+```
+
+- CobraConnection: sets a unique id field for all messages sent to [cobra](https://github.com/machinezone/cobra).
+- CobraConnection: sets a counter as a field for each event published.
+
+## [5.0.6] - 2019-08-22
+- Windows: silly compile error (poll should be in the global namespace)
+
+## [5.0.5] - 2019-08-22
+- Windows: use select instead of WSAPoll, through a poll wrapper
+
+## [5.0.4] - 2019-08-20
+- Windows build fixes (there was a problem with the use of ::poll that has a different name on Windows (WSAPoll))
+
+## [5.0.3] - 2019-08-14
+- CobraMetricThreadedPublisher _enable flag is an atomic, and CobraMetricsPublisher is enabled by default
+
+## [5.0.2] - 2019-08-01
+- ws cobra_subscribe has a new -q (quiet) option
+- ws cobra_subscribe knows to and display msg stats (count and # of messages received per second)
+- ws cobra_subscribe, cobra_to_statsd and cobra_to_sentry commands have a new option, --filter to restrict the events they want to receive
+
+## [5.0.1] - 2019-07-25
+- ws connect command has a new option to send in binary mode (still default to text)
+- ws connect command has readline history thanks to libnoise-cpp. Now ws connect one can use using arrows to lookup previous sent messages and edit them
+
+## [5.0.0] - 2019-06-23
+### Changed
+- New HTTP server / still very early. ws gained a new command, httpd can run a simple webserver serving local files.
+- IXDNSLookup. Uses weak pointer + smart_ptr + shared_from_this instead of static sets + mutex to handle object going away before dns lookup has resolved
+- cobra_to_sentry / backtraces are reversed and line number is not extracted correctly
+- mbedtls and zlib are searched with find_package, and we use the vendored version if nothing is found
+- travis CI uses g++ on Linux
+
+## [4.0.0] - 2019-06-09
+### Changed
+- WebSocket::send() sends message in TEXT mode by default
+- WebSocketMessage sets a new binary field, which tells whether the received incoming message is binary or text
+- WebSocket::send takes a third arg, binary which default to true (can be text too)
+- WebSocket callback only take one object, a const ix::WebSocketMessagePtr& msg
+- Add explicit WebSocket::sendBinary method
+- New headers + WebSocketMessage class to hold message data, still not used across the board
+- Add test/compatibility folder with small servers and clients written in different languages and different libraries to test compatibility.
+- ws echo_server has a -g option to print a greeting message on connect
+- IXSocketMbedTLS: better error handling in close and connect
+
+## [3.1.2] - 2019-06-06
+### Added
+- ws connect has a -x option to disable per message deflate
+- Add WebSocket::disablePerMessageDeflate() option.
+
+## [3.0.0] - 2019-06-xx
+### Changed
+- TLS, aka SSL works on Windows (websocket and http clients)
+- ws command line tool build on Windows
+- Async API for HttpClient
+- HttpClient API changed to use shared_ptr for response and request

docs/build.md

@@ -0,0 +1,61 @@
+## Build
+
+### CMake
+
+CMakefiles for the library and the examples are available. This library has few dependencies, so it is possible to just add the source files into your project. Otherwise the usual way will suffice.
+
+```
+mkdir build # make a build dir so that you can build out of tree.
+cd build
+cmake -DUSE_TLS=1 ..
+make -j
+make install # will install to /usr/local on Unix, on macOS it is a good idea to sudo chown -R `whoami`:staff /usr/local
+```
+
+Headers and a static library will be installed to the target dir.
+There is a unittest which can be executed by typing `make test`.
+
+Options for building:
+
+* `-DUSE_TLS=1` will enable TLS support
+* `-DUSE_MBED_TLS=1` will use [mbedlts](https://tls.mbed.org/) for the TLS support (default on Windows)
+* `-DUSE_WS=1` will build the ws interactive command line tool
+
+If you are on Windows, look at the [appveyor](https://github.com/machinezone/IXWebSocket/blob/master/appveyor.yml) file that has instructions for building dependencies.
+
+### vcpkg
+
+It is possible to get IXWebSocket through Microsoft [vcpkg](https://github.com/microsoft/vcpkg).
+
+```
+vcpkg install ixwebsocket
+```
+
+### Conan
+
+Support for building with conan was contributed by Olivia Zoe (thanks!). The package name to reference is `IXWebSocket/5.0.0@LunarWatcher/stable`, and a list of the uploaded versions is available on [Bintray](https://bintray.com/oliviazoe0/conan-packages/IXWebSocket%3ALunarWatcher). The package is in the process to be published to the official conan package repo, but in the meantime, it can be accessed by adding a new remote
+
+```
+conan remote add remote_name_here https://api.bintray.com/conan/oliviazoe0/conan-packages
+```
+
+### Docker
+
+There is a Dockerfile for running the unittest on Linux, and to run the `ws` tool. It is also available on the docker registry.
+
+```
+docker run bsergean/ws
+```
+
+To use docker-compose you must make a docker container first.
+
+```
+$ make docker
+...
+$ docker compose up &
+...
+$ docker exec -it ixwebsocket_ws_1 bash
+app@ca2340eb9106:~$ ws --help
+ws is a websocket tool
+...
+```

docs/cobra.md

@@ -0,0 +1,81 @@
+## General
+
+[cobra](https://github.com/machinezone/cobra) is a real time messaging server. The `ws` utility can run a cobra server (named snake), and has client to publish and subscribe to a cobra server.
+
+Bring up 3 terminals and run a server, a publisher and a subscriber in each one. As you publish data you should see it being received by the subscriber. You can run `redis-cli MONITOR` too to see how redis is being used.
+
+### Server
+
+You will need to have a redis server running locally. To run the server:
+
+```bash
+$ cd <ixwebsocket-top-level-folder>/ixsnake/ixsnake
+$ ws snake
+{
+  "apps": {
+    "FC2F10139A2BAc53BB72D9db967b024f": {
+      "roles": {
+        "_sub": {
+          "secret": "66B1dA3ED5fA074EB5AE84Dd8CE3b5ba"
+        },
+        "_pub": {
+          "secret": "1c04DB8fFe76A4EeFE3E318C72d771db"
+        }
+      }
+    }
+  }
+}
+
+redis host: 127.0.0.1
+redis password:
+redis port: 6379
+```
+
+### Publisher
+
+```bash
+$ cd <ixwebsocket-top-level-folder>/ws
+$ ws cobra_publish --appkey FC2F10139A2BAc53BB72D9db967b024f --endpoint ws://127.0.0.1:8008 --rolename _pub --rolesecret 1c04DB8fFe76A4EeFE3E318C72d771db test_channel cobraMetricsSample.json
+[2019-11-27 09:06:12.980] [info] Publisher connected
+[2019-11-27 09:06:12.980] [info] Connection: Upgrade
+[2019-11-27 09:06:12.980] [info] Sec-WebSocket-Accept: zTtQKMKbvwjdivURplYXwCVUCWM=
+[2019-11-27 09:06:12.980] [info] Sec-WebSocket-Extensions: permessage-deflate; server_max_window_bits=15; client_max_window_bits=15
+[2019-11-27 09:06:12.980] [info] Server: ixwebsocket/7.4.0 macos ssl/DarwinSSL zlib 1.2.11
+[2019-11-27 09:06:12.980] [info] Upgrade: websocket
+[2019-11-27 09:06:12.982] [info] Publisher authenticated
+[2019-11-27 09:06:12.982] [info] Published msg 3
+[2019-11-27 09:06:12.982] [info] Published message id 3 acked
+```
+
+### Subscriber
+
+```bash
+$ ws cobra_subscribe --appkey FC2F10139A2BAc53BB72D9db967b024f --endpoint ws://127.0.0.1:8008 --rolename _pub --rolesecret 1c04DB8fFe76A4EeFE3E318C72d771db test_channel
+#messages 0 msg/s 0
+[2019-11-27 09:07:39.341] [info] Subscriber connected
+[2019-11-27 09:07:39.341] [info] Connection: Upgrade
+[2019-11-27 09:07:39.341] [info] Sec-WebSocket-Accept: 9vkQWofz49qMCUlTSptCCwHWm+Q=
+[2019-11-27 09:07:39.341] [info] Sec-WebSocket-Extensions: permessage-deflate; server_max_window_bits=15; client_max_window_bits=15
+[2019-11-27 09:07:39.341] [info] Server: ixwebsocket/7.4.0 macos ssl/DarwinSSL zlib 1.2.11
+[2019-11-27 09:07:39.341] [info] Upgrade: websocket
+[2019-11-27 09:07:39.342] [info] Subscriber authenticated
+[2019-11-27 09:07:39.345] [info] Subscriber: subscribed to channel test_channel
+#messages 0 msg/s 0
+#messages 0 msg/s 0
+#messages 0 msg/s 0
+{"baz":123,"foo":"bar"}
+
+#messages 1 msg/s 1
+#messages 1 msg/s 0
+#messages 1 msg/s 0
+{"baz":123,"foo":"bar"}
+
+{"baz":123,"foo":"bar"}
+
+#messages 3 msg/s 2
+#messages 3 msg/s 0
+{"baz":123,"foo":"bar"}
+
+#messages 4 msg/s 1
+^C
+```

docs/design.md

@@ -0,0 +1,77 @@
+## Implementation details
+
+### Per Message Deflate compression.
+
+The per message deflate compression option is supported. It can lead to very nice bandbwith savings (20x !) if your messages are similar, which is often the case for example for chat applications. All features of the spec should be supported.
+
+### TLS/SSL
+
+Connections can be optionally secured and encrypted with TLS/SSL when using a wss:// endpoint, or using normal un-encrypted socket with ws:// endpoints. AppleSSL is used on iOS and macOS, OpenSSL is used on Android and Linux, mbedTLS is used on Windows.
+
+### Polling and background thread work
+
+No manual polling to fetch data is required. Data is sent and received instantly by using a background thread for receiving data and the select [system](http://man7.org/linux/man-pages/man2/select.2.html) call to be notified by the OS of incoming data. No timeout is used for select so that the background thread is only woken up when data is available, to optimize battery life. This is also the recommended way of using select according to the select tutorial, section [select law](https://linux.die.net/man/2/select_tut). Read and Writes to the socket are non blocking. Data is sent right away and not enqueued by writing directly to the socket, which is [possible](https://stackoverflow.com/questions/1981372/are-parallel-calls-to-send-recv-on-the-same-socket-valid) since system socket implementations allow concurrent read/writes. However concurrent writes need to be protected with mutex.
+
+### Automatic reconnection
+
+If the remote end (server) breaks the connection, the code will try to perpetually reconnect, by using an exponential backoff strategy, capped at one retry every 10 seconds. This behavior can be disabled.
+
+### Large messages
+
+Large frames are broken up into smaller chunks or messages to avoid filling up the os tcp buffers, which is permitted thanks to WebSocket [fragmentation](https://tools.ietf.org/html/rfc6455#section-5.4). Messages up to 1G were sent and received succesfully.
+
+### Testing
+
+The library has an interactive tool which is handy for testing compatibility ith other libraries. We have tested our client against Python, Erlang, Node.js, and C++ websocket server libraries.
+
+The unittest tries to be comprehensive, and has been running on multiple platforms, with different sanitizers such as a thread sanitizer to catch data races or the undefined behavior sanitizer.
+
+The regression test is running after each commit on travis.
+
+## Limitations
+
+* On Windows and Android certificate validation needs to be setup so that SocketTLSOptions.caFile point to a pem file, such as the one distributed by Firefox. Unless that setup is done connecting to a wss endpoint will display an error. On Windows with mbedtls the message will contain `error in handshake : X509 - Certificate verification failed, e.g. CRL, CA or signature check failed`.
+* There is no convenient way to embed a ca cert.
+* Automatic reconnection works at the TCP socket level, and will detect remote end disconnects. However, if the device/computer network become unreachable (by turning off wifi), it is quite hard to reliably and timely detect it at the socket level using `recv` and `send` error codes. [Here](https://stackoverflow.com/questions/14782143/linux-socket-how-to-detect-disconnected-network-in-a-client-program) is a good discussion on the subject. This behavior is consistent with other runtimes such as node.js. One way to detect a disconnected device with low level C code is to do a name resolution with DNS but this can be expensive. Mobile devices have good and reliable API to do that.
+* The server code is using select to detect incoming data, and creates one OS thread per connection. This is not as scalable as strategies using epoll or kqueue.
+
+## C++ code organization
+
+Here is a simplistic diagram which explains how the code is structured in term of class/modules.
+
+```
++-----------------------+ --- Public
+|                       | Start the receiving Background thread. Auto reconnection. Simple websocket Ping.
+|  IXWebSocket          | Interface used by C++ test clients. No IX dependencies.
+|                       |
++-----------------------+
+|                       |
+|  IXWebSocketServer    | Run a server and give each connections its own WebSocket object.
+|                       | Each connection is handled in a new OS thread.
+|                       |
++-----------------------+ --- Private
+|                       |
+|  IXWebSocketTransport | Low level websocket code, framing, managing raw socket. Adapted from easywsclient.
+|                       |
++-----------------------+
+|                       |
+|  IXWebSocketHandshake | Establish the connection between client and server.
+|                       |
++-----------------------+
+|                       |
+|  IXWebSocket          | ws://  Unencrypted Socket handler
+|  IXWebSocketAppleSSL  | wss:// TLS encrypted Socket AppleSSL handler. Used on iOS and macOS
+|  IXWebSocketOpenSSL   | wss:// TLS encrypted Socket OpenSSL handler.  Used on Android and Linux
+|                       |                                               Can be used on macOS too.
++-----------------------+
+|                       |
+|  IXSocketConnect      | Connect to the remote host (client).
+|                       |
++-----------------------+
+|                       |
+|  IXDNSLookup          | Does DNS resolution asynchronously so that it can be interrupted.
+|                       |
++-----------------------+
+```
+
+

docs/index.md

@@ -0,0 +1,51 @@
+![Alt text](https://travis-ci.org/machinezone/IXWebSocket.svg?branch=master)
+
+## Introduction
+
+[*WebSocket*](https://en.wikipedia.org/wiki/WebSocket) is a computer communications protocol, providing full-duplex and bi-directionnal communication channels over a single TCP connection. *IXWebSocket* is a C++ library for client and server Websocket communication, and for client and server HTTP communication. *TLS* aka *SSL* is supported. The code is derived from [easywsclient](https://github.com/dhbaird/easywsclient) and from the [Satori C SDK](https://github.com/satori-com/satori-rtm-sdk-c). It has been tested on the following platforms.
+
+* macOS
+* iOS
+* Linux
+* Android
+* Windows
+* FreeBSD
+
+## Example code
+
+```cpp
+// Required on Windows
+ix::initNetSystem();
+
+// Our websocket object
+ix::WebSocket webSocket;
+
+std::string url("ws://localhost:8080/");
+webSocket.setUrl(url);
+
+// Setup a callback to be fired when a message or an event (open, close, error) is received
+webSocket.setOnMessageCallback([](const ix::WebSocketMessagePtr& msg)
+    {
+        if (msg->type == ix::WebSocketMessageType::Message)
+        {
+            std::cout << msg->str << std::endl;
+        }
+    }
+);
+
+// Now that our callback is setup, we can start our background thread and receive messages
+webSocket.start();
+
+// Send a message to the server (default to TEXT mode)
+webSocket.send("hello world");
+```
+
+## Why another library?
+
+There are 2 main reasons that explain why IXWebSocket got written. First, we needed a C++ cross-platform client library, which should have few dependencies. What looked like the most solid one, [websocketpp](https://github.com/zaphoyd/websocketpp) did depend on boost and this was not an option for us. Secondly, there were other available libraries with fewer dependencies (C ones), but they required calling an explicit poll routine periodically to know if a client had received data from a server, which was not elegant.
+
+We started by solving those 2 problems, then we added server websocket code, then an HTTP client, and finally a very simple HTTP server.
+
+## Contributing
+
+IXWebSocket is developed on [GitHub](https://github.com/machinezone/IXWebSocket). We'd love to hear about how you use it; opening up an issue on GitHub is ok for that. If things don't work as expected, please create an issue on GitHub, or even better a pull request if you know how to fix your problem.

docs/usage.md

@@ -0,0 +1,466 @@
+# Examples
+
+The [*ws*](https://github.com/machinezone/IXWebSocket/tree/master/ws) folder countains many interactive programs for chat, [file transfers](https://github.com/machinezone/IXWebSocket/blob/master/ws/ws_send.cpp), [curl like](https://github.com/machinezone/IXWebSocket/blob/master/ws/ws_http_client.cpp) http clients, demonstrating client and server usage.
+
+## Windows note
+
+To use the network system on Windows, you need to initialize it once with *WSAStartup()* and clean it up with *WSACleanup()*. We have helpers for that which you can use, see below. This init would typically take place in your main function.
+
+```cpp
+#include <ixwebsocket/IXNetSystem.h>
+
+int main()
+{
+    ix::initNetSystem();
+
+    ...
+
+    ix::uninitNetSystem();
+    return 0;
+}
+```
+
+## WebSocket client API
+
+```cpp
+#include <ixwebsocket/IXWebSocket.h>
+
+...
+
+// Our websocket object
+ix::WebSocket webSocket;
+
+std::string url("ws://localhost:8080/");
+webSocket.setUrl(url);
+
+// Optional heart beat, sent every 45 seconds when there is not any traffic
+// to make sure that load balancers do not kill an idle connection.
+webSocket.setHeartBeatPeriod(45);
+
+// Per message deflate connection is enabled by default. You can tweak its parameters or disable it
+webSocket.disablePerMessageDeflate();
+
+// Setup a callback to be fired when a message or an event (open, close, error) is received
+webSocket.setOnMessageCallback([](const ix::WebSocketMessagePtr& msg)
+    {
+        if (msg->type == ix::WebSocketMessageType::Message)
+        {
+            std::cout << msg->str << std::endl;
+        }
+    }
+);
+
+// Now that our callback is setup, we can start our background thread and receive messages
+webSocket.start();
+
+// Send a message to the server (default to TEXT mode)
+webSocket.send("hello world");
+
+// The message can be sent in BINARY mode (useful if you send MsgPack data for example)
+webSocket.sendBinary("some serialized binary data");
+
+// ... finally ...
+
+// Stop the connection
+webSocket.stop()
+```
+
+### Sending messages
+
+`websocket.send("foo")` will send a message.
+
+If the connection was closed and sending failed, the return value will be set to false.
+
+### ReadyState
+
+`getReadyState()` returns the state of the connection. There are 4 possible states.
+
+1. ReadyState::Connecting - The connection is not yet open.
+2. ReadyState::Open       - The connection is open and ready to communicate.
+3. ReadyState::Closing    - The connection is in the process of closing.
+4. ReadyState::Closed     - The connection is closed or could not be opened.
+
+### Open and Close notifications
+
+The onMessage event will be fired when the connection is opened or closed. This is similar to the [JavaScript browser API](https://developer.mozilla.org/en-US/docs/Web/API/WebSocket), which has `open` and `close` events notification that can be registered with the browser `addEventListener`.
+
+```cpp
+webSocket.setOnMessageCallback([](const ix::WebSocketMessagePtr& msg)
+    {
+        if (msg->type == ix::WebSocketMessageType::Open)
+        {
+            std::cout << "send greetings" << std::endl;
+
+            // Headers can be inspected (pairs of string/string)
+            std::cout << "Handshake Headers:" << std::endl;
+            for (auto it : msg->headers)
+            {
+                std::cout << it.first << ": " << it.second << std::endl;
+            }
+        }
+        else if (msg->type == ix::WebSocketMessageType::Close)
+        {
+            std::cout << "disconnected" << std::endl;
+
+            // The server can send an explicit code and reason for closing.
+            // This data can be accessed through the closeInfo object.
+            std::cout << msg->closeInfo.code << std::endl;
+            std::cout << msg->closeInfo.reason << std::endl;
+        }
+    }
+);
+```
+
+### Error notification
+
+A message will be fired when there is an error with the connection. The message type will be `ix::WebSocketMessageType::Error`. Multiple fields will be available on the event to describe the error.
+
+```cpp
+webSocket.setOnMessageCallback([](const ix::WebSocketMessagePtr& msg)
+    {
+        if (msg->type == ix::WebSocketMessageType::Error)
+        {
+            std::stringstream ss;
+            ss << "Error: "         << msg->errorInfo.reason      << std::endl;
+            ss << "#retries: "      << msg->eventInfo.retries     << std::endl;
+            ss << "Wait time(ms): " << msg->eventInfo.wait_time   << std::endl;
+            ss << "HTTP Status: "   << msg->eventInfo.http_status << std::endl;
+            std::cout << ss.str() << std::endl;
+        }
+    }
+);
+```
+
+### start, stop
+
+1. `websocket.start()` connect to the remote server and starts the message receiving background thread.
+2. `websocket.stop()` disconnect from the remote server and closes the background thread.
+
+### Configuring the remote url
+
+The url can be set and queried after a websocket object has been created. You will have to call `stop` and `start` if you want to disconnect and connect to that new url.
+
+```cpp
+std::string url("wss://example.com");
+websocket.configure(url);
+```
+
+### Ping/Pong support
+
+Ping/pong messages are used to implement keep-alive. 2 message types exists to identify ping and pong messages. Note that when a ping message is received, a pong is instantly send back as requested by the WebSocket spec.
+
+```cpp
+webSocket.setOnMessageCallback([](const ix::WebSocketMessagePtr& msg)
+    {
+        if (msg->type == ix::WebSocketMessageType::Ping ||
+            msg->type == ix::WebSocketMessageType::Pong)
+        {
+            std::cout << "pong data: " << msg->str << std::endl;
+        }
+    }
+);
+```
+
+A ping message can be sent to the server, with an optional data string.
+
+```cpp
+websocket.ping("ping data, optional (empty string is ok): limited to 125 bytes long");
+```
+
+### Heartbeat.
+
+You can configure an optional heart beat / keep-alive, sent every 45 seconds
+when there is no any traffic to make sure that load balancers do not kill an
+idle connection.
+
+```cpp
+webSocket.setHeartBeatPeriod(45);
+```
+
+### Supply extra HTTP headers.
+
+You can set extra HTTP headers to be sent during the WebSocket handshake.
+
+```cpp
+WebSocketHttpHeaders headers;
+headers["foo"] = "bar";
+webSocket.setExtraHeaders(headers);
+```
+
+### Subprotocols
+
+You can specify subprotocols to be set during the WebSocket handshake. For more info you can refer to [this doc](https://hpbn.co/websocket/#subprotocol-negotiation).
+
+```cpp
+webSocket.addSubprotocol("appProtocol-v1");
+webSocket.addSubprotocol("appProtocol-v2");
+```
+
+The protocol that the server did accept is available in the open info `protocol` field.
+
+```cpp
+std::cout << "protocol: " << msg->openInfo.protocol << std::endl;
+```
+
+### Automatic reconnection
+
+Automatic reconnection kicks in when the connection is disconnected without the user consent. This feature is on by default and can be turned off.
+
+```cpp
+webSocket.enableAutomaticReconnection();  // turn on
+webSocket.disableAutomaticReconnection(); // turn off
+bool enabled = webSocket.isAutomaticReconnectionEnabled(); // query state
+```
+
+The technique to calculate wait time is called [exponential
+backoff](https://docs.aws.amazon.com/general/latest/gr/api-retries.html). Here
+are the default waiting times between attempts (from connecting with `ws connect ws://foo.com`)
+
+```
+> Connection error: Got bad status connecting to foo.com, status: 301, HTTP Status line: HTTP/1.1 301 Moved Permanently
+
+#retries: 1
+Wait time(ms): 100
+#retries: 2
+Wait time(ms): 200
+#retries: 3
+Wait time(ms): 400
+#retries: 4
+Wait time(ms): 800
+#retries: 5
+Wait time(ms): 1600
+#retries: 6
+Wait time(ms): 3200
+#retries: 7
+Wait time(ms): 6400
+#retries: 8
+Wait time(ms): 10000
+```
+
+The waiting time is capped by default at 10s between 2 attempts, but that value can be changed and queried.
+
+```cpp
+webSocket.setMaxWaitBetweenReconnectionRetries(5 * 1000); // 5000ms = 5s
+uint32_t m = webSocket.getMaxWaitBetweenReconnectionRetries();
+```
+
+### TLS support and configuration
+
+To leverage TLS features, the library must be compiled with the option `USE_TLS=1`.
+
+Then, secure sockets are automatically used when connecting to a `wss://*` url.
+
+Additional TLS options can be configured by passing a `ix::SocketTLSOptions` instance to the
+`setTLSOptions` on `ix::WebSocket` (or `ix::WebSocketServer` or `ix::HttpServer`)
+
+```cpp
+webSocket.setTLSOptions({
+    .certFile = "path/to/cert/file.pem",
+    .keyFile = "path/to/key/file.pem",
+    .caFile = "path/to/trust/bundle/file.pem"
+});
+```
+
+Specifying `certFile` and `keyFile` configures the certificate that will be used to communicate with TLS peers.
+
+On a client, this is only necessary for connecting to servers that require a client certificate.
+
+On a server, this is necessary for TLS support.
+
+Specifying `caFile` configures the trusted roots bundle file (in PEM format) that will be used to verify peer certificates.
+ - The special value of `SYSTEM` (the default) indicates that the system-configured trust bundle should be used; this is generally what you want when connecting to any publicly exposed API/server.
+ - The special value of `NONE` can be used to disable peer verification; this is only recommended to rule out certificate verification when testing connectivity.
+
+For a client, specifying `caFile` can be used if connecting to a server that uses a self-signed cert, or when using a custom CA in an internal environment.
+
+For a server, specifying `caFile` implies that:
+1. You require clients to present a certificate
+1. It must be signed by one of the trusted roots in the file
+
+## WebSocket server API
+
+```cpp
+#include <ixwebsocket/IXWebSocketServer.h>
+
+...
+
+// Run a server on localhost at a given port.
+// Bound host name, max connections and listen backlog can also be passed in as parameters.
+ix::WebSocketServer server(port);
+
+server.setOnConnectionCallback(
+    [&server](std::shared_ptr<WebSocket> webSocket,
+              std::shared_ptr<ConnectionState> connectionState)
+    {
+        webSocket->setOnMessageCallback(
+            [webSocket, connectionState, &server](const ix::WebSocketMessagePtr msg)
+            {
+                if (msg->type == ix::WebSocketMessageType::Open)
+                {
+                    std::cerr << "New connection" << std::endl;
+
+                    // A connection state object is available, and has a default id
+                    // You can subclass ConnectionState and pass an alternate factory
+                    // to override it. It is useful if you want to store custom
+                    // attributes per connection (authenticated bool flag, attributes, etc...)
+                    std::cerr << "id: " << connectionState->getId() << std::endl;
+
+                    // The uri the client did connect to.
+                    std::cerr << "Uri: " << msg->openInfo.uri << std::endl;
+
+                    std::cerr << "Headers:" << std::endl;
+                    for (auto it : msg->openInfo.headers)
+                    {
+                        std::cerr << it.first << ": " << it.second << std::endl;
+                    }
+                }
+                else if (msg->type == ix::WebSocketMessageType::Message)
+                {
+                    // For an echo server, we just send back to the client whatever was received by the server
+                    // All connected clients are available in an std::set. See the broadcast cpp example.
+                    // Second parameter tells whether we are sending the message in binary or text mode.
+                    // Here we send it in the same mode as it was received.
+                    webSocket->send(msg->str, msg->binary);
+                }
+            }
+        );
+    }
+);
+
+auto res = server.listen();
+if (!res.first)
+{
+    // Error handling
+    return 1;
+}
+
+// Run the server in the background. Server can be stoped by calling server.stop()
+server.start();
+
+// Block until server.stop() is called.
+server.wait();
+
+```
+
+## HTTP client API
+
+```cpp
+#include <ixwebsocket/IXHttpClient.h>
+
+...
+
+//
+// Preparation
+//
+HttpClient httpClient;
+HttpRequestArgsPtr args = httpClient.createRequest();
+
+// Custom headers can be set
+WebSocketHttpHeaders headers;
+headers["Foo"] = "bar";
+args->extraHeaders = headers;
+
+// Timeout options
+args->connectTimeout = connectTimeout;
+args->transferTimeout = transferTimeout;
+
+// Redirect options
+args->followRedirects = followRedirects;
+args->maxRedirects = maxRedirects;
+
+// Misc
+args->compress = compress; // Enable gzip compression
+args->verbose = verbose;
+args->logger = [](const std::string& msg)
+{
+    std::cout << msg;
+};
+
+//
+// Synchronous Request
+//
+HttpResponsePtr out;
+std::string url = "https://www.google.com";
+
+// HEAD request
+out = httpClient.head(url, args);
+
+// GET request
+out = httpClient.get(url, args);
+
+// POST request with parameters
+HttpParameters httpParameters;
+httpParameters["foo"] = "bar";
+out = httpClient.post(url, httpParameters, args);
+
+// POST request with a body
+out = httpClient.post(url, std::string("foo=bar"), args);
+
+//
+// Result
+//
+auto statusCode = response->statusCode; // Can be HttpErrorCode::Ok, HttpErrorCode::UrlMalformed, etc...
+auto errorCode = response->errorCode; // 200, 404, etc...
+auto responseHeaders = response->headers; // All the headers in a special case-insensitive unordered_map of (string, string)
+auto payload = response->payload; // All the bytes from the response as an std::string
+auto errorMsg = response->errorMsg; // Descriptive error message in case of failure
+auto uploadSize = response->uploadSize; // Byte count of uploaded data
+auto downloadSize = response->downloadSize; // Byte count of downloaded data
+
+//
+// Asynchronous Request
+//
+bool async = true;
+HttpClient httpClient(async);
+auto args = httpClient.createRequest(url, HttpClient::kGet);
+
+// Push the request to a queue,
+bool ok = httpClient.performRequest(args, [](const HttpResponsePtr& response)
+    {
+        // This callback execute in a background thread. Make sure you uses appropriate protection such as mutex
+        auto statusCode = response->statusCode; // acess results
+    }
+);
+
+// ok will be false if your httpClient is not async
+```
+
+## HTTP server API
+
+```cpp
+#include <ixwebsocket/IXHttpServer.h>
+
+ix::HttpServer server(port, hostname);
+
+auto res = server.listen();
+if (!res.first)
+{
+    std::cerr << res.second << std::endl;
+    return 1;
+}
+
+server.start();
+server.wait();
+```
+
+If you want to handle how requests are processed, implement the setOnConnectionCallback callback, which takes an HttpRequestPtr as input, and returns an HttpResponsePtr. You can look at HttpServer::setDefaultConnectionCallback for a slightly more advanced callback example.
+
+```cpp
+setOnConnectionCallback(
+    [this](HttpRequestPtr request,
+           std::shared_ptr<ConnectionState> /*connectionState*/) -> HttpResponsePtr
+    {
+        // Build a string for the response
+        std::stringstream ss;
+        ss << request->method
+           << " "
+           << request->uri;
+
+        std::string content = ss.str();
+
+        return std::make_shared<HttpResponse>(200, "OK",
+                                              HttpErrorCode::Ok,
+                                              WebSocketHttpHeaders(),
+                                              content);
+}
+```

docs/ws.md

@@ -0,0 +1,369 @@
+## General
+
+ws is a command line tool that should exercise most of the IXWebSocket code, and provide example code.
+
+```
+ws is a websocket tool
+Usage: ws [OPTIONS] SUBCOMMAND
+
+Options:
+  -h,--help                   Print this help message and exit
+
+Subcommands:
+  send                        Send a file
+  receive                     Receive a file
+  transfer                    Broadcasting server
+  connect                     Connect to a remote server
+  chat                        Group chat
+  echo_server                 Echo server
+  broadcast_server            Broadcasting server
+  ping                        Ping pong
+  curl                        HTTP Client
+  redis_publish               Redis publisher
+  redis_subscribe             Redis subscriber
+  cobra_subscribe             Cobra subscriber
+  cobra_publish               Cobra publisher
+  cobra_to_statsd             Cobra to statsd
+  cobra_to_sentry             Cobra to sentry
+  snake                       Snake server
+  httpd                       HTTP server
+```
+
+## curl
+
+The curl subcommand try to be compatible with the curl syntax, to fetch http pages.
+
+Making a HEAD request with the -I parameter.
+
+```
+$ ws curl -I https://www.google.com/
+
+Accept-Ranges: none
+Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
+Cache-Control: private, max-age=0
+Content-Type: text/html; charset=ISO-8859-1
+Date: Tue, 08 Oct 2019 21:36:57 GMT
+Expires: -1
+P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
+Server: gws
+Set-Cookie: NID=188=ASwfz8GrXQrHCLqAz-AndLOMLcz0rC9yecnf3h0yXZxRL3rTufTU_GDDwERp7qQL7LZ_EB8gCRyPXGERyOSAgaqgnrkoTmvWrwFemRLMaOZ896GrHobi5fV7VLklnSG2w48Gj8xMlwxfP7Z-bX-xR9UZxep1tHM6UmFQdD_GkBE; expires=Wed, 08-Apr-2020 21:36:57 GMT; path=/; domain=.google.com; HttpOnly
+Transfer-Encoding: chunked
+Vary: Accept-Encoding
+X-Frame-Options: SAMEORIGIN
+X-XSS-Protection: 0
+Upload size: 143
+Download size: 0
+Status: 200
+```
+
+Making a POST request with the -F parameter.
+
+```
+$ ws curl -F foo=bar https://httpbin.org/post
+foo: bar
+Downloaded 438 bytes out of 438
+Access-Control-Allow-Credentials: true
+Access-Control-Allow-Origin: *
+Connection: keep-alive
+Content-Encoding:
+Content-Length: 438
+Content-Type: application/json
+Date: Tue, 08 Oct 2019 21:47:54 GMT
+Referrer-Policy: no-referrer-when-downgrade
+Server: nginx
+X-Content-Type-Options: nosniff
+X-Frame-Options: DENY
+X-XSS-Protection: 1; mode=block
+Upload size: 219
+Download size: 438
+Status: 200
+payload: {
+  "args": {},
+  "data": "",
+  "files": {},
+  "form": {
+    "foo": "bar"
+  },
+  "headers": {
+    "Accept": "*/*",
+    "Content-Length": "7",
+    "Content-Type": "application/x-www-form-urlencoded",
+    "Host": "httpbin.org",
+    "User-Agent": "ixwebsocket/7.0.0 macos ssl/OpenSSL OpenSSL 1.0.2q  20 Nov 2018 zlib 1.2.11"
+  },
+  "json": null,
+  "origin": "155.94.127.118, 155.94.127.118",
+  "url": "https://httpbin.org/post"
+}
+```
+
+Passing in a custom header with -H.
+
+```
+$ ws curl -F foo=bar -H 'my_custom_header: baz' https://httpbin.org/post
+my_custom_header:  baz
+foo: bar
+Downloaded 470 bytes out of 470
+Access-Control-Allow-Credentials: true
+Access-Control-Allow-Origin: *
+Connection: keep-alive
+Content-Encoding:
+Content-Length: 470
+Content-Type: application/json
+Date: Tue, 08 Oct 2019 21:50:25 GMT
+Referrer-Policy: no-referrer-when-downgrade
+Server: nginx
+X-Content-Type-Options: nosniff
+X-Frame-Options: DENY
+X-XSS-Protection: 1; mode=block
+Upload size: 243
+Download size: 470
+Status: 200
+payload: {
+  "args": {},
+  "data": "",
+  "files": {},
+  "form": {
+    "foo": "bar"
+  },
+  "headers": {
+    "Accept": "*/*",
+    "Content-Length": "7",
+    "Content-Type": "application/x-www-form-urlencoded",
+    "Host": "httpbin.org",
+    "My-Custom-Header": "baz",
+    "User-Agent": "ixwebsocket/7.0.0 macos ssl/OpenSSL OpenSSL 1.0.2q  20 Nov 2018 zlib 1.2.11"
+  },
+  "json": null,
+  "origin": "155.94.127.118, 155.94.127.118",
+  "url": "https://httpbin.org/post"
+}
+```
+
+## connect
+
+The connect command connects to a websocket endpoint, and starts an interactive prompt. Line editing, such as using the direction keys to fetch the last thing you tried to type) is provided. That command is pretty useful to try to send random data to an endpoint and verify that the service handles it with grace (such as sending invalid json).
+
+```
+ws connect wss://echo.websocket.org
+Type Ctrl-D to exit prompt...
+Connecting to url: wss://echo.websocket.org
+> ws_connect: connected
+Uri: /
+Handshake Headers:
+Connection: Upgrade
+Date: Tue, 08 Oct 2019 21:38:44 GMT
+Sec-WebSocket-Accept: 2j6LBScZveqrMx1W/GJkCWvZo3M=
+sec-websocket-extensions:
+Server: Kaazing Gateway
+Upgrade: websocket
+Received ping
+Received ping
+Received ping
+Hello world !
+> Received 13 bytes
+ws_connect: received message: Hello world !
+> Hello world !
+> Received 13 bytes
+ws_connect: received message: Hello world !
+```
+
+```
+ws connect 'ws://jeanserge.com/v2?appkey=_pubsub'
+Type Ctrl-D to exit prompt...
+Connecting to url: ws://jeanserge.com/v2?appkey=_pubsub
+> ws_connect: connected
+Uri: /v2?appkey=_pubsub
+Handshake Headers:
+Connection: Upgrade
+Date: Tue, 08 Oct 2019 21:45:28 GMT
+Sec-WebSocket-Accept: LYHmjh9Gsu/Yw7aumQqyPObOEV4=
+Sec-WebSocket-Extensions: permessage-deflate; server_max_window_bits=15; client_max_window_bits=15
+Server: Python/3.7 websockets/8.0.2
+Upgrade: websocket
+bababababababab
+> ws_connect: connection closed: code 1000 reason
+
+ws_connect: connected
+Uri: /v2?appkey=_pubsub
+Handshake Headers:
+Connection: Upgrade
+Date: Tue, 08 Oct 2019 21:45:44 GMT
+Sec-WebSocket-Accept: I1rqxdLgTU+opPi5/zKPBTuXdLw=
+Sec-WebSocket-Extensions: permessage-deflate; server_max_window_bits=15; client_max_window_bits=15
+Server: Python/3.7 websockets/8.0.2
+Upgrade: websocket
+```
+
+## Websocket proxy
+
+```
+ws proxy_server --remote_host ws://127.0.0.1:9000 -v
+Listening on 127.0.0.1:8008
+```
+
+If you connect to ws://127.0.0.1:8008, the proxy will connect to ws://127.0.0.1:9000 and pass all traffic to this server.
+
+## File transfer
+
+```
+# Start transfer server, which is just a broadcast server at this point
+ws transfer # running on port 8080.
+
+# Start receiver first
+ws receive ws://localhost:8080
+
+# Then send a file. File will be received and written to disk by the receiver process
+ws send ws://localhost:8080 /file/to/path
+```
+
+## HTTP Client
+
+```
+$ ws curl --help
+HTTP Client
+Usage: ws curl [OPTIONS] url
+
+Positionals:
+  url TEXT REQUIRED           Connection url
+
+Options:
+  -h,--help                   Print this help message and exit
+  -d TEXT                     Form data
+  -F TEXT                     Form data
+  -H TEXT                     Header
+  --output TEXT               Output file
+  -I                          Send a HEAD request
+  -L                          Follow redirects
+  --max-redirects INT         Max Redirects
+  -v                          Verbose
+  -O                          Save output to disk
+  --compress                  Enable gzip compression
+  --connect-timeout INT       Connection timeout
+  --transfer-timeout INT      Transfer timeout
+```
+
+## Cobra client and server
+
+[cobra](https://github.com/machinezone/cobra) is a real time messenging server. ws has several sub-command to interact with cobra. There is also a minimal cobra compatible server named snake available.
+
+Below are examples on running a snake server and clients with TLS enabled (the server only works with the OpenSSL and the Mbed TLS backend for now).
+
+First, generate certificates.
+
+```
+$ cd /path/to/IXWebSocket
+$ cd ixsnake/ixsnake
+$ bash ../../ws/generate_certs.sh
+Generating RSA private key, 2048 bit long modulus
+.....+++
+.................+++
+e is 65537 (0x10001)
+generated ./.certs/trusted-ca-key.pem
+generated ./.certs/trusted-ca-crt.pem
+Generating RSA private key, 2048 bit long modulus
+..+++
+.......................................+++
+e is 65537 (0x10001)
+generated ./.certs/trusted-server-key.pem
+Signature ok
+subject=/O=machinezone/O=IXWebSocket/CN=trusted-server
+Getting CA Private Key
+generated ./.certs/trusted-server-crt.pem
+Generating RSA private key, 2048 bit long modulus
+...................................+++
+..................................................+++
+e is 65537 (0x10001)
+generated ./.certs/trusted-client-key.pem
+Signature ok
+subject=/O=machinezone/O=IXWebSocket/CN=trusted-client
+Getting CA Private Key
+generated ./.certs/trusted-client-crt.pem
+Generating RSA private key, 2048 bit long modulus
+..............+++
+.......................................+++
+e is 65537 (0x10001)
+generated ./.certs/untrusted-ca-key.pem
+generated ./.certs/untrusted-ca-crt.pem
+Generating RSA private key, 2048 bit long modulus
+..........+++
+................................................+++
+e is 65537 (0x10001)
+generated ./.certs/untrusted-client-key.pem
+Signature ok
+subject=/O=machinezone/O=IXWebSocket/CN=untrusted-client
+Getting CA Private Key
+generated ./.certs/untrusted-client-crt.pem
+Generating RSA private key, 2048 bit long modulus
+.....................................................................................+++
+...........+++
+e is 65537 (0x10001)
+generated ./.certs/selfsigned-client-key.pem
+Signature ok
+subject=/O=machinezone/O=IXWebSocket/CN=selfsigned-client
+Getting Private key
+generated ./.certs/selfsigned-client-crt.pem
+```
+
+Now run the snake server.
+
+```
+$ export certs=.certs
+$ ws snake --tls --port 8765 --cert-file ${certs}/trusted-server-crt.pem --key-file ${certs}/trusted-server-key.pem --ca-file ${certs}/trusted-ca-crt.pem
+{
+  "apps": {
+    "FC2F10139A2BAc53BB72D9db967b024f": {
+      "roles": {
+        "_sub": {
+          "secret": "66B1dA3ED5fA074EB5AE84Dd8CE3b5ba"
+        },
+        "_pub": {
+          "secret": "1c04DB8fFe76A4EeFE3E318C72d771db"
+        }
+      }
+    }
+  }
+}
+
+redis host: 127.0.0.1
+redis password:
+redis port: 6379
+```
+
+As a new connection comes in, such output should be printed
+
+```
+[2019-12-19 20:27:19.724] [info] New connection
+id: 0
+Uri: /v2?appkey=_health
+Headers:
+Connection: Upgrade
+Host: 127.0.0.1:8765
+Sec-WebSocket-Extensions: permessage-deflate; server_max_window_bits=15; client_max_window_bits=15
+Sec-WebSocket-Key: d747B0fE61Db73f7Eh47c0==
+Sec-WebSocket-Protocol: json
+Sec-WebSocket-Version: 13
+Upgrade: websocket
+User-Agent: ixwebsocket/7.5.8 macos ssl/OpenSSL OpenSSL 1.0.2q  20 Nov 2018 zlib 1.2.11
+```
+
+To connect and publish a message, do:
+
+```
+$ export certs=.certs
+$ cd /path/to/ws/folder
+$ ls cobraMetricsSample.json
+cobraMetricsSample.json
+$ ws cobra_publish --endpoint wss://127.0.0.1:8765 --appkey FC2F10139A2BAc53BB72D9db967b024f --rolename _pub --rolesecret 1c04DB8fFe76A4EeFE3E318C72d771db --channel foo --cert-file ${certs}/trusted-client-crt.pem --key-file ${certs}/trusted-client-key.pem --ca-file ${certs}/trusted-ca-crt.pem cobraMetricsSample.json
+[2019-12-19 20:46:42.656] [info] Publisher connected
+[2019-12-19 20:46:42.657] [info] Connection: Upgrade
+[2019-12-19 20:46:42.657] [info] Sec-WebSocket-Accept: rs99IFThoBrhSg+k8G4ixH9yaq4=
+[2019-12-19 20:46:42.657] [info] Sec-WebSocket-Extensions: permessage-deflate; server_max_window_bits=15; client_max_window_bits=15
+[2019-12-19 20:46:42.657] [info] Server: ixwebsocket/7.5.8 macos ssl/OpenSSL OpenSSL 1.0.2q  20 Nov 2018 zlib 1.2.11
+[2019-12-19 20:46:42.657] [info] Upgrade: websocket
+[2019-12-19 20:46:42.658] [info] Publisher authenticated
+[2019-12-19 20:46:42.658] [info] Published msg 3
+[2019-12-19 20:46:42.659] [info] Published message id 3 acked
+```
+
+To use OpenSSL on macOS, compile with `make ws_openssl`. First you will have to install OpenSSL libraries, which can be done with Homebrew. Use `make ws_mbedtls` accordingly to use MbedTLS.

ixcobra/CMakeLists.txt

@@ -0,0 +1,35 @@
+#
+# Author: Benjamin Sergeant
+# Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+#
+
+set (IXCOBRA_SOURCES
+    ixcobra/IXCobraConnection.cpp
+    ixcobra/IXCobraMetricsThreadedPublisher.cpp
+    ixcobra/IXCobraMetricsPublisher.cpp
+)
+
+set (IXCOBRA_HEADERS
+    ixcobra/IXCobraConnection.h
+    ixcobra/IXCobraMetricsThreadedPublisher.h
+    ixcobra/IXCobraMetricsPublisher.h
+)
+
+add_library(ixcobra STATIC
+    ${IXCOBRA_SOURCES}
+    ${IXCOBRA_HEADERS}
+)
+
+find_package(JsonCpp)
+if (NOT JSONCPP_FOUND)
+  set(JSONCPP_INCLUDE_DIRS ../third_party/jsoncpp)
+endif()
+
+set(IXCOBRA_INCLUDE_DIRS
+    .
+    ..
+    ../ixcore
+    ../ixcrypto
+    ${JSONCPP_INCLUDE_DIRS})
+
+target_include_directories( ixcobra PUBLIC ${IXCOBRA_INCLUDE_DIRS} )

ixcobra/ixcobra/IXCobraConnection.cpp

@@ -7,27 +7,35 @@
 #include "IXCobraConnection.h"
 #include <ixcrypto/IXHMac.h>
 #include <ixwebsocket/IXWebSocket.h>
+#include <ixwebsocket/IXSocketTLSOptions.h>
 
 #include <algorithm>
 #include <stdexcept>
 #include <cmath>
 #include <cassert>
 #include <cstring>
+#include <iostream>
+#include <sstream>
 
 
 namespace ix
 {
     TrafficTrackerCallback CobraConnection::_trafficTrackerCallback = nullptr;
+    PublishTrackerCallback CobraConnection::_publishTrackerCallback = nullptr;
     constexpr size_t CobraConnection::kQueueMaxSize;
+    constexpr CobraConnection::MsgId CobraConnection::kInvalidMsgId;
+    constexpr int CobraConnection::kPingIntervalSecs;
 
     CobraConnection::CobraConnection() :
         _webSocket(new WebSocket()),
         _publishMode(CobraConnection_PublishMode_Immediate),
         _authenticated(false),
-        _eventCallback(nullptr)
+        _eventCallback(nullptr),
+        _id(1)
     {
         _pdu["action"] = "rtm/publish";
 
+        _webSocket->addSubProtocol("json");
         initWebSocketOnMessageCallback();
     }
 
@@ -55,6 +63,24 @@ namespace ix
         }
     }
 
+    void CobraConnection::setPublishTrackerCallback(const PublishTrackerCallback& callback)
+    {
+        _publishTrackerCallback = callback;
+    }
+
+    void CobraConnection::resetPublishTrackerCallback()
+    {
+        setPublishTrackerCallback(nullptr);
+    }
+
+    void CobraConnection::invokePublishTrackerCallback(bool sent, bool acked)
+    {
+        if (_publishTrackerCallback)
+        {
+            _publishTrackerCallback(sent, acked);
+        }
+    }
+
     void CobraConnection::setEventCallback(const EventCallback& eventCallback)
     {
         std::lock_guard<std::mutex> lock(_eventCallbackMutex);
@@ -62,19 +88,20 @@ namespace ix
     }
 
     void CobraConnection::invokeEventCallback(ix::CobraConnectionEventType eventType,
-                                               const std::string& errorMsg,
-                                               const WebSocketHttpHeaders& headers,
-                                               const std::string& subscriptionId)
+                                              const std::string& errorMsg,
+                                              const WebSocketHttpHeaders& headers,
+                                              const std::string& subscriptionId,
+                                              CobraConnection::MsgId msgId)
     {
         std::lock_guard<std::mutex> lock(_eventCallbackMutex);
         if (_eventCallback)
         {
-            _eventCallback(eventType, errorMsg, headers, subscriptionId);
+            _eventCallback(eventType, errorMsg, headers, subscriptionId, msgId);
         }
     }
 
     void CobraConnection::invokeErrorCallback(const std::string& errorMsg,
-                                               const std::string& serializedPdu)
+                                              const std::string& serializedPdu)
     {
         std::stringstream ss;
         ss << errorMsg << " : received pdu => " << serializedPdu;
@@ -90,46 +117,41 @@ namespace ix
     void CobraConnection::initWebSocketOnMessageCallback()
     {
         _webSocket->setOnMessageCallback(
-            [this](ix::WebSocketMessageType messageType,
-                   const std::string& str,
-                   size_t wireSize,
-                   const ix::WebSocketErrorInfo& error,
-                   const ix::WebSocketOpenInfo& openInfo,
-                   const ix::WebSocketCloseInfo& closeInfo)
+            [this](const ix::WebSocketMessagePtr& msg)
             {
-                CobraConnection::invokeTrafficTrackerCallback(wireSize, true);
+                CobraConnection::invokeTrafficTrackerCallback(msg->wireSize, true);
 
                 std::stringstream ss;
-                if (messageType == ix::WebSocket_MessageType_Open)
+                if (msg->type == ix::WebSocketMessageType::Open)
                 {
                     invokeEventCallback(ix::CobraConnection_EventType_Open,
                                         std::string(),
-                                        openInfo.headers);
+                                        msg->openInfo.headers);
                     sendHandshakeMessage();
                 }
-                else if (messageType == ix::WebSocket_MessageType_Close)
+                else if (msg->type == ix::WebSocketMessageType::Close)
                 {
                     _authenticated = false;
 
                     std::stringstream ss;
-                    ss << "Close code " << closeInfo.code;
-                    ss << " reason " << closeInfo.reason;
+                    ss << "Close code " << msg->closeInfo.code;
+                    ss << " reason " << msg->closeInfo.reason;
                     invokeEventCallback(ix::CobraConnection_EventType_Closed,
                                         ss.str());
                 }
-                else if (messageType == ix::WebSocket_MessageType_Message)
+                else if (msg->type == ix::WebSocketMessageType::Message)
                 {
                     Json::Value data;
                     Json::Reader reader;
-                    if (!reader.parse(str, data))
+                    if (!reader.parse(msg->str, data))
                     {
-                        invokeErrorCallback("Invalid json", str);
+                        invokeErrorCallback("Invalid json", msg->str);
                         return;
                     }
 
                     if (!data.isMember("action"))
                     {
-                        invokeErrorCallback("Missing action", str);
+                        invokeErrorCallback("Missing action", msg->str);
                         return;
                     }
 
@@ -139,12 +161,12 @@ namespace ix
                     {
                         if (!handleHandshakeResponse(data))
                         {
-                            invokeErrorCallback("Error extracting nonce from handshake response", str);
+                            invokeErrorCallback("Error extracting nonce from handshake response", msg->str);
                         }
                     }
                     else if (action == "auth/handshake/error")
                     {
-                        invokeErrorCallback("Handshake error", str);
+                        invokeErrorCallback("Handshake error", msg->str);
                     }
                     else if (action == "auth/authenticate/ok")
                     {
@@ -154,7 +176,7 @@ namespace ix
                     }
                     else if (action == "auth/authenticate/error")
                     {
-                        invokeErrorCallback("Authentication error", str);
+                        invokeErrorCallback("Authentication error", msg->str);
                     }
                     else if (action == "rtm/subscription/data")
                     {
@@ -164,38 +186,53 @@ namespace ix
                     {
                         if (!handleSubscriptionResponse(data))
                         {
-                            invokeErrorCallback("Error processing subscribe response", str);
+                            invokeErrorCallback("Error processing subscribe response", msg->str);
                         }
                     }
                     else if (action == "rtm/subscribe/error")
                     {
-                        invokeErrorCallback("Subscription error", str);
+                        invokeErrorCallback("Subscription error", msg->str);
                     }
                     else if (action == "rtm/unsubscribe/ok")
                     {
                         if (!handleUnsubscriptionResponse(data))
                         {
-                            invokeErrorCallback("Error processing subscribe response", str);
+                            invokeErrorCallback("Error processing unsubscribe response", msg->str);
                         }
                     }
                     else if (action == "rtm/unsubscribe/error")
                     {
-                        invokeErrorCallback("Unsubscription error", str);
+                        invokeErrorCallback("Unsubscription error", msg->str);
+                    }
+                    else if (action == "rtm/publish/ok")
+                    {
+                        if (!handlePublishResponse(data))
+                        {
+                            invokeErrorCallback("Error processing publish response", msg->str);
+                        }
+                    }
+                    else if (action == "rtm/publish/error")
+                    {
+                        invokeErrorCallback("Publish error", msg->str);
                     }
                     else
                     {
-                        invokeErrorCallback("Un-handled message type", str);
+                        invokeErrorCallback("Un-handled message type", msg->str);
                     }
                 }
-                else if (messageType == ix::WebSocket_MessageType_Error)
+                else if (msg->type == ix::WebSocketMessageType::Error)
                 {
                     std::stringstream ss;
-                    ss << "Connection error: " << error.reason      << std::endl;
-                    ss << "#retries: "         << error.retries     << std::endl;
-                    ss << "Wait time(ms): "    << error.wait_time   << std::endl;
-                    ss << "HTTP Status: "      << error.http_status << std::endl;
+                    ss << "Connection error: " << msg->errorInfo.reason      << std::endl;
+                    ss << "#retries: "         << msg->errorInfo.retries     << std::endl;
+                    ss << "Wait time(ms): "    << msg->errorInfo.wait_time   << std::endl;
+                    ss << "HTTP Status: "      << msg->errorInfo.http_status << std::endl;
                     invokeErrorCallback(ss.str(), std::string());
                 }
+                else if (msg->type == ix::WebSocketMessageType::Pong)
+                {
+                    invokeEventCallback(ix::CobraConnection_EventType_Pong);
+                }
         });
     }
 
@@ -204,11 +241,17 @@ namespace ix
         _publishMode = publishMode;
     }
 
+    CobraConnectionPublishMode CobraConnection::getPublishMode()
+    {
+        return _publishMode;
+    }
+
     void CobraConnection::configure(const std::string& appkey,
                                     const std::string& endpoint,
                                     const std::string& rolename,
                                     const std::string& rolesecret,
-                                    const WebSocketPerMessageDeflateOptions& webSocketPerMessageDeflateOptions)
+                                    const WebSocketPerMessageDeflateOptions& webSocketPerMessageDeflateOptions,
+                                    const SocketTLSOptions& socketTLSOptions)
     {
         _roleName = rolename;
         _roleSecret = rolesecret;
@@ -221,6 +264,8 @@ namespace ix
         std::string url = ss.str();
         _webSocket->setUrl(url);
         _webSocket->setPerMessageDeflateOptions(webSocketPerMessageDeflateOptions);
+        _webSocket->setTLSOptions(socketTLSOptions);
+        _webSocket->setPingInterval(kPingIntervalSecs);
     }
 
     //
@@ -249,6 +294,7 @@ namespace ix
         Json::Value pdu;
         pdu["action"] = "auth/handshake";
         pdu["body"] = body;
+        pdu["id"] = Json::UInt64(_id++);
 
         std::string serializedJson = serializeJson(pdu);
         CobraConnection::invokeTrafficTrackerCallback(serializedJson.size(), false);
@@ -272,6 +318,8 @@ namespace ix
     //
     bool CobraConnection::handleHandshakeResponse(const Json::Value& pdu)
     {
+        if (!pdu.isObject()) return false;
+
         if (!pdu.isMember("body")) return false;
         Json::Value body = pdu["body"];
 
@@ -311,6 +359,7 @@ namespace ix
         Json::Value pdu;
         pdu["action"] = "auth/authenticate";
         pdu["body"] = body;
+        pdu["id"] = Json::UInt64(_id++);
 
         std::string serializedJson = serializeJson(pdu);
         CobraConnection::invokeTrafficTrackerCallback(serializedJson.size(), false);
@@ -320,6 +369,8 @@ namespace ix
 
     bool CobraConnection::handleSubscriptionResponse(const Json::Value& pdu)
     {
+        if (!pdu.isObject()) return false;
+
         if (!pdu.isMember("body")) return false;
         Json::Value body = pdu["body"];
 
@@ -336,6 +387,8 @@ namespace ix
 
     bool CobraConnection::handleUnsubscriptionResponse(const Json::Value& pdu)
     {
+        if (!pdu.isObject()) return false;
+
         if (!pdu.isMember("body")) return false;
         Json::Value body = pdu["body"];
 
@@ -352,6 +405,8 @@ namespace ix
 
     bool CobraConnection::handleSubscriptionData(const Json::Value& pdu)
     {
+        if (!pdu.isObject()) return false;
+
         if (!pdu.isMember("body")) return false;
         Json::Value body = pdu["body"];
 
@@ -376,6 +431,26 @@ namespace ix
         return true;
     }
 
+    bool CobraConnection::handlePublishResponse(const Json::Value& pdu)
+    {
+        if (!pdu.isObject()) return false;
+
+        if (!pdu.isMember("id")) return false;
+        Json::Value id = pdu["id"];
+
+        if (!id.isUInt64()) return false;
+
+        uint64_t msgId = id.asUInt64();
+
+        invokeEventCallback(ix::CobraConnection_EventType_Published,
+                            std::string(), WebSocketHttpHeaders(),
+                            std::string(), msgId);
+
+        invokePublishTrackerCallback(false, true);
+
+        return true;
+    }
+
     bool CobraConnection::connect()
     {
         _webSocket->start();
@@ -384,7 +459,7 @@ namespace ix
 
     bool CobraConnection::isConnected() const
     {
-        return _webSocket->getReadyState() == ix::WebSocket_ReadyState_Open;
+        return _webSocket->getReadyState() == ix::ReadyState::Open;
     }
 
     bool CobraConnection::isAuthenticated() const
@@ -398,51 +473,92 @@ namespace ix
         return _jsonWriter.write(value);
     }
 
-    //
-    // publish is not thread safe as we are trying to reuse some Json objects.
-    //
-    bool CobraConnection::publish(const Json::Value& channels,
-                                   const Json::Value& msg)
+    std::pair<CobraConnection::MsgId, std::string> CobraConnection::prePublish(
+        const Json::Value& channels,
+        const Json::Value& msg,
+        bool addToQueue)
     {
+        std::lock_guard<std::mutex> lock(_prePublishMutex);
+
+        invokePublishTrackerCallback(true, false);
+
+        CobraConnection::MsgId msgId = _id;
+
         _body["channels"] = channels;
         _body["message"] = msg;
         _pdu["body"] = _body;
+        _pdu["id"] = Json::UInt64(_id++);
 
         std::string serializedJson = serializeJson(_pdu);
 
-        if (_publishMode == CobraConnection_PublishMode_Batch)
+        if (addToQueue)
         {
             enqueue(serializedJson);
-            return true;
         }
 
-        //
-        // Fast path. We are authenticated and the publishing succeed
-        //            This should happen for 99% of the cases.
-        //
-        if (_authenticated && publishMessage(serializedJson))
+        return std::make_pair(msgId, serializedJson);
+    }
+
+    bool CobraConnection::publishNext()
+    {
+        std::lock_guard<std::mutex> lock(_queueMutex);
+
+        if (_messageQueue.empty()) return true;
+
+        auto&& msg = _messageQueue.back();
+        if (!publishMessage(msg))
         {
-            return true;
-        }
-        else // Or else we enqueue
-             // Slow code path is when we haven't connected yet (startup),
-             // or when the connection drops for some reason.
-        {
-            enqueue(serializedJson);
             return false;
         }
+        _messageQueue.pop_back();
+        return true;
+    }
+
+    //
+    // publish is not thread safe as we are trying to reuse some Json objects.
+    //
+    CobraConnection::MsgId CobraConnection::publish(const Json::Value& channels,
+                                                    const Json::Value& msg)
+    {
+        auto p = prePublish(channels, msg, false);
+        auto msgId = p.first;
+        auto serializedJson = p.second;
+
+        //
+        // 1. When we use batch mode, we just enqueue and will do the flush explicitely
+        // 2. When we aren't authenticated yet to the cobra server, we need to enqueue
+        //    and retry later
+        // 3. If the network connection was droped (WebSocket::send will return false),
+        //    it means the message won't be sent so we need to enqueue as well.
+        //
+        // The order of the conditionals is important.
+        //
+        if (_publishMode == CobraConnection_PublishMode_Batch || !_authenticated ||
+            !publishMessage(serializedJson))
+        {
+            enqueue(serializedJson);
+        }
+
+        return msgId;
     }
 
     void CobraConnection::subscribe(const std::string& channel,
-                                     SubscriptionCallback cb)
+                                    const std::string& filter,
+                                    SubscriptionCallback cb)
     {
         // Create and send a subscribe pdu
         Json::Value body;
         body["channel"] = channel;
 
+        if (!filter.empty())
+        {
+            body["filter"] = filter;
+        }
+
         Json::Value pdu;
         pdu["action"] = "rtm/subscribe";
         pdu["body"] = body;
+        pdu["id"] = Json::UInt64(_id++);
 
         _webSocket->send(pdu.toStyledString());
 
@@ -468,6 +584,7 @@ namespace ix
         Json::Value pdu;
         pdu["action"] = "rtm/unsubscribe";
         pdu["body"] = body;
+        pdu["id"] = Json::UInt64(_id++);
 
         _webSocket->send(pdu.toStyledString());
     }
@@ -501,27 +618,26 @@ namespace ix
     //
     bool CobraConnection::flushQueue()
     {
-        std::lock_guard<std::mutex> lock(_queueMutex);
-
-        while (!_messageQueue.empty())
+        while (!isQueueEmpty())
         {
-            auto&& msg = _messageQueue.back();
-            if (!publishMessage(msg))
-            {
-                _messageQueue.push_back(msg);
-                return false;
-            }
-            _messageQueue.pop_back();
+            bool ok = publishNext();
+            if (!ok) return false;
         }
 
         return true;
     }
 
+    bool CobraConnection::isQueueEmpty()
+    {
+        std::lock_guard<std::mutex> lock(_queueMutex);
+        return _messageQueue.empty();
+    }
+
     bool CobraConnection::publishMessage(const std::string& serializedJson)
     {
         auto webSocketSendInfo = _webSocket->send(serializedJson);
         CobraConnection::invokeTrafficTrackerCallback(webSocketSendInfo.wireSize,
-                                                       false);
+                                                      false);
         return webSocketSendInfo.success;
     }
 

ixcobra/ixcobra/IXCobraConnection.h

@@ -6,20 +6,21 @@
 
 #pragma once
 
+#include <ixwebsocket/IXWebSocketHttpHeaders.h>
+#include <ixwebsocket/IXWebSocketPerMessageDeflateOptions.h>
+#include <json/json.h>
+#include <memory>
 #include <mutex>
 #include <queue>
 #include <string>
 #include <thread>
 #include <unordered_map>
-#include <memory>
-
-#include <jsoncpp/json/json.h>
-#include <ixwebsocket/IXWebSocketHttpHeaders.h>
-#include <ixwebsocket/IXWebSocketPerMessageDeflateOptions.h>
+#include <limits>
 
 namespace ix
 {
     class WebSocket;
+    struct SocketTLSOptions;
 
     enum CobraConnectionEventType
     {
@@ -28,7 +29,9 @@ namespace ix
         CobraConnection_EventType_Open = 2,
         CobraConnection_EventType_Closed = 3,
         CobraConnection_EventType_Subscribed = 4,
-        CobraConnection_EventType_UnSubscribed = 5
+        CobraConnection_EventType_UnSubscribed = 5,
+        CobraConnection_EventType_Published = 6,
+        CobraConnection_EventType_Pong = 7
     };
 
     enum CobraConnectionPublishMode
@@ -41,12 +44,17 @@ namespace ix
     using EventCallback = std::function<void(CobraConnectionEventType,
                                              const std::string&,
                                              const WebSocketHttpHeaders&,
-                                             const std::string&)>;
+                                             const std::string&,
+                                             uint64_t msgId)>;
+
     using TrafficTrackerCallback = std::function<void(size_t size, bool incoming)>;
+    using PublishTrackerCallback = std::function<void(bool sent, bool acked)>;
 
     class CobraConnection
     {
     public:
+        using MsgId = uint64_t;
+
         CobraConnection();
         ~CobraConnection();
 
@@ -56,13 +64,21 @@ namespace ix
                        const std::string& endpoint,
                        const std::string& rolename,
                        const std::string& rolesecret,
-                       const WebSocketPerMessageDeflateOptions& webSocketPerMessageDeflateOptions);
+                       const WebSocketPerMessageDeflateOptions& webSocketPerMessageDeflateOptions,
+                       const SocketTLSOptions& socketTLSOptions);
 
+        /// Set the traffic tracker callback
         static void setTrafficTrackerCallback(const TrafficTrackerCallback& callback);
 
         /// Reset the traffic tracker callback to an no-op one.
         static void resetTrafficTrackerCallback();
 
+        /// Set the publish tracker callback
+        static void setPublishTrackerCallback(const PublishTrackerCallback& callback);
+
+        /// Reset the publish tracker callback to an no-op one.
+        static void resetPublishTrackerCallback();
+
         /// Set the closed callback
         void setEventCallback(const EventCallback& eventCallback);
 
@@ -72,12 +88,13 @@ namespace ix
         /// Publish a message to a channel
         ///
         /// No-op if the connection is not established
-        bool publish(const Json::Value& channels,
-                     const Json::Value& msg);
+        MsgId publish(const Json::Value& channels, const Json::Value& msg);
 
         // Subscribe to a channel, and execute a callback when an incoming
         // message arrives.
-        void subscribe(const std::string& channel, SubscriptionCallback cb);
+        void subscribe(const std::string& channel,
+                       const std::string& filter = std::string(),
+                       SubscriptionCallback cb = nullptr);
 
         /// Unsubscribe from a channel
         void unsubscribe(const std::string& channel);
@@ -100,10 +117,26 @@ namespace ix
         /// Set the publish mode
         void setPublishMode(CobraConnectionPublishMode publishMode);
 
+        /// Query the publish mode
+        CobraConnectionPublishMode getPublishMode();
+
         /// Lifecycle management. Free resources when backgrounding
         void suspend();
         void resume();
 
+        /// Prepare a message for transmission
+        /// (update the pdu, compute a msgId, serialize json to a string)
+        std::pair<CobraConnection::MsgId, std::string> prePublish(
+            const Json::Value& channels,
+            const Json::Value& msg,
+            bool addToQueue);
+
+        /// Attempt to send next message from the internal queue
+        bool publishNext();
+
+        // An invalid message id, signifying an error.
+        static constexpr MsgId kInvalidMsgId = 0;
+
     private:
         bool sendHandshakeMessage();
         bool handleHandshakeResponse(const Json::Value& data);
@@ -111,6 +144,7 @@ namespace ix
         bool handleSubscriptionData(const Json::Value& pdu);
         bool handleSubscriptionResponse(const Json::Value& pdu);
         bool handleUnsubscriptionResponse(const Json::Value& pdu);
+        bool handlePublishResponse(const Json::Value& pdu);
 
         void initWebSocketOnMessageCallback();
 
@@ -121,13 +155,19 @@ namespace ix
         /// Invoke the traffic tracker callback
         static void invokeTrafficTrackerCallback(size_t size, bool incoming);
 
+        /// Invoke the publish tracker callback
+        static void invokePublishTrackerCallback(bool sent, bool acked);
+
         /// Invoke event callbacks
         void invokeEventCallback(CobraConnectionEventType eventType,
                                  const std::string& errorMsg = std::string(),
                                  const WebSocketHttpHeaders& headers = WebSocketHttpHeaders(),
-                                 const std::string& subscriptionId = std::string());
-        void invokeErrorCallback(const std::string& errorMsg,
-                                 const std::string& serializedPdu);
+                                 const std::string& subscriptionId = std::string(),
+                                 uint64_t msgId = std::numeric_limits<uint64_t>::max());
+        void invokeErrorCallback(const std::string& errorMsg, const std::string& serializedPdu);
+
+        /// Tells whether the internal queue is empty or not
+        bool isQueueEmpty();
 
         ///
         /// Member variables
@@ -147,10 +187,14 @@ namespace ix
         Json::Value _pdu;
         Json::FastWriter _jsonWriter;
         mutable std::mutex _jsonWriterMutex;
+        std::mutex _prePublishMutex;
 
         /// Traffic tracker callback
         static TrafficTrackerCallback _trafficTrackerCallback;
 
+        /// Publish tracker callback
+        static PublishTrackerCallback _publishTrackerCallback;
+
         /// Cobra events callbacks
         EventCallback _eventCallback;
         mutable std::mutex _eventCallbackMutex;
@@ -169,6 +213,12 @@ namespace ix
 
         // Cap the queue size (100 elems so far -> ~100k)
         static constexpr size_t kQueueMaxSize = 256;
+
+        // Each pdu sent should have an incremental unique id
+        std::atomic<uint64_t> _id;
+
+        // Frequency at which we send a websocket ping to the backing cobra connection
+        static constexpr int kPingIntervalSecs = 30;
     };
 
 } // namespace ix

ixcobra/ixcobra/IXCobraMetricsPublisher.cpp

@@ -5,6 +5,7 @@
  */
 
 #include "IXCobraMetricsPublisher.h"
+#include <ixwebsocket/IXSocketTLSOptions.h>
 
 #include <algorithm>
 #include <stdexcept>
@@ -13,11 +14,11 @@
 namespace ix
 {
     const int CobraMetricsPublisher::kVersion = 1;
-    const std::string CobraMetricsPublisher::kSetRateControlId = "cms_set_rate_control_id";
-    const std::string CobraMetricsPublisher::kSetBlacklistId = "cms_set_blacklist_id";
+    const std::string CobraMetricsPublisher::kSetRateControlId = "sms_set_rate_control_id";
+    const std::string CobraMetricsPublisher::kSetBlacklistId = "sms_set_blacklist_id";
 
     CobraMetricsPublisher::CobraMetricsPublisher() :
-        _enabled(false)
+        _enabled(true)
     {
     }
 
@@ -31,14 +32,15 @@ namespace ix
                                           const std::string& channel,
                                           const std::string& rolename,
                                           const std::string& rolesecret,
-                                          bool enablePerMessageDeflate)
+                                          bool enablePerMessageDeflate,
+                                          const SocketTLSOptions& socketTLSOptions)
     {
         // Configure the satori connection and start its publish background thread
         _cobra_metrics_theaded_publisher.start();
 
         _cobra_metrics_theaded_publisher.configure(appkey, endpoint, channel,
                                                    rolename, rolesecret,
-                                                   enablePerMessageDeflate);
+                                                   enablePerMessageDeflate, socketTLSOptions);
     }
 
     Json::Value& CobraMetricsPublisher::getGenericAttributes()
@@ -135,23 +137,23 @@ namespace ix
         return ms;
     }
 
-    void CobraMetricsPublisher::push(const std::string& id,
-                                     const std::string& data,
-                                     bool shouldPushTest)
+    CobraConnection::MsgId CobraMetricsPublisher::push(const std::string& id,
+                                                       const std::string& data,
+                                                       bool shouldPushTest)
     {
-        if (!_enabled) return;
+        if (!_enabled) return CobraConnection::kInvalidMsgId;
 
         Json::Value root;
         Json::Reader reader;
-        if (!reader.parse(data, root)) return;
+        if (!reader.parse(data, root)) return CobraConnection::kInvalidMsgId;
 
-        push(id, root, shouldPushTest);
+        return push(id, root, shouldPushTest);
     }
 
-    void CobraMetricsPublisher::push(const std::string& id,
-                                     const CobraMetricsPublisher::Message& data)
+    CobraConnection::MsgId CobraMetricsPublisher::push(const std::string& id,
+                                                       const CobraMetricsPublisher::Message& data)
     {
-        if (!_enabled) return;
+        if (!_enabled) return CobraConnection::kInvalidMsgId;
 
         Json::Value root;
         for (auto it : data)
@@ -159,7 +161,7 @@ namespace ix
             root[it.first] = it.second;
         }
 
-        push(id, root);
+        return push(id, root);
     }
 
     bool CobraMetricsPublisher::shouldPush(const std::string& id) const
@@ -171,11 +173,12 @@ namespace ix
         return true;
     }
 
-    void CobraMetricsPublisher::push(const std::string& id,
-                                     const Json::Value& data,
-                                     bool shouldPushTest)
+    CobraConnection::MsgId CobraMetricsPublisher::push(
+        const std::string& id,
+        const Json::Value& data,
+        bool shouldPushTest)
     {
-        if (shouldPushTest && !shouldPush(id)) return;
+        if (shouldPushTest && !shouldPush(id)) return CobraConnection::kInvalidMsgId;
 
         setLastUpdate(id);
 
@@ -184,15 +187,28 @@ namespace ix
         msg["data"] = data;
         msg["session"] = _session;
         msg["version"] = kVersion;
-        msg["timestamp"] = getMillisecondsSinceEpoch();
+        msg["timestamp"] = Json::UInt64(getMillisecondsSinceEpoch());
 
         {
             std::lock_guard<std::mutex> lock(_device_mutex);
             msg["device"] = _device;
         }
 
+        {
+            //
+            // Bump a counter for each id
+            // This is used to make sure that we are not
+            // dropping messages, by checking that all the ids is the list of
+            // all natural numbers until the last value sent (0, 1, 2, ..., N)
+            //
+            std::lock_guard<std::mutex> lock(_device_mutex);
+            auto it = _counters.emplace(id, 0);
+            msg["per_id_counter"] = it.first->second;
+            it.first->second += 1;
+        }
+
         // Now actually enqueue the task
-        _cobra_metrics_theaded_publisher.push(msg);
+        return _cobra_metrics_theaded_publisher.push(msg);
     }
 
     void CobraMetricsPublisher::setPublishMode(CobraConnectionPublishMode publishMode)

ixcobra/ixcobra/IXCobraMetricsPublisher.h

@@ -7,15 +7,16 @@
 #pragma once
 
 #include "IXCobraMetricsThreadedPublisher.h"
-
-#include <jsoncpp/json/json.h>
-
+#include <atomic>
+#include <chrono>
+#include <json/json.h>
 #include <string>
 #include <unordered_map>
-#include <chrono>
 
 namespace ix
 {
+    struct SocketTLSOptions;
+
     class CobraMetricsPublisher
     {
     public:
@@ -28,10 +29,11 @@ namespace ix
         /// to make shouldPush as fast as possible. _enabled default to false.
         ///
         /// The code that set those is ran only once at init, and
-        /// the last value to be set is _enabled, which is also the first value checked in shouldPush,
-        /// so there shouldn't be any race condition.
+        /// the last value to be set is _enabled, which is also the first value checked in
+        /// shouldPush, so there shouldn't be any race condition.
         ///
-        /// 2. The queue of messages is thread safe, so multiple metrics can be safely pushed on multiple threads
+        /// 2. The queue of messages is thread safe, so multiple metrics can be safely pushed on
+        /// multiple threads
         ///
         /// 3. Access to _last_update is protected as it needs to be read/write.
         ///
@@ -43,7 +45,8 @@ namespace ix
                        const std::string& channel,
                        const std::string& rolename,
                        const std::string& rolesecret,
-                       bool enablePerMessageDeflate);
+                       bool enablePerMessageDeflate,
+                       const SocketTLSOptions& socketTLSOptions);
 
         /// Setter for the list of blacklisted metrics ids.
         /// That list is sorted internally for fast lookups
@@ -59,37 +62,36 @@ namespace ix
 
         /// Simple interface, list of key value pairs where typeof(key) == typeof(value) == string
         typedef std::unordered_map<std::string, std::string> Message;
-        void push(const std::string& id,
-                  const CobraMetricsPublisher::Message& data = CobraMetricsPublisher::Message());
+        CobraConnection::MsgId push(
+            const std::string& id,
+            const CobraMetricsPublisher::Message& data = CobraMetricsPublisher::Message());
 
-        /// Richer interface using json, which supports types (bool, int, float) and hierarchies of elements
+        /// Richer interface using json, which supports types (bool, int, float) and hierarchies of
+        /// elements
         ///
-        /// The shouldPushTest argument should be set to false, and used in combination with the shouldPush method
-        /// for places where we want to be as lightweight as possible when collecting metrics. When set to false,
-        /// it is used so that we don't do double work when computing whether a metrics should be sent or not.
-        void push(const std::string& id,
-                  const Json::Value& data,
-                  bool shouldPushTest = true);
+        /// The shouldPushTest argument should be set to false, and used in combination with the
+        /// shouldPush method for places where we want to be as lightweight as possible when
+        /// collecting metrics. When set to false, it is used so that we don't do double work when
+        /// computing whether a metrics should be sent or not.
+        CobraConnection::MsgId push(const std::string& id, const Json::Value& data, bool shouldPushTest = true);
 
         /// Interface used by lua. msg is a json encoded string.
-        void push(const std::string& id,
-                  const std::string& data,
-                  bool shouldPushTest = true);
+        CobraConnection::MsgId push(const std::string& id, const std::string& data, bool shouldPushTest = true);
 
         /// Tells whether a metric can be pushed.
         /// A metric can be pushed if it satisfies those conditions:
         ///
         /// 1. the metrics system should be enabled
         /// 2. the metrics shouldn't be black-listed
-        /// 3. the metrics shouldn't have reached its rate control limit at this "sampling"/"calling" time
+        /// 3. the metrics shouldn't have reached its rate control limit at this
+        /// "sampling"/"calling" time
         bool shouldPush(const std::string& id) const;
 
         /// Get generic information json object
         Json::Value& getGenericAttributes();
 
         /// Set generic information values
-        void setGenericAttributes(const std::string& attrName,
-                                  const Json::Value& value);
+        void setGenericAttributes(const std::string& attrName, const Json::Value& value);
 
         /// Set a unique id for the session. A uuid can be used.
         void setSession(const std::string& session) { _session = session; }
@@ -117,7 +119,6 @@ namespace ix
         bool isAuthenticated() const;
 
     private:
-
         /// Lookup an id in our metrics to see whether it is blacklisted
         /// Complexity is logarithmic
         bool isMetricBlacklisted(const std::string& id) const;
@@ -136,8 +137,8 @@ namespace ix
         CobraMetricsThreadedPublisher _cobra_metrics_theaded_publisher;
 
         /// A boolean to enable or disable this system
-        /// push becomes a no-op when _enabled is true
-        bool _enabled;
+        /// push becomes a no-op when _enabled is false
+        std::atomic<bool> _enabled;
 
         /// A uuid used to uniquely identify a session
         std::string _session;
@@ -150,15 +151,20 @@ namespace ix
         /// Metrics control (black list + rate control)
         std::vector<std::string> _blacklist;
         std::unordered_map<std::string, int> _rate_control;
-        std::unordered_map<std::string, std::chrono::time_point<std::chrono::steady_clock>> _last_update;
+        std::unordered_map<std::string, std::chrono::time_point<std::chrono::steady_clock>>
+            _last_update;
         mutable std::mutex _last_update_mutex; // protect access to _last_update
 
+        /// Bump a counter for each metric type
+        std::unordered_map<std::string, int> _counters;
+        mutable std::mutex _counters_mutex; // protect access to _counters
+
         // const strings for internal ids
         static const std::string kSetRateControlId;
         static const std::string kSetBlacklistId;
 
-        /// Our protocol version. Can be used by subscribers who would want to be backward compatible
-        /// if we change the way we arrange data
+        /// Our protocol version. Can be used by subscribers who would want to be backward
+        /// compatible if we change the way we arrange data
         static const int kVersion;
     };
 

ixcobra/ixcobra/IXCobraMetricsThreadedPublisher.cpp

@@ -6,12 +6,15 @@
 
 #include "IXCobraMetricsThreadedPublisher.h"
 #include <ixwebsocket/IXSetThreadName.h>
+#include <ixwebsocket/IXSocketTLSOptions.h>
+#include <ixcore/utils/IXCoreLogger.h>
 
 #include <algorithm>
 #include <stdexcept>
 #include <cmath>
 #include <cassert>
 #include <iostream>
+#include <sstream>
 
 
 namespace ix
@@ -24,7 +27,8 @@ namespace ix
             (ix::CobraConnectionEventType eventType,
              const std::string& errMsg,
              const ix::WebSocketHttpHeaders& headers,
-             const std::string& subscriptionId)
+             const std::string& subscriptionId,
+             CobraConnection::MsgId msgId)
             {
                 std::stringstream ss;
 
@@ -57,8 +61,16 @@ namespace ix
                 {
                     ss << "Unsubscribed through subscription id: " << subscriptionId;
                 }
+                else if (eventType == ix::CobraConnection_EventType_Published)
+                {
+                    ss << "Published message " << msgId << " acked";
+                }
+                else if (eventType == ix::CobraConnection_EventType_Pong)
+                {
+                    ss << "Received websocket pong";
+                }
 
-                std::cerr << ss.str() << std::endl;
+                ix::IXCoreLogger::Log(ss.str().c_str());
         });
     }
 
@@ -85,27 +97,25 @@ namespace ix
                                                   const std::string& channel,
                                                   const std::string& rolename,
                                                   const std::string& rolesecret,
-                                                  bool enablePerMessageDeflate)
+                                                  bool enablePerMessageDeflate,
+                                                  const SocketTLSOptions& socketTLSOptions)
     {
         _channel = channel;
 
+        ix::IXCoreLogger::Log(socketTLSOptions.getDescription().c_str());
+
         ix::WebSocketPerMessageDeflateOptions webSocketPerMessageDeflateOptions(enablePerMessageDeflate);
         _cobra_connection.configure(appkey, endpoint,
                                     rolename, rolesecret,
-                                    webSocketPerMessageDeflateOptions);
+                                    webSocketPerMessageDeflateOptions, socketTLSOptions);
     }
 
-    void CobraMetricsThreadedPublisher::pushMessage(MessageKind messageKind,
-                                                    const Json::Value& msg)
+    void CobraMetricsThreadedPublisher::pushMessage(MessageKind messageKind)
     {
-        // Now actually enqueue the task
         {
-            // acquire lock
             std::unique_lock<std::mutex> lock(_queue_mutex);
-
-            // add the task
-            _queue.push(std::make_pair(messageKind, msg));
-        } // release lock
+            _queue.push(messageKind);
+        }
 
         // wake up one thread
         _condition.notify_one();
@@ -125,11 +135,6 @@ namespace ix
     {
         setThreadName("CobraMetricsPublisher");
 
-        Json::Value channels;
-        channels.append(std::string());
-        channels.append(std::string());
-        const std::string messageIdKey("id");
-
         _cobra_connection.connect();
 
         while (true)
@@ -150,11 +155,8 @@ namespace ix
                     return;
                 }
 
-                auto item = _queue.front();
+                messageKind = _queue.front();
                 _queue.pop();
-
-                messageKind = item.first;
-                msg = item.second;
             }
 
             switch (messageKind)
@@ -173,37 +175,47 @@ namespace ix
 
                 case MessageKind::Message:
                 {
-                    ;
+                    if (_cobra_connection.getPublishMode() == CobraConnection_PublishMode_Immediate)
+                    {
+                        _cobra_connection.publishNext();
+                    }
                 }; break;
             }
-
-            //
-            // Publish to multiple channels. This let the consumer side
-            // easily subscribe to all message of a certain type, without having
-            // to do manipulations on the messages on the server side.
-            //
-            channels[0] = _channel;
-            if (msg.isMember(messageIdKey))
-            {
-                channels[1] = msg[messageIdKey];
-            }
-            _cobra_connection.publish(channels, msg);
         }
     }
 
-    void CobraMetricsThreadedPublisher::push(const Json::Value& msg)
+    CobraConnection::MsgId CobraMetricsThreadedPublisher::push(const Json::Value& msg)
     {
-        pushMessage(MessageKind::Message, msg);
+        static const std::string messageIdKey("id");
+
+        //
+        // Publish to multiple channels. This let the consumer side
+        // easily subscribe to all message of a certain type, without having
+        // to do manipulations on the messages on the server side.
+        //
+        Json::Value channels;
+
+        channels.append(_channel);
+        if (msg.isMember(messageIdKey))
+        {
+            channels.append(msg[messageIdKey]);
+        }
+        auto res = _cobra_connection.prePublish(channels, msg, true);
+        auto msgId = res.first;
+
+        pushMessage(MessageKind::Message);
+
+        return msgId;
     }
 
     void CobraMetricsThreadedPublisher::suspend()
     {
-        pushMessage(MessageKind::Suspend, Json::Value());
+        pushMessage(MessageKind::Suspend);
     }
 
     void CobraMetricsThreadedPublisher::resume()
     {
-        pushMessage(MessageKind::Resume, Json::Value());
+        pushMessage(MessageKind::Resume);
     }
 
     bool CobraMetricsThreadedPublisher::isConnected() const

ixcobra/ixcobra/IXCobraMetricsThreadedPublisher.h

@@ -7,19 +7,19 @@
 #pragma once
 
 #include "IXCobraConnection.h"
-
-#include <jsoncpp/json/json.h>
-
-#include <string>
-#include <queue>
-#include <mutex>
-#include <thread>
-#include <map>
 #include <atomic>
 #include <condition_variable>
+#include <json/json.h>
+#include <map>
+#include <mutex>
+#include <queue>
+#include <string>
+#include <thread>
 
 namespace ix
 {
+    struct SocketTLSOptions;
+
     class CobraMetricsThreadedPublisher
     {
     public:
@@ -27,20 +27,20 @@ namespace ix
         ~CobraMetricsThreadedPublisher();
 
         /// Configuration / set keys, etc...
-        /// All input data but the channel name is encrypted with rc4
         void configure(const std::string& appkey,
                        const std::string& endpoint,
                        const std::string& channel,
                        const std::string& rolename,
                        const std::string& rolesecret,
-                       bool enablePerMessageDeflate);
+                       bool enablePerMessageDeflate,
+                       const SocketTLSOptions& socketTLSOptions);
 
         /// Start the worker thread, used for background publishing
         void start();
 
         /// Push a msg to our queue of messages to be published to cobra on the background
         //  thread. Main user right now is the Cobra Metrics System
-        void push(const Json::Value& msg);
+        CobraConnection::MsgId push(const Json::Value& msg);
 
         /// Set cobra connection publish mode
         void setPublishMode(CobraConnectionPublishMode publishMode);
@@ -67,8 +67,7 @@ namespace ix
         };
 
         /// Push a message to be processed by the background thread
-        void pushMessage(MessageKind messageKind,
-                         const Json::Value& msg);
+        void pushMessage(MessageKind messageKind);
 
         /// Get a wait time which is increasing exponentially based on the number of retries
         uint64_t getWaitTimeExp(int retry_count);
@@ -98,7 +97,7 @@ namespace ix
         /// that it should wake up and take care of publishing it to cobra
         /// To shutdown the worker thread one has to set the _stop boolean to true.
         /// This is done in the destructor
-        std::queue<std::pair<MessageKind, Json::Value>> _queue;
+        std::queue<MessageKind> _queue;
         mutable std::mutex _queue_mutex;
         std::condition_variable _condition;
         std::atomic<bool> _stop;

ixcore/CMakeLists.txt

@@ -0,0 +1,19 @@
+#
+# Author: Benjamin Sergeant
+# Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+#
+
+set (IXCORE_SOURCES
+    ixcore/utils/IXCoreLogger.cpp
+)
+
+set (IXCORE_HEADERS
+    ixcore/utils/IXCoreLogger.h
+)
+
+add_library(ixcore STATIC
+    ${IXCORE_SOURCES}
+    ${IXCORE_HEADERS}
+)
+
+target_include_directories( ixcore PUBLIC . )

ixcore/ixcore/utils/IXCoreLogger.cpp

@@ -0,0 +1,14 @@
+#include "ixcore/utils/IXCoreLogger.h"
+
+
+namespace ix
+{
+// Default do nothing logger
+IXCoreLogger::LogFunc IXCoreLogger::_currentLogger = [](const char* /*msg*/){};
+
+void IXCoreLogger::Log(const char* msg)
+{
+    _currentLogger(msg);
+}
+
+} // ix

ixcore/ixcore/utils/IXCoreLogger.h

@@ -0,0 +1,18 @@
+#pragma once
+#include <functional>
+
+namespace ix
+{
+    class IXCoreLogger
+    {
+    public:
+        using LogFunc = std::function<void(const char*)>;
+        static void Log(const char* msg);
+
+        static void setLogFunction(LogFunc& func) { _currentLogger = func; }
+
+    private:
+        static LogFunc _currentLogger;
+    };
+
+} // namespace ix

ixcrypto/CMakeLists.txt

@@ -0,0 +1,54 @@
+#
+# Author: Benjamin Sergeant
+# Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+#
+set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/../CMake;${CMAKE_MODULE_PATH}")
+
+set (IXCRYPTO_SOURCES
+    ixcrypto/IXHMac.cpp
+    ixcrypto/IXBase64.cpp
+    ixcrypto/IXUuid.cpp
+    ixcrypto/IXHash.cpp
+)
+
+set (IXCRYPTO_HEADERS
+    ixcrypto/IXHMac.h
+    ixcrypto/IXBase64.h
+    ixcrypto/IXUuid.h
+    ixcrypto/IXHash.h
+)
+
+add_library(ixcrypto STATIC
+    ${IXCRYPTO_SOURCES}
+    ${IXCRYPTO_HEADERS}
+)
+
+set(IXCRYPTO_INCLUDE_DIRS 
+    .
+    ../ixcore)
+
+target_include_directories( ixcrypto PUBLIC ${IXCRYPTO_INCLUDE_DIRS} )
+
+# hmac computation needs a crypto library
+
+if (WIN32)
+  set(USE_MBED_TLS TRUE)
+endif()
+
+target_compile_definitions(ixcrypto PUBLIC IXCRYPTO_USE_TLS)
+if (USE_MBED_TLS)
+    find_package(MbedTLS REQUIRED)
+    target_include_directories(ixcrypto PUBLIC ${MBEDTLS_INCLUDE_DIRS})
+    target_link_libraries(ixcrypto ${MBEDTLS_LIBRARIES})
+    target_compile_definitions(ixcrypto PUBLIC IXCRYPTO_USE_MBED_TLS)
+elseif (APPLE)
+elseif (WIN32)
+else()
+    find_package(OpenSSL REQUIRED)
+    add_definitions(${OPENSSL_DEFINITIONS})
+    message(STATUS "OpenSSL: " ${OPENSSL_VERSION})
+    include_directories(${OPENSSL_INCLUDE_DIR})
+    target_link_libraries(ixcrypto ${OPENSSL_LIBRARIES})
+    target_compile_definitions(ixcrypto PUBLIC IXCRYPTO_USE_OPEN_SSL)
+endif()
+

ixcrypto/ixcrypto/IXBase64.cpp

@@ -35,15 +35,21 @@ namespace ix
     "0123456789+/";
 
     std::string base64_encode(const std::string& data, size_t len)
+    {
+        const char* bytes_to_encode = data.c_str();
+        return base64_encode(bytes_to_encode, len);
+    }
+
+    std::string base64_encode(const char* bytes_to_encode, size_t len)
     {
         std::string ret;
+        ret.reserve(((len + 2) / 3) * 4);
+
         int i = 0;
         int j = 0;
         unsigned char char_array_3[3];
         unsigned char char_array_4[4];
 
-        const char* bytes_to_encode = data.c_str();
-
         while(len--)
         {
             char_array_3[i++] = *(bytes_to_encode++);
@@ -95,6 +101,7 @@ namespace ix
         int in_ = 0;
         unsigned char char_array_4[4], char_array_3[3];
         std::string ret;
+        ret.reserve(((in_len + 3) / 4) * 3);
 
         while(in_len-- && ( encoded_string[in_] != '=') && is_base64(encoded_string[in_]))
         {

ixcrypto/ixcrypto/IXBase64.h

@@ -11,5 +11,6 @@
 namespace ix
 {
     std::string base64_encode(const std::string& data, size_t len);
+    std::string base64_encode(const char* data, size_t len);
     std::string base64_decode(const std::string& encoded_string);
-}
+} // namespace ix

ixcrypto/ixcrypto/IXHMac.cpp

@@ -3,13 +3,18 @@
  *  Author: Benjamin Sergeant
  *  Copyright (c) 2018 Machine Zone. All rights reserved.
  */
+
 #include "IXHMac.h"
 #include "IXBase64.h"
 
-#ifdef __APPLE__
+#if defined(IXCRYPTO_USE_MBED_TLS)
+# include <mbedtls/md.h>
+#elif defined(__APPLE__)
 # include <CommonCrypto/CommonHMAC.h>
-#else
+#elif defined(IXCRYPTO_USE_OPEN_SSL)
 # include <openssl/hmac.h>
+#else
+# error "Unsupported configuration"
 #endif
 
 namespace ix
@@ -19,16 +24,23 @@ namespace ix
         constexpr size_t hashSize = 16;
         unsigned char hash[hashSize];
 
-#ifdef __APPLE__
+#if defined(IXCRYPTO_USE_MBED_TLS)
+        mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_MD5),
+               (unsigned char *) key.c_str(), key.size(),
+               (unsigned char *) data.c_str(), data.size(),
+               (unsigned char *) &hash);
+#elif defined(__APPLE__)
         CCHmac(kCCHmacAlgMD5,
                key.c_str(), key.size(),
                data.c_str(), data.size(),
                &hash);
-#else
+#elif defined(IXCRYPTO_USE_OPEN_SSL)
         HMAC(EVP_md5(),
              key.c_str(), (int) key.size(),
              (unsigned char *) data.c_str(), (int) data.size(),
              (unsigned char *) hash, nullptr);
+#else
+#       error "Unsupported configuration"
 #endif
 
         std::string hashString(reinterpret_cast<char*>(hash), hashSize);

ixcrypto/ixcrypto/IXHash.h

@@ -13,4 +13,3 @@ namespace ix
 {
     uint64_t djb2Hash(const std::vector<uint8_t>& data);
 }
-

ixcrypto/ixcrypto/IXUuid.h

@@ -9,9 +9,9 @@
 
 namespace ix
 {
-   /**
-    * Generate a random uuid
-    */
-   std::string uuid4();
+    /**
+     * Generate a random uuid
+     */
+    std::string uuid4();
 
-}
+} // namespace ix

ixsentry/CMakeLists.txt

@@ -0,0 +1,30 @@
+#
+# Author: Benjamin Sergeant
+# Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+#
+
+set (IXSENTRY_SOURCES
+    ixsentry/IXSentryClient.cpp
+)
+
+set (IXSENTRY_HEADERS
+    ixsentry/IXSentryClient.h
+)
+
+add_library(ixsentry STATIC
+  ${IXSENTRY_SOURCES}
+  ${IXSENTRY_HEADERS}
+)
+
+find_package(JsonCpp)
+if (NOT JSONCPP_FOUND)
+  set(JSONCPP_INCLUDE_DIRS ../third_party/jsoncpp)
+endif()
+
+set(IXSENTRY_INCLUDE_DIRS
+    .
+    ..
+    ../ixcore
+    ${JSONCPP_INCLUDE_DIRS})
+
+target_include_directories( ixsentry PUBLIC ${IXSENTRY_INCLUDE_DIRS} )

ixsentry/ixsentry/IXSentryClient.cpp

@@ -0,0 +1,273 @@
+/*
+ *  IXSentryClient.cpp
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019 Machine Zone. All rights reserved.
+ */
+
+#include "IXSentryClient.h"
+
+#include <chrono>
+#include <iostream>
+#include <fstream>
+#include <sstream>
+#include <ixwebsocket/IXWebSocketHttpHeaders.h>
+#include <ixwebsocket/IXWebSocketVersion.h>
+#include <ixcore/utils/IXCoreLogger.h>
+
+
+namespace ix
+{
+    SentryClient::SentryClient(const std::string& dsn)
+        : _dsn(dsn)
+        , _validDsn(false)
+        , _luaFrameRegex("\t([^/]+):([0-9]+): in function ['<]([^/]+)['>]")
+        , _httpClient(std::make_shared<HttpClient>(true))
+    {
+        const std::regex dsnRegex("(http[s]?)://([^:]+):([^@]+)@([^/]+)/([0-9]+)");
+        std::smatch group;
+
+        if (std::regex_match(dsn, group, dsnRegex) && group.size() == 6)
+        {
+            _validDsn = true;
+
+            const auto scheme = group.str(1);
+            const auto host = group.str(4);
+            const auto project_id = group.str(5);
+            _url = scheme + "://" + host + "/api/" + project_id + "/store/";
+
+            _publicKey = group.str(2);
+            _secretKey = group.str(3);
+        }
+    }
+
+    int64_t SentryClient::getTimestamp()
+    {
+        const auto tp = std::chrono::system_clock::now();
+        const auto dur = tp.time_since_epoch();
+        return std::chrono::duration_cast<std::chrono::seconds>(dur).count();
+    }
+
+    std::string SentryClient::getIso8601()
+    {
+        std::time_t now;
+        std::time(&now);
+        char buf[sizeof("2011-10-08T07:07:09Z")];
+        std::strftime(buf, sizeof(buf), "%Y-%m-%dT%H:%M:%SZ", std::gmtime(&now));
+        return buf;
+    }
+
+    std::string SentryClient::computeAuthHeader()
+    {
+        std::string securityHeader("Sentry sentry_version=5");
+        securityHeader += ",sentry_client=ws/1.0.0";
+        securityHeader += ",sentry_timestamp=" + std::to_string(SentryClient::getTimestamp());
+        securityHeader += ",sentry_key=" + _publicKey;
+        securityHeader += ",sentry_secret=" + _secretKey;
+
+        return securityHeader;
+    }
+
+    Json::Value SentryClient::parseLuaStackTrace(const std::string& stack)
+    {
+        Json::Value frames;
+
+        // Split by lines
+        std::string line;
+        std::stringstream tokenStream(stack);
+
+        std::smatch group;
+
+        while (std::getline(tokenStream, line))
+        {
+            //	MapScene.lua:2169: in function 'singleCB'
+            if (std::regex_match(line, group, _luaFrameRegex))
+            {
+                const auto fileName = group.str(1);
+                const auto linenoStr = group.str(2);
+                const auto function = group.str(3);
+
+                std::stringstream ss;
+                ss << linenoStr;
+                uint64_t lineno;
+                ss >> lineno;
+
+                Json::Value frame;
+                frame["lineno"] = Json::UInt64(lineno);
+                frame["filename"] = fileName;
+                frame["function"] = function;
+
+                frames.append(frame);
+            }
+        }
+
+        std::reverse(frames.begin(), frames.end());
+
+        return frames;
+    }
+
+    std::string parseExceptionName(const std::string& stack)
+    {
+        // Split by lines
+        std::string line;
+        std::stringstream tokenStream(stack);
+
+        // Extract the first line
+        std::getline(tokenStream, line);
+
+        return line;
+    }
+
+    std::string SentryClient::computePayload(const Json::Value& msg)
+    {
+        Json::Value payload;
+
+        //
+        // "tags": [
+        //   [
+        //     "a",
+        //     "b"
+        //   ],
+        //  ]
+        //
+        Json::Value tags(Json::arrayValue);
+
+        payload["platform"] = "python";
+        payload["sdk"]["name"] = "ws";
+        payload["sdk"]["version"] = IX_WEBSOCKET_VERSION;
+        payload["timestamp"] = SentryClient::getIso8601();
+
+        bool isNoisyTypes = msg["id"].asString() == "game_noisytypes_id";
+
+        std::string stackTraceFieldName = isNoisyTypes ? "traceback" : "stack";
+        std::string stack;
+        std::string message;
+
+        if (isNoisyTypes)
+        {
+            stack = msg["data"][stackTraceFieldName].asString();
+            message = parseExceptionName(stack);
+        }
+        else // logging
+        {
+            if (msg["data"].isMember("info"))
+            {
+                stack = msg["data"]["info"][stackTraceFieldName].asString();
+                message = msg["data"]["info"]["message"].asString();
+
+                if (msg["data"].isMember("tags"))
+                {
+                    auto members = msg["data"]["tags"].getMemberNames();
+
+                    for (auto member : members)
+                    {
+                        Json::Value tag;
+                        tag.append(member);
+                        tag.append(msg["data"]["tags"][member]);
+                        tags.append(tag);
+                    }
+                }
+            }
+            else
+            {
+                stack = msg["data"][stackTraceFieldName].asString();
+                message = msg["data"]["message"].asString();
+            }
+        }
+
+        Json::Value exception;
+        exception["stacktrace"]["frames"] = parseLuaStackTrace(stack);
+        exception["value"] = message;
+
+        payload["exception"].append(exception);
+
+        Json::Value extra;
+        extra["cobra_event"] = msg;
+
+        // Builtin tags
+        Json::Value gameTag;
+        gameTag.append("game");
+        gameTag.append(msg["device"]["game"]);
+        tags.append(gameTag);
+
+        Json::Value userIdTag;
+        userIdTag.append("userid");
+        userIdTag.append(msg["device"]["user_id"]);
+        tags.append(userIdTag);
+
+        Json::Value environmentTag;
+        environmentTag.append("environment");
+        environmentTag.append(msg["device"]["environment"]);
+        tags.append(environmentTag);
+
+        Json::Value clientVersionTag;
+        clientVersionTag.append("client_version");
+        clientVersionTag.append(msg["device"]["app_version"]);
+        tags.append(clientVersionTag);
+
+        payload["tags"] = tags;
+
+        return _jsonWriter.write(payload);
+    }
+
+    std::pair<HttpResponsePtr, std::string> SentryClient::send(const Json::Value& msg, bool verbose)
+    {
+        auto args = _httpClient->createRequest();
+        args->extraHeaders["X-Sentry-Auth"] = SentryClient::computeAuthHeader();
+        args->connectTimeout = 60;
+        args->transferTimeout = 5 * 60;
+        args->followRedirects = true;
+        args->verbose = verbose;
+        args->logger = [](const std::string& msg) { ix::IXCoreLogger::Log(msg.c_str()); };
+
+        std::string body = computePayload(msg);
+        HttpResponsePtr response = _httpClient->post(_url, body, args);
+
+        return std::make_pair(response, body);
+    }
+
+    // https://sentry.io/api/12345/minidump?sentry_key=abcdefgh");
+    std::string SentryClient::computeUrl(const std::string& project, const std::string& key)
+    {
+        std::stringstream ss;
+        ss << "https://sentry.io/api/"
+           << project
+           << "/minidump?sentry_key="
+           << key;
+
+        return ss.str();
+    }
+
+    //
+    // curl -v -X POST -F upload_file_minidump=@ws/crash.dmp 'https://sentry.io/api/123456/minidump?sentry_key=12344567890'
+    //
+    void SentryClient::uploadMinidump(
+        const std::string& sentryMetadata,
+        const std::string& minidumpBytes,
+        const std::string& project,
+        const std::string& key,
+        bool verbose,
+        const OnResponseCallback& onResponseCallback)
+    {
+        std::string multipartBoundary = _httpClient->generateMultipartBoundary();
+
+        auto args = _httpClient->createRequest();
+        args->verb = HttpClient::kPost;
+        args->connectTimeout = 60;
+        args->transferTimeout = 5 * 60;
+        args->followRedirects = true;
+        args->verbose = verbose;
+        args->multipartBoundary = multipartBoundary;
+        args->logger = [](const std::string& msg) { ix::IXCoreLogger::Log(msg.c_str()); };
+
+        HttpFormDataParameters httpFormDataParameters;
+        httpFormDataParameters["upload_file_minidump"] = minidumpBytes;
+
+        HttpParameters httpParameters;
+        httpParameters["sentry"] = sentryMetadata;
+
+        args->url = computeUrl(project, key);
+        args->body = _httpClient->serializeHttpFormDataParameters(multipartBoundary, httpFormDataParameters, httpParameters);
+
+        _httpClient->performRequest(args, onResponseCallback);
+    }
+} // namespace ix

ixsentry/ixsentry/IXSentryClient.h

@@ -6,10 +6,11 @@
 
 #pragma once
 
-#include <jsoncpp/json/json.h>
-#include <regex>
-
+#include <algorithm>
 #include <ixwebsocket/IXHttpClient.h>
+#include <json/json.h>
+#include <regex>
+#include <memory>
 
 namespace ix
 {
@@ -19,7 +20,17 @@ namespace ix
         SentryClient(const std::string& dsn);
         ~SentryClient() = default;
 
-        bool send(const Json::Value& msg, bool verbose);
+        std::pair<HttpResponsePtr, std::string> send(const Json::Value& msg, bool verbose);
+
+        Json::Value parseLuaStackTrace(const std::string& stack);
+
+        void uploadMinidump(
+            const std::string& sentryMetadata,
+            const std::string& minidumpBytes,
+            const std::string& project,
+            const std::string& key,
+            bool verbose,
+            const OnResponseCallback& onResponseCallback);
 
     private:
         int64_t getTimestamp();
@@ -27,7 +38,9 @@ namespace ix
         std::string getIso8601();
         std::string computePayload(const Json::Value& msg);
 
-        Json::Value parseLuaStackTrace(const std::string& stack);
+        std::string computeUrl(const std::string& project, const std::string& key);
+
+        void displayReponse(HttpResponsePtr response);
 
         std::string _dsn;
         bool _validDsn;
@@ -41,7 +54,7 @@ namespace ix
 
         std::regex _luaFrameRegex;
 
-        HttpClient _httpClient;
+        std::shared_ptr<HttpClient> _httpClient;
     };
 
 } // namespace ix

ixsnake/CMakeLists.txt

@@ -0,0 +1,35 @@
+#
+# Author: Benjamin Sergeant
+# Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+#
+
+set (IXSNAKE_SOURCES
+    ixsnake/IXSnakeServer.cpp
+    ixsnake/IXSnakeProtocol.cpp
+    ixsnake/IXAppConfig.cpp
+    ixsnake/IXRedisClient.cpp
+    ixsnake/IXRedisServer.cpp
+)
+
+set (IXSNAKE_HEADERS
+    ixsnake/IXSnakeServer.h
+    ixsnake/IXSnakeProtocol.h
+    ixsnake/IXAppConfig.h
+    ixsnake/IXRedisClient.h
+    ixsnake/IXRedisServer.h
+)
+
+add_library(ixsnake STATIC
+    ${IXSNAKE_SOURCES}
+    ${IXSNAKE_HEADERS}
+)
+
+set(IXSNAKE_INCLUDE_DIRS
+    .
+    ..
+    ../ixcore
+    ../ixcrypto
+    ../ixwebsocket
+    ../third_party)
+
+target_include_directories( ixsnake PUBLIC ${IXSNAKE_INCLUDE_DIRS} )

ixsnake/ixsnake/IXAppConfig.cpp

@@ -4,24 +4,20 @@
  *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
  */
 
-#include "IXSnakeProtocol.h"
 #include "IXAppConfig.h"
+
+#include "IXSnakeProtocol.h"
 #include <iostream>
 #include <ixcrypto/IXUuid.h>
 
 namespace snake
 {
-    bool isAppKeyValid(
-        const AppConfig& appConfig,
-        std::string appkey)
+    bool isAppKeyValid(const AppConfig& appConfig, std::string appkey)
     {
         return appConfig.apps.count(appkey) != 0;
     }
 
-    std::string getRoleSecret(
-        const AppConfig& appConfig,
-        std::string appkey,
-        std::string role)
+    std::string getRoleSecret(const AppConfig& appConfig, std::string appkey, std::string role)
     {
         if (!isAppKeyValid(appConfig, appkey))
         {
@@ -49,4 +45,4 @@ namespace snake
         std::cout << "redis password: " << appConfig.redisPassword << std::endl;
         std::cout << "redis port: " << appConfig.redisPort << std::endl;
     }
-}
+} // namespace snake

ixsnake/ixsnake/IXAppConfig.h

@@ -6,10 +6,10 @@
 
 #pragma once
 
+#include <nlohmann/json.hpp>
 #include <string>
 #include <vector>
-
-#include "nlohmann/json.hpp"
+#include <ixwebsocket/IXSocketTLSOptions.h>
 
 namespace snake
 {
@@ -27,20 +27,18 @@ namespace snake
         // AppKeys
         nlohmann::json apps;
 
+        // TLS options
+        ix::SocketTLSOptions socketTLSOptions;
+
         // Misc
         bool verbose;
     };
 
-    bool isAppKeyValid(
-        const AppConfig& appConfig,
-        std::string appkey);
+    bool isAppKeyValid(const AppConfig& appConfig, std::string appkey);
 
-    std::string getRoleSecret(
-        const AppConfig& appConfig,
-        std::string appkey,
-        std::string role);
+    std::string getRoleSecret(const AppConfig& appConfig, std::string appkey, std::string role);
 
     std::string generateNonce();
 
     void dumpConfig(const AppConfig& appConfig);
-}
+} // namespace snake

ixsnake/ixsnake/IXRedisClient.cpp

@@ -5,14 +5,15 @@
  */
 
 #include "IXRedisClient.h"
-#include <ixwebsocket/IXSocketFactory.h>
-#include <ixwebsocket/IXSocket.h>
 
-#include <iostream>
-#include <sstream>
-#include <iomanip>
-#include <vector>
 #include <cstring>
+#include <iomanip>
+#include <iostream>
+#include <ixwebsocket/IXSocket.h>
+#include <ixwebsocket/IXSocketFactory.h>
+#include <ixwebsocket/IXSocketTLSOptions.h>
+#include <sstream>
+#include <vector>
 
 namespace ix
 {
@@ -20,19 +21,29 @@ namespace ix
     {
         bool tls = false;
         std::string errorMsg;
-        _socket = createSocket(tls, errorMsg);
+        SocketTLSOptions tlsOptions;
+        _socket = createSocket(tls, -1, errorMsg, tlsOptions);
 
         if (!_socket)
         {
             return false;
         }
 
+        CancellationRequest cancellationRequest = []() -> bool
+        {
+            return false;
+        };
+
         std::string errMsg;
-        return _socket->connect(hostname, port, errMsg, nullptr);
+        return _socket->connect(hostname, port, errMsg, cancellationRequest);
     }
 
-    bool RedisClient::auth(const std::string& password,
-                           std::string& response)
+    void RedisClient::stop()
+    {
+        _stop = true;
+    }
+
+    bool RedisClient::auth(const std::string& password, std::string& response)
     {
         response.clear();
 
@@ -128,12 +139,14 @@ namespace ix
                                 const OnRedisSubscribeResponseCallback& responseCallback,
                                 const OnRedisSubscribeCallback& callback)
     {
+        _stop = false;
+
         if (!_socket) return false;
 
         std::stringstream ss;
-        ss << "SUBSCRIBE ";
-        ss << channel;
-        ss << "\r\n";
+        ss << "*2\r\n";
+        ss << writeString("SUBSCRIBE");
+        ss << writeString(channel);
 
         bool sent = _socket->writeBytes(ss.str(), nullptr);
         if (!sent)
@@ -159,7 +172,7 @@ namespace ix
 
         if (!lineValid) return false;
 
-        // There are 5 items for the subscribe repply
+        // There are 5 items for the subscribe reply
         for (int i = 0; i < 5; ++i)
         {
             auto lineResult = _socket->readLine(nullptr);
@@ -175,13 +188,21 @@ namespace ix
         // Wait indefinitely for new messages
         while (true)
         {
+            if (_stop) break;
+
             // Wait until something is ready to read
-            auto pollResult = _socket->isReadyToRead(-1);
+            int timeoutMs = 10;
+            auto pollResult = _socket->isReadyToRead(timeoutMs);
             if (pollResult == PollResultType::Error)
             {
                 return false;
             }
 
+            if (pollResult == PollResultType::Timeout)
+            {
+                continue;
+            }
+
             // The first line of the response describe the return type,
             // => *3 (an array of 3 elements)
             auto lineResult = _socket->readLine(nullptr);
@@ -193,7 +214,7 @@ namespace ix
             int arraySize;
             {
                 std::stringstream ss;
-                ss << line.substr(1, line.size()-1);
+                ss << line.substr(1, line.size() - 1);
                 ss >> arraySize;
             }
 
@@ -210,7 +231,7 @@ namespace ix
                 // => $7 (7 bytes)
                 int stringSize;
                 std::stringstream ss;
-                ss << line.substr(1, line.size()-1);
+                ss << line.substr(1, line.size() - 1);
                 ss >> stringSize;
 
                 auto readResult = _socket->readBytes(stringSize, nullptr, nullptr);
@@ -231,4 +252,103 @@ namespace ix
 
         return true;
     }
-}
+
+    std::string RedisClient::prepareXaddCommand(
+        const std::string& stream,
+        const std::string& message)
+    {
+        std::stringstream ss;
+        ss << "*5\r\n";
+        ss << writeString("XADD");
+        ss << writeString(stream);
+        ss << writeString("*");
+        ss << writeString("field");
+        ss << writeString(message);
+
+        return ss.str();
+    }
+
+    std::string RedisClient::xadd(const std::string& stream,
+                                  const std::string& message,
+                                  std::string& errMsg)
+    {
+        errMsg.clear();
+
+        if (!_socket)
+        {
+            errMsg = "socket is not initialized";
+            return std::string();
+        }
+
+        std::string command = prepareXaddCommand(stream, message);
+
+        bool sent = _socket->writeBytes(command, nullptr);
+        if (!sent)
+        {
+            errMsg = "Cannot write bytes to socket";
+            return std::string();
+        }
+
+        return readXaddReply(errMsg);
+    }
+
+    std::string RedisClient::readXaddReply(std::string& errMsg)
+    {
+        // Read result
+        auto pollResult = _socket->isReadyToRead(-1);
+        if (pollResult == PollResultType::Error)
+        {
+            errMsg = "Error while polling for result";
+            return std::string();
+        }
+
+        // First line is the string length
+        auto lineResult = _socket->readLine(nullptr);
+        auto lineValid = lineResult.first;
+        auto line = lineResult.second;
+
+        if (!lineValid)
+        {
+            errMsg = "Error while polling for result";
+            return std::string();
+        }
+
+        int stringSize;
+        {
+            std::stringstream ss;
+            ss << line.substr(1, line.size() - 1);
+            ss >> stringSize;
+        }
+
+        // Read the result, which is the stream id computed by the redis server
+        lineResult = _socket->readLine(nullptr);
+        lineValid = lineResult.first;
+        line = lineResult.second;
+
+        std::string streamId = line.substr(0, stringSize - 1);
+        return streamId;
+    }
+
+    bool RedisClient::sendCommand(const std::string& commands, int commandsCount, std::string& errMsg)
+    {
+        bool sent = _socket->writeBytes(commands, nullptr);
+        if (!sent)
+        {
+            errMsg = "Cannot write bytes to socket";
+            return false;
+        }
+
+        bool success = true;
+
+        for (int i = 0; i < commandsCount; ++i)
+        {
+            auto reply = readXaddReply(errMsg);
+            if (reply == std::string())
+            {
+                success = false;
+            }
+        }
+
+        return success;
+    }
+} // namespace ix

ixsnake/ixsnake/IXRedisClient.h

@@ -0,0 +1,62 @@
+/*
+ *  IXRedisClient.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+ */
+
+#pragma once
+
+#include <atomic>
+#include <functional>
+#include <memory>
+
+namespace ix
+{
+    class Socket;
+
+    class RedisClient
+    {
+    public:
+        using OnRedisSubscribeResponseCallback = std::function<void(const std::string&)>;
+        using OnRedisSubscribeCallback = std::function<void(const std::string&)>;
+
+        RedisClient()
+            : _stop(false)
+        {
+        }
+        ~RedisClient() = default;
+
+        bool connect(const std::string& hostname, int port);
+
+        bool auth(const std::string& password, std::string& response);
+
+        // Publish / Subscribe
+        bool publish(const std::string& channel, const std::string& message, std::string& errMsg);
+
+        bool subscribe(const std::string& channel,
+                       const OnRedisSubscribeResponseCallback& responseCallback,
+                       const OnRedisSubscribeCallback& callback);
+
+        // XADD
+        std::string xadd(
+            const std::string& channel,
+            const std::string& message,
+            std::string& errMsg);
+
+        std::string prepareXaddCommand(
+            const std::string& stream,
+            const std::string& message);
+
+        std::string readXaddReply(std::string& errMsg);
+
+        bool sendCommand(const std::string& commands, int commandsCount, std::string& errMsg);
+
+        void stop();
+
+    private:
+        std::string writeString(const std::string& str);
+
+        std::shared_ptr<Socket> _socket;
+        std::atomic<bool> _stop;
+    };
+} // namespace ix

ixsnake/ixsnake/IXRedisServer.cpp

@@ -0,0 +1,299 @@
+/*
+ *  IXRedisServer.cpp
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+ */
+
+#include "IXRedisServer.h"
+
+#include <ixwebsocket/IXNetSystem.h>
+#include <ixwebsocket/IXSocketConnect.h>
+#include <ixwebsocket/IXSocket.h>
+#include <ixwebsocket/IXCancellationRequest.h>
+#include <fstream>
+#include <iostream>
+#include <sstream>
+#include <vector>
+
+namespace ix
+{
+    RedisServer::RedisServer(int port, const std::string& host, int backlog, size_t maxConnections)
+        : SocketServer(port, host, backlog, maxConnections)
+        , _connectedClientsCount(0)
+        , _stopHandlingConnections(false)
+    {
+        ;
+    }
+
+    RedisServer::~RedisServer()
+    {
+        stop();
+    }
+
+    void RedisServer::stop()
+    {
+        stopAcceptingConnections();
+
+        _stopHandlingConnections = true;
+        while (_connectedClientsCount != 0)
+        {
+            std::this_thread::sleep_for(std::chrono::milliseconds(10));
+        }
+        _stopHandlingConnections = false;
+
+        SocketServer::stop();
+    }
+
+    void RedisServer::handleConnection(std::shared_ptr<Socket> socket,
+                                       std::shared_ptr<ConnectionState> connectionState)
+    {
+        _connectedClientsCount++;
+
+        while (!_stopHandlingConnections)
+        {
+            std::vector<std::string> tokens;
+            if (!parseRequest(socket, tokens))
+            {
+                if (_stopHandlingConnections)
+                {
+                    logError("Cancellation requested");
+                }
+                else
+                {
+                    logError("Error parsing request");
+                }
+                break;
+            }
+
+            bool success = false;
+
+            // publish
+            if (tokens[0] == "COMMAND")
+            {
+                success = handleCommand(socket, tokens);
+            }
+            else if (tokens[0] == "PUBLISH")
+            {
+                success = handlePublish(socket, tokens);
+            }
+            else if (tokens[0] == "SUBSCRIBE")
+            {
+                success = handleSubscribe(socket, tokens);
+            }
+
+            if (!success)
+            {
+                if (_stopHandlingConnections)
+                {
+                    logError("Cancellation requested");
+                }
+                else
+                {
+                    logError("Error processing request for command: " + tokens[0]);
+                }
+                break;
+            }
+        }
+
+        cleanupSubscribers(socket);
+
+        logInfo("Connection closed for connection id " + connectionState->getId());
+        connectionState->setTerminated();
+
+        _connectedClientsCount--;
+    }
+
+    void RedisServer::cleanupSubscribers(std::shared_ptr<Socket> socket)
+    {
+        std::lock_guard<std::mutex> lock(_mutex);
+
+        for (auto&& it : _subscribers)
+        {
+            it.second.erase(socket);
+        }
+
+        for (auto it : _subscribers)
+        {
+            std::stringstream ss;
+            ss << "Subscription id: " << it.first
+               << " #subscribers: " << it.second.size();
+
+            logInfo(ss.str());
+        }
+    }
+
+    size_t RedisServer::getConnectedClientsCount()
+    {
+        return _connectedClientsCount;
+    }
+
+    bool RedisServer::startsWith(const std::string& str,
+                                 const std::string& start)
+    {
+        return str.compare(0, start.length(), start) == 0;
+    }
+
+    std::string RedisServer::writeString(const std::string& str)
+    {
+        std::stringstream ss;
+        ss << "$";
+        ss << str.size();
+        ss << "\r\n";
+        ss << str;
+        ss << "\r\n";
+
+        return ss.str();
+    }
+
+    bool RedisServer::parseRequest(
+        std::shared_ptr<Socket> socket,
+        std::vector<std::string>& tokens)
+    {
+        // Parse first line
+        auto cb = makeCancellationRequestWithTimeout(30, _stopHandlingConnections);
+        auto lineResult = socket->readLine(cb);
+        auto lineValid = lineResult.first;
+        auto line = lineResult.second;
+
+        if (!lineValid) return false;
+
+        std::string str = line.substr(1);
+        std::stringstream ss;
+        ss << str;
+        int count;
+        ss >> count;
+
+        for (int i = 0; i < count; ++i)
+        {
+            auto lineResult = socket->readLine(cb);
+            auto lineValid = lineResult.first;
+            auto line = lineResult.second;
+
+            if (!lineValid) return false;
+
+            int stringSize;
+            std::stringstream ss;
+            ss << line.substr(1, line.size() - 1);
+            ss >> stringSize;
+
+            auto readResult = socket->readBytes(stringSize, nullptr, nullptr);
+
+            if (!readResult.first) return false;
+
+            // read last 2 bytes (\r\n)
+            char c;
+            socket->readByte(&c, nullptr);
+            socket->readByte(&c, nullptr);
+
+            tokens.push_back(readResult.second);
+        }
+
+        for (auto&& token : tokens)
+        {
+            std::cerr << token << " ";
+        }
+        std::cerr << std::endl;
+
+        return true;
+    }
+
+    bool RedisServer::handleCommand(
+        std::shared_ptr<Socket> socket,
+        const std::vector<std::string>& tokens)
+    {
+        if (tokens.size() != 1) return false;
+
+        auto cb = makeCancellationRequestWithTimeout(30, _stopHandlingConnections);
+        std::stringstream ss;
+
+        // return 2 nested arrays
+        ss << "*2\r\n";
+
+        //
+        // publish
+        //
+        ss << "*6\r\n";
+        ss << writeString("publish"); // 1
+        ss << ":3\r\n"; // 2
+        ss << "*0\r\n"; // 3
+        ss << ":1\r\n"; // 4
+        ss << ":2\r\n"; // 5
+        ss << ":1\r\n"; // 6
+
+        //
+        // subscribe
+        //
+        ss << "*6\r\n";
+        ss << writeString("subscribe"); // 1
+        ss << ":2\r\n"; // 2
+        ss << "*0\r\n"; // 3
+        ss << ":1\r\n"; // 4
+        ss << ":1\r\n"; // 5
+        ss << ":1\r\n"; // 6
+
+        socket->writeBytes(ss.str(), cb);
+
+        return true;
+    }
+
+    bool RedisServer::handleSubscribe(
+        std::shared_ptr<Socket> socket,
+        const std::vector<std::string>& tokens)
+    {
+        if (tokens.size() != 2) return false;
+
+        auto cb = makeCancellationRequestWithTimeout(30, _stopHandlingConnections);
+        std::string channel = tokens[1];
+
+        // Respond
+        socket->writeBytes("*3\r\n", cb);
+        socket->writeBytes(writeString("subscribe"), cb);
+        socket->writeBytes(writeString(channel), cb);
+        socket->writeBytes(":1\r\n", cb);
+
+        std::lock_guard<std::mutex> lock(_mutex);
+        _subscribers[channel].insert(socket);
+
+        return true;
+    }
+
+    bool RedisServer::handlePublish(
+        std::shared_ptr<Socket> socket,
+        const std::vector<std::string>& tokens)
+    {
+        if (tokens.size() != 3) return false;
+
+        auto cb = makeCancellationRequestWithTimeout(30, _stopHandlingConnections);
+        std::string channel = tokens[1];
+        std::string data = tokens[2];
+
+        // now dispatch the message to subscribers (write custom method)
+        std::lock_guard<std::mutex> lock(_mutex);
+        auto it = _subscribers.find(channel);
+        if (it == _subscribers.end())
+        {
+            // return the number of clients that received the message, 0 in that case
+            socket->writeBytes(":0\r\n", cb);
+            return true;
+        }
+
+        auto subscribers = it->second;
+        for (auto jt : subscribers)
+        {
+            jt->writeBytes("*3\r\n", cb);
+            jt->writeBytes(writeString("message"), cb);
+            jt->writeBytes(writeString(channel), cb);
+            jt->writeBytes(writeString(data), cb);
+        }
+
+        // return the number of clients that received the message.
+        std::stringstream ss;
+        ss << ":"
+           << std::to_string(subscribers.size())
+           << "\r\n";
+        socket->writeBytes(ss.str(), cb);
+
+        return true;
+    }
+
+} // namespace ix

ixsnake/ixsnake/IXRedisServer.h

@@ -0,0 +1,67 @@
+/*
+ *  IXRedisServer.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2018 Machine Zone, Inc. All rights reserved.
+ */
+
+#pragma once
+
+#include "IXSocketServer.h"
+#include "IXSocket.h"
+#include <functional>
+#include <memory>
+#include <mutex>
+#include <set>
+#include <map>
+#include <string>
+#include <thread>
+#include <utility> // pair
+
+namespace ix
+{
+    class RedisServer final : public SocketServer
+    {
+    public:
+        RedisServer(int port = SocketServer::kDefaultPort,
+                    const std::string& host = SocketServer::kDefaultHost,
+                    int backlog = SocketServer::kDefaultTcpBacklog,
+                    size_t maxConnections = SocketServer::kDefaultMaxConnections);
+        virtual ~RedisServer();
+        virtual void stop() final;
+
+    private:
+        // Member variables
+        std::atomic<int> _connectedClientsCount;
+
+        // Subscribers
+        // We could store connection states in there, to add better debugging
+        // since a connection state has a readable ID
+        std::map<std::string, std::set<std::shared_ptr<Socket>>> _subscribers;
+        std::mutex _mutex;
+
+        std::atomic<bool> _stopHandlingConnections;
+
+        // Methods
+        virtual void handleConnection(std::shared_ptr<Socket>,
+                                      std::shared_ptr<ConnectionState> connectionState) final;
+        virtual size_t getConnectedClientsCount() final;
+
+        bool startsWith(const std::string& str, const std::string& start);
+        std::string writeString(const std::string& str);
+
+        bool parseRequest(
+            std::shared_ptr<Socket> socket,
+            std::vector<std::string>& tokens);
+
+        bool handlePublish(std::shared_ptr<Socket> socket,
+                           const std::vector<std::string>& tokens);
+
+        bool handleSubscribe(std::shared_ptr<Socket> socket,
+                             const std::vector<std::string>& tokens);
+
+        bool handleCommand(std::shared_ptr<Socket> socket,
+                           const std::vector<std::string>& tokens);
+
+        void cleanupSubscribers(std::shared_ptr<Socket> socket);
+    };
+} // namespace ix

ixsnake/ixsnake/IXSnakeConnectionState.h

@@ -0,0 +1,61 @@
+/*
+ *  IXSnakeConnectionState.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+ */
+
+#pragma once
+
+#include "IXRedisClient.h"
+#include <future>
+#include <ixwebsocket/IXConnectionState.h>
+#include <string>
+
+namespace snake
+{
+    class SnakeConnectionState : public ix::ConnectionState
+    {
+    public:
+        std::string getNonce()
+        {
+            return _nonce;
+        }
+
+        void setNonce(const std::string& nonce)
+        {
+            _nonce = nonce;
+        }
+
+        std::string appkey()
+        {
+            return _appkey;
+        }
+        void setAppkey(const std::string& appkey)
+        {
+            _appkey = appkey;
+        }
+
+        std::string role()
+        {
+            return _role;
+        }
+        void setRole(const std::string& role)
+        {
+            _role = role;
+        }
+
+        ix::RedisClient& redisClient()
+        {
+            return _redisClient;
+        }
+
+        std::future<void> fut;
+
+    private:
+        std::string _nonce;
+        std::string _role;
+        std::string _appkey;
+
+        ix::RedisClient _redisClient;
+    };
+} // namespace snake

ixsnake/ixsnake/IXSnakeProtocol.cpp

@@ -6,40 +6,33 @@
 
 #include "IXSnakeProtocol.h"
 
-#include <ixwebsocket/IXWebSocket.h>
-#include <ixcrypto/IXHMac.h>
-
-#include "IXSnakeConnectionState.h"
 #include "IXAppConfig.h"
-
+#include "IXSnakeConnectionState.h"
 #include "nlohmann/json.hpp"
+#include <iostream>
+#include <ixcrypto/IXHMac.h>
+#include <ixwebsocket/IXWebSocket.h>
+#include <ixcore/utils/IXCoreLogger.h>
 #include <sstream>
 
 namespace snake
 {
-    void handleError(
-        const std::string& action,
-        std::shared_ptr<ix::WebSocket> ws,
-        nlohmann::json pdu,
-        const std::string& errMsg)
+    void handleError(const std::string& action,
+                     std::shared_ptr<ix::WebSocket> ws,
+                     nlohmann::json pdu,
+                     const std::string& errMsg)
     {
         std::string actionError(action);
         actionError += "/error";
 
         nlohmann::json response = {
-            {"action", actionError},
-            {"id", pdu.value("id", 1)},
-            {"body", {
-                {"reason", errMsg}
-            }}
-        };
+            {"action", actionError}, {"id", pdu.value("id", 1)}, {"body", {{"reason", errMsg}}}};
         ws->sendText(response.dump());
     }
 
-    void handleHandshake(
-        std::shared_ptr<SnakeConnectionState> state,
-        std::shared_ptr<ix::WebSocket> ws,
-        const nlohmann::json& pdu)
+    void handleHandshake(std::shared_ptr<SnakeConnectionState> state,
+                         std::shared_ptr<ix::WebSocket> ws,
+                         const nlohmann::json& pdu)
     {
         std::string role = pdu["body"]["data"]["role"];
 
@@ -49,39 +42,29 @@ namespace snake
         nlohmann::json response = {
             {"action", "auth/handshake/ok"},
             {"id", pdu.value("id", 1)},
-            {"body", {
-                {"data", {
-                    {"nonce", state->getNonce()},
-                    {"connection_id", state->getId()}
-                }},
-            }}
-        };
+            {"body",
+             {
+                 {"data", {{"nonce", state->getNonce()}, {"connection_id", state->getId()}}},
+             }}};
 
         auto serializedResponse = response.dump();
-        std::cout << "response = " << serializedResponse << std::endl;
 
         ws->sendText(serializedResponse);
     }
 
-    void handleAuth(
-        std::shared_ptr<SnakeConnectionState> state,
-        std::shared_ptr<ix::WebSocket> ws,
-        const AppConfig& appConfig,
-        const nlohmann::json& pdu)
+    void handleAuth(std::shared_ptr<SnakeConnectionState> state,
+                    std::shared_ptr<ix::WebSocket> ws,
+                    const AppConfig& appConfig,
+                    const nlohmann::json& pdu)
     {
         auto secret = getRoleSecret(appConfig, state->appkey(), state->role());
-        std::cout << "secret = " << secret << std::endl;
 
         if (secret.empty())
         {
             nlohmann::json response = {
                 {"action", "auth/authenticate/error"},
                 {"id", pdu.value("id", 1)},
-                {"body", {
-                    {"error", "authentication_failed"},
-                    {"reason", "invalid secret"}
-                }}
-            };
+                {"body", {{"error", "authentication_failed"}, {"reason", "invalid secret"}}}};
             ws->sendText(response.dump());
             return;
         }
@@ -90,39 +73,25 @@ namespace snake
         auto serverHash = ix::hmac(nonce, secret);
         std::string clientHash = pdu["body"]["credentials"]["hash"];
 
-        if (appConfig.verbose)
-        {
-            std::cout << serverHash << std::endl;
-            std::cout << clientHash << std::endl;
-        }
-
         if (serverHash != clientHash)
         {
             nlohmann::json response = {
                 {"action", "auth/authenticate/error"},
                 {"id", pdu.value("id", 1)},
-                {"body", {
-                    {"error", "authentication_failed"},
-                    {"reason", "invalid hash"}
-                }}
-            };
+                {"body", {{"error", "authentication_failed"}, {"reason", "invalid hash"}}}};
             ws->sendText(response.dump());
             return;
         }
 
         nlohmann::json response = {
-            {"action", "auth/authenticate/ok"},
-            {"id", pdu.value("id", 1)},
-            {"body", {}}
-        };
+            {"action", "auth/authenticate/ok"}, {"id", pdu.value("id", 1)}, {"body", {}}};
 
         ws->sendText(response.dump());
     }
 
-    void handlePublish(
-        std::shared_ptr<SnakeConnectionState> state,
-        std::shared_ptr<ix::WebSocket> ws,
-        const nlohmann::json& pdu)
+    void handlePublish(std::shared_ptr<SnakeConnectionState> state,
+                       std::shared_ptr<ix::WebSocket> ws,
+                       const nlohmann::json& pdu)
     {
         std::vector<std::string> channels;
 
@@ -149,9 +118,7 @@ namespace snake
         for (auto&& channel : channels)
         {
             std::stringstream ss;
-            ss << state->appkey()
-               << "::"
-               << channel;
+            ss << state->appkey() << "::" << channel;
 
             std::string errMsg;
             if (!state->redisClient().publish(ss.str(), pdu.dump(), errMsg))
@@ -162,24 +129,26 @@ namespace snake
                 return;
             }
         }
+
+        nlohmann::json response = {
+            {"action", "rtm/publish/ok"}, {"id", pdu.value("id", 1)}, {"body", {}}};
+
+        ws->sendText(response.dump());
     }
 
     //
     // FIXME: this is not cancellable. We should be able to cancel the redis subscription
     //
-    void handleRedisSubscription(
-        std::shared_ptr<SnakeConnectionState> state,
-        std::shared_ptr<ix::WebSocket> ws,
-        const AppConfig& appConfig,
-        const nlohmann::json& pdu)
+    void handleRedisSubscription(std::shared_ptr<SnakeConnectionState> state,
+                                 std::shared_ptr<ix::WebSocket> ws,
+                                 const AppConfig& appConfig,
+                                 const nlohmann::json& pdu)
     {
         std::string channel = pdu["body"]["channel"];
         std::string subscriptionId = channel;
 
         std::stringstream ss;
-        ss << state->appkey()
-           << "::"
-           << channel;
+        ss << state->appkey() << "::" << channel;
 
         std::string appChannel(ss.str());
 
@@ -198,8 +167,6 @@ namespace snake
             return;
         }
 
-        std::cout << "Connected to redis host " << hostname << ":" << port << std::endl;
-
         // Now authenticate, if needed
         if (!appConfig.redisPassword.empty())
         {
@@ -211,42 +178,40 @@ namespace snake
                 handleError("rtm/subscribe", ws, pdu, ss.str());
                 return;
             }
-            std::cout << "Auth response: " << authResponse << ":" << port << std::endl;
         }
 
         int id = 0;
-        auto callback = [ws, &id, &subscriptionId](const std::string& messageStr)
-        {
+        auto callback = [ws, &id, &subscriptionId](const std::string& messageStr) {
             auto msg = nlohmann::json::parse(messageStr);
 
+            msg = msg["body"]["message"];
+
             nlohmann::json response = {
                 {"action", "rtm/subscription/data"},
                 {"id", id++},
-                {"body", {
-                    {"subscription_id", subscriptionId},
-                    {"messages", {{msg}}}
-                }}
-            };
+                {"body", {{"subscription_id", subscriptionId}, {"messages", {msg}}}}};
 
             ws->sendText(response.dump());
         };
 
-        auto responseCallback = [ws, pdu, &subscriptionId](const std::string& redisResponse)
-        {
-            std::cout << "Redis subscribe response: " << redisResponse << std::endl;
+        auto responseCallback = [ws, pdu, &subscriptionId](const std::string& redisResponse) {
+            std::stringstream ss;
+            ss << "Redis Response: " << redisResponse << "...";
+            ix::IXCoreLogger::Log(ss.str().c_str());
 
             // Success
-            nlohmann::json response = {
-                {"action", "rtm/subscribe/ok"},
-                {"id", pdu.value("id", 1)},
-                {"body", {
-                    {"subscription_id", subscriptionId}
-                }}
-            };
+            nlohmann::json response = {{"action", "rtm/subscribe/ok"},
+                                       {"id", pdu.value("id", 1)},
+                                       {"body", {{"subscription_id", subscriptionId}}}};
             ws->sendText(response.dump());
         };
 
-        std::cerr << "Subscribing to " << appChannel << "..." << std::endl;
+        {
+            std::stringstream ss;
+            ss << "Subscribing to " << appChannel << "...";
+            ix::IXCoreLogger::Log(ss.str().c_str());
+        }
+
         if (!redisClient.subscribe(appChannel, responseCallback, callback))
         {
             std::stringstream ss;
@@ -256,31 +221,38 @@ namespace snake
         }
     }
 
-    void handleSubscribe(
-        std::shared_ptr<SnakeConnectionState> state,
-        std::shared_ptr<ix::WebSocket> ws,
-        const AppConfig& appConfig,
-        const nlohmann::json& pdu)
+    void handleSubscribe(std::shared_ptr<SnakeConnectionState> state,
+                         std::shared_ptr<ix::WebSocket> ws,
+                         const AppConfig& appConfig,
+                         const nlohmann::json& pdu)
     {
-        state->fut = std::async(std::launch::async,
-                                handleRedisSubscription,
-                                state,
-                                ws,
-                                appConfig,
-                                pdu);
+        state->fut =
+            std::async(std::launch::async, handleRedisSubscription, state, ws, appConfig, pdu);
     }
 
-    void processCobraMessage(
-        std::shared_ptr<SnakeConnectionState> state,
-        std::shared_ptr<ix::WebSocket> ws,
-        const AppConfig& appConfig,
-        const std::string& str)
+    void handleUnSubscribe(std::shared_ptr<SnakeConnectionState> state,
+                           std::shared_ptr<ix::WebSocket> ws,
+                           const nlohmann::json& pdu)
+    {
+        // extract subscription_id
+        auto body = pdu["body"];
+        auto subscriptionId = body["subscription_id"];
+
+        state->redisClient().stop();
+
+        nlohmann::json response = {{"action", "rtm/unsubscribe/ok"},
+                                   {"id", pdu.value("id", 1)},
+                                   {"body", {{"subscription_id", subscriptionId}}}};
+        ws->sendText(response.dump());
+    }
+
+    void processCobraMessage(std::shared_ptr<SnakeConnectionState> state,
+                             std::shared_ptr<ix::WebSocket> ws,
+                             const AppConfig& appConfig,
+                             const std::string& str)
     {
         auto pdu = nlohmann::json::parse(str);
-        std::cout << "Got " << str << std::endl;
-
         auto action = pdu["action"];
-        std::cout << "action = " << action << std::endl;
 
         if (action == "auth/handshake")
         {
@@ -298,9 +270,13 @@ namespace snake
         {
             handleSubscribe(state, ws, appConfig, pdu);
         }
+        else if (action == "rtm/unsubscribe")
+        {
+            handleUnSubscribe(state, ws, pdu);
+        }
         else
         {
             std::cerr << "Unhandled action: " << action << std::endl;
         }
     }
-}
+} // namespace snake

ixsnake/ixsnake/IXSnakeProtocol.h

@@ -0,0 +1,26 @@
+/*
+ *  IXSnakeProtocol.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+ */
+
+#pragma once
+
+#include <memory>
+#include <string>
+
+namespace ix
+{
+    class WebSocket;
+}
+
+namespace snake
+{
+    class SnakeConnectionState;
+    struct AppConfig;
+
+    void processCobraMessage(std::shared_ptr<SnakeConnectionState> state,
+                             std::shared_ptr<ix::WebSocket> ws,
+                             const AppConfig& appConfig,
+                             const std::string& str);
+} // namespace snake

ixsnake/ixsnake/IXSnakeServer.cpp

@@ -0,0 +1,133 @@
+/*
+ *  IXSnakeServer.cpp
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+ */
+
+#include "IXSnakeServer.h"
+
+#include "IXAppConfig.h"
+#include "IXSnakeConnectionState.h"
+#include "IXSnakeProtocol.h"
+#include <iostream>
+#include <sstream>
+#include <ixcore/utils/IXCoreLogger.h>
+
+
+namespace snake
+{
+    SnakeServer::SnakeServer(const AppConfig& appConfig)
+        : _appConfig(appConfig)
+        , _server(appConfig.port, appConfig.hostname)
+    {
+        _server.setTLSOptions(appConfig.socketTLSOptions);
+    }
+
+    //
+    // Parse appkey from this uri. Won't work if multiple args are present in the uri
+    // Uri: /v2?appkey=FC2F10139A2BAc53BB72D9db967b024f
+    //
+    std::string SnakeServer::parseAppKey(const std::string& path)
+    {
+        std::string::size_type idx;
+
+        idx = path.rfind('=');
+        if (idx != std::string::npos)
+        {
+            std::string appkey = path.substr(idx + 1);
+            return appkey;
+        }
+        else
+        {
+            return std::string();
+        }
+    }
+
+    bool SnakeServer::run()
+    {
+        auto factory = []() -> std::shared_ptr<ix::ConnectionState> {
+            return std::make_shared<SnakeConnectionState>();
+        };
+        _server.setConnectionStateFactory(factory);
+
+        _server.setOnConnectionCallback(
+            [this](std::shared_ptr<ix::WebSocket> webSocket,
+                   std::shared_ptr<ix::ConnectionState> connectionState) {
+                auto state = std::dynamic_pointer_cast<SnakeConnectionState>(connectionState);
+
+                webSocket->setOnMessageCallback(
+                    [this, webSocket, state](const ix::WebSocketMessagePtr& msg) {
+                        std::stringstream ss;
+                        if (msg->type == ix::WebSocketMessageType::Open)
+                        {
+                            ss << "New connection" << std::endl;
+                            ss << "id: " << state->getId() << std::endl;
+                            ss << "Uri: " << msg->openInfo.uri << std::endl;
+                            ss << "Headers:" << std::endl;
+                            for (auto it : msg->openInfo.headers)
+                            {
+                                ss << it.first << ": " << it.second << std::endl;
+                            }
+
+                            std::string appkey = parseAppKey(msg->openInfo.uri);
+                            state->setAppkey(appkey);
+
+                            // Connect to redis first
+                            if (!state->redisClient().connect(_appConfig.redisHosts[0],
+                                                              _appConfig.redisPort))
+                            {
+                                ss << "Cannot connect to redis host" << std::endl;
+                            }
+                        }
+                        else if (msg->type == ix::WebSocketMessageType::Close)
+                        {
+                            ss << "Closed connection"
+                               << " code " << msg->closeInfo.code << " reason "
+                               << msg->closeInfo.reason << std::endl;
+                        }
+                        else if (msg->type == ix::WebSocketMessageType::Error)
+                        {
+                            std::stringstream ss;
+                            ss << "Connection error: " << msg->errorInfo.reason << std::endl;
+                            ss << "#retries: " << msg->errorInfo.retries << std::endl;
+                            ss << "Wait time(ms): " << msg->errorInfo.wait_time << std::endl;
+                            ss << "HTTP Status: " << msg->errorInfo.http_status << std::endl;
+                        }
+                        else if (msg->type == ix::WebSocketMessageType::Fragment)
+                        {
+                            ss << "Received message fragment" << std::endl;
+                        }
+                        else if (msg->type == ix::WebSocketMessageType::Message)
+                        {
+                            ss << "Received " << msg->wireSize << " bytes" << std::endl;
+                            processCobraMessage(state, webSocket, _appConfig, msg->str);
+                        }
+
+                        ix::IXCoreLogger::Log(ss.str().c_str());
+                    });
+            });
+
+        auto res = _server.listen();
+        if (!res.first)
+        {
+            std::cerr << res.second << std::endl;
+            return false;
+        }
+
+        _server.start();
+        return true;
+    }
+
+    void SnakeServer::runForever()
+    {
+        if (run())
+        {
+            _server.wait();
+        }
+    }
+
+    void SnakeServer::stop()
+    {
+        _server.stop();
+    }
+} // namespace snake

ixsnake/ixsnake/IXSnakeServer.h

@@ -6,10 +6,9 @@
 
 #pragma once
 
-#include <string>
-
-#include <ixwebsocket/IXWebSocketServer.h>
 #include "IXAppConfig.h"
+#include <ixwebsocket/IXWebSocketServer.h>
+#include <string>
 
 namespace snake
 {
@@ -20,6 +19,8 @@ namespace snake
         ~SnakeServer() = default;
 
         bool run();
+        void runForever();
+        void stop();
 
     private:
         std::string parseAppKey(const std::string& path);
@@ -27,4 +28,4 @@ namespace snake
         AppConfig _appConfig;
         ix::WebSocketServer _server;
     };
-}
+} // namespace snake

ixwebsocket/IXCancellationRequest.cpp

@@ -10,14 +10,13 @@
 
 namespace ix
 {
-    CancellationRequest makeCancellationRequestWithTimeout(int secs,
-                                                           std::atomic<bool>& requestInitCancellation)
+    CancellationRequest makeCancellationRequestWithTimeout(
+        int secs, std::atomic<bool>& requestInitCancellation)
     {
         auto start = std::chrono::system_clock::now();
         auto timeout = std::chrono::seconds(secs);
 
-        auto isCancellationRequested = [&requestInitCancellation, start, timeout]() -> bool
-        {
+        auto isCancellationRequested = [&requestInitCancellation, start, timeout]() -> bool {
             // Was an explicit cancellation requested ?
             if (requestInitCancellation) return true;
 
@@ -30,4 +29,4 @@ namespace ix
 
         return isCancellationRequested;
     }
-}
+} // namespace ix

ixwebsocket/IXCancellationRequest.h

@@ -6,14 +6,13 @@
 
 #pragma once
 
-#include <functional>
 #include <atomic>
+#include <functional>
 
 namespace ix
 {
     using CancellationRequest = std::function<bool()>;
 
-    CancellationRequest makeCancellationRequestWithTimeout(int seconds,
-                                                           std::atomic<bool>& requestInitCancellation);
-}
-
+    CancellationRequest makeCancellationRequestWithTimeout(
+        int seconds, std::atomic<bool>& requestInitCancellation);
+} // namespace ix

ixwebsocket/IXConnectionState.cpp

@@ -10,7 +10,8 @@ namespace ix
 {
     std::atomic<uint64_t> ConnectionState::_globalId(0);
 
-    ConnectionState::ConnectionState() : _terminated(false)
+    ConnectionState::ConnectionState()
+        : _terminated(false)
     {
         computeId();
     }
@@ -39,5 +40,4 @@ namespace ix
     {
         _terminated = true;
     }
-}
-
+} // namespace ix

ixwebsocket/IXConnectionState.h

@@ -6,14 +6,15 @@
 
 #pragma once
 
-#include <stdint.h>
-#include <string>
 #include <atomic>
 #include <memory>
+#include <stdint.h>
+#include <string>
 
 namespace ix
 {
-    class ConnectionState {
+    class ConnectionState
+    {
     public:
         ConnectionState();
         virtual ~ConnectionState() = default;
@@ -32,6 +33,4 @@ namespace ix
 
         static std::atomic<uint64_t> _globalId;
     };
-}
-
-
+} // namespace ix

ixwebsocket/IXDNSLookup.cpp

@@ -5,34 +5,24 @@
  */
 
 #include "IXDNSLookup.h"
-#include "IXNetSystem.h"
 
-#include <string.h>
+#include "IXNetSystem.h"
 #include <chrono>
+#include <string.h>
+#include <thread>
 
 namespace ix
 {
-    const int64_t DNSLookup::kDefaultWait = 10; // ms
+    const int64_t DNSLookup::kDefaultWait = 1; // ms
 
-    std::atomic<uint64_t> DNSLookup::_nextId(0);
-    std::set<uint64_t> DNSLookup::_activeJobs;
-    std::mutex DNSLookup::_activeJobsMutex;
-
-    DNSLookup::DNSLookup(const std::string& hostname, int port, int64_t wait) :
-        _port(port),
-        _wait(wait),
-        _res(nullptr),
-        _done(false),
-        _id(_nextId++)
+    DNSLookup::DNSLookup(const std::string& hostname, int port, int64_t wait)
+        : _hostname(hostname)
+        , _port(port)
+        , _wait(wait)
+        , _res(nullptr)
+        , _done(false)
     {
-        setHostname(hostname);
-    }
-
-    DNSLookup::~DNSLookup()
-    {
-        // Remove this job from the active jobs list
-        std::lock_guard<std::mutex> lock(_activeJobsMutex);
-        _activeJobs.erase(_id);
+        ;
     }
 
     struct addrinfo* DNSLookup::getAddrInfo(const std::string& hostname,
@@ -48,8 +38,7 @@ namespace ix
         std::string sport = std::to_string(port);
 
         struct addrinfo* res;
-        int getaddrinfo_result = getaddrinfo(hostname.c_str(), sport.c_str(),
-                                             &hints, &res);
+        int getaddrinfo_result = getaddrinfo(hostname.c_str(), sport.c_str(), &hints, &res);
         if (getaddrinfo_result)
         {
             errMsg = gai_strerror(getaddrinfo_result);
@@ -60,29 +49,29 @@ namespace ix
 
     struct addrinfo* DNSLookup::resolve(std::string& errMsg,
                                         const CancellationRequest& isCancellationRequested,
-                                        bool blocking)
+                                        bool cancellable)
     {
-        return blocking ? resolveBlocking(errMsg, isCancellationRequested)
-                        : resolveAsync(errMsg, isCancellationRequested);
+        return cancellable ? resolveCancellable(errMsg, isCancellationRequested)
+                           : resolveUnCancellable(errMsg, isCancellationRequested);
     }
 
-    struct addrinfo* DNSLookup::resolveBlocking(std::string& errMsg,
-                                                const CancellationRequest& isCancellationRequested)
+    struct addrinfo* DNSLookup::resolveUnCancellable(
+        std::string& errMsg, const CancellationRequest& isCancellationRequested)
     {
         errMsg = "no error";
 
         // Maybe a cancellation request got in before the background thread terminated ?
-        if (isCancellationRequested && isCancellationRequested())
+        if (isCancellationRequested())
         {
             errMsg = "cancellation requested";
             return nullptr;
         }
 
-        return getAddrInfo(getHostname(), _port, errMsg);
+        return getAddrInfo(_hostname, _port, errMsg);
     }
 
-    struct addrinfo* DNSLookup::resolveAsync(std::string& errMsg,
-                                             const CancellationRequest& isCancellationRequested)
+    struct addrinfo* DNSLookup::resolveCancellable(
+        std::string& errMsg, const CancellationRequest& isCancellationRequested)
     {
         errMsg = "no error";
 
@@ -94,33 +83,31 @@ namespace ix
                             // if you need a second lookup.
         }
 
-        // Record job in the active Job set
-        {
-            std::lock_guard<std::mutex> lock(_activeJobsMutex);
-            _activeJobs.insert(_id);
-        }
-
         //
         // Good resource on thread forced termination
         // https://www.bo-yang.net/2017/11/19/cpp-kill-detached-thread
         //
-        _thread = std::thread(&DNSLookup::run, this, _id, getHostname(), _port);
-        _thread.detach();
+        auto ptr = shared_from_this();
+        std::weak_ptr<DNSLookup> self(ptr);
 
-        std::unique_lock<std::mutex> lock(_conditionVariableMutex);
+        int port = _port;
+        std::string hostname(_hostname);
+
+        // We make the background thread doing the work a shared pointer
+        // instead of a member variable, because it can keep running when
+        // this object goes out of scope, in case of cancellation
+        auto t = std::make_shared<std::thread>(&DNSLookup::run, this, self, hostname, port);
+        t->detach();
 
         while (!_done)
         {
-            // Wait for 10 milliseconds on the condition variable, to see
-            // if the bg thread has terminated.
-            if (_condition.wait_for(lock, std::chrono::milliseconds(_wait)) == std::cv_status::no_timeout)
-            {
-                // Background thread has terminated, so we can break of this loop
-                break;
-            }
+            // Wait for 1 milliseconds, to see if the bg thread has terminated.
+            // We do not use a condition variable to wait, as destroying this one
+            // if the bg thread is alive can cause undefined behavior.
+            std::this_thread::sleep_for(std::chrono::milliseconds(_wait));
 
             // Were we cancelled ?
-            if (isCancellationRequested && isCancellationRequested())
+            if (isCancellationRequested())
             {
                 errMsg = "cancellation requested";
                 return nullptr;
@@ -128,7 +115,7 @@ namespace ix
         }
 
         // Maybe a cancellation request got in before the bg terminated ?
-        if (isCancellationRequested && isCancellationRequested())
+        if (isCancellationRequested())
         {
             errMsg = "cancellation requested";
             return nullptr;
@@ -138,7 +125,9 @@ namespace ix
         return getRes();
     }
 
-    void DNSLookup::run(uint64_t id, const std::string& hostname, int port) // thread runner
+    void DNSLookup::run(std::weak_ptr<DNSLookup> self,
+                        std::string hostname,
+                        int port) // thread runner
     {
         // We don't want to read or write into members variables of an object that could be
         // gone, so we use temporary variables (res) or we pass in by copy everything that
@@ -146,33 +135,14 @@ namespace ix
         std::string errMsg;
         struct addrinfo* res = getAddrInfo(hostname, port, errMsg);
 
-        // if this isn't an active job, and the control thread is gone
-        // there is nothing to do, and we don't want to touch the defunct
-        // object data structure such as _errMsg or _condition
-        std::lock_guard<std::mutex> lock(_activeJobsMutex);
-        if (_activeJobs.count(id) == 0)
+        if (auto lock = self.lock())
         {
-            return;
+            // Copy result into the member variables
+            setRes(res);
+            setErrMsg(errMsg);
+
+            _done = true;
         }
-
-        // Copy result into the member variables
-        setRes(res);
-        setErrMsg(errMsg);
-
-        _condition.notify_one();
-        _done = true;
-    }
-
-    void DNSLookup::setHostname(const std::string& hostname)
-    {
-        std::lock_guard<std::mutex> lock(_hostnameMutex);
-        _hostname = hostname;
-    }
-
-    const std::string& DNSLookup::getHostname()
-    {
-        std::lock_guard<std::mutex> lock(_hostnameMutex);
-        return _hostname;
     }
 
     void DNSLookup::setErrMsg(const std::string& errMsg)
@@ -198,4 +168,4 @@ namespace ix
         std::lock_guard<std::mutex> lock(_resMutex);
         return _res;
     }
-}
+} // namespace ix

ixwebsocket/IXDNSLookup.h

@@ -11,42 +11,37 @@
 #pragma once
 
 #include "IXCancellationRequest.h"
-
-#include <string>
-#include <thread>
 #include <atomic>
-#include <condition_variable>
+#include <memory>
+#include <mutex>
 #include <set>
+#include <string>
 
 struct addrinfo;
 
 namespace ix
 {
-    class DNSLookup {
+    class DNSLookup : public std::enable_shared_from_this<DNSLookup>
+    {
     public:
-        DNSLookup(const std::string& hostname,
-                  int port,
-                  int64_t wait = DNSLookup::kDefaultWait);
-        ~DNSLookup();
+        DNSLookup(const std::string& hostname, int port, int64_t wait = DNSLookup::kDefaultWait);
+        ~DNSLookup() = default;
 
         struct addrinfo* resolve(std::string& errMsg,
                                  const CancellationRequest& isCancellationRequested,
-                                 bool blocking = false);
+                                 bool cancellable = true);
 
     private:
-        struct addrinfo* resolveAsync(std::string& errMsg,
-                                      const CancellationRequest& isCancellationRequested);
-        struct addrinfo* resolveBlocking(std::string& errMsg,
-                                         const CancellationRequest& isCancellationRequested);
+        struct addrinfo* resolveCancellable(std::string& errMsg,
+                                            const CancellationRequest& isCancellationRequested);
+        struct addrinfo* resolveUnCancellable(std::string& errMsg,
+                                              const CancellationRequest& isCancellationRequested);
 
         static struct addrinfo* getAddrInfo(const std::string& hostname,
                                             int port,
                                             std::string& errMsg);
 
-        void run(uint64_t id, const std::string& hostname, int port); // thread runner
-
-        void setHostname(const std::string& hostname);
-        const std::string& getHostname();
+        void run(std::weak_ptr<DNSLookup> self, std::string hostname, int port); // thread runner
 
         void setErrMsg(const std::string& errMsg);
         const std::string& getErrMsg();
@@ -55,10 +50,9 @@ namespace ix
         struct addrinfo* getRes();
 
         std::string _hostname;
-        std::mutex _hostnameMutex;
         int _port;
-
         int64_t _wait;
+        const static int64_t kDefaultWait;
 
         struct addrinfo* _res;
         std::mutex _resMutex;
@@ -67,15 +61,5 @@ namespace ix
         std::mutex _errMsgMutex;
 
         std::atomic<bool> _done;
-        std::thread _thread;
-        std::condition_variable _condition;
-        std::mutex _conditionVariableMutex;
-
-        uint64_t _id;
-        static std::atomic<uint64_t> _nextId;
-        static std::set<uint64_t> _activeJobs;
-        static std::mutex _activeJobsMutex;
-
-        const static int64_t kDefaultWait;
     };
-}
+} // namespace ix

ixwebsocket/IXExponentialBackoff.cpp

@@ -0,0 +1,25 @@
+/*
+ *  IXExponentialBackoff.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2017-2019 Machine Zone, Inc. All rights reserved.
+ */
+
+#include "IXExponentialBackoff.h"
+
+#include <cmath>
+
+namespace ix
+{
+    uint32_t calculateRetryWaitMilliseconds(uint32_t retry_count,
+                                            uint32_t maxWaitBetweenReconnectionRetries)
+    {
+        uint32_t wait_time = (retry_count < 26) ? (std::pow(2, retry_count) * 100) : 0;
+
+        if (wait_time > maxWaitBetweenReconnectionRetries || wait_time == 0)
+        {
+            wait_time = maxWaitBetweenReconnectionRetries;
+        }
+
+        return wait_time;
+    }
+} // namespace ix

ixwebsocket/IXExponentialBackoff.h

@@ -0,0 +1,15 @@
+/*
+ *  IXExponentialBackoff.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2017-2019 Machine Zone, Inc. All rights reserved.
+ */
+
+#pragma once
+
+#include <cstdint>
+
+namespace ix
+{
+    uint32_t calculateRetryWaitMilliseconds(uint32_t retry_count,
+                                            uint32_t maxWaitBetweenReconnectionRetries);
+} // namespace ix

ixwebsocket/IXHttp.cpp

@@ -0,0 +1,167 @@
+/*
+ *  IXHttp.cpp
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+ */
+
+#include "IXHttp.h"
+
+#include "IXCancellationRequest.h"
+#include "IXSocket.h"
+#include <sstream>
+#include <vector>
+
+namespace ix
+{
+    std::string Http::trim(const std::string& str)
+    {
+        std::string out;
+        for (auto c : str)
+        {
+            if (c != ' ' && c != '\n' && c != '\r')
+            {
+                out += c;
+            }
+        }
+
+        return out;
+    }
+
+    std::pair<std::string, int> Http::parseStatusLine(const std::string& line)
+    {
+        // Request-Line   = Method SP Request-URI SP HTTP-Version CRLF
+        std::string token;
+        std::stringstream tokenStream(line);
+        std::vector<std::string> tokens;
+
+        // Split by ' '
+        while (std::getline(tokenStream, token, ' '))
+        {
+            tokens.push_back(token);
+        }
+
+        std::string httpVersion;
+        if (tokens.size() >= 1)
+        {
+            httpVersion = trim(tokens[0]);
+        }
+
+        int statusCode = -1;
+        if (tokens.size() >= 2)
+        {
+            std::stringstream ss;
+            ss << trim(tokens[1]);
+            ss >> statusCode;
+        }
+
+        return std::make_pair(httpVersion, statusCode);
+    }
+
+    std::tuple<std::string, std::string, std::string> Http::parseRequestLine(
+        const std::string& line)
+    {
+        // Request-Line   = Method SP Request-URI SP HTTP-Version CRLF
+        std::string token;
+        std::stringstream tokenStream(line);
+        std::vector<std::string> tokens;
+
+        // Split by ' '
+        while (std::getline(tokenStream, token, ' '))
+        {
+            tokens.push_back(token);
+        }
+
+        std::string method;
+        if (tokens.size() >= 1)
+        {
+            method = trim(tokens[0]);
+        }
+
+        std::string requestUri;
+        if (tokens.size() >= 2)
+        {
+            requestUri = trim(tokens[1]);
+        }
+
+        std::string httpVersion;
+        if (tokens.size() >= 3)
+        {
+            httpVersion = trim(tokens[2]);
+        }
+
+        return std::make_tuple(method, requestUri, httpVersion);
+    }
+
+    std::tuple<bool, std::string, HttpRequestPtr> Http::parseRequest(std::shared_ptr<Socket> socket)
+    {
+        HttpRequestPtr httpRequest;
+
+        std::atomic<bool> requestInitCancellation(false);
+
+        int timeoutSecs = 5; // FIXME
+
+        auto isCancellationRequested =
+            makeCancellationRequestWithTimeout(timeoutSecs, requestInitCancellation);
+
+        // Read first line
+        auto lineResult = socket->readLine(isCancellationRequested);
+        auto lineValid = lineResult.first;
+        auto line = lineResult.second;
+
+        if (!lineValid)
+        {
+            return std::make_tuple(false, "Error reading HTTP request line", httpRequest);
+        }
+
+        // Parse request line (GET /foo HTTP/1.1\r\n)
+        auto requestLine = Http::parseRequestLine(line);
+        auto method = std::get<0>(requestLine);
+        auto uri = std::get<1>(requestLine);
+        auto httpVersion = std::get<2>(requestLine);
+
+        // Retrieve and validate HTTP headers
+        auto result = parseHttpHeaders(socket, isCancellationRequested);
+        auto headersValid = result.first;
+        auto headers = result.second;
+
+        if (!headersValid)
+        {
+            return std::make_tuple(false, "Error parsing HTTP headers", httpRequest);
+        }
+
+        httpRequest = std::make_shared<HttpRequest>(uri, method, httpVersion, headers);
+        return std::make_tuple(true, "", httpRequest);
+    }
+
+    bool Http::sendResponse(HttpResponsePtr response, std::shared_ptr<Socket> socket)
+    {
+        // Write the response to the socket
+        std::stringstream ss;
+        ss << "HTTP/1.1 ";
+        ss << response->statusCode;
+        ss << " ";
+        ss << response->description;
+        ss << "\r\n";
+
+        if (!socket->writeBytes(ss.str(), nullptr))
+        {
+            return false;
+        }
+
+        // Write headers
+        ss.str("");
+        ss << "Content-Length: " << response->payload.size() << "\r\n";
+        for (auto&& it : response->headers)
+        {
+            ss << it.first << ": " << it.second << "\r\n";
+        }
+        ss << "\r\n";
+
+        if (!socket->writeBytes(ss.str(), nullptr))
+        {
+            return false;
+        }
+
+        return response->payload.empty() ? true : socket->writeBytes(response->payload, nullptr);
+    }
+} // namespace ix

ixwebsocket/IXHttp.h

@@ -0,0 +1,126 @@
+/*
+ *  IXHttp.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+ */
+
+#pragma once
+
+#include "IXProgressCallback.h"
+#include "IXWebSocketHttpHeaders.h"
+#include <tuple>
+#include <unordered_map>
+
+namespace ix
+{
+    enum class HttpErrorCode : int
+    {
+        Ok = 0,
+        CannotConnect = 1,
+        Timeout = 2,
+        Gzip = 3,
+        UrlMalformed = 4,
+        CannotCreateSocket = 5,
+        SendError = 6,
+        ReadError = 7,
+        CannotReadStatusLine = 8,
+        MissingStatus = 9,
+        HeaderParsingError = 10,
+        MissingLocation = 11,
+        TooManyRedirects = 12,
+        ChunkReadError = 13,
+        CannotReadBody = 14,
+        Invalid = 100
+    };
+
+    struct HttpResponse
+    {
+        int statusCode;
+        std::string description;
+        HttpErrorCode errorCode;
+        WebSocketHttpHeaders headers;
+        std::string payload;
+        std::string errorMsg;
+        uint64_t uploadSize;
+        uint64_t downloadSize;
+
+        HttpResponse(int s = 0,
+                     const std::string& des = std::string(),
+                     const HttpErrorCode& c = HttpErrorCode::Ok,
+                     const WebSocketHttpHeaders& h = WebSocketHttpHeaders(),
+                     const std::string& p = std::string(),
+                     const std::string& e = std::string(),
+                     uint64_t u = 0,
+                     uint64_t d = 0)
+            : statusCode(s)
+            , description(des)
+            , errorCode(c)
+            , headers(h)
+            , payload(p)
+            , errorMsg(e)
+            , uploadSize(u)
+            , downloadSize(d)
+        {
+            ;
+        }
+    };
+
+    using HttpResponsePtr = std::shared_ptr<HttpResponse>;
+    using HttpParameters = std::unordered_map<std::string, std::string>;
+    using HttpFormDataParameters = std::unordered_map<std::string, std::string>;
+    using Logger = std::function<void(const std::string&)>;
+    using OnResponseCallback = std::function<void(const HttpResponsePtr&)>;
+
+    struct HttpRequestArgs
+    {
+        std::string url;
+        std::string verb;
+        WebSocketHttpHeaders extraHeaders;
+        std::string body;
+        std::string multipartBoundary;
+        int connectTimeout;
+        int transferTimeout;
+        bool followRedirects;
+        int maxRedirects;
+        bool verbose;
+        bool compress;
+        Logger logger;
+        OnProgressCallback onProgressCallback;
+    };
+
+    using HttpRequestArgsPtr = std::shared_ptr<HttpRequestArgs>;
+
+    struct HttpRequest
+    {
+        std::string uri;
+        std::string method;
+        std::string version;
+        WebSocketHttpHeaders headers;
+
+        HttpRequest(const std::string& u,
+                    const std::string& m,
+                    const std::string& v,
+                    const WebSocketHttpHeaders& h = WebSocketHttpHeaders())
+            : uri(u)
+            , method(m)
+            , version(v)
+            , headers(h)
+        {
+        }
+    };
+
+    using HttpRequestPtr = std::shared_ptr<HttpRequest>;
+
+    class Http
+    {
+    public:
+        static std::tuple<bool, std::string, HttpRequestPtr> parseRequest(
+            std::shared_ptr<Socket> socket);
+        static bool sendResponse(HttpResponsePtr response, std::shared_ptr<Socket> socket);
+
+        static std::pair<std::string, int> parseStatusLine(const std::string& line);
+        static std::tuple<std::string, std::string, std::string> parseRequestLine(
+            const std::string& line);
+        static std::string trim(const std::string& str);
+    };
+} // namespace ix

ixwebsocket/IXHttpClient.cpp

@@ -5,15 +5,17 @@
  */
 
 #include "IXHttpClient.h"
-#include "IXUrlParser.h"
-#include "IXWebSocketHttpHeaders.h"
+
 #include "IXSocketFactory.h"
-
-#include <sstream>
-#include <iomanip>
-#include <vector>
+#include "IXUrlParser.h"
+#include "IXUserAgent.h"
+#include "IXWebSocketHttpHeaders.h"
+#include <assert.h>
 #include <cstring>
-
+#include <iomanip>
+#include <random>
+#include <sstream>
+#include <vector>
 #include <zlib.h>
 
 namespace ix
@@ -21,80 +23,192 @@ namespace ix
     const std::string HttpClient::kPost = "POST";
     const std::string HttpClient::kGet = "GET";
     const std::string HttpClient::kHead = "HEAD";
+    const std::string HttpClient::kDel = "DEL";
+    const std::string HttpClient::kPut = "PUT";
 
-    HttpClient::HttpClient()
+    HttpClient::HttpClient(bool async)
+        : _async(async)
+        , _stop(false)
     {
+        if (!_async) return;
 
+        _thread = std::thread(&HttpClient::run, this);
     }
 
     HttpClient::~HttpClient()
     {
+        if (!_thread.joinable()) return;
 
+        _stop = true;
+        _condition.notify_one();
+        _thread.join();
     }
 
-    HttpResponse HttpClient::request(
-        const std::string& url,
-        const std::string& verb,
-        const std::string& body,
-        const HttpRequestArgs& args,
-        int redirects)
+    void HttpClient::setTLSOptions(const SocketTLSOptions& tlsOptions)
     {
+        _tlsOptions = tlsOptions;
+    }
+
+    HttpRequestArgsPtr HttpClient::createRequest(const std::string& url, const std::string& verb)
+    {
+        auto request = std::make_shared<HttpRequestArgs>();
+        request->url = url;
+        request->verb = verb;
+        return request;
+    }
+
+    bool HttpClient::performRequest(HttpRequestArgsPtr args,
+                                    const OnResponseCallback& onResponseCallback)
+    {
+        assert(_async && "HttpClient needs its async parameter set to true "
+                         "in order to call performRequest");
+        if (!_async) return false;
+
+        // Enqueue the task
+        {
+            // acquire lock
+            std::unique_lock<std::mutex> lock(_queueMutex);
+
+            // add the task
+            _queue.push(std::make_pair(args, onResponseCallback));
+        } // release lock
+
+        // wake up one thread
+        _condition.notify_one();
+
+        return true;
+    }
+
+    void HttpClient::run()
+    {
+        while (true)
+        {
+            HttpRequestArgsPtr args;
+            OnResponseCallback onResponseCallback;
+
+            {
+                std::unique_lock<std::mutex> lock(_queueMutex);
+
+                while (!_stop && _queue.empty())
+                {
+                    _condition.wait(lock);
+                }
+
+                if (_stop) return;
+
+                auto p = _queue.front();
+                _queue.pop();
+
+                args = p.first;
+                onResponseCallback = p.second;
+            }
+
+            if (_stop) return;
+
+            HttpResponsePtr response = request(args->url, args->verb, args->body, args);
+            onResponseCallback(response);
+
+            if (_stop) return;
+        }
+    }
+
+    HttpResponsePtr HttpClient::request(const std::string& url,
+                                        const std::string& verb,
+                                        const std::string& body,
+                                        HttpRequestArgsPtr args,
+                                        int redirects)
+    {
+        // We only have one socket connection, so we cannot
+        // make multiple requests concurrently.
+        std::lock_guard<std::mutex> lock(_mutex);
+
         uint64_t uploadSize = 0;
         uint64_t downloadSize = 0;
         int code = 0;
         WebSocketHttpHeaders headers;
         std::string payload;
+        std::string description;
 
         std::string protocol, host, path, query;
         int port;
-        bool websocket = false;
 
-        if (!UrlParser::parse(url, protocol, host, path, query, port, websocket))
+        if (!UrlParser::parse(url, protocol, host, path, query, port))
         {
             std::stringstream ss;
             ss << "Cannot parse url: " << url;
-            return std::make_tuple(code, HttpErrorCode_UrlMalformed,
-                                   headers, payload, ss.str(),
-                                   uploadSize, downloadSize);
+            return std::make_shared<HttpResponse>(code,
+                                                  description,
+                                                  HttpErrorCode::UrlMalformed,
+                                                  headers,
+                                                  payload,
+                                                  ss.str(),
+                                                  uploadSize,
+                                                  downloadSize);
         }
 
         bool tls = protocol == "https";
         std::string errorMsg;
-        _socket = createSocket(tls, errorMsg);
+        _socket = createSocket(tls, -1, errorMsg, _tlsOptions);
 
         if (!_socket)
         {
-            return std::make_tuple(code, HttpErrorCode_CannotCreateSocket,
-                                   headers, payload, errorMsg,
-                                   uploadSize, downloadSize);
+            return std::make_shared<HttpResponse>(code,
+                                                  description,
+                                                  HttpErrorCode::CannotCreateSocket,
+                                                  headers,
+                                                  payload,
+                                                  errorMsg,
+                                                  uploadSize,
+                                                  downloadSize);
         }
 
         // Build request string
         std::stringstream ss;
         ss << verb << " " << path << " HTTP/1.1\r\n";
         ss << "Host: " << host << "\r\n";
-        ss << "User-Agent: ixwebsocket/1.0.0" << "\r\n";
-        ss << "Accept: */*" << "\r\n";
 
-        if (args.compress)
+        if (args->compress)
         {
-            ss << "Accept-Encoding: gzip" << "\r\n";
+            ss << "Accept-Encoding: gzip"
+               << "\r\n";
         }
 
         // Append extra headers
-        for (auto&& it : args.extraHeaders)
+        for (auto&& it : args->extraHeaders)
         {
             ss << it.first << ": " << it.second << "\r\n";
         }
 
-        if (verb == kPost)
+        // Set a default Accept header if none is present
+        if (headers.find("Accept") == headers.end())
+        {
+            ss << "Accept: */*"
+               << "\r\n";
+        }
+
+        // Set a default User agent if none is present
+        if (headers.find("User-Agent") == headers.end())
+        {
+            ss << "User-Agent: " << userAgent() << "\r\n";
+        }
+
+        if (verb == kPost || verb == kPut)
         {
             ss << "Content-Length: " << body.size() << "\r\n";
 
             // Set default Content-Type if unspecified
-            if (args.extraHeaders.find("Content-Type") == args.extraHeaders.end())
+            if (args->extraHeaders.find("Content-Type") == args->extraHeaders.end())
             {
-                ss << "Content-Type: application/x-www-form-urlencoded" << "\r\n";
+                if (args->multipartBoundary.empty())
+                {
+                    ss << "Content-Type: application/x-www-form-urlencoded"
+                       << "\r\n";
+                }
+                else
+                {
+                    ss << "Content-Type: multipart/form-data; boundary=" << args->multipartBoundary
+                       << "\r\n";
+                }
             }
             ss << "\r\n";
             ss << body;
@@ -110,31 +224,35 @@ namespace ix
 
         // Make a cancellation object dealing with connection timeout
         auto isCancellationRequested =
-            makeCancellationRequestWithTimeout(args.connectTimeout, requestInitCancellation);
+            makeCancellationRequestWithTimeout(args->connectTimeout, requestInitCancellation);
 
         bool success = _socket->connect(host, port, errMsg, isCancellationRequested);
         if (!success)
         {
             std::stringstream ss;
-            ss << "Cannot connect to url: " << url;
-            return std::make_tuple(code, HttpErrorCode_CannotConnect,
-                                   headers, payload, ss.str(),
-                                   uploadSize, downloadSize);
+            ss << "Cannot connect to url: " << url << " / error : " << errMsg;
+            return std::make_shared<HttpResponse>(code,
+                                                  description,
+                                                  HttpErrorCode::CannotConnect,
+                                                  headers,
+                                                  payload,
+                                                  ss.str(),
+                                                  uploadSize,
+                                                  downloadSize);
         }
 
         // Make a new cancellation object dealing with transfer timeout
         isCancellationRequested =
-            makeCancellationRequestWithTimeout(args.transferTimeout, requestInitCancellation);
+            makeCancellationRequestWithTimeout(args->transferTimeout, requestInitCancellation);
 
-        if (args.verbose)
+        if (args->verbose)
         {
             std::stringstream ss;
             ss << "Sending " << verb << " request "
                << "to " << host << ":" << port << std::endl
                << "request size: " << req.size() << " bytes" << std::endl
                << "=============" << std::endl
-               << req
-               << "=============" << std::endl
+               << req << "=============" << std::endl
                << std::endl;
 
             log(ss.str(), args);
@@ -143,9 +261,14 @@ namespace ix
         if (!_socket->writeBytes(req, isCancellationRequested))
         {
             std::string errorMsg("Cannot send request");
-            return std::make_tuple(code, HttpErrorCode_SendError,
-                                   headers, payload, errorMsg,
-                                   uploadSize, downloadSize);
+            return std::make_shared<HttpResponse>(code,
+                                                  description,
+                                                  HttpErrorCode::SendError,
+                                                  headers,
+                                                  payload,
+                                                  errorMsg,
+                                                  uploadSize,
+                                                  downloadSize);
         }
 
         uploadSize = req.size();
@@ -157,12 +280,17 @@ namespace ix
         if (!lineValid)
         {
             std::string errorMsg("Cannot retrieve status line");
-            return std::make_tuple(code, HttpErrorCode_CannotReadStatusLine,
-                                   headers, payload, errorMsg,
-                                   uploadSize, downloadSize);
+            return std::make_shared<HttpResponse>(code,
+                                                  description,
+                                                  HttpErrorCode::CannotReadStatusLine,
+                                                  headers,
+                                                  payload,
+                                                  errorMsg,
+                                                  uploadSize,
+                                                  downloadSize);
         }
 
-        if (args.verbose)
+        if (args->verbose)
         {
             std::stringstream ss;
             ss << "Status line " << line;
@@ -172,9 +300,14 @@ namespace ix
         if (sscanf(line.c_str(), "HTTP/1.1 %d", &code) != 1)
         {
             std::string errorMsg("Cannot parse response code from status line");
-            return std::make_tuple(code, HttpErrorCode_MissingStatus,
-                                   headers, payload, errorMsg,
-                                   uploadSize, downloadSize);
+            return std::make_shared<HttpResponse>(code,
+                                                  description,
+                                                  HttpErrorCode::MissingStatus,
+                                                  headers,
+                                                  payload,
+                                                  errorMsg,
+                                                  uploadSize,
+                                                  downloadSize);
         }
 
         auto result = parseHttpHeaders(_socket, isCancellationRequested);
@@ -184,41 +317,61 @@ namespace ix
         if (!headersValid)
         {
             std::string errorMsg("Cannot parse http headers");
-            return std::make_tuple(code, HttpErrorCode_HeaderParsingError,
-                                   headers, payload, errorMsg,
-                                   uploadSize, downloadSize);
+            return std::make_shared<HttpResponse>(code,
+                                                  description,
+                                                  HttpErrorCode::HeaderParsingError,
+                                                  headers,
+                                                  payload,
+                                                  errorMsg,
+                                                  uploadSize,
+                                                  downloadSize);
         }
 
         // Redirect ?
-        if ((code >= 301 && code <= 308) && args.followRedirects)
+        if ((code >= 301 && code <= 308) && args->followRedirects)
         {
             if (headers.find("Location") == headers.end())
             {
                 std::string errorMsg("Missing location header for redirect");
-                return std::make_tuple(code, HttpErrorCode_MissingLocation,
-                                       headers, payload, errorMsg,
-                                       uploadSize, downloadSize);
+                return std::make_shared<HttpResponse>(code,
+                                                      description,
+                                                      HttpErrorCode::MissingLocation,
+                                                      headers,
+                                                      payload,
+                                                      errorMsg,
+                                                      uploadSize,
+                                                      downloadSize);
             }
 
-            if (redirects >= args.maxRedirects)
+            if (redirects >= args->maxRedirects)
             {
                 std::stringstream ss;
                 ss << "Too many redirects: " << redirects;
-                return std::make_tuple(code, HttpErrorCode_TooManyRedirects,
-                                       headers, payload, ss.str(),
-                                       uploadSize, downloadSize);
+                return std::make_shared<HttpResponse>(code,
+                                                      description,
+                                                      HttpErrorCode::TooManyRedirects,
+                                                      headers,
+                                                      payload,
+                                                      ss.str(),
+                                                      uploadSize,
+                                                      downloadSize);
             }
 
             // Recurse
             std::string location = headers["Location"];
-            return request(location, verb, body, args, redirects+1);
+            return request(location, verb, body, args, redirects + 1);
         }
 
         if (verb == "HEAD")
         {
-            return std::make_tuple(code, HttpErrorCode_Ok,
-                                   headers, payload, std::string(),
-                                   uploadSize, downloadSize);
+            return std::make_shared<HttpResponse>(code,
+                                                  description,
+                                                  HttpErrorCode::Ok,
+                                                  headers,
+                                                  payload,
+                                                  std::string(),
+                                                  uploadSize,
+                                                  downloadSize);
         }
 
         // Parse response:
@@ -231,15 +384,19 @@ namespace ix
 
             payload.reserve(contentLength);
 
-            auto chunkResult = _socket->readBytes(contentLength,
-                                                  args.onProgressCallback,
-                                                  isCancellationRequested);
+            auto chunkResult = _socket->readBytes(
+                contentLength, args->onProgressCallback, isCancellationRequested);
             if (!chunkResult.first)
             {
                 errorMsg = "Cannot read chunk";
-                return std::make_tuple(code, HttpErrorCode_ChunkReadError,
-                                       headers, payload, errorMsg,
-                                       uploadSize, downloadSize);
+                return std::make_shared<HttpResponse>(code,
+                                                      description,
+                                                      HttpErrorCode::ChunkReadError,
+                                                      headers,
+                                                      payload,
+                                                      errorMsg,
+                                                      uploadSize,
+                                                      downloadSize);
             }
             payload += chunkResult.second;
         }
@@ -255,9 +412,14 @@ namespace ix
 
                 if (!lineResult.first)
                 {
-                    return std::make_tuple(code, HttpErrorCode_ChunkReadError,
-                                           headers, payload, errorMsg,
-                                           uploadSize, downloadSize);
+                    return std::make_shared<HttpResponse>(code,
+                                                          description,
+                                                          HttpErrorCode::ChunkReadError,
+                                                          headers,
+                                                          payload,
+                                                          errorMsg,
+                                                          uploadSize,
+                                                          downloadSize);
                 }
 
                 uint64_t chunkSize;
@@ -265,26 +427,29 @@ namespace ix
                 ss << std::hex << line;
                 ss >> chunkSize;
 
-                if (args.verbose)
+                if (args->verbose)
                 {
                     std::stringstream oss;
-                    oss << "Reading " << chunkSize << " bytes"
-                        << std::endl;
+                    oss << "Reading " << chunkSize << " bytes" << std::endl;
                     log(oss.str(), args);
                 }
 
-                payload.reserve(payload.size() + chunkSize);
+                payload.reserve(payload.size() + (size_t) chunkSize);
 
                 // Read a chunk
-                auto chunkResult = _socket->readBytes(chunkSize,
-                                                      args.onProgressCallback,
-                                                      isCancellationRequested);
+                auto chunkResult = _socket->readBytes(
+                    (size_t) chunkSize, args->onProgressCallback, isCancellationRequested);
                 if (!chunkResult.first)
                 {
                     errorMsg = "Cannot read chunk";
-                    return std::make_tuple(code, HttpErrorCode_ChunkReadError,
-                                           headers, payload, errorMsg,
-                                           uploadSize, downloadSize);
+                    return std::make_shared<HttpResponse>(code,
+                                                          description,
+                                                          HttpErrorCode::ChunkReadError,
+                                                          headers,
+                                                          payload,
+                                                          errorMsg,
+                                                          uploadSize,
+                                                          downloadSize);
                 }
                 payload += chunkResult.second;
 
@@ -293,9 +458,14 @@ namespace ix
 
                 if (!lineResult.first)
                 {
-                    return std::make_tuple(code, HttpErrorCode_ChunkReadError,
-                                           headers, payload, errorMsg,
-                                           uploadSize, downloadSize);
+                    return std::make_shared<HttpResponse>(code,
+                                                          description,
+                                                          HttpErrorCode::ChunkReadError,
+                                                          headers,
+                                                          payload,
+                                                          errorMsg,
+                                                          uploadSize,
+                                                          downloadSize);
                 }
 
                 if (chunkSize == 0) break;
@@ -308,9 +478,14 @@ namespace ix
         else
         {
             std::string errorMsg("Cannot read http body");
-            return std::make_tuple(code, HttpErrorCode_CannotReadBody,
-                                   headers, payload, errorMsg,
-                                   uploadSize, downloadSize);
+            return std::make_shared<HttpResponse>(code,
+                                                  description,
+                                                  HttpErrorCode::CannotReadBody,
+                                                  headers,
+                                                  payload,
+                                                  errorMsg,
+                                                  uploadSize,
+                                                  downloadSize);
         }
 
         downloadSize = payload.size();
@@ -322,52 +497,78 @@ namespace ix
             if (!gzipInflate(payload, decompressedPayload))
             {
                 std::string errorMsg("Error decompressing payload");
-                return std::make_tuple(code, HttpErrorCode_Gzip,
-                                       headers, payload, errorMsg,
-                                       uploadSize, downloadSize);
+                return std::make_shared<HttpResponse>(code,
+                                                      description,
+                                                      HttpErrorCode::Gzip,
+                                                      headers,
+                                                      payload,
+                                                      errorMsg,
+                                                      uploadSize,
+                                                      downloadSize);
             }
             payload = decompressedPayload;
         }
 
-        return std::make_tuple(code, HttpErrorCode_Ok,
-                               headers, payload, std::string(),
-                               uploadSize, downloadSize);
+        return std::make_shared<HttpResponse>(code,
+                                              description,
+                                              HttpErrorCode::Ok,
+                                              headers,
+                                              payload,
+                                              std::string(),
+                                              uploadSize,
+                                              downloadSize);
     }
 
-    HttpResponse HttpClient::get(const std::string& url,
-                                 const HttpRequestArgs& args)
+    HttpResponsePtr HttpClient::get(const std::string& url, HttpRequestArgsPtr args)
     {
         return request(url, kGet, std::string(), args);
     }
 
-    HttpResponse HttpClient::head(const std::string& url,
-                                  const HttpRequestArgs& args)
+    HttpResponsePtr HttpClient::head(const std::string& url, HttpRequestArgsPtr args)
     {
         return request(url, kHead, std::string(), args);
     }
 
-    HttpResponse HttpClient::post(const std::string& url,
-                                  const HttpParameters& httpParameters,
-                                  const HttpRequestArgs& args)
+    HttpResponsePtr HttpClient::del(const std::string& url, HttpRequestArgsPtr args)
+    {
+        return request(url, kDel, std::string(), args);
+    }
+
+    HttpResponsePtr HttpClient::post(const std::string& url,
+                                     const HttpParameters& httpParameters,
+                                     HttpRequestArgsPtr args)
     {
         return request(url, kPost, serializeHttpParameters(httpParameters), args);
     }
 
-    HttpResponse HttpClient::post(const std::string& url,
-                                  const std::string& body,
-                                  const HttpRequestArgs& args)
+    HttpResponsePtr HttpClient::post(const std::string& url,
+                                     const std::string& body,
+                                     HttpRequestArgsPtr args)
     {
         return request(url, kPost, body, args);
     }
 
+    HttpResponsePtr HttpClient::put(const std::string& url,
+                                    const HttpParameters& httpParameters,
+                                    HttpRequestArgsPtr args)
+    {
+        return request(url, kPut, serializeHttpParameters(httpParameters), args);
+    }
+
+    HttpResponsePtr HttpClient::put(const std::string& url,
+                                    const std::string& body,
+                                    const HttpRequestArgsPtr args)
+    {
+        return request(url, kPut, body, args);
+    }
+
     std::string HttpClient::urlEncode(const std::string& value)
     {
         std::ostringstream escaped;
         escaped.fill('0');
         escaped << std::hex;
 
-        for (std::string::const_iterator i = value.begin(), n = value.end();
-             i != n; ++i)
+        for (std::string::const_iterator i = value.begin(), n = value.end(); i != n; ++i)
         {
             std::string::value_type c = (*i);
 
@@ -395,21 +596,64 @@ namespace ix
 
         for (auto&& it : httpParameters)
         {
-            ss << urlEncode(it.first)
-               << "="
-               << urlEncode(it.second);
+            ss << urlEncode(it.first) << "=" << urlEncode(it.second);
 
-            if (i++ < (count-1))
+            if (i++ < (count - 1))
             {
-               ss << "&";
+                ss << "&";
             }
         }
         return ss.str();
     }
 
-    bool HttpClient::gzipInflate(
-        const std::string& in,
-        std::string& out)
+    std::string HttpClient::serializeHttpFormDataParameters(
+        const std::string& multipartBoundary,
+        const HttpFormDataParameters& httpFormDataParameters,
+        const HttpParameters& httpParameters)
+    {
+        //
+        // --AaB03x
+        // Content-Disposition: form-data; name="submit-name"
+
+        // Larry
+        // --AaB03x
+        // Content-Disposition: form-data; name="foo.txt"; filename="file1.txt"
+        // Content-Type: text/plain
+
+        // ... contents of file1.txt ...
+        // --AaB03x--
+        //
+        std::stringstream ss;
+
+        for (auto&& it : httpFormDataParameters)
+        {
+            ss << "--" << multipartBoundary << "\r\n"
+               << "Content-Disposition:"
+               << " form-data; name=\"" << it.first << "\";"
+               << " filename=\"" << it.first << "\""
+               << "\r\n"
+               << "Content-Type: application/octet-stream"
+               << "\r\n"
+               << "\r\n"
+               << it.second << "\r\n";
+        }
+
+        for (auto&& it : httpParameters)
+        {
+            ss << "--" << multipartBoundary << "\r\n"
+               << "Content-Disposition:"
+               << " form-data; name=\"" << it.first << "\";"
+               << "\r\n"
+               << "\r\n"
+               << it.second << "\r\n";
+        }
+
+        ss << "--" << multipartBoundary << "\r\n";
+
+        return ss.str();
+    }
+
+    bool HttpClient::gzipInflate(const std::string& in, std::string& out)
     {
         z_stream inflateState;
         std::memset(&inflateState, 0, sizeof(inflateState));
@@ -420,13 +664,13 @@ namespace ix
         inflateState.avail_in = 0;
         inflateState.next_in = Z_NULL;
 
-        if (inflateInit2(&inflateState, 16+MAX_WBITS) != Z_OK)
+        if (inflateInit2(&inflateState, 16 + MAX_WBITS) != Z_OK)
         {
             return false;
         }
 
         inflateState.avail_in = (uInt) in.size();
-        inflateState.next_in = (unsigned char *)(const_cast<char *>(in.data()));
+        inflateState.next_in = (unsigned char*) (const_cast<char*>(in.data()));
 
         const int kBufferSize = 1 << 14;
 
@@ -446,22 +690,31 @@ namespace ix
                 return false;
             }
 
-            out.append(
-                reinterpret_cast<char *>(compressBuffer.get()),
-                kBufferSize - inflateState.avail_out
-            );
+            out.append(reinterpret_cast<char*>(compressBuffer.get()),
+                       kBufferSize - inflateState.avail_out);
         } while (inflateState.avail_out == 0);
 
         inflateEnd(&inflateState);
         return true;
     }
 
-    void HttpClient::log(const std::string& msg,
-                         const HttpRequestArgs& args)
+    void HttpClient::log(const std::string& msg, HttpRequestArgsPtr args)
     {
-        if (args.logger)
+        if (args->logger)
         {
-            args.logger(msg);
+            args->logger(msg);
         }
     }
-}
+
+    std::string HttpClient::generateMultipartBoundary()
+    {
+        std::string str("0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz");
+
+        static std::random_device rd;
+        static std::mt19937 generator(rd());
+
+        std::shuffle(str.begin(), str.end(), generator);
+
+        return str;
+    }
+} // namespace ix

ixwebsocket/IXHttpClient.h

@@ -6,102 +6,98 @@
 
 #pragma once
 
-#include <algorithm>
-#include <functional>
-#include <mutex>
-#include <atomic>
-#include <tuple>
-#include <memory>
-#include <map>
-
+#include "IXHttp.h"
 #include "IXSocket.h"
+#include "IXSocketTLSOptions.h"
 #include "IXWebSocketHttpHeaders.h"
+#include <algorithm>
+#include <atomic>
+#include <condition_variable>
+#include <functional>
+#include <map>
+#include <memory>
+#include <mutex>
+#include <queue>
+#include <thread>
 
 namespace ix
 {
-    enum HttpErrorCode
+    class HttpClient
     {
-        HttpErrorCode_Ok = 0,
-        HttpErrorCode_CannotConnect = 1,
-        HttpErrorCode_Timeout = 2,
-        HttpErrorCode_Gzip = 3,
-        HttpErrorCode_UrlMalformed = 4,
-        HttpErrorCode_CannotCreateSocket = 5,
-        HttpErrorCode_SendError = 6,
-        HttpErrorCode_ReadError = 7,
-        HttpErrorCode_CannotReadStatusLine = 8,
-        HttpErrorCode_MissingStatus = 9,
-        HttpErrorCode_HeaderParsingError = 10,
-        HttpErrorCode_MissingLocation = 11,
-        HttpErrorCode_TooManyRedirects = 12,
-        HttpErrorCode_ChunkReadError = 13,
-        HttpErrorCode_CannotReadBody = 14
-    };
-
-    using HttpResponse = std::tuple<int, // status
-                                    HttpErrorCode, // error code
-                                    WebSocketHttpHeaders,
-                                    std::string, // payload
-                                    std::string, // error msg
-                                    uint64_t,    // upload size
-                                    uint64_t>;   // download size
-
-    using HttpParameters = std::map<std::string, std::string>;
-    using Logger = std::function<void(const std::string&)>;
-
-    struct HttpRequestArgs
-    {
-        std::string url;
-        WebSocketHttpHeaders extraHeaders;
-        std::string body;
-        int connectTimeout;
-        int transferTimeout;
-        bool followRedirects;
-        int maxRedirects;
-        bool verbose;
-        bool compress;
-        Logger logger;
-        OnProgressCallback onProgressCallback;
-    };
-
-    class HttpClient {
     public:
-        HttpClient();
+        HttpClient(bool async = false);
         ~HttpClient();
 
-        HttpResponse get(const std::string& url,
-                         const HttpRequestArgs& args);
-        HttpResponse head(const std::string& url,
-                          const HttpRequestArgs& args);
+        HttpResponsePtr get(const std::string& url, HttpRequestArgsPtr args);
+        HttpResponsePtr head(const std::string& url, HttpRequestArgsPtr args);
+        HttpResponsePtr del(const std::string& url, HttpRequestArgsPtr args);
 
-        HttpResponse post(const std::string& url,
-                          const HttpParameters& httpParameters,
-                          const HttpRequestArgs& args);
-        HttpResponse post(const std::string& url,
-                          const std::string& body,
-                          const HttpRequestArgs& args);
-
-    private:
-        HttpResponse request(const std::string& url,
-                             const std::string& verb,
+        HttpResponsePtr post(const std::string& url,
+                             const HttpParameters& httpParameters,
+                             HttpRequestArgsPtr args);
+        HttpResponsePtr post(const std::string& url,
                              const std::string& body,
-                             const HttpRequestArgs& args,
-                             int redirects = 0);
+                             HttpRequestArgsPtr args);
+
+        HttpResponsePtr put(const std::string& url,
+                            const HttpParameters& httpParameters,
+                            HttpRequestArgsPtr args);
+        HttpResponsePtr put(const std::string& url,
+                            const std::string& body,
+                            HttpRequestArgsPtr args);
+
+        HttpResponsePtr request(const std::string& url,
+                                const std::string& verb,
+                                const std::string& body,
+                                HttpRequestArgsPtr args,
+                                int redirects = 0);
+
+        // Async API
+        HttpRequestArgsPtr createRequest(const std::string& url = std::string(),
+                                         const std::string& verb = HttpClient::kGet);
+
+        bool performRequest(HttpRequestArgsPtr request,
+                            const OnResponseCallback& onResponseCallback);
+
+        // TLS
+        void setTLSOptions(const SocketTLSOptions& tlsOptions);
 
         std::string serializeHttpParameters(const HttpParameters& httpParameters);
 
+        std::string serializeHttpFormDataParameters(
+            const std::string& multipartBoundary,
+            const HttpFormDataParameters& httpFormDataParameters,
+            const HttpParameters& httpParameters = HttpParameters());
+
+        std::string generateMultipartBoundary();
+
         std::string urlEncode(const std::string& value);
 
-        void log(const std::string& msg, const HttpRequestArgs& args);
-
-        bool gzipInflate(
-            const std::string& in,
-            std::string& out);
-
-        std::shared_ptr<Socket> _socket;
-
         const static std::string kPost;
         const static std::string kGet;
         const static std::string kHead;
+        const static std::string kDel;
+        const static std::string kPut;
+
+    private:
+        void log(const std::string& msg, HttpRequestArgsPtr args);
+
+        bool gzipInflate(const std::string& in, std::string& out);
+
+        // Async API background thread runner
+        void run();
+
+        // Async API
+        bool _async;
+        std::queue<std::pair<HttpRequestArgsPtr, OnResponseCallback>> _queue;
+        mutable std::mutex _queueMutex;
+        std::condition_variable _condition;
+        std::atomic<bool> _stop;
+        std::thread _thread;
+
+        std::shared_ptr<Socket> _socket;
+        std::mutex _mutex; // to protect accessing the _socket (only one socket per client)
+
+        SocketTLSOptions _tlsOptions;
     };
-}
+} // namespace ix

ixwebsocket/IXHttpServer.cpp

@@ -0,0 +1,172 @@
+/*
+ *  IXHttpServer.cpp
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+ */
+
+#include "IXHttpServer.h"
+
+#include "IXNetSystem.h"
+#include "IXSocketConnect.h"
+#include "IXUserAgent.h"
+#include <fstream>
+#include <sstream>
+#include <vector>
+
+namespace
+{
+    std::pair<bool, std::vector<uint8_t>> load(const std::string& path)
+    {
+        std::vector<uint8_t> memblock;
+
+        std::ifstream file(path);
+        if (!file.is_open()) return std::make_pair(false, memblock);
+
+        file.seekg(0, file.end);
+        std::streamoff size = file.tellg();
+        file.seekg(0, file.beg);
+
+        memblock.resize((size_t) size);
+        file.read((char*) &memblock.front(), static_cast<std::streamsize>(size));
+
+        return std::make_pair(true, memblock);
+    }
+
+    std::pair<bool, std::string> readAsString(const std::string& path)
+    {
+        auto res = load(path);
+        auto vec = res.second;
+        return std::make_pair(res.first, std::string(vec.begin(), vec.end()));
+    }
+} // namespace
+
+namespace ix
+{
+    HttpServer::HttpServer(int port, const std::string& host, int backlog, size_t maxConnections)
+        : SocketServer(port, host, backlog, maxConnections)
+        , _connectedClientsCount(0)
+    {
+        setDefaultConnectionCallback();
+    }
+
+    HttpServer::~HttpServer()
+    {
+        stop();
+    }
+
+    void HttpServer::stop()
+    {
+        stopAcceptingConnections();
+
+        // FIXME: cancelling / closing active clients ...
+
+        SocketServer::stop();
+    }
+
+    void HttpServer::setOnConnectionCallback(const OnConnectionCallback& callback)
+    {
+        _onConnectionCallback = callback;
+    }
+
+    void HttpServer::handleConnection(std::shared_ptr<Socket> socket,
+                                      std::shared_ptr<ConnectionState> connectionState)
+    {
+        _connectedClientsCount++;
+
+        auto ret = Http::parseRequest(socket);
+        // FIXME: handle errors in parseRequest
+
+        if (std::get<0>(ret))
+        {
+            auto response = _onConnectionCallback(std::get<2>(ret), connectionState);
+            if (!Http::sendResponse(response, socket))
+            {
+                logError("Cannot send response");
+            }
+        }
+        connectionState->setTerminated();
+
+        _connectedClientsCount--;
+    }
+
+    size_t HttpServer::getConnectedClientsCount()
+    {
+        return _connectedClientsCount;
+    }
+
+    void HttpServer::setDefaultConnectionCallback()
+    {
+        setOnConnectionCallback(
+            [this](HttpRequestPtr request,
+                   std::shared_ptr<ConnectionState> /*connectionState*/) -> HttpResponsePtr {
+                std::string uri(request->uri);
+                if (uri.empty() || uri == "/")
+                {
+                    uri = "/index.html";
+                }
+
+                WebSocketHttpHeaders headers;
+                headers["Server"] = userAgent();
+
+                std::string path("." + uri);
+                auto res = readAsString(path);
+                bool found = res.first;
+                if (!found)
+                {
+                    return std::make_shared<HttpResponse>(
+                        404, "Not Found", HttpErrorCode::Ok, WebSocketHttpHeaders(), std::string());
+                }
+
+                std::string content = res.second;
+
+                // Log request
+                std::stringstream ss;
+                ss << request->method << " " << request->headers["User-Agent"] << " "
+                   << request->uri << " " << content.size();
+                logInfo(ss.str());
+
+                // FIXME: check extensions to set the content type
+                // headers["Content-Type"] = "application/octet-stream";
+                headers["Accept-Ranges"] = "none";
+
+                for (auto&& it : request->headers)
+                {
+                    headers[it.first] = it.second;
+                }
+
+                return std::make_shared<HttpResponse>(
+                    200, "OK", HttpErrorCode::Ok, headers, content);
+            });
+    }
+
+    void HttpServer::makeRedirectServer(const std::string& redirectUrl)
+    {
+        //
+        // See https://developer.mozilla.org/en-US/docs/Web/HTTP/Redirections
+        //
+        setOnConnectionCallback(
+            [this,
+             redirectUrl](HttpRequestPtr request,
+                          std::shared_ptr<ConnectionState> /*connectionState*/) -> HttpResponsePtr {
+                WebSocketHttpHeaders headers;
+                headers["Server"] = userAgent();
+
+                // Log request
+                std::stringstream ss;
+                ss << request->method << " " << request->headers["User-Agent"] << " "
+                   << request->uri;
+                logInfo(ss.str());
+
+                if (request->method == "POST")
+                {
+                    return std::make_shared<HttpResponse>(
+                        200, "OK", HttpErrorCode::Ok, headers, std::string());
+                }
+
+                headers["Location"] = redirectUrl;
+
+                return std::make_shared<HttpResponse>(
+                    301, "OK", HttpErrorCode::Ok, headers, std::string());
+            });
+    }
+} // namespace ix

ixwebsocket/IXHttpServer.h

@@ -0,0 +1,51 @@
+/*
+ *  IXHttpServer.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2018 Machine Zone, Inc. All rights reserved.
+ */
+
+#pragma once
+
+#include "IXHttp.h"
+#include "IXSocketServer.h"
+#include "IXWebSocket.h"
+#include <functional>
+#include <memory>
+#include <mutex>
+#include <set>
+#include <string>
+#include <thread>
+#include <utility> // pair
+
+namespace ix
+{
+    class HttpServer final : public SocketServer
+    {
+    public:
+        using OnConnectionCallback =
+            std::function<HttpResponsePtr(HttpRequestPtr, std::shared_ptr<ConnectionState>)>;
+
+        HttpServer(int port = SocketServer::kDefaultPort,
+                   const std::string& host = SocketServer::kDefaultHost,
+                   int backlog = SocketServer::kDefaultTcpBacklog,
+                   size_t maxConnections = SocketServer::kDefaultMaxConnections);
+        virtual ~HttpServer();
+        virtual void stop() final;
+
+        void setOnConnectionCallback(const OnConnectionCallback& callback);
+
+        void makeRedirectServer(const std::string& redirectUrl);
+
+    private:
+        // Member variables
+        OnConnectionCallback _onConnectionCallback;
+        std::atomic<int> _connectedClientsCount;
+
+        // Methods
+        virtual void handleConnection(std::shared_ptr<Socket>,
+                                      std::shared_ptr<ConnectionState> connectionState) final;
+        virtual size_t getConnectedClientsCount() final;
+
+        void setDefaultConnectionCallback();
+    };
+} // namespace ix

ixwebsocket/IXNetSystem.cpp

@@ -1,6 +1,6 @@
 /*
  *  IXNetSystem.cpp
- *  Author: Benjamin Sergeant
+ *  Author: Korchynskyi Dmytro
  *  Copyright (c) 2019 Machine Zone. All rights reserved.
  */
 
@@ -15,9 +15,8 @@ namespace ix
         WSADATA wsaData;
         int err;
 
-        /* Use the MAKEWORD(lowbyte, highbyte) macro declared in Windef.h */
+        // Use the MAKEWORD(lowbyte, highbyte) macro declared in Windef.h
         wVersionRequested = MAKEWORD(2, 2);
-
         err = WSAStartup(wVersionRequested, &wsaData);
 
         return err == 0;
@@ -30,10 +29,84 @@ namespace ix
     {
 #ifdef _WIN32
         int err = WSACleanup();
-
         return err == 0;
 #else
         return true;
 #endif
     }
-}
+
+    //
+    // That function could 'return WSAPoll(pfd, nfds, timeout);'
+    // but WSAPoll is said to have weird behaviors on the internet
+    // (the curl folks have had problems with it).
+    //
+    // So we make it a select wrapper
+    //
+    int poll(struct pollfd* fds, nfds_t nfds, int timeout)
+    {
+#ifdef _WIN32
+        int maxfd = 0;
+        fd_set readfds, writefds, errorfds;
+        FD_ZERO(&readfds);
+        FD_ZERO(&writefds);
+        FD_ZERO(&errorfds);
+
+        for (nfds_t i = 0; i < nfds; ++i)
+        {
+            struct pollfd* fd = &fds[i];
+
+            if (fd->fd > maxfd)
+            {
+                maxfd = fd->fd;
+            }
+            if ((fd->events & POLLIN))
+            {
+                FD_SET(fd->fd, &readfds);
+            }
+            if ((fd->events & POLLOUT))
+            {
+                FD_SET(fd->fd, &writefds);
+            }
+            if ((fd->events & POLLERR))
+            {
+                FD_SET(fd->fd, &errorfds);
+            }
+        }
+
+        struct timeval tv;
+        tv.tv_sec = timeout / 1000;
+        tv.tv_usec = (timeout % 1000) * 1000;
+
+        int ret = select(maxfd + 1, &readfds, &writefds, &errorfds, timeout != -1 ? &tv : NULL);
+
+        if (ret < 0)
+        {
+            return ret;
+        }
+
+        for (nfds_t i = 0; i < nfds; ++i)
+        {
+            struct pollfd* fd = &fds[i];
+            fd->revents = 0;
+
+            if (FD_ISSET(fd->fd, &readfds))
+            {
+                fd->revents |= POLLIN;
+            }
+            if (FD_ISSET(fd->fd, &writefds))
+            {
+                fd->revents |= POLLOUT;
+            }
+            if (FD_ISSET(fd->fd, &errorfds))
+            {
+                fd->revents |= POLLERR;
+            }
+        }
+
+        return ret;
+#else
+        return ::poll(fds, nfds, timeout);
+#endif
+    }
+
+} // namespace ix

ixwebsocket/IXNetSystem.h

@@ -7,25 +7,34 @@
 #pragma once
 
 #ifdef _WIN32
-# include <WS2tcpip.h>
-# include <WinSock2.h>
-# include <basetsd.h>
-# include <io.h>
-# include <ws2def.h>
+#include <WS2tcpip.h>
+#include <WinSock2.h>
+#include <basetsd.h>
+#include <io.h>
+#include <ws2def.h>
+
+// Define our own poll on Windows, as a wrapper on top of select
+typedef unsigned long int nfds_t;
+
 #else
-# include <arpa/inet.h>
-# include <errno.h>
-# include <netdb.h>
-# include <netinet/tcp.h>
-# include <sys/select.h>
-# include <sys/socket.h>
-# include <sys/stat.h>
-# include <sys/time.h>
-# include <unistd.h>
+#include <arpa/inet.h>
+#include <errno.h>
+#include <netdb.h>
+#include <netinet/in.h>
+#include <netinet/ip.h>
+#include <netinet/tcp.h>
+#include <poll.h>
+#include <sys/select.h>
+#include <sys/socket.h>
+#include <sys/stat.h>
+#include <sys/time.h>
+#include <unistd.h>
 #endif
 
 namespace ix
 {
     bool initNetSystem();
     bool uninitNetSystem();
-}
+
+    int poll(struct pollfd* fds, nfds_t nfds, int timeout);
+} // namespace ix

ixwebsocket/IXSelectInterrupt.cpp

@@ -42,5 +42,4 @@ namespace ix
     {
         return -1;
     }
-}
-
+} // namespace ix

ixwebsocket/IXSelectInterrupt.h

@@ -11,7 +11,8 @@
 
 namespace ix
 {
-    class SelectInterrupt {
+    class SelectInterrupt
+    {
     public:
         SelectInterrupt();
         virtual ~SelectInterrupt();
@@ -23,6 +24,4 @@ namespace ix
         virtual uint64_t read();
         virtual int getFd() const;
     };
-}
-
-
+} // namespace ix

ixwebsocket/IXSelectInterruptEventFd.cpp

@@ -26,14 +26,13 @@
 
 #include "IXSelectInterruptEventFd.h"
 
-#include <sys/eventfd.h>
-
-#include <unistd.h> // for write
-#include <string.h> // for strerror
-#include <fcntl.h>
-#include <errno.h>
 #include <assert.h>
+#include <errno.h>
+#include <fcntl.h>
 #include <sstream>
+#include <string.h> // for strerror
+#include <sys/eventfd.h>
+#include <unistd.h> // for write
 
 namespace ix
 {
@@ -113,4 +112,4 @@ namespace ix
     {
         return _eventfd;
     }
-}
+} // namespace ix

ixwebsocket/IXSelectInterruptEventFd.h

@@ -7,13 +7,13 @@
 #pragma once
 
 #include "IXSelectInterrupt.h"
-
 #include <stdint.h>
 #include <string>
 
 namespace ix
 {
-    class SelectInterruptEventFd : public SelectInterrupt {
+    class SelectInterruptEventFd final : public SelectInterrupt
+    {
     public:
         SelectInterruptEventFd();
         virtual ~SelectInterruptEventFd();
@@ -28,5 +28,4 @@ namespace ix
     private:
         int _eventfd;
     };
-}
-
+} // namespace ix

ixwebsocket/IXSelectInterruptFactory.cpp

@@ -7,9 +7,9 @@
 #include "IXSelectInterruptFactory.h"
 
 #if defined(__linux__) || defined(__APPLE__)
-# include <ixwebsocket/IXSelectInterruptPipe.h>
+#include "IXSelectInterruptPipe.h"
 #else
-# include <ixwebsocket/IXSelectInterrupt.h>
+#include "IXSelectInterrupt.h"
 #endif
 
 namespace ix
@@ -22,4 +22,4 @@ namespace ix
         return std::make_shared<SelectInterrupt>();
 #endif
     }
-}
+} // namespace ix

ixwebsocket/IXSelectInterruptFactory.h

@@ -12,4 +12,4 @@ namespace ix
 {
     class SelectInterrupt;
     std::shared_ptr<SelectInterrupt> createSelectInterrupt();
-}
+} // namespace ix

ixwebsocket/IXSelectInterruptPipe.cpp

@@ -10,12 +10,12 @@
 
 #include "IXSelectInterruptPipe.h"
 
-#include <unistd.h> // for write
-#include <string.h> // for strerror
-#include <fcntl.h>
-#include <errno.h>
 #include <assert.h>
+#include <errno.h>
+#include <fcntl.h>
 #include <sstream>
+#include <string.h> // for strerror
+#include <unistd.h> // for write
 
 namespace ix
 {
@@ -40,6 +40,8 @@ namespace ix
 
     bool SelectInterruptPipe::init(std::string& errorMsg)
     {
+        std::lock_guard<std::mutex> lock(_fildesMutex);
+
         // calling init twice is a programming error
         assert(_fildes[kPipeReadIndex] == -1);
         assert(_fildes[kPipeWriteIndex] == -1);
@@ -108,6 +110,8 @@ namespace ix
 
     bool SelectInterruptPipe::notify(uint64_t value)
     {
+        std::lock_guard<std::mutex> lock(_fildesMutex);
+
         int fd = _fildes[kPipeWriteIndex];
         if (fd == -1) return false;
 
@@ -118,6 +122,8 @@ namespace ix
     // TODO: return max uint64_t for errors ?
     uint64_t SelectInterruptPipe::read()
     {
+        std::lock_guard<std::mutex> lock(_fildesMutex);
+
         int fd = _fildes[kPipeReadIndex];
 
         uint64_t value = 0;
@@ -133,6 +139,8 @@ namespace ix
 
     int SelectInterruptPipe::getFd() const
     {
+        std::lock_guard<std::mutex> lock(_fildesMutex);
+
         return _fildes[kPipeReadIndex];
     }
-}
+} // namespace ix

ixwebsocket/IXSelectInterruptPipe.h

@@ -7,13 +7,14 @@
 #pragma once
 
 #include "IXSelectInterrupt.h"
-
+#include <mutex>
 #include <stdint.h>
 #include <string>
 
 namespace ix
 {
-    class SelectInterruptPipe : public SelectInterrupt {
+    class SelectInterruptPipe final : public SelectInterrupt
+    {
     public:
         SelectInterruptPipe();
         virtual ~SelectInterruptPipe();
@@ -30,10 +31,10 @@ namespace ix
         // happens between a control thread and a background thread, which is
         // blocked on select.
         int _fildes[2];
+        mutable std::mutex _fildesMutex;
 
         // Used to identify the read/write idx
         static const int kPipeReadIndex;
         static const int kPipeWriteIndex;
     };
-}
-
+} // namespace ix

ixwebsocket/IXSetThreadName.h

@@ -10,4 +10,3 @@ namespace ix
 {
     void setThreadName(const std::string& name);
 }
-

ixwebsocket/IXSocket.cpp

@@ -5,22 +5,20 @@
  */
 
 #include "IXSocket.h"
-#include "IXSocketConnect.h"
+
 #include "IXNetSystem.h"
 #include "IXSelectInterrupt.h"
 #include "IXSelectInterruptFactory.h"
-
+#include "IXSocketConnect.h"
+#include <algorithm>
+#include <assert.h>
+#include <fcntl.h>
+#include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <assert.h>
-#include <stdint.h>
-#include <fcntl.h>
 #include <sys/types.h>
 
-#include <algorithm>
-#include <iostream>
-
 #ifdef min
 #undef min
 #endif
@@ -33,9 +31,9 @@ namespace ix
     const uint64_t Socket::kCloseRequest = 2;
     constexpr size_t Socket::kChunkSize;
 
-    Socket::Socket(int fd) :
-        _sockfd(fd),
-        _selectInterrupt(createSelectInterrupt())
+    Socket::Socket(int fd)
+        : _sockfd(fd)
+        , _selectInterrupt(createSelectInterrupt())
     {
         ;
     }
@@ -45,43 +43,45 @@ namespace ix
         close();
     }
 
-    PollResultType Socket::poll(int timeoutSecs)
+    PollResultType Socket::poll(bool readyToRead,
+                                int timeoutMs,
+                                int sockfd,
+                                std::shared_ptr<SelectInterrupt> selectInterrupt)
     {
-        if (_sockfd == -1)
-        {
-            return PollResultType::Error;
-        }
+        //
+        // We used to use ::select to poll but on Android 9 we get large fds out of
+        // ::connect which crash in FD_SET as they are larger than FD_SETSIZE. Switching
+        // to ::poll does fix that.
+        //
+        // However poll isn't as portable as select and has bugs on Windows, so we
+        // have a shim to fallback to select on those platforms. See
+        // https://github.com/mpv-player/mpv/pull/5203/files for such a select wrapper.
+        //
+        nfds_t nfds = 1;
+        struct pollfd fds[2];
+        memset(fds, 0, sizeof(fds));
 
-        return isReadyToRead(1000 * timeoutSecs);
-    }
+        fds[0].fd = sockfd;
+        fds[0].events = (readyToRead) ? POLLIN : POLLOUT;
 
-    PollResultType Socket::select(bool readyToRead, int timeoutMs)
-    {
-        fd_set rfds;
-        fd_set wfds;
-        FD_ZERO(&rfds);
-        FD_ZERO(&wfds);
-
-        fd_set* fds = (readyToRead) ? &rfds : & wfds;
-        FD_SET(_sockfd, fds);
+        // this is ignored by poll, but our select based poll wrapper on Windows needs it
+        fds[0].events |= POLLERR;
 
         // File descriptor used to interrupt select when needed
-        int interruptFd = _selectInterrupt->getFd();
-        if (interruptFd != -1)
+        int interruptFd = -1;
+        if (selectInterrupt)
         {
-            FD_SET(interruptFd, fds);
+            interruptFd = selectInterrupt->getFd();
+
+            if (interruptFd != -1)
+            {
+                nfds = 2;
+                fds[1].fd = interruptFd;
+                fds[1].events = POLLIN;
+            }
         }
 
-        struct timeval timeout;
-        timeout.tv_sec = timeoutMs / 1000;
-        timeout.tv_usec = (timeoutMs < 1000) ? 0 : 1000 * (timeoutMs % 1000);
-
-        // Compute the highest fd.
-        int sockfd = _sockfd;
-        int nfds = (std::max)(sockfd, interruptFd);
-
-        int ret = ::select(nfds + 1, &rfds, &wfds, nullptr,
-                           (timeoutMs < 0) ? nullptr : &timeout);
+        int ret = ix::poll(fds, nfds, timeoutMs);
 
         PollResultType pollResult = PollResultType::ReadyForRead;
         if (ret < 0)
@@ -92,9 +92,9 @@ namespace ix
         {
             pollResult = PollResultType::Timeout;
         }
-        else if (interruptFd != -1 && FD_ISSET(interruptFd, &rfds))
+        else if (interruptFd != -1 && fds[1].revents & POLLIN)
         {
-            uint64_t value = _selectInterrupt->read();
+            uint64_t value = selectInterrupt->read();
 
             if (value == kSendRequest)
             {
@@ -105,13 +105,40 @@ namespace ix
                 pollResult = PollResultType::CloseRequest;
             }
         }
-        else if (sockfd != -1 && readyToRead && FD_ISSET(sockfd, &rfds))
+        else if (sockfd != -1 && readyToRead && fds[0].revents & POLLIN)
         {
             pollResult = PollResultType::ReadyForRead;
         }
-        else if (sockfd != -1 && !readyToRead && FD_ISSET(sockfd, &wfds))
+        else if (sockfd != -1 && !readyToRead && fds[0].revents & POLLOUT)
         {
             pollResult = PollResultType::ReadyForWrite;
+
+#ifdef _WIN32
+            // On connect error, in async mode, windows will write to the exceptions fds
+            if (fds[0].revents & POLLERR)
+            {
+                pollResult = PollResultType::Error;
+            }
+#else
+            int optval = -1;
+            socklen_t optlen = sizeof(optval);
+
+            // getsockopt() puts the errno value for connect into optval so 0
+            // means no-error.
+            if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, &optlen) == -1 || optval != 0)
+            {
+                pollResult = PollResultType::Error;
+
+                // set errno to optval so that external callers can have an
+                // appropriate error description when calling strerror
+                errno = optval;
+            }
+#endif
+        }
+        else if (sockfd != -1 && (fds[0].revents & POLLERR || fds[0].revents & POLLHUP ||
+                                  fds[0].revents & POLLNVAL))
+        {
+            pollResult = PollResultType::Error;
         }
 
         return pollResult;
@@ -119,22 +146,42 @@ namespace ix
 
     PollResultType Socket::isReadyToRead(int timeoutMs)
     {
+        if (_sockfd == -1)
+        {
+            return PollResultType::Error;
+        }
+
         bool readyToRead = true;
-        return select(readyToRead, timeoutMs);
+        return poll(readyToRead, timeoutMs, _sockfd, _selectInterrupt);
     }
 
     PollResultType Socket::isReadyToWrite(int timeoutMs)
     {
+        if (_sockfd == -1)
+        {
+            return PollResultType::Error;
+        }
+
         bool readyToRead = false;
-        return select(readyToRead, timeoutMs);
+        return poll(readyToRead, timeoutMs, _sockfd, _selectInterrupt);
     }
 
     // Wake up from poll/select by writing to the pipe which is watched by select
-    bool Socket::wakeUpFromPoll(uint8_t wakeUpCode)
+    bool Socket::wakeUpFromPoll(uint64_t wakeUpCode)
     {
         return _selectInterrupt->notify(wakeUpCode);
     }
 
+    bool Socket::accept(std::string& errMsg)
+    {
+        if (_sockfd == -1)
+        {
+            errMsg = "Socket is uninitialized";
+            return false;
+        }
+        return true;
+    }
+
     bool Socket::connect(const std::string& host,
                          int port,
                          std::string& errMsg,
@@ -160,8 +207,6 @@ namespace ix
 
     ssize_t Socket::send(char* buffer, size_t length)
     {
-        std::lock_guard<std::mutex> lock(_socketMutex);
-
         int flags = 0;
 #ifdef MSG_NOSIGNAL
         flags = MSG_NOSIGNAL;
@@ -172,13 +217,11 @@ namespace ix
 
     ssize_t Socket::send(const std::string& buffer)
     {
-        return send((char*)&buffer[0], buffer.size());
+        return send((char*) &buffer[0], buffer.size());
     }
 
     ssize_t Socket::recv(void* buffer, size_t length)
     {
-        std::lock_guard<std::mutex> lock(_socketMutex);
-
         int flags = 0;
 #ifdef MSG_NOSIGNAL
         flags = MSG_NOSIGNAL;
@@ -189,29 +232,26 @@ namespace ix
 
     int Socket::getErrno()
     {
+        int err;
+
 #ifdef _WIN32
-        return WSAGetLastError();
+        err = WSAGetLastError();
 #else
-        return errno;
+        err = errno;
 #endif
+
+        return err;
     }
 
     bool Socket::isWaitNeeded()
     {
         int err = getErrno();
 
-        if (err == EWOULDBLOCK || err == EAGAIN)
+        if (err == EWOULDBLOCK || err == EAGAIN || err == EINPROGRESS)
         {
             return true;
         }
 
-#ifdef _WIN32
-        if (err == WSAEWOULDBLOCK || err == WSATRY_AGAIN)
-        {
-            return true;
-        }
-#endif
-
         return false;
     }
 
@@ -232,19 +272,28 @@ namespace ix
     bool Socket::writeBytes(const std::string& str,
                             const CancellationRequest& isCancellationRequested)
     {
+        int offset = 0;
+        int len = (int) str.size();
+
         while (true)
         {
             if (isCancellationRequested && isCancellationRequested()) return false;
 
-            char* buffer = const_cast<char*>(str.c_str());
-            int len = (int) str.size();
-
-            ssize_t ret = send(buffer, len);
+            ssize_t ret = send((char*) &str[offset], len);
 
             // We wrote some bytes, as needed, all good.
             if (ret > 0)
             {
-                return ret == len;
+                if (ret == len)
+                {
+                    return true;
+                }
+                else
+                {
+                    offset += ret;
+                    len -= ret;
+                    continue;
+                }
             }
             // There is possibly something to be writen, try again
             else if (ret < 0 && Socket::isWaitNeeded())
@@ -259,8 +308,7 @@ namespace ix
         }
     }
 
-    bool Socket::readByte(void* buffer,
-                          const CancellationRequest& isCancellationRequested)
+    bool Socket::readByte(void* buffer, const CancellationRequest& isCancellationRequested)
     {
         while (true)
         {
@@ -299,7 +347,7 @@ namespace ix
         std::string line;
         line.reserve(64);
 
-        for (int i = 0; i < 2 || (line[i-2] != '\r' && line[i-1] != '\n'); ++i)
+        for (int i = 0; i < 2 || (line[i - 2] != '\r' && line[i - 1] != '\n'); ++i)
         {
             if (!readByte(&c, isCancellationRequested))
             {
@@ -332,18 +380,15 @@ namespace ix
             }
 
             size_t size = std::min(kChunkSize, length - output.size());
-            ssize_t ret = recv((char*)&_readBuffer[0], size);
+            ssize_t ret = recv((char*) &_readBuffer[0], size);
 
-            if (ret <= 0 && !Socket::isWaitNeeded())
+            if (ret > 0)
             {
-                // Error
-                return std::make_pair(false, std::string());
+                output.insert(output.end(), _readBuffer.begin(), _readBuffer.begin() + ret);
             }
-            else
+            else if (ret <= 0 && !Socket::isWaitNeeded())
             {
-                output.insert(output.end(),
-                              _readBuffer.begin(),
-                              _readBuffer.begin() + ret);
+                return std::make_pair(false, std::string());
             }
 
             if (onProgressCallback) onProgressCallback((int) output.size(), (int) length);
@@ -356,7 +401,6 @@ namespace ix
             }
         }
 
-        return std::make_pair(true, std::string(output.begin(),
-                                                output.end()));
+        return std::make_pair(true, std::string(output.begin(), output.end()));
     }
-}
+} // namespace ix

ixwebsocket/IXSocket.h

@@ -6,16 +6,30 @@
 
 #pragma once
 
-#include <string>
-#include <functional>
-#include <mutex>
 #include <atomic>
-#include <vector>
+#include <functional>
 #include <memory>
+#include <mutex>
+#include <string>
+#include <vector>
 
 #ifdef _WIN32
 #include <BaseTsd.h>
 typedef SSIZE_T ssize_t;
+
+#undef EWOULDBLOCK
+#undef EAGAIN
+#undef EINPROGRESS
+#undef EBADF
+#undef EINVAL
+
+// map to WSA error codes
+#define EWOULDBLOCK WSAEWOULDBLOCK
+#define EAGAIN WSATRY_AGAIN
+#define EINPROGRESS WSAEINPROGRESS
+#define EBADF WSAEBADF
+#define EINVAL WSAEINVAL
+
 #endif
 
 #include "IXCancellationRequest.h"
@@ -35,20 +49,23 @@ namespace ix
         CloseRequest = 5
     };
 
-    class Socket {
+    class Socket
+    {
     public:
         Socket(int fd = -1);
         virtual ~Socket();
         bool init(std::string& errorMsg);
 
         // Functions to check whether there is activity on the socket
-        PollResultType poll(int timeoutSecs = kDefaultPollTimeout);
-        bool wakeUpFromPoll(uint8_t wakeUpCode);
+        PollResultType poll(int timeoutMs = kDefaultPollTimeout);
+        bool wakeUpFromPoll(uint64_t wakeUpCode);
 
         PollResultType isReadyToWrite(int timeoutMs);
         PollResultType isReadyToRead(int timeoutMs);
 
         // Virtual methods
+        virtual bool accept(std::string& errMsg);
+
         virtual bool connect(const std::string& url,
                              int port,
                              std::string& errMsg,
@@ -56,39 +73,38 @@ namespace ix
         virtual void close();
 
         virtual ssize_t send(char* buffer, size_t length);
-        virtual ssize_t send(const std::string& buffer);
+        ssize_t send(const std::string& buffer);
         virtual ssize_t recv(void* buffer, size_t length);
 
         // Blocking and cancellable versions, working with socket that can be set
         // to non blocking mode. Used during HTTP upgrade.
-        bool readByte(void* buffer,
-                      const CancellationRequest& isCancellationRequested);
-        bool writeBytes(const std::string& str,
-                        const CancellationRequest& isCancellationRequested);
+        bool readByte(void* buffer, const CancellationRequest& isCancellationRequested);
+        bool writeBytes(const std::string& str, const CancellationRequest& isCancellationRequested);
 
-        std::pair<bool, std::string> readLine(
-            const CancellationRequest& isCancellationRequested);
-        std::pair<bool, std::string> readBytes(
-            size_t length,
-            const OnProgressCallback& onProgressCallback,
-            const CancellationRequest& isCancellationRequested);
+        std::pair<bool, std::string> readLine(const CancellationRequest& isCancellationRequested);
+        std::pair<bool, std::string> readBytes(size_t length,
+                                               const OnProgressCallback& onProgressCallback,
+                                               const CancellationRequest& isCancellationRequested);
 
         static int getErrno();
         static bool isWaitNeeded();
+        static void closeSocket(int fd);
+
+        static PollResultType poll(bool readyToRead,
+                                   int timeoutMs,
+                                   int sockfd,
+                                   std::shared_ptr<SelectInterrupt> selectInterrupt = nullptr);
+
 
         // Used as special codes for pipe communication
         static const uint64_t kSendRequest;
         static const uint64_t kCloseRequest;
 
     protected:
-        void closeSocket(int fd);
-
         std::atomic<int> _sockfd;
         std::mutex _socketMutex;
 
     private:
-        PollResultType select(bool readyToRead, int timeoutMs);
-
         static const int kDefaultPollTimeout;
         static const int kDefaultPollNoTimeout;
 
@@ -98,4 +114,4 @@ namespace ix
 
         std::shared_ptr<SelectInterrupt> _selectInterrupt;
     };
-}
+} // namespace ix

ixwebsocket/IXSocketAppleSSL.cpp

@@ -6,11 +6,13 @@
  *  Adapted from Satori SDK Apple SSL code.
  */
 #include "IXSocketAppleSSL.h"
-#include "IXSocketConnect.h"
 
+#include "IXSocketConnect.h"
+#include <errno.h>
 #include <fcntl.h>
 #include <netdb.h>
 #include <netinet/tcp.h>
+#include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -18,140 +20,154 @@
 #include <sys/time.h>
 #include <sys/types.h>
 #include <unistd.h>
-#include <stdint.h>
-
-#include <iostream>
-
-#include <errno.h>
+#include <sstream>
 #define socketerrno errno
 
 #include <Security/SecureTransport.h>
 
-namespace {
-
-OSStatus read_from_socket(SSLConnectionRef connection, void *data, size_t *len)
-{
-    int fd = (int) (long) connection;
-    if (fd < 0)
-        return errSSLInternal;
-
-    assert(data != nullptr);
-    assert(len != nullptr);
-
-    size_t requested_sz = *len;
-
-    ssize_t status = read(fd, data, requested_sz);
-
-    if (status > 0)
-    {
-        *len = (size_t) status;
-        if (requested_sz > *len)
-            return errSSLWouldBlock;
-        else
-            return noErr;
-    }
-    else if (0 == status)
-    {
-        *len = 0;
-        return errSSLClosedGraceful;
-    }
-    else
-    {
-        *len = 0;
-        switch (errno) {
-            case ENOENT:
-                return errSSLClosedGraceful;
-
-            case EAGAIN:
-                return errSSLWouldBlock;
-
-            case ECONNRESET:
-                return errSSLClosedAbort;
-
-            default:
-                return errSecIO;
-        }
-    }
-}
-
-OSStatus write_to_socket(SSLConnectionRef connection, const void *data, size_t *len)
-{
-    int fd = (int) (long) connection;
-    if (fd < 0)
-        return errSSLInternal;
-
-    assert(data != nullptr);
-    assert(len != nullptr);
-
-    size_t to_write_sz = *len;
-    ssize_t status = write(fd, data, to_write_sz);
-
-    if (status > 0)
-    {
-        *len = (size_t) status;
-        if (to_write_sz > *len)
-            return errSSLWouldBlock;
-        else
-            return noErr;
-    }
-    else if (0 == status)
-    {
-        *len = 0;
-        return errSSLClosedGraceful;
-    }
-    else
-    {
-        *len = 0;
-        if (EAGAIN == errno)
-        {
-            return errSSLWouldBlock;
-        }
-        else
-        {
-            return errSecIO;
-        }
-    }
-}
-
-std::string getSSLErrorDescription(OSStatus status)
-{
-    std::string errMsg("Unknown SSL error.");
-
-    CFErrorRef error = CFErrorCreate(kCFAllocatorDefault, kCFErrorDomainOSStatus, status, NULL);
-    if (error)
-    {
-        CFStringRef message = CFErrorCopyDescription(error);
-        if (message)
-        {
-            char localBuffer[128];
-            Boolean success;
-            success = CFStringGetCString(message, localBuffer, 128,
-                                         CFStringGetSystemEncoding());
-            if (success)
-            {
-                errMsg = localBuffer;
-            }
-            CFRelease(message);
-        }
-        CFRelease(error);
-    }
-
-    return errMsg;
-}
-
-} // anonymous namespace
-
 namespace ix
 {
-    SocketAppleSSL::SocketAppleSSL(int fd) : Socket(fd),
-        _sslContext(nullptr)
+    SocketAppleSSL::SocketAppleSSL(const SocketTLSOptions& tlsOptions, int fd)
+        : Socket(fd)
+        , _sslContext(nullptr)
+        , _tlsOptions(tlsOptions)
     {
-        ;
+        _sslContext = SSLCreateContext(kCFAllocatorDefault, kSSLClientSide, kSSLStreamType);
+        SSLSetIOFuncs(
+            _sslContext, SocketAppleSSL::readFromSocket, SocketAppleSSL::writeToSocket);
     }
 
     SocketAppleSSL::~SocketAppleSSL()
     {
-        SocketAppleSSL::close();
+        CFRelease(_sslContext);
+        _sslContext = nullptr;
+
+        Socket::close();
+    }
+
+    std::string SocketAppleSSL::getSSLErrorDescription(OSStatus status)
+    {
+        std::string errMsg("Unknown SSL error.");
+
+        CFErrorRef error = CFErrorCreate(kCFAllocatorDefault, kCFErrorDomainOSStatus, status, NULL);
+        if (error)
+        {
+            CFStringRef message = CFErrorCopyDescription(error);
+            if (message)
+            {
+                char localBuffer[128];
+                Boolean success;
+                success = CFStringGetCString(message, localBuffer, 128, kCFStringEncodingUTF8);
+                if (success)
+                {
+                    errMsg = localBuffer;
+                }
+                CFRelease(message);
+            }
+            CFRelease(error);
+        }
+
+        return errMsg;
+    }
+
+    OSStatus SocketAppleSSL::readFromSocket(SSLConnectionRef connection, void* data, size_t* len)
+    {
+        int fd = (int) (long) connection;
+        if (fd < 0) return errSSLInternal;
+
+        assert(data != nullptr);
+        assert(len != nullptr);
+
+        size_t requested_sz = *len;
+
+        ssize_t status = read(fd, data, requested_sz);
+
+        if (status > 0)
+        {
+            *len = (size_t) status;
+            if (requested_sz > *len)
+            {
+                return errSSLWouldBlock;
+            }
+            else
+            {
+                return noErr;
+            }
+        }
+        else if (status == 0)
+        {
+            *len = 0;
+            return errSSLClosedGraceful;
+        }
+        else
+        {
+            *len = 0;
+            switch (errno)
+            {
+                case ENOENT: return errSSLClosedGraceful;
+
+                case EAGAIN: return errSSLWouldBlock; // EWOULDBLOCK is a define for EAGAIN on osx
+                case EINPROGRESS: return errSSLWouldBlock;
+
+                case ECONNRESET: return errSSLClosedAbort;
+
+                default: return errSecIO;
+            }
+        }
+    }
+
+    OSStatus SocketAppleSSL::writeToSocket(SSLConnectionRef connection,
+                                           const void* data,
+                                           size_t* len)
+    {
+        int fd = (int) (long) connection;
+        if (fd < 0) return errSSLInternal;
+
+        assert(data != nullptr);
+        assert(len != nullptr);
+
+        size_t to_write_sz = *len;
+        ssize_t status = write(fd, data, to_write_sz);
+
+        if (status > 0)
+        {
+            *len = (size_t) status;
+            if (to_write_sz > *len)
+            {
+                return errSSLWouldBlock;
+            }
+            else
+            {
+                return noErr;
+            }
+        }
+        else if (status == 0)
+        {
+            *len = 0;
+            return errSSLClosedGraceful;
+        }
+        else
+        {
+            *len = 0;
+            switch (errno)
+            {
+                case ENOENT: return errSSLClosedGraceful;
+
+                case EAGAIN: return errSSLWouldBlock; // EWOULDBLOCK is a define for EAGAIN on osx
+                case EINPROGRESS: return errSSLWouldBlock;
+
+                case ECONNRESET: return errSSLClosedAbort;
+
+                default: return errSecIO;
+            }
+        }
+    }
+
+
+    bool SocketAppleSSL::accept(std::string& errMsg)
+    {
+        errMsg = "TLS not supported yet in server mode with apple ssl backend";
+        return false;
     }
 
     // No wait support
@@ -167,20 +183,45 @@ namespace ix
             _sockfd = SocketConnect::connect(host, port, errMsg, isCancellationRequested);
             if (_sockfd == -1) return false;
 
-            _sslContext = SSLCreateContext(kCFAllocatorDefault, kSSLClientSide, kSSLStreamType);
-
-            SSLSetIOFuncs(_sslContext, read_from_socket, write_to_socket);
-            SSLSetConnection(_sslContext, (SSLConnectionRef) (long) _sockfd);
+            SSLSetConnection(_sslContext, (SSLConnectionRef)(long) _sockfd);
             SSLSetProtocolVersionMin(_sslContext, kTLSProtocol12);
             SSLSetPeerDomainName(_sslContext, host.c_str(), host.size());
 
-            do {
-                status = SSLHandshake(_sslContext);
-            } while (errSSLWouldBlock == status ||
-                     errSSLServerAuthCompleted == status);
+            // Record a peer id, which speed up SSL connection when reconnecting to the same host
+            std::stringstream ss;
+            ss << host << ":" << port;
+            _peerId = ss.str();
+            SSLSetPeerID(_sslContext, (void*) _peerId.c_str(), _peerId.size());
+
+            if (_tlsOptions.isPeerVerifyDisabled())
+            {
+                Boolean option(1);
+                SSLSetSessionOption(_sslContext, kSSLSessionOptionBreakOnServerAuth, option);
+
+                do
+                {
+                    status = SSLHandshake(_sslContext);
+                } while (status == errSSLWouldBlock || status == errSSLServerAuthCompleted);
+
+                if (status == errSSLServerAuthCompleted)
+                {
+                    // proceed with the handshake
+                    do
+                    {
+                        status = SSLHandshake(_sslContext);
+                    } while (status == errSSLWouldBlock || status == errSSLServerAuthCompleted);
+                }
+            }
+            else
+            {
+                do
+                {
+                    status = SSLHandshake(_sslContext);
+                } while (status == errSSLWouldBlock || status == errSSLServerAuthCompleted);
+            }
         }
 
-        if (noErr != status)
+        if (status != noErr)
         {
             errMsg = getSSLErrorDescription(status);
             close();
@@ -194,55 +235,24 @@ namespace ix
     {
         std::lock_guard<std::mutex> lock(_mutex);
 
-        if (_sslContext == nullptr) return;
-
         SSLClose(_sslContext);
-        CFRelease(_sslContext);
-        _sslContext = nullptr;
-
         Socket::close();
     }
 
     ssize_t SocketAppleSSL::send(char* buf, size_t nbyte)
-    {
-        ssize_t ret = 0;
-        OSStatus status;
-        do {
-            size_t processed = 0;
-            std::lock_guard<std::mutex> lock(_mutex);
-            status = SSLWrite(_sslContext, buf, nbyte, &processed);
-            ret += processed;
-            buf += processed;
-            nbyte -= processed;
-        } while (nbyte > 0 && errSSLWouldBlock == status);
-
-        if (ret == 0 && errSSLClosedAbort != status)
-            ret = -1;
-        return ret;
-    }
-
-    ssize_t SocketAppleSSL::send(const std::string& buffer)
-    {
-        return send((char*)&buffer[0], buffer.size());
-    }
-
-    // No wait support
-    ssize_t SocketAppleSSL::recv(void* buf, size_t nbyte)
     {
         OSStatus status = errSSLWouldBlock;
-        while (errSSLWouldBlock == status)
+        while (status == errSSLWouldBlock)
         {
             size_t processed = 0;
             std::lock_guard<std::mutex> lock(_mutex);
-            status = SSLRead(_sslContext, buf, nbyte, &processed);
+            status = SSLWrite(_sslContext, buf, nbyte, &processed);
 
-            if (processed > 0)
-                return (ssize_t) processed;
+            if (processed > 0) return (ssize_t) processed;
 
             // The connection was reset, inform the caller that this
             // Socket should close
-            if (status == errSSLClosedGraceful ||
-                status == errSSLClosedNoNotify ||
+            if (status == errSSLClosedGraceful || status == errSSLClosedNoNotify ||
                 status == errSSLClosedAbort)
             {
                 errno = ECONNRESET;
@@ -258,4 +268,34 @@ namespace ix
         return -1;
     }
 
-}
+    // No wait support
+    ssize_t SocketAppleSSL::recv(void* buf, size_t nbyte)
+    {
+        OSStatus status = errSSLWouldBlock;
+        while (status == errSSLWouldBlock)
+        {
+            size_t processed = 0;
+            std::lock_guard<std::mutex> lock(_mutex);
+            status = SSLRead(_sslContext, buf, nbyte, &processed);
+
+            if (processed > 0) return (ssize_t) processed;
+
+            // The connection was reset, inform the caller that this
+            // Socket should close
+            if (status == errSSLClosedGraceful || status == errSSLClosedNoNotify ||
+                status == errSSLClosedAbort)
+            {
+                errno = ECONNRESET;
+                return -1;
+            }
+
+            if (status == errSSLWouldBlock)
+            {
+                errno = EWOULDBLOCK;
+                return -1;
+            }
+        }
+        return -1;
+    }
+
+} // namespace ix

ixwebsocket/IXSocketAppleSSL.h

@@ -6,22 +6,23 @@
 
 #pragma once
 
-#include "IXSocket.h"
 #include "IXCancellationRequest.h"
-
-#include <Security/Security.h>
+#include "IXSocket.h"
+#include "IXSocketTLSOptions.h"
 #include <Security/SecureTransport.h>
-
+#include <Security/Security.h>
 #include <mutex>
 
 namespace ix
 {
-    class SocketAppleSSL : public Socket
+    class SocketAppleSSL final : public Socket
     {
     public:
-        SocketAppleSSL(int fd = -1);
+        SocketAppleSSL(const SocketTLSOptions& tlsOptions, int fd = -1);
         ~SocketAppleSSL();
 
+        virtual bool accept(std::string& errMsg) final;
+
         virtual bool connect(const std::string& host,
                              int port,
                              std::string& errMsg,
@@ -29,12 +30,19 @@ namespace ix
         virtual void close() final;
 
         virtual ssize_t send(char* buffer, size_t length) final;
-        virtual ssize_t send(const std::string& buffer) final;
         virtual ssize_t recv(void* buffer, size_t length) final;
 
     private:
+        static std::string getSSLErrorDescription(OSStatus status);
+        static OSStatus writeToSocket(SSLConnectionRef connection, const void* data, size_t* len);
+        static OSStatus readFromSocket(SSLConnectionRef connection, void* data, size_t* len);
+
         SSLContextRef _sslContext;
-        mutable std::mutex _mutex;  // AppleSSL routines are not thread-safe
+        mutable std::mutex _mutex; // AppleSSL routines are not thread-safe
+
+        SocketTLSOptions _tlsOptions;
+
+        std::string _peerId;
     };
 
-}
+} // namespace ix

ixwebsocket/IXSocketConnect.cpp

@@ -5,47 +5,37 @@
  */
 
 #include "IXSocketConnect.h"
+
 #include "IXDNSLookup.h"
 #include "IXNetSystem.h"
-
-#include <string.h>
+#include "IXSocket.h"
 #include <fcntl.h>
+#include <string.h>
 #include <sys/types.h>
 
 // Android needs extra headers for TCP_NODELAY and IPPROTO_TCP
 #ifdef ANDROID
-# include <linux/in.h>
-# include <linux/tcp.h>
+#include <linux/in.h>
+#include <linux/tcp.h>
 #endif
 
-namespace
-{
-    void closeSocket(int fd)
-    {
-#ifdef _WIN32
-        closesocket(fd);
-#else
-        ::close(fd);
-#endif
-    }
-}
+#include <iostream>
 
 namespace ix
 {
     //
-    // This function can be cancelled every 50 ms
-    // This is important so that we don't block the main UI thread when shutting down a connection which is
-    // already trying to reconnect, and can be blocked waiting for ::connect to respond.
+    // This function can be cancelled every 10 ms
+    // This is important so that we don't block the main UI thread when shutting down a
+    // connection which is already trying to reconnect, and can be blocked waiting for
+    // ::connect to respond.
     //
-    int SocketConnect::connectToAddress(const struct addrinfo *address,
+    int SocketConnect::connectToAddress(const struct addrinfo* address,
                                         std::string& errMsg,
                                         const CancellationRequest& isCancellationRequested)
     {
         errMsg = "no error";
 
-        int fd = socket(address->ai_family,
-                        address->ai_socktype,
-                        address->ai_protocol);
+        int fd = socket(address->ai_family, address->ai_socktype, address->ai_protocol);
         if (fd < 0)
         {
             errMsg = "Cannot create a socket";
@@ -56,11 +46,19 @@ namespace ix
         // block us for too long
         SocketConnect::configure(fd);
 
-        if (::connect(fd, address->ai_addr, address->ai_addrlen) == -1
-            && errno != EINPROGRESS && errno != 0)
+        auto start = std::chrono::system_clock::now();
+
+        int res = ::connect(fd, address->ai_addr, address->ai_addrlen);
+
+        auto now = std::chrono::system_clock::now();
+        auto milliseconds = std::chrono::duration_cast<std::chrono::milliseconds>(now - start);
+        auto ms = milliseconds.count();
+        std::cout << "tcp connection completed in " << ms << "ms" << std::endl;
+
+        if (res == -1 && !Socket::isWaitNeeded())
         {
-            errMsg = strerror(errno);
-            closeSocket(fd);
+            errMsg = strerror(Socket::getErrno());
+            Socket::closeSocket(fd);
             return -1;
         }
 
@@ -68,60 +66,38 @@ namespace ix
         {
             if (isCancellationRequested && isCancellationRequested()) // Must handle timeout as well
             {
-                closeSocket(fd);
+                Socket::closeSocket(fd);
                 errMsg = "Cancelled";
                 return -1;
             }
 
-            // Use select to check the status of the new connection
-            struct timeval timeout;
-            timeout.tv_sec = 0;
-            timeout.tv_usec = 10 * 1000; // 10ms timeout
-            fd_set wfds;
-            fd_set efds;
+            int timeoutMs = 10;
+            bool readyToRead = false;
+            PollResultType pollResult = Socket::poll(readyToRead, timeoutMs, fd);
 
-            FD_ZERO(&wfds);
-            FD_SET(fd, &wfds);
-            FD_ZERO(&efds);
-            FD_SET(fd, &efds);
-
-            if (select(fd + 1, nullptr, &wfds, &efds, &timeout) < 0 &&
-                (errno == EBADF || errno == EINVAL))
+            if (pollResult == PollResultType::Timeout)
             {
-                closeSocket(fd);
-                errMsg = std::string("Connect error, select error: ") + strerror(errno);
+                continue;
+            }
+            else if (pollResult == PollResultType::Error)
+            {
+                Socket::closeSocket(fd);
+                errMsg = std::string("Connect error: ") + strerror(Socket::getErrno());
                 return -1;
             }
-
-            // Nothing was written to the socket, wait again.
-            if (!FD_ISSET(fd, &wfds)) continue;
-
-            // Something was written to the socket. Check for errors.
-            int optval = -1;
-            socklen_t optlen = sizeof(optval);
-
-#ifdef _WIN32
-            // On connect error, in async mode, windows will write to the exceptions fds
-            if (FD_ISSET(fd, &efds))
-#else
-            // getsockopt() puts the errno value for connect into optval so 0
-            // means no-error.
-            if (getsockopt(fd, SOL_SOCKET, SO_ERROR, &optval, &optlen) == -1 ||
-                optval != 0)
-#endif
+            else if (pollResult == PollResultType::ReadyForWrite)
             {
-                closeSocket(fd);
-                errMsg = strerror(optval);
-                return -1;
+                return fd;
             }
             else
             {
-                // Success !
-                return fd;
+                Socket::closeSocket(fd);
+                errMsg = std::string("Connect error: ") + strerror(Socket::getErrno());
+                return -1;
             }
         }
 
-        closeSocket(fd);
+        Socket::closeSocket(fd);
         errMsg = "connect timed out after 60 seconds";
         return -1;
     }
@@ -131,11 +107,19 @@ namespace ix
                                std::string& errMsg,
                                const CancellationRequest& isCancellationRequested)
     {
+        auto start = std::chrono::system_clock::now();
+
         //
         // First do DNS resolution
         //
-        DNSLookup dnsLookup(hostname, port);
-        struct addrinfo *res = dnsLookup.resolve(errMsg, isCancellationRequested);
+        auto dnsLookup = std::make_shared<DNSLookup>(hostname, port);
+        struct addrinfo* res = dnsLookup->resolve(errMsg, isCancellationRequested);
+
+        auto now = std::chrono::system_clock::now();
+        auto milliseconds = std::chrono::duration_cast<std::chrono::milliseconds>(now - start);
+        auto ms = milliseconds.count();
+        std::cout << "dns resolution completed in " << ms << "ms" << std::endl;
+
         if (res == nullptr)
         {
             return -1;
@@ -144,7 +128,7 @@ namespace ix
         int sockfd = -1;
 
         // iterate through the records to find a working peer
-        struct addrinfo *address;
+        struct addrinfo* address;
         for (address = res; address != nullptr; address = address->ai_next)
         {
             //
@@ -179,8 +163,7 @@ namespace ix
         // 3. (apple) prevent SIGPIPE from being emitted when the remote end disconnect
 #ifdef SO_NOSIGPIPE
         int value = 1;
-        setsockopt(sockfd, SOL_SOCKET, SO_NOSIGPIPE,
-                   (void *)&value, sizeof(value));
+        setsockopt(sockfd, SOL_SOCKET, SO_NOSIGPIPE, (void*) &value, sizeof(value));
 #endif
     }
-}
+} // namespace ix

ixwebsocket/IXSocketConnect.h

@@ -7,14 +7,14 @@
 #pragma once
 
 #include "IXCancellationRequest.h"
-
 #include <string>
 
 struct addrinfo;
 
 namespace ix
 {
-    class SocketConnect {
+    class SocketConnect
+    {
     public:
         static int connect(const std::string& hostname,
                            int port,
@@ -24,9 +24,8 @@ namespace ix
         static void configure(int sockfd);
 
     private:
-        static int connectToAddress(const struct addrinfo *address,
+        static int connectToAddress(const struct addrinfo* address,
                                     std::string& errMsg,
                                     const CancellationRequest& isCancellationRequested);
     };
-}
-
+} // namespace ix

ixwebsocket/IXSocketFactory.cpp

@@ -8,42 +8,45 @@
 
 #ifdef IXWEBSOCKET_USE_TLS
 
-# ifdef __APPLE__
-#  include <ixwebsocket/IXSocketAppleSSL.h>
-# elif defined(_WIN32)
-#  include <ixwebsocket/IXSocketSChannel.h>
-# else
-#  include <ixwebsocket/IXSocketOpenSSL.h>
-# endif
+#ifdef IXWEBSOCKET_USE_MBED_TLS
+#include "IXSocketMbedTLS.h"
+#elif defined(IXWEBSOCKET_USE_OPEN_SSL)
+#include "IXSocketOpenSSL.h"
+#elif __APPLE__
+#include "IXSocketAppleSSL.h"
+#endif
 
 #else
 
-#include <ixwebsocket/IXSocket.h>
+#include "IXSocket.h"
 
 #endif
 
 namespace ix
 {
     std::shared_ptr<Socket> createSocket(bool tls,
-                                         std::string& errorMsg)
+                                         int fd,
+                                         std::string& errorMsg,
+                                         const SocketTLSOptions& tlsOptions)
     {
+        (void) tlsOptions;
         errorMsg.clear();
         std::shared_ptr<Socket> socket;
 
         if (!tls)
         {
-            socket = std::make_shared<Socket>();
+            socket = std::make_shared<Socket>(fd);
         }
         else
         {
 #ifdef IXWEBSOCKET_USE_TLS
-# ifdef __APPLE__
-            socket = std::make_shared<SocketAppleSSL>();
-# elif defined(_WIN32)
-            socket = std::make_shared<SocketSChannel>();
-# else
-            socket = std::make_shared<SocketOpenSSL>();
-# endif
+#if defined(IXWEBSOCKET_USE_MBED_TLS)
+            socket = std::make_shared<SocketMbedTLS>(tlsOptions, fd);
+#elif defined(IXWEBSOCKET_USE_OPEN_SSL)
+            socket = std::make_shared<SocketOpenSSL>(tlsOptions, fd);
+#elif defined(__APPLE__)
+            socket = std::make_shared<SocketAppleSSL>(tlsOptions, fd);
+#endif
 #else
             errorMsg = "TLS support is not enabled on this platform.";
             return nullptr;
@@ -57,18 +60,4 @@ namespace ix
 
         return socket;
     }
-
-    std::shared_ptr<Socket> createSocket(int fd,
-                                         std::string& errorMsg)
-    {
-        errorMsg.clear();
-
-        std::shared_ptr<Socket> socket = std::make_shared<Socket>(fd);
-        if (!socket->init(errorMsg))
-        {
-            socket.reset();
-        }
-
-        return socket;
-    }
-}
+} // namespace ix

ixwebsocket/IXSocketFactory.h

@@ -7,6 +7,7 @@
 
 #pragma once
 
+#include "IXSocketTLSOptions.h"
 #include <memory>
 #include <string>
 
@@ -14,8 +15,7 @@ namespace ix
 {
     class Socket;
     std::shared_ptr<Socket> createSocket(bool tls,
-                                         std::string& errorMsg);
-
-    std::shared_ptr<Socket> createSocket(int fd,
-                                         std::string& errorMsg);
-}
+                                         int fd,
+                                         std::string& errorMsg,
+                                         const SocketTLSOptions& tlsOptions);
+} // namespace ix

ixwebsocket/IXSocketMbedTLS.cpp

@@ -0,0 +1,273 @@
+/*
+ *  IXSocketMbedTLS.cpp
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+ *
+ *  Some code taken from
+ *  https://github.com/rottor12/WsClientLib/blob/master/lib/src/WsClientLib.cpp
+ *  and mini_client.c example from mbedtls
+ */
+
+#include "IXSocketMbedTLS.h"
+
+#include "IXNetSystem.h"
+#include "IXSocket.h"
+#include "IXSocketConnect.h"
+#include <string.h>
+
+namespace ix
+{
+    SocketMbedTLS::SocketMbedTLS(const SocketTLSOptions& tlsOptions, int fd)
+        : Socket(fd)
+        , _tlsOptions(tlsOptions)
+    {
+        initMBedTLS();
+    }
+
+    SocketMbedTLS::~SocketMbedTLS()
+    {
+        SocketMbedTLS::close();
+    }
+
+    void SocketMbedTLS::initMBedTLS()
+    {
+        std::lock_guard<std::mutex> lock(_mutex);
+
+        mbedtls_ssl_init(&_ssl);
+        mbedtls_ssl_config_init(&_conf);
+        mbedtls_ctr_drbg_init(&_ctr_drbg);
+        mbedtls_entropy_init(&_entropy);
+        mbedtls_x509_crt_init(&_cacert);
+        mbedtls_x509_crt_init(&_cert);
+        mbedtls_pk_init(&_pkey);
+    }
+
+    bool SocketMbedTLS::init(const std::string& host, bool isClient, std::string& errMsg)
+    {
+        initMBedTLS();
+        std::lock_guard<std::mutex> lock(_mutex);
+
+        const char* pers = "IXSocketMbedTLS";
+
+        if (mbedtls_ctr_drbg_seed(&_ctr_drbg,
+                                  mbedtls_entropy_func,
+                                  &_entropy,
+                                  (const unsigned char*) pers,
+                                  strlen(pers)) != 0)
+        {
+            errMsg = "Setting entropy seed failed";
+            return false;
+        }
+
+        if (mbedtls_ssl_config_defaults(&_conf,
+                                        (isClient) ? MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER,
+                                        MBEDTLS_SSL_TRANSPORT_STREAM,
+                                        MBEDTLS_SSL_PRESET_DEFAULT) != 0)
+        {
+            errMsg = "Setting config default failed";
+            return false;
+        }
+
+        mbedtls_ssl_conf_rng(&_conf, mbedtls_ctr_drbg_random, &_ctr_drbg);
+
+        if (_tlsOptions.hasCertAndKey())
+        {
+            if (mbedtls_x509_crt_parse_file(&_cert, _tlsOptions.certFile.c_str()) < 0)
+            {
+                errMsg = "Cannot parse cert file '" + _tlsOptions.certFile + "'";
+                return false;
+            }
+            if (mbedtls_pk_parse_keyfile(&_pkey, _tlsOptions.keyFile.c_str(), "") < 0)
+            {
+                errMsg = "Cannot parse key file '" + _tlsOptions.keyFile + "'";
+                return false;
+            }
+            if (mbedtls_ssl_conf_own_cert(&_conf, &_cert, &_pkey) < 0)
+            {
+                errMsg = "Problem configuring cert '" + _tlsOptions.certFile + "'";
+                return false;
+            }
+        }
+
+        if (_tlsOptions.isPeerVerifyDisabled())
+        {
+            mbedtls_ssl_conf_authmode(&_conf, MBEDTLS_SSL_VERIFY_NONE);
+        }
+        else
+        {
+            mbedtls_ssl_conf_authmode(&_conf, MBEDTLS_SSL_VERIFY_REQUIRED);
+
+            // FIXME: should we call mbedtls_ssl_conf_verify ?
+
+            if (_tlsOptions.isUsingSystemDefaults())
+            {
+                ; // FIXME
+            }
+            else if (mbedtls_x509_crt_parse_file(&_cacert, _tlsOptions.caFile.c_str()) < 0)
+            {
+                errMsg = "Cannot parse CA file '" + _tlsOptions.caFile + "'";
+                return false;
+            }
+
+            mbedtls_ssl_conf_ca_chain(&_conf, &_cacert, NULL);
+        }
+
+        if (mbedtls_ssl_setup(&_ssl, &_conf) != 0)
+        {
+            errMsg = "SSL setup failed";
+            return false;
+        }
+
+        if (!host.empty() && mbedtls_ssl_set_hostname(&_ssl, host.c_str()) != 0)
+        {
+            errMsg = "SNI setup failed";
+            return false;
+        }
+
+        return true;
+    }
+
+    bool SocketMbedTLS::accept(std::string& errMsg)
+    {
+        bool isClient = false;
+        bool initialized = init(std::string(), isClient, errMsg);
+        if (!initialized)
+        {
+            close();
+            return false;
+        }
+
+        mbedtls_ssl_set_bio(&_ssl, &_sockfd, mbedtls_net_send, mbedtls_net_recv, NULL);
+
+        int res;
+        do
+        {
+            std::lock_guard<std::mutex> lock(_mutex);
+            res = mbedtls_ssl_handshake(&_ssl);
+        } while (res == MBEDTLS_ERR_SSL_WANT_READ || res == MBEDTLS_ERR_SSL_WANT_WRITE);
+
+        if (res != 0)
+        {
+            char buf[256];
+            mbedtls_strerror(res, buf, sizeof(buf));
+
+            errMsg = "error in handshake : ";
+            errMsg += buf;
+
+            if (res == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED)
+            {
+                char verifyBuf[512];
+                uint32_t flags = mbedtls_ssl_get_verify_result(&_ssl);
+
+                mbedtls_x509_crt_verify_info(verifyBuf, sizeof(verifyBuf), "  ! ", flags);
+                errMsg += " : ";
+                errMsg += verifyBuf;
+            }
+
+            close();
+            return false;
+        }
+
+        return true;
+    }
+
+    bool SocketMbedTLS::connect(const std::string& host,
+                                int port,
+                                std::string& errMsg,
+                                const CancellationRequest& isCancellationRequested)
+    {
+        {
+            std::lock_guard<std::mutex> lock(_mutex);
+            _sockfd = SocketConnect::connect(host, port, errMsg, isCancellationRequested);
+            if (_sockfd == -1) return false;
+        }
+
+        bool isClient = true;
+        bool initialized = init(host, isClient, errMsg);
+        if (!initialized)
+        {
+            close();
+            return false;
+        }
+
+        mbedtls_ssl_set_bio(&_ssl, &_sockfd, mbedtls_net_send, mbedtls_net_recv, NULL);
+
+        int res;
+        do
+        {
+            std::lock_guard<std::mutex> lock(_mutex);
+            res = mbedtls_ssl_handshake(&_ssl);
+        } while (res == MBEDTLS_ERR_SSL_WANT_READ || res == MBEDTLS_ERR_SSL_WANT_WRITE);
+
+        if (res != 0)
+        {
+            char buf[256];
+            mbedtls_strerror(res, buf, sizeof(buf));
+
+            errMsg = "error in handshake : ";
+            errMsg += buf;
+
+            close();
+            return false;
+        }
+
+        return true;
+    }
+
+    void SocketMbedTLS::close()
+    {
+        std::lock_guard<std::mutex> lock(_mutex);
+
+        mbedtls_ssl_free(&_ssl);
+        mbedtls_ssl_config_free(&_conf);
+        mbedtls_ctr_drbg_free(&_ctr_drbg);
+        mbedtls_entropy_free(&_entropy);
+        mbedtls_x509_crt_free(&_cacert);
+        mbedtls_x509_crt_free(&_cert);
+
+        Socket::close();
+    }
+
+    ssize_t SocketMbedTLS::send(char* buf, size_t nbyte)
+    {
+        std::lock_guard<std::mutex> lock(_mutex);
+
+        ssize_t res = mbedtls_ssl_write(&_ssl, (unsigned char*) buf, nbyte);
+
+        if (res > 0)
+        {
+            return res;
+        }
+        else if (res == MBEDTLS_ERR_SSL_WANT_READ || res == MBEDTLS_ERR_SSL_WANT_WRITE)
+        {
+            errno = EWOULDBLOCK;
+            return -1;
+        }
+        else
+        {
+            return -1;
+        }
+    }
+
+    ssize_t SocketMbedTLS::recv(void* buf, size_t nbyte)
+    {
+        while (true)
+        {
+            std::lock_guard<std::mutex> lock(_mutex);
+
+            ssize_t res = mbedtls_ssl_read(&_ssl, (unsigned char*) buf, (int) nbyte);
+
+            if (res > 0)
+            {
+                return res;
+            }
+
+            if (res == MBEDTLS_ERR_SSL_WANT_READ || res == MBEDTLS_ERR_SSL_WANT_WRITE)
+            {
+                errno = EWOULDBLOCK;
+            }
+            return -1;
+        }
+    }
+
+} // namespace ix

ixwebsocket/IXSocketMbedTLS.h

@@ -0,0 +1,56 @@
+/*
+ *  IXSocketMbedTLS.h
+ *  Author: Benjamin Sergeant
+ *  Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
+ */
+
+#pragma once
+
+#include "IXSocket.h"
+#include "IXSocketTLSOptions.h"
+#include <mbedtls/ctr_drbg.h>
+#include <mbedtls/debug.h>
+#include <mbedtls/entropy.h>
+#include <mbedtls/error.h>
+#include <mbedtls/net.h>
+#include <mbedtls/platform.h>
+#include <mbedtls/x509.h>
+#include <mbedtls/x509_crt.h>
+#include <mutex>
+
+namespace ix
+{
+    class SocketMbedTLS final : public Socket
+    {
+    public:
+        SocketMbedTLS(const SocketTLSOptions& tlsOptions, int fd = -1);
+        ~SocketMbedTLS();
+
+        virtual bool accept(std::string& errMsg) final;
+
+        virtual bool connect(const std::string& host,
+                             int port,
+                             std::string& errMsg,
+                             const CancellationRequest& isCancellationRequested) final;
+        virtual void close() final;
+
+        virtual ssize_t send(char* buffer, size_t length) final;
+        virtual ssize_t recv(void* buffer, size_t length) final;
+
+    private:
+        mbedtls_ssl_context _ssl;
+        mbedtls_ssl_config _conf;
+        mbedtls_entropy_context _entropy;
+        mbedtls_ctr_drbg_context _ctr_drbg;
+        mbedtls_x509_crt _cacert;
+        mbedtls_x509_crt _cert;
+        mbedtls_pk_context _pkey;
+
+        std::mutex _mutex;
+        SocketTLSOptions _tlsOptions;
+
+        bool init(const std::string& host, bool isClient, std::string& errMsg);
+        void initMBedTLS();
+    };
+
+} // namespace ix

ixwebsocket/IXSocketOpenSSL.cpp

@@ -1,31 +1,44 @@
 /*
  *  IXSocketOpenSSL.cpp
- *  Author: Benjamin Sergeant
- *  Copyright (c) 2017-2018 Machine Zone, Inc. All rights reserved.
+ *  Author: Benjamin Sergeant, Matt DeBoer
+ *  Copyright (c) 2017-2019 Machine Zone, Inc. All rights reserved.
  *
  *  Adapted from Satori SDK OpenSSL code.
  */
 
 #include "IXSocketOpenSSL.h"
+
 #include "IXSocketConnect.h"
-
 #include <cassert>
-#include <iostream>
-
-#include <openssl/x509v3.h>
-
-#include <fnmatch.h>
 #include <errno.h>
+#ifdef _WIN32
+#include <Shlwapi.h>
+#else
+#include <fnmatch.h>
+#endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#include <openssl/x509v3.h>
+#endif
 #define socketerrno errno
 
 namespace ix
 {
+    const std::string kDefaultCiphers =
+        "ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-SHA "
+        "ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA384 "
+        "ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-SHA "
+        "ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384 "
+        "DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-SHA "
+        "DHE-RSA-AES256-SHA DHE-RSA-AES128-SHA256 DHE-RSA-AES256-SHA256 AES128-SHA";
+
     std::atomic<bool> SocketOpenSSL::_openSSLInitializationSuccessful(false);
     std::once_flag SocketOpenSSL::_openSSLInitFlag;
 
-    SocketOpenSSL::SocketOpenSSL(int fd) : Socket(fd),
-        _ssl_connection(nullptr),
-        _ssl_context(nullptr)
+    SocketOpenSSL::SocketOpenSSL(const SocketTLSOptions& tlsOptions, int fd)
+        : Socket(fd)
+        , _ssl_connection(nullptr)
+        , _ssl_context(nullptr)
+        , _tlsOptions(tlsOptions)
     {
         std::call_once(_openSSLInitFlag, &SocketOpenSSL::openSSLInitialize, this);
     }
@@ -115,15 +128,11 @@ namespace ix
         SSL_CTX* ctx = SSL_CTX_new(_ssl_method);
         if (ctx)
         {
-            // To skip verification, pass in SSL_VERIFY_NONE
-            SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER,
-                               [](int preverify, X509_STORE_CTX*) -> int
-                               {
-                                   return preverify;
-                               });
+            SSL_CTX_set_mode(ctx,
+                             SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
 
-            SSL_CTX_set_verify_depth(ctx, 4);
-            SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
+            SSL_CTX_set_options(
+                ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_CIPHER_SERVER_PREFERENCE);
         }
         return ctx;
     }
@@ -131,16 +140,20 @@ namespace ix
     /**
      * Check whether a hostname matches a pattern
      */
-    bool SocketOpenSSL::checkHost(const std::string& host, const char *pattern)
+    bool SocketOpenSSL::checkHost(const std::string& host, const char* pattern)
     {
+#ifdef _WIN32
+        return PathMatchSpecA(host.c_str(), pattern);
+#else
         return fnmatch(pattern, host.c_str(), 0) != FNM_NOMATCH;
+#endif
     }
 
-    bool SocketOpenSSL::openSSLCheckServerCert(SSL *ssl,
+    bool SocketOpenSSL::openSSLCheckServerCert(SSL* ssl,
                                                const std::string& hostname,
                                                std::string& errMsg)
     {
-        X509 *server_cert = SSL_get_peer_certificate(ssl);
+        X509* server_cert = SSL_get_peer_certificate(ssl);
         if (server_cert == nullptr)
         {
             errMsg = "OpenSSL failed - peer didn't present a X509 certificate.";
@@ -150,18 +163,17 @@ namespace ix
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
         // Check server name
         bool hostname_verifies_ok = false;
-        STACK_OF(GENERAL_NAME) *san_names =
-            (STACK_OF(GENERAL_NAME)*) X509_get_ext_d2i((X509 *)server_cert,
-                                                       NID_subject_alt_name, NULL, NULL);
+        STACK_OF(GENERAL_NAME)* san_names = (STACK_OF(GENERAL_NAME)*) X509_get_ext_d2i(
+            (X509*) server_cert, NID_subject_alt_name, NULL, NULL);
         if (san_names)
         {
-            for (int i=0; i<sk_GENERAL_NAME_num(san_names); i++)
+            for (int i = 0; i < sk_GENERAL_NAME_num(san_names); i++)
             {
-                const GENERAL_NAME *sk_name = sk_GENERAL_NAME_value(san_names, i);
+                const GENERAL_NAME* sk_name = sk_GENERAL_NAME_value(san_names, i);
                 if (sk_name->type == GEN_DNS)
                 {
-                    char *name = (char *)ASN1_STRING_data(sk_name->d.dNSName);
-                    if ((size_t)ASN1_STRING_length(sk_name->d.dNSName) == strlen(name) &&
+                    char* name = (char*) ASN1_STRING_data(sk_name->d.dNSName);
+                    if ((size_t) ASN1_STRING_length(sk_name->d.dNSName) == strlen(name) &&
                         checkHost(hostname, name))
                     {
                         hostname_verifies_ok = true;
@@ -174,20 +186,20 @@ namespace ix
 
         if (!hostname_verifies_ok)
         {
-            int cn_pos = X509_NAME_get_index_by_NID(X509_get_subject_name((X509 *)server_cert),
-                                                    NID_commonName, -1);
+            int cn_pos = X509_NAME_get_index_by_NID(
+                X509_get_subject_name((X509*) server_cert), NID_commonName, -1);
             if (cn_pos)
             {
-                X509_NAME_ENTRY *cn_entry = X509_NAME_get_entry(
-                    X509_get_subject_name((X509 *)server_cert), cn_pos);
+                X509_NAME_ENTRY* cn_entry =
+                    X509_NAME_get_entry(X509_get_subject_name((X509*) server_cert), cn_pos);
 
                 if (cn_entry)
                 {
-                    ASN1_STRING *cn_asn1 = X509_NAME_ENTRY_get_data(cn_entry);
-                    char *cn = (char *)ASN1_STRING_data(cn_asn1);
+                    ASN1_STRING* cn_asn1 = X509_NAME_ENTRY_get_data(cn_entry);
+                    char* cn = (char*) ASN1_STRING_data(cn_asn1);
 
-                    if ((size_t)ASN1_STRING_length(cn_asn1) == strlen(cn) &&
-                       checkHost(hostname, cn))
+                    if ((size_t) ASN1_STRING_length(cn_asn1) == strlen(cn) &&
+                        checkHost(hostname, cn))
                     {
                         hostname_verifies_ok = true;
                     }
@@ -206,7 +218,7 @@ namespace ix
         return true;
     }
 
-    bool SocketOpenSSL::openSSLHandshake(const std::string& host, std::string& errMsg)
+    bool SocketOpenSSL::openSSLClientHandshake(const std::string& host, std::string& errMsg)
     {
         while (true)
         {
@@ -241,7 +253,274 @@ namespace ix
         }
     }
 
-    // No wait support
+    bool SocketOpenSSL::openSSLServerHandshake(std::string& errMsg)
+    {
+        while (true)
+        {
+            if (_ssl_connection == nullptr || _ssl_context == nullptr)
+            {
+                return false;
+            }
+
+            ERR_clear_error();
+            int accept_result = SSL_accept(_ssl_connection);
+            if (accept_result == 1)
+            {
+                return true;
+            }
+            int reason = SSL_get_error(_ssl_connection, accept_result);
+
+            bool rc = false;
+            if (reason == SSL_ERROR_WANT_READ || reason == SSL_ERROR_WANT_WRITE)
+            {
+                rc = true;
+            }
+            else
+            {
+                errMsg = getSSLError(accept_result);
+                rc = false;
+            }
+
+            if (!rc)
+            {
+                return false;
+            }
+        }
+    }
+
+    bool SocketOpenSSL::handleTLSOptions(std::string& errMsg)
+    {
+        ERR_clear_error();
+        if (_tlsOptions.hasCertAndKey())
+        {
+            if (SSL_CTX_use_certificate_chain_file(_ssl_context, _tlsOptions.certFile.c_str()) != 1)
+            {
+                auto sslErr = ERR_get_error();
+                errMsg = "OpenSSL failed - SSL_CTX_use_certificate_chain_file(\"" +
+                         _tlsOptions.certFile + "\") failed: ";
+                errMsg += ERR_error_string(sslErr, nullptr);
+            }
+            else if (SSL_CTX_use_PrivateKey_file(
+                         _ssl_context, _tlsOptions.keyFile.c_str(), SSL_FILETYPE_PEM) != 1)
+            {
+                auto sslErr = ERR_get_error();
+                errMsg = "OpenSSL failed - SSL_CTX_use_PrivateKey_file(\"" + _tlsOptions.keyFile +
+                         "\") failed: ";
+                errMsg += ERR_error_string(sslErr, nullptr);
+            }
+            else if (!SSL_CTX_check_private_key(_ssl_context))
+            {
+                auto sslErr = ERR_get_error();
+                errMsg = "OpenSSL failed - cert/key mismatch(\"" + _tlsOptions.certFile + ", " +
+                         _tlsOptions.keyFile + "\")";
+                errMsg += ERR_error_string(sslErr, nullptr);
+            }
+        }
+
+        ERR_clear_error();
+        if (!_tlsOptions.isPeerVerifyDisabled())
+        {
+            if (_tlsOptions.isUsingSystemDefaults())
+            {
+                if (SSL_CTX_set_default_verify_paths(_ssl_context) == 0)
+                {
+                    auto sslErr = ERR_get_error();
+                    errMsg = "OpenSSL failed - SSL_CTX_default_verify_paths loading failed: ";
+                    errMsg += ERR_error_string(sslErr, nullptr);
+                    return false;
+                }
+            }
+            else if (SSL_CTX_load_verify_locations(
+                         _ssl_context, _tlsOptions.caFile.c_str(), NULL) != 1)
+            {
+                auto sslErr = ERR_get_error();
+                errMsg = "OpenSSL failed - SSL_CTX_load_verify_locations(\"" + _tlsOptions.caFile +
+                         "\") failed: ";
+                errMsg += ERR_error_string(sslErr, nullptr);
+                return false;
+            }
+
+            SSL_CTX_set_verify(_ssl_context,
+                               SSL_VERIFY_PEER,
+                               [](int preverify, X509_STORE_CTX*) -> int { return preverify; });
+            SSL_CTX_set_verify_depth(_ssl_context, 4);
+        }
+        else
+        {
+            SSL_CTX_set_verify(_ssl_context, SSL_VERIFY_NONE, nullptr);
+        }
+
+        if (_tlsOptions.isUsingDefaultCiphers())
+        {
+            if (SSL_CTX_set_cipher_list(_ssl_context, kDefaultCiphers.c_str()) != 1)
+            {
+                auto sslErr = ERR_get_error();
+                errMsg = "OpenSSL failed - SSL_CTX_set_cipher_list(\"" + kDefaultCiphers +
+                         "\") failed: ";
+                errMsg += ERR_error_string(sslErr, nullptr);
+                return false;
+            }
+        }
+        else if (SSL_CTX_set_cipher_list(_ssl_context, _tlsOptions.ciphers.c_str()) != 1)
+        {
+            auto sslErr = ERR_get_error();
+            errMsg = "OpenSSL failed - SSL_CTX_set_cipher_list(\"" + _tlsOptions.ciphers +
+                     "\") failed: ";
+            errMsg += ERR_error_string(sslErr, nullptr);
+            return false;
+        }
+
+        return true;
+    }
+
+    bool SocketOpenSSL::accept(std::string& errMsg)
+    {
+        bool handshakeSuccessful = false;
+        {
+            std::lock_guard<std::mutex> lock(_mutex);
+
+            if (!_openSSLInitializationSuccessful)
+            {
+                errMsg = "OPENSSL_init_ssl failure";
+                return false;
+            }
+
+            if (_sockfd == -1)
+            {
+                return false;
+            }
+
+            {
+                const SSL_METHOD* method = SSLv23_server_method();
+                if (method == nullptr)
+                {
+                    errMsg = "SSLv23_server_method failure";
+                    _ssl_context = nullptr;
+                }
+                else
+                {
+                    _ssl_method = method;
+
+                    _ssl_context = SSL_CTX_new(_ssl_method);
+                    if (_ssl_context)
+                    {
+                        SSL_CTX_set_mode(_ssl_context, SSL_MODE_ENABLE_PARTIAL_WRITE);
+                        SSL_CTX_set_mode(_ssl_context, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
+                        SSL_CTX_set_options(_ssl_context,
+                                            SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
+                    }
+                }
+            }
+
+            if (_ssl_context == nullptr)
+            {
+                return false;
+            }
+
+            ERR_clear_error();
+            if (_tlsOptions.hasCertAndKey())
+            {
+                if (SSL_CTX_use_certificate_chain_file(_ssl_context,
+                                                       _tlsOptions.certFile.c_str()) != 1)
+                {
+                    auto sslErr = ERR_get_error();
+                    errMsg = "OpenSSL failed - SSL_CTX_use_certificate_chain_file(\"" +
+                             _tlsOptions.certFile + "\") failed: ";
+                    errMsg += ERR_error_string(sslErr, nullptr);
+                }
+                else if (SSL_CTX_use_PrivateKey_file(
+                             _ssl_context, _tlsOptions.keyFile.c_str(), SSL_FILETYPE_PEM) != 1)
+                {
+                    auto sslErr = ERR_get_error();
+                    errMsg = "OpenSSL failed - SSL_CTX_use_PrivateKey_file(\"" +
+                             _tlsOptions.keyFile + "\") failed: ";
+                    errMsg += ERR_error_string(sslErr, nullptr);
+                }
+            }
+
+
+            ERR_clear_error();
+            if (!_tlsOptions.isPeerVerifyDisabled())
+            {
+                if (_tlsOptions.isUsingSystemDefaults())
+                {
+                    if (SSL_CTX_set_default_verify_paths(_ssl_context) == 0)
+                    {
+                        auto sslErr = ERR_get_error();
+                        errMsg = "OpenSSL failed - SSL_CTX_default_verify_paths loading failed: ";
+                        errMsg += ERR_error_string(sslErr, nullptr);
+                    }
+                }
+                else
+                {
+                    const char* root_ca_file = _tlsOptions.caFile.c_str();
+                    STACK_OF(X509_NAME) * rootCAs;
+                    rootCAs = SSL_load_client_CA_file(root_ca_file);
+                    if (rootCAs == NULL)
+                    {
+                        auto sslErr = ERR_get_error();
+                        errMsg = "OpenSSL failed - SSL_load_client_CA_file('" + _tlsOptions.caFile +
+                                 "') failed: ";
+                        errMsg += ERR_error_string(sslErr, nullptr);
+                    }
+                    else
+                    {
+                        SSL_CTX_set_client_CA_list(_ssl_context, rootCAs);
+                        if (SSL_CTX_load_verify_locations(_ssl_context, root_ca_file, nullptr) != 1)
+                        {
+                            auto sslErr = ERR_get_error();
+                            errMsg = "OpenSSL failed - SSL_CTX_load_verify_locations(\"" +
+                                     _tlsOptions.caFile + "\") failed: ";
+                            errMsg += ERR_error_string(sslErr, nullptr);
+                        }
+                    }
+                }
+
+                SSL_CTX_set_verify(
+                    _ssl_context, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nullptr);
+                SSL_CTX_set_verify_depth(_ssl_context, 4);
+            }
+            else
+            {
+                SSL_CTX_set_verify(_ssl_context, SSL_VERIFY_NONE, nullptr);
+            }
+            if (_tlsOptions.isUsingDefaultCiphers())
+            {
+                if (SSL_CTX_set_cipher_list(_ssl_context, kDefaultCiphers.c_str()) != 1)
+                {
+                    return false;
+                }
+            }
+            else if (SSL_CTX_set_cipher_list(_ssl_context, _tlsOptions.ciphers.c_str()) != 1)
+            {
+                return false;
+            }
+
+            _ssl_connection = SSL_new(_ssl_context);
+            if (_ssl_connection == nullptr)
+            {
+                errMsg = "OpenSSL failed to connect";
+                SSL_CTX_free(_ssl_context);
+                _ssl_context = nullptr;
+                return false;
+            }
+
+            SSL_set_ecdh_auto(_ssl_connection, 1);
+
+            SSL_set_fd(_ssl_connection, _sockfd);
+
+            handshakeSuccessful = openSSLServerHandshake(errMsg);
+        }
+
+        if (!handshakeSuccessful)
+        {
+            close();
+            return false;
+        }
+
+        return true;
+    }
+
     bool SocketOpenSSL::connect(const std::string& host,
                                 int port,
                                 std::string& errMsg,
@@ -266,13 +545,9 @@ namespace ix
                 return false;
             }
 
-            ERR_clear_error();
-            int cert_load_result = SSL_CTX_set_default_verify_paths(_ssl_context);
-            if (cert_load_result == 0)
+            if (!handleTLSOptions(errMsg))
             {
-                unsigned long ssl_err = ERR_get_error();
-                errMsg = "OpenSSL failed - SSL_CTX_default_verify_paths loading failed: ";
-                errMsg += ERR_error_string(ssl_err, nullptr);
+                return false;
             }
 
             _ssl_connection = SSL_new(_ssl_context);
@@ -291,13 +566,12 @@ namespace ix
 #if OPENSSL_VERSION_NUMBER >= 0x10002000L
             // Support for server name verification
             // (The docs say that this should work from 1.0.2, and is the default from
-            // 1.1.0, but it does not. To be on the safe side, the manual test below is
-            // enabled for all versions prior to 1.1.0.)
-            X509_VERIFY_PARAM *param = SSL_get0_param(_ssl_connection);
+            // 1.1.0, but it does not. To be on the safe side, the manual test
+            // below is enabled for all versions prior to 1.1.0.)
+            X509_VERIFY_PARAM* param = SSL_get0_param(_ssl_connection);
             X509_VERIFY_PARAM_set1_host(param, host.c_str(), 0);
 #endif
-
-            handshakeSuccessful = openSSLHandshake(host, errMsg);
+            handshakeSuccessful = openSSLClientHandshake(host, errMsg);
         }
 
         if (!handshakeSuccessful)
@@ -329,40 +603,32 @@ namespace ix
 
     ssize_t SocketOpenSSL::send(char* buf, size_t nbyte)
     {
-        ssize_t sent = 0;
+        std::lock_guard<std::mutex> lock(_mutex);
 
-        while (nbyte > 0)
+        if (_ssl_connection == nullptr || _ssl_context == nullptr)
         {
-            std::lock_guard<std::mutex> lock(_mutex);
-
-            if (_ssl_connection == nullptr || _ssl_context == nullptr)
-            {
-                return 0;
-            }
-
-            ERR_clear_error();
-            ssize_t write_result = SSL_write(_ssl_connection, buf + sent, (int) nbyte);
-            int reason = SSL_get_error(_ssl_connection, (int) write_result);
-
-            if (reason == SSL_ERROR_NONE) {
-                nbyte -= write_result;
-                sent += write_result;
-            } else if (reason == SSL_ERROR_WANT_READ || reason == SSL_ERROR_WANT_WRITE) {
-                errno = EWOULDBLOCK;
-                return -1;
-            } else {
-                return -1;
-            }
+            return 0;
+        }
+
+        ERR_clear_error();
+        ssize_t write_result = SSL_write(_ssl_connection, buf, (int) nbyte);
+        int reason = SSL_get_error(_ssl_connection, (int) write_result);
+
+        if (reason == SSL_ERROR_NONE)
+        {
+            return write_result;
+        }
+        else if (reason == SSL_ERROR_WANT_READ || reason == SSL_ERROR_WANT_WRITE)
+        {
+            errno = EWOULDBLOCK;
+            return -1;
+        }
+        else
+        {
+            return -1;
         }
-        return sent;
     }
 
-    ssize_t SocketOpenSSL::send(const std::string& buffer)
-    {
-        return send((char*)&buffer[0], buffer.size());
-    }
-
-    // No wait support
     ssize_t SocketOpenSSL::recv(void* buf, size_t nbyte)
     {
         while (true)
@@ -392,4 +658,4 @@ namespace ix
         }
     }
 
-}
+} // namespace ix

ixwebsocket/IXSocketOpenSSL.h

@@ -1,30 +1,31 @@
 /*
  *  IXSocketOpenSSL.h
- *  Author: Benjamin Sergeant
- *  Copyright (c) 2017-2018 Machine Zone, Inc. All rights reserved.
+ *  Author: Benjamin Sergeant, Matt DeBoer
+ *  Copyright (c) 2017-2019 Machine Zone, Inc. All rights reserved.
  */
 
 #pragma once
 
-#include "IXSocket.h"
 #include "IXCancellationRequest.h"
-
+#include "IXSocket.h"
+#include "IXSocketTLSOptions.h"
+#include <mutex>
 #include <openssl/bio.h>
-#include <openssl/hmac.h>
 #include <openssl/conf.h>
 #include <openssl/err.h>
+#include <openssl/hmac.h>
 #include <openssl/ssl.h>
 
-#include <mutex>
-
 namespace ix
 {
-    class SocketOpenSSL : public Socket
+    class SocketOpenSSL final : public Socket
     {
     public:
-        SocketOpenSSL(int fd = -1);
+        SocketOpenSSL(const SocketTLSOptions& tlsOptions, int fd = -1);
         ~SocketOpenSSL();
 
+        virtual bool accept(std::string& errMsg) final;
+
         virtual bool connect(const std::string& host,
                              int port,
                              std::string& errMsg,
@@ -32,26 +33,27 @@ namespace ix
         virtual void close() final;
 
         virtual ssize_t send(char* buffer, size_t length) final;
-        virtual ssize_t send(const std::string& buffer) final;
         virtual ssize_t recv(void* buffer, size_t length) final;
 
     private:
         void openSSLInitialize();
         std::string getSSLError(int ret);
         SSL_CTX* openSSLCreateContext(std::string& errMsg);
-        bool openSSLHandshake(const std::string& hostname, std::string& errMsg);
-        bool openSSLCheckServerCert(SSL *ssl,
-                                    const std::string& hostname,
-                                    std::string& errMsg);
-        bool checkHost(const std::string& host, const char *pattern);
+        bool openSSLClientHandshake(const std::string& hostname, std::string& errMsg);
+        bool openSSLCheckServerCert(SSL* ssl, const std::string& hostname, std::string& errMsg);
+        bool checkHost(const std::string& host, const char* pattern);
+        bool handleTLSOptions(std::string& errMsg);
+        bool openSSLServerHandshake(std::string& errMsg);
 
         SSL* _ssl_connection;
         SSL_CTX* _ssl_context;
         const SSL_METHOD* _ssl_method;
-        mutable std::mutex _mutex;  // OpenSSL routines are not thread-safe
+        SocketTLSOptions _tlsOptions;
+
+        mutable std::mutex _mutex; // OpenSSL routines are not thread-safe
 
         static std::once_flag _openSSLInitFlag;
         static std::atomic<bool> _openSSLInitializationSuccessful;
     };
 
-}
+} // namespace ix