fix(win32): DLL file/product version now set as per actual git tag version

.sai.json

@@ -243,11 +243,11 @@
 		"mbedtls": {
 			"cmake":	"-DLWS_WITH_MBEDTLS=1 -DLWS_WITH_HTTP2=1 -DLWS_WITH_LWSWS=1 -DLWS_WITH_MINIMAL_EXAMPLES=1 -DLWS_WITH_JOSE=1 -DCMAKE_BUILD_TYPE=DEBUG",
 			# no distro -devel package for mbedtls
-			"platforms":	"not linux-centos-7/x86_64-amd/gcc, not linux-centos-8/x86_64-amd/gcc"
+			"platforms":	"not linux-centos-7/x86_64-amd/gcc, not linux-centos-8/x86_64-amd/gcc, not linux-ubuntu-xenial/x86_64-amd/gcc"
 		},
 		"mbedtls-metrics": {
 			"cmake":	"-DLWS_WITH_MBEDTLS=1 -DLWS_WITH_HTTP2=1 -DLWS_WITH_LWSWS=1 -DLWS_WITH_MINIMAL_EXAMPLES=1 -DLWS_WITH_JOSE=1 -DCMAKE_BUILD_TYPE=DEBUG -DLWS_WITH_SYS_METRICS=1",
-			"platforms":	"not linux-centos-7/x86_64-amd/gcc, not linux-centos-8/x86_64-amd/gcc"
+			"platforms":	"not linux-centos-7/x86_64-amd/gcc, not linux-centos-8/x86_64-amd/gcc, not linux-ubuntu-xenial/x86_64-amd/gcc"
 		},
 		"noserver": {
 			"cmake":	"-DLWS_WITHOUT_SERVER=ON -DLWS_WITH_MINIMAL_EXAMPLES=1 -DLWS_WITH_SECURE_STREAMS=1",

CMakeLists-implied-options.txt

@@ -47,7 +47,7 @@ if (LWS_PLAT_OPTEE)
 	set(LWS_WITH_UDP 0)
 endif()
 
-if (LWS_PLAT_FREERTOS)
+if (LWS_PLAT_FREERTOS OR (${CMAKE_SYSTEM_NAME} MATCHES "QNX"))
 	message(STATUS "No LWS_WITH_DIR or LWS_WITH_LEJP_CONF")
 	set(LWS_WITH_DIR OFF)
 	set(LWS_WITH_LEJP_CONF OFF)
@@ -368,6 +368,12 @@ if (LWS_WITHOUT_SERVER)
 	set(LWS_WITH_SERVER)
 endif()
 
+if (LWS_WITH_SERVER)
+else()
+	set(LWS_WITH_CGI 0)
+	set(LWS_ROLE_CGI 0)
+endif()
+
 # using any abstract protocol enables LWS_WITH_ABSTRACT
 
 #if (LWS_WITH_SMTP)

CMakeLists.txt

@@ -63,13 +63,20 @@ if (ESP_PLATFORM)
 endif()
 
 # it's at this point any toolchain file is brought in
-project(libwebsockets C CXX)
+project(libwebsockets C)
+if (LWS_WITH_SECURE_STREAMS_CPP)
+	enable_language(CXX)
+endif()
 include(CTest)
 
 if (ESP_PLATFORM)
        include_directories(
 		$ENV{IDF_PATH}/components/esp_hw_support/include/soc/
 		$ENV{IDF_PATH}/components/freertos/include/
+		$ENV{IDF_PATH}/components/freertos/esp_additions/include/
+		$ENV{IDF_PATH}/components/freertos/esp_additions/include/freertos/
+		$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/
+		$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/portable/linux/include/
 		$ENV{IDF_PATH}/components/xtensa/${CONFIG_IDF_TARGET}/include/
 		$ENV{IDF_PATH}/components/freertos/include/esp_additions
 		$ENV{IDF_PATH}/components/hal/include
@@ -175,7 +182,7 @@ option(LWS_WITH_SSL "Include SSL support (defaults to OpenSSL or similar, mbedTL
 option(LWS_WITH_MBEDTLS "Use mbedTLS (>=2.0) replacement for OpenSSL. When setting this, you also may need to specify LWS_MBEDTLS_LIBRARIES and LWS_MBEDTLS_INCLUDE_DIRS" OFF)
 option(LWS_WITH_BORINGSSL "Use BoringSSL replacement for OpenSSL" OFF)
 option(LWS_WITH_CYASSL "Use CyaSSL replacement for OpenSSL. When setting this, you also need to specify LWS_CYASSL_LIBRARIES and LWS_CYASSL_INCLUDE_DIRS" OFF)
-option(LWS_WITH_WOLFSSL "Use wolfSSL replacement for OpenSSL. When setting this, you also need to specify LWS_WOLFSSL_LIBRARIES and LWS_WOLFSSL_INCLUDE_DIRS" OFF)
+option(LWS_WITH_WOLFSSL "Use wolfSSL replacement for OpenSSL. When setting this, you also may need to specify LWS_WOLFSSL_LIBRARIES and LWS_WOLFSSL_INCLUDE_DIRS" OFF)
 option(LWS_SSL_CLIENT_USE_OS_CA_CERTS "SSL support should make use of the OS-installed CA root certs" ON)
 option(LWS_TLS_LOG_PLAINTEXT_RX "For debugging log the received plaintext as soon as decrypted" OFF)
 option(LWS_TLS_LOG_PLAINTEXT_TX "For debugging log the transmitted plaintext just before encryption" OFF)
@@ -403,7 +410,18 @@ set(CPACK_RPM_PACKAGE_LICENSE "MIT")
 set(CPACK_PACKAGE_NAME "${PACKAGE}")
 set(CPACK_PACKAGE_VERSION_MAJOR "4")
 set(CPACK_PACKAGE_VERSION_MINOR "3")
-set(CPACK_PACKAGE_VERSION_PATCH_NUMBER "0")
+set(CPACK_PACKAGE_VERSION_PATCH_NUMBER "5")
+
+# Override version components from git tag if available (e.g. v4.3.7 or v4.3.7-5-gabcdef)
+if(GIT_HASH)
+    string(REGEX MATCH "^v?([0-9]+)\\.([0-9]+)\\.([0-9]+)" _GIT_VER_MATCH "${GIT_HASH}")
+    if(_GIT_VER_MATCH)
+        set(CPACK_PACKAGE_VERSION_MAJOR "${CMAKE_MATCH_1}")
+        set(CPACK_PACKAGE_VERSION_MINOR "${CMAKE_MATCH_2}")
+        set(CPACK_PACKAGE_VERSION_PATCH_NUMBER "${CMAKE_MATCH_3}")
+        message("Version overridden from git tag: ${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH_NUMBER}")
+    endif()
+endif()
 
 set(CPACK_PACKAGE_VERSION_PATCH "${CPACK_PACKAGE_VERSION_PATCH_NUMBER}-${LWS_BUILD_HASH}")
 set(CPACK_PACKAGE_RELEASE 1)
@@ -795,6 +813,14 @@ if (CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_GNUCXX OR COMPILER_IS_CLANG)
 		set(CMAKE_C_FLAGS "-Wall -Wsign-compare ${VISIBILITY_FLAG} ${GCOV_FLAGS} ${CMAKE_C_FLAGS}" )
 	endif()
 
+	if (PICO_SDK_PATH)
+		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wno-unused-parameter -Wconversion -Wsign-compare -Wstrict-aliasing -Wundef -nolibc")
+	endif()
+
+	if (ESP_PLATFORM AND (CONFIG_IDF_TARGET_ESP32 OR CONFIG_IDF_TARGET_ESP32S2 OR CONFIG_IDF_TARGET_ESP32S3))
+		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -mlongcalls")
+	endif()
+
 	if ("${DISABLE_WERROR}" STREQUAL "OFF")
 		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror")
 	endif()
@@ -836,6 +862,12 @@ if (MSVC)
 	add_definitions(-D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE)
 	# Fail the build if any warnings
 	add_compile_options(/W3 /WX)
+	# Unbreak MSVC broken preprocessor __VA_ARGS__ behaviour
+	if (MSVC_VERSION GREATER 1925)
+		add_compile_options(/Zc:preprocessor /wd5105)
+	else()
+		add_compile_options(/experimental:preprocessor /wd5105)
+	endif()
 endif(MSVC)
 
 if (MINGW)
@@ -861,11 +893,11 @@ endif()
 #
 # ZLIB (needed for deflate extension and if LWS_WITH_HTTP_STREAM_COMPRESSION)
 #
-if (LWS_WITH_ZLIB)
+if (LWS_WITH_ZLIB AND NOT LWS_WITH_BUNDLED_ZLIB)
 	if (NOT ZLIB_FOUND)
 		if (LWS_WITH_MINIZ)
 			find_package(Miniz REQUIRED)
-			set(ZLIB_INCLUDE_DIRS ${MINIZ_INCLUDE_DIRS})
+			set(ZLIB_INCLUDE_DIRS ${MINIZ_INCLUDE_DIR})
 			set(ZLIB_LIBRARIES ${MINIZ_LIBRARIES})
 		else()
 			find_package(ZLIB REQUIRED)
@@ -1053,6 +1085,9 @@ file(RELATIVE_PATH
 if (DEFINED REL_INCLUDE_DIR)
     set(LWS__INCLUDE_DIRS "\${LWS_CMAKE_DIR}/${REL_INCLUDE_DIR}")
 endif()
+if (DEFINED OPENSSL_INCLUDE_DIRS)
+	set(LWS__INCLUDE_DIRS "${LWS__INCLUDE_DIRS};${OPENSSL_INCLUDE_DIRS}")
+endif()
 
 configure_file(${PROJECT_SOURCE_DIR}/cmake/libwebsockets-config.cmake.in
                 ${PROJECT_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/libwebsockets-config.cmake

LICENSE

@@ -1,3 +1,7 @@
+MIT License 
+
+Copyright (c) 2006-2025 Andy Green
+
 Libwebsockets and included programs are provided under the terms of the
 MIT license shown below, with the exception that some sources are under
 a similar permissive license like BSD, or are explicitly CC0 / public
@@ -36,6 +40,12 @@ to us so you can easily use later releases and fixes.
 
 ## MIT License applied to libwebsockets
 
+(lib/misc/base64-decode.c, lib/misc/daemonize.c, lib/plat/windows/windows-resolv.c) 
+
+lib/misc/base64-decode.c: Copyright (c) 2001 Bob Trower, Trantor Standard Systems Inc.
+lib/misc/daemonize.c: Copyright (c)2006 - 2013 Andy Green <andy@warmcat.com>
+lib/plat/windows/windows-resolv.c - Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
+
 https://opensource.org/licenses/MIT 
 
  Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -58,6 +68,10 @@ https://opensource.org/licenses/MIT
 
 ## BSD2
 
+(lib/misc/ieeehalfprecision.c)
+
+lib/misc/ieeehalfprecision.c - Copyright: (c) 2009 by James Tursa, All Rights Reserved
+
 ```
  *  Redistribution and use in source and binary forms, with or without 
  *  modification, are permitted provided that the following conditions are 
@@ -208,4 +222,3 @@ For these and/or other purposes and motivations, and without any expectation of
     Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work.
     Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work.
 ```
-

READMEs/README.build.md

@@ -353,7 +353,7 @@ https://www.wolfssl.com/wolfSSL/Products-wolfssl.html
 It contains a OpenSSL compatibility layer which makes it possible to pretty
 much link to it instead of OpenSSL, giving a much smaller footprint.
 
-**NOTE**: wolfssl needs to be compiled using the `--enable-opensslextra` flag for
+**NOTE**: wolfssl needs to be compiled using the `--enable-libwebsockets` flag for
 this to work.
 
 @section wolf1 Compiling libwebsockets with wolfSSL

READMEs/README.coding.md

@@ -183,28 +183,17 @@ loop wait (sleeping in `poll()` or `epoll()` or whatever).  The rules above
 mean directly sending data on the connection from another thread is out of the
 question.
 
-Therefore the two apis mentioned above that may be used from another thread are
-
- - For LWS using the default poll() event loop, `lws_callback_on_writable()`
-
- - For LWS using libuv/libev/libevent event loop, `lws_cancel_service()`
-
-If you are using the default poll() event loop, one "foreign thread" at a time may
-call `lws_callback_on_writable()` directly for a wsi.  You need to use your own
-locking around that to serialize multiple thread access to it.
-
-If you implement LWS_CALLBACK_GET_THREAD_ID in protocols[0], then LWS will detect
-when it has been called from a foreign thread and automatically use
-`lws_cancel_service()` to additionally wake the service loop from its wait.
-
-For libuv/libev/libevent event loop, they cannot handle being called from other
-threads.  So there is a slightly different scheme, you may call `lws_cancel_service()` 
-to force the event loop to end immediately.  This then broadcasts a callback (in the
-service thread context) `LWS_CALLBACK_EVENT_WAIT_CANCELLED`, to all protocols on all
-vhosts, where you can perform your own locking and walk a list of wsi that need
-`lws_callback_on_writable()` calling on them.
-
-`lws_cancel_service()` is very cheap to call.
+The only lws api that's safe to call from other thread contexts is `lws_cancel_service()`.
+This will take a platform-specific action to wake the lws event loop thread wait,
+either put a byte into a pipe2() the event loop is waiting on, or send a packet on
+a UDP socket pair that the event loop waits on.  When the wake is handled by the
+lws event loop thread, it will broadcast a `LWS_CALLBACK_EVENT_WAIT_CANCELLED`
+message to every vhost-protocol instantiation, so you can handle this callback,
+usually lock a shared data region, and if you see you need to write, call
+`lws_callback_on_writable()` for the wsi(s) that need to write.
+
+There's no restriction on multiple threads calling `lws_cancel_service()`, it's
+unconditionally safe due to how it is implemented underneath.
 
 5) The obverse of this truism about the receiver being the boss is the case where
 we are receiving.  If we get into a situation we actually can't usefully

READMEs/README.lws_sul.md

@@ -30,33 +30,44 @@ scheduler from your own code; it uses it to spread out connection
 attempts so they are staggered in time.  You must create an
 `lws_sorted_usec_list_t` object somewhere, eg, in you own existing object.
 
-```
+```c
 static lws_sorted_usec_list_t sul_stagger;
 ```
 
 Create your own callback for the event... the argument points to the sul object
 used when the callback was scheduled.  You can use pointer arithmetic to translate
-that to your own struct when the `lws_sorted_usec_list_t` was a member of the
-same struct.
+that to your own struct (when the `lws_sorted_usec_list_t` was a member of the
+some struct) by using `lws_container_of(sul, container_struct_type, field_name)`.
+
+```c
+typedef struct my_connection_data {
+	...
+	lws_sorted_usec_list_t sul_stagger;
+	...
+} my_connection_data_t;
 
-```
 static void
 stagger_cb(lws_sorted_usec_list_t *sul)
 {
-...
+	my_connection_data_t* my_data = lws_container_of(sul, my_connection_data_t, sul_stagger);
+	...
 }
 ```
 
+**Important note**: make sure, that `lws_sorted_usec_list_t` data initiallized by 
+zeros (`memset(&sul_stagger, 0, sizeof(lws_sorted_usec_list_t)`). This struct 
+contains pointers, so them must initially pointing to `NULL`!
+
 When you want to schedule the callback, use `lws_sul_schedule()`... this will call
 it 10ms in the future
 
-```
+```c
 	lws_sul_schedule(context, 0, &sul_stagger, stagger_cb, 10 * LWS_US_PER_MS);
 ```
 
 In the case you destroy your object and need to cancel the scheduled callback, use
 
-```
+```c
 	lws_sul_schedule(context, 0, &sul_stagger, NULL, LWS_SET_TIMER_USEC_CANCEL);
 ```
 

READMEs/README.tls-sessions.md

@@ -43,8 +43,10 @@ valid session object.
 ### Difference from Session Tickets
 
 TLS also supports sessions as bearer tokens, but these are generally considered
-as degrading security.  Lws doesn't support Session Tickets, just reuse by
-Session IDs.
+as degrading security.  Lws doesn't do anything special for Session Tickets, but
+it's possible your TLS library will support them by default, as is reportedly the
+case with mbedtls 2.28.1.  Either way, it's expected Session IDs should work with
+lws if enabled and your tls library supports them.
 
 ## Support in lws
 

cmake/FindOpenSSLbins.cmake

@@ -44,7 +44,7 @@ if(OPENSSL_FOUND)
       get_filename_component(OPENSSL_EXECUTABLE_PATH ${OPENSSL_EXECUTABLE} DIRECTORY)
       message(VERBOSE "OPENSSL_EXECUTABLE_PATH=${OPENSSL_EXECUTABLE_PATH}")
       set(OPENSSL_EXECUTABLE_BIN_PATH "")
-      string(REGEX MATCH "^(.*)/tools/openssl$" REGEX_MATCH ${OPENSSL_EXECUTABLE_PATH})
+      string(REGEX MATCH "^(.*)/tools/openssl$" REGEX_MATCH "${OPENSSL_EXECUTABLE_PATH}")
       message(DEBUG "REGEX_MATCH=\"${REGEX_MATCH}\"")
       message(DEBUG "CMAKE_MATCH_1=\"${CMAKE_MATCH_1}\"")
       if (NOT ${REGEX_MATCH} EQUAL "")

cmake/LwsCheckRequirements.cmake

@@ -4,6 +4,9 @@
 # If we are being built externally, confirm installed lws was configured to
 # support reqconfig, else error out with a helpful message about the problem.
 #
+
+include(CheckIncludeFile)
+
 MACRO(require_lws_config reqconfig _val result)
 
 	if (DEFINED ${reqconfig})
@@ -72,7 +75,9 @@ MACRO(require_pthreads result)
 		if (WIN32)
 			set(PTHREAD_LIB ${LWS_EXT_PTHREAD_LIBRARIES})
 		else()
-			set(PTHREAD_LIB pthread)
+			if (NOT ${CMAKE_SYSTEM_NAME} MATCHES "QNX")
+				set(PTHREAD_LIB pthread)
+			endif()
 		endif()
 	endif()
 ENDMACRO()

cmake/libwebsockets-config.cmake.in

@@ -1,14 +1,14 @@
 # - Config file for lws
 
 # It defines the following variables
-#  LIBWEBSOCKETS_INCLUDE_DIRS - include directories for FooBar
+#  LIBWEBSOCKETS_INCLUDE_DIRS - include directories for lws
 #  LIBWEBSOCKETS_LIBRARIES    - libraries to link against
 
 # Get the path of the current file.
 get_filename_component(LWS_CMAKE_DIR "${CMAKE_CURRENT_LIST_FILE}" PATH)
+list(APPEND CMAKE_MODULE_PATH ${libwebsockets_DIR})
 
-# Set the include directories.
-set(LIBWEBSOCKETS_INCLUDE_DIRS "@LWS__INCLUDE_DIRS@")
+set(LIBWEBSOCKETS_INCLUDE_DIRS "@LWS__INCLUDE_DIRS@" "@LWS_PUBLIC_INCLUDES@")
 
 # Include the project Targets file, this contains definitions for IMPORTED targets.
 include(${LWS_CMAKE_DIR}/LibwebsocketsTargets.cmake)
@@ -17,8 +17,20 @@ include(${LWS_CMAKE_DIR}/LwsCheckRequirements.cmake)
 # IMPORTED targets from LibwebsocketsTargets.cmake
 set(LIBWEBSOCKETS_LIBRARIES websockets websockets_shared)
 
+# These are additional include paths you will need
+foreach(item "${LIBWEBSOCKETS_INCLUDE_DIRS}")
+	include_directories(${item})
+	set(CMAKE_REQUIRED_INCLUDES "${CMAKE_REQUIRED_INCLUDES}" ${item})
+endforeach()
+
 # These are additional libs that lws wants your app to also link to
 foreach(item "@LIB_LIST_AT_END@")
 	list(APPEND LIBWEBSOCKETS_DEP_LIBS ${item})
 endforeach()
 
+# Move boilerplate for consuming cmake files into here
+
+include(CheckIncludeFile)
+include(CheckCSourceCompiles)
+set(requirements 1)
+

cmake/lws_config.h.in

@@ -78,6 +78,7 @@
 #cmakedefine LWS_HAVE_mbedtls_ssl_set_verify
 #cmakedefine LWS_HAVE_mbedtls_x509_crt_parse_file
 #cmakedefine LWS_HAVE_MBEDTLS_NET_SOCKETS
+#cmakedefine LWS_HAVE_MBEDTLS_SSL_NEW_SESSION_TICKET
 #cmakedefine LWS_HAVE_MBEDTLS_AUTH_KEY_ID
 #cmakedefine LWS_HAVE_NEW_UV_VERSION_H
 #cmakedefine LWS_HAVE_OPENSSL_ECDH_H