* `basic_parser` now uses pure virtual member functions instead
of the curiously recurring template pattern.
Actions Required:
* Change uses of the `basic_parser` type to omit the `Derived`
template parameter
* Classes derived from `basic_parser` no longer need to friend
the base.
* Virtual functions in the derived class may be marked `override`.
fix#38
This improves the behavior when encountering a short read:
* Any stream error encountered during a read is converting into
`http::error::partial_message` if some data was received but
the message is incomplete.
* Examples squelch SSL short read errors from the logs.
This changes the interface used to apply a decorator to the HTTP
request or response messages used to perform the WebSocket handshake
as follows:
* Add the `stream_base::decorator` option object
* Add `stream::set_option` overload to set the decorator from
the option
* The decorator applies to all client and server handshakes
performed on the stream after the option is set.
* Overloads of the following functions which accept a Decorator
are deprecated:
- accept, accept_ex
- handshake, handshake_ex
- async_accept, async_accept_ex
- async_handshake, async_handshake_ex
Actions Required:
* Code which passes decorator to any `websocket::stream` member
function should call `stream::set_option` instead with a newly
constructed `stream_base::decorator` object containing the
decorator. Alternatively, the macro `BOOST_BEAST_ALLOW_DEPRECATED`
may be defined to 1.
* is_completion_handler is deprecated
* type_traits.hpp is a deprecated include
These items will be removed in the next version
* Include the new header file for the types needed:
- stream_traits.hpp
- file_base.hpp
* Use std::is_invocable instead of is_completion_handler
fix#1416
* Calls to buffer_copy are qualified as net::buffer_copy
* Calls to buffer_size are made unqualified, permitting
argument dependent lookup to take effect.
The nested function lowest_layer and nested type lowest_layer_type
are removed from all stream layers.
Actions Required:
* Remove lowest_layer and lowest_layer_type from user-defined streams.
* Use the get_lowest_layer free function and the lowest_layer_type trait
as needed.
* Revise documentation
* Specify exception safety
* Mark more functions noexcept
API Changes:
* flat_static_buffer::reset is deprecated
Actions Required:
* Replace calls to flat_static_buffer::reset with
flat_static_buffer::clear
fix#1305
Applies to:
flat_buffer
flat_static_buffer
multi_buffer
static_buffer
Changes:
* Revised all javadocs
* Move construction does not invalidate in some cases
* non-const data() returns a mutable buffer sequence
* Add cdata() to also return constant readable bytes
* Eligible member functions are declared noexcept
fix#1279, close#1319
This enables users to improve compilation performance by explicitly
instantiating the stream template in another TU.
Signed-off-by: Damian Jarek <damian.jarek93@gmail.com>
close#1322
async initiating functions must return init.result.get(). Returning the
result of post caused a compilation failure for custom completion tokens.
Signed-off-by: Damian Jarek <damian.jarek93@gmail.com>
This resolves a medium vulnerability described in the
Beast Hybrid Assessment Report by Bishop Fox, where masks generated
for use with outgoing WebSocket client frames use an insufficient
source of entropy and a non-cryptographically secure pseudo-random
number generator.
By default, all newly constructed WebSocket streams will use a
uniquely seeded secure PRNG (ChaCha20 in counter mode). As this may
result in increased CPU resource consumption, the function
websocket::stream::secure_prng() may be used to select a faster but
less secure PRNG, for the case where the caller knows that the secure
generator is not necessary.
On some systems, std::random_device may produce insufficient entropy
to securely seed the PRNG. As this condition cannot be detected by
Beast, callers may use the function websocket::seed_prng() called
once at startup to provide at least 256 bits of entropy which will
be used to uniquely seed all subsequent PRNGs.
fix#1076
As per Asio and Networking TS requirements, composed operations must
maintain an object of type executor_work_guard for the executor associated
with the I/O object, for the lifetime of the asynchronous operation.
This is in addition to the requirement for maintaining an object of type
executor_work_guard for the executor associated with the handler.
