This changes the interface used to apply a decorator to the HTTP
request or response messages used to perform the WebSocket handshake
as follows:
* Add the `stream_base::decorator` option object
* Add `stream::set_option` overload to set the decorator from
the option
* The decorator applies to all client and server handshakes
performed on the stream after the option is set.
* Overloads of the following functions which accept a Decorator
are deprecated:
- accept, accept_ex
- handshake, handshake_ex
- async_accept, async_accept_ex
- async_handshake, async_handshake_ex
Actions Required:
* Code which passes decorator to any `websocket::stream` member
function should call `stream::set_option` instead with a newly
constructed `stream_base::decorator` object containing the
decorator. Alternatively, the macro `BOOST_BEAST_ALLOW_DEPRECATED`
may be defined to 1.
* All functionality of stranded_stream is folded into basic_stream
* tcp_stream is an alias for basic_stream with tcp
* The tests are expanded to produce full coverage
* Timeout implementation is simplified
The nested function lowest_layer and nested type lowest_layer_type
are removed from all stream layers.
Actions Required:
* Remove lowest_layer and lowest_layer_type from user-defined streams.
* Use the get_lowest_layer free function and the lowest_layer_type trait
as needed.
* Tidy up and comment asserts
* `pausation` is renamed to saved_handler
* A work guard on the handler's associated executor
is maintained for the lifetime of the store handler.
fix#1279, close#1319
This enables users to improve compilation performance by explicitly
instantiating the stream template in another TU.
Signed-off-by: Damian Jarek <damian.jarek93@gmail.com>
This resolves a medium vulnerability described in the
Beast Hybrid Assessment Report by Bishop Fox, where masks generated
for use with outgoing WebSocket client frames use an insufficient
source of entropy and a non-cryptographically secure pseudo-random
number generator.
By default, all newly constructed WebSocket streams will use a
uniquely seeded secure PRNG (ChaCha20 in counter mode). As this may
result in increased CPU resource consumption, the function
websocket::stream::secure_prng() may be used to select a faster but
less secure PRNG, for the case where the caller knows that the secure
generator is not necessary.
On some systems, std::random_device may produce insufficient entropy
to securely seed the PRNG. As this condition cannot be detected by
Beast, callers may use the function websocket::seed_prng() called
once at startup to provide at least 256 bits of entropy which will
be used to uniquely seed all subsequent PRNGs.
fix#941, fix#1016
`get_lowest_layer` is now a type alias for the
lowest layer instead of a struct with a nested type.
Actions required:
* Replace instances of `typename get_lowest_layer<T>::type`
with `get_lowest_layer<T>`.
fix#949
* New error codes are introduced for WebSocket failures
* More verbose messages for error codes
* Error codes are mapped to conditions for ease of testing
* error::failed and error::handshake_failed are deprecated (don't use)
Actions Required:
* Code which explicitly compares error_code values against the
constant `websocket::error::handshake_failed` should compare
against `websocket::condition::handshake_failed` instead.
* Code which explicitly compares error_code values against the
constant `websocket::error::failed` should compare
against `websocket::condition::protocol_violation` instead.
fix#849
This adds an additional `bool` template parameter to
`websocket::stream`:
* When deflateSupported is `true`, the stream will be capable
of negotiating the permessage-deflate websocket extension per
the configured run-time settings.
* When deflateSupported is `false`, the stream will never negotiate
the permessage-deflate websocket extension. Furthermore, all of the
code necessary for implementing the permessage-deflate extension
will be excluded from function instantiations. The resulting emitted
object code should be smaller.
Split the websocket read test to reduce compile time memory usage
by a small amount, which ought to be enough to let it compile in
a constrained environment like Travis.
Signed-off-by: Damian Jarek <damian.jarek93@gmail.com>
The function stream::control_callback now copies or moves
the callback. In some cases this may require a dynamic
allocation.
To avoid the possibility of a dynamic allocation, callers
may wrap their callback using `std::ref` before setting it.
fix#769
The following classes are removed:
* handler_type
* async_result
* async_completion
* is_dynamic_buffer
* is_const_buffer_sequence
* is_mutable_buffer_sequence
* handler_alloc
Actions Required:
* Use BOOST_ASIO_HANDLER_TYPE instead of handler_type
* Use BOOST_ASIO_INITFN_RESULT_TYPE instead of async_result
* Use boost::asio::async_completion
* Use boost::asio::is_dynamic_buffer
* Use boost::asio::is_const_buffer_sequence
* Use boost::asio::is_mutable_buffer_sequence
* boost::asio::associated_allocator_t replaces handler_alloc
fix#778
* The version data member is replaced with accessor
member functions.
Actions Required:
* Call member function message::version instead of accessing
the version member at call sites.
* Stream write operations now return the number of bytes
transferred from the caller's input buffers.
Actions Required:
* Modify websocket write completion handlers to receive
the extra std::size_t bytes_transferred parameter.
