diff --git a/lib/client/client.c b/lib/client/client.c
index f2a2f6738b0f189095e1f3e88b7603c2842b5ebd..5217cca83ba47fcbbe84f75320e4267a7a23a42b 100644
--- a/lib/client/client.c
+++ b/lib/client/client.c
@@ -517,6 +517,21 @@ lws_http_client_http_response(struct lws *wsi)
return wsi->ah->http_response;
}
+#if defined(LWS_PLAT_OPTEE)
+char *
+strrchr(const char *s, int c)
+{
+ char *hit = NULL;
+
+ while (*s)
+ if (*(s++) == (char)c)
+ hit = (char *)s - 1;
+
+ return hit;
+}
+
+#define atoll atoi
+#endif
int
lws_client_interpret_server_handshake(struct lws *wsi)
diff --git a/lib/libwebsockets.c b/lib/libwebsockets.c
index ab85b2ca3d6d102387fbd55587f23f30736f2321..ee5db37307aa6c36f9b1e56eb6937c821ad9adda 100644
--- a/lib/libwebsockets.c
+++ b/lib/libwebsockets.c
@@ -1811,10 +1811,14 @@ lwsl_timestamp(int level, char *p, int len)
(int)(now % 10000), log_level_names[n]);
return n;
}
+#else
+ p[0] = '\0';
#endif
+
return 0;
}
+#ifndef LWS_PLAT_OPTEE
static const char * const colours[] = {
"[31;1m", /* LLL_ERR */
"[36;1m", /* LLL_WARN */
@@ -1829,16 +1833,14 @@ static const char * const colours[] = {
"[30;1m", /* LLL_USER */
};
-#ifndef LWS_PLAT_OPTEE
LWS_VISIBLE void lwsl_emit_stderr(int level, const char *line)
{
char buf[50];
- static char tty;
+ static char tty = 3;
int n, m = ARRAY_SIZE(colours) - 1;
if (!tty)
tty = isatty(2) | 2;
-
lwsl_timestamp(level, buf, sizeof(buf));
if (tty == 3) {
diff --git a/lib/libwebsockets.h b/lib/libwebsockets.h
index 9a35c6b98a5d20a38c10adb5709aa1565319f5be..504eb46c79eb8c33196c29aa1c3b14ac41881c6d 100644
--- a/lib/libwebsockets.h
+++ b/lib/libwebsockets.h
@@ -123,7 +123,7 @@ typedef unsigned long long lws_intptr_t;
#define LWS_O_CREAT O_CREAT
#define LWS_O_TRUNC O_TRUNC
-#if !defined(OPTEE_TA) && !defined(LWS_WITH_ESP32)
+#if !defined(LWS_PLAT_OPTEE) && !defined(OPTEE_TA) && !defined(LWS_WITH_ESP32)
#include <poll.h>
#include <netdb.h>
#define LWS_INVALID_FILE -1
@@ -1088,7 +1088,11 @@ enum lws_callback_reasons {
* optional, if you don't handle it everything is fine.
*
* Notice the callback is coming to protocols[0] all the time,
- * because there is no specific protocol negotiated yet. */
+ * because there is no specific protocol negotiated yet.
+ *
+ * See LWS_CALLBACK_ADD_HEADERS for adding headers to server
+ * transactions.
+ */
LWS_CALLBACK_CONFIRM_EXTENSION_OKAY = 25,
/**< When the server handshake code
* sees that it does support a requested extension, before
@@ -1275,11 +1279,14 @@ enum lws_callback_reasons {
* bytes per buffer).
* */
LWS_CALLBACK_ADD_HEADERS = 53,
- /**< This gives your user code a chance to add headers to a
+ /**< This gives your user code a chance to add headers to a server
* transaction bound to your protocol. `in` points to a
* `struct lws_process_html_args` describing a buffer and length
* you can add headers into using the normal lws apis.
*
+ * (see LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER to add headers to
+ * a client transaction)
+ *
* Only `args->p` and `args->len` are valid, and `args->p` should
* be moved on by the amount of bytes written, if any. Eg
*
@@ -4305,7 +4312,7 @@ LWS_VISIBLE LWS_EXTERN int
lws_plat_read_file(const char *filename, void *buf, int len);
LWS_VISIBLE LWS_EXTERN int
-lws_plat_recommended_rsa_bits();
+lws_plat_recommended_rsa_bits(void);
///@}
/*! \defgroup ev libev helpers
@@ -6756,9 +6763,9 @@ LWS_VISIBLE LWS_EXTERN void
lws_stats_log_dump(struct lws_context *context);
#else
static LWS_INLINE uint64_t
-lws_stats_get(struct lws_context *context, int index) { return 0; }
+lws_stats_get(struct lws_context *context, int index) { (void)context; (void)index; return 0; }
static LWS_INLINE void
-lws_stats_log_dump(struct lws_context *context) { }
+lws_stats_log_dump(struct lws_context *context) { (void)context; }
#endif
#ifdef __cplusplus
diff --git a/lib/plat/lws-plat-optee.c b/lib/plat/lws-plat-optee.c
index 2fdb81de19e44127ca8176d5924efe20c4040478..41160cb8a70f311a245794c4181f8efae28384dc 100644
--- a/lib/plat/lws-plat-optee.c
+++ b/lib/plat/lws-plat-optee.c
@@ -163,7 +163,7 @@ faked_service:
c = n;
/* any socket with events to service? */
- for (n = 0; n < pt->fds_count && c; n++) {
+ for (n = 0; n < (int)pt->fds_count && c; n++) {
if (!pt->fds[n].revents)
continue;
@@ -280,8 +280,8 @@ lws_plat_inet_pton(int af, const char *src, void *dst)
}
LWS_VISIBLE lws_fop_fd_t
-_lws_plat_file_open(lws_plat_file_open(struct lws_plat_file_ops *fops,
- const char *filename, lws_fop_flags_t *flags)
+_lws_plat_file_open(const struct lws_plat_file_ops *fops,
+ const char *filename, const char *vpath, lws_fop_flags_t *flags)
{
return NULL;
}
diff --git a/lib/service.c b/lib/service.c
index 8a786622042908e590ed6e152338965e6a784d56..e470ed64dccbf8abc0c2d862606e16d0f8815549 100644
--- a/lib/service.c
+++ b/lib/service.c
@@ -1154,7 +1154,11 @@ lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd,
*/
wsi = ah->wsi;
buf[0] = '\0';
+#if !defined(LWS_PLAT_OPTEE)
lws_get_peer_simple(wsi, buf, sizeof(buf));
+#else
+ buf[0] = '\0';
+#endif
lwsl_notice("ah excessive hold: wsi %p\n"
" peer address: %s\n"
" ah rxpos %u, rxlen %u, pos %u\n",
diff --git a/lib/tls/openssl/openssl-server.c b/lib/tls/openssl/openssl-server.c
index 6d2e0f190e46ececf6c135ac6fbe9801a0599dda..db9912ff9c26858ba08987c27d8f334f937c5317 100644
--- a/lib/tls/openssl/openssl-server.c
+++ b/lib/tls/openssl/openssl-server.c
@@ -272,6 +272,7 @@ check_key:
lwsl_notice(" Using ECDH certificate support\n");
/* Get X509 certificate from ssl context */
+#if !defined(LWS_WITH_BORINGSSL)
#if !defined(LWS_HAVE_SSL_EXTRA_CHAIN_CERTS)
x = sk_X509_value(vhost->ssl_ctx->extra_certs, 0);
#else
@@ -285,6 +286,9 @@ check_key:
//lwsl_err("%s: x is NULL\n", __func__);
goto post_ecdh;
}
+#else
+ return 1;
+#endif
/* Get the public key from certificate */
pkey = X509_get_pubkey(x);
if (!pkey) {
@@ -312,8 +316,9 @@ check_key:
#else
lwsl_notice(" OpenSSL doesn't support ECDH\n");
#endif
-
+#if !defined(LWS_WITH_BORINGSSL)
post_ecdh:
+#endif
vhost->skipped_certs = 0;
return 0;
@@ -378,7 +383,7 @@ lws_tls_server_vhost_backend_init(struct lws_context_creation_info *info,
SSL_CTX_clear_options(vhost->ssl_ctx, info->ssl_options_clear);
#endif
- lwsl_info(" SSL options 0x%lX\n", SSL_CTX_get_options(vhost->ssl_ctx));
+ lwsl_info(" SSL options 0x%lX\n", (unsigned long)SSL_CTX_get_options(vhost->ssl_ctx));
if (!vhost->use_ssl || !info->ssl_cert_filepath)
return 0;
diff --git a/lib/tls/openssl/ssl.c b/lib/tls/openssl/ssl.c
index b98691f5f985dfb434e8eea8cb45f442846e992d..7a3459b0038227d253726446f433c222fc2c3d18 100644
--- a/lib/tls/openssl/ssl.c
+++ b/lib/tls/openssl/ssl.c
@@ -492,16 +492,19 @@ lws_tls_shutdown(struct lws *wsi)
return LWS_SSL_CAPABLE_ERROR;
}
}
-
+#if !defined(LWS_PLAT_OPTEE)
static int
dec(char c)
{
return c - '0';
}
+#endif
static time_t
lws_tls_openssl_asn1time_to_unix(ASN1_TIME *as)
{
+#if !defined(LWS_PLAT_OPTEE)
+
const char *p = (const char *)as->data;
struct tm t;
@@ -529,6 +532,9 @@ lws_tls_openssl_asn1time_to_unix(ASN1_TIME *as)
t.tm_isdst = 0;
return mktime(&t);
+#else
+ return (time_t)-1;
+#endif
}
int
@@ -536,7 +542,9 @@ lws_tls_openssl_cert_info(X509 *x509, enum lws_tls_cert_info type,
union lws_tls_cert_info_results *buf, size_t len)
{
X509_NAME *xn;
+#if !defined(LWS_PLAT_OPTEE)
char *p;
+#endif
if (!x509)
return -1;
@@ -557,6 +565,9 @@ lws_tls_openssl_cert_info(X509 *x509, enum lws_tls_cert_info type,
break;
case LWS_TLS_CERT_INFO_COMMON_NAME:
+#if defined(LWS_PLAT_OPTEE)
+ return -1;
+#else
xn = X509_get_subject_name(x509);
if (!xn)
return -1;
@@ -566,7 +577,7 @@ lws_tls_openssl_cert_info(X509 *x509, enum lws_tls_cert_info type,
memmove(buf->ns.name, p + 4, strlen(p + 4) + 1);
buf->ns.len = (int)strlen(buf->ns.name);
return 0;
-
+#endif
case LWS_TLS_CERT_INFO_ISSUER_NAME:
xn = X509_get_issuer_name(x509);
if (!xn)
diff --git a/lib/tls/tls.c b/lib/tls/tls.c
index d3d66707e87c598d586f688d8ae414303360dbd5..be679e661fdf7957f83fad33419bef31763bbb78 100644
--- a/lib/tls/tls.c
+++ b/lib/tls/tls.c
@@ -264,7 +264,7 @@ lws_tls_check_all_cert_lifetimes(struct lws_context *context)
return 0;
}
-#if !defined(LWS_WITH_ESP32)
+#if !defined(LWS_WITH_ESP32) && !defined(LWS_PLAT_OPTEE)
static int
lws_tls_extant(const char *name)
{
@@ -311,11 +311,13 @@ lws_tls_extant(const char *name)
* 4) LWS_TLS_EXTANT_YES: The certs are present with the correct name and we
* have the rights to read them.
*/
-
enum lws_tls_extant
lws_tls_use_any_upgrade_check_extant(const char *name)
{
+#if !defined(LWS_PLAT_OPTEE)
+
int n;
+
#if !defined(LWS_WITH_ESP32)
char buf[256];
@@ -362,7 +364,7 @@ lws_tls_use_any_upgrade_check_extant(const char *name)
if (n)
return LWS_TLS_EXTANT_NO;
#endif
-
+#endif
return LWS_TLS_EXTANT_YES;
}