The API for connecting to WebSockets in browsers unfortunately doesn't
support setting any Authorization header. This means that before this
commit it was impossible to connect to the API relay from a web browser.
The only thing that can be set apart from the URL is the
Sec-WebSocket-Protocol header. Therefore this allows you to send the
auth token in this header.
This is a weird way to send auth, but it seems to be the best one that
makes it possible for browsers to connect. Kubernetes also does it this
way: https://github.com/kubernetes/kubernetes/pull/47740
Here is a post describing the different ways to make it possible for a
browser to authenticate against a websocket connection, and it also
recommends doing it this way:
https://stackoverflow.com/questions/4361173/http-headers-in-websockets-client-api/77060459#77060459
Note that when this header is used to pass auth, the client also needs
to specify the `api.weechat` sub protocol. This is because the client
and server have to agree on a sub protocol when this header is
specified, and in order to not send the fake protocol used for auth back
to the client, we require specifying the protocol `api.weechat`, which
the server then returns to the client. This is only necessary when the
Sec-WebSocket-Protocol header is used. If the Authorization header is
used for auth as before, nothing changes.
Detail of changes:
- the save of upgrade files in plugins is now done as soon as the "upgrade"
signal is received, and not when the plugin is unloaded (it was too late to
detect any problem and prevent the upgrade to happen)
- if the write of an upgrade file fails, the signal callback in plugin now
returns WEECHAT_RC_ERROR and WeeChat checks this code to stop the upgrade as
soon as this return code is received
- a new flag is added in plugin structure: unload_with_upgrade, it is set to 1
before unloading all plugins when upgrade will happen (all *.upgrade files
are then already successfully written).
For now the only supported flag is:
- "stop_on_error": stop execution of callbacks immediately after an
error (ie return code of callback is WEECHAT_RC_ERROR) and return this code
(by default execute all callbacks and return the last return code, or return
WEECHAT_RC_EAT immediately if a callback returns this)
Example:
hook_signal_send("[flags:stop_on_error]my_signal", WEECHAT_HOOK_SIGNAL_STRING, "test");
A performance issue was happening when buffers are moved to another position
and when the hotlist contains a lot of buffers: each time a signal
"buffer_moved" is sent, the hotlist is sorted again.
This fix delays the resort of hotlist after all the moves are done using a
timer with a very small delay (one millisecond).
Since WeeChat 4.0.0, the actions are now case sensitive and must be typed as
lower case.
This fixes the help line displayed on top of relay and xfer buffers: letters
for actions are now displayed with lower case instead of upper case.
Bump the requirement to v3.3.0 as available in Ubuntu 16.04 (3.4.10) and
Debian 10 (3.6.7). It was released around 10 years ago and any remotely
supported distribution has newer version.
As result, we can remove hundred+ lines of #ifdef spaghetti code.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Remove the local cmake file and associated hacks used to manage GnuTLS.
This gives us less build-system glue code and makes it easier to enforce
a minimum version for GnuTLS.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Bump the requirement to v7.47.0 as available in Ubuntu 16.04 (7.47.0)
and Debian 10 (7.64.0). It was released around 9 years ago and any
remotely supported distribution has newer version.
As result we can adjust the tools/check_curl_symbols.py script to omit
the ~70% of the guards and simplify the code base.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
The cURL project has provided a pkg-config file for well over a decade
now. Just use that instead of the cmake one, since the latter also
checks for misc curl components, unusual library names (libcurl_imp)
which is not something we need.
In addition, this will make enforcing minimum version much easier.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
The curl option handling seems to be non-functional since it suffers
from two distinct issues. The regular expression tries to match options
that we're not interested in and the symbol name is lacking the proper
prefix.
Adjust to match only on what we need and construct the name
appropriately... Fix the issues flagged by the updated script.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
The gcrypt, gnutls, libcurl and zlib are core libraries/components that
we always build against. Remove the #ifdef checks - the symbols must be
available at build.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
With the circular dependency resolved, we no longer need this variable.
Add the respective objects directly, in the same order as seen in the
tests.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
In order to resolve the circular dependency, we need to annotate the
respective static libraries as "object" libraries.
This requires cmake 3.12, where Debian 10 (old old stable) and Ubuntu
20.04 have 3.13 and 3.16 respectively.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>