Skip to content

Commit

Permalink
libkaminari v0.6.0; strip binary
Browse files Browse the repository at this point in the history
  • Loading branch information
@zephyrchien
zephyrchien committed Apr 20, 2022
1 parent 573754c commit b69f3c7
Show file tree
Hide file tree
Showing 4 changed files with 36 additions and 7 deletions.
10 changes: 5 additions & 5 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,4 @@ members = ["kaminari", "cmd"]
opt-level = 3
lto = true
panic = "abort"
strip = true
4 changes: 2 additions & 2 deletions cmd/Cargo.toml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "kaminari-cmd"
version = "0.4.2"
version = "0.4.3"
edition = "2021"
authors = ["zephyr <[email protected]>"]
repository = "https://github.com/zephyrchien/kaminari/cmd"
Expand All @@ -9,7 +9,7 @@ readme = "README.md"
license = "GPL-3.0"

[dependencies]
kaminari = "0.5.5"
kaminari = "0.6.0"
tokio = { version = "1", features = ["net", "macros", "rt-multi-thread", "io-util"] }
anyhow = "1"

Expand Down
28 changes: 28 additions & 0 deletions cmd/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,18 @@ Client or server side options:

- `path=<path>`* : set http path.

Client side extra options:

- `mask=<mode>` : set mask mode. Available values: [skipped, standard, fixed]

#### About Mask Mode

A websocket client should mask the payload before sending it.

With `mode=skip`(default mode), we use an empty mask key(0x00..0) to simply skip masking, which can also be detected by our server, and then skip unmasking. Other softwares(Nginx, Haproxy, CDNs..) can still correctly handle our data without knowing this trick.

As for `mode=fixed` or `mode=standard`, client will mask the payload data as normal. In `fixed` mode, client will use the same mask key for a unique websocket connection. While In `standard` mode, client will update the mask key between sending each frames.

### TLS Options

use `tls` to enable tls.
Expand All @@ -85,6 +97,22 @@ Requires either `cert+key` or `servername`.

- `servername=<name>`* : generate self signed cert/key, use $name as CN.

- `ocsp=<path/to/ocsp>`: der-encoded OCSP response.

#### OCSP Stapling

See [Wikipedia](https://en.wikipedia.org/wiki/OCSP_stapling).

Openssl example for [Let's Encrypt](https://letsencrypt.org/):

```shell
openssl ocsp -issuer <path/to/ca> \
-cert <path/to/cert> \
-url http://r3.o.lencr.org \
-header Host=r3.o.lencr.org \
-respout <path/to/ocsp> -noverify -no_nonce
```

### Examples

tcp ⇋ ws --- ws ⇋ tcp:
Expand Down

0 comments on commit b69f3c7

Please sign in to comment.