Skip to content

Migrate to libmicrohttpd 1.0.0 API with new features#370

Open
etr wants to merge 12 commits intomasterfrom
feature/mhd-1.0-parity
Open

Migrate to libmicrohttpd 1.0.0 API with new features#370
etr wants to merge 12 commits intomasterfrom
feature/mhd-1.0-parity

Conversation

@etr
Copy link
Copy Markdown
Owner

@etr etr commented Mar 24, 2026

Summary

  • Raise minimum libmicrohttpd requirement to 1.0.0 and migrate all deprecated APIs to their v3 replacements (Basic Auth v3, Digest Auth v3 with SHA-512/256, userhash, nonce binding, and structured digest_auth_result enum)
  • Add new response types: empty_response, pipe_response, iovec_response
  • Add external event loop integration: run(), run_wait(), get_fdset(), get_timeout(), add_connection()
  • Add daemon management: quiesce(), get_listen_fd(), get_active_connections(), get_bound_port()
  • Add daemon options: listen_backlog, address_reuse, connection_memory_increment, tcp_fastopen_queue_size, sigpipe_handled_by_app, https_mem_dhparams, https_key_password, https_priorities_append, no_alpn, client_discipline_level
  • Add startup flags: no_listen_socket, no_thread_safety, turbo, suppress_date_header
  • Add conditional WebSocket support via libmicrohttpd_ws (websocket_handler, websocket_session, register_ws_resource())
  • Add utility functions: reason_phrase(), is_feature_supported(), get_mhd_version()

Breaking changes

  • Minimum libmicrohttpd bumped from 0.9.64 to 1.0.0
  • check_digest_auth() now returns digest_auth_result enum instead of bool + reload_nonce out-param
  • check_digest_auth_ha1() renamed to check_digest_auth_digest() to match MHD v3 naming
  • Default digest algorithm changed from MD5 to SHA-256
  • digest_auth_fail_response constructor parameter order changed; reload_nonce renamed to signal_stale

Test plan

  • Existing authentication tests updated for v3 API
  • New daemon_info integration test for daemon management methods
  • New new_response_types integration test for empty/pipe/iovec responses
  • Run make check with libmicrohttpd >= 1.0.0
  • Verify WebSocket conditional compilation (with and without libmicrohttpd_ws)

etr and others added 12 commits March 24, 2026 01:52
@etr
Migrate to libmicrohttpd 1.0.0 API with new features
1b830af 
Raise minimum libmicrohttpd requirement to 1.0.0 and migrate all
deprecated APIs to their v3 replacements:

- Basic Auth: MHD_basic_auth_get_username_password3,
  MHD_queue_basic_auth_required_response3 with UTF-8 support
- Digest Auth: MHD_digest_auth_check3, MHD_digest_auth_check_digest3,
  MHD_queue_auth_required_response3 with SHA-512/256, userhash,
  nonce binding, and structured digest_auth_result enum

Add new response types: empty_response, pipe_response, iovec_response.

Add external event loop integration (run, run_wait, get_fdset,
get_timeout, add_connection), daemon management (quiesce, get_listen_fd,
get_active_connections, get_bound_port), and numerous new daemon options
(listen_backlog, address_reuse, tcp_fastopen_queue_size, turbo, etc.).

Add conditional WebSocket support via libmicrohttpd_ws.

Add utility functions: reason_phrase, is_feature_supported, get_mhd_version.
@etr
Update README with all new MHD 1.0 features and options
7484b50 
Document WebSocket support, new response types (empty, iovec, pipe),
external event loop integration, daemon introspection methods, new
server configuration options (turbo, no_listen_socket, suppress_date_header,
etc.), enhanced TLS options, updated digest authentication API with
SHA-256/SHA-512/256 and fine-grained result codes, and new http_utils
utility methods.
@etr
Add examples for new MHD 1.0 features and document them in README
6d47202 
New example files:
- empty_response_example: 204 No Content and HEAD-only responses
- iovec_response_example: scatter-gather response from multiple buffers
- pipe_response_example: streaming response from a pipe fd
- websocket_echo: WebSocket echo server with on_open/on_message/on_close
- daemon_info: daemon introspection (bound port, listen fd, http_utils)
- external_event_loop: driving the server with run_wait() and quiesce()
- turbo_mode: high-performance config with turbo, suppressed date header,
  TCP Fast Open, and listen backlog

All examples are added to the Other Examples section of the README with
inline code, test commands, and links to the source files.
@etr
Cleaned-up validation issues
86d4631
@etr
fix codacy warnings
fd162ca
@claude @etr
Add documentation and example for serving binary data from memory
a826832 
The existing string_response already supports binary content (std::string
can hold arbitrary bytes), but this was not documented or demonstrated
anywhere. This gap caused users to believe a new response type was needed
(see PR #368).

- Add a note to the README's string_response description clarifying
  binary data support
- Add a new "Serving binary data from memory" section with inline example
- Add examples/binary_buffer_response.cpp as a complete, buildable example
  that serves a PNG image from an in-memory buffer
- Register the new example in examples/Makefile.am

https://un5nfbgrg35vjq0.julianrbryant.com/code/session_01S3BvBrSoNvUhpYTyhPYCjJ
@claude @etr
Fix CI: add ChangeLog entry and missing include <utility>
2662f05 
Add ChangeLog entry for the binary buffer example to satisfy the
ChangeLog Check workflow. Add missing #include <utility> for
std::move to fix cpplint warning.

https://un5nfbgrg35vjq0.julianrbryant.com/code/session_01S3BvBrSoNvUhpYTyhPYCjJ
@etr
Migrate to libmicrohttpd 1.0.0 API with new features
9ec8c40 
Raise minimum libmicrohttpd requirement to 1.0.0 and migrate all
deprecated APIs to their v3 replacements:

- Basic Auth: MHD_basic_auth_get_username_password3,
  MHD_queue_basic_auth_required_response3 with UTF-8 support
- Digest Auth: MHD_digest_auth_check3, MHD_digest_auth_check_digest3,
  MHD_queue_auth_required_response3 with SHA-512/256, userhash,
  nonce binding, and structured digest_auth_result enum

Add new response types: empty_response, pipe_response, iovec_response.

Add external event loop integration (run, run_wait, get_fdset,
get_timeout, add_connection), daemon management (quiesce, get_listen_fd,
get_active_connections, get_bound_port), and numerous new daemon options
(listen_backlog, address_reuse, tcp_fastopen_queue_size, turbo, etc.).

Add conditional WebSocket support via libmicrohttpd_ws.

Add utility functions: reason_phrase, is_feature_supported, get_mhd_version.
@etr
Fix Codacy CWE-126: replace strlen with std::char_traits::length
c546b77 
Replace strlen(s) with std::char_traits<char>::length(s) in
unescaper_func to silence Codacy static analysis warning about
potential over-read on non-null-terminated strings. The MHD API
guarantees s is null-terminated, but using the C++ equivalent
avoids false positives from C-focused analyzers.
@etr
Merge origin/master into feature/mhd-1.0-parity
e4341e6 
Resolve conflicts in ChangeLog (entry ordering), README.md (response
type count reflects new types), and examples/Makefile.am (keep new
example programs alongside binary_buffer_response from master).
@etr
libmicro to v1.0.3
e542ab0
@etr
libmicrohttpd to 1.0.3 in codeql checks
a6e6bd7
@codecov
Copy link
Copy Markdown

codecov bot commented Apr 5, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 53.33333% with 119 lines in your changes missing coverage. Please review.
✅ Project coverage is 68.03%. Comparing base (6c115f3) to head (a6e6bd7).

Files with missing lines Patch % Lines
src/webserver.cpp 37.69% 37 Missing and 44 partials ⚠️
src/http_request.cpp 64.55% 0 Missing and 28 partials ⚠️
src/digest_auth_fail_response.cpp 50.00% 0 Missing and 3 partials ⚠️
src/httpserver/digest_auth_fail_response.hpp 66.66% 0 Missing and 2 partials ⚠️
src/iovec_response.cpp 77.77% 0 Missing and 2 partials ⚠️
src/basic_auth_fail_response.cpp 0.00% 0 Missing and 1 partial ⚠️
src/httpserver/basic_auth_fail_response.hpp 50.00% 0 Missing and 1 partial ⚠️
src/httpserver/empty_response.hpp 75.00% 0 Missing and 1 partial ⚠️
Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #370      +/-   ##
==========================================
+ Coverage   67.97%   68.03%   +0.06%     
==========================================
  Files          28       34       +6     
  Lines        1636     1730      +94     
  Branches      672      697      +25     
==========================================
+ Hits         1112     1177      +65     
- Misses         64       80      +16     
- Partials      460      473      +13
Files with missing lines Coverage Δ
src/empty_response.cpp 100.00% <100.00%> (ø)
src/http_utils.cpp 66.97% <100.00%> (+0.93%) ⬆️
src/httpserver/create_webserver.hpp 96.98% <ø> (ø)
src/httpserver/http_request.hpp 88.37% <ø> (ø)
src/httpserver/http_utils.hpp 75.00% <ø> (ø)
src/httpserver/iovec_response.hpp 100.00% <100.00%> (ø)
src/httpserver/pipe_response.hpp 100.00% <100.00%> (ø)
src/pipe_response.cpp 100.00% <100.00%> (ø)
src/basic_auth_fail_response.cpp 50.00% <0.00%> (-50.00%) ⬇️
src/httpserver/basic_auth_fail_response.hpp 80.00% <50.00%> (+5.00%) ⬆️
... and 6 more

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6c115f3...a6e6bd7. Read the comment docs.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@etr @claude