From 32bc126def455b247edf69513e92d974e3334293 Mon Sep 17 00:00:00 2001
From: "Torsten Schulz (local)" <tsschulz@gmx.net>
Date: Mon, 17 Nov 2025 16:20:44 +0100
Subject: [PATCH] Enhance WebSocket server options and error handling

- Update server options to support multiple simultaneous connections and improve security practices.
- Allow multiple connections per IP with configurable keep-alive settings.
- Improve error handling during WebSocket service operations, ensuring critical errors lead to server shutdown.
- Refine connection closure logic to handle user IDs more robustly and log connection states accurately.
- Enable WebSocket upgrade requests while rejecting other HTTP requests for better protocol management.
---
 src/websocket_server.cpp | 36 ++++++++++++++++++++++++++++++------
 1 file changed, 30 insertions(+), 6 deletions(-)

diff --git a/src/websocket_server.cpp b/src/websocket_server.cpp
index 47c44c7..949fe34 100644
--- a/src/websocket_server.cpp
+++ b/src/websocket_server.cpp
@@ -98,8 +98,15 @@ void WebSocketServer::startServer() {
     info.port = port;
     info.protocols = protocols;
     
-    // Vereinfachte Server-Optionen für bessere Kompatibilität
-    info.options = LWS_SERVER_OPTION_VALIDATE_UTF8;
+    // Server-Optionen für mehrere gleichzeitige Verbindungen
+    info.options = LWS_SERVER_OPTION_VALIDATE_UTF8 |
+                   LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE |
+                   LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME;
+    
+    // Erlaube mehrere Verbindungen pro IP
+    info.ka_time = 60;
+    info.ka_probes = 10;
+    info.ka_interval = 10;
     
     // SSL/TLS Konfiguration
     if (useSSL) {
@@ -129,7 +136,11 @@ void WebSocketServer::startServer() {
         int ret = lws_service(context, 50);
         if (ret < 0) {
             std::cerr << "WebSocket-Server Fehler: lws_service returned " << ret << std::endl;
-            break;
+            // Bei kritischen Fehlern beenden, sonst weiterlaufen
+            if (ret == -1) {
+                std::cerr << "Kritischer Fehler im WebSocket-Server, beende..." << std::endl;
+                break;
+            }
         }
         // Kurze Pause für bessere Shutdown-Responsivität
         if (running) {
@@ -301,14 +312,27 @@ int WebSocketServer::wsCallback(struct lws *wsi,
         }
         case LWS_CALLBACK_CLOSED:
             // Verbindung aus der Map entfernen
-            if (!ud->userId.empty()) {
+            if (ud && !ud->userId.empty()) {
                 instance->removeConnection(ud->userId, wsi);
                 std::cout << "WebSocket-Verbindung geschlossen für User: " << ud->userId << std::endl;
+            } else {
+                std::cout << "WebSocket-Verbindung geschlossen (ohne User-ID)" << std::endl;
             }
             break;
+        case LWS_CALLBACK_WSI_DESTROY:
+            // Verbindung wird zerstört - aufräumen falls nötig
+            if (ud && !ud->userId.empty()) {
+                instance->removeConnection(ud->userId, wsi);
+            }
+            break;
+        case LWS_CALLBACK_CLIENT_CONNECTION_ERROR:
+            // Client-Verbindungsfehler (falls wir als Client fungieren)
+            std::cerr << "WebSocket Client-Verbindungsfehler" << std::endl;
+            break;
         case LWS_CALLBACK_HTTP:
-            // HTTP-Anfragen ablehnen (nur WebSocket erlaubt)
-            return -1;
+            // Erlaube WebSocket-Upgrade-Anfragen, lehne andere HTTP-Anfragen ab
+            // libwebsockets behandelt WebSocket-Upgrades automatisch, daher 0 zurückgeben
+            return 0;
         case LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION:
             // Protokoll-Filter für bessere Kompatibilität
             return 0;