Beispiel #1
0
void handlerThread(int csockIn)
{
   int sopt = 1, csock = csockIn;
   ws_ctx_t *ws_ctx;
   bool useHixie = TRUE;

   ws_ctx = do_handshake(csock, &useHixie);
   if (ws_ctx == NULL) {
      handler_msg("No connection after handshake\n");      
   }
   else
   {
      settings.handler(ws_ctx, useHixie);
      if (pipe_error) {
         handler_emsg("Closing due to SIGPIPE\n");
      }
   }

   if (ws_ctx) {
      ws_socket_free(ws_ctx);
   } else {
      shutdown(csock, SHUT_RDWR);
      close(csock);
   }
   handler_msg("handler exit\n");    
}
Beispiel #2
0
int decode_hixie(char *src, size_t srclength, u_char *target, size_t targsize) {
   char *start, *end, cntstr[4];
   int len, framecount = 0, retlen = 0;
   if ((src[0] != '\x00') || (src[srclength-1] != '\xff')) {
      handler_emsg("WebSocket framing error\n");
      return -1;
   }
   start = src+1; // Skip '\x00' start
   do {
      /* We may have more than one frame */
      end = (char *)memchr(start, '\xff', srclength);
      *end = '\x00';
      len = b64_pton(start, target+retlen, targsize-retlen);
      if (len < 0) {
         return len;
      }
      retlen += len;
      start = end + 2; // Skip '\xff' end and '\x00' start 
      framecount++;
   } while (end < (src+srclength-1));
   if (framecount > 1) {
      snprintf(cntstr, 3, "%d", framecount);
      traffic(cntstr);
   }
   return retlen;
}
Beispiel #3
0
int decode_hixie(char *src, size_t srclength,
                 u_char *target, size_t targsize,
                 unsigned int *opcode, unsigned int *left) {
    char *start, *end, cntstr[4];
    int i, len, framecount = 0, retlen = 0;
    unsigned char chr;
    if ((src[0] != '\x00') || (src[srclength-1] != '\xff')) {
        handler_emsg("WebSocket framing error\n");
        return -1;
    }
    *left = srclength;

    if (srclength == 2 &&
        (src[0] == '\xff') && 
        (src[1] == '\x00')) {
        // client sent orderly close frame
        *opcode = 0x8; // Close frame
        return 0;
    }
    *opcode = 0x1; // Text frame

    start = src+1; // Skip '\x00' start
    do {
        /* We may have more than one frame */
        end = (char *)memchr(start, '\xff', srclength);
        *end = '\x00';
        len = b64_pton(start, target+retlen, targsize-retlen);
        if (len < 0) {
            return len;
        }
        retlen += len;
        start = end + 2; // Skip '\xff' end and '\x00' start 
        framecount++;
    } while (end < (src+srclength-1));
    if (framecount > 1) {
        snprintf(cntstr, 3, "%d", framecount);
        traffic(cntstr);
    }
    *left = 0;
    return retlen;
}
Beispiel #4
0
int encode_hybi(u_char const *src, size_t srclength,
                char *target, size_t targsize, unsigned int opcode)
{
    unsigned long long b64_sz, len_offset = 1, payload_offset = 2, len = 0;
    
    if ((int)srclength <= 0)
    {
        return 0;
    }

    b64_sz = ((srclength - 1) / 3) * 4 + 4;

    target[0] = (char)(opcode & 0x0F | 0x80);

    if (b64_sz <= 125) {
        target[1] = (char) b64_sz;
        payload_offset = 2;
    } else if ((b64_sz > 125) && (b64_sz < 65536)) {
        target[1] = (char) 126;
        *(u_short*)&(target[2]) = htons(b64_sz);
        payload_offset = 4;
    } else {
        handler_emsg("Sending frames larger than 65535 bytes not supported\n");
        return -1;
        //target[1] = (char) 127;
        //*(u_long*)&(target[2]) = htonl(b64_sz);
        //payload_offset = 10;
    }

    len = b64_ntop(src, srclength, target+payload_offset, targsize-payload_offset);
    
    if (len < 0) {
        return len;
    }

    return len + payload_offset;
}
Beispiel #5
0
int encode_mqtt(u_char const *src, size_t srclength, char *target, size_t targsize, unsigned int opcode)
{
    unsigned long long b64_sz, len_offset = 1, payload_offset = 2, len = 0;
    
    if ((int)srclength <= 0)
    {
        return 0;
    }

    b64_sz = srclength;
#ifdef DEBUG	
    printf("Mask new frame, len=%u\n", b64_sz);
#endif
    target[0] = (char)(opcode & 0x0F | 0x80);

    if (b64_sz <= 125) {
        target[1] = (char) b64_sz;
        payload_offset = 2;
    } else if ((b64_sz > 125) && (b64_sz < 65536)) {
        target[1] = (char) 126;
        *(u_short*)&(target[2]) = htons(b64_sz);
        payload_offset = 4;
    } else {
        handler_emsg("Sending frames larger than 65535 bytes not supported\n");
        return -1;
    }
#ifdef DEBUG	
    printf("frame[0..3]: 0x%x 0x%x 0x%x 0x%x (pay off: %d)\n",
           (unsigned char) target[0],
           (unsigned char) target[1],
           (unsigned char) target[2],
           (unsigned char) target[3], payload_offset);
#endif
    memcpy (target+payload_offset, src, srclength);
    return srclength + payload_offset;
}
Beispiel #6
0
int start_server() {
    int lsock, csock, pid, clilen, sopt = 1, i, res;
    struct sockaddr_in serv_addr, cli_addr;
    ws_ctx_t *ws_ctx;
    fd_set myset;
    struct timeval tv;


    /* Initialize buffers */
    lsock = socket(AF_INET, SOCK_STREAM, 0);
    if (lsock < 0) { error("ERROR creating listener socket"); }
    bzero((char *) &serv_addr, sizeof(serv_addr));
    serv_addr.sin_family = AF_INET;
    serv_addr.sin_port = htons(settings.listen_port);

    /* Resolve listen address */
    if (settings.listen_host && (settings.listen_host[0] != '\0')) {
        if (resolve_host(&serv_addr.sin_addr, settings.listen_host) < -1) {
            error("Could not resolve listen address");
	    return 1;
        }
    } else {
        serv_addr.sin_addr.s_addr = INADDR_ANY;
    }

    setsockopt(lsock, SOL_SOCKET, SO_REUSEADDR, (char *)&sopt, sizeof(sopt));
    if (bind(lsock, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0) {
        error("ERROR on binding listener socket");
	return 1;
    }
    int optval = 1;
    if (setsockopt(lsock, IPPROTO_TCP, TCP_NODELAY, &optval, sizeof(int)) < 0) {
      error("Cannot set TCP_NODELAY option on listen address");
      return 1;
    }

    listen(lsock,100);

    signal(SIGPIPE, signal_handler);  // catch pipe

    if (settings.daemon) {
      ;
      //        daemonize(lsock);
    }


    // Reep zombies
    signal(SIGCHLD, SIG_IGN);

    printf("Waiting for connections on %s:%d\n",
            settings.listen_host, settings.listen_port);


    while (websockify_loop) {
        clilen = sizeof(cli_addr);
        pipe_error = 0;
        pid = 0;

	//	if (set_non_blocking(lsock) != 0) {
	//	  return;
	//	}
	// Set Accept socket to non blocking to allow to cancel
	// requests

	while (websockify_loop) {
	  tv.tv_sec = 0;
	  tv.tv_usec = 200000;
	  FD_ZERO(&myset);
	  FD_SET(lsock, &myset);
	  res = select(lsock+1, &myset, NULL, NULL, &tv);
	  /* EINTR */
	  if (res < 0 && errno == EINTR) {
	    continue;
	  }
	  if (res < 0) {
	    perror("select");
	    return 1;
	  }
	  if (res > 0) {
	    break;
	  }
	}
	if (!websockify_loop) {
	  fprintf(stderr, "Ending loop before accept\n");
	  return 0;
	}
	csock = accept(lsock, 
		       (struct sockaddr *) &cli_addr, 
		       &clilen);
	
	fprintf(stderr, "After accept\n");
	if (csock < 0) {
	  error("ERROR on accept");
	  continue;
	}
        handler_msg("got client connection from %s\n",
                    inet_ntoa(cli_addr.sin_addr));

	//	if (set_blocking(lsock) != 0) {
	//	  return;
	//	}

        if (!settings.run_once) {
            handler_msg("forking handler process not supported. Abort\n");
	    abort();
	    //            pid = fork();
        }

        if (pid == 0) {  // handler process
            ws_ctx = do_handshake(csock);
            if (settings.run_once) {
                    // Successful connection, stop listening for new
                    // connections
                    close(lsock);
	    }
            if (ws_ctx == NULL) {
                handler_msg("No connection after handshake\n");
                break;   // Child process exits
            }

            settings.handler(ws_ctx);
            if (pipe_error) {
                handler_emsg("Closing due to SIGPIPE\n");
            }
            break;   // Child process exits
        } else {         // parent process
            settings.handler_id += 1;
        }
    }
    if (pid == 0) {
        if (ws_ctx) {
            ws_socket_free(ws_ctx);
            free_ws_ctx(ws_ctx);
        } else {
            shutdown(csock, SHUT_RDWR);
            close(csock);
        }
        handler_msg("handler exit\n");
    } else {
        handler_msg("websockify exit\n");
    }

    return 0;
}
Beispiel #7
0
ws_ctx_t *do_handshake(int sock) {
    char handshake[4096], response[4096], sha1[29], trailer[17];
    char *scheme, *pre;
    headers_t *headers;
    int len, ret, i, offset;
    ws_ctx_t * ws_ctx;

    // Peek, but don't read the data
    len = recv(sock, handshake, 1024, MSG_PEEK);
    handshake[len] = 0;
    if (len == 0) {
        handler_msg("ignoring empty handshake\n");
        return NULL;
    } else if (bcmp(handshake, "<policy-file-request/>", 22) == 0) {
        len = recv(sock, handshake, 1024, 0);
        handshake[len] = 0;
        handler_msg("sending flash policy response\n");
        send(sock, POLICY_RESPONSE, sizeof(POLICY_RESPONSE), 0);
        return NULL;
    } else if ((bcmp(handshake, "\x16", 1) == 0) ||
               (bcmp(handshake, "\x80", 1) == 0)) {
        // SSL
        if (!settings.cert) {
            handler_msg("SSL connection but no cert specified\n");
            return NULL;
        } else if (access(settings.cert, R_OK) != 0) {
            handler_msg("SSL connection but '%s' not found\n",
                        settings.cert);
            return NULL;
        }
        ws_ctx = alloc_ws_ctx();
        ws_socket_ssl(ws_ctx, sock, settings.cert, settings.key);
        if (! ws_ctx) { return NULL; }
        scheme = "wss";
        handler_msg("using SSL socket\n");
    } else if (settings.ssl_only) {
        handler_msg("non-SSL connection disallowed\n");
        return NULL;
    } else {
        ws_ctx = alloc_ws_ctx();
        ws_socket(ws_ctx, sock);
        if (! ws_ctx) { return NULL; }
        scheme = "ws";
        handler_msg("using plain (not SSL) socket\n");
    }
    offset = 0;
    for (i = 0; i < 10; i++) {
        len = ws_recv(ws_ctx, handshake+offset, 4096);
        if (len == 0) {
            handler_emsg("Client closed during handshake\n");
            return NULL;
        }
        offset += len;
        handshake[offset] = 0;
        if (strstr(handshake, "\r\n\r\n")) {
            break;
        }
        usleep(10);
    }

    //handler_msg("handshake: %s\n", handshake);
    if (!parse_handshake(ws_ctx, handshake)) {
        handler_emsg("Invalid WS request\n");
        return NULL;
    }

    headers = ws_ctx->headers;
    if (ws_ctx->hybi > 0) {
        handler_msg("using protocol HyBi/IETF 6455 %d\n", ws_ctx->hybi);
        gen_sha1(headers, sha1);
        sprintf(response, SERVER_HANDSHAKE_HYBI, sha1, "base64");
    } else {
        if (ws_ctx->hixie == 76) {
            handler_msg("using protocol Hixie 76\n");
            gen_md5(headers, trailer);
            pre = "Sec-";
        } else {
            handler_msg("using protocol Hixie 75\n");
            trailer[0] = '\0';
            pre = "";
        }
        sprintf(response, SERVER_HANDSHAKE_HIXIE, pre, headers->origin, pre, scheme,
                headers->host, headers->path, pre, "base64", trailer);
    }
    
    //handler_msg("response: %s\n", response);
    ws_send(ws_ctx, response, strlen(response));

    return ws_ctx;
}
Beispiel #8
0
int decode_hybi(unsigned char *src, size_t srclength,
                u_char *target, size_t targsize,
                unsigned int *opcode, unsigned int *left)
{
    unsigned char *frame, *mask, *payload, save_char, cntstr[4];;
    int masked = 0;
    int i = 0, len, framecount = 0;
    size_t remaining;
    unsigned int target_offset = 0, hdr_length = 0, payload_length = 0;
    
    *left = srclength;
    frame = src;

    //printf("Deocde new frame\n");
    while (1) {
        // Need at least two bytes of the header
        // Find beginning of next frame. First time hdr_length, masked and
        // payload_length are zero
        frame += hdr_length + 4*masked + payload_length;
        //printf("frame[0..3]: 0x%x 0x%x 0x%x 0x%x (tot: %d)\n",
        //       (unsigned char) frame[0],
        //       (unsigned char) frame[1],
        //       (unsigned char) frame[2],
        //       (unsigned char) frame[3], srclength);

        if (frame > src + srclength) {
            //printf("Truncated frame from client, need %d more bytes\n", frame - (src + srclength) );
            break;
        }
        remaining = (src + srclength) - frame;
        if (remaining < 2) {
            //printf("Truncated frame header from client\n");
            break;
        }
        framecount ++;

        *opcode = frame[0] & 0x0f;
        masked = (frame[1] & 0x80) >> 7;

        if (*opcode == 0x8) {
            // client sent orderly close frame
            break;
        }

        payload_length = frame[1] & 0x7f;
        if (payload_length < 126) {
            hdr_length = 2;
            //frame += 2 * sizeof(char);
        } else if (payload_length == 126) {
            payload_length = (frame[2] << 8) + frame[3];
            hdr_length = 4;
        } else {
            handler_emsg("Receiving frames larger than 65535 bytes not supported\n");
            return -1;
        }
        if ((hdr_length + 4*masked + payload_length) > remaining) {
            continue;
        }
        //printf("    payload_length: %u, raw remaining: %u\n", payload_length, remaining);
        payload = frame + hdr_length + 4*masked;

        if (*opcode != 1 && *opcode != 2) {
            handler_msg("Ignoring non-data frame, opcode 0x%x\n", *opcode);
            continue;
        }

        if (payload_length == 0) {
            handler_msg("Ignoring empty frame\n");
            continue;
        }

        if ((payload_length > 0) && (!masked)) {
            handler_emsg("Received unmasked payload from client\n");
            return -1;
        }

        // Terminate with a null for base64 decode
        save_char = payload[payload_length];
        payload[payload_length] = '\0';

        // unmask the data
        mask = payload - 4;
        for (i = 0; i < payload_length; i++) {
            payload[i] ^= mask[i%4];
        }

        // base64 decode the data
        len = b64_pton((const char*)payload, target+target_offset, targsize);

        // Restore the first character of the next frame
        payload[payload_length] = save_char;
        if (len < 0) {
            handler_emsg("Base64 decode error code %d", len);
            return len;
        }
        target_offset += len;

        //printf("    len %d, raw %s\n", len, frame);
    }

    if (framecount > 1) {
        snprintf(cntstr, 3, "%d", framecount);
        traffic(cntstr);
    }
    
    *left = remaining;
    return target_offset;
}
Beispiel #9
0
void start_server() {
    int lsock, csock, pid, clilen, sopt = 1, i;
    struct sockaddr_in serv_addr, cli_addr;
    ws_ctx_t *ws_ctx;


    /* Initialize buffers */
    lsock = socket(AF_INET, SOCK_STREAM, 0);
    if (lsock < 0) { error("ERROR creating listener socket"); }
    bzero((char *) &serv_addr, sizeof(serv_addr));
    serv_addr.sin_family = AF_INET;
    serv_addr.sin_port = htons(settings.listen_port);

    /* Resolve listen address */
    if (settings.listen_host && (settings.listen_host[0] != '\0')) {
        if (resolve_host(&serv_addr.sin_addr, settings.listen_host) < -1) {
            fatal("Could not resolve listen address");
        }
    } else {
        serv_addr.sin_addr.s_addr = INADDR_ANY;
    }

    setsockopt(lsock, SOL_SOCKET, SO_REUSEADDR, (char *)&sopt, sizeof(sopt));
    if (bind(lsock, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0) {
        fatal("ERROR on binding listener socket");
    }
    listen(lsock,100);

    signal(SIGPIPE, signal_handler);  // catch pipe

    if (settings.daemon) {
        daemonize(lsock);
    }


    // Reep zombies
    signal(SIGCHLD, SIG_IGN);

    printf("Waiting for connections on %s:%d\n",
            settings.listen_host, settings.listen_port);

    while (1) {
        clilen = sizeof(cli_addr);
        pipe_error = 0;
        pid = 0;
        csock = accept(lsock, 
                       (struct sockaddr *) &cli_addr, 
                       &clilen);
        if (csock < 0) {
            error("ERROR on accept");
            continue;
        }
        handler_msg("got client connection from %s\n",
                    inet_ntoa(cli_addr.sin_addr));

        if (!settings.run_once) {
            handler_msg("forking handler process\n");
            pid = fork();
        }

        if (pid == 0) {  // handler process
            ws_ctx = do_handshake(csock);
            if (settings.run_once) {
                if (ws_ctx == NULL) {
                    // Not a real WebSocket connection
                    continue;
                } else {
                    // Successful connection, stop listening for new
                    // connections
                    close(lsock);
                }
            }
            if (ws_ctx == NULL) {
                handler_msg("No connection after handshake\n");
                break;   // Child process exits
            }

            settings.handler(ws_ctx);
            if (pipe_error) {
                handler_emsg("Closing due to SIGPIPE\n");
            }
            break;   // Child process exits
        } else {         // parent process
            settings.handler_id += 1;
        }
    }
    if (pid == 0) {
        if (ws_ctx) {
            ws_socket_free(ws_ctx);
            free_ws_ctx(ws_ctx);
        } else {
            shutdown(csock, SHUT_RDWR);
            close(csock);
        }
        handler_msg("handler exit\n");
    } else {
        handler_msg("websockify exit\n");
    }

}
Beispiel #10
0
ws_ctx_t *do_handshake(int sock, bool* useHixie) {
   char handshake[4096], response[4096], trailer[17], hashDataB64[256];
   char *scheme, *pre;
   headers_t headers;
   int len, i;
   u_char hashTemp[5];
   ws_ctx_t * ws_ctx;
   SHA1Context sha1context;
   
   ws_ctx = ws_socket(sock);
   // Peek, but don't read the data
   len = ws_recv(ws_ctx, handshake, 1024);
   if (len < 1)
   {
      handler_msg("recv error %d in do_handshake\n", WSAGetLastError());
   }
   handshake[len] = 0;
   if (len == 0) {
      handler_msg("ignoring empty handshake\n");
      return NULL;
   } else if (bcmp(handshake, "<policy-file-request/>", 22) == 0) {
      handshake[len] = 0;
      handler_msg("sending flash policy response\n");
      send(sock, policy_response, sizeof(policy_response) - 1, 0);
      return NULL;
   } else if ((bcmp(handshake, "\x16", 1) == 0) ||
      (bcmp(handshake, "\x80", 1) == 0)) {
         // SSL
         if (!settings.cert) {
            handler_msg("SSL connection but no cert specified\n");
            return NULL;
         } else if (access(settings.cert, R_OK) != 0) {
            handler_msg("SSL connection but '%s' not found\n",
               settings.cert);
            return NULL;
         }
         //ws_ctx = ws_socket_ssl(sock, settings.cert, settings.key);
         if (! ws_ctx) { return NULL; }
         scheme = "wss";
         handler_msg("using SSL socket\n");
   } else if (settings.ssl_only) {
      handler_msg("non-SSL connection disallowed\n");
      return NULL;
   } else {
      ws_ctx = ws_socket(sock);
      if (! ws_ctx) { return NULL; }
      scheme = "ws";
      handler_msg("using plain (not SSL) socket\n");
   }
   //len = ws_recv(ws_ctx, handshake, 4096);
   if (len == 0) {
      handler_emsg("Client closed during handshake\n");
      return NULL;
   }
   else if (len == -1)
   {
      return ws_ctx;
   }
   handshake[len] = 0;

   if (!parse_handshake(handshake, &headers)) {
      handler_emsg("Invalid WS request\n");
      return NULL;
   }

   if (headers.version[0] != '\0')
   {
      //strcpy((char*)headers.key1, (const char *)"dGhlIHNhbXBsZSBub25jZQ==");
      strncat(headers.key1, websocket_GUID, strlen(websocket_GUID));   
      SHA1Reset(&sha1context);
      //sha1context.Length_High = 0;
      //sha1context.Length_Low = strlen(headers.key1);
      SHA1Input(&sha1context, (const unsigned char*)&(headers.key1), strlen(headers.key1));
      SHA1Result(&sha1context);
      for (i = 0; i < 5; i++)
      {
         hashTemp[i * 4] = ((u_char*)sha1context.Message_Digest)[i * 4 + 3];
         hashTemp[i * 4 + 1] = ((u_char*)sha1context.Message_Digest)[i * 4 + 2];
         hashTemp[i * 4 + 2] = ((u_char*)sha1context.Message_Digest)[i * 4 + 1];
         hashTemp[i * 4 + 3] = ((u_char*)sha1context.Message_Digest)[i * 4];
      }
      b64_ntop((const u_char*)&hashTemp, 5 * sizeof(int), (char*)&hashDataB64, 256);
      //b64_pton((const char*)sha1context.Message_Digest, (u_char*)&hashDataB64, 256);
      sprintf(response, server_handshake_hybi, headers.upgrade, headers.connection, hashDataB64);
      handler_msg("response: %s\n", response);
      ws_send(ws_ctx, response, strlen(response));
      *useHixie = FALSE;
      return ws_ctx;
   }

   if (headers.key3[0] != '\0') {
      gen_md5(&headers, trailer);
      pre = "Sec-";
      handler_msg("using protocol version 76\n");
   } else {
      trailer[0] = '\0';
      pre = "";
      handler_msg("using protocol version 75\n");
   }

   sprintf(response, server_handshake, pre, headers.origin, pre, scheme,
      headers.host, headers.path, "", trailer);
   handler_msg("response: %s\n", response);
   ws_send(ws_ctx, response, strlen(response));

   return ws_ctx;
}