ssize_t ws_read_frame(wsh_t *wsh, ws_opcode_t *oc, uint8_t **data) { ssize_t need = 2; char *maskp; int ll = 0; int frag = 0; again: need = 2; maskp = NULL; *data = NULL; ll = establish_logical_layer(wsh); if (ll < 0) { return ll; } if (wsh->down) { return -1; } if (!wsh->handshake) { return ws_close(wsh, WS_PROTO_ERR); } if ((wsh->datalen = ws_raw_read(wsh, wsh->buffer, 9, wsh->block)) < 0) { if (wsh->datalen == -2) { return -2; } return ws_close(wsh, WS_PROTO_ERR); } if (wsh->datalen < need) { if ((wsh->datalen += ws_raw_read(wsh, wsh->buffer + wsh->datalen, 9 - wsh->datalen, WS_BLOCK)) < need) { /* too small - protocol err */ return ws_close(wsh, WS_PROTO_ERR); } } *oc = *wsh->buffer & 0xf; switch(*oc) { case WSOC_CLOSE: { wsh->plen = wsh->buffer[1] & 0x7f; *data = (uint8_t *) &wsh->buffer[2]; return ws_close(wsh, 1000); } break; case WSOC_CONTINUATION: case WSOC_TEXT: case WSOC_BINARY: case WSOC_PING: case WSOC_PONG: { int fin = (wsh->buffer[0] >> 7) & 1; int mask = (wsh->buffer[1] >> 7) & 1; if (fin) { if (*oc == WSOC_CONTINUATION) { frag = 1; } else { frag = 0; } } if (mask) { need += 4; if (need > wsh->datalen) { /* too small - protocol err */ *oc = WSOC_CLOSE; return ws_close(wsh, WS_PROTO_ERR); } } wsh->plen = wsh->buffer[1] & 0x7f; wsh->payload = &wsh->buffer[2]; if (wsh->plen == 127) { uint64_t *u64; need += 8; if (need > wsh->datalen) { /* too small - protocol err */ *oc = WSOC_CLOSE; return ws_close(wsh, WS_PROTO_ERR); } u64 = (uint64_t *) wsh->payload; wsh->payload += 8; wsh->plen = ntohl((u_long)*u64); } else if (wsh->plen == 126) { uint16_t *u16; need += 2; if (need > wsh->datalen) { /* too small - protocol err */ *oc = WSOC_CLOSE; return ws_close(wsh, WS_PROTO_ERR); } u16 = (uint16_t *) wsh->payload; wsh->payload += 2; wsh->plen = ntohs(*u16); } if (mask) { maskp = (char *)wsh->payload; wsh->payload += 4; } need = (wsh->plen - (wsh->datalen - need)); if (need < 0) { /* invalid read - protocol err .. */ *oc = WSOC_CLOSE; return ws_close(wsh, WS_PROTO_ERR); } if ((need + wsh->datalen) > (ssize_t)wsh->buflen) { /* too big - Ain't nobody got time fo' dat */ *oc = WSOC_CLOSE; return ws_close(wsh, WS_DATA_TOO_BIG); } wsh->rplen = wsh->plen - need; while(need) { ssize_t r = ws_raw_read(wsh, wsh->payload + wsh->rplen, need, WS_BLOCK); if (r < 1) { /* invalid read - protocol err .. */ *oc = WSOC_CLOSE; return ws_close(wsh, WS_PROTO_ERR); } wsh->datalen += r; wsh->rplen += r; need -= r; } if (mask && maskp) { ssize_t i; for (i = 0; i < wsh->datalen; i++) { wsh->payload[i] ^= maskp[i % 4]; } } if (*oc == WSOC_PING) { ws_write_frame(wsh, WSOC_PONG, wsh->payload, wsh->rplen); goto again; } if (frag) { goto again; } *(wsh->payload+wsh->rplen) = '\0'; *data = (uint8_t *)wsh->payload; //printf("READ[%ld][%d]-----------------------------:\n[%s]\n-------------------------------\n", wsh->rplen, *oc, (char *)*data); return wsh->rplen; } break; default: { /* invalid op code - protocol err .. */ *oc = WSOC_CLOSE; return ws_close(wsh, WS_PROTO_ERR); } break; } }
int ws_process(struct tcp_connection *con) { struct ws_req *req; struct ws_req *newreq; long size = 0; enum ws_close_code ret_code = WS_ERR_NONE; unsigned char bk; char *msg_buf; int msg_len; struct receive_info local_rcv; if (con->con_req) { req=(struct ws_req *)con->con_req; LM_DBG("Using the per connection buff \n"); } else { LM_DBG("Using the global ( per process ) buff \n"); init_ws_req(&ws_current_req, 0); req=&ws_current_req; } again: if (req->tcp.error == TCP_REQ_OK) { if (req->tcp.parsed >= req->tcp.pos) { if (ws_raw_read(con, &req->tcp) < 0) { LM_ERR("failed to read %d:%s\n", errno, strerror(errno)); goto error; } } ret_code = ws_parse(req); if (ret_code) goto error; /* eof check: * is EOF if eof on fd and r. not complete yet, * if r. is complete we might have a second unparsed * request after it, so postpone release_with_eof */ if ((con->state==S_CONN_EOF) && (req->tcp.complete==0)) { LM_DBG("EOF received\n"); goto done; } /* sanity mask checks */ if ((WS_TYPE(con) == WS_CLIENT && req->is_masked) || (WS_TYPE(con) == WS_SERVER && !req->is_masked)) { LM_DBG("malformed WS msg - %s %s\n", req->is_masked ? "masked" : "not masked", WS_TYPE(con) == WS_CLIENT ? "client" : "server"); ret_code = WS_ERR_BADDATA; goto error; } } if (req->tcp.complete) { /* update the timeout - we succesfully read the request */ tcp_conn_set_lifetime(con, ws_send_timeout); con->timeout=con->lifetime; /* if we are here everything is nice and ok*/ update_stat( pt[process_no].load, +1 ); /* rcv.bind_address should always be !=0 */ bind_address=con->rcv.bind_address; con->rcv.proto_reserved1=con->id; /* copy the id */ size=req->tcp.pos-req->tcp.parsed; switch (req->op) { case WS_OP_CLOSE: if (req->tcp.content_len) { /* for now we are only interested in the code, not the reason */ ret_code = WS_CLOSE_CODE(req); switch(ret_code) { case WS_ERR_NORMAL: LM_DBG("Normal WebSocket close\n"); break; case WS_ERR_CLIENT: LM_DBG("Client error close\n"); break; case WS_ERR_PROTO: LM_DBG("WebSocket protocol error\n"); break; case WS_ERR_BADDATA: LM_DBG("Data type not consistent\n"); break; case WS_ERR_POLICY: LM_DBG("Bad policy close\n"); break; case WS_ERR_TOO_BIG: LM_DBG("Packet too big close\n"); break; case WS_ERR_BADEXT: LM_DBG("Bad extension close\n"); break; case WS_ERR_UNEXPECT: LM_DBG("Unexpected condition close\n"); break; default: LM_DBG("Unknown WebSocket close: %d\n", ret_code); } } else { ret_code = WS_ERR_NORMAL; } /* respond to close */ WS_CODE(con) = ret_code; ws_send_close(con); WS_CODE(con) = WS_ERR_NOSEND; /* release the connextion */ con->state = S_CONN_EOF; goto done; case WS_OP_PING: if (ws_send_pong(con, req) < 0) LM_ERR("cannot send PONG msg\n"); break; case WS_OP_PONG: LM_DBG("Received WebSocket PONG\n"); break; case WS_OP_TEXT: case WS_OP_BIN: bk = *req->tcp.parsed; *req->tcp.parsed = 0; msg_buf = req->tcp.body; msg_len = req->tcp.parsed-req->tcp.body; local_rcv = con->rcv; if (!size) { /* did not read any more things - we can release * the connection */ LM_DBG("We're releasing the connection in state %d \n", con->state); if (req != &ws_current_req) { /* we have the buffer in the connection tied buff - * detach it , release the conn and free it afterwards */ con->con_req = NULL; } /* TODO - we could indicate to the TCP net layer to release * the connection -> other worker may read the next available * message on the pipe */ } else { LM_DBG("We still have things on the pipe - " "keeping connection \n"); } if (receive_msg(msg_buf, msg_len, &local_rcv) <0) LM_ERR("receive_msg failed \n"); *req->tcp.parsed = bk; break; default: LM_BUG("Can't handle %d\n", req->op); goto error; } update_stat( pt[process_no].load, -1 ); if (size) memmove(req->tcp.buf, req->tcp.parsed, size); #ifdef EXTRA_DEBUG LM_DBG("preparing for new request, kept %ld bytes\n", size); #endif init_ws_req(req, size); con->msg_attempts = 0; /* if we still have some unparsed bytes, try to parse them too*/ if (size) goto again; /* cleanup the existing request */ if (req != &ws_current_req) pkg_free(req); } else { /* request not complete - check the if the thresholds are exceeded */ con->msg_attempts++; if (con->msg_attempts == ws_max_msg_chunks) { LM_ERR("Made %u read attempts but message is not complete yet - " "closing connection \n",con->msg_attempts); goto error; } if (req == &ws_current_req) { /* let's duplicate this - most likely another conn will come in */ LM_DBG("We didn't manage to read a full request\n"); newreq = pkg_malloc(sizeof(struct ws_req)); if (newreq == NULL) { LM_ERR("No more mem for dynamic con request buffer\n"); goto error; } if (req->tcp.pos != req->tcp.buf) { /* we have read some bytes */ memcpy(newreq->tcp.buf,req->tcp.buf,req->tcp.pos-req->tcp.buf); newreq->tcp.pos = newreq->tcp.buf + (req->tcp.pos-req->tcp.buf); } else { newreq->tcp.pos = newreq->tcp.buf; } if (req->tcp.start != req->tcp.buf) newreq->tcp.start = newreq->tcp.buf +(req->tcp.start-req->tcp.buf); else newreq->tcp.start = newreq->tcp.buf; if (req->tcp.parsed != req->tcp.buf) newreq->tcp.parsed =newreq->tcp.buf+(req->tcp.parsed-req->tcp.buf); else newreq->tcp.parsed = newreq->tcp.buf; if (req->tcp.body != 0) { newreq->tcp.body = newreq->tcp.buf + (req->tcp.body-req->tcp.buf); } else newreq->tcp.body = 0; newreq->tcp.complete=req->tcp.complete; newreq->tcp.has_content_len=req->tcp.has_content_len; newreq->tcp.content_len=req->tcp.content_len; newreq->tcp.bytes_to_go=req->tcp.bytes_to_go; newreq->tcp.error = req->tcp.error; newreq->tcp.state = req->tcp.state; newreq->op = req->op; newreq->mask = req->mask; newreq->is_masked = req->is_masked; con->con_req = (struct tcp_req *)newreq; } } LM_DBG("ws_read end\n"); done: /* connection will be released */ return size; error: WS_CODE(con) = ret_code; if (WS_CODE(con) != WS_ERR_NONE) { ws_send_close(con); WS_CODE(con) = WS_ERR_NOSEND; } return -1; }
int ws_handshake(wsh_t *wsh) { char key[256] = ""; char version[5] = ""; char proto[256] = ""; char proto_buf[384] = ""; char input[256] = ""; unsigned char output[SHA1_HASH_SIZE] = ""; char b64[256] = ""; char respond[512] = ""; ssize_t bytes; char *p, *e = 0; if (wsh->sock == ws_sock_invalid) { return -3; } while((bytes = ws_raw_read(wsh, wsh->buffer + wsh->datalen, wsh->buflen - wsh->datalen, WS_BLOCK)) > 0) { wsh->datalen += bytes; if (strstr(wsh->buffer, "\r\n\r\n") || strstr(wsh->buffer, "\n\n")) { break; } } if (bytes > sizeof(wsh->buffer) -1) { goto err; } *(wsh->buffer + wsh->datalen) = '\0'; if (strncasecmp(wsh->buffer, "GET ", 4)) { goto err; } p = wsh->buffer + 4; e = strchr(p, ' '); if (!e) { goto err; } wsh->uri = malloc((e-p) + 1); strncpy(wsh->uri, p, e-p); *(wsh->uri + (e-p)) = '\0'; cheezy_get_var(wsh->buffer, "Sec-WebSocket-Key", key, sizeof(key)); cheezy_get_var(wsh->buffer, "Sec-WebSocket-Version", version, sizeof(version)); cheezy_get_var(wsh->buffer, "Sec-WebSocket-Protocol", proto, sizeof(proto)); if (!*key) { goto err; } snprintf(input, sizeof(input), "%s%s", key, WEBSOCKET_GUID); sha1_digest(output, input); b64encode((unsigned char *)output, SHA1_HASH_SIZE, (unsigned char *)b64, sizeof(b64)); if (*proto) { snprintf(proto_buf, sizeof(proto_buf), "Sec-WebSocket-Protocol: %s\r\n", proto); } snprintf(respond, sizeof(respond), "HTTP/1.1 101 Switching Protocols\r\n" "Upgrade: websocket\r\n" "Connection: Upgrade\r\n" "Sec-WebSocket-Accept: %s\r\n" "%s\r\n", b64, proto_buf); respond[511] = 0; if (ws_raw_write(wsh, respond, strlen(respond)) != (ssize_t)strlen(respond)) { goto err; } wsh->handshake = 1; return 0; err: if (!wsh->stay_open) { snprintf(respond, sizeof(respond), "HTTP/1.1 400 Bad Request\r\n" "Sec-WebSocket-Version: 13\r\n\r\n"); respond[511] = 0; ws_raw_write(wsh, respond, strlen(respond)); ws_close(wsh, WS_NONE); } return -1; }