int lws_ws_handshake_client(struct lws *wsi, unsigned char **buf, size_t len) { if ((lwsi_state(wsi) != LRS_WAITING_PROXY_REPLY) && (lwsi_state(wsi) != LRS_H1C_ISSUE_HANDSHAKE) && (lwsi_state(wsi) != LRS_WAITING_SERVER_REPLY) && !lwsi_role_client(wsi)) return 0; // lwsl_notice("%s: hs client gets %d in\n", __func__, (int)len); while (len) { /* * we were accepting input but now we stopped doing so */ if (lws_is_flowcontrolled(wsi)) { //lwsl_notice("%s: caching %ld\n", __func__, (long)len); lws_rxflow_cache(wsi, *buf, 0, (int)len); *buf += len; return 0; } #if !defined(LWS_WITHOUT_EXTENSIONS) if (wsi->ws->rx_draining_ext) { int m; //lwsl_notice("%s: draining ext\n", __func__); if (lwsi_role_client(wsi)) m = lws_ws_client_rx_sm(wsi, 0); else m = lws_ws_rx_sm(wsi, 0, 0); if (m < 0) return -1; continue; } #endif /* caller will account for buflist usage */ if (lws_ws_client_rx_sm(wsi, *(*buf)++)) { lwsl_notice("%s: client_rx_sm exited, DROPPING %d\n", __func__, (int)len); return -1; } len--; } // lwsl_notice("%s: finished with %ld\n", __func__, (long)len); return 0; }
int lws_ssl_client_connect2(struct lws *wsi, char *errbuf, int len) { int n = 0; if (lwsi_state(wsi) == LRS_WAITING_SSL) { lws_latency_pre(wsi->context, wsi); n = lws_tls_client_connect(wsi); lwsl_debug("%s: SSL_connect says %d\n", __func__, n); lws_latency(wsi->context, wsi, "SSL_connect LRS_WAITING_SSL", n, n > 0); switch (n) { case LWS_SSL_CAPABLE_ERROR: lws_snprintf(errbuf, len, "client connect failed"); return -1; case LWS_SSL_CAPABLE_DONE: break; /* connected */ case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE: lws_callback_on_writable(wsi); /* fallthru */ case LWS_SSL_CAPABLE_MORE_SERVICE_READ: lwsi_set_state(wsi, LRS_WAITING_SSL); /* fallthru */ case LWS_SSL_CAPABLE_MORE_SERVICE: return 0; } } if (lws_tls_client_confirm_peer_cert(wsi, errbuf, len)) return -1; return 1; }
static int rops_handle_POLLOUT_raw_proxy(struct lws *wsi) { if (lwsi_state(wsi) == LRS_ESTABLISHED) return LWS_HP_RET_USER_SERVICE; if (lwsi_role_client(wsi)) return LWS_HP_RET_USER_SERVICE; return LWS_HP_RET_BAIL_OK; }
void lws_service_do_ripe_rxflow(struct lws_context_per_thread *pt) { struct lws_pollfd pfd; if (!pt->dll_head_buflist.next) return; /* * service all guys with pending rxflow that reached a state they can * accept the pending data */ lws_pt_lock(pt, __func__); lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, pt->dll_head_buflist.next) { struct lws *wsi = lws_container_of(d, struct lws, dll_buflist); pfd.events = LWS_POLLIN; pfd.revents = LWS_POLLIN; pfd.fd = -1; lwsl_debug("%s: rxflow processing: %p 0x%x\n", __func__, wsi, wsi->wsistate); if (!lws_is_flowcontrolled(wsi) && lwsi_state(wsi) != LRS_DEFERRING_ACTION && (wsi->role_ops->handle_POLLIN)(pt, wsi, &pfd) == LWS_HPI_RET_PLEASE_CLOSE_ME) lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "close_and_handled"); } lws_end_foreach_dll_safe(d, d1); lws_pt_unlock(pt); }
LWS_VISIBLE LWS_EXTERN int lws_service_adjust_timeout(struct lws_context *context, int timeout_ms, int tsi) { struct lws_context_per_thread *pt = &context->pt[tsi]; /* Figure out if we really want to wait in poll() * We only need to wait if really nothing already to do and we have * to wait for something from network */ #if defined(LWS_ROLE_WS) && !defined(LWS_WITHOUT_EXTENSIONS) /* 1) if we know we are draining rx ext, do not wait in poll */ if (pt->ws.rx_draining_ext_list) return 0; #endif /* 2) if we know we have non-network pending data, do not wait in poll */ if (pt->context->tls_ops && pt->context->tls_ops->fake_POLLIN_for_buffered) if (pt->context->tls_ops->fake_POLLIN_for_buffered(pt)) return 0; /* 3) If there is any wsi with rxflow buffered and in a state to process * it, we should not wait in poll */ lws_start_foreach_dll(struct lws_dll_lws *, d, pt->dll_head_buflist.next) { struct lws *wsi = lws_container_of(d, struct lws, dll_buflist); if (lwsi_state(wsi) != LRS_DEFERRING_ACTION) return 0; } lws_end_foreach_dll(d); return timeout_ms; }
/* * notice this returns number of bytes consumed, or -1 */ int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len) { struct lws_context *context = lws_get_context(wsi); struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; size_t real_len = len; unsigned int n; // lwsl_hexdump_err(buf, len); /* * Detect if we got called twice without going through the * event loop to handle pending. This would be caused by either * back-to-back writes in one WRITABLE (illegal) or calling lws_write() * from outside the WRITABLE callback (illegal). */ if (wsi->could_have_pending) { lwsl_hexdump_level(LLL_ERR, buf, len); lwsl_err("** %p: vh: %s, prot: %s, role %s: " "Illegal back-to-back write of %lu detected...\n", wsi, wsi->vhost->name, wsi->protocol->name, wsi->role_ops->name, (unsigned long)len); // assert(0); return -1; } lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_API_WRITE, 1); if (!len) return 0; /* just ignore sends after we cleared the truncation buffer */ if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE && !wsi->trunc_len) return (int)len; if (wsi->trunc_len && (buf < wsi->trunc_alloc || buf > (wsi->trunc_alloc + wsi->trunc_len + wsi->trunc_offset))) { lwsl_hexdump_level(LLL_ERR, buf, len); lwsl_err("** %p: vh: %s, prot: %s, Sending new %lu, pending truncated ...\n" " It's illegal to do an lws_write outside of\n" " the writable callback: fix your code\n", wsi, wsi->vhost->name, wsi->protocol->name, (unsigned long)len); assert(0); return -1; } if (!wsi->http2_substream && !lws_socket_is_valid(wsi->desc.sockfd)) lwsl_warn("** error invalid sock but expected to send\n"); /* limit sending */ if (wsi->protocol->tx_packet_size) n = (int)wsi->protocol->tx_packet_size; else { n = (int)wsi->protocol->rx_buffer_size; if (!n) n = context->pt_serv_buf_size; } n += LWS_PRE + 4; if (n > len) n = (int)len; /* nope, send it on the socket directly */ lws_latency_pre(context, wsi); n = lws_ssl_capable_write(wsi, buf, n); lws_latency(context, wsi, "send lws_issue_raw", n, n == len); /* something got written, it can have been truncated now */ wsi->could_have_pending = 1; switch (n) { case LWS_SSL_CAPABLE_ERROR: /* we're going to close, let close know sends aren't possible */ wsi->socket_is_permanently_unusable = 1; return -1; case LWS_SSL_CAPABLE_MORE_SERVICE: /* * nothing got sent, not fatal. Retry the whole thing later, * ie, implying treat it was a truncated send so it gets * retried */ n = 0; break; } /* * we were already handling a truncated send? */ if (wsi->trunc_len) { lwsl_info("%p partial adv %d (vs %ld)\n", wsi, n, (long)real_len); wsi->trunc_offset += n; wsi->trunc_len -= n; if (!wsi->trunc_len) { lwsl_info("** %p partial send completed\n", wsi); /* done with it, but don't free it */ n = (int)real_len; if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE) { lwsl_info("** %p signalling to close now\n", wsi); return -1; /* retry closing now */ } } /* always callback on writeable */ lws_callback_on_writable(wsi); return n; } if ((unsigned int)n == real_len) /* what we just sent went out cleanly */ return n; /* * Newly truncated send. Buffer the remainder (it will get * first priority next time the socket is writable). */ lwsl_debug("%p new partial sent %d from %lu total\n", wsi, n, (unsigned long)real_len); lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITE_PARTIALS, 1); lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_B_PARTIALS_ACCEPTED_PARTS, n); /* * - if we still have a suitable malloc lying around, use it * - or, if too small, reallocate it * - or, if no buffer, create it */ if (!wsi->trunc_alloc || real_len - n > wsi->trunc_alloc_len) { lws_free(wsi->trunc_alloc); wsi->trunc_alloc_len = (unsigned int)(real_len - n); wsi->trunc_alloc = lws_malloc(real_len - n, "truncated send alloc"); if (!wsi->trunc_alloc) { lwsl_err("truncated send: unable to malloc %lu\n", (unsigned long)(real_len - n)); return -1; } } wsi->trunc_offset = 0; wsi->trunc_len = (unsigned int)(real_len - n); memcpy(wsi->trunc_alloc, buf + n, real_len - n); #if !defined(LWS_WITH_ESP32) if (lws_wsi_is_udp(wsi)) { /* stash original destination for fulfilling UDP partials */ wsi->udp->sa_pending = wsi->udp->sa; wsi->udp->salen_pending = wsi->udp->salen; } #endif /* since something buffered, force it to get another chance to send */ lws_callback_on_writable(wsi); return (int)real_len; }
LWS_VISIBLE int lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd) { struct lws_context *context = wsi->context; struct lws_vhost *vh; struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; int n; char buf[256]; (void)buf; if (!LWS_SSL_ENABLED(wsi->vhost)) return 0; switch (lwsi_state(wsi)) { case LRS_SSL_INIT: if (wsi->tls.ssl) lwsl_err("%s: leaking ssl\n", __func__); if (accept_fd == LWS_SOCK_INVALID) assert(0); if (context->simultaneous_ssl_restriction && context->simultaneous_ssl >= context->simultaneous_ssl_restriction) { lwsl_notice("unable to deal with SSL connection\n"); return 1; } if (lws_tls_server_new_nonblocking(wsi, accept_fd)) { if (accept_fd != LWS_SOCK_INVALID) compatible_close(accept_fd); goto fail; } if (context->simultaneous_ssl_restriction && ++context->simultaneous_ssl == context->simultaneous_ssl_restriction) /* that was the last allowed SSL connection */ lws_gate_accepts(context, 0); #if defined(LWS_WITH_STATS) context->updated = 1; #endif /* * we are not accepted yet, but we need to enter ourselves * as a live connection. That way we can retry when more * pieces come if we're not sorted yet */ lwsi_set_state(wsi, LRS_SSL_ACK_PENDING); lws_pt_lock(pt, __func__); if (__insert_wsi_socket_into_fds(context, wsi)) { lwsl_err("%s: failed to insert into fds\n", __func__); goto fail; } lws_pt_unlock(pt); lws_set_timeout(wsi, PENDING_TIMEOUT_SSL_ACCEPT, context->timeout_secs); lwsl_debug("inserted SSL accept into fds, trying SSL_accept\n"); /* fallthru */ case LRS_SSL_ACK_PENDING: if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { lwsl_err("%s: lws_change_pollfd failed\n", __func__); goto fail; } lws_latency_pre(context, wsi); if (wsi->vhost->tls.allow_non_ssl_on_ssl_port) { n = recv(wsi->desc.sockfd, (char *)pt->serv_buf, context->pt_serv_buf_size, MSG_PEEK); /* * optionally allow non-SSL connect on SSL listening socket * This is disabled by default, if enabled it goes around any * SSL-level access control (eg, client-side certs) so leave * it disabled unless you know it's not a problem for you */ if (n >= 1 && pt->serv_buf[0] >= ' ') { /* * TLS content-type for Handshake is 0x16, and * for ChangeCipherSpec Record, it's 0x14 * * A non-ssl session will start with the HTTP * method in ASCII. If we see it's not a legit * SSL handshake kill the SSL for this * connection and try to handle as a HTTP * connection upgrade directly. */ wsi->tls.use_ssl = 0; lws_tls_server_abort_connection(wsi); /* * care... this creates wsi with no ssl * when ssl is enabled and normally * mandatory */ wsi->tls.ssl = NULL; if (lws_check_opt(context->options, LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS)) wsi->tls.redirect_to_https = 1; lwsl_debug("accepted as non-ssl\n"); goto accepted; } if (!n) { /* * connection is gone, fail out */ lwsl_debug("PEEKed 0\n"); goto fail; } if (n < 0 && (LWS_ERRNO == LWS_EAGAIN || LWS_ERRNO == LWS_EWOULDBLOCK)) { /* * well, we get no way to know ssl or not * so go around again waiting for something * to come and give us a hint, or timeout the * connection. */ if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) { lwsl_info("%s: change_pollfd failed\n", __func__); return -1; } lwsl_info("SSL_ERROR_WANT_READ\n"); return 0; } } /* normal SSL connection processing path */ #if defined(LWS_WITH_STATS) /* only set this the first time around */ if (!wsi->accept_start_us) wsi->accept_start_us = lws_time_in_microseconds(); #endif errno = 0; lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN, 1); n = lws_tls_server_accept(wsi); lws_latency(context, wsi, "SSL_accept LRS_SSL_ACK_PENDING\n", n, n == 1); lwsl_info("SSL_accept says %d\n", n); switch (n) { case LWS_SSL_CAPABLE_DONE: break; case LWS_SSL_CAPABLE_ERROR: lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_SSL_CONNECTIONS_FAILED, 1); lwsl_info("SSL_accept failed socket %u: %d\n", wsi->desc.sockfd, n); wsi->socket_is_permanently_unusable = 1; goto fail; default: /* MORE_SERVICE */ return 0; } lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED, 1); #if defined(LWS_WITH_STATS) if (wsi->accept_start_us) lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY, lws_time_in_microseconds() - wsi->accept_start_us); wsi->accept_start_us = lws_time_in_microseconds(); #endif accepted: /* adapt our vhost to match the SNI SSL_CTX that was chosen */ vh = context->vhost_list; while (vh) { if (!vh->being_destroyed && wsi->tls.ssl && vh->tls.ssl_ctx == lws_tls_ctx_from_wsi(wsi)) { lwsl_info("setting wsi to vh %s\n", vh->name); lws_vhost_bind_wsi(vh, wsi); break; } vh = vh->vhost_next; } /* OK, we are accepted... give him some time to negotiate */ lws_set_timeout(wsi, PENDING_TIMEOUT_ESTABLISH_WITH_SERVER, context->timeout_secs); lwsi_set_state(wsi, LRS_ESTABLISHED); if (lws_tls_server_conn_alpn(wsi)) goto fail; lwsl_debug("accepted new SSL conn\n"); break; default: break; } return 0; fail: return 1; }
int lws_client_socket_service(struct lws *wsi, struct lws_pollfd *pollfd, struct lws *wsi_conn) { struct lws_context *context = wsi->context; struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; char *p = (char *)&pt->serv_buf[0]; struct lws *w; #if defined(LWS_WITH_TLS) char ebuf[128]; #endif const char *cce = NULL; #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) ssize_t len = 0; unsigned char c; #endif char *sb = p; int n = 0; #if defined(LWS_WITH_SOCKS5) char conn_mode = 0, pending_timeout = 0; #endif if ((pollfd->revents & LWS_POLLOUT) && wsi->keepalive_active && wsi->dll_client_transaction_queue_head.next) { struct lws *wfound = NULL; lwsl_debug("%s: pollout HANDSHAKE2\n", __func__); /* * We have a transaction queued that wants to pipeline. * * We have to allow it to send headers strictly in the order * that it was queued, ie, tail-first. */ lws_vhost_lock(wsi->vhost); lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, wsi->dll_client_transaction_queue_head.next) { struct lws *w = lws_container_of(d, struct lws, dll_client_transaction_queue); lwsl_debug("%s: %p states 0x%x\n", __func__, w, w->wsistate); if (lwsi_state(w) == LRS_H1C_ISSUE_HANDSHAKE2) wfound = w; } lws_end_foreach_dll_safe(d, d1); if (wfound) { /* * pollfd has the master sockfd in it... we * need to use that in HANDSHAKE2 to understand * which wsi to actually write on */ lws_client_socket_service(wfound, pollfd, wsi); lws_callback_on_writable(wsi); } else lwsl_debug("%s: didn't find anything in txn q in HS2\n", __func__); lws_vhost_unlock(wsi->vhost); return 0; } switch (lwsi_state(wsi)) { case LRS_WAITING_CONNECT: /* * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE * timeout protection set in client-handshake.c */ if (!lws_client_connect_2(wsi)) { /* closed */ lwsl_client("closed\n"); return -1; } /* either still pending connection, or changed mode */ return 0; #if defined(LWS_WITH_SOCKS5) /* SOCKS Greeting Reply */ case LRS_WAITING_SOCKS_GREETING_REPLY: case LRS_WAITING_SOCKS_AUTH_REPLY: case LRS_WAITING_SOCKS_CONNECT_REPLY: /* handle proxy hung up on us */ if (pollfd->revents & LWS_POLLHUP) { lwsl_warn("SOCKS connection %p (fd=%d) dead\n", (void *)wsi, pollfd->fd); goto bail3; } n = recv(wsi->desc.sockfd, sb, context->pt_serv_buf_size, 0); if (n < 0) { if (LWS_ERRNO == LWS_EAGAIN) { lwsl_debug("SOCKS read EAGAIN, retrying\n"); return 0; } lwsl_err("ERROR reading from SOCKS socket\n"); goto bail3; } switch (lwsi_state(wsi)) { case LRS_WAITING_SOCKS_GREETING_REPLY: if (pt->serv_buf[0] != SOCKS_VERSION_5) goto socks_reply_fail; if (pt->serv_buf[1] == SOCKS_AUTH_NO_AUTH) { lwsl_client("SOCKS GR: No Auth Method\n"); socks_generate_msg(wsi, SOCKS_MSG_CONNECT, &len); conn_mode = LRS_WAITING_SOCKS_CONNECT_REPLY; pending_timeout = PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY; goto socks_send; } if (pt->serv_buf[1] == SOCKS_AUTH_USERNAME_PASSWORD) { lwsl_client("SOCKS GR: User/Pw Method\n"); socks_generate_msg(wsi, SOCKS_MSG_USERNAME_PASSWORD, &len); conn_mode = LRS_WAITING_SOCKS_AUTH_REPLY; pending_timeout = PENDING_TIMEOUT_AWAITING_SOCKS_AUTH_REPLY; goto socks_send; } goto socks_reply_fail; case LRS_WAITING_SOCKS_AUTH_REPLY: if (pt->serv_buf[0] != SOCKS_SUBNEGOTIATION_VERSION_1 || pt->serv_buf[1] != SOCKS_SUBNEGOTIATION_STATUS_SUCCESS) goto socks_reply_fail; lwsl_client("SOCKS password OK, sending connect\n"); socks_generate_msg(wsi, SOCKS_MSG_CONNECT, &len); conn_mode = LRS_WAITING_SOCKS_CONNECT_REPLY; pending_timeout = PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY; socks_send: n = send(wsi->desc.sockfd, (char *)pt->serv_buf, len, MSG_NOSIGNAL); if (n < 0) { lwsl_debug("ERROR writing to socks proxy\n"); goto bail3; } lws_set_timeout(wsi, pending_timeout, AWAITING_TIMEOUT); lwsi_set_state(wsi, conn_mode); break; socks_reply_fail: lwsl_notice("socks reply: v%d, err %d\n", pt->serv_buf[0], pt->serv_buf[1]); goto bail3; case LRS_WAITING_SOCKS_CONNECT_REPLY: if (pt->serv_buf[0] != SOCKS_VERSION_5 || pt->serv_buf[1] != SOCKS_REQUEST_REPLY_SUCCESS) goto socks_reply_fail; lwsl_client("socks connect OK\n"); /* free stash since we are done with it */ lws_client_stash_destroy(wsi); if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, wsi->vhost->socks_proxy_address)) goto bail3; wsi->c_port = wsi->vhost->socks_proxy_port; /* clear his proxy connection timeout */ lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); goto start_ws_handshake; } break; #endif case LRS_WAITING_PROXY_REPLY: /* handle proxy hung up on us */ if (pollfd->revents & LWS_POLLHUP) { lwsl_warn("Proxy connection %p (fd=%d) dead\n", (void *)wsi, pollfd->fd); goto bail3; } n = recv(wsi->desc.sockfd, sb, context->pt_serv_buf_size, 0); if (n < 0) { if (LWS_ERRNO == LWS_EAGAIN) { lwsl_debug("Proxy read EAGAIN... retrying\n"); return 0; } lwsl_err("ERROR reading from proxy socket\n"); goto bail3; } pt->serv_buf[13] = '\0'; if (strcmp(sb, "HTTP/1.0 200 ") && strcmp(sb, "HTTP/1.1 200 ")) { lwsl_err("ERROR proxy: %s\n", sb); goto bail3; } /* clear his proxy connection timeout */ lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); /* fallthru */ case LRS_H1C_ISSUE_HANDSHAKE: /* * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE * timeout protection set in client-handshake.c * * take care of our lws_callback_on_writable * happening at a time when there's no real connection yet */ #if defined(LWS_WITH_SOCKS5) start_ws_handshake: #endif if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) return -1; #if defined(LWS_WITH_TLS) /* we can retry this... just cook the SSL BIO the first time */ if ((wsi->tls.use_ssl & LCCSCF_USE_SSL) && !wsi->tls.ssl && lws_ssl_client_bio_create(wsi) < 0) { cce = "bio_create failed"; goto bail3; } if (wsi->tls.use_ssl & LCCSCF_USE_SSL) { n = lws_ssl_client_connect1(wsi); if (!n) return 0; if (n < 0) { cce = "lws_ssl_client_connect1 failed"; goto bail3; } } else wsi->tls.ssl = NULL; /* fallthru */ case LRS_WAITING_SSL: if (wsi->tls.use_ssl & LCCSCF_USE_SSL) { n = lws_ssl_client_connect2(wsi, ebuf, sizeof(ebuf)); if (!n) return 0; if (n < 0) { cce = ebuf; goto bail3; } } else wsi->tls.ssl = NULL; #endif #if defined (LWS_WITH_HTTP2) if (wsi->client_h2_alpn) { /* * We connected to the server and set up tls, and * negotiated "h2". * * So this is it, we are an h2 master client connection * now, not an h1 client connection. */ lws_tls_server_conn_alpn(wsi); /* send the H2 preface to legitimize the connection */ if (lws_h2_issue_preface(wsi)) { cce = "error sending h2 preface"; goto bail3; } break; } #endif lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE2); lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND, context->timeout_secs); /* fallthru */ case LRS_H1C_ISSUE_HANDSHAKE2: p = lws_generate_client_handshake(wsi, p); if (p == NULL) { if (wsi->role_ops == &role_ops_raw_skt || wsi->role_ops == &role_ops_raw_file) return 0; lwsl_err("Failed to generate handshake for client\n"); lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "chs"); return 0; } /* send our request to the server */ lws_latency_pre(context, wsi); w = _lws_client_wsi_master(wsi); lwsl_info("%s: HANDSHAKE2: %p: sending headers on %p (wsistate 0x%x 0x%x)\n", __func__, wsi, w, wsi->wsistate, w->wsistate); n = lws_ssl_capable_write(w, (unsigned char *)sb, (int)(p - sb)); lws_latency(context, wsi, "send lws_issue_raw", n, n == p - sb); switch (n) { case LWS_SSL_CAPABLE_ERROR: lwsl_debug("ERROR writing to client socket\n"); lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "cws"); return 0; case LWS_SSL_CAPABLE_MORE_SERVICE: lws_callback_on_writable(wsi); break; } if (wsi->client_http_body_pending) { lwsi_set_state(wsi, LRS_ISSUE_HTTP_BODY); lws_set_timeout(wsi, PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD, context->timeout_secs); /* user code must ask for writable callback */ break; } lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); wsi->hdr_parsing_completed = 0; if (lwsi_state(w) == LRS_IDLING) { lwsi_set_state(w, LRS_WAITING_SERVER_REPLY); w->hdr_parsing_completed = 0; #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) w->http.ah->parser_state = WSI_TOKEN_NAME_PART; w->http.ah->lextable_pos = 0; /* If we're (re)starting on headers, need other implied init */ wsi->http.ah->ues = URIES_IDLE; #endif } lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, wsi->context->timeout_secs); lws_callback_on_writable(w); goto client_http_body_sent; case LRS_ISSUE_HTTP_BODY: if (wsi->client_http_body_pending) { //lws_set_timeout(wsi, // PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD, // context->timeout_secs); /* user code must ask for writable callback */ break; } client_http_body_sent: #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) /* prepare ourselves to do the parsing */ wsi->http.ah->parser_state = WSI_TOKEN_NAME_PART; wsi->http.ah->lextable_pos = 0; #endif lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, context->timeout_secs); break; case LRS_WAITING_SERVER_REPLY: /* * handle server hanging up on us... * but if there is POLLIN waiting, handle that first */ if ((pollfd->revents & (LWS_POLLIN | LWS_POLLHUP)) == LWS_POLLHUP) { lwsl_debug("Server connection %p (fd=%d) dead\n", (void *)wsi, pollfd->fd); cce = "Peer hung up"; goto bail3; } if (!(pollfd->revents & LWS_POLLIN)) break; #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) /* interpret the server response * * HTTP/1.1 101 Switching Protocols * Upgrade: websocket * Connection: Upgrade * Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo= * Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC== * Sec-WebSocket-Protocol: chat * * we have to take some care here to only take from the * socket bytewise. The browser may (and has been seen to * in the case that onopen() performs websocket traffic) * coalesce both handshake response and websocket traffic * in one packet, since at that point the connection is * definitively ready from browser pov. */ len = 1; while (wsi->http.ah->parser_state != WSI_PARSING_COMPLETE && len > 0) { int plen = 1; n = lws_ssl_capable_read(wsi, &c, 1); lws_latency(context, wsi, "send lws_issue_raw", n, n == 1); switch (n) { case 0: case LWS_SSL_CAPABLE_ERROR: cce = "read failed"; goto bail3; case LWS_SSL_CAPABLE_MORE_SERVICE: return 0; } if (lws_parse(wsi, &c, &plen)) { lwsl_warn("problems parsing header\n"); goto bail3; } } /* * hs may also be coming in multiple packets, there is a 5-sec * libwebsocket timeout still active here too, so if parsing did * not complete just wait for next packet coming in this state */ if (wsi->http.ah->parser_state != WSI_PARSING_COMPLETE) break; #endif /* * otherwise deal with the handshake. If there's any * packet traffic already arrived we'll trigger poll() again * right away and deal with it that way */ return lws_client_interpret_server_handshake(wsi); bail3: lwsl_info("closing conn at LWS_CONNMODE...SERVER_REPLY\n"); if (cce) lwsl_info("reason: %s\n", cce); wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_CONNECTION_ERROR, wsi->user_space, (void *)cce, cce ? strlen(cce) : 0); wsi->already_did_cce = 1; lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "cbail3"); return -1; default: break; } return 0; }
LWS_VISIBLE int lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd) { volatile struct lws *vwsi = (volatile struct lws *)wsi; int n; //lwsl_notice("%s: %p\n", __func__, wsi); vwsi->leave_pollout_active = 0; vwsi->handling_pollout = 1; /* * if another thread wants POLLOUT on us, from here on while * handling_pollout is set, he will only set leave_pollout_active. * If we are going to disable POLLOUT, we will check that first. */ wsi->could_have_pending = 0; /* clear back-to-back write detection */ /* * user callback is lowest priority to get these notifications * actually, since other pending things cannot be disordered * * Priority 1: pending truncated sends are incomplete ws fragments * If anything else sent first the protocol would be * corrupted. */ if (wsi->trunc_len) { //lwsl_notice("%s: completing partial\n", __func__); if (lws_issue_raw(wsi, wsi->trunc_alloc + wsi->trunc_offset, wsi->trunc_len) < 0) { lwsl_info("%s signalling to close\n", __func__); goto bail_die; } /* leave POLLOUT active either way */ goto bail_ok; } else if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE) { wsi->socket_is_permanently_unusable = 1; goto bail_die; /* retry closing now */ } #ifdef LWS_WITH_CGI /* * A cgi master's wire protocol remains h1 or h2. He is just getting * his data from his child cgis. */ if (wsi->http.cgi) { /* also one shot */ if (pollfd) if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { lwsl_info("failed at set pollfd\n"); return 1; } goto user_service_go_again; } #endif /* if we got here, we should have wire protocol ops set on the wsi */ assert(wsi->role_ops); if (!wsi->role_ops->handle_POLLOUT) goto bail_ok; switch ((wsi->role_ops->handle_POLLOUT)(wsi)) { case LWS_HP_RET_BAIL_OK: goto bail_ok; case LWS_HP_RET_BAIL_DIE: goto bail_die; case LWS_HP_RET_USER_SERVICE: break; default: assert(0); } /* one shot */ if (wsi->parent_carries_io) { vwsi->handling_pollout = 0; vwsi->leave_pollout_active = 0; return lws_callback_as_writeable(wsi); } if (pollfd) { int eff = vwsi->leave_pollout_active; if (!eff) { if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { lwsl_info("failed at set pollfd\n"); goto bail_die; } } vwsi->handling_pollout = 0; /* cannot get leave_pollout_active set after the above */ if (!eff && wsi->leave_pollout_active) { /* * got set inbetween sampling eff and clearing * handling_pollout, force POLLOUT on */ lwsl_debug("leave_pollout_active\n"); if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) { lwsl_info("failed at set pollfd\n"); goto bail_die; } } vwsi->leave_pollout_active = 0; } if (lwsi_role_client(wsi) && !wsi->hdr_parsing_completed && lwsi_state(wsi) != LRS_H2_WAITING_TO_SEND_HEADERS && lwsi_state(wsi) != LRS_ISSUE_HTTP_BODY ) goto bail_ok; #ifdef LWS_WITH_CGI user_service_go_again: #endif if (wsi->role_ops->perform_user_POLLOUT) { if (wsi->role_ops->perform_user_POLLOUT(wsi) == -1) goto bail_die; else goto bail_ok; } lwsl_debug("%s: %p: non mux: wsistate 0x%x, ops %s\n", __func__, wsi, wsi->wsistate, wsi->role_ops->name); vwsi = (volatile struct lws *)wsi; vwsi->leave_pollout_active = 0; n = lws_callback_as_writeable(wsi); vwsi->handling_pollout = 0; if (vwsi->leave_pollout_active) lws_change_pollfd(wsi, 0, LWS_POLLOUT); return n; /* * since these don't disable the POLLOUT, they are always doing the * right thing for leave_pollout_active whether it was set or not. */ bail_ok: vwsi->handling_pollout = 0; vwsi->leave_pollout_active = 0; return 0; bail_die: vwsi->handling_pollout = 0; vwsi->leave_pollout_active = 0; return -1; }
/* * guys that need POLLIN service again without waiting for network action * can force POLLIN here if not flowcontrolled, so they will get service. * * Return nonzero if anybody got their POLLIN faked */ int lws_service_flag_pending(struct lws_context *context, int tsi) { struct lws_context_per_thread *pt = &context->pt[tsi]; #if defined(LWS_WITH_TLS) struct lws *wsi, *wsi_next; #endif int forced = 0; lws_pt_lock(pt, __func__); /* * 1) If there is any wsi with a buflist and in a state to process * it, we should not wait in poll */ lws_start_foreach_dll(struct lws_dll_lws *, d, pt->dll_head_buflist.next) { struct lws *wsi = lws_container_of(d, struct lws, dll_buflist); if (lwsi_state(wsi) != LRS_DEFERRING_ACTION) { forced = 1; break; } } lws_end_foreach_dll(d); #if defined(LWS_ROLE_WS) forced |= role_ops_ws.service_flag_pending(context, tsi); #endif #if defined(LWS_WITH_TLS) /* * 2) For all guys with buffered SSL read data already saved up, if they * are not flowcontrolled, fake their POLLIN status so they'll get * service to use up the buffered incoming data, even though their * network socket may have nothing */ wsi = pt->tls.pending_read_list; while (wsi) { wsi_next = wsi->tls.pending_read_list_next; pt->fds[wsi->position_in_fds_table].revents |= pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN; if (pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN) { forced = 1; /* * he's going to get serviced now, take him off the * list of guys with buffered SSL. If he still has some * at the end of the service, he'll get put back on the * list then. */ __lws_ssl_remove_wsi_from_buffered_list(wsi); } wsi = wsi_next; } #endif lws_pt_unlock(pt); return forced; }
static int __lws_service_timeout_check(struct lws *wsi, time_t sec) { struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; int n = 0; (void)n; /* * if we went beyond the allowed time, kill the * connection */ if (wsi->dll_timeout.prev && lws_compare_time_t(wsi->context, sec, wsi->pending_timeout_set) > wsi->pending_timeout_limit) { if (wsi->desc.sockfd != LWS_SOCK_INVALID && wsi->position_in_fds_table >= 0) n = pt->fds[wsi->position_in_fds_table].events; lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_TIMEOUTS, 1); /* no need to log normal idle keepalive timeout */ if (wsi->pending_timeout != PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE) #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) lwsl_info("wsi %p: TIMEDOUT WAITING on %d " "(did hdr %d, ah %p, wl %d, pfd " "events %d) %llu vs %llu\n", (void *)wsi, wsi->pending_timeout, wsi->hdr_parsing_completed, wsi->http.ah, pt->http.ah_wait_list_length, n, (unsigned long long)sec, (unsigned long long)wsi->pending_timeout_limit); #if defined(LWS_WITH_CGI) if (wsi->http.cgi) lwsl_notice("CGI timeout: %s\n", wsi->http.cgi->summary); #endif #else lwsl_info("wsi %p: TIMEDOUT WAITING on %d ", (void *)wsi, wsi->pending_timeout); #endif /* * Since he failed a timeout, he already had a chance to do * something and was unable to... that includes situations like * half closed connections. So process this "failed timeout" * close as a violent death and don't try to do protocol * cleanup like flush partials. */ wsi->socket_is_permanently_unusable = 1; if (lwsi_state(wsi) == LRS_WAITING_SSL && wsi->protocol) wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_CONNECTION_ERROR, wsi->user_space, (void *)"Timed out waiting SSL", 21); __lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "timeout"); return 1; } return 0; }
struct lws * lws_client_connect_2(struct lws *wsi) { #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) struct lws_context *context = wsi->context; struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; const char *adsin; struct lws *wsi_piggyback = NULL; struct lws_pollfd pfd; ssize_t plen = 0; #endif struct addrinfo *result; #if defined(LWS_WITH_UNIX_SOCK) struct sockaddr_un sau; char unix_skt = 0; #endif const char *ads; sockaddr46 sa46; const struct sockaddr *psa; int n, port; const char *cce = "", *iface; const char *meth = NULL; #ifdef LWS_WITH_IPV6 char ipv6only = lws_check_opt(wsi->vhost->options, LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY | LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE); #if defined(__ANDROID__) ipv6only = 0; #endif #endif lwsl_client("%s: %p\n", __func__, wsi); #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) if (!wsi->http.ah) { cce = "ah was NULL at cc2"; lwsl_err("%s\n", cce); goto oom4; } /* we can only piggyback GET or POST */ meth = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); if (meth && strcmp(meth, "GET") && strcmp(meth, "POST")) goto create_new_conn; /* we only pipeline connections that said it was okay */ if (!wsi->client_pipeline) goto create_new_conn; /* * let's take a look first and see if there are any already-active * client connections we can piggy-back on. */ adsin = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); lws_vhost_lock(wsi->vhost); /* ----------------------------------- { */ lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, wsi->vhost->dll_active_client_conns.next) { struct lws *w = lws_container_of(d, struct lws, dll_active_client_conns); lwsl_debug("%s: check %s %s %d %d\n", __func__, adsin, w->client_hostname_copy, wsi->c_port, w->c_port); if (w != wsi && w->client_hostname_copy && !strcmp(adsin, w->client_hostname_copy) && #if defined(LWS_WITH_TLS) (wsi->tls.use_ssl & LCCSCF_USE_SSL) == (w->tls.use_ssl & LCCSCF_USE_SSL) && #endif wsi->c_port == w->c_port) { /* someone else is already connected to the right guy */ /* do we know for a fact pipelining won't fly? */ if (w->keepalive_rejected) { lwsl_info("defeating pipelining due to no " "keepalive on server\n"); lws_vhost_unlock(wsi->vhost); /* } ---------- */ goto create_new_conn; } #if defined (LWS_WITH_HTTP2) /* * h2: in usable state already: just use it without * going through the queue */ if (w->client_h2_alpn && (lwsi_state(w) == LRS_H2_WAITING_TO_SEND_HEADERS || lwsi_state(w) == LRS_ESTABLISHED)) { lwsl_info("%s: just join h2 directly\n", __func__); wsi->client_h2_alpn = 1; lws_wsi_h2_adopt(w, wsi); lws_vhost_unlock(wsi->vhost); /* } ---------- */ return wsi; } #endif lwsl_info("applying %p to txn queue on %p (wsistate 0x%x)\n", wsi, w, w->wsistate); /* * ...let's add ourselves to his transaction queue... * we are adding ourselves at the HEAD */ lws_dll_lws_add_front(&wsi->dll_client_transaction_queue, &w->dll_client_transaction_queue_head); /* * h1: pipeline our headers out on him, * and wait for our turn at client transaction_complete * to take over parsing the rx. */ wsi_piggyback = w; lws_vhost_unlock(wsi->vhost); /* } ---------- */ goto send_hs; } } lws_end_foreach_dll_safe(d, d1); lws_vhost_unlock(wsi->vhost); /* } ---------------------------------- */ create_new_conn: #endif /* * clients who will create their own fresh connection keep a copy of * the hostname they originally connected to, in case other connections * want to use it too */ if (!wsi->client_hostname_copy) wsi->client_hostname_copy = lws_strdup(lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS)); /* * If we made our own connection, and we're doing a method that can take * a pipeline, we are an "active client connection". * * Add ourselves to the vhost list of those so that others can * piggyback on our transaction queue */ if (meth && (!strcmp(meth, "GET") || !strcmp(meth, "POST")) && lws_dll_is_null(&wsi->dll_client_transaction_queue) && lws_dll_is_null(&wsi->dll_active_client_conns)) { lws_vhost_lock(wsi->vhost); /* caution... we will have to unpick this on oom4 path */ lws_dll_lws_add_front(&wsi->dll_active_client_conns, &wsi->vhost->dll_active_client_conns); lws_vhost_unlock(wsi->vhost); } /* * unix socket destination? */ ads = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); #if defined(LWS_WITH_UNIX_SOCK) if (*ads == '+') { ads++; memset(&sau, 0, sizeof(sau)); sau.sun_family = AF_UNIX; strncpy(sau.sun_path, ads, sizeof(sau.sun_path)); sau.sun_path[sizeof(sau.sun_path) - 1] = '\0'; lwsl_info("%s: Unix skt: %s\n", __func__, ads); if (sau.sun_path[0] == '@') sau.sun_path[0] = '\0'; unix_skt = 1; goto ads_known; } #endif /* * start off allowing ipv6 on connection if vhost allows it */ wsi->ipv6 = LWS_IPV6_ENABLED(wsi->vhost); #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) /* Decide what it is we need to connect to: * * Priority 1: connect to http proxy */ if (wsi->vhost->http.http_proxy_port) { plen = sprintf((char *)pt->serv_buf, "CONNECT %s:%u HTTP/1.0\x0d\x0a" "User-agent: libwebsockets\x0d\x0a", lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS), wsi->c_port); if (wsi->vhost->proxy_basic_auth_token[0]) plen += sprintf((char *)pt->serv_buf + plen, "Proxy-authorization: basic %s\x0d\x0a", wsi->vhost->proxy_basic_auth_token); plen += sprintf((char *)pt->serv_buf + plen, "\x0d\x0a"); ads = wsi->vhost->http.http_proxy_address; port = wsi->vhost->http.http_proxy_port; #else if (0) { #endif #if defined(LWS_WITH_SOCKS5) /* Priority 2: Connect to SOCK5 Proxy */ } else if (wsi->vhost->socks_proxy_port) { socks_generate_msg(wsi, SOCKS_MSG_GREETING, &plen); lwsl_client("Sending SOCKS Greeting\n"); ads = wsi->vhost->socks_proxy_address; port = wsi->vhost->socks_proxy_port; #endif } else { /* Priority 3: Connect directly */ ads = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); port = wsi->c_port; } /* * prepare the actual connection * to whatever we decided to connect to */ lwsl_info("%s: %p: address %s\n", __func__, wsi, ads); n = lws_getaddrinfo46(wsi, ads, &result); #ifdef LWS_WITH_IPV6 if (wsi->ipv6) { struct sockaddr_in6 *sa6; if (n || !result) { /* lws_getaddrinfo46 failed, there is no usable result */ lwsl_notice("%s: lws_getaddrinfo46 failed %d\n", __func__, n); cce = "ipv6 lws_getaddrinfo46 failed"; goto oom4; } sa6 = ((struct sockaddr_in6 *)result->ai_addr); memset(&sa46, 0, sizeof(sa46)); sa46.sa6.sin6_family = AF_INET6; switch (result->ai_family) { case AF_INET: if (ipv6only) break; /* map IPv4 to IPv6 */ bzero((char *)&sa46.sa6.sin6_addr, sizeof(sa46.sa6.sin6_addr)); sa46.sa6.sin6_addr.s6_addr[10] = 0xff; sa46.sa6.sin6_addr.s6_addr[11] = 0xff; memcpy(&sa46.sa6.sin6_addr.s6_addr[12], &((struct sockaddr_in *)result->ai_addr)->sin_addr, sizeof(struct in_addr)); lwsl_notice("uplevelling AF_INET to AF_INET6\n"); break; case AF_INET6: memcpy(&sa46.sa6.sin6_addr, &sa6->sin6_addr, sizeof(struct in6_addr)); sa46.sa6.sin6_scope_id = sa6->sin6_scope_id; sa46.sa6.sin6_flowinfo = sa6->sin6_flowinfo; break; default: lwsl_err("Unknown address family\n"); freeaddrinfo(result); cce = "unknown address family"; goto oom4; } } else #endif /* use ipv6 */ /* use ipv4 */ { void *p = NULL; if (!n) { struct addrinfo *res = result; /* pick the first AF_INET (IPv4) result */ while (!p && res) { switch (res->ai_family) { case AF_INET: p = &((struct sockaddr_in *)res->ai_addr)->sin_addr; break; } res = res->ai_next; } #if defined(LWS_FALLBACK_GETHOSTBYNAME) } else if (n == EAI_SYSTEM) { struct hostent *host; lwsl_info("getaddrinfo (ipv4) failed, trying gethostbyname\n"); host = gethostbyname(ads); if (host) { p = host->h_addr; } else { lwsl_err("gethostbyname failed\n"); cce = "gethostbyname (ipv4) failed"; goto oom4; } #endif } else { lwsl_err("getaddrinfo failed: %d\n", n); cce = "getaddrinfo failed"; goto oom4; } if (!p) { if (result) freeaddrinfo(result); lwsl_err("Couldn't identify address\n"); cce = "unable to lookup address"; goto oom4; } sa46.sa4.sin_family = AF_INET; sa46.sa4.sin_addr = *((struct in_addr *)p); bzero(&sa46.sa4.sin_zero, 8); } if (result) freeaddrinfo(result); #if defined(LWS_WITH_UNIX_SOCK) ads_known: #endif /* now we decided on ipv4 or ipv6, set the port */ if (!lws_socket_is_valid(wsi->desc.sockfd)) { if (wsi->context->event_loop_ops->check_client_connect_ok && wsi->context->event_loop_ops->check_client_connect_ok(wsi)) { cce = "waiting for event loop watcher to close"; goto oom4; } #if defined(LWS_WITH_UNIX_SOCK) if (unix_skt) { wsi->unix_skt = 1; wsi->desc.sockfd = socket(AF_UNIX, SOCK_STREAM, 0); } else #endif { #ifdef LWS_WITH_IPV6 if (wsi->ipv6) wsi->desc.sockfd = socket(AF_INET6, SOCK_STREAM, 0); else #endif wsi->desc.sockfd = socket(AF_INET, SOCK_STREAM, 0); } if (!lws_socket_is_valid(wsi->desc.sockfd)) { lwsl_warn("Unable to open socket\n"); cce = "unable to open socket"; goto oom4; } if (lws_plat_set_socket_options(wsi->vhost, wsi->desc.sockfd, #if defined(LWS_WITH_UNIX_SOCK) unix_skt)) { #else 0)) { #endif lwsl_err("Failed to set wsi socket options\n"); compatible_close(wsi->desc.sockfd); cce = "set socket opts failed"; goto oom4; } lwsi_set_state(wsi, LRS_WAITING_CONNECT); if (wsi->context->event_loop_ops->accept) if (wsi->context->event_loop_ops->accept(wsi)) { compatible_close(wsi->desc.sockfd); cce = "event loop accept failed"; goto oom4; } if (__insert_wsi_socket_into_fds(wsi->context, wsi)) { compatible_close(wsi->desc.sockfd); cce = "insert wsi failed"; goto oom4; } lws_change_pollfd(wsi, 0, LWS_POLLIN); /* * past here, we can't simply free the structs as error * handling as oom4 does. We have to run the whole close flow. */ if (!wsi->protocol) wsi->protocol = &wsi->vhost->protocols[0]; wsi->protocol->callback(wsi, LWS_CALLBACK_WSI_CREATE, wsi->user_space, NULL, 0); lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CONNECT_RESPONSE, AWAITING_TIMEOUT); iface = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_IFACE); if (iface) { n = lws_socket_bind(wsi->vhost, wsi->desc.sockfd, 0, iface); if (n < 0) { cce = "unable to bind socket"; goto failed; } } } #if defined(LWS_WITH_UNIX_SOCK) if (unix_skt) { psa = (const struct sockaddr *)&sau; n = sizeof(sau); } else #endif { #ifdef LWS_WITH_IPV6 if (wsi->ipv6) { sa46.sa6.sin6_port = htons(port); n = sizeof(struct sockaddr_in6); psa = (const struct sockaddr *)&sa46; } else #endif { sa46.sa4.sin_port = htons(port); n = sizeof(struct sockaddr); psa = (const struct sockaddr *)&sa46; } } if (connect(wsi->desc.sockfd, (const struct sockaddr *)psa, n) == -1 || LWS_ERRNO == LWS_EISCONN) { if (LWS_ERRNO == LWS_EALREADY || LWS_ERRNO == LWS_EINPROGRESS || LWS_ERRNO == LWS_EWOULDBLOCK #ifdef _WIN32 || LWS_ERRNO == WSAEINVAL #endif ) { lwsl_client("nonblocking connect retry (errno = %d)\n", LWS_ERRNO); if (lws_plat_check_connection_error(wsi)) { cce = "socket connect failed"; goto failed; } /* * must do specifically a POLLOUT poll to hear * about the connect completion */ if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) { cce = "POLLOUT set failed"; goto failed; } return wsi; } if (LWS_ERRNO != LWS_EISCONN) { lwsl_notice("Connect failed errno=%d\n", LWS_ERRNO); cce = "connect failed"; goto failed; } } lwsl_client("connected\n"); #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) /* we are connected to server, or proxy */ /* http proxy */ if (wsi->vhost->http.http_proxy_port) { /* * OK from now on we talk via the proxy, so connect to that * * (will overwrite existing pointer, * leaving old string/frag there but unreferenced) */ if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, wsi->vhost->http.http_proxy_address)) goto failed; wsi->c_port = wsi->vhost->http.http_proxy_port; n = send(wsi->desc.sockfd, (char *)pt->serv_buf, (int)plen, MSG_NOSIGNAL); if (n < 0) { lwsl_debug("ERROR writing to proxy socket\n"); cce = "proxy write failed"; goto failed; } lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_PROXY_RESPONSE, AWAITING_TIMEOUT); lwsi_set_state(wsi, LRS_WAITING_PROXY_REPLY); return wsi; } #endif #if defined(LWS_WITH_SOCKS5) /* socks proxy */ else if (wsi->vhost->socks_proxy_port) { n = send(wsi->desc.sockfd, (char *)pt->serv_buf, plen, MSG_NOSIGNAL); if (n < 0) { lwsl_debug("ERROR writing socks greeting\n"); cce = "socks write failed"; goto failed; } lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SOCKS_GREETING_REPLY, AWAITING_TIMEOUT); lwsi_set_state(wsi, LRS_WAITING_SOCKS_GREETING_REPLY); return wsi; } #endif #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) send_hs: if (wsi_piggyback && !lws_dll_is_null(&wsi->dll_client_transaction_queue)) { /* * We are pipelining on an already-established connection... * we can skip tls establishment. */ lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE2); /* * we can't send our headers directly, because they have to * be sent when the parent is writeable. The parent will check * for anybody on his client transaction queue that is in * LRS_H1C_ISSUE_HANDSHAKE2, and let them write. * * If we are trying to do this too early, before the master * connection has written his own headers, then it will just * wait in the queue until it's possible to send them. */ lws_callback_on_writable(wsi_piggyback); lwsl_info("%s: wsi %p: waiting to send headers (parent state %x)\n", __func__, wsi, lwsi_state(wsi_piggyback)); } else { lwsl_info("%s: wsi %p: client creating own connection\n", __func__, wsi); /* we are making our own connection */ lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE); /* * provoke service to issue the handshake directly. * * we need to do it this way because in the proxy case, this is * the next state and executed only if and when we get a good * proxy response inside the state machine... but notice in * SSL case this may not have sent anything yet with 0 return, * and won't until many retries from main loop. To stop that * becoming endless, cover with a timeout. */ lws_set_timeout(wsi, PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE, AWAITING_TIMEOUT); pfd.fd = wsi->desc.sockfd; pfd.events = LWS_POLLIN; pfd.revents = LWS_POLLIN; n = lws_service_fd(context, &pfd); if (n < 0) { cce = "first service failed"; goto failed; } if (n) /* returns 1 on failure after closing wsi */ return NULL; } #endif return wsi; oom4: if (lwsi_role_client(wsi) /* && lwsi_state_est(wsi) */) { wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_CONNECTION_ERROR, wsi->user_space, (void *)cce, strlen(cce)); wsi->already_did_cce = 1; } /* take care that we might be inserted in fds already */ if (wsi->position_in_fds_table != LWS_NO_FDS_POS) goto failed1; /* * We can't be an active client connection any more, if we thought * that was what we were going to be doing. It should be if we are * failing by oom4 path, we are still called by * lws_client_connect_via_info() and will be returning NULL to that, * so nobody else should have had a chance to queue on us. */ { struct lws_vhost *vhost = wsi->vhost; lws_vhost_lock(vhost); __lws_free_wsi(wsi); lws_vhost_unlock(vhost); } return NULL; failed: wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_CONNECTION_ERROR, wsi->user_space, (void *)cce, strlen(cce)); wsi->already_did_cce = 1; failed1: lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "client_connect2"); return NULL; }
static int rops_handle_POLLIN_raw_proxy(struct lws_context_per_thread *pt, struct lws *wsi, struct lws_pollfd *pollfd) { struct lws_tokens ebuf; int n, buffered; /* pending truncated sends have uber priority */ if (lws_has_buffered_out(wsi)) { if (!(pollfd->revents & LWS_POLLOUT)) return LWS_HPI_RET_HANDLED; /* drain the output buflist */ if (lws_issue_raw(wsi, NULL, 0) < 0) goto fail; /* * we can't afford to allow input processing to send * something new, so spin around he event loop until * he doesn't have any partials */ return LWS_HPI_RET_HANDLED; } if ((pollfd->revents & pollfd->events & LWS_POLLIN) && /* any tunnel has to have been established... */ lwsi_state(wsi) != LRS_SSL_ACK_PENDING && !(wsi->favoured_pollin && (pollfd->revents & pollfd->events & LWS_POLLOUT))) { buffered = lws_buflist_aware_read(pt, wsi, &ebuf); switch (ebuf.len) { case 0: lwsl_info("%s: read 0 len\n", __func__); wsi->seen_zero_length_recv = 1; lws_change_pollfd(wsi, LWS_POLLIN, 0); /* * we need to go to fail here, since it's the only * chance we get to understand that the socket has * closed */ // goto try_pollout; goto fail; case LWS_SSL_CAPABLE_ERROR: goto fail; case LWS_SSL_CAPABLE_MORE_SERVICE: goto try_pollout; } n = user_callback_handle_rxflow(wsi->protocol->callback, wsi, lwsi_role_client(wsi) ? LWS_CALLBACK_RAW_PROXY_CLI_RX : LWS_CALLBACK_RAW_PROXY_SRV_RX, wsi->user_space, ebuf.token, ebuf.len); if (n < 0) { lwsl_info("LWS_CALLBACK_RAW_PROXY_*_RX fail\n"); goto fail; } if (lws_buflist_aware_consume(wsi, &ebuf, ebuf.len, buffered)) return LWS_HPI_RET_PLEASE_CLOSE_ME; } else if (wsi->favoured_pollin && (pollfd->revents & pollfd->events & LWS_POLLOUT)) /* we balanced the last favouring of pollin */ wsi->favoured_pollin = 0; try_pollout: if (!(pollfd->revents & LWS_POLLOUT)) return LWS_HPI_RET_HANDLED; if (lws_handle_POLLOUT_event(wsi, pollfd)) { lwsl_debug("POLLOUT event closed it\n"); return LWS_HPI_RET_PLEASE_CLOSE_ME; } #if !defined(LWS_NO_CLIENT) if (lws_client_socket_service(wsi, pollfd, NULL)) return LWS_HPI_RET_WSI_ALREADY_DIED; #endif return LWS_HPI_RET_HANDLED; fail: lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "raw svc fail"); return LWS_HPI_RET_WSI_ALREADY_DIED; }
int lws_ws_handshake_client(struct lws *wsi, unsigned char **buf, size_t len) { unsigned char *bufin = *buf; if ((lwsi_state(wsi) != LRS_WAITING_PROXY_REPLY) && (lwsi_state(wsi) != LRS_H1C_ISSUE_HANDSHAKE) && (lwsi_state(wsi) != LRS_WAITING_SERVER_REPLY) && !lwsi_role_client(wsi)) return 0; lwsl_debug("%s: hs client feels it has %d in\n", __func__, (int)len); while (len) { /* * we were accepting input but now we stopped doing so */ if (lws_is_flowcontrolled(wsi)) { lwsl_debug("%s: caching %ld\n", __func__, (long)len); /* * Since we cached the remaining available input, we * can say we "consumed" it. * * But what about the case where the available input * came out of the rxflow cache already? If we are * effectively "putting it back in the cache", we have * to place it at the cache head, not the tail as usual. */ if (lws_rxflow_cache(wsi, *buf, 0, (int)len) == LWSRXFC_TRIMMED) { /* * we dealt with it by trimming the existing * rxflow cache HEAD to account for what we used. * * indicate we didn't use anything to the caller * so he doesn't do any consumed processing */ lwsl_info("%s: trimming inside rxflow cache\n", __func__); *buf = bufin; } else *buf += len; return 0; } #if !defined(LWS_WITHOUT_EXTENSIONS) if (wsi->ws->rx_draining_ext) { int m; lwsl_info("%s: draining ext\n", __func__); if (lwsi_role_client(wsi)) m = lws_ws_client_rx_sm(wsi, 0); else m = lws_ws_rx_sm(wsi, 0, 0); if (m < 0) return -1; continue; } #endif /* * caller will account for buflist usage by studying what * happened to *buf */ if (lws_ws_client_rx_sm(wsi, *(*buf)++)) { lwsl_notice("%s: client_rx_sm exited, DROPPING %d\n", __func__, (int)len); return -1; } len--; } // lwsl_notice("%s: finished with %ld\n", __func__, (long)len); return 0; }