/**
* @param req The original request sent
* @param res The reponse to generate
* @return An error code, 0 on success, non-zero for other errors
*/
lib::error_code validate_server_handshake_response(request_type const & req,
response_type& res) const
{
// A valid response has an HTTP 101 switching protocols code
if (res.get_status_code() != http::status_code::switching_protocols) {
return error::make_error_code(error::invalid_http_status);
}
// And the upgrade token in an upgrade header
std::string const & upgrade_header = res.get_header("Upgrade");
if (utility::ci_find_substr(upgrade_header, constants::upgrade_token,
sizeof(constants::upgrade_token)-1) == upgrade_header.end())
{
return error::make_error_code(error::missing_required_header);
}
// And the websocket token in the connection header
std::string const & con_header = res.get_header("Connection");
if (utility::ci_find_substr(con_header, constants::connection_token,
sizeof(constants::connection_token)-1) == con_header.end())
{
return error::make_error_code(error::missing_required_header);
}
// And has a valid Sec-WebSocket-Accept value
std::string key = req.get_header("Sec-WebSocket-Key");
lib::error_code ec = process_handshake_key(key);
if (ec || key != res.get_header("Sec-WebSocket-Accept")) {
return error::make_error_code(error::missing_required_header);
}
return lib::error_code();
}
bool on_read(std::size_t) {
nrpe::packet packet = nrpe::packet(&buffer_[0], static_cast<unsigned int>(buffer_.size()));
if (packet.getType() == nrpe::data::moreResponsePacket)
set_state(has_more);
else
set_state(connected);
responses_.push_back(packet);
return true;
}
/* TODO: the 'subprotocol' parameter may need to be expanded into a more
* generic struct if other user input parameters to the processed handshake
* are found.
*/
lib::error_code process_handshake(request_type const & request,
std::string const & subprotocol, response_type & response) const
{
std::string server_key = request.get_header("Sec-WebSocket-Key");
lib::error_code ec = process_handshake_key(server_key);
if (ec) {
return ec;
}
response.replace_header("Sec-WebSocket-Accept",server_key);
response.append_header("Upgrade",constants::upgrade_token);
response.append_header("Connection",constants::connection_token);
if (!subprotocol.empty()) {
response.replace_header("Sec-WebSocket-Protocol",subprotocol);
}
return lib::error_code();
}
lib::error_code process_handshake(request_type const & req,
std::string const & subprotocol, response_type & res) const
{
std::array<char, 16> key_final;
// copy key1 into final key
decode_client_key(req.get_header("Sec-WebSocket-Key1"), &key_final[0]);
// copy key2 into final key
decode_client_key(req.get_header("Sec-WebSocket-Key2"), &key_final[4]);
// copy key3 into final key
// key3 should be exactly 8 bytes. If it is more it will be truncated
// if it is less the final key will almost certainly be wrong.
// TODO: decide if it is best to silently fail here or produce some sort
// of warning or exception.
const std::string& key3 = req.get_header("Sec-WebSocket-Key3");
auto sz = std::min(size_t(8), key3.size());
std::copy(key3.begin(),
key3.begin() + sz,
key_final.begin() + 8);
res.append_header(
"Sec-WebSocket-Key3",
md5::md5_hash_string(std::string(key_final.begin(), key_final.end()))
);
res.append_header("Upgrade","WebSocket");
res.append_header("Connection","Upgrade");
// Echo back client's origin unless our local application set a
// more restrictive one.
if (res.get_header("Sec-WebSocket-Origin") == "") {
res.append_header("Sec-WebSocket-Origin",req.get_header("Origin"));
}
// Echo back the client's request host unless our local application
// set a different one.
if (res.get_header("Sec-WebSocket-Location") == "") {
uri_ptr uri = get_uri(req);
res.append_header("Sec-WebSocket-Location",uri->str());
}
if (subprotocol != "") {
res.replace_header("Sec-WebSocket-Protocol",subprotocol);
}
return lib::error_code();
}
std::string get_raw(response_type const & res) const {
return res.raw();
}
std::string get_raw(response_type const & res) const {
response_type temp = res;
temp.remove_header("Sec-WebSocket-Key3");
return temp.raw() + res.get_header("Sec-WebSocket-Key3");
}
