int lws_client_socket_service(struct libwebsocket_context *context,
struct libwebsocket *wsi, struct pollfd *pollfd)
{
int n;
char *p = (char *)&context->service_buffer[0];
int len;
char c;
switch (wsi->mode) {
case LWS_CONNMODE_WS_CLIENT_WAITING_CONNECT:
/*
* we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE
* timeout protection set in client-handshake.c
*/
if (__libwebsocket_client_connect_2(context, wsi) == NULL) {
/* closed */
lwsl_client("closed\n");
return -1;
}
/* either still pending connection, or changed mode */
return 0;
case LWS_CONNMODE_WS_CLIENT_WAITING_PROXY_REPLY:
/* handle proxy hung up on us */
if (pollfd->revents & (POLLERR | POLLHUP)) {
lwsl_warn("Proxy connection %p (fd=%d) dead\n",
(void *)wsi, pollfd->fd);
libwebsocket_close_and_free_session(context, wsi,
LWS_CLOSE_STATUS_NOSTATUS);
return 0;
}
n = recv(wsi->sock, context->service_buffer,
sizeof(context->service_buffer), 0);
if (n < 0) {
libwebsocket_close_and_free_session(context, wsi,
LWS_CLOSE_STATUS_NOSTATUS);
lwsl_err("ERROR reading from proxy socket\n");
return 0;
}
context->service_buffer[13] = '\0';
if (strcmp((char *)context->service_buffer, "HTTP/1.0 200 ")) {
libwebsocket_close_and_free_session(context, wsi,
LWS_CLOSE_STATUS_NOSTATUS);
lwsl_err("ERROR proxy: %s\n", context->service_buffer);
return 0;
}
/* clear his proxy connection timeout */
libwebsocket_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
/* fallthru */
case LWS_CONNMODE_WS_CLIENT_ISSUE_HANDSHAKE:
/*
* we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE
* timeout protection set in client-handshake.c
*/
#ifdef LWS_OPENSSL_SUPPORT
/*
* take care of our libwebsocket_callback_on_writable
* happening at a time when there's no real connection yet
*/
pollfd->events &= ~POLLOUT;
/* external POLL support via protocol 0 */
context->protocols[0].callback(context, wsi,
LWS_CALLBACK_CLEAR_MODE_POLL_FD,
wsi->user_space, (void *)(long)wsi->sock, POLLOUT);
/* we can retry this... just cook the SSL BIO the first time */
if (wsi->use_ssl && !wsi->ssl) {
wsi->ssl = SSL_new(context->ssl_client_ctx);
#ifdef USE_CYASSL
/*
* CyaSSL does certificate verification differently
* from OpenSSL.
* If we should ignore the certificate, we need to set
* this before SSL_new and SSL_connect is called.
* Otherwise the connect will simply fail with error
* code -155
*/
if (wsi->use_ssl == 2)
CyaSSL_set_verify(wsi->ssl,
SSL_VERIFY_NONE, NULL);
#endif /* USE_CYASSL */
wsi->client_bio =
BIO_new_socket(wsi->sock, BIO_NOCLOSE);
SSL_set_bio(wsi->ssl, wsi->client_bio, wsi->client_bio);
#ifdef USE_CYASSL
CyaSSL_set_using_nonblock(wsi->ssl, 1);
#else
BIO_set_nbio(wsi->client_bio, 1); /* nonblocking */
#endif
SSL_set_ex_data(wsi->ssl,
openssl_websocket_private_data_index,
context);
}
if (wsi->use_ssl) {
lws_latency_pre(context, wsi);
n = SSL_connect(wsi->ssl);
lws_latency(context, wsi,
"SSL_connect LWS_CONNMODE_WS_CLIENT_ISSUE_HANDSHAKE",
n, n > 0);
if (n < 0) {
n = SSL_get_error(wsi->ssl, n);
if (n == SSL_ERROR_WANT_READ ||
n == SSL_ERROR_WANT_WRITE) {
/*
* wants us to retry connect due to
* state of the underlying ssl layer...
* but since it may be stalled on
* blocked write, no incoming data may
* arrive to trigger the retry.
* Force (possibly many times if the SSL
* state persists in returning the
* condition code, but other sockets
* are getting serviced inbetweentimes)
* us to get called back when writable.
*/
lwsl_info(
"SSL_connect WANT_... retrying\n");
libwebsocket_callback_on_writable(
context, wsi);
return 0; /* no error */
}
n = -1;
}
if (n <= 0) {
/*
* retry if new data comes until we
* run into the connection timeout or win
*/
lwsl_err("SSL connect error %lu: %s\n",
ERR_get_error(),
ERR_error_string(ERR_get_error(),
(char *)context->service_buffer));
return 0;
}
#ifndef USE_CYASSL
/*
* See comment above about CyaSSL certificate
* verification
*/
lws_latency_pre(context, wsi);
n = SSL_get_verify_result(wsi->ssl);
lws_latency(context, wsi,
"SSL_get_verify_result LWS_CONNMODE..HANDSHAKE",
n, n > 0);
if ((n != X509_V_OK) && (
n != X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT ||
wsi->use_ssl != 2)) {
lwsl_err(
"server's cert didn't look good %d\n", n);
libwebsocket_close_and_free_session(context,
wsi, LWS_CLOSE_STATUS_NOSTATUS);
return 0;
}
#endif /* USE_CYASSL */
} else
wsi->ssl = NULL;
#endif
p = libwebsockets_generate_client_handshake(context, wsi, p);
if (p == NULL) {
lwsl_err("Failed to generate handshake for client\n");
libwebsocket_close_and_free_session(context, wsi,
LWS_CLOSE_STATUS_NOSTATUS);
return 0;
}
/* send our request to the server */
lws_latency_pre(context, wsi);
#ifdef LWS_OPENSSL_SUPPORT
if (wsi->use_ssl)
n = SSL_write(wsi->ssl, context->service_buffer,
p - (char *)context->service_buffer);
else
#endif
n = send(wsi->sock, context->service_buffer,
p - (char *)context->service_buffer, MSG_NOSIGNAL);
lws_latency(context, wsi,
"send or SSL_write LWS_CONNMODE...HANDSHAKE",
n, n >= 0);
if (n < 0) {
lwsl_debug("ERROR writing to client socket\n");
libwebsocket_close_and_free_session(context, wsi,
LWS_CLOSE_STATUS_NOSTATUS);
return 0;
}
wsi->u.hdr.parser_state = WSI_TOKEN_NAME_PART;
wsi->u.hdr.lextable_pos = 0;
wsi->mode = LWS_CONNMODE_WS_CLIENT_WAITING_SERVER_REPLY;
libwebsocket_set_timeout(wsi,
PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE,
AWAITING_TIMEOUT);
break;
case LWS_CONNMODE_WS_CLIENT_WAITING_SERVER_REPLY:
/* handle server hung up on us */
if (pollfd->revents & (POLLERR | POLLHUP)) {
lwsl_debug("Server connection %p (fd=%d) dead\n",
(void *)wsi, pollfd->fd);
goto bail3;
}
if (!(pollfd->revents & POLLIN))
break;
/* interpret the server response */
/*
* HTTP/1.1 101 Switching Protocols
* Upgrade: websocket
* Connection: Upgrade
* Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo=
* Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC==
* Sec-WebSocket-Protocol: chat
*/
/*
* we have to take some care here to only take from the
* socket bytewise. The browser may (and has been seen to
* in the case that onopen() performs websocket traffic)
* coalesce both handshake response and websocket traffic
* in one packet, since at that point the connection is
* definitively ready from browser pov.
*/
len = 1;
while (wsi->u.hdr.parser_state != WSI_PARSING_COMPLETE &&
len > 0) {
#ifdef LWS_OPENSSL_SUPPORT
if (wsi->use_ssl) {
len = SSL_read(wsi->ssl, &c, 1);
if (len < 0) {
n = SSL_get_error(wsi->ssl, len);
if (n == SSL_ERROR_WANT_READ ||
n == SSL_ERROR_WANT_WRITE)
return 0;
}
} else
#endif
len = recv(wsi->sock, &c, 1, 0);
if (len < 0) {
lwsl_warn("error on parsing recv\n");
goto bail3;
}
if (libwebsocket_parse(wsi, c)) {
lwsl_warn("problems parsing header\n");
goto bail3;
}
}
/*
* hs may also be coming in multiple packets, there is a 5-sec
* libwebsocket timeout still active here too, so if parsing did
* not complete just wait for next packet coming in this state
*/
if (wsi->u.hdr.parser_state != WSI_PARSING_COMPLETE)
break;
/*
* otherwise deal with the handshake. If there's any
* packet traffic already arrived we'll trigger poll() again
* right away and deal with it that way
*/
return lws_client_interpret_server_handshake(context, wsi);
bail3:
lwsl_info(
"closing connection at LWS_CONNMODE...SERVER_REPLY\n");
libwebsocket_close_and_free_session(context, wsi,
LWS_CLOSE_STATUS_NOSTATUS);
return -1;
case LWS_CONNMODE_WS_CLIENT_WAITING_EXTENSION_CONNECT:
lwsl_ext("LWS_CONNMODE_WS_CLIENT_WAITING_EXTENSION_CONNECT\n");
break;
case LWS_CONNMODE_WS_CLIENT_PENDING_CANDIDATE_CHILD:
lwsl_ext("LWS_CONNMODE_WS_CLIENT_PENDING_CANDIDATE_CHILD\n");
break;
default:
break;
}
return 0;
}
struct libwebsocket *
libwebsocket_client_connect(struct libwebsocket_context *context,
const char *address,
int port,
int ssl_connection,
const char *path,
const char *host,
const char *origin,
const char *protocol,
int ietf_version_or_minus_one)
{
struct libwebsocket *wsi;
int n;
int m;
struct libwebsocket_extension *ext;
int handled;
#ifndef LWS_OPENSSL_SUPPORT
if (ssl_connection) {
lws_log(LWS_LOG_WARNING, "libwebsockets not configured for ssl");
return NULL;
}
#endif
wsi = malloc(sizeof(struct libwebsocket));
if (wsi == NULL)
goto bail1;
memset(wsi, 0, sizeof *wsi);
/* -1 means just use latest supported */
if (ietf_version_or_minus_one == -1)
ietf_version_or_minus_one = SPEC_LATEST_SUPPORTED;
wsi->ietf_spec_revision = ietf_version_or_minus_one;
wsi->name_buffer_pos = 0;
wsi->user_space = NULL;
wsi->is_user_space_external = 0;
wsi->state = WSI_STATE_CLIENT_UNCONNECTED;
wsi->pings_vs_pongs = 0;
wsi->protocol = NULL;
wsi->pending_timeout = NO_PENDING_TIMEOUT;
wsi->count_active_extensions = 0;
#ifdef LWS_OPENSSL_SUPPORT
wsi->use_ssl = ssl_connection;
#endif
wsi->c_port = port;
wsi->c_address = strdup(address);
/* copy parameters over so state machine has access */
wsi->c_path = malloc(strlen(path) + 1);
if (wsi->c_path == NULL)
goto bail1;
strcpy(wsi->c_path, path);
wsi->c_host = malloc(strlen(host) + 1);
if (wsi->c_host == NULL)
goto oom1;
strcpy(wsi->c_host, host);
if (origin) {
wsi->c_origin = malloc(strlen(origin) + 1);
strcpy(wsi->c_origin, origin);
if (wsi->c_origin == NULL)
goto oom2;
} else
wsi->c_origin = NULL;
wsi->c_callback = NULL;
if (protocol) {
const char *pc;
struct libwebsocket_protocols *pp;
wsi->c_protocol = malloc(strlen(protocol) + 1);
if (wsi->c_protocol == NULL)
goto oom3;
strcpy(wsi->c_protocol, protocol);
pc = protocol;
while (*pc && *pc != ',')
pc++;
n = pc - protocol;
pp = context->protocols;
while (pp->name && !wsi->c_callback) {
if (!strncmp(protocol, pp->name, n))
wsi->c_callback = pp->callback;
pp++;
}
} else
wsi->c_protocol = NULL;
if (!wsi->c_callback)
wsi->c_callback = context->protocols[0].callback;
/* set up appropriate masking */
wsi->xor_mask = xor_no_mask;
switch (wsi->ietf_spec_revision) {
case 0:
break;
case 4:
wsi->xor_mask = xor_mask_04;
break;
case 5:
case 6:
case 7:
case 8:
case 13:
wsi->xor_mask = xor_mask_05;
break;
default:
lws_log(LWS_LOG_WARNING,
"Client ietf version %d not supported",
wsi->ietf_spec_revision);
goto oom4;
}
/* force no mask if he asks for that though */
if (context->options & LWS_SERVER_OPTION_DEFEAT_CLIENT_MASK)
wsi->xor_mask = xor_no_mask;
for (n = 0; n < WSI_TOKEN_COUNT; n++) {
wsi->utf8_token[n].token = NULL;
wsi->utf8_token[n].token_len = 0;
}
/*
* Check with each extension if it is able to route and proxy this
* connection for us. For example, an extension like x-google-mux
* can handle this and then we don't need an actual socket for this
* connection.
*/
handled = 0;
ext = context->extensions;
n = 0;
while (ext && ext->callback && !handled) {
m = ext->callback(context, ext, wsi,
LWS_EXT_CALLBACK_CAN_PROXY_CLIENT_CONNECTION,
(void *)(long)n, (void *)address, port);
if (m)
handled = 1;
ext++;
n++;
}
if (handled) {
lws_log(LWS_LOG_DEBUG, "libwebsocket_client_connect: "
"ext handling conn");
libwebsocket_set_timeout(wsi,
PENDING_TIMEOUT_AWAITING_EXTENSION_CONNECT_RESPONSE, AWAITING_TIMEOUT);
wsi->mode = LWS_CONNMODE_WS_CLIENT_WAITING_EXTENSION_CONNECT;
return wsi;
}
lws_log(LWS_LOG_DEBUG, "libwebsocket_client_connect: direct conn");
return __libwebsocket_client_connect_2(context, wsi);
oom4:
if (wsi->c_protocol)
free(wsi->c_protocol);
oom3:
if (wsi->c_origin)
free(wsi->c_origin);
oom2:
free(wsi->c_host);
oom1:
free(wsi->c_path);
bail1:
free(wsi);
return NULL;
}
struct libwebsocket *
libwebsocket_client_connect(struct libwebsocket_context *context,
const char *address,
int port,
int ssl_connection,
const char *path,
const char *host,
const char *origin,
const char *protocol,
int ietf_version_or_minus_one)
{
struct libwebsocket *wsi;
#ifndef LWS_NO_EXTENSIONS
int n;
int m;
struct libwebsocket_extension *ext;
int handled;
#endif
#ifndef LWS_OPENSSL_SUPPORT
if (ssl_connection) {
lwsl_err("libwebsockets not configured for ssl\n");
return NULL;
}
#endif
wsi = (struct libwebsocket *) malloc(sizeof(struct libwebsocket));
if (wsi == NULL)
goto bail;
memset(wsi, 0, sizeof(*wsi));
/* -1 means just use latest supported */
if (ietf_version_or_minus_one == -1)
ietf_version_or_minus_one = SPEC_LATEST_SUPPORTED;
wsi->ietf_spec_revision = ietf_version_or_minus_one;
wsi->user_space = NULL;
wsi->state = WSI_STATE_CLIENT_UNCONNECTED;
wsi->protocol = NULL;
wsi->pending_timeout = NO_PENDING_TIMEOUT;
#ifndef LWS_NO_EXTENSIONS
wsi->count_active_extensions = 0;
#endif
#ifdef LWS_OPENSSL_SUPPORT
wsi->use_ssl = ssl_connection;
#endif
if (lws_allocate_header_table(wsi))
goto bail;
/*
* we're not necessarily in a position to action these right away,
* stash them... we only need during connect phase so u.hdr is fine
*/
wsi->u.hdr.ah->c_port = port;
if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, address))
goto bail1;
/* these only need u.hdr lifetime as well */
if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_URI, path))
goto bail1;
if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_HOST, host))
goto bail1;
if (origin)
if (lws_hdr_simple_create(wsi,
_WSI_TOKEN_CLIENT_ORIGIN, origin))
goto bail1;
/*
* this is a list of protocols we tell the server we're okay with
* stash it for later when we compare server response with it
*/
if (protocol)
if (lws_hdr_simple_create(wsi,
_WSI_TOKEN_CLIENT_SENT_PROTOCOLS, protocol))
goto bail1;
wsi->protocol = &context->protocols[0];
#ifndef LWS_NO_EXTENSIONS
/*
* Check with each extension if it is able to route and proxy this
* connection for us. For example, an extension like x-google-mux
* can handle this and then we don't need an actual socket for this
* connection.
*/
handled = 0;
ext = context->extensions;
n = 0;
while (ext && ext->callback && !handled) {
m = ext->callback(context, ext, wsi,
LWS_EXT_CALLBACK_CAN_PROXY_CLIENT_CONNECTION,
(void *)(long)n, (void *)address, port);
if (m)
handled = 1;
ext++;
n++;
}
if (handled) {
lwsl_client("libwebsocket_client_connect: ext handling conn\n");
libwebsocket_set_timeout(wsi,
PENDING_TIMEOUT_AWAITING_EXTENSION_CONNECT_RESPONSE,
AWAITING_TIMEOUT);
wsi->mode = LWS_CONNMODE_WS_CLIENT_WAITING_EXTENSION_CONNECT;
return wsi;
}
#endif
lwsl_client("libwebsocket_client_connect: direct conn\n");
return __libwebsocket_client_connect_2(context, wsi);
bail1:
free(wsi->u.hdr.ah);
bail:
free(wsi);
return NULL;
}