static signed char
cb_authz(struct lejp_ctx *ctx, char reason)
{
struct acme_connection *s = (struct acme_connection *)ctx->user;
if (reason == LEJPCB_CONSTRUCTED) {
s->yes = 0;
s->use = 0;
s->chall_token[0] = '\0';
s->is_sni_02 = 0;
}
if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match)
return 0;
switch (ctx->path_match - 1) {
case JAAZ_ID_TYPE:
break;
case JAAZ_ID_VALUE:
break;
case JAAZ_STATUS:
break;
case JAAZ_EXPIRES:
break;
case JAAZ_DETAIL:
lws_snprintf(s->detail, sizeof(s->detail), "%s", ctx->buf);
break;
case JAAZ_CHALLENGES_TYPE:
if (s->is_sni_02)
break;
s->use = !strcmp(ctx->buf, "tls-sni-01") ||
!strcmp(ctx->buf, "tls-sni-02");
s->is_sni_02 = !strcmp(ctx->buf, "tls-sni-02");
break;
case JAAZ_CHALLENGES_STATUS:
lws_strncpy(s->status, ctx->buf, sizeof(s->status));
break;
case JAAZ_CHALLENGES_URI:
if (s->use) {
lws_strncpy(s->challenge_uri, ctx->buf,
sizeof(s->challenge_uri));
s->yes |= 2;
}
break;
case JAAZ_CHALLENGES_TOKEN:
lwsl_notice("JAAZ_CHALLENGES_TOKEN: %s %d\n", ctx->buf, s->use);
if (s->use) {
lws_strncpy(s->chall_token, ctx->buf,
sizeof(s->chall_token));
s->yes |= 1;
}
break;
}
return 0;
}
/*
* Notice: trashes i and url
*/
static struct lws *
lws_acme_client_connect(struct lws_context *context, struct lws_vhost *vh,
struct lws **pwsi, struct lws_client_connect_info *i,
char *url, const char *method)
{
const char *prot, *p;
char path[200], _url[256];
struct lws *wsi;
memset(i, 0, sizeof(*i));
i->port = 443;
lws_strncpy(_url, url, sizeof(_url));
if (lws_parse_uri(_url, &prot, &i->address, &i->port, &p)) {
lwsl_err("unable to parse uri %s\n", url);
return NULL;
}
/* add back the leading / on path */
path[0] = '/';
lws_strncpy(path + 1, p, sizeof(path) - 1);
i->path = path;
i->context = context;
i->vhost = vh;
i->ssl_connection = 1;
i->host = i->address;
i->origin = i->address;
i->method = method;
i->pwsi = pwsi;
i->protocol = "lws-acme-client";
wsi = lws_client_connect_via_info(i);
if (!wsi) {
lws_snprintf(path, sizeof(path) - 1,
"Unable to connect to %s", url);
lwsl_notice("%s: %s\n", __func__, path);
lws_acme_report_status(vh, LWS_CUS_FAILED, path);
}
return wsi;
}
static signed char
cb_chac(struct lejp_ctx *ctx, char reason)
{
struct acme_connection *s = (struct acme_connection *)ctx->user;
if (reason == LEJPCB_CONSTRUCTED) {
s->yes = 0;
s->use = 0;
}
if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match)
return 0;
switch (ctx->path_match - 1) {
case JCAC_TYPE:
if (strcmp(ctx->buf, "tls-sni-01") &&
strcmp(ctx->buf, "tls-sni-02"))
return 1;
break;
case JCAC_STATUS:
lws_strncpy(s->status, ctx->buf, sizeof(s->status));
break;
case JCAC_URI:
s->yes |= 2;
break;
case JCAC_TOKEN:
lws_strncpy(s->chall_token, ctx->buf,
sizeof(s->chall_token));
s->yes |= 1;
break;
case JCAC_DETAIL:
lws_snprintf(s->detail, sizeof(s->detail), "%s", ctx->buf);
break;
}
return 0;
}
int main(int argc, const char **argv)
{
struct lws_context_creation_info info;
struct lws_context *context;
const char *p;
int n = 0, logs = LLL_USER | LLL_ERR | LLL_WARN | LLL_NOTICE
/* for LLL_ verbosity above NOTICE to be built into lws,
* lws must have been configured and built with
* -DCMAKE_BUILD_TYPE=DEBUG instead of =RELEASE */
/* | LLL_INFO */ /* | LLL_PARSER */ /* | LLL_HEADER */
/* | LLL_EXT */ /* | LLL_CLIENT */ /* | LLL_LATENCY */
/* | LLL_DEBUG */;
signal(SIGINT, sigint_handler);
if ((p = lws_cmdline_option(argc, argv, "-d")))
logs = atoi(p);
lws_set_log_level(logs, NULL);
lwsl_user("LWS minimal raw file\n");
if (argc < 2) {
lwsl_user("Usage: %s <file to monitor> "
" eg, /dev/ttyUSB0 or /dev/input/event0 or "
"/proc/self/fd/0\n", argv[0]);
return 1;
}
signal(SIGINT, sigint_handler);
memset(&info, 0, sizeof info); /* otherwise uninitialized garbage */
info.port = CONTEXT_PORT_NO_LISTEN_SERVER; /* no listen socket for demo */
info.protocols = protocols;
lws_strncpy(filepath, argv[1], sizeof(filepath));
context = lws_create_context(&info);
if (!context) {
lwsl_err("lws init failed\n");
return 1;
}
while (n >= 0 && !interrupted)
n = lws_service(context, 1000);
lws_context_destroy(context);
return 0;
}
static int
file_upload_cb(void *data, const char *name, const char *filename,
char *buf, int len, enum lws_spa_fileupload_states state)
{
struct pss *pss = (struct pss *)data;
switch (state) {
case LWS_UFS_OPEN:
/* take a copy of the provided filename */
lws_strncpy(pss->filename, filename, sizeof(pss->filename) - 1);
/* remove any scary things like .. */
lws_filename_purify_inplace(pss->filename);
/* open a file of that name for write in the cwd */
pss->fd = lws_open(pss->filename, O_CREAT | O_TRUNC | O_RDWR, 0600);
if (pss->fd == LWS_INVALID_FILE) {
lwsl_notice("Failed to open output file %s\n",
pss->filename);
return 1;
}
break;
case LWS_UFS_FINAL_CONTENT:
case LWS_UFS_CONTENT:
if (len) {
int n;
pss->file_length += len;
n = write(pss->fd, buf, len);
if (n < len) {
lwsl_notice("Problem writing file %d\n", errno);
}
}
if (state == LWS_UFS_CONTENT)
/* wasn't the last part of the file */
break;
/* the file upload is completed */
lwsl_user("%s: upload done, written %lld to %s\n", __func__,
pss->file_length, pss->filename);
close(pss->fd);
pss->fd = LWS_INVALID_FILE;
break;
}
return 0;
}
char* lws_ssl_get_error_string(int status, int ret, char *buf, size_t len) {
switch (status) {
case SSL_ERROR_NONE:
return lws_strncpy(buf, "SSL_ERROR_NONE", len);
case SSL_ERROR_ZERO_RETURN:
return lws_strncpy(buf, "SSL_ERROR_ZERO_RETURN", len);
case SSL_ERROR_WANT_READ:
return lws_strncpy(buf, "SSL_ERROR_WANT_READ", len);
case SSL_ERROR_WANT_WRITE:
return lws_strncpy(buf, "SSL_ERROR_WANT_WRITE", len);
case SSL_ERROR_WANT_CONNECT:
return lws_strncpy(buf, "SSL_ERROR_WANT_CONNECT", len);
case SSL_ERROR_WANT_ACCEPT:
return lws_strncpy(buf, "SSL_ERROR_WANT_ACCEPT", len);
case SSL_ERROR_WANT_X509_LOOKUP:
return lws_strncpy(buf, "SSL_ERROR_WANT_X509_LOOKUP", len);
case SSL_ERROR_SYSCALL:
switch (ret) {
case 0:
lws_snprintf(buf, len, "SSL_ERROR_SYSCALL: EOF");
return buf;
case -1:
#ifndef LWS_PLAT_OPTEE
lws_snprintf(buf, len, "SSL_ERROR_SYSCALL: %s",
strerror(errno));
#else
lws_snprintf(buf, len, "SSL_ERROR_SYSCALL: %d", errno);
#endif
return buf;
default:
return strncpy(buf, "SSL_ERROR_SYSCALL", len);
}
case SSL_ERROR_SSL:
return "SSL_ERROR_SSL";
default:
return "SSL_ERROR_UNKNOWN";
}
}
int
lws_uv_plugins_init(struct lws_context *context, const char * const *d)
{
struct lws_plugin_capability lcaps;
struct lws_plugin *plugin;
lws_plugin_init_func initfunc;
int m, ret = 0;
void *v;
uv_dirent_t dent;
uv_fs_t req;
char path[256];
uv_lib_t lib;
int pofs = 0;
#if defined(__MINGW32__) || !defined(WIN32)
pofs = 3;
#endif
lib.errmsg = NULL;
lib.handle = NULL;
uv_loop_init(&context->uv.loop);
lwsl_notice(" Plugins:\n");
while (d && *d) {
lwsl_notice(" Scanning %s\n", *d);
m =uv_fs_scandir(&context->uv.loop, &req, *d, 0, NULL);
if (m < 1) {
lwsl_err("Scandir on %s failed\n", *d);
return 1;
}
while (uv_fs_scandir_next(&req, &dent) != UV_EOF) {
if (strlen(dent.name) < 7)
continue;
lwsl_notice(" %s\n", dent.name);
lws_snprintf(path, sizeof(path) - 1, "%s/%s", *d,
dent.name);
if (uv_dlopen(path, &lib)) {
uv_dlerror(&lib);
lwsl_err("Error loading DSO: %s\n", lib.errmsg);
uv_dlclose(&lib);
goto bail;
}
/* we could open it, can we get his init function? */
#if !defined(WIN32) && !defined(__MINGW32__)
m = lws_snprintf(path, sizeof(path) - 1, "init_%s",
dent.name + pofs /* snip lib... */);
path[m - 3] = '\0'; /* snip the .so */
#else
m = lws_snprintf(path, sizeof(path) - 1, "init_%s",
dent.name + pofs);
path[m - 4] = '\0'; /* snip the .dll */
#endif
if (uv_dlsym(&lib, path, &v)) {
uv_dlerror(&lib);
lwsl_err("Failed to get %s on %s: %s", path,
dent.name, lib.errmsg);
uv_dlclose(&lib);
goto bail;
}
initfunc = (lws_plugin_init_func)v;
lcaps.api_magic = LWS_PLUGIN_API_MAGIC;
m = initfunc(context, &lcaps);
if (m) {
lwsl_err("Init %s failed %d\n", dent.name, m);
goto skip;
}
plugin = lws_malloc(sizeof(*plugin), "plugin");
if (!plugin) {
uv_dlclose(&lib);
lwsl_err("OOM\n");
goto bail;
}
plugin->list = context->plugin_list;
context->plugin_list = plugin;
lws_strncpy(plugin->name, dent.name, sizeof(plugin->name));
plugin->lib = lib;
plugin->caps = lcaps;
context->plugin_protocol_count += lcaps.count_protocols;
context->plugin_extension_count += lcaps.count_extensions;
continue;
skip:
uv_dlclose(&lib);
}
bail:
uv_fs_req_cleanup(&req);
d++;
}
return ret;
}
static int
callback_raw_test(struct lws *wsi, enum lws_callback_reasons reason,
void *user, void *in, size_t len)
{
struct per_session_data__raw_test *pss =
(struct per_session_data__raw_test *)user;
struct per_vhost_data__raw_test *vhd =
(struct per_vhost_data__raw_test *)
lws_protocol_vh_priv_get(lws_get_vhost(wsi),
lws_get_protocol(wsi));
lws_sock_file_fd_type u;
(void)pss;
switch (reason) {
case LWS_CALLBACK_PROTOCOL_INIT:
vhd = lws_protocol_vh_priv_zalloc(lws_get_vhost(wsi),
lws_get_protocol(wsi),
sizeof(struct per_vhost_data__raw_test));
vhd->context = lws_get_context(wsi);
vhd->protocol = lws_get_protocol(wsi);
vhd->vhost = lws_get_vhost(wsi);
{
const struct lws_protocol_vhost_options *pvo =
(const struct lws_protocol_vhost_options *)in;
while (pvo) {
if (!strcmp(pvo->name, "fifo-path"))
lws_strncpy(vhd->fifo_path, pvo->value,
sizeof(vhd->fifo_path));
pvo = pvo->next;
}
if (vhd->fifo_path[0] == '\0') {
lwsl_err("%s: Missing pvo \"fifo-path\", raw file fd testing disabled\n", __func__);
break;
}
}
unlink(vhd->fifo_path);
if (mkfifo(vhd->fifo_path, 0666)) {
lwsl_err("mkfifo failed\n");
return 1;
}
vhd->fifo = lws_open(vhd->fifo_path, O_NONBLOCK | O_RDONLY);
if (vhd->fifo == -1) {
lwsl_err("opening fifo failed\n");
unlink(vhd->fifo_path);
return 1;
}
lwsl_notice("FIFO %s created\n", vhd->fifo_path);
u.filefd = vhd->fifo;
if (!lws_adopt_descriptor_vhost(vhd->vhost,
LWS_ADOPT_RAW_FILE_DESC, u,
"protocol-lws-raw-test",
NULL)) {
lwsl_err("Failed to adopt fifo descriptor\n");
close(vhd->fifo);
unlink(vhd->fifo_path);
return 1;
}
break;
case LWS_CALLBACK_PROTOCOL_DESTROY:
if (!vhd)
break;
if (vhd->fifo >= 0) {
close(vhd->fifo);
unlink(vhd->fifo_path);
}
break;
/*
* Callbacks related to Raw file descriptor testing
*/
case LWS_CALLBACK_RAW_ADOPT_FILE:
lwsl_notice("LWS_CALLBACK_RAW_ADOPT_FILE\n");
break;
case LWS_CALLBACK_RAW_RX_FILE:
lwsl_notice("LWS_CALLBACK_RAW_RX_FILE\n");
{
char buf[256];
int n;
n = read(vhd->fifo, buf, sizeof(buf) - 1);
if (n < 0) {
lwsl_err("FIFO read failed\n");
return 1;
}
/*
* When nobody opened the other side of the FIFO, the FIFO fd acts well and
* only signals POLLIN when somebody opened and wrote to it.
*
* But if the other side of the FIFO closed it, we will see an endless
* POLLIN and 0 available to read.
*
* The only way to handle it is to reopen the FIFO our side and wait for a
* new peer. This is a quirk of FIFOs not of LWS.
*/
if (n == 0) { /* peer closed - do reopen in close processing */
vhd->zero_length_read = 1;
return 1;
}
buf[n] = '\0';
lwsl_info("read %d\n", n);
puts(buf);
}
break;
case LWS_CALLBACK_RAW_CLOSE_FILE:
lwsl_notice("LWS_CALLBACK_RAW_CLOSE_FILE\n");
if (vhd->zero_length_read) {
vhd->zero_length_read = 0;
close(vhd->fifo);
/* the wsi that adopted the fifo file is closing... reopen the fifo and readopt */
vhd->fifo = lws_open(vhd->fifo_path, O_NONBLOCK | O_RDONLY);
if (vhd->fifo == -1) {
lwsl_err("opening fifo failed\n");
return 1;
}
lwsl_notice("FIFO %s reopened\n", vhd->fifo_path);
u.filefd = vhd->fifo;
if (!lws_adopt_descriptor_vhost(vhd->vhost, 0, u, "protocol-lws-raw-test", NULL)) {
lwsl_err("Failed to adopt fifo descriptor\n");
close(vhd->fifo);
return 1;
}
}
break;
case LWS_CALLBACK_RAW_WRITEABLE_FILE:
lwsl_notice("LWS_CALLBACK_RAW_WRITEABLE_FILE\n");
break;
/*
* Callbacks related to Raw socket descriptor testing
*/
case LWS_CALLBACK_RAW_ADOPT:
lwsl_notice("LWS_CALLBACK_RAW_ADOPT\n");
break;
case LWS_CALLBACK_RAW_RX:
lwsl_notice("LWS_CALLBACK_RAW_RX %ld\n", (long)len);
if (len > sizeof(pss->buf))
len = sizeof(pss->buf);
memcpy(pss->buf, in, len);
pss->len = len;
lws_callback_on_writable(wsi);
break;
case LWS_CALLBACK_RAW_CLOSE:
lwsl_notice("LWS_CALLBACK_RAW_CLOSE\n");
break;
case LWS_CALLBACK_RAW_WRITEABLE:
lwsl_notice("LWS_CALLBACK_RAW_WRITEABLE\n");
lws_write(wsi, pss->buf, pss->len, LWS_WRITE_HTTP);
break;
default:
break;
}
return 0;
}
int
lws_client_interpret_server_handshake(struct lws *wsi)
{
int n, port = 0, ssl = 0;
int close_reason = LWS_CLOSE_STATUS_PROTOCOL_ERR;
const char *prot, *ads = NULL, *path, *cce = NULL;
struct allocated_headers *ah = NULL;
struct lws *w = lws_client_wsi_effective(wsi);
char *p, *q;
char new_path[300];
lws_client_stash_destroy(wsi);
ah = wsi->http.ah;
if (!wsi->do_ws) {
/* we are being an http client...
*/
#if defined(LWS_ROLE_H2)
if (wsi->client_h2_alpn || wsi->client_h2_substream) {
lwsl_debug("%s: %p: transitioning to h2 client\n", __func__, wsi);
lws_role_transition(wsi, LWSIFR_CLIENT,
LRS_ESTABLISHED, &role_ops_h2);
} else
#endif
{
#if defined(LWS_ROLE_H1)
{
lwsl_debug("%s: %p: transitioning to h1 client\n", __func__, wsi);
lws_role_transition(wsi, LWSIFR_CLIENT,
LRS_ESTABLISHED, &role_ops_h1);
}
#else
return -1;
#endif
}
wsi->http.ah = ah;
ah->http_response = 0;
}
/*
* well, what the server sent looked reasonable for syntax.
* Now let's confirm it sent all the necessary headers
*
* http (non-ws) client will expect something like this
*
* HTTP/1.0.200
* server:.libwebsockets
* content-type:.text/html
* content-length:.17703
* set-cookie:.test=LWS_1456736240_336776_COOKIE;Max-Age=360000
*/
wsi->http.connection_type = HTTP_CONNECTION_KEEP_ALIVE;
if (!wsi->client_h2_substream) {
p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP);
if (wsi->do_ws && !p) {
lwsl_info("no URI\n");
cce = "HS: URI missing";
goto bail3;
}
if (!p) {
p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP1_0);
wsi->http.connection_type = HTTP_CONNECTION_CLOSE;
}
if (!p) {
cce = "HS: URI missing";
lwsl_info("no URI\n");
goto bail3;
}
} else {
p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_STATUS);
if (!p) {
cce = "HS: :status missing";
lwsl_info("no status\n");
goto bail3;
}
}
n = atoi(p);
if (ah)
ah->http_response = n;
if (n == 301 || n == 302 || n == 303 || n == 307 || n == 308) {
p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_LOCATION);
if (!p) {
cce = "HS: Redirect code but no Location";
goto bail3;
}
/* Relative reference absolute path */
if (p[0] == '/') {
#if defined(LWS_WITH_TLS)
ssl = wsi->tls.use_ssl & LCCSCF_USE_SSL;
#endif
ads = lws_hdr_simple_ptr(wsi,
_WSI_TOKEN_CLIENT_PEER_ADDRESS);
port = wsi->c_port;
/* +1 as lws_client_reset expects leading / omitted */
path = p + 1;
}
/* Absolute (Full) URI */
else if (strchr(p, ':')) {
if (lws_parse_uri(p, &prot, &ads, &port, &path)) {
cce = "HS: URI did not parse";
goto bail3;
}
if (!strcmp(prot, "wss") || !strcmp(prot, "https"))
ssl = 1;
}
/* Relative reference relative path */
else {
/* This doesn't try to calculate an absolute path,
* that will be left to the server */
#if defined(LWS_WITH_TLS)
ssl = wsi->tls.use_ssl & LCCSCF_USE_SSL;
#endif
ads = lws_hdr_simple_ptr(wsi,
_WSI_TOKEN_CLIENT_PEER_ADDRESS);
port = wsi->c_port;
/* +1 as lws_client_reset expects leading / omitted */
path = new_path + 1;
lws_strncpy(new_path, lws_hdr_simple_ptr(wsi,
_WSI_TOKEN_CLIENT_URI), sizeof(new_path));
q = strrchr(new_path, '/');
if (q)
lws_strncpy(q + 1, p, sizeof(new_path) -
(q - new_path));
else
path = p;
}
#if defined(LWS_WITH_TLS)
if ((wsi->tls.use_ssl & LCCSCF_USE_SSL) && !ssl) {
cce = "HS: Redirect attempted SSL downgrade";
goto bail3;
}
#endif
if (!lws_client_reset(&wsi, ssl, ads, port, path, ads)) {
/* there are two ways to fail out with NULL return...
* simple, early problem where the wsi is intact, or
* we went through with the reconnect attempt and the
* wsi is already closed. In the latter case, the wsi
* has beet set to NULL additionally.
*/
lwsl_err("Redirect failed\n");
cce = "HS: Redirect failed";
if (wsi)
goto bail3;
return 1;
}
return 0;
}
if (!wsi->do_ws) {
/* if h1 KA is allowed, enable the queued pipeline guys */
if (!wsi->client_h2_alpn && !wsi->client_h2_substream && w == wsi) { /* ie, coming to this for the first time */
if (wsi->http.connection_type == HTTP_CONNECTION_KEEP_ALIVE)
wsi->keepalive_active = 1;
else {
/*
* Ugh... now the main http connection has seen
* both sides, we learn the server doesn't
* support keepalive.
*
* That means any guys queued on us are going
* to have to be restarted from connect2 with
* their own connections.
*/
/*
* stick around telling any new guys they can't
* pipeline to this server
*/
wsi->keepalive_rejected = 1;
lws_vhost_lock(wsi->vhost);
lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1,
wsi->dll_client_transaction_queue_head.next) {
struct lws *ww = lws_container_of(d, struct lws,
dll_client_transaction_queue);
/* remove him from our queue */
lws_dll_lws_remove(&ww->dll_client_transaction_queue);
/* give up on pipelining */
ww->client_pipeline = 0;
/* go back to "trying to connect" state */
lws_role_transition(ww, LWSIFR_CLIENT,
LRS_UNCONNECTED,
#if defined(LWS_ROLE_H1)
&role_ops_h1);
#else
#if defined (LWS_ROLE_H2)
&role_ops_h2);
#else
&role_ops_raw);
#endif
#endif
ww->user_space = NULL;
} lws_end_foreach_dll_safe(d, d1);
lws_vhost_unlock(wsi->vhost);
}
}
#ifdef LWS_WITH_HTTP_PROXY
wsi->http.perform_rewrite = 0;
if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE)) {
if (!strncmp(lws_hdr_simple_ptr(wsi,
WSI_TOKEN_HTTP_CONTENT_TYPE),
"text/html", 9))
wsi->http.perform_rewrite = 1;
}
#endif
/* allocate the per-connection user memory (if any) */
if (lws_ensure_user_space(wsi)) {
lwsl_err("Problem allocating wsi user mem\n");
cce = "HS: OOM";
goto bail2;
}
/* he may choose to send us stuff in chunked transfer-coding */
wsi->chunked = 0;
wsi->chunk_remaining = 0; /* ie, next thing is chunk size */
if (lws_hdr_total_length(wsi,
WSI_TOKEN_HTTP_TRANSFER_ENCODING)) {
wsi->chunked = !strcmp(lws_hdr_simple_ptr(wsi,
WSI_TOKEN_HTTP_TRANSFER_ENCODING),
"chunked");
/* first thing is hex, after payload there is crlf */
wsi->chunk_parser = ELCP_HEX;
}
if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) {
wsi->http.rx_content_length =
atoll(lws_hdr_simple_ptr(wsi,
WSI_TOKEN_HTTP_CONTENT_LENGTH));
lwsl_info("%s: incoming content length %llu\n",
__func__, (unsigned long long)
wsi->http.rx_content_length);
wsi->http.rx_content_remain =
wsi->http.rx_content_length;
} else /* can't do 1.1 without a content length or chunked */
if (!wsi->chunked)
wsi->http.connection_type =
HTTP_CONNECTION_CLOSE;
/*
* we seem to be good to go, give client last chance to check
* headers and OK it
*/
if (wsi->protocol->callback(wsi,
LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH,
wsi->user_space, NULL, 0)) {
cce = "HS: disallowed by client filter";
goto bail2;
}
/* clear his proxy connection timeout */
lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
wsi->rxflow_change_to = LWS_RXFLOW_ALLOW;
/* call him back to inform him he is up */
if (wsi->protocol->callback(wsi,
LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP,
wsi->user_space, NULL, 0)) {
cce = "HS: disallowed at ESTABLISHED";
goto bail3;
}
/*
* for pipelining, master needs to keep his ah... guys who
* queued on him can drop it now though.
*/
if (w != wsi)
/* free up parsing allocations for queued guy */
lws_header_table_detach(w, 0);
lwsl_info("%s: client connection up\n", __func__);
return 0;
}
#if defined(LWS_ROLE_WS)
switch (lws_client_ws_upgrade(wsi, &cce)) {
case 2:
goto bail2;
case 3:
goto bail3;
}
return 0;
#endif
bail3:
close_reason = LWS_CLOSE_STATUS_NOSTATUS;
bail2:
if (wsi->protocol) {
n = 0;
if (cce)
n = (int)strlen(cce);
wsi->protocol->callback(wsi,
LWS_CALLBACK_CLIENT_CONNECTION_ERROR,
wsi->user_space, (void *)cce,
(unsigned int)n);
}
wsi->already_did_cce = 1;
lwsl_info("closing connection due to bail2 connection error\n");
/* closing will free up his parsing allocations */
lws_close_free_wsi(wsi, close_reason, "c hs interp");
return 1;
}
void socks_generate_msg(struct lws *wsi, enum socks_msg_type type,
ssize_t *msg_len)
{
struct lws_context *context = wsi->context;
struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
ssize_t len = 0, n, passwd_len;
short net_num;
char *p;
switch (type) {
case SOCKS_MSG_GREETING:
/* socks version, version 5 only */
pt->serv_buf[len++] = SOCKS_VERSION_5;
/* number of methods */
pt->serv_buf[len++] = 2;
/* username password method */
pt->serv_buf[len++] = SOCKS_AUTH_USERNAME_PASSWORD;
/* no authentication method */
pt->serv_buf[len++] = SOCKS_AUTH_NO_AUTH;
break;
case SOCKS_MSG_USERNAME_PASSWORD:
n = strlen(wsi->vhost->socks_user);
passwd_len = strlen(wsi->vhost->socks_password);
/* the subnegotiation version */
pt->serv_buf[len++] = SOCKS_SUBNEGOTIATION_VERSION_1;
/* length of the user name */
pt->serv_buf[len++] = n;
/* user name */
lws_strncpy((char *)&pt->serv_buf[len], wsi->vhost->socks_user,
context->pt_serv_buf_size - len + 1);
len += n;
/* length of the password */
pt->serv_buf[len++] = passwd_len;
/* password */
lws_strncpy((char *)&pt->serv_buf[len], wsi->vhost->socks_password,
context->pt_serv_buf_size - len + 1);
len += passwd_len;
break;
case SOCKS_MSG_CONNECT:
p = (char*)&net_num;
/* socks version */
pt->serv_buf[len++] = SOCKS_VERSION_5;
/* socks command */
pt->serv_buf[len++] = SOCKS_COMMAND_CONNECT;
/* reserved */
pt->serv_buf[len++] = 0;
/* address type */
pt->serv_buf[len++] = SOCKS_ATYP_DOMAINNAME;
/* skip length, we fill it in at the end */
n = len++;
/* the address we tell SOCKS proxy to connect to */
lws_strncpy((char *)&(pt->serv_buf[len]), wsi->stash->address,
context->pt_serv_buf_size - len + 1);
len += strlen(wsi->stash->address);
net_num = htons(wsi->c_port);
/* the port we tell SOCKS proxy to connect to */
pt->serv_buf[len++] = p[0];
pt->serv_buf[len++] = p[1];
/* the length of the address, excluding port */
pt->serv_buf[n] = strlen(wsi->stash->address);
break;
default:
return;
}
*msg_len = len;
}
/**
* lws_client_reset() - retarget a connected wsi to start over with a new connection (ie, redirect)
* this only works if still in HTTP, ie, not upgraded yet
* wsi: connection to reset
* address: network address of the new server
* port: port to connect to
* path: uri path to connect to on the new server
* host: host header to send to the new server
*/
LWS_VISIBLE struct lws *
lws_client_reset(struct lws **pwsi, int ssl, const char *address, int port,
const char *path, const char *host)
{
char origin[300] = "", protocol[300] = "", method[32] = "",
iface[16] = "", alpn[32] = "", *p;
struct lws *wsi = *pwsi;
if (wsi->redirects == 3) {
lwsl_err("%s: Too many redirects\n", __func__);
return NULL;
}
wsi->redirects++;
p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN);
if (p)
lws_strncpy(origin, p, sizeof(origin));
p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS);
if (p)
lws_strncpy(protocol, p, sizeof(protocol));
p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD);
if (p)
lws_strncpy(method, p, sizeof(method));
p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_IFACE);
if (p)
lws_strncpy(iface, p, sizeof(iface));
p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ALPN);
if (p)
lws_strncpy(alpn, p, sizeof(alpn));
lwsl_info("redirect ads='%s', port=%d, path='%s', ssl = %d\n",
address, port, path, ssl);
/* close the connection by hand */
#if defined(LWS_WITH_TLS)
lws_ssl_close(wsi);
#endif
__remove_wsi_socket_from_fds(wsi);
if (wsi->context->event_loop_ops->close_handle_manually)
wsi->context->event_loop_ops->close_handle_manually(wsi);
else
compatible_close(wsi->desc.sockfd);
#if defined(LWS_WITH_TLS)
wsi->tls.use_ssl = ssl;
#else
if (ssl) {
lwsl_err("%s: not configured for ssl\n", __func__);
return NULL;
}
#endif
wsi->desc.sockfd = LWS_SOCK_INVALID;
lwsi_set_state(wsi, LRS_UNCONNECTED);
wsi->protocol = NULL;
wsi->pending_timeout = NO_PENDING_TIMEOUT;
wsi->c_port = port;
wsi->hdr_parsing_completed = 0;
_lws_header_table_reset(wsi->http.ah);
if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, address))
return NULL;
if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_HOST, host))
return NULL;
if (origin[0])
if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ORIGIN,
origin))
return NULL;
if (protocol[0])
if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS,
protocol))
return NULL;
if (method[0])
if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_METHOD,
method))
return NULL;
if (iface[0])
if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_IFACE,
iface))
return NULL;
if (alpn[0])
if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ALPN,
alpn))
return NULL;
origin[0] = '/';
strncpy(&origin[1], path, sizeof(origin) - 2);
if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_URI, origin))
return NULL;
*pwsi = lws_client_connect_2(wsi);
return *pwsi;
}
int
lws_client_ws_upgrade(struct lws *wsi, const char **cce)
{
struct lws_context *context = wsi->context;
struct lws_tokenize ts;
int n, len, okay = 0;
lws_tokenize_elem e;
char *p, buf[64];
const char *pc;
#if !defined(LWS_WITHOUT_EXTENSIONS)
struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
char *sb = (char *)&pt->serv_buf[0];
const struct lws_ext_options *opts;
const struct lws_extension *ext;
char ext_name[128];
const char *c, *a;
int more = 1;
char ignore;
#endif
if (wsi->client_h2_substream) {/* !!! client ws-over-h2 not there yet */
lwsl_warn("%s: client ws-over-h2 upgrade not supported yet\n",
__func__);
*cce = "HS: h2 / ws upgrade unsupported";
goto bail3;
}
if (wsi->http.ah->http_response == 401) {
lwsl_warn(
"lws_client_handshake: got bad HTTP response '%d'\n",
wsi->http.ah->http_response);
*cce = "HS: ws upgrade unauthorized";
goto bail3;
}
if (wsi->http.ah->http_response != 101) {
lwsl_warn(
"lws_client_handshake: got bad HTTP response '%d'\n",
wsi->http.ah->http_response);
*cce = "HS: ws upgrade response not 101";
goto bail3;
}
if (lws_hdr_total_length(wsi, WSI_TOKEN_ACCEPT) == 0) {
lwsl_info("no ACCEPT\n");
*cce = "HS: ACCEPT missing";
goto bail3;
}
p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_UPGRADE);
if (!p) {
lwsl_info("no UPGRADE\n");
*cce = "HS: UPGRADE missing";
goto bail3;
}
strtolower(p);
if (strcmp(p, "websocket")) {
lwsl_warn(
"lws_client_handshake: got bad Upgrade header '%s'\n", p);
*cce = "HS: Upgrade to something other than websocket";
goto bail3;
}
/* connection: must have "upgrade" */
lws_tokenize_init(&ts, buf, LWS_TOKENIZE_F_COMMA_SEP_LIST |
LWS_TOKENIZE_F_MINUS_NONTERM);
ts.len = lws_hdr_copy(wsi, buf, sizeof(buf) - 1, WSI_TOKEN_CONNECTION);
if (ts.len <= 0) /* won't fit, or absent */
goto bad_conn_format;
do {
e = lws_tokenize(&ts);
switch (e) {
case LWS_TOKZE_TOKEN:
if (!strncasecmp(ts.token, "upgrade", ts.token_len))
e = LWS_TOKZE_ENDED;
break;
case LWS_TOKZE_DELIMITER:
break;
default: /* includes ENDED found by the tokenizer itself */
bad_conn_format:
lwsl_info("%s: malfored connection '%s'\n",
__func__, buf);
*cce = "HS: UPGRADE malformed";
goto bail3;
}
} while (e > 0);
pc = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS);
if (!pc) {
lwsl_parser("lws_client_int_s_hs: no protocol list\n");
} else
lwsl_parser("lws_client_int_s_hs: protocol list '%s'\n", pc);
/*
* confirm the protocol the server wants to talk was in the list
* of protocols we offered
*/
len = lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL);
if (!len) {
lwsl_info("%s: WSI_TOKEN_PROTOCOL is null\n", __func__);
/*
* no protocol name to work from, if we don't already have one
* default to first protocol
*/
if (wsi->protocol) {
p = (char *)wsi->protocol->name;
goto identify_protocol;
}
/* no choice but to use the default protocol */
n = 0;
wsi->protocol = &wsi->vhost->protocols[0];
goto check_extensions;
}
p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL);
len = (int)strlen(p);
while (pc && *pc && !okay) {
if (!strncmp(pc, p, len) &&
(pc[len] == ',' || pc[len] == '\0')) {
okay = 1;
continue;
}
while (*pc && *pc++ != ',')
;
while (*pc == ' ')
pc++;
}
if (!okay) {
lwsl_info("%s: got bad protocol %s\n", __func__, p);
*cce = "HS: PROTOCOL malformed";
goto bail2;
}
identify_protocol:
#if defined(LWS_WITH_HTTP_PROXY)
lws_strncpy(wsi->ws->actual_protocol, p,
sizeof(wsi->ws->actual_protocol));
#endif
/*
* identify the selected protocol struct and set it
*/
n = 0;
/* keep client connection pre-bound protocol */
if (!lwsi_role_client(wsi))
wsi->protocol = NULL;
while (wsi->vhost->protocols[n].callback) {
if (!wsi->protocol &&
strcmp(p, wsi->vhost->protocols[n].name) == 0) {
wsi->protocol = &wsi->vhost->protocols[n];
break;
}
n++;
}
if (!wsi->vhost->protocols[n].callback) { /* no match */
/* if server, that's already fatal */
if (!lwsi_role_client(wsi)) {
lwsl_info("%s: fail protocol %s\n", __func__, p);
*cce = "HS: Cannot match protocol";
goto bail2;
}
/* for client, find the index of our pre-bound protocol */
n = 0;
while (wsi->vhost->protocols[n].callback) {
if (wsi->protocol && strcmp(wsi->protocol->name,
wsi->vhost->protocols[n].name) == 0) {
wsi->protocol = &wsi->vhost->protocols[n];
break;
}
n++;
}
if (!wsi->vhost->protocols[n].callback) {
if (wsi->protocol)
lwsl_err("Failed to match protocol %s\n",
wsi->protocol->name);
else
lwsl_err("No protocol on client\n");
goto bail2;
}
}
lwsl_debug("Selected protocol %s\n", wsi->protocol->name);
check_extensions:
/*
* stitch protocol choice into the vh protocol linked list
* We always insert ourselves at the start of the list
*
* X <-> B
* X <-> pAn <-> pB
*/
lws_same_vh_protocol_insert(wsi, n);
#if !defined(LWS_WITHOUT_EXTENSIONS)
/* instantiate the accepted extensions */
if (!lws_hdr_total_length(wsi, WSI_TOKEN_EXTENSIONS)) {
lwsl_ext("no client extensions allowed by server\n");
goto check_accept;
}
/*
* break down the list of server accepted extensions
* and go through matching them or identifying bogons
*/
if (lws_hdr_copy(wsi, sb, context->pt_serv_buf_size,
WSI_TOKEN_EXTENSIONS) < 0) {
lwsl_warn("ext list from server failed to copy\n");
*cce = "HS: EXT: list too big";
goto bail2;
}
c = sb;
n = 0;
ignore = 0;
a = NULL;
while (more) {
if (*c && (*c != ',' && *c != '\t')) {
if (*c == ';') {
ignore = 1;
if (!a)
a = c + 1;
}
if (ignore || *c == ' ') {
c++;
continue;
}
ext_name[n] = *c++;
if (n < (int)sizeof(ext_name) - 1)
n++;
continue;
}
ext_name[n] = '\0';
ignore = 0;
if (!*c)
more = 0;
else {
c++;
if (!n)
continue;
}
/* check we actually support it */
lwsl_notice("checking client ext %s\n", ext_name);
n = 0;
ext = wsi->vhost->ws.extensions;
while (ext && ext->callback) {
if (strcmp(ext_name, ext->name)) {
ext++;
continue;
}
n = 1;
lwsl_notice("instantiating client ext %s\n", ext_name);
/* instantiate the extension on this conn */
wsi->ws->active_extensions[wsi->ws->count_act_ext] = ext;
/* allow him to construct his ext instance */
if (ext->callback(lws_get_context(wsi), ext, wsi,
LWS_EXT_CB_CLIENT_CONSTRUCT,
(void *)&wsi->ws->act_ext_user[
wsi->ws->count_act_ext],
(void *)&opts, 0)) {
lwsl_info(" ext %s failed construction\n",
ext_name);
ext++;
continue;
}
/*
* allow the user code to override ext defaults if it
* wants to
*/
ext_name[0] = '\0';
if (user_callback_handle_rxflow(wsi->protocol->callback,
wsi, LWS_CALLBACK_WS_EXT_DEFAULTS,
(char *)ext->name, ext_name,
sizeof(ext_name))) {
*cce = "HS: EXT: failed setting defaults";
goto bail2;
}
if (ext_name[0] &&
lws_ext_parse_options(ext, wsi,
wsi->ws->act_ext_user[
wsi->ws->count_act_ext],
opts, ext_name,
(int)strlen(ext_name))) {
lwsl_err("%s: unable to parse user defaults '%s'",
__func__, ext_name);
*cce = "HS: EXT: failed parsing defaults";
goto bail2;
}
/*
* give the extension the server options
*/
if (a && lws_ext_parse_options(ext, wsi,
wsi->ws->act_ext_user[
wsi->ws->count_act_ext],
opts, a, lws_ptr_diff(c, a))) {
lwsl_err("%s: unable to parse remote def '%s'",
__func__, a);
*cce = "HS: EXT: failed parsing options";
goto bail2;
}
if (ext->callback(lws_get_context(wsi), ext, wsi,
LWS_EXT_CB_OPTION_CONFIRM,
wsi->ws->act_ext_user[wsi->ws->count_act_ext],
NULL, 0)) {
lwsl_err("%s: ext %s rejects server options %s",
__func__, ext->name, a);
*cce = "HS: EXT: Rejects server options";
goto bail2;
}
wsi->ws->count_act_ext++;
ext++;
}
if (n == 0) {
lwsl_warn("Unknown ext '%s'!\n", ext_name);
*cce = "HS: EXT: unknown ext";
goto bail2;
}
a = NULL;
n = 0;
}
check_accept:
#endif
/*
* Confirm his accept token is the one we precomputed
*/
p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_ACCEPT);
if (strcmp(p, wsi->http.ah->initial_handshake_hash_base64)) {
lwsl_warn("lws_client_int_s_hs: accept '%s' wrong vs '%s'\n", p,
wsi->http.ah->initial_handshake_hash_base64);
*cce = "HS: Accept hash wrong";
goto bail2;
}
/* allocate the per-connection user memory (if any) */
if (lws_ensure_user_space(wsi)) {
lwsl_err("Problem allocating wsi user mem\n");
*cce = "HS: OOM";
goto bail2;
}
/*
* we seem to be good to go, give client last chance to check
* headers and OK it
*/
if (wsi->protocol->callback(wsi,
LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH,
wsi->user_space, NULL, 0)) {
*cce = "HS: Rejected by filter cb";
goto bail2;
}
/* clear his proxy connection timeout */
lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
/* free up his parsing allocations */
lws_header_table_detach(wsi, 0);
lws_role_transition(wsi, LWSIFR_CLIENT, LRS_ESTABLISHED,
&role_ops_ws);
lws_restart_ws_ping_pong_timer(wsi);
wsi->rxflow_change_to = LWS_RXFLOW_ALLOW;
/*
* create the frame buffer for this connection according to the
* size mentioned in the protocol definition. If 0 there, then
* use a big default for compatibility
*/
n = (int)wsi->protocol->rx_buffer_size;
if (!n)
n = context->pt_serv_buf_size;
n += LWS_PRE;
wsi->ws->rx_ubuf = lws_malloc(n + 4 /* 0x0000ffff zlib */,
"client frame buffer");
if (!wsi->ws->rx_ubuf) {
lwsl_err("Out of Mem allocating rx buffer %d\n", n);
*cce = "HS: OOM";
goto bail2;
}
wsi->ws->rx_ubuf_alloc = n;
lwsl_info("Allocating client RX buffer %d\n", n);
#if !defined(LWS_WITH_ESP32)
if (setsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_SNDBUF,
(const char *)&n, sizeof n)) {
lwsl_warn("Failed to set SNDBUF to %d", n);
*cce = "HS: SO_SNDBUF failed";
goto bail3;
}
#endif
lwsl_debug("handshake OK for protocol %s\n", wsi->protocol->name);
/* call him back to inform him he is up */
if (wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_ESTABLISHED,
wsi->user_space, NULL, 0)) {
*cce = "HS: Rejected at CLIENT_ESTABLISHED";
goto bail3;
}
return 0;
bail3:
return 3;
bail2:
return 2;
}
