void wsconn_close_now(ws_connection_t *wsc)
{
struct tcp_connection *con = tcpconn_get(wsc->id, 0, 0, 0, 0);
if (wsconn_rm(wsc, WSCONN_EVENTROUTE_YES) < 0)
LM_ERR("removing WebSocket connection\n");
if (con == NULL)
{
LM_ERR("getting TCP/TLS connection\n");
return;
}
tcpconn_put(con);
con->send_flags.f |= SND_F_CON_CLOSE;
con->state = S_CONN_BAD;
con->timeout = get_ticks_raw();
}
int ws_handle_handshake(struct sip_msg *msg)
{
str key = {0, 0}, headers = {0, 0}, reply_key = {0, 0}, origin = {0, 0};
unsigned char sha1[SHA_DIGEST_LENGTH];
unsigned int hdr_flags = 0, sub_protocol = 0;
int version = 0;
struct hdr_field *hdr = msg->headers;
struct tcp_connection *con;
ws_connection_t *wsc;
/* Make sure that the connection is closed after the response _and_
the existing connection (from the request) is reused for the
response. The close flag will be unset later if the handshake is
successful. */
msg->rpl_send_flags.f |= SND_F_CON_CLOSE;
msg->rpl_send_flags.f |= SND_F_FORCE_CON_REUSE;
if (cfg_get(websocket, ws_cfg, enabled) == 0)
{
LM_INFO("disabled: bouncing handshake\n");
ws_send_reply(msg, 503, &str_status_service_unavailable,
NULL);
return 0;
}
/* Retrieve TCP/TLS connection */
if ((con = tcpconn_get(msg->rcv.proto_reserved1, 0, 0, 0, 0)) == NULL)
{
LM_ERR("retrieving connection\n");
ws_send_reply(msg, 500, &str_status_internal_server_error,
NULL);
return 0;
}
if (con->type != PROTO_TCP && con->type != PROTO_TLS)
{
LM_ERR("unsupported transport: %d", con->type);
goto end;
}
if (parse_headers(msg, HDR_EOH_F, 0) < 0)
{
LM_ERR("error parsing headers\n");
ws_send_reply(msg, 500, &str_status_internal_server_error,
NULL);
goto end;
}
/* Process HTTP headers */
while (hdr != NULL)
{
/* Decode and validate Connection */
if (cmp_hdrname_strzn(&hdr->name,
str_hdr_connection.s,
str_hdr_connection.len) == 0)
{
strlower(&hdr->body);
if (str_search(&hdr->body, &str_upgrade) != NULL)
{
LM_DBG("found %.*s: %.*s\n",
hdr->name.len, hdr->name.s,
hdr->body.len, hdr->body.s);
hdr_flags |= CONNECTION;
}
}
/* Decode and validate Upgrade */
else if (cmp_hdrname_strzn(&hdr->name,
str_hdr_upgrade.s,
str_hdr_upgrade.len) == 0)
{
strlower(&hdr->body);
if (str_search(&hdr->body, &str_websocket) != NULL)
{
LM_DBG("found %.*s: %.*s\n",
hdr->name.len, hdr->name.s,
hdr->body.len, hdr->body.s);
hdr_flags |= UPGRADE;
}
}
/* Decode and validate Sec-WebSocket-Key */
else if (cmp_hdrname_strzn(&hdr->name,
str_hdr_sec_websocket_key.s,
str_hdr_sec_websocket_key.len) == 0)
{
if (hdr_flags & SEC_WEBSOCKET_KEY)
{
LM_WARN("%.*s found multiple times\n",
hdr->name.len, hdr->name.s);
ws_send_reply(msg, 400,
&str_status_bad_request,
NULL);
goto end;
}
LM_DBG("found %.*s: %.*s\n",
hdr->name.len, hdr->name.s,
hdr->body.len, hdr->body.s);
key = hdr->body;
hdr_flags |= SEC_WEBSOCKET_KEY;
}
/* Decode and validate Sec-WebSocket-Protocol */
else if (cmp_hdrname_strzn(&hdr->name,
str_hdr_sec_websocket_protocol.s,
str_hdr_sec_websocket_protocol.len) == 0)
{
strlower(&hdr->body);
if (str_search(&hdr->body, &str_sip) != NULL)
{
LM_DBG("found %.*s: %.*s\n",
hdr->name.len, hdr->name.s,
hdr->body.len, hdr->body.s);
hdr_flags |= SEC_WEBSOCKET_PROTOCOL;
sub_protocol |= SUB_PROTOCOL_SIP;
}
if (str_search(&hdr->body, &str_msrp) != NULL)
{
LM_DBG("found %.*s: %.*s\n",
hdr->name.len, hdr->name.s,
hdr->body.len, hdr->body.s);
hdr_flags |= SEC_WEBSOCKET_PROTOCOL;
sub_protocol |= SUB_PROTOCOL_MSRP;
}
}
/* Decode and validate Sec-WebSocket-Version */
else if (cmp_hdrname_strzn(&hdr->name,
str_hdr_sec_websocket_version.s,
str_hdr_sec_websocket_version.len) == 0)
{
if (hdr_flags & SEC_WEBSOCKET_VERSION)
{
LM_WARN("%.*s found multiple times\n",
hdr->name.len, hdr->name.s);
ws_send_reply(msg, 400,
&str_status_bad_request,
NULL);
goto end;
}
str2sint(&hdr->body, &version);
if (version != WS_VERSION)
{
LM_WARN("Unsupported protocol version %.*s\n",
hdr->body.len, hdr->body.s);
headers.s = headers_buf;
headers.len = snprintf(headers.s, HDR_BUF_LEN,
"%.*s: %d\r\n",
str_hdr_sec_websocket_version.len,
str_hdr_sec_websocket_version.s,
WS_VERSION);
ws_send_reply(msg, 426,
&str_status_upgrade_required,
&headers);
goto end;
}
LM_DBG("found %.*s: %.*s\n",
hdr->name.len, hdr->name.s,
hdr->body.len, hdr->body.s);
hdr_flags |= SEC_WEBSOCKET_VERSION;
}
/* Decode Origin */
else if (cmp_hdrname_strzn(&hdr->name,
str_hdr_origin.s,
str_hdr_origin.len) == 0)
{
if (hdr_flags & ORIGIN)
{
LM_WARN("%.*s found multiple times\n",
hdr->name.len, hdr->name.s);
ws_send_reply(msg, 400,
&str_status_bad_request,
NULL);
goto end;
}
LM_DBG("found %.*s: %.*s\n",
hdr->name.len, hdr->name.s,
hdr->body.len, hdr->body.s);
origin = hdr->body;
hdr_flags |= ORIGIN;
}
hdr = hdr->next;
}
/* Final check that all required headers/values were found */
sub_protocol &= ws_sub_protocols;
if ((hdr_flags & REQUIRED_HEADERS) != REQUIRED_HEADERS
|| sub_protocol == 0)
{
LM_WARN("required headers not present\n");
headers.s = headers_buf;
headers.len = 0;
if (ws_sub_protocols & SUB_PROTOCOL_SIP)
headers.len += snprintf(headers.s + headers.len,
HDR_BUF_LEN - headers.len,
"%.*s: %.*s\r\n",
str_hdr_sec_websocket_protocol.len,
str_hdr_sec_websocket_protocol.s,
str_sip.len, str_sip.s);
if (ws_sub_protocols & SUB_PROTOCOL_MSRP)
headers.len += snprintf(headers.s + headers.len,
HDR_BUF_LEN - headers.len,
"%.*s: %.*s\r\n",
str_hdr_sec_websocket_protocol.len,
str_hdr_sec_websocket_protocol.s,
str_msrp.len, str_msrp.s);
headers.len += snprintf(headers.s + headers.len,
HDR_BUF_LEN - headers.len,
"%.*s: %d\r\n",
str_hdr_sec_websocket_version.len,
str_hdr_sec_websocket_version.s,
WS_VERSION);
ws_send_reply(msg, 400, &str_status_bad_request, &headers);
goto end;
}
/* Construct reply_key */
reply_key.s = (char *) pkg_malloc(
(key.len + str_ws_guid.len) * sizeof(char));
if (reply_key.s == NULL)
{
LM_ERR("allocating pkg memory\n");
ws_send_reply(msg, 500, &str_status_internal_server_error,
NULL);
goto end;
}
memcpy(reply_key.s, key.s, key.len);
memcpy(reply_key.s + key.len, str_ws_guid.s, str_ws_guid.len);
reply_key.len = key.len + str_ws_guid.len;
SHA1((const unsigned char *) reply_key.s, reply_key.len, sha1);
pkg_free(reply_key.s);
reply_key.s = key_buf;
reply_key.len = base64_enc(sha1, SHA_DIGEST_LENGTH,
(unsigned char *) reply_key.s,
base64_enc_len(SHA_DIGEST_LENGTH));
/* Add the connection to the WebSocket connection table */
wsconn_add(msg->rcv, sub_protocol);
/* Make sure Kamailio core sends future messages on this connection
directly to this module */
if (con->type == PROTO_TLS)
con->type = con->rcv.proto = PROTO_WSS;
else
con->type = con->rcv.proto = PROTO_WS;
/* Now Kamailio is ready to receive WebSocket frames build and send a
101 reply */
headers.s = headers_buf;
headers.len = 0;
if (ws_cors_mode == CORS_MODE_ANY)
headers.len += snprintf(headers.s + headers.len,
HDR_BUF_LEN - headers.len,
"%.*s: *\r\n",
str_hdr_access_control_allow_origin.len,
str_hdr_access_control_allow_origin.s);
else if (ws_cors_mode == CORS_MODE_ORIGIN && origin.len > 0)
headers.len += snprintf(headers.s + headers.len,
HDR_BUF_LEN - headers.len,
"%.*s: %.*s\r\n",
str_hdr_access_control_allow_origin.len,
str_hdr_access_control_allow_origin.s,
origin.len,
origin.s);
if (sub_protocol & SUB_PROTOCOL_SIP)
headers.len += snprintf(headers.s + headers.len,
HDR_BUF_LEN - headers.len,
"%.*s: %.*s\r\n",
str_hdr_sec_websocket_protocol.len,
str_hdr_sec_websocket_protocol.s,
str_sip.len, str_sip.s);
else if (sub_protocol & SUB_PROTOCOL_MSRP)
headers.len += snprintf(headers.s + headers.len,
HDR_BUF_LEN - headers.len,
"%.*s: %.*s\r\n",
str_hdr_sec_websocket_protocol.len,
str_hdr_sec_websocket_protocol.s,
str_msrp.len, str_msrp.s);
headers.len += snprintf(headers.s + headers.len,
HDR_BUF_LEN - headers.len,
"%.*s: %.*s\r\n"
"%.*s: %.*s\r\n"
"%.*s: %.*s\r\n",
str_hdr_upgrade.len, str_hdr_upgrade.s,
str_websocket.len, str_websocket.s,
str_hdr_connection.len, str_hdr_connection.s,
str_upgrade.len, str_upgrade.s,
str_hdr_sec_websocket_accept.len,
str_hdr_sec_websocket_accept.s, reply_key.len,
reply_key.s);
msg->rpl_send_flags.f &= ~SND_F_CON_CLOSE;
if (ws_send_reply(msg, 101, &str_status_switching_protocols,
&headers) < 0)
{
if ((wsc = wsconn_get(msg->rcv.proto_reserved1)) != NULL)
wsconn_rm(wsc, WSCONN_EVENTROUTE_NO);
goto end;
}
else
{
if (sub_protocol & SUB_PROTOCOL_SIP)
update_stat(ws_sip_successful_handshakes, 1);
else if (sub_protocol & SUB_PROTOCOL_MSRP)
update_stat(ws_msrp_successful_handshakes, 1);
}
tcpconn_put(con);
return 1;
end:
if (con)
tcpconn_put(con);
return 0;
}
