int lws_client_socket_service(struct libwebsocket_context *context, struct libwebsocket *wsi, struct pollfd *pollfd) { int n; char *p = (char *)&context->service_buffer[0]; int len; char c; switch (wsi->mode) { case LWS_CONNMODE_WS_CLIENT_WAITING_CONNECT: /* * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE * timeout protection set in client-handshake.c */ if (__libwebsocket_client_connect_2(context, wsi) == NULL) { /* closed */ lwsl_client("closed\n"); return -1; } /* either still pending connection, or changed mode */ return 0; case LWS_CONNMODE_WS_CLIENT_WAITING_PROXY_REPLY: /* handle proxy hung up on us */ if (pollfd->revents & (POLLERR | POLLHUP)) { lwsl_warn("Proxy connection %p (fd=%d) dead\n", (void *)wsi, pollfd->fd); libwebsocket_close_and_free_session(context, wsi, LWS_CLOSE_STATUS_NOSTATUS); return 0; } n = recv(wsi->sock, context->service_buffer, sizeof(context->service_buffer), 0); if (n < 0) { libwebsocket_close_and_free_session(context, wsi, LWS_CLOSE_STATUS_NOSTATUS); lwsl_err("ERROR reading from proxy socket\n"); return 0; } context->service_buffer[13] = '\0'; if (strcmp((char *)context->service_buffer, "HTTP/1.0 200 ")) { libwebsocket_close_and_free_session(context, wsi, LWS_CLOSE_STATUS_NOSTATUS); lwsl_err("ERROR proxy: %s\n", context->service_buffer); return 0; } /* clear his proxy connection timeout */ libwebsocket_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); /* fallthru */ case LWS_CONNMODE_WS_CLIENT_ISSUE_HANDSHAKE: /* * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE * timeout protection set in client-handshake.c */ #ifdef LWS_OPENSSL_SUPPORT /* * take care of our libwebsocket_callback_on_writable * happening at a time when there's no real connection yet */ pollfd->events &= ~POLLOUT; /* external POLL support via protocol 0 */ context->protocols[0].callback(context, wsi, LWS_CALLBACK_CLEAR_MODE_POLL_FD, wsi->user_space, (void *)(long)wsi->sock, POLLOUT); /* we can retry this... just cook the SSL BIO the first time */ if (wsi->use_ssl && !wsi->ssl) { wsi->ssl = SSL_new(context->ssl_client_ctx); #ifdef USE_CYASSL /* * CyaSSL does certificate verification differently * from OpenSSL. * If we should ignore the certificate, we need to set * this before SSL_new and SSL_connect is called. * Otherwise the connect will simply fail with error * code -155 */ if (wsi->use_ssl == 2) CyaSSL_set_verify(wsi->ssl, SSL_VERIFY_NONE, NULL); #endif /* USE_CYASSL */ wsi->client_bio = BIO_new_socket(wsi->sock, BIO_NOCLOSE); SSL_set_bio(wsi->ssl, wsi->client_bio, wsi->client_bio); #ifdef USE_CYASSL CyaSSL_set_using_nonblock(wsi->ssl, 1); #else BIO_set_nbio(wsi->client_bio, 1); /* nonblocking */ #endif SSL_set_ex_data(wsi->ssl, openssl_websocket_private_data_index, context); } if (wsi->use_ssl) { lws_latency_pre(context, wsi); n = SSL_connect(wsi->ssl); lws_latency(context, wsi, "SSL_connect LWS_CONNMODE_WS_CLIENT_ISSUE_HANDSHAKE", n, n > 0); if (n < 0) { n = SSL_get_error(wsi->ssl, n); if (n == SSL_ERROR_WANT_READ || n == SSL_ERROR_WANT_WRITE) { /* * wants us to retry connect due to * state of the underlying ssl layer... * but since it may be stalled on * blocked write, no incoming data may * arrive to trigger the retry. * Force (possibly many times if the SSL * state persists in returning the * condition code, but other sockets * are getting serviced inbetweentimes) * us to get called back when writable. */ lwsl_info( "SSL_connect WANT_... retrying\n"); libwebsocket_callback_on_writable( context, wsi); return 0; /* no error */ } n = -1; } if (n <= 0) { /* * retry if new data comes until we * run into the connection timeout or win */ lwsl_err("SSL connect error %lu: %s\n", ERR_get_error(), ERR_error_string(ERR_get_error(), (char *)context->service_buffer)); return 0; } #ifndef USE_CYASSL /* * See comment above about CyaSSL certificate * verification */ lws_latency_pre(context, wsi); n = SSL_get_verify_result(wsi->ssl); lws_latency(context, wsi, "SSL_get_verify_result LWS_CONNMODE..HANDSHAKE", n, n > 0); if ((n != X509_V_OK) && ( n != X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT || wsi->use_ssl != 2)) { lwsl_err( "server's cert didn't look good %d\n", n); libwebsocket_close_and_free_session(context, wsi, LWS_CLOSE_STATUS_NOSTATUS); return 0; } #endif /* USE_CYASSL */ } else wsi->ssl = NULL; #endif p = libwebsockets_generate_client_handshake(context, wsi, p); if (p == NULL) { lwsl_err("Failed to generate handshake for client\n"); libwebsocket_close_and_free_session(context, wsi, LWS_CLOSE_STATUS_NOSTATUS); return 0; } /* send our request to the server */ lws_latency_pre(context, wsi); #ifdef LWS_OPENSSL_SUPPORT if (wsi->use_ssl) n = SSL_write(wsi->ssl, context->service_buffer, p - (char *)context->service_buffer); else #endif n = send(wsi->sock, context->service_buffer, p - (char *)context->service_buffer, MSG_NOSIGNAL); lws_latency(context, wsi, "send or SSL_write LWS_CONNMODE...HANDSHAKE", n, n >= 0); if (n < 0) { lwsl_debug("ERROR writing to client socket\n"); libwebsocket_close_and_free_session(context, wsi, LWS_CLOSE_STATUS_NOSTATUS); return 0; } wsi->u.hdr.parser_state = WSI_TOKEN_NAME_PART; wsi->u.hdr.lextable_pos = 0; wsi->mode = LWS_CONNMODE_WS_CLIENT_WAITING_SERVER_REPLY; libwebsocket_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, AWAITING_TIMEOUT); break; case LWS_CONNMODE_WS_CLIENT_WAITING_SERVER_REPLY: /* handle server hung up on us */ if (pollfd->revents & (POLLERR | POLLHUP)) { lwsl_debug("Server connection %p (fd=%d) dead\n", (void *)wsi, pollfd->fd); goto bail3; } if (!(pollfd->revents & POLLIN)) break; /* interpret the server response */ /* * HTTP/1.1 101 Switching Protocols * Upgrade: websocket * Connection: Upgrade * Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo= * Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC== * Sec-WebSocket-Protocol: chat */ /* * we have to take some care here to only take from the * socket bytewise. The browser may (and has been seen to * in the case that onopen() performs websocket traffic) * coalesce both handshake response and websocket traffic * in one packet, since at that point the connection is * definitively ready from browser pov. */ len = 1; while (wsi->u.hdr.parser_state != WSI_PARSING_COMPLETE && len > 0) { #ifdef LWS_OPENSSL_SUPPORT if (wsi->use_ssl) { len = SSL_read(wsi->ssl, &c, 1); if (len < 0) { n = SSL_get_error(wsi->ssl, len); if (n == SSL_ERROR_WANT_READ || n == SSL_ERROR_WANT_WRITE) return 0; } } else #endif len = recv(wsi->sock, &c, 1, 0); if (len < 0) { lwsl_warn("error on parsing recv\n"); goto bail3; } if (libwebsocket_parse(wsi, c)) { lwsl_warn("problems parsing header\n"); goto bail3; } } /* * hs may also be coming in multiple packets, there is a 5-sec * libwebsocket timeout still active here too, so if parsing did * not complete just wait for next packet coming in this state */ if (wsi->u.hdr.parser_state != WSI_PARSING_COMPLETE) break; /* * otherwise deal with the handshake. If there's any * packet traffic already arrived we'll trigger poll() again * right away and deal with it that way */ return lws_client_interpret_server_handshake(context, wsi); bail3: lwsl_info( "closing connection at LWS_CONNMODE...SERVER_REPLY\n"); libwebsocket_close_and_free_session(context, wsi, LWS_CLOSE_STATUS_NOSTATUS); return -1; case LWS_CONNMODE_WS_CLIENT_WAITING_EXTENSION_CONNECT: lwsl_ext("LWS_CONNMODE_WS_CLIENT_WAITING_EXTENSION_CONNECT\n"); break; case LWS_CONNMODE_WS_CLIENT_PENDING_CANDIDATE_CHILD: lwsl_ext("LWS_CONNMODE_WS_CLIENT_PENDING_CANDIDATE_CHILD\n"); break; default: break; } return 0; }
struct libwebsocket * libwebsocket_client_connect(struct libwebsocket_context *context, const char *address, int port, int ssl_connection, const char *path, const char *host, const char *origin, const char *protocol, int ietf_version_or_minus_one) { struct libwebsocket *wsi; int n; int m; struct libwebsocket_extension *ext; int handled; #ifndef LWS_OPENSSL_SUPPORT if (ssl_connection) { lws_log(LWS_LOG_WARNING, "libwebsockets not configured for ssl"); return NULL; } #endif wsi = malloc(sizeof(struct libwebsocket)); if (wsi == NULL) goto bail1; memset(wsi, 0, sizeof *wsi); /* -1 means just use latest supported */ if (ietf_version_or_minus_one == -1) ietf_version_or_minus_one = SPEC_LATEST_SUPPORTED; wsi->ietf_spec_revision = ietf_version_or_minus_one; wsi->name_buffer_pos = 0; wsi->user_space = NULL; wsi->is_user_space_external = 0; wsi->state = WSI_STATE_CLIENT_UNCONNECTED; wsi->pings_vs_pongs = 0; wsi->protocol = NULL; wsi->pending_timeout = NO_PENDING_TIMEOUT; wsi->count_active_extensions = 0; #ifdef LWS_OPENSSL_SUPPORT wsi->use_ssl = ssl_connection; #endif wsi->c_port = port; wsi->c_address = strdup(address); /* copy parameters over so state machine has access */ wsi->c_path = malloc(strlen(path) + 1); if (wsi->c_path == NULL) goto bail1; strcpy(wsi->c_path, path); wsi->c_host = malloc(strlen(host) + 1); if (wsi->c_host == NULL) goto oom1; strcpy(wsi->c_host, host); if (origin) { wsi->c_origin = malloc(strlen(origin) + 1); strcpy(wsi->c_origin, origin); if (wsi->c_origin == NULL) goto oom2; } else wsi->c_origin = NULL; wsi->c_callback = NULL; if (protocol) { const char *pc; struct libwebsocket_protocols *pp; wsi->c_protocol = malloc(strlen(protocol) + 1); if (wsi->c_protocol == NULL) goto oom3; strcpy(wsi->c_protocol, protocol); pc = protocol; while (*pc && *pc != ',') pc++; n = pc - protocol; pp = context->protocols; while (pp->name && !wsi->c_callback) { if (!strncmp(protocol, pp->name, n)) wsi->c_callback = pp->callback; pp++; } } else wsi->c_protocol = NULL; if (!wsi->c_callback) wsi->c_callback = context->protocols[0].callback; /* set up appropriate masking */ wsi->xor_mask = xor_no_mask; switch (wsi->ietf_spec_revision) { case 0: break; case 4: wsi->xor_mask = xor_mask_04; break; case 5: case 6: case 7: case 8: case 13: wsi->xor_mask = xor_mask_05; break; default: lws_log(LWS_LOG_WARNING, "Client ietf version %d not supported", wsi->ietf_spec_revision); goto oom4; } /* force no mask if he asks for that though */ if (context->options & LWS_SERVER_OPTION_DEFEAT_CLIENT_MASK) wsi->xor_mask = xor_no_mask; for (n = 0; n < WSI_TOKEN_COUNT; n++) { wsi->utf8_token[n].token = NULL; wsi->utf8_token[n].token_len = 0; } /* * Check with each extension if it is able to route and proxy this * connection for us. For example, an extension like x-google-mux * can handle this and then we don't need an actual socket for this * connection. */ handled = 0; ext = context->extensions; n = 0; while (ext && ext->callback && !handled) { m = ext->callback(context, ext, wsi, LWS_EXT_CALLBACK_CAN_PROXY_CLIENT_CONNECTION, (void *)(long)n, (void *)address, port); if (m) handled = 1; ext++; n++; } if (handled) { lws_log(LWS_LOG_DEBUG, "libwebsocket_client_connect: " "ext handling conn"); libwebsocket_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_EXTENSION_CONNECT_RESPONSE, AWAITING_TIMEOUT); wsi->mode = LWS_CONNMODE_WS_CLIENT_WAITING_EXTENSION_CONNECT; return wsi; } lws_log(LWS_LOG_DEBUG, "libwebsocket_client_connect: direct conn"); return __libwebsocket_client_connect_2(context, wsi); oom4: if (wsi->c_protocol) free(wsi->c_protocol); oom3: if (wsi->c_origin) free(wsi->c_origin); oom2: free(wsi->c_host); oom1: free(wsi->c_path); bail1: free(wsi); return NULL; }
struct libwebsocket * libwebsocket_client_connect(struct libwebsocket_context *context, const char *address, int port, int ssl_connection, const char *path, const char *host, const char *origin, const char *protocol, int ietf_version_or_minus_one) { struct libwebsocket *wsi; #ifndef LWS_NO_EXTENSIONS int n; int m; struct libwebsocket_extension *ext; int handled; #endif #ifndef LWS_OPENSSL_SUPPORT if (ssl_connection) { lwsl_err("libwebsockets not configured for ssl\n"); return NULL; } #endif wsi = (struct libwebsocket *) malloc(sizeof(struct libwebsocket)); if (wsi == NULL) goto bail; memset(wsi, 0, sizeof(*wsi)); /* -1 means just use latest supported */ if (ietf_version_or_minus_one == -1) ietf_version_or_minus_one = SPEC_LATEST_SUPPORTED; wsi->ietf_spec_revision = ietf_version_or_minus_one; wsi->user_space = NULL; wsi->state = WSI_STATE_CLIENT_UNCONNECTED; wsi->protocol = NULL; wsi->pending_timeout = NO_PENDING_TIMEOUT; #ifndef LWS_NO_EXTENSIONS wsi->count_active_extensions = 0; #endif #ifdef LWS_OPENSSL_SUPPORT wsi->use_ssl = ssl_connection; #endif if (lws_allocate_header_table(wsi)) goto bail; /* * we're not necessarily in a position to action these right away, * stash them... we only need during connect phase so u.hdr is fine */ wsi->u.hdr.ah->c_port = port; if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, address)) goto bail1; /* these only need u.hdr lifetime as well */ if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_URI, path)) goto bail1; if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_HOST, host)) goto bail1; if (origin) if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ORIGIN, origin)) goto bail1; /* * this is a list of protocols we tell the server we're okay with * stash it for later when we compare server response with it */ if (protocol) if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, protocol)) goto bail1; wsi->protocol = &context->protocols[0]; #ifndef LWS_NO_EXTENSIONS /* * Check with each extension if it is able to route and proxy this * connection for us. For example, an extension like x-google-mux * can handle this and then we don't need an actual socket for this * connection. */ handled = 0; ext = context->extensions; n = 0; while (ext && ext->callback && !handled) { m = ext->callback(context, ext, wsi, LWS_EXT_CALLBACK_CAN_PROXY_CLIENT_CONNECTION, (void *)(long)n, (void *)address, port); if (m) handled = 1; ext++; n++; } if (handled) { lwsl_client("libwebsocket_client_connect: ext handling conn\n"); libwebsocket_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_EXTENSION_CONNECT_RESPONSE, AWAITING_TIMEOUT); wsi->mode = LWS_CONNMODE_WS_CLIENT_WAITING_EXTENSION_CONNECT; return wsi; } #endif lwsl_client("libwebsocket_client_connect: direct conn\n"); return __libwebsocket_client_connect_2(context, wsi); bail1: free(wsi->u.hdr.ah); bail: free(wsi); return NULL; }