lib::error_code process_handshake(request_type const & req, std::string const & subprotocol, response_type & res) const { std::array<char, 16> key_final; // copy key1 into final key decode_client_key(req.get_header("Sec-WebSocket-Key1"), &key_final[0]); // copy key2 into final key decode_client_key(req.get_header("Sec-WebSocket-Key2"), &key_final[4]); // copy key3 into final key // key3 should be exactly 8 bytes. If it is more it will be truncated // if it is less the final key will almost certainly be wrong. // TODO: decide if it is best to silently fail here or produce some sort // of warning or exception. const std::string& key3 = req.get_header("Sec-WebSocket-Key3"); auto sz = std::min(size_t(8), key3.size()); std::copy(key3.begin(), key3.begin() + sz, key_final.begin() + 8); res.append_header( "Sec-WebSocket-Key3", md5::md5_hash_string(std::string(key_final.begin(), key_final.end())) ); res.append_header("Upgrade","WebSocket"); res.append_header("Connection","Upgrade"); // Echo back client's origin unless our local application set a // more restrictive one. if (res.get_header("Sec-WebSocket-Origin") == "") { res.append_header("Sec-WebSocket-Origin",req.get_header("Origin")); } // Echo back the client's request host unless our local application // set a different one. if (res.get_header("Sec-WebSocket-Location") == "") { uri_ptr uri = get_uri(req); res.append_header("Sec-WebSocket-Location",uri->str()); } if (subprotocol != "") { res.replace_header("Sec-WebSocket-Protocol",subprotocol); } return lib::error_code(); }
/** * @param req The original request sent * @param res The reponse to generate * @return An error code, 0 on success, non-zero for other errors */ lib::error_code validate_server_handshake_response(request_type const & req, response_type& res) const { // A valid response has an HTTP 101 switching protocols code if (res.get_status_code() != http::status_code::switching_protocols) { return error::make_error_code(error::invalid_http_status); } // And the upgrade token in an upgrade header std::string const & upgrade_header = res.get_header("Upgrade"); if (utility::ci_find_substr(upgrade_header, constants::upgrade_token, sizeof(constants::upgrade_token)-1) == upgrade_header.end()) { return error::make_error_code(error::missing_required_header); } // And the websocket token in the connection header std::string const & con_header = res.get_header("Connection"); if (utility::ci_find_substr(con_header, constants::connection_token, sizeof(constants::connection_token)-1) == con_header.end()) { return error::make_error_code(error::missing_required_header); } // And has a valid Sec-WebSocket-Accept value std::string key = req.get_header("Sec-WebSocket-Key"); lib::error_code ec = process_handshake_key(key); if (ec || key != res.get_header("Sec-WebSocket-Accept")) { return error::make_error_code(error::missing_required_header); } return lib::error_code(); }
lib::error_code validate_handshake(request_type const & r) const { if (r.get_method() != "GET") { return make_error_code(error::invalid_http_method); } if (r.get_version() != "HTTP/1.1") { return make_error_code(error::invalid_http_version); } // required headers // Host is required by HTTP/1.1 // Connection is required by is_websocket_handshake // Upgrade is required by is_websocket_handshake if (r.get_header("Sec-WebSocket-Key1") == "" || r.get_header("Sec-WebSocket-Key2") == "" || r.get_header("Sec-WebSocket-Key3") == "") { return make_error_code(error::missing_required_header); } return lib::error_code(); }
lib::error_code extract_subprotocols(request_type const & req, std::vector<std::string> & subprotocol_list) { if (!req.get_header("Sec-WebSocket-Protocol").empty()) { http::parameter_list p; if (!req.get_header_as_plist("Sec-WebSocket-Protocol",p)) { http::parameter_list::const_iterator it; for (it = p.begin(); it != p.end(); ++it) { subprotocol_list.push_back(it->first); } } else { return error::make_error_code(error::subprotocol_parse_error); } } return lib::error_code(); }
lib::error_code validate_handshake(request_type const & r) const { if (r.get_method() != "get") { return make_error_code(error::invalid_http_method); } if (r.get_version() != "http/1.1") { return make_error_code(error::invalid_http_version); } // required headers // host is required by http/1.1 // connection is required by is_websocket_handshake // upgrade is required by is_websocket_handshake if (r.get_header("sec-websocket-key") == "") { return make_error_code(error::missing_required_header); } return lib::error_code(); }
/* TODO: the 'subprotocol' parameter may need to be expanded into a more * generic struct if other user input parameters to the processed handshake * are found. */ lib::error_code process_handshake(request_type const & request, std::string const & subprotocol, response_type & response) const { std::string server_key = request.get_header("Sec-WebSocket-Key"); lib::error_code ec = process_handshake_key(server_key); if (ec) { return ec; } response.replace_header("Sec-WebSocket-Accept",server_key); response.append_header("Upgrade",constants::upgrade_token); response.append_header("Connection",constants::connection_token); if (!subprotocol.empty()) { response.replace_header("Sec-WebSocket-Protocol",subprotocol); } return lib::error_code(); }
uri_ptr get_uri(request_type const & request) const { std::string h = request.get_header("Host"); size_t last_colon = h.rfind(":"); size_t last_sbrace = h.rfind("]"); // no : = hostname with no port // last : before ] = ipv6 literal with no port // : with no ] = hostname with port // : after ] = ipv6 literal with port if (last_colon == std::string::npos || (last_sbrace != std::string::npos && last_sbrace > last_colon)) { return uri_ptr(new uri(base::m_secure, h, request.get_uri())); } else { return uri_ptr(new uri(base::m_secure, h.substr(0,last_colon), h.substr(last_colon+1), request.get_uri())); } // TODO: check if get_uri is a full uri }