| /* |
| * libwebsockets - small server side websockets and web server implementation |
| * |
| * Copyright (C) 2010-2014 Andy Green <andy@warmcat.com> |
| * |
| * This library is free software; you can redistribute it and/or |
| * modify it under the terms of the GNU Lesser General Public |
| * License as published by the Free Software Foundation: |
| * version 2.1 of the License. |
| * |
| * This library is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| * Lesser General Public License for more details. |
| * |
| * You should have received a copy of the GNU Lesser General Public |
| * License along with this library; if not, write to the Free Software |
| * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, |
| * MA 02110-1301 USA |
| */ |
| |
| #include "private-libwebsockets.h" |
| |
| int lws_handshake_client(struct lws *wsi, unsigned char **buf, size_t len) |
| { |
| int m; |
| |
| switch (wsi->mode) { |
| case LWSCM_WSCL_WAITING_PROXY_REPLY: |
| case LWSCM_WSCL_ISSUE_HANDSHAKE: |
| case LWSCM_WSCL_WAITING_SERVER_REPLY: |
| case LWSCM_WSCL_WAITING_EXTENSION_CONNECT: |
| case LWSCM_WS_CLIENT: |
| while (len) { |
| /* |
| * we were accepting input but now we stopped doing so |
| */ |
| if (!(wsi->rxflow_change_to & LWS_RXFLOW_ALLOW)) { |
| lwsl_debug("%s: caching %d\n", __func__, len); |
| lws_rxflow_cache(wsi, *buf, 0, len); |
| return 0; |
| } |
| if (wsi->u.ws.rx_draining_ext) { |
| m = lws_rx_sm(wsi, 0); |
| if (m < 0) |
| return -1; |
| continue; |
| } |
| /* account for what we're using in rxflow buffer */ |
| if (wsi->rxflow_buffer) |
| wsi->rxflow_pos++; |
| |
| if (lws_client_rx_sm(wsi, *(*buf)++)) { |
| lwsl_debug("client_rx_sm exited\n"); |
| return -1; |
| } |
| len--; |
| } |
| lwsl_debug("%s: finished with %d\n", __func__, len); |
| return 0; |
| default: |
| break; |
| } |
| |
| return 0; |
| } |
| |
| int lws_client_socket_service(struct lws_context *context, |
| struct lws *wsi, struct lws_pollfd *pollfd) |
| { |
| char *p = (char *)&context->serv_buf[0]; |
| unsigned char c; |
| int n, len; |
| |
| switch (wsi->mode) { |
| |
| case LWSCM_WSCL_WAITING_CONNECT: |
| |
| /* |
| * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE |
| * timeout protection set in client-handshake.c |
| */ |
| |
| if (!lws_client_connect_2(wsi)) { |
| /* closed */ |
| lwsl_client("closed\n"); |
| return -1; |
| } |
| |
| /* either still pending connection, or changed mode */ |
| return 0; |
| |
| case LWSCM_WSCL_WAITING_PROXY_REPLY: |
| |
| /* handle proxy hung up on us */ |
| |
| if (pollfd->revents & LWS_POLLHUP) { |
| |
| lwsl_warn("Proxy connection %p (fd=%d) dead\n", |
| (void *)wsi, pollfd->fd); |
| |
| lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS); |
| return 0; |
| } |
| |
| n = recv(wsi->sock, (char *)context->serv_buf, |
| sizeof(context->serv_buf), 0); |
| if (n < 0) { |
| |
| if (LWS_ERRNO == LWS_EAGAIN) { |
| lwsl_debug("Proxy read returned EAGAIN... retrying\n"); |
| return 0; |
| } |
| |
| lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS); |
| lwsl_err("ERROR reading from proxy socket\n"); |
| return 0; |
| } |
| |
| context->serv_buf[13] = '\0'; |
| if (strcmp((char *)context->serv_buf, "HTTP/1.0 200 ") && |
| strcmp((char *)context->serv_buf, "HTTP/1.1 200 ") |
| ) { |
| lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS); |
| lwsl_err("ERROR proxy: %s\n", context->serv_buf); |
| return 0; |
| } |
| |
| /* clear his proxy connection timeout */ |
| |
| lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); |
| |
| /* fallthru */ |
| |
| case LWSCM_WSCL_ISSUE_HANDSHAKE: |
| |
| /* |
| * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE |
| * timeout protection set in client-handshake.c |
| */ |
| |
| /* |
| * take care of our lws_callback_on_writable |
| * happening at a time when there's no real connection yet |
| */ |
| if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) |
| return -1; |
| lws_libev_io(wsi, LWS_EV_STOP | LWS_EV_WRITE); |
| |
| #ifdef LWS_OPENSSL_SUPPORT |
| /* we can retry this... just cook the SSL BIO the first time */ |
| |
| if (wsi->use_ssl && !wsi->ssl) { |
| #if defined(CYASSL_SNI_HOST_NAME) || defined(WOLFSSL_SNI_HOST_NAME) || defined(SSL_CTRL_SET_TLSEXT_HOSTNAME) |
| const char *hostname = lws_hdr_simple_ptr(wsi, |
| _WSI_TOKEN_CLIENT_HOST); |
| #endif |
| |
| wsi->ssl = SSL_new(context->ssl_client_ctx); |
| #ifndef USE_WOLFSSL |
| SSL_set_mode(wsi->ssl, |
| SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); |
| #endif |
| /* |
| * use server name indication (SNI), if supported, |
| * when establishing connection |
| */ |
| #ifdef USE_WOLFSSL |
| #ifdef USE_OLD_CYASSL |
| #ifdef CYASSL_SNI_HOST_NAME |
| CyaSSL_UseSNI(wsi->ssl, CYASSL_SNI_HOST_NAME, |
| hostname, strlen(hostname)); |
| #endif |
| #else |
| #ifdef WOLFSSL_SNI_HOST_NAME |
| wolfSSL_UseSNI(wsi->ssl, WOLFSSL_SNI_HOST_NAME, |
| hostname, strlen(hostname)); |
| #endif |
| #endif |
| #else |
| #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME |
| SSL_set_tlsext_host_name(wsi->ssl, hostname); |
| #endif |
| #endif |
| |
| #ifdef USE_WOLFSSL |
| /* |
| * wolfSSL/CyaSSL does certificate verification differently |
| * from OpenSSL. |
| * If we should ignore the certificate, we need to set |
| * this before SSL_new and SSL_connect is called. |
| * Otherwise the connect will simply fail with error |
| * code -155 |
| */ |
| #ifdef USE_OLD_CYASSL |
| if (wsi->use_ssl == 2) |
| CyaSSL_set_verify(wsi->ssl, |
| SSL_VERIFY_NONE, NULL); |
| #else |
| if (wsi->use_ssl == 2) |
| wolfSSL_set_verify(wsi->ssl, |
| SSL_VERIFY_NONE, NULL); |
| #endif |
| #endif /* USE_WOLFSSL */ |
| |
| wsi->client_bio = |
| BIO_new_socket(wsi->sock, BIO_NOCLOSE); |
| SSL_set_bio(wsi->ssl, wsi->client_bio, wsi->client_bio); |
| |
| #ifdef USE_WOLFSSL |
| #ifdef USE_OLD_CYASSL |
| CyaSSL_set_using_nonblock(wsi->ssl, 1); |
| #else |
| wolfSSL_set_using_nonblock(wsi->ssl, 1); |
| #endif |
| #else |
| BIO_set_nbio(wsi->client_bio, 1); /* nonblocking */ |
| #endif |
| |
| SSL_set_ex_data(wsi->ssl, |
| openssl_websocket_private_data_index, |
| context); |
| } |
| |
| if (wsi->use_ssl) { |
| lws_latency_pre(context, wsi); |
| n = SSL_connect(wsi->ssl); |
| lws_latency(context, wsi, |
| "SSL_connect LWSCM_WSCL_ISSUE_HANDSHAKE", |
| n, n > 0); |
| |
| if (n < 0) { |
| n = SSL_get_error(wsi->ssl, n); |
| |
| if (n == SSL_ERROR_WANT_READ) |
| goto some_wait; |
| |
| if (n == SSL_ERROR_WANT_WRITE) { |
| /* |
| * wants us to retry connect due to |
| * state of the underlying ssl layer... |
| * but since it may be stalled on |
| * blocked write, no incoming data may |
| * arrive to trigger the retry. |
| * Force (possibly many times if the SSL |
| * state persists in returning the |
| * condition code, but other sockets |
| * are getting serviced inbetweentimes) |
| * us to get called back when writable. |
| */ |
| |
| lwsl_info( |
| "SSL_connect WANT_WRITE... retrying\n"); |
| lws_callback_on_writable(wsi); |
| some_wait: |
| wsi->mode = LWSCM_WSCL_WAITING_SSL; |
| |
| return 0; /* no error */ |
| } |
| n = -1; |
| } |
| |
| if (n <= 0) { |
| /* |
| * retry if new data comes until we |
| * run into the connection timeout or win |
| */ |
| |
| n = ERR_get_error(); |
| if (n != SSL_ERROR_NONE) { |
| lwsl_err("SSL connect error %lu: %s\n", |
| n, |
| ERR_error_string(n, |
| (char *)context->serv_buf)); |
| return 0; |
| } |
| } |
| } else |
| wsi->ssl = NULL; |
| |
| /* fallthru */ |
| |
| case LWSCM_WSCL_WAITING_SSL: |
| |
| if (wsi->use_ssl) { |
| |
| if (wsi->mode == LWSCM_WSCL_WAITING_SSL) { |
| lws_latency_pre(context, wsi); |
| n = SSL_connect(wsi->ssl); |
| lws_latency(context, wsi, |
| "SSL_connect LWSCM_WSCL_WAITING_SSL", |
| n, n > 0); |
| |
| if (n < 0) { |
| n = SSL_get_error(wsi->ssl, n); |
| |
| if (n == SSL_ERROR_WANT_READ) |
| goto some_wait; |
| |
| if (n == SSL_ERROR_WANT_WRITE) { |
| /* |
| * wants us to retry connect due to |
| * state of the underlying ssl layer... |
| * but since it may be stalled on |
| * blocked write, no incoming data may |
| * arrive to trigger the retry. |
| * Force (possibly many times if the SSL |
| * state persists in returning the |
| * condition code, but other sockets |
| * are getting serviced inbetweentimes) |
| * us to get called back when writable. |
| */ |
| |
| lwsl_info("SSL_connect WANT_WRITE... retrying\n"); |
| lws_callback_on_writable(wsi); |
| |
| goto some_wait; |
| } |
| n = -1; |
| } |
| |
| if (n <= 0) { |
| /* |
| * retry if new data comes until we |
| * run into the connection timeout or win |
| */ |
| n = ERR_get_error(); |
| if (n != SSL_ERROR_NONE) { |
| lwsl_err("SSL connect error %lu: %s\n", |
| n, ERR_error_string(n, |
| (char *)context->serv_buf)); |
| return 0; |
| } |
| } |
| } |
| |
| #ifndef USE_WOLFSSL |
| /* |
| * See comment above about wolfSSL certificate |
| * verification |
| */ |
| lws_latency_pre(context, wsi); |
| n = SSL_get_verify_result(wsi->ssl); |
| lws_latency(context, wsi, |
| "SSL_get_verify_result LWS_CONNMODE..HANDSHAKE", |
| n, n > 0); |
| |
| if (n != X509_V_OK) { |
| if ((n == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT || |
| n == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) && wsi->use_ssl == 2) { |
| lwsl_notice("accepting self-signed certificate\n"); |
| } else { |
| lwsl_err("server's cert didn't look good, X509_V_ERR = %d: %s\n", |
| n, ERR_error_string(n, (char *)context->serv_buf)); |
| lws_close_free_wsi(wsi, |
| LWS_CLOSE_STATUS_NOSTATUS); |
| return 0; |
| } |
| } |
| #endif /* USE_WOLFSSL */ |
| } else |
| wsi->ssl = NULL; |
| #endif |
| |
| wsi->mode = LWSCM_WSCL_ISSUE_HANDSHAKE2; |
| lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND, |
| AWAITING_TIMEOUT); |
| |
| /* fallthru */ |
| |
| case LWSCM_WSCL_ISSUE_HANDSHAKE2: |
| p = lws_generate_client_handshake(wsi, p); |
| if (p == NULL) { |
| lwsl_err("Failed to generate handshake for client\n"); |
| lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS); |
| return 0; |
| } |
| |
| /* send our request to the server */ |
| |
| lws_latency_pre(context, wsi); |
| |
| n = lws_ssl_capable_write(wsi, context->serv_buf, |
| p - (char *)context->serv_buf); |
| lws_latency(context, wsi, "send lws_issue_raw", n, |
| n == p - (char *)context->serv_buf); |
| switch (n) { |
| case LWS_SSL_CAPABLE_ERROR: |
| lwsl_debug("ERROR writing to client socket\n"); |
| lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS); |
| return 0; |
| case LWS_SSL_CAPABLE_MORE_SERVICE: |
| lws_callback_on_writable(wsi); |
| break; |
| } |
| |
| wsi->u.hdr.parser_state = WSI_TOKEN_NAME_PART; |
| wsi->u.hdr.lextable_pos = 0; |
| wsi->mode = LWSCM_WSCL_WAITING_SERVER_REPLY; |
| lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, |
| AWAITING_TIMEOUT); |
| break; |
| |
| case LWSCM_WSCL_WAITING_SERVER_REPLY: |
| |
| /* handle server hung up on us */ |
| |
| if (pollfd->revents & LWS_POLLHUP) { |
| |
| lwsl_debug("Server connection %p (fd=%d) dead\n", |
| (void *)wsi, pollfd->fd); |
| |
| goto bail3; |
| } |
| |
| if (!(pollfd->revents & LWS_POLLIN)) |
| break; |
| |
| /* interpret the server response */ |
| |
| /* |
| * HTTP/1.1 101 Switching Protocols |
| * Upgrade: websocket |
| * Connection: Upgrade |
| * Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo= |
| * Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC== |
| * Sec-WebSocket-Protocol: chat |
| */ |
| |
| /* |
| * we have to take some care here to only take from the |
| * socket bytewise. The browser may (and has been seen to |
| * in the case that onopen() performs websocket traffic) |
| * coalesce both handshake response and websocket traffic |
| * in one packet, since at that point the connection is |
| * definitively ready from browser pov. |
| */ |
| len = 1; |
| while (wsi->u.hdr.parser_state != WSI_PARSING_COMPLETE && |
| len > 0) { |
| n = lws_ssl_capable_read(wsi, &c, 1); |
| lws_latency(context, wsi, "send lws_issue_raw", n, |
| n == 1); |
| switch (n) { |
| case 0: |
| case LWS_SSL_CAPABLE_ERROR: |
| goto bail3; |
| case LWS_SSL_CAPABLE_MORE_SERVICE: |
| return 0; |
| } |
| |
| if (lws_parse(wsi, c)) { |
| lwsl_warn("problems parsing header\n"); |
| goto bail3; |
| } |
| } |
| |
| /* |
| * hs may also be coming in multiple packets, there is a 5-sec |
| * libwebsocket timeout still active here too, so if parsing did |
| * not complete just wait for next packet coming in this state |
| */ |
| |
| if (wsi->u.hdr.parser_state != WSI_PARSING_COMPLETE) |
| break; |
| |
| /* |
| * otherwise deal with the handshake. If there's any |
| * packet traffic already arrived we'll trigger poll() again |
| * right away and deal with it that way |
| */ |
| |
| return lws_client_interpret_server_handshake(wsi); |
| |
| bail3: |
| lwsl_info("closing conn at LWS_CONNMODE...SERVER_REPLY\n"); |
| lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS); |
| return -1; |
| |
| case LWSCM_WSCL_WAITING_EXTENSION_CONNECT: |
| lwsl_ext("LWSCM_WSCL_WAITING_EXTENSION_CONNECT\n"); |
| break; |
| |
| case LWSCM_WSCL_PENDING_CANDIDATE_CHILD: |
| lwsl_ext("LWSCM_WSCL_PENDING_CANDIDATE_CHILD\n"); |
| break; |
| default: |
| break; |
| } |
| |
| return 0; |
| } |
| |
| |
| /* |
| * In-place str to lower case |
| */ |
| |
| static void |
| strtolower(char *s) |
| { |
| while (*s) { |
| *s = tolower((int)*s); |
| s++; |
| } |
| } |
| |
| int |
| lws_client_interpret_server_handshake(struct lws *wsi) |
| { |
| struct lws_context *context = wsi->context; |
| int close_reason = LWS_CLOSE_STATUS_PROTOCOL_ERR; |
| int n, len, okay = 0, isErrorCodeReceived = 0, port = 0, ssl = 0; |
| const char *pc, *prot, *ads = NULL, *path; |
| char *p; |
| #ifndef LWS_NO_EXTENSIONS |
| const struct lws_extension *ext; |
| const struct lws_ext_options *opts; |
| char ext_name[128]; |
| const char *c, *a; |
| char ignore; |
| int more = 1; |
| void *v; |
| #endif |
| |
| /* |
| * well, what the server sent looked reasonable for syntax. |
| * Now let's confirm it sent all the necessary headers |
| */ |
| |
| p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP); |
| if (!p) { |
| lwsl_info("no URI\n"); |
| goto bail3; |
| } |
| n = atoi(p); |
| if (n == 301 || n == 302 || n == 303 || n == 307 || n == 308) { |
| p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_LOCATION); |
| if (!p) |
| goto bail3; |
| |
| if (lws_parse_uri(p, &prot, &ads, &port, &path)) |
| goto bail3; |
| |
| if (!strcmp(prot, "wss://") || !strcmp(prot, "https://")) |
| ssl = 1; |
| |
| if (lws_client_reset(wsi, ssl, ads, port, path, ads)) { |
| lwsl_err("Redirect failed\n"); |
| goto bail3; |
| } |
| return 0; |
| } |
| if (lws_hdr_total_length(wsi, WSI_TOKEN_ACCEPT) == 0) { |
| lwsl_info("no ACCEPT\n"); |
| isErrorCodeReceived = 1; |
| goto bail3; |
| } |
| |
| if (p && strncmp(p, "101", 3)) { |
| lwsl_warn( |
| "lws_client_handshake: got bad HTTP response '%s'\n", p); |
| goto bail3; |
| } |
| |
| p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_UPGRADE); |
| if (!p) { |
| lwsl_info("no UPGRADE\n"); |
| goto bail3; |
| } |
| strtolower(p); |
| if (strcmp(p, "websocket")) { |
| lwsl_warn( |
| "lws_client_handshake: got bad Upgrade header '%s'\n", p); |
| goto bail3; |
| } |
| |
| p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_CONNECTION); |
| if (!p) { |
| lwsl_info("no Connection hdr\n"); |
| goto bail3; |
| } |
| strtolower(p); |
| if (strcmp(p, "upgrade")) { |
| lwsl_warn("lws_client_int_s_hs: bad header %s\n", p); |
| goto bail3; |
| } |
| |
| pc = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); |
| if (!pc) { |
| lwsl_parser("lws_client_int_s_hs: no protocol list\n"); |
| } else |
| lwsl_parser("lws_client_int_s_hs: protocol list '%s'\n", pc); |
| |
| /* |
| * confirm the protocol the server wants to talk was in the list |
| * of protocols we offered |
| */ |
| |
| len = lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL); |
| if (!len) { |
| |
| lwsl_info("lws_client_int_s_hs: WSI_TOKEN_PROTOCOL is null\n"); |
| /* |
| * no protocol name to work from, |
| * default to first protocol |
| */ |
| wsi->protocol = &context->protocols[0]; |
| goto check_extensions; |
| } |
| |
| p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL); |
| len = strlen(p); |
| |
| while (pc && *pc && !okay) { |
| if (!strncmp(pc, p, len) && |
| (pc[len] == ',' || pc[len] == '\0')) { |
| okay = 1; |
| continue; |
| } |
| while (*pc && *pc++ != ',') |
| ; |
| while (*pc && *pc == ' ') |
| pc++; |
| } |
| |
| if (!okay) { |
| lwsl_err("lws_client_int_s_hs: got bad protocol %s\n", p); |
| goto bail2; |
| } |
| |
| /* |
| * identify the selected protocol struct and set it |
| */ |
| n = 0; |
| wsi->protocol = NULL; |
| while (context->protocols[n].callback && !wsi->protocol) { |
| if (strcmp(p, context->protocols[n].name) == 0) { |
| wsi->protocol = &context->protocols[n]; |
| break; |
| } |
| n++; |
| } |
| |
| if (wsi->protocol == NULL) { |
| lwsl_err("lws_client_int_s_hs: fail protocol %s\n", p); |
| goto bail2; |
| } |
| |
| |
| check_extensions: |
| #ifndef LWS_NO_EXTENSIONS |
| /* instantiate the accepted extensions */ |
| |
| if (!lws_hdr_total_length(wsi, WSI_TOKEN_EXTENSIONS)) { |
| lwsl_ext("no client extenstions allowed by server\n"); |
| goto check_accept; |
| } |
| |
| /* |
| * break down the list of server accepted extensions |
| * and go through matching them or identifying bogons |
| */ |
| |
| if (lws_hdr_copy(wsi, (char *)context->serv_buf, |
| sizeof(context->serv_buf), WSI_TOKEN_EXTENSIONS) < 0) { |
| lwsl_warn("ext list from server failed to copy\n"); |
| goto bail2; |
| } |
| |
| c = (char *)context->serv_buf; |
| n = 0; |
| ignore = 0; |
| a = NULL; |
| while (more) { |
| |
| if (*c && (*c != ',' && *c != '\t')) { |
| if (*c == ';') { |
| ignore = 1; |
| if (!a) |
| a = c + 1; |
| } |
| if (ignore || *c == ' ') { |
| c++; |
| continue; |
| } |
| |
| ext_name[n] = *c++; |
| if (n < sizeof(ext_name) - 1) |
| n++; |
| continue; |
| } |
| ext_name[n] = '\0'; |
| ignore = 0; |
| if (!*c) |
| more = 0; |
| else { |
| c++; |
| if (!n) |
| continue; |
| } |
| |
| /* check we actually support it */ |
| |
| lwsl_notice("checking client ext %s\n", ext_name); |
| |
| n = 0; |
| ext = lws_get_context(wsi)->extensions; |
| while (ext && ext->callback) { |
| if (strcmp(ext_name, ext->name)) { |
| ext++; |
| continue; |
| } |
| |
| n = 1; |
| lwsl_notice("instantiating client ext %s\n", ext_name); |
| |
| /* instantiate the extension on this conn */ |
| |
| wsi->active_extensions[wsi->count_act_ext] = ext; |
| |
| /* allow him to construct his ext instance */ |
| |
| ext->callback(lws_get_context(wsi), ext, wsi, |
| LWS_EXT_CB_CLIENT_CONSTRUCT, |
| (void *)&wsi->act_ext_user[wsi->count_act_ext], |
| (void *)&opts, 0); |
| |
| /* |
| * allow the user code to override ext defaults if it |
| * wants to |
| */ |
| ext_name[0] = '\0'; |
| if (user_callback_handle_rxflow(wsi->protocol->callback, |
| wsi, LWS_CALLBACK_WS_EXT_DEFAULTS, |
| (char *)ext->name, ext_name, |
| sizeof(ext_name))) |
| goto bail2; |
| |
| if (ext_name[0] && |
| lws_ext_parse_options(ext, wsi, wsi->act_ext_user[ |
| wsi->count_act_ext], opts, ext_name, |
| strlen(ext_name))) { |
| lwsl_err("%s: unable to parse user defaults '%s'", |
| __func__, ext_name); |
| goto bail2; |
| } |
| |
| /* |
| * give the extension the server options |
| */ |
| if (a && lws_ext_parse_options(ext, wsi, |
| wsi->act_ext_user[wsi->count_act_ext], |
| opts, a, c - a)) { |
| lwsl_err("%s: unable to parse remote def '%s'", |
| __func__, a); |
| goto bail2; |
| } |
| |
| if (ext->callback(lws_get_context(wsi), ext, wsi, |
| LWS_EXT_CB_OPTION_CONFIRM, |
| wsi->act_ext_user[wsi->count_act_ext], |
| NULL, 0)) { |
| lwsl_err("%s: ext %s rejects server options %s", |
| ext->name, a); |
| goto bail2; |
| } |
| |
| wsi->count_act_ext++; |
| |
| ext++; |
| } |
| |
| if (n == 0) { |
| lwsl_warn("Unknown ext '%s'!\n", ext_name); |
| goto bail2; |
| } |
| |
| a = NULL; |
| n = 0; |
| } |
| |
| check_accept: |
| #endif |
| |
| /* |
| * Confirm his accept token is the one we precomputed |
| */ |
| |
| p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_ACCEPT); |
| if (strcmp(p, wsi->u.hdr.ah->initial_handshake_hash_base64)) { |
| lwsl_warn("lws_client_int_s_hs: accept '%s' wrong vs '%s'\n", p, |
| wsi->u.hdr.ah->initial_handshake_hash_base64); |
| goto bail2; |
| } |
| |
| /* allocate the per-connection user memory (if any) */ |
| if (lws_ensure_user_space(wsi)) { |
| lwsl_err("Problem allocating wsi user mem\n"); |
| goto bail2; |
| } |
| |
| /* |
| * we seem to be good to go, give client last chance to check |
| * headers and OK it |
| */ |
| if (wsi->protocol->callback(wsi, |
| LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH, |
| wsi->user_space, NULL, 0)) |
| goto bail2; |
| |
| /* clear his proxy connection timeout */ |
| lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); |
| |
| /* free up his parsing allocations */ |
| lws_free_header_table(wsi); |
| |
| lws_union_transition(wsi, LWSCM_WS_CLIENT); |
| wsi->state = LWSS_ESTABLISHED; |
| |
| wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; |
| |
| /* |
| * create the frame buffer for this connection according to the |
| * size mentioned in the protocol definition. If 0 there, then |
| * use a big default for compatibility |
| */ |
| |
| n = wsi->protocol->rx_buffer_size; |
| if (!n) |
| n = LWS_MAX_SOCKET_IO_BUF; |
| n += LWS_PRE; |
| wsi->u.ws.rx_ubuf = lws_malloc(n + 4 /* 0x0000ffff zlib */); |
| if (!wsi->u.ws.rx_ubuf) { |
| lwsl_err("Out of Mem allocating rx buffer %d\n", n); |
| goto bail2; |
| } |
| wsi->u.ws.rx_ubuf_alloc = n; |
| lwsl_info("Allocating client RX buffer %d\n", n); |
| |
| if (setsockopt(wsi->sock, SOL_SOCKET, SO_SNDBUF, (const char *)&n, |
| sizeof n)) { |
| lwsl_warn("Failed to set SNDBUF to %d", n); |
| goto bail3; |
| } |
| |
| lwsl_debug("handshake OK for protocol %s\n", wsi->protocol->name); |
| |
| /* call him back to inform him he is up */ |
| |
| if (wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_ESTABLISHED, |
| wsi->user_space, NULL, 0)) |
| goto bail3; |
| #ifndef LWS_NO_EXTENSIONS |
| /* |
| * inform all extensions, not just active ones since they |
| * already know |
| */ |
| |
| ext = context->extensions; |
| |
| while (ext && ext->callback) { |
| v = NULL; |
| for (n = 0; n < wsi->count_act_ext; n++) |
| if (wsi->active_extensions[n] == ext) |
| v = wsi->act_ext_user[n]; |
| |
| ext->callback(context, ext, wsi, |
| LWS_EXT_CB_ANY_WSI_ESTABLISHED, v, NULL, 0); |
| ext++; |
| } |
| #endif |
| |
| return 0; |
| |
| bail3: |
| close_reason = LWS_CLOSE_STATUS_NOSTATUS; |
| |
| bail2: |
| if (wsi->protocol && wsi->state == LWSS_ESTABLISHED) { |
| if (isErrorCodeReceived && p) { |
| wsi->protocol->callback(wsi, |
| LWS_CALLBACK_CLIENT_CONNECTION_ERROR, |
| wsi->user_space, p, |
| (unsigned int)strlen(p)); |
| } else { |
| wsi->protocol->callback(wsi, |
| LWS_CALLBACK_CLIENT_CONNECTION_ERROR, |
| wsi->user_space, NULL, 0); |
| } |
| } |
| |
| lwsl_info("closing connection due to bail2 connection error\n"); |
| |
| /* closing will free up his parsing allocations */ |
| lws_close_free_wsi(wsi, close_reason); |
| |
| return 1; |
| } |
| |
| |
| char * |
| lws_generate_client_handshake(struct lws *wsi, char *pkt) |
| { |
| char buf[128], hash[20], key_b64[40], *p = pkt; |
| struct lws_context *context = wsi->context; |
| int n; |
| #ifndef LWS_NO_EXTENSIONS |
| const struct lws_extension *ext; |
| int ext_count = 0; |
| #endif |
| |
| /* |
| * create the random key |
| */ |
| n = lws_get_random(context, hash, 16); |
| if (n != 16) { |
| lwsl_err("Unable to read from random dev %s\n", |
| SYSTEM_RANDOM_FILEPATH); |
| lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS); |
| return NULL; |
| } |
| |
| lws_b64_encode_string(hash, 16, key_b64, sizeof(key_b64)); |
| |
| /* |
| * 00 example client handshake |
| * |
| * GET /socket.io/websocket HTTP/1.1 |
| * Upgrade: WebSocket |
| * Connection: Upgrade |
| * Host: 127.0.0.1:9999 |
| * Origin: http://127.0.0.1 |
| * Sec-WebSocket-Key1: 1 0 2#0W 9 89 7 92 ^ |
| * Sec-WebSocket-Key2: 7 7Y 4328 B2v[8(z1 |
| * Cookie: socketio=websocket |
| * |
| * (Á®Ä0¶†≥ |
| * |
| * 04 example client handshake |
| * |
| * GET /chat HTTP/1.1 |
| * Host: server.example.com |
| * Upgrade: websocket |
| * Connection: Upgrade |
| * Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== |
| * Sec-WebSocket-Origin: http://example.com |
| * Sec-WebSocket-Protocol: chat, superchat |
| * Sec-WebSocket-Version: 4 |
| */ |
| |
| p += sprintf(p, "GET %s HTTP/1.1\x0d\x0a", |
| lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_URI)); |
| |
| p += sprintf(p, "Pragma: no-cache\x0d\x0a" |
| "Cache-Control: no-cache\x0d\x0a"); |
| |
| p += sprintf(p, "Host: %s\x0d\x0a", |
| lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_HOST)); |
| p += sprintf(p, "Upgrade: websocket\x0d\x0a" |
| "Connection: Upgrade\x0d\x0a" |
| "Sec-WebSocket-Key: "); |
| strcpy(p, key_b64); |
| p += strlen(key_b64); |
| p += sprintf(p, "\x0d\x0a"); |
| if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN)) |
| p += sprintf(p, "Origin: http://%s\x0d\x0a", |
| lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN)); |
| |
| if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS)) |
| p += sprintf(p, "Sec-WebSocket-Protocol: %s\x0d\x0a", |
| lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS)); |
| |
| /* tell the server what extensions we could support */ |
| |
| p += sprintf(p, "Sec-WebSocket-Extensions: "); |
| #ifndef LWS_NO_EXTENSIONS |
| ext = context->extensions; |
| while (ext && ext->callback) { |
| |
| n = lws_ext_cb_all_exts(context, wsi, |
| LWS_EXT_CB_CHECK_OK_TO_PROPOSE_EXTENSION, |
| (char *)ext->name, 0); |
| if (n) { /* an extension vetos us */ |
| lwsl_ext("ext %s vetoed\n", (char *)ext->name); |
| ext++; |
| continue; |
| } |
| |
| n = context->protocols[0].callback(wsi, |
| LWS_CALLBACK_CLIENT_CONFIRM_EXTENSION_SUPPORTED, |
| wsi->user_space, (char *)ext->name, 0); |
| |
| /* |
| * zero return from callback means |
| * go ahead and allow the extension, |
| * it's what we get if the callback is |
| * unhandled |
| */ |
| |
| if (n) { |
| ext++; |
| continue; |
| } |
| |
| /* apply it */ |
| |
| if (ext_count) |
| *p++ = ','; |
| p += sprintf(p, "%s", ext->client_offer); |
| ext_count++; |
| |
| ext++; |
| } |
| #endif |
| p += sprintf(p, "\x0d\x0a"); |
| |
| if (wsi->ietf_spec_revision) |
| p += sprintf(p, "Sec-WebSocket-Version: %d\x0d\x0a", |
| wsi->ietf_spec_revision); |
| |
| /* give userland a chance to append, eg, cookies */ |
| |
| context->protocols[0].callback(wsi, |
| LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER, |
| NULL, &p, |
| (pkt + sizeof(context->serv_buf)) - p - 12); |
| |
| p += sprintf(p, "\x0d\x0a"); |
| |
| /* prepare the expected server accept response */ |
| |
| key_b64[39] = '\0'; /* enforce composed length below buf sizeof */ |
| n = sprintf(buf, "%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11", key_b64); |
| |
| lws_SHA1((unsigned char *)buf, n, (unsigned char *)hash); |
| |
| lws_b64_encode_string(hash, 20, |
| wsi->u.hdr.ah->initial_handshake_hash_base64, |
| sizeof(wsi->u.hdr.ah->initial_handshake_hash_base64)); |
| |
| return p; |
| } |
| |