lib/libwebsockets.c

/*
 * libwebsockets - small server side websockets and web server implementation
 * 
 * Copyright (C) 2010 Andy Green <andy@warmcat.com>
 *
 *  This library is free software; you can redistribute it and/or
 *  modify it under the terms of the GNU Lesser General Public
 *  License as published by the Free Software Foundation:
 *  version 2.1 of the License.
 *
 *  This library is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  Lesser General Public License for more details.
 *
 *  You should have received a copy of the GNU Lesser General Public
 *  License along with this library; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 *  MA  02110-1301  USA
 */

#include "private-libwebsockets.h"

#ifdef LWS_OPENSSL_SUPPORT
SSL_CTX *ssl_ctx;
int use_ssl;
#endif


extern int 
libwebsocket_read(struct libwebsocket *wsi, unsigned char * buf, size_t len);


/* document the generic callback (it's a fake prototype under this) */
/**
 * callback() - User server actions
 * @wsi:	Opaque websocket instance pointer
 * @reason:	The reason for the call
 * @user:	Pointer to per-session user data allocated by library
 * @in:		Pointer used for some callback reasons
 * @len:	Length set for some callback reasons
 * 
 * 	This callback is the way the user controls what is served.  All the
 * 	protocol detail is hidden and handled by the library.
 * 
 * 	For each connection / session there is user data allocated that is
 * 	pointed to by "user".  You set the size of this user data area when
 * 	the library is initialized with libwebsocket_create_server.
 * 
 * 	You get an opportunity to initialize user data when called back with
 * 	LWS_CALLBACK_ESTABLISHED reason.
 * 
 * 	LWS_CALLBACK_ESTABLISHED:  after successful websocket handshake
 * 
 * 	LWS_CALLBACK_CLOSED: when the websocket session ends
 *
 * 	LWS_CALLBACK_SEND: opportunity to send to client (you would use
 * 				libwebsocket_write() taking care about the
 * 				special buffer requirements
 * 	LWS_CALLBACK_RECEIVE: data has appeared for the server, it can be
 *				found at *in and is len bytes long
 *
 *  	LWS_CALLBACK_HTTP: an http request has come from a client that is not
 * 				asking to upgrade the connection to a websocket
 * 				one.  This is a chance to serve http content,
 * 				for example, to send a script to the client
 * 				which will then open the websockets connection.
 * 				@in points to the URI path requested and 
 * 				libwebsockets_serve_http_file() makes it very
 * 				simple to send back a file to the client.
 */
extern int callback(struct libwebsocket * wsi,
			 enum libwebsocket_callback_reasons reason, void * user,
							  void *in, size_t len);


void 
libwebsocket_close_and_free_session(struct libwebsocket *wsi)
{
	int n = wsi->state;

	wsi->state = WSI_STATE_DEAD_SOCKET;

	if (wsi->protocol->callback && n == WSI_STATE_ESTABLISHED)
		wsi->protocol->callback(wsi, LWS_CALLBACK_CLOSED,
						      wsi->user_space, NULL, 0);

	for (n = 0; n < WSI_TOKEN_COUNT; n++)
		if (wsi->utf8_token[n].token)
			free(wsi->utf8_token[n].token);

//	fprintf(stderr, "closing fd=%d\n", wsi->sock);

#ifdef LWS_OPENSSL_SUPPORT
	if (use_ssl) {
		n = SSL_get_fd(wsi->ssl);
		SSL_shutdown(wsi->ssl);
		close(n);
		SSL_free(wsi->ssl);
	} else {
#endif
		shutdown(wsi->sock, SHUT_RDWR);
		close(wsi->sock);
#ifdef LWS_OPENSSL_SUPPORT
	}
#endif
	if (wsi->user_space)
		free(wsi->user_space);

	free(wsi);
}

/**
 * libwebsocket_create_server() - Create the listening websockets server
 * @port:	Port to listen on
 * @protocols:	Array of structures listing supported protocols and a protocol-
 * 		specific callback for each one.  The list is ended with an
 * 		entry that has a NULL callback pointer.
 * @ssl_cert_filepath:	If libwebsockets was compiled to use ssl, and you want
 * 			to listen using SSL, set to the filepath to fetch the
 * 			server cert from, otherwise NULL for unencrypted
 * @ssl_private_key_filepath: filepath to private key if wanting SSL mode,
 * 			else ignored
 * @gid:	group id to change to after setting listen socket, or -1.
 * @uid:	user id to change to after setting listen socket, or -1.
 * 
 * 	This function creates the listening socket and takes care
 * 	of all initialization in one step.
 *
 * 	It does not return since it sits in a service loop and operates via the
 * 	callbacks given in @protocol.  User code should fork before calling
 * 	libwebsocket_create_server() if it wants to do other things in
 * 	parallel other than serve websockets.
 * 
 * 	The protocol callback functions are called for a handful of events
 * 	including http requests coming in, websocket connections becoming
 * 	established, and data arriving; it's also called periodically to allow
 * 	async transmission.
 *
 * 	HTTP requests are sent always to the FIRST protocol in @protocol, since
 * 	at that time websocket protocol has not been negotiated.  Other
 * 	protocols after the first one never see any HTTP callack activity.
 * 
 * 	The server created is a simple http server by default; part of the
 * 	websocket standard is upgrading this http connection to a websocket one.
 * 
 * 	This allows the same server to provide files like scripts and favicon /
 * 	images or whatever over http and dynamic data over websockets all in
 * 	one place; they're all handled in the user callback.
 */

int libwebsocket_create_server(int port,
			       const struct libwebsocket_protocols *protocols,
			       const char * ssl_cert_filepath,
			       const char * ssl_private_key_filepath,
			       int gid, int uid)
{
	int n;
	int client;
	int sockfd;
	int fd;
	unsigned int clilen;
	struct sockaddr_in serv_addr, cli_addr;
	struct libwebsocket *wsi[MAX_CLIENTS + 1];
	struct pollfd fds[MAX_CLIENTS + 1];
	int fds_count = 0;
	unsigned char buf[1024];
	int opt = 1;

#ifdef LWS_OPENSSL_SUPPORT
	const SSL_METHOD *method;
	char ssl_err_buf[512];

	use_ssl = ssl_cert_filepath != NULL && ssl_private_key_filepath != NULL;
	if (use_ssl)
		fprintf(stderr, " Compiled with SSL support, using it\n");
	else
		fprintf(stderr, " Compiled with SSL support, not using it\n");

#else
	if (ssl_cert_filepath != NULL && ssl_private_key_filepath != NULL) {
		fprintf(stderr, " Not compiled for OpenSSl support!\n");
		return -1;
	}
	fprintf(stderr, " Compiled without SSL support, serving unencrypted\n");
#endif

#ifdef LWS_OPENSSL_SUPPORT
	if (use_ssl) {
		SSL_library_init();

		OpenSSL_add_all_algorithms();
		SSL_load_error_strings();

			// Firefox insists on SSLv23 not SSLv3
			// Konq disables SSLv2 by default now, SSLv23 works

		method = SSLv23_server_method();   // create server instance
		if (!method) {
			fprintf(stderr, "problem creating ssl method: %s\n",
				ERR_error_string(ERR_get_error(), ssl_err_buf));
			return -1;
		}
		ssl_ctx = SSL_CTX_new(method);	/* create context */
		if (!ssl_ctx) {
			printf("problem creating ssl context: %s\n",
				ERR_error_string(ERR_get_error(), ssl_err_buf));
			return -1;
		}
		/* set the local certificate from CertFile */
		n = SSL_CTX_use_certificate_file(ssl_ctx,
					ssl_cert_filepath, SSL_FILETYPE_PEM);
		if (n != 1) {
			fprintf(stderr, "problem getting cert '%s': %s\n",
				ssl_cert_filepath,
				ERR_error_string(ERR_get_error(), ssl_err_buf));
			return -1;
		}
		/* set the private key from KeyFile */
		if (SSL_CTX_use_PrivateKey_file(ssl_ctx,
						ssl_private_key_filepath,
						SSL_FILETYPE_PEM) != 1) {
			fprintf(stderr, "ssl problem getting key '%s': %s\n",
						ssl_private_key_filepath,
				ERR_error_string(ERR_get_error(), ssl_err_buf));
			return (-1);
		}
		/* verify private key */
		if (!SSL_CTX_check_private_key(ssl_ctx)) {
			fprintf(stderr, "Private SSL key doesn't match cert\n");
			return (-1);
		}

		/* SSL is happy and has a cert it's content with */
	}
#endif
  
	sockfd = socket(AF_INET, SOCK_STREAM, 0);
	if (sockfd < 0) {
		fprintf(stderr, "ERROR opening socket");
		return -1;
	}
	
	/* allow us to restart even if old sockets in TIME_WAIT */
	setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));

	bzero((char *) &serv_addr, sizeof(serv_addr));
	serv_addr.sin_family = AF_INET;
	serv_addr.sin_addr.s_addr = INADDR_ANY;
	serv_addr.sin_port = htons(port);

	n = bind(sockfd, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
	if (n < 0) {
              fprintf(stderr, "ERROR on binding to port %d (%d %d)\n", port, n,
									 errno);
              return -1;
        }
 
	/* drop any root privs for this process */

	if (gid != -1)
		if (setgid(gid))
			fprintf(stderr, "setgid: %s\n", strerror(errno));
	if (uid != -1)
		if (setuid(uid))
			fprintf(stderr, "setuid: %s\n", strerror(errno));

 	/*
	 * sit there listening for connects, accept and service connections
	 * in a poll loop, without any forking
	 */

	listen(sockfd, 5);
	fprintf(stderr, " Listening on port %d\n", port);
 	
	fds[0].fd = sockfd;
	fds_count = 1;
	fds[0].events = POLLIN;
    
	while (1) {

 		n = poll(fds, fds_count, 50);
		if (n < 0 || fds[0].revents & (POLLERR | POLLHUP)) {
			fprintf(stderr, "Listen Socket dead\n");
			goto fatal;
		}
		if (n == 0) /* poll timeout */
			goto poll_out;

		if (fds[0].revents & POLLIN) {

			/* listen socket got an unencrypted connection... */

			clilen = sizeof(cli_addr);
			fd  = accept(sockfd,
				     (struct sockaddr *)&cli_addr,
							       &clilen);
			if (fd < 0) {
				fprintf(stderr, "ERROR on accept");
				continue;
			}

			if (fds_count >= MAX_CLIENTS) {
				fprintf(stderr, "too busy");
				close(fd);
				continue;
			}

			wsi[fds_count] = malloc(sizeof(struct libwebsocket));
			if (!wsi[fds_count])
				return -1;

#ifdef LWS_OPENSSL_SUPPORT
			if (use_ssl) {

				wsi[fds_count]->ssl = SSL_new(ssl_ctx);
				if (wsi[fds_count]->ssl == NULL) {
					fprintf(stderr, "SSL_new failed: %s\n",
					    ERR_error_string(SSL_get_error(
					        wsi[fds_count]->ssl, 0), NULL));
					free(wsi[fds_count]);
					continue;
				}

				SSL_set_fd(wsi[fds_count]->ssl, fd);

				n = SSL_accept(wsi[fds_count]->ssl);
				if (n != 1) {
					/*
					 * browsers seem to probe with various
					 * ssl params which fail then retry
					 * and succeed
					 */
					debug("SSL_accept failed skt %u: %s\n",
						fd,
						ERR_error_string(SSL_get_error(
						wsi[fds_count]->ssl, n), NULL));
					SSL_free(wsi[fds_count]->ssl);
					free(wsi[fds_count]);
					continue;
				}
				debug("accepted new SSL conn  "
				      "port %u on fd=%d SSL ver %s\n",
					ntohs(cli_addr.sin_port), fd,
					  SSL_get_version(wsi[fds_count]->ssl));
				
			} else
#endif
				debug("accepted new conn  port %u on fd=%d\n",
						  ntohs(cli_addr.sin_port), fd);
			
			/* intialize the instance struct */

			wsi[fds_count]->sock = fd;
			wsi[fds_count]->state = WSI_STATE_HTTP;
			wsi[fds_count]->name_buffer_pos = 0;

			for (n = 0; n < WSI_TOKEN_COUNT; n++) {
				wsi[fds_count]->utf8_token[n].token = NULL;
				wsi[fds_count]->utf8_token[n].token_len = 0;
			}

			/*
			 * these can only be set once the protocol is known
			 * we set an unestablished connection's protocol pointer
			 * to the start of the supported list, so it can look
			 * for matching ones during the handshake
			 */
			wsi[fds_count]->protocol = protocols;
			wsi[fds_count]->user_space = NULL;

			/*
			 * Default protocol is 76
			 * After 76, there's a header specified to inform which
			 * draft the client wants, when that's seen we modify
			 * the individual connection's spec revision accordingly
			 */
			wsi[fds_count]->ietf_spec_revision = 76;

			fds[fds_count].events = POLLIN;
			fds[fds_count++].fd = fd;

			/*
			 * make sure NO events are seen yet on this new socket
			 * (otherwise we inherit old fds[client].revents from
			 * previous socket there and die mysteriously! )
			 */
			fds[client].revents = 0;
		}
		
		/* check for activity on client sockets */
		
		for (client = 1; client < fds_count; client++) {
			
			/* handle session socket closed */
			
			if (fds[client].revents & (POLLERR | POLLHUP)) {
				
				debug("Session Socket %d %p (fd=%d) dead\n",
					      client, wsi[client], fds[client]);

				libwebsocket_close_and_free_session(
								   wsi[client]);
				goto nuke_this;
			}
			
			/* any incoming data ready? */

			if (!(fds[client].revents & POLLIN))
				continue;

#ifdef LWS_OPENSSL_SUPPORT
			if (use_ssl)
				n = SSL_read(wsi[client]->ssl, buf, sizeof buf);
			else
#endif
				n = recv(fds[client].fd, buf, sizeof(buf), 0);

			if (n < 0) {
				fprintf(stderr, "Socket read returned %d\n", n);
				continue;
			}
			if (!n) {
//				fprintf(stderr, "POLLIN with 0 len waiting\n");
				libwebsocket_close_and_free_session(
								   wsi[client]);
				goto nuke_this;
			}
			
			/* service incoming data */

			if (libwebsocket_read(wsi[client], buf, n) >= 0)
				continue;
			
			/*
			 * it closed and nuked wsi[client], so remove the
			 * socket handle and wsi from our service list
			 */
nuke_this:

			debug("nuking wsi %p, fsd_count = %d\n",
						   wsi[client], fds_count - 1);

			fds_count--;
			for (n = client; n < fds_count; n++) {
				fds[n] = fds[n + 1];
				wsi[n] = wsi[n + 1];
			}
			break;
		}

poll_out:		
		for (client = 1; client < fds_count; client++) {

			if (wsi[client]->state != WSI_STATE_ESTABLISHED)
				continue;

			wsi[client]->protocol->callback(wsi[client],
							LWS_CALLBACK_SEND, 
							wsi[client]->user_space,
								       NULL, 0);
		}
		
		continue;		
	}
	
fatal:
	/* listening socket */
	close(fds[0].fd);
	for (client = 1; client < fds_count; client++)
		libwebsocket_close_and_free_session(wsi[client]);

#ifdef LWS_OPENSSL_SUPPORT
	SSL_CTX_free(ssl_ctx);
#endif
	kill(0, SIGTERM);
	
	return 0;
}