Author: Andy Green Date: Wed Apr 11 06:39:42 2018 +0100 refactor role ops This only refactors internal architecture and representations, the user api is unaffected. diff --git a/CMakeLists.txt b/CMakeLists.txt index de16b5d..260979c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -196,6 +196,18 @@ if(GIT_EXECUTABLE) message("Git commit hash: ${LWS_BUILD_HASH}") endif() +# translate old functionality enables to set up ROLE enables so nothing changes + +set(LWS_ROLE_H1 1) +set(LWS_ROLE_WS 1) +set(LWS_ROLE_RAW 1) +if (LWS_WITH_HTTP2) + set(LWS_ROLE_H2 1) +endif() +if (LWS_WITH_CGI) + set(LWS_ROLE_CGI 1) +endif() + if (LWS_WITH_HTTP2 AND LWS_WITHOUT_SERVER) message(FATAL_ERROR "HTTP2 can only be used with server at the moment") endif() @@ -449,8 +461,10 @@ else() set(LWS_OPENSSL_CLIENT_CERTS /etc/pki/tls/certs/ CACHE PATH "Client SSL certificate directory") endif() -if (LWS_WITH_SSL) +# LWS_OPENSSL_SUPPORT deprecated... use LWS_WITH_TLS +if (LWS_WITH_SSL OR LWS_WITH_MBEDTLS) set(LWS_OPENSSL_SUPPORT 1) + set(LWS_WITH_TLS 1) endif() if (LWS_SSL_CLIENT_USE_OS_CA_CERTS) @@ -673,37 +687,70 @@ set(HDR_PUBLIC set(SOURCES lib/misc/base64-decode.c - lib/handshake.c lib/libwebsockets.c lib/service.c lib/pollfd.c lib/output.c - lib/server/parsers.c + lib/roles/http/server/parsers.c lib/context.c lib/alloc.c - lib/header.c + lib/roles/http/header.c + lib/roles/pipe/ops-pipe.c lib/misc/lws-ring.c) -if (LWS_WITH_CGI) +if (LWS_ROLE_H1) + list(APPEND SOURCES + lib/roles/h1/ops-h1.c) + if (NOT LWS_WITHOUT_CLIENT) + list(APPEND SOURCES + lib/roles/h1/client-h1.c) + endif() +endif() + +if (LWS_ROLE_WS) + list(APPEND SOURCES + lib/roles/ws/ops-ws.c) + if (NOT LWS_WITHOUT_CLIENT) + list(APPEND SOURCES + lib/roles/ws/client-ws.c + lib/roles/ws/client-parser.c) + endif() + if (NOT LWS_WITHOUT_SERVER) + list(APPEND SOURCES + lib/roles/ws/server-ws.c) + endif() +endif() + +if (LWS_ROLE_RAW) list(APPEND SOURCES - lib/server/cgi.c) + lib/roles/raw/ops-raw.c) +endif() + +if (LWS_ROLE_CGI) + list(APPEND SOURCES + lib/roles/cgi/cgi-server.c + lib/roles/cgi/ops-cgi.c) endif() if (LWS_WITH_ACCESS_LOG) list(APPEND SOURCES - lib/server/access-log.c) + lib/roles/http/server/access-log.c) endif() if (LWS_WITH_PEER_LIMITS) list(APPEND SOURCES - lib/server/peer-limits.c) + lib/misc/peer-limits.c) endif() if (NOT LWS_WITHOUT_CLIENT) list(APPEND SOURCES - lib/client/client.c - lib/client/client-handshake.c - lib/client/client-parser.c) + lib/roles/http/client/client.c + lib/roles/http/client/client-handshake.c) +endif() + +if (NOT LWS_WITHOUT_SERVER) + list(APPEND SOURCES + lib/roles/listen/ops-listen.c) endif() if (LWS_WITH_MBEDTLS) @@ -785,7 +832,7 @@ if (LWS_WITH_SSL) if (NOT LWS_WITHOUT_SERVER) list(APPEND SOURCES - lib/server/ssl-server.c) + lib/tls/tls-server.c) if (LWS_WITH_MBEDTLS) list(APPEND SOURCES lib/tls/mbedtls/mbedtls-server.c) @@ -796,7 +843,7 @@ if (LWS_WITH_SSL) endif() if (NOT LWS_WITHOUT_CLIENT) list(APPEND SOURCES - lib/client/ssl-client.c) + lib/tls/tls-client.c) if (LWS_WITH_MBEDTLS) list(APPEND SOURCES lib/tls/mbedtls/mbedtls-client.c) @@ -815,9 +862,10 @@ endif() if (LWS_WITH_HTTP2 AND NOT LWS_WITHOUT_SERVER) list(APPEND SOURCES - lib/http2/http2.c - lib/http2/hpack.c - lib/http2/ssl-http2.c) + lib/roles/h2/http2.c + lib/roles/h2/hpack.c + lib/roles/h2/ssl-http2.c + lib/roles/h2/ops-h2.c) endif() # select the active platform files @@ -843,22 +891,21 @@ endif() if (NOT LWS_WITHOUT_SERVER) list(APPEND SOURCES - lib/server/server.c - lib/server/lws-spa.c - lib/server/server-handshake.c) + lib/roles/http/server/server.c + lib/roles/http/server/lws-spa.c) endif() if (NOT LWS_WITHOUT_EXTENSIONS) list(APPEND HDR_PRIVATE - lib/ext/extension-permessage-deflate.h) + lib/roles/ws/ext/extension-permessage-deflate.h) list(APPEND SOURCES - lib/ext/extension.c - lib/ext/extension-permessage-deflate.c) + lib/roles/ws/ext/extension.c + lib/roles/ws/ext/extension-permessage-deflate.c) endif() if (LWS_WITH_HTTP_PROXY) list(APPEND SOURCES - lib/server/rewrite.c) + lib/roles/http/server/rewrite.c) endif() if (LWS_WITH_LIBEV) @@ -882,7 +929,7 @@ if (LWS_WITH_LEJP) endif() if (LWS_WITH_LEJP_CONF) list(APPEND SOURCES - "lib/server/lejp-conf.c" + "lib/roles/http/server/lejp-conf.c" ) endif() @@ -893,13 +940,13 @@ endif() if (LWS_WITH_RANGES) list(APPEND SOURCES - lib/server/ranges.c) + lib/roles/http/server/ranges.c) endif() if (LWS_WITH_ZIP_FOPS) if (LWS_WITH_ZLIB) list(APPEND SOURCES - lib/server/fops-zip.c) + lib/roles/http/server/fops-zip.c) else() message(FATAL_ERROR "Pre-zipped file support (LWS_WITH_ZIP_FOPS) requires ZLIB (LWS_WITH_ZLIB)") endif() @@ -930,7 +977,7 @@ else() # Unix. if (NOT LWS_WITHOUT_DAEMONIZE) list(APPEND SOURCES - lib/server/daemonize.c) + lib/misc/daemonize.c) endif() endif() diff --git a/cmake/lws_config.h.in b/cmake/lws_config.h.in index b9652dd..ed99139 100644 --- a/cmake/lws_config.h.in +++ b/cmake/lws_config.h.in @@ -8,6 +8,12 @@ #define LWS_INSTALL_DATADIR "${CMAKE_INSTALL_PREFIX}/share" +#cmakedefine LWS_ROLE_H1 +#cmakedefine LWS_ROLE_WS +#cmakedefine LWS_ROLE_RAW +#cmakedefine LWS_ROLE_H2 +#cmakedefine LWS_ROLE_CGI + /* Define to 1 to use wolfSSL/CyaSSL as a replacement for OpenSSL. * LWS_OPENSSL_SUPPORT needs to be set also for this to work. */ #cmakedefine USE_WOLFSSL @@ -36,8 +42,9 @@ /* The current git commit hash that we're building from */ #cmakedefine LWS_BUILD_HASH "${LWS_BUILD_HASH}" -/* Build with OpenSSL support */ +/* Build with OpenSSL support ... alias of LWS_WITH_TLS for compatibility*/ #cmakedefine LWS_OPENSSL_SUPPORT +#cmakedefine LWS_WITH_TLS /* The client should load and trust CA root certs it finds in the OS */ #cmakedefine LWS_SSL_CLIENT_USE_OS_CA_CERTS diff --git a/lib/client/client-handshake.c b/lib/client/client-handshake.c deleted file mode 100644 index 35e8075..0000000 --- a/lib/client/client-handshake.c +++ /dev/null @@ -1,1233 +0,0 @@ -#include "private-libwebsockets.h" - -static int -lws_getaddrinfo46(struct lws *wsi, const char *ads, struct addrinfo **result) -{ - struct addrinfo hints; - - memset(&hints, 0, sizeof(hints)); - *result = NULL; - -#ifdef LWS_WITH_IPV6 - if (wsi->ipv6) { - -#if !defined(__ANDROID__) - hints.ai_family = AF_INET6; - hints.ai_flags = AI_V4MAPPED; -#endif - } else -#endif - { - hints.ai_family = PF_UNSPEC; - hints.ai_socktype = SOCK_STREAM; - } - - return getaddrinfo(ads, NULL, &hints, result); -} - -struct lws * -lws_client_connect_2(struct lws *wsi) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - const char *cce = "", *iface, *adsin, *meth; - struct lws *wsi_piggy = NULL; - struct addrinfo *result; - struct lws_pollfd pfd; - ssize_t plen = 0; - const char *ads; - sockaddr46 sa46; - int n, port; -#ifdef LWS_WITH_IPV6 - char ipv6only = lws_check_opt(wsi->vhost->options, - LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY | - LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE); - -#if defined(__ANDROID__) - ipv6only = 0; -#endif -#endif - - lwsl_client("%s\n", __func__); - - if (!wsi->ah) { - cce = "ah was NULL at cc2"; - lwsl_err("%s\n", cce); - goto oom4; - } - - /* we can only piggyback GET */ - - meth = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); - if (meth && strcmp(meth, "GET")) - goto create_new_conn; - - /* we only pipeline connections that said it was okay */ - - if (!wsi->client_pipeline) - goto create_new_conn; - - /* - * let's take a look first and see if there are any already-active - * client connections we can piggy-back on. - */ - - adsin = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); - lws_vhost_lock(wsi->vhost); - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - wsi->vhost->dll_active_client_conns.next) { - struct lws *w = lws_container_of(d, struct lws, - dll_active_client_conns); - - if (w->client_hostname_copy && - !strcmp(adsin, w->client_hostname_copy) && -#ifdef LWS_OPENSSL_SUPPORT - (wsi->use_ssl & (LCCSCF_NOT_H2 | LCCSCF_USE_SSL)) == - (w->use_ssl & (LCCSCF_NOT_H2 | LCCSCF_USE_SSL)) && -#endif - wsi->c_port == w->c_port) { - - /* someone else is already connected to the right guy */ - - /* do we know for a fact pipelining won't fly? */ - if (w->keepalive_rejected) { - lwsl_notice("defeating pipelining due to no KA on server\n"); - goto create_new_conn; - } -#if defined (LWS_WITH_HTTP2) - /* - * h2: in usable state already: just use it without - * going through the queue - */ - if (w->client_h2_alpn && - (lwsi_state(w) == LRS_H2_WAITING_TO_SEND_HEADERS || - lwsi_state(w) == LRS_ESTABLISHED)) { - - lwsl_info("%s: just join h2 directly\n", - __func__); - - lws_wsi_h2_adopt(w, wsi); - lws_vhost_unlock(wsi->vhost); - - return wsi; - } -#endif - - lwsl_info("applying %p to txn queue on %p (%d)\n", wsi, w, - lwsi_state(w)); - /* - * ...let's add ourselves to his transaction queue... - */ - lws_dll_lws_add_front(&wsi->dll_client_transaction_queue, - &w->dll_client_transaction_queue_head); - - /* - * h1: pipeline our headers out on him, - * and wait for our turn at client transaction_complete - * to take over parsing the rx. - */ - - wsi_piggy = w; - - lws_vhost_unlock(wsi->vhost); - goto send_hs; - } - - } lws_end_foreach_dll_safe(d, d1); - lws_vhost_unlock(wsi->vhost); - -create_new_conn: - - /* - * clients who will create their own fresh connection keep a copy of - * the hostname they originally connected to, in case other connections - * want to use it too - */ - - if (!wsi->client_hostname_copy) - wsi->client_hostname_copy = - strdup(lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_PEER_ADDRESS)); - - /* - * start off allowing ipv6 on connection if vhost allows it - */ - wsi->ipv6 = LWS_IPV6_ENABLED(wsi->vhost); - - /* Decide what it is we need to connect to: - * - * Priority 1: connect to http proxy */ - - if (wsi->vhost->http_proxy_port) { - plen = sprintf((char *)pt->serv_buf, - "CONNECT %s:%u HTTP/1.0\x0d\x0a" - "User-agent: libwebsockets\x0d\x0a", - lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS), - wsi->c_port); - - if (wsi->vhost->proxy_basic_auth_token[0]) - plen += sprintf((char *)pt->serv_buf + plen, - "Proxy-authorization: basic %s\x0d\x0a", - wsi->vhost->proxy_basic_auth_token); - - plen += sprintf((char *)pt->serv_buf + plen, "\x0d\x0a"); - ads = wsi->vhost->http_proxy_address; - port = wsi->vhost->http_proxy_port; - -#if defined(LWS_WITH_SOCKS5) - - /* Priority 2: Connect to SOCK5 Proxy */ - - } else if (wsi->vhost->socks_proxy_port) { - socks_generate_msg(wsi, SOCKS_MSG_GREETING, &plen); - lwsl_client("Sending SOCKS Greeting\n"); - ads = wsi->vhost->socks_proxy_address; - port = wsi->vhost->socks_proxy_port; -#endif - } else { - - /* Priority 3: Connect directly */ - - ads = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); - port = wsi->c_port; - } - - /* - * prepare the actual connection - * to whatever we decided to connect to - */ - - lwsl_info("%s: %p: address %s\n", __func__, wsi, ads); - - n = lws_getaddrinfo46(wsi, ads, &result); - -#ifdef LWS_WITH_IPV6 - if (wsi->ipv6) { - struct sockaddr_in6 *sa6 = - ((struct sockaddr_in6 *)result->ai_addr); - - if (n) { - /* lws_getaddrinfo46 failed, there is no usable result */ - lwsl_notice("%s: lws_getaddrinfo46 failed %d\n", - __func__, n); - cce = "ipv6 lws_getaddrinfo46 failed"; - goto oom4; - } - - memset(&sa46, 0, sizeof(sa46)); - - sa46.sa6.sin6_family = AF_INET6; - switch (result->ai_family) { - case AF_INET: - if (ipv6only) - break; - /* map IPv4 to IPv6 */ - bzero((char *)&sa46.sa6.sin6_addr, - sizeof(sa46.sa6.sin6_addr)); - sa46.sa6.sin6_addr.s6_addr[10] = 0xff; - sa46.sa6.sin6_addr.s6_addr[11] = 0xff; - memcpy(&sa46.sa6.sin6_addr.s6_addr[12], - &((struct sockaddr_in *)result->ai_addr)->sin_addr, - sizeof(struct in_addr)); - lwsl_notice("uplevelling AF_INET to AF_INET6\n"); - break; - - case AF_INET6: - memcpy(&sa46.sa6.sin6_addr, &sa6->sin6_addr, - sizeof(struct in6_addr)); - sa46.sa6.sin6_scope_id = sa6->sin6_scope_id; - sa46.sa6.sin6_flowinfo = sa6->sin6_flowinfo; - break; - default: - lwsl_err("Unknown address family\n"); - freeaddrinfo(result); - cce = "unknown address family"; - goto oom4; - } - } else -#endif /* use ipv6 */ - - /* use ipv4 */ - { - void *p = NULL; - - if (!n) { - struct addrinfo *res = result; - - /* pick the first AF_INET (IPv4) result */ - - while (!p && res) { - switch (res->ai_family) { - case AF_INET: - p = &((struct sockaddr_in *)res->ai_addr)->sin_addr; - break; - } - - res = res->ai_next; - } -#if defined(LWS_FALLBACK_GETHOSTBYNAME) - } else if (n == EAI_SYSTEM) { - struct hostent *host; - - lwsl_info("getaddrinfo (ipv4) failed, trying gethostbyname\n"); - host = gethostbyname(ads); - if (host) { - p = host->h_addr; - } else { - lwsl_err("gethostbyname failed\n"); - cce = "gethostbyname (ipv4) failed"; - goto oom4; - } -#endif - } else { - lwsl_err("getaddrinfo failed\n"); - cce = "getaddrinfo failed"; - goto oom4; - } - - if (!p) { - if (result) - freeaddrinfo(result); - lwsl_err("Couldn't identify address\n"); - cce = "unable to lookup address"; - goto oom4; - } - - sa46.sa4.sin_family = AF_INET; - sa46.sa4.sin_addr = *((struct in_addr *)p); - bzero(&sa46.sa4.sin_zero, 8); - } - - if (result) - freeaddrinfo(result); - - /* now we decided on ipv4 or ipv6, set the port */ - - if (!lws_socket_is_valid(wsi->desc.sockfd)) { - -#if defined(LWS_WITH_LIBUV) - if (LWS_LIBUV_ENABLED(context)) - if (lws_libuv_check_watcher_active(wsi)) { - lwsl_warn("Waiting for libuv watcher to close\n"); - cce = "waiting for libuv watcher to close"; - goto oom4; - } -#endif - -#ifdef LWS_WITH_IPV6 - if (wsi->ipv6) - wsi->desc.sockfd = socket(AF_INET6, SOCK_STREAM, 0); - else -#endif - wsi->desc.sockfd = socket(AF_INET, SOCK_STREAM, 0); - - if (!lws_socket_is_valid(wsi->desc.sockfd)) { - lwsl_warn("Unable to open socket\n"); - cce = "unable to open socket"; - goto oom4; - } - - if (lws_plat_set_socket_options(wsi->vhost, wsi->desc.sockfd)) { - lwsl_err("Failed to set wsi socket options\n"); - compatible_close(wsi->desc.sockfd); - cce = "set socket opts failed"; - goto oom4; - } - - lwsi_set_state(wsi, LRS_WAITING_CONNECT); - - lws_libev_accept(wsi, wsi->desc); - lws_libuv_accept(wsi, wsi->desc); - lws_libevent_accept(wsi, wsi->desc); - - if (__insert_wsi_socket_into_fds(context, wsi)) { - compatible_close(wsi->desc.sockfd); - cce = "insert wsi failed"; - goto oom4; - } - - lws_change_pollfd(wsi, 0, LWS_POLLIN); - - /* - * past here, we can't simply free the structs as error - * handling as oom4 does. We have to run the whole close flow. - */ - - if (!wsi->protocol) - wsi->protocol = &wsi->vhost->protocols[0]; - - wsi->protocol->callback(wsi, LWS_CALLBACK_WSI_CREATE, - wsi->user_space, NULL, 0); - - lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CONNECT_RESPONSE, - AWAITING_TIMEOUT); - - iface = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_IFACE); - - if (iface) { - n = lws_socket_bind(wsi->vhost, wsi->desc.sockfd, 0, iface); - if (n < 0) { - cce = "unable to bind socket"; - goto failed; - } - } - } - -#ifdef LWS_WITH_IPV6 - if (wsi->ipv6) { - sa46.sa6.sin6_port = htons(port); - n = sizeof(struct sockaddr_in6); - } else -#endif - { - sa46.sa4.sin_port = htons(port); - n = sizeof(struct sockaddr); - } - - if (connect(wsi->desc.sockfd, (const struct sockaddr *)&sa46, n) == -1 || - LWS_ERRNO == LWS_EISCONN) { - if (LWS_ERRNO == LWS_EALREADY || - LWS_ERRNO == LWS_EINPROGRESS || - LWS_ERRNO == LWS_EWOULDBLOCK -#ifdef _WIN32 - || LWS_ERRNO == WSAEINVAL -#endif - ) { - lwsl_client("nonblocking connect retry (errno = %d)\n", - LWS_ERRNO); - - if (lws_plat_check_connection_error(wsi)) { - cce = "socket connect failed"; - goto failed; - } - - /* - * must do specifically a POLLOUT poll to hear - * about the connect completion - */ - if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) { - cce = "POLLOUT set failed"; - goto failed; - } - - return wsi; - } - - if (LWS_ERRNO != LWS_EISCONN) { - lwsl_notice("Connect failed errno=%d\n", LWS_ERRNO); - cce = "connect failed"; - goto failed; - } - } - - lwsl_client("connected\n"); - - /* we are connected to server, or proxy */ - - /* http proxy */ - if (wsi->vhost->http_proxy_port) { - - /* - * OK from now on we talk via the proxy, so connect to that - * - * (will overwrite existing pointer, - * leaving old string/frag there but unreferenced) - */ - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, - wsi->vhost->http_proxy_address)) - goto failed; - wsi->c_port = wsi->vhost->http_proxy_port; - - n = send(wsi->desc.sockfd, (char *)pt->serv_buf, (int)plen, - MSG_NOSIGNAL); - if (n < 0) { - lwsl_debug("ERROR writing to proxy socket\n"); - cce = "proxy write failed"; - goto failed; - } - - lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_PROXY_RESPONSE, - AWAITING_TIMEOUT); - - lwsi_set_state(wsi, LRS_WAITING_PROXY_REPLY); - - return wsi; - } -#if defined(LWS_WITH_SOCKS5) - /* socks proxy */ - else if (wsi->vhost->socks_proxy_port) { - n = send(wsi->desc.sockfd, (char *)pt->serv_buf, plen, - MSG_NOSIGNAL); - if (n < 0) { - lwsl_debug("ERROR writing socks greeting\n"); - cce = "socks write failed"; - goto failed; - } - - lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SOCKS_GREETING_REPLY, - AWAITING_TIMEOUT); - - lwsi_set_state(wsi, LRS_WAITING_SOCKS_GREETING_REPLY); - - return wsi; - } -#endif - -send_hs: - if (wsi_piggy && - !lws_dll_is_null(&wsi->dll_client_transaction_queue)) { - /* - * We are pipelining on an already-established connection... - * we can skip tls establishment. - */ - - lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE2); - - /* - * we can't send our headers directly, because they have to - * be sent when the parent is writeable. The parent will check - * for anybody on his client transaction queue that is in - * LRS_H1C_ISSUE_HANDSHAKE2, and let them write. - * - * If we are trying to do this too early, before the master - * connection has written his own headers, - */ - lws_callback_on_writable(wsi_piggy); - lwsl_debug("wsi %p: waiting to send headers\n", wsi); - } else { - /* we are making our own connection */ - lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE); - - /* - * provoke service to issue the handshake directly. - * - * we need to do it this way because in the proxy case, this is - * the next state and executed only if and when we get a good - * proxy response inside the state machine... but notice in - * SSL case this may not have sent anything yet with 0 return, - * and won't until many retries from main loop. To stop that - * becoming endless, cover with a timeout. - */ - - lws_set_timeout(wsi, PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE, - AWAITING_TIMEOUT); - - pfd.fd = wsi->desc.sockfd; - pfd.events = LWS_POLLIN; - pfd.revents = LWS_POLLIN; - - n = lws_service_fd(context, &pfd); - if (n < 0) { - cce = "first service failed"; - goto failed; - } - if (n) /* returns 1 on failure after closing wsi */ - return NULL; - } - - /* - * If we made our own connection, and we're doing a method that can take - * a pipeline, we are an "active client connection". - * - * Add ourselves to the vhost list of those so that others can - * piggyback on our transaction queue - */ - - if (meth && !strcmp(meth, "GET") && - lws_dll_is_null(&wsi->dll_client_transaction_queue)) { - lws_vhost_lock(wsi->vhost); - lws_dll_lws_add_front(&wsi->dll_active_client_conns, - &wsi->vhost->dll_active_client_conns); - lws_vhost_unlock(wsi->vhost); - } - - return wsi; - -oom4: - /* we're closing, losing some rx is OK */ - lws_header_table_force_to_detachable_state(wsi); - - if (lwsi_role_client(wsi) && !(lwsi_state(wsi) & LWSIFS_NOTEST)) { - wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_CONNECTION_ERROR, - wsi->user_space, (void *)cce, strlen(cce)); - wsi->already_did_cce = 1; - } - /* take care that we might be inserted in fds already */ - if (wsi->position_in_fds_table != -1) - goto failed1; - lws_remove_from_timeout_list(wsi); - lws_header_table_detach(wsi, 0); - lws_client_stash_destroy(wsi); - lws_free_set_NULL(wsi->client_hostname_copy); - lws_free(wsi); - - return NULL; - -failed: - wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_CONNECTION_ERROR, - wsi->user_space, (void *)cce, strlen(cce)); - wsi->already_did_cce = 1; -failed1: - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "client_connect2"); - - return NULL; -} - -/** - * lws_client_reset() - retarget a connected wsi to start over with a new connection (ie, redirect) - * this only works if still in HTTP, ie, not upgraded yet - * wsi: connection to reset - * address: network address of the new server - * port: port to connect to - * path: uri path to connect to on the new server - * host: host header to send to the new server - */ -LWS_VISIBLE struct lws * -lws_client_reset(struct lws **pwsi, int ssl, const char *address, int port, - const char *path, const char *host) -{ - char origin[300] = "", protocol[300] = "", method[32] = "", - iface[16] = "", *p; - struct lws *wsi = *pwsi; - - if (wsi->redirects == 3) { - lwsl_err("%s: Too many redirects\n", __func__); - return NULL; - } - wsi->redirects++; - - p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN); - if (p) - lws_strncpy(origin, p, sizeof(origin)); - - p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); - if (p) - lws_strncpy(protocol, p, sizeof(protocol)); - - p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); - if (p) - lws_strncpy(method, p, sizeof(method)); - - p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_IFACE); - if (p) - lws_strncpy(method, p, sizeof(iface)); - - lwsl_info("redirect ads='%s', port=%d, path='%s', ssl = %d\n", - address, port, path, ssl); - - /* close the connection by hand */ - -#ifdef LWS_OPENSSL_SUPPORT - lws_ssl_close(wsi); -#endif - -#ifdef LWS_WITH_LIBUV - if (LWS_LIBUV_ENABLED(wsi->context)) { - lwsl_debug("%s: lws_libuv_closehandle: wsi %p\n", __func__, wsi); - /* - * libuv has to do his own close handle processing asynchronously - * but once it starts we can do everything else synchronously, - * including trash wsi->desc.sockfd since it took a copy. - * - * When it completes it will call compatible_close() - */ - lws_libuv_closehandle_manually(wsi); - } else -#else - compatible_close(wsi->desc.sockfd); -#endif - - __remove_wsi_socket_from_fds(wsi); - -#ifdef LWS_OPENSSL_SUPPORT - wsi->use_ssl = ssl; -#else - if (ssl) { - lwsl_err("%s: not configured for ssl\n", __func__); - return NULL; - } -#endif - - wsi->desc.sockfd = LWS_SOCK_INVALID; - lwsi_set_state(wsi, LRS_UNCONNECTED); - wsi->protocol = NULL; - wsi->pending_timeout = NO_PENDING_TIMEOUT; - wsi->c_port = port; - wsi->hdr_parsing_completed = 0; - _lws_header_table_reset(wsi->ah); - - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, address)) - return NULL; - - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_HOST, host)) - return NULL; - - if (origin[0]) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ORIGIN, - origin)) - return NULL; - if (protocol[0]) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, - protocol)) - return NULL; - if (method[0]) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_METHOD, - method)) - return NULL; - - if (iface[0]) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_IFACE, - iface)) - return NULL; - - origin[0] = '/'; - strncpy(&origin[1], path, sizeof(origin) - 2); - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_URI, origin)) - return NULL; - - *pwsi = lws_client_connect_2(wsi); - - return *pwsi; -} - -#ifdef LWS_WITH_HTTP_PROXY -static hubbub_error -html_parser_cb(const hubbub_token *token, void *pw) -{ - struct lws_rewrite *r = (struct lws_rewrite *)pw; - char buf[1024], *start = buf + LWS_PRE, *p = start, - *end = &buf[sizeof(buf) - 1]; - size_t i; - - switch (token->type) { - case HUBBUB_TOKEN_DOCTYPE: - - p += lws_snprintf(p, end - p, "data.doctype.name.len, - token->data.doctype.name.ptr, - token->data.doctype.force_quirks ? - "(force-quirks) " : ""); - - if (token->data.doctype.public_missing) - lwsl_debug("\tpublic: missing\n"); - else - p += lws_snprintf(p, end - p, "PUBLIC \"%.*s\"\n", - (int) token->data.doctype.public_id.len, - token->data.doctype.public_id.ptr); - - if (token->data.doctype.system_missing) - lwsl_debug("\tsystem: missing\n"); - else - p += lws_snprintf(p, end - p, " \"%.*s\">\n", - (int) token->data.doctype.system_id.len, - token->data.doctype.system_id.ptr); - - break; - case HUBBUB_TOKEN_START_TAG: - p += lws_snprintf(p, end - p, "<%.*s", (int)token->data.tag.name.len, - token->data.tag.name.ptr); - -/* (token->data.tag.self_closing) ? - "(self-closing) " : "", - (token->data.tag.n_attributes > 0) ? - "attributes:" : ""); -*/ - for (i = 0; i < token->data.tag.n_attributes; i++) { - if (!hstrcmp(&token->data.tag.attributes[i].name, "href", 4) || - !hstrcmp(&token->data.tag.attributes[i].name, "action", 6) || - !hstrcmp(&token->data.tag.attributes[i].name, "src", 3)) { - const char *pp = (const char *)token->data.tag.attributes[i].value.ptr; - int plen = (int) token->data.tag.attributes[i].value.len; - - if (strncmp(pp, "http:", 5) && strncmp(pp, "https:", 6)) { - - if (!hstrcmp(&token->data.tag.attributes[i].value, - r->from, r->from_len)) { - pp += r->from_len; - plen -= r->from_len; - } - p += lws_snprintf(p, end - p, " %.*s=\"%s/%.*s\"", - (int) token->data.tag.attributes[i].name.len, - token->data.tag.attributes[i].name.ptr, - r->to, plen, pp); - continue; - } - } - - p += lws_snprintf(p, end - p, " %.*s=\"%.*s\"", - (int) token->data.tag.attributes[i].name.len, - token->data.tag.attributes[i].name.ptr, - (int) token->data.tag.attributes[i].value.len, - token->data.tag.attributes[i].value.ptr); - } - p += lws_snprintf(p, end - p, ">"); - break; - case HUBBUB_TOKEN_END_TAG: - p += lws_snprintf(p, end - p, "data.tag.name.len, - token->data.tag.name.ptr); -/* - (token->data.tag.self_closing) ? - "(self-closing) " : "", - (token->data.tag.n_attributes > 0) ? - "attributes:" : ""); -*/ - for (i = 0; i < token->data.tag.n_attributes; i++) { - p += lws_snprintf(p, end - p, " %.*s='%.*s'\n", - (int) token->data.tag.attributes[i].name.len, - token->data.tag.attributes[i].name.ptr, - (int) token->data.tag.attributes[i].value.len, - token->data.tag.attributes[i].value.ptr); - } - p += lws_snprintf(p, end - p, ">"); - break; - case HUBBUB_TOKEN_COMMENT: - p += lws_snprintf(p, end - p, "\n", - (int) token->data.comment.len, - token->data.comment.ptr); - break; - case HUBBUB_TOKEN_CHARACTER: - if (token->data.character.len == 1) { - if (*token->data.character.ptr == '<') { - p += lws_snprintf(p, end - p, "<"); - break; - } - if (*token->data.character.ptr == '>') { - p += lws_snprintf(p, end - p, ">"); - break; - } - if (*token->data.character.ptr == '&') { - p += lws_snprintf(p, end - p, "&"); - break; - } - } - - p += lws_snprintf(p, end - p, "%.*s", (int) token->data.character.len, - token->data.character.ptr); - break; - case HUBBUB_TOKEN_EOF: - p += lws_snprintf(p, end - p, "\n"); - break; - } - - if (user_callback_handle_rxflow(r->wsi->protocol->callback, - r->wsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ, - r->wsi->user_space, start, p - start)) - return -1; - - return HUBBUB_OK; -} -#endif - -static char * -lws_strdup(const char *s) -{ - char *d = lws_malloc(strlen(s) + 1, "strdup"); - - if (d) - strcpy(d, s); - - return d; -} - -void -lws_client_stash_destroy(struct lws *wsi) -{ - if (!wsi || !wsi->stash) - return; - - lws_free_set_NULL(wsi->stash->address); - lws_free_set_NULL(wsi->stash->path); - lws_free_set_NULL(wsi->stash->host); - lws_free_set_NULL(wsi->stash->origin); - lws_free_set_NULL(wsi->stash->protocol); - lws_free_set_NULL(wsi->stash->method); - lws_free_set_NULL(wsi->stash->iface); - - lws_free_set_NULL(wsi->stash); -} - -LWS_VISIBLE struct lws * -lws_client_connect_via_info(struct lws_client_connect_info *i) -{ - struct lws *wsi; - int v = SPEC_LATEST_SUPPORTED; - const struct lws_protocols *p; - const char *local = i->protocol; - - if (i->context->requested_kill) - return NULL; - - if (!i->context->protocol_init_done) - lws_protocol_init(i->context); - /* - * If we have .local_protocol_name, use it to select the - * local protocol handler to bind to. Otherwise use .protocol if - * http[s]. - */ - if (i->local_protocol_name) - local = i->local_protocol_name; - - wsi = lws_zalloc(sizeof(struct lws), "client wsi"); - if (wsi == NULL) - goto bail; - - wsi->context = i->context; - /* assert the mode and union status (hdr) clearly */ - lws_role_transition(wsi, LWSI_ROLE_H1_CLIENT, LRS_UNCONNECTED); - wsi->desc.sockfd = LWS_SOCK_INVALID; - - /* 1) fill up the wsi with stuff from the connect_info as far as it - * can go. It's because not only is our connection async, we might - * not even be able to get ahold of an ah at this point. - */ - - if (!i->method) { /* ie, ws */ - /* allocate the ws struct for the wsi */ - wsi->ws = lws_zalloc(sizeof(*wsi->ws), "client ws struct"); - if (!wsi->ws) { - lwsl_notice("OOM\n"); - goto bail; - } - - /* -1 means just use latest supported */ - if (i->ietf_version_or_minus_one != -1 && - i->ietf_version_or_minus_one) - v = i->ietf_version_or_minus_one; - - wsi->ws->ietf_spec_revision = v; - } - - wsi->user_space = NULL; - wsi->pending_timeout = NO_PENDING_TIMEOUT; - wsi->position_in_fds_table = -1; - wsi->c_port = i->port; - wsi->vhost = i->vhost; - if (!wsi->vhost) - wsi->vhost = i->context->vhost_list; - - if (!wsi->vhost) { - lwsl_err("At least one vhost in the context is required\n"); - - goto bail; - } - - wsi->protocol = &wsi->vhost->protocols[0]; - wsi->client_pipeline = !!(i->ssl_connection & LCCSCF_PIPELINE); - - /* reasonable place to start */ - lwsi_set_role(wsi, LWSI_ROLE_H1_CLIENT); - - /* - * 1) for http[s] connection, allow protocol selection by name - * 2) for ws[s], if local_protocol_name given also use it for - * local protocol binding... this defeats the server - * protocol negotiation if so - * - * Otherwise leave at protocols[0]... the server will tell us - * which protocol we are associated with since we can give it a - * list. - */ - if (/*(i->method || i->local_protocol_name) && */local) { - lwsl_info("binding to %s\n", local); - p = lws_vhost_name_to_protocol(wsi->vhost, local); - if (p) - wsi->protocol = p; - } - - if (wsi && !wsi->user_space && i->userdata) { - wsi->user_space_externally_allocated = 1; - wsi->user_space = i->userdata; - } else - /* if we stay in http, we can assign the user space now, - * otherwise do it after the protocol negotiated - */ - if (i->method) - if (lws_ensure_user_space(wsi)) - goto bail; - -#ifdef LWS_OPENSSL_SUPPORT - wsi->use_ssl = i->ssl_connection; - - if (!i->method) /* !!! disallow ws for h2 right now */ - wsi->use_ssl |= LCCSCF_NOT_H2; -#else - if (i->ssl_connection & LCCSCF_USE_SSL) { - lwsl_err("libwebsockets not configured for ssl\n"); - goto bail; - } -#endif - - /* 2) stash the things from connect_info that we can't process without - * an ah. Because if no ah, we will go on the ah waiting list and - * process those things later (after the connect_info and maybe the - * things pointed to have gone out of scope. - */ - - wsi->stash = lws_zalloc(sizeof(*wsi->stash), "client stash"); - if (!wsi->stash) { - lwsl_err("%s: OOM\n", __func__); - goto bail1; - } - - wsi->stash->address = lws_strdup(i->address); - wsi->stash->path = lws_strdup(i->path); - wsi->stash->host = lws_strdup(i->host); - - if (!wsi->stash->address || !wsi->stash->path || !wsi->stash->host) - goto bail1; - - if (i->origin) { - wsi->stash->origin = lws_strdup(i->origin); - if (!wsi->stash->origin) - goto bail1; - } - if (i->protocol) { - wsi->stash->protocol = lws_strdup(i->protocol); - if (!wsi->stash->protocol) - goto bail1; - } - if (i->method) { - wsi->stash->method = lws_strdup(i->method); - if (!wsi->stash->method) - goto bail1; - } - if (i->iface) { - wsi->stash->iface = lws_strdup(i->iface); - if (!wsi->stash->iface) - goto bail1; - } - if (i->pwsi) - *i->pwsi = wsi; - - /* if we went on the waiting list, no probs just return the wsi - * when we get the ah, now or later, he will call - * lws_client_connect_via_info2() below. - */ - if (lws_header_table_attach(wsi, 0) < 0) { - /* - * if we failed here, the connection is already closed - * and freed. - */ - goto bail2; - } - - if (i->parent_wsi) { - lwsl_info("%s: created child %p of parent %p\n", __func__, - wsi, i->parent_wsi); - wsi->parent = i->parent_wsi; - wsi->sibling_list = i->parent_wsi->child_list; - i->parent_wsi->child_list = wsi; - } -#ifdef LWS_WITH_HTTP_PROXY - if (i->uri_replace_to) - wsi->rw = lws_rewrite_create(wsi, html_parser_cb, - i->uri_replace_from, - i->uri_replace_to); -#endif - - return wsi; - -bail1: - lws_client_stash_destroy(wsi); - -bail: - lws_free(wsi); - -bail2: - if (i->pwsi) - *i->pwsi = NULL; - - return NULL; -} - -struct lws * -lws_client_connect_via_info2(struct lws *wsi) -{ - struct client_info_stash *stash = wsi->stash; - - if (!stash) - return wsi; - - /* - * we're not necessarily in a position to action these right away, - * stash them... we only need during connect phase so u.hdr is fine - */ - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, - stash->address)) - goto bail1; - - /* these only need u.hdr lifetime as well */ - - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_URI, stash->path)) - goto bail1; - - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_HOST, stash->host)) - goto bail1; - - if (stash->origin) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ORIGIN, - stash->origin)) - goto bail1; - /* - * this is a list of protocols we tell the server we're okay with - * stash it for later when we compare server response with it - */ - if (stash->protocol) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, - stash->protocol)) - goto bail1; - if (stash->method) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_METHOD, - stash->method)) - goto bail1; - if (stash->iface) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_IFACE, - stash->iface)) - goto bail1; - -#if defined(LWS_WITH_SOCKS5) - if (!wsi->vhost->socks_proxy_port) - lws_client_stash_destroy(wsi); -#endif - - wsi->context->count_wsi_allocated++; - - return lws_client_connect_2(wsi); - -bail1: -#if defined(LWS_WITH_SOCKS5) - if (!wsi->vhost->socks_proxy_port) - lws_free_set_NULL(wsi->stash); -#endif - - return NULL; -} - -LWS_VISIBLE struct lws * -lws_client_connect_extended(struct lws_context *context, const char *address, - int port, int ssl_connection, const char *path, - const char *host, const char *origin, - const char *protocol, int ietf_version_or_minus_one, - void *userdata) -{ - struct lws_client_connect_info i; - - memset(&i, 0, sizeof(i)); - - i.context = context; - i.address = address; - i.port = port; - i.ssl_connection = ssl_connection; - i.path = path; - i.host = host; - i.origin = origin; - i.protocol = protocol; - i.ietf_version_or_minus_one = ietf_version_or_minus_one; - i.userdata = userdata; - - return lws_client_connect_via_info(&i); -} - -LWS_VISIBLE struct lws * -lws_client_connect(struct lws_context *context, const char *address, - int port, int ssl_connection, const char *path, - const char *host, const char *origin, - const char *protocol, int ietf_version_or_minus_one) -{ - struct lws_client_connect_info i; - - memset(&i, 0, sizeof(i)); - - i.context = context; - i.address = address; - i.port = port; - i.ssl_connection = ssl_connection; - i.path = path; - i.host = host; - i.origin = origin; - i.protocol = protocol; - i.ietf_version_or_minus_one = ietf_version_or_minus_one; - i.userdata = NULL; - - return lws_client_connect_via_info(&i); -} - -#if defined(LWS_WITH_SOCKS5) -void socks_generate_msg(struct lws *wsi, enum socks_msg_type type, - ssize_t *msg_len) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - ssize_t len = 0, n, passwd_len; - short net_num; - char *p; - - switch (type) { - case SOCKS_MSG_GREETING: - /* socks version, version 5 only */ - pt->serv_buf[len++] = SOCKS_VERSION_5; - /* number of methods */ - pt->serv_buf[len++] = 2; - /* username password method */ - pt->serv_buf[len++] = SOCKS_AUTH_USERNAME_PASSWORD; - /* no authentication method */ - pt->serv_buf[len++] = SOCKS_AUTH_NO_AUTH; - break; - - case SOCKS_MSG_USERNAME_PASSWORD: - n = strlen(wsi->vhost->socks_user); - passwd_len = strlen(wsi->vhost->socks_password); - - /* the subnegotiation version */ - pt->serv_buf[len++] = SOCKS_SUBNEGOTIATION_VERSION_1; - /* length of the user name */ - pt->serv_buf[len++] = n; - /* user name */ - lws_strncpy((char *)&pt->serv_buf[len], wsi->vhost->socks_user, - context->pt_serv_buf_size - len + 1); - len += n; - /* length of the password */ - pt->serv_buf[len++] = passwd_len; - /* password */ - lws_strncpy((char *)&pt->serv_buf[len], wsi->vhost->socks_password, - context->pt_serv_buf_size - len + 1); - len += passwd_len; - break; - - case SOCKS_MSG_CONNECT: - p = (char*)&net_num; - - /* socks version */ - pt->serv_buf[len++] = SOCKS_VERSION_5; - /* socks command */ - pt->serv_buf[len++] = SOCKS_COMMAND_CONNECT; - /* reserved */ - pt->serv_buf[len++] = 0; - /* address type */ - pt->serv_buf[len++] = SOCKS_ATYP_DOMAINNAME; - /* skip length, we fill it in at the end */ - n = len++; - - /* the address we tell SOCKS proxy to connect to */ - lws_strncpy((char *)&(pt->serv_buf[len]), wsi->stash->address, - context->pt_serv_buf_size - len + 1); - len += strlen(wsi->stash->address); - net_num = htons(wsi->c_port); - - /* the port we tell SOCKS proxy to connect to */ - pt->serv_buf[len++] = p[0]; - pt->serv_buf[len++] = p[1]; - - /* the length of the address, excluding port */ - pt->serv_buf[n] = strlen(wsi->stash->address); - break; - - default: - return; - } - - *msg_len = len; -} -#endif diff --git a/lib/client/client-parser.c b/lib/client/client-parser.c deleted file mode 100644 index 8c754eb..0000000 --- a/lib/client/client-parser.c +++ /dev/null @@ -1,606 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -/* - * parsers.c: lws_rx_sm() needs to be roughly kept in - * sync with changes here, esp related to ext draining - */ - -int lws_client_rx_sm(struct lws *wsi, unsigned char c) -{ - int callback_action = LWS_CALLBACK_CLIENT_RECEIVE; - int handled, n, m, rx_draining_ext = 0; - unsigned short close_code; - struct lws_tokens eff_buf; - unsigned char *pp; - - if (wsi->ws->rx_draining_ext) { - assert(!c); - eff_buf.token = NULL; - eff_buf.token_len = 0; - lws_remove_wsi_from_draining_ext_list(wsi); - rx_draining_ext = 1; - lwsl_debug("%s: doing draining flow\n", __func__); - - goto drain_extension; - } - - if (wsi->socket_is_permanently_unusable) - return -1; - - switch (wsi->lws_rx_parse_state) { - case LWS_RXPS_NEW: - /* control frames (PING) may interrupt checkable sequences */ - wsi->ws->defeat_check_utf8 = 0; - - switch (wsi->ws->ietf_spec_revision) { - case 13: - wsi->ws->opcode = c & 0xf; - /* revisit if an extension wants them... */ - switch (wsi->ws->opcode) { - case LWSWSOPC_TEXT_FRAME: - wsi->ws->rsv_first_msg = (c & 0x70); - wsi->ws->continuation_possible = 1; - wsi->ws->check_utf8 = lws_check_opt( - wsi->context->options, - LWS_SERVER_OPTION_VALIDATE_UTF8); - wsi->ws->utf8 = 0; - break; - case LWSWSOPC_BINARY_FRAME: - wsi->ws->rsv_first_msg = (c & 0x70); - wsi->ws->check_utf8 = 0; - wsi->ws->continuation_possible = 1; - break; - case LWSWSOPC_CONTINUATION: - if (!wsi->ws->continuation_possible) { - lwsl_info("disordered continuation\n"); - return -1; - } - break; - case LWSWSOPC_CLOSE: - wsi->ws->check_utf8 = 0; - wsi->ws->utf8 = 0; - break; - case 3: - case 4: - case 5: - case 6: - case 7: - case 0xb: - case 0xc: - case 0xd: - case 0xe: - case 0xf: - lwsl_info("illegal opcode\n"); - return -1; - default: - wsi->ws->defeat_check_utf8 = 1; - break; - } - wsi->ws->rsv = (c & 0x70); - /* revisit if an extension wants them... */ - if ( -#if !defined(LWS_WITHOUT_EXTENSIONS) - !wsi->count_act_ext && -#endif - wsi->ws->rsv) { - lwsl_info("illegal rsv bits set\n"); - return -1; - } - wsi->ws->final = !!((c >> 7) & 1); - lwsl_ext("%s: This RX frame Final %d\n", __func__, - wsi->ws->final); - - if (wsi->ws->owed_a_fin && - (wsi->ws->opcode == LWSWSOPC_TEXT_FRAME || - wsi->ws->opcode == LWSWSOPC_BINARY_FRAME)) { - lwsl_info("hey you owed us a FIN\n"); - return -1; - } - if ((!(wsi->ws->opcode & 8)) && wsi->ws->final) { - wsi->ws->continuation_possible = 0; - wsi->ws->owed_a_fin = 0; - } - - if ((wsi->ws->opcode & 8) && !wsi->ws->final) { - lwsl_info("control msg can't be fragmented\n"); - return -1; - } - if (!wsi->ws->final) - wsi->ws->owed_a_fin = 1; - - switch (wsi->ws->opcode) { - case LWSWSOPC_TEXT_FRAME: - case LWSWSOPC_BINARY_FRAME: - wsi->ws->frame_is_binary = wsi->ws->opcode == - LWSWSOPC_BINARY_FRAME; - break; - } - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN; - break; - - default: - lwsl_err("unknown spec version %02d\n", - wsi->ws->ietf_spec_revision); - break; - } - break; - - case LWS_RXPS_04_FRAME_HDR_LEN: - - wsi->ws->this_frame_masked = !!(c & 0x80); - - switch (c & 0x7f) { - case 126: - /* control frames are not allowed to have big lengths */ - if (wsi->ws->opcode & 8) - goto illegal_ctl_length; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_2; - break; - case 127: - /* control frames are not allowed to have big lengths */ - if (wsi->ws->opcode & 8) - goto illegal_ctl_length; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_8; - break; - default: - wsi->ws->rx_packet_length = c; - if (wsi->ws->this_frame_masked) - wsi->lws_rx_parse_state = - LWS_RXPS_07_COLLECT_FRAME_KEY_1; - else { - if (c) - wsi->lws_rx_parse_state = - LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; - else { - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - } - break; - } - break; - - case LWS_RXPS_04_FRAME_HDR_LEN16_2: - wsi->ws->rx_packet_length = c << 8; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_1; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN16_1: - wsi->ws->rx_packet_length |= c; - if (wsi->ws->this_frame_masked) - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_1; - else { - if (wsi->ws->rx_packet_length) - wsi->lws_rx_parse_state = - LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; - else { - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - } - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_8: - if (c & 0x80) { - lwsl_warn("b63 of length must be zero\n"); - /* kill the connection */ - return -1; - } -#if defined __LP64__ - wsi->ws->rx_packet_length = ((size_t)c) << 56; -#else - wsi->ws->rx_packet_length = 0; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_7; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_7: -#if defined __LP64__ - wsi->ws->rx_packet_length |= ((size_t)c) << 48; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_6; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_6: -#if defined __LP64__ - wsi->ws->rx_packet_length |= ((size_t)c) << 40; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_5; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_5: -#if defined __LP64__ - wsi->ws->rx_packet_length |= ((size_t)c) << 32; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_4; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_4: - wsi->ws->rx_packet_length |= ((size_t)c) << 24; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_3; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_3: - wsi->ws->rx_packet_length |= ((size_t)c) << 16; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_2; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_2: - wsi->ws->rx_packet_length |= ((size_t)c) << 8; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_1; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_1: - wsi->ws->rx_packet_length |= (size_t)c; - if (wsi->ws->this_frame_masked) - wsi->lws_rx_parse_state = - LWS_RXPS_07_COLLECT_FRAME_KEY_1; - else { - if (wsi->ws->rx_packet_length) - wsi->lws_rx_parse_state = - LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; - else { - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - } - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_1: - wsi->ws->mask[0] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_2; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_2: - wsi->ws->mask[1] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_3; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_3: - wsi->ws->mask[2] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_4; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_4: - wsi->ws->mask[3] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - - if (wsi->ws->rx_packet_length) - wsi->lws_rx_parse_state = - LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; - else { - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - break; - - case LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED: - - assert(wsi->ws->rx_ubuf); - - if (wsi->ws->rx_draining_ext) - goto drain_extension; - - if (wsi->ws->this_frame_masked && !wsi->ws->all_zero_nonce) - c ^= wsi->ws->mask[(wsi->ws->mask_idx++) & 3]; - - wsi->ws->rx_ubuf[LWS_PRE + (wsi->ws->rx_ubuf_head++)] = c; - - if (--wsi->ws->rx_packet_length == 0) { - /* spill because we have the whole frame */ - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - - /* - * if there's no protocol max frame size given, we are - * supposed to default to context->pt_serv_buf_size - */ - if (!wsi->protocol->rx_buffer_size && - wsi->ws->rx_ubuf_head != wsi->context->pt_serv_buf_size) - break; - - if (wsi->protocol->rx_buffer_size && - wsi->ws->rx_ubuf_head != wsi->protocol->rx_buffer_size) - break; - - /* spill because we filled our rx buffer */ -spill: - - handled = 0; - - /* - * is this frame a control packet we should take care of at this - * layer? If so service it and hide it from the user callback - */ - - switch (wsi->ws->opcode) { - case LWSWSOPC_CLOSE: - pp = (unsigned char *)&wsi->ws->rx_ubuf[LWS_PRE]; - if (lws_check_opt(wsi->context->options, - LWS_SERVER_OPTION_VALIDATE_UTF8) && - wsi->ws->rx_ubuf_head > 2 && - lws_check_utf8(&wsi->ws->utf8, pp + 2, - wsi->ws->rx_ubuf_head - 2)) - goto utf8_fail; - - /* is this an acknowledgment of our close? */ - if (lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) { - /* - * fine he has told us he is closing too, let's - * finish our close - */ - lwsl_parser("seen server's close ack\n"); - return -1; - } - - lwsl_parser("client sees server close len = %d\n", - wsi->ws->rx_ubuf_head); - if (wsi->ws->rx_ubuf_head >= 2) { - close_code = (pp[0] << 8) | pp[1]; - if (close_code < 1000 || - close_code == 1004 || - close_code == 1005 || - close_code == 1006 || - close_code == 1012 || - close_code == 1013 || - close_code == 1014 || - close_code == 1015 || - (close_code >= 1016 && close_code < 3000) - ) { - pp[0] = (LWS_CLOSE_STATUS_PROTOCOL_ERR >> 8) & 0xff; - pp[1] = LWS_CLOSE_STATUS_PROTOCOL_ERR & 0xff; - } - } - if (user_callback_handle_rxflow( - wsi->protocol->callback, wsi, - LWS_CALLBACK_WS_PEER_INITIATED_CLOSE, - wsi->user_space, pp, - wsi->ws->rx_ubuf_head)) - return -1; - - if (lws_partial_buffered(wsi)) - /* - * if we're in the middle of something, - * we can't do a normal close response and - * have to just close our end. - */ - wsi->socket_is_permanently_unusable = 1; - else - /* - * parrot the close packet payload back - * we do not care about how it went, we are closing - * immediately afterwards - */ - lws_write(wsi, (unsigned char *) - &wsi->ws->rx_ubuf[LWS_PRE], - wsi->ws->rx_ubuf_head, - LWS_WRITE_CLOSE); - lwsi_set_state(wsi, LRS_RETURNED_CLOSE); - /* close the connection */ - return -1; - - case LWSWSOPC_PING: - lwsl_info("received %d byte ping, sending pong\n", - wsi->ws->rx_ubuf_head); - - /* he set a close reason on this guy, ignore PING */ - if (wsi->ws->close_in_ping_buffer_len) - goto ping_drop; - - if (wsi->ws->ping_pending_flag) { - /* - * there is already a pending ping payload - * we should just log and drop - */ - lwsl_parser("DROP PING since one pending\n"); - goto ping_drop; - } - - /* control packets can only be < 128 bytes long */ - if (wsi->ws->rx_ubuf_head > 128 - 3) { - lwsl_parser("DROP PING payload too large\n"); - goto ping_drop; - } - - /* stash the pong payload */ - memcpy(wsi->ws->ping_payload_buf + LWS_PRE, - &wsi->ws->rx_ubuf[LWS_PRE], - wsi->ws->rx_ubuf_head); - - wsi->ws->ping_payload_len = wsi->ws->rx_ubuf_head; - wsi->ws->ping_pending_flag = 1; - - /* get it sent as soon as possible */ - lws_callback_on_writable(wsi); -ping_drop: - wsi->ws->rx_ubuf_head = 0; - handled = 1; - break; - - case LWSWSOPC_PONG: - lwsl_info("client receied pong\n"); - lwsl_hexdump(&wsi->ws->rx_ubuf[LWS_PRE], - wsi->ws->rx_ubuf_head); - - if (wsi->pending_timeout == - PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG) { - lwsl_info("%p: received expected PONG\n", wsi); - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - } - - /* issue it */ - callback_action = LWS_CALLBACK_CLIENT_RECEIVE_PONG; - break; - - case LWSWSOPC_CONTINUATION: - case LWSWSOPC_TEXT_FRAME: - case LWSWSOPC_BINARY_FRAME: - break; - - default: - - lwsl_parser("Reserved opc 0x%2X\n", wsi->ws->opcode); - - /* - * It's something special we can't understand here. - * Pass the payload up to the extension's parsing - * state machine. - */ - - eff_buf.token = &wsi->ws->rx_ubuf[LWS_PRE]; - eff_buf.token_len = wsi->ws->rx_ubuf_head; - - if (lws_ext_cb_active(wsi, - LWS_EXT_CB_EXTENDED_PAYLOAD_RX, - &eff_buf, 0) <= 0) { - /* not handled or failed */ - lwsl_ext("Unhandled ext opc 0x%x\n", - wsi->ws->opcode); - wsi->ws->rx_ubuf_head = 0; - - return 0; - } - handled = 1; - break; - } - - /* - * No it's real payload, pass it up to the user callback. - * It's nicely buffered with the pre-padding taken care of - * so it can be sent straight out again using lws_write - */ - if (handled) - goto already_done; - - eff_buf.token = &wsi->ws->rx_ubuf[LWS_PRE]; - eff_buf.token_len = wsi->ws->rx_ubuf_head; - - if (wsi->ws->opcode == LWSWSOPC_PONG && !eff_buf.token_len) - goto already_done; - -drain_extension: -#if !defined(LWS_WITHOUT_EXTENSIONS) - lwsl_ext("%s: passing %d to ext\n", __func__, eff_buf.token_len); - - n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, &eff_buf, 0); - lwsl_ext("Ext RX returned %d\n", n); - if (n < 0) { - wsi->socket_is_permanently_unusable = 1; - return -1; - } -#else - n = 0; -#endif - lwsl_ext("post inflate eff_buf len %d\n", eff_buf.token_len); - - if (rx_draining_ext && !eff_buf.token_len) { - lwsl_debug(" --- ending drain on 0 read result\n"); - goto already_done; - } - - if (wsi->ws->check_utf8 && !wsi->ws->defeat_check_utf8) { - if (lws_check_utf8(&wsi->ws->utf8, - (unsigned char *)eff_buf.token, - eff_buf.token_len)) - goto utf8_fail; - - /* we are ending partway through utf-8 character? */ - if (!wsi->ws->rx_packet_length && wsi->ws->final && - wsi->ws->utf8 && !n) { - lwsl_info("FINAL utf8 error\n"); -utf8_fail: - lwsl_info("utf8 error\n"); - return -1; - } - } - - if (eff_buf.token_len < 0 && - callback_action != LWS_CALLBACK_CLIENT_RECEIVE_PONG) - goto already_done; - - if (!eff_buf.token) - goto already_done; - - eff_buf.token[eff_buf.token_len] = '\0'; - - if (!wsi->protocol->callback) - goto already_done; - - if (callback_action == LWS_CALLBACK_CLIENT_RECEIVE_PONG) - lwsl_info("Client doing pong callback\n"); - - if ( - /* coverity says dead code otherwise */ -#if !defined(LWS_WITHOUT_EXTENSIONS) - n && -#endif - eff_buf.token_len) - /* extension had more... main loop will come back - * we want callback to be done with this set, if so, - * because lws_is_final() hides it was final until the - * last chunk - */ - lws_add_wsi_to_draining_ext_list(wsi); - else - lws_remove_wsi_from_draining_ext_list(wsi); - - if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || - lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE || - lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) - goto already_done; - - m = wsi->protocol->callback(wsi, - (enum lws_callback_reasons)callback_action, - wsi->user_space, eff_buf.token, eff_buf.token_len); - - /* if user code wants to close, let caller know */ - if (m) - return 1; - -already_done: - wsi->ws->rx_ubuf_head = 0; - break; - default: - lwsl_err("client rx illegal state\n"); - return 1; - } - - return 0; - -illegal_ctl_length: - lwsl_warn("Control frame asking for extended length is illegal\n"); - - /* kill the connection */ - return -1; -} - - diff --git a/lib/client/client.c b/lib/client/client.c deleted file mode 100644 index 46964bf..0000000 --- a/lib/client/client.c +++ /dev/null @@ -1,1602 +0,0 @@ -/* - * libwebsockets - lib/client/client.c - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -int -lws_handshake_client(struct lws *wsi, unsigned char **buf, size_t len) -{ - int m; - - if ((lwsi_state(wsi) != LRS_WAITING_PROXY_REPLY) && - (lwsi_state(wsi) != LRS_H1C_ISSUE_HANDSHAKE) && - (lwsi_state(wsi) != LRS_WAITING_SERVER_REPLY) && - !lwsi_role_client(wsi)) - return 0; - - while (len) { - /* - * we were accepting input but now we stopped doing so - */ - if (lws_is_flowcontrolled(wsi)) { - lwsl_debug("%s: caching %ld\n", __func__, (long)len); - lws_rxflow_cache(wsi, *buf, 0, (int)len); - return 0; - } - if (wsi->ws->rx_draining_ext) { -#if !defined(LWS_NO_CLIENT) - if (lwsi_role_client(wsi)) - m = lws_client_rx_sm(wsi, 0); - else -#endif - m = lws_rx_sm(wsi, 0); - if (m < 0) - return -1; - continue; - } - /* account for what we're using in rxflow buffer */ - if (wsi->rxflow_buffer) - wsi->rxflow_pos++; - - if (lws_client_rx_sm(wsi, *(*buf)++)) { - lwsl_debug("client_rx_sm exited\n"); - return -1; - } - len--; - } - lwsl_debug("%s: finished with %ld\n", __func__, (long)len); - - return 0; -} - -LWS_VISIBLE LWS_EXTERN void -lws_client_http_body_pending(struct lws *wsi, int something_left_to_send) -{ - wsi->client_http_body_pending = !!something_left_to_send; -} - -/* - * return self, or queued client wsi we are acting on behalf of - */ - -struct lws * -lws_client_wsi_effective(struct lws *wsi) -{ - struct lws *wsi_eff = wsi; - - if (!wsi->transaction_from_pipeline_queue || - !wsi->dll_client_transaction_queue_head.next) - return wsi; - - /* - * The head is the last queued transaction... so - * the guy we are fulfilling here is the tail - */ - - lws_vhost_lock(wsi->vhost); - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - wsi->dll_client_transaction_queue_head.next) { - if (d->next == NULL) - wsi_eff = lws_container_of(d, struct lws, - dll_client_transaction_queue); - } lws_end_foreach_dll_safe(d, d1); - lws_vhost_unlock(wsi->vhost); - - return wsi_eff; -} - -/* - * return self or the guy we are queued under - */ - -struct lws * -lws_client_wsi_master(struct lws *wsi) -{ - struct lws *wsi_eff = wsi; - struct lws_dll_lws *d; - - lws_vhost_lock(wsi->vhost); - d = wsi->dll_client_transaction_queue.prev; - while (d) { - wsi_eff = lws_container_of(d, struct lws, - dll_client_transaction_queue_head); - - d = d->prev; - } - lws_vhost_unlock(wsi->vhost); - - return wsi_eff; -} - -int -lws_client_socket_service(struct lws *wsi, struct lws_pollfd *pollfd, - struct lws *wsi_conn) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - char *p = (char *)&pt->serv_buf[0]; - struct lws *w; -#if defined(LWS_OPENSSL_SUPPORT) - char ebuf[128]; -#endif - const char *cce = NULL; - unsigned char c; - char *sb = p; - int n = 0; - ssize_t len = 0; -#if defined(LWS_WITH_SOCKS5) - char conn_mode = 0, pending_timeout = 0; -#endif - - if ((pollfd->revents & LWS_POLLOUT) && - wsi->keepalive_active && - wsi->dll_client_transaction_queue_head.next) { - - lwsl_debug("%s: pollout HANDSHAKE2\n", __func__); - - /* we have a transaction queue that wants to pipeline */ - lws_vhost_lock(wsi->vhost); - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - wsi->dll_client_transaction_queue_head.next) { - struct lws *w = lws_container_of(d, struct lws, - dll_client_transaction_queue); - - if (lwsi_state(w) == LRS_H1C_ISSUE_HANDSHAKE2) { - /* - * pollfd has the master sockfd in it... we - * need to use that in HANDSHAKE2 to understand - * which wsi to actually write on - */ - lws_client_socket_service(w, pollfd, wsi); - lws_callback_on_writable(wsi); - break; - } - } lws_end_foreach_dll_safe(d, d1); - lws_vhost_unlock(wsi->vhost); - - return 0; - } - - switch (lwsi_state(wsi)) { - - case LRS_WAITING_CONNECT: - - /* - * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE - * timeout protection set in client-handshake.c - */ - - if (!lws_client_connect_2(wsi)) { - /* closed */ - lwsl_client("closed\n"); - return -1; - } - - /* either still pending connection, or changed mode */ - return 0; - -#if defined(LWS_WITH_SOCKS5) - /* SOCKS Greeting Reply */ - case LRS_WAITING_SOCKS_GREETING_REPLY: - case LRS_WAITING_SOCKS_AUTH_REPLY: - case LRS_WAITING_SOCKS_CONNECT_REPLY: - - /* handle proxy hung up on us */ - - if (pollfd->revents & LWS_POLLHUP) { - lwsl_warn("SOCKS connection %p (fd=%d) dead\n", - (void *)wsi, pollfd->fd); - goto bail3; - } - - n = recv(wsi->desc.sockfd, sb, context->pt_serv_buf_size, 0); - if (n < 0) { - if (LWS_ERRNO == LWS_EAGAIN) { - lwsl_debug("SOCKS read EAGAIN, retrying\n"); - return 0; - } - lwsl_err("ERROR reading from SOCKS socket\n"); - goto bail3; - } - - switch (lwsi_state(wsi)) { - - case LRS_WAITING_SOCKS_GREETING_REPLY: - if (pt->serv_buf[0] != SOCKS_VERSION_5) - goto socks_reply_fail; - - if (pt->serv_buf[1] == SOCKS_AUTH_NO_AUTH) { - lwsl_client("SOCKS GR: No Auth Method\n"); - socks_generate_msg(wsi, SOCKS_MSG_CONNECT, &len); - conn_mode = LRS_WAITING_SOCKS_CONNECT_REPLY; - pending_timeout = - PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY; - goto socks_send; - } - - if (pt->serv_buf[1] == SOCKS_AUTH_USERNAME_PASSWORD) { - lwsl_client("SOCKS GR: User/Pw Method\n"); - socks_generate_msg(wsi, - SOCKS_MSG_USERNAME_PASSWORD, - &len); - conn_mode = LRS_WAITING_SOCKS_AUTH_REPLY; - pending_timeout = - PENDING_TIMEOUT_AWAITING_SOCKS_AUTH_REPLY; - goto socks_send; - } - goto socks_reply_fail; - - case LRS_WAITING_SOCKS_AUTH_REPLY: - if (pt->serv_buf[0] != SOCKS_SUBNEGOTIATION_VERSION_1 || - pt->serv_buf[1] != SOCKS_SUBNEGOTIATION_STATUS_SUCCESS) - goto socks_reply_fail; - - lwsl_client("SOCKS password OK, sending connect\n"); - socks_generate_msg(wsi, SOCKS_MSG_CONNECT, &len); - conn_mode = LRS_WAITING_SOCKS_CONNECT_REPLY; - pending_timeout = - PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY; -socks_send: - n = send(wsi->desc.sockfd, (char *)pt->serv_buf, len, - MSG_NOSIGNAL); - if (n < 0) { - lwsl_debug("ERROR writing to socks proxy\n"); - goto bail3; - } - - lws_set_timeout(wsi, pending_timeout, AWAITING_TIMEOUT); - lwsi_set_state(wsi, conn_mode); - break; - -socks_reply_fail: - lwsl_notice("socks reply: v%d, err %d\n", - pt->serv_buf[0], pt->serv_buf[1]); - goto bail3; - - case LRS_WAITING_SOCKS_CONNECT_REPLY: - if (pt->serv_buf[0] != SOCKS_VERSION_5 || - pt->serv_buf[1] != SOCKS_REQUEST_REPLY_SUCCESS) - goto socks_reply_fail; - - lwsl_client("socks connect OK\n"); - - /* free stash since we are done with it */ - lws_client_stash_destroy(wsi); - if (lws_hdr_simple_create(wsi, - _WSI_TOKEN_CLIENT_PEER_ADDRESS, - wsi->vhost->socks_proxy_address)) - goto bail3; - - wsi->c_port = wsi->vhost->socks_proxy_port; - - /* clear his proxy connection timeout */ - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - goto start_ws_handshake; - } - break; -#endif - - case LRS_WAITING_PROXY_REPLY: - - /* handle proxy hung up on us */ - - if (pollfd->revents & LWS_POLLHUP) { - - lwsl_warn("Proxy connection %p (fd=%d) dead\n", - (void *)wsi, pollfd->fd); - - goto bail3; - } - - n = recv(wsi->desc.sockfd, sb, context->pt_serv_buf_size, 0); - if (n < 0) { - if (LWS_ERRNO == LWS_EAGAIN) { - lwsl_debug("Proxy read EAGAIN... retrying\n"); - return 0; - } - lwsl_err("ERROR reading from proxy socket\n"); - goto bail3; - } - - pt->serv_buf[13] = '\0'; - if (strcmp(sb, "HTTP/1.0 200 ") && - strcmp(sb, "HTTP/1.1 200 ")) { - lwsl_err("ERROR proxy: %s\n", sb); - goto bail3; - } - - /* clear his proxy connection timeout */ - - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - - /* fallthru */ - - case LRS_H1C_ISSUE_HANDSHAKE: - - /* - * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE - * timeout protection set in client-handshake.c - * - * take care of our lws_callback_on_writable - * happening at a time when there's no real connection yet - */ -#if defined(LWS_WITH_SOCKS5) -start_ws_handshake: -#endif - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) - return -1; - -#ifdef LWS_OPENSSL_SUPPORT - /* we can retry this... just cook the SSL BIO the first time */ - - if ((wsi->use_ssl & LCCSCF_USE_SSL) && !wsi->ssl && - lws_ssl_client_bio_create(wsi) < 0) { - cce = "bio_create failed"; - goto bail3; - } - - if (wsi->use_ssl & LCCSCF_USE_SSL) { - n = lws_ssl_client_connect1(wsi); - if (!n) - return 0; - if (n < 0) { - cce = "lws_ssl_client_connect1 failed"; - goto bail3; - } - } else - wsi->ssl = NULL; - - /* fallthru */ - - case LRS_WAITING_SSL: - - if (wsi->use_ssl & LCCSCF_USE_SSL) { - n = lws_ssl_client_connect2(wsi, ebuf, sizeof(ebuf)); - if (!n) - return 0; - if (n < 0) { - cce = ebuf; - goto bail3; - } - } else - wsi->ssl = NULL; -#endif -#if defined (LWS_WITH_HTTP2) - if (wsi->client_h2_alpn) { - /* - * We connected to the server and set up tls, and - * negotiated "h2". - * - * So this is it, we are an h2 master client connection - * now, not an h1 client connection. - */ - lwsl_info("client connection upgraded to h2\n"); - lws_h2_configure_if_upgraded(wsi); - - lws_role_transition(wsi, LWSI_ROLE_H2_CLIENT, - LRS_H2_CLIENT_SEND_SETTINGS); - - /* send the H2 preface to legitimize the connection */ - if (lws_h2_issue_preface(wsi)) { - cce = "error sending h2 preface"; - goto bail3; - } - - break; - } -#endif - lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE2); - lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND, - context->timeout_secs); - - /* fallthru */ - - case LRS_H1C_ISSUE_HANDSHAKE2: - p = lws_generate_client_handshake(wsi, p); - if (p == NULL) { - if (lwsi_role_raw(wsi)) - return 0; - - lwsl_err("Failed to generate handshake for client\n"); - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "chs"); - return 0; - } - - /* send our request to the server */ - lws_latency_pre(context, wsi); - - w = lws_client_wsi_master(wsi); - lwsl_debug("%s: HANDSHAKE2: %p: sending headers on %p\n", - __func__, wsi, w); - - n = lws_ssl_capable_write(w, (unsigned char *)sb, (int)(p - sb)); - lws_latency(context, wsi, "send lws_issue_raw", n, - n == p - sb); - switch (n) { - case LWS_SSL_CAPABLE_ERROR: - lwsl_debug("ERROR writing to client socket\n"); - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "cws"); - return 0; - case LWS_SSL_CAPABLE_MORE_SERVICE: - lws_callback_on_writable(wsi); - break; - } - - if (wsi->client_http_body_pending) { - lwsi_set_state(wsi, LRS_ISSUE_HTTP_BODY); - lws_set_timeout(wsi, - PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD, - context->timeout_secs); - /* user code must ask for writable callback */ - break; - } - - lws_callback_on_writable(w); - - goto client_http_body_sent; - - case LRS_ISSUE_HTTP_BODY: - if (wsi->client_http_body_pending) { - lws_set_timeout(wsi, - PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD, - context->timeout_secs); - /* user code must ask for writable callback */ - break; - } -client_http_body_sent: - /* prepare ourselves to do the parsing */ - wsi->ah->parser_state = WSI_TOKEN_NAME_PART; - wsi->ah->lextable_pos = 0; - lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); - lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, - context->timeout_secs); - break; - - case LRS_WAITING_SERVER_REPLY: - /* - * handle server hanging up on us... - * but if there is POLLIN waiting, handle that first - */ - if ((pollfd->revents & (LWS_POLLIN | LWS_POLLHUP)) == - LWS_POLLHUP) { - - lwsl_debug("Server connection %p (fd=%d) dead\n", - (void *)wsi, pollfd->fd); - cce = "Peer hung up"; - goto bail3; - } - - if (!(pollfd->revents & LWS_POLLIN)) - break; - - /* interpret the server response - * - * HTTP/1.1 101 Switching Protocols - * Upgrade: websocket - * Connection: Upgrade - * Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo= - * Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC== - * Sec-WebSocket-Protocol: chat - * - * we have to take some care here to only take from the - * socket bytewise. The browser may (and has been seen to - * in the case that onopen() performs websocket traffic) - * coalesce both handshake response and websocket traffic - * in one packet, since at that point the connection is - * definitively ready from browser pov. - */ - len = 1; - while (wsi->ah->parser_state != WSI_PARSING_COMPLETE && - len > 0) { - int plen = 1; - - n = lws_ssl_capable_read(wsi, &c, 1); - lws_latency(context, wsi, "send lws_issue_raw", n, - n == 1); - switch (n) { - case 0: - case LWS_SSL_CAPABLE_ERROR: - cce = "read failed"; - goto bail3; - case LWS_SSL_CAPABLE_MORE_SERVICE: - return 0; - } - - if (lws_parse(wsi, &c, &plen)) { - lwsl_warn("problems parsing header\n"); - goto bail3; - } - } - - /* - * hs may also be coming in multiple packets, there is a 5-sec - * libwebsocket timeout still active here too, so if parsing did - * not complete just wait for next packet coming in this state - */ - if (wsi->ah->parser_state != WSI_PARSING_COMPLETE) - break; - - /* - * otherwise deal with the handshake. If there's any - * packet traffic already arrived we'll trigger poll() again - * right away and deal with it that way - */ - return lws_client_interpret_server_handshake(wsi); - -bail3: - lwsl_info("closing conn at LWS_CONNMODE...SERVER_REPLY\n"); - if (cce) - lwsl_info("reason: %s\n", cce); - wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_CONNECTION_ERROR, - wsi->user_space, (void *)cce, cce ? strlen(cce) : 0); - wsi->already_did_cce = 1; - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "cbail3"); - return -1; - - default: - break; - } - - return 0; -} - -/* - * In-place str to lower case - */ - -static void -strtolower(char *s) -{ - while (*s) { -#ifdef LWS_PLAT_OPTEE - int tolower_optee(int c); - *s = tolower_optee((int)*s); -#else - *s = tolower((int)*s); -#endif - s++; - } -} - -int LWS_WARN_UNUSED_RESULT -lws_http_transaction_completed_client(struct lws *wsi) -{ - struct lws *wsi_eff = lws_client_wsi_effective(wsi); - - lwsl_info("%s: wsi: %p, wsi_eff: %p\n", __func__, wsi, wsi_eff); - - if (user_callback_handle_rxflow(wsi_eff->protocol->callback, - wsi_eff, LWS_CALLBACK_COMPLETED_CLIENT_HTTP, - wsi_eff->user_space, NULL, 0)) { - lwsl_debug("%s: Completed call returned nonzero (role 0x%x)\n", - __func__, lwsi_role(wsi_eff)); - return -1; - } - - /* - * Are we constitutionally capable of having a queue, ie, we are on - * the "active client connections" list? - * - * If not, that's it for us. - */ - - if (lws_dll_is_null(&wsi->dll_active_client_conns)) - return -1; - - /* if this was a queued guy, close him and remove from queue */ - - if (wsi->transaction_from_pipeline_queue) { - lwsl_debug("closing queued wsi %p\n", wsi_eff); - /* so the close doesn't trigger a CCE */ - wsi_eff->already_did_cce = 1; - __lws_close_free_wsi(wsi_eff, - LWS_CLOSE_STATUS_CLIENT_TRANSACTION_DONE, - "queued client done"); - } - - /* after the first one, they can only be coming from the queue */ - wsi->transaction_from_pipeline_queue = 1; - - /* is there a new tail after removing that one? */ - wsi_eff = lws_client_wsi_effective(wsi); - - /* - * Do we have something pipelined waiting? - * it's OK if he hasn't managed to send his headers yet... he's next - * in line to do that... - */ - if (wsi_eff == wsi) { - /* - * Nothing pipelined... we should hang around a bit - * in case something turns up... - */ - lwsl_info("%s: nothing pipelined waiting\n", __func__); - if (wsi->ah) { - lws_header_table_force_to_detachable_state(wsi); - lws_header_table_detach(wsi, 0); - } - lws_set_timeout(wsi, PENDING_TIMEOUT_CLIENT_CONN_IDLE, 5); - - return 0; - } - - /* - * H1: we can serialize the queued guys into into the same ah - * H2: everybody needs their own ah until their own STREAM_END - */ - - /* otherwise set ourselves up ready to go again */ - lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); - wsi->http.rx_content_length = 0; - wsi->hdr_parsing_completed = 0; - - wsi->ah->parser_state = WSI_TOKEN_NAME_PART; - wsi->ah->lextable_pos = 0; - - lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, - wsi->context->timeout_secs); - - /* If we're (re)starting on headers, need other implied init */ - wsi->ah->ues = URIES_IDLE; - - lwsl_info("%s: %p: new queued transaction as %p\n", __func__, wsi, wsi_eff); - lws_callback_on_writable(wsi); - - return 0; -} - -LWS_VISIBLE LWS_EXTERN unsigned int -lws_http_client_http_response(struct lws *wsi) -{ - if (!wsi->ah) - return 0; - - return wsi->ah->http_response; -} -#if defined(LWS_PLAT_OPTEE) -char * -strrchr(const char *s, int c) -{ - char *hit = NULL; - - while (*s) - if (*(s++) == (char)c) - hit = (char *)s - 1; - - return hit; -} - -#define atoll atoi -#endif - -int -lws_client_interpret_server_handshake(struct lws *wsi) -{ - int n, len, okay = 0, port = 0, ssl = 0; - int close_reason = LWS_CLOSE_STATUS_PROTOCOL_ERR; - struct lws_context *context = wsi->context; - const char *pc, *prot, *ads = NULL, *path, *cce = NULL; - struct allocated_headers *ah = NULL; - struct lws *w = lws_client_wsi_effective(wsi); - char *p, *q; - char new_path[300]; -#if !defined(LWS_WITHOUT_EXTENSIONS) - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - char *sb = (char *)&pt->serv_buf[0]; - const struct lws_ext_options *opts; - const struct lws_extension *ext; - char ext_name[128]; - const char *c, *a; - char ignore; - int more = 1; - void *v; -#endif - lws_client_stash_destroy(wsi); - - ah = wsi->ah; - if (!wsi->do_ws) { - /* we are being an http client... - */ - if (wsi->client_h2_alpn) - lws_role_transition(wsi, LWSI_ROLE_H2_CLIENT, - LRS_ESTABLISHED); - else - lws_role_transition(wsi, LWSI_ROLE_H1_CLIENT, - LRS_ESTABLISHED); - - wsi->ah = ah; - ah->http_response = 0; - } - - /* - * well, what the server sent looked reasonable for syntax. - * Now let's confirm it sent all the necessary headers - * - * http (non-ws) client will expect something like this - * - * HTTP/1.0.200 - * server:.libwebsockets - * content-type:.text/html - * content-length:.17703 - * set-cookie:.test=LWS_1456736240_336776_COOKIE;Max-Age=360000 - */ - - wsi->http.connection_type = HTTP_CONNECTION_KEEP_ALIVE; - if (!wsi->client_h2_substream) { - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP); - if (wsi->do_ws && !p) { - lwsl_info("no URI\n"); - cce = "HS: URI missing"; - goto bail3; - } - if (!p) { - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP1_0); - wsi->http.connection_type = HTTP_CONNECTION_CLOSE; - } - if (!p) { - cce = "HS: URI missing"; - lwsl_info("no URI\n"); - goto bail3; - } - } else { - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_STATUS); - if (!p) { - cce = "HS: :status missing"; - lwsl_info("no status\n"); - goto bail3; - } - } - n = atoi(p); - if (ah) - ah->http_response = n; - - if (n == 301 || n == 302 || n == 303 || n == 307 || n == 308) { - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_LOCATION); - if (!p) { - cce = "HS: Redirect code but no Location"; - goto bail3; - } - - /* Relative reference absolute path */ - if (p[0] == '/') { -#ifdef LWS_OPENSSL_SUPPORT - ssl = wsi->use_ssl & LCCSCF_USE_SSL; -#endif - ads = lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_PEER_ADDRESS); - port = wsi->c_port; - /* +1 as lws_client_reset expects leading / omitted */ - path = p + 1; - } - /* Absolute (Full) URI */ - else if (strchr(p, ':')) { - if (lws_parse_uri(p, &prot, &ads, &port, &path)) { - cce = "HS: URI did not parse"; - goto bail3; - } - - if (!strcmp(prot, "wss") || !strcmp(prot, "https")) - ssl = 1; - } - /* Relative reference relative path */ - else { - /* This doesn't try to calculate an absolute path, - * that will be left to the server */ -#ifdef LWS_OPENSSL_SUPPORT - ssl = wsi->use_ssl & LCCSCF_USE_SSL; -#endif - ads = lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_PEER_ADDRESS); - port = wsi->c_port; - /* +1 as lws_client_reset expects leading / omitted */ - path = new_path + 1; - lws_strncpy(new_path, lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_URI), sizeof(new_path)); - q = strrchr(new_path, '/'); - if (q) - lws_strncpy(q + 1, p, sizeof(new_path) - - (q - new_path)); - else - path = p; - } - -#ifdef LWS_OPENSSL_SUPPORT - if ((wsi->use_ssl & LCCSCF_USE_SSL) && !ssl) { - cce = "HS: Redirect attempted SSL downgrade"; - goto bail3; - } -#endif - - if (!lws_client_reset(&wsi, ssl, ads, port, path, ads)) { - /* there are two ways to fail out with NULL return... - * simple, early problem where the wsi is intact, or - * we went through with the reconnect attempt and the - * wsi is already closed. In the latter case, the wsi - * has beet set to NULL additionally. - */ - lwsl_err("Redirect failed\n"); - cce = "HS: Redirect failed"; - if (wsi) - goto bail3; - - return 1; - } - return 0; - } - - if (!wsi->do_ws) { - - /* if h1 KA is allowed, enable the queued pipeline guys */ - - if (!wsi->client_h2_alpn && !wsi->client_h2_substream && w == wsi) { /* ie, coming to this for the first time */ - if (wsi->http.connection_type == HTTP_CONNECTION_KEEP_ALIVE) - wsi->keepalive_active = 1; - else { - /* - * Ugh... now the main http connection has seen - * both sides, we learn the server doesn't - * support keepalive. - * - * That means any guys queued on us are going - * to have to be restarted from connect2 with - * their own connections. - */ - - /* - * stick around telling any new guys they can't - * pipeline to this server - */ - wsi->keepalive_rejected = 1; - - lws_vhost_lock(wsi->vhost); - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - wsi->dll_client_transaction_queue_head.next) { - struct lws *ww = lws_container_of(d, struct lws, - dll_client_transaction_queue); - - /* remove him from our queue */ - lws_dll_lws_remove(&ww->dll_client_transaction_queue); - /* give up on pipelining */ - ww->client_pipeline = 0; - - /* go back to "trying to connect" state */ - lws_role_transition(ww, - LWSI_ROLE_H1_CLIENT, - LRS_UNCONNECTED); - ww->user_space = NULL; - } lws_end_foreach_dll_safe(d, d1); - lws_vhost_unlock(wsi->vhost); - } - } - -#ifdef LWS_WITH_HTTP_PROXY - wsi->perform_rewrite = 0; - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE)) { - if (!strncmp(lws_hdr_simple_ptr(wsi, - WSI_TOKEN_HTTP_CONTENT_TYPE), - "text/html", 9)) - wsi->perform_rewrite = 1; - } -#endif - - /* allocate the per-connection user memory (if any) */ - if (lws_ensure_user_space(wsi)) { - lwsl_err("Problem allocating wsi user mem\n"); - cce = "HS: OOM"; - goto bail2; - } - - /* he may choose to send us stuff in chunked transfer-coding */ - wsi->chunked = 0; - wsi->chunk_remaining = 0; /* ie, next thing is chunk size */ - if (lws_hdr_total_length(wsi, - WSI_TOKEN_HTTP_TRANSFER_ENCODING)) { - wsi->chunked = !strcmp(lws_hdr_simple_ptr(wsi, - WSI_TOKEN_HTTP_TRANSFER_ENCODING), - "chunked"); - /* first thing is hex, after payload there is crlf */ - wsi->chunk_parser = ELCP_HEX; - } - - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { - wsi->http.rx_content_length = - atoll(lws_hdr_simple_ptr(wsi, - WSI_TOKEN_HTTP_CONTENT_LENGTH)); - lwsl_info("%s: incoming content length %llu\n", - __func__, (unsigned long long) - wsi->http.rx_content_length); - wsi->http.rx_content_remain = - wsi->http.rx_content_length; - } else /* can't do 1.1 without a content length or chunked */ - if (!wsi->chunked) - wsi->http.connection_type = - HTTP_CONNECTION_CLOSE; - - /* - * we seem to be good to go, give client last chance to check - * headers and OK it - */ - if (wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH, - wsi->user_space, NULL, 0)) { - - cce = "HS: disallowed by client filter"; - goto bail2; - } - - /* clear his proxy connection timeout */ - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - - wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; - - /* call him back to inform him he is up */ - if (wsi->protocol->callback(wsi, - LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP, - wsi->user_space, NULL, 0)) { - cce = "HS: disallowed at ESTABLISHED"; - goto bail3; - } - - /* - * for pipelining, master needs to keep his ah... guys who - * queued on him can drop it now though. - */ - - if (w != wsi) { - /* free up parsing allocations for queued guy */ - lws_header_table_force_to_detachable_state(w); - lws_header_table_detach(w, 0); - } - - lwsl_info("%s: client connection up\n", __func__); - - return 0; - } - - if (wsi->client_h2_substream) {/* !!! client ws-over-h2 not there yet */ - lwsl_warn("%s: client ws-over-h2 upgrade not supported yet\n", - __func__); - cce = "HS: h2 / ws upgrade unsupported"; - goto bail3; - } - - if (p && !strncmp(p, "401", 3)) { - lwsl_warn( - "lws_client_handshake: got bad HTTP response '%s'\n", p); - cce = "HS: ws upgrade unauthorized"; - goto bail3; - } - - if (p && strncmp(p, "101", 3)) { - lwsl_warn( - "lws_client_handshake: got bad HTTP response '%s'\n", p); - cce = "HS: ws upgrade response not 101"; - goto bail3; - } - - if (lws_hdr_total_length(wsi, WSI_TOKEN_ACCEPT) == 0) { - lwsl_info("no ACCEPT\n"); - cce = "HS: ACCEPT missing"; - goto bail3; - } - - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_UPGRADE); - if (!p) { - lwsl_info("no UPGRADE\n"); - cce = "HS: UPGRADE missing"; - goto bail3; - } - strtolower(p); - if (strcmp(p, "websocket")) { - lwsl_warn( - "lws_client_handshake: got bad Upgrade header '%s'\n", p); - cce = "HS: Upgrade to something other than websocket"; - goto bail3; - } - - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_CONNECTION); - if (!p) { - lwsl_info("no Connection hdr\n"); - cce = "HS: CONNECTION missing"; - goto bail3; - } - strtolower(p); - if (strcmp(p, "upgrade")) { - lwsl_warn("lws_client_int_s_hs: bad header %s\n", p); - cce = "HS: UPGRADE malformed"; - goto bail3; - } - - pc = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); - if (!pc) { - lwsl_parser("lws_client_int_s_hs: no protocol list\n"); - } else - lwsl_parser("lws_client_int_s_hs: protocol list '%s'\n", pc); - - /* - * confirm the protocol the server wants to talk was in the list - * of protocols we offered - */ - - len = lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL); - if (!len) { - lwsl_info("%s: WSI_TOKEN_PROTOCOL is null\n", __func__); - /* - * no protocol name to work from, - * default to first protocol - */ - n = 0; - wsi->protocol = &wsi->vhost->protocols[0]; - goto check_extensions; - } - - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL); - len = (int)strlen(p); - - while (pc && *pc && !okay) { - if (!strncmp(pc, p, len) && - (pc[len] == ',' || pc[len] == '\0')) { - okay = 1; - continue; - } - while (*pc && *pc++ != ',') - ; - while (*pc && *pc == ' ') - pc++; - } - - if (!okay) { - lwsl_info("%s: got bad protocol %s\n", __func__, p); - cce = "HS: PROTOCOL malformed"; - goto bail2; - } - - /* - * identify the selected protocol struct and set it - */ - n = 0; - /* keep client connection pre-bound protocol */ - if (!lwsi_role_client(wsi)) - wsi->protocol = NULL; - - while (wsi->vhost->protocols[n].callback) { - if (!wsi->protocol && - strcmp(p, wsi->vhost->protocols[n].name) == 0) { - wsi->protocol = &wsi->vhost->protocols[n]; - break; - } - n++; - } - - if (!wsi->vhost->protocols[n].callback) { /* no match */ - /* if server, that's already fatal */ - if (!lwsi_role_client(wsi)) { - lwsl_info("%s: fail protocol %s\n", __func__, p); - cce = "HS: Cannot match protocol"; - goto bail2; - } - - /* for client, find the index of our pre-bound protocol */ - - n = 0; - while (wsi->vhost->protocols[n].callback) { - if (wsi->protocol && strcmp(wsi->protocol->name, - wsi->vhost->protocols[n].name) == 0) { - wsi->protocol = &wsi->vhost->protocols[n]; - break; - } - n++; - } - - if (!wsi->vhost->protocols[n].callback) { - if (wsi->protocol) - lwsl_err("Failed to match protocol %s\n", - wsi->protocol->name); - else - lwsl_err("No protocol on client\n"); - goto bail2; - } - } - - lwsl_debug("Selected protocol %s\n", wsi->protocol->name); - -check_extensions: - /* - * stitch protocol choice into the vh protocol linked list - * We always insert ourselves at the start of the list - * - * X <-> B - * X <-> pAn <-> pB - */ - - lws_vhost_lock(wsi->vhost); - - wsi->same_vh_protocol_prev = /* guy who points to us */ - &wsi->vhost->same_vh_protocol_list[n]; - wsi->same_vh_protocol_next = /* old first guy is our next */ - wsi->vhost->same_vh_protocol_list[n]; - /* we become the new first guy */ - wsi->vhost->same_vh_protocol_list[n] = wsi; - - if (wsi->same_vh_protocol_next) - /* old first guy points back to us now */ - wsi->same_vh_protocol_next->same_vh_protocol_prev = - &wsi->same_vh_protocol_next; - wsi->on_same_vh_list = 1; - - lws_vhost_unlock(wsi->vhost); - -#if !defined(LWS_WITHOUT_EXTENSIONS) - /* instantiate the accepted extensions */ - - if (!lws_hdr_total_length(wsi, WSI_TOKEN_EXTENSIONS)) { - lwsl_ext("no client extensions allowed by server\n"); - goto check_accept; - } - - /* - * break down the list of server accepted extensions - * and go through matching them or identifying bogons - */ - - if (lws_hdr_copy(wsi, sb, context->pt_serv_buf_size, - WSI_TOKEN_EXTENSIONS) < 0) { - lwsl_warn("ext list from server failed to copy\n"); - cce = "HS: EXT: list too big"; - goto bail2; - } - - c = sb; - n = 0; - ignore = 0; - a = NULL; - while (more) { - - if (*c && (*c != ',' && *c != '\t')) { - if (*c == ';') { - ignore = 1; - if (!a) - a = c + 1; - } - if (ignore || *c == ' ') { - c++; - continue; - } - - ext_name[n] = *c++; - if (n < (int)sizeof(ext_name) - 1) - n++; - continue; - } - ext_name[n] = '\0'; - ignore = 0; - if (!*c) - more = 0; - else { - c++; - if (!n) - continue; - } - - /* check we actually support it */ - - lwsl_notice("checking client ext %s\n", ext_name); - - n = 0; - ext = wsi->vhost->extensions; - while (ext && ext->callback) { - if (strcmp(ext_name, ext->name)) { - ext++; - continue; - } - - n = 1; - lwsl_notice("instantiating client ext %s\n", ext_name); - - /* instantiate the extension on this conn */ - - wsi->active_extensions[wsi->count_act_ext] = ext; - - /* allow him to construct his ext instance */ - - if (ext->callback(lws_get_context(wsi), ext, wsi, - LWS_EXT_CB_CLIENT_CONSTRUCT, - (void *)&wsi->act_ext_user[wsi->count_act_ext], - (void *)&opts, 0)) { - lwsl_info(" ext %s failed construction\n", - ext_name); - ext++; - continue; - } - - /* - * allow the user code to override ext defaults if it - * wants to - */ - ext_name[0] = '\0'; - if (user_callback_handle_rxflow(wsi->protocol->callback, - wsi, LWS_CALLBACK_WS_EXT_DEFAULTS, - (char *)ext->name, ext_name, - sizeof(ext_name))) { - cce = "HS: EXT: failed setting defaults"; - goto bail2; - } - - if (ext_name[0] && - lws_ext_parse_options(ext, wsi, wsi->act_ext_user[ - wsi->count_act_ext], opts, ext_name, - (int)strlen(ext_name))) { - lwsl_err("%s: unable to parse user defaults '%s'", - __func__, ext_name); - cce = "HS: EXT: failed parsing defaults"; - goto bail2; - } - - /* - * give the extension the server options - */ - if (a && lws_ext_parse_options(ext, wsi, - wsi->act_ext_user[wsi->count_act_ext], - opts, a, lws_ptr_diff(c, a))) { - lwsl_err("%s: unable to parse remote def '%s'", - __func__, a); - cce = "HS: EXT: failed parsing options"; - goto bail2; - } - - if (ext->callback(lws_get_context(wsi), ext, wsi, - LWS_EXT_CB_OPTION_CONFIRM, - wsi->act_ext_user[wsi->count_act_ext], - NULL, 0)) { - lwsl_err("%s: ext %s rejects server options %s", - __func__, ext->name, a); - cce = "HS: EXT: Rejects server options"; - goto bail2; - } - - wsi->count_act_ext++; - - ext++; - } - - if (n == 0) { - lwsl_warn("Unknown ext '%s'!\n", ext_name); - cce = "HS: EXT: unknown ext"; - goto bail2; - } - - a = NULL; - n = 0; - } - -check_accept: -#endif - - /* - * Confirm his accept token is the one we precomputed - */ - - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_ACCEPT); - if (strcmp(p, wsi->ah->initial_handshake_hash_base64)) { - lwsl_warn("lws_client_int_s_hs: accept '%s' wrong vs '%s'\n", p, - wsi->ah->initial_handshake_hash_base64); - cce = "HS: Accept hash wrong"; - goto bail2; - } - - /* allocate the per-connection user memory (if any) */ - if (lws_ensure_user_space(wsi)) { - lwsl_err("Problem allocating wsi user mem\n"); - cce = "HS: OOM"; - goto bail2; - } - - /* - * we seem to be good to go, give client last chance to check - * headers and OK it - */ - if (wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH, - wsi->user_space, NULL, 0)) { - cce = "HS: Rejected by filter cb"; - goto bail2; - } - - /* clear his proxy connection timeout */ - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - - /* free up his parsing allocations */ - lws_header_table_detach(wsi, 0); - - lws_role_transition(wsi, LWSI_ROLE_H1_CLIENT, LRS_ESTABLISHED); - lws_restart_ws_ping_pong_timer(wsi); - - wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; - - /* - * create the frame buffer for this connection according to the - * size mentioned in the protocol definition. If 0 there, then - * use a big default for compatibility - */ - n = (int)wsi->protocol->rx_buffer_size; - if (!n) - n = context->pt_serv_buf_size; - n += LWS_PRE; - wsi->ws->rx_ubuf = lws_malloc(n + 4 /* 0x0000ffff zlib */, - "client frame buffer"); - if (!wsi->ws->rx_ubuf) { - lwsl_err("Out of Mem allocating rx buffer %d\n", n); - cce = "HS: OOM"; - goto bail2; - } - wsi->ws->rx_ubuf_alloc = n; - lwsl_info("Allocating client RX buffer %d\n", n); - -#if !defined(LWS_WITH_ESP32) - if (setsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_SNDBUF, - (const char *)&n, sizeof n)) { - lwsl_warn("Failed to set SNDBUF to %d", n); - cce = "HS: SO_SNDBUF failed"; - goto bail3; - } -#endif - - lwsi_set_role(wsi, LWSI_ROLE_WS1_CLIENT); - - lwsl_debug("handshake OK for protocol %s\n", wsi->protocol->name); - - /* call him back to inform him he is up */ - - if (wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_ESTABLISHED, - wsi->user_space, NULL, 0)) { - cce = "HS: Rejected at CLIENT_ESTABLISHED"; - goto bail3; - } -#if !defined(LWS_WITHOUT_EXTENSIONS) - /* - * inform all extensions, not just active ones since they - * already know - */ - ext = wsi->vhost->extensions; - - while (ext && ext->callback) { - v = NULL; - for (n = 0; n < wsi->count_act_ext; n++) - if (wsi->active_extensions[n] == ext) - v = wsi->act_ext_user[n]; - - ext->callback(context, ext, wsi, - LWS_EXT_CB_ANY_WSI_ESTABLISHED, v, NULL, 0); - ext++; - } -#endif - - return 0; - -bail3: - close_reason = LWS_CLOSE_STATUS_NOSTATUS; - -bail2: - if (wsi->protocol) { - n = 0; - if (cce) - n = strlen(cce); - wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_CONNECTION_ERROR, - wsi->user_space, (void *)cce, - (unsigned int)n); - } - wsi->already_did_cce = 1; - - lwsl_info("closing connection due to bail2 connection error\n"); - - /* closing will free up his parsing allocations */ - lws_close_free_wsi(wsi, close_reason, "c hs interp"); - - return 1; -} - - -char * -lws_generate_client_handshake(struct lws *wsi, char *pkt) -{ - char buf[128], hash[20], key_b64[40], *p = pkt; - struct lws_context *context = wsi->context; - const char *meth; - int n; -#if !defined(LWS_WITHOUT_EXTENSIONS) - const struct lws_extension *ext; - int ext_count = 0; -#endif - const char *pp = lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); - - meth = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); - if (!meth) { - meth = "GET"; - wsi->do_ws = 1; - } else { - wsi->do_ws = 0; - } - - if (!strcmp(meth, "RAW")) { - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - lwsl_notice("client transition to raw\n"); - - if (pp) { - const struct lws_protocols *pr; - - pr = lws_vhost_name_to_protocol(wsi->vhost, pp); - - if (!pr) { - lwsl_err("protocol %s not enabled on vhost\n", - pp); - return NULL; - } - - lws_bind_protocol(wsi, pr); - } - - if ((wsi->protocol->callback)(wsi, - LWS_CALLBACK_RAW_ADOPT, - wsi->user_space, NULL, 0)) - return NULL; - - lws_header_table_force_to_detachable_state(wsi); - lws_role_transition(wsi, LWSI_ROLE_RAW_SOCKET, LRS_ESTABLISHED); - lws_header_table_detach(wsi, 1); - - return NULL; - } - - if (wsi->do_ws) { - /* - * create the random key - */ - n = lws_get_random(context, hash, 16); - if (n != 16) { - lwsl_err("Unable to read from random dev %s\n", - SYSTEM_RANDOM_FILEPATH); - return NULL; - } - - lws_b64_encode_string(hash, 16, key_b64, sizeof(key_b64)); - } - - /* - * 04 example client handshake - * - * GET /chat HTTP/1.1 - * Host: server.example.com - * Upgrade: websocket - * Connection: Upgrade - * Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== - * Sec-WebSocket-Origin: http://example.com - * Sec-WebSocket-Protocol: chat, superchat - * Sec-WebSocket-Version: 4 - */ - - p += sprintf(p, "%s %s HTTP/1.1\x0d\x0a", meth, - lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_URI)); - - p += sprintf(p, "Pragma: no-cache\x0d\x0a" - "Cache-Control: no-cache\x0d\x0a"); - - p += sprintf(p, "Host: %s\x0d\x0a", - lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_HOST)); - - if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN)) { - if (lws_check_opt(context->options, - LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN)) - p += sprintf(p, "Origin: %s\x0d\x0a", - lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_ORIGIN)); - else - p += sprintf(p, "Origin: http://%s\x0d\x0a", - lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_ORIGIN)); - } - - if (wsi->do_ws) { - p += sprintf(p, "Upgrade: websocket\x0d\x0a" - "Connection: Upgrade\x0d\x0a" - "Sec-WebSocket-Key: "); - strcpy(p, key_b64); - p += strlen(key_b64); - p += sprintf(p, "\x0d\x0a"); - if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS)) - p += sprintf(p, "Sec-WebSocket-Protocol: %s\x0d\x0a", - lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_SENT_PROTOCOLS)); - - /* tell the server what extensions we could support */ - -#if !defined(LWS_WITHOUT_EXTENSIONS) - ext = wsi->vhost->extensions; - while (ext && ext->callback) { - n = lws_ext_cb_all_exts(context, wsi, - LWS_EXT_CB_CHECK_OK_TO_PROPOSE_EXTENSION, - (char *)ext->name, 0); - if (n) { /* an extension vetos us */ - lwsl_ext("ext %s vetoed\n", (char *)ext->name); - ext++; - continue; - } - n = wsi->vhost->protocols[0].callback(wsi, - LWS_CALLBACK_CLIENT_CONFIRM_EXTENSION_SUPPORTED, - wsi->user_space, (char *)ext->name, 0); - - /* - * zero return from callback means go ahead and allow - * the extension, it's what we get if the callback is - * unhandled - */ - - if (n) { - ext++; - continue; - } - - /* apply it */ - - if (ext_count) - *p++ = ','; - else - p += sprintf(p, "Sec-WebSocket-Extensions: "); - p += sprintf(p, "%s", ext->client_offer); - ext_count++; - - ext++; - } - if (ext_count) - p += sprintf(p, "\x0d\x0a"); -#endif - - if (wsi->ws->ietf_spec_revision) - p += sprintf(p, "Sec-WebSocket-Version: %d\x0d\x0a", - wsi->ws->ietf_spec_revision); - - /* prepare the expected server accept response */ - - key_b64[39] = '\0'; /* enforce composed length below buf sizeof */ - n = sprintf(buf, "%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11", - key_b64); - - lws_SHA1((unsigned char *)buf, n, (unsigned char *)hash); - - lws_b64_encode_string(hash, 20, - wsi->ah->initial_handshake_hash_base64, - sizeof(wsi->ah->initial_handshake_hash_base64)); - } - - /* give userland a chance to append, eg, cookies */ - - if (wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER, - wsi->user_space, &p, - (pkt + context->pt_serv_buf_size) - p - 12)) - return NULL; - - p += sprintf(p, "\x0d\x0a"); - - return p; -} diff --git a/lib/client/ssl-client.c b/lib/client/ssl-client.c deleted file mode 100644 index 82bdb89..0000000 --- a/lib/client/ssl-client.c +++ /dev/null @@ -1,150 +0,0 @@ -/* - * libwebsockets - client-related ssl code independent of backend - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -int -lws_ssl_client_connect1(struct lws *wsi) -{ - struct lws_context *context = wsi->context; - int n = 0; - - lws_latency_pre(context, wsi); - n = lws_tls_client_connect(wsi); - lws_latency(context, wsi, "SSL_connect hs", n, n > 0); - - switch (n) { - case LWS_SSL_CAPABLE_ERROR: - return -1; - case LWS_SSL_CAPABLE_DONE: - return 1; /* connected */ - case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE: - lws_callback_on_writable(wsi); - /* fallthru */ - case LWS_SSL_CAPABLE_MORE_SERVICE_READ: - lwsi_set_state(wsi, LRS_WAITING_SSL); - break; - case LWS_SSL_CAPABLE_MORE_SERVICE: - break; - } - - return 0; /* retry */ -} - -int -lws_ssl_client_connect2(struct lws *wsi, char *errbuf, int len) -{ - int n = 0; - - if (lwsi_state(wsi) == LRS_WAITING_SSL) { - lws_latency_pre(wsi->context, wsi); - - n = lws_tls_client_connect(wsi); - lwsl_debug("%s: SSL_connect says %d\n", __func__, n); - lws_latency(wsi->context, wsi, - "SSL_connect LRS_WAITING_SSL", n, n > 0); - - switch (n) { - case LWS_SSL_CAPABLE_ERROR: - lws_snprintf(errbuf, len, "client connect failed"); - return -1; - case LWS_SSL_CAPABLE_DONE: - break; /* connected */ - case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE: - lws_callback_on_writable(wsi); - /* fallthru */ - case LWS_SSL_CAPABLE_MORE_SERVICE_READ: - lwsi_set_state(wsi, LRS_WAITING_SSL); - /* fallthru */ - case LWS_SSL_CAPABLE_MORE_SERVICE: - return 0; - } - } - - if (lws_tls_client_confirm_peer_cert(wsi, errbuf, len)) - return -1; - - return 1; -} - - -int lws_context_init_client_ssl(struct lws_context_creation_info *info, - struct lws_vhost *vhost) -{ - const char *ca_filepath = info->ssl_ca_filepath; - const char *cipher_list = info->ssl_cipher_list; - const char *private_key_filepath = info->ssl_private_key_filepath; - const char *cert_filepath = info->ssl_cert_filepath; - struct lws wsi; - - if (vhost->options & LWS_SERVER_OPTION_ONLY_RAW) - return 0; - - /* - * for backwards-compatibility default to using ssl_... members, but - * if the newer client-specific ones are given, use those - */ - if (info->client_ssl_cipher_list) - cipher_list = info->client_ssl_cipher_list; - if (info->client_ssl_cert_filepath) - cert_filepath = info->client_ssl_cert_filepath; - if (info->client_ssl_private_key_filepath) - private_key_filepath = info->client_ssl_private_key_filepath; - - if (info->client_ssl_ca_filepath) - ca_filepath = info->client_ssl_ca_filepath; - - if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) - return 0; - - if (vhost->ssl_client_ctx) - return 0; - - if (info->provided_client_ssl_ctx) { - /* use the provided OpenSSL context if given one */ - vhost->ssl_client_ctx = info->provided_client_ssl_ctx; - /* nothing for lib to delete */ - vhost->user_supplied_ssl_ctx = 1; - - return 0; - } - - if (lws_tls_client_create_vhost_context(vhost, info, cipher_list, - ca_filepath, cert_filepath, - private_key_filepath)) - return 1; - - lwsl_notice("created client ssl context for %s\n", vhost->name); - - /* - * give him a fake wsi with context set, so he can use - * lws_get_context() in the callback - */ - memset(&wsi, 0, sizeof(wsi)); - wsi.vhost = vhost; - wsi.context = vhost->context; - - vhost->protocols[0].callback(&wsi, - LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS, - vhost->ssl_client_ctx, NULL, 0); - - return 0; -} diff --git a/lib/context.c b/lib/context.c index dca7e29..ed8ff38 100644 --- a/lib/context.c +++ b/lib/context.c @@ -50,70 +50,6 @@ static const char * const mount_protocols[] = { "callback://" }; -#if defined(LWS_WITH_HTTP2) -/* - * These are the standardized defaults. - * Override what actually goes in the vhost settings in platform or user code. - * Leave these alone because they are used to determine "what is different - * from the protocol defaults". - */ -const struct http2_settings lws_h2_defaults = { { - 1, - /* H2SET_HEADER_TABLE_SIZE */ 4096, - /* *** This controls how many entries in the dynamic table *** - * Allows the sender to inform the remote endpoint of the maximum - * size of the header compression table used to decode header - * blocks, in octets. The encoder can select any size equal to or - * less than this value by using signaling specific to the header - * compression format inside a header block (see [COMPRESSION]). - * The initial value is 4,096 octets. - */ - /* H2SET_ENABLE_PUSH */ 1, - /* H2SET_MAX_CONCURRENT_STREAMS */ 0x7fffffff, - /* H2SET_INITIAL_WINDOW_SIZE */ 65535, - /* H2SET_MAX_FRAME_SIZE */ 16384, - /* H2SET_MAX_HEADER_LIST_SIZE */ 0x7fffffff, - /*< This advisory setting informs a peer of the maximum size of - * header list that the sender is prepared to accept, in octets. - * The value is based on the uncompressed size of header fields, - * including the length of the name and value in octets plus an - * overhead of 32 octets for each header field. - */ - /* H2SET_RESERVED7 */ 0, - /* H2SET_ENABLE_CONNECT_PROTOCOL */ 0, -}}; - -/* these are the "lws defaults"... they can be overridden in plat */ - -const struct http2_settings lws_h2_stock_settings = { { - 1, - /* H2SET_HEADER_TABLE_SIZE */ 65536, /* ffox */ - /* *** This controls how many entries in the dynamic table *** - * Allows the sender to inform the remote endpoint of the maximum - * size of the header compression table used to decode header - * blocks, in octets. The encoder can select any size equal to or - * less than this value by using signaling specific to the header - * compression format inside a header block (see [COMPRESSION]). - * The initial value is 4,096 octets. - * - * Can't pass h2spec with less than 4096 here... - */ - /* H2SET_ENABLE_PUSH */ 1, - /* H2SET_MAX_CONCURRENT_STREAMS */ 24, - /* H2SET_INITIAL_WINDOW_SIZE */ 65535, - /* H2SET_MAX_FRAME_SIZE */ 16384, - /* H2SET_MAX_HEADER_LIST_SIZE */ 4096, - /*< This advisory setting informs a peer of the maximum size of - * header list that the sender is prepared to accept, in octets. - * The value is based on the uncompressed size of header fields, - * including the length of the name and value in octets plus an - * overhead of 32 octets for each header field. - */ - /* H2SET_RESERVED7 */ 0, - /* H2SET_ENABLE_CONNECT_PROTOCOL */ 1, -}}; -#endif - LWS_VISIBLE void * lws_protocol_vh_priv_zalloc(struct lws_vhost *vhost, const struct lws_protocols *prot, int size) @@ -265,7 +201,7 @@ lws_protocol_init(struct lws_context *context) pvo = pvo1->options; } -#if defined(LWS_OPENSSL_SUPPORT) +#if defined(LWS_WITH_TLS) any |= !!vh->ssl_ctx; #endif @@ -617,10 +553,11 @@ lws_create_vhost(struct lws_context *context, vh->pvo = info->pvo; vh->headers = info->headers; vh->user = info->user; - if (!info->h2_rx_scratch_size) - vh->h2_rx_scratch_size = LWS_H2_RX_SCRATCH_SIZE; - else - vh->h2_rx_scratch_size = info->h2_rx_scratch_size; + +#if defined(LWS_ROLE_H2) + role_ops_h2.init_vhost(vh, info); +#endif + vh->ssl_info_event_mask = info->ssl_info_event_mask; if (info->keepalive_timeout) vh->keepalive_timeout = info->keepalive_timeout; @@ -632,7 +569,7 @@ lws_create_vhost(struct lws_context *context, else vh->timeout_secs_ah_idle = 10; -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) if (info->ecdh_curve) lws_strncpy(vh->ecdh_curve, info->ecdh_curve, sizeof(vh->ecdh_curve)); @@ -966,7 +903,7 @@ lws_create_event_pipes(struct lws_context *context) return 1; } wsi->context = context; - lwsi_set_role(wsi, LWSI_ROLE_EVENT_PIPE); + lws_role_transition(wsi, 0, LRS_UNCONNECTED, &role_ops_pipe); wsi->protocol = NULL; wsi->tsi = n; wsi->vhost = NULL; @@ -1023,7 +960,7 @@ lws_create_context(struct lws_context_creation_info *info) #if defined(GCC_VER) lwsl_info("Compiled with %s\n", GCC_VER); #endif -#if LWS_POSIX + #ifdef LWS_WITH_IPV6 if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DISABLE_IPV6)) lwsl_info("IPV6 compiled in and enabled\n"); @@ -1036,7 +973,6 @@ lws_create_context(struct lws_context_creation_info *info) lws_feature_status_libev(info); lws_feature_status_libuv(info); #endif -#endif lwsl_info(" LWS_DEF_HEADER_LEN : %u\n", LWS_DEF_HEADER_LEN); lwsl_info(" LWS_MAX_PROTOCOLS : %u\n", LWS_MAX_PROTOCOLS); lwsl_info(" LWS_MAX_SMP : %u\n", LWS_MAX_SMP); @@ -1044,9 +980,7 @@ lws_create_context(struct lws_context_creation_info *info) #if defined(LWS_WITH_STATS) lwsl_info(" LWS_WITH_STATS : on\n"); #endif -#if LWS_POSIX lwsl_info(" SYSTEM_RANDOM_FILEPATH: '%s'\n", SYSTEM_RANDOM_FILEPATH); -#endif #if defined(LWS_WITH_HTTP2) lwsl_info(" HTTP2 support : available\n"); #else @@ -1065,8 +999,8 @@ lws_create_context(struct lws_context_creation_info *info) else context->pt_serv_buf_size = 4096; -#if defined(LWS_WITH_HTTP2) - context->set = lws_h2_stock_settings; +#if defined(LWS_ROLE_H2) + role_ops_h2.init_context(context, info); #endif #if LWS_MAX_SMP > 1 diff --git a/lib/event-libs/libev.c b/lib/event-libs/libev.c index ca8992c..d7afc67 100644 --- a/lib/event-libs/libev.c +++ b/lib/event-libs/libev.c @@ -185,7 +185,7 @@ lws_libev_accept(struct lws *new_wsi, lws_sock_file_fd_type desc) if (!LWS_LIBEV_ENABLED(context)) return; - if (lwsi_role(new_wsi) == LWSI_ROLE_RAW_FILE) + if (new_wsi->role_ops == &role_ops_raw_file) fd = desc.filefd; else fd = desc.sockfd; diff --git a/lib/event-libs/libevent.c b/lib/event-libs/libevent.c index ddd9dde..a3c054c 100644 --- a/lib/event-libs/libevent.c +++ b/lib/event-libs/libevent.c @@ -174,7 +174,7 @@ lws_libevent_accept(struct lws *new_wsi, lws_sock_file_fd_type desc) // Initialize the event pt = &context->pt[(int)new_wsi->tsi]; - if (lwsi_role(new_wsi) == LWSI_ROLE_RAW_FILE) + if (new_wsi->role_ops == role_ops_raw_file) fd = desc.filefd; else fd = desc.sockfd; diff --git a/lib/event-libs/libuv.c b/lib/event-libs/libuv.c index 15f93cc..2420d8b 100644 --- a/lib/event-libs/libuv.c +++ b/lib/event-libs/libuv.c @@ -429,7 +429,7 @@ lws_libuv_accept(struct lws *wsi, lws_sock_file_fd_type desc) return; wsi->w_read.context = context; - if (lwsi_role(wsi) == LWSI_ROLE_RAW_FILE || wsi->event_pipe) + if (wsi->role_ops == &role_ops_raw_file || wsi->event_pipe) uv_poll_init(pt->io_loop_uv, &wsi->w_read.uv_watcher, (int)(long long)desc.filefd); else @@ -543,8 +543,7 @@ lws_libuv_closewsi(uv_handle_t* handle) * We get called back here for every wsi that closes */ - if (lwsi_role(wsi) == LWSI_ROLE_LISTEN_SOCKET && - wsi->context->deprecated) { + if (wsi->role_ops == &role_ops_listen && wsi->context->deprecated) { lspd = 1; context->deprecation_pending_listen_close_count--; if (!context->deprecation_pending_listen_close_count) @@ -637,6 +636,13 @@ lws_libuv_stop(struct lws_context *context) void lws_libuv_closehandle(struct lws *wsi) { + if (wsi->told_event_loop_closed) { + assert(0); + return; + } + + wsi->told_event_loop_closed = 1; + /* required to defer actual deletion until libuv has processed it */ uv_close((uv_handle_t*)&wsi->w_read.uv_watcher, lws_libuv_closewsi); } diff --git a/lib/ext/extension-permessage-deflate.c b/lib/ext/extension-permessage-deflate.c deleted file mode 100644 index e0c3773..0000000 --- a/lib/ext/extension-permessage-deflate.c +++ /dev/null @@ -1,480 +0,0 @@ -/* - * ./lib/extension-permessage-deflate.c - * - * Copyright (C) 2016 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" -#include "extension-permessage-deflate.h" -#include -#include -#include - -#define LWS_ZLIB_MEMLEVEL 8 - -const struct lws_ext_options lws_ext_pm_deflate_options[] = { - /* public RFC7692 settings */ - { "server_no_context_takeover", EXTARG_NONE }, - { "client_no_context_takeover", EXTARG_NONE }, - { "server_max_window_bits", EXTARG_OPT_DEC }, - { "client_max_window_bits", EXTARG_OPT_DEC }, - /* ones only user code can set */ - { "rx_buf_size", EXTARG_DEC }, - { "tx_buf_size", EXTARG_DEC }, - { "compression_level", EXTARG_DEC }, - { "mem_level", EXTARG_DEC }, - { NULL, 0 }, /* sentinel */ -}; - -static void -lws_extension_pmdeflate_restrict_args(struct lws *wsi, - struct lws_ext_pm_deflate_priv *priv) -{ - int n, extra; - - /* cap the RX buf at the nearest power of 2 to protocol rx buf */ - - n = wsi->context->pt_serv_buf_size; - if (wsi->protocol->rx_buffer_size) - n = (int)wsi->protocol->rx_buffer_size; - - extra = 7; - while (n >= 1 << (extra + 1)) - extra++; - - if (extra < priv->args[PMD_RX_BUF_PWR2]) { - priv->args[PMD_RX_BUF_PWR2] = extra; - lwsl_info(" Capping pmd rx to %d\n", 1 << extra); - } -} - -LWS_VISIBLE int -lws_extension_callback_pm_deflate(struct lws_context *context, - const struct lws_extension *ext, - struct lws *wsi, - enum lws_extension_callback_reasons reason, - void *user, void *in, size_t len) -{ - struct lws_ext_pm_deflate_priv *priv = - (struct lws_ext_pm_deflate_priv *)user; - struct lws_tokens *eff_buf = (struct lws_tokens *)in; - static unsigned char trail[] = { 0, 0, 0xff, 0xff }; - int n, ret = 0, was_fin = 0, extra; - struct lws_ext_option_arg *oa; - - switch (reason) { - case LWS_EXT_CB_NAMED_OPTION_SET: - oa = in; - if (!oa->option_name) - break; - for (n = 0; n < (int)ARRAY_SIZE(lws_ext_pm_deflate_options); n++) - if (!strcmp(lws_ext_pm_deflate_options[n].name, - oa->option_name)) - break; - - if (n == (int)ARRAY_SIZE(lws_ext_pm_deflate_options)) - break; - oa->option_index = n; - - /* fallthru */ - - case LWS_EXT_CB_OPTION_SET: - oa = in; - lwsl_notice("%s: option set: idx %d, %s, len %d\n", __func__, - oa->option_index, oa->start, oa->len); - if (oa->start) - priv->args[oa->option_index] = atoi(oa->start); - else - priv->args[oa->option_index] = 1; - - if (priv->args[PMD_CLIENT_MAX_WINDOW_BITS] == 8) - priv->args[PMD_CLIENT_MAX_WINDOW_BITS] = 9; - - lws_extension_pmdeflate_restrict_args(wsi, priv); - break; - - case LWS_EXT_CB_OPTION_CONFIRM: - if (priv->args[PMD_SERVER_MAX_WINDOW_BITS] < 8 || - priv->args[PMD_SERVER_MAX_WINDOW_BITS] > 15 || - priv->args[PMD_CLIENT_MAX_WINDOW_BITS] < 8 || - priv->args[PMD_CLIENT_MAX_WINDOW_BITS] > 15) - return -1; - break; - - case LWS_EXT_CB_CLIENT_CONSTRUCT: - case LWS_EXT_CB_CONSTRUCT: - - n = context->pt_serv_buf_size; - if (wsi->protocol->rx_buffer_size) - n = (int)wsi->protocol->rx_buffer_size; - - if (n < 128) { - lwsl_info(" permessage-deflate requires the protocol " - "(%s) to have an RX buffer >= 128\n", - wsi->protocol->name); - return -1; - } - - /* fill in **user */ - priv = lws_zalloc(sizeof(*priv), "pmd priv"); - *((void **)user) = priv; - lwsl_ext("%s: LWS_EXT_CB_*CONSTRUCT\n", __func__); - memset(priv, 0, sizeof(*priv)); - - /* fill in pointer to options list */ - if (in) - *((const struct lws_ext_options **)in) = - lws_ext_pm_deflate_options; - - /* fallthru */ - - case LWS_EXT_CB_OPTION_DEFAULT: - - /* set the public, RFC7692 defaults... */ - - priv->args[PMD_SERVER_NO_CONTEXT_TAKEOVER] = 0, - priv->args[PMD_CLIENT_NO_CONTEXT_TAKEOVER] = 0; - priv->args[PMD_SERVER_MAX_WINDOW_BITS] = 15; - priv->args[PMD_CLIENT_MAX_WINDOW_BITS] = 15; - - /* ...and the ones the user code can override */ - - priv->args[PMD_RX_BUF_PWR2] = 10; /* ie, 1024 */ - priv->args[PMD_TX_BUF_PWR2] = 10; /* ie, 1024 */ - priv->args[PMD_COMP_LEVEL] = 1; - priv->args[PMD_MEM_LEVEL] = 8; - - lws_extension_pmdeflate_restrict_args(wsi, priv); - break; - - case LWS_EXT_CB_DESTROY: - lwsl_ext("%s: LWS_EXT_CB_DESTROY\n", __func__); - lws_free(priv->buf_rx_inflated); - lws_free(priv->buf_tx_deflated); - if (priv->rx_init) - (void)inflateEnd(&priv->rx); - if (priv->tx_init) - (void)deflateEnd(&priv->tx); - lws_free(priv); - return ret; - - case LWS_EXT_CB_PAYLOAD_RX: - lwsl_ext(" %s: LWS_EXT_CB_PAYLOAD_RX: in %d, existing in %d\n", - __func__, eff_buf->token_len, priv->rx.avail_in); - if (!(wsi->ws->rsv_first_msg & 0x40)) - return 0; - -#if 0 - for (n = 0; n < eff_buf->token_len; n++) { - printf("%02X ", (unsigned char)eff_buf->token[n]); - if ((n & 15) == 15) - printf("\n"); - } - printf("\n"); -#endif - if (!priv->rx_init) - if (inflateInit2(&priv->rx, - -priv->args[PMD_SERVER_MAX_WINDOW_BITS]) != Z_OK) { - lwsl_err("%s: iniflateInit failed\n", __func__); - return -1; - } - priv->rx_init = 1; - if (!priv->buf_rx_inflated) - priv->buf_rx_inflated = lws_malloc(LWS_PRE + 7 + 5 + - (1 << priv->args[PMD_RX_BUF_PWR2]), - "pmd rx inflate buf"); - if (!priv->buf_rx_inflated) { - lwsl_err("%s: OOM\n", __func__); - return -1; - } - - /* - * We have to leave the input stream alone if we didn't - * finish with it yet. The input stream is held in the wsi - * rx buffer by the caller, so this assumption is safe while - * we block new rx while draining the existing rx - */ - if (!priv->rx.avail_in && eff_buf->token && - eff_buf->token_len) { - priv->rx.next_in = (unsigned char *)eff_buf->token; - priv->rx.avail_in = eff_buf->token_len; - } - priv->rx.next_out = priv->buf_rx_inflated + LWS_PRE; - eff_buf->token = (char *)priv->rx.next_out; - priv->rx.avail_out = 1 << priv->args[PMD_RX_BUF_PWR2]; - - if (priv->rx_held_valid) { - lwsl_ext("-- RX piling on held byte --\n"); - *(priv->rx.next_out++) = priv->rx_held; - priv->rx.avail_out--; - priv->rx_held_valid = 0; - } - - /* if... - * - * - he has no remaining input content for this message, and - * - and this is the final fragment, and - * - we used everything that could be drained on the input side - * - * ...then put back the 00 00 FF FF the sender stripped as our - * input to zlib - */ - if (!priv->rx.avail_in && wsi->ws->final && - !wsi->ws->rx_packet_length) { - lwsl_ext("RX APPEND_TRAILER-DO\n"); - was_fin = 1; - priv->rx.next_in = trail; - priv->rx.avail_in = sizeof(trail); - } - - n = inflate(&priv->rx, Z_NO_FLUSH); - lwsl_ext("inflate ret %d, avi %d, avo %d, wsifinal %d\n", n, - priv->rx.avail_in, priv->rx.avail_out, wsi->ws->final); - switch (n) { - case Z_NEED_DICT: - case Z_STREAM_ERROR: - case Z_DATA_ERROR: - case Z_MEM_ERROR: - lwsl_info("zlib error inflate %d: %s\n", - n, priv->rx.msg); - return -1; - } - /* - * If we did not already send in the 00 00 FF FF, and he's - * out of input, he did not EXACTLY fill the output buffer - * (which is ambiguous and we will force it to go around - * again by withholding a byte), and he's otherwise working on - * being a FIN fragment, then do the FIN message processing - * of faking up the 00 00 FF FF that the sender stripped. - */ - if (!priv->rx.avail_in && wsi->ws->final && - !wsi->ws->rx_packet_length && !was_fin && - priv->rx.avail_out /* ambiguous as to if it is the end */ - ) { - lwsl_ext("RX APPEND_TRAILER-DO\n"); - was_fin = 1; - priv->rx.next_in = trail; - priv->rx.avail_in = sizeof(trail); - n = inflate(&priv->rx, Z_SYNC_FLUSH); - lwsl_ext("RX trailer inf returned %d, avi %d, avo %d\n", - n, priv->rx.avail_in, priv->rx.avail_out); - switch (n) { - case Z_NEED_DICT: - case Z_STREAM_ERROR: - case Z_DATA_ERROR: - case Z_MEM_ERROR: - lwsl_info("zlib error inflate %d: %s\n", - n, priv->rx.msg); - return -1; - } - } - /* - * we must announce in our returncode now if there is more - * output to be expected from inflate, so we can decide to - * set the FIN bit on this bufferload or not. However zlib - * is ambiguous when we exactly filled the inflate buffer. It - * does not give us a clue as to whether we should understand - * that to mean he ended on a buffer boundary, or if there is - * more in the pipeline. - * - * So to work around that safely, if it used all output space - * exactly, we ALWAYS say there is more coming and we withhold - * the last byte of the buffer to guarantee that is true. - * - * That still leaves us at least one byte to finish with a FIN - * on, even if actually nothing more is coming from the next - * inflate action itself. - */ - if (!priv->rx.avail_out) { /* he used all available out buf */ - lwsl_ext("-- rx grabbing held --\n"); - /* snip the last byte and hold it for next time */ - priv->rx_held = *(--priv->rx.next_out); - priv->rx_held_valid = 1; - } - - eff_buf->token_len = lws_ptr_diff(priv->rx.next_out, - eff_buf->token); - priv->count_rx_between_fin += eff_buf->token_len; - - lwsl_ext(" %s: RX leaving with new effbuff len %d, " - "ret %d, rx.avail_in=%d, TOTAL RX since FIN %lu\n", - __func__, eff_buf->token_len, priv->rx_held_valid, - priv->rx.avail_in, - (unsigned long)priv->count_rx_between_fin); - - if (was_fin) { - priv->count_rx_between_fin = 0; - if (priv->args[PMD_SERVER_NO_CONTEXT_TAKEOVER]) { - (void)inflateEnd(&priv->rx); - priv->rx_init = 0; - } - } -#if 0 - for (n = 0; n < eff_buf->token_len; n++) - putchar(eff_buf->token[n]); - puts("\n"); -#endif - - return priv->rx_held_valid; - - case LWS_EXT_CB_PAYLOAD_TX: - - if (!priv->tx_init) { - n = deflateInit2(&priv->tx, priv->args[PMD_COMP_LEVEL], - Z_DEFLATED, - -priv->args[PMD_SERVER_MAX_WINDOW_BITS + - (wsi->vhost->listen_port <= 0)], - priv->args[PMD_MEM_LEVEL], - Z_DEFAULT_STRATEGY); - if (n != Z_OK) { - lwsl_ext("inflateInit2 failed %d\n", n); - return 1; - } - } - priv->tx_init = 1; - if (!priv->buf_tx_deflated) - priv->buf_tx_deflated = lws_malloc(LWS_PRE + 7 + 5 + - (1 << priv->args[PMD_TX_BUF_PWR2]), - "pmd tx deflate buf"); - if (!priv->buf_tx_deflated) { - lwsl_err("%s: OOM\n", __func__); - return -1; - } - - if (eff_buf->token) { - lwsl_ext("%s: TX: eff_buf length %d\n", __func__, - eff_buf->token_len); - priv->tx.next_in = (unsigned char *)eff_buf->token; - priv->tx.avail_in = eff_buf->token_len; - } - -#if 0 - for (n = 0; n < eff_buf->token_len; n++) { - printf("%02X ", (unsigned char)eff_buf->token[n]); - if ((n & 15) == 15) - printf("\n"); - } - printf("\n"); -#endif - - priv->tx.next_out = priv->buf_tx_deflated + LWS_PRE + 5; - eff_buf->token = (char *)priv->tx.next_out; - priv->tx.avail_out = 1 << priv->args[PMD_TX_BUF_PWR2]; - - n = deflate(&priv->tx, Z_SYNC_FLUSH); - if (n == Z_STREAM_ERROR) { - lwsl_ext("%s: Z_STREAM_ERROR\n", __func__); - return -1; - } - - if (priv->tx_held_valid) { - priv->tx_held_valid = 0; - if ((int)priv->tx.avail_out == 1 << priv->args[PMD_TX_BUF_PWR2]) - /* - * we can get a situation he took something in - * but did not generate anything out, at the end - * of a message (eg, next thing he sends is 80 - * 00, a zero length FIN, like Authobahn can - * send). - * If we have come back as a FIN, we must not - * place the pending trailer 00 00 FF FF, just - * the 1 byte of live data - */ - *(--eff_buf->token) = priv->tx_held[0]; - else { - /* he generated data, prepend whole pending */ - eff_buf->token -= 5; - for (n = 0; n < 5; n++) - eff_buf->token[n] = priv->tx_held[n]; - - } - } - priv->compressed_out = 1; - eff_buf->token_len = lws_ptr_diff(priv->tx.next_out, - eff_buf->token); - - /* - * we must announce in our returncode now if there is more - * output to be expected from inflate, so we can decide to - * set the FIN bit on this bufferload or not. However zlib - * is ambiguous when we exactly filled the inflate buffer. It - * does not give us a clue as to whether we should understand - * that to mean he ended on a buffer boundary, or if there is - * more in the pipeline. - * - * Worse, the guy providing the stuff we are sending may not - * know until after that this was, actually, the last chunk, - * that can happen even if we did not fill the output buf, ie - * he may send after this a zero-length FIN fragment. - * - * This is super difficult because we must snip the last 4 - * bytes in the case this is the last compressed output of the - * message. The only way to deal with it is defer sending the - * last 5 bytes of each frame until the next one, when we will - * be in a position to understand if that has a FIN or not. - */ - - extra = !!(len & LWS_WRITE_NO_FIN) || !priv->tx.avail_out; - - if (eff_buf->token_len >= 4 + extra) { - lwsl_ext("tx held %d\n", 4 + extra); - priv->tx_held_valid = extra; - for (n = 3 + extra; n >= 0; n--) - priv->tx_held[n] = *(--priv->tx.next_out); - eff_buf->token_len -= 4 + extra; - } - lwsl_ext(" TX rewritten with new effbuff len %d, ret %d\n", - eff_buf->token_len, !priv->tx.avail_out); - - return !priv->tx.avail_out; /* 1 == have more tx pending */ - - case LWS_EXT_CB_PACKET_TX_PRESEND: - if (!priv->compressed_out) - break; - priv->compressed_out = 0; - - if ((*(eff_buf->token) & 0x80) && - priv->args[PMD_CLIENT_NO_CONTEXT_TAKEOVER]) { - lwsl_debug("PMD_CLIENT_NO_CONTEXT_TAKEOVER\n"); - (void)deflateEnd(&priv->tx); - priv->tx_init = 0; - } - - n = *(eff_buf->token) & 15; - /* set RSV1, but not on CONTINUATION */ - if (n == LWSWSOPC_TEXT_FRAME || n == LWSWSOPC_BINARY_FRAME) - *eff_buf->token |= 0x40; -#if 0 - for (n = 0; n < eff_buf->token_len; n++) { - printf("%02X ", (unsigned char)eff_buf->token[n]); - if ((n & 15) == 15) - puts("\n"); - } - puts("\n"); -#endif - lwsl_ext("%s: tx opcode 0x%02X\n", __func__, - (unsigned char)*eff_buf->token); - break; - - default: - break; - } - - return 0; -} - diff --git a/lib/ext/extension-permessage-deflate.h b/lib/ext/extension-permessage-deflate.h deleted file mode 100644 index 8737736..0000000 --- a/lib/ext/extension-permessage-deflate.h +++ /dev/null @@ -1,41 +0,0 @@ - -#include - -#define DEFLATE_FRAME_COMPRESSION_LEVEL_SERVER 1 -#define DEFLATE_FRAME_COMPRESSION_LEVEL_CLIENT Z_DEFAULT_COMPRESSION - -enum arg_indexes { - PMD_SERVER_NO_CONTEXT_TAKEOVER, - PMD_CLIENT_NO_CONTEXT_TAKEOVER, - PMD_SERVER_MAX_WINDOW_BITS, - PMD_CLIENT_MAX_WINDOW_BITS, - PMD_RX_BUF_PWR2, - PMD_TX_BUF_PWR2, - PMD_COMP_LEVEL, - PMD_MEM_LEVEL, - - PMD_ARG_COUNT -}; - -struct lws_ext_pm_deflate_priv { - z_stream rx; - z_stream tx; - - unsigned char *buf_rx_inflated; /* RX inflated output buffer */ - unsigned char *buf_tx_deflated; /* TX deflated output buffer */ - - size_t count_rx_between_fin; - - unsigned char args[PMD_ARG_COUNT]; - unsigned char tx_held[5]; - unsigned char rx_held; - - unsigned char tx_init:1; - unsigned char rx_init:1; - unsigned char compressed_out:1; - unsigned char rx_held_valid:1; - unsigned char tx_held_valid:1; - unsigned char rx_append_trailer:1; - unsigned char pending_tx_trailer:1; -}; - diff --git a/lib/ext/extension.c b/lib/ext/extension.c deleted file mode 100644 index a8855a5..0000000 --- a/lib/ext/extension.c +++ /dev/null @@ -1,344 +0,0 @@ -#include "private-libwebsockets.h" - -#include "extension-permessage-deflate.h" - -LWS_VISIBLE void -lws_context_init_extensions(struct lws_context_creation_info *info, - struct lws_context *context) -{ - lwsl_info(" LWS_MAX_EXTENSIONS_ACTIVE: %u\n", LWS_MAX_EXTENSIONS_ACTIVE); -} - -enum lws_ext_option_parser_states { - LEAPS_SEEK_NAME, - LEAPS_EAT_NAME, - LEAPS_SEEK_VAL, - LEAPS_EAT_DEC, - LEAPS_SEEK_ARG_TERM -}; - -LWS_VISIBLE int -lws_ext_parse_options(const struct lws_extension *ext, struct lws *wsi, - void *ext_user, const struct lws_ext_options *opts, - const char *in, int len) -{ - enum lws_ext_option_parser_states leap = LEAPS_SEEK_NAME; - unsigned int match_map = 0, n, m, w = 0, count_options = 0, - pending_close_quote = 0; - struct lws_ext_option_arg oa; - - oa.option_name = NULL; - - while (opts[count_options].name) - count_options++; - while (len) { - lwsl_ext("'%c' %d", *in, leap); - switch (leap) { - case LEAPS_SEEK_NAME: - if (*in == ' ') - break; - if (*in == ',') { - len = 1; - break; - } - match_map = (1 << count_options) - 1; - leap = LEAPS_EAT_NAME; - w = 0; - - /* fallthru */ - - case LEAPS_EAT_NAME: - oa.start = NULL; - oa.len = 0; - m = match_map; - n = 0; - pending_close_quote = 0; - while (m) { - if (m & 1) { - lwsl_ext(" m=%d, n=%d, w=%d\n", m, n, w); - - if (*in == opts[n].name[w]) { - if (!opts[n].name[w + 1]) { - oa.option_index = n; - lwsl_ext("hit %d\n", oa.option_index); - leap = LEAPS_SEEK_VAL; - if (len == 1) - goto set_arg; - break; - } - } else { - match_map &= ~(1 << n); - if (!match_map) { - lwsl_ext("empty match map\n"); - return -1; - } - } - } - m >>= 1; - n++; - } - w++; - break; - case LEAPS_SEEK_VAL: - if (*in == ' ') - break; - if (*in == ',') { - len = 1; - break; - } - if (*in == ';' || len == 1) { /* ie,nonoptional */ - if (opts[oa.option_index].type == EXTARG_DEC) - return -1; - leap = LEAPS_SEEK_NAME; - goto set_arg; - } - if (*in == '=') { - w = 0; - pending_close_quote = 0; - if (opts[oa.option_index].type == EXTARG_NONE) - return -1; - - leap = LEAPS_EAT_DEC; - break; - } - return -1; - - case LEAPS_EAT_DEC: - if (*in >= '0' && *in <= '9') { - if (!w) - oa.start = in; - w++; - if (len != 1) - break; - } - if (!w && *in =='"') { - pending_close_quote = 1; - break; - } - if (!w) - return -1; - if (pending_close_quote && *in != '"' && len != 1) - return -1; - leap = LEAPS_SEEK_ARG_TERM; - if (oa.start) - oa.len = lws_ptr_diff(in, oa.start); - if (len == 1) - oa.len++; - -set_arg: - ext->callback(lws_get_context(wsi), - ext, wsi, LWS_EXT_CB_OPTION_SET, - ext_user, (char *)&oa, 0); - if (len == 1) - break; - if (pending_close_quote && *in == '"') - break; - - /* fallthru */ - - case LEAPS_SEEK_ARG_TERM: - if (*in == ' ') - break; - if (*in == ';') { - leap = LEAPS_SEEK_NAME; - break; - } - if (*in == ',') { - len = 1; - break; - } - return -1; - } - len--; - in++; - } - - return 0; -} - - -/* 0 = nobody had nonzero return, 1 = somebody had positive return, -1 = fail */ - -int lws_ext_cb_active(struct lws *wsi, int reason, void *arg, int len) -{ - int n, m, handled = 0; - - for (n = 0; n < wsi->count_act_ext; n++) { - m = wsi->active_extensions[n]->callback(lws_get_context(wsi), - wsi->active_extensions[n], wsi, reason, - wsi->act_ext_user[n], arg, len); - if (m < 0) { - lwsl_ext("Ext '%s' failed to handle callback %d!\n", - wsi->active_extensions[n]->name, reason); - return -1; - } - /* valgrind... */ - if (reason == LWS_EXT_CB_DESTROY) - wsi->act_ext_user[n] = NULL; - if (m > handled) - handled = m; - } - - return handled; -} - -int lws_ext_cb_all_exts(struct lws_context *context, struct lws *wsi, - int reason, void *arg, int len) -{ - int n = 0, m, handled = 0; - const struct lws_extension *ext; - - if (!wsi || !wsi->vhost) - return 0; - - ext = wsi->vhost->extensions; - - while (ext && ext->callback && !handled) { - m = ext->callback(context, ext, wsi, reason, - (void *)(lws_intptr_t)n, arg, len); - if (m < 0) { - lwsl_ext("Ext '%s' failed to handle callback %d!\n", - wsi->active_extensions[n]->name, reason); - return -1; - } - if (m) - handled = 1; - - ext++; - n++; - } - - return 0; -} - -int -lws_issue_raw_ext_access(struct lws *wsi, unsigned char *buf, size_t len) -{ - struct lws_tokens eff_buf; - int ret, m, n = 0; - - eff_buf.token = (char *)buf; - eff_buf.token_len = (int)len; - - /* - * while we have original buf to spill ourselves, or extensions report - * more in their pipeline - */ - - ret = 1; - while (ret == 1) { - - /* default to nobody has more to spill */ - - ret = 0; - - /* show every extension the new incoming data */ - m = lws_ext_cb_active(wsi, - LWS_EXT_CB_PACKET_TX_PRESEND, &eff_buf, 0); - if (m < 0) - return -1; - if (m) /* handled */ - ret = 1; - - if ((char *)buf != eff_buf.token) - /* - * extension recreated it: - * need to buffer this if not all sent - */ - wsi->ws->clean_buffer = 0; - - /* assuming they left us something to send, send it */ - - if (eff_buf.token_len) { - n = lws_issue_raw(wsi, (unsigned char *)eff_buf.token, - eff_buf.token_len); - if (n < 0) { - lwsl_info("closing from ext access\n"); - return -1; - } - - /* always either sent it all or privately buffered */ - if (wsi->ws->clean_buffer) - len = n; - } - - lwsl_parser("written %d bytes to client\n", n); - - /* no extension has more to spill? Then we can go */ - - if (!ret) - break; - - /* we used up what we had */ - - eff_buf.token = NULL; - eff_buf.token_len = 0; - - /* - * Did that leave the pipe choked? - * Or we had to hold on to some of it? - */ - - if (!lws_send_pipe_choked(wsi) && !wsi->trunc_len) - /* no we could add more, lets's do that */ - continue; - - lwsl_debug("choked\n"); - - /* - * Yes, he's choked. Don't spill the rest now get a callback - * when he is ready to send and take care of it there - */ - lws_callback_on_writable(wsi); - wsi->extension_data_pending = 1; - ret = 0; - } - - return (int)len; -} - -int -lws_any_extension_handled(struct lws *wsi, enum lws_extension_callback_reasons r, - void *v, size_t len) -{ - struct lws_context *context = wsi->context; - int n, handled = 0; - - /* maybe an extension will take care of it for us */ - - for (n = 0; n < wsi->count_act_ext && !handled; n++) { - if (!wsi->active_extensions[n]->callback) - continue; - - handled |= wsi->active_extensions[n]->callback(context, - wsi->active_extensions[n], wsi, - r, wsi->act_ext_user[n], v, len); - } - - return handled; -} - -int -lws_set_extension_option(struct lws *wsi, const char *ext_name, - const char *opt_name, const char *opt_val) -{ - struct lws_ext_option_arg oa; - int idx = 0; - - /* first identify if the ext is active on this wsi */ - while (idx < wsi->count_act_ext && - strcmp(wsi->active_extensions[idx]->name, ext_name)) - idx++; - - if (idx == wsi->count_act_ext) - return -1; /* request ext not active on this wsi */ - - oa.option_name = opt_name; - oa.option_index = 0; - oa.start = opt_val; - oa.len = 0; - - return wsi->active_extensions[idx]->callback( - wsi->context, wsi->active_extensions[idx], wsi, - LWS_EXT_CB_NAMED_OPTION_SET, wsi->act_ext_user[idx], &oa, 0); -} diff --git a/lib/handshake.c b/lib/handshake.c deleted file mode 100644 index 2a89fec..0000000 --- a/lib/handshake.c +++ /dev/null @@ -1,357 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -/* - * -04 of the protocol (actually the 80th version) has a radically different - * handshake. The 04 spec gives the following idea - * - * The handshake from the client looks as follows: - * - * GET /chat HTTP/1.1 - * Host: server.example.com - * Upgrade: websocket - * Connection: Upgrade - * Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== - * Sec-WebSocket-Origin: http://example.com - * Sec-WebSocket-Protocol: chat, superchat - * Sec-WebSocket-Version: 4 - * - * The handshake from the server looks as follows: - * - * HTTP/1.1 101 Switching Protocols - * Upgrade: websocket - * Connection: Upgrade - * Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo= - * Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC== - * Sec-WebSocket-Protocol: chat - */ - -#ifndef min -#define min(a, b) ((a) < (b) ? (a) : (b)) -#endif - -/* - * We have to take care about parsing because the headers may be split - * into multiple fragments. They may contain unknown headers with arbitrary - * argument lengths. So, we parse using a single-character at a time state - * machine that is completely independent of packet size. - * - * Returns <0 for error or length of chars consumed from buf (up to len) - */ - -LWS_VISIBLE int -lws_read(struct lws *wsi, unsigned char *buf, lws_filepos_t len) -{ - unsigned char *last_char, *oldbuf = buf; - lws_filepos_t body_chunk_len; - size_t n; - -#if defined(LWS_WITH_HTTP2) - - if (lwsi_role_h2(wsi) && - !lwsi_role_ws(wsi) && - lwsi_state(wsi) != LRS_BODY) { - int m; - - // lwsl_notice("%s: h2 path: wsistate 0x%x len %d\n", __func__, - // wsi->wsistate, (int)len); - - /* - * wsi here is always the network connection wsi, not a stream - * wsi. Once we unpicked the framing we will find the right - * swsi and make it the target of the frame. - * - * If it's ws over h2, the nwsi will get us here to do the h2 - * processing, and that will call us back with the swsi + - * ESTABLISHED state for the inner payload, handled in a later - * case. - */ - while (len) { - /* - * we were accepting input but now we stopped doing so - */ - if (lws_is_flowcontrolled(wsi)) { - lws_rxflow_cache(wsi, buf, 0, (int)len); - - return 1; - } - - /* - * lws_h2_parser() may send something; when it gets the - * whole frame, it will want to perform some action - * involving a reply. But we may be in a partial send - * situation on the network wsi... - * - * Even though we may be in a partial send and unable to - * send anything new, we still have to parse the network - * wsi in order to gain tx credit to send, which is - * potentially necessary to clear the old partial send. - * - * ALL network wsi-specific frames are sent by PPS - * already, these are sent as a priority on the writable - * handler, and so respect partial sends. The only - * problem is when a stream wsi wants to send an, eg, - * reply headers frame in response to the parsing - * we will do now... the *stream wsi* must stall in a - * different state until it is able to do so from a - * priority on the WRITABLE callback, same way that - * file transfers operate. - */ - - m = lws_h2_parser(wsi, buf, len, &body_chunk_len); - if (m && m != 2) { - lwsl_debug("%s: http2_parser bailed\n", __func__); - goto bail; - } - if (m && m == 2) { - /* swsi has been closed */ - buf += body_chunk_len; - len -= body_chunk_len; - goto read_ok; - } - - /* account for what we're using in rxflow buffer */ - if (wsi->rxflow_buffer) { - wsi->rxflow_pos += (int)body_chunk_len; - assert(wsi->rxflow_pos <= wsi->rxflow_len); - } - - buf += body_chunk_len; - len -= body_chunk_len; - } -// lwsl_debug("%s: used up block\n", __func__); - goto read_ok; - } -#endif - - // lwsl_notice("%s: h1 path: wsi state 0x%x\n", __func__, lwsi_state(wsi)); - - switch (lwsi_state(wsi)) { - - case LRS_ISSUING_FILE: - return 0; - - case LRS_ESTABLISHED: - - if (lwsi_role_non_ws_client(wsi)) - break; - - if (lwsi_role_ws(wsi)) - goto ws_mode; - - wsi->hdr_parsing_completed = 0; - - /* fallthru */ - - case LRS_HEADERS: - if (!wsi->ah) { - lwsl_err("%s: LRS_HEADERS: NULL ah\n", __func__); - assert(0); - } - lwsl_parser("issuing %d bytes to parser\n", (int)len); - - if (lws_handshake_client(wsi, &buf, (size_t)len)) - goto bail; - - last_char = buf; - if (lws_handshake_server(wsi, &buf, (size_t)len)) - /* Handshake indicates this session is done. */ - goto bail; - - /* we might have transitioned to RAW */ - if (lwsi_role_raw(wsi)) - /* we gave the read buffer to RAW handler already */ - goto read_ok; - - /* - * It's possible that we've exhausted our data already, or - * rx flow control has stopped us dealing with this early, - * but lws_handshake_server doesn't update len for us. - * Figure out how much was read, so that we can proceed - * appropriately: - */ - len -= (buf - last_char); -// lwsl_debug("%s: thinks we have used %ld\n", __func__, (long)len); - - if (!wsi->hdr_parsing_completed) - /* More header content on the way */ - goto read_ok; - - switch (lwsi_state(wsi)) { - case LRS_ESTABLISHED: - case LRS_HEADERS: - goto read_ok; - case LRS_ISSUING_FILE: - goto read_ok; - case LRS_BODY: - wsi->http.rx_content_remain = - wsi->http.rx_content_length; - if (wsi->http.rx_content_remain) - goto http_postbody; - - /* there is no POST content */ - goto postbody_completion; - default: - break; - } - break; - - case LRS_BODY: -http_postbody: - //lwsl_notice("http post body\n"); - while (len && wsi->http.rx_content_remain) { - /* Copy as much as possible, up to the limit of: - * what we have in the read buffer (len) - * remaining portion of the POST body (content_remain) - */ - body_chunk_len = min(wsi->http.rx_content_remain, len); - wsi->http.rx_content_remain -= body_chunk_len; - len -= body_chunk_len; -#ifdef LWS_WITH_CGI - if (wsi->cgi) { - struct lws_cgi_args args; - - args.ch = LWS_STDIN; - args.stdwsi = &wsi->cgi->stdwsi[0]; - args.data = buf; - args.len = body_chunk_len; - - /* returns how much used */ - n = user_callback_handle_rxflow( - wsi->protocol->callback, - wsi, LWS_CALLBACK_CGI_STDIN_DATA, - wsi->user_space, - (void *)&args, 0); - if ((int)n < 0) - goto bail; - } else { -#endif - n = wsi->protocol->callback(wsi, - LWS_CALLBACK_HTTP_BODY, wsi->user_space, - buf, (size_t)body_chunk_len); - if (n) - goto bail; - n = (size_t)body_chunk_len; -#ifdef LWS_WITH_CGI - } -#endif - buf += n; - - if (wsi->http.rx_content_remain) { - lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT, - wsi->context->timeout_secs); - break; - } - /* he sent all the content in time */ -postbody_completion: -#ifdef LWS_WITH_CGI - /* - * If we're running a cgi, we can't let him off the - * hook just because he sent his POST data - */ - if (wsi->cgi) - lws_set_timeout(wsi, PENDING_TIMEOUT_CGI, - wsi->context->timeout_secs); - else -#endif - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); -#ifdef LWS_WITH_CGI - if (!wsi->cgi) -#endif - { - lwsl_info("HTTP_BODY_COMPLETION\n"); - n = wsi->protocol->callback(wsi, - LWS_CALLBACK_HTTP_BODY_COMPLETION, - wsi->user_space, NULL, 0); - if (n) - goto bail; - - if (wsi->http2_substream) - lwsi_set_state(wsi, LRS_ESTABLISHED); - } - - break; - } - break; - - case LRS_AWAITING_CLOSE_ACK: - case LRS_WAITING_TO_SEND_CLOSE: - case LRS_SHUTDOWN: - -ws_mode: - - if (lws_handshake_client(wsi, &buf, (size_t)len)) - goto bail; - - switch (lwsi_role(wsi)) { - case LWSI_ROLE_WS1_SERVER: - case LWSI_ROLE_WS2_SERVER: - /* - * for h2 we are on the swsi - */ - if (lws_interpret_incoming_packet(wsi, &buf, - (size_t)len) < 0) { - lwsl_info("interpret_incoming_packet bailed\n"); - goto bail; - } - break; - } - break; - - case LRS_DEFERRING_ACTION: - lwsl_debug("%s: LRS_DEFERRING_ACTION\n", __func__); - break; - - case LRS_SSL_ACK_PENDING: - break; - - case LRS_DEAD_SOCKET: - lwsl_err("%s: Unhandled state LRS_DEAD_SOCKET\n", __func__); - assert(0); - /* fallthru */ - - default: - lwsl_err("%s: Unhandled state %d\n", __func__, lwsi_state(wsi)); - goto bail; - } - -read_ok: - /* Nothing more to do for now */ -// lwsl_info("%s: %p: read_ok, used %ld (len %d, state %d)\n", __func__, -// wsi, (long)(buf - oldbuf), (int)len, wsi->state); - - return lws_ptr_diff(buf, oldbuf); - -bail: - /* - * h2 / h2-ws calls us recursively in lws_read()->lws_h2_parser()-> - * lws_read() pattern, having stripped the h2 framing in the middle. - * - * When taking down the whole connection, make sure that only the - * outer lws_read() does the wsi close. - */ - if (!wsi->outer_will_close) - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "lws_read bail"); - - return -1; -} diff --git a/lib/header.c b/lib/header.c deleted file mode 100644 index 1be0f7b..0000000 --- a/lib/header.c +++ /dev/null @@ -1,402 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" -#include "lextable-strings.h" - - -const unsigned char * -lws_token_to_string(enum lws_token_indexes token) -{ - if ((unsigned int)token >= ARRAY_SIZE(set)) - return NULL; - - return (unsigned char *)set[token]; -} - -int -lws_add_http_header_by_name(struct lws *wsi, const unsigned char *name, - const unsigned char *value, int length, - unsigned char **p, unsigned char *end) -{ -#ifdef LWS_WITH_HTTP2 - if (lwsi_role_h2(wsi)) - return lws_add_http2_header_by_name(wsi, name, - value, length, p, end); -#else - (void)wsi; -#endif - if (name) { - while (*p < end && *name) - *((*p)++) = *name++; - if (*p == end) - return 1; - *((*p)++) = ' '; - } - if (*p + length + 3 >= end) - return 1; - - memcpy(*p, value, length); - *p += length; - *((*p)++) = '\x0d'; - *((*p)++) = '\x0a'; - - return 0; -} - -int lws_finalize_http_header(struct lws *wsi, unsigned char **p, - unsigned char *end) -{ -#ifdef LWS_WITH_HTTP2 - if (lwsi_role_h2(wsi)) - return 0; -#else - (void)wsi; -#endif - if ((lws_intptr_t)(end - *p) < 3) - return 1; - *((*p)++) = '\x0d'; - *((*p)++) = '\x0a'; - - return 0; -} - -int -lws_finalize_write_http_header(struct lws *wsi, unsigned char *start, - unsigned char **pp, unsigned char *end) -{ - unsigned char *p; - int len; - - if (lws_finalize_http_header(wsi, pp, end)) - return 1; - - p = *pp; - len = lws_ptr_diff(p, start); - - if (lws_write(wsi, start, len, LWS_WRITE_HTTP_HEADERS) != len) - return 1; - - return 0; -} - -int -lws_add_http_header_by_token(struct lws *wsi, enum lws_token_indexes token, - const unsigned char *value, int length, - unsigned char **p, unsigned char *end) -{ - const unsigned char *name; -#ifdef LWS_WITH_HTTP2 - if (lwsi_role_h2(wsi)) - return lws_add_http2_header_by_token(wsi, token, value, - length, p, end); -#endif - name = lws_token_to_string(token); - if (!name) - return 1; - - return lws_add_http_header_by_name(wsi, name, value, length, p, end); -} - -int lws_add_http_header_content_length(struct lws *wsi, - lws_filepos_t content_length, - unsigned char **p, unsigned char *end) -{ - char b[24]; - int n; - - n = sprintf(b, "%llu", (unsigned long long)content_length); - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH, - (unsigned char *)b, n, p, end)) - return 1; - wsi->http.tx_content_length = content_length; - wsi->http.tx_content_remain = content_length; - - lwsl_info("%s: wsi %p: tx_content_length/remain %llu\n", __func__, - wsi, (unsigned long long)content_length); - - return 0; -} - -int -lws_add_http_common_headers(struct lws *wsi, unsigned int code, - const char *content_type, lws_filepos_t content_len, - unsigned char **p, unsigned char *end) -{ - if (lws_add_http_header_status(wsi, code, p, end)) - return 1; - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, - (unsigned char *)content_type, - strlen(content_type), p, end)) - return 1; - if (lws_add_http_header_content_length(wsi, content_len, p, end)) - return 1; - - return 0; -} - -STORE_IN_ROM static const char * const err400[] = { - "Bad Request", - "Unauthorized", - "Payment Required", - "Forbidden", - "Not Found", - "Method Not Allowed", - "Not Acceptable", - "Proxy Auth Required", - "Request Timeout", - "Conflict", - "Gone", - "Length Required", - "Precondition Failed", - "Request Entity Too Large", - "Request URI too Long", - "Unsupported Media Type", - "Requested Range Not Satisfiable", - "Expectation Failed" -}; - -STORE_IN_ROM static const char * const err500[] = { - "Internal Server Error", - "Not Implemented", - "Bad Gateway", - "Service Unavailable", - "Gateway Timeout", - "HTTP Version Not Supported" -}; - -int -lws_add_http_header_status(struct lws *wsi, unsigned int _code, - unsigned char **p, unsigned char *end) -{ - STORE_IN_ROM static const char * const hver[] = { - "HTTP/1.0", "HTTP/1.1", "HTTP/2" - }; - const struct lws_protocol_vhost_options *headers; - unsigned int code = _code & LWSAHH_CODE_MASK; - const char *description = "", *p1; - unsigned char code_and_desc[60]; - int n; - -#ifdef LWS_WITH_ACCESS_LOG - wsi->access_log.response = code; -#endif - -#ifdef LWS_WITH_HTTP2 - if (lwsi_role_h2(wsi)) - return lws_add_http2_header_status(wsi, code, p, end); -#endif - if (code >= 400 && code < (400 + ARRAY_SIZE(err400))) - description = err400[code - 400]; - if (code >= 500 && code < (500 + ARRAY_SIZE(err500))) - description = err500[code - 500]; - - if (code == 100) - description = "Continue"; - if (code == 200) - description = "OK"; - if (code == 304) - description = "Not Modified"; - else - if (code >= 300 && code < 400) - description = "Redirect"; - - if (wsi->http.request_version < ARRAY_SIZE(hver)) - p1 = hver[wsi->http.request_version]; - else - p1 = hver[0]; - - n = sprintf((char *)code_and_desc, "%s %u %s", p1, code, description); - - if (lws_add_http_header_by_name(wsi, NULL, code_and_desc, n, p, end)) - return 1; - - headers = wsi->vhost->headers; - while (headers) { - if (lws_add_http_header_by_name(wsi, - (const unsigned char *)headers->name, - (unsigned char *)headers->value, - (int)strlen(headers->value), p, end)) - return 1; - - headers = headers->next; - } - - if (wsi->context->server_string && - !(_code & LWSAHH_FLAG_NO_SERVER_NAME)) - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_SERVER, - (unsigned char *)wsi->context->server_string, - wsi->context->server_string_len, p, end)) - return 1; - - if (wsi->vhost->options & LWS_SERVER_OPTION_STS) - if (lws_add_http_header_by_name(wsi, (unsigned char *) - "Strict-Transport-Security:", - (unsigned char *)"max-age=15768000 ; " - "includeSubDomains", 36, p, end)) - return 1; - - return 0; -} - -LWS_VISIBLE int -lws_return_http_status(struct lws *wsi, unsigned int code, - const char *html_body) -{ - struct lws_context *context = lws_get_context(wsi); - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - unsigned char *p = pt->serv_buf + LWS_PRE; - unsigned char *start = p; - unsigned char *end = p + context->pt_serv_buf_size - LWS_PRE; - int n = 0, m = 0, len; - char slen[20]; - - if (!wsi->vhost) { - lwsl_err("%s: wsi not bound to vhost\n", __func__); - - return 1; - } - if (!wsi->handling_404 && - wsi->vhost->error_document_404 && - code == HTTP_STATUS_NOT_FOUND) - /* we should do a redirect, and do the 404 there */ - if (lws_http_redirect(wsi, HTTP_STATUS_FOUND, - (uint8_t *)wsi->vhost->error_document_404, - strlen(wsi->vhost->error_document_404), - &p, end) > 0) - return 0; - - /* if the redirect failed, just do a simple status */ - p = start; - - if (!html_body) - html_body = ""; - - if (lws_add_http_header_status(wsi, code, &p, end)) - return 1; - - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, - (unsigned char *)"text/html", 9, - &p, end)) - return 1; - - len = 35 + (int)strlen(html_body) + sprintf(slen, "%d", code); - n = sprintf(slen, "%d", len); - - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH, - (unsigned char *)slen, n, &p, end)) - return 1; - - if (lws_finalize_http_header(wsi, &p, end)) - return 1; - -#if defined(LWS_WITH_HTTP2) - if (wsi->http2_substream) { - unsigned char *body = p + 512; - - /* - * for HTTP/2, the headers must be sent separately, since they - * go out in their own frame. That puts us in a bind that - * we won't always be able to get away with two lws_write()s in - * sequence, since the first may use up the writability due to - * the pipe being choked or SSL_WANT_. - * - * However we do need to send the human-readable body, and the - * END_STREAM. - * - * Solve it by writing the headers now... - */ - m = lws_write(wsi, start, p - start, LWS_WRITE_HTTP_HEADERS); - if (m != lws_ptr_diff(p, start)) - return 1; - - /* - * ... but stash the body and send it as a priority next - * handle_POLLOUT - */ - - len = sprintf((char *)body, - "

%u

%s", - code, html_body); - wsi->http.tx_content_length = len; - wsi->http.tx_content_remain = len; - - wsi->h2.pending_status_body = lws_malloc(len + LWS_PRE + 1, - "pending status body"); - if (!wsi->h2.pending_status_body) - return -1; - - strcpy(wsi->h2.pending_status_body + LWS_PRE, - (const char *)body); - lws_callback_on_writable(wsi); - - return 0; - } else -#endif - { - /* - * for http/1, we can just append the body after the finalized - * headers and send it all in one go. - */ - p += lws_snprintf((char *)p, end - p - 1, - "

%u

%s", - code, html_body); - - n = lws_ptr_diff(p, start); - m = lws_write(wsi, start, n, LWS_WRITE_HTTP); - if (m != n) - return 1; - } - - return m != n; -} - -LWS_VISIBLE int -lws_http_redirect(struct lws *wsi, int code, const unsigned char *loc, int len, - unsigned char **p, unsigned char *end) -{ - unsigned char *start = *p; - - if (lws_add_http_header_status(wsi, code, p, end)) - return -1; - - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_LOCATION, loc, len, - p, end)) - return -1; - /* - * if we're going with http/1.1 and keepalive, we have to give fake - * content metadata so the client knows we completed the transaction and - * it can do the redirect... - */ - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, - (unsigned char *)"text/html", 9, p, - end)) - return -1; - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH, - (unsigned char *)"0", 1, p, end)) - return -1; - - if (lws_finalize_http_header(wsi, p, end)) - return -1; - - return lws_write(wsi, start, *p - start, LWS_WRITE_HTTP_HEADERS | - LWS_WRITE_H2_STREAM_END); -} diff --git a/lib/http2/hpack.c b/lib/http2/hpack.c deleted file mode 100644 index 678ade7..0000000 --- a/lib/http2/hpack.c +++ /dev/null @@ -1,1397 +0,0 @@ -/* - * lib/hpack.c - * - * Copyright (C) 2014-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -/* - * Official static header table for HPACK - * +-------+-----------------------------+---------------+ - | 1 | :authority | | - | 2 | :method | GET | - | 3 | :method | POST | - | 4 | :path | / | - | 5 | :path | /index.html | - | 6 | :scheme | http | - | 7 | :scheme | https | - | 8 | :status | 200 | - | 9 | :status | 204 | - | 10 | :status | 206 | - | 11 | :status | 304 | - | 12 | :status | 400 | - | 13 | :status | 404 | - | 14 | :status | 500 | - | 15 | accept-charset | | - | 16 | accept-encoding | gzip, deflate | - | 17 | accept-language | | - | 18 | accept-ranges | | - | 19 | accept | | - | 20 | access-control-allow-origin | | - | 21 | age | | - | 22 | allow | | - | 23 | authorization | | - | 24 | cache-control | | - | 25 | content-disposition | | - | 26 | content-encoding | | - | 27 | content-language | | - | 28 | content-length | | - | 29 | content-location | | - | 30 | content-range | | - | 31 | content-type | | - | 32 | cookie | | - | 33 | date | | - | 34 | etag | | - | 35 | expect | | - | 36 | expires | | - | 37 | from | | - | 38 | host | | - | 39 | if-match | | - | 40 | if-modified-since | | - | 41 | if-none-match | | - | 42 | if-range | | - | 43 | if-unmodified-since | | - | 44 | last-modified | | - | 45 | link | | - | 46 | location | | - | 47 | max-forwards | | - | 48 | proxy-authenticate | | - | 49 | proxy-authorization | | - | 50 | range | | - | 51 | referer | | - | 52 | refresh | | - | 53 | retry-after | | - | 54 | server | | - | 55 | set-cookie | | - | 56 | strict-transport-security | | - | 57 | transfer-encoding | | - | 58 | user-agent | | - | 59 | vary | | - | 60 | via | | - | 61 | www-authenticate | | - +-------+-----------------------------+---------------+ -*/ - -static const uint8_t static_hdr_len[62] = { - 0, /* starts at 1 */ - 10, 7, 7, 5, 5, 7, 7, 7, 7, 7, - 7, 7, 7, 7, 14, 15, 15, 13, 6, 27, - 3, 5, 13, 13, 19, 16, 16, 14, 16, 13, - 12, 6, 4, 4, 6, 7, 4, 4, 8, 17, - 13, 8, 19, 13, 4, 8, 12, 18, 19, 5, - 7, 7, 11, 6, 10, 25, 17, 10, 4, 3, - 16 -}; - -static const unsigned char static_token[] = { - 0, - WSI_TOKEN_HTTP_COLON_AUTHORITY, - WSI_TOKEN_HTTP_COLON_METHOD, - WSI_TOKEN_HTTP_COLON_METHOD, - WSI_TOKEN_HTTP_COLON_PATH, - WSI_TOKEN_HTTP_COLON_PATH, - WSI_TOKEN_HTTP_COLON_SCHEME, - WSI_TOKEN_HTTP_COLON_SCHEME, - WSI_TOKEN_HTTP_COLON_STATUS, - WSI_TOKEN_HTTP_COLON_STATUS, - WSI_TOKEN_HTTP_COLON_STATUS, - WSI_TOKEN_HTTP_COLON_STATUS, - WSI_TOKEN_HTTP_COLON_STATUS, - WSI_TOKEN_HTTP_COLON_STATUS, - WSI_TOKEN_HTTP_COLON_STATUS, - WSI_TOKEN_HTTP_ACCEPT_CHARSET, - WSI_TOKEN_HTTP_ACCEPT_ENCODING, - WSI_TOKEN_HTTP_ACCEPT_LANGUAGE, - WSI_TOKEN_HTTP_ACCEPT_RANGES, - WSI_TOKEN_HTTP_ACCEPT, - WSI_TOKEN_HTTP_ACCESS_CONTROL_ALLOW_ORIGIN, - WSI_TOKEN_HTTP_AGE, - WSI_TOKEN_HTTP_ALLOW, - WSI_TOKEN_HTTP_AUTHORIZATION, - WSI_TOKEN_HTTP_CACHE_CONTROL, - WSI_TOKEN_HTTP_CONTENT_DISPOSITION, - WSI_TOKEN_HTTP_CONTENT_ENCODING, - WSI_TOKEN_HTTP_CONTENT_LANGUAGE, - WSI_TOKEN_HTTP_CONTENT_LENGTH, - WSI_TOKEN_HTTP_CONTENT_LOCATION, - WSI_TOKEN_HTTP_CONTENT_RANGE, - WSI_TOKEN_HTTP_CONTENT_TYPE, - WSI_TOKEN_HTTP_COOKIE, - WSI_TOKEN_HTTP_DATE, - WSI_TOKEN_HTTP_ETAG, - WSI_TOKEN_HTTP_EXPECT, - WSI_TOKEN_HTTP_EXPIRES, - WSI_TOKEN_HTTP_FROM, - WSI_TOKEN_HOST, - WSI_TOKEN_HTTP_IF_MATCH, - WSI_TOKEN_HTTP_IF_MODIFIED_SINCE, - WSI_TOKEN_HTTP_IF_NONE_MATCH, - WSI_TOKEN_HTTP_IF_RANGE, - WSI_TOKEN_HTTP_IF_UNMODIFIED_SINCE, - WSI_TOKEN_HTTP_LAST_MODIFIED, - WSI_TOKEN_HTTP_LINK, - WSI_TOKEN_HTTP_LOCATION, - WSI_TOKEN_HTTP_MAX_FORWARDS, - WSI_TOKEN_HTTP_PROXY_AUTHENTICATE, - WSI_TOKEN_HTTP_PROXY_AUTHORIZATION, - WSI_TOKEN_HTTP_RANGE, - WSI_TOKEN_HTTP_REFERER, - WSI_TOKEN_HTTP_REFRESH, - WSI_TOKEN_HTTP_RETRY_AFTER, - WSI_TOKEN_HTTP_SERVER, - WSI_TOKEN_HTTP_SET_COOKIE, - WSI_TOKEN_HTTP_STRICT_TRANSPORT_SECURITY, - WSI_TOKEN_HTTP_TRANSFER_ENCODING, - WSI_TOKEN_HTTP_USER_AGENT, - WSI_TOKEN_HTTP_VARY, - WSI_TOKEN_HTTP_VIA, - WSI_TOKEN_HTTP_WWW_AUTHENTICATE, -}; - -/* some of the entries imply values as well as header names */ - -static const char * const http2_canned[] = { - "", - "", - "GET", - "POST", - "/", - "/index.html", - "http", - "https", - "200", - "204", - "206", - "304", - "400", - "404", - "500", - "", - "gzip, deflate" -}; - -/* see minihuf.c */ - -#include "huftable.h" - -static int huftable_decode(int pos, char c) -{ - int q = pos + !!c; - - if (lextable_terms[q >> 3] & (1 << (q & 7))) /* terminal */ - return lextable[q] | 0x8000; - - return pos + (lextable[q] << 1); -} - -static int lws_frag_start(struct lws *wsi, int hdr_token_idx) -{ - struct allocated_headers *ah = wsi->ah; - - if (!ah) { - lwsl_notice("%s: no ah\n", __func__); - return 1; - } - - ah->hdr_token_idx = -1; - - lwsl_header("%s: token %d ah->pos = %d, ah->nfrag = %d\n", - __func__, hdr_token_idx, ah->pos, ah->nfrag); - - if (!hdr_token_idx) { - lwsl_err("%s: zero hdr_token_idx\n", __func__); - return 1; - } - - if (ah->nfrag >= ARRAY_SIZE(ah->frag_index)) { - lwsl_err("%s: frag index %d too big\n", __func__, ah->nfrag); - return 1; - } - - if ((hdr_token_idx == WSI_TOKEN_HTTP_COLON_AUTHORITY || - hdr_token_idx == WSI_TOKEN_HTTP_COLON_METHOD || - hdr_token_idx == WSI_TOKEN_HTTP_COLON_PATH || - hdr_token_idx == WSI_TOKEN_COLON_PROTOCOL || - hdr_token_idx == WSI_TOKEN_HTTP_COLON_SCHEME) && - ah->frag_index[hdr_token_idx]) { - if (!(ah->frags[ah->frag_index[hdr_token_idx]].flags & 1)) { - lws_h2_goaway(lws_get_network_wsi(wsi), - H2_ERR_PROTOCOL_ERROR, - "Duplicated pseudoheader"); - return 1; - } - } - - if (ah->nfrag == 0) - ah->nfrag = 1; - - ah->frags[ah->nfrag].offset = ah->pos; - ah->frags[ah->nfrag].len = 0; - ah->frags[ah->nfrag].nfrag = 0; - ah->frags[ah->nfrag].flags = 2; /* we had reason to set it */ - - ah->hdr_token_idx = hdr_token_idx; - - /* - * Okay, but we could be, eg, the second or subsequent cookie: header - */ - - if (ah->frag_index[hdr_token_idx]) { - int n; - - /* find the last fragment for this header... */ - n = ah->frag_index[hdr_token_idx]; - while (ah->frags[n].nfrag) - n = ah->frags[n].nfrag; - /* and point it to continue in our continuation fragment */ - ah->frags[n].nfrag = ah->nfrag; - - /* cookie continuations need a separator token of ';' */ - if (hdr_token_idx == WSI_TOKEN_HTTP_COOKIE) { - ah->data[ah->pos++] = ';'; - ah->frags[ah->nfrag].len++; - } - } else - ah->frag_index[hdr_token_idx] = ah->nfrag; - - return 0; -} - -static int lws_frag_append(struct lws *wsi, unsigned char c) -{ - struct allocated_headers *ah = wsi->ah; - - ah->data[ah->pos++] = c; - ah->frags[ah->nfrag].len++; - - return (int)ah->pos >= wsi->context->max_http_header_data; -} - -static int lws_frag_end(struct lws *wsi) -{ - lwsl_header("%s\n", __func__); - if (lws_frag_append(wsi, 0)) - return 1; - - /* don't account for the terminating NUL in the logical length */ - wsi->ah->frags[wsi->ah->nfrag].len--; - - wsi->ah->nfrag++; - return 0; -} - -int -lws_hdr_extant(struct lws *wsi, enum lws_token_indexes h) -{ - struct allocated_headers *ah = wsi->ah; - int n; - - if (!ah) - return 0; - - n = ah->frag_index[h]; - if (!n) - return 0; - - return !!(ah->frags[n].flags & 2); -} - -static void lws_dump_header(struct lws *wsi, int hdr) -{ - char s[200]; - const unsigned char *p; - int len; - - if (hdr == LWS_HPACK_IGNORE_ENTRY) { - lwsl_notice("hdr tok ignored\n"); - return; - } - - (void)p; - - len = lws_hdr_copy(wsi, s, sizeof(s) - 1, hdr); - if (len < 0) - strcpy(s, "(too big to show)"); - else - s[len] = '\0'; - p = lws_token_to_string(hdr); - lwsl_header(" hdr tok %d (%s) = '%s' (len %d)\n", hdr, - p ? (char *)p : (char *)"null", s, len); -} - -/* - * dynamic table - * - * [ 0 .... num_entries - 1] - * - * Starts filling at 0+ - * - * #62 is *most recently entered* - * - * Number of entries is not restricted, but aggregated size of the entry - * payloads is. Unfortunately the way HPACK does this is specific to an - * imagined implementation, and lws implementation is much more efficient - * (ignoring unknown headers and using the lws token index for the header - * name part). - */ - -/* - * returns 0 if dynamic entry (arg and len are filled) - * returns -1 if failure - * returns nonzero token index if actually static token - */ -static int -lws_token_from_index(struct lws *wsi, int index, const char **arg, int *len, - uint32_t *hdr_len) -{ - struct hpack_dynamic_table *dyn; - - if (index == LWS_HPACK_IGNORE_ENTRY) - return LWS_HPACK_IGNORE_ENTRY; - - /* dynamic table only belongs to network wsi */ - wsi = lws_get_network_wsi(wsi); - if (!wsi->h2.h2n) - return -1; - - dyn = &wsi->h2.h2n->hpack_dyn_table; - - if (index < 0) - return -1; - - if (index < (int)ARRAY_SIZE(static_token)) { - if (arg && index < (int)ARRAY_SIZE(http2_canned)) { - *arg = http2_canned[index]; - *len = (int)strlen(http2_canned[index]); - } - if (hdr_len) - *hdr_len = static_hdr_len[index]; - - return static_token[index]; - } - - if (!dyn) { - lwsl_notice("no dynamic table\n"); - return -1; - } - - if (index < (int)ARRAY_SIZE(static_token) || - index >= (int)ARRAY_SIZE(static_token) + dyn->used_entries) { - lwsl_err(" %s: adjusted index %d >= %d\n", __func__, index, - dyn->used_entries); - lws_h2_goaway(wsi, H2_ERR_COMPRESSION_ERROR, - "index out of range"); - return -1; - } - - index -= (int)ARRAY_SIZE(static_token); - index = (dyn->pos - 1 - index) % dyn->num_entries; - if (index < 0) - index += dyn->num_entries; - - lwsl_header("%s: dyn index %d, tok %d\n", __func__, index, - dyn->entries[index].lws_hdr_idx); - - if (arg && len) { - *arg = dyn->entries[index].value; - *len = dyn->entries[index].value_len; - } - - if (hdr_len) - *hdr_len = dyn->entries[index].hdr_len; - - return dyn->entries[index].lws_hdr_idx; -} - -static int -lws_h2_dynamic_table_dump(struct lws *wsi) -{ -#if 0 - struct lws *nwsi = lws_get_network_wsi(wsi); - struct hpack_dynamic_table *dyn; - int n, m; - const char *p; - - if (!nwsi->h2.h2n) - return 1; - dyn = &nwsi->h2.h2n->hpack_dyn_table; - - lwsl_header("Dump dyn table for nwsi %p (%d / %d members, pos = %d, " - "start index %d, virt used %d / %d)\n", nwsi, - dyn->used_entries, dyn->num_entries, dyn->pos, - (uint32_t)ARRAY_SIZE(static_token), - dyn->virtual_payload_usage, dyn->virtual_payload_max); - - for (n = 0; n < dyn->used_entries; n++) { - m = (dyn->pos - 1 - n) % dyn->num_entries; - if (m < 0) - m += dyn->num_entries; - if (dyn->entries[m].lws_hdr_idx != LWS_HPACK_IGNORE_ENTRY) - p = (const char *)lws_token_to_string( - dyn->entries[m].lws_hdr_idx); - else - p = "(ignored)"; - lwsl_header(" %3d: tok %s: (len %d) val '%s'\n", - (int)(n + ARRAY_SIZE(static_token)), p, - dyn->entries[m].hdr_len, dyn->entries[m].value ? - dyn->entries[m].value : "null"); - } -#endif - return 0; -} - -static void -lws_dynamic_free(struct hpack_dynamic_table *dyn, int idx) -{ - lwsl_header("freeing %d for reuse\n", idx); - dyn->virtual_payload_usage -= dyn->entries[idx].value_len + - dyn->entries[idx].hdr_len; - lws_free_set_NULL(dyn->entries[idx].value); - dyn->entries[idx].value = NULL; - dyn->entries[idx].value_len = 0; - dyn->entries[idx].hdr_len = 0; - dyn->entries[idx].lws_hdr_idx = LWS_HPACK_IGNORE_ENTRY; - dyn->used_entries--; -} - -/* - * There are two address spaces, 1) internal ringbuffer and 2) HPACK indexes. - * - * Internal ringbuffer: - * - * The internal ringbuffer wraps as we keep filling it, dyn->pos points to - * the next index to be written. - * - * HPACK indexes: - * - * The last-written entry becomes entry 0, the previously-last-written entry - * becomes entry 1 etc. - */ - -static int -lws_dynamic_token_insert(struct lws *wsi, int hdr_len, - int lws_hdr_index, char *arg, int len) -{ - struct hpack_dynamic_table *dyn; - int new_index, n; - - /* dynamic table only belongs to network wsi */ - wsi = lws_get_network_wsi(wsi); - if (!wsi->h2.h2n) - return 1; - dyn = &wsi->h2.h2n->hpack_dyn_table; - - if (!dyn->entries) { - lwsl_err("%s: unsized dyn table\n", __func__); - - return 1; - } - lws_h2_dynamic_table_dump(wsi); - - new_index = (dyn->pos) % dyn->num_entries; - if (dyn->num_entries && dyn->used_entries == dyn->num_entries) { - if (dyn->virtual_payload_usage < dyn->virtual_payload_max) - lwsl_err("Dropping header content before limit!\n"); - /* we have to drop the oldest to make space */ - lws_dynamic_free(dyn, new_index); - } - - /* - * evict guys to make room, allowing for some overage. We have to - * take care about getting a single huge header, and evicting - * everything - */ - - while (dyn->virtual_payload_usage && - dyn->used_entries && - dyn->virtual_payload_usage + hdr_len + len > - dyn->virtual_payload_max + 1024) { - n = (dyn->pos - dyn->used_entries) % dyn->num_entries; - if (n < 0) - n += dyn->num_entries; - lws_dynamic_free(dyn, n); - } - - if (dyn->used_entries < dyn->num_entries) - dyn->used_entries++; - - dyn->entries[new_index].value_len = 0; - - if (lws_hdr_index != LWS_HPACK_IGNORE_ENTRY) { - if (dyn->entries[new_index].value) - lws_free_set_NULL(dyn->entries[new_index].value); - dyn->entries[new_index].value = lws_malloc(len + 1, "hpack dyn"); - if (!dyn->entries[new_index].value) - return 1; - - memcpy(dyn->entries[new_index].value, arg, len); - dyn->entries[new_index].value[len] = '\0'; - dyn->entries[new_index].value_len = len; - } else - dyn->entries[new_index].value = NULL; - - dyn->entries[new_index].lws_hdr_idx = lws_hdr_index; - dyn->entries[new_index].hdr_len = hdr_len; - - dyn->virtual_payload_usage += hdr_len + len; - - lwsl_info("%s: index %ld: lws_hdr_index 0x%x, hdr len %d, '%s' len %d\n", - __func__, (long)ARRAY_SIZE(static_token), - lws_hdr_index, hdr_len, dyn->entries[new_index].value ? - dyn->entries[new_index].value : "null", len); - - dyn->pos = (dyn->pos + 1) % dyn->num_entries; - - lws_h2_dynamic_table_dump(wsi); - - return 0; -} - -int -lws_hpack_dynamic_size(struct lws *wsi, int size) -{ - struct hpack_dynamic_table *dyn; - struct hpack_dt_entry *dte; - struct lws *nwsi; - int min, n = 0, m; - - /* - * "size" here is coming from the http/2 SETTING - * SETTINGS_HEADER_TABLE_SIZE. This is a (virtual, in our case) - * linear buffer containing dynamic header names and values... when it - * is full, old entries are evicted. - * - * We encode the header as an lws_hdr_idx, which is all the rest of - * lws cares about; if there is no matching header we store an empty - * entry in the dyn table as a placeholder. - * - * So to make the two systems work together we keep an accounting of - * what we are using to decide when to evict... we must only evict - * things when the remote peer's accounting also makes him feel he - * should evict something. - */ - - nwsi = lws_get_network_wsi(wsi); - if (!nwsi->h2.h2n) - goto bail; - - dyn = &nwsi->h2.h2n->hpack_dyn_table; - lwsl_info("%s: from %d to %d, lim %d\n", __func__, - (int)dyn->num_entries, size, - nwsi->vhost->set.s[H2SET_HEADER_TABLE_SIZE]); - - if (size > (int)nwsi->vhost->set.s[H2SET_HEADER_TABLE_SIZE]) { - lwsl_notice("rejecting hpack dyn size %u\n", size); -//#if defined(LWS_WITH_ESP32) - size = nwsi->vhost->set.s[H2SET_HEADER_TABLE_SIZE]; -//#else -// lws_h2_goaway(nwsi, H2_ERR_COMPRESSION_ERROR, -// "Asked for header table bigger than we told"); -// goto bail; -//#endif - } - - dyn->virtual_payload_max = size; - - size = size / 8; - min = size; - if (min > dyn->used_entries) - min = dyn->used_entries; - - if (size == dyn->num_entries) - return 0; - - if (dyn->num_entries < min) - min = dyn->num_entries; - - // lwsl_notice("dte requested size %d\n", size); - - dte = lws_zalloc(sizeof(*dte) * (size + 1), "dynamic table entries"); - if (!dte) - goto bail; - - while (dyn->virtual_payload_usage && dyn->used_entries && - dyn->virtual_payload_usage > dyn->virtual_payload_max) { - n = (dyn->pos - dyn->used_entries) % dyn->num_entries; - if (n < 0) - n += dyn->num_entries; - lws_dynamic_free(dyn, n); - } - - if (min > dyn->used_entries) - min = dyn->used_entries; - - if (dyn->entries) { - for (n = 0; n < min; n++) { - m = (dyn->pos - dyn->used_entries + n) % dyn->num_entries; - if (m < 0) - m += dyn->num_entries; - dte[n] = dyn->entries[m]; - } - - lws_free(dyn->entries); - } - - dyn->entries = dte; - dyn->num_entries = size; - dyn->used_entries = min; - if (size) - dyn->pos = min % size; - else - dyn->pos = 0; - - lws_h2_dynamic_table_dump(wsi); - - return 0; - -bail: - lwsl_info("%s: failed to resize to %d\n", __func__, size); - - return 1; -} - -void -lws_hpack_destroy_dynamic_header(struct lws *wsi) -{ - struct hpack_dynamic_table *dyn; - int n; - - if (!wsi->h2.h2n) - return; - - dyn = &wsi->h2.h2n->hpack_dyn_table; - - if (!dyn->entries) - return; - - for (n = 0; n < dyn->num_entries; n++) - if (dyn->entries[n].value) - lws_free_set_NULL(dyn->entries[n].value); - - lws_free_set_NULL(dyn->entries); -} - -static int -lws_hpack_use_idx_hdr(struct lws *wsi, int idx, int known_token) -{ - const char *arg = NULL; - int len = 0; - const char *p = NULL; - int tok = lws_token_from_index(wsi, idx, &arg, &len, NULL); - - if (tok == LWS_HPACK_IGNORE_ENTRY) { - lwsl_header("%s: lws_token says ignore, returning\n", __func__); - return 0; - } - - if (tok == -1) { - lwsl_info("%s: idx %d mapped to tok %d\n", __func__, idx, tok); - return 1; - } - - if (arg) { - /* dynamic result */ - if (known_token > 0) - tok = known_token; - lwsl_header("%s: dyn: idx %d '%s' tok %d\n", __func__, idx, arg, - tok); - } else - lwsl_header("writing indexed hdr %d (tok %d '%s')\n", idx, tok, - lws_token_to_string(tok)); - - if (tok == LWS_HPACK_IGNORE_ENTRY) - return 0; - - if (arg) - p = arg; - - if (idx < (int)ARRAY_SIZE(http2_canned)) - p = http2_canned[idx]; - - if (lws_frag_start(wsi, tok)) - return 1; - - if (p) - while (*p && len--) - if (lws_frag_append(wsi, *p++)) - return 1; - - if (lws_frag_end(wsi)) - return 1; - - lws_dump_header(wsi, tok); - - return 0; -} - -static uint8_t lws_header_implies_psuedoheader_map[] = { - 0x07, 0x00, 0x00, 0x00, 0xf8, 0x00, 0x00, 0x00, 0x00 /* <-64 */, - 0x0e /* <- 72 */, 0x04 /* <- 80 */, 0, 0, 0, 0 -}; - -static int -lws_hpack_handle_pseudo_rules(struct lws *nwsi, struct lws *wsi, int m) -{ - if (m == LWS_HPACK_IGNORE_ENTRY || m == -1) - return 0; - - if (wsi->seen_nonpseudoheader && - (lws_header_implies_psuedoheader_map[m >> 3] & (1 << (m & 7)))) { - - lwsl_notice("lws tok %d seems to be a pseudoheader\n", m); - - /* - * it's not legal to see a - * pseudoheader after normal - * headers - */ - lws_h2_goaway(nwsi, H2_ERR_PROTOCOL_ERROR, - "Pseudoheader after normal hdrs"); - return 1; - } - - if (!(lws_header_implies_psuedoheader_map[m >> 3] & (1 << (m & 7)))) - wsi->seen_nonpseudoheader = 1; - - return 0; -} - -int lws_hpack_interpret(struct lws *wsi, unsigned char c) -{ - struct lws *nwsi = lws_get_network_wsi(wsi); - struct lws_h2_netconn *h2n = nwsi->h2.h2n; - struct allocated_headers *ah = wsi->ah; - unsigned int prev; - unsigned char c1; - int n, m, plen; - - if (!h2n) - return -1; - - /* - * HPKT_INDEXED_HDR_7 1xxxxxxx: just "header field" - * HPKT_INDEXED_HDR_6_VALUE_INCR 01xxxxxx: NEW indexed hdr + val - * HPKT_LITERAL_HDR_VALUE_INCR 01000000: NEW literal hdr + val - * HPKT_INDEXED_HDR_4_VALUE 0000xxxx: indexed hdr + val - * HPKT_INDEXED_HDR_4_VALUE_NEVER 0001xxxx: NEVER NEW indexed hdr + val - * HPKT_LITERAL_HDR_VALUE 00000000: literal hdr + val - * HPKT_LITERAL_HDR_VALUE_NEVER 00010000: NEVER NEW literal hdr + val - */ - switch (h2n->hpack) { - - case HPKS_TYPE: - h2n->is_first_header_char = 1; - h2n->huff_pad = 0; - h2n->zero_huff_padding = 0; - h2n->last_action_dyntable_resize = 0; - h2n->ext_count = 0; - h2n->hpack_hdr_len = 0; - h2n->unknown_header = 0; - ah->parser_state = 255; - - if (c & 0x80) { /* 1.... indexed header field only */ - /* just a possibly-extended integer */ - h2n->hpack_type = HPKT_INDEXED_HDR_7; - lwsl_header("HPKT_INDEXED_HDR_7 hdr %d\n", c & 0x7f); - lws_h2_dynamic_table_dump(wsi); - - h2n->hdr_idx = c & 0x7f; - if ((c & 0x7f) == 0x7f) { - h2n->hpack_len = 0; - h2n->hpack_m = 0x7f; - h2n->hpack = HPKS_IDX_EXT; - break; - } - if (!h2n->hdr_idx) { - lws_h2_goaway(nwsi, H2_ERR_COMPRESSION_ERROR, - "hdr index 0 seen"); - return 1; - } - - m = lws_token_from_index(wsi, h2n->hdr_idx, - NULL, NULL, NULL); - if (lws_hpack_handle_pseudo_rules(nwsi, wsi, m)) - return 1; - - lwsl_header("HPKT_INDEXED_HDR_7: hdr %d\n", c & 0x7f); - if (lws_hpack_use_idx_hdr(wsi, c & 0x7f, -1)) { - lwsl_header("%s: idx hdr wr fail\n", __func__); - return 1; - } - /* stay at same state */ - break; - } - if (c & 0x40) { /* 01.... indexed or literal header incr idx */ - /* - * [possibly-ext hdr idx (6) | new literal hdr name] - * H + possibly-ext value length - * literal value - */ - h2n->hdr_idx = 0; - if (c == 0x40) { /* literal header */ - lwsl_header(" HPKT_LITERAL_HDR_VALUE_INCR\n"); - h2n->hpack_type = HPKT_LITERAL_HDR_VALUE_INCR; - h2n->value = 0; - h2n->hpack_len = 0; - h2n->hpack = HPKS_HLEN; - break; - } - /* indexed header */ - h2n->hpack_type = HPKT_INDEXED_HDR_6_VALUE_INCR; - lwsl_header(" HPKT_INDEXED_HDR_6_VALUE_INCR (hdr %d)\n", - c & 0x3f); - h2n->hdr_idx = c & 0x3f; - if ((c & 0x3f) == 0x3f) { - h2n->hpack_m = 0x3f; - h2n->hpack_len = 0; - h2n->hpack = HPKS_IDX_EXT; - break; - } - - h2n->value = 1; - h2n->hpack = HPKS_HLEN; - if (!h2n->hdr_idx) { - lws_h2_goaway(nwsi, H2_ERR_COMPRESSION_ERROR, - "hdr index 0 seen"); - return 1; - } - break; - } - switch(c & 0xf0) { - case 0x10: /* literal header never index */ - case 0: /* literal header without indexing */ - /* - * follows 0x40 except 4-bit hdr idx - * and don't add to index - */ - if (c == 0) { /* literal name */ - h2n->hpack_type = HPKT_LITERAL_HDR_VALUE; - lwsl_header(" HPKT_LITERAL_HDR_VALUE\n"); - h2n->hpack = HPKS_HLEN; - h2n->value = 0; - break; - } - if (c == 0x10) { /* literal name NEVER */ - h2n->hpack_type = HPKT_LITERAL_HDR_VALUE_NEVER; - lwsl_header(" HPKT_LITERAL_HDR_VALUE_NEVER\n"); - h2n->hpack = HPKS_HLEN; - h2n->value = 0; - break; - } - lwsl_header("indexed\n"); - /* indexed name */ - if (c & 0x10) { - h2n->hpack_type = HPKT_INDEXED_HDR_4_VALUE_NEVER; - lwsl_header(" HPKT_LITERAL_HDR_4_VALUE_NEVER\n"); - } else { - h2n->hpack_type = HPKT_INDEXED_HDR_4_VALUE; - lwsl_header(" HPKT_INDEXED_HDR_4_VALUE\n"); - } - h2n->hdr_idx = 0; - if ((c & 0xf) == 0xf) { - h2n->hpack_len = c & 0xf; - h2n->hpack_m = 0xf; - h2n->hpack_len = 0; - h2n->hpack = HPKS_IDX_EXT; - break; - } - h2n->hdr_idx = c & 0xf; - h2n->value = 1; - h2n->hpack = HPKS_HLEN; - break; - - case 0x20: - case 0x30: /* header table size update */ - /* possibly-extended size value (5) */ - lwsl_header("HPKT_SIZE_5 %x\n", c &0x1f); - h2n->hpack_type = HPKT_SIZE_5; - h2n->hpack_len = c & 0x1f; - if (h2n->hpack_len == 0x1f) { - h2n->hpack_m = 0x1f; - h2n->hpack_len = 0; - h2n->hpack = HPKS_IDX_EXT; - break; - } - h2n->last_action_dyntable_resize = 1; - if (lws_hpack_dynamic_size(wsi, h2n->hpack_len)) - return 1; - break; - } - break; - - case HPKS_IDX_EXT: - h2n->hpack_len = h2n->hpack_len | - ((c & 0x7f) << h2n->ext_count); - h2n->ext_count += 7; - if (c & 0x80) /* extended int not complete yet */ - break; - - /* extended integer done */ - h2n->hpack_len += h2n->hpack_m; - lwsl_header("HPKS_IDX_EXT: hpack_len %d\n", h2n->hpack_len); - - switch (h2n->hpack_type) { - case HPKT_INDEXED_HDR_7: - if (lws_hpack_use_idx_hdr(wsi, h2n->hpack_len, - h2n->hdr_idx)) { - lwsl_notice("%s: hd7 use fail\n", __func__); - return 1; - } - h2n->hpack = HPKS_TYPE; - break; - - case HPKT_SIZE_5: - h2n->last_action_dyntable_resize = 1; - if (lws_hpack_dynamic_size(wsi, h2n->hpack_len)) - return 1; - h2n->hpack = HPKS_TYPE; - break; - - default: - h2n->hdr_idx = h2n->hpack_len; - if (!h2n->hdr_idx) { - lws_h2_goaway(nwsi, H2_ERR_COMPRESSION_ERROR, - "extended header index was 0"); - return 1; - } - h2n->value = 1; - h2n->hpack = HPKS_HLEN; - break; - } - break; - - case HPKS_HLEN: /* [ H | 7+ ] */ - h2n->huff = !!(c & 0x80); - h2n->hpack_pos = 0; - h2n->hpack_len = c & 0x7f; - - if (h2n->hpack_len == 0x7f) { - h2n->hpack_m = 0x7f; - h2n->hpack_len = 0; - h2n->ext_count = 0; - h2n->hpack = HPKS_HLEN_EXT; - break; - } -pre_data: - h2n->hpack = HPKS_DATA; - if (!h2n->value || !h2n->hdr_idx) { - ah->parser_state = WSI_TOKEN_NAME_PART; - ah->lextable_pos = 0; - h2n->unknown_header = 0; - break; - } - - if (h2n->hpack_type == HPKT_LITERAL_HDR_VALUE || - h2n->hpack_type == HPKT_LITERAL_HDR_VALUE_INCR || - h2n->hpack_type == HPKT_LITERAL_HDR_VALUE_NEVER) { - n = ah->parser_state; - if (n == 255) { - n = -1; - h2n->hdr_idx = -1; - } else - h2n->hdr_idx = 1; - } else { - n = lws_token_from_index(wsi, h2n->hdr_idx, NULL, - NULL, NULL); - lwsl_header(" lws_tok_from_idx(%d) says %d\n", - h2n->hdr_idx, n); - } - - if (n == LWS_HPACK_IGNORE_ENTRY || n == -1) - h2n->hdr_idx = LWS_HPACK_IGNORE_ENTRY; - - switch (h2n->hpack_type) { - /* - * hpack types with literal headers were parsed by the lws - * header SM... on recognition of a known lws header, it does - * the correct lws_frag_start() for us already. Other types - * (ie, indexed header) need us to do it here. - */ - case HPKT_LITERAL_HDR_VALUE_INCR: - case HPKT_LITERAL_HDR_VALUE: - case HPKT_LITERAL_HDR_VALUE_NEVER: - break; - default: - if (n != -1 && n != LWS_HPACK_IGNORE_ENTRY && - lws_frag_start(wsi, n)) { - lwsl_header("%s: frag start failed\n", __func__); - return 1; - } - break; - } - break; - - case HPKS_HLEN_EXT: - h2n->hpack_len = h2n->hpack_len | - ((c & 0x7f) << h2n->ext_count); - h2n->ext_count += 7; - if (c & 0x80) /* extended integer not complete yet */ - break; - - h2n->hpack_len += h2n->hpack_m; - goto pre_data; - - case HPKS_DATA: - //lwsl_header(" 0x%02X huff %d\n", c, h2n->huff); - c1 = c; - - for (n = 0; n < 8; n++) { - if (h2n->huff) { - char b = (c >> 7) & 1; - prev = h2n->hpack_pos; - h2n->hpack_pos = huftable_decode( - h2n->hpack_pos, b); - c <<= 1; - if (h2n->hpack_pos == 0xffff) { - lwsl_notice("Huffman err\n"); - return 1; - } - if (!(h2n->hpack_pos & 0x8000)) { - if (!b) - h2n->zero_huff_padding = 1; - h2n->huff_pad++; - continue; - } - c1 = h2n->hpack_pos & 0x7fff; - h2n->hpack_pos = 0; - h2n->huff_pad = 0; - h2n->zero_huff_padding = 0; - - /* EOS |11111111|11111111|11111111|111111 */ - if (!c1 && prev == HUFTABLE_0x100_PREV) { - lws_h2_goaway(nwsi, - H2_ERR_COMPRESSION_ERROR, - "Huffman EOT seen"); - return 1; - } - } else - n = 8; - - if (h2n->value) { /* value */ - - if (h2n->hdr_idx && - h2n->hdr_idx != LWS_HPACK_IGNORE_ENTRY) { - - if (ah->hdr_token_idx == - WSI_TOKEN_HTTP_COLON_PATH) { - - switch (lws_parse_urldecode( - wsi, &c1)) { - case LPUR_CONTINUE: - break; - case LPUR_SWALLOW: - goto swallow; - case LPUR_EXCESSIVE: - case LPUR_FORBID: - lws_h2_goaway(nwsi, - H2_ERR_PROTOCOL_ERROR, - "Evil URI"); - return 1; - - default: - return -1; - } - } - if (lws_frag_append(wsi, c1)) { - lwsl_notice("%s: frag app fail\n", - __func__); - return 1; - } - } //else - //lwsl_header("ignoring %c\n", c1); - } else { - /* - * Convert name using existing parser, - * If h2n->unknown_header == 0, result is - * in wsi->parser_state - * using WSI_TOKEN_GET_URI. - * - * If unknown header h2n->unknown_header - * will be set. - */ - h2n->hpack_hdr_len++; - if (h2n->is_first_header_char) { - h2n->is_first_header_char = 0; - h2n->first_hdr_char = c1; - } - lwsl_header("parser: %c\n", c1); - /* uppercase header names illegal */ - if (c1 >= 'A' && c1 <= 'Z') { - lws_h2_goaway(nwsi, - H2_ERR_COMPRESSION_ERROR, - "Uppercase literal hpack hdr"); - return 1; - } - plen = 1; - if (!h2n->unknown_header && - lws_parse(wsi, &c1, &plen)) - h2n->unknown_header = 1; - } -swallow: - (void)n; - } // for n - - if (--h2n->hpack_len) - break; - - /* - * The header (h2n->value = 0) or the payload (h2n->value = 1) - * is complete. - */ - - if (h2n->huff && (h2n->huff_pad > 7 || - (h2n->zero_huff_padding && h2n->huff_pad))) { - lwsl_notice("zero_huff_padding: %d huff_pad: %d\n", - h2n->zero_huff_padding, h2n->huff_pad); - lws_h2_goaway(nwsi, H2_ERR_COMPRESSION_ERROR, - "Huffman padding excessive or wrong"); - return 1; - } - - if (!h2n->value && ( - h2n->hpack_type == HPKT_LITERAL_HDR_VALUE || - h2n->hpack_type == HPKT_LITERAL_HDR_VALUE_INCR || - h2n->hpack_type == HPKT_LITERAL_HDR_VALUE_NEVER)) { - h2n->hdr_idx = LWS_HPACK_IGNORE_ENTRY; - lwsl_header("wsi->parser_state: %d\n", - ah->parser_state); - - if (ah->parser_state == WSI_TOKEN_NAME_PART) { - /* h2 headers come without the colon */ - c1 = ':'; - plen = 1; - n = lws_parse(wsi, &c1, &plen); - (void)n; - } - - if (ah->parser_state == WSI_TOKEN_NAME_PART || - ah->parser_state == WSI_TOKEN_SKIPPING) { - h2n->unknown_header = 1; - ah->parser_state = -1; - wsi->seen_nonpseudoheader = 1; - } - } - - n = 8; - - /* we have the header */ - if (!h2n->value) { - h2n->value = 1; - h2n->hpack = HPKS_HLEN; - h2n->huff_pad = 0; - h2n->zero_huff_padding = 0; - h2n->ext_count = 0; - break; - } - - /* - * we have got both the header and value - */ - - m = -1; - switch (h2n->hpack_type) { - /* - * These are the only two that insert to the dyntable - */ - /* NEW indexed hdr with value */ - case HPKT_INDEXED_HDR_6_VALUE_INCR: - /* header length is determined by known index */ - m = lws_token_from_index(wsi, h2n->hdr_idx, NULL, NULL, - &h2n->hpack_hdr_len); - goto add_it; - /* NEW literal hdr with value */ - case HPKT_LITERAL_HDR_VALUE_INCR: - /* - * hdr is a new literal, so length is already in - * h2n->hpack_hdr_len - */ - m = ah->parser_state; - if (h2n->unknown_header || - ah->parser_state == WSI_TOKEN_NAME_PART || - ah->parser_state == WSI_TOKEN_SKIPPING) { - if (h2n->first_hdr_char == ':') { - lwsl_info("HPKT_LITERAL_HDR_VALUE_INCR:" - " end state %d unk hdr %d\n", - ah->parser_state, - h2n->unknown_header); - /* unknown pseudoheaders are illegal */ - lws_h2_goaway(nwsi, - H2_ERR_PROTOCOL_ERROR, - "Unknown pseudoheader"); - return 1; - } - m = LWS_HPACK_IGNORE_ENTRY; - } -add_it: - /* - * mark us as having been set at the time of dynamic - * token insertion. - */ - ah->frags[ah->nfrag].flags |= 1; - - if (lws_dynamic_token_insert(wsi, h2n->hpack_hdr_len, m, - &ah->data[ah->frags[ah->nfrag].offset], - ah->frags[ah->nfrag].len)) { - lwsl_notice("%s: tok_insert fail\n", __func__); - return 1; - } - break; - - default: - break; - } - - if (h2n->hdr_idx != LWS_HPACK_IGNORE_ENTRY && lws_frag_end(wsi)) - return 1; - - if (h2n->hpack_type != HPKT_INDEXED_HDR_6_VALUE_INCR) { - - if (h2n->hpack_type == HPKT_LITERAL_HDR_VALUE || - h2n->hpack_type == HPKT_LITERAL_HDR_VALUE_INCR || - h2n->hpack_type == HPKT_LITERAL_HDR_VALUE_NEVER) { - m = ah->parser_state; - if (m == 255) - m = -1; - } else - m = lws_token_from_index(wsi, h2n->hdr_idx, - NULL, NULL, NULL); - } - - if (m != -1 && m != LWS_HPACK_IGNORE_ENTRY) - lws_dump_header(wsi, m); - - if (lws_hpack_handle_pseudo_rules(nwsi, wsi, m)) - return 1; - - h2n->is_first_header_char = 1; - h2n->hpack = HPKS_TYPE; - break; - } - - return 0; -} - - - -static int -lws_h2_num_start(int starting_bits, unsigned long num) -{ - unsigned int mask = (1 << starting_bits) - 1; - - if (num < mask) - return (int)num; - - return mask; -} - -static int -lws_h2_num(int starting_bits, unsigned long num, - unsigned char **p, unsigned char *end) -{ - unsigned int mask = (1 << starting_bits) - 1; - - if (num < mask) - return 0; - - num -= mask; - do { - if (num > 127) - *((*p)++) = 0x80 | (num & 0x7f); - else - *((*p)++) = 0x00 | (num & 0x7f); - if (*p >= end) - return 1; - num >>= 7; - } while (num); - - return 0; -} - -int lws_add_http2_header_by_name(struct lws *wsi, const unsigned char *name, - const unsigned char *value, int length, - unsigned char **p, unsigned char *end) -{ - int len; - - lwsl_header("%s: %p %s:%s\n", __func__, *p, name, value); - - len = (int)strlen((char *)name); - if (len) - if (name[len - 1] == ':') - len--; - - if (wsi->http2_substream && !strncmp((const char *)name, - "transfer-encoding", len)) { - lwsl_header("rejecting %s\n", name); - - return 0; - } - - if (end - *p < len + length + 8) - return 1; - - *((*p)++) = 0; /* literal hdr, literal name, */ - - *((*p)++) = 0 | lws_h2_num_start(7, len); /* non-HUF */ - if (lws_h2_num(7, len, p, end)) - return 1; - memcpy(*p, name, len); - *p += len; - - *((*p)++) = 0 | lws_h2_num_start(7, length); /* non-HUF */ - if (lws_h2_num(7, length, p, end)) - return 1; - - memcpy(*p, value, length); - *p += length; - - //lwsl_hexdump(op, *p -op); - - return 0; -} - -int lws_add_http2_header_by_token(struct lws *wsi, enum lws_token_indexes token, - const unsigned char *value, int length, - unsigned char **p, unsigned char *end) -{ - const unsigned char *name; - - name = lws_token_to_string(token); - if (!name) - return 1; - - return lws_add_http2_header_by_name(wsi, name, value, length, p, end); -} - -int lws_add_http2_header_status(struct lws *wsi, unsigned int code, - unsigned char **p, unsigned char *end) -{ - unsigned char status[10]; - int n; - - wsi->h2.send_END_STREAM = 0; // !!(code >= 400); - - n = sprintf((char *)status, "%u", code); - if (lws_add_http2_header_by_token(wsi, WSI_TOKEN_HTTP_COLON_STATUS, - status, n, p, end)) - - return 1; - - return 0; -} diff --git a/lib/http2/http2.c b/lib/http2/http2.c deleted file mode 100644 index 0ea20ff..0000000 --- a/lib/http2/http2.c +++ /dev/null @@ -1,2110 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - - -#include "private-libwebsockets.h" - -/* - * bitmap of control messages that are valid to receive for each http2 state - */ - -static const uint16_t http2_rx_validity[] = { - /* LWS_H2S_IDLE */ - (1 << LWS_H2_FRAME_TYPE_SETTINGS) | - (1 << LWS_H2_FRAME_TYPE_PRIORITY) | -// (1 << LWS_H2_FRAME_TYPE_WINDOW_UPDATE)| /* ignore */ - (1 << LWS_H2_FRAME_TYPE_HEADERS) | - (1 << LWS_H2_FRAME_TYPE_CONTINUATION), - /* LWS_H2S_RESERVED_LOCAL */ - (1 << LWS_H2_FRAME_TYPE_SETTINGS) | - (1 << LWS_H2_FRAME_TYPE_RST_STREAM) | - (1 << LWS_H2_FRAME_TYPE_PRIORITY) | - (1 << LWS_H2_FRAME_TYPE_WINDOW_UPDATE), - /* LWS_H2S_RESERVED_REMOTE */ - (1 << LWS_H2_FRAME_TYPE_SETTINGS) | - (1 << LWS_H2_FRAME_TYPE_HEADERS) | - (1 << LWS_H2_FRAME_TYPE_CONTINUATION) | - (1 << LWS_H2_FRAME_TYPE_RST_STREAM) | - (1 << LWS_H2_FRAME_TYPE_PRIORITY), - /* LWS_H2S_OPEN */ - (1 << LWS_H2_FRAME_TYPE_DATA) | - (1 << LWS_H2_FRAME_TYPE_HEADERS) | - (1 << LWS_H2_FRAME_TYPE_PRIORITY) | - (1 << LWS_H2_FRAME_TYPE_RST_STREAM) | - (1 << LWS_H2_FRAME_TYPE_SETTINGS) | - (1 << LWS_H2_FRAME_TYPE_PUSH_PROMISE) | - (1 << LWS_H2_FRAME_TYPE_PING) | - (1 << LWS_H2_FRAME_TYPE_GOAWAY) | - (1 << LWS_H2_FRAME_TYPE_WINDOW_UPDATE) | - (1 << LWS_H2_FRAME_TYPE_CONTINUATION), - /* LWS_H2S_HALF_CLOSED_REMOTE */ - (1 << LWS_H2_FRAME_TYPE_SETTINGS) | - (1 << LWS_H2_FRAME_TYPE_WINDOW_UPDATE) | - (1 << LWS_H2_FRAME_TYPE_PRIORITY) | - (1 << LWS_H2_FRAME_TYPE_RST_STREAM), - /* LWS_H2S_HALF_CLOSED_LOCAL */ - (1 << LWS_H2_FRAME_TYPE_DATA) | - (1 << LWS_H2_FRAME_TYPE_HEADERS) | - (1 << LWS_H2_FRAME_TYPE_PRIORITY) | - (1 << LWS_H2_FRAME_TYPE_RST_STREAM) | - (1 << LWS_H2_FRAME_TYPE_SETTINGS) | - (1 << LWS_H2_FRAME_TYPE_PUSH_PROMISE) | - (1 << LWS_H2_FRAME_TYPE_PING) | - (1 << LWS_H2_FRAME_TYPE_GOAWAY) | - (1 << LWS_H2_FRAME_TYPE_WINDOW_UPDATE) | - (1 << LWS_H2_FRAME_TYPE_CONTINUATION), - /* LWS_H2S_CLOSED */ - (1 << LWS_H2_FRAME_TYPE_SETTINGS) | - (1 << LWS_H2_FRAME_TYPE_PRIORITY) | - (1 << LWS_H2_FRAME_TYPE_WINDOW_UPDATE) | - (1 << LWS_H2_FRAME_TYPE_RST_STREAM), -}; - -static const char *preface = "PRI * HTTP/2.0\x0d\x0a\x0d\x0aSM\x0d\x0a\x0d\x0a"; - -static const char * const h2_state_names[] = { - "LWS_H2S_IDLE", - "LWS_H2S_RESERVED_LOCAL", - "LWS_H2S_RESERVED_REMOTE", - "LWS_H2S_OPEN", - "LWS_H2S_HALF_CLOSED_REMOTE", - "LWS_H2S_HALF_CLOSED_LOCAL", - "LWS_H2S_CLOSED", -}; - -#if 0 -static const char * const h2_setting_names[] = { - "", - "H2SET_HEADER_TABLE_SIZE", - "H2SET_ENABLE_PUSH", - "H2SET_MAX_CONCURRENT_STREAMS", - "H2SET_INITIAL_WINDOW_SIZE", - "H2SET_MAX_FRAME_SIZE", - "H2SET_MAX_HEADER_LIST_SIZE", - "reserved", - "H2SET_ENABLE_CONNECT_PROTOCOL" -}; - -void -lws_h2_dump_settings(struct http2_settings *set) -{ - int n; - - for (n = 1; n < H2SET_COUNT; n++) - lwsl_notice(" %30s: %10d\n", h2_setting_names[n], set->s[n]); -} -#else -void -lws_h2_dump_settings(struct http2_settings *set) -{ -} -#endif - -static struct lws_h2_protocol_send * -lws_h2_new_pps(enum lws_h2_protocol_send_type type) -{ - struct lws_h2_protocol_send *pps = lws_malloc(sizeof(*pps), "pps"); - - if (pps) - pps->type = type; - - return pps; -} - -void lws_h2_init(struct lws *wsi) -{ - wsi->h2.h2n->set = wsi->vhost->set; -} - -void -lws_h2_state(struct lws *wsi, enum lws_h2_states s) -{ - if (!wsi) - return; - lwsl_info("%s: wsi %p: state %s -> %s\n", __func__, wsi, - h2_state_names[wsi->h2.h2_state], - h2_state_names[s]); - - (void)h2_state_names; - wsi->h2.h2_state = (uint8_t)s; -} - -struct lws * -lws_wsi_server_new(struct lws_vhost *vh, struct lws *parent_wsi, - unsigned int sid) -{ - struct lws *wsi; - struct lws *nwsi = lws_get_network_wsi(parent_wsi); - struct lws_h2_netconn *h2n = nwsi->h2.h2n; - - /* - * The identifier of a newly established stream MUST be numerically - * greater than all streams that the initiating endpoint has opened or - * reserved. This governs streams that are opened using a HEADERS frame - * and streams that are reserved using PUSH_PROMISE. An endpoint that - * receives an unexpected stream identifier MUST respond with a - * connection error (Section 5.4.1) of type PROTOCOL_ERROR. - */ - if (sid <= h2n->highest_sid_opened) { - lwsl_info("%s: tried to open lower sid %d\n", __func__, sid); - lws_h2_goaway(nwsi, H2_ERR_PROTOCOL_ERROR, "Bad sid"); - return NULL; - } - - /* no more children allowed by parent */ - if (parent_wsi->h2.child_count + 1 > - parent_wsi->h2.h2n->set.s[H2SET_MAX_CONCURRENT_STREAMS]) { - lwsl_notice("reached concurrent stream limit\n"); - return NULL; - } - wsi = lws_create_new_server_wsi(vh); - if (!wsi) { - lwsl_notice("new server wsi failed (vh %p)\n", vh); - return NULL; - } - - h2n->highest_sid_opened = sid; - wsi->h2.my_sid = sid; - wsi->http2_substream = 1; - wsi->seen_nonpseudoheader = 0; - - wsi->h2.parent_wsi = parent_wsi; - /* new guy's sibling is whoever was the first child before */ - wsi->h2.sibling_list = parent_wsi->h2.child_list; - /* first child is now the new guy */ - parent_wsi->h2.child_list = wsi; - parent_wsi->h2.child_count++; - - wsi->h2.my_priority = 16; - wsi->h2.tx_cr = nwsi->h2.h2n->set.s[H2SET_INITIAL_WINDOW_SIZE]; - wsi->h2.peer_tx_cr_est = nwsi->vhost->set.s[H2SET_INITIAL_WINDOW_SIZE]; - - lwsi_set_state(wsi, LRS_ESTABLISHED); - lwsi_set_role(wsi, lwsi_role(parent_wsi)); - - wsi->protocol = &vh->protocols[0]; - if (lws_ensure_user_space(wsi)) - goto bail1; - - wsi->vhost->conn_stats.h2_subs++; - - lwsl_info("%s: %p new ch %p, sid %d, usersp=%p, tx cr %d, " - "peer_credit %d (nwsi tx_cr %d)\n", - __func__, parent_wsi, wsi, sid, wsi->user_space, - wsi->h2.tx_cr, wsi->h2.peer_tx_cr_est, nwsi->h2.tx_cr); - - return wsi; - -bail1: - /* undo the insert */ - parent_wsi->h2.child_list = wsi->h2.sibling_list; - parent_wsi->h2.child_count--; - - if (wsi->user_space) - lws_free_set_NULL(wsi->user_space); - vh->protocols[0].callback(wsi, LWS_CALLBACK_WSI_DESTROY, NULL, NULL, 0); - lws_free(wsi); - - return NULL; -} - -struct lws * -lws_wsi_h2_adopt(struct lws *parent_wsi, struct lws *wsi) -{ - struct lws *nwsi = lws_get_network_wsi(parent_wsi); - - /* no more children allowed by parent */ - if (parent_wsi->h2.child_count + 1 > - parent_wsi->h2.h2n->set.s[H2SET_MAX_CONCURRENT_STREAMS]) { - lwsl_notice("reached concurrent stream limit\n"); - return NULL; - } - - /* sid is set just before issuing the headers, ensuring monoticity */ - - wsi->seen_nonpseudoheader = 0; - wsi->client_h2_substream = 1; - wsi->h2.initialized = 1; - - wsi->h2.parent_wsi = parent_wsi; - /* new guy's sibling is whoever was the first child before */ - wsi->h2.sibling_list = parent_wsi->h2.child_list; - /* first child is now the new guy */ - parent_wsi->h2.child_list = wsi; - parent_wsi->h2.child_count++; - - wsi->h2.my_priority = 16; - wsi->h2.tx_cr = nwsi->h2.h2n->set.s[H2SET_INITIAL_WINDOW_SIZE]; - wsi->h2.peer_tx_cr_est = nwsi->vhost->set.s[H2SET_INITIAL_WINDOW_SIZE]; - - if (lws_ensure_user_space(wsi)) - goto bail1; - - lwsi_set_role(wsi, LWSI_ROLE_H2_CLIENT); - lwsi_set_state(wsi, LRS_H2_WAITING_TO_SEND_HEADERS); - - lws_callback_on_writable(wsi); - - wsi->vhost->conn_stats.h2_subs++; - - return wsi; - -bail1: - /* undo the insert */ - parent_wsi->h2.child_list = wsi->h2.sibling_list; - parent_wsi->h2.child_count--; - - if (wsi->user_space) - lws_free_set_NULL(wsi->user_space); - wsi->protocol->callback(wsi, LWS_CALLBACK_WSI_DESTROY, NULL, NULL, 0); - lws_free(wsi); - - return NULL; -} - - -int lws_h2_issue_preface(struct lws *wsi) -{ - struct lws_h2_netconn *h2n = wsi->h2.h2n; - struct lws_h2_protocol_send *pps; - - if (lws_issue_raw(wsi, (uint8_t *)preface, strlen(preface)) != - (int)strlen(preface)) - return 1; - - lwsi_set_role(wsi, LWSI_ROLE_H2_CLIENT); - lwsi_set_state(wsi, LRS_H2_WAITING_TO_SEND_HEADERS); - - h2n->count = 0; - wsi->h2.tx_cr = 65535; - - /* - * we must send a settings frame - */ - pps = lws_h2_new_pps(LWS_H2_PPS_MY_SETTINGS); - if (!pps) - return 1; - lws_pps_schedule(wsi, pps); - lwsl_info("%s: h2 client sending settings\n", __func__); - - return 0; -} - -struct lws * -lws_h2_wsi_from_id(struct lws *parent_wsi, unsigned int sid) -{ - lws_start_foreach_ll(struct lws *, wsi, parent_wsi->h2.child_list) { - if (wsi->h2.my_sid == sid) - return wsi; - } lws_end_foreach_ll(wsi, h2.sibling_list); - - return NULL; -} - -int lws_remove_server_child_wsi(struct lws_context *context, struct lws *wsi) -{ - lws_start_foreach_llp(struct lws **, w, wsi->h2.child_list) { - if (*w == wsi) { - *w = wsi->h2.sibling_list; - (wsi->h2.parent_wsi)->h2.child_count--; - return 0; - } - } lws_end_foreach_llp(w, h2.sibling_list); - - lwsl_err("%s: can't find %p\n", __func__, wsi); - - return 1; -} - -void -lws_pps_schedule(struct lws *wsi, struct lws_h2_protocol_send *pps) -{ - struct lws *nwsi = lws_get_network_wsi(wsi); - struct lws_h2_netconn *h2n = nwsi->h2.h2n; - - pps->next = h2n->pps; - h2n->pps = pps; - lws_rx_flow_control(wsi, LWS_RXFLOW_REASON_APPLIES_DISABLE | - LWS_RXFLOW_REASON_H2_PPS_PENDING); - lws_callback_on_writable(wsi); -} - -int -lws_h2_goaway(struct lws *wsi, uint32_t err, const char *reason) -{ - struct lws_h2_netconn *h2n = wsi->h2.h2n; - struct lws_h2_protocol_send *pps; - - if (h2n->type == LWS_H2_FRAME_TYPE_COUNT) - return 0; - - pps = lws_h2_new_pps(LWS_H2_PPS_GOAWAY); - if (!pps) - return 1; - - lwsl_info("%s: %p: ERR 0x%x, '%s'\n", __func__, wsi, err, reason); - - pps->u.ga.err = err; - pps->u.ga.highest_sid = h2n->highest_sid; - lws_strncpy(pps->u.ga.str, reason, sizeof(pps->u.ga.str)); - lws_pps_schedule(wsi, pps); - - h2n->type = LWS_H2_FRAME_TYPE_COUNT; /* ie, IGNORE */ - - return 0; -} - -int -lws_h2_rst_stream(struct lws *wsi, uint32_t err, const char *reason) -{ - struct lws *nwsi = lws_get_network_wsi(wsi); - struct lws_h2_netconn *h2n = nwsi->h2.h2n; - struct lws_h2_protocol_send *pps; - - if (h2n->type == LWS_H2_FRAME_TYPE_COUNT) - return 0; - - pps = lws_h2_new_pps(LWS_H2_PPS_RST_STREAM); - if (!pps) - return 1; - - lwsl_info("%s: RST_STREAM 0x%x, REASON '%s'\n", __func__, err, reason); - - pps->u.rs.sid = h2n->sid; - pps->u.rs.err = err; - lws_pps_schedule(wsi, pps); - - h2n->type = LWS_H2_FRAME_TYPE_COUNT; /* ie, IGNORE */ - lws_h2_state(wsi, LWS_H2_STATE_CLOSED); - - return 0; -} - -int -lws_h2_settings(struct lws *wsi, struct http2_settings *settings, - unsigned char *buf, int len) -{ - struct lws *nwsi = lws_get_network_wsi(wsi); - unsigned int a, b; - - if (!len) - return 0; - - if (len < LWS_H2_SETTINGS_LEN) - return 1; - - while (len >= LWS_H2_SETTINGS_LEN) { - a = (buf[0] << 8) | buf[1]; - if (!a || a >= H2SET_COUNT) - goto skip; - b = buf[2] << 24 | buf[3] << 16 | buf[4] << 8 | buf[5]; - - switch (a) { - case H2SET_HEADER_TABLE_SIZE: - break; - case H2SET_ENABLE_PUSH: - if (b > 1) { - lws_h2_goaway(nwsi, H2_ERR_PROTOCOL_ERROR, - "ENABLE_PUSH invalid arg"); - return 1; - } - break; - case H2SET_MAX_CONCURRENT_STREAMS: - break; - case H2SET_INITIAL_WINDOW_SIZE: - if (b > 0x7fffffff) { - lws_h2_goaway(nwsi, H2_ERR_FLOW_CONTROL_ERROR, - "Inital Window beyond max"); - return 1; - } - /* - * In addition to changing the flow-control window for - * streams that are not yet active, a SETTINGS frame - * can alter the initial flow-control window size for - * streams with active flow-control windows (that is, - * streams in the "open" or "half-closed (remote)" - * state). When the value of - * SETTINGS_INITIAL_WINDOW_SIZE changes, a receiver - * MUST adjust the size of all stream flow-control - * windows that it maintains by the difference between - * the new value and the old value. - */ - - lws_start_foreach_ll(struct lws *, w, - nwsi->h2.child_list) { - lwsl_info("%s: adi child tc cr %d +%d -> %d", - __func__, - w->h2.tx_cr, b - settings->s[a], - w->h2.tx_cr + b - settings->s[a]); - w->h2.tx_cr += b - settings->s[a]; - if (w->h2.tx_cr > 0 && - w->h2.tx_cr <= (int32_t)(b - settings->s[a])) - lws_callback_on_writable(w); - } lws_end_foreach_ll(w, h2.sibling_list); - - break; - case H2SET_MAX_FRAME_SIZE: - if (b < wsi->vhost->set.s[H2SET_MAX_FRAME_SIZE]) { - lws_h2_goaway(nwsi, H2_ERR_PROTOCOL_ERROR, - "Frame size < initial"); - return 1; - } - if (b > 0x007fffff) { - lws_h2_goaway(nwsi, H2_ERR_PROTOCOL_ERROR, - "Settings Frame size above max"); - return 1; - } - break; - case H2SET_MAX_HEADER_LIST_SIZE: - break; - } - settings->s[a] = b; - lwsl_info("http2 settings %d <- 0x%x\n", a, b); -skip: - len -= LWS_H2_SETTINGS_LEN; - buf += LWS_H2_SETTINGS_LEN; - } - - if (len) - return 1; - - lws_h2_dump_settings(settings); - - return 0; -} - -/* RFC7640 Sect 6.9 - * - * The WINDOW_UPDATE frame can be specific to a stream or to the entire - * connection. In the former case, the frame's stream identifier - * indicates the affected stream; in the latter, the value "0" indicates - * that the entire connection is the subject of the frame. - * - * ... - * - * Two flow-control windows are applicable: the stream flow-control - * window and the connection flow-control window. The sender MUST NOT - * send a flow-controlled frame with a length that exceeds the space - * available in either of the flow-control windows advertised by the - * receiver. Frames with zero length with the END_STREAM flag set (that - * is, an empty DATA frame) MAY be sent if there is no available space - * in either flow-control window. - */ - -int -lws_h2_tx_cr_get(struct lws *wsi) -{ - int c = wsi->h2.tx_cr; - struct lws *nwsi; - - if (!wsi->http2_substream && !wsi->upgraded_to_http2) - return ~0x80000000; - - nwsi = lws_get_network_wsi(wsi); - - lwsl_info ("%s: %p: own tx credit %d: nwsi credit %d\n", - __func__, wsi, c, nwsi->h2.tx_cr); - - if (nwsi->h2.tx_cr < c) - c = nwsi->h2.tx_cr; - - if (c < 0) - return 0; - - return c; -} - -void -lws_h2_tx_cr_consume(struct lws *wsi, int consumed) -{ - struct lws *nwsi = lws_get_network_wsi(wsi); - - wsi->h2.tx_cr -= consumed; - - if (nwsi != wsi) - nwsi->h2.tx_cr -= consumed; -} - -int lws_h2_frame_write(struct lws *wsi, int type, int flags, - unsigned int sid, unsigned int len, unsigned char *buf) -{ - struct lws *nwsi = lws_get_network_wsi(wsi); - unsigned char *p = &buf[-LWS_H2_FRAME_HEADER_LENGTH]; - int n; - - //if (wsi->h2_stream_carries_ws) - // lwsl_hexdump_level(LLL_NOTICE, buf, len); - - *p++ = len >> 16; - *p++ = len >> 8; - *p++ = len; - *p++ = type; - *p++ = flags; - *p++ = sid >> 24; - *p++ = sid >> 16; - *p++ = sid >> 8; - *p++ = sid; - - lwsl_debug("%s: %p (eff %p). typ %d, fl 0x%x, sid=%d, len=%d, " - "txcr=%d, nwsi->txcr=%d\n", __func__, wsi, nwsi, type, flags, - sid, len, wsi->h2.tx_cr, nwsi->h2.tx_cr); - - if (type == LWS_H2_FRAME_TYPE_DATA) { - if (wsi->h2.tx_cr < (int)len) - lwsl_err("%s: %p: sending payload len %d" - " but tx_cr only %d!\n", __func__, wsi, - len, wsi->h2.tx_cr); - lws_h2_tx_cr_consume(wsi, len); - } - - n = lws_issue_raw(nwsi, &buf[-LWS_H2_FRAME_HEADER_LENGTH], - len + LWS_H2_FRAME_HEADER_LENGTH); - if (n < 0) - return n; - - if (n >= LWS_H2_FRAME_HEADER_LENGTH) - return n - LWS_H2_FRAME_HEADER_LENGTH; - - return n; -} - -static void lws_h2_set_bin(struct lws *wsi, int n, unsigned char *buf) -{ - *buf++ = n >> 8; - *buf++ = n; - *buf++ = wsi->h2.h2n->set.s[n] >> 24; - *buf++ = wsi->h2.h2n->set.s[n] >> 16; - *buf++ = wsi->h2.h2n->set.s[n] >> 8; - *buf = wsi->h2.h2n->set.s[n]; -} - -int lws_h2_do_pps_send(struct lws *wsi) -{ - struct lws_h2_netconn *h2n = wsi->h2.h2n; - struct lws_h2_protocol_send *pps = NULL; - struct lws *cwsi; - uint8_t set[LWS_PRE + 64], *p = &set[LWS_PRE], *q; - int n, m = 0, flags = 0; - - if (!h2n) - return 1; - - /* get the oldest pps */ - - lws_start_foreach_llp(struct lws_h2_protocol_send **, pps1, h2n->pps) { - if ((*pps1)->next == NULL) { /* we are the oldest in the list */ - pps = *pps1; /* remove us from the list */ - *pps1 = NULL; - continue; - } - } lws_end_foreach_llp(pps1, next); - - if (!pps) - return 1; - - lwsl_info("%s: %p: %d\n", __func__, wsi, pps->type); - - switch (pps->type) { - - case LWS_H2_PPS_MY_SETTINGS: - - /* - * if any of our settings varies from h2 "default defaults" - * then we must inform the peer - */ - for (n = 1; n < H2SET_COUNT; n++) - if (h2n->set.s[n] != lws_h2_defaults.s[n]) { - lwsl_debug("sending SETTING %d 0x%x\n", n, - wsi->h2.h2n->set.s[n]); - lws_h2_set_bin(wsi, n, &set[LWS_PRE + m]); - m += sizeof(h2n->one_setting); - } - n = lws_h2_frame_write(wsi, LWS_H2_FRAME_TYPE_SETTINGS, - flags, LWS_H2_STREAM_ID_MASTER, m, - &set[LWS_PRE]); - if (n != m) { - lwsl_info("send %d %d\n", n, m); - goto bail; - } - break; - - case LWS_H2_PPS_ACK_SETTINGS: - /* send ack ... always empty */ - n = lws_h2_frame_write(wsi, LWS_H2_FRAME_TYPE_SETTINGS, 1, - LWS_H2_STREAM_ID_MASTER, 0, &set[LWS_PRE]); - if (n) { - lwsl_err("ack tells %d\n", n); - goto bail; - } - /* this is the end of the preface dance then? */ - if (lwsi_state(wsi) == LRS_H2_AWAIT_SETTINGS) { - lwsi_set_state(wsi, LRS_ESTABLISHED); - wsi->http.fop_fd = NULL; - if (lws_is_ssl(lws_get_network_wsi(wsi))) - break; - /* - * we need to treat the headers from the upgrade as the - * first job. So these need to get shifted to sid 1. - */ - h2n->swsi = lws_wsi_server_new(wsi->vhost, wsi, 1); - if (!h2n->swsi) - goto bail; - - /* pass on the initial headers to SID 1 */ - h2n->swsi->ah = wsi->ah; - wsi->ah = NULL; - - lwsl_info("%s: inherited headers %p\n", __func__, - h2n->swsi->ah); - h2n->swsi->h2.tx_cr = - h2n->set.s[H2SET_INITIAL_WINDOW_SIZE]; - lwsl_info("initial tx credit on conn %p: %d\n", - h2n->swsi, h2n->swsi->h2.tx_cr); - h2n->swsi->h2.initialized = 1; - /* demanded by HTTP2 */ - h2n->swsi->h2.END_STREAM = 1; - lwsl_info("servicing initial http request\n"); - - wsi->vhost->conn_stats.h2_trans++; - - if (lws_http_action(h2n->swsi)) - goto bail; - - break; - } - break; - case LWS_H2_PPS_PONG: - lwsl_debug("sending PONG\n"); - memcpy(&set[LWS_PRE], pps->u.ping.ping_payload, 8); - n = lws_h2_frame_write(wsi, LWS_H2_FRAME_TYPE_PING, - LWS_H2_FLAG_SETTINGS_ACK, - LWS_H2_STREAM_ID_MASTER, 8, - &set[LWS_PRE]); - if (n != 8) { - lwsl_info("send %d %d\n", n, m); - goto bail; - } - break; - - case LWS_H2_PPS_GOAWAY: - lwsl_info("LWS_H2_PPS_GOAWAY\n"); - *p++ = pps->u.ga.highest_sid >> 24; - *p++ = pps->u.ga.highest_sid >> 16; - *p++ = pps->u.ga.highest_sid >> 8; - *p++ = pps->u.ga.highest_sid; - *p++ = pps->u.ga.err >> 24; - *p++ = pps->u.ga.err >> 16; - *p++ = pps->u.ga.err >> 8; - *p++ = pps->u.ga.err; - q = (unsigned char *)pps->u.ga.str; - n = 0; - while (*q && n++ < (int)sizeof(pps->u.ga.str)) - *p++ = *q++; - h2n->we_told_goaway = 1; - n = lws_h2_frame_write(wsi, LWS_H2_FRAME_TYPE_GOAWAY, 0, - LWS_H2_STREAM_ID_MASTER, - lws_ptr_diff(p, &set[LWS_PRE]), - &set[LWS_PRE]); - if (n != 4) { - lwsl_info("send %d %d\n", n, m); - goto bail; - } - goto bail; - - case LWS_H2_PPS_RST_STREAM: - lwsl_info("LWS_H2_PPS_RST_STREAM\n"); - *p++ = pps->u.rs.err >> 24; - *p++ = pps->u.rs.err >> 16; - *p++ = pps->u.rs.err >> 8; - *p++ = pps->u.rs.err; - n = lws_h2_frame_write(wsi, LWS_H2_FRAME_TYPE_RST_STREAM, - 0, pps->u.rs.sid, 4, &set[LWS_PRE]); - if (n != 4) { - lwsl_info("send %d %d\n", n, m); - goto bail; - } - cwsi = lws_h2_wsi_from_id(wsi, pps->u.rs.sid); - if (cwsi) - lws_close_free_wsi(cwsi, 0, "reset stream"); - break; - - case LWS_H2_PPS_UPDATE_WINDOW: - lwsl_debug("Issuing LWS_H2_PPS_UPDATE_WINDOW: sid %d: add %d\n", - pps->u.update_window.sid, - pps->u.update_window.credit); - *p++ = pps->u.update_window.credit >> 24; - *p++ = pps->u.update_window.credit >> 16; - *p++ = pps->u.update_window.credit >> 8; - *p++ = pps->u.update_window.credit; - n = lws_h2_frame_write(wsi, LWS_H2_FRAME_TYPE_WINDOW_UPDATE, - 0, pps->u.update_window.sid, 4, - &set[LWS_PRE]); - if (n != 4) { - lwsl_info("send %d %d\n", n, m); - goto bail; - } - break; - - default: - break; - } - - lws_free(pps); - - return 0; - -bail: - lws_free(pps); - - return 1; -} - -/* - * The frame header part has just completely arrived. - * Perform actions for header completion. - */ -static int -lws_h2_parse_frame_header(struct lws *wsi) -{ - struct lws_h2_netconn *h2n = wsi->h2.h2n; - struct lws_h2_protocol_send *pps; - int n; - - /* - * We just got the frame header - */ - h2n->count = 0; - h2n->swsi = wsi; - /* b31 is a reserved bit */ - h2n->sid = h2n->sid & 0x7fffffff; - - if (h2n->sid && !(h2n->sid & 1)) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, "Even Stream ID"); - - return 0; - } - - /* let the network wsi live a bit longer if subs are active */ - if (!wsi->ws_over_h2_count) - lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE, 31); - - if (h2n->sid) - h2n->swsi = lws_h2_wsi_from_id(wsi, h2n->sid); - - lwsl_debug("%p (%p): fr hdr: typ 0x%x, flags 0x%x, sid 0x%x, len 0x%x\n", - wsi, h2n->swsi, h2n->type, h2n->flags, h2n->sid, - h2n->length); - - if (h2n->we_told_goaway && h2n->sid > h2n->highest_sid) - h2n->type = LWS_H2_FRAME_TYPE_COUNT; /* ie, IGNORE */ - - if (h2n->type == LWS_H2_FRAME_TYPE_COUNT) - return 0; - - if (h2n->length > h2n->set.s[H2SET_MAX_FRAME_SIZE]) { - /* - * peer sent us something bigger than we told - * it we would allow - */ - lwsl_notice("received oversize frame %d\n", h2n->length); - lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, - "Peer ignored our frame size setting"); - return 1; - } - - if (h2n->swsi) - lwsl_info("%s: wsi %p, State: %s, received cmd %d\n", - __func__, h2n->swsi, - h2_state_names[h2n->swsi->h2.h2_state], h2n->type); - else { - /* if it's data, either way no swsi means CLOSED state */ - if (h2n->type == LWS_H2_FRAME_TYPE_DATA) { - if (h2n->sid <= h2n->highest_sid_opened) { - lwsl_notice("ignoring straggling data\n"); - h2n->type = LWS_H2_FRAME_TYPE_COUNT; /* ie, IGNORE */ - } else { - lws_h2_goaway(wsi, H2_ERR_STREAM_CLOSED, - "Data for nonexistent sid"); - return 0; - } - } - /* if the sid is credible, treat as wsi for it closed */ - if (h2n->sid > h2n->highest_sid_opened && - h2n->type != LWS_H2_FRAME_TYPE_HEADERS && - h2n->type != LWS_H2_FRAME_TYPE_PRIORITY) { - /* if not credible, reject it */ - lwsl_info("%s: wsi %p, No child for sid %d, rx cmd %d\n", - __func__, h2n->swsi, h2n->sid, h2n->type); - lws_h2_goaway(wsi, H2_ERR_STREAM_CLOSED, - "Data for nonexistent sid"); - return 0; - } - } - - if (h2n->swsi && h2n->sid && - !(http2_rx_validity[h2n->swsi->h2.h2_state] & (1 << h2n->type))) { - lwsl_info("%s: wsi %p, State: %s, ILLEGAL cmdrx %d (OK 0x%x)\n", - __func__, h2n->swsi, - h2_state_names[h2n->swsi->h2.h2_state], h2n->type, - http2_rx_validity[h2n->swsi->h2.h2_state]); - - if (h2n->swsi->h2.h2_state == LWS_H2_STATE_CLOSED || - h2n->swsi->h2.h2_state == LWS_H2_STATE_HALF_CLOSED_REMOTE) - n = H2_ERR_STREAM_CLOSED; - else - n = H2_ERR_PROTOCOL_ERROR; - lws_h2_goaway(wsi, n, "invalid rx for state"); - - return 0; - } - - if (h2n->cont_exp && (h2n->cont_exp_sid != h2n->sid || - h2n->type != LWS_H2_FRAME_TYPE_CONTINUATION)) { - lwsl_info("%s: expected cont on sid %d (got %d on sid %d)\n", - __func__, h2n->cont_exp_sid, h2n->type, h2n->sid); - h2n->cont_exp = 0; - if (h2n->cont_exp_headers) - n = H2_ERR_COMPRESSION_ERROR; - else - n = H2_ERR_PROTOCOL_ERROR; - lws_h2_goaway(wsi, n, "Continuation hdrs State"); - - return 0; - } - - switch (h2n->type) { - case LWS_H2_FRAME_TYPE_DATA: - lwsl_info("seen incoming LWS_H2_FRAME_TYPE_DATA start\n"); - if (!h2n->sid) { - lwsl_notice("DATA: 0 sid\n"); - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, "DATA 0 sid"); - break; - } - lwsl_info("Frame header DATA: sid %d\n", h2n->sid); - - if (!h2n->swsi) { - lwsl_notice("DATA: NULL swsi\n"); - break; - } - - if ( - h2n->swsi->h2.h2_state == LWS_H2_STATE_HALF_CLOSED_REMOTE || - h2n->swsi->h2.h2_state == LWS_H2_STATE_CLOSED) { - lws_h2_goaway(wsi, H2_ERR_STREAM_CLOSED, "conn closed"); - break; - } - break; - case LWS_H2_FRAME_TYPE_PRIORITY: - lwsl_info("LWS_H2_FRAME_TYPE_PRIORITY complete frame\n"); - if (!h2n->sid) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "Priority has 0 sid"); - break; - } - if (h2n->length != 5) { - lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, - "Priority has length other than 5"); - break; - } - break; - case LWS_H2_FRAME_TYPE_PUSH_PROMISE: - lwsl_info("LWS_H2_FRAME_TYPE_PUSH_PROMISE complete frame\n"); - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, "Server only"); - break; - - case LWS_H2_FRAME_TYPE_GOAWAY: - lwsl_debug("LWS_H2_FRAME_TYPE_GOAWAY received\n"); - break; - - case LWS_H2_FRAME_TYPE_RST_STREAM: - if (!h2n->sid) - return 1; - if (!h2n->swsi) { - if (h2n->sid <= h2n->highest_sid_opened) - break; - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "crazy sid on RST_STREAM"); - return 1; - } - if (h2n->length != 4) { - lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, - "RST_STREAM can only be length 4"); - break; - } - lws_h2_state(h2n->swsi, LWS_H2_STATE_CLOSED); - break; - - case LWS_H2_FRAME_TYPE_SETTINGS: - lwsl_info("LWS_H2_FRAME_TYPE_SETTINGS complete frame\n"); - /* nonzero sid on settings is illegal */ - if (h2n->sid) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "Settings has nonzero sid"); - break; - } - - if (!(h2n->flags & LWS_H2_FLAG_SETTINGS_ACK)) { - if ((!h2n->length) || h2n->length % 6) { - lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, - "Settings length error"); - break; - } - - if (h2n->type == LWS_H2_FRAME_TYPE_COUNT) - return 0; - break; - } - /* came to us with ACK set... not allowed to have payload */ - - if (h2n->length) { - lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, - "Settings with ACK not allowed payload"); - break; - } - break; - case LWS_H2_FRAME_TYPE_PING: - if (h2n->sid) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "Ping has nonzero sid"); - break; - } - if (h2n->length != 8) { - lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, - "Ping payload can only be 8"); - break; - } - break; - case LWS_H2_FRAME_TYPE_CONTINUATION: - lwsl_info("LWS_H2_FRAME_TYPE_CONTINUATION: sid = %d\n", - h2n->sid); - - if (!h2n->cont_exp || - h2n->cont_exp_sid != h2n->sid || - !h2n->sid || - !h2n->swsi) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "unexpected CONTINUATION"); - break; - } - if (h2n->swsi->h2.END_HEADERS) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "END_HEADERS already seen"); - break; - } - /* END_STREAM is in HEADERS, skip resetting it */ - goto update_end_headers; - - case LWS_H2_FRAME_TYPE_HEADERS: - lwsl_info("HEADERS: frame header: sid = %d\n", h2n->sid); - if (!h2n->sid) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, "sid 0"); - return 1; - } - -#if !defined(LWS_NO_CLIENT) - if (wsi->client_h2_alpn) { - if (h2n->sid) { - h2n->swsi = lws_h2_wsi_from_id(wsi, h2n->sid); - lwsl_info("HEADERS: nwsi %p: sid %d mapped to wsi %p\n", wsi, h2n->sid, h2n->swsi); - if (!h2n->swsi) - break; - } - goto update_end_headers; - } -#endif - - if (!h2n->swsi) { - /* no more children allowed by parent */ - if (wsi->h2.child_count + 1 > - wsi->h2.h2n->set.s[H2SET_MAX_CONCURRENT_STREAMS]) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "Another stream not allowed"); - - return 1; - } - - h2n->swsi = lws_wsi_server_new(wsi->vhost, wsi, - h2n->sid); - if (!h2n->swsi) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, "OOM"); - - return 1; - } - - pps = lws_h2_new_pps(LWS_H2_PPS_UPDATE_WINDOW); - if (!pps) - return 1; - pps->u.update_window.sid = h2n->sid; - pps->u.update_window.credit = 4 * 65536; - h2n->swsi->h2.peer_tx_cr_est += pps->u.update_window.credit; - lws_pps_schedule(wsi, pps); - - pps = lws_h2_new_pps(LWS_H2_PPS_UPDATE_WINDOW); - if (!pps) - return 1; - pps->u.update_window.sid = 0; - pps->u.update_window.credit = 4 * 65536; - wsi->h2.peer_tx_cr_est += pps->u.update_window.credit; - lws_pps_schedule(wsi, pps); - } - - /* - * ah needs attaching to child wsi, even though - * we only fill it from network wsi - */ - if (!h2n->swsi->ah) - if (lws_header_table_attach(h2n->swsi, 0)) { - lwsl_err("%s: Failed to get ah\n", __func__); - return 1; - } - - /* - * The first use of a new stream identifier implicitly closes - * all streams in the "idle" state that might have been - * initiated by that peer with a lower-valued stream identifier. - * - * For example, if a client sends a HEADERS frame on stream 7 - * without ever sending a frame on stream 5, then stream 5 - * transitions to the "closed" state when the first frame for - * stream 7 is sent or received. - */ - lws_start_foreach_ll(struct lws *, w, wsi->h2.child_list) { - if (w->h2.my_sid < h2n->sid && - w->h2.h2_state == LWS_H2_STATE_IDLE) - lws_close_free_wsi(w, 0, "h2 sid close"); - } lws_end_foreach_ll(w, h2.sibling_list); - - - /* END_STREAM means after servicing this, close the stream */ - h2n->swsi->h2.END_STREAM = - !!(h2n->flags & LWS_H2_FLAG_END_STREAM); - lwsl_info("%s: hdr END_STREAM = %d\n",__func__, - h2n->swsi->h2.END_STREAM); - - h2n->cont_exp = !(h2n->flags & LWS_H2_FLAG_END_HEADERS); - h2n->cont_exp_sid = h2n->sid; - h2n->cont_exp_headers = 1; - lws_header_table_reset(h2n->swsi, 0); - -update_end_headers: - /* no END_HEADERS means CONTINUATION must come */ - h2n->swsi->h2.END_HEADERS = - !!(h2n->flags & LWS_H2_FLAG_END_HEADERS); - lwsl_info("%p: END_HEADERS %d\n", h2n->swsi, h2n->swsi->h2.END_HEADERS); - if (h2n->swsi->h2.END_HEADERS) - h2n->cont_exp = 0; - lwsl_debug("END_HEADERS %d\n", h2n->swsi->h2.END_HEADERS); - break; - - case LWS_H2_FRAME_TYPE_WINDOW_UPDATE: - if (h2n->length != 4) { - lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, - "window update frame not 4"); - break; - } - lwsl_info("LWS_H2_FRAME_TYPE_WINDOW_UPDATE\n"); - break; - case LWS_H2_FRAME_TYPE_COUNT: - break; - default: - lwsl_info("%s: ILLEGAL FRAME TYPE %d\n", __func__, h2n->type); - h2n->type = LWS_H2_FRAME_TYPE_COUNT; /* ie, IGNORE */ - break; - } - if (h2n->length == 0) - h2n->frame_state = 0; - - return 0; -} - -/* - * The last byte of the whole frame has been handled. - * Perform actions for frame completion. - * - * This is the crunch time for parsing that may have occured on a network - * wsi with a pending partial send... we may call lws_http_action() to send - * a response, conflicting with the partial. - * - * So in that case we change the wsi state and do the lws_http_action() in the - * WRITABLE handler as a priority. - */ -static int -lws_h2_parse_end_of_frame(struct lws *wsi) -{ - struct lws_h2_netconn *h2n = wsi->h2.h2n; - struct lws_h2_protocol_send *pps; - struct lws *eff_wsi = wsi; - const char *p; - int n; - - h2n->frame_state = 0; - h2n->count = 0; - - if (h2n->sid) - h2n->swsi = lws_h2_wsi_from_id(wsi, h2n->sid); - - if (h2n->sid > h2n->highest_sid) - h2n->highest_sid = h2n->sid; - - /* set our initial window size */ - if (!wsi->h2.initialized) { - wsi->h2.tx_cr = h2n->set.s[H2SET_INITIAL_WINDOW_SIZE]; - lwsl_info("initial tx credit on master %p: %d\n", wsi, - wsi->h2.tx_cr); - wsi->h2.initialized = 1; - } - - if (h2n->collected_priority && (h2n->dep & ~(1 << 31)) == h2n->sid) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, "depends on own sid"); - return 0; - } - - switch (h2n->type) { - - case LWS_H2_FRAME_TYPE_SETTINGS: - -#if !defined(LWS_NO_CLIENT) - if (wsi->client_h2_alpn && - !(h2n->flags & LWS_H2_FLAG_SETTINGS_ACK)) { - - /* migrate original client ask on to substream 1 */ - - wsi->http.fop_fd = NULL; - - /* - * we need to treat the headers from the upgrade as the - * first job. So these need to get shifted to sid 1. - */ - h2n->swsi = lws_wsi_server_new(wsi->vhost, wsi, 1); - if (!h2n->swsi) - return 1; - h2n->sid = 1; - - assert(lws_h2_wsi_from_id(wsi, 1) == h2n->swsi); - - lwsi_set_role(wsi, LWSI_ROLE_H2_CLIENT); - lwsi_set_state(wsi, LRS_H2_WAITING_TO_SEND_HEADERS); - - lwsi_set_role(h2n->swsi, LWSI_ROLE_H2_CLIENT); - lwsi_set_state(h2n->swsi, LRS_H2_WAITING_TO_SEND_HEADERS); - - /* pass on the initial headers to SID 1 */ - h2n->swsi->ah = wsi->ah; - h2n->swsi->client_h2_substream = 1; - - h2n->swsi->protocol = wsi->protocol; - h2n->swsi->user_space = wsi->user_space; - h2n->swsi->user_space_externally_allocated = - wsi->user_space_externally_allocated; - - wsi->user_space = NULL; - - if (h2n->swsi->ah) - h2n->swsi->ah->wsi = h2n->swsi; - wsi->ah = NULL; - - lwsl_info("%s: MIGRATING nwsi %p: swsi %p\n", __func__, - wsi, h2n->swsi); - h2n->swsi->h2.tx_cr = - h2n->set.s[H2SET_INITIAL_WINDOW_SIZE]; - lwsl_info("initial tx credit on conn %p: %d\n", - h2n->swsi, h2n->swsi->h2.tx_cr); - h2n->swsi->h2.initialized = 1; - - lws_callback_on_writable(h2n->swsi); - - pps = lws_h2_new_pps(LWS_H2_PPS_ACK_SETTINGS); - if (!pps) - return 1; - lws_pps_schedule(wsi, pps); - lwsl_info("%s: scheduled settings ack PPS\n", __func__); - - /* also attach any queued guys */ - - /* we have a transaction queue that wants to pipeline */ - lws_vhost_lock(wsi->vhost); - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - wsi->dll_client_transaction_queue_head.next) { - struct lws *w = lws_container_of(d, struct lws, - dll_client_transaction_queue); - - if (lwsi_state(w) == LRS_H1C_ISSUE_HANDSHAKE2) { - lwsl_info("%s: client pipeq %p to be h2\n", - __func__, w); - /* remove ourselves from the client queue */ - lws_dll_lws_remove(&w->dll_client_transaction_queue); - - /* attach ourselves as an h2 stream */ - lws_wsi_h2_adopt(wsi, w); - } - } lws_end_foreach_dll_safe(d, d1); - lws_vhost_unlock(wsi->vhost); - } -#endif - break; - - case LWS_H2_FRAME_TYPE_CONTINUATION: - case LWS_H2_FRAME_TYPE_HEADERS: - - if (!h2n->swsi) - break; - - /* service the http request itself */ - - if (h2n->last_action_dyntable_resize) { - lws_h2_goaway(wsi, H2_ERR_COMPRESSION_ERROR, - "dyntable resize last in headers"); - break; - } - - if (!h2n->swsi->h2.END_HEADERS) { - /* we are not finished yet */ - lwsl_info("witholding http action for continuation\n"); - break; - } - - /* confirm the hpack stream state is reasonable for finishing */ - - if (h2n->hpack != HPKS_TYPE) { - /* hpack incomplete */ - lwsl_info("hpack incomplete %d (type %d, len %d)\n", - h2n->hpack, h2n->type, h2n->hpack_len); - lws_h2_goaway(wsi, H2_ERR_COMPRESSION_ERROR, - "hpack incomplete"); - break; - } - - /* this is the last part of HEADERS */ - switch (h2n->swsi->h2.h2_state) { - case LWS_H2_STATE_IDLE: - lws_h2_state(h2n->swsi, LWS_H2_STATE_OPEN); - break; - case LWS_H2_STATE_RESERVED_REMOTE: - lws_h2_state(h2n->swsi, LWS_H2_STATE_HALF_CLOSED_LOCAL); - break; - } - - lwsl_info("http req, wsi=%p, h2n->swsi=%p\n", wsi, h2n->swsi); - h2n->swsi->hdr_parsing_completed = 1; - - if (h2n->swsi->client_h2_substream) { - if (lws_client_interpret_server_handshake(h2n->swsi)) { - lws_h2_rst_stream(h2n->swsi, H2_ERR_STREAM_CLOSED, - "protocol CLI_EST closed it"); - break; - } - } - - if (lws_hdr_extant(h2n->swsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { - h2n->swsi->http.rx_content_length = atoll( - lws_hdr_simple_ptr(h2n->swsi, - WSI_TOKEN_HTTP_CONTENT_LENGTH)); - h2n->swsi->http.rx_content_remain = - h2n->swsi->http.rx_content_length; - lwsl_info("setting rx_content_length %lld\n", - (long long)h2n->swsi->http.rx_content_length); - } - - { - int n = 0, len; - char buf[256]; - const unsigned char *c; - - do { - c = lws_token_to_string(n); - if (!c) { - n++; - continue; - } - - len = lws_hdr_total_length(h2n->swsi, n); - if (!len || len > (int)sizeof(buf) - 1) { - n++; - continue; - } - - lws_hdr_copy(h2n->swsi, buf, sizeof buf, n); - buf[sizeof(buf) - 1] = '\0'; - - lwsl_info(" %s = %s\n", (char *)c, buf); - n++; - } while (c); - } - - if (h2n->swsi->h2.h2_state == LWS_H2_STATE_HALF_CLOSED_REMOTE || - h2n->swsi->h2.h2_state == LWS_H2_STATE_CLOSED) { - lws_h2_goaway(wsi, H2_ERR_STREAM_CLOSED, - "Banning service on CLOSED_REMOTE"); - break; - } - - switch (h2n->swsi->h2.h2_state) { - case LWS_H2_STATE_OPEN: - if (h2n->swsi->h2.END_STREAM) - lws_h2_state(h2n->swsi, - LWS_H2_STATE_HALF_CLOSED_REMOTE); - break; - case LWS_H2_STATE_HALF_CLOSED_LOCAL: - if (h2n->swsi->h2.END_STREAM) - lws_h2_state(h2n->swsi, LWS_H2_STATE_CLOSED); - break; - } - - if (h2n->swsi->client_h2_substream) { - lwsl_info("%s: headers: client path\n", __func__); - break; - } - - if (!lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_PATH) || - !lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_METHOD) || - !lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_SCHEME) || - lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_STATUS) || - lws_hdr_extant(h2n->swsi, WSI_TOKEN_CONNECTION)) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "Pseudoheader checks"); - break; - } - - if (lws_hdr_extant(h2n->swsi, WSI_TOKEN_TE)) { - n = lws_hdr_total_length(h2n->swsi, WSI_TOKEN_TE); - - if (n != 8 || - strncmp(lws_hdr_simple_ptr(h2n->swsi, WSI_TOKEN_TE), - "trailers", n)) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "Illegal transfer-encoding"); - break; - } - } - - p = lws_hdr_simple_ptr(h2n->swsi, WSI_TOKEN_HTTP_COLON_METHOD); - if (!strcmp(p, "POST")) - h2n->swsi->ah->frag_index[WSI_TOKEN_POST_URI] = - h2n->swsi->ah->frag_index[WSI_TOKEN_HTTP_COLON_PATH]; - - wsi->vhost->conn_stats.h2_trans++; - - lwsi_set_state(h2n->swsi, LRS_DEFERRING_ACTION); - lws_callback_on_writable(h2n->swsi); - break; - - case LWS_H2_FRAME_TYPE_DATA: - if (!h2n->swsi) - break; - - if (lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_CONTENT_LENGTH) && - h2n->swsi->h2.END_STREAM && - h2n->swsi->http.rx_content_length && - h2n->swsi->http.rx_content_remain) { - lws_h2_rst_stream(h2n->swsi, H2_ERR_PROTOCOL_ERROR, - "Not enough rx content"); - break; - } - - if (h2n->swsi->h2.END_STREAM && - h2n->swsi->h2.h2_state == LWS_H2_STATE_OPEN) - lws_h2_state(h2n->swsi, LWS_H2_STATE_HALF_CLOSED_REMOTE); - - if (h2n->swsi->h2.END_STREAM && - h2n->swsi->h2.h2_state == LWS_H2_STATE_HALF_CLOSED_LOCAL) - lws_h2_state(h2n->swsi, LWS_H2_STATE_CLOSED); - - /* - * client... remote END_STREAM implies we weren't going to - * send anything else anyway. - */ - - if (h2n->swsi->client_h2_substream && - h2n->flags & LWS_H2_FLAG_END_STREAM) { - lwsl_info("%s: %p: DATA: end stream\n", __func__, h2n->swsi); - - if (h2n->swsi->h2.h2_state == LWS_H2_STATE_OPEN) { - lws_h2_state(h2n->swsi, LWS_H2_STATE_HALF_CLOSED_REMOTE); - // lws_h2_rst_stream(h2n->swsi, H2_ERR_NO_ERROR, - // "client done"); - - // if (lws_http_transaction_completed_client(h2n->swsi)) - // lwsl_debug("tx completed returned close\n"); - } - - //if (h2n->swsi->h2.h2_state == LWS_H2_STATE_HALF_CLOSED_LOCAL) - { - lws_h2_state(h2n->swsi, LWS_H2_STATE_CLOSED); - - lws_h2_rst_stream(h2n->swsi, H2_ERR_NO_ERROR, - "client done"); - - if (lws_http_transaction_completed_client(h2n->swsi)) - lwsl_debug("tx completed returned close\n"); - } - } - break; - - case LWS_H2_FRAME_TYPE_PING: - if (h2n->flags & LWS_H2_FLAG_SETTINGS_ACK) { // ack - } else {/* they're sending us a ping request */ - lwsl_info("rx ping, preparing pong\n"); - pps = lws_h2_new_pps(LWS_H2_PPS_PONG); - if (!pps) - return 1; - memcpy(pps->u.ping.ping_payload, h2n->ping_payload, 8); - lws_pps_schedule(wsi, pps); - } - - break; - - case LWS_H2_FRAME_TYPE_WINDOW_UPDATE: - h2n->hpack_e_dep &= ~(1 << 31); - lwsl_info("WINDOW_UPDATE: sid %d %u (0x%x)\n", h2n->sid, - h2n->hpack_e_dep, h2n->hpack_e_dep); - - if (h2n->sid) - eff_wsi = h2n->swsi; - - if (!eff_wsi) { - if (h2n->sid > h2n->highest_sid_opened) - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "alien sid"); - break; /* ignore */ - } - - if ((uint64_t)eff_wsi->h2.tx_cr + (uint64_t)h2n->hpack_e_dep > - (uint64_t)0x7fffffff) { - if (h2n->sid) - lws_h2_rst_stream(h2n->swsi, - H2_ERR_FLOW_CONTROL_ERROR, - "Flow control exceeded max"); - else - lws_h2_goaway(wsi, H2_ERR_FLOW_CONTROL_ERROR, - "Flow control exceeded max"); - break; - } - - if (!h2n->hpack_e_dep) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "Zero length window update"); - break; - } - n = eff_wsi->h2.tx_cr; - eff_wsi->h2.tx_cr += h2n->hpack_e_dep; - - if (n <= 0 && eff_wsi->h2.tx_cr <= 0) - /* it helps, but won't change sendability for anyone */ - break; - - /* - * It did change sendability... for us and any children waiting - * on us... reassess blockage for all children first - */ - lws_start_foreach_ll(struct lws *, w, wsi->h2.child_list) { - lws_callback_on_writable(w); - } lws_end_foreach_ll(w, h2.sibling_list); - - if (eff_wsi->h2.skint && lws_h2_tx_cr_get(eff_wsi)) { - lwsl_info("%s: %p: skint\n", __func__, wsi); - eff_wsi->h2.skint = 0; - lws_callback_on_writable(eff_wsi); - } - break; - - case LWS_H2_FRAME_TYPE_GOAWAY: - lwsl_info("GOAWAY: last sid %d, error 0x%08X, string '%s'\n", - h2n->goaway_last_sid, h2n->goaway_err, - h2n->goaway_str); - wsi->h2.GOING_AWAY = 1; - - return 1; - - case LWS_H2_FRAME_TYPE_RST_STREAM: - lwsl_info("LWS_H2_FRAME_TYPE_RST_STREAM: sid %d: reason 0x%x\n", - h2n->sid, h2n->hpack_e_dep); - break; - - case LWS_H2_FRAME_TYPE_COUNT: /* IGNORING FRAME */ - break; - } - - return 0; -} - -/* - * This may want to send something on the network wsi, which may be in the - * middle of a partial send. PPS sends are OK because they are queued to - * go through the WRITABLE handler already. - * - * The read parser for the network wsi has no choice but to parse its stream - * anyway, because otherwise it will not be able to get tx credit window - * messages. - * - * Therefore if we will send non-PPS, ie, lws_http_action() for a stream - * wsi, we must change its state and handle it as a priority in the - * POLLOUT handler instead of writing it here. - * - * About closing... for the main network wsi, it should return nonzero to - * close it all. If it needs to close an swsi, it can do it here. - */ -int -lws_h2_parser(struct lws *wsi, unsigned char *in, lws_filepos_t inlen, - lws_filepos_t *inused) -{ - struct lws_h2_netconn *h2n = wsi->h2.h2n; - struct lws_h2_protocol_send *pps; - unsigned char c, *oldin = in; - int n, m; - - if (!h2n) - goto fail; - - while (inlen--) { - - c = *in++; - - // lwsl_notice("%s: 0x%x\n", __func__, c); - - switch (lwsi_state(wsi)) { - case LRS_H2_AWAIT_PREFACE: - if (preface[h2n->count++] != c) - goto fail; - - if (preface[h2n->count]) - break; - - lwsl_info("http2: %p: established\n", wsi); - lwsi_set_state(wsi, LRS_H2_AWAIT_SETTINGS); - h2n->count = 0; - wsi->h2.tx_cr = 65535; - - /* - * we must send a settings frame -- empty one is OK... - * that must be the first thing sent by server - * and the peer must send a SETTINGS with ACK flag... - */ - pps = lws_h2_new_pps(LWS_H2_PPS_MY_SETTINGS); - if (!pps) - goto fail; - lws_pps_schedule(wsi, pps); - break; - - case LRS_H2_WAITING_TO_SEND_HEADERS: - case LRS_ESTABLISHED: - case LRS_H2_AWAIT_SETTINGS: - if (h2n->frame_state != LWS_H2_FRAME_HEADER_LENGTH) - goto try_frame_start; - - /* - * post-header, preamble / payload / padding part - */ - h2n->count++; - - if (h2n->flags & LWS_H2_FLAG_PADDED && !h2n->pad_length) { - /* - * Get the padding count... actual padding is - * at the end of the frame. - */ - h2n->padding = c; - h2n->pad_length = 1; - h2n->preamble++; - - if (h2n->padding > h2n->length - 1) - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "execssive padding"); - break; /* we consumed this */ - } - - if (h2n->flags & LWS_H2_FLAG_PRIORITY && - !h2n->collected_priority) { - /* going to be 5 preamble bytes */ - - lwsl_debug("PRIORITY FLAG: 0x%x\n", c); - - if (h2n->preamble++ - h2n->pad_length < 4) { - h2n->dep = ((h2n->dep) << 8) | c; - break; /* we consumed this */ - } - h2n->weight_temp = c; - h2n->collected_priority = 1; - lwsl_debug("PRI FL: dep 0x%x, weight 0x%02X\n", - h2n->dep, h2n->weight_temp); - break; /* we consumed this */ - } - if (h2n->padding && h2n->count > (h2n->length - h2n->padding)) { - if (c) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "nonzero padding"); - break; - } - goto frame_end; - } - - /* applies to wsi->h2.swsi which may be wsi */ - switch(h2n->type) { - - case LWS_H2_FRAME_TYPE_SETTINGS: - n = (h2n->count - 1 - h2n->preamble) % - LWS_H2_SETTINGS_LEN; - h2n->one_setting[n] = c; - if (n != LWS_H2_SETTINGS_LEN - 1) - break; - lws_h2_settings(wsi, &h2n->set, h2n->one_setting, - LWS_H2_SETTINGS_LEN); - break; - - case LWS_H2_FRAME_TYPE_CONTINUATION: - case LWS_H2_FRAME_TYPE_HEADERS: - if (!h2n->swsi) - break; - if (lws_hpack_interpret(h2n->swsi, c)) { - lwsl_info("%s: hpack failed\n", __func__); - goto fail; - } - break; - - case LWS_H2_FRAME_TYPE_GOAWAY: - switch (h2n->inside++) { - case 0: - case 1: - case 2: - case 3: - h2n->goaway_last_sid <<= 8; - h2n->goaway_last_sid |= c; - h2n->goaway_str[0] = '\0'; - break; - - case 4: - case 5: - case 6: - case 7: - h2n->goaway_err <<= 8; - h2n->goaway_err |= c; - break; - - default: - if (h2n->inside - 9 < - sizeof(h2n->goaway_str) - 1) - h2n->goaway_str[h2n->inside - 9] = c; - h2n->goaway_str[sizeof(h2n->goaway_str) - 1] = '\0'; - break; - } - break; - - case LWS_H2_FRAME_TYPE_DATA: - - // lwsl_notice("%s: LWS_H2_FRAME_TYPE_DATA\n", __func__); - - /* let the network wsi live a bit longer if subs are active... - * our frame may take a long time to chew through */ - if (!wsi->ws_over_h2_count) - lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE, 31); - - if (!h2n->swsi) - break; - - if (lwsi_role_http(h2n->swsi) && - lwsi_state(h2n->swsi) == LRS_ESTABLISHED) { - lwsi_set_state(h2n->swsi, LRS_BODY); - lwsl_info("%s: setting swsi %p to LRS_BODY\n", - __func__, h2n->swsi); - } - - if (lws_hdr_total_length(h2n->swsi, - WSI_TOKEN_HTTP_CONTENT_LENGTH) && - h2n->swsi->http.rx_content_length && - h2n->swsi->http.rx_content_remain < inlen + 1 && /* last */ - h2n->inside < h2n->length) { /* unread data in frame */ - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "More rx than content_length told"); - break; - } - - /* - * We operate on a frame. The RX we have at - * hand may exceed the current frame. - */ - - n = (int)inlen + 1; - if (n > (int)(h2n->length - h2n->count + 1)) { - n = h2n->length - h2n->count + 1; - lwsl_debug("---- restricting len to %d vs %ld\n", n, (long)inlen + 1); - } - - if (h2n->swsi->client_h2_substream) { - - m = user_callback_handle_rxflow( - h2n->swsi->protocol->callback, - h2n->swsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ, - h2n->swsi->user_space, in - 1, n); - - in += n - 1; - h2n->inside += n; - h2n->count += n - 1; - inlen -= n - 1; - - if (m) { - lwsl_info("RECEIVE_CLIENT_HTTP closed it\n"); - goto close_swsi_and_return; - } - - break; - } else { - - h2n->swsi->outer_will_close = 1; - /* - * choose the length for this go so that we end at - * the frame boundary, in the case there is already - * more waiting leave it for next time around - */ - - n = lws_read(h2n->swsi, in - 1, n); - h2n->swsi->outer_will_close = 0; - /* - * can return 0 in POST body with content len - * exhausted somehow. - */ - if (n <= 0) { - in += h2n->length - h2n->count; - h2n->inside = h2n->length; - h2n->count = h2n->length - 1; - lwsl_debug("%s: lws_read told %d\n", __func__, n); - goto close_swsi_and_return; - } - - inlen -= n - 1; - in += n - 1; - h2n->inside += n; - h2n->count += n - 1; - } - - /* account for both network and stream wsi windows */ - - wsi->h2.peer_tx_cr_est -= n; - h2n->swsi->h2.peer_tx_cr_est -= n; - - // lwsl_notice(" peer_tx_cr_est %d, parent %d\n", - // h2n->swsi->h2.peer_tx_cr_est, wsi->h2.peer_tx_cr_est); - - if (h2n->swsi->h2.peer_tx_cr_est < (int)(2 * h2n->length) + 65536) { - pps = lws_h2_new_pps(LWS_H2_PPS_UPDATE_WINDOW); - if (!pps) - return 1; - pps->u.update_window.sid = h2n->sid; - pps->u.update_window.credit = (2 * h2n->length + 65536); - h2n->swsi->h2.peer_tx_cr_est += pps->u.update_window.credit; - lws_pps_schedule(wsi, pps); - } - if (wsi->h2.peer_tx_cr_est < (int)(2 * h2n->length) + 65536) { - pps = lws_h2_new_pps(LWS_H2_PPS_UPDATE_WINDOW); - if (!pps) - return 1; - pps->u.update_window.sid = 0; - pps->u.update_window.credit = (2 * h2n->length + 65536); - wsi->h2.peer_tx_cr_est += pps->u.update_window.credit; - lws_pps_schedule(wsi, pps); - } - - // lwsl_notice("%s: count %d len %d\n", __func__, (int)h2n->count, (int)h2n->length); - - break; - - case LWS_H2_FRAME_TYPE_PRIORITY: - if (h2n->count <= 4) { - h2n->dep <<= 8; - h2n->dep |= c; - } else { - h2n->weight_temp = c; - lwsl_info("PRIORITY: dep 0x%x, weight 0x%02X\n", - h2n->dep, h2n->weight_temp); - - if ((h2n->dep & ~(1 << 31)) == h2n->sid) { - lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, - "cant depend on own sid"); - break; - } - } - break; - - case LWS_H2_FRAME_TYPE_RST_STREAM: - h2n->hpack_e_dep <<= 8; - h2n->hpack_e_dep |= c; - break; - - case LWS_H2_FRAME_TYPE_PUSH_PROMISE: - break; - - case LWS_H2_FRAME_TYPE_PING: - if (h2n->flags & LWS_H2_FLAG_SETTINGS_ACK) { // ack - } else { /* they're sending us a ping request */ - if (h2n->count > 8) - return 1; - h2n->ping_payload[h2n->count - 1] = c; - } - break; - - case LWS_H2_FRAME_TYPE_WINDOW_UPDATE: - h2n->hpack_e_dep <<= 8; - h2n->hpack_e_dep |= c; - break; - - case LWS_H2_FRAME_TYPE_COUNT: /* IGNORING FRAME */ - break; - - default: - lwsl_notice("%s: unhandled frame type %d\n", - __func__, h2n->type); - - goto fail; - } - -frame_end: - if (h2n->count > h2n->length) { - lwsl_notice("%s: count > length %d %d\n", - __func__, h2n->count, h2n->length); - goto fail; - } - if (h2n->count != h2n->length) - break; - - /* - * end of frame just happened - */ - if (lws_h2_parse_end_of_frame(wsi)) - goto fail; - - break; - -try_frame_start: - if (h2n->frame_state <= 8) { - - switch (h2n->frame_state++) { - case 0: - h2n->pad_length = 0; - h2n->collected_priority = 0; - h2n->padding = 0; - h2n->preamble = 0; - h2n->length = c; - h2n->inside = 0; - break; - case 1: - case 2: - h2n->length <<= 8; - h2n->length |= c; - break; - case 3: - h2n->type = c; - break; - case 4: - h2n->flags = c; - break; - - case 5: - case 6: - case 7: - case 8: - h2n->sid <<= 8; - h2n->sid |= c; - break; - } - } - - if (h2n->frame_state == LWS_H2_FRAME_HEADER_LENGTH) - if (lws_h2_parse_frame_header(wsi)) - goto fail; - break; - - default: - break; - } - } - - *inused = in - oldin; - - return 0; - -close_swsi_and_return: - - lws_close_free_wsi(h2n->swsi, 0, "close_swsi_and_return"); - h2n->swsi = NULL; - h2n->frame_state = 0; - h2n->count = 0; - - *inused = in - oldin; - - return 2; - -fail: - *inused = in - oldin; - - return 1; -} - -int -lws_h2_client_handshake(struct lws *wsi) -{ - uint8_t buf[LWS_PRE + 1024], *start = &buf[LWS_PRE], - *p = start, *end = &buf[sizeof(buf) - 1]; - char *meth = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD), - *uri = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_URI); - struct lws *nwsi = lws_get_network_wsi(wsi); - struct lws_h2_protocol_send *pps; - int n; - /* - * The identifier of a newly established stream MUST be numerically - * greater than all streams that the initiating endpoint has opened or - * reserved. This governs streams that are opened using a HEADERS frame - * and streams that are reserved using PUSH_PROMISE. An endpoint that - * receives an unexpected stream identifier MUST respond with a - * connection error (Section 5.4.1) of type PROTOCOL_ERROR. - */ - int sid = nwsi->h2.h2n->highest_sid_opened + 2; - - nwsi->h2.h2n->highest_sid_opened = sid; - wsi->h2.my_sid = sid; - - lwsl_info("%s: CLIENT_WAITING_TO_SEND_HEADERS: pollout (sid %d)\n", - __func__, wsi->h2.my_sid); - - pps = lws_h2_new_pps(LWS_H2_PPS_UPDATE_WINDOW); - if (!pps) - return 1; - pps->u.update_window.sid = sid; - pps->u.update_window.credit = 4 * 65536; - wsi->h2.peer_tx_cr_est += pps->u.update_window.credit; - lws_pps_schedule(wsi, pps); - - pps = lws_h2_new_pps(LWS_H2_PPS_UPDATE_WINDOW); - if (!pps) - return 1; - pps->u.update_window.sid = 0; - pps->u.update_window.credit = 4 * 65536; - wsi->h2.peer_tx_cr_est += pps->u.update_window.credit; - lws_pps_schedule(wsi, pps); - - /* it's time for us to send our client stream headers */ - - if (!meth) - meth = "GET"; - - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_COLON_METHOD, - (unsigned char *)meth, - strlen(meth), &p, end)) - return -1; - - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_COLON_SCHEME, - (unsigned char *)"http", 4, - &p, end)) - return -1; - - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_COLON_PATH, - (unsigned char *)uri, - lws_hdr_total_length(wsi, _WSI_TOKEN_CLIENT_URI), - &p, end)) - return -1; - - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_COLON_AUTHORITY, - (unsigned char *)lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN), - lws_hdr_total_length(wsi, _WSI_TOKEN_CLIENT_ORIGIN), - &p, end)) - return -1; - - /* give userland a chance to append, eg, cookies */ - - if (wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER, - wsi->user_space, &p, (end - p) - 12)) - return -1; - - if (lws_finalize_http_header(wsi, &p, end)) - return -1; - - n = lws_write(wsi, start, p - start, - LWS_WRITE_HTTP_HEADERS); - if (n != (p - start)) { - lwsl_err("_write returned %d from %ld\n", n, - (long)(p - start)); - return -1; - } - - lws_h2_state(wsi, LWS_H2_STATE_OPEN); - lwsi_set_state(wsi, LRS_ESTABLISHED); - - return 0; -} - -int -lws_h2_ws_handshake(struct lws *wsi) -{ - uint8_t buf[LWS_PRE + 384], *p = buf + LWS_PRE, *start = p, - *end = &buf[sizeof(buf) - 1]; - const struct lws_http_mount *hit; - const char * uri_ptr; - int n, m; - - if (lws_add_http_header_status(wsi, HTTP_STATUS_OK, &p, end)) - return -1; - - if (lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL) > 64) - return -1; - - /* we can only return the protocol header if: - * - one came in, and ... */ - if (lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL) && - /* - it is not an empty string */ - wsi->protocol->name && wsi->protocol->name[0]) { - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_PROTOCOL, - (unsigned char *)wsi->protocol->name, - (int)strlen(wsi->protocol->name), - &p, end)) - return -1; - } - - if (lws_finalize_http_header(wsi, &p, end)) - return -1; - - m = lws_ptr_diff(p, start); - n = lws_write(wsi, start, m, LWS_WRITE_HTTP_HEADERS); - if (n != m) { - lwsl_err("_write returned %d from %d\n", n, m); - - return -1; - } - - /* - * alright clean up, set our state to generic ws established, the - * mode / state of the nwsi will get the h2 processing done. - */ - - lwsi_set_state(wsi, LRS_ESTABLISHED); - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - - uri_ptr = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_PATH); - n = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_COLON_PATH); - hit = lws_find_mount(wsi, uri_ptr, n); - - if (hit && hit->cgienv && - wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_PMO, wsi->user_space, - (void *)hit->cgienv, 0)) - return 1; - - return 0; -} diff --git a/lib/http2/huftable.h b/lib/http2/huftable.h deleted file mode 100644 index 385a83b..0000000 --- a/lib/http2/huftable.h +++ /dev/null @@ -1,530 +0,0 @@ -static unsigned char lextable[] = { -/* pos 0000: 0 */ /* 0 */ 0x42 /* (to 0x0084 state 98) */, - /* 1 */ 0x01 /* (to 0x0002 state 1) */, -/* pos 0002: 1 */ /* 0 */ 0x5C /* (to 0x00BA state 151) */, - /* 1 */ 0x01 /* (to 0x0004 state 2) */, -/* pos 0004: 2 */ /* 0 */ 0x66 /* (to 0x00D0 state 173) */, - /* 1 */ 0x01 /* (to 0x0006 state 3) */, -/* pos 0006: 3 */ /* 0 */ 0x74 /* (to 0x00EE state 204) */, - /* 1 */ 0x01 /* (to 0x0008 state 4) */, -/* pos 0008: 4 */ /* 0 */ 0x8C /* (to 0x0120 state 263) */, - /* 1 */ 0x01 /* (to 0x000A state 5) */, -/* pos 000a: 5 */ /* 0 */ 0x46 /* (to 0x0096 state 113) */, - /* 1 */ 0x01 /* (to 0x000C state 6) */, -/* pos 000c: 6 */ /* 0 */ 0x75 /* (to 0x00F6 state 211) */, - /* 1 */ 0x01 /* (to 0x000E state 7) */, -/* pos 000e: 7 */ /* 0 */ 0x40 /* (to 0x008E state 104) */, - /* 1 */ 0x01 /* (to 0x0010 state 8) */, -/* pos 0010: 8 */ /* 0 */ 0x45 /* (to 0x009A state 116) */, - /* 1 */ 0x01 /* (to 0x0012 state 9) */, -/* pos 0012: 9 */ /* 0 */ 0x40 /* (to 0x0092 state 108) */, - /* 1 */ 0x01 /* (to 0x0014 state 10) */, -/* pos 0014: 10 */ /* 0 */ 0x01 /* (to 0x0016 state 11) */, - /* 1 */ 0x03 /* (to 0x001A state 14) */, -/* pos 0016: 11 */ /* 0 */ 0x01 /* (to 0x0018 state 12) */, - /* 1 */ 0x5B /* (to 0x00CC state 166) */, -/* pos 0018: 12 */ /* terminal 0 */ 0x00, - /* terminal 36 */ 0x24, -/* pos 001a: 14 */ /* 0 */ 0x72 /* (to 0x00FE state 220) */, - /* 1 */ 0x01 /* (to 0x001C state 15) */, -/* pos 001c: 15 */ /* 0 */ 0x72 /* (to 0x0100 state 222) */, - /* 1 */ 0x01 /* (to 0x001E state 16) */, -/* pos 001e: 16 */ /* 0 */ 0x53 /* (to 0x00C4 state 158) */, - /* 1 */ 0x01 /* (to 0x0020 state 17) */, -/* pos 0020: 17 */ /* terminal 123 */ 0x7B, - /* 1 */ 0x01 /* (to 0x0022 state 18) */, -/* pos 0022: 18 */ /* 0 */ 0x6B /* (to 0x00F8 state 216) */, - /* 1 */ 0x01 /* (to 0x0024 state 19) */, -/* pos 0024: 19 */ /* 0 */ 0x84 /* (to 0x012C state 279) */, - /* 1 */ 0x01 /* (to 0x0026 state 20) */, -/* pos 0026: 20 */ /* 0 */ 0x01 /* (to 0x0028 state 21) */, - /* 1 */ 0x06 /* (to 0x0032 state 27) */, -/* pos 0028: 21 */ /* 0 */ 0xB3 /* (to 0x018E state 377) */, - /* 1 */ 0x01 /* (to 0x002A state 22) */, -/* pos 002a: 22 */ /* 0 */ 0xC3 /* (to 0x01B0 state 414) */, - /* 1 */ 0x01 /* (to 0x002C state 23) */, -/* pos 002c: 23 */ /* 0 */ 0x01 /* (to 0x002E state 24) */, - /* 1 */ 0x8C /* (to 0x0144 state 301) */, -/* pos 002e: 24 */ /* 0 */ 0x01 /* (to 0x0030 state 25) */, - /* 1 */ 0x8A /* (to 0x0142 state 298) */, -/* pos 0030: 25 */ /* terminal 1 */ 0x01, - /* terminal 135 */ 0x87, -/* pos 0032: 27 */ /* 0 */ 0x8E /* (to 0x014E state 314) */, - /* 1 */ 0x01 /* (to 0x0034 state 28) */, -/* pos 0034: 28 */ /* 0 */ 0x0F /* (to 0x0052 state 50) */, - /* 1 */ 0x01 /* (to 0x0036 state 29) */, -/* pos 0036: 29 */ /* 0 */ 0xA4 /* (to 0x017E state 362) */, - /* 1 */ 0x01 /* (to 0x0038 state 30) */, -/* pos 0038: 30 */ /* 0 */ 0xB7 /* (to 0x01A6 state 403) */, - /* 1 */ 0x01 /* (to 0x003A state 31) */, -/* pos 003a: 31 */ /* 0 */ 0xC8 /* (to 0x01CA state 440) */, - /* 1 */ 0x01 /* (to 0x003C state 32) */, -/* pos 003c: 32 */ /* 0 */ 0x01 /* (to 0x003E state 33) */, - /* 1 */ 0x0F /* (to 0x005A state 55) */, -/* pos 003e: 33 */ /* 0 */ 0x01 /* (to 0x0040 state 34) */, - /* 1 */ 0x07 /* (to 0x004C state 46) */, -/* pos 0040: 34 */ /* 0 */ 0x01 /* (to 0x0042 state 35) */, - /* 1 */ 0x03 /* (to 0x0046 state 39) */, -/* pos 0042: 35 */ /* terminal 254 */ 0xFE, - /* 1 */ 0x01 /* (to 0x0044 state 36) */, -/* pos 0044: 36 */ /* terminal 2 */ 0x02, - /* terminal 3 */ 0x03, -/* pos 0046: 39 */ /* 0 */ 0x01 /* (to 0x0048 state 40) */, - /* 1 */ 0x02 /* (to 0x004A state 43) */, -/* pos 0048: 40 */ /* terminal 4 */ 0x04, - /* terminal 5 */ 0x05, -/* pos 004a: 43 */ /* terminal 6 */ 0x06, - /* terminal 7 */ 0x07, -/* pos 004c: 46 */ /* 0 */ 0x01 /* (to 0x004E state 47) */, - /* 1 */ 0x0E /* (to 0x0068 state 67) */, -/* pos 004e: 47 */ /* 0 */ 0x01 /* (to 0x0050 state 48) */, - /* 1 */ 0x0C /* (to 0x0066 state 63) */, -/* pos 0050: 48 */ /* terminal 8 */ 0x08, - /* terminal 11 */ 0x0B, -/* pos 0052: 50 */ /* 0 */ 0xA7 /* (to 0x01A0 state 396) */, - /* 1 */ 0x01 /* (to 0x0054 state 51) */, -/* pos 0054: 51 */ /* 0 */ 0x01 /* (to 0x0056 state 52) */, - /* 1 */ 0x7B /* (to 0x014A state 309) */, -/* pos 0056: 52 */ /* terminal 239 */ 0xEF, - /* 1 */ 0x01 /* (to 0x0058 state 53) */, -/* pos 0058: 53 */ /* terminal 9 */ 0x09, - /* terminal 142 */ 0x8E, -/* pos 005a: 55 */ /* 0 */ 0x0A /* (to 0x006E state 74) */, - /* 1 */ 0x01 /* (to 0x005C state 56) */, -/* pos 005c: 56 */ /* 0 */ 0x11 /* (to 0x007E state 91) */, - /* 1 */ 0x01 /* (to 0x005E state 57) */, -/* pos 005e: 57 */ /* 0 */ 0x64 /* (to 0x0126 state 274) */, - /* 1 */ 0x01 /* (to 0x0060 state 58) */, -/* pos 0060: 58 */ /* terminal 249 */ 0xF9, - /* 1 */ 0x01 /* (to 0x0062 state 59) */, -/* pos 0062: 59 */ /* 0 */ 0x01 /* (to 0x0064 state 60) */, - /* 1 */ 0x0A /* (to 0x0076 state 81) */, -/* pos 0064: 60 */ /* terminal 10 */ 0x0A, - /* terminal 13 */ 0x0D, -/* pos 0066: 63 */ /* terminal 12 */ 0x0C, - /* terminal 14 */ 0x0E, -/* pos 0068: 67 */ /* 0 */ 0x01 /* (to 0x006A state 68) */, - /* 1 */ 0x02 /* (to 0x006C state 71) */, -/* pos 006a: 68 */ /* terminal 15 */ 0x0F, - /* terminal 16 */ 0x10, -/* pos 006c: 71 */ /* terminal 17 */ 0x11, - /* terminal 18 */ 0x12, -/* pos 006e: 74 */ /* 0 */ 0x01 /* (to 0x0070 state 75) */, - /* 1 */ 0x05 /* (to 0x0078 state 84) */, -/* pos 0070: 75 */ /* 0 */ 0x01 /* (to 0x0072 state 76) */, - /* 1 */ 0x02 /* (to 0x0074 state 79) */, -/* pos 0072: 76 */ /* terminal 19 */ 0x13, - /* terminal 20 */ 0x14, -/* pos 0074: 79 */ /* terminal 21 */ 0x15, - /* terminal 23 */ 0x17, -/* pos 0076: 81 */ /* terminal 22 */ 0x16, - /* terminal 256 */ 0x00, -/* pos 0078: 84 */ /* 0 */ 0x01 /* (to 0x007A state 85) */, - /* 1 */ 0x02 /* (to 0x007C state 88) */, -/* pos 007a: 85 */ /* terminal 24 */ 0x18, - /* terminal 25 */ 0x19, -/* pos 007c: 88 */ /* terminal 26 */ 0x1A, - /* terminal 27 */ 0x1B, -/* pos 007e: 91 */ /* 0 */ 0x01 /* (to 0x0080 state 92) */, - /* 1 */ 0x02 /* (to 0x0082 state 95) */, -/* pos 0080: 92 */ /* terminal 28 */ 0x1C, - /* terminal 29 */ 0x1D, -/* pos 0082: 95 */ /* terminal 30 */ 0x1E, - /* terminal 31 */ 0x1F, -/* pos 0084: 98 */ /* 0 */ 0x13 /* (to 0x00AA state 133) */, - /* 1 */ 0x01 /* (to 0x0086 state 99) */, -/* pos 0086: 99 */ /* 0 */ 0x01 /* (to 0x0088 state 100) */, - /* 1 */ 0x0F /* (to 0x00A4 state 129) */, -/* pos 0088: 100 */ /* 0 */ 0x4B /* (to 0x011E state 258) */, - /* 1 */ 0x01 /* (to 0x008A state 101) */, -/* pos 008a: 101 */ /* 0 */ 0x01 /* (to 0x008C state 102) */, - /* 1 */ 0x0C /* (to 0x00A2 state 126) */, -/* pos 008c: 102 */ /* terminal 32 */ 0x20, - /* terminal 37 */ 0x25, -/* pos 008e: 104 */ /* 0 */ 0x01 /* (to 0x0090 state 105) */, - /* 1 */ 0x08 /* (to 0x009E state 119) */, -/* pos 0090: 105 */ /* terminal 33 */ 0x21, - /* terminal 34 */ 0x22, -/* pos 0092: 108 */ /* terminal 124 */ 0x7C, - /* 1 */ 0x01 /* (to 0x0094 state 109) */, -/* pos 0094: 109 */ /* terminal 35 */ 0x23, - /* terminal 62 */ 0x3E, -/* pos 0096: 113 */ /* 0 */ 0x01 /* (to 0x0098 state 114) */, - /* 1 */ 0x05 /* (to 0x00A0 state 124) */, -/* pos 0098: 114 */ /* terminal 38 */ 0x26, - /* terminal 42 */ 0x2A, -/* pos 009a: 116 */ /* terminal 63 */ 0x3F, - /* 1 */ 0x01 /* (to 0x009C state 117) */, -/* pos 009c: 117 */ /* terminal 39 */ 0x27, - /* terminal 43 */ 0x2B, -/* pos 009e: 119 */ /* terminal 40 */ 0x28, - /* terminal 41 */ 0x29, -/* pos 00a0: 124 */ /* terminal 44 */ 0x2C, - /* terminal 59 */ 0x3B, -/* pos 00a2: 126 */ /* terminal 45 */ 0x2D, - /* terminal 46 */ 0x2E, -/* pos 00a4: 129 */ /* 0 */ 0x01 /* (to 0x00A6 state 130) */, - /* 1 */ 0x08 /* (to 0x00B4 state 144) */, -/* pos 00a6: 130 */ /* 0 */ 0x01 /* (to 0x00A8 state 131) */, - /* 1 */ 0x06 /* (to 0x00B2 state 141) */, -/* pos 00a8: 131 */ /* terminal 47 */ 0x2F, - /* terminal 51 */ 0x33, -/* pos 00aa: 133 */ /* 0 */ 0x01 /* (to 0x00AC state 134) */, - /* 1 */ 0x2D /* (to 0x0104 state 229) */, -/* pos 00ac: 134 */ /* 0 */ 0x01 /* (to 0x00AE state 135) */, - /* 1 */ 0x02 /* (to 0x00B0 state 138) */, -/* pos 00ae: 135 */ /* terminal 48 */ 0x30, - /* terminal 49 */ 0x31, -/* pos 00b0: 138 */ /* terminal 50 */ 0x32, - /* terminal 97 */ 0x61, -/* pos 00b2: 141 */ /* terminal 52 */ 0x34, - /* terminal 53 */ 0x35, -/* pos 00b4: 144 */ /* 0 */ 0x01 /* (to 0x00B6 state 145) */, - /* 1 */ 0x02 /* (to 0x00B8 state 148) */, -/* pos 00b6: 145 */ /* terminal 54 */ 0x36, - /* terminal 55 */ 0x37, -/* pos 00b8: 148 */ /* terminal 56 */ 0x38, - /* terminal 57 */ 0x39, -/* pos 00ba: 151 */ /* 0 */ 0x06 /* (to 0x00C6 state 160) */, - /* 1 */ 0x01 /* (to 0x00BC state 152) */, -/* pos 00bc: 152 */ /* 0 */ 0x2C /* (to 0x0114 state 246) */, - /* 1 */ 0x01 /* (to 0x00BE state 153) */, -/* pos 00be: 153 */ /* 0 */ 0x2F /* (to 0x011C state 256) */, - /* 1 */ 0x01 /* (to 0x00C0 state 154) */, -/* pos 00c0: 154 */ /* 0 */ 0x01 /* (to 0x00C2 state 155) */, - /* 1 */ 0x07 /* (to 0x00CE state 170) */, -/* pos 00c2: 155 */ /* terminal 58 */ 0x3A, - /* terminal 66 */ 0x42, -/* pos 00c4: 158 */ /* terminal 60 */ 0x3C, - /* terminal 96 */ 0x60, -/* pos 00c6: 160 */ /* 0 */ 0x01 /* (to 0x00C8 state 161) */, - /* 1 */ 0x21 /* (to 0x0108 state 232) */, -/* pos 00c8: 161 */ /* 0 */ 0x01 /* (to 0x00CA state 162) */, - /* 1 */ 0x1D /* (to 0x0102 state 224) */, -/* pos 00ca: 162 */ /* terminal 61 */ 0x3D, - /* terminal 65 */ 0x41, -/* pos 00cc: 166 */ /* terminal 64 */ 0x40, - /* terminal 91 */ 0x5B, -/* pos 00ce: 170 */ /* terminal 67 */ 0x43, - /* terminal 68 */ 0x44, -/* pos 00d0: 173 */ /* 0 */ 0x01 /* (to 0x00D2 state 174) */, - /* 1 */ 0x08 /* (to 0x00E0 state 189) */, -/* pos 00d2: 174 */ /* 0 */ 0x01 /* (to 0x00D4 state 175) */, - /* 1 */ 0x04 /* (to 0x00DA state 182) */, -/* pos 00d4: 175 */ /* 0 */ 0x01 /* (to 0x00D6 state 176) */, - /* 1 */ 0x02 /* (to 0x00D8 state 179) */, -/* pos 00d6: 176 */ /* terminal 69 */ 0x45, - /* terminal 70 */ 0x46, -/* pos 00d8: 179 */ /* terminal 71 */ 0x47, - /* terminal 72 */ 0x48, -/* pos 00da: 182 */ /* 0 */ 0x01 /* (to 0x00DC state 183) */, - /* 1 */ 0x02 /* (to 0x00DE state 186) */, -/* pos 00dc: 183 */ /* terminal 73 */ 0x49, - /* terminal 74 */ 0x4A, -/* pos 00de: 186 */ /* terminal 75 */ 0x4B, - /* terminal 76 */ 0x4C, -/* pos 00e0: 189 */ /* 0 */ 0x01 /* (to 0x00E2 state 190) */, - /* 1 */ 0x04 /* (to 0x00E8 state 197) */, -/* pos 00e2: 190 */ /* 0 */ 0x01 /* (to 0x00E4 state 191) */, - /* 1 */ 0x02 /* (to 0x00E6 state 194) */, -/* pos 00e4: 191 */ /* terminal 77 */ 0x4D, - /* terminal 78 */ 0x4E, -/* pos 00e6: 194 */ /* terminal 79 */ 0x4F, - /* terminal 80 */ 0x50, -/* pos 00e8: 197 */ /* 0 */ 0x01 /* (to 0x00EA state 198) */, - /* 1 */ 0x02 /* (to 0x00EC state 201) */, -/* pos 00ea: 198 */ /* terminal 81 */ 0x51, - /* terminal 82 */ 0x52, -/* pos 00ec: 201 */ /* terminal 83 */ 0x53, - /* terminal 84 */ 0x54, -/* pos 00ee: 204 */ /* 0 */ 0x01 /* (to 0x00F0 state 205) */, - /* 1 */ 0x11 /* (to 0x0110 state 242) */, -/* pos 00f0: 205 */ /* 0 */ 0x01 /* (to 0x00F2 state 206) */, - /* 1 */ 0x02 /* (to 0x00F4 state 209) */, -/* pos 00f2: 206 */ /* terminal 85 */ 0x55, - /* terminal 86 */ 0x56, -/* pos 00f4: 209 */ /* terminal 87 */ 0x57, - /* terminal 89 */ 0x59, -/* pos 00f6: 211 */ /* terminal 88 */ 0x58, - /* terminal 90 */ 0x5A, -/* pos 00f8: 216 */ /* 0 */ 0x01 /* (to 0x00FA state 217) */, - /* 1 */ 0x1F /* (to 0x0136 state 286) */, -/* pos 00fa: 217 */ /* 0 */ 0x01 /* (to 0x00FC state 218) */, - /* 1 */ 0x17 /* (to 0x0128 state 276) */, -/* pos 00fc: 218 */ /* terminal 92 */ 0x5C, - /* terminal 195 */ 0xC3, -/* pos 00fe: 220 */ /* terminal 93 */ 0x5D, - /* terminal 126 */ 0x7E, -/* pos 0100: 222 */ /* terminal 94 */ 0x5E, - /* terminal 125 */ 0x7D, -/* pos 0102: 224 */ /* terminal 95 */ 0x5F, - /* terminal 98 */ 0x62, -/* pos 0104: 229 */ /* 0 */ 0x01 /* (to 0x0106 state 230) */, - /* 1 */ 0x05 /* (to 0x010E state 240) */, -/* pos 0106: 230 */ /* terminal 99 */ 0x63, - /* terminal 101 */ 0x65, -/* pos 0108: 232 */ /* 0 */ 0x01 /* (to 0x010A state 233) */, - /* 1 */ 0x02 /* (to 0x010C state 237) */, -/* pos 010a: 233 */ /* terminal 100 */ 0x64, - /* terminal 102 */ 0x66, -/* pos 010c: 237 */ /* terminal 103 */ 0x67, - /* terminal 104 */ 0x68, -/* pos 010e: 240 */ /* terminal 105 */ 0x69, - /* terminal 111 */ 0x6F, -/* pos 0110: 242 */ /* 0 */ 0x01 /* (to 0x0112 state 243) */, - /* 1 */ 0x05 /* (to 0x011A state 254) */, -/* pos 0112: 243 */ /* terminal 106 */ 0x6A, - /* terminal 107 */ 0x6B, -/* pos 0114: 246 */ /* 0 */ 0x01 /* (to 0x0116 state 247) */, - /* 1 */ 0x02 /* (to 0x0118 state 250) */, -/* pos 0116: 247 */ /* terminal 108 */ 0x6C, - /* terminal 109 */ 0x6D, -/* pos 0118: 250 */ /* terminal 110 */ 0x6E, - /* terminal 112 */ 0x70, -/* pos 011a: 254 */ /* terminal 113 */ 0x71, - /* terminal 118 */ 0x76, -/* pos 011c: 256 */ /* terminal 114 */ 0x72, - /* terminal 117 */ 0x75, -/* pos 011e: 258 */ /* terminal 115 */ 0x73, - /* terminal 116 */ 0x74, -/* pos 0120: 263 */ /* 0 */ 0x01 /* (to 0x0122 state 264) */, - /* 1 */ 0x02 /* (to 0x0124 state 267) */, -/* pos 0122: 264 */ /* terminal 119 */ 0x77, - /* terminal 120 */ 0x78, -/* pos 0124: 267 */ /* terminal 121 */ 0x79, - /* terminal 122 */ 0x7A, -/* pos 0126: 274 */ /* terminal 127 */ 0x7F, - /* terminal 220 */ 0xDC, -/* pos 0128: 276 */ /* terminal 208 */ 0xD0, - /* 1 */ 0x01 /* (to 0x012A state 277) */, -/* pos 012a: 277 */ /* terminal 128 */ 0x80, - /* terminal 130 */ 0x82, -/* pos 012c: 279 */ /* 0 */ 0x2E /* (to 0x0188 state 372) */, - /* 1 */ 0x01 /* (to 0x012E state 280) */, -/* pos 012e: 280 */ /* 0 */ 0x01 /* (to 0x0130 state 281) */, - /* 1 */ 0x1B /* (to 0x0164 state 332) */, -/* pos 0130: 281 */ /* 0 */ 0x01 /* (to 0x0132 state 282) */, - /* 1 */ 0x06 /* (to 0x013C state 291) */, -/* pos 0132: 282 */ /* terminal 230 */ 0xE6, - /* 1 */ 0x01 /* (to 0x0134 state 283) */, -/* pos 0134: 283 */ /* terminal 129 */ 0x81, - /* terminal 132 */ 0x84, -/* pos 0136: 286 */ /* 0 */ 0x01 /* (to 0x0138 state 287) */, - /* 1 */ 0x14 /* (to 0x015E state 328) */, -/* pos 0138: 287 */ /* 0 */ 0x01 /* (to 0x013A state 288) */, - /* 1 */ 0x30 /* (to 0x0198 state 388) */, -/* pos 013a: 288 */ /* terminal 131 */ 0x83, - /* terminal 162 */ 0xA2, -/* pos 013c: 291 */ /* 0 */ 0x01 /* (to 0x013E state 292) */, - /* 1 */ 0x02 /* (to 0x0140 state 296) */, -/* pos 013e: 292 */ /* terminal 133 */ 0x85, - /* terminal 134 */ 0x86, -/* pos 0140: 296 */ /* terminal 136 */ 0x88, - /* terminal 146 */ 0x92, -/* pos 0142: 298 */ /* terminal 137 */ 0x89, - /* terminal 138 */ 0x8A, -/* pos 0144: 301 */ /* 0 */ 0x01 /* (to 0x0146 state 302) */, - /* 1 */ 0x02 /* (to 0x0148 state 305) */, -/* pos 0146: 302 */ /* terminal 139 */ 0x8B, - /* terminal 140 */ 0x8C, -/* pos 0148: 305 */ /* terminal 141 */ 0x8D, - /* terminal 143 */ 0x8F, -/* pos 014a: 309 */ /* 0 */ 0x01 /* (to 0x014C state 310) */, - /* 1 */ 0x06 /* (to 0x0156 state 319) */, -/* pos 014c: 310 */ /* terminal 144 */ 0x90, - /* terminal 145 */ 0x91, -/* pos 014e: 314 */ /* 0 */ 0x01 /* (to 0x0150 state 315) */, - /* 1 */ 0x12 /* (to 0x0172 state 350) */, -/* pos 0150: 315 */ /* 0 */ 0x01 /* (to 0x0152 state 316) */, - /* 1 */ 0x05 /* (to 0x015A state 325) */, -/* pos 0152: 316 */ /* 0 */ 0x01 /* (to 0x0154 state 317) */, - /* 1 */ 0x03 /* (to 0x0158 state 322) */, -/* pos 0154: 317 */ /* terminal 147 */ 0x93, - /* terminal 149 */ 0x95, -/* pos 0156: 319 */ /* terminal 148 */ 0x94, - /* terminal 159 */ 0x9F, -/* pos 0158: 322 */ /* terminal 150 */ 0x96, - /* terminal 151 */ 0x97, -/* pos 015a: 325 */ /* 0 */ 0x01 /* (to 0x015C state 326) */, - /* 1 */ 0x08 /* (to 0x016A state 338) */, -/* pos 015c: 326 */ /* terminal 152 */ 0x98, - /* terminal 155 */ 0x9B, -/* pos 015e: 328 */ /* 0 */ 0x42 /* (to 0x01E2 state 465) */, - /* 1 */ 0x01 /* (to 0x0160 state 329) */, -/* pos 0160: 329 */ /* 0 */ 0x01 /* (to 0x0162 state 330) */, - /* 1 */ 0x0C /* (to 0x0178 state 355) */, -/* pos 0162: 330 */ /* terminal 153 */ 0x99, - /* terminal 161 */ 0xA1, -/* pos 0164: 332 */ /* 0 */ 0x01 /* (to 0x0166 state 333) */, - /* 1 */ 0x05 /* (to 0x016E state 347) */, -/* pos 0166: 333 */ /* 0 */ 0x01 /* (to 0x0168 state 334) */, - /* 1 */ 0x03 /* (to 0x016C state 342) */, -/* pos 0168: 334 */ /* terminal 154 */ 0x9A, - /* terminal 156 */ 0x9C, -/* pos 016a: 338 */ /* terminal 157 */ 0x9D, - /* terminal 158 */ 0x9E, -/* pos 016c: 342 */ /* terminal 160 */ 0xA0, - /* terminal 163 */ 0xA3, -/* pos 016e: 347 */ /* 0 */ 0x01 /* (to 0x0170 state 348) */, - /* 1 */ 0x07 /* (to 0x017C state 360) */, -/* pos 0170: 348 */ /* terminal 164 */ 0xA4, - /* terminal 169 */ 0xA9, -/* pos 0172: 350 */ /* 0 */ 0x01 /* (to 0x0174 state 351) */, - /* 1 */ 0x09 /* (to 0x0184 state 369) */, -/* pos 0174: 351 */ /* 0 */ 0x01 /* (to 0x0176 state 352) */, - /* 1 */ 0x03 /* (to 0x017A state 357) */, -/* pos 0176: 352 */ /* terminal 165 */ 0xA5, - /* terminal 166 */ 0xA6, -/* pos 0178: 355 */ /* terminal 167 */ 0xA7, - /* terminal 172 */ 0xAC, -/* pos 017a: 357 */ /* terminal 168 */ 0xA8, - /* terminal 174 */ 0xAE, -/* pos 017c: 360 */ /* terminal 170 */ 0xAA, - /* terminal 173 */ 0xAD, -/* pos 017e: 362 */ /* 0 */ 0x01 /* (to 0x0180 state 363) */, - /* 1 */ 0x1B /* (to 0x01B4 state 417) */, -/* pos 0180: 363 */ /* 0 */ 0x01 /* (to 0x0182 state 364) */, - /* 1 */ 0x2A /* (to 0x01D4 state 449) */, -/* pos 0182: 364 */ /* terminal 171 */ 0xAB, - /* terminal 206 */ 0xCE, -/* pos 0184: 369 */ /* 0 */ 0x01 /* (to 0x0186 state 370) */, - /* 1 */ 0x09 /* (to 0x0196 state 385) */, -/* pos 0186: 370 */ /* terminal 175 */ 0xAF, - /* terminal 180 */ 0xB4, -/* pos 0188: 372 */ /* 0 */ 0x01 /* (to 0x018A state 373) */, - /* 1 */ 0x27 /* (to 0x01D6 state 451) */, -/* pos 018a: 373 */ /* 0 */ 0x01 /* (to 0x018C state 374) */, - /* 1 */ 0x05 /* (to 0x0194 state 381) */, -/* pos 018c: 374 */ /* terminal 176 */ 0xB0, - /* terminal 177 */ 0xB1, -/* pos 018e: 377 */ /* 0 */ 0x01 /* (to 0x0190 state 378) */, - /* 1 */ 0x07 /* (to 0x019C state 393) */, -/* pos 0190: 378 */ /* 0 */ 0x01 /* (to 0x0192 state 379) */, - /* 1 */ 0x05 /* (to 0x019A state 390) */, -/* pos 0192: 379 */ /* terminal 178 */ 0xB2, - /* terminal 181 */ 0xB5, -/* pos 0194: 381 */ /* terminal 179 */ 0xB3, - /* terminal 209 */ 0xD1, -/* pos 0196: 385 */ /* terminal 182 */ 0xB6, - /* terminal 183 */ 0xB7, -/* pos 0198: 388 */ /* terminal 184 */ 0xB8, - /* terminal 194 */ 0xC2, -/* pos 019a: 390 */ /* terminal 185 */ 0xB9, - /* terminal 186 */ 0xBA, -/* pos 019c: 393 */ /* 0 */ 0x01 /* (to 0x019E state 394) */, - /* 1 */ 0x04 /* (to 0x01A4 state 400) */, -/* pos 019e: 394 */ /* terminal 187 */ 0xBB, - /* terminal 189 */ 0xBD, -/* pos 01a0: 396 */ /* 0 */ 0x01 /* (to 0x01A2 state 397) */, - /* 1 */ 0x07 /* (to 0x01AE state 412) */, -/* pos 01a2: 397 */ /* terminal 188 */ 0xBC, - /* terminal 191 */ 0xBF, -/* pos 01a4: 400 */ /* terminal 190 */ 0xBE, - /* terminal 196 */ 0xC4, -/* pos 01a6: 403 */ /* 0 */ 0x01 /* (to 0x01A8 state 404) */, - /* 1 */ 0x0D /* (to 0x01C0 state 427) */, -/* pos 01a8: 404 */ /* 0 */ 0x01 /* (to 0x01AA state 405) */, - /* 1 */ 0x0A /* (to 0x01BC state 424) */, -/* pos 01aa: 405 */ /* 0 */ 0x01 /* (to 0x01AC state 406) */, - /* 1 */ 0x08 /* (to 0x01BA state 421) */, -/* pos 01ac: 406 */ /* terminal 192 */ 0xC0, - /* terminal 193 */ 0xC1, -/* pos 01ae: 412 */ /* terminal 197 */ 0xC5, - /* terminal 231 */ 0xE7, -/* pos 01b0: 414 */ /* 0 */ 0x01 /* (to 0x01B2 state 415) */, - /* 1 */ 0x1B /* (to 0x01E6 state 475) */, -/* pos 01b2: 415 */ /* terminal 198 */ 0xC6, - /* terminal 228 */ 0xE4, -/* pos 01b4: 417 */ /* 0 */ 0x1B /* (to 0x01EA state 481) */, - /* 1 */ 0x01 /* (to 0x01B6 state 418) */, -/* pos 01b6: 418 */ /* 0 */ 0x01 /* (to 0x01B8 state 419) */, - /* 1 */ 0x19 /* (to 0x01E8 state 478) */, -/* pos 01b8: 419 */ /* terminal 199 */ 0xC7, - /* terminal 207 */ 0xCF, -/* pos 01ba: 421 */ /* terminal 200 */ 0xC8, - /* terminal 201 */ 0xC9, -/* pos 01bc: 424 */ /* 0 */ 0x01 /* (to 0x01BE state 425) */, - /* 1 */ 0x06 /* (to 0x01C8 state 438) */, -/* pos 01be: 425 */ /* terminal 202 */ 0xCA, - /* terminal 205 */ 0xCD, -/* pos 01c0: 427 */ /* 0 */ 0x0D /* (to 0x01DA state 455) */, - /* 1 */ 0x01 /* (to 0x01C2 state 428) */, -/* pos 01c2: 428 */ /* 0 */ 0x17 /* (to 0x01F0 state 490) */, - /* 1 */ 0x01 /* (to 0x01C4 state 429) */, -/* pos 01c4: 429 */ /* terminal 255 */ 0xFF, - /* 1 */ 0x01 /* (to 0x01C6 state 430) */, -/* pos 01c6: 430 */ /* terminal 203 */ 0xCB, - /* terminal 204 */ 0xCC, -/* pos 01c8: 438 */ /* terminal 210 */ 0xD2, - /* terminal 213 */ 0xD5, -/* pos 01ca: 440 */ /* 0 */ 0x01 /* (to 0x01CC state 441) */, - /* 1 */ 0x14 /* (to 0x01F2 state 494) */, -/* pos 01cc: 441 */ /* 0 */ 0x01 /* (to 0x01CE state 442) */, - /* 1 */ 0x09 /* (to 0x01DE state 461) */, -/* pos 01ce: 442 */ /* 0 */ 0x01 /* (to 0x01D0 state 443) */, - /* 1 */ 0x02 /* (to 0x01D2 state 447) */, -/* pos 01d0: 443 */ /* terminal 211 */ 0xD3, - /* terminal 212 */ 0xD4, -/* pos 01d2: 447 */ /* terminal 214 */ 0xD6, - /* terminal 221 */ 0xDD, -/* pos 01d4: 449 */ /* terminal 215 */ 0xD7, - /* terminal 225 */ 0xE1, -/* pos 01d6: 451 */ /* 0 */ 0x01 /* (to 0x01D8 state 452) */, - /* 1 */ 0x07 /* (to 0x01E4 state 469) */, -/* pos 01d8: 452 */ /* terminal 216 */ 0xD8, - /* terminal 217 */ 0xD9, -/* pos 01da: 455 */ /* 0 */ 0x01 /* (to 0x01DC state 456) */, - /* 1 */ 0x09 /* (to 0x01EC state 484) */, -/* pos 01dc: 456 */ /* terminal 218 */ 0xDA, - /* terminal 219 */ 0xDB, -/* pos 01de: 461 */ /* 0 */ 0x01 /* (to 0x01E0 state 462) */, - /* 1 */ 0x08 /* (to 0x01EE state 488) */, -/* pos 01e0: 462 */ /* terminal 222 */ 0xDE, - /* terminal 223 */ 0xDF, -/* pos 01e2: 465 */ /* terminal 224 */ 0xE0, - /* terminal 226 */ 0xE2, -/* pos 01e4: 469 */ /* terminal 227 */ 0xE3, - /* terminal 229 */ 0xE5, -/* pos 01e6: 475 */ /* terminal 232 */ 0xE8, - /* terminal 233 */ 0xE9, -/* pos 01e8: 478 */ /* terminal 234 */ 0xEA, - /* terminal 235 */ 0xEB, -/* pos 01ea: 481 */ /* terminal 236 */ 0xEC, - /* terminal 237 */ 0xED, -/* pos 01ec: 484 */ /* terminal 238 */ 0xEE, - /* terminal 240 */ 0xF0, -/* pos 01ee: 488 */ /* terminal 241 */ 0xF1, - /* terminal 244 */ 0xF4, -/* pos 01f0: 490 */ /* terminal 242 */ 0xF2, - /* terminal 243 */ 0xF3, -/* pos 01f2: 494 */ /* 0 */ 0x01 /* (to 0x01F4 state 495) */, - /* 1 */ 0x04 /* (to 0x01FA state 503) */, -/* pos 01f4: 495 */ /* 0 */ 0x01 /* (to 0x01F6 state 496) */, - /* 1 */ 0x02 /* (to 0x01F8 state 499) */, -/* pos 01f6: 496 */ /* terminal 245 */ 0xF5, - /* terminal 246 */ 0xF6, -/* pos 01f8: 499 */ /* terminal 247 */ 0xF7, - /* terminal 248 */ 0xF8, -/* pos 01fa: 503 */ /* 0 */ 0x01 /* (to 0x01FC state 504) */, - /* 1 */ 0x02 /* (to 0x01FE state 507) */, -/* pos 01fc: 504 */ /* terminal 250 */ 0xFA, - /* terminal 251 */ 0xFB, -/* pos 01fe: 507 */ /* terminal 252 */ 0xFC, - /* terminal 253 */ 0xFD, -/* total size 512 bytes, biggest jump 200/256, fails=0 */ -}; - - static unsigned char lextable_terms[] = { - - 0x00, 0x00, 0x00, 0x03, 0x01, 0x00, 0x03, 0x00, - 0x34, 0x0f, 0x43, 0x03, 0xf1, 0x3c, 0xfc, 0x3c, - 0x0f, 0x30, 0x37, 0xf7, 0x0f, 0xc3, 0xcf, 0x03, - 0x3c, 0xfc, 0xc0, 0xf3, 0xf0, 0x3c, 0xfc, 0xf0, - 0xcf, 0xfc, 0xcc, 0xff, 0xfc, 0x0d, 0x34, 0xcc, - 0xcf, 0x33, 0xf0, 0x33, 0x0c, 0x3f, 0xc3, 0x3f, - 0xcc, 0x30, 0xfc, 0xcf, 0x3c, 0xf0, 0x0c, 0xcf, - 0xd0, 0x03, 0x3f, 0x33, 0xff, 0xff, 0xc3, 0xf3, -}; - -/* state that points to 0x100 for disambiguation with 0x0 */ -#define HUFTABLE_0x100_PREV 118 diff --git a/lib/http2/minihuf.c b/lib/http2/minihuf.c deleted file mode 100644 index eaf84e5..0000000 --- a/lib/http2/minihuf.c +++ /dev/null @@ -1,518 +0,0 @@ -/* - * minilex.c - * - * High efficiency lexical state parser - * - * Copyright (C)2011-2014 Andy Green - * - * Licensed under LGPL2 - * - * Usage: gcc minihuf.c -o minihuf && ./minihuf > huftable.h - * - * Run it twice to test parsing on the generated table on stderr - */ - -#include -#include -#include - -#define ARRAY_SIZE(n) (sizeof(n) / sizeof(n[0])) - -struct huf { - unsigned int code; - unsigned char len; -}; - -static struct huf huf_literal[] = { - /* 0x00 */ { 0x1ff8, 13 }, - /* 0x01 */ { 0x7fffd8, 23 }, - /* 0x02 */ { 0xfffffe2, 28 }, - /* 0x03 */ { 0xfffffe3, 28 }, - /* 0x04 */ { 0xfffffe4, 28 }, - /* 0x05 */ { 0xfffffe5, 28 }, - /* 0x06 */ { 0xfffffe6, 28 }, - /* 0x07 */ { 0xfffffe7, 28 }, - /* 0x08 */ { 0xfffffe8, 28 }, - /* 0x09 */ { 0xffffea, 24 }, - /* 0x0a */ { 0x3ffffffc, 30 }, - /* 0x0b */ { 0xfffffe9, 28 }, - - /* 0x0c */ { 0xfffffea, 28 }, - /* 0x0d */ { 0x3ffffffd, 30 }, - /* 0x0e */ { 0xfffffeb, 28 }, - /* 0x0f */ { 0xfffffec, 28 }, - /* 0x10 */ { 0xfffffed, 28 }, - /* 0x11 */ { 0xfffffee, 28 }, - /* 0x12 */ { 0xfffffef, 28 }, - /* 0x13 */ { 0xffffff0, 28 }, - /* 0x14 */ { 0xffffff1, 28 }, - /* 0x15 */ { 0xffffff2, 28 }, - /* 0x16 */ { 0x3ffffffe, 30 }, - /* 0x17 */ { 0xffffff3, 28 }, - /* 0x18 */ { 0xffffff4, 28 }, - /* 0x19 */ { 0xffffff5, 28 }, - /* 0x1a */ { 0xffffff6, 28 }, - /* 0x1b */ { 0xffffff7, 28 }, - /* 0x1c */ { 0xffffff8, 28 }, - /* 0x1d */ { 0xffffff9, 28 }, - /* 0x1e */ { 0xffffffa, 28 }, - /* 0x1f */ { 0xffffffb, 28 }, - /* 0x20 */ { 0x14, 6 }, - /* 0x21 */ { 0x3f8, 10 }, - /* 0x22 */ { 0x3f9, 10 }, - /* 0x23 */ { 0xffa, 12 }, - /* 0x24 */ { 0x1ff9, 13 }, - /* 0x25 */ { 0x15, 6 }, - /* 0x26 */ { 0xf8, 8 }, - /* 0x27 */ { 0x7fa, 11 }, - /* 0x28 */ { 0x3fa, 10 }, - /* 0x29 */ { 0x3fb, 10 }, - /* 0x2a */ { 0xf9, 8 }, - /* 0x2b */ { 0x7fb, 11 }, - /* 0x2c */ { 0xfa, 8 }, - /* 0x2d */ { 0x16, 6 }, - /* 0x2e */ { 0x17, 6 }, - /* 0x2f */ { 0x18, 6 }, - /* 0x30 */ { 0x0, 5 }, - /* 0x31 */ { 0x1, 5 }, - /* 0x32 */ { 0x2, 5 }, - /* 0x33 */ { 0x19, 6 }, - /* 0x34 */ { 0x1a, 6 }, - /* 0x35 */ { 0x1b, 6 }, - /* 0x36 */ { 0x1c, 6 }, - /* 0x37 */ { 0x1d, 6 }, - /* 0x38 */ { 0x1e, 6 }, - /* 0x39 */ { 0x1f, 6 }, - /* 0x3a */ { 0x5c, 7 }, - /* 0x3b */ { 0xfb, 8 }, - - /* 0x3c */ { 0x7ffc, 15 }, - /* 0x3d */ { 0x20, 6 }, - /* 0x3e */ { 0xffb, 12 }, - /* 0x3f */ { 0x3fc, 10 }, - /* 0x40 */ { 0x1ffa, 13 }, - /* 0x41 */ { 0x21, 6 }, - /* 0x42 */ { 0x5d, 7 }, - /* 0x43 */ { 0x5e, 7 }, - /* 0x44 */ { 0x5f, 7 }, - /* 0x45 */ { 0x60, 7 }, - /* 0x46 */ { 0x61, 7 }, - /* 0x47 */ { 0x62, 7 }, - /* 0x48 */ { 0x63, 7 }, - /* 0x49 */ { 0x64, 7 }, - /* 0x4a */ { 0x65, 7 }, - /* 0x4b */ { 0x66, 7 }, - /* 0x4c */ { 0x67, 7 }, - /* 0x4d */ { 0x68, 7 }, - /* 0x4e */ { 0x69, 7 }, - /* 0x4f */ { 0x6a, 7 }, - /* 0x50 */ { 0x6b, 7 }, - /* 0x51 */ { 0x6c, 7 }, - /* 0x52 */ { 0x6d, 7 }, - /* 0x53 */ { 0x6e, 7 }, - /* 0x54 */ { 0x6f, 7 }, - /* 0x55 */ { 0x70, 7 }, - /* 0x56 */ { 0x71, 7 }, - /* 0x57 */ { 0x72, 7 }, - /* 0x58 */ { 0xfc, 8 }, - /* 0x59 */ { 0x73, 7 }, - /* 0x5a */ { 0xfd, 8 }, - /* 0x5b */ { 0x1ffb, 13 }, - /* 0x5c */ { 0x7fff0, 19 }, - /* 0x5d */ { 0x1ffc, 13 }, - /* 0x5e */ { 0x3ffc, 14 }, - /* 0x5f */ { 0x22, 6 }, - /* 0x60 */ { 0x7ffd, 15 }, - /* 0x61 */ { 0x3, 5 }, - /* 0x62 */ { 0x23, 6 }, - /* 0x63 */ { 0x4, 5 }, - /* 0x64 */ { 0x24, 6 }, - /* 0x65 */ { 0x5, 5 }, - /* 0x66 */ { 0x25, 6 }, - /* 0x67 */ { 0x26, 6 }, - /* 0x68 */ { 0x27, 6 }, - /* 0x69 */ { 0x6, 5 }, - /* 0x6a */ { 0x74, 7 }, - /* 0x6b */ { 0x75, 7 }, - - - /* 0x6c */ { 0x28, 6 }, - /* 0x6d */ { 0x29, 6 }, - /* 0x6e */ { 0x2a, 6 }, - /* 0x6f */ { 0x7, 5 }, - /* 0x70 */ { 0x2b, 6 }, - /* 0x71 */ { 0x76, 7 }, - /* 0x72 */ { 0x2c, 6 }, - /* 0x73 */ { 0x8, 5 }, - /* 0x74 */ { 0x9, 5 }, - /* 0x75 */ { 0x2d, 6 }, - /* 0x76 */ { 0x77, 7 }, - /* 0x77 */ { 0x78, 7 }, - /* 0x78 */ { 0x79, 7 }, - /* 0x79 */ { 0x7a, 7 }, - /* 0x7a */ { 0x7b, 7 }, - /* 0x7b */ { 0x7ffe, 15 }, - /* 0x7c */ { 0x7fc, 11 }, - /* 0x7d */ { 0x3ffd, 14 }, - /* 0x7e */ { 0x1ffd, 13 }, - /* 0x7f */ { 0xffffffc, 28 }, - /* 0x80 */ { 0xfffe6, 20 }, - /* 0x81 */ { 0x3fffd2, 22 }, - /* 0x82 */ { 0xfffe7, 20 }, - /* 0x83 */ { 0xfffe8, 20 }, - /* 0x84 */ { 0x3fffd3, 22 }, - /* 0x85 */ { 0x3fffd4, 22 }, - /* 0x86 */ { 0x3fffd5, 22 }, - /* 0x87 */ { 0x7fffd9, 23 }, - /* 0x88 */ { 0x3fffd6, 22 }, - /* 0x89 */ { 0x7fffda, 23 }, - /* 0x8a */ { 0x7fffdb, 23 }, - /* 0x8b */ { 0x7fffdc, 23 }, - /* 0x8c */ { 0x7fffdd, 23 }, - /* 0x8d */ { 0x7fffde, 23 }, - /* 0x8e */ { 0xffffeb, 24 }, - /* 0x8f */ { 0x7fffdf, 23 }, - /* 0x90 */ { 0xffffec, 24 }, - /* 0x91 */ { 0xffffed, 24 }, - /* 0x92 */ { 0x3fffd7, 22 }, - /* 0x93 */ { 0x7fffe0, 23 }, - /* 0x94 */ { 0xffffee, 24 }, - /* 0x95 */ { 0x7fffe1, 23 }, - /* 0x96 */ { 0x7fffe2, 23 }, - /* 0x97 */ { 0x7fffe3, 23 }, - /* 0x98 */ { 0x7fffe4, 23 }, - /* 0x99 */ { 0x1fffdc, 21 }, - /* 0x9a */ { 0x3fffd8, 22 }, - /* 0x9b */ { 0x7fffe5, 23 }, - - /* 0x9c */ { 0x3fffd9, 22 }, - /* 0x9d */ { 0x7fffe6, 23 }, - /* 0x9e */ { 0x7fffe7, 23 }, - /* 0x9f */ { 0xffffef, 24 }, - /* 0xa0 */ { 0x3fffda, 22 }, - /* 0xa1 */ { 0x1fffdd, 21 }, - /* 0xa2 */ { 0xfffe9, 20 }, - /* 0xa3 */ { 0x3fffdb, 22 }, - /* 0xa4 */ { 0x3fffdc, 22 }, - /* 0xa5 */ { 0x7fffe8, 23 }, - /* 0xa6 */ { 0x7fffe9, 23 }, - /* 0xa7 */ { 0x1fffde, 21 }, - /* 0xa8 */ { 0x7fffea, 23 }, - /* 0xa9 */ { 0x3fffdd, 22 }, - /* 0xaa */ { 0x3fffde, 22 }, - /* 0xab */ { 0xfffff0, 24 }, - /* 0xac */ { 0x1fffdf, 21 }, - /* 0xad */ { 0x3fffdf, 22 }, - /* 0xae */ { 0x7fffeb, 23 }, - /* 0xaf */ { 0x7fffec, 23 }, - /* 0xb0 */ { 0x1fffe0, 21 }, - /* 0xb1 */ { 0x1fffe1, 21 }, - /* 0xb2 */ { 0x3fffe0, 22 }, - /* 0xb3 */ { 0x1fffe2, 21 }, - /* 0xb4 */ { 0x7fffed, 23 }, - /* 0xb5 */ { 0x3fffe1, 22 }, - /* 0xb6 */ { 0x7fffee, 23 }, - /* 0xb7 */ { 0x7fffef, 23 }, - /* 0xb8 */ { 0xfffea, 20 }, - /* 0xb9 */ { 0x3fffe2, 22 }, - /* 0xba */ { 0x3fffe3, 22 }, - /* 0xbb */ { 0x3fffe4, 22 }, - /* 0xbc */ { 0x7ffff0, 23 }, - /* 0xbd */ { 0x3fffe5, 22 }, - /* 0xbe */ { 0x3fffe6, 22 }, - /* 0xbf */ { 0x7ffff1, 23 }, - /* 0xc0 */ { 0x3ffffe0, 26 }, - /* 0xc1 */ { 0x3ffffe1, 26 }, - /* 0xc2 */ { 0xfffeb, 20 }, - /* 0xc3 */ { 0x7fff1, 19 }, - /* 0xc4 */ { 0x3fffe7, 22 }, - /* 0xc5 */ { 0x7ffff2, 23 }, - /* 0xc6 */ { 0x3fffe8, 22 }, - /* 0xc7 */ { 0x1ffffec, 25 }, - /* 0xc8 */ { 0x3ffffe2, 26 }, - /* 0xc9 */ { 0x3ffffe3, 26 }, - /* 0xca */ { 0x3ffffe4, 26 }, - /* 0xcb */ { 0x7ffffde, 27 }, - - /* 0xcc */ { 0x7ffffdf, 27 }, - /* 0xcd */ { 0x3ffffe5, 26 }, - /* 0xce */ { 0xfffff1, 24 }, - /* 0xcf */ { 0x1ffffed, 25 }, - /* 0xd0 */ { 0x7fff2, 19 }, - /* 0xd1 */ { 0x1fffe3, 21 }, - /* 0xd2 */ { 0x3ffffe6, 26 }, - /* 0xd3 */ { 0x7ffffe0, 27 }, - /* 0xd4 */ { 0x7ffffe1, 27 }, - /* 0xd5 */ { 0x3ffffe7, 26 }, - /* 0xd6 */ { 0x7ffffe2, 27 }, - /* 0xd7 */ { 0xfffff2, 24 }, - /* 0xd8 */ { 0x1fffe4, 21 }, - /* 0xd9 */ { 0x1fffe5, 21 }, - /* 0xda */ { 0x3ffffe8, 26 }, - /* 0xdb */ { 0x3ffffe9, 26 }, - /* 0xdc */ { 0xffffffd, 28 }, - /* 0xdd */ { 0x7ffffe3, 27 }, - /* 0xde */ { 0x7ffffe4, 27 }, - /* 0xdf */ { 0x7ffffe5, 27 }, - /* 0xe0 */ { 0xfffec, 20 }, - /* 0xe1 */ { 0xfffff3, 24 }, - /* 0xe2 */ { 0xfffed, 20 }, - /* 0xe3 */ { 0x1fffe6, 21 }, - /* 0xe4 */ { 0x3fffe9, 22 }, - /* 0xe5 */ { 0x1fffe7, 21 }, - /* 0xe6 */ { 0x1fffe8, 21 }, - /* 0xe7 */ { 0x7ffff3, 23 }, - /* 0xe8 */ { 0x3fffea, 22 }, - /* 0xe9 */ { 0x3fffeb, 22 }, - /* 0xea */ { 0x1ffffee, 25 }, - /* 0xeb */ { 0x1ffffef, 25 }, - /* 0xec */ { 0xfffff4, 24 }, - /* 0xed */ { 0xfffff5, 24 }, - /* 0xee */ { 0x3ffffea, 26 }, - /* 0xef */ { 0x7ffff4, 23 }, - /* 0xf0 */ { 0x3ffffeb, 26 }, - /* 0xf1 */ { 0x7ffffe6, 27 }, - /* 0xf2 */ { 0x3ffffec, 26 }, - /* 0xf3 */ { 0x3ffffed, 26 }, - /* 0xf4 */ { 0x7ffffe7, 27 }, - /* 0xf5 */ { 0x7ffffe8, 27 }, - /* 0xf6 */ { 0x7ffffe9, 27 }, - /* 0xf7 */ { 0x7ffffea, 27 }, - /* 0xf8 */ { 0x7ffffeb, 27 }, - /* 0xf9 */ { 0xffffffe, 28 }, - /* 0xfa */ { 0x7ffffec, 27 }, - /* 0xfb */ { 0x7ffffed, 27 }, - - /* 0xfc */ { 0x7ffffee, 27 }, - /* 0xfd */ { 0x7ffffef, 27 }, - /* 0xfe */ { 0x7fffff0, 27 }, - /* 0xff */ { 0x3ffffee, 26 }, - /* 0x100 */ { 0x3fffffff, 30 }, -}; - -int code_bit(int idx, int bit) -{ - if (bit < huf_literal[idx].len) - return !!(huf_literal[idx].code & (1 << (huf_literal[idx].len - 1 - bit))); - - return -1; -} - -#include "huftable.h" - -#define PARALLEL 2 - -struct state { - int terminal; - int state[PARALLEL]; - int bytepos; - - int real_pos; -}; - -struct state state[2000]; -unsigned char terms[2000]; -int next = 1; - -int lextable_decode(int pos, char c) -{ - int q = pos + !!c; - - if (lextable_terms[q >> 3] & (1 << (q & 7))) /* terminal */ - return lextable[q] | 0x8000; - - return pos + (lextable[q] << 1); -} - -int main(void) -{ - int n = 0; - int m = 0; - int prev; - char c; - int walk; - int saw; - int y; - int j; - int q; - int pos = 0; - int biggest = 0; - int fails = 0; - - m = 0; - while (m < ARRAY_SIZE(state)) { - for (j = 0; j < PARALLEL; j++) { - state[m].state[j] = 0xffff; - state[m].terminal = 0; - } - m++; - } - - while (n < ARRAY_SIZE(huf_literal)) { - - m = 0; - walk = 0; - prev = 0; - - while (m < huf_literal[n].len) { - - saw = 0; - if (state[walk].state[code_bit(n, m)] != 0xffff) { - /* exists -- go forward */ - walk = state[walk].state[code_bit(n, m)]; - goto again; - } - - /* something we didn't see before */ - - state[walk].state[code_bit(n, m)] = next; - walk = next++; -again: - m++; - } - - state[walk].terminal = n++; - state[walk].state[0] = 0; /* terminal marker */ - } - - walk = 0; - for (n = 0; n < next; n++) { - state[n].bytepos = walk; - walk += (2 * 2); - } - - /* compute everyone's position first */ - - pos = 0; - walk = 0; - for (n = 0; n < next; n++) { - - state[n].real_pos = pos; - - if (state[n].state[0]) /* nonterminal */ - pos += 2; - - walk ++; - } - - fprintf(stdout, "static unsigned char lextable[] = {\n"); - -#define TERMINAL_MASK 0x8000 - - walk = 0; - pos = 0; - q = 0; - for (n = 0; n < next; n++) { - q = pos; - for (m = 0; m < 2; m++) { - saw = state[n].state[m]; - - if (saw == 0) { // c is a terminal then - m = 2; - continue; - } - if (!m) - fprintf(stdout, "/* pos %04x: %3d */ ", - state[n].real_pos, n); - else - fprintf(stdout, " "); - - if (saw == 0xffff) { - fprintf(stdout, - " 0xff, 0xff, /* 0 = fail */\n "); - pos ++; /* fail */ - fails++; - continue; - } - - if (state[saw].state[0] == 0) { /* points to terminal */ - fprintf(stdout, " /* terminal %d */ 0x%02X,\n", - state[saw].terminal, - state[saw].terminal & 0xff); - terms[(state[n].real_pos + m) >> 3] |= - 1 << ((state[n].real_pos + m) & 7); - pos++; - walk++; - continue; - } - - j = (state[saw].real_pos - q) >> 1; - - if (j > biggest) - biggest = j; - - if (j > 0xffff) { - fprintf(stderr, - "Jump > 64K bytes ahead (%d to %d)\n", - state[n].real_pos, state[saw].real_pos); - return 1; - } - - fprintf(stdout, " /* %d */ 0x%02X " - "/* (to 0x%04X state %3d) */,\n", - m, - j & 0xff, - state[saw].real_pos, saw); - pos++; - - walk++; - } - } - - fprintf(stdout, "/* total size %d bytes, biggest jump %d/256, fails=%d */\n};\n" - "\n static unsigned char lextable_terms[] = {\n", - pos, biggest, fails); - - for (n = 0; n < (walk + 7) / 8; n++) { - if (!(n & 7)) - fprintf(stdout, "\n\t"); - fprintf(stdout, "0x%02x, ", terms[n]); - } - fprintf(stdout, "\n};\n"); - - /* - * Try to parse every legal input string - */ - - for (n = 0; n < ARRAY_SIZE(huf_literal); n++) { - walk = 0; - m = 0; - y = -1; - - fprintf(stderr, " trying %d\n", n); - - while (m < huf_literal[n].len) { - prev = walk; - walk = lextable_decode(walk, code_bit(n, m)); - - if (walk == 0xffff) { - fprintf(stderr, "failed\n"); - return 3; - } - - if (walk & 0x8000) { - y = walk & 0x7fff; - if (y == 0 && m == 29) { - y |= 0x100; - fprintf(stdout, - "\n/* state that points to " - "0x100 for disambiguation with " - "0x0 */\n" - "#define HUFTABLE_0x100_PREV " - "%d\n", prev); - } - break; - } - m++; - } - - if (y != n) { - fprintf(stderr, "decode failed %d got %d (0x%x)\n", n, y, y); - return 4; - } - } - - fprintf(stderr, "All decode OK\n"); - - return 0; -} diff --git a/lib/http2/ssl-http2.c b/lib/http2/ssl-http2.c deleted file mode 100644 index 41dc112..0000000 --- a/lib/http2/ssl-http2.c +++ /dev/null @@ -1,157 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * Some or all of this file is based on code from nghttp2, which has the - * following license. Since it's more liberal than lws license, you're also - * at liberty to get the original code from - * https://github.com/tatsuhiro-t/nghttp2 under his liberal terms alone. - * - * nghttp2 - HTTP/2.0 C Library - * - * Copyright (c) 2012 Tatsuhiro Tsujikawa - * - * Permission is hereby granted, free of charge, to any person obtaining - * a copy of this software and associated documentation files (the - * "Software"), to deal in the Software without restriction, including - * without limitation the rights to use, copy, modify, merge, publish, - * distribute, sublicense, and/or sell copies of the Software, and to - * permit persons to whom the Software is furnished to do so, subject to - * the following conditions: - * - * The above copyright notice and this permission notice shall be - * included in all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, - * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF - * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND - * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE - * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION - * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION - * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - */ - -#include "private-libwebsockets.h" - -#if !defined(LWS_NO_SERVER) -#if defined(LWS_OPENSSL_SUPPORT) - -#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \ - OPENSSL_VERSION_NUMBER >= 0x10002000L) - -struct alpn_ctx { - unsigned char *data; - unsigned short len; -}; - - -static int -alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen, - const unsigned char *in, unsigned int inlen, void *arg) -{ -#if !defined(LWS_WITH_MBEDTLS) - struct alpn_ctx *alpn_ctx = arg; - - if (SSL_select_next_proto((unsigned char **)out, outlen, alpn_ctx->data, - alpn_ctx->len, in, inlen) != - OPENSSL_NPN_NEGOTIATED) - return SSL_TLSEXT_ERR_NOACK; -#endif - return SSL_TLSEXT_ERR_OK; -} -#endif - -LWS_VISIBLE void -lws_context_init_http2_ssl(struct lws_vhost *vhost) -{ -#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \ - OPENSSL_VERSION_NUMBER >= 0x10002000L) - static struct alpn_ctx protos = { (unsigned char *)"\x02h2" - "\x08http/1.1", 6 + 9 }; - - SSL_CTX_set_alpn_select_cb(vhost->ssl_ctx, alpn_cb, &protos); - lwsl_notice(" HTTP2 / ALPN enabled\n"); -#else - lwsl_notice( - " HTTP2 / ALPN configured but not supported by OpenSSL 0x%lx\n", - OPENSSL_VERSION_NUMBER); -#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L -} - -int lws_h2_configure_if_upgraded(struct lws *wsi) -{ -#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \ - OPENSSL_VERSION_NUMBER >= 0x10002000L) - struct allocated_headers *ah; - const unsigned char *name = NULL; - char cstr[10]; - unsigned len; - - if (!wsi->ssl) - return 0; - - SSL_get0_alpn_selected(wsi->ssl, &name, &len); - if (!len) { - lwsl_info("no ALPN upgrade\n"); - return 0; - } - - if (len > sizeof(cstr) - 1) - len = sizeof(cstr) - 1; - - memcpy(cstr, name, len); - cstr[len] = '\0'; - - lwsl_info("negotiated '%s' using ALPN\n", cstr); - wsi->use_ssl |= LCCSCF_USE_SSL; - if (strncmp((char *)name, "http/1.1", 8) == 0) - return 0; - - /* http2 */ - - wsi->upgraded_to_http2 = 1; - wsi->vhost->conn_stats.h2_alpn++; - - /* adopt the header info */ - - ah = wsi->ah; - - lws_role_transition(wsi, LWSI_ROLE_H2_SERVER, LRS_H2_AWAIT_PREFACE); - - /* http2 union member has http union struct at start */ - wsi->ah = ah; - - wsi->h2.h2n = lws_zalloc(sizeof(*wsi->h2.h2n), "h2n"); - if (!wsi->h2.h2n) - return 1; - - lws_h2_init(wsi); - - /* HTTP2 union */ - - lws_hpack_dynamic_size(wsi, - wsi->h2.h2n->set.s[H2SET_HEADER_TABLE_SIZE]); - wsi->h2.tx_cr = 65535; - - lwsl_info("%s: wsi %p: configured for h2\n", __func__, wsi); -#endif - return 0; -} -#endif -#endif diff --git a/lib/lextable-strings.h b/lib/lextable-strings.h deleted file mode 100644 index 631f5cb..0000000 --- a/lib/lextable-strings.h +++ /dev/null @@ -1,108 +0,0 @@ -/* set of parsable strings -- ALL LOWER CASE */ - -#if !defined(STORE_IN_ROM) -#define STORE_IN_ROM -#endif - -STORE_IN_ROM static const char * const set[] = { - "get ", - "post ", - "options ", - "host:", - "connection:", - "upgrade:", - "origin:", - "sec-websocket-draft:", - "\x0d\x0a", - - "sec-websocket-extensions:", - "sec-websocket-key1:", - "sec-websocket-key2:", - "sec-websocket-protocol:", - - "sec-websocket-accept:", - "sec-websocket-nonce:", - "http/1.1 ", - "http2-settings:", - - "accept:", - "access-control-request-headers:", - "if-modified-since:", - "if-none-match:", - "accept-encoding:", - "accept-language:", - "pragma:", - "cache-control:", - "authorization:", - "cookie:", - "content-length:", - "content-type:", - "date:", - "range:", - "referer:", - "sec-websocket-key:", - "sec-websocket-version:", - "sec-websocket-origin:", - - ":authority", - ":method", - ":path", - ":scheme", - ":status", - - "accept-charset:", - "accept-ranges:", - "access-control-allow-origin:", - "age:", - "allow:", - "content-disposition:", - "content-encoding:", - "content-language:", - "content-location:", - "content-range:", - "etag:", - "expect:", - "expires:", - "from:", - "if-match:", - "if-range:", - "if-unmodified-since:", - "last-modified:", - "link:", - "location:", - "max-forwards:", - "proxy-authenticate:", - "proxy-authorization:", - "refresh:", - "retry-after:", - "server:", - "set-cookie:", - "strict-transport-security:", - "transfer-encoding:", - "user-agent:", - "vary:", - "via:", - "www-authenticate:", - - "patch", - "put", - "delete", - - "uri-args", /* fake header used for uri-only storage */ - - "proxy ", - "x-real-ip:", - "http/1.0 ", - - "x-forwarded-for", - "connect ", - "head ", - "te:", /* http/2 wants it to reject it */ - "replay-nonce:", /* ACME */ - ":protocol", /* defined in mcmanus-httpbis-h2-ws-02 */ - - "x-auth-token:", - - "", /* not matchable */ - -}; diff --git a/lib/lextable.h b/lib/lextable.h deleted file mode 100644 index 9a8063b..0000000 --- a/lib/lextable.h +++ /dev/null @@ -1,838 +0,0 @@ -/* pos 0000: 0 */ 0x67 /* 'g' */, 0x40, 0x00 /* (to 0x0040 state 1) */, - 0x70 /* 'p' */, 0x42, 0x00 /* (to 0x0045 state 5) */, - 0x6F /* 'o' */, 0x51, 0x00 /* (to 0x0057 state 10) */, - 0x68 /* 'h' */, 0x5D, 0x00 /* (to 0x0066 state 18) */, - 0x63 /* 'c' */, 0x69, 0x00 /* (to 0x0075 state 23) */, - 0x75 /* 'u' */, 0x8A, 0x00 /* (to 0x0099 state 34) */, - 0x73 /* 's' */, 0xA0, 0x00 /* (to 0x00B2 state 48) */, - 0x0D /* '.' */, 0xD9, 0x00 /* (to 0x00EE state 68) */, - 0x61 /* 'a' */, 0x31, 0x01 /* (to 0x0149 state 129) */, - 0x69 /* 'i' */, 0x70, 0x01 /* (to 0x018B state 163) */, - 0x64 /* 'd' */, 0x19, 0x02 /* (to 0x0237 state 265) */, - 0x72 /* 'r' */, 0x22, 0x02 /* (to 0x0243 state 270) */, - 0x3A /* ':' */, 0x56, 0x02 /* (to 0x027A state 299) */, - 0x65 /* 'e' */, 0xE8, 0x02 /* (to 0x030F state 409) */, - 0x66 /* 'f' */, 0x04, 0x03 /* (to 0x032E state 425) */, - 0x6C /* 'l' */, 0x26, 0x03 /* (to 0x0353 state 458) */, - 0x6D /* 'm' */, 0x49, 0x03 /* (to 0x0379 state 484) */, - 0x74 /* 't' */, 0xB8, 0x03 /* (to 0x03EB state 578) */, - 0x76 /* 'v' */, 0xD9, 0x03 /* (to 0x040F state 606) */, - 0x77 /* 'w' */, 0xE6, 0x03 /* (to 0x041F state 614) */, - 0x78 /* 'x' */, 0x0D, 0x04 /* (to 0x0449 state 650) */, - 0x08, /* fail */ -/* pos 0040: 1 */ 0xE5 /* 'e' -> */, -/* pos 0041: 2 */ 0xF4 /* 't' -> */, -/* pos 0042: 3 */ 0xA0 /* ' ' -> */, -/* pos 0043: 4 */ 0x00, 0x00 /* - terminal marker 0 - */, -/* pos 0045: 5 */ 0x6F /* 'o' */, 0x0D, 0x00 /* (to 0x0052 state 6) */, - 0x72 /* 'r' */, 0x95, 0x01 /* (to 0x01DD state 211) */, - 0x61 /* 'a' */, 0xE6, 0x03 /* (to 0x0431 state 631) */, - 0x75 /* 'u' */, 0xE8, 0x03 /* (to 0x0436 state 635) */, - 0x08, /* fail */ -/* pos 0052: 6 */ 0xF3 /* 's' -> */, -/* pos 0053: 7 */ 0xF4 /* 't' -> */, -/* pos 0054: 8 */ 0xA0 /* ' ' -> */, -/* pos 0055: 9 */ 0x00, 0x01 /* - terminal marker 1 - */, -/* pos 0057: 10 */ 0x70 /* 'p' */, 0x07, 0x00 /* (to 0x005E state 11) */, - 0x72 /* 'r' */, 0x51, 0x00 /* (to 0x00AB state 42) */, - 0x08, /* fail */ -/* pos 005e: 11 */ 0xF4 /* 't' -> */, -/* pos 005f: 12 */ 0xE9 /* 'i' -> */, -/* pos 0060: 13 */ 0xEF /* 'o' -> */, -/* pos 0061: 14 */ 0xEE /* 'n' -> */, -/* pos 0062: 15 */ 0xF3 /* 's' -> */, -/* pos 0063: 16 */ 0xA0 /* ' ' -> */, -/* pos 0064: 17 */ 0x00, 0x02 /* - terminal marker 2 - */, -/* pos 0066: 18 */ 0x6F /* 'o' */, 0x0A, 0x00 /* (to 0x0070 state 19) */, - 0x74 /* 't' */, 0xBF, 0x00 /* (to 0x0128 state 110) */, - 0x65 /* 'e' */, 0x04, 0x04 /* (to 0x0470 state 676) */, - 0x08, /* fail */ -/* pos 0070: 19 */ 0xF3 /* 's' -> */, -/* pos 0071: 20 */ 0xF4 /* 't' -> */, -/* pos 0072: 21 */ 0xBA /* ':' -> */, -/* pos 0073: 22 */ 0x00, 0x03 /* - terminal marker 3 - */, -/* pos 0075: 23 */ 0x6F /* 'o' */, 0x07, 0x00 /* (to 0x007C state 24) */, - 0x61 /* 'a' */, 0x72, 0x01 /* (to 0x01EA state 217) */, - 0x08, /* fail */ -/* pos 007c: 24 */ 0x6E /* 'n' */, 0x07, 0x00 /* (to 0x0083 state 25) */, - 0x6F /* 'o' */, 0x87, 0x01 /* (to 0x0206 state 243) */, - 0x08, /* fail */ -/* pos 0083: 25 */ 0x6E /* 'n' */, 0x07, 0x00 /* (to 0x008A state 26) */, - 0x74 /* 't' */, 0x86, 0x01 /* (to 0x020C state 248) */, - 0x08, /* fail */ -/* pos 008a: 26 */ 0xE5 /* 'e' -> */, -/* pos 008b: 27 */ 0xE3 /* 'c' -> */, -/* pos 008c: 28 */ 0xF4 /* 't' -> */, -/* pos 008d: 29 */ 0x69 /* 'i' */, 0x07, 0x00 /* (to 0x0094 state 30) */, - 0x20 /* ' ' */, 0xDE, 0x03 /* (to 0x046E state 675) */, - 0x08, /* fail */ -/* pos 0094: 30 */ 0xEF /* 'o' -> */, -/* pos 0095: 31 */ 0xEE /* 'n' -> */, -/* pos 0096: 32 */ 0xBA /* ':' -> */, -/* pos 0097: 33 */ 0x00, 0x04 /* - terminal marker 4 - */, -/* pos 0099: 34 */ 0x70 /* 'p' */, 0x0A, 0x00 /* (to 0x00A3 state 35) */, - 0x73 /* 's' */, 0x68, 0x03 /* (to 0x0404 state 596) */, - 0x72 /* 'r' */, 0xA0, 0x03 /* (to 0x043F state 642) */, - 0x08, /* fail */ -/* pos 00a3: 35 */ 0xE7 /* 'g' -> */, -/* pos 00a4: 36 */ 0xF2 /* 'r' -> */, -/* pos 00a5: 37 */ 0xE1 /* 'a' -> */, -/* pos 00a6: 38 */ 0xE4 /* 'd' -> */, -/* pos 00a7: 39 */ 0xE5 /* 'e' -> */, -/* pos 00a8: 40 */ 0xBA /* ':' -> */, -/* pos 00a9: 41 */ 0x00, 0x05 /* - terminal marker 5 - */, -/* pos 00ab: 42 */ 0xE9 /* 'i' -> */, -/* pos 00ac: 43 */ 0xE7 /* 'g' -> */, -/* pos 00ad: 44 */ 0xE9 /* 'i' -> */, -/* pos 00ae: 45 */ 0xEE /* 'n' -> */, -/* pos 00af: 46 */ 0xBA /* ':' -> */, -/* pos 00b0: 47 */ 0x00, 0x06 /* - terminal marker 6 - */, -/* pos 00b2: 48 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x00B9 state 49) */, - 0x74 /* 't' */, 0x1C, 0x03 /* (to 0x03D1 state 553) */, - 0x08, /* fail */ -/* pos 00b9: 49 */ 0x63 /* 'c' */, 0x0A, 0x00 /* (to 0x00C3 state 50) */, - 0x72 /* 'r' */, 0x05, 0x03 /* (to 0x03C1 state 539) */, - 0x74 /* 't' */, 0x08, 0x03 /* (to 0x03C7 state 544) */, - 0x08, /* fail */ -/* pos 00c3: 50 */ 0xAD /* '-' -> */, -/* pos 00c4: 51 */ 0xF7 /* 'w' -> */, -/* pos 00c5: 52 */ 0xE5 /* 'e' -> */, -/* pos 00c6: 53 */ 0xE2 /* 'b' -> */, -/* pos 00c7: 54 */ 0xF3 /* 's' -> */, -/* pos 00c8: 55 */ 0xEF /* 'o' -> */, -/* pos 00c9: 56 */ 0xE3 /* 'c' -> */, -/* pos 00ca: 57 */ 0xEB /* 'k' -> */, -/* pos 00cb: 58 */ 0xE5 /* 'e' -> */, -/* pos 00cc: 59 */ 0xF4 /* 't' -> */, -/* pos 00cd: 60 */ 0xAD /* '-' -> */, -/* pos 00ce: 61 */ 0x64 /* 'd' */, 0x19, 0x00 /* (to 0x00E7 state 62) */, - 0x65 /* 'e' */, 0x20, 0x00 /* (to 0x00F1 state 70) */, - 0x6B /* 'k' */, 0x29, 0x00 /* (to 0x00FD state 81) */, - 0x70 /* 'p' */, 0x38, 0x00 /* (to 0x010F state 88) */, - 0x61 /* 'a' */, 0x3F, 0x00 /* (to 0x0119 state 97) */, - 0x6E /* 'n' */, 0x44, 0x00 /* (to 0x0121 state 104) */, - 0x76 /* 'v' */, 0x89, 0x01 /* (to 0x0269 state 284) */, - 0x6F /* 'o' */, 0x8F, 0x01 /* (to 0x0272 state 292) */, - 0x08, /* fail */ -/* pos 00e7: 62 */ 0xF2 /* 'r' -> */, -/* pos 00e8: 63 */ 0xE1 /* 'a' -> */, -/* pos 00e9: 64 */ 0xE6 /* 'f' -> */, -/* pos 00ea: 65 */ 0xF4 /* 't' -> */, -/* pos 00eb: 66 */ 0xBA /* ':' -> */, -/* pos 00ec: 67 */ 0x00, 0x07 /* - terminal marker 7 - */, -/* pos 00ee: 68 */ 0x8A /* '.' -> */, -/* pos 00ef: 69 */ 0x00, 0x08 /* - terminal marker 8 - */, -/* pos 00f1: 70 */ 0xF8 /* 'x' -> */, -/* pos 00f2: 71 */ 0xF4 /* 't' -> */, -/* pos 00f3: 72 */ 0xE5 /* 'e' -> */, -/* pos 00f4: 73 */ 0xEE /* 'n' -> */, -/* pos 00f5: 74 */ 0xF3 /* 's' -> */, -/* pos 00f6: 75 */ 0xE9 /* 'i' -> */, -/* pos 00f7: 76 */ 0xEF /* 'o' -> */, -/* pos 00f8: 77 */ 0xEE /* 'n' -> */, -/* pos 00f9: 78 */ 0xF3 /* 's' -> */, -/* pos 00fa: 79 */ 0xBA /* ':' -> */, -/* pos 00fb: 80 */ 0x00, 0x09 /* - terminal marker 9 - */, -/* pos 00fd: 81 */ 0xE5 /* 'e' -> */, -/* pos 00fe: 82 */ 0xF9 /* 'y' -> */, -/* pos 00ff: 83 */ 0x31 /* '1' */, 0x0A, 0x00 /* (to 0x0109 state 84) */, - 0x32 /* '2' */, 0x0A, 0x00 /* (to 0x010C state 86) */, - 0x3A /* ':' */, 0x62, 0x01 /* (to 0x0267 state 283) */, - 0x08, /* fail */ -/* pos 0109: 84 */ 0xBA /* ':' -> */, -/* pos 010a: 85 */ 0x00, 0x0A /* - terminal marker 10 - */, -/* pos 010c: 86 */ 0xBA /* ':' -> */, -/* pos 010d: 87 */ 0x00, 0x0B /* - terminal marker 11 - */, -/* pos 010f: 88 */ 0xF2 /* 'r' -> */, -/* pos 0110: 89 */ 0xEF /* 'o' -> */, -/* pos 0111: 90 */ 0xF4 /* 't' -> */, -/* pos 0112: 91 */ 0xEF /* 'o' -> */, -/* pos 0113: 92 */ 0xE3 /* 'c' -> */, -/* pos 0114: 93 */ 0xEF /* 'o' -> */, -/* pos 0115: 94 */ 0xEC /* 'l' -> */, -/* pos 0116: 95 */ 0xBA /* ':' -> */, -/* pos 0117: 96 */ 0x00, 0x0C /* - terminal marker 12 - */, -/* pos 0119: 97 */ 0xE3 /* 'c' -> */, -/* pos 011a: 98 */ 0xE3 /* 'c' -> */, -/* pos 011b: 99 */ 0xE5 /* 'e' -> */, -/* pos 011c: 100 */ 0xF0 /* 'p' -> */, -/* pos 011d: 101 */ 0xF4 /* 't' -> */, -/* pos 011e: 102 */ 0xBA /* ':' -> */, -/* pos 011f: 103 */ 0x00, 0x0D /* - terminal marker 13 - */, -/* pos 0121: 104 */ 0xEF /* 'o' -> */, -/* pos 0122: 105 */ 0xEE /* 'n' -> */, -/* pos 0123: 106 */ 0xE3 /* 'c' -> */, -/* pos 0124: 107 */ 0xE5 /* 'e' -> */, -/* pos 0125: 108 */ 0xBA /* ':' -> */, -/* pos 0126: 109 */ 0x00, 0x0E /* - terminal marker 14 - */, -/* pos 0128: 110 */ 0xF4 /* 't' -> */, -/* pos 0129: 111 */ 0xF0 /* 'p' -> */, -/* pos 012a: 112 */ 0x2F /* '/' */, 0x07, 0x00 /* (to 0x0131 state 113) */, - 0x32 /* '2' */, 0x10, 0x00 /* (to 0x013D state 118) */, - 0x08, /* fail */ -/* pos 0131: 113 */ 0xB1 /* '1' -> */, -/* pos 0132: 114 */ 0xAE /* '.' -> */, -/* pos 0133: 115 */ 0x31 /* '1' */, 0x07, 0x00 /* (to 0x013A state 116) */, - 0x30 /* '0' */, 0x27, 0x03 /* (to 0x045D state 660) */, - 0x08, /* fail */ -/* pos 013a: 116 */ 0xA0 /* ' ' -> */, -/* pos 013b: 117 */ 0x00, 0x0F /* - terminal marker 15 - */, -/* pos 013d: 118 */ 0xAD /* '-' -> */, -/* pos 013e: 119 */ 0xF3 /* 's' -> */, -/* pos 013f: 120 */ 0xE5 /* 'e' -> */, -/* pos 0140: 121 */ 0xF4 /* 't' -> */, -/* pos 0141: 122 */ 0xF4 /* 't' -> */, -/* pos 0142: 123 */ 0xE9 /* 'i' -> */, -/* pos 0143: 124 */ 0xEE /* 'n' -> */, -/* pos 0144: 125 */ 0xE7 /* 'g' -> */, -/* pos 0145: 126 */ 0xF3 /* 's' -> */, -/* pos 0146: 127 */ 0xBA /* ':' -> */, -/* pos 0147: 128 */ 0x00, 0x10 /* - terminal marker 16 - */, -/* pos 0149: 129 */ 0x63 /* 'c' */, 0x0D, 0x00 /* (to 0x0156 state 130) */, - 0x75 /* 'u' */, 0xAC, 0x00 /* (to 0x01F8 state 230) */, - 0x67 /* 'g' */, 0x86, 0x01 /* (to 0x02D5 state 358) */, - 0x6C /* 'l' */, 0x87, 0x01 /* (to 0x02D9 state 361) */, - 0x08, /* fail */ -/* pos 0156: 130 */ 0xE3 /* 'c' -> */, -/* pos 0157: 131 */ 0xE5 /* 'e' -> */, -/* pos 0158: 132 */ 0x70 /* 'p' */, 0x07, 0x00 /* (to 0x015F state 133) */, - 0x73 /* 's' */, 0x0E, 0x00 /* (to 0x0169 state 136) */, - 0x08, /* fail */ -/* pos 015f: 133 */ 0xF4 /* 't' -> */, -/* pos 0160: 134 */ 0x3A /* ':' */, 0x07, 0x00 /* (to 0x0167 state 135) */, - 0x2D /* '-' */, 0x59, 0x00 /* (to 0x01BC state 192) */, - 0x08, /* fail */ -/* pos 0167: 135 */ 0x00, 0x11 /* - terminal marker 17 - */, -/* pos 0169: 136 */ 0xF3 /* 's' -> */, -/* pos 016a: 137 */ 0xAD /* '-' -> */, -/* pos 016b: 138 */ 0xE3 /* 'c' -> */, -/* pos 016c: 139 */ 0xEF /* 'o' -> */, -/* pos 016d: 140 */ 0xEE /* 'n' -> */, -/* pos 016e: 141 */ 0xF4 /* 't' -> */, -/* pos 016f: 142 */ 0xF2 /* 'r' -> */, -/* pos 0170: 143 */ 0xEF /* 'o' -> */, -/* pos 0171: 144 */ 0xEC /* 'l' -> */, -/* pos 0172: 145 */ 0xAD /* '-' -> */, -/* pos 0173: 146 */ 0x72 /* 'r' */, 0x07, 0x00 /* (to 0x017A state 147) */, - 0x61 /* 'a' */, 0x51, 0x01 /* (to 0x02C7 state 345) */, - 0x08, /* fail */ -/* pos 017a: 147 */ 0xE5 /* 'e' -> */, -/* pos 017b: 148 */ 0xF1 /* 'q' -> */, -/* pos 017c: 149 */ 0xF5 /* 'u' -> */, -/* pos 017d: 150 */ 0xE5 /* 'e' -> */, -/* pos 017e: 151 */ 0xF3 /* 's' -> */, -/* pos 017f: 152 */ 0xF4 /* 't' -> */, -/* pos 0180: 153 */ 0xAD /* '-' -> */, -/* pos 0181: 154 */ 0xE8 /* 'h' -> */, -/* pos 0182: 155 */ 0xE5 /* 'e' -> */, -/* pos 0183: 156 */ 0xE1 /* 'a' -> */, -/* pos 0184: 157 */ 0xE4 /* 'd' -> */, -/* pos 0185: 158 */ 0xE5 /* 'e' -> */, -/* pos 0186: 159 */ 0xF2 /* 'r' -> */, -/* pos 0187: 160 */ 0xF3 /* 's' -> */, -/* pos 0188: 161 */ 0xBA /* ':' -> */, -/* pos 0189: 162 */ 0x00, 0x12 /* - terminal marker 18 - */, -/* pos 018b: 163 */ 0xE6 /* 'f' -> */, -/* pos 018c: 164 */ 0xAD /* '-' -> */, -/* pos 018d: 165 */ 0x6D /* 'm' */, 0x0D, 0x00 /* (to 0x019A state 166) */, - 0x6E /* 'n' */, 0x20, 0x00 /* (to 0x01B0 state 181) */, - 0x72 /* 'r' */, 0xA7, 0x01 /* (to 0x033A state 435) */, - 0x75 /* 'u' */, 0xAB, 0x01 /* (to 0x0341 state 441) */, - 0x08, /* fail */ -/* pos 019a: 166 */ 0x6F /* 'o' */, 0x07, 0x00 /* (to 0x01A1 state 167) */, - 0x61 /* 'a' */, 0x97, 0x01 /* (to 0x0334 state 430) */, - 0x08, /* fail */ -/* pos 01a1: 167 */ 0xE4 /* 'd' -> */, -/* pos 01a2: 168 */ 0xE9 /* 'i' -> */, -/* pos 01a3: 169 */ 0xE6 /* 'f' -> */, -/* pos 01a4: 170 */ 0xE9 /* 'i' -> */, -/* pos 01a5: 171 */ 0xE5 /* 'e' -> */, -/* pos 01a6: 172 */ 0xE4 /* 'd' -> */, -/* pos 01a7: 173 */ 0xAD /* '-' -> */, -/* pos 01a8: 174 */ 0xF3 /* 's' -> */, -/* pos 01a9: 175 */ 0xE9 /* 'i' -> */, -/* pos 01aa: 176 */ 0xEE /* 'n' -> */, -/* pos 01ab: 177 */ 0xE3 /* 'c' -> */, -/* pos 01ac: 178 */ 0xE5 /* 'e' -> */, -/* pos 01ad: 179 */ 0xBA /* ':' -> */, -/* pos 01ae: 180 */ 0x00, 0x13 /* - terminal marker 19 - */, -/* pos 01b0: 181 */ 0xEF /* 'o' -> */, -/* pos 01b1: 182 */ 0xEE /* 'n' -> */, -/* pos 01b2: 183 */ 0xE5 /* 'e' -> */, -/* pos 01b3: 184 */ 0xAD /* '-' -> */, -/* pos 01b4: 185 */ 0xED /* 'm' -> */, -/* pos 01b5: 186 */ 0xE1 /* 'a' -> */, -/* pos 01b6: 187 */ 0xF4 /* 't' -> */, -/* pos 01b7: 188 */ 0xE3 /* 'c' -> */, -/* pos 01b8: 189 */ 0xE8 /* 'h' -> */, -/* pos 01b9: 190 */ 0xBA /* ':' -> */, -/* pos 01ba: 191 */ 0x00, 0x14 /* - terminal marker 20 - */, -/* pos 01bc: 192 */ 0x65 /* 'e' */, 0x0D, 0x00 /* (to 0x01C9 state 193) */, - 0x6C /* 'l' */, 0x14, 0x00 /* (to 0x01D3 state 202) */, - 0x63 /* 'c' */, 0xF4, 0x00 /* (to 0x02B6 state 330) */, - 0x72 /* 'r' */, 0xFA, 0x00 /* (to 0x02BF state 338) */, - 0x08, /* fail */ -/* pos 01c9: 193 */ 0xEE /* 'n' -> */, -/* pos 01ca: 194 */ 0xE3 /* 'c' -> */, -/* pos 01cb: 195 */ 0xEF /* 'o' -> */, -/* pos 01cc: 196 */ 0xE4 /* 'd' -> */, -/* pos 01cd: 197 */ 0xE9 /* 'i' -> */, -/* pos 01ce: 198 */ 0xEE /* 'n' -> */, -/* pos 01cf: 199 */ 0xE7 /* 'g' -> */, -/* pos 01d0: 200 */ 0xBA /* ':' -> */, -/* pos 01d1: 201 */ 0x00, 0x15 /* - terminal marker 21 - */, -/* pos 01d3: 202 */ 0xE1 /* 'a' -> */, -/* pos 01d4: 203 */ 0xEE /* 'n' -> */, -/* pos 01d5: 204 */ 0xE7 /* 'g' -> */, -/* pos 01d6: 205 */ 0xF5 /* 'u' -> */, -/* pos 01d7: 206 */ 0xE1 /* 'a' -> */, -/* pos 01d8: 207 */ 0xE7 /* 'g' -> */, -/* pos 01d9: 208 */ 0xE5 /* 'e' -> */, -/* pos 01da: 209 */ 0xBA /* ':' -> */, -/* pos 01db: 210 */ 0x00, 0x16 /* - terminal marker 22 - */, -/* pos 01dd: 211 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x01E4 state 212) */, - 0x6F /* 'o' */, 0xA7, 0x01 /* (to 0x0387 state 497) */, - 0x08, /* fail */ -/* pos 01e4: 212 */ 0xE7 /* 'g' -> */, -/* pos 01e5: 213 */ 0xED /* 'm' -> */, -/* pos 01e6: 214 */ 0xE1 /* 'a' -> */, -/* pos 01e7: 215 */ 0xBA /* ':' -> */, -/* pos 01e8: 216 */ 0x00, 0x17 /* - terminal marker 23 - */, -/* pos 01ea: 217 */ 0xE3 /* 'c' -> */, -/* pos 01eb: 218 */ 0xE8 /* 'h' -> */, -/* pos 01ec: 219 */ 0xE5 /* 'e' -> */, -/* pos 01ed: 220 */ 0xAD /* '-' -> */, -/* pos 01ee: 221 */ 0xE3 /* 'c' -> */, -/* pos 01ef: 222 */ 0xEF /* 'o' -> */, -/* pos 01f0: 223 */ 0xEE /* 'n' -> */, -/* pos 01f1: 224 */ 0xF4 /* 't' -> */, -/* pos 01f2: 225 */ 0xF2 /* 'r' -> */, -/* pos 01f3: 226 */ 0xEF /* 'o' -> */, -/* pos 01f4: 227 */ 0xEC /* 'l' -> */, -/* pos 01f5: 228 */ 0xBA /* ':' -> */, -/* pos 01f6: 229 */ 0x00, 0x18 /* - terminal marker 24 - */, -/* pos 01f8: 230 */ 0xF4 /* 't' -> */, -/* pos 01f9: 231 */ 0xE8 /* 'h' -> */, -/* pos 01fa: 232 */ 0xEF /* 'o' -> */, -/* pos 01fb: 233 */ 0xF2 /* 'r' -> */, -/* pos 01fc: 234 */ 0xE9 /* 'i' -> */, -/* pos 01fd: 235 */ 0xFA /* 'z' -> */, -/* pos 01fe: 236 */ 0xE1 /* 'a' -> */, -/* pos 01ff: 237 */ 0xF4 /* 't' -> */, -/* pos 0200: 238 */ 0xE9 /* 'i' -> */, -/* pos 0201: 239 */ 0xEF /* 'o' -> */, -/* pos 0202: 240 */ 0xEE /* 'n' -> */, -/* pos 0203: 241 */ 0xBA /* ':' -> */, -/* pos 0204: 242 */ 0x00, 0x19 /* - terminal marker 25 - */, -/* pos 0206: 243 */ 0xEB /* 'k' -> */, -/* pos 0207: 244 */ 0xE9 /* 'i' -> */, -/* pos 0208: 245 */ 0xE5 /* 'e' -> */, -/* pos 0209: 246 */ 0xBA /* ':' -> */, -/* pos 020a: 247 */ 0x00, 0x1A /* - terminal marker 26 - */, -/* pos 020c: 248 */ 0xE5 /* 'e' -> */, -/* pos 020d: 249 */ 0xEE /* 'n' -> */, -/* pos 020e: 250 */ 0xF4 /* 't' -> */, -/* pos 020f: 251 */ 0xAD /* '-' -> */, -/* pos 0210: 252 */ 0x6C /* 'l' */, 0x10, 0x00 /* (to 0x0220 state 253) */, - 0x74 /* 't' */, 0x1E, 0x00 /* (to 0x0231 state 260) */, - 0x64 /* 'd' */, 0xC9, 0x00 /* (to 0x02DF state 366) */, - 0x65 /* 'e' */, 0xD3, 0x00 /* (to 0x02EC state 378) */, - 0x72 /* 'r' */, 0xEC, 0x00 /* (to 0x0308 state 403) */, - 0x08, /* fail */ -/* pos 0220: 253 */ 0x65 /* 'e' */, 0x0A, 0x00 /* (to 0x022A state 254) */, - 0x61 /* 'a' */, 0xD3, 0x00 /* (to 0x02F6 state 387) */, - 0x6F /* 'o' */, 0xD9, 0x00 /* (to 0x02FF state 395) */, - 0x08, /* fail */ -/* pos 022a: 254 */ 0xEE /* 'n' -> */, -/* pos 022b: 255 */ 0xE7 /* 'g' -> */, -/* pos 022c: 256 */ 0xF4 /* 't' -> */, -/* pos 022d: 257 */ 0xE8 /* 'h' -> */, -/* pos 022e: 258 */ 0xBA /* ':' -> */, -/* pos 022f: 259 */ 0x00, 0x1B /* - terminal marker 27 - */, -/* pos 0231: 260 */ 0xF9 /* 'y' -> */, -/* pos 0232: 261 */ 0xF0 /* 'p' -> */, -/* pos 0233: 262 */ 0xE5 /* 'e' -> */, -/* pos 0234: 263 */ 0xBA /* ':' -> */, -/* pos 0235: 264 */ 0x00, 0x1C /* - terminal marker 28 - */, -/* pos 0237: 265 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x023E state 266) */, - 0x65 /* 'e' */, 0xFF, 0x01 /* (to 0x0439 state 637) */, - 0x08, /* fail */ -/* pos 023e: 266 */ 0xF4 /* 't' -> */, -/* pos 023f: 267 */ 0xE5 /* 'e' -> */, -/* pos 0240: 268 */ 0xBA /* ':' -> */, -/* pos 0241: 269 */ 0x00, 0x1D /* - terminal marker 29 - */, -/* pos 0243: 270 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x024A state 271) */, - 0x65 /* 'e' */, 0x0A, 0x00 /* (to 0x0250 state 276) */, - 0x08, /* fail */ -/* pos 024a: 271 */ 0xEE /* 'n' -> */, -/* pos 024b: 272 */ 0xE7 /* 'g' -> */, -/* pos 024c: 273 */ 0xE5 /* 'e' -> */, -/* pos 024d: 274 */ 0xBA /* ':' -> */, -/* pos 024e: 275 */ 0x00, 0x1E /* - terminal marker 30 - */, -/* pos 0250: 276 */ 0x66 /* 'f' */, 0x0A, 0x00 /* (to 0x025A state 277) */, - 0x74 /* 't' */, 0x63, 0x01 /* (to 0x03B6 state 529) */, - 0x70 /* 'p' */, 0x22, 0x02 /* (to 0x0478 state 682) */, - 0x08, /* fail */ -/* pos 025a: 277 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x0261 state 278) */, - 0x72 /* 'r' */, 0x53, 0x01 /* (to 0x03B0 state 524) */, - 0x08, /* fail */ -/* pos 0261: 278 */ 0xF2 /* 'r' -> */, -/* pos 0262: 279 */ 0xE5 /* 'e' -> */, -/* pos 0263: 280 */ 0xF2 /* 'r' -> */, -/* pos 0264: 281 */ 0xBA /* ':' -> */, -/* pos 0265: 282 */ 0x00, 0x1F /* - terminal marker 31 - */, -/* pos 0267: 283 */ 0x00, 0x20 /* - terminal marker 32 - */, -/* pos 0269: 284 */ 0xE5 /* 'e' -> */, -/* pos 026a: 285 */ 0xF2 /* 'r' -> */, -/* pos 026b: 286 */ 0xF3 /* 's' -> */, -/* pos 026c: 287 */ 0xE9 /* 'i' -> */, -/* pos 026d: 288 */ 0xEF /* 'o' -> */, -/* pos 026e: 289 */ 0xEE /* 'n' -> */, -/* pos 026f: 290 */ 0xBA /* ':' -> */, -/* pos 0270: 291 */ 0x00, 0x21 /* - terminal marker 33 - */, -/* pos 0272: 292 */ 0xF2 /* 'r' -> */, -/* pos 0273: 293 */ 0xE9 /* 'i' -> */, -/* pos 0274: 294 */ 0xE7 /* 'g' -> */, -/* pos 0275: 295 */ 0xE9 /* 'i' -> */, -/* pos 0276: 296 */ 0xEE /* 'n' -> */, -/* pos 0277: 297 */ 0xBA /* ':' -> */, -/* pos 0278: 298 */ 0x00, 0x22 /* - terminal marker 34 - */, -/* pos 027a: 299 */ 0x61 /* 'a' */, 0x0D, 0x00 /* (to 0x0287 state 300) */, - 0x6D /* 'm' */, 0x14, 0x00 /* (to 0x0291 state 309) */, - 0x70 /* 'p' */, 0x18, 0x00 /* (to 0x0298 state 315) */, - 0x73 /* 's' */, 0x20, 0x00 /* (to 0x02A3 state 319) */, - 0x08, /* fail */ -/* pos 0287: 300 */ 0xF5 /* 'u' -> */, -/* pos 0288: 301 */ 0xF4 /* 't' -> */, -/* pos 0289: 302 */ 0xE8 /* 'h' -> */, -/* pos 028a: 303 */ 0xEF /* 'o' -> */, -/* pos 028b: 304 */ 0xF2 /* 'r' -> */, -/* pos 028c: 305 */ 0xE9 /* 'i' -> */, -/* pos 028d: 306 */ 0xF4 /* 't' -> */, -/* pos 028e: 307 */ 0xF9 /* 'y' -> */, -/* pos 028f: 308 */ 0x00, 0x23 /* - terminal marker 35 - */, -/* pos 0291: 309 */ 0xE5 /* 'e' -> */, -/* pos 0292: 310 */ 0xF4 /* 't' -> */, -/* pos 0293: 311 */ 0xE8 /* 'h' -> */, -/* pos 0294: 312 */ 0xEF /* 'o' -> */, -/* pos 0295: 313 */ 0xE4 /* 'd' -> */, -/* pos 0296: 314 */ 0x00, 0x24 /* - terminal marker 36 - */, -/* pos 0298: 315 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x029F state 316) */, - 0x72 /* 'r' */, 0xE9, 0x01 /* (to 0x0484 state 693) */, - 0x08, /* fail */ -/* pos 029f: 316 */ 0xF4 /* 't' -> */, -/* pos 02a0: 317 */ 0xE8 /* 'h' -> */, -/* pos 02a1: 318 */ 0x00, 0x25 /* - terminal marker 37 - */, -/* pos 02a3: 319 */ 0x63 /* 'c' */, 0x07, 0x00 /* (to 0x02AA state 320) */, - 0x74 /* 't' */, 0x0A, 0x00 /* (to 0x02B0 state 325) */, - 0x08, /* fail */ -/* pos 02aa: 320 */ 0xE8 /* 'h' -> */, -/* pos 02ab: 321 */ 0xE5 /* 'e' -> */, -/* pos 02ac: 322 */ 0xED /* 'm' -> */, -/* pos 02ad: 323 */ 0xE5 /* 'e' -> */, -/* pos 02ae: 324 */ 0x00, 0x26 /* - terminal marker 38 - */, -/* pos 02b0: 325 */ 0xE1 /* 'a' -> */, -/* pos 02b1: 326 */ 0xF4 /* 't' -> */, -/* pos 02b2: 327 */ 0xF5 /* 'u' -> */, -/* pos 02b3: 328 */ 0xF3 /* 's' -> */, -/* pos 02b4: 329 */ 0x00, 0x27 /* - terminal marker 39 - */, -/* pos 02b6: 330 */ 0xE8 /* 'h' -> */, -/* pos 02b7: 331 */ 0xE1 /* 'a' -> */, -/* pos 02b8: 332 */ 0xF2 /* 'r' -> */, -/* pos 02b9: 333 */ 0xF3 /* 's' -> */, -/* pos 02ba: 334 */ 0xE5 /* 'e' -> */, -/* pos 02bb: 335 */ 0xF4 /* 't' -> */, -/* pos 02bc: 336 */ 0xBA /* ':' -> */, -/* pos 02bd: 337 */ 0x00, 0x28 /* - terminal marker 40 - */, -/* pos 02bf: 338 */ 0xE1 /* 'a' -> */, -/* pos 02c0: 339 */ 0xEE /* 'n' -> */, -/* pos 02c1: 340 */ 0xE7 /* 'g' -> */, -/* pos 02c2: 341 */ 0xE5 /* 'e' -> */, -/* pos 02c3: 342 */ 0xF3 /* 's' -> */, -/* pos 02c4: 343 */ 0xBA /* ':' -> */, -/* pos 02c5: 344 */ 0x00, 0x29 /* - terminal marker 41 - */, -/* pos 02c7: 345 */ 0xEC /* 'l' -> */, -/* pos 02c8: 346 */ 0xEC /* 'l' -> */, -/* pos 02c9: 347 */ 0xEF /* 'o' -> */, -/* pos 02ca: 348 */ 0xF7 /* 'w' -> */, -/* pos 02cb: 349 */ 0xAD /* '-' -> */, -/* pos 02cc: 350 */ 0xEF /* 'o' -> */, -/* pos 02cd: 351 */ 0xF2 /* 'r' -> */, -/* pos 02ce: 352 */ 0xE9 /* 'i' -> */, -/* pos 02cf: 353 */ 0xE7 /* 'g' -> */, -/* pos 02d0: 354 */ 0xE9 /* 'i' -> */, -/* pos 02d1: 355 */ 0xEE /* 'n' -> */, -/* pos 02d2: 356 */ 0xBA /* ':' -> */, -/* pos 02d3: 357 */ 0x00, 0x2A /* - terminal marker 42 - */, -/* pos 02d5: 358 */ 0xE5 /* 'e' -> */, -/* pos 02d6: 359 */ 0xBA /* ':' -> */, -/* pos 02d7: 360 */ 0x00, 0x2B /* - terminal marker 43 - */, -/* pos 02d9: 361 */ 0xEC /* 'l' -> */, -/* pos 02da: 362 */ 0xEF /* 'o' -> */, -/* pos 02db: 363 */ 0xF7 /* 'w' -> */, -/* pos 02dc: 364 */ 0xBA /* ':' -> */, -/* pos 02dd: 365 */ 0x00, 0x2C /* - terminal marker 44 - */, -/* pos 02df: 366 */ 0xE9 /* 'i' -> */, -/* pos 02e0: 367 */ 0xF3 /* 's' -> */, -/* pos 02e1: 368 */ 0xF0 /* 'p' -> */, -/* pos 02e2: 369 */ 0xEF /* 'o' -> */, -/* pos 02e3: 370 */ 0xF3 /* 's' -> */, -/* pos 02e4: 371 */ 0xE9 /* 'i' -> */, -/* pos 02e5: 372 */ 0xF4 /* 't' -> */, -/* pos 02e6: 373 */ 0xE9 /* 'i' -> */, -/* pos 02e7: 374 */ 0xEF /* 'o' -> */, -/* pos 02e8: 375 */ 0xEE /* 'n' -> */, -/* pos 02e9: 376 */ 0xBA /* ':' -> */, -/* pos 02ea: 377 */ 0x00, 0x2D /* - terminal marker 45 - */, -/* pos 02ec: 378 */ 0xEE /* 'n' -> */, -/* pos 02ed: 379 */ 0xE3 /* 'c' -> */, -/* pos 02ee: 380 */ 0xEF /* 'o' -> */, -/* pos 02ef: 381 */ 0xE4 /* 'd' -> */, -/* pos 02f0: 382 */ 0xE9 /* 'i' -> */, -/* pos 02f1: 383 */ 0xEE /* 'n' -> */, -/* pos 02f2: 384 */ 0xE7 /* 'g' -> */, -/* pos 02f3: 385 */ 0xBA /* ':' -> */, -/* pos 02f4: 386 */ 0x00, 0x2E /* - terminal marker 46 - */, -/* pos 02f6: 387 */ 0xEE /* 'n' -> */, -/* pos 02f7: 388 */ 0xE7 /* 'g' -> */, -/* pos 02f8: 389 */ 0xF5 /* 'u' -> */, -/* pos 02f9: 390 */ 0xE1 /* 'a' -> */, -/* pos 02fa: 391 */ 0xE7 /* 'g' -> */, -/* pos 02fb: 392 */ 0xE5 /* 'e' -> */, -/* pos 02fc: 393 */ 0xBA /* ':' -> */, -/* pos 02fd: 394 */ 0x00, 0x2F /* - terminal marker 47 - */, -/* pos 02ff: 395 */ 0xE3 /* 'c' -> */, -/* pos 0300: 396 */ 0xE1 /* 'a' -> */, -/* pos 0301: 397 */ 0xF4 /* 't' -> */, -/* pos 0302: 398 */ 0xE9 /* 'i' -> */, -/* pos 0303: 399 */ 0xEF /* 'o' -> */, -/* pos 0304: 400 */ 0xEE /* 'n' -> */, -/* pos 0305: 401 */ 0xBA /* ':' -> */, -/* pos 0306: 402 */ 0x00, 0x30 /* - terminal marker 48 - */, -/* pos 0308: 403 */ 0xE1 /* 'a' -> */, -/* pos 0309: 404 */ 0xEE /* 'n' -> */, -/* pos 030a: 405 */ 0xE7 /* 'g' -> */, -/* pos 030b: 406 */ 0xE5 /* 'e' -> */, -/* pos 030c: 407 */ 0xBA /* ':' -> */, -/* pos 030d: 408 */ 0x00, 0x31 /* - terminal marker 49 - */, -/* pos 030f: 409 */ 0x74 /* 't' */, 0x07, 0x00 /* (to 0x0316 state 410) */, - 0x78 /* 'x' */, 0x09, 0x00 /* (to 0x031B state 414) */, - 0x08, /* fail */ -/* pos 0316: 410 */ 0xE1 /* 'a' -> */, -/* pos 0317: 411 */ 0xE7 /* 'g' -> */, -/* pos 0318: 412 */ 0xBA /* ':' -> */, -/* pos 0319: 413 */ 0x00, 0x32 /* - terminal marker 50 - */, -/* pos 031b: 414 */ 0xF0 /* 'p' -> */, -/* pos 031c: 415 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x0323 state 416) */, - 0x69 /* 'i' */, 0x09, 0x00 /* (to 0x0328 state 420) */, - 0x08, /* fail */ -/* pos 0323: 416 */ 0xE3 /* 'c' -> */, -/* pos 0324: 417 */ 0xF4 /* 't' -> */, -/* pos 0325: 418 */ 0xBA /* ':' -> */, -/* pos 0326: 419 */ 0x00, 0x33 /* - terminal marker 51 - */, -/* pos 0328: 420 */ 0xF2 /* 'r' -> */, -/* pos 0329: 421 */ 0xE5 /* 'e' -> */, -/* pos 032a: 422 */ 0xF3 /* 's' -> */, -/* pos 032b: 423 */ 0xBA /* ':' -> */, -/* pos 032c: 424 */ 0x00, 0x34 /* - terminal marker 52 - */, -/* pos 032e: 425 */ 0xF2 /* 'r' -> */, -/* pos 032f: 426 */ 0xEF /* 'o' -> */, -/* pos 0330: 427 */ 0xED /* 'm' -> */, -/* pos 0331: 428 */ 0xBA /* ':' -> */, -/* pos 0332: 429 */ 0x00, 0x35 /* - terminal marker 53 - */, -/* pos 0334: 430 */ 0xF4 /* 't' -> */, -/* pos 0335: 431 */ 0xE3 /* 'c' -> */, -/* pos 0336: 432 */ 0xE8 /* 'h' -> */, -/* pos 0337: 433 */ 0xBA /* ':' -> */, -/* pos 0338: 434 */ 0x00, 0x36 /* - terminal marker 54 - */, -/* pos 033a: 435 */ 0xE1 /* 'a' -> */, -/* pos 033b: 436 */ 0xEE /* 'n' -> */, -/* pos 033c: 437 */ 0xE7 /* 'g' -> */, -/* pos 033d: 438 */ 0xE5 /* 'e' -> */, -/* pos 033e: 439 */ 0xBA /* ':' -> */, -/* pos 033f: 440 */ 0x00, 0x37 /* - terminal marker 55 - */, -/* pos 0341: 441 */ 0xEE /* 'n' -> */, -/* pos 0342: 442 */ 0xED /* 'm' -> */, -/* pos 0343: 443 */ 0xEF /* 'o' -> */, -/* pos 0344: 444 */ 0xE4 /* 'd' -> */, -/* pos 0345: 445 */ 0xE9 /* 'i' -> */, -/* pos 0346: 446 */ 0xE6 /* 'f' -> */, -/* pos 0347: 447 */ 0xE9 /* 'i' -> */, -/* pos 0348: 448 */ 0xE5 /* 'e' -> */, -/* pos 0349: 449 */ 0xE4 /* 'd' -> */, -/* pos 034a: 450 */ 0xAD /* '-' -> */, -/* pos 034b: 451 */ 0xF3 /* 's' -> */, -/* pos 034c: 452 */ 0xE9 /* 'i' -> */, -/* pos 034d: 453 */ 0xEE /* 'n' -> */, -/* pos 034e: 454 */ 0xE3 /* 'c' -> */, -/* pos 034f: 455 */ 0xE5 /* 'e' -> */, -/* pos 0350: 456 */ 0xBA /* ':' -> */, -/* pos 0351: 457 */ 0x00, 0x38 /* - terminal marker 56 - */, -/* pos 0353: 458 */ 0x61 /* 'a' */, 0x0A, 0x00 /* (to 0x035D state 459) */, - 0x69 /* 'i' */, 0x15, 0x00 /* (to 0x036B state 472) */, - 0x6F /* 'o' */, 0x17, 0x00 /* (to 0x0370 state 476) */, - 0x08, /* fail */ -/* pos 035d: 459 */ 0xF3 /* 's' -> */, -/* pos 035e: 460 */ 0xF4 /* 't' -> */, -/* pos 035f: 461 */ 0xAD /* '-' -> */, -/* pos 0360: 462 */ 0xED /* 'm' -> */, -/* pos 0361: 463 */ 0xEF /* 'o' -> */, -/* pos 0362: 464 */ 0xE4 /* 'd' -> */, -/* pos 0363: 465 */ 0xE9 /* 'i' -> */, -/* pos 0364: 466 */ 0xE6 /* 'f' -> */, -/* pos 0365: 467 */ 0xE9 /* 'i' -> */, -/* pos 0366: 468 */ 0xE5 /* 'e' -> */, -/* pos 0367: 469 */ 0xE4 /* 'd' -> */, -/* pos 0368: 470 */ 0xBA /* ':' -> */, -/* pos 0369: 471 */ 0x00, 0x39 /* - terminal marker 57 - */, -/* pos 036b: 472 */ 0xEE /* 'n' -> */, -/* pos 036c: 473 */ 0xEB /* 'k' -> */, -/* pos 036d: 474 */ 0xBA /* ':' -> */, -/* pos 036e: 475 */ 0x00, 0x3A /* - terminal marker 58 - */, -/* pos 0370: 476 */ 0xE3 /* 'c' -> */, -/* pos 0371: 477 */ 0xE1 /* 'a' -> */, -/* pos 0372: 478 */ 0xF4 /* 't' -> */, -/* pos 0373: 479 */ 0xE9 /* 'i' -> */, -/* pos 0374: 480 */ 0xEF /* 'o' -> */, -/* pos 0375: 481 */ 0xEE /* 'n' -> */, -/* pos 0376: 482 */ 0xBA /* ':' -> */, -/* pos 0377: 483 */ 0x00, 0x3B /* - terminal marker 59 - */, -/* pos 0379: 484 */ 0xE1 /* 'a' -> */, -/* pos 037a: 485 */ 0xF8 /* 'x' -> */, -/* pos 037b: 486 */ 0xAD /* '-' -> */, -/* pos 037c: 487 */ 0xE6 /* 'f' -> */, -/* pos 037d: 488 */ 0xEF /* 'o' -> */, -/* pos 037e: 489 */ 0xF2 /* 'r' -> */, -/* pos 037f: 490 */ 0xF7 /* 'w' -> */, -/* pos 0380: 491 */ 0xE1 /* 'a' -> */, -/* pos 0381: 492 */ 0xF2 /* 'r' -> */, -/* pos 0382: 493 */ 0xE4 /* 'd' -> */, -/* pos 0383: 494 */ 0xF3 /* 's' -> */, -/* pos 0384: 495 */ 0xBA /* ':' -> */, -/* pos 0385: 496 */ 0x00, 0x3C /* - terminal marker 60 - */, -/* pos 0387: 497 */ 0xF8 /* 'x' -> */, -/* pos 0388: 498 */ 0xF9 /* 'y' -> */, -/* pos 0389: 499 */ 0x2D /* '-' */, 0x07, 0x00 /* (to 0x0390 state 500) */, - 0x20 /* ' ' */, 0xBB, 0x00 /* (to 0x0447 state 649) */, - 0x08, /* fail */ -/* pos 0390: 500 */ 0xE1 /* 'a' -> */, -/* pos 0391: 501 */ 0xF5 /* 'u' -> */, -/* pos 0392: 502 */ 0xF4 /* 't' -> */, -/* pos 0393: 503 */ 0xE8 /* 'h' -> */, -/* pos 0394: 504 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x039B state 505) */, - 0x6F /* 'o' */, 0x0E, 0x00 /* (to 0x03A5 state 514) */, - 0x08, /* fail */ -/* pos 039b: 505 */ 0xEE /* 'n' -> */, -/* pos 039c: 506 */ 0xF4 /* 't' -> */, -/* pos 039d: 507 */ 0xE9 /* 'i' -> */, -/* pos 039e: 508 */ 0xE3 /* 'c' -> */, -/* pos 039f: 509 */ 0xE1 /* 'a' -> */, -/* pos 03a0: 510 */ 0xF4 /* 't' -> */, -/* pos 03a1: 511 */ 0xE5 /* 'e' -> */, -/* pos 03a2: 512 */ 0xBA /* ':' -> */, -/* pos 03a3: 513 */ 0x00, 0x3D /* - terminal marker 61 - */, -/* pos 03a5: 514 */ 0xF2 /* 'r' -> */, -/* pos 03a6: 515 */ 0xE9 /* 'i' -> */, -/* pos 03a7: 516 */ 0xFA /* 'z' -> */, -/* pos 03a8: 517 */ 0xE1 /* 'a' -> */, -/* pos 03a9: 518 */ 0xF4 /* 't' -> */, -/* pos 03aa: 519 */ 0xE9 /* 'i' -> */, -/* pos 03ab: 520 */ 0xEF /* 'o' -> */, -/* pos 03ac: 521 */ 0xEE /* 'n' -> */, -/* pos 03ad: 522 */ 0xBA /* ':' -> */, -/* pos 03ae: 523 */ 0x00, 0x3E /* - terminal marker 62 - */, -/* pos 03b0: 524 */ 0xE5 /* 'e' -> */, -/* pos 03b1: 525 */ 0xF3 /* 's' -> */, -/* pos 03b2: 526 */ 0xE8 /* 'h' -> */, -/* pos 03b3: 527 */ 0xBA /* ':' -> */, -/* pos 03b4: 528 */ 0x00, 0x3F /* - terminal marker 63 - */, -/* pos 03b6: 529 */ 0xF2 /* 'r' -> */, -/* pos 03b7: 530 */ 0xF9 /* 'y' -> */, -/* pos 03b8: 531 */ 0xAD /* '-' -> */, -/* pos 03b9: 532 */ 0xE1 /* 'a' -> */, -/* pos 03ba: 533 */ 0xE6 /* 'f' -> */, -/* pos 03bb: 534 */ 0xF4 /* 't' -> */, -/* pos 03bc: 535 */ 0xE5 /* 'e' -> */, -/* pos 03bd: 536 */ 0xF2 /* 'r' -> */, -/* pos 03be: 537 */ 0xBA /* ':' -> */, -/* pos 03bf: 538 */ 0x00, 0x40 /* - terminal marker 64 - */, -/* pos 03c1: 539 */ 0xF6 /* 'v' -> */, -/* pos 03c2: 540 */ 0xE5 /* 'e' -> */, -/* pos 03c3: 541 */ 0xF2 /* 'r' -> */, -/* pos 03c4: 542 */ 0xBA /* ':' -> */, -/* pos 03c5: 543 */ 0x00, 0x41 /* - terminal marker 65 - */, -/* pos 03c7: 544 */ 0xAD /* '-' -> */, -/* pos 03c8: 545 */ 0xE3 /* 'c' -> */, -/* pos 03c9: 546 */ 0xEF /* 'o' -> */, -/* pos 03ca: 547 */ 0xEF /* 'o' -> */, -/* pos 03cb: 548 */ 0xEB /* 'k' -> */, -/* pos 03cc: 549 */ 0xE9 /* 'i' -> */, -/* pos 03cd: 550 */ 0xE5 /* 'e' -> */, -/* pos 03ce: 551 */ 0xBA /* ':' -> */, -/* pos 03cf: 552 */ 0x00, 0x42 /* - terminal marker 66 - */, -/* pos 03d1: 553 */ 0xF2 /* 'r' -> */, -/* pos 03d2: 554 */ 0xE9 /* 'i' -> */, -/* pos 03d3: 555 */ 0xE3 /* 'c' -> */, -/* pos 03d4: 556 */ 0xF4 /* 't' -> */, -/* pos 03d5: 557 */ 0xAD /* '-' -> */, -/* pos 03d6: 558 */ 0xF4 /* 't' -> */, -/* pos 03d7: 559 */ 0xF2 /* 'r' -> */, -/* pos 03d8: 560 */ 0xE1 /* 'a' -> */, -/* pos 03d9: 561 */ 0xEE /* 'n' -> */, -/* pos 03da: 562 */ 0xF3 /* 's' -> */, -/* pos 03db: 563 */ 0xF0 /* 'p' -> */, -/* pos 03dc: 564 */ 0xEF /* 'o' -> */, -/* pos 03dd: 565 */ 0xF2 /* 'r' -> */, -/* pos 03de: 566 */ 0xF4 /* 't' -> */, -/* pos 03df: 567 */ 0xAD /* '-' -> */, -/* pos 03e0: 568 */ 0xF3 /* 's' -> */, -/* pos 03e1: 569 */ 0xE5 /* 'e' -> */, -/* pos 03e2: 570 */ 0xE3 /* 'c' -> */, -/* pos 03e3: 571 */ 0xF5 /* 'u' -> */, -/* pos 03e4: 572 */ 0xF2 /* 'r' -> */, -/* pos 03e5: 573 */ 0xE9 /* 'i' -> */, -/* pos 03e6: 574 */ 0xF4 /* 't' -> */, -/* pos 03e7: 575 */ 0xF9 /* 'y' -> */, -/* pos 03e8: 576 */ 0xBA /* ':' -> */, -/* pos 03e9: 577 */ 0x00, 0x43 /* - terminal marker 67 - */, -/* pos 03eb: 578 */ 0x72 /* 'r' */, 0x07, 0x00 /* (to 0x03F2 state 579) */, - 0x65 /* 'e' */, 0x87, 0x00 /* (to 0x0475 state 680) */, - 0x08, /* fail */ -/* pos 03f2: 579 */ 0xE1 /* 'a' -> */, -/* pos 03f3: 580 */ 0xEE /* 'n' -> */, -/* pos 03f4: 581 */ 0xF3 /* 's' -> */, -/* pos 03f5: 582 */ 0xE6 /* 'f' -> */, -/* pos 03f6: 583 */ 0xE5 /* 'e' -> */, -/* pos 03f7: 584 */ 0xF2 /* 'r' -> */, -/* pos 03f8: 585 */ 0xAD /* '-' -> */, -/* pos 03f9: 586 */ 0xE5 /* 'e' -> */, -/* pos 03fa: 587 */ 0xEE /* 'n' -> */, -/* pos 03fb: 588 */ 0xE3 /* 'c' -> */, -/* pos 03fc: 589 */ 0xEF /* 'o' -> */, -/* pos 03fd: 590 */ 0xE4 /* 'd' -> */, -/* pos 03fe: 591 */ 0xE9 /* 'i' -> */, -/* pos 03ff: 592 */ 0xEE /* 'n' -> */, -/* pos 0400: 593 */ 0xE7 /* 'g' -> */, -/* pos 0401: 594 */ 0xBA /* ':' -> */, -/* pos 0402: 595 */ 0x00, 0x44 /* - terminal marker 68 - */, -/* pos 0404: 596 */ 0xE5 /* 'e' -> */, -/* pos 0405: 597 */ 0xF2 /* 'r' -> */, -/* pos 0406: 598 */ 0xAD /* '-' -> */, -/* pos 0407: 599 */ 0xE1 /* 'a' -> */, -/* pos 0408: 600 */ 0xE7 /* 'g' -> */, -/* pos 0409: 601 */ 0xE5 /* 'e' -> */, -/* pos 040a: 602 */ 0xEE /* 'n' -> */, -/* pos 040b: 603 */ 0xF4 /* 't' -> */, -/* pos 040c: 604 */ 0xBA /* ':' -> */, -/* pos 040d: 605 */ 0x00, 0x45 /* - terminal marker 69 - */, -/* pos 040f: 606 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x0416 state 607) */, - 0x69 /* 'i' */, 0x09, 0x00 /* (to 0x041B state 611) */, - 0x08, /* fail */ -/* pos 0416: 607 */ 0xF2 /* 'r' -> */, -/* pos 0417: 608 */ 0xF9 /* 'y' -> */, -/* pos 0418: 609 */ 0xBA /* ':' -> */, -/* pos 0419: 610 */ 0x00, 0x46 /* - terminal marker 70 - */, -/* pos 041b: 611 */ 0xE1 /* 'a' -> */, -/* pos 041c: 612 */ 0xBA /* ':' -> */, -/* pos 041d: 613 */ 0x00, 0x47 /* - terminal marker 71 - */, -/* pos 041f: 614 */ 0xF7 /* 'w' -> */, -/* pos 0420: 615 */ 0xF7 /* 'w' -> */, -/* pos 0421: 616 */ 0xAD /* '-' -> */, -/* pos 0422: 617 */ 0xE1 /* 'a' -> */, -/* pos 0423: 618 */ 0xF5 /* 'u' -> */, -/* pos 0424: 619 */ 0xF4 /* 't' -> */, -/* pos 0425: 620 */ 0xE8 /* 'h' -> */, -/* pos 0426: 621 */ 0xE5 /* 'e' -> */, -/* pos 0427: 622 */ 0xEE /* 'n' -> */, -/* pos 0428: 623 */ 0xF4 /* 't' -> */, -/* pos 0429: 624 */ 0xE9 /* 'i' -> */, -/* pos 042a: 625 */ 0xE3 /* 'c' -> */, -/* pos 042b: 626 */ 0xE1 /* 'a' -> */, -/* pos 042c: 627 */ 0xF4 /* 't' -> */, -/* pos 042d: 628 */ 0xE5 /* 'e' -> */, -/* pos 042e: 629 */ 0xBA /* ':' -> */, -/* pos 042f: 630 */ 0x00, 0x48 /* - terminal marker 72 - */, -/* pos 0431: 631 */ 0xF4 /* 't' -> */, -/* pos 0432: 632 */ 0xE3 /* 'c' -> */, -/* pos 0433: 633 */ 0xE8 /* 'h' -> */, -/* pos 0434: 634 */ 0x00, 0x49 /* - terminal marker 73 - */, -/* pos 0436: 635 */ 0xF4 /* 't' -> */, -/* pos 0437: 636 */ 0x00, 0x4A /* - terminal marker 74 - */, -/* pos 0439: 637 */ 0xEC /* 'l' -> */, -/* pos 043a: 638 */ 0xE5 /* 'e' -> */, -/* pos 043b: 639 */ 0xF4 /* 't' -> */, -/* pos 043c: 640 */ 0xE5 /* 'e' -> */, -/* pos 043d: 641 */ 0x00, 0x4B /* - terminal marker 75 - */, -/* pos 043f: 642 */ 0xE9 /* 'i' -> */, -/* pos 0440: 643 */ 0xAD /* '-' -> */, -/* pos 0441: 644 */ 0xE1 /* 'a' -> */, -/* pos 0442: 645 */ 0xF2 /* 'r' -> */, -/* pos 0443: 646 */ 0xE7 /* 'g' -> */, -/* pos 0444: 647 */ 0xF3 /* 's' -> */, -/* pos 0445: 648 */ 0x00, 0x4C /* - terminal marker 76 - */, -/* pos 0447: 649 */ 0x00, 0x4D /* - terminal marker 77 - */, -/* pos 0449: 650 */ 0xAD /* '-' -> */, -/* pos 044a: 651 */ 0x72 /* 'r' */, 0x0A, 0x00 /* (to 0x0454 state 652) */, - 0x66 /* 'f' */, 0x13, 0x00 /* (to 0x0460 state 662) */, - 0x61 /* 'a' */, 0x3C, 0x00 /* (to 0x048C state 700) */, - 0x08, /* fail */ -/* pos 0454: 652 */ 0xE5 /* 'e' -> */, -/* pos 0455: 653 */ 0xE1 /* 'a' -> */, -/* pos 0456: 654 */ 0xEC /* 'l' -> */, -/* pos 0457: 655 */ 0xAD /* '-' -> */, -/* pos 0458: 656 */ 0xE9 /* 'i' -> */, -/* pos 0459: 657 */ 0xF0 /* 'p' -> */, -/* pos 045a: 658 */ 0xBA /* ':' -> */, -/* pos 045b: 659 */ 0x00, 0x4E /* - terminal marker 78 - */, -/* pos 045d: 660 */ 0xA0 /* ' ' -> */, -/* pos 045e: 661 */ 0x00, 0x4F /* - terminal marker 79 - */, -/* pos 0460: 662 */ 0xEF /* 'o' -> */, -/* pos 0461: 663 */ 0xF2 /* 'r' -> */, -/* pos 0462: 664 */ 0xF7 /* 'w' -> */, -/* pos 0463: 665 */ 0xE1 /* 'a' -> */, -/* pos 0464: 666 */ 0xF2 /* 'r' -> */, -/* pos 0465: 667 */ 0xE4 /* 'd' -> */, -/* pos 0466: 668 */ 0xE5 /* 'e' -> */, -/* pos 0467: 669 */ 0xE4 /* 'd' -> */, -/* pos 0468: 670 */ 0xAD /* '-' -> */, -/* pos 0469: 671 */ 0xE6 /* 'f' -> */, -/* pos 046a: 672 */ 0xEF /* 'o' -> */, -/* pos 046b: 673 */ 0xF2 /* 'r' -> */, -/* pos 046c: 674 */ 0x00, 0x50 /* - terminal marker 80 - */, -/* pos 046e: 675 */ 0x00, 0x51 /* - terminal marker 81 - */, -/* pos 0470: 676 */ 0xE1 /* 'a' -> */, -/* pos 0471: 677 */ 0xE4 /* 'd' -> */, -/* pos 0472: 678 */ 0xA0 /* ' ' -> */, -/* pos 0473: 679 */ 0x00, 0x52 /* - terminal marker 82 - */, -/* pos 0475: 680 */ 0xBA /* ':' -> */, -/* pos 0476: 681 */ 0x00, 0x53 /* - terminal marker 83 - */, -/* pos 0478: 682 */ 0xEC /* 'l' -> */, -/* pos 0479: 683 */ 0xE1 /* 'a' -> */, -/* pos 047a: 684 */ 0xF9 /* 'y' -> */, -/* pos 047b: 685 */ 0xAD /* '-' -> */, -/* pos 047c: 686 */ 0xEE /* 'n' -> */, -/* pos 047d: 687 */ 0xEF /* 'o' -> */, -/* pos 047e: 688 */ 0xEE /* 'n' -> */, -/* pos 047f: 689 */ 0xE3 /* 'c' -> */, -/* pos 0480: 690 */ 0xE5 /* 'e' -> */, -/* pos 0481: 691 */ 0xBA /* ':' -> */, -/* pos 0482: 692 */ 0x00, 0x54 /* - terminal marker 84 - */, -/* pos 0484: 693 */ 0xEF /* 'o' -> */, -/* pos 0485: 694 */ 0xF4 /* 't' -> */, -/* pos 0486: 695 */ 0xEF /* 'o' -> */, -/* pos 0487: 696 */ 0xE3 /* 'c' -> */, -/* pos 0488: 697 */ 0xEF /* 'o' -> */, -/* pos 0489: 698 */ 0xEC /* 'l' -> */, -/* pos 048a: 699 */ 0x00, 0x55 /* - terminal marker 85 - */, -/* pos 048c: 700 */ 0xF5 /* 'u' -> */, -/* pos 048d: 701 */ 0xF4 /* 't' -> */, -/* pos 048e: 702 */ 0xE8 /* 'h' -> */, -/* pos 048f: 703 */ 0xAD /* '-' -> */, -/* pos 0490: 704 */ 0xF4 /* 't' -> */, -/* pos 0491: 705 */ 0xEF /* 'o' -> */, -/* pos 0492: 706 */ 0xEB /* 'k' -> */, -/* pos 0493: 707 */ 0xE5 /* 'e' -> */, -/* pos 0494: 708 */ 0xEE /* 'n' -> */, -/* pos 0495: 709 */ 0xBA /* ':' -> */, -/* pos 0496: 710 */ 0x00, 0x56 /* - terminal marker 86 - */, -/* total size 1176 bytes */ diff --git a/lib/libwebsockets.c b/lib/libwebsockets.c index 563b594..6c430b4 100644 --- a/lib/libwebsockets.c +++ b/lib/libwebsockets.c @@ -124,14 +124,8 @@ __lws_free_wsi(struct lws *wsi) wsi->peer = NULL; #endif -#if defined(LWS_WITH_HTTP2) - if (wsi->upgraded_to_http2 || wsi->http2_substream) { - lws_hpack_destroy_dynamic_header(wsi); - - if (wsi->h2.h2n) - lws_free_set_NULL(wsi->h2.h2n); - } -#endif + if (wsi->role_ops->destroy_role) + wsi->role_ops->destroy_role(wsi); /* since we will destroy the wsi, make absolutely sure now */ @@ -604,10 +598,10 @@ __lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char * wsi->child_list = NULL; } - if (lwsi_role(wsi) == LWSI_ROLE_RAW_FILE) { + if (wsi->role_ops == &role_ops_raw_file) { lws_remove_child_from_any_parent(wsi); __remove_wsi_socket_from_fds(wsi); - wsi->protocol->callback(wsi, LWS_CALLBACK_RAW_CLOSE_FILE, + wsi->protocol->callback(wsi, wsi->role_ops->close_cb[0], wsi->user_space, NULL, 0); goto async_close; } @@ -615,7 +609,7 @@ __lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char * wsi->wsistate_pre_close = wsi->wsistate; #ifdef LWS_WITH_CGI - if (lwsi_role(wsi) == LWSI_ROLE_CGI) { + if (wsi->role_ops == &role_ops_cgi) { /* we are not a network connection, but a handler for CGI io */ if (wsi->parent && wsi->parent->cgi) { @@ -638,25 +632,21 @@ __lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char * lws_client_stash_destroy(wsi); #endif - if (lwsi_role(wsi) == LWSI_ROLE_RAW_SOCKET) { - wsi->protocol->callback(wsi, - LWS_CALLBACK_RAW_CLOSE, wsi->user_space, NULL, 0); + if (wsi->role_ops == &role_ops_raw_skt) { wsi->socket_is_permanently_unusable = 1; goto just_kill_connection; } - if (lwsi_role_http_server(wsi) && wsi->http.fop_fd != NULL) { + if (lwsi_role_http(wsi) && lwsi_role_server(wsi) && + wsi->http.fop_fd != NULL) lws_vfs_file_close(&wsi->http.fop_fd); - wsi->vhost->protocols->callback(wsi, - LWS_CALLBACK_CLOSED_HTTP, wsi->user_space, NULL, 0); - wsi->told_user_closed = 1; - } + if (wsi->socket_is_permanently_unusable || reason == LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY || lwsi_state(wsi) == LRS_SHUTDOWN) goto just_kill_connection; - switch (wsi->wsistate_pre_close & LRS_MASK) { + switch (lwsi_state_PRE_CLOSE(wsi)) { case LRS_DEAD_SOCKET: return; @@ -687,16 +677,14 @@ __lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char * lwsi_state(wsi) == LRS_H1C_ISSUE_HANDSHAKE) goto just_kill_connection; - if (!wsi->told_user_closed && lwsi_role_http_server(wsi)) { + if (!wsi->told_user_closed && lwsi_role_http(wsi) && + lwsi_role_server(wsi)) { if (wsi->user_space && wsi->protocol_bind_balance) { wsi->vhost->protocols->callback(wsi, LWS_CALLBACK_HTTP_DROP_PROTOCOL, wsi->user_space, NULL, 0); wsi->protocol_bind_balance = 0; } - wsi->vhost->protocols->callback(wsi, LWS_CALLBACK_CLOSED_HTTP, - wsi->user_space, NULL, 0); - wsi->told_user_closed = 1; } /* @@ -750,116 +738,14 @@ __lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char * * LRS_AWAITING_CLOSE_ACK and will skip doing this a second time. */ - if ((wsi->wsistate_pre_close & LWSIFR_WS) && - (wsi->ws->close_in_ping_buffer_len || /* already a reason */ - (reason != LWS_CLOSE_STATUS_NOSTATUS && - (reason != LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY)))) { - lwsl_debug("sending close indication...\n"); - - /* if no prepared close reason, use 1000 and no aux data */ - if (!wsi->ws->close_in_ping_buffer_len) { - wsi->ws->close_in_ping_buffer_len = 2; - wsi->ws->ping_payload_buf[LWS_PRE] = - (reason >> 8) & 0xff; - wsi->ws->ping_payload_buf[LWS_PRE + 1] = - reason & 0xff; - } - - lwsl_debug("waiting for chance to send close\n"); - wsi->waiting_to_send_close_frame = 1; - lwsi_set_state(wsi, LRS_WAITING_TO_SEND_CLOSE); - __lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_SEND, 5); - lws_callback_on_writable(wsi); - + if (wsi->role_ops->close_via_role_protocol && + wsi->role_ops->close_via_role_protocol(wsi, reason)) return; - } just_kill_connection: -#if defined(LWS_WITH_HTTP2) - - if (wsi->http2_substream && wsi->h2_stream_carries_ws) - lws_h2_rst_stream(wsi, 0, "none"); - - if (wsi->h2.parent_wsi) { - lwsl_info(" wsi: %p, his parent %p: siblings:\n", wsi, - wsi->h2.parent_wsi); - lws_start_foreach_llp(struct lws **, w, - wsi->h2.parent_wsi->h2.child_list) { - lwsl_info(" \\---- child %p\n", *w); - } lws_end_foreach_llp(w, h2.sibling_list); - } - - if (wsi->upgraded_to_http2 || wsi->http2_substream || wsi->client_h2_substream) { - lwsl_info("closing %p: parent %p\n", wsi, wsi->h2.parent_wsi); - - if (wsi->h2.child_list) { - lwsl_info(" parent %p: closing children: list:\n", wsi); - lws_start_foreach_llp(struct lws **, w, - wsi->h2.child_list) { - lwsl_info(" \\---- child %p\n", *w); - } lws_end_foreach_llp(w, h2.sibling_list); - /* trigger closing of all of our http2 children first */ - lws_start_foreach_llp(struct lws **, w, - wsi->h2.child_list) { - lwsl_info(" closing child %p\n", *w); - /* disconnect from siblings */ - wsi2 = (*w)->h2.sibling_list; - (*w)->h2.sibling_list = NULL; - (*w)->socket_is_permanently_unusable = 1; - __lws_close_free_wsi(*w, reason, "h2 child recurse"); - *w = wsi2; - continue; - } lws_end_foreach_llp(w, h2.sibling_list); - } - } - - if (wsi->upgraded_to_http2) { - /* remove pps */ - struct lws_h2_protocol_send *w = wsi->h2.h2n->pps, *w1; - while (w) { - w1 = w->next; - free(w); - w = w1; - } - wsi->h2.h2n->pps = NULL; - } - - if ((wsi->client_h2_substream || wsi->http2_substream) && - wsi->h2.parent_wsi) { - lwsl_info(" %p: disentangling from siblings\n", wsi); - lws_start_foreach_llp(struct lws **, w, - wsi->h2.parent_wsi->h2.child_list) { - /* disconnect from siblings */ - if (*w == wsi) { - wsi2 = (*w)->h2.sibling_list; - (*w)->h2.sibling_list = NULL; - *w = wsi2; - lwsl_info(" %p disentangled from sibling %p\n", - wsi, wsi2); - break; - } - } lws_end_foreach_llp(w, h2.sibling_list); - wsi->h2.parent_wsi->h2.child_count--; - wsi->h2.parent_wsi = NULL; - if (wsi->h2.pending_status_body) - lws_free_set_NULL(wsi->h2.pending_status_body); - } - - if (wsi->h2_stream_carries_ws) { - struct lws *nwsi = lws_get_network_wsi(wsi); - - nwsi->ws_over_h2_count++; - /* if no ws, then put a timeout on the parent wsi */ - if (!nwsi->ws_over_h2_count) - __lws_set_timeout(nwsi, - PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE, 31); - } - - if (wsi->upgraded_to_http2 && wsi->h2.h2n && - wsi->h2.h2n->rx_scratch) - lws_free_set_NULL(wsi->h2.h2n->rx_scratch); -#endif + if (wsi->role_ops->close_kill_connection) + wsi->role_ops->close_kill_connection(wsi, reason); lws_remove_child_from_any_parent(wsi); n = 0; @@ -868,8 +754,7 @@ just_kill_connection: wsi->protocol_bind_balance) { lwsl_debug("%s: %p: DROP_PROTOCOL %s\n", __func__, wsi, wsi->protocol->name); - wsi->protocol->callback(wsi, - LWS_CALLBACK_HTTP_DROP_PROTOCOL, + wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_DROP_PROTOCOL, wsi->user_space, NULL, 0); wsi->protocol_bind_balance = 0; } @@ -880,18 +765,6 @@ just_kill_connection: LWS_CALLBACK_CLIENT_CONNECTION_ERROR, wsi->user_space, NULL, 0); - if (lwsi_role_client(wsi) && !(lwsi_state(wsi) & LWSIFS_NOTEST)) { - const struct lws_protocols *pro = wsi->protocol; - - if (!wsi->protocol) - pro = &wsi->vhost->protocols[0]; - pro->callback(wsi, LWS_CALLBACK_CLOSED_CLIENT_HTTP, - wsi->user_space, NULL, 0); - wsi->told_user_closed = 1; - } - - -#if LWS_POSIX /* * Testing with ab shows that we have to stage the socket close when * the system is under stress... shutdown any further TX, change the @@ -899,14 +772,13 @@ just_kill_connection: * for the POLLIN to show a zero-size rx before coming back and doing * the actual close. */ - if (lwsi_role(wsi) != LWSI_ROLE_RAW_SOCKET && - !lwsi_role_client(wsi) && + if (wsi->role_ops != &role_ops_raw_skt && !lwsi_role_client(wsi) && lwsi_state(wsi) != LRS_SHUTDOWN && lwsi_state(wsi) != LRS_UNCONNECTED && reason != LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY && !wsi->socket_is_permanently_unusable) { -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) if (lws_is_ssl(wsi) && wsi->ssl) { n = 0; switch (__lws_tls_shutdown(wsi)) { @@ -952,7 +824,6 @@ just_kill_connection: } #endif } -#endif lwsl_debug("%s: real just_kill_connection: %p (sockfd %d)\n", __func__, wsi, wsi->desc.sockfd); @@ -980,67 +851,23 @@ just_kill_connection: lwsi_set_state(wsi, LRS_DEAD_SOCKET); lws_free_set_NULL(wsi->rxflow_buffer); - if ((wsi->wsistate_pre_close & LWSIFR_WS) || lwsi_role_ws(wsi)) { - - if (wsi->ws->rx_draining_ext) { - struct lws **w = &pt->rx_draining_ext_list; - - wsi->ws->rx_draining_ext = 0; - /* remove us from context draining ext list */ - while (*w) { - if (*w == wsi) { - *w = wsi->ws->rx_draining_ext_list; - break; - } - w = &((*w)->ws->rx_draining_ext_list); - } - wsi->ws->rx_draining_ext_list = NULL; - } + if (wsi->role_ops->close_role) + wsi->role_ops->close_role(pt, wsi); - if (wsi->ws->tx_draining_ext) { - struct lws **w = &pt->tx_draining_ext_list; - - wsi->ws->tx_draining_ext = 0; - /* remove us from context draining ext list */ - while (*w) { - if (*w == wsi) { - *w = wsi->ws->tx_draining_ext_list; - break; - } - w = &((*w)->ws->tx_draining_ext_list); - } - wsi->ws->tx_draining_ext_list = NULL; - } - lws_free_set_NULL(wsi->ws->rx_ubuf); + /* tell the user it's all over for this guy */ - if (wsi->trunc_alloc) - /* not going to be completed... nuke it */ - lws_free_set_NULL(wsi->trunc_alloc); + if (lwsi_state_est_PRE_CLOSE(wsi) && !wsi->told_user_closed && + wsi->role_ops->close_cb[lwsi_role_server(wsi)]) { + const struct lws_protocols *pro = wsi->protocol; - wsi->ws->ping_payload_len = 0; - wsi->ws->ping_pending_flag = 0; + if (!wsi->protocol) + pro = &wsi->vhost->protocols[0]; + pro->callback(wsi, + wsi->role_ops->close_cb[lwsi_role_server(wsi)], + wsi->user_space, NULL, 0); + wsi->told_user_closed = 1; } - /* tell the user it's all over for this guy */ - - if (wsi->protocol && !wsi->told_user_closed && - wsi->protocol->callback && - lwsi_role(wsi) != LWSI_ROLE_RAW_SOCKET && - !(wsi->wsistate_pre_close & LWSIFS_NOTEST)) { - if (lwsi_role_client(wsi)) - wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_CLOSED, - wsi->user_space, NULL, 0); - else - wsi->protocol->callback(wsi, LWS_CALLBACK_CLOSED, - wsi->user_space, NULL, 0); - } else if (lwsi_role_http_server(wsi)) { - lwsl_debug("calling back CLOSED_HTTP\n"); - wsi->vhost->protocols->callback(wsi, LWS_CALLBACK_CLOSED_HTTP, - wsi->user_space, NULL, 0 ); - } else - lwsl_debug("not calling back closed role=0x%x state=0x%x\n", - lwsi_role(wsi), wsi->wsistate_pre_close); - /* deallocate any active extension contexts */ if (lws_ext_cb_active(wsi, LWS_EXT_CB_DESTROY, NULL, 0) < 0) @@ -1084,15 +911,10 @@ __lws_close_free_wsi_final(struct lws *wsi) int n; if (lws_socket_is_valid(wsi->desc.sockfd) && !lws_ssl_close(wsi)) { -#if LWS_POSIX n = compatible_close(wsi->desc.sockfd); if (n) lwsl_debug("closing: close ret %d\n", LWS_ERRNO); -#else - compatible_close(wsi->desc.sockfd); - (void)n; -#endif wsi->desc.sockfd = LWS_SOCK_INVALID; } @@ -1147,7 +969,7 @@ lws_get_urlarg_by_name(struct lws *wsi, const char *name, char *buf, int len) return NULL; } -#if LWS_POSIX && !defined(LWS_WITH_ESP32) +#if !defined(LWS_WITH_ESP32) LWS_VISIBLE int interface_to_sa(struct lws_vhost *vh, const char *ifname, struct sockaddr_in *addr, size_t addrlen) @@ -1163,12 +985,10 @@ interface_to_sa(struct lws_vhost *vh, const char *ifname, #endif #ifndef LWS_PLAT_OPTEE -#if LWS_POSIX static int lws_get_addresses(struct lws_vhost *vh, void *ads, char *name, int name_len, char *rip, int rip_len) { -#if LWS_POSIX struct addrinfo ai, *res; struct sockaddr_in addr4; @@ -1233,24 +1053,12 @@ lws_get_addresses(struct lws_vhost *vh, void *ads, char *name, return -1; return 0; -#else - (void)vh; - (void)ads; - (void)name; - (void)name_len; - (void)rip; - (void)rip_len; - - return -1; -#endif } -#endif LWS_VISIBLE const char * lws_get_peer_simple(struct lws *wsi, char *name, int namelen) { -#if LWS_POSIX socklen_t len, olen; #ifdef LWS_WITH_IPV6 struct sockaddr_in6 sin6; @@ -1259,10 +1067,7 @@ lws_get_peer_simple(struct lws *wsi, char *name, int namelen) int af = AF_INET; void *p, *q; -#if defined(LWS_WITH_HTTP2) - if (wsi->http2_substream) - wsi = wsi->h2.parent_wsi; -#endif + wsi = lws_get_network_wsi(wsi); if (wsi->parent_carries_io) wsi = wsi->parent; @@ -1288,9 +1093,6 @@ lws_get_peer_simple(struct lws *wsi, char *name, int namelen) } return lws_plat_inet_ntop(af, q, name, namelen); -#else - return NULL; -#endif } #endif @@ -1299,7 +1101,6 @@ lws_get_peer_addresses(struct lws *wsi, lws_sockfd_type fd, char *name, int name_len, char *rip, int rip_len) { #ifndef LWS_PLAT_OPTEE -#if LWS_POSIX socklen_t len; #ifdef LWS_WITH_IPV6 struct sockaddr_in6 sin6; @@ -1335,7 +1136,6 @@ lws_get_peer_addresses(struct lws *wsi, lws_sockfd_type fd, char *name, bail: lws_latency(context, wsi, "lws_get_peer_addresses", ret, 1); #endif -#endif (void)wsi; (void)fd; (void)name; @@ -1631,9 +1431,6 @@ lws_compare_time_t(struct lws_context *context, time_t t1, time_t t2) return (int)(t1 - t2); } - -#if LWS_POSIX - LWS_VISIBLE lws_sockfd_type lws_get_socket_fd(struct lws *wsi) { @@ -1642,8 +1439,6 @@ lws_get_socket_fd(struct lws *wsi) return wsi->desc.sockfd; } -#endif - #ifdef LWS_LATENCY void lws_latency(struct lws_context *context, struct lws *wsi, const char *action, @@ -1961,27 +1756,6 @@ lws_get_protocol(struct lws *wsi) return wsi->protocol; } -LWS_VISIBLE int -lws_is_final_fragment(struct lws *wsi) -{ - lwsl_info("%s: final %d, rx pk length %ld, draining %ld\n", __func__, - wsi->ws->final, (long)wsi->ws->rx_packet_length, - (long)wsi->ws->rx_draining_ext); - return wsi->ws->final && !wsi->ws->rx_packet_length && - !wsi->ws->rx_draining_ext; -} - -LWS_VISIBLE int -lws_is_first_fragment(struct lws *wsi) -{ - return wsi->ws->first_fragment; -} - -LWS_VISIBLE unsigned char -lws_get_reserved_bits(struct lws *wsi) -{ - return wsi->ws->rsv; -} int lws_ensure_user_space(struct lws *wsi) @@ -2198,7 +1972,7 @@ lwsl_hexdump(const void *vbuf, size_t len) LWS_VISIBLE int lws_is_ssl(struct lws *wsi) { -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) return wsi->use_ssl & LCCSCF_USE_SSL; #else (void)wsi; @@ -2206,7 +1980,7 @@ lws_is_ssl(struct lws *wsi) #endif } -#if defined(LWS_OPENSSL_SUPPORT) && !defined(LWS_WITH_MBEDTLS) +#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) LWS_VISIBLE lws_tls_conn* lws_get_ssl(struct lws *wsi) { @@ -2223,24 +1997,28 @@ lws_partial_buffered(struct lws *wsi) LWS_VISIBLE size_t lws_get_peer_write_allowance(struct lws *wsi) { -#ifdef LWS_WITH_HTTP2 - /* only if we are using HTTP2 on this connection */ - if (!lwsi_role_h2(wsi)) - return -1; + if (wsi->role_ops->tx_credit) + return wsi->role_ops->tx_credit(wsi); - return lws_h2_tx_cr_get(wsi); -#else - (void)wsi; return -1; -#endif } LWS_VISIBLE void -lws_role_transition(struct lws *wsi, enum lwsi_role role, enum lwsi_state state) +lws_role_transition(struct lws *wsi, enum lwsi_role role, enum lwsi_state state, + struct lws_role_ops *ops) { - lwsl_debug("%s: %p: role 0x%x, state 0x%x\n", __func__, wsi, role, state); - lwsi_set_role(wsi, role); - lwsi_set_state(wsi, state); +#if defined(_DEBUG) + const char *name = "(unset)"; +#endif + wsi->wsistate = role | state; + if (ops) + wsi->role_ops = ops; +#if defined(_DEBUG) + if (wsi->role_ops) + name = wsi->role_ops->name; + lwsl_debug("%s: %p: wsistate 0x%x, ops %s\n", __func__, wsi, + wsi->wsistate, name); +#endif } LWS_VISIBLE struct lws_plat_file_ops * @@ -2319,38 +2097,6 @@ lws_clear_child_pending_on_writable(struct lws *wsi) wsi->parent_pending_cb_on_writable = 0; } -LWS_VISIBLE LWS_EXTERN int -lws_get_close_length(struct lws *wsi) -{ - return wsi->ws->close_in_ping_buffer_len; -} - -LWS_VISIBLE LWS_EXTERN unsigned char * -lws_get_close_payload(struct lws *wsi) -{ - return &wsi->ws->ping_payload_buf[LWS_PRE]; -} - -LWS_VISIBLE LWS_EXTERN void -lws_close_reason(struct lws *wsi, enum lws_close_status status, - unsigned char *buf, size_t len) -{ - unsigned char *p, *start; - int budget = sizeof(wsi->ws->ping_payload_buf) - LWS_PRE; - - assert(lwsi_role_ws(wsi)); - - start = p = &wsi->ws->ping_payload_buf[LWS_PRE]; - - *p++ = (((int)status) >> 8) & 0xff; - *p++ = ((int)status) & 0xff; - - if (buf) - while (len-- && p < start + budget) - *p++ = *buf++; - - wsi->ws->close_in_ping_buffer_len = lws_ptr_diff(p, start); -} LWS_EXTERN int __lws_rx_flow_control(struct lws *wsi) @@ -2538,7 +2284,6 @@ LWS_EXTERN int lws_socket_bind(struct lws_vhost *vhost, lws_sockfd_type sockfd, int port, const char *iface) { -#if LWS_POSIX #ifdef LWS_WITH_UNIX_SOCK struct sockaddr_un serv_unix; #endif @@ -2657,7 +2402,6 @@ lws_socket_bind(struct lws_vhost *vhost, lws_sockfd_type sockfd, int port, port = ntohs(sain.sin_port); } #endif -#endif return port; } @@ -2823,15 +2567,7 @@ bail: #endif -LWS_EXTERN void -lws_restart_ws_ping_pong_timer(struct lws *wsi) -{ - if (!wsi->context->ws_ping_pong_interval || - !lwsi_role_ws(wsi)) - return; - wsi->ws->time_next_ping_check = (time_t)lws_now_secs(); -} static const char *hex = "0123456789ABCDEF"; @@ -3123,7 +2859,7 @@ lws_json_dump_vhost(const struct lws_vhost *vh, char *buf, int len) " \"h2_subs\":\"%lu\"" , vh->name, vh->listen_port, -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) vh->use_ssl & LCCSCF_USE_SSL, #else 0, diff --git a/lib/libwebsockets.h b/lib/libwebsockets.h index fd3056c..d2c254a 100644 --- a/lib/libwebsockets.h +++ b/lib/libwebsockets.h @@ -39,8 +39,6 @@ extern "C" { * CARE: everything using cmake defines needs to be below here */ -#define LWS_POSIX 1 - #if defined(LWS_HAS_INTPTR_T) #include #define lws_intptr_t intptr_t @@ -180,7 +178,7 @@ typedef unsigned long long lws_intptr_t; #endif #endif -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) #ifdef USE_WOLFSSL #ifdef USE_OLD_CYASSL @@ -1648,7 +1646,7 @@ struct lws_vhost; */ ///@{ -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) #if defined(LWS_WITH_MBEDTLS) #include @@ -2808,7 +2806,7 @@ struct lws_context_creation_info { int ka_interval; /**< CONTEXT: if ka_time was nonzero, how long to wait before each ka_probes * attempt */ -#if defined(LWS_OPENSSL_SUPPORT) && !defined(LWS_WITH_MBEDTLS) +#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) SSL_CTX *provided_client_ssl_ctx; /**< CONTEXT: If non-null, swap out libwebsockets ssl * implementation for the one provided by provided_ssl_ctx. @@ -5931,14 +5929,6 @@ lws_get_close_payload(struct lws *wsi); LWS_VISIBLE LWS_EXTERN struct lws *lws_get_network_wsi(struct lws *wsi); -/* - * \deprecated DEPRECATED Note: this is not normally needed as a user api. - * It's provided in case it is - * useful when integrating with other app poll loop service code. - */ -LWS_VISIBLE LWS_EXTERN int -lws_read(struct lws *wsi, unsigned char *buf, lws_filepos_t len); - /** * lws_set_allocator() - custom allocator support * @@ -6047,7 +6037,7 @@ struct lws_wifi_scan { /* generic wlan scan item */ uint8_t authmode; }; -#if defined(LWS_OPENSSL_SUPPORT) && !defined(LWS_WITH_MBEDTLS) +#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) /** * lws_get_ssl() - Return wsi's SSL context structure * \param wsi: websocket connection diff --git a/lib/minilex.c b/lib/minilex.c deleted file mode 100644 index 3cb1e33..0000000 --- a/lib/minilex.c +++ /dev/null @@ -1,272 +0,0 @@ -/* - * minilex.c - * - * High efficiency lexical state parser - * - * Copyright (C)2011-2014 Andy Green - * - * Licensed under LGPL2 - * - * Usage: gcc minilex.c -o minilex && ./minilex > lextable.h - * - * Run it twice to test parsing on the generated table on stderr - */ - -#include -#include -#include - -#include "lextable-strings.h" - -/* - * b7 = 0 = 1-byte seq - * 0x08 = fail - * 2-byte seq - * 0x00 - 0x07, then terminal as given in 2nd byte - 3-byte seq - * no match: go fwd 3 byte, match: jump fwd by amt in +1/+2 bytes - * = 1 = 1-byte seq - * no match: die, match go fwd 1 byte - */ - -unsigned char lextable[] = { - #include "lextable.h" -}; - -#define PARALLEL 30 - -struct state { - char c[PARALLEL]; - int state[PARALLEL]; - int count; - int bytepos; - - int real_pos; -}; - -struct state state[1000]; -int next = 1; - -#define FAIL_CHAR 0x08 - -int lextable_decode(int pos, char c) -{ - while (1) { - if (lextable[pos] & (1 << 7)) { /* 1-byte, fail on mismatch */ - if ((lextable[pos] & 0x7f) != c) - return -1; - /* fall thru */ - pos++; - if (lextable[pos] == FAIL_CHAR) - return -1; - return pos; - } else { /* b7 = 0, end or 3-byte */ - if (lextable[pos] < FAIL_CHAR) /* terminal marker */ - return pos; - - if (lextable[pos] == c) /* goto */ - return pos + (lextable[pos + 1]) + - (lextable[pos + 2] << 8); - /* fall thru goto */ - pos += 3; - /* continue */ - } - } -} - -int main(void) -{ - int n = 0; - int m = 0; - int prev; - char c; - int walk; - int saw; - int y; - int j; - int pos = 0; - - while (n < sizeof(set) / sizeof(set[0])) { - - m = 0; - walk = 0; - prev = 0; - - if (set[n][0] == '\0') { - n++; - continue; - } - - while (set[n][m]) { - - saw = 0; - for (y = 0; y < state[walk].count; y++) - if (state[walk].c[y] == set[n][m]) { - /* exists -- go forward */ - walk = state[walk].state[y]; - saw = 1; - break; - } - - if (saw) - goto again; - - /* something we didn't see before */ - - state[walk].c[state[walk].count] = set[n][m]; - - state[walk].state[state[walk].count] = next; - state[walk].count++; - walk = next++; -again: - m++; - } - - state[walk].c[0] = n++; - state[walk].state[0] = 0; /* terminal marker */ - state[walk].count = 1; - } - - walk = 0; - for (n = 0; n < next; n++) { - state[n].bytepos = walk; - walk += (2 * state[n].count); - } - - /* compute everyone's position first */ - - pos = 0; - walk = 0; - for (n = 0; n < next; n++) { - - state[n].real_pos = pos; - - for (m = 0; m < state[n].count; m++) { - - if (state[n].state[m] == 0) - pos += 2; /* terminal marker */ - else { /* c is a character */ - if ((state[state[n].state[m]].bytepos - - walk) == 2) - pos++; - else { - pos += 3; - if (m == state[n].count - 1) - pos++; /* fail */ - } - } - walk += 2; - } - } - - walk = 0; - pos = 0; - for (n = 0; n < next; n++) { - for (m = 0; m < state[n].count; m++) { - - if (!m) - fprintf(stdout, "/* pos %04x: %3d */ ", - state[n].real_pos, n); - else - fprintf(stdout, " "); - - y = state[n].c[m]; - saw = state[n].state[m]; - - if (saw == 0) { // c is a terminal then - - if (y > 0x7ff) { - fprintf(stderr, "terminal too big\n"); - return 2; - } - - fprintf(stdout, " 0x%02X, 0x%02X " - " " - "/* - terminal marker %2d - */,\n", - y >> 8, y & 0xff, y & 0x7f); - pos += 2; - walk += 2; - continue; - } - - /* c is a character */ - - prev = y &0x7f; - if (prev < 32 || prev > 126) - prev = '.'; - - - if ((state[saw].bytepos - walk) == 2) { - fprintf(stdout, " 0x%02X /* '%c' -> */,\n", - y | 0x80, prev); - pos++; - walk += 2; - continue; - } - - j = state[saw].real_pos - pos; - - if (j > 0xffff) { - fprintf(stderr, - "Jump > 64K bytes ahead (%d to %d)\n", - state[n].real_pos, state[saw].real_pos); - return 1; - } - fprintf(stdout, " 0x%02X /* '%c' */, 0x%02X, 0x%02X " - "/* (to 0x%04X state %3d) */,\n", - y, prev, - j & 0xff, j >> 8, - state[saw].real_pos, saw); - pos += 3; - - if (m == state[n].count - 1) { - fprintf(stdout, - " 0x%02X, /* fail */\n", - FAIL_CHAR); - pos++; /* fail */ - } - - walk += 2; - } - } - - fprintf(stdout, "/* total size %d bytes */\n", pos); - - /* - * Try to parse every legal input string - */ - - for (n = 0; n < sizeof(set) / sizeof(set[0]); n++) { - walk = 0; - m = 0; - y = -1; - - if (set[n][0] == '\0') - continue; - - fprintf(stderr, " trying '%s'\n", set[n]); - - while (set[n][m]) { - walk = lextable_decode(walk, set[n][m]); - if (walk < 0) { - fprintf(stderr, "failed\n"); - return 3; - } - - if (lextable[walk] < FAIL_CHAR) { - y = (lextable[walk] << 8) + lextable[walk + 1]; - break; - } - m++; - } - - if (y != n) { - fprintf(stderr, "decode failed %d\n", y); - return 4; - } - } - - fprintf(stderr, "All decode OK\n"); - - return 0; -} diff --git a/lib/misc/daemonize.c b/lib/misc/daemonize.c new file mode 100644 index 0000000..eb92821 --- /dev/null +++ b/lib/misc/daemonize.c @@ -0,0 +1,225 @@ +/* + * This code is mainly taken from Doug Potter's page + * + * http://www-theorie.physik.unizh.ch/~dpotter/howto/daemonize + * + * I contacted him 2007-04-16 about the license for the original code, + * he replied it is Public Domain. Use the URL above to get the original + * Public Domain version if you want it. + * + * This version is LGPL2.1+SLE like the rest of libwebsockets and is + * Copyright (c)2006 - 2013 Andy Green + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "private-libwebsockets.h" + +int pid_daemon; +static char *lock_path; + +int get_daemonize_pid() +{ + return pid_daemon; +} + +static void +child_handler(int signum) +{ + int fd, len, sent; + char sz[20]; + + switch (signum) { + + case SIGALRM: /* timed out daemonizing */ + exit(0); + break; + + case SIGUSR1: /* positive confirmation we daemonized well */ + + if (lock_path) { + /* Create the lock file as the current user */ + + fd = open(lock_path, O_TRUNC | O_RDWR | O_CREAT, 0640); + if (fd < 0) { + fprintf(stderr, + "unable to create lock file %s, code=%d (%s)\n", + lock_path, errno, strerror(errno)); + exit(0); + } + len = sprintf(sz, "%u", pid_daemon); + sent = write(fd, sz, len); + if (sent != len) + fprintf(stderr, + "unable to write pid to lock file %s, code=%d (%s)\n", + lock_path, errno, strerror(errno)); + + close(fd); + } + exit(0); + //!!(sent == len)); + + case SIGCHLD: /* daemonization failed */ + exit(0); + break; + } +} + +static void lws_daemon_closing(int sigact) +{ + if (getpid() == pid_daemon) + if (lock_path) { + unlink(lock_path); + lws_free_set_NULL(lock_path); + } + + kill(getpid(), SIGKILL); +} + +/* + * You just need to call this from your main(), when it + * returns you are all set "in the background" decoupled + * from the console you were started from. + * + * The process context you called from has been terminated then. + */ + +LWS_VISIBLE int +lws_daemonize(const char *_lock_path) +{ + struct sigaction act; + pid_t sid, parent; + int n, fd, ret; + char buf[10]; + + /* already a daemon */ +// if (getppid() == 1) +// return 1; + + if (_lock_path) { + fd = open(_lock_path, O_RDONLY); + if (fd >= 0) { + n = read(fd, buf, sizeof(buf)); + close(fd); + if (n) { + n = atoi(buf); + ret = kill(n, 0); + if (ret >= 0) { + fprintf(stderr, + "Daemon already running from pid %d\n", n); + exit(1); + } + fprintf(stderr, + "Removing stale lock file %s from dead pid %d\n", + _lock_path, n); + unlink(lock_path); + } + } + + n = strlen(_lock_path) + 1; + lock_path = lws_malloc(n, "daemonize lock"); + if (!lock_path) { + fprintf(stderr, "Out of mem in lws_daemonize\n"); + return 1; + } + strcpy(lock_path, _lock_path); + } + + /* Trap signals that we expect to receive */ + signal(SIGCHLD, child_handler); /* died */ + signal(SIGUSR1, child_handler); /* was happy */ + signal(SIGALRM, child_handler); /* timeout daemonizing */ + + /* Fork off the parent process */ + pid_daemon = fork(); + if (pid_daemon < 0) { + fprintf(stderr, "unable to fork daemon, code=%d (%s)", + errno, strerror(errno)); + exit(9); + } + + /* If we got a good PID, then we can exit the parent process. */ + if (pid_daemon > 0) { + + /* + * Wait for confirmation signal from the child via + * SIGCHILD / USR1, or for two seconds to elapse + * (SIGALRM). pause() should not return. + */ + alarm(2); + + pause(); + /* should not be reachable */ + exit(1); + } + + /* At this point we are executing as the child process */ + parent = getppid(); + pid_daemon = getpid(); + + /* Cancel certain signals */ + signal(SIGCHLD, SIG_DFL); /* A child process dies */ + signal(SIGTSTP, SIG_IGN); /* Various TTY signals */ + signal(SIGTTOU, SIG_IGN); + signal(SIGTTIN, SIG_IGN); + signal(SIGHUP, SIG_IGN); /* Ignore hangup signal */ + + /* Change the file mode mask */ + umask(0); + + /* Create a new SID for the child process */ + sid = setsid(); + if (sid < 0) { + fprintf(stderr, + "unable to create a new session, code %d (%s)", + errno, strerror(errno)); + exit(2); + } + + /* + * Change the current working directory. This prevents the current + * directory from being locked; hence not being able to remove it. + */ + if (chdir("/tmp") < 0) { + fprintf(stderr, + "unable to change directory to %s, code %d (%s)", + "/", errno, strerror(errno)); + exit(3); + } + + /* Redirect standard files to /dev/null */ + if (!freopen("/dev/null", "r", stdin)) + fprintf(stderr, "unable to freopen() stdin, code %d (%s)", + errno, strerror(errno)); + + if (!freopen("/dev/null", "w", stdout)) + fprintf(stderr, "unable to freopen() stdout, code %d (%s)", + errno, strerror(errno)); + + if (!freopen("/dev/null", "w", stderr)) + fprintf(stderr, "unable to freopen() stderr, code %d (%s)", + errno, strerror(errno)); + + /* Tell the parent process that we are A-okay */ + kill(parent, SIGUSR1); + + act.sa_handler = lws_daemon_closing; + sigemptyset(&act.sa_mask); + act.sa_flags = 0; + + sigaction(SIGTERM, &act, NULL); + + /* return to continue what is now "the daemon" */ + + return 0; +} + diff --git a/lib/misc/peer-limits.c b/lib/misc/peer-limits.c new file mode 100644 index 0000000..707454f --- /dev/null +++ b/lib/misc/peer-limits.c @@ -0,0 +1,254 @@ +/* + * libwebsockets - peer limits tracking + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +/* requires context->lock */ +static void +__lws_peer_remove_from_peer_wait_list(struct lws_context *context, + struct lws_peer *peer) +{ + struct lws_peer *df; + + lws_start_foreach_llp(struct lws_peer **, p, context->peer_wait_list) { + if (*p == peer) { + df = *p; + + *p = df->peer_wait_list; + df->peer_wait_list = NULL; + + return; + } + } lws_end_foreach_llp(p, peer_wait_list); +} + +/* requires context->lock */ +static void +__lws_peer_add_to_peer_wait_list(struct lws_context *context, + struct lws_peer *peer) +{ + __lws_peer_remove_from_peer_wait_list(context, peer); + + peer->peer_wait_list = context->peer_wait_list; + context->peer_wait_list = peer; +} + + +struct lws_peer * +lws_get_or_create_peer(struct lws_vhost *vhost, lws_sockfd_type sockfd) +{ + struct lws_context *context = vhost->context; + socklen_t rlen = 0; + void *q; + uint8_t *q8; + struct lws_peer *peer; + uint32_t hash = 0; + int n, af = AF_INET; + struct sockaddr_storage addr; + +#ifdef LWS_WITH_IPV6 + if (LWS_IPV6_ENABLED(vhost)) { + af = AF_INET6; + } +#endif + rlen = sizeof(addr); + if (getpeername(sockfd, (struct sockaddr*)&addr, &rlen)) + /* eg, udp doesn't have to have a peer */ + return NULL; + + if (af == AF_INET) { + struct sockaddr_in *s = (struct sockaddr_in *)&addr; + q = &s->sin_addr; + rlen = sizeof(s->sin_addr); + } else +#ifdef LWS_WITH_IPV6 + { + struct sockaddr_in6 *s = (struct sockaddr_in6 *)&addr; + q = &s->sin6_addr; + rlen = sizeof(s->sin6_addr); + } +#else + return NULL; +#endif + + q8 = q; + for (n = 0; n < (int)rlen; n++) + hash = (((hash << 4) | (hash >> 28)) * n) ^ q8[n]; + + hash = hash % context->pl_hash_elements; + + lws_context_lock(context); /* <====================================== */ + + lws_start_foreach_ll(struct lws_peer *, peerx, + context->pl_hash_table[hash]) { + if (peerx->af == af && !memcmp(q, peerx->addr, rlen)) { + lws_context_unlock(context); /* === */ + return peerx; + } + } lws_end_foreach_ll(peerx, next); + + lwsl_info("%s: creating new peer\n", __func__); + + peer = lws_zalloc(sizeof(*peer), "peer"); + if (!peer) { + lws_context_unlock(context); /* === */ + lwsl_err("%s: OOM for new peer\n", __func__); + return NULL; + } + + context->count_peers++; + peer->next = context->pl_hash_table[hash]; + peer->hash = hash; + peer->af = af; + context->pl_hash_table[hash] = peer; + memcpy(peer->addr, q, rlen); + time(&peer->time_created); + /* + * On creation, the peer has no wsi attached, so is created on the + * wait list. When a wsi is added it is removed from the wait list. + */ + time(&peer->time_closed_all); + __lws_peer_add_to_peer_wait_list(context, peer); + + lws_context_unlock(context); /* ====================================> */ + + return peer; +} + +/* requires context->lock */ +static int +__lws_peer_destroy(struct lws_context *context, struct lws_peer *peer) +{ + lws_start_foreach_llp(struct lws_peer **, p, + context->pl_hash_table[peer->hash]) { + if (*p == peer) { + struct lws_peer *df = *p; + *p = df->next; + lws_free(df); + context->count_peers--; + + return 0; + } + } lws_end_foreach_llp(p, next); + + return 1; +} + +void +lws_peer_cull_peer_wait_list(struct lws_context *context) +{ + struct lws_peer *df; + time_t t; + + time(&t); + + if (context->next_cull && t < context->next_cull) + return; + + lws_context_lock(context); /* <====================================== */ + + context->next_cull = t + 5; + + lws_start_foreach_llp(struct lws_peer **, p, context->peer_wait_list) { + if (t - (*p)->time_closed_all > 10) { + df = *p; + + /* remove us from the peer wait list */ + *p = df->peer_wait_list; + df->peer_wait_list = NULL; + + __lws_peer_destroy(context, df); + continue; /* we already point to next, if any */ + } + } lws_end_foreach_llp(p, peer_wait_list); + + lws_context_unlock(context); /* ====================================> */ +} + +void +lws_peer_add_wsi(struct lws_context *context, struct lws_peer *peer, + struct lws *wsi) +{ + if (!peer) + return; + + lws_context_lock(context); /* <====================================== */ + + peer->count_wsi++; + wsi->peer = peer; + __lws_peer_remove_from_peer_wait_list(context, peer); + + lws_context_unlock(context); /* ====================================> */ +} + +void +lws_peer_track_wsi_close(struct lws_context *context, struct lws_peer *peer) +{ + if (!peer) + return; + + lws_context_lock(context); /* <====================================== */ + + assert(peer->count_wsi); + peer->count_wsi--; + + if (!peer->count_wsi && !peer->count_ah) { + /* + * in order that we can accumulate peer activity correctly + * allowing for periods when the peer has no connections, + * we don't synchronously destroy the peer when his last + * wsi closes. Instead we mark the time his last wsi + * closed and add him to a peer_wait_list to be reaped + * later if no further activity is coming. + */ + time(&peer->time_closed_all); + __lws_peer_add_to_peer_wait_list(context, peer); + } + + lws_context_unlock(context); /* ====================================> */ +} + +int +lws_peer_confirm_ah_attach_ok(struct lws_context *context, struct lws_peer *peer) +{ + if (!peer) + return 0; + + if (context->ip_limit_ah && peer->count_ah >= context->ip_limit_ah) { + lwsl_info("peer reached ah limit %d, deferring\n", + context->ip_limit_ah); + + return 1; + } + + return 0; +} + +void +lws_peer_track_ah_detach(struct lws_context *context, struct lws_peer *peer) +{ + if (!peer) + return; + + assert(peer->count_ah); + peer->count_ah--; +} + diff --git a/lib/output.c b/lib/output.c index a7a3353..c51e7c5 100644 --- a/lib/output.c +++ b/lib/output.c @@ -21,25 +21,6 @@ #include "private-libwebsockets.h" -static int -lws_0405_frame_mask_generate(struct lws *wsi) -{ - int n; - /* fetch the per-frame nonce */ - - n = lws_get_random(lws_get_context(wsi), wsi->ws->mask, 4); - if (n != 4) { - lwsl_parser("Unable to read from random device %s %d\n", - SYSTEM_RANDOM_FILEPATH, n); - return 1; - } - - /* start masking from first byte of masking key buffer */ - wsi->ws->mask_idx = 0; - - return 0; -} - /* * notice this returns number of bytes consumed, or -1 */ @@ -63,11 +44,12 @@ int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len) */ if (wsi->could_have_pending) { lwsl_hexdump_level(LLL_ERR, buf, len); - lwsl_err("** %p: vh: %s, prot: %s, " + lwsl_err("** %p: vh: %s, prot: %s, role %s: " "Illegal back-to-back write of %lu detected...\n", wsi, wsi->vhost->name, wsi->protocol->name, + wsi->role_ops->name, (unsigned long)len); - // assert(0); + assert(0); return -1; } @@ -215,12 +197,6 @@ LWS_VISIBLE int lws_write(struct lws *wsi, unsigned char *buf, size_t len, enum lws_write_protocol wp) { struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - int masked7 = lwsi_role_client(wsi); - unsigned char is_masked_bit = 0; - unsigned char *dropmask = NULL; - struct lws_tokens eff_buf; - size_t orig_len = len; - int pre = 0, n, wp1f = wp & 0x1f; if (wsi->parent_carries_io) { struct lws_write_passthru pas; @@ -255,361 +231,11 @@ LWS_VISIBLE int lws_write(struct lws *wsi, unsigned char *buf, size_t len, if (wsi->vhost) wsi->vhost->conn_stats.tx += len; - if (wsi->ws && wsi->ws->tx_draining_ext && lwsi_role_ws(wsi)) { - /* remove us from the list */ - struct lws **w = &pt->tx_draining_ext_list; - - wsi->ws->tx_draining_ext = 0; - /* remove us from context draining ext list */ - while (*w) { - if (*w == wsi) { - *w = wsi->ws->tx_draining_ext_list; - break; - } - w = &((*w)->ws->tx_draining_ext_list); - } - wsi->ws->tx_draining_ext_list = NULL; - wp = (wsi->ws->tx_draining_stashed_wp & 0xc0) | - LWS_WRITE_CONTINUATION; - wp1f = wp & 0x1f; - - lwsl_ext("FORCED draining wp to 0x%02X\n", wp); - } - - lws_restart_ws_ping_pong_timer(wsi); - - if (wp1f == LWS_WRITE_HTTP || - wp1f == LWS_WRITE_HTTP_FINAL || - wp1f == LWS_WRITE_HTTP_HEADERS_CONTINUATION || - wp1f == LWS_WRITE_HTTP_HEADERS) - goto send_raw; - - /* if not in a state to send ws stuff, then just send nothing */ - - if (!lwsi_role_ws(wsi) && - ((lwsi_state(wsi) != LRS_RETURNED_CLOSE && - lwsi_state(wsi) != LRS_WAITING_TO_SEND_CLOSE && - lwsi_state(wsi) != LRS_AWAITING_CLOSE_ACK) || - wp1f != LWS_WRITE_CLOSE)) { - //assert(0); - lwsl_debug("binning %d %d\n", lwsi_state(wsi), wp1f); - return 0; - } - - /* if we are continuing a frame that already had its header done */ - - if (wsi->ws->inside_frame) { - lwsl_debug("INSIDE FRAME\n"); - goto do_more_inside_frame; - } - - wsi->ws->clean_buffer = 1; - - /* - * give a chance to the extensions to modify payload - * the extension may decide to produce unlimited payload erratically - * (eg, compression extension), so we require only that if he produces - * something, it will be a complete fragment of the length known at - * the time (just the fragment length known), and if he has - * more we will come back next time he is writeable and allow him to - * produce more fragments until he's drained. - * - * This allows what is sent each time it is writeable to be limited to - * a size that can be sent without partial sends or blocking, allows - * interleaving of control frames and other connection service. - */ - eff_buf.token = (char *)buf; - eff_buf.token_len = (int)len; - - switch ((int)wp) { - case LWS_WRITE_PING: - case LWS_WRITE_PONG: - case LWS_WRITE_CLOSE: - break; - default: -#if !defined(LWS_WITHOUT_EXTENSIONS) - lwsl_debug("LWS_EXT_CB_PAYLOAD_TX\n"); - n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_TX, &eff_buf, wp); - if (n < 0) - return -1; - - if (n && eff_buf.token_len) { - lwsl_debug("drain len %d\n", (int)eff_buf.token_len); - /* extension requires further draining */ - wsi->ws->tx_draining_ext = 1; - wsi->ws->tx_draining_ext_list = - pt->tx_draining_ext_list; - pt->tx_draining_ext_list = wsi; - /* we must come back to do more */ - lws_callback_on_writable(wsi); - /* - * keep a copy of the write type for the overall - * action that has provoked generation of these - * fragments, so the last guy can use its FIN state. - */ - wsi->ws->tx_draining_stashed_wp = wp; - /* this is definitely not actually the last fragment - * because the extension asserted he has more coming - * So make sure this intermediate one doesn't go out - * with a FIN. - */ - wp |= LWS_WRITE_NO_FIN; - } -#endif - if (eff_buf.token_len && wsi->ws->stashed_write_pending) { - wsi->ws->stashed_write_pending = 0; - wp = (wp &0xc0) | (int)wsi->ws->stashed_write_type; - wp1f = wp & 0x1f; - } - } - - /* - * an extension did something we need to keep... for example, if - * compression extension, it has already updated its state according - * to this being issued - */ - if ((char *)buf != eff_buf.token) { - /* - * ext might eat it, but not have anything to issue yet. - * In that case we have to follow his lead, but stash and - * replace the write type that was lost here the first time. - */ - if (len && !eff_buf.token_len) { - if (!wsi->ws->stashed_write_pending) - wsi->ws->stashed_write_type = (char)wp & 0x3f; - wsi->ws->stashed_write_pending = 1; - return (int)len; - } - /* - * extension recreated it: - * need to buffer this if not all sent - */ - wsi->ws->clean_buffer = 0; - } - - buf = (unsigned char *)eff_buf.token; - len = eff_buf.token_len; - - if (!buf) { - lwsl_err("null buf (%d)\n", (int)len); - return -1; - } - - switch (wsi->ws->ietf_spec_revision) { - case 13: - if (masked7) { - pre += 4; - dropmask = &buf[0 - pre]; - is_masked_bit = 0x80; - } - - switch (wp & 0xf) { - case LWS_WRITE_TEXT: - n = LWSWSOPC_TEXT_FRAME; - break; - case LWS_WRITE_BINARY: - n = LWSWSOPC_BINARY_FRAME; - break; - case LWS_WRITE_CONTINUATION: - n = LWSWSOPC_CONTINUATION; - break; - - case LWS_WRITE_CLOSE: - n = LWSWSOPC_CLOSE; - break; - case LWS_WRITE_PING: - n = LWSWSOPC_PING; - break; - case LWS_WRITE_PONG: - n = LWSWSOPC_PONG; - break; - default: - lwsl_warn("lws_write: unknown write opc / wp\n"); - return -1; - } + assert(wsi->role_ops); + if (!wsi->role_ops->write_role_protocol) + return lws_issue_raw(wsi, buf, len); - if (!(wp & LWS_WRITE_NO_FIN)) - n |= 1 << 7; - - if (len < 126) { - pre += 2; - buf[-pre] = n; - buf[-pre + 1] = (unsigned char)(len | is_masked_bit); - } else { - if (len < 65536) { - pre += 4; - buf[-pre] = n; - buf[-pre + 1] = 126 | is_masked_bit; - buf[-pre + 2] = (unsigned char)(len >> 8); - buf[-pre + 3] = (unsigned char)len; - } else { - pre += 10; - buf[-pre] = n; - buf[-pre + 1] = 127 | is_masked_bit; -#if defined __LP64__ - buf[-pre + 2] = (len >> 56) & 0x7f; - buf[-pre + 3] = len >> 48; - buf[-pre + 4] = len >> 40; - buf[-pre + 5] = len >> 32; -#else - buf[-pre + 2] = 0; - buf[-pre + 3] = 0; - buf[-pre + 4] = 0; - buf[-pre + 5] = 0; -#endif - buf[-pre + 6] = (unsigned char)(len >> 24); - buf[-pre + 7] = (unsigned char)(len >> 16); - buf[-pre + 8] = (unsigned char)(len >> 8); - buf[-pre + 9] = (unsigned char)len; - } - } - break; - } - -do_more_inside_frame: - - /* - * Deal with masking if we are in client -> server direction and - * the wp demands it - */ - - if (masked7) { - if (!wsi->ws->inside_frame) - if (lws_0405_frame_mask_generate(wsi)) { - lwsl_err("frame mask generation failed\n"); - return -1; - } - - /* - * in v7, just mask the payload - */ - if (dropmask) { /* never set if already inside frame */ - for (n = 4; n < (int)len + 4; n++) - dropmask[n] = dropmask[n] ^ wsi->ws->mask[ - (wsi->ws->mask_idx++) & 3]; - - /* copy the frame nonce into place */ - memcpy(dropmask, wsi->ws->mask, 4); - } - } - -send_raw: - switch (wp1f) { - case LWS_WRITE_TEXT: - case LWS_WRITE_BINARY: - case LWS_WRITE_CONTINUATION: - if (!wsi->h2_stream_carries_ws) - break; - /* fallthru */ - case LWS_WRITE_CLOSE: -/* lwsl_hexdump(&buf[-pre], len); */ - case LWS_WRITE_HTTP: - case LWS_WRITE_HTTP_FINAL: - case LWS_WRITE_HTTP_HEADERS: - case LWS_WRITE_HTTP_HEADERS_CONTINUATION: - case LWS_WRITE_PONG: - case LWS_WRITE_PING: -#ifdef LWS_WITH_HTTP2 - /* - * ws-over-h2 also ends up here after the ws framing applied - */ - if (lwsi_role_h2(wsi)) { - unsigned char flags = 0; - - n = LWS_H2_FRAME_TYPE_DATA; - if (wp1f == LWS_WRITE_HTTP_HEADERS) { - n = LWS_H2_FRAME_TYPE_HEADERS; - if (!(wp & LWS_WRITE_NO_FIN)) - flags = LWS_H2_FLAG_END_HEADERS; - if (wsi->h2.send_END_STREAM || - (wp & LWS_WRITE_H2_STREAM_END)) { - flags |= LWS_H2_FLAG_END_STREAM; - wsi->h2.send_END_STREAM = 1; - } - } - - if (wp1f == LWS_WRITE_HTTP_HEADERS_CONTINUATION) { - n = LWS_H2_FRAME_TYPE_CONTINUATION; - if (!(wp & LWS_WRITE_NO_FIN)) - flags = LWS_H2_FLAG_END_HEADERS; - if (wsi->h2.send_END_STREAM || - (wp & LWS_WRITE_H2_STREAM_END)) { - flags |= LWS_H2_FLAG_END_STREAM; - wsi->h2.send_END_STREAM = 1; - } - } - - if ((wp1f == LWS_WRITE_HTTP || - wp1f == LWS_WRITE_HTTP_FINAL) && - wsi->http.tx_content_length) { - wsi->http.tx_content_remain -= len; - lwsl_info("%s: wsi %p: tx_content_remain = %llu\n", - __func__, wsi, - (unsigned long long)wsi->http.tx_content_remain); - if (!wsi->http.tx_content_remain) { - lwsl_info("%s: selecting final write mode\n", - __func__); - wp = LWS_WRITE_HTTP_FINAL; - wp1f = wp & 0x1f; - } - } - - if (wp1f == LWS_WRITE_HTTP_FINAL || - (wp & LWS_WRITE_H2_STREAM_END)) { - //lws_get_network_wsi(wsi)->h2.END_STREAM) { - lwsl_info("%s: setting END_STREAM\n", __func__); - flags |= LWS_H2_FLAG_END_STREAM; - wsi->h2.send_END_STREAM = 1; - } - - /* if any ws framing, account for that too */ - return lws_h2_frame_write(wsi, n, flags, wsi->h2.my_sid, - (int)len + pre, buf - pre); - } -#endif - return lws_issue_raw(wsi, (unsigned char *)buf - pre, len + pre); - default: - break; - } - - /* - * give any active extensions a chance to munge the buffer - * before send. We pass in a pointer to an lws_tokens struct - * prepared with the default buffer and content length that's in - * there. Rather than rewrite the default buffer, extensions - * that expect to grow the buffer can adapt .token to - * point to their own per-connection buffer in the extension - * user allocation. By default with no extensions or no - * extension callback handling, just the normal input buffer is - * used then so it is efficient. - * - * callback returns 1 in case it wants to spill more buffers - * - * This takes care of holding the buffer if send is incomplete, ie, - * if wsi->ws->clean_buffer is 0 (meaning an extension meddled with - * the buffer). If wsi->ws->clean_buffer is 1, it will instead - * return to the user code how much OF THE USER BUFFER was consumed. - */ - - n = lws_issue_raw_ext_access(wsi, buf - pre, len + pre); - wsi->ws->inside_frame = 1; - if (n <= 0) - return n; - - if (n == (int)len + pre) { - /* everything in the buffer was handled (or rebuffered...) */ - wsi->ws->inside_frame = 0; - return (int)orig_len; - } - - /* - * it is how many bytes of user buffer got sent... may be < orig_len - * in which case callback when writable has already been arranged - * and user code can call lws_write() again with the rest - * later. - */ - - return n - pre; + return wsi->role_ops->write_role_protocol(wsi, buf, len, &wp); } LWS_VISIBLE int lws_serve_http_file_fragment(struct lws *wsi) @@ -688,26 +314,29 @@ LWS_VISIBLE int lws_serve_http_file_fragment(struct lws *wsi) poss = wsi->http.tx_content_remain; /* - * if there is a hint about how much we will do well to send at one time, - * restrict ourselves to only trying to send that. + * if there is a hint about how much we will do well to send at + * one time, restrict ourselves to only trying to send that. */ if (wsi->protocol->tx_packet_size && poss > wsi->protocol->tx_packet_size) poss = wsi->protocol->tx_packet_size; -#if defined(LWS_WITH_HTTP2) - m = lws_h2_tx_cr_get(wsi); - if (!m) { - lwsl_info("%s: came here with no tx credit\n", __func__); - return 0; + if (wsi->role_ops->tx_credit) { + lws_filepos_t txc = wsi->role_ops->tx_credit(wsi); + + if (!txc) { + lwsl_info("%s: came here with no tx credit\n", + __func__); + return 0; + } + if (txc < poss) + poss = txc; + + /* + * consumption of the actual payload amount sent will be + * handled when the role data frame is sent + */ } - if ((lws_filepos_t)m < poss) - poss = m; - /* - * consumption of the actual payload amount sent will be handled - * when the http2 data frame is sent - */ -#endif #if defined(LWS_WITH_RANGES) if (wsi->http.range.count_ranges) { @@ -854,7 +483,6 @@ file_had_it: return -1; } -#if LWS_POSIX LWS_VISIBLE int lws_ssl_capable_read_no_ssl(struct lws *wsi, unsigned char *buf, int len) { @@ -879,12 +507,12 @@ lws_ssl_capable_read_no_ssl(struct lws *wsi, unsigned char *buf, int len) return n; } -#if LWS_POSIX + if (LWS_ERRNO == LWS_EAGAIN || LWS_ERRNO == LWS_EWOULDBLOCK || LWS_ERRNO == LWS_EINTR) return LWS_SSL_CAPABLE_MORE_SERVICE; -#endif + lwsl_notice("error on reading from skt : %d\n", LWS_ERRNO); return LWS_SSL_CAPABLE_ERROR; } @@ -894,7 +522,6 @@ lws_ssl_capable_write_no_ssl(struct lws *wsi, unsigned char *buf, int len) { int n = 0; -#if LWS_POSIX if (lws_wsi_is_udp(wsi)) { if (wsi->trunc_len) n = sendto(wsi->desc.sockfd, buf, len, 0, &wsi->udp->sa_pending, wsi->udp->salen_pending); @@ -915,20 +542,13 @@ lws_ssl_capable_write_no_ssl(struct lws *wsi, unsigned char *buf, int len) return LWS_SSL_CAPABLE_MORE_SERVICE; } -#else - (void)n; - (void)wsi; - (void)buf; - (void)len; - // !!! -#endif lwsl_debug("ERROR writing len %d to skt fd %d err %d / errno %d\n", len, wsi->desc.sockfd, n, LWS_ERRNO); return LWS_SSL_CAPABLE_ERROR; } -#endif + LWS_VISIBLE int lws_ssl_pending_no_ssl(struct lws *wsi) { diff --git a/lib/plat/lws-plat-esp32.c b/lib/plat/lws-plat-esp32.c index c082860..3c4dfb5 100644 --- a/lib/plat/lws-plat-esp32.c +++ b/lib/plat/lws-plat-esp32.c @@ -217,7 +217,7 @@ _lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi) } } -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) if (!pt->rx_draining_ext_list && !lws_ssl_anybody_has_buffered_read_tsi(context, tsi) && !n) { #else diff --git a/lib/plat/lws-plat-optee.c b/lib/plat/lws-plat-optee.c index 41160cb..4003f7c 100644 --- a/lib/plat/lws-plat-optee.c +++ b/lib/plat/lws-plat-optee.c @@ -140,7 +140,7 @@ _lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi) #if 1 n = poll(pt->fds, pt->fds_count, timeout_ms); -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) if (!pt->rx_draining_ext_list && !lws_ssl_anybody_has_buffered_read_tsi(context, tsi) && !n) { #else diff --git a/lib/plat/lws-plat-unix.c b/lib/plat/lws-plat-unix.c index 9a075f9..6b8eff8 100644 --- a/lib/plat/lws-plat-unix.c +++ b/lib/plat/lws-plat-unix.c @@ -254,7 +254,7 @@ _lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi) lws_pt_unlock(pt); -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) if (!n && !pt->rx_draining_ext_list && !lws_ssl_anybody_has_buffered_read_tsi(context, tsi)) { #else diff --git a/lib/pollfd.c b/lib/pollfd.c index d8836e2..d9029c4 100644 --- a/lib/pollfd.c +++ b/lib/pollfd.c @@ -172,9 +172,7 @@ _lws_change_pollfd(struct lws *wsi, int _and, int _or, struct lws_pollargs *pa) * ... and the service thread is waiting ... * then cancel it to force a restart with our changed events */ -#if LWS_POSIX pa_events = pa->prev_events != pa->events; -#endif if (pa_events) { if (lws_plat_change_pollfd(context, wsi, pfd)) { @@ -264,11 +262,7 @@ __insert_wsi_socket_into_fds(struct lws_context *context, struct lws *wsi) wsi->position_in_fds_table = pt->fds_count; pt->fds[wsi->position_in_fds_table].fd = wsi->desc.sockfd; -#if LWS_POSIX pt->fds[wsi->position_in_fds_table].events = LWS_POLLIN; -#else - pt->fds[wsi->position_in_fds_table].events = 0; -#endif pa.events = pt->fds[pt->fds_count].events; lws_plat_insert_socket_into_fds(context, wsi); @@ -422,10 +416,6 @@ LWS_VISIBLE int lws_callback_on_writable(struct lws *wsi) { struct lws_context_per_thread *pt; -#ifdef LWS_WITH_HTTP2 - struct lws *network_wsi, *wsi2; - int already; -#endif int n; if (lwsi_state(wsi) == LRS_SHUTDOWN) @@ -461,66 +451,13 @@ lws_callback_on_writable(struct lws *wsi) } #endif -#ifdef LWS_WITH_HTTP2 - lwsl_info("%s: %p (role/state 0x%x)\n", __func__, wsi, wsi->wsistate); - - if (!lwsi_role_h2(wsi)) - goto network_sock; - - if (wsi->h2.requested_POLLOUT -#if !defined(LWS_NO_CLIENT) - && !wsi->client_h2_alpn -#endif - ) { - lwsl_info("already pending writable\n"); - return 1; - } - /* is this for DATA or for control messages? */ - if (wsi->upgraded_to_http2 && !wsi->h2.h2n->pps && - !lws_h2_tx_cr_get(wsi)) { - /* - * other side is not able to cope with us sending DATA - * anything so no matter if we have POLLOUT on our side if it's - * DATA we want to send. - * - * Delay waiting for our POLLOUT until peer indicates he has - * space for more using tx window command in http2 layer - */ - lwsl_notice("%s: %p: skint (%d)\n", __func__, wsi, - wsi->h2.tx_cr); - wsi->h2.skint = 1; - return 0; + if (wsi->role_ops->callback_on_writable) { + if (wsi->role_ops->callback_on_writable(wsi)) + return 1; + wsi = lws_get_network_wsi(wsi); } - wsi->h2.skint = 0; - network_wsi = lws_get_network_wsi(wsi); - already = network_wsi->h2.requested_POLLOUT; - - /* mark everybody above him as requesting pollout */ - - wsi2 = wsi; - while (wsi2) { - wsi2->h2.requested_POLLOUT = 1; - lwsl_info("mark %p pending writable\n", wsi2); - wsi2 = wsi2->h2.parent_wsi; - } - - /* for network action, act only on the network wsi */ - - wsi = network_wsi; - if (already && !wsi->client_h2_alpn -#if !defined(LWS_NO_CLIENT) - && !wsi->client_h2_substream -#endif - ) - return 1; -network_sock: -#endif - - if (lws_ext_cb_active(wsi, LWS_EXT_CB_REQUEST_ON_WRITEABLE, NULL, 0)) - return 1; - if (wsi->position_in_fds_table < 0) { lwsl_debug("%s: failed to find socket %d\n", __func__, wsi->desc.sockfd); diff --git a/lib/private-libwebsockets.h b/lib/private-libwebsockets.h index 5dfdb3f..2edcf9d 100644 --- a/lib/private-libwebsockets.h +++ b/lib/private-libwebsockets.h @@ -210,7 +210,7 @@ int fork(void); #define strerror(x) "" #endif -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) #ifdef USE_WOLFSSL #ifdef USE_OLD_CYASSL @@ -413,7 +413,7 @@ extern "C" { * Choose the SSL backend */ -#if defined(LWS_OPENSSL_SUPPORT) +#if defined(LWS_WITH_TLS) #if defined(LWS_WITH_MBEDTLS________) struct lws_tls_mbed_ctx { @@ -482,107 +482,89 @@ enum lws_websocket_opcodes_07 { typedef uint32_t lws_wsi_state_t; /* - * 31 16 15 0 - * [ role ] [ state ] + * The wsi->role_ops pointer decides almost everything about what role the wsi + * will play, h2, raw, ws, etc. * - * The role part is generally invariant for the lifetime of the wsi, although - * it can change if the connection role itself does, eg, if the connection - * upgrades from H1 -> WS1 the role is changed at that point. + * However there are a few additional flags needed that vary, such as if the + * role is a client or server side, if it has that concept. And the connection + * fulfilling the role, has a separate dynamic state. + * + * 31 16 15 0 + * [ role flags ] [ state ] + * + * The role flags part is generally invariant for the lifetime of the wsi, + * although it can change if the connection role itself does, eg, if the + * connection upgrades from H1 -> WS1 the role flags may be changed at that + * point. * * The state part reflects the dynamic connection state, and the states are * reused between roles. * * None of the internal role or state representations are made available outside - * of lws internals. + * of lws internals. Even for lws internals, if you add stuff here, please keep + * the constants inside this header only by adding necessary helpers here and + * use the helpers in the actual code. This is to ease any future refactors. + * + * Notice LWSIFR_ENCAP means we have a parent wsi that actually carries our + * data as a stream inside a different protocol. */ #define _RS 16 -#define LWSIFR_HTTP (0x008 << _RS) -#define LWSIFR_H2 (0x010 << _RS) -#define LWSIFR_CLIENT (0x020 << _RS) -#define LWSIFR_SERVER (0x040 << _RS) -#define LWSIFR_WS (0x080 << _RS) -#define LWSIFR_RAW (0x100 << _RS) - -enum lwsi_role { - LWSI_ROLE_UNSET = (0 << _RS), - - LWSI_ROLE_H1_SERVER = (LWSIFR_SERVER | LWSIFR_HTTP ), - LWSI_ROLE_H2_SERVER = (LWSIFR_SERVER | LWSIFR_HTTP | LWSIFR_H2), - LWSI_ROLE_H1_CLIENT = (LWSIFR_CLIENT | LWSIFR_HTTP ), - LWSI_ROLE_H2_CLIENT = (LWSIFR_CLIENT | LWSIFR_HTTP | LWSIFR_H2), - LWSI_ROLE_WS1_SERVER = (LWSIFR_SERVER | LWSIFR_WS ), - LWSI_ROLE_WS2_SERVER = (LWSIFR_SERVER | LWSIFR_WS | LWSIFR_H2), - LWSI_ROLE_WS1_CLIENT = (LWSIFR_CLIENT | LWSIFR_WS ), - LWSI_ROLE_WS2_CLIENT = (LWSIFR_CLIENT | LWSIFR_WS | LWSIFR_H2), +#define LWSIFR_CLIENT (0x1000 << _RS) /* client side */ +#define LWSIFR_SERVER (0x2000 << _RS) /* server side */ - LWSI_ROLE_CGI = (1 << _RS), - LWSI_ROLE_LISTEN_SOCKET = (2 << _RS), - LWSI_ROLE_EVENT_PIPE = (3 << _RS), - LWSI_ROLE_RAW_FILE = (LWSIFR_RAW | (4 << _RS)), - LWSI_ROLE_RAW_SOCKET = (LWSIFR_RAW | (5 << _RS)), +#define LWSIFR_P_ENCAP_H2 (0x0100 << _RS) /* we are encapsulated by h2 */ - LWSI_ROLE_MASK = (0xffff << _RS), +enum lwsi_role { + LWSI_ROLE_MASK = (0xffff << _RS), + LWSI_ROLE_ENCAP_MASK = (0x0f00 << _RS), }; -#define lwsi_role(wsi) \ - (wsi->wsistate & LWSI_ROLE_MASK) +#define lwsi_role(wsi) (wsi->wsistate & LWSI_ROLE_MASK) #if !defined (_DEBUG) #define lwsi_set_role(wsi, role) wsi->wsistate = \ (wsi->wsistate & (~LWSI_ROLE_MASK)) | role #else void lwsi_set_role(struct lws *wsi, lws_wsi_state_t role); #endif -#define lwsi_role_ws(wsi) (!!(wsi->wsistate & LWSIFR_WS)) -#define lwsi_role_ws_client(wsi) \ - ((wsi->wsistate & (LWSIFR_CLIENT | LWSIFR_WS))\ - == (LWSIFR_CLIENT | LWSIFR_WS)) -#define lwsi_role_non_ws_client(wsi) \ - ((wsi->wsistate & (LWSIFR_CLIENT | LWSIFR_WS))\ - == (LWSIFR_CLIENT)) + #define lwsi_role_client(wsi) (!!(wsi->wsistate & LWSIFR_CLIENT)) -#define lwsi_role_raw(wsi) (!!(wsi->wsistate & LWSIFR_RAW)) -#define lwsi_role_http_server(wsi) \ - ((wsi->wsistate & (LWSIFR_SERVER | LWSIFR_HTTP))\ - == (LWSIFR_SERVER | LWSIFR_HTTP)) -#define lwsi_role_http_client(wsi) \ - ((wsi->wsistate & (LWSIFR_CLIENT | LWSIFR_HTTP))\ - == (LWSIFR_CLIENT | LWSIFR_HTTP)) -#define lwsi_role_http(wsi) (!!(wsi->wsistate & LWSIFR_HTTP)) -#define lwsi_role_h2(wsi) (!!(wsi->wsistate & LWSIFR_H2)) +#define lwsi_role_server(wsi) (!!(wsi->wsistate & LWSIFR_SERVER)) +#define lwsi_role_h2_ENCAPSULATION(wsi) \ + ((wsi->wsistate & LWSI_ROLE_ENCAP_MASK) == LWSIFR_P_ENCAP_H2) /* Pollout wants a callback in this state */ #define LWSIFS_POCB (0x100) /* Before any protocol connection was established */ -#define LWSIFS_NOTEST (0x200) +#define LWSIFS_NOT_EST (0x200) enum lwsi_state { /* Phase 1: pre-transport */ - LRS_UNCONNECTED = LWSIFS_NOTEST | 0, - LRS_WAITING_CONNECT = LWSIFS_NOTEST | 1, + LRS_UNCONNECTED = LWSIFS_NOT_EST | 0, + LRS_WAITING_CONNECT = LWSIFS_NOT_EST | 1, /* Phase 2: establishing intermediaries on top of transport */ - LRS_WAITING_PROXY_REPLY = LWSIFS_NOTEST | 2, - LRS_WAITING_SSL = LWSIFS_NOTEST | 3, - LRS_WAITING_SOCKS_GREETING_REPLY = LWSIFS_NOTEST | 4, - LRS_WAITING_SOCKS_CONNECT_REPLY = LWSIFS_NOTEST | 5, - LRS_WAITING_SOCKS_AUTH_REPLY = LWSIFS_NOTEST | 6, + LRS_WAITING_PROXY_REPLY = LWSIFS_NOT_EST | 2, + LRS_WAITING_SSL = LWSIFS_NOT_EST | 3, + LRS_WAITING_SOCKS_GREETING_REPLY = LWSIFS_NOT_EST | 4, + LRS_WAITING_SOCKS_CONNECT_REPLY = LWSIFS_NOT_EST | 5, + LRS_WAITING_SOCKS_AUTH_REPLY = LWSIFS_NOT_EST | 6, /* Phase 3: establishing tls tunnel */ - LRS_SSL_INIT = LWSIFS_NOTEST | 7, - LRS_SSL_ACK_PENDING = LWSIFS_NOTEST | 8, - LRS_PRE_WS_SERVING_ACCEPT = LWSIFS_NOTEST | 9, + LRS_SSL_INIT = LWSIFS_NOT_EST | 7, + LRS_SSL_ACK_PENDING = LWSIFS_NOT_EST | 8, + LRS_PRE_WS_SERVING_ACCEPT = LWSIFS_NOT_EST | 9, /* Phase 4: connected */ - LRS_WAITING_SERVER_REPLY = LWSIFS_NOTEST | 10, - LRS_H2_AWAIT_PREFACE = LWSIFS_NOTEST | 11, - LRS_H2_AWAIT_SETTINGS = LWSIFS_NOTEST | + LRS_WAITING_SERVER_REPLY = LWSIFS_NOT_EST | 10, + LRS_H2_AWAIT_PREFACE = LWSIFS_NOT_EST | 11, + LRS_H2_AWAIT_SETTINGS = LWSIFS_NOT_EST | LWSIFS_POCB | 12, /* Phase 5: protocol logically established */ @@ -590,31 +572,35 @@ enum lwsi_state { LRS_H2_CLIENT_SEND_SETTINGS = LWSIFS_POCB | 13, LRS_H2_WAITING_TO_SEND_HEADERS = LWSIFS_POCB | 14, LRS_DEFERRING_ACTION = LWSIFS_POCB | 15, - LRS_H1C_ISSUE_HANDSHAKE = 16, - LRS_H1C_ISSUE_HANDSHAKE2 = 17, - LRS_ISSUE_HTTP_BODY = 18, - LRS_ISSUING_FILE = 19, - LRS_HEADERS = 20, - LRS_BODY = 21, - LRS_ESTABLISHED = LWSIFS_POCB | 22, + LRS_IDLING = 16, + LRS_H1C_ISSUE_HANDSHAKE = 17, + LRS_H1C_ISSUE_HANDSHAKE2 = 18, + LRS_ISSUE_HTTP_BODY = 19, + LRS_ISSUING_FILE = 20, + LRS_HEADERS = 21, + LRS_BODY = 22, + LRS_ESTABLISHED = LWSIFS_POCB | 23, /* Phase 6: finishing */ - LRS_WAITING_TO_SEND_CLOSE = LWSIFS_POCB | 23, - LRS_RETURNED_CLOSE = LWSIFS_POCB | 24, - LRS_AWAITING_CLOSE_ACK = 25, - LRS_FLUSHING_BEFORE_CLOSE = LWSIFS_POCB | 26, - LRS_SHUTDOWN = 27, + LRS_WAITING_TO_SEND_CLOSE = LWSIFS_POCB | 24, + LRS_RETURNED_CLOSE = LWSIFS_POCB | 25, + LRS_AWAITING_CLOSE_ACK = 26, + LRS_FLUSHING_BEFORE_CLOSE = LWSIFS_POCB | 27, + LRS_SHUTDOWN = 28, /* Phase 7: dead */ - LRS_DEAD_SOCKET = 28, + LRS_DEAD_SOCKET = 29, LRS_MASK = 0xffff }; #define lwsi_state(wsi) ((enum lwsi_state)(wsi->wsistate & LRS_MASK)) -#define lwsi_state_est(wsi) (!(wsi->wsistate & LWSIFS_NOTEST)) +#define lwsi_state_PRE_CLOSE(wsi) ((enum lwsi_state)(wsi->wsistate_pre_close & LRS_MASK)) +#define lwsi_state_est(wsi) (!(wsi->wsistate & LWSIFS_NOT_EST)) +#define lwsi_state_est_PRE_CLOSE(wsi) (!(wsi->wsistate_pre_close & LWSIFS_NOT_EST)) +#define lwsi_state_can_handle_POLLOUT(wsi) (wsi->wsistate & LWSIFS_POCB) #if !defined (_DEBUG) #define lwsi_set_state(wsi, lrs) wsi->wsistate = \ (wsi->wsistate & (~LRS_MASK)) | lrs @@ -622,6 +608,100 @@ enum lwsi_state { void lwsi_set_state(struct lws *wsi, lws_wsi_state_t lrs); #endif +/* + * internal role-specific ops + */ +struct lws_context_per_thread; +struct lws_role_ops { + const char *name; + /* + * After http headers have parsed, this is the last chance for a role + * to upgrade the connection to something else using the headers. + * ws-over-h2 is upgraded from h2 like this. + */ + int (*check_upgrades)(struct lws *wsi); + /* role-specific context init during vhost creation */ + int (*init_context)(struct lws_context *context, + struct lws_context_creation_info *info); + /* role-specific per-vhost init during vhost creation */ + int (*init_vhost)(struct lws_vhost *vh, + struct lws_context_creation_info *info); + /* generic 1Hz callback for the role itself */ + int (*periodic_checks)(struct lws_context *context, int tsi, + time_t now); + /* chance for the role to force POLLIN without network activity */ + int (*service_flag_pending)(struct lws_context *context, int tsi); + /* an fd using this role has POLLIN signalled */ + int (*handle_POLLIN)(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd); + /* an fd using the role wanted a POLLOUT callback and now has it */ + int (*handle_POLLOUT)(struct lws *wsi); + /* perform user pollout */ + int (*perform_user_POLLOUT)(struct lws *wsi); + /* do effective callback on writeable */ + int (*callback_on_writable)(struct lws *wsi); + /* connection-specific tx credit in bytes */ + lws_filepos_t (*tx_credit)(struct lws *wsi); + /* role-specific write formatting */ + int (*write_role_protocol)(struct lws *wsi, unsigned char *buf, + size_t len, enum lws_write_protocol *wp); + + /* cache rx due to rx flow control */ + int (*rxflow_cache)(struct lws *wsi, unsigned char *buf, int n, + int len); + /* get encapsulation parent */ + struct lws * (*encapsulation_parent)(struct lws *wsi); + + /* chance for the role to handle close in the protocol */ + int (*close_via_role_protocol)(struct lws *wsi, + enum lws_close_status reason); + /* role-specific close processing */ + int (*close_role)(struct lws_context_per_thread *pt, struct lws *wsi); + /* role-specific connection close processing */ + int (*close_kill_connection)(struct lws *wsi, + enum lws_close_status reason); + /* role-specific destructor */ + int (*destroy_role)(struct lws *wsi); + + /* + * the callback reasons for WRITEABLE for client, server + * (just client applies if no concept of client or server) + */ + uint16_t writeable_cb[2]; + /* + * the callback reasons for CLOSE for client, server + * (just client applies if no concept of client or server) + */ + uint16_t close_cb[2]; +}; + +extern struct lws_role_ops role_ops_h1, role_ops_h2, role_ops_raw_skt, + role_ops_raw_file, role_ops_ws, role_ops_cgi, + role_ops_listen, role_ops_pipe; + +#define lwsi_role_ws(wsi) (wsi->role_ops == &role_ops_ws) +#define lwsi_role_h1(wsi) (wsi->role_ops == &role_ops_h1) +#if defined(LWS_ROLE_H2) +#define lwsi_role_h2(wsi) (wsi->role_ops == &role_ops_h2) +#else +#define lwsi_role_h2(_a) (0) +#endif +#define lwsi_role_http(wsi) (lwsi_role_h1(wsi) || lwsi_role_h2(wsi)) + +enum { + LWS_HP_RET_BAIL_OK, + LWS_HP_RET_BAIL_DIE, + LWS_HP_RET_USER_SERVICE, + + LWS_HPI_RET_DIE, + LWS_HPI_RET_HANDLED, + LWS_HPI_RET_CLOSE_HANDLED, + + LWS_UPG_RET_DONE, + LWS_UPG_RET_CONTINUE, + LWS_UPG_RET_BAIL +}; + enum http_version { HTTP_VERSION_1_0, HTTP_VERSION_1_1, @@ -888,7 +968,7 @@ struct lws_context_per_thread { const char *last_lock_reason; #endif int ah_wait_list_length; -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) struct lws *pending_read_list; /* linked list */ #endif #if defined(LWS_WITH_LIBEV) @@ -1030,7 +1110,7 @@ struct lws_vhost { struct lws_dll_lws dll_active_client_conns; #endif const char *error_document_404; -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) lws_tls_ctx *ssl_ctx; lws_tls_ctx *ssl_client_ctx; struct lws_tls_ss_pieces *ss; /* for acme tls certs */ @@ -1063,7 +1143,7 @@ struct lws_vhost { int log_fd; #endif -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) int use_ssl; int allow_non_ssl_on_ssl_port; unsigned int user_supplied_ssl_ctx:1; @@ -1334,7 +1414,7 @@ LWS_EXTERN void lws_feature_status_libev(struct lws_context_creation_info *info) #define lws_libev_run(_a, _b) ((void) 0) #define lws_libev_destroyloop(_a, _b) ((void) 0) #define LWS_LIBEV_ENABLED(context) (0) -#if LWS_POSIX && !defined(LWS_WITH_ESP32) +#if !defined(LWS_WITH_ESP32) #define lws_feature_status_libev(_a) \ lwsl_info("libev support not compiled in\n") #else @@ -1364,7 +1444,7 @@ LWS_EXTERN void lws_feature_status_libuv(struct lws_context_creation_info *info) #define lws_libuv_run(_a, _b) ((void) 0) #define lws_libuv_destroyloop(_a, _b) ((void) 0) #define LWS_LIBUV_ENABLED(context) (0) -#if LWS_POSIX && !defined(LWS_WITH_ESP32) +#if !defined(LWS_WITH_ESP32) #define lws_feature_status_libuv(_a) \ lwsl_info("libuv support not compiled in\n") #else @@ -1395,7 +1475,7 @@ LWS_EXTERN void lws_feature_status_libevent(struct lws_context_creation_info *in #define lws_libevent_run(_a, _b) ((void) 0) #define lws_libevent_destroyloop(_a, _b) ((void) 0) #define LWS_LIBEVENT_ENABLED(context) (0) -#if LWS_POSIX && !defined(LWS_WITH_ESP32) +#if !defined(LWS_WITH_ESP32) #define lws_feature_status_libevent(_a) \ lwsl_info("libevent support not compiled in\n") #else @@ -1988,7 +2068,7 @@ struct lws { const struct lws_extension *active_extensions[LWS_MAX_EXTENSIONS_ACTIVE]; void *act_ext_user[LWS_MAX_EXTENSIONS_ACTIVE]; #endif -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) lws_tls_conn *ssl; lws_tls_bio *client_bio; struct lws *pending_read_list_prev, *pending_read_list_next; @@ -2003,10 +2083,13 @@ struct lws { lws_sock_file_fd_type desc; /* .filefd / .sockfd */ #if defined(LWS_WITH_STATS) uint64_t active_writable_req_us; -#if defined(LWS_OPENSSL_SUPPORT) +#if defined(LWS_WITH_TLS) uint64_t accept_start_us; #endif #endif + + struct lws_role_ops *role_ops; + lws_usec_t pending_timer; time_t pending_timeout_set; @@ -2045,6 +2128,7 @@ struct lws { unsigned int interpreting:1; unsigned int already_did_cce:1; unsigned int told_user_closed:1; + unsigned int told_event_loop_closed:1; unsigned int waiting_to_send_close_frame:1; unsigned int ipv6:1; unsigned int parent_carries_io:1; @@ -2081,13 +2165,13 @@ struct lws { #if !defined(LWS_WITHOUT_EXTENSIONS) unsigned int extension_data_pending:1; #endif -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) unsigned int use_ssl; #endif #ifdef _WIN32 unsigned int sock_send_blocking:1; #endif -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) unsigned int redirect_to_https:1; #endif @@ -2118,7 +2202,7 @@ struct lws { #if defined(LWS_WITH_CGI) || !defined(LWS_NO_CLIENT) char reason_bf; /* internal writeable callback reason bitfield */ #endif -#if defined(LWS_WITH_STATS) && defined(LWS_OPENSSL_SUPPORT) +#if defined(LWS_WITH_STATS) && defined(LWS_WITH_TLS) char seen_rx; #endif uint8_t ws_over_h2_count; @@ -2273,7 +2357,7 @@ LWS_EXTERN int LWS_WARN_UNUSED_RESULT lws_client_interpret_server_handshake(struct lws *wsi); LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_rx_sm(struct lws *wsi, unsigned char c); +lws_ws_rx_sm(struct lws *wsi, unsigned char c); LWS_EXTERN int lws_payload_until_length_exhausted(struct lws *wsi, unsigned char **buf, size_t *len); @@ -2282,7 +2366,8 @@ LWS_EXTERN int LWS_WARN_UNUSED_RESULT lws_issue_raw_ext_access(struct lws *wsi, unsigned char *buf, size_t len); LWS_EXTERN void -lws_role_transition(struct lws *wsi, enum lwsi_role role, enum lwsi_state state); +lws_role_transition(struct lws *wsi, enum lwsi_role role, enum lwsi_state state, + struct lws_role_ops *ops); LWS_EXTERN int LWS_WARN_UNUSED_RESULT user_callback_handle_rxflow(lws_callback_function, struct lws *wsi, @@ -2346,6 +2431,10 @@ LWS_EXTERN int lws_h2_client_handshake(struct lws *wsi); LWS_EXTERN struct lws * lws_wsi_h2_adopt(struct lws *parent_wsi, struct lws *wsi); +int +lws_handle_POLLOUT_event_h2(struct lws *wsi); +int +lws_read_h2(struct lws *wsi, unsigned char *buf, lws_filepos_t len); #else #define lws_h2_configure_if_upgraded(x) #endif @@ -2396,8 +2485,6 @@ int lws_context_init_server(struct lws_context_creation_info *info, struct lws_vhost *vhost); LWS_EXTERN struct lws_vhost * lws_select_vhost(struct lws_context *context, int port, const char *servername); -LWS_EXTERN int -handshake_0405(struct lws_context *context, struct lws *wsi); LWS_EXTERN int LWS_WARN_UNUSED_RESULT lws_interpret_incoming_packet(struct lws *wsi, unsigned char **buf, size_t len); LWS_EXTERN void @@ -2420,7 +2507,7 @@ interface_to_sa(struct lws_vhost *vh, const char *ifname, struct sockaddr_in *addr, size_t addrlen); LWS_EXTERN void lwsl_emit_stderr(int level, const char *line); -#ifndef LWS_OPENSSL_SUPPORT +#if !defined(LWS_WITH_TLS) #define LWS_SSL_ENABLED(context) (0) #define lws_context_init_server_ssl(_a, _b) (0) #define lws_ssl_destroy(_a) @@ -2704,7 +2791,7 @@ LWS_EXTERN struct lws * lws_client_wsi_effective(struct lws *wsi); LWS_EXTERN int LWS_WARN_UNUSED_RESULT lws_http_transaction_completed_client(struct lws *wsi); -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) LWS_EXTERN int lws_context_init_client_ssl(struct lws_context_creation_info *info, struct lws_vhost *vhost); @@ -2732,12 +2819,9 @@ _lws_change_pollfd(struct lws *wsi, int _and, int _or, struct lws_pollargs *pa); #ifndef LWS_NO_SERVER LWS_EXTERN int -lws_server_socket_service(struct lws_context *context, struct lws *wsi, - struct lws_pollfd *pollfd); -LWS_EXTERN int lws_handshake_server(struct lws *wsi, unsigned char **buf, size_t len); #else -#define lws_server_socket_service(_a, _b, _c) (0) +#define lws_server_socket_service(_b, _c) (0) #define lws_handshake_server(_a, _b, _c) (0) #endif @@ -2900,6 +2984,24 @@ __lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs); int __lws_change_pollfd(struct lws *wsi, int _and, int _or); +int +lws_read_h1(struct lws *wsi, unsigned char *buf, lws_filepos_t len); +int +lws_callback_as_writeable(struct lws *wsi); +int +lws_read_or_use_preamble(struct lws_context_per_thread *pt, struct lws *wsi); +int +lws_process_ws_upgrade(struct lws *wsi); +int +lws_server_init_wsi_for_ws(struct lws *wsi); +int +handshake_0405(struct lws_context *context, struct lws *wsi); +char * +lws_generate_client_ws_handshake(struct lws *wsi, char *p); +int +lws_client_ws_upgrade(struct lws *wsi, const char **cce); +int +lws_create_client_ws_object(struct lws_client_connect_info *i, struct lws *wsi); #ifdef __cplusplus }; #endif diff --git a/lib/roles/cgi/cgi-server.c b/lib/roles/cgi/cgi-server.c new file mode 100644 index 0000000..1b40ea1 --- /dev/null +++ b/lib/roles/cgi/cgi-server.c @@ -0,0 +1,1118 @@ +/* + * libwebsockets - CGI management + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +#if defined(WIN32) || defined(_WIN32) +#else +#include +#endif + +static const char *hex = "0123456789ABCDEF"; + +static int +urlencode(const char *in, int inlen, char *out, int outlen) +{ + char *start = out, *end = out + outlen; + + while (inlen-- && out < end - 4) { + if ((*in >= 'A' && *in <= 'Z') || + (*in >= 'a' && *in <= 'z') || + (*in >= '0' && *in <= '9') || + *in == '-' || + *in == '_' || + *in == '.' || + *in == '~') { + *out++ = *in++; + continue; + } + if (*in == ' ') { + *out++ = '+'; + in++; + continue; + } + *out++ = '%'; + *out++ = hex[(*in) >> 4]; + *out++ = hex[(*in++) & 15]; + } + *out = '\0'; + + if (out >= end - 4) + return -1; + + return out - start; +} + +static struct lws * +lws_create_basic_wsi(struct lws_context *context, int tsi) +{ + struct lws *new_wsi; + + if (!context->vhost_list) + return NULL; + + if ((unsigned int)context->pt[tsi].fds_count == + context->fd_limit_per_thread - 1) { + lwsl_err("no space for new conn\n"); + return NULL; + } + + new_wsi = lws_zalloc(sizeof(struct lws), "new wsi"); + if (new_wsi == NULL) { + lwsl_err("Out of memory for new connection\n"); + return NULL; + } + + new_wsi->tsi = tsi; + new_wsi->context = context; + new_wsi->pending_timeout = NO_PENDING_TIMEOUT; + new_wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; + + /* initialize the instance struct */ + + lws_role_transition(new_wsi, 0, LRS_ESTABLISHED, &role_ops_cgi); + + new_wsi->hdr_parsing_completed = 0; + new_wsi->position_in_fds_table = -1; + + /* + * these can only be set once the protocol is known + * we set an unestablished connection's protocol pointer + * to the start of the defauly vhost supported list, so it can look + * for matching ones during the handshake + */ + new_wsi->protocol = context->vhost_list->protocols; + new_wsi->user_space = NULL; + new_wsi->desc.sockfd = LWS_SOCK_INVALID; + context->count_wsi_allocated++; + + return new_wsi; +} + +LWS_VISIBLE LWS_EXTERN int +lws_cgi(struct lws *wsi, const char * const *exec_array, int script_uri_path_len, + int timeout_secs, const struct lws_protocol_vhost_options *mp_cgienv) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + char *env_array[30], cgi_path[400], e[1024], *p = e, + *end = p + sizeof(e) - 1, tok[256], *t, *sum, *sumend; + struct lws_cgi *cgi; + int n, m = 0, i, uritok = -1; + + /* + * give the master wsi a cgi struct + */ + + wsi->cgi = lws_zalloc(sizeof(*wsi->cgi), "new cgi"); + if (!wsi->cgi) { + lwsl_err("%s: OOM\n", __func__); + return -1; + } + + wsi->cgi->response_code = HTTP_STATUS_OK; + + cgi = wsi->cgi; + cgi->wsi = wsi; /* set cgi's owning wsi */ + sum = cgi->summary; + sumend = sum + strlen(cgi->summary) - 1; + + /* create pipes for [stdin|stdout] and [stderr] */ + + for (n = 0; n < 3; n++) + if (pipe(cgi->pipe_fds[n]) == -1) + goto bail1; + + /* create cgi wsis for each stdin/out/err fd */ + + for (n = 0; n < 3; n++) { + cgi->stdwsi[n] = lws_create_basic_wsi(wsi->context, wsi->tsi); + if (!cgi->stdwsi[n]) + goto bail2; + cgi->stdwsi[n]->cgi_channel = n; + cgi->stdwsi[n]->vhost = wsi->vhost; + + lwsl_debug("%s: cgi %p: pipe fd %d -> fd %d / %d\n", __func__, + cgi->stdwsi[n], n, cgi->pipe_fds[n][!!(n == 0)], + cgi->pipe_fds[n][!(n == 0)]); + + /* read side is 0, stdin we want the write side, others read */ + cgi->stdwsi[n]->desc.sockfd = cgi->pipe_fds[n][!!(n == 0)]; + if (fcntl(cgi->pipe_fds[n][!!(n == 0)], F_SETFL, + O_NONBLOCK) < 0) { + lwsl_err("%s: setting NONBLOCK failed\n", __func__); + goto bail2; + } + } + + for (n = 0; n < 3; n++) { + lws_libuv_accept(cgi->stdwsi[n], cgi->stdwsi[n]->desc); + if (__insert_wsi_socket_into_fds(wsi->context, cgi->stdwsi[n])) + goto bail3; + cgi->stdwsi[n]->parent = wsi; + cgi->stdwsi[n]->sibling_list = wsi->child_list; + wsi->child_list = cgi->stdwsi[n]; + } + + lws_change_pollfd(cgi->stdwsi[LWS_STDIN], LWS_POLLIN, LWS_POLLOUT); + lws_change_pollfd(cgi->stdwsi[LWS_STDOUT], LWS_POLLOUT, LWS_POLLIN); + lws_change_pollfd(cgi->stdwsi[LWS_STDERR], LWS_POLLOUT, LWS_POLLIN); + + lwsl_debug("%s: fds in %d, out %d, err %d\n", __func__, + cgi->stdwsi[LWS_STDIN]->desc.sockfd, + cgi->stdwsi[LWS_STDOUT]->desc.sockfd, + cgi->stdwsi[LWS_STDERR]->desc.sockfd); + + if (timeout_secs) + lws_set_timeout(wsi, PENDING_TIMEOUT_CGI, timeout_secs); + + /* the cgi stdout is always sending us http1.x header data first */ + wsi->hdr_state = LCHS_HEADER; + + /* add us to the pt list of active cgis */ + lwsl_debug("%s: adding cgi %p to list\n", __func__, wsi->cgi); + cgi->cgi_list = pt->cgi_list; + pt->cgi_list = cgi; + + sum += lws_snprintf(sum, sumend - sum, "%s ", exec_array[0]); + + /* prepare his CGI env */ + + n = 0; + + if (lws_is_ssl(wsi)) + env_array[n++] = "HTTPS=ON"; + if (wsi->ah) { + static const unsigned char meths[] = { + WSI_TOKEN_GET_URI, + WSI_TOKEN_POST_URI, + WSI_TOKEN_OPTIONS_URI, + WSI_TOKEN_PUT_URI, + WSI_TOKEN_PATCH_URI, + WSI_TOKEN_DELETE_URI, + WSI_TOKEN_CONNECT, + WSI_TOKEN_HEAD_URI, + #ifdef LWS_WITH_HTTP2 + WSI_TOKEN_HTTP_COLON_PATH, + #endif + }; + static const char * const meth_names[] = { + "GET", "POST", "OPTIONS", "PUT", "PATCH", "DELETE", + "CONNECT", ":path" + }; + + if (script_uri_path_len >= 0) + for (m = 0; m < (int)ARRAY_SIZE(meths); m++) + if (lws_hdr_total_length(wsi, meths[m]) >= + script_uri_path_len) { + uritok = meths[m]; + break; + } + + if (script_uri_path_len < 0 && uritok < 0) + goto bail3; +// if (script_uri_path_len < 0) +// uritok = 0; + + if (uritok >= 0) { + lws_snprintf(cgi_path, sizeof(cgi_path) - 1, + "REQUEST_URI=%s", + lws_hdr_simple_ptr(wsi, uritok)); + cgi_path[sizeof(cgi_path) - 1] = '\0'; + env_array[n++] = cgi_path; + } + + if (m >= 0) { + env_array[n++] = p; + if (m < 8) { + p += lws_snprintf(p, end - p, + "REQUEST_METHOD=%s", + meth_names[m]); + sum += lws_snprintf(sum, sumend - sum, "%s ", meth_names[m]); + } else { + p += lws_snprintf(p, end - p, + "REQUEST_METHOD=%s", + lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_METHOD)); + sum += lws_snprintf(sum, sumend - sum, "%s ", + lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_METHOD)); + } + p++; + } + + if (uritok >= 0) + sum += lws_snprintf(sum, sumend - sum, "%s ", + lws_hdr_simple_ptr(wsi, uritok)); + + env_array[n++] = p; + p += lws_snprintf(p, end - p, "QUERY_STRING="); + /* dump the individual URI Arg parameters */ + m = 0; + while (script_uri_path_len >= 0) { + i = lws_hdr_copy_fragment(wsi, tok, sizeof(tok), + WSI_TOKEN_HTTP_URI_ARGS, m); + if (i < 0) + break; + t = tok; + while (*t && *t != '=' && p < end - 4) + *p++ = *t++; + if (*t == '=') + *p++ = *t++; + i = urlencode(t, i- (t - tok), p, end - p); + if (i > 0) { + p += i; + *p++ = '&'; + } + m++; + } + if (m) + p--; + *p++ = '\0'; + + sum += lws_snprintf(sum, sumend - sum, "%s", env_array[n - 1]); + + if (script_uri_path_len >= 0) { + env_array[n++] = p; + p += lws_snprintf(p, end - p, "PATH_INFO=%s", + lws_hdr_simple_ptr(wsi, uritok) + + script_uri_path_len); + p++; + } + } + if (script_uri_path_len >= 0 && + lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_REFERER)) { + env_array[n++] = p; + p += lws_snprintf(p, end - p, "HTTP_REFERER=%s", + lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_REFERER)); + p++; + } + if (script_uri_path_len >= 0 && + lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { + env_array[n++] = p; + p += lws_snprintf(p, end - p, "HTTP_HOST=%s", + lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST)); + p++; + } + if (script_uri_path_len >= 0 && + lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_COOKIE)) { + env_array[n++] = p; + p += lws_snprintf(p, end - p, "HTTP_COOKIE="); + m = lws_hdr_copy(wsi, p, end - p, WSI_TOKEN_HTTP_COOKIE); + if (m > 0) + p += lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_COOKIE); + *p++ = '\0'; + } + if (script_uri_path_len >= 0 && + lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_USER_AGENT)) { + env_array[n++] = p; + p += lws_snprintf(p, end - p, "USER_AGENT=%s", + lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_USER_AGENT)); + p++; + } + if (script_uri_path_len >= 0 && + uritok == WSI_TOKEN_POST_URI) { + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE)) { + env_array[n++] = p; + p += lws_snprintf(p, end - p, "CONTENT_TYPE=%s", + lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE)); + p++; + } + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { + env_array[n++] = p; + p += lws_snprintf(p, end - p, "CONTENT_LENGTH=%s", + lws_hdr_simple_ptr(wsi, + WSI_TOKEN_HTTP_CONTENT_LENGTH)); + p++; + } + } + env_array[n++] = "PATH=/bin:/usr/bin:/usr/local/bin:/var/www/cgi-bin"; + + env_array[n++] = p; + p += lws_snprintf(p, end - p, "SCRIPT_PATH=%s", exec_array[0]) + 1; + + while (mp_cgienv) { + env_array[n++] = p; + p += lws_snprintf(p, end - p, "%s=%s", mp_cgienv->name, + mp_cgienv->value); + lwsl_debug(" Applying mount-specific cgi env '%s'\n", + env_array[n - 1]); + p++; + mp_cgienv = mp_cgienv->next; + } + + env_array[n++] = "SERVER_SOFTWARE=libwebsockets"; + env_array[n] = NULL; + +#if 0 + for (m = 0; m < n; m++) + lwsl_err(" %s\n", env_array[m]); +#endif + + /* + * Actually having made the env, as a cgi we don't need the ah + * any more + */ + if (script_uri_path_len >= 0 && + lws_header_table_is_in_detachable_state(wsi)) + lws_header_table_detach(wsi, 0); + + /* we are ready with the redirection pipes... run the thing */ +#if !defined(LWS_HAVE_VFORK) || !defined(LWS_HAVE_EXECVPE) + cgi->pid = fork(); +#else + cgi->pid = vfork(); +#endif + if (cgi->pid < 0) { + lwsl_err("fork failed, errno %d", errno); + goto bail3; + } + +#if defined(__linux__) + prctl(PR_SET_PDEATHSIG, SIGTERM); +#endif + if (script_uri_path_len >= 0) + /* stops non-daemonized main processess getting SIGINT + * from TTY */ + setpgrp(); + + if (cgi->pid) { + /* we are the parent process */ + wsi->context->count_cgi_spawned++; + lwsl_debug("%s: cgi %p spawned PID %d\n", __func__, + cgi, cgi->pid); + + for (n = 0; n < 3; n++) + close(cgi->pipe_fds[n][!(n == 0)]); + + /* inform cgi owner of the child PID */ + n = user_callback_handle_rxflow(wsi->protocol->callback, wsi, + LWS_CALLBACK_CGI_PROCESS_ATTACH, + wsi->user_space, NULL, cgi->pid); + (void)n; + + return 0; + } + + /* somewhere we can at least read things and enter it */ + if (chdir("/tmp")) + lwsl_notice("%s: Failed to chdir\n", __func__); + + /* We are the forked process, redirect and kill inherited things. + * + * Because of vfork(), we cannot do anything that changes pages in + * the parent environment. Stuff that changes kernel state for the + * process is OK. Stuff that happens after the execvpe() is OK. + */ + + for (n = 0; n < 3; n++) { + if (dup2(cgi->pipe_fds[n][!(n == 0)], n) < 0) { + lwsl_err("%s: stdin dup2 failed\n", __func__); + goto bail3; + } + close(cgi->pipe_fds[n][!(n == 0)]); + } + +#if !defined(LWS_HAVE_VFORK) || !defined(LWS_HAVE_EXECVPE) + for (m = 0; m < n; m++) { + p = strchr(env_array[m], '='); + *p++ = '\0'; + setenv(env_array[m], p, 1); + } + execvp(exec_array[0], (char * const *)&exec_array[0]); +#else + execvpe(exec_array[0], (char * const *)&exec_array[0], &env_array[0]); +#endif + + exit(1); + +bail3: + /* drop us from the pt cgi list */ + pt->cgi_list = cgi->cgi_list; + + while (--n >= 0) + __remove_wsi_socket_from_fds(wsi->cgi->stdwsi[n]); +bail2: + for (n = 0; n < 3; n++) + if (wsi->cgi->stdwsi[n]) + __lws_free_wsi(cgi->stdwsi[n]); + +bail1: + for (n = 0; n < 3; n++) { + if (cgi->pipe_fds[n][0]) + close(cgi->pipe_fds[n][0]); + if (cgi->pipe_fds[n][1]) + close(cgi->pipe_fds[n][1]); + } + + lws_free_set_NULL(wsi->cgi); + + lwsl_err("%s: failed\n", __func__); + + return -1; +} + +/* we have to parse out these headers in the CGI output */ + +static const char * const significant_hdr[SIGNIFICANT_HDR_COUNT] = { + "content-length: ", + "location: ", + "status: ", + "transfer-encoding: chunked", +}; + +enum header_recode { + HR_NAME, + HR_WHITESPACE, + HR_ARG, + HR_CRLF, +}; + +LWS_VISIBLE LWS_EXTERN int +lws_cgi_write_split_stdout_headers(struct lws *wsi) +{ + int n, m, cmd; + unsigned char buf[LWS_PRE + 1024], *start = &buf[LWS_PRE], *p = start, + *end = &buf[sizeof(buf) - 1 - LWS_PRE], *name, + *value = NULL; + char c, hrs; + + if (!wsi->cgi) + return -1; + + while (wsi->hdr_state != LHCS_PAYLOAD) { + /* + * We have to separate header / finalize and payload chunks, + * since they need to be handled separately + */ + switch (wsi->hdr_state) { + case LHCS_RESPONSE: + lwsl_debug("LHCS_RESPONSE: issuing response %d\n", + wsi->cgi->response_code); + if (lws_add_http_header_status(wsi, + wsi->cgi->response_code, + &p, end)) + return 1; + if (!wsi->cgi->explicitly_chunked && + !wsi->cgi->content_length && + lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_TRANSFER_ENCODING, + (unsigned char *)"chunked", 7, &p, end)) + return 1; + if (!(wsi->http2_substream)) + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_CONNECTION, + (unsigned char *)"close", 5, + &p, end)) + return 1; + n = lws_write(wsi, start, p - start, + LWS_WRITE_HTTP_HEADERS | LWS_WRITE_NO_FIN); + + /* + * so we have a bunch of http/1 style ascii headers + * starting from wsi->cgi->headers_buf through + * wsi->cgi->headers_pos. These are OK for http/1 + * connections, but they're no good for http/2 conns. + * + * Let's redo them at headers_pos forward using the + * correct coding for http/1 or http/2 + */ + if (!wsi->http2_substream) + goto post_hpack_recode; + + p = wsi->cgi->headers_start; + wsi->cgi->headers_start = wsi->cgi->headers_pos; + wsi->cgi->headers_dumped = wsi->cgi->headers_start; + hrs = HR_NAME; + name = buf; + + while (p < wsi->cgi->headers_start) { + switch (hrs) { + case HR_NAME: + /* + * in http/2 upper-case header names + * are illegal. So convert to lower- + * case. + */ + if (name - buf > 64) + return -1; + if (*p != ':') { + if (*p >= 'A' && *p <= 'Z') + *name++ = (*p++) + + ('a' - 'A'); + else + *name++ = *p++; + } else { + p++; + *name++ = '\0'; + value = name; + hrs = HR_WHITESPACE; + } + break; + case HR_WHITESPACE: + if (*p == ' ') { + p++; + break; + } + hrs = HR_ARG; + /* fallthru */ + case HR_ARG: + if (name > end - 64) + return -1; + + if (*p != '\x0a' && *p != '\x0d') { + *name++ = *p++; + break; + } + hrs = HR_CRLF; + /* fallthru */ + case HR_CRLF: + if ((*p != '\x0a' && *p != '\x0d') || + p + 1 == wsi->cgi->headers_start) { + *name = '\0'; + if ((strcmp((const char *)buf, + "transfer-encoding") + )) { + lwsl_debug("+ %s: %s\n", + buf, value); + if ( + lws_add_http_header_by_name(wsi, buf, + (unsigned char *)value, name - value, + (unsigned char **)&wsi->cgi->headers_pos, + (unsigned char *)wsi->cgi->headers_end)) + return 1; + hrs = HR_NAME; + name = buf; + break; + } + } + p++; + break; + } + } +post_hpack_recode: + /* finalize cached headers before dumping them */ + if (lws_finalize_http_header(wsi, + (unsigned char **)&wsi->cgi->headers_pos, + (unsigned char *)wsi->cgi->headers_end)) { + + lwsl_notice("finalize failed\n"); + return -1; + } + + wsi->hdr_state = LHCS_DUMP_HEADERS; + wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI_HEADERS; + lws_callback_on_writable(wsi); + /* back to the loop for writeability again */ + return 0; + + case LHCS_DUMP_HEADERS: + + n = wsi->cgi->headers_pos - wsi->cgi->headers_dumped; + if (n > 512) + n = 512; + + lwsl_debug("LHCS_DUMP_HEADERS: %d\n", n); + + cmd = LWS_WRITE_HTTP_HEADERS_CONTINUATION; + if (wsi->cgi->headers_dumped + n != + wsi->cgi->headers_pos) { + lwsl_notice("adding no fin flag\n"); + cmd |= LWS_WRITE_NO_FIN; + } + + m = lws_write(wsi, + (unsigned char *)wsi->cgi->headers_dumped, + n, cmd); + if (m < 0) { + lwsl_debug("%s: write says %d\n", __func__, m); + return -1; + } + wsi->cgi->headers_dumped += n; + if (wsi->cgi->headers_dumped == wsi->cgi->headers_pos) { + wsi->hdr_state = LHCS_PAYLOAD; + lws_free_set_NULL(wsi->cgi->headers_buf); + lwsl_debug("freed cgi headers\n"); + } else { + wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI_HEADERS; + lws_callback_on_writable(wsi); + } + + /* writeability becomes uncertain now we wrote + * something, we must return to the event loop + */ + return 0; + } + + if (!wsi->cgi->headers_buf) { + /* if we don't already have a headers buf, cook one up */ + n = 2048; + if (wsi->http2_substream) + n = 4096; + wsi->cgi->headers_buf = lws_malloc(n + LWS_PRE, + "cgi hdr buf"); + if (!wsi->cgi->headers_buf) { + lwsl_err("OOM\n"); + return -1; + } + + lwsl_debug("allocated cgi hdrs\n"); + wsi->cgi->headers_start = wsi->cgi->headers_buf + LWS_PRE; + wsi->cgi->headers_pos = wsi->cgi->headers_start; + wsi->cgi->headers_dumped = wsi->cgi->headers_pos; + wsi->cgi->headers_end = wsi->cgi->headers_buf + n - 1; + + for (n = 0; n < SIGNIFICANT_HDR_COUNT; n++) { + wsi->cgi->match[n] = 0; + wsi->cgi->lp = 0; + } + } + + n = lws_get_socket_fd(wsi->cgi->stdwsi[LWS_STDOUT]); + if (n < 0) + return -1; + n = read(n, &c, 1); + if (n < 0) { + if (errno != EAGAIN) { + lwsl_debug("%s: read says %d\n", __func__, n); + return -1; + } + else + n = 0; + + if (wsi->cgi->headers_pos >= wsi->cgi->headers_end - 4) { + lwsl_notice("CGI hdrs > buf size\n"); + + return -1; + } + } + if (!n) + goto agin; + + lwsl_debug("-- 0x%02X %c %d %d\n", (unsigned char)c, c, + wsi->cgi->match[1], wsi->hdr_state); + if (!c) + return -1; + switch (wsi->hdr_state) { + case LCHS_HEADER: + hdr: + for (n = 0; n < SIGNIFICANT_HDR_COUNT; n++) { + /* + * significant headers with + * numeric decimal payloads + */ + if (!significant_hdr[n][wsi->cgi->match[n]] && + (c >= '0' && c <= '9') && + wsi->cgi->lp < (int)sizeof(wsi->cgi->l) - 1) { + wsi->cgi->l[wsi->cgi->lp++] = c; + wsi->cgi->l[wsi->cgi->lp] = '\0'; + switch (n) { + case SIGNIFICANT_HDR_CONTENT_LENGTH: + wsi->cgi->content_length = + atoll(wsi->cgi->l); + break; + case SIGNIFICANT_HDR_STATUS: + wsi->cgi->response_code = + atol(wsi->cgi->l); + lwsl_debug("Status set to %d\n", + wsi->cgi->response_code); + break; + default: + break; + } + } + /* hits up to the NUL are sticky until next hdr */ + if (significant_hdr[n][wsi->cgi->match[n]]) { + if (tolower(c) == + significant_hdr[n][wsi->cgi->match[n]]) + wsi->cgi->match[n]++; + else + wsi->cgi->match[n] = 0; + } + } + + /* some cgi only send us \x0a for EOL */ + if (c == '\x0a') { + wsi->hdr_state = LCHS_SINGLE_0A; + *wsi->cgi->headers_pos++ = '\x0d'; + } + *wsi->cgi->headers_pos++ = c; + if (c == '\x0d') + wsi->hdr_state = LCHS_LF1; + + if (wsi->hdr_state != LCHS_HEADER && + !significant_hdr[SIGNIFICANT_HDR_TRANSFER_ENCODING] + [wsi->cgi->match[ + SIGNIFICANT_HDR_TRANSFER_ENCODING]]) { + lwsl_debug("cgi produced chunked\n"); + wsi->cgi->explicitly_chunked = 1; + } + + /* presence of Location: mandates 302 retcode */ + if (wsi->hdr_state != LCHS_HEADER && + !significant_hdr[SIGNIFICANT_HDR_LOCATION][ + wsi->cgi->match[SIGNIFICANT_HDR_LOCATION]]) { + lwsl_debug("CGI: Location hdr seen\n"); + wsi->cgi->response_code = 302; + } + + break; + case LCHS_LF1: + *wsi->cgi->headers_pos++ = c; + if (c == '\x0a') { + wsi->hdr_state = LCHS_CR2; + break; + } + /* we got \r[^\n]... it's unreasonable */ + lwsl_debug("%s: funny CRLF 0x%02X\n", __func__, + (unsigned char)c); + return -1; + + case LCHS_CR2: + if (c == '\x0d') { + /* drop the \x0d */ + wsi->hdr_state = LCHS_LF2; + break; + } + wsi->hdr_state = LCHS_HEADER; + for (n = 0; n < SIGNIFICANT_HDR_COUNT; n++) + wsi->cgi->match[n] = 0; + wsi->cgi->lp = 0; + goto hdr; + + case LCHS_LF2: + case LCHS_SINGLE_0A: + m = wsi->hdr_state; + if (c == '\x0a') { + lwsl_debug("Content-Length: %lld\n", + (unsigned long long) + wsi->cgi->content_length); + wsi->hdr_state = LHCS_RESPONSE; + /* + * drop the \0xa ... finalize + * will add it if needed (HTTP/1) + */ + break; + } + if (m == LCHS_LF2) + /* we got \r\n\r[^\n]... unreasonable */ + return -1; + /* we got \x0anext header, it's reasonable */ + *wsi->cgi->headers_pos++ = c; + wsi->hdr_state = LCHS_HEADER; + for (n = 0; n < SIGNIFICANT_HDR_COUNT; n++) + wsi->cgi->match[n] = 0; + wsi->cgi->lp = 0; + break; + case LHCS_PAYLOAD: + break; + } + +agin: + /* ran out of input, ended the hdrs, or filled up the hdrs buf */ + if (!n || wsi->hdr_state == LHCS_PAYLOAD) + return 0; + } + + /* payload processing */ + + m = !wsi->cgi->explicitly_chunked && !wsi->cgi->content_length; + n = lws_get_socket_fd(wsi->cgi->stdwsi[LWS_STDOUT]); + if (n < 0) + return -1; + n = read(n, start, sizeof(buf) - LWS_PRE - + (m ? LWS_HTTP_CHUNK_HDR_SIZE : 0)); + + if (n < 0 && errno != EAGAIN) { + lwsl_debug("%s: stdout read says %d\n", __func__, n); + return -1; + } + if (n > 0) { + if (!wsi->http2_substream && m) { + char chdr[LWS_HTTP_CHUNK_HDR_SIZE]; + m = lws_snprintf(chdr, LWS_HTTP_CHUNK_HDR_SIZE - 3, + "%X\x0d\x0a", n); + memmove(start + m, start, n); + memcpy(start, chdr, m); + memcpy(start + m + n, "\x0d\x0a", 2); + n += m + 2; + } + cmd = LWS_WRITE_HTTP; + if (wsi->cgi->content_length_seen + n == wsi->cgi->content_length) + cmd = LWS_WRITE_HTTP_FINAL; + m = lws_write(wsi, (unsigned char *)start, n, cmd); + //lwsl_notice("write %d\n", m); + if (m < 0) { + lwsl_debug("%s: stdout write says %d\n", __func__, m); + return -1; + } + wsi->cgi->content_length_seen += n; + } else { + if (wsi->cgi_stdout_zero_length) { + lwsl_debug("%s: stdout is POLLHUP'd\n", __func__); + if (wsi->http2_substream) + m = lws_write(wsi, (unsigned char *)start, 0, + LWS_WRITE_HTTP_FINAL); + return 1; + } + wsi->cgi_stdout_zero_length = 1; + } + return 0; +} + +LWS_VISIBLE LWS_EXTERN int +lws_cgi_kill(struct lws *wsi) +{ + struct lws_cgi_args args; + int status, n; + + lwsl_debug("%s: %p\n", __func__, wsi); + + if (!wsi->cgi) + return 0; + + if (wsi->cgi->pid > 0) { + n = waitpid(wsi->cgi->pid, &status, WNOHANG); + if (n > 0) { + lwsl_debug("%s: PID %d reaped\n", __func__, + wsi->cgi->pid); + goto handled; + } + /* kill the process group */ + n = kill(-wsi->cgi->pid, SIGTERM); + lwsl_debug("%s: SIGTERM child PID %d says %d (errno %d)\n", + __func__, wsi->cgi->pid, n, errno); + if (n < 0) { + /* + * hum seen errno=3 when process is listed in ps, + * it seems we don't always retain process grouping + * + * Direct these fallback attempt to the exact child + */ + n = kill(wsi->cgi->pid, SIGTERM); + if (n < 0) { + n = kill(wsi->cgi->pid, SIGPIPE); + if (n < 0) { + n = kill(wsi->cgi->pid, SIGKILL); + if (n < 0) + lwsl_err("%s: SIGKILL PID %d " + "failed errno %d " + "(maybe zombie)\n", + __func__, + wsi->cgi->pid, errno); + } + } + } + /* He could be unkillable because he's a zombie */ + n = 1; + while (n > 0) { + n = waitpid(-wsi->cgi->pid, &status, WNOHANG); + if (n > 0) + lwsl_debug("%s: reaped PID %d\n", __func__, n); + if (n <= 0) { + n = waitpid(wsi->cgi->pid, &status, WNOHANG); + if (n > 0) + lwsl_debug("%s: reaped PID %d\n", + __func__, n); + } + } + } + +handled: + args.stdwsi = &wsi->cgi->stdwsi[0]; + + if (wsi->cgi->pid != -1) { + n = user_callback_handle_rxflow(wsi->protocol->callback, wsi, + LWS_CALLBACK_CGI_TERMINATED, + wsi->user_space, + (void *)&args, wsi->cgi->pid); + wsi->cgi->pid = -1; + if (n && !wsi->cgi->being_closed) + lws_close_free_wsi(wsi, 0, "lws_cgi_kill"); + } + + return 0; +} + +LWS_EXTERN int +lws_cgi_kill_terminated(struct lws_context_per_thread *pt) +{ + struct lws_cgi **pcgi, *cgi = NULL; + int status, n = 1; + + while (n > 0) { + /* find finished guys but don't reap yet */ + n = waitpid(-1, &status, WNOHANG); + if (n <= 0) + continue; + lwsl_debug("%s: observed PID %d terminated\n", __func__, n); + + pcgi = &pt->cgi_list; + + /* check all the subprocesses on the cgi list */ + while (*pcgi) { + /* get the next one first as list may change */ + cgi = *pcgi; + pcgi = &(*pcgi)->cgi_list; + + if (cgi->pid <= 0) + continue; + + /* finish sending cached headers */ + if (cgi->headers_buf) + continue; + + /* wait for stdout to be drained */ + if (cgi->content_length > cgi->content_length_seen) + continue; + + if (cgi->content_length) { + lwsl_debug("%s: wsi %p: expected content length seen: %lld\n", + __func__, cgi->wsi, + (unsigned long long)cgi->content_length_seen); + } + + /* reap it */ + waitpid(n, &status, WNOHANG); + /* + * he's already terminated so no need for kill() + * but we should do the terminated cgi callback + * and close him if he's not already closing + */ + if (n == cgi->pid) { + lwsl_debug("%s: found PID %d on cgi list\n", + __func__, n); + + if (!cgi->content_length) { + /* + * well, if he sends chunked... + * give him 2s after the + * cgi terminated to send buffered + */ + cgi->chunked_grace++; + continue; + } + + /* defeat kill() */ + cgi->pid = 0; + lws_cgi_kill(cgi->wsi); + + break; + } + cgi = NULL; + } + /* if not found on the cgi list, as he's one of ours, reap */ + if (!cgi) { + lwsl_debug("%s: reading PID %d although no cgi match\n", + __func__, n); + waitpid(n, &status, WNOHANG); + } + } + + pcgi = &pt->cgi_list; + + /* check all the subprocesses on the cgi list */ + while (*pcgi) { + /* get the next one first as list may change */ + cgi = *pcgi; + pcgi = &(*pcgi)->cgi_list; + + if (cgi->pid <= 0) + continue; + + /* we deferred killing him after reaping his PID */ + if (cgi->chunked_grace) { + cgi->chunked_grace++; + if (cgi->chunked_grace < 2) + continue; + goto finish_him; + } + + /* finish sending cached headers */ + if (cgi->headers_buf) + continue; + + /* wait for stdout to be drained */ + if (cgi->content_length > cgi->content_length_seen) + continue; + + if (cgi->content_length) + lwsl_debug("%s: wsi %p: expected content length seen: %lld\n", + __func__, cgi->wsi, + (unsigned long long)cgi->content_length_seen); + + /* reap it */ + if (waitpid(cgi->pid, &status, WNOHANG) > 0) { + + if (!cgi->content_length) { + /* + * well, if he sends chunked... + * give him 2s after the + * cgi terminated to send buffered + */ + cgi->chunked_grace++; + continue; + } +finish_him: + lwsl_debug("%s: found PID %d on cgi list\n", + __func__, cgi->pid); + + /* defeat kill() */ + cgi->pid = 0; + lws_cgi_kill(cgi->wsi); + + break; + } + } + + return 0; +} + +LWS_VISIBLE LWS_EXTERN struct lws * +lws_cgi_get_stdwsi(struct lws *wsi, enum lws_enum_stdinouterr ch) +{ + if (!wsi->cgi) + return NULL; + + return wsi->cgi->stdwsi[ch]; +} + +void +lws_cgi_remove_and_kill(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + struct lws_cgi **pcgi = &pt->cgi_list; + + /* remove us from the cgi list */ + lwsl_debug("%s: remove cgi %p from list\n", __func__, wsi->cgi); + while (*pcgi) { + if (*pcgi == wsi->cgi) { + /* drop us from the pt cgi list */ + *pcgi = (*pcgi)->cgi_list; + break; + } + pcgi = &(*pcgi)->cgi_list; + } + if (wsi->cgi->headers_buf) { + lwsl_debug("close: freed cgi headers\n"); + lws_free_set_NULL(wsi->cgi->headers_buf); + } + /* we have a cgi going, we must kill it */ + wsi->cgi->being_closed = 1; + lws_cgi_kill(wsi); +} diff --git a/lib/roles/cgi/ops-cgi.c b/lib/roles/cgi/ops-cgi.c new file mode 100644 index 0000000..8821016 --- /dev/null +++ b/lib/roles/cgi/ops-cgi.c @@ -0,0 +1,99 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +static int +rops_handle_POLLIN_cgi(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ + struct lws_cgi_args args; + + assert(wsi->role_ops == &role_ops_cgi); + + if (wsi->cgi_channel >= LWS_STDOUT && + !(pollfd->revents & pollfd->events & LWS_POLLIN)) + return LWS_HPI_RET_HANDLED; + + if (wsi->cgi_channel == LWS_STDIN && + !(pollfd->revents & pollfd->events & LWS_POLLOUT)) + return LWS_HPI_RET_HANDLED; + + if (wsi->cgi_channel == LWS_STDIN && + lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_info("failed at set pollfd\n"); + return LWS_HPI_RET_DIE; + } + + args.ch = wsi->cgi_channel; + args.stdwsi = &wsi->parent->cgi->stdwsi[0]; + args.hdr_state = wsi->hdr_state; + + lwsl_debug("CGI LWS_STDOUT %p wsistate 0x%x\n", + wsi->parent, wsi->wsistate); + + if (user_callback_handle_rxflow(wsi->parent->protocol->callback, + wsi->parent, LWS_CALLBACK_CGI, + wsi->parent->user_space, + (void *)&args, 0)) + return 1; + + return LWS_HPI_RET_HANDLED; +} + +static int +rops_handle_POLLOUT_cgi(struct lws *wsi) +{ + return LWS_HP_RET_USER_SERVICE; +} + +static int +rops_periodic_checks_cgi(struct lws_context *context, int tsi, time_t now) +{ + struct lws_context_per_thread *pt = &context->pt[tsi]; + + lws_cgi_kill_terminated(pt); + + return 0; +} + +struct lws_role_ops role_ops_cgi = { + "cgi", + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ NULL, + /* periodic_checks */ rops_periodic_checks_cgi, + /* service_flag_pending */ NULL, + /* handle_POLLIN */ rops_handle_POLLIN_cgi, + /* handle_POLLOUT */ rops_handle_POLLOUT_cgi, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ NULL, + /* tx_credit */ NULL, + /* write_role_protocol */ NULL, + /* rxflow_cache */ NULL, + /* encapsulation_parent */ NULL, + /* close_via_role_protocol */ NULL, + /* close_role */ NULL, + /* close_kill_connection */ NULL, + /* destroy_role */ NULL, + /* writeable cb clnt, srv */ { 0, 0 }, + /* close cb clnt, srv */ { 0, 0 }, +}; diff --git a/lib/roles/h1/client-h1.c b/lib/roles/h1/client-h1.c new file mode 100644 index 0000000..1229aab --- /dev/null +++ b/lib/roles/h1/client-h1.c @@ -0,0 +1,69 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +int +lws_handshake_client(struct lws *wsi, unsigned char **buf, size_t len) +{ + int m; + + if ((lwsi_state(wsi) != LRS_WAITING_PROXY_REPLY) && + (lwsi_state(wsi) != LRS_H1C_ISSUE_HANDSHAKE) && + (lwsi_state(wsi) != LRS_WAITING_SERVER_REPLY) && + !lwsi_role_client(wsi)) + return 0; + + while (len) { + /* + * we were accepting input but now we stopped doing so + */ + if (lws_is_flowcontrolled(wsi)) { + lwsl_debug("%s: caching %ld\n", __func__, (long)len); + lws_rxflow_cache(wsi, *buf, 0, (int)len); + return 0; + } + if (wsi->ws->rx_draining_ext) { +#if !defined(LWS_NO_CLIENT) + if (lwsi_role_client(wsi)) + m = lws_client_rx_sm(wsi, 0); + else +#endif + m = lws_ws_rx_sm(wsi, 0); + if (m < 0) + return -1; + continue; + } + /* account for what we're using in rxflow buffer */ + if (wsi->rxflow_buffer) + wsi->rxflow_pos++; + + if (lws_client_rx_sm(wsi, *(*buf)++)) { + lwsl_debug("client_rx_sm exited\n"); + return -1; + } + len--; + } + lwsl_debug("%s: finished with %ld\n", __func__, (long)len); + + return 0; +} + diff --git a/lib/roles/h1/ops-h1.c b/lib/roles/h1/ops-h1.c new file mode 100644 index 0000000..6e6d614 --- /dev/null +++ b/lib/roles/h1/ops-h1.c @@ -0,0 +1,720 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +#ifndef min +#define min(a, b) ((a) < (b) ? (a) : (b)) +#endif + + +/* + * We have to take care about parsing because the headers may be split + * into multiple fragments. They may contain unknown headers with arbitrary + * argument lengths. So, we parse using a single-character at a time state + * machine that is completely independent of packet size. + * + * Returns <0 for error or length of chars consumed from buf (up to len) + */ + +int +lws_read_h1(struct lws *wsi, unsigned char *buf, lws_filepos_t len) +{ + unsigned char *last_char, *oldbuf = buf; + lws_filepos_t body_chunk_len; + size_t n; + + // lwsl_notice("%s: h1 path: wsi state 0x%x\n", __func__, lwsi_state(wsi)); + + switch (lwsi_state(wsi)) { + + case LRS_ISSUING_FILE: + return 0; + + case LRS_ESTABLISHED: + + if (lwsi_role_ws(wsi)) + goto ws_mode; + + if (lwsi_role_client(wsi)) + break; + + wsi->hdr_parsing_completed = 0; + + /* fallthru */ + + case LRS_HEADERS: + if (!wsi->ah) { + lwsl_err("%s: LRS_HEADERS: NULL ah\n", __func__); + assert(0); + } + lwsl_parser("issuing %d bytes to parser\n", (int)len); + + if (lws_handshake_client(wsi, &buf, (size_t)len)) + goto bail; + + last_char = buf; + if (lws_handshake_server(wsi, &buf, (size_t)len)) + /* Handshake indicates this session is done. */ + goto bail; + + /* we might have transitioned to RAW */ + if (wsi->role_ops == &role_ops_raw_skt || + wsi->role_ops == &role_ops_raw_file) + /* we gave the read buffer to RAW handler already */ + goto read_ok; + + /* + * It's possible that we've exhausted our data already, or + * rx flow control has stopped us dealing with this early, + * but lws_handshake_server doesn't update len for us. + * Figure out how much was read, so that we can proceed + * appropriately: + */ + len -= (buf - last_char); +// lwsl_debug("%s: thinks we have used %ld\n", __func__, (long)len); + + if (!wsi->hdr_parsing_completed) + /* More header content on the way */ + goto read_ok; + + switch (lwsi_state(wsi)) { + case LRS_ESTABLISHED: + case LRS_HEADERS: + goto read_ok; + case LRS_ISSUING_FILE: + goto read_ok; + case LRS_BODY: + wsi->http.rx_content_remain = + wsi->http.rx_content_length; + if (wsi->http.rx_content_remain) + goto http_postbody; + + /* there is no POST content */ + goto postbody_completion; + default: + break; + } + break; + + case LRS_BODY: +http_postbody: + //lwsl_notice("http post body\n"); + while (len && wsi->http.rx_content_remain) { + /* Copy as much as possible, up to the limit of: + * what we have in the read buffer (len) + * remaining portion of the POST body (content_remain) + */ + body_chunk_len = min(wsi->http.rx_content_remain, len); + wsi->http.rx_content_remain -= body_chunk_len; + len -= body_chunk_len; +#ifdef LWS_WITH_CGI + if (wsi->cgi) { + struct lws_cgi_args args; + + args.ch = LWS_STDIN; + args.stdwsi = &wsi->cgi->stdwsi[0]; + args.data = buf; + args.len = body_chunk_len; + + /* returns how much used */ + n = user_callback_handle_rxflow( + wsi->protocol->callback, + wsi, LWS_CALLBACK_CGI_STDIN_DATA, + wsi->user_space, + (void *)&args, 0); + if ((int)n < 0) + goto bail; + } else { +#endif + n = wsi->protocol->callback(wsi, + LWS_CALLBACK_HTTP_BODY, wsi->user_space, + buf, (size_t)body_chunk_len); + if (n) + goto bail; + n = (size_t)body_chunk_len; +#ifdef LWS_WITH_CGI + } +#endif + buf += n; + + if (wsi->http.rx_content_remain) { + lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT, + wsi->context->timeout_secs); + break; + } + /* he sent all the content in time */ +postbody_completion: +#ifdef LWS_WITH_CGI + /* + * If we're running a cgi, we can't let him off the + * hook just because he sent his POST data + */ + if (wsi->cgi) + lws_set_timeout(wsi, PENDING_TIMEOUT_CGI, + wsi->context->timeout_secs); + else +#endif + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); +#ifdef LWS_WITH_CGI + if (!wsi->cgi) +#endif + { + lwsl_info("HTTP_BODY_COMPLETION\n"); + n = wsi->protocol->callback(wsi, + LWS_CALLBACK_HTTP_BODY_COMPLETION, + wsi->user_space, NULL, 0); + if (n) + goto bail; + + if (wsi->http2_substream) + lwsi_set_state(wsi, LRS_ESTABLISHED); + } + + break; + } + break; + + case LRS_AWAITING_CLOSE_ACK: + case LRS_WAITING_TO_SEND_CLOSE: + case LRS_SHUTDOWN: + +ws_mode: + + if (lws_handshake_client(wsi, &buf, (size_t)len)) + goto bail; +#if defined(LWS_ROLE_WS) + if (lwsi_role_ws(wsi) && lwsi_role_server(wsi) && + /* + * for h2 we are on the swsi + */ + lws_interpret_incoming_packet(wsi, &buf, (size_t)len) < 0) { + lwsl_info("interpret_incoming_packet bailed\n"); + goto bail; + } +#endif + break; + + case LRS_DEFERRING_ACTION: + lwsl_debug("%s: LRS_DEFERRING_ACTION\n", __func__); + break; + + case LRS_SSL_ACK_PENDING: + break; + + case LRS_DEAD_SOCKET: + lwsl_err("%s: Unhandled state LRS_DEAD_SOCKET\n", __func__); + assert(0); + /* fallthru */ + + default: + lwsl_err("%s: Unhandled state %d\n", __func__, lwsi_state(wsi)); + assert(0); + goto bail; + } + +read_ok: + /* Nothing more to do for now */ +// lwsl_info("%s: %p: read_ok, used %ld (len %d, state %d)\n", __func__, +// wsi, (long)(buf - oldbuf), (int)len, wsi->state); + + return lws_ptr_diff(buf, oldbuf); + +bail: + /* + * h2 / h2-ws calls us recursively in lws_read()->lws_h2_parser()-> + * lws_read() pattern, having stripped the h2 framing in the middle. + * + * When taking down the whole connection, make sure that only the + * outer lws_read() does the wsi close. + */ + if (!wsi->outer_will_close) + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "lws_read bail"); + + return -1; +} + +int +lws_h1_server_socket_service(struct lws *wsi, struct lws_pollfd *pollfd) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + struct allocated_headers *ah; + int n, len; + + if (lwsi_state(wsi) == LRS_DEFERRING_ACTION) + goto try_pollout; + + /* any incoming data ready? */ + + if (!(pollfd->revents & pollfd->events & LWS_POLLIN)) + goto try_pollout; + + /* + * If we previously just did POLLIN when IN and OUT were + * signalled (because POLLIN processing may have used up + * the POLLOUT), don't let that happen twice in a row... + * next time we see the situation favour POLLOUT + */ + if (wsi->favoured_pollin && + (pollfd->revents & pollfd->events & LWS_POLLOUT)) { + // lwsl_notice("favouring pollout\n"); + wsi->favoured_pollin = 0; + goto try_pollout; + } + + /* + * We haven't processed that the tunnel is set up yet, so + * defer reading + */ + if (lwsi_state(wsi) == LRS_SSL_ACK_PENDING) + return LWS_HPI_RET_HANDLED; + + /* these states imply we MUST have an ah attached */ + + if ((lwsi_state(wsi) == LRS_ESTABLISHED || + lwsi_state(wsi) == LRS_ISSUING_FILE || + lwsi_state(wsi) == LRS_HEADERS)) { + if (!wsi->ah) { + /* no autoservice beacuse we will do it next */ + if (lws_header_table_attach(wsi, 0)) { + lwsl_info("wsi %p: ah get fail\n", wsi); + goto try_pollout; + } + } + ah = wsi->ah; + + assert(ah->rxpos <= ah->rxlen); + /* if nothing in ah rx buffer, get some fresh rx */ + if (ah->rxpos == ah->rxlen) { + + if (wsi->preamble_rx) { + memcpy(ah->rx, wsi->preamble_rx, wsi->preamble_rx_len); + lws_free_set_NULL(wsi->preamble_rx); + ah->rxlen = wsi->preamble_rx_len; + wsi->preamble_rx_len = 0; + } else { + ah->rxlen = lws_ssl_capable_read(wsi, ah->rx, + sizeof(ah->rx)); + } + + ah->rxpos = 0; + switch (ah->rxlen) { + case 0: + lwsl_info("%s: read 0 len a\n", + __func__); + wsi->seen_zero_length_recv = 1; + lws_change_pollfd(wsi, LWS_POLLIN, 0); + goto try_pollout; + //goto fail; + + case LWS_SSL_CAPABLE_ERROR: + goto fail; + case LWS_SSL_CAPABLE_MORE_SERVICE: + ah->rxlen = ah->rxpos = 0; + goto try_pollout; + } + } + + if (!(ah->rxpos != ah->rxlen && ah->rxlen)) { + lwsl_err("%s: assert: rxpos %d, rxlen %d\n", + __func__, ah->rxpos, ah->rxlen); + + assert(0); + } + + /* just ignore incoming if waiting for close */ + if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE || + lwsi_state(wsi) == LRS_ISSUING_FILE) + goto try_pollout; + + /* + * otherwise give it to whoever wants it + * according to the connection state + */ +#if defined(LWS_ROLE_H2) + if (lwsi_role_h2(wsi) && lwsi_state(wsi) != LRS_BODY) + n = lws_read_h2(wsi, ah->rx + ah->rxpos, + ah->rxlen - ah->rxpos); + else +#endif + n = lws_read_h1(wsi, ah->rx + ah->rxpos, + ah->rxlen - ah->rxpos); + if (n < 0) /* we closed wsi */ + return LWS_HPI_RET_DIE; + + if (!wsi->ah) + return LWS_HPI_RET_HANDLED; + if (wsi->ah->rxlen) + wsi->ah->rxpos += n; + + lwsl_debug("%s: wsi %p: ah read rxpos %d, rxlen %d\n", + __func__, wsi, wsi->ah->rxpos, + wsi->ah->rxlen); + + if (lws_header_table_is_in_detachable_state(wsi) && + (wsi->role_ops == &role_ops_raw_skt || + wsi->role_ops == &role_ops_raw_file)) // ??? + lws_header_table_detach(wsi, 1); + + /* during the parsing we upgraded to ws */ + + if (wsi->ah && wsi->ah->rxpos == wsi->ah->rxlen && + lwsi_role_ws(wsi)) { + lwsl_info("%s: %p: dropping ah on ws post-upgrade\n", + __func__, wsi); + lws_header_table_force_to_detachable_state(wsi); + lws_header_table_detach(wsi, 0); + } + + return LWS_HPI_RET_HANDLED; + } + + len = lws_read_or_use_preamble(pt, wsi); + if (len < 0) + goto fail; + + if (!len) + goto try_pollout; + + /* just ignore incoming if waiting for close */ + if (lwsi_state(wsi) != LRS_FLUSHING_BEFORE_CLOSE && + lwsi_state(wsi) != LRS_ISSUING_FILE) { + /* + * this may want to send + * (via HTTP callback for example) + * + * returns number of bytes used + */ +#if defined(LWS_ROLE_H2) + if (lwsi_role_h2(wsi) && lwsi_state(wsi) != LRS_BODY) + n = lws_read_h2(wsi, pt->serv_buf, len); + else +#endif + n = lws_read_h1(wsi, pt->serv_buf, len); + if (n < 0) /* we closed wsi */ + return LWS_HPI_RET_DIE; + + if (n != len) { + if (wsi->preamble_rx) { + lwsl_err("DISCARDING %d (ah %p)\n", len - n, wsi->ah); + + goto fail; + } + assert(n < len); + wsi->preamble_rx = lws_malloc(len - n, "preamble_rx"); + if (!wsi->preamble_rx) { + lwsl_err("OOM\n"); + goto fail; + } + memcpy(wsi->preamble_rx, pt->serv_buf + n, len - n); + wsi->preamble_rx_len = (int)len - n; + lwsl_debug("stashed %d\n", (int)wsi->preamble_rx_len); + } + + /* + * he may have used up the + * writability above, if we will defer POLLOUT + * processing in favour of POLLIN, note it + */ + if (pollfd->revents & LWS_POLLOUT) + wsi->favoured_pollin = 1; + return LWS_HPI_RET_HANDLED; + } + /* + * he may have used up the + * writability above, if we will defer POLLOUT + * processing in favour of POLLIN, note it + */ + if (pollfd->revents & LWS_POLLOUT) + wsi->favoured_pollin = 1; + +try_pollout: + + /* this handles POLLOUT for http serving fragments */ + + if (!(pollfd->revents & LWS_POLLOUT)) + return LWS_HPI_RET_HANDLED; + + /* one shot */ + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_notice("%s a\n", __func__); + goto fail; + } + + /* clear back-to-back write detection */ + wsi->could_have_pending = 0; + + if (lwsi_state(wsi) == LRS_DEFERRING_ACTION) { + lwsl_debug("%s: LRS_DEFERRING_ACTION now writable\n", + __func__); + + if (wsi->ah) + lwsl_debug(" existing ah rxpos %d / rxlen %d\n", + wsi->ah->rxpos, wsi->ah->rxlen); + lwsi_set_state(wsi, LRS_ESTABLISHED); + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_info("failed at set pollfd\n"); + goto fail; + } + } + + if (!wsi->hdr_parsing_completed) + return LWS_HPI_RET_HANDLED; + + if (lwsi_state(wsi) != LRS_ISSUING_FILE) { + + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_WRITEABLE_CB, 1); +#if defined(LWS_WITH_STATS) + if (wsi->active_writable_req_us) { + uint64_t ul = time_in_microseconds() - + wsi->active_writable_req_us; + + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_MS_WRITABLE_DELAY, ul); + lws_stats_atomic_max(wsi->context, pt, + LWSSTATS_MS_WORST_WRITABLE_DELAY, ul); + wsi->active_writable_req_us = 0; + } +#endif + + n = user_callback_handle_rxflow(wsi->protocol->callback, + wsi, LWS_CALLBACK_HTTP_WRITEABLE, + wsi->user_space, NULL, 0); + if (n < 0) { + lwsl_info("writeable_fail\n"); + goto fail; + } + + return LWS_HPI_RET_HANDLED; + } + + /* >0 == completion, <0 == error + * + * We'll get a LWS_CALLBACK_HTTP_FILE_COMPLETION callback when + * it's done. That's the case even if we just completed the + * send, so wait for that. + */ + n = lws_serve_http_file_fragment(wsi); + if (n < 0) + goto fail; + + return LWS_HPI_RET_HANDLED; + + +fail: + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "server socket svc fail"); + + return LWS_HPI_RET_DIE; +} + +static int +rops_handle_POLLIN_h1(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ + +// lwsl_notice("%s: %p: wsistate 0x%x %s, revents 0x%x\n", __func__, wsi, +// wsi->wsistate, wsi->role_ops->name, pollfd->revents); + +#ifdef LWS_WITH_CGI + if (wsi->cgi && (pollfd->revents & LWS_POLLOUT)) { + if (lws_handle_POLLOUT_event(wsi, pollfd)) + return LWS_HPI_RET_CLOSE_HANDLED; + + return LWS_HPI_RET_HANDLED; + } +#endif + + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || + lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE || + lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) { + /* + * we stopped caring about anything except control + * packets. Force flow control off, defeat tx + * draining. + */ + lws_rx_flow_control(wsi, 1); + if (wsi->ws) + wsi->ws->tx_draining_ext = 0; + } + + if (lws_is_flowcontrolled(wsi)) + /* We cannot deal with any kind of new RX because we are + * RX-flowcontrolled. + */ + return LWS_HPI_RET_HANDLED; + +#if !defined(LWS_NO_SERVER) + if (!lwsi_role_client(wsi)) { + int n; + + lwsl_debug("%s: %p: wsistate 0x%x\n", __func__, wsi, wsi->wsistate); + n = lws_h1_server_socket_service(wsi, pollfd); + if (n != LWS_HPI_RET_HANDLED) + return n; + if (lwsi_state(wsi) != LRS_SSL_INIT) + if (lws_server_socket_service_ssl(wsi, LWS_SOCK_INVALID)) + return LWS_HPI_RET_DIE; + + return LWS_HPI_RET_HANDLED; + } +#endif + +#ifndef LWS_NO_CLIENT + if ((pollfd->revents & LWS_POLLIN) && + wsi->hdr_parsing_completed && !wsi->told_user_closed) { + + /* + * In SSL mode we get POLLIN notification about + * encrypted data in. + * + * But that is not necessarily related to decrypted + * data out becoming available; in may need to perform + * other in or out before that happens. + * + * simply mark ourselves as having readable data + * and turn off our POLLIN + */ + wsi->client_rx_avail = 1; + lws_change_pollfd(wsi, LWS_POLLIN, 0); + + //lwsl_notice("calling back %s\n", wsi->protocol->name); + + /* let user code know, he'll usually ask for writeable + * callback and drain / re-enable it there + */ + if (user_callback_handle_rxflow( + wsi->protocol->callback, + wsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP, + wsi->user_space, NULL, 0)) { + lwsl_info("RECEIVE_CLIENT_HTTP closed it\n"); + return LWS_HPI_RET_CLOSE_HANDLED; + } + + return LWS_HPI_RET_HANDLED; + } +#endif + +// if (lwsi_state(wsi) == LRS_ESTABLISHED) +// return LWS_HPI_RET_HANDLED; + +#if !defined(LWS_NO_CLIENT) + if ((pollfd->revents & LWS_POLLOUT) && + lws_handle_POLLOUT_event(wsi, pollfd)) { + lwsl_debug("POLLOUT event closed it\n"); + return LWS_HPI_RET_CLOSE_HANDLED; + } + + if (lws_client_socket_service(wsi, pollfd, NULL)) + return LWS_HPI_RET_DIE; +#endif + + return LWS_HPI_RET_HANDLED; +} + +int rops_handle_POLLOUT_h1(struct lws *wsi) +{ + if (lwsi_state(wsi) == LRS_ISSUE_HTTP_BODY) + return LWS_HP_RET_USER_SERVICE; + + if (lwsi_role_client(wsi)) + return LWS_HP_RET_USER_SERVICE; + + return LWS_HP_RET_BAIL_OK; +} + +static int +rops_service_flag_pending_h1(struct lws_context *context, int tsi) +{ + struct lws_context_per_thread *pt = &context->pt[tsi]; + struct allocated_headers *ah; + int forced = 0; + + /* POLLIN faking (the pt lock is taken by the parent) */ + + /* + * 3) For any wsi who have an ah with pending RX who did not + * complete their current headers, and are not flowcontrolled, + * fake their POLLIN status so they will be able to drain the + * rx buffered in the ah + */ + ah = pt->ah_list; + while (ah) { + if ((ah->rxpos != ah->rxlen && + !ah->wsi->hdr_parsing_completed) || ah->wsi->preamble_rx) { + pt->fds[ah->wsi->position_in_fds_table].revents |= + pt->fds[ah->wsi->position_in_fds_table].events & + LWS_POLLIN; + if (pt->fds[ah->wsi->position_in_fds_table].revents & + LWS_POLLIN) { + forced = 1; + break; + } + } + ah = ah->next; + } + + return forced; +} + +static int +rops_write_role_protocol_h1(struct lws *wsi, unsigned char *buf, size_t len, + enum lws_write_protocol *wp) +{ +#if 0 + /* if not in a state to send stuff, then just send nothing */ + + if ((lwsi_state(wsi) != LRS_RETURNED_CLOSE && + lwsi_state(wsi) != LRS_WAITING_TO_SEND_CLOSE && + lwsi_state(wsi) != LRS_AWAITING_CLOSE_ACK)) { + //assert(0); + lwsl_debug("binning %d %d\n", lwsi_state(wsi), *wp); + return 0; + } +#endif + + return lws_issue_raw(wsi, (unsigned char *)buf, len); +} + +struct lws_role_ops role_ops_h1 = { + "h1", + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ NULL, + /* periodic_checks */ NULL, + /* service_flag_pending */ rops_service_flag_pending_h1, + /* handle_POLLIN */ rops_handle_POLLIN_h1, + /* handle_POLLOUT */ rops_handle_POLLOUT_h1, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ NULL, + /* tx_credit */ NULL, + /* write_role_protocol */ rops_write_role_protocol_h1, + /* rxflow_cache */ NULL, + /* encapsulation_parent */ NULL, + /* close_via_role_protocol */ NULL, + /* close_role */ NULL, + /* close_kill_connection */ NULL, + /* destroy_role */ NULL, + /* writeable cb clnt, srv */ { LWS_CALLBACK_CLIENT_HTTP_WRITEABLE, + LWS_CALLBACK_HTTP_WRITEABLE }, + /* close cb clnt, srv */ { LWS_CALLBACK_CLOSED_CLIENT_HTTP, + LWS_CALLBACK_CLOSED_HTTP }, +}; diff --git a/lib/roles/h2/hpack.c b/lib/roles/h2/hpack.c new file mode 100644 index 0000000..678ade7 --- /dev/null +++ b/lib/roles/h2/hpack.c @@ -0,0 +1,1397 @@ +/* + * lib/hpack.c + * + * Copyright (C) 2014-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +/* + * Official static header table for HPACK + * +-------+-----------------------------+---------------+ + | 1 | :authority | | + | 2 | :method | GET | + | 3 | :method | POST | + | 4 | :path | / | + | 5 | :path | /index.html | + | 6 | :scheme | http | + | 7 | :scheme | https | + | 8 | :status | 200 | + | 9 | :status | 204 | + | 10 | :status | 206 | + | 11 | :status | 304 | + | 12 | :status | 400 | + | 13 | :status | 404 | + | 14 | :status | 500 | + | 15 | accept-charset | | + | 16 | accept-encoding | gzip, deflate | + | 17 | accept-language | | + | 18 | accept-ranges | | + | 19 | accept | | + | 20 | access-control-allow-origin | | + | 21 | age | | + | 22 | allow | | + | 23 | authorization | | + | 24 | cache-control | | + | 25 | content-disposition | | + | 26 | content-encoding | | + | 27 | content-language | | + | 28 | content-length | | + | 29 | content-location | | + | 30 | content-range | | + | 31 | content-type | | + | 32 | cookie | | + | 33 | date | | + | 34 | etag | | + | 35 | expect | | + | 36 | expires | | + | 37 | from | | + | 38 | host | | + | 39 | if-match | | + | 40 | if-modified-since | | + | 41 | if-none-match | | + | 42 | if-range | | + | 43 | if-unmodified-since | | + | 44 | last-modified | | + | 45 | link | | + | 46 | location | | + | 47 | max-forwards | | + | 48 | proxy-authenticate | | + | 49 | proxy-authorization | | + | 50 | range | | + | 51 | referer | | + | 52 | refresh | | + | 53 | retry-after | | + | 54 | server | | + | 55 | set-cookie | | + | 56 | strict-transport-security | | + | 57 | transfer-encoding | | + | 58 | user-agent | | + | 59 | vary | | + | 60 | via | | + | 61 | www-authenticate | | + +-------+-----------------------------+---------------+ +*/ + +static const uint8_t static_hdr_len[62] = { + 0, /* starts at 1 */ + 10, 7, 7, 5, 5, 7, 7, 7, 7, 7, + 7, 7, 7, 7, 14, 15, 15, 13, 6, 27, + 3, 5, 13, 13, 19, 16, 16, 14, 16, 13, + 12, 6, 4, 4, 6, 7, 4, 4, 8, 17, + 13, 8, 19, 13, 4, 8, 12, 18, 19, 5, + 7, 7, 11, 6, 10, 25, 17, 10, 4, 3, + 16 +}; + +static const unsigned char static_token[] = { + 0, + WSI_TOKEN_HTTP_COLON_AUTHORITY, + WSI_TOKEN_HTTP_COLON_METHOD, + WSI_TOKEN_HTTP_COLON_METHOD, + WSI_TOKEN_HTTP_COLON_PATH, + WSI_TOKEN_HTTP_COLON_PATH, + WSI_TOKEN_HTTP_COLON_SCHEME, + WSI_TOKEN_HTTP_COLON_SCHEME, + WSI_TOKEN_HTTP_COLON_STATUS, + WSI_TOKEN_HTTP_COLON_STATUS, + WSI_TOKEN_HTTP_COLON_STATUS, + WSI_TOKEN_HTTP_COLON_STATUS, + WSI_TOKEN_HTTP_COLON_STATUS, + WSI_TOKEN_HTTP_COLON_STATUS, + WSI_TOKEN_HTTP_COLON_STATUS, + WSI_TOKEN_HTTP_ACCEPT_CHARSET, + WSI_TOKEN_HTTP_ACCEPT_ENCODING, + WSI_TOKEN_HTTP_ACCEPT_LANGUAGE, + WSI_TOKEN_HTTP_ACCEPT_RANGES, + WSI_TOKEN_HTTP_ACCEPT, + WSI_TOKEN_HTTP_ACCESS_CONTROL_ALLOW_ORIGIN, + WSI_TOKEN_HTTP_AGE, + WSI_TOKEN_HTTP_ALLOW, + WSI_TOKEN_HTTP_AUTHORIZATION, + WSI_TOKEN_HTTP_CACHE_CONTROL, + WSI_TOKEN_HTTP_CONTENT_DISPOSITION, + WSI_TOKEN_HTTP_CONTENT_ENCODING, + WSI_TOKEN_HTTP_CONTENT_LANGUAGE, + WSI_TOKEN_HTTP_CONTENT_LENGTH, + WSI_TOKEN_HTTP_CONTENT_LOCATION, + WSI_TOKEN_HTTP_CONTENT_RANGE, + WSI_TOKEN_HTTP_CONTENT_TYPE, + WSI_TOKEN_HTTP_COOKIE, + WSI_TOKEN_HTTP_DATE, + WSI_TOKEN_HTTP_ETAG, + WSI_TOKEN_HTTP_EXPECT, + WSI_TOKEN_HTTP_EXPIRES, + WSI_TOKEN_HTTP_FROM, + WSI_TOKEN_HOST, + WSI_TOKEN_HTTP_IF_MATCH, + WSI_TOKEN_HTTP_IF_MODIFIED_SINCE, + WSI_TOKEN_HTTP_IF_NONE_MATCH, + WSI_TOKEN_HTTP_IF_RANGE, + WSI_TOKEN_HTTP_IF_UNMODIFIED_SINCE, + WSI_TOKEN_HTTP_LAST_MODIFIED, + WSI_TOKEN_HTTP_LINK, + WSI_TOKEN_HTTP_LOCATION, + WSI_TOKEN_HTTP_MAX_FORWARDS, + WSI_TOKEN_HTTP_PROXY_AUTHENTICATE, + WSI_TOKEN_HTTP_PROXY_AUTHORIZATION, + WSI_TOKEN_HTTP_RANGE, + WSI_TOKEN_HTTP_REFERER, + WSI_TOKEN_HTTP_REFRESH, + WSI_TOKEN_HTTP_RETRY_AFTER, + WSI_TOKEN_HTTP_SERVER, + WSI_TOKEN_HTTP_SET_COOKIE, + WSI_TOKEN_HTTP_STRICT_TRANSPORT_SECURITY, + WSI_TOKEN_HTTP_TRANSFER_ENCODING, + WSI_TOKEN_HTTP_USER_AGENT, + WSI_TOKEN_HTTP_VARY, + WSI_TOKEN_HTTP_VIA, + WSI_TOKEN_HTTP_WWW_AUTHENTICATE, +}; + +/* some of the entries imply values as well as header names */ + +static const char * const http2_canned[] = { + "", + "", + "GET", + "POST", + "/", + "/index.html", + "http", + "https", + "200", + "204", + "206", + "304", + "400", + "404", + "500", + "", + "gzip, deflate" +}; + +/* see minihuf.c */ + +#include "huftable.h" + +static int huftable_decode(int pos, char c) +{ + int q = pos + !!c; + + if (lextable_terms[q >> 3] & (1 << (q & 7))) /* terminal */ + return lextable[q] | 0x8000; + + return pos + (lextable[q] << 1); +} + +static int lws_frag_start(struct lws *wsi, int hdr_token_idx) +{ + struct allocated_headers *ah = wsi->ah; + + if (!ah) { + lwsl_notice("%s: no ah\n", __func__); + return 1; + } + + ah->hdr_token_idx = -1; + + lwsl_header("%s: token %d ah->pos = %d, ah->nfrag = %d\n", + __func__, hdr_token_idx, ah->pos, ah->nfrag); + + if (!hdr_token_idx) { + lwsl_err("%s: zero hdr_token_idx\n", __func__); + return 1; + } + + if (ah->nfrag >= ARRAY_SIZE(ah->frag_index)) { + lwsl_err("%s: frag index %d too big\n", __func__, ah->nfrag); + return 1; + } + + if ((hdr_token_idx == WSI_TOKEN_HTTP_COLON_AUTHORITY || + hdr_token_idx == WSI_TOKEN_HTTP_COLON_METHOD || + hdr_token_idx == WSI_TOKEN_HTTP_COLON_PATH || + hdr_token_idx == WSI_TOKEN_COLON_PROTOCOL || + hdr_token_idx == WSI_TOKEN_HTTP_COLON_SCHEME) && + ah->frag_index[hdr_token_idx]) { + if (!(ah->frags[ah->frag_index[hdr_token_idx]].flags & 1)) { + lws_h2_goaway(lws_get_network_wsi(wsi), + H2_ERR_PROTOCOL_ERROR, + "Duplicated pseudoheader"); + return 1; + } + } + + if (ah->nfrag == 0) + ah->nfrag = 1; + + ah->frags[ah->nfrag].offset = ah->pos; + ah->frags[ah->nfrag].len = 0; + ah->frags[ah->nfrag].nfrag = 0; + ah->frags[ah->nfrag].flags = 2; /* we had reason to set it */ + + ah->hdr_token_idx = hdr_token_idx; + + /* + * Okay, but we could be, eg, the second or subsequent cookie: header + */ + + if (ah->frag_index[hdr_token_idx]) { + int n; + + /* find the last fragment for this header... */ + n = ah->frag_index[hdr_token_idx]; + while (ah->frags[n].nfrag) + n = ah->frags[n].nfrag; + /* and point it to continue in our continuation fragment */ + ah->frags[n].nfrag = ah->nfrag; + + /* cookie continuations need a separator token of ';' */ + if (hdr_token_idx == WSI_TOKEN_HTTP_COOKIE) { + ah->data[ah->pos++] = ';'; + ah->frags[ah->nfrag].len++; + } + } else + ah->frag_index[hdr_token_idx] = ah->nfrag; + + return 0; +} + +static int lws_frag_append(struct lws *wsi, unsigned char c) +{ + struct allocated_headers *ah = wsi->ah; + + ah->data[ah->pos++] = c; + ah->frags[ah->nfrag].len++; + + return (int)ah->pos >= wsi->context->max_http_header_data; +} + +static int lws_frag_end(struct lws *wsi) +{ + lwsl_header("%s\n", __func__); + if (lws_frag_append(wsi, 0)) + return 1; + + /* don't account for the terminating NUL in the logical length */ + wsi->ah->frags[wsi->ah->nfrag].len--; + + wsi->ah->nfrag++; + return 0; +} + +int +lws_hdr_extant(struct lws *wsi, enum lws_token_indexes h) +{ + struct allocated_headers *ah = wsi->ah; + int n; + + if (!ah) + return 0; + + n = ah->frag_index[h]; + if (!n) + return 0; + + return !!(ah->frags[n].flags & 2); +} + +static void lws_dump_header(struct lws *wsi, int hdr) +{ + char s[200]; + const unsigned char *p; + int len; + + if (hdr == LWS_HPACK_IGNORE_ENTRY) { + lwsl_notice("hdr tok ignored\n"); + return; + } + + (void)p; + + len = lws_hdr_copy(wsi, s, sizeof(s) - 1, hdr); + if (len < 0) + strcpy(s, "(too big to show)"); + else + s[len] = '\0'; + p = lws_token_to_string(hdr); + lwsl_header(" hdr tok %d (%s) = '%s' (len %d)\n", hdr, + p ? (char *)p : (char *)"null", s, len); +} + +/* + * dynamic table + * + * [ 0 .... num_entries - 1] + * + * Starts filling at 0+ + * + * #62 is *most recently entered* + * + * Number of entries is not restricted, but aggregated size of the entry + * payloads is. Unfortunately the way HPACK does this is specific to an + * imagined implementation, and lws implementation is much more efficient + * (ignoring unknown headers and using the lws token index for the header + * name part). + */ + +/* + * returns 0 if dynamic entry (arg and len are filled) + * returns -1 if failure + * returns nonzero token index if actually static token + */ +static int +lws_token_from_index(struct lws *wsi, int index, const char **arg, int *len, + uint32_t *hdr_len) +{ + struct hpack_dynamic_table *dyn; + + if (index == LWS_HPACK_IGNORE_ENTRY) + return LWS_HPACK_IGNORE_ENTRY; + + /* dynamic table only belongs to network wsi */ + wsi = lws_get_network_wsi(wsi); + if (!wsi->h2.h2n) + return -1; + + dyn = &wsi->h2.h2n->hpack_dyn_table; + + if (index < 0) + return -1; + + if (index < (int)ARRAY_SIZE(static_token)) { + if (arg && index < (int)ARRAY_SIZE(http2_canned)) { + *arg = http2_canned[index]; + *len = (int)strlen(http2_canned[index]); + } + if (hdr_len) + *hdr_len = static_hdr_len[index]; + + return static_token[index]; + } + + if (!dyn) { + lwsl_notice("no dynamic table\n"); + return -1; + } + + if (index < (int)ARRAY_SIZE(static_token) || + index >= (int)ARRAY_SIZE(static_token) + dyn->used_entries) { + lwsl_err(" %s: adjusted index %d >= %d\n", __func__, index, + dyn->used_entries); + lws_h2_goaway(wsi, H2_ERR_COMPRESSION_ERROR, + "index out of range"); + return -1; + } + + index -= (int)ARRAY_SIZE(static_token); + index = (dyn->pos - 1 - index) % dyn->num_entries; + if (index < 0) + index += dyn->num_entries; + + lwsl_header("%s: dyn index %d, tok %d\n", __func__, index, + dyn->entries[index].lws_hdr_idx); + + if (arg && len) { + *arg = dyn->entries[index].value; + *len = dyn->entries[index].value_len; + } + + if (hdr_len) + *hdr_len = dyn->entries[index].hdr_len; + + return dyn->entries[index].lws_hdr_idx; +} + +static int +lws_h2_dynamic_table_dump(struct lws *wsi) +{ +#if 0 + struct lws *nwsi = lws_get_network_wsi(wsi); + struct hpack_dynamic_table *dyn; + int n, m; + const char *p; + + if (!nwsi->h2.h2n) + return 1; + dyn = &nwsi->h2.h2n->hpack_dyn_table; + + lwsl_header("Dump dyn table for nwsi %p (%d / %d members, pos = %d, " + "start index %d, virt used %d / %d)\n", nwsi, + dyn->used_entries, dyn->num_entries, dyn->pos, + (uint32_t)ARRAY_SIZE(static_token), + dyn->virtual_payload_usage, dyn->virtual_payload_max); + + for (n = 0; n < dyn->used_entries; n++) { + m = (dyn->pos - 1 - n) % dyn->num_entries; + if (m < 0) + m += dyn->num_entries; + if (dyn->entries[m].lws_hdr_idx != LWS_HPACK_IGNORE_ENTRY) + p = (const char *)lws_token_to_string( + dyn->entries[m].lws_hdr_idx); + else + p = "(ignored)"; + lwsl_header(" %3d: tok %s: (len %d) val '%s'\n", + (int)(n + ARRAY_SIZE(static_token)), p, + dyn->entries[m].hdr_len, dyn->entries[m].value ? + dyn->entries[m].value : "null"); + } +#endif + return 0; +} + +static void +lws_dynamic_free(struct hpack_dynamic_table *dyn, int idx) +{ + lwsl_header("freeing %d for reuse\n", idx); + dyn->virtual_payload_usage -= dyn->entries[idx].value_len + + dyn->entries[idx].hdr_len; + lws_free_set_NULL(dyn->entries[idx].value); + dyn->entries[idx].value = NULL; + dyn->entries[idx].value_len = 0; + dyn->entries[idx].hdr_len = 0; + dyn->entries[idx].lws_hdr_idx = LWS_HPACK_IGNORE_ENTRY; + dyn->used_entries--; +} + +/* + * There are two address spaces, 1) internal ringbuffer and 2) HPACK indexes. + * + * Internal ringbuffer: + * + * The internal ringbuffer wraps as we keep filling it, dyn->pos points to + * the next index to be written. + * + * HPACK indexes: + * + * The last-written entry becomes entry 0, the previously-last-written entry + * becomes entry 1 etc. + */ + +static int +lws_dynamic_token_insert(struct lws *wsi, int hdr_len, + int lws_hdr_index, char *arg, int len) +{ + struct hpack_dynamic_table *dyn; + int new_index, n; + + /* dynamic table only belongs to network wsi */ + wsi = lws_get_network_wsi(wsi); + if (!wsi->h2.h2n) + return 1; + dyn = &wsi->h2.h2n->hpack_dyn_table; + + if (!dyn->entries) { + lwsl_err("%s: unsized dyn table\n", __func__); + + return 1; + } + lws_h2_dynamic_table_dump(wsi); + + new_index = (dyn->pos) % dyn->num_entries; + if (dyn->num_entries && dyn->used_entries == dyn->num_entries) { + if (dyn->virtual_payload_usage < dyn->virtual_payload_max) + lwsl_err("Dropping header content before limit!\n"); + /* we have to drop the oldest to make space */ + lws_dynamic_free(dyn, new_index); + } + + /* + * evict guys to make room, allowing for some overage. We have to + * take care about getting a single huge header, and evicting + * everything + */ + + while (dyn->virtual_payload_usage && + dyn->used_entries && + dyn->virtual_payload_usage + hdr_len + len > + dyn->virtual_payload_max + 1024) { + n = (dyn->pos - dyn->used_entries) % dyn->num_entries; + if (n < 0) + n += dyn->num_entries; + lws_dynamic_free(dyn, n); + } + + if (dyn->used_entries < dyn->num_entries) + dyn->used_entries++; + + dyn->entries[new_index].value_len = 0; + + if (lws_hdr_index != LWS_HPACK_IGNORE_ENTRY) { + if (dyn->entries[new_index].value) + lws_free_set_NULL(dyn->entries[new_index].value); + dyn->entries[new_index].value = lws_malloc(len + 1, "hpack dyn"); + if (!dyn->entries[new_index].value) + return 1; + + memcpy(dyn->entries[new_index].value, arg, len); + dyn->entries[new_index].value[len] = '\0'; + dyn->entries[new_index].value_len = len; + } else + dyn->entries[new_index].value = NULL; + + dyn->entries[new_index].lws_hdr_idx = lws_hdr_index; + dyn->entries[new_index].hdr_len = hdr_len; + + dyn->virtual_payload_usage += hdr_len + len; + + lwsl_info("%s: index %ld: lws_hdr_index 0x%x, hdr len %d, '%s' len %d\n", + __func__, (long)ARRAY_SIZE(static_token), + lws_hdr_index, hdr_len, dyn->entries[new_index].value ? + dyn->entries[new_index].value : "null", len); + + dyn->pos = (dyn->pos + 1) % dyn->num_entries; + + lws_h2_dynamic_table_dump(wsi); + + return 0; +} + +int +lws_hpack_dynamic_size(struct lws *wsi, int size) +{ + struct hpack_dynamic_table *dyn; + struct hpack_dt_entry *dte; + struct lws *nwsi; + int min, n = 0, m; + + /* + * "size" here is coming from the http/2 SETTING + * SETTINGS_HEADER_TABLE_SIZE. This is a (virtual, in our case) + * linear buffer containing dynamic header names and values... when it + * is full, old entries are evicted. + * + * We encode the header as an lws_hdr_idx, which is all the rest of + * lws cares about; if there is no matching header we store an empty + * entry in the dyn table as a placeholder. + * + * So to make the two systems work together we keep an accounting of + * what we are using to decide when to evict... we must only evict + * things when the remote peer's accounting also makes him feel he + * should evict something. + */ + + nwsi = lws_get_network_wsi(wsi); + if (!nwsi->h2.h2n) + goto bail; + + dyn = &nwsi->h2.h2n->hpack_dyn_table; + lwsl_info("%s: from %d to %d, lim %d\n", __func__, + (int)dyn->num_entries, size, + nwsi->vhost->set.s[H2SET_HEADER_TABLE_SIZE]); + + if (size > (int)nwsi->vhost->set.s[H2SET_HEADER_TABLE_SIZE]) { + lwsl_notice("rejecting hpack dyn size %u\n", size); +//#if defined(LWS_WITH_ESP32) + size = nwsi->vhost->set.s[H2SET_HEADER_TABLE_SIZE]; +//#else +// lws_h2_goaway(nwsi, H2_ERR_COMPRESSION_ERROR, +// "Asked for header table bigger than we told"); +// goto bail; +//#endif + } + + dyn->virtual_payload_max = size; + + size = size / 8; + min = size; + if (min > dyn->used_entries) + min = dyn->used_entries; + + if (size == dyn->num_entries) + return 0; + + if (dyn->num_entries < min) + min = dyn->num_entries; + + // lwsl_notice("dte requested size %d\n", size); + + dte = lws_zalloc(sizeof(*dte) * (size + 1), "dynamic table entries"); + if (!dte) + goto bail; + + while (dyn->virtual_payload_usage && dyn->used_entries && + dyn->virtual_payload_usage > dyn->virtual_payload_max) { + n = (dyn->pos - dyn->used_entries) % dyn->num_entries; + if (n < 0) + n += dyn->num_entries; + lws_dynamic_free(dyn, n); + } + + if (min > dyn->used_entries) + min = dyn->used_entries; + + if (dyn->entries) { + for (n = 0; n < min; n++) { + m = (dyn->pos - dyn->used_entries + n) % dyn->num_entries; + if (m < 0) + m += dyn->num_entries; + dte[n] = dyn->entries[m]; + } + + lws_free(dyn->entries); + } + + dyn->entries = dte; + dyn->num_entries = size; + dyn->used_entries = min; + if (size) + dyn->pos = min % size; + else + dyn->pos = 0; + + lws_h2_dynamic_table_dump(wsi); + + return 0; + +bail: + lwsl_info("%s: failed to resize to %d\n", __func__, size); + + return 1; +} + +void +lws_hpack_destroy_dynamic_header(struct lws *wsi) +{ + struct hpack_dynamic_table *dyn; + int n; + + if (!wsi->h2.h2n) + return; + + dyn = &wsi->h2.h2n->hpack_dyn_table; + + if (!dyn->entries) + return; + + for (n = 0; n < dyn->num_entries; n++) + if (dyn->entries[n].value) + lws_free_set_NULL(dyn->entries[n].value); + + lws_free_set_NULL(dyn->entries); +} + +static int +lws_hpack_use_idx_hdr(struct lws *wsi, int idx, int known_token) +{ + const char *arg = NULL; + int len = 0; + const char *p = NULL; + int tok = lws_token_from_index(wsi, idx, &arg, &len, NULL); + + if (tok == LWS_HPACK_IGNORE_ENTRY) { + lwsl_header("%s: lws_token says ignore, returning\n", __func__); + return 0; + } + + if (tok == -1) { + lwsl_info("%s: idx %d mapped to tok %d\n", __func__, idx, tok); + return 1; + } + + if (arg) { + /* dynamic result */ + if (known_token > 0) + tok = known_token; + lwsl_header("%s: dyn: idx %d '%s' tok %d\n", __func__, idx, arg, + tok); + } else + lwsl_header("writing indexed hdr %d (tok %d '%s')\n", idx, tok, + lws_token_to_string(tok)); + + if (tok == LWS_HPACK_IGNORE_ENTRY) + return 0; + + if (arg) + p = arg; + + if (idx < (int)ARRAY_SIZE(http2_canned)) + p = http2_canned[idx]; + + if (lws_frag_start(wsi, tok)) + return 1; + + if (p) + while (*p && len--) + if (lws_frag_append(wsi, *p++)) + return 1; + + if (lws_frag_end(wsi)) + return 1; + + lws_dump_header(wsi, tok); + + return 0; +} + +static uint8_t lws_header_implies_psuedoheader_map[] = { + 0x07, 0x00, 0x00, 0x00, 0xf8, 0x00, 0x00, 0x00, 0x00 /* <-64 */, + 0x0e /* <- 72 */, 0x04 /* <- 80 */, 0, 0, 0, 0 +}; + +static int +lws_hpack_handle_pseudo_rules(struct lws *nwsi, struct lws *wsi, int m) +{ + if (m == LWS_HPACK_IGNORE_ENTRY || m == -1) + return 0; + + if (wsi->seen_nonpseudoheader && + (lws_header_implies_psuedoheader_map[m >> 3] & (1 << (m & 7)))) { + + lwsl_notice("lws tok %d seems to be a pseudoheader\n", m); + + /* + * it's not legal to see a + * pseudoheader after normal + * headers + */ + lws_h2_goaway(nwsi, H2_ERR_PROTOCOL_ERROR, + "Pseudoheader after normal hdrs"); + return 1; + } + + if (!(lws_header_implies_psuedoheader_map[m >> 3] & (1 << (m & 7)))) + wsi->seen_nonpseudoheader = 1; + + return 0; +} + +int lws_hpack_interpret(struct lws *wsi, unsigned char c) +{ + struct lws *nwsi = lws_get_network_wsi(wsi); + struct lws_h2_netconn *h2n = nwsi->h2.h2n; + struct allocated_headers *ah = wsi->ah; + unsigned int prev; + unsigned char c1; + int n, m, plen; + + if (!h2n) + return -1; + + /* + * HPKT_INDEXED_HDR_7 1xxxxxxx: just "header field" + * HPKT_INDEXED_HDR_6_VALUE_INCR 01xxxxxx: NEW indexed hdr + val + * HPKT_LITERAL_HDR_VALUE_INCR 01000000: NEW literal hdr + val + * HPKT_INDEXED_HDR_4_VALUE 0000xxxx: indexed hdr + val + * HPKT_INDEXED_HDR_4_VALUE_NEVER 0001xxxx: NEVER NEW indexed hdr + val + * HPKT_LITERAL_HDR_VALUE 00000000: literal hdr + val + * HPKT_LITERAL_HDR_VALUE_NEVER 00010000: NEVER NEW literal hdr + val + */ + switch (h2n->hpack) { + + case HPKS_TYPE: + h2n->is_first_header_char = 1; + h2n->huff_pad = 0; + h2n->zero_huff_padding = 0; + h2n->last_action_dyntable_resize = 0; + h2n->ext_count = 0; + h2n->hpack_hdr_len = 0; + h2n->unknown_header = 0; + ah->parser_state = 255; + + if (c & 0x80) { /* 1.... indexed header field only */ + /* just a possibly-extended integer */ + h2n->hpack_type = HPKT_INDEXED_HDR_7; + lwsl_header("HPKT_INDEXED_HDR_7 hdr %d\n", c & 0x7f); + lws_h2_dynamic_table_dump(wsi); + + h2n->hdr_idx = c & 0x7f; + if ((c & 0x7f) == 0x7f) { + h2n->hpack_len = 0; + h2n->hpack_m = 0x7f; + h2n->hpack = HPKS_IDX_EXT; + break; + } + if (!h2n->hdr_idx) { + lws_h2_goaway(nwsi, H2_ERR_COMPRESSION_ERROR, + "hdr index 0 seen"); + return 1; + } + + m = lws_token_from_index(wsi, h2n->hdr_idx, + NULL, NULL, NULL); + if (lws_hpack_handle_pseudo_rules(nwsi, wsi, m)) + return 1; + + lwsl_header("HPKT_INDEXED_HDR_7: hdr %d\n", c & 0x7f); + if (lws_hpack_use_idx_hdr(wsi, c & 0x7f, -1)) { + lwsl_header("%s: idx hdr wr fail\n", __func__); + return 1; + } + /* stay at same state */ + break; + } + if (c & 0x40) { /* 01.... indexed or literal header incr idx */ + /* + * [possibly-ext hdr idx (6) | new literal hdr name] + * H + possibly-ext value length + * literal value + */ + h2n->hdr_idx = 0; + if (c == 0x40) { /* literal header */ + lwsl_header(" HPKT_LITERAL_HDR_VALUE_INCR\n"); + h2n->hpack_type = HPKT_LITERAL_HDR_VALUE_INCR; + h2n->value = 0; + h2n->hpack_len = 0; + h2n->hpack = HPKS_HLEN; + break; + } + /* indexed header */ + h2n->hpack_type = HPKT_INDEXED_HDR_6_VALUE_INCR; + lwsl_header(" HPKT_INDEXED_HDR_6_VALUE_INCR (hdr %d)\n", + c & 0x3f); + h2n->hdr_idx = c & 0x3f; + if ((c & 0x3f) == 0x3f) { + h2n->hpack_m = 0x3f; + h2n->hpack_len = 0; + h2n->hpack = HPKS_IDX_EXT; + break; + } + + h2n->value = 1; + h2n->hpack = HPKS_HLEN; + if (!h2n->hdr_idx) { + lws_h2_goaway(nwsi, H2_ERR_COMPRESSION_ERROR, + "hdr index 0 seen"); + return 1; + } + break; + } + switch(c & 0xf0) { + case 0x10: /* literal header never index */ + case 0: /* literal header without indexing */ + /* + * follows 0x40 except 4-bit hdr idx + * and don't add to index + */ + if (c == 0) { /* literal name */ + h2n->hpack_type = HPKT_LITERAL_HDR_VALUE; + lwsl_header(" HPKT_LITERAL_HDR_VALUE\n"); + h2n->hpack = HPKS_HLEN; + h2n->value = 0; + break; + } + if (c == 0x10) { /* literal name NEVER */ + h2n->hpack_type = HPKT_LITERAL_HDR_VALUE_NEVER; + lwsl_header(" HPKT_LITERAL_HDR_VALUE_NEVER\n"); + h2n->hpack = HPKS_HLEN; + h2n->value = 0; + break; + } + lwsl_header("indexed\n"); + /* indexed name */ + if (c & 0x10) { + h2n->hpack_type = HPKT_INDEXED_HDR_4_VALUE_NEVER; + lwsl_header(" HPKT_LITERAL_HDR_4_VALUE_NEVER\n"); + } else { + h2n->hpack_type = HPKT_INDEXED_HDR_4_VALUE; + lwsl_header(" HPKT_INDEXED_HDR_4_VALUE\n"); + } + h2n->hdr_idx = 0; + if ((c & 0xf) == 0xf) { + h2n->hpack_len = c & 0xf; + h2n->hpack_m = 0xf; + h2n->hpack_len = 0; + h2n->hpack = HPKS_IDX_EXT; + break; + } + h2n->hdr_idx = c & 0xf; + h2n->value = 1; + h2n->hpack = HPKS_HLEN; + break; + + case 0x20: + case 0x30: /* header table size update */ + /* possibly-extended size value (5) */ + lwsl_header("HPKT_SIZE_5 %x\n", c &0x1f); + h2n->hpack_type = HPKT_SIZE_5; + h2n->hpack_len = c & 0x1f; + if (h2n->hpack_len == 0x1f) { + h2n->hpack_m = 0x1f; + h2n->hpack_len = 0; + h2n->hpack = HPKS_IDX_EXT; + break; + } + h2n->last_action_dyntable_resize = 1; + if (lws_hpack_dynamic_size(wsi, h2n->hpack_len)) + return 1; + break; + } + break; + + case HPKS_IDX_EXT: + h2n->hpack_len = h2n->hpack_len | + ((c & 0x7f) << h2n->ext_count); + h2n->ext_count += 7; + if (c & 0x80) /* extended int not complete yet */ + break; + + /* extended integer done */ + h2n->hpack_len += h2n->hpack_m; + lwsl_header("HPKS_IDX_EXT: hpack_len %d\n", h2n->hpack_len); + + switch (h2n->hpack_type) { + case HPKT_INDEXED_HDR_7: + if (lws_hpack_use_idx_hdr(wsi, h2n->hpack_len, + h2n->hdr_idx)) { + lwsl_notice("%s: hd7 use fail\n", __func__); + return 1; + } + h2n->hpack = HPKS_TYPE; + break; + + case HPKT_SIZE_5: + h2n->last_action_dyntable_resize = 1; + if (lws_hpack_dynamic_size(wsi, h2n->hpack_len)) + return 1; + h2n->hpack = HPKS_TYPE; + break; + + default: + h2n->hdr_idx = h2n->hpack_len; + if (!h2n->hdr_idx) { + lws_h2_goaway(nwsi, H2_ERR_COMPRESSION_ERROR, + "extended header index was 0"); + return 1; + } + h2n->value = 1; + h2n->hpack = HPKS_HLEN; + break; + } + break; + + case HPKS_HLEN: /* [ H | 7+ ] */ + h2n->huff = !!(c & 0x80); + h2n->hpack_pos = 0; + h2n->hpack_len = c & 0x7f; + + if (h2n->hpack_len == 0x7f) { + h2n->hpack_m = 0x7f; + h2n->hpack_len = 0; + h2n->ext_count = 0; + h2n->hpack = HPKS_HLEN_EXT; + break; + } +pre_data: + h2n->hpack = HPKS_DATA; + if (!h2n->value || !h2n->hdr_idx) { + ah->parser_state = WSI_TOKEN_NAME_PART; + ah->lextable_pos = 0; + h2n->unknown_header = 0; + break; + } + + if (h2n->hpack_type == HPKT_LITERAL_HDR_VALUE || + h2n->hpack_type == HPKT_LITERAL_HDR_VALUE_INCR || + h2n->hpack_type == HPKT_LITERAL_HDR_VALUE_NEVER) { + n = ah->parser_state; + if (n == 255) { + n = -1; + h2n->hdr_idx = -1; + } else + h2n->hdr_idx = 1; + } else { + n = lws_token_from_index(wsi, h2n->hdr_idx, NULL, + NULL, NULL); + lwsl_header(" lws_tok_from_idx(%d) says %d\n", + h2n->hdr_idx, n); + } + + if (n == LWS_HPACK_IGNORE_ENTRY || n == -1) + h2n->hdr_idx = LWS_HPACK_IGNORE_ENTRY; + + switch (h2n->hpack_type) { + /* + * hpack types with literal headers were parsed by the lws + * header SM... on recognition of a known lws header, it does + * the correct lws_frag_start() for us already. Other types + * (ie, indexed header) need us to do it here. + */ + case HPKT_LITERAL_HDR_VALUE_INCR: + case HPKT_LITERAL_HDR_VALUE: + case HPKT_LITERAL_HDR_VALUE_NEVER: + break; + default: + if (n != -1 && n != LWS_HPACK_IGNORE_ENTRY && + lws_frag_start(wsi, n)) { + lwsl_header("%s: frag start failed\n", __func__); + return 1; + } + break; + } + break; + + case HPKS_HLEN_EXT: + h2n->hpack_len = h2n->hpack_len | + ((c & 0x7f) << h2n->ext_count); + h2n->ext_count += 7; + if (c & 0x80) /* extended integer not complete yet */ + break; + + h2n->hpack_len += h2n->hpack_m; + goto pre_data; + + case HPKS_DATA: + //lwsl_header(" 0x%02X huff %d\n", c, h2n->huff); + c1 = c; + + for (n = 0; n < 8; n++) { + if (h2n->huff) { + char b = (c >> 7) & 1; + prev = h2n->hpack_pos; + h2n->hpack_pos = huftable_decode( + h2n->hpack_pos, b); + c <<= 1; + if (h2n->hpack_pos == 0xffff) { + lwsl_notice("Huffman err\n"); + return 1; + } + if (!(h2n->hpack_pos & 0x8000)) { + if (!b) + h2n->zero_huff_padding = 1; + h2n->huff_pad++; + continue; + } + c1 = h2n->hpack_pos & 0x7fff; + h2n->hpack_pos = 0; + h2n->huff_pad = 0; + h2n->zero_huff_padding = 0; + + /* EOS |11111111|11111111|11111111|111111 */ + if (!c1 && prev == HUFTABLE_0x100_PREV) { + lws_h2_goaway(nwsi, + H2_ERR_COMPRESSION_ERROR, + "Huffman EOT seen"); + return 1; + } + } else + n = 8; + + if (h2n->value) { /* value */ + + if (h2n->hdr_idx && + h2n->hdr_idx != LWS_HPACK_IGNORE_ENTRY) { + + if (ah->hdr_token_idx == + WSI_TOKEN_HTTP_COLON_PATH) { + + switch (lws_parse_urldecode( + wsi, &c1)) { + case LPUR_CONTINUE: + break; + case LPUR_SWALLOW: + goto swallow; + case LPUR_EXCESSIVE: + case LPUR_FORBID: + lws_h2_goaway(nwsi, + H2_ERR_PROTOCOL_ERROR, + "Evil URI"); + return 1; + + default: + return -1; + } + } + if (lws_frag_append(wsi, c1)) { + lwsl_notice("%s: frag app fail\n", + __func__); + return 1; + } + } //else + //lwsl_header("ignoring %c\n", c1); + } else { + /* + * Convert name using existing parser, + * If h2n->unknown_header == 0, result is + * in wsi->parser_state + * using WSI_TOKEN_GET_URI. + * + * If unknown header h2n->unknown_header + * will be set. + */ + h2n->hpack_hdr_len++; + if (h2n->is_first_header_char) { + h2n->is_first_header_char = 0; + h2n->first_hdr_char = c1; + } + lwsl_header("parser: %c\n", c1); + /* uppercase header names illegal */ + if (c1 >= 'A' && c1 <= 'Z') { + lws_h2_goaway(nwsi, + H2_ERR_COMPRESSION_ERROR, + "Uppercase literal hpack hdr"); + return 1; + } + plen = 1; + if (!h2n->unknown_header && + lws_parse(wsi, &c1, &plen)) + h2n->unknown_header = 1; + } +swallow: + (void)n; + } // for n + + if (--h2n->hpack_len) + break; + + /* + * The header (h2n->value = 0) or the payload (h2n->value = 1) + * is complete. + */ + + if (h2n->huff && (h2n->huff_pad > 7 || + (h2n->zero_huff_padding && h2n->huff_pad))) { + lwsl_notice("zero_huff_padding: %d huff_pad: %d\n", + h2n->zero_huff_padding, h2n->huff_pad); + lws_h2_goaway(nwsi, H2_ERR_COMPRESSION_ERROR, + "Huffman padding excessive or wrong"); + return 1; + } + + if (!h2n->value && ( + h2n->hpack_type == HPKT_LITERAL_HDR_VALUE || + h2n->hpack_type == HPKT_LITERAL_HDR_VALUE_INCR || + h2n->hpack_type == HPKT_LITERAL_HDR_VALUE_NEVER)) { + h2n->hdr_idx = LWS_HPACK_IGNORE_ENTRY; + lwsl_header("wsi->parser_state: %d\n", + ah->parser_state); + + if (ah->parser_state == WSI_TOKEN_NAME_PART) { + /* h2 headers come without the colon */ + c1 = ':'; + plen = 1; + n = lws_parse(wsi, &c1, &plen); + (void)n; + } + + if (ah->parser_state == WSI_TOKEN_NAME_PART || + ah->parser_state == WSI_TOKEN_SKIPPING) { + h2n->unknown_header = 1; + ah->parser_state = -1; + wsi->seen_nonpseudoheader = 1; + } + } + + n = 8; + + /* we have the header */ + if (!h2n->value) { + h2n->value = 1; + h2n->hpack = HPKS_HLEN; + h2n->huff_pad = 0; + h2n->zero_huff_padding = 0; + h2n->ext_count = 0; + break; + } + + /* + * we have got both the header and value + */ + + m = -1; + switch (h2n->hpack_type) { + /* + * These are the only two that insert to the dyntable + */ + /* NEW indexed hdr with value */ + case HPKT_INDEXED_HDR_6_VALUE_INCR: + /* header length is determined by known index */ + m = lws_token_from_index(wsi, h2n->hdr_idx, NULL, NULL, + &h2n->hpack_hdr_len); + goto add_it; + /* NEW literal hdr with value */ + case HPKT_LITERAL_HDR_VALUE_INCR: + /* + * hdr is a new literal, so length is already in + * h2n->hpack_hdr_len + */ + m = ah->parser_state; + if (h2n->unknown_header || + ah->parser_state == WSI_TOKEN_NAME_PART || + ah->parser_state == WSI_TOKEN_SKIPPING) { + if (h2n->first_hdr_char == ':') { + lwsl_info("HPKT_LITERAL_HDR_VALUE_INCR:" + " end state %d unk hdr %d\n", + ah->parser_state, + h2n->unknown_header); + /* unknown pseudoheaders are illegal */ + lws_h2_goaway(nwsi, + H2_ERR_PROTOCOL_ERROR, + "Unknown pseudoheader"); + return 1; + } + m = LWS_HPACK_IGNORE_ENTRY; + } +add_it: + /* + * mark us as having been set at the time of dynamic + * token insertion. + */ + ah->frags[ah->nfrag].flags |= 1; + + if (lws_dynamic_token_insert(wsi, h2n->hpack_hdr_len, m, + &ah->data[ah->frags[ah->nfrag].offset], + ah->frags[ah->nfrag].len)) { + lwsl_notice("%s: tok_insert fail\n", __func__); + return 1; + } + break; + + default: + break; + } + + if (h2n->hdr_idx != LWS_HPACK_IGNORE_ENTRY && lws_frag_end(wsi)) + return 1; + + if (h2n->hpack_type != HPKT_INDEXED_HDR_6_VALUE_INCR) { + + if (h2n->hpack_type == HPKT_LITERAL_HDR_VALUE || + h2n->hpack_type == HPKT_LITERAL_HDR_VALUE_INCR || + h2n->hpack_type == HPKT_LITERAL_HDR_VALUE_NEVER) { + m = ah->parser_state; + if (m == 255) + m = -1; + } else + m = lws_token_from_index(wsi, h2n->hdr_idx, + NULL, NULL, NULL); + } + + if (m != -1 && m != LWS_HPACK_IGNORE_ENTRY) + lws_dump_header(wsi, m); + + if (lws_hpack_handle_pseudo_rules(nwsi, wsi, m)) + return 1; + + h2n->is_first_header_char = 1; + h2n->hpack = HPKS_TYPE; + break; + } + + return 0; +} + + + +static int +lws_h2_num_start(int starting_bits, unsigned long num) +{ + unsigned int mask = (1 << starting_bits) - 1; + + if (num < mask) + return (int)num; + + return mask; +} + +static int +lws_h2_num(int starting_bits, unsigned long num, + unsigned char **p, unsigned char *end) +{ + unsigned int mask = (1 << starting_bits) - 1; + + if (num < mask) + return 0; + + num -= mask; + do { + if (num > 127) + *((*p)++) = 0x80 | (num & 0x7f); + else + *((*p)++) = 0x00 | (num & 0x7f); + if (*p >= end) + return 1; + num >>= 7; + } while (num); + + return 0; +} + +int lws_add_http2_header_by_name(struct lws *wsi, const unsigned char *name, + const unsigned char *value, int length, + unsigned char **p, unsigned char *end) +{ + int len; + + lwsl_header("%s: %p %s:%s\n", __func__, *p, name, value); + + len = (int)strlen((char *)name); + if (len) + if (name[len - 1] == ':') + len--; + + if (wsi->http2_substream && !strncmp((const char *)name, + "transfer-encoding", len)) { + lwsl_header("rejecting %s\n", name); + + return 0; + } + + if (end - *p < len + length + 8) + return 1; + + *((*p)++) = 0; /* literal hdr, literal name, */ + + *((*p)++) = 0 | lws_h2_num_start(7, len); /* non-HUF */ + if (lws_h2_num(7, len, p, end)) + return 1; + memcpy(*p, name, len); + *p += len; + + *((*p)++) = 0 | lws_h2_num_start(7, length); /* non-HUF */ + if (lws_h2_num(7, length, p, end)) + return 1; + + memcpy(*p, value, length); + *p += length; + + //lwsl_hexdump(op, *p -op); + + return 0; +} + +int lws_add_http2_header_by_token(struct lws *wsi, enum lws_token_indexes token, + const unsigned char *value, int length, + unsigned char **p, unsigned char *end) +{ + const unsigned char *name; + + name = lws_token_to_string(token); + if (!name) + return 1; + + return lws_add_http2_header_by_name(wsi, name, value, length, p, end); +} + +int lws_add_http2_header_status(struct lws *wsi, unsigned int code, + unsigned char **p, unsigned char *end) +{ + unsigned char status[10]; + int n; + + wsi->h2.send_END_STREAM = 0; // !!(code >= 400); + + n = sprintf((char *)status, "%u", code); + if (lws_add_http2_header_by_token(wsi, WSI_TOKEN_HTTP_COLON_STATUS, + status, n, p, end)) + + return 1; + + return 0; +} diff --git a/lib/roles/h2/http2.c b/lib/roles/h2/http2.c new file mode 100644 index 0000000..8563204 --- /dev/null +++ b/lib/roles/h2/http2.c @@ -0,0 +1,2200 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + + +#include "private-libwebsockets.h" + +/* + * bitmap of control messages that are valid to receive for each http2 state + */ + +static const uint16_t http2_rx_validity[] = { + /* LWS_H2S_IDLE */ + (1 << LWS_H2_FRAME_TYPE_SETTINGS) | + (1 << LWS_H2_FRAME_TYPE_PRIORITY) | +// (1 << LWS_H2_FRAME_TYPE_WINDOW_UPDATE)| /* ignore */ + (1 << LWS_H2_FRAME_TYPE_HEADERS) | + (1 << LWS_H2_FRAME_TYPE_CONTINUATION), + /* LWS_H2S_RESERVED_LOCAL */ + (1 << LWS_H2_FRAME_TYPE_SETTINGS) | + (1 << LWS_H2_FRAME_TYPE_RST_STREAM) | + (1 << LWS_H2_FRAME_TYPE_PRIORITY) | + (1 << LWS_H2_FRAME_TYPE_WINDOW_UPDATE), + /* LWS_H2S_RESERVED_REMOTE */ + (1 << LWS_H2_FRAME_TYPE_SETTINGS) | + (1 << LWS_H2_FRAME_TYPE_HEADERS) | + (1 << LWS_H2_FRAME_TYPE_CONTINUATION) | + (1 << LWS_H2_FRAME_TYPE_RST_STREAM) | + (1 << LWS_H2_FRAME_TYPE_PRIORITY), + /* LWS_H2S_OPEN */ + (1 << LWS_H2_FRAME_TYPE_DATA) | + (1 << LWS_H2_FRAME_TYPE_HEADERS) | + (1 << LWS_H2_FRAME_TYPE_PRIORITY) | + (1 << LWS_H2_FRAME_TYPE_RST_STREAM) | + (1 << LWS_H2_FRAME_TYPE_SETTINGS) | + (1 << LWS_H2_FRAME_TYPE_PUSH_PROMISE) | + (1 << LWS_H2_FRAME_TYPE_PING) | + (1 << LWS_H2_FRAME_TYPE_GOAWAY) | + (1 << LWS_H2_FRAME_TYPE_WINDOW_UPDATE) | + (1 << LWS_H2_FRAME_TYPE_CONTINUATION), + /* LWS_H2S_HALF_CLOSED_REMOTE */ + (1 << LWS_H2_FRAME_TYPE_SETTINGS) | + (1 << LWS_H2_FRAME_TYPE_WINDOW_UPDATE) | + (1 << LWS_H2_FRAME_TYPE_PRIORITY) | + (1 << LWS_H2_FRAME_TYPE_RST_STREAM), + /* LWS_H2S_HALF_CLOSED_LOCAL */ + (1 << LWS_H2_FRAME_TYPE_DATA) | + (1 << LWS_H2_FRAME_TYPE_HEADERS) | + (1 << LWS_H2_FRAME_TYPE_PRIORITY) | + (1 << LWS_H2_FRAME_TYPE_RST_STREAM) | + (1 << LWS_H2_FRAME_TYPE_SETTINGS) | + (1 << LWS_H2_FRAME_TYPE_PUSH_PROMISE) | + (1 << LWS_H2_FRAME_TYPE_PING) | + (1 << LWS_H2_FRAME_TYPE_GOAWAY) | + (1 << LWS_H2_FRAME_TYPE_WINDOW_UPDATE) | + (1 << LWS_H2_FRAME_TYPE_CONTINUATION), + /* LWS_H2S_CLOSED */ + (1 << LWS_H2_FRAME_TYPE_SETTINGS) | + (1 << LWS_H2_FRAME_TYPE_PRIORITY) | + (1 << LWS_H2_FRAME_TYPE_WINDOW_UPDATE) | + (1 << LWS_H2_FRAME_TYPE_RST_STREAM), +}; + +static const char *preface = "PRI * HTTP/2.0\x0d\x0a\x0d\x0aSM\x0d\x0a\x0d\x0a"; + +static const char * const h2_state_names[] = { + "LWS_H2S_IDLE", + "LWS_H2S_RESERVED_LOCAL", + "LWS_H2S_RESERVED_REMOTE", + "LWS_H2S_OPEN", + "LWS_H2S_HALF_CLOSED_REMOTE", + "LWS_H2S_HALF_CLOSED_LOCAL", + "LWS_H2S_CLOSED", +}; + +#if 0 +static const char * const h2_setting_names[] = { + "", + "H2SET_HEADER_TABLE_SIZE", + "H2SET_ENABLE_PUSH", + "H2SET_MAX_CONCURRENT_STREAMS", + "H2SET_INITIAL_WINDOW_SIZE", + "H2SET_MAX_FRAME_SIZE", + "H2SET_MAX_HEADER_LIST_SIZE", + "reserved", + "H2SET_ENABLE_CONNECT_PROTOCOL" +}; + +void +lws_h2_dump_settings(struct http2_settings *set) +{ + int n; + + for (n = 1; n < H2SET_COUNT; n++) + lwsl_notice(" %30s: %10d\n", h2_setting_names[n], set->s[n]); +} +#else +void +lws_h2_dump_settings(struct http2_settings *set) +{ +} +#endif + +static struct lws_h2_protocol_send * +lws_h2_new_pps(enum lws_h2_protocol_send_type type) +{ + struct lws_h2_protocol_send *pps = lws_malloc(sizeof(*pps), "pps"); + + if (pps) + pps->type = type; + + return pps; +} + +void lws_h2_init(struct lws *wsi) +{ + wsi->h2.h2n->set = wsi->vhost->set; +} + +void +lws_h2_state(struct lws *wsi, enum lws_h2_states s) +{ + if (!wsi) + return; + lwsl_info("%s: wsi %p: state %s -> %s\n", __func__, wsi, + h2_state_names[wsi->h2.h2_state], + h2_state_names[s]); + + (void)h2_state_names; + wsi->h2.h2_state = (uint8_t)s; +} + +struct lws * +lws_wsi_server_new(struct lws_vhost *vh, struct lws *parent_wsi, + unsigned int sid) +{ + struct lws *wsi; + struct lws *nwsi = lws_get_network_wsi(parent_wsi); + struct lws_h2_netconn *h2n = nwsi->h2.h2n; + + /* + * The identifier of a newly established stream MUST be numerically + * greater than all streams that the initiating endpoint has opened or + * reserved. This governs streams that are opened using a HEADERS frame + * and streams that are reserved using PUSH_PROMISE. An endpoint that + * receives an unexpected stream identifier MUST respond with a + * connection error (Section 5.4.1) of type PROTOCOL_ERROR. + */ + if (sid <= h2n->highest_sid_opened) { + lwsl_info("%s: tried to open lower sid %d\n", __func__, sid); + lws_h2_goaway(nwsi, H2_ERR_PROTOCOL_ERROR, "Bad sid"); + return NULL; + } + + /* no more children allowed by parent */ + if (parent_wsi->h2.child_count + 1 > + parent_wsi->h2.h2n->set.s[H2SET_MAX_CONCURRENT_STREAMS]) { + lwsl_notice("reached concurrent stream limit\n"); + return NULL; + } + wsi = lws_create_new_server_wsi(vh); + if (!wsi) { + lwsl_notice("new server wsi failed (vh %p)\n", vh); + return NULL; + } + + h2n->highest_sid_opened = sid; + wsi->h2.my_sid = sid; + wsi->http2_substream = 1; + wsi->seen_nonpseudoheader = 0; + + wsi->h2.parent_wsi = parent_wsi; + wsi->role_ops = parent_wsi->role_ops; + /* new guy's sibling is whoever was the first child before */ + wsi->h2.sibling_list = parent_wsi->h2.child_list; + /* first child is now the new guy */ + parent_wsi->h2.child_list = wsi; + parent_wsi->h2.child_count++; + + wsi->h2.my_priority = 16; + wsi->h2.tx_cr = nwsi->h2.h2n->set.s[H2SET_INITIAL_WINDOW_SIZE]; + wsi->h2.peer_tx_cr_est = nwsi->vhost->set.s[H2SET_INITIAL_WINDOW_SIZE]; + + lwsi_set_state(wsi, LRS_ESTABLISHED); + lwsi_set_role(wsi, lwsi_role(parent_wsi)); + + wsi->protocol = &vh->protocols[0]; + if (lws_ensure_user_space(wsi)) + goto bail1; + + wsi->vhost->conn_stats.h2_subs++; + + lwsl_info("%s: %p new ch %p, sid %d, usersp=%p, tx cr %d, " + "peer_credit %d (nwsi tx_cr %d)\n", + __func__, parent_wsi, wsi, sid, wsi->user_space, + wsi->h2.tx_cr, wsi->h2.peer_tx_cr_est, nwsi->h2.tx_cr); + + return wsi; + +bail1: + /* undo the insert */ + parent_wsi->h2.child_list = wsi->h2.sibling_list; + parent_wsi->h2.child_count--; + + if (wsi->user_space) + lws_free_set_NULL(wsi->user_space); + vh->protocols[0].callback(wsi, LWS_CALLBACK_WSI_DESTROY, NULL, NULL, 0); + lws_free(wsi); + + return NULL; +} + +struct lws * +lws_wsi_h2_adopt(struct lws *parent_wsi, struct lws *wsi) +{ + struct lws *nwsi = lws_get_network_wsi(parent_wsi); + + /* no more children allowed by parent */ + if (parent_wsi->h2.child_count + 1 > + parent_wsi->h2.h2n->set.s[H2SET_MAX_CONCURRENT_STREAMS]) { + lwsl_notice("reached concurrent stream limit\n"); + return NULL; + } + + /* sid is set just before issuing the headers, ensuring monoticity */ + + wsi->seen_nonpseudoheader = 0; + wsi->client_h2_substream = 1; + wsi->h2.initialized = 1; + + wsi->h2.parent_wsi = parent_wsi; + /* new guy's sibling is whoever was the first child before */ + wsi->h2.sibling_list = parent_wsi->h2.child_list; + /* first child is now the new guy */ + parent_wsi->h2.child_list = wsi; + parent_wsi->h2.child_count++; + + wsi->h2.my_priority = 16; + wsi->h2.tx_cr = nwsi->h2.h2n->set.s[H2SET_INITIAL_WINDOW_SIZE]; + wsi->h2.peer_tx_cr_est = nwsi->vhost->set.s[H2SET_INITIAL_WINDOW_SIZE]; + + if (lws_ensure_user_space(wsi)) + goto bail1; + + lws_role_transition(wsi, LWSIFR_CLIENT, LRS_H2_WAITING_TO_SEND_HEADERS, + &role_ops_h2); + + lws_callback_on_writable(wsi); + + wsi->vhost->conn_stats.h2_subs++; + + return wsi; + +bail1: + /* undo the insert */ + parent_wsi->h2.child_list = wsi->h2.sibling_list; + parent_wsi->h2.child_count--; + + if (wsi->user_space) + lws_free_set_NULL(wsi->user_space); + wsi->protocol->callback(wsi, LWS_CALLBACK_WSI_DESTROY, NULL, NULL, 0); + lws_free(wsi); + + return NULL; +} + + +int lws_h2_issue_preface(struct lws *wsi) +{ + struct lws_h2_netconn *h2n = wsi->h2.h2n; + struct lws_h2_protocol_send *pps; + + if (lws_issue_raw(wsi, (uint8_t *)preface, strlen(preface)) != + (int)strlen(preface)) + return 1; + + lws_role_transition(wsi, LWSIFR_CLIENT, LRS_H2_WAITING_TO_SEND_HEADERS, + &role_ops_h2); + + h2n->count = 0; + wsi->h2.tx_cr = 65535; + + /* + * we must send a settings frame + */ + pps = lws_h2_new_pps(LWS_H2_PPS_MY_SETTINGS); + if (!pps) + return 1; + lws_pps_schedule(wsi, pps); + lwsl_info("%s: h2 client sending settings\n", __func__); + + return 0; +} + +struct lws * +lws_h2_wsi_from_id(struct lws *parent_wsi, unsigned int sid) +{ + lws_start_foreach_ll(struct lws *, wsi, parent_wsi->h2.child_list) { + if (wsi->h2.my_sid == sid) + return wsi; + } lws_end_foreach_ll(wsi, h2.sibling_list); + + return NULL; +} + +int lws_remove_server_child_wsi(struct lws_context *context, struct lws *wsi) +{ + lws_start_foreach_llp(struct lws **, w, wsi->h2.child_list) { + if (*w == wsi) { + *w = wsi->h2.sibling_list; + (wsi->h2.parent_wsi)->h2.child_count--; + return 0; + } + } lws_end_foreach_llp(w, h2.sibling_list); + + lwsl_err("%s: can't find %p\n", __func__, wsi); + + return 1; +} + +void +lws_pps_schedule(struct lws *wsi, struct lws_h2_protocol_send *pps) +{ + struct lws *nwsi = lws_get_network_wsi(wsi); + struct lws_h2_netconn *h2n = nwsi->h2.h2n; + + pps->next = h2n->pps; + h2n->pps = pps; + lws_rx_flow_control(wsi, LWS_RXFLOW_REASON_APPLIES_DISABLE | + LWS_RXFLOW_REASON_H2_PPS_PENDING); + lws_callback_on_writable(wsi); +} + +int +lws_h2_goaway(struct lws *wsi, uint32_t err, const char *reason) +{ + struct lws_h2_netconn *h2n = wsi->h2.h2n; + struct lws_h2_protocol_send *pps; + + if (h2n->type == LWS_H2_FRAME_TYPE_COUNT) + return 0; + + pps = lws_h2_new_pps(LWS_H2_PPS_GOAWAY); + if (!pps) + return 1; + + lwsl_info("%s: %p: ERR 0x%x, '%s'\n", __func__, wsi, err, reason); + + pps->u.ga.err = err; + pps->u.ga.highest_sid = h2n->highest_sid; + lws_strncpy(pps->u.ga.str, reason, sizeof(pps->u.ga.str)); + lws_pps_schedule(wsi, pps); + + h2n->type = LWS_H2_FRAME_TYPE_COUNT; /* ie, IGNORE */ + + return 0; +} + +int +lws_h2_rst_stream(struct lws *wsi, uint32_t err, const char *reason) +{ + struct lws *nwsi = lws_get_network_wsi(wsi); + struct lws_h2_netconn *h2n = nwsi->h2.h2n; + struct lws_h2_protocol_send *pps; + + if (h2n->type == LWS_H2_FRAME_TYPE_COUNT) + return 0; + + pps = lws_h2_new_pps(LWS_H2_PPS_RST_STREAM); + if (!pps) + return 1; + + lwsl_info("%s: RST_STREAM 0x%x, REASON '%s'\n", __func__, err, reason); + + pps->u.rs.sid = h2n->sid; + pps->u.rs.err = err; + lws_pps_schedule(wsi, pps); + + h2n->type = LWS_H2_FRAME_TYPE_COUNT; /* ie, IGNORE */ + lws_h2_state(wsi, LWS_H2_STATE_CLOSED); + + return 0; +} + +int +lws_h2_settings(struct lws *wsi, struct http2_settings *settings, + unsigned char *buf, int len) +{ + struct lws *nwsi = lws_get_network_wsi(wsi); + unsigned int a, b; + + if (!len) + return 0; + + if (len < LWS_H2_SETTINGS_LEN) + return 1; + + while (len >= LWS_H2_SETTINGS_LEN) { + a = (buf[0] << 8) | buf[1]; + if (!a || a >= H2SET_COUNT) + goto skip; + b = buf[2] << 24 | buf[3] << 16 | buf[4] << 8 | buf[5]; + + switch (a) { + case H2SET_HEADER_TABLE_SIZE: + break; + case H2SET_ENABLE_PUSH: + if (b > 1) { + lws_h2_goaway(nwsi, H2_ERR_PROTOCOL_ERROR, + "ENABLE_PUSH invalid arg"); + return 1; + } + break; + case H2SET_MAX_CONCURRENT_STREAMS: + break; + case H2SET_INITIAL_WINDOW_SIZE: + if (b > 0x7fffffff) { + lws_h2_goaway(nwsi, H2_ERR_FLOW_CONTROL_ERROR, + "Inital Window beyond max"); + return 1; + } + /* + * In addition to changing the flow-control window for + * streams that are not yet active, a SETTINGS frame + * can alter the initial flow-control window size for + * streams with active flow-control windows (that is, + * streams in the "open" or "half-closed (remote)" + * state). When the value of + * SETTINGS_INITIAL_WINDOW_SIZE changes, a receiver + * MUST adjust the size of all stream flow-control + * windows that it maintains by the difference between + * the new value and the old value. + */ + + lws_start_foreach_ll(struct lws *, w, + nwsi->h2.child_list) { + lwsl_info("%s: adi child tc cr %d +%d -> %d", + __func__, + w->h2.tx_cr, b - settings->s[a], + w->h2.tx_cr + b - settings->s[a]); + w->h2.tx_cr += b - settings->s[a]; + if (w->h2.tx_cr > 0 && + w->h2.tx_cr <= (int32_t)(b - settings->s[a])) + lws_callback_on_writable(w); + } lws_end_foreach_ll(w, h2.sibling_list); + + break; + case H2SET_MAX_FRAME_SIZE: + if (b < wsi->vhost->set.s[H2SET_MAX_FRAME_SIZE]) { + lws_h2_goaway(nwsi, H2_ERR_PROTOCOL_ERROR, + "Frame size < initial"); + return 1; + } + if (b > 0x007fffff) { + lws_h2_goaway(nwsi, H2_ERR_PROTOCOL_ERROR, + "Settings Frame size above max"); + return 1; + } + break; + case H2SET_MAX_HEADER_LIST_SIZE: + break; + } + settings->s[a] = b; + lwsl_info("http2 settings %d <- 0x%x\n", a, b); +skip: + len -= LWS_H2_SETTINGS_LEN; + buf += LWS_H2_SETTINGS_LEN; + } + + if (len) + return 1; + + lws_h2_dump_settings(settings); + + return 0; +} + +/* RFC7640 Sect 6.9 + * + * The WINDOW_UPDATE frame can be specific to a stream or to the entire + * connection. In the former case, the frame's stream identifier + * indicates the affected stream; in the latter, the value "0" indicates + * that the entire connection is the subject of the frame. + * + * ... + * + * Two flow-control windows are applicable: the stream flow-control + * window and the connection flow-control window. The sender MUST NOT + * send a flow-controlled frame with a length that exceeds the space + * available in either of the flow-control windows advertised by the + * receiver. Frames with zero length with the END_STREAM flag set (that + * is, an empty DATA frame) MAY be sent if there is no available space + * in either flow-control window. + */ + +int +lws_h2_tx_cr_get(struct lws *wsi) +{ + int c = wsi->h2.tx_cr; + struct lws *nwsi; + + if (!wsi->http2_substream && !wsi->upgraded_to_http2) + return ~0x80000000; + + nwsi = lws_get_network_wsi(wsi); + + lwsl_info ("%s: %p: own tx credit %d: nwsi credit %d\n", + __func__, wsi, c, nwsi->h2.tx_cr); + + if (nwsi->h2.tx_cr < c) + c = nwsi->h2.tx_cr; + + if (c < 0) + return 0; + + return c; +} + +void +lws_h2_tx_cr_consume(struct lws *wsi, int consumed) +{ + struct lws *nwsi = lws_get_network_wsi(wsi); + + wsi->h2.tx_cr -= consumed; + + if (nwsi != wsi) + nwsi->h2.tx_cr -= consumed; +} + +int lws_h2_frame_write(struct lws *wsi, int type, int flags, + unsigned int sid, unsigned int len, unsigned char *buf) +{ + struct lws *nwsi = lws_get_network_wsi(wsi); + unsigned char *p = &buf[-LWS_H2_FRAME_HEADER_LENGTH]; + int n; + + //if (wsi->h2_stream_carries_ws) + // lwsl_hexdump_level(LLL_NOTICE, buf, len); + + *p++ = len >> 16; + *p++ = len >> 8; + *p++ = len; + *p++ = type; + *p++ = flags; + *p++ = sid >> 24; + *p++ = sid >> 16; + *p++ = sid >> 8; + *p++ = sid; + + lwsl_debug("%s: %p (eff %p). typ %d, fl 0x%x, sid=%d, len=%d, " + "txcr=%d, nwsi->txcr=%d\n", __func__, wsi, nwsi, type, flags, + sid, len, wsi->h2.tx_cr, nwsi->h2.tx_cr); + + if (type == LWS_H2_FRAME_TYPE_DATA) { + if (wsi->h2.tx_cr < (int)len) + lwsl_err("%s: %p: sending payload len %d" + " but tx_cr only %d!\n", __func__, wsi, + len, wsi->h2.tx_cr); + lws_h2_tx_cr_consume(wsi, len); + } + + n = lws_issue_raw(nwsi, &buf[-LWS_H2_FRAME_HEADER_LENGTH], + len + LWS_H2_FRAME_HEADER_LENGTH); + if (n < 0) + return n; + + if (n >= LWS_H2_FRAME_HEADER_LENGTH) + return n - LWS_H2_FRAME_HEADER_LENGTH; + + return n; +} + +static void lws_h2_set_bin(struct lws *wsi, int n, unsigned char *buf) +{ + *buf++ = n >> 8; + *buf++ = n; + *buf++ = wsi->h2.h2n->set.s[n] >> 24; + *buf++ = wsi->h2.h2n->set.s[n] >> 16; + *buf++ = wsi->h2.h2n->set.s[n] >> 8; + *buf = wsi->h2.h2n->set.s[n]; +} + +int lws_h2_do_pps_send(struct lws *wsi) +{ + struct lws_h2_netconn *h2n = wsi->h2.h2n; + struct lws_h2_protocol_send *pps = NULL; + struct lws *cwsi; + uint8_t set[LWS_PRE + 64], *p = &set[LWS_PRE], *q; + int n, m = 0, flags = 0; + + if (!h2n) + return 1; + + /* get the oldest pps */ + + lws_start_foreach_llp(struct lws_h2_protocol_send **, pps1, h2n->pps) { + if ((*pps1)->next == NULL) { /* we are the oldest in the list */ + pps = *pps1; /* remove us from the list */ + *pps1 = NULL; + continue; + } + } lws_end_foreach_llp(pps1, next); + + if (!pps) + return 1; + + lwsl_info("%s: %p: %d\n", __func__, wsi, pps->type); + + switch (pps->type) { + + case LWS_H2_PPS_MY_SETTINGS: + + /* + * if any of our settings varies from h2 "default defaults" + * then we must inform the peer + */ + for (n = 1; n < H2SET_COUNT; n++) + if (h2n->set.s[n] != lws_h2_defaults.s[n]) { + lwsl_debug("sending SETTING %d 0x%x\n", n, + wsi->h2.h2n->set.s[n]); + lws_h2_set_bin(wsi, n, &set[LWS_PRE + m]); + m += sizeof(h2n->one_setting); + } + n = lws_h2_frame_write(wsi, LWS_H2_FRAME_TYPE_SETTINGS, + flags, LWS_H2_STREAM_ID_MASTER, m, + &set[LWS_PRE]); + if (n != m) { + lwsl_info("send %d %d\n", n, m); + goto bail; + } + break; + + case LWS_H2_PPS_ACK_SETTINGS: + /* send ack ... always empty */ + n = lws_h2_frame_write(wsi, LWS_H2_FRAME_TYPE_SETTINGS, 1, + LWS_H2_STREAM_ID_MASTER, 0, &set[LWS_PRE]); + if (n) { + lwsl_err("ack tells %d\n", n); + goto bail; + } + /* this is the end of the preface dance then? */ + if (lwsi_state(wsi) == LRS_H2_AWAIT_SETTINGS) { + lwsi_set_state(wsi, LRS_ESTABLISHED); + wsi->http.fop_fd = NULL; + if (lws_is_ssl(lws_get_network_wsi(wsi))) + break; + /* + * we need to treat the headers from the upgrade as the + * first job. So these need to get shifted to sid 1. + */ + h2n->swsi = lws_wsi_server_new(wsi->vhost, wsi, 1); + if (!h2n->swsi) + goto bail; + + /* pass on the initial headers to SID 1 */ + h2n->swsi->ah = wsi->ah; + wsi->ah = NULL; + + lwsl_info("%s: inherited headers %p\n", __func__, + h2n->swsi->ah); + h2n->swsi->h2.tx_cr = + h2n->set.s[H2SET_INITIAL_WINDOW_SIZE]; + lwsl_info("initial tx credit on conn %p: %d\n", + h2n->swsi, h2n->swsi->h2.tx_cr); + h2n->swsi->h2.initialized = 1; + /* demanded by HTTP2 */ + h2n->swsi->h2.END_STREAM = 1; + lwsl_info("servicing initial http request\n"); + + wsi->vhost->conn_stats.h2_trans++; + + if (lws_http_action(h2n->swsi)) + goto bail; + + break; + } + break; + case LWS_H2_PPS_PONG: + lwsl_debug("sending PONG\n"); + memcpy(&set[LWS_PRE], pps->u.ping.ping_payload, 8); + n = lws_h2_frame_write(wsi, LWS_H2_FRAME_TYPE_PING, + LWS_H2_FLAG_SETTINGS_ACK, + LWS_H2_STREAM_ID_MASTER, 8, + &set[LWS_PRE]); + if (n != 8) { + lwsl_info("send %d %d\n", n, m); + goto bail; + } + break; + + case LWS_H2_PPS_GOAWAY: + lwsl_info("LWS_H2_PPS_GOAWAY\n"); + *p++ = pps->u.ga.highest_sid >> 24; + *p++ = pps->u.ga.highest_sid >> 16; + *p++ = pps->u.ga.highest_sid >> 8; + *p++ = pps->u.ga.highest_sid; + *p++ = pps->u.ga.err >> 24; + *p++ = pps->u.ga.err >> 16; + *p++ = pps->u.ga.err >> 8; + *p++ = pps->u.ga.err; + q = (unsigned char *)pps->u.ga.str; + n = 0; + while (*q && n++ < (int)sizeof(pps->u.ga.str)) + *p++ = *q++; + h2n->we_told_goaway = 1; + n = lws_h2_frame_write(wsi, LWS_H2_FRAME_TYPE_GOAWAY, 0, + LWS_H2_STREAM_ID_MASTER, + lws_ptr_diff(p, &set[LWS_PRE]), + &set[LWS_PRE]); + if (n != 4) { + lwsl_info("send %d %d\n", n, m); + goto bail; + } + goto bail; + + case LWS_H2_PPS_RST_STREAM: + lwsl_info("LWS_H2_PPS_RST_STREAM\n"); + *p++ = pps->u.rs.err >> 24; + *p++ = pps->u.rs.err >> 16; + *p++ = pps->u.rs.err >> 8; + *p++ = pps->u.rs.err; + n = lws_h2_frame_write(wsi, LWS_H2_FRAME_TYPE_RST_STREAM, + 0, pps->u.rs.sid, 4, &set[LWS_PRE]); + if (n != 4) { + lwsl_info("send %d %d\n", n, m); + goto bail; + } + cwsi = lws_h2_wsi_from_id(wsi, pps->u.rs.sid); + if (cwsi) + lws_close_free_wsi(cwsi, 0, "reset stream"); + break; + + case LWS_H2_PPS_UPDATE_WINDOW: + lwsl_debug("Issuing LWS_H2_PPS_UPDATE_WINDOW: sid %d: add %d\n", + pps->u.update_window.sid, + pps->u.update_window.credit); + *p++ = pps->u.update_window.credit >> 24; + *p++ = pps->u.update_window.credit >> 16; + *p++ = pps->u.update_window.credit >> 8; + *p++ = pps->u.update_window.credit; + n = lws_h2_frame_write(wsi, LWS_H2_FRAME_TYPE_WINDOW_UPDATE, + 0, pps->u.update_window.sid, 4, + &set[LWS_PRE]); + if (n != 4) { + lwsl_info("send %d %d\n", n, m); + goto bail; + } + break; + + default: + break; + } + + lws_free(pps); + + return 0; + +bail: + lws_free(pps); + + return 1; +} + +/* + * The frame header part has just completely arrived. + * Perform actions for header completion. + */ +static int +lws_h2_parse_frame_header(struct lws *wsi) +{ + struct lws_h2_netconn *h2n = wsi->h2.h2n; + struct lws_h2_protocol_send *pps; + int n; + + /* + * We just got the frame header + */ + h2n->count = 0; + h2n->swsi = wsi; + /* b31 is a reserved bit */ + h2n->sid = h2n->sid & 0x7fffffff; + + if (h2n->sid && !(h2n->sid & 1)) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, "Even Stream ID"); + + return 0; + } + + /* let the network wsi live a bit longer if subs are active */ + if (!wsi->ws_over_h2_count) + lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE, 31); + + if (h2n->sid) + h2n->swsi = lws_h2_wsi_from_id(wsi, h2n->sid); + + lwsl_debug("%p (%p): fr hdr: typ 0x%x, flags 0x%x, sid 0x%x, len 0x%x\n", + wsi, h2n->swsi, h2n->type, h2n->flags, h2n->sid, + h2n->length); + + if (h2n->we_told_goaway && h2n->sid > h2n->highest_sid) + h2n->type = LWS_H2_FRAME_TYPE_COUNT; /* ie, IGNORE */ + + if (h2n->type == LWS_H2_FRAME_TYPE_COUNT) + return 0; + + if (h2n->length > h2n->set.s[H2SET_MAX_FRAME_SIZE]) { + /* + * peer sent us something bigger than we told + * it we would allow + */ + lwsl_notice("received oversize frame %d\n", h2n->length); + lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, + "Peer ignored our frame size setting"); + return 1; + } + + if (h2n->swsi) + lwsl_info("%s: wsi %p, State: %s, received cmd %d\n", + __func__, h2n->swsi, + h2_state_names[h2n->swsi->h2.h2_state], h2n->type); + else { + /* if it's data, either way no swsi means CLOSED state */ + if (h2n->type == LWS_H2_FRAME_TYPE_DATA) { + if (h2n->sid <= h2n->highest_sid_opened) { + lwsl_notice("ignoring straggling data\n"); + h2n->type = LWS_H2_FRAME_TYPE_COUNT; /* ie, IGNORE */ + } else { + lws_h2_goaway(wsi, H2_ERR_STREAM_CLOSED, + "Data for nonexistent sid"); + return 0; + } + } + /* if the sid is credible, treat as wsi for it closed */ + if (h2n->sid > h2n->highest_sid_opened && + h2n->type != LWS_H2_FRAME_TYPE_HEADERS && + h2n->type != LWS_H2_FRAME_TYPE_PRIORITY) { + /* if not credible, reject it */ + lwsl_info("%s: wsi %p, No child for sid %d, rx cmd %d\n", + __func__, h2n->swsi, h2n->sid, h2n->type); + lws_h2_goaway(wsi, H2_ERR_STREAM_CLOSED, + "Data for nonexistent sid"); + return 0; + } + } + + if (h2n->swsi && h2n->sid && + !(http2_rx_validity[h2n->swsi->h2.h2_state] & (1 << h2n->type))) { + lwsl_info("%s: wsi %p, State: %s, ILLEGAL cmdrx %d (OK 0x%x)\n", + __func__, h2n->swsi, + h2_state_names[h2n->swsi->h2.h2_state], h2n->type, + http2_rx_validity[h2n->swsi->h2.h2_state]); + + if (h2n->swsi->h2.h2_state == LWS_H2_STATE_CLOSED || + h2n->swsi->h2.h2_state == LWS_H2_STATE_HALF_CLOSED_REMOTE) + n = H2_ERR_STREAM_CLOSED; + else + n = H2_ERR_PROTOCOL_ERROR; + lws_h2_goaway(wsi, n, "invalid rx for state"); + + return 0; + } + + if (h2n->cont_exp && (h2n->cont_exp_sid != h2n->sid || + h2n->type != LWS_H2_FRAME_TYPE_CONTINUATION)) { + lwsl_info("%s: expected cont on sid %d (got %d on sid %d)\n", + __func__, h2n->cont_exp_sid, h2n->type, h2n->sid); + h2n->cont_exp = 0; + if (h2n->cont_exp_headers) + n = H2_ERR_COMPRESSION_ERROR; + else + n = H2_ERR_PROTOCOL_ERROR; + lws_h2_goaway(wsi, n, "Continuation hdrs State"); + + return 0; + } + + switch (h2n->type) { + case LWS_H2_FRAME_TYPE_DATA: + lwsl_info("seen incoming LWS_H2_FRAME_TYPE_DATA start\n"); + if (!h2n->sid) { + lwsl_notice("DATA: 0 sid\n"); + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, "DATA 0 sid"); + break; + } + lwsl_info("Frame header DATA: sid %d\n", h2n->sid); + + if (!h2n->swsi) { + lwsl_notice("DATA: NULL swsi\n"); + break; + } + + if ( + h2n->swsi->h2.h2_state == LWS_H2_STATE_HALF_CLOSED_REMOTE || + h2n->swsi->h2.h2_state == LWS_H2_STATE_CLOSED) { + lws_h2_goaway(wsi, H2_ERR_STREAM_CLOSED, "conn closed"); + break; + } + break; + case LWS_H2_FRAME_TYPE_PRIORITY: + lwsl_info("LWS_H2_FRAME_TYPE_PRIORITY complete frame\n"); + if (!h2n->sid) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "Priority has 0 sid"); + break; + } + if (h2n->length != 5) { + lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, + "Priority has length other than 5"); + break; + } + break; + case LWS_H2_FRAME_TYPE_PUSH_PROMISE: + lwsl_info("LWS_H2_FRAME_TYPE_PUSH_PROMISE complete frame\n"); + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, "Server only"); + break; + + case LWS_H2_FRAME_TYPE_GOAWAY: + lwsl_debug("LWS_H2_FRAME_TYPE_GOAWAY received\n"); + break; + + case LWS_H2_FRAME_TYPE_RST_STREAM: + if (!h2n->sid) + return 1; + if (!h2n->swsi) { + if (h2n->sid <= h2n->highest_sid_opened) + break; + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "crazy sid on RST_STREAM"); + return 1; + } + if (h2n->length != 4) { + lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, + "RST_STREAM can only be length 4"); + break; + } + lws_h2_state(h2n->swsi, LWS_H2_STATE_CLOSED); + break; + + case LWS_H2_FRAME_TYPE_SETTINGS: + lwsl_info("LWS_H2_FRAME_TYPE_SETTINGS complete frame\n"); + /* nonzero sid on settings is illegal */ + if (h2n->sid) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "Settings has nonzero sid"); + break; + } + + if (!(h2n->flags & LWS_H2_FLAG_SETTINGS_ACK)) { + if ((!h2n->length) || h2n->length % 6) { + lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, + "Settings length error"); + break; + } + + if (h2n->type == LWS_H2_FRAME_TYPE_COUNT) + return 0; + break; + } + /* came to us with ACK set... not allowed to have payload */ + + if (h2n->length) { + lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, + "Settings with ACK not allowed payload"); + break; + } + break; + case LWS_H2_FRAME_TYPE_PING: + if (h2n->sid) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "Ping has nonzero sid"); + break; + } + if (h2n->length != 8) { + lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, + "Ping payload can only be 8"); + break; + } + break; + case LWS_H2_FRAME_TYPE_CONTINUATION: + lwsl_info("LWS_H2_FRAME_TYPE_CONTINUATION: sid = %d\n", + h2n->sid); + + if (!h2n->cont_exp || + h2n->cont_exp_sid != h2n->sid || + !h2n->sid || + !h2n->swsi) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "unexpected CONTINUATION"); + break; + } + if (h2n->swsi->h2.END_HEADERS) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "END_HEADERS already seen"); + break; + } + /* END_STREAM is in HEADERS, skip resetting it */ + goto update_end_headers; + + case LWS_H2_FRAME_TYPE_HEADERS: + lwsl_info("HEADERS: frame header: sid = %d\n", h2n->sid); + if (!h2n->sid) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, "sid 0"); + return 1; + } + +#if !defined(LWS_NO_CLIENT) + if (wsi->client_h2_alpn) { + if (h2n->sid) { + h2n->swsi = lws_h2_wsi_from_id(wsi, h2n->sid); + lwsl_info("HEADERS: nwsi %p: sid %d mapped to wsi %p\n", wsi, h2n->sid, h2n->swsi); + if (!h2n->swsi) + break; + } + goto update_end_headers; + } +#endif + + if (!h2n->swsi) { + /* no more children allowed by parent */ + if (wsi->h2.child_count + 1 > + wsi->h2.h2n->set.s[H2SET_MAX_CONCURRENT_STREAMS]) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "Another stream not allowed"); + + return 1; + } + + h2n->swsi = lws_wsi_server_new(wsi->vhost, wsi, + h2n->sid); + if (!h2n->swsi) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, "OOM"); + + return 1; + } + + pps = lws_h2_new_pps(LWS_H2_PPS_UPDATE_WINDOW); + if (!pps) + return 1; + pps->u.update_window.sid = h2n->sid; + pps->u.update_window.credit = 4 * 65536; + h2n->swsi->h2.peer_tx_cr_est += pps->u.update_window.credit; + lws_pps_schedule(wsi, pps); + + pps = lws_h2_new_pps(LWS_H2_PPS_UPDATE_WINDOW); + if (!pps) + return 1; + pps->u.update_window.sid = 0; + pps->u.update_window.credit = 4 * 65536; + wsi->h2.peer_tx_cr_est += pps->u.update_window.credit; + lws_pps_schedule(wsi, pps); + } + + /* + * ah needs attaching to child wsi, even though + * we only fill it from network wsi + */ + if (!h2n->swsi->ah) + if (lws_header_table_attach(h2n->swsi, 0)) { + lwsl_err("%s: Failed to get ah\n", __func__); + return 1; + } + + /* + * The first use of a new stream identifier implicitly closes + * all streams in the "idle" state that might have been + * initiated by that peer with a lower-valued stream identifier. + * + * For example, if a client sends a HEADERS frame on stream 7 + * without ever sending a frame on stream 5, then stream 5 + * transitions to the "closed" state when the first frame for + * stream 7 is sent or received. + */ + lws_start_foreach_ll(struct lws *, w, wsi->h2.child_list) { + if (w->h2.my_sid < h2n->sid && + w->h2.h2_state == LWS_H2_STATE_IDLE) + lws_close_free_wsi(w, 0, "h2 sid close"); + assert(w->h2.sibling_list != w); + } lws_end_foreach_ll(w, h2.sibling_list); + + + /* END_STREAM means after servicing this, close the stream */ + h2n->swsi->h2.END_STREAM = + !!(h2n->flags & LWS_H2_FLAG_END_STREAM); + lwsl_info("%s: hdr END_STREAM = %d\n",__func__, + h2n->swsi->h2.END_STREAM); + + h2n->cont_exp = !(h2n->flags & LWS_H2_FLAG_END_HEADERS); + h2n->cont_exp_sid = h2n->sid; + h2n->cont_exp_headers = 1; + lws_header_table_reset(h2n->swsi, 0); + +update_end_headers: + /* no END_HEADERS means CONTINUATION must come */ + h2n->swsi->h2.END_HEADERS = + !!(h2n->flags & LWS_H2_FLAG_END_HEADERS); + lwsl_info("%p: END_HEADERS %d\n", h2n->swsi, h2n->swsi->h2.END_HEADERS); + if (h2n->swsi->h2.END_HEADERS) + h2n->cont_exp = 0; + lwsl_debug("END_HEADERS %d\n", h2n->swsi->h2.END_HEADERS); + break; + + case LWS_H2_FRAME_TYPE_WINDOW_UPDATE: + if (h2n->length != 4) { + lws_h2_goaway(wsi, H2_ERR_FRAME_SIZE_ERROR, + "window update frame not 4"); + break; + } + lwsl_info("LWS_H2_FRAME_TYPE_WINDOW_UPDATE\n"); + break; + case LWS_H2_FRAME_TYPE_COUNT: + break; + default: + lwsl_info("%s: ILLEGAL FRAME TYPE %d\n", __func__, h2n->type); + h2n->type = LWS_H2_FRAME_TYPE_COUNT; /* ie, IGNORE */ + break; + } + if (h2n->length == 0) + h2n->frame_state = 0; + + return 0; +} + +/* + * The last byte of the whole frame has been handled. + * Perform actions for frame completion. + * + * This is the crunch time for parsing that may have occured on a network + * wsi with a pending partial send... we may call lws_http_action() to send + * a response, conflicting with the partial. + * + * So in that case we change the wsi state and do the lws_http_action() in the + * WRITABLE handler as a priority. + */ +static int +lws_h2_parse_end_of_frame(struct lws *wsi) +{ + struct lws_h2_netconn *h2n = wsi->h2.h2n; + struct lws_h2_protocol_send *pps; + struct lws *eff_wsi = wsi; + const char *p; + int n; + + h2n->frame_state = 0; + h2n->count = 0; + + if (h2n->sid) + h2n->swsi = lws_h2_wsi_from_id(wsi, h2n->sid); + + if (h2n->sid > h2n->highest_sid) + h2n->highest_sid = h2n->sid; + + /* set our initial window size */ + if (!wsi->h2.initialized) { + wsi->h2.tx_cr = h2n->set.s[H2SET_INITIAL_WINDOW_SIZE]; + lwsl_info("initial tx credit on master %p: %d\n", wsi, + wsi->h2.tx_cr); + wsi->h2.initialized = 1; + } + + if (h2n->collected_priority && (h2n->dep & ~(1 << 31)) == h2n->sid) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, "depends on own sid"); + return 0; + } + + switch (h2n->type) { + + case LWS_H2_FRAME_TYPE_SETTINGS: + +#if !defined(LWS_NO_CLIENT) + if (wsi->client_h2_alpn && + !(h2n->flags & LWS_H2_FLAG_SETTINGS_ACK)) { + + /* migrate original client ask on to substream 1 */ + + wsi->http.fop_fd = NULL; + + /* + * we need to treat the headers from the upgrade as the + * first job. So these need to get shifted to sid 1. + */ + h2n->swsi = lws_wsi_server_new(wsi->vhost, wsi, 1); + if (!h2n->swsi) + return 1; + h2n->sid = 1; + + assert(lws_h2_wsi_from_id(wsi, 1) == h2n->swsi); + + lws_role_transition(wsi, LWSIFR_CLIENT, + LRS_H2_WAITING_TO_SEND_HEADERS, + &role_ops_h2); + + lws_role_transition(h2n->swsi, LWSIFR_CLIENT, + LRS_H2_WAITING_TO_SEND_HEADERS, + &role_ops_h2); + + /* pass on the initial headers to SID 1 */ + h2n->swsi->ah = wsi->ah; + h2n->swsi->client_h2_substream = 1; + + h2n->swsi->protocol = wsi->protocol; + h2n->swsi->user_space = wsi->user_space; + h2n->swsi->user_space_externally_allocated = + wsi->user_space_externally_allocated; + + wsi->user_space = NULL; + + if (h2n->swsi->ah) + h2n->swsi->ah->wsi = h2n->swsi; + wsi->ah = NULL; + + lwsl_info("%s: MIGRATING nwsi %p: swsi %p\n", __func__, + wsi, h2n->swsi); + h2n->swsi->h2.tx_cr = + h2n->set.s[H2SET_INITIAL_WINDOW_SIZE]; + lwsl_info("initial tx credit on conn %p: %d\n", + h2n->swsi, h2n->swsi->h2.tx_cr); + h2n->swsi->h2.initialized = 1; + + lws_callback_on_writable(h2n->swsi); + + pps = lws_h2_new_pps(LWS_H2_PPS_ACK_SETTINGS); + if (!pps) + return 1; + lws_pps_schedule(wsi, pps); + lwsl_info("%s: scheduled settings ack PPS\n", __func__); + + /* also attach any queued guys */ + + /* we have a transaction queue that wants to pipeline */ + lws_vhost_lock(wsi->vhost); + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + wsi->dll_client_transaction_queue_head.next) { + struct lws *w = lws_container_of(d, struct lws, + dll_client_transaction_queue); + + if (lwsi_state(w) == LRS_H1C_ISSUE_HANDSHAKE2) { + lwsl_info("%s: client pipeq %p to be h2\n", + __func__, w); + /* remove ourselves from the client queue */ + lws_dll_lws_remove(&w->dll_client_transaction_queue); + + /* attach ourselves as an h2 stream */ + lws_wsi_h2_adopt(wsi, w); + } + } lws_end_foreach_dll_safe(d, d1); + lws_vhost_unlock(wsi->vhost); + } +#endif + break; + + case LWS_H2_FRAME_TYPE_CONTINUATION: + case LWS_H2_FRAME_TYPE_HEADERS: + + if (!h2n->swsi) + break; + + /* service the http request itself */ + + if (h2n->last_action_dyntable_resize) { + lws_h2_goaway(wsi, H2_ERR_COMPRESSION_ERROR, + "dyntable resize last in headers"); + break; + } + + if (!h2n->swsi->h2.END_HEADERS) { + /* we are not finished yet */ + lwsl_info("witholding http action for continuation\n"); + break; + } + + /* confirm the hpack stream state is reasonable for finishing */ + + if (h2n->hpack != HPKS_TYPE) { + /* hpack incomplete */ + lwsl_info("hpack incomplete %d (type %d, len %d)\n", + h2n->hpack, h2n->type, h2n->hpack_len); + lws_h2_goaway(wsi, H2_ERR_COMPRESSION_ERROR, + "hpack incomplete"); + break; + } + + /* this is the last part of HEADERS */ + switch (h2n->swsi->h2.h2_state) { + case LWS_H2_STATE_IDLE: + lws_h2_state(h2n->swsi, LWS_H2_STATE_OPEN); + break; + case LWS_H2_STATE_RESERVED_REMOTE: + lws_h2_state(h2n->swsi, LWS_H2_STATE_HALF_CLOSED_LOCAL); + break; + } + + lwsl_info("http req, wsi=%p, h2n->swsi=%p\n", wsi, h2n->swsi); + h2n->swsi->hdr_parsing_completed = 1; + + if (h2n->swsi->client_h2_substream) { + if (lws_client_interpret_server_handshake(h2n->swsi)) { + lws_h2_rst_stream(h2n->swsi, H2_ERR_STREAM_CLOSED, + "protocol CLI_EST closed it"); + break; + } + } + + if (lws_hdr_extant(h2n->swsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { + h2n->swsi->http.rx_content_length = atoll( + lws_hdr_simple_ptr(h2n->swsi, + WSI_TOKEN_HTTP_CONTENT_LENGTH)); + h2n->swsi->http.rx_content_remain = + h2n->swsi->http.rx_content_length; + lwsl_info("setting rx_content_length %lld\n", + (long long)h2n->swsi->http.rx_content_length); + } + + { + int n = 0, len; + char buf[256]; + const unsigned char *c; + + do { + c = lws_token_to_string(n); + if (!c) { + n++; + continue; + } + + len = lws_hdr_total_length(h2n->swsi, n); + if (!len || len > (int)sizeof(buf) - 1) { + n++; + continue; + } + + lws_hdr_copy(h2n->swsi, buf, sizeof buf, n); + buf[sizeof(buf) - 1] = '\0'; + + lwsl_info(" %s = %s\n", (char *)c, buf); + n++; + } while (c); + } + + if (h2n->swsi->h2.h2_state == LWS_H2_STATE_HALF_CLOSED_REMOTE || + h2n->swsi->h2.h2_state == LWS_H2_STATE_CLOSED) { + lws_h2_goaway(wsi, H2_ERR_STREAM_CLOSED, + "Banning service on CLOSED_REMOTE"); + break; + } + + switch (h2n->swsi->h2.h2_state) { + case LWS_H2_STATE_OPEN: + if (h2n->swsi->h2.END_STREAM) + lws_h2_state(h2n->swsi, + LWS_H2_STATE_HALF_CLOSED_REMOTE); + break; + case LWS_H2_STATE_HALF_CLOSED_LOCAL: + if (h2n->swsi->h2.END_STREAM) + lws_h2_state(h2n->swsi, LWS_H2_STATE_CLOSED); + break; + } + + if (h2n->swsi->client_h2_substream) { + lwsl_info("%s: headers: client path\n", __func__); + break; + } + + if (!lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_PATH) || + !lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_METHOD) || + !lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_SCHEME) || + lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_COLON_STATUS) || + lws_hdr_extant(h2n->swsi, WSI_TOKEN_CONNECTION)) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "Pseudoheader checks"); + break; + } + + if (lws_hdr_extant(h2n->swsi, WSI_TOKEN_TE)) { + n = lws_hdr_total_length(h2n->swsi, WSI_TOKEN_TE); + + if (n != 8 || + strncmp(lws_hdr_simple_ptr(h2n->swsi, WSI_TOKEN_TE), + "trailers", n)) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "Illegal transfer-encoding"); + break; + } + } + + p = lws_hdr_simple_ptr(h2n->swsi, WSI_TOKEN_HTTP_COLON_METHOD); + if (!strcmp(p, "POST")) + h2n->swsi->ah->frag_index[WSI_TOKEN_POST_URI] = + h2n->swsi->ah->frag_index[WSI_TOKEN_HTTP_COLON_PATH]; + + wsi->vhost->conn_stats.h2_trans++; + + lwsi_set_state(h2n->swsi, LRS_DEFERRING_ACTION); + lws_callback_on_writable(h2n->swsi); + break; + + case LWS_H2_FRAME_TYPE_DATA: + if (!h2n->swsi) + break; + + if (lws_hdr_total_length(h2n->swsi, WSI_TOKEN_HTTP_CONTENT_LENGTH) && + h2n->swsi->h2.END_STREAM && + h2n->swsi->http.rx_content_length && + h2n->swsi->http.rx_content_remain) { + lws_h2_rst_stream(h2n->swsi, H2_ERR_PROTOCOL_ERROR, + "Not enough rx content"); + break; + } + + if (h2n->swsi->h2.END_STREAM && + h2n->swsi->h2.h2_state == LWS_H2_STATE_OPEN) + lws_h2_state(h2n->swsi, LWS_H2_STATE_HALF_CLOSED_REMOTE); + + if (h2n->swsi->h2.END_STREAM && + h2n->swsi->h2.h2_state == LWS_H2_STATE_HALF_CLOSED_LOCAL) + lws_h2_state(h2n->swsi, LWS_H2_STATE_CLOSED); + + /* + * client... remote END_STREAM implies we weren't going to + * send anything else anyway. + */ + + if (h2n->swsi->client_h2_substream && + h2n->flags & LWS_H2_FLAG_END_STREAM) { + lwsl_info("%s: %p: DATA: end stream\n", __func__, h2n->swsi); + + if (h2n->swsi->h2.h2_state == LWS_H2_STATE_OPEN) { + lws_h2_state(h2n->swsi, LWS_H2_STATE_HALF_CLOSED_REMOTE); + // lws_h2_rst_stream(h2n->swsi, H2_ERR_NO_ERROR, + // "client done"); + + // if (lws_http_transaction_completed_client(h2n->swsi)) + // lwsl_debug("tx completed returned close\n"); + } + + //if (h2n->swsi->h2.h2_state == LWS_H2_STATE_HALF_CLOSED_LOCAL) + { + lws_h2_state(h2n->swsi, LWS_H2_STATE_CLOSED); + + lws_h2_rst_stream(h2n->swsi, H2_ERR_NO_ERROR, + "client done"); + + if (lws_http_transaction_completed_client(h2n->swsi)) + lwsl_debug("tx completed returned close\n"); + } + } + break; + + case LWS_H2_FRAME_TYPE_PING: + if (h2n->flags & LWS_H2_FLAG_SETTINGS_ACK) { // ack + } else {/* they're sending us a ping request */ + lwsl_info("rx ping, preparing pong\n"); + pps = lws_h2_new_pps(LWS_H2_PPS_PONG); + if (!pps) + return 1; + memcpy(pps->u.ping.ping_payload, h2n->ping_payload, 8); + lws_pps_schedule(wsi, pps); + } + + break; + + case LWS_H2_FRAME_TYPE_WINDOW_UPDATE: + h2n->hpack_e_dep &= ~(1 << 31); + lwsl_info("WINDOW_UPDATE: sid %d %u (0x%x)\n", h2n->sid, + h2n->hpack_e_dep, h2n->hpack_e_dep); + + if (h2n->sid) + eff_wsi = h2n->swsi; + + if (!eff_wsi) { + if (h2n->sid > h2n->highest_sid_opened) + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "alien sid"); + break; /* ignore */ + } + + if ((uint64_t)eff_wsi->h2.tx_cr + (uint64_t)h2n->hpack_e_dep > + (uint64_t)0x7fffffff) { + if (h2n->sid) + lws_h2_rst_stream(h2n->swsi, + H2_ERR_FLOW_CONTROL_ERROR, + "Flow control exceeded max"); + else + lws_h2_goaway(wsi, H2_ERR_FLOW_CONTROL_ERROR, + "Flow control exceeded max"); + break; + } + + if (!h2n->hpack_e_dep) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "Zero length window update"); + break; + } + n = eff_wsi->h2.tx_cr; + eff_wsi->h2.tx_cr += h2n->hpack_e_dep; + + if (n <= 0 && eff_wsi->h2.tx_cr <= 0) + /* it helps, but won't change sendability for anyone */ + break; + + /* + * It did change sendability... for us and any children waiting + * on us... reassess blockage for all children first + */ + lws_start_foreach_ll(struct lws *, w, wsi->h2.child_list) { + lws_callback_on_writable(w); + } lws_end_foreach_ll(w, h2.sibling_list); + + if (eff_wsi->h2.skint && lws_h2_tx_cr_get(eff_wsi)) { + lwsl_info("%s: %p: skint\n", __func__, wsi); + eff_wsi->h2.skint = 0; + lws_callback_on_writable(eff_wsi); + } + break; + + case LWS_H2_FRAME_TYPE_GOAWAY: + lwsl_info("GOAWAY: last sid %d, error 0x%08X, string '%s'\n", + h2n->goaway_last_sid, h2n->goaway_err, + h2n->goaway_str); + wsi->h2.GOING_AWAY = 1; + + return 1; + + case LWS_H2_FRAME_TYPE_RST_STREAM: + lwsl_info("LWS_H2_FRAME_TYPE_RST_STREAM: sid %d: reason 0x%x\n", + h2n->sid, h2n->hpack_e_dep); + break; + + case LWS_H2_FRAME_TYPE_COUNT: /* IGNORING FRAME */ + break; + } + + return 0; +} + +/* + * This may want to send something on the network wsi, which may be in the + * middle of a partial send. PPS sends are OK because they are queued to + * go through the WRITABLE handler already. + * + * The read parser for the network wsi has no choice but to parse its stream + * anyway, because otherwise it will not be able to get tx credit window + * messages. + * + * Therefore if we will send non-PPS, ie, lws_http_action() for a stream + * wsi, we must change its state and handle it as a priority in the + * POLLOUT handler instead of writing it here. + * + * About closing... for the main network wsi, it should return nonzero to + * close it all. If it needs to close an swsi, it can do it here. + */ +int +lws_h2_parser(struct lws *wsi, unsigned char *in, lws_filepos_t inlen, + lws_filepos_t *inused) +{ + struct lws_h2_netconn *h2n = wsi->h2.h2n; + struct lws_h2_protocol_send *pps; + unsigned char c, *oldin = in; + int n, m; + + if (!h2n) + goto fail; + + while (inlen--) { + + c = *in++; + + // lwsl_notice("%s: 0x%x\n", __func__, c); + + switch (lwsi_state(wsi)) { + case LRS_H2_AWAIT_PREFACE: + if (preface[h2n->count++] != c) + goto fail; + + if (preface[h2n->count]) + break; + + lwsl_info("http2: %p: established\n", wsi); + lwsi_set_state(wsi, LRS_H2_AWAIT_SETTINGS); + h2n->count = 0; + wsi->h2.tx_cr = 65535; + + /* + * we must send a settings frame -- empty one is OK... + * that must be the first thing sent by server + * and the peer must send a SETTINGS with ACK flag... + */ + pps = lws_h2_new_pps(LWS_H2_PPS_MY_SETTINGS); + if (!pps) + goto fail; + lws_pps_schedule(wsi, pps); + break; + + case LRS_H2_WAITING_TO_SEND_HEADERS: + case LRS_ESTABLISHED: + case LRS_H2_AWAIT_SETTINGS: + if (h2n->frame_state != LWS_H2_FRAME_HEADER_LENGTH) + goto try_frame_start; + + /* + * post-header, preamble / payload / padding part + */ + h2n->count++; + + if (h2n->flags & LWS_H2_FLAG_PADDED && !h2n->pad_length) { + /* + * Get the padding count... actual padding is + * at the end of the frame. + */ + h2n->padding = c; + h2n->pad_length = 1; + h2n->preamble++; + + if (h2n->padding > h2n->length - 1) + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "execssive padding"); + break; /* we consumed this */ + } + + if (h2n->flags & LWS_H2_FLAG_PRIORITY && + !h2n->collected_priority) { + /* going to be 5 preamble bytes */ + + lwsl_debug("PRIORITY FLAG: 0x%x\n", c); + + if (h2n->preamble++ - h2n->pad_length < 4) { + h2n->dep = ((h2n->dep) << 8) | c; + break; /* we consumed this */ + } + h2n->weight_temp = c; + h2n->collected_priority = 1; + lwsl_debug("PRI FL: dep 0x%x, weight 0x%02X\n", + h2n->dep, h2n->weight_temp); + break; /* we consumed this */ + } + if (h2n->padding && h2n->count > (h2n->length - h2n->padding)) { + if (c) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "nonzero padding"); + break; + } + goto frame_end; + } + + /* applies to wsi->h2.swsi which may be wsi */ + switch(h2n->type) { + + case LWS_H2_FRAME_TYPE_SETTINGS: + n = (h2n->count - 1 - h2n->preamble) % + LWS_H2_SETTINGS_LEN; + h2n->one_setting[n] = c; + if (n != LWS_H2_SETTINGS_LEN - 1) + break; + lws_h2_settings(wsi, &h2n->set, h2n->one_setting, + LWS_H2_SETTINGS_LEN); + break; + + case LWS_H2_FRAME_TYPE_CONTINUATION: + case LWS_H2_FRAME_TYPE_HEADERS: + if (!h2n->swsi) + break; + if (lws_hpack_interpret(h2n->swsi, c)) { + lwsl_info("%s: hpack failed\n", __func__); + goto fail; + } + break; + + case LWS_H2_FRAME_TYPE_GOAWAY: + switch (h2n->inside++) { + case 0: + case 1: + case 2: + case 3: + h2n->goaway_last_sid <<= 8; + h2n->goaway_last_sid |= c; + h2n->goaway_str[0] = '\0'; + break; + + case 4: + case 5: + case 6: + case 7: + h2n->goaway_err <<= 8; + h2n->goaway_err |= c; + break; + + default: + if (h2n->inside - 9 < + sizeof(h2n->goaway_str) - 1) + h2n->goaway_str[h2n->inside - 9] = c; + h2n->goaway_str[sizeof(h2n->goaway_str) - 1] = '\0'; + break; + } + break; + + case LWS_H2_FRAME_TYPE_DATA: + + // lwsl_notice("%s: LWS_H2_FRAME_TYPE_DATA\n", __func__); + + /* let the network wsi live a bit longer if subs are active... + * our frame may take a long time to chew through */ + if (!wsi->ws_over_h2_count) + lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE, 31); + + if (!h2n->swsi) + break; + + if (lwsi_role_http(h2n->swsi) && + lwsi_state(h2n->swsi) == LRS_ESTABLISHED) { + lwsi_set_state(h2n->swsi, LRS_BODY); + lwsl_info("%s: setting swsi %p to LRS_BODY\n", + __func__, h2n->swsi); + } + + if (lws_hdr_total_length(h2n->swsi, + WSI_TOKEN_HTTP_CONTENT_LENGTH) && + h2n->swsi->http.rx_content_length && + h2n->swsi->http.rx_content_remain < inlen + 1 && /* last */ + h2n->inside < h2n->length) { /* unread data in frame */ + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "More rx than content_length told"); + break; + } + + /* + * We operate on a frame. The RX we have at + * hand may exceed the current frame. + */ + + n = (int)inlen + 1; + if (n > (int)(h2n->length - h2n->count + 1)) { + n = h2n->length - h2n->count + 1; + lwsl_debug("---- restricting len to %d vs %ld\n", n, (long)inlen + 1); + } + + if (h2n->swsi->client_h2_substream) { + + m = user_callback_handle_rxflow( + h2n->swsi->protocol->callback, + h2n->swsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ, + h2n->swsi->user_space, in - 1, n); + + in += n - 1; + h2n->inside += n; + h2n->count += n - 1; + inlen -= n - 1; + + if (m) { + lwsl_info("RECEIVE_CLIENT_HTTP closed it\n"); + goto close_swsi_and_return; + } + + break; + } else { + + h2n->swsi->outer_will_close = 1; + /* + * choose the length for this go so that we end at + * the frame boundary, in the case there is already + * more waiting leave it for next time around + */ + + n = lws_read_h1(h2n->swsi, in - 1, n); + h2n->swsi->outer_will_close = 0; + /* + * can return 0 in POST body with + * content len exhausted somehow. + */ + if (n <= 0) { + lwsl_debug("%s: lws_read_h1 told %d %d / %d\n", + __func__, n, h2n->count, h2n->length); + in += h2n->length - h2n->count; + h2n->inside = h2n->length; + h2n->count = h2n->length - 1; + + if (n < 0) + goto already_closed_swsi; + goto close_swsi_and_return; + } + + inlen -= n - 1; + in += n - 1; + h2n->inside += n; + h2n->count += n - 1; + } + + /* account for both network and stream wsi windows */ + + wsi->h2.peer_tx_cr_est -= n; + h2n->swsi->h2.peer_tx_cr_est -= n; + + // lwsl_notice(" peer_tx_cr_est %d, parent %d\n", + // h2n->swsi->h2.peer_tx_cr_est, wsi->h2.peer_tx_cr_est); + + if (h2n->swsi->h2.peer_tx_cr_est < (int)(2 * h2n->length) + 65536) { + pps = lws_h2_new_pps(LWS_H2_PPS_UPDATE_WINDOW); + if (!pps) + return 1; + pps->u.update_window.sid = h2n->sid; + pps->u.update_window.credit = (2 * h2n->length + 65536); + h2n->swsi->h2.peer_tx_cr_est += pps->u.update_window.credit; + lws_pps_schedule(wsi, pps); + } + if (wsi->h2.peer_tx_cr_est < (int)(2 * h2n->length) + 65536) { + pps = lws_h2_new_pps(LWS_H2_PPS_UPDATE_WINDOW); + if (!pps) + return 1; + pps->u.update_window.sid = 0; + pps->u.update_window.credit = (2 * h2n->length + 65536); + wsi->h2.peer_tx_cr_est += pps->u.update_window.credit; + lws_pps_schedule(wsi, pps); + } + + // lwsl_notice("%s: count %d len %d\n", __func__, (int)h2n->count, (int)h2n->length); + + break; + + case LWS_H2_FRAME_TYPE_PRIORITY: + if (h2n->count <= 4) { + h2n->dep <<= 8; + h2n->dep |= c; + } else { + h2n->weight_temp = c; + lwsl_info("PRIORITY: dep 0x%x, weight 0x%02X\n", + h2n->dep, h2n->weight_temp); + + if ((h2n->dep & ~(1 << 31)) == h2n->sid) { + lws_h2_goaway(wsi, H2_ERR_PROTOCOL_ERROR, + "cant depend on own sid"); + break; + } + } + break; + + case LWS_H2_FRAME_TYPE_RST_STREAM: + h2n->hpack_e_dep <<= 8; + h2n->hpack_e_dep |= c; + break; + + case LWS_H2_FRAME_TYPE_PUSH_PROMISE: + break; + + case LWS_H2_FRAME_TYPE_PING: + if (h2n->flags & LWS_H2_FLAG_SETTINGS_ACK) { // ack + } else { /* they're sending us a ping request */ + if (h2n->count > 8) + return 1; + h2n->ping_payload[h2n->count - 1] = c; + } + break; + + case LWS_H2_FRAME_TYPE_WINDOW_UPDATE: + h2n->hpack_e_dep <<= 8; + h2n->hpack_e_dep |= c; + break; + + case LWS_H2_FRAME_TYPE_COUNT: /* IGNORING FRAME */ + break; + + default: + lwsl_notice("%s: unhandled frame type %d\n", + __func__, h2n->type); + + goto fail; + } + +frame_end: + if (h2n->count > h2n->length) { + lwsl_notice("%s: count > length %d %d\n", + __func__, h2n->count, h2n->length); + goto fail; + } + if (h2n->count != h2n->length) + break; + + /* + * end of frame just happened + */ + if (lws_h2_parse_end_of_frame(wsi)) + goto fail; + + break; + +try_frame_start: + if (h2n->frame_state <= 8) { + + switch (h2n->frame_state++) { + case 0: + h2n->pad_length = 0; + h2n->collected_priority = 0; + h2n->padding = 0; + h2n->preamble = 0; + h2n->length = c; + h2n->inside = 0; + break; + case 1: + case 2: + h2n->length <<= 8; + h2n->length |= c; + break; + case 3: + h2n->type = c; + break; + case 4: + h2n->flags = c; + break; + + case 5: + case 6: + case 7: + case 8: + h2n->sid <<= 8; + h2n->sid |= c; + break; + } + } + + if (h2n->frame_state == LWS_H2_FRAME_HEADER_LENGTH) + if (lws_h2_parse_frame_header(wsi)) + goto fail; + break; + + default: + break; + } + } + + *inused = in - oldin; + + return 0; + +close_swsi_and_return: + + lws_close_free_wsi(h2n->swsi, 0, "close_swsi_and_return"); + h2n->swsi = NULL; + h2n->frame_state = 0; + h2n->count = 0; + +already_closed_swsi: + *inused = in - oldin; + + return 2; + +fail: + *inused = in - oldin; + + return 1; +} + +int +lws_h2_client_handshake(struct lws *wsi) +{ + uint8_t buf[LWS_PRE + 1024], *start = &buf[LWS_PRE], + *p = start, *end = &buf[sizeof(buf) - 1]; + char *meth = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD), + *uri = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_URI); + struct lws *nwsi = lws_get_network_wsi(wsi); + struct lws_h2_protocol_send *pps; + int n; + /* + * The identifier of a newly established stream MUST be numerically + * greater than all streams that the initiating endpoint has opened or + * reserved. This governs streams that are opened using a HEADERS frame + * and streams that are reserved using PUSH_PROMISE. An endpoint that + * receives an unexpected stream identifier MUST respond with a + * connection error (Section 5.4.1) of type PROTOCOL_ERROR. + */ + int sid = nwsi->h2.h2n->highest_sid_opened + 2; + + nwsi->h2.h2n->highest_sid_opened = sid; + wsi->h2.my_sid = sid; + + lwsl_info("%s: CLIENT_WAITING_TO_SEND_HEADERS: pollout (sid %d)\n", + __func__, wsi->h2.my_sid); + + pps = lws_h2_new_pps(LWS_H2_PPS_UPDATE_WINDOW); + if (!pps) + return 1; + pps->u.update_window.sid = sid; + pps->u.update_window.credit = 4 * 65536; + wsi->h2.peer_tx_cr_est += pps->u.update_window.credit; + lws_pps_schedule(wsi, pps); + + pps = lws_h2_new_pps(LWS_H2_PPS_UPDATE_WINDOW); + if (!pps) + return 1; + pps->u.update_window.sid = 0; + pps->u.update_window.credit = 4 * 65536; + wsi->h2.peer_tx_cr_est += pps->u.update_window.credit; + lws_pps_schedule(wsi, pps); + + /* it's time for us to send our client stream headers */ + + if (!meth) + meth = "GET"; + + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_COLON_METHOD, + (unsigned char *)meth, + strlen(meth), &p, end)) + return -1; + + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_COLON_SCHEME, + (unsigned char *)"http", 4, + &p, end)) + return -1; + + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_COLON_PATH, + (unsigned char *)uri, + lws_hdr_total_length(wsi, _WSI_TOKEN_CLIENT_URI), + &p, end)) + return -1; + + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_COLON_AUTHORITY, + (unsigned char *)lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN), + lws_hdr_total_length(wsi, _WSI_TOKEN_CLIENT_ORIGIN), + &p, end)) + return -1; + + /* give userland a chance to append, eg, cookies */ + + if (wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER, + wsi->user_space, &p, (end - p) - 12)) + return -1; + + if (lws_finalize_http_header(wsi, &p, end)) + return -1; + + n = lws_write(wsi, start, p - start, + LWS_WRITE_HTTP_HEADERS); + if (n != (p - start)) { + lwsl_err("_write returned %d from %ld\n", n, + (long)(p - start)); + return -1; + } + + lws_h2_state(wsi, LWS_H2_STATE_OPEN); + lwsi_set_state(wsi, LRS_ESTABLISHED); + + return 0; +} + +int +lws_h2_ws_handshake(struct lws *wsi) +{ + uint8_t buf[LWS_PRE + 384], *p = buf + LWS_PRE, *start = p, + *end = &buf[sizeof(buf) - 1]; + const struct lws_http_mount *hit; + const char * uri_ptr; + int n, m; + + if (lws_add_http_header_status(wsi, HTTP_STATUS_OK, &p, end)) + return -1; + + if (lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL) > 64) + return -1; + + /* we can only return the protocol header if: + * - one came in, and ... */ + if (lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL) && + /* - it is not an empty string */ + wsi->protocol->name && wsi->protocol->name[0]) { + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_PROTOCOL, + (unsigned char *)wsi->protocol->name, + (int)strlen(wsi->protocol->name), + &p, end)) + return -1; + } + + if (lws_finalize_http_header(wsi, &p, end)) + return -1; + + m = lws_ptr_diff(p, start); + n = lws_write(wsi, start, m, LWS_WRITE_HTTP_HEADERS); + if (n != m) { + lwsl_err("_write returned %d from %d\n", n, m); + + return -1; + } + + /* + * alright clean up, set our state to generic ws established, the + * mode / state of the nwsi will get the h2 processing done. + */ + + lwsi_set_state(wsi, LRS_ESTABLISHED); + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + + uri_ptr = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_PATH); + n = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_COLON_PATH); + hit = lws_find_mount(wsi, uri_ptr, n); + + if (hit && hit->cgienv && + wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_PMO, wsi->user_space, + (void *)hit->cgienv, 0)) + return 1; + + return 0; +} + +int +lws_read_h2(struct lws *wsi, unsigned char *buf, lws_filepos_t len) +{ + unsigned char *oldbuf = buf; + lws_filepos_t body_chunk_len; + int m; + + // lwsl_notice("%s: h2 path: wsistate 0x%x len %d\n", __func__, + // wsi->wsistate, (int)len); + + /* + * wsi here is always the network connection wsi, not a stream + * wsi. Once we unpicked the framing we will find the right + * swsi and make it the target of the frame. + * + * If it's ws over h2, the nwsi will get us here to do the h2 + * processing, and that will call us back with the swsi + + * ESTABLISHED state for the inner payload, handled in a later + * case. + */ + while (len) { + /* + * we were accepting input but now we stopped doing so + */ + if (lws_is_flowcontrolled(wsi)) { + lws_rxflow_cache(wsi, buf, 0, (int)len); + buf += len; + break; + } + + /* + * lws_h2_parser() may send something; when it gets the + * whole frame, it will want to perform some action + * involving a reply. But we may be in a partial send + * situation on the network wsi... + * + * Even though we may be in a partial send and unable to + * send anything new, we still have to parse the network + * wsi in order to gain tx credit to send, which is + * potentially necessary to clear the old partial send. + * + * ALL network wsi-specific frames are sent by PPS + * already, these are sent as a priority on the writable + * handler, and so respect partial sends. The only + * problem is when a stream wsi wants to send an, eg, + * reply headers frame in response to the parsing + * we will do now... the *stream wsi* must stall in a + * different state until it is able to do so from a + * priority on the WRITABLE callback, same way that + * file transfers operate. + */ + + m = lws_h2_parser(wsi, buf, len, &body_chunk_len); + if (m && m != 2) { + lwsl_debug("%s: http2_parser bailed\n", __func__); + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "lws_read_h2 bail"); + + return -1; + } + if (m == 2) { + /* swsi has been closed */ + buf += body_chunk_len; + len -= body_chunk_len; + break; + } + + /* account for what we're using in rxflow buffer */ + if (wsi->rxflow_buffer) { + wsi->rxflow_pos += (int)body_chunk_len; + assert(wsi->rxflow_pos <= wsi->rxflow_len); + } + + buf += body_chunk_len; + len -= body_chunk_len; + } + + return lws_ptr_diff(buf, oldbuf); +} + diff --git a/lib/roles/h2/huftable.h b/lib/roles/h2/huftable.h new file mode 100644 index 0000000..385a83b --- /dev/null +++ b/lib/roles/h2/huftable.h @@ -0,0 +1,530 @@ +static unsigned char lextable[] = { +/* pos 0000: 0 */ /* 0 */ 0x42 /* (to 0x0084 state 98) */, + /* 1 */ 0x01 /* (to 0x0002 state 1) */, +/* pos 0002: 1 */ /* 0 */ 0x5C /* (to 0x00BA state 151) */, + /* 1 */ 0x01 /* (to 0x0004 state 2) */, +/* pos 0004: 2 */ /* 0 */ 0x66 /* (to 0x00D0 state 173) */, + /* 1 */ 0x01 /* (to 0x0006 state 3) */, +/* pos 0006: 3 */ /* 0 */ 0x74 /* (to 0x00EE state 204) */, + /* 1 */ 0x01 /* (to 0x0008 state 4) */, +/* pos 0008: 4 */ /* 0 */ 0x8C /* (to 0x0120 state 263) */, + /* 1 */ 0x01 /* (to 0x000A state 5) */, +/* pos 000a: 5 */ /* 0 */ 0x46 /* (to 0x0096 state 113) */, + /* 1 */ 0x01 /* (to 0x000C state 6) */, +/* pos 000c: 6 */ /* 0 */ 0x75 /* (to 0x00F6 state 211) */, + /* 1 */ 0x01 /* (to 0x000E state 7) */, +/* pos 000e: 7 */ /* 0 */ 0x40 /* (to 0x008E state 104) */, + /* 1 */ 0x01 /* (to 0x0010 state 8) */, +/* pos 0010: 8 */ /* 0 */ 0x45 /* (to 0x009A state 116) */, + /* 1 */ 0x01 /* (to 0x0012 state 9) */, +/* pos 0012: 9 */ /* 0 */ 0x40 /* (to 0x0092 state 108) */, + /* 1 */ 0x01 /* (to 0x0014 state 10) */, +/* pos 0014: 10 */ /* 0 */ 0x01 /* (to 0x0016 state 11) */, + /* 1 */ 0x03 /* (to 0x001A state 14) */, +/* pos 0016: 11 */ /* 0 */ 0x01 /* (to 0x0018 state 12) */, + /* 1 */ 0x5B /* (to 0x00CC state 166) */, +/* pos 0018: 12 */ /* terminal 0 */ 0x00, + /* terminal 36 */ 0x24, +/* pos 001a: 14 */ /* 0 */ 0x72 /* (to 0x00FE state 220) */, + /* 1 */ 0x01 /* (to 0x001C state 15) */, +/* pos 001c: 15 */ /* 0 */ 0x72 /* (to 0x0100 state 222) */, + /* 1 */ 0x01 /* (to 0x001E state 16) */, +/* pos 001e: 16 */ /* 0 */ 0x53 /* (to 0x00C4 state 158) */, + /* 1 */ 0x01 /* (to 0x0020 state 17) */, +/* pos 0020: 17 */ /* terminal 123 */ 0x7B, + /* 1 */ 0x01 /* (to 0x0022 state 18) */, +/* pos 0022: 18 */ /* 0 */ 0x6B /* (to 0x00F8 state 216) */, + /* 1 */ 0x01 /* (to 0x0024 state 19) */, +/* pos 0024: 19 */ /* 0 */ 0x84 /* (to 0x012C state 279) */, + /* 1 */ 0x01 /* (to 0x0026 state 20) */, +/* pos 0026: 20 */ /* 0 */ 0x01 /* (to 0x0028 state 21) */, + /* 1 */ 0x06 /* (to 0x0032 state 27) */, +/* pos 0028: 21 */ /* 0 */ 0xB3 /* (to 0x018E state 377) */, + /* 1 */ 0x01 /* (to 0x002A state 22) */, +/* pos 002a: 22 */ /* 0 */ 0xC3 /* (to 0x01B0 state 414) */, + /* 1 */ 0x01 /* (to 0x002C state 23) */, +/* pos 002c: 23 */ /* 0 */ 0x01 /* (to 0x002E state 24) */, + /* 1 */ 0x8C /* (to 0x0144 state 301) */, +/* pos 002e: 24 */ /* 0 */ 0x01 /* (to 0x0030 state 25) */, + /* 1 */ 0x8A /* (to 0x0142 state 298) */, +/* pos 0030: 25 */ /* terminal 1 */ 0x01, + /* terminal 135 */ 0x87, +/* pos 0032: 27 */ /* 0 */ 0x8E /* (to 0x014E state 314) */, + /* 1 */ 0x01 /* (to 0x0034 state 28) */, +/* pos 0034: 28 */ /* 0 */ 0x0F /* (to 0x0052 state 50) */, + /* 1 */ 0x01 /* (to 0x0036 state 29) */, +/* pos 0036: 29 */ /* 0 */ 0xA4 /* (to 0x017E state 362) */, + /* 1 */ 0x01 /* (to 0x0038 state 30) */, +/* pos 0038: 30 */ /* 0 */ 0xB7 /* (to 0x01A6 state 403) */, + /* 1 */ 0x01 /* (to 0x003A state 31) */, +/* pos 003a: 31 */ /* 0 */ 0xC8 /* (to 0x01CA state 440) */, + /* 1 */ 0x01 /* (to 0x003C state 32) */, +/* pos 003c: 32 */ /* 0 */ 0x01 /* (to 0x003E state 33) */, + /* 1 */ 0x0F /* (to 0x005A state 55) */, +/* pos 003e: 33 */ /* 0 */ 0x01 /* (to 0x0040 state 34) */, + /* 1 */ 0x07 /* (to 0x004C state 46) */, +/* pos 0040: 34 */ /* 0 */ 0x01 /* (to 0x0042 state 35) */, + /* 1 */ 0x03 /* (to 0x0046 state 39) */, +/* pos 0042: 35 */ /* terminal 254 */ 0xFE, + /* 1 */ 0x01 /* (to 0x0044 state 36) */, +/* pos 0044: 36 */ /* terminal 2 */ 0x02, + /* terminal 3 */ 0x03, +/* pos 0046: 39 */ /* 0 */ 0x01 /* (to 0x0048 state 40) */, + /* 1 */ 0x02 /* (to 0x004A state 43) */, +/* pos 0048: 40 */ /* terminal 4 */ 0x04, + /* terminal 5 */ 0x05, +/* pos 004a: 43 */ /* terminal 6 */ 0x06, + /* terminal 7 */ 0x07, +/* pos 004c: 46 */ /* 0 */ 0x01 /* (to 0x004E state 47) */, + /* 1 */ 0x0E /* (to 0x0068 state 67) */, +/* pos 004e: 47 */ /* 0 */ 0x01 /* (to 0x0050 state 48) */, + /* 1 */ 0x0C /* (to 0x0066 state 63) */, +/* pos 0050: 48 */ /* terminal 8 */ 0x08, + /* terminal 11 */ 0x0B, +/* pos 0052: 50 */ /* 0 */ 0xA7 /* (to 0x01A0 state 396) */, + /* 1 */ 0x01 /* (to 0x0054 state 51) */, +/* pos 0054: 51 */ /* 0 */ 0x01 /* (to 0x0056 state 52) */, + /* 1 */ 0x7B /* (to 0x014A state 309) */, +/* pos 0056: 52 */ /* terminal 239 */ 0xEF, + /* 1 */ 0x01 /* (to 0x0058 state 53) */, +/* pos 0058: 53 */ /* terminal 9 */ 0x09, + /* terminal 142 */ 0x8E, +/* pos 005a: 55 */ /* 0 */ 0x0A /* (to 0x006E state 74) */, + /* 1 */ 0x01 /* (to 0x005C state 56) */, +/* pos 005c: 56 */ /* 0 */ 0x11 /* (to 0x007E state 91) */, + /* 1 */ 0x01 /* (to 0x005E state 57) */, +/* pos 005e: 57 */ /* 0 */ 0x64 /* (to 0x0126 state 274) */, + /* 1 */ 0x01 /* (to 0x0060 state 58) */, +/* pos 0060: 58 */ /* terminal 249 */ 0xF9, + /* 1 */ 0x01 /* (to 0x0062 state 59) */, +/* pos 0062: 59 */ /* 0 */ 0x01 /* (to 0x0064 state 60) */, + /* 1 */ 0x0A /* (to 0x0076 state 81) */, +/* pos 0064: 60 */ /* terminal 10 */ 0x0A, + /* terminal 13 */ 0x0D, +/* pos 0066: 63 */ /* terminal 12 */ 0x0C, + /* terminal 14 */ 0x0E, +/* pos 0068: 67 */ /* 0 */ 0x01 /* (to 0x006A state 68) */, + /* 1 */ 0x02 /* (to 0x006C state 71) */, +/* pos 006a: 68 */ /* terminal 15 */ 0x0F, + /* terminal 16 */ 0x10, +/* pos 006c: 71 */ /* terminal 17 */ 0x11, + /* terminal 18 */ 0x12, +/* pos 006e: 74 */ /* 0 */ 0x01 /* (to 0x0070 state 75) */, + /* 1 */ 0x05 /* (to 0x0078 state 84) */, +/* pos 0070: 75 */ /* 0 */ 0x01 /* (to 0x0072 state 76) */, + /* 1 */ 0x02 /* (to 0x0074 state 79) */, +/* pos 0072: 76 */ /* terminal 19 */ 0x13, + /* terminal 20 */ 0x14, +/* pos 0074: 79 */ /* terminal 21 */ 0x15, + /* terminal 23 */ 0x17, +/* pos 0076: 81 */ /* terminal 22 */ 0x16, + /* terminal 256 */ 0x00, +/* pos 0078: 84 */ /* 0 */ 0x01 /* (to 0x007A state 85) */, + /* 1 */ 0x02 /* (to 0x007C state 88) */, +/* pos 007a: 85 */ /* terminal 24 */ 0x18, + /* terminal 25 */ 0x19, +/* pos 007c: 88 */ /* terminal 26 */ 0x1A, + /* terminal 27 */ 0x1B, +/* pos 007e: 91 */ /* 0 */ 0x01 /* (to 0x0080 state 92) */, + /* 1 */ 0x02 /* (to 0x0082 state 95) */, +/* pos 0080: 92 */ /* terminal 28 */ 0x1C, + /* terminal 29 */ 0x1D, +/* pos 0082: 95 */ /* terminal 30 */ 0x1E, + /* terminal 31 */ 0x1F, +/* pos 0084: 98 */ /* 0 */ 0x13 /* (to 0x00AA state 133) */, + /* 1 */ 0x01 /* (to 0x0086 state 99) */, +/* pos 0086: 99 */ /* 0 */ 0x01 /* (to 0x0088 state 100) */, + /* 1 */ 0x0F /* (to 0x00A4 state 129) */, +/* pos 0088: 100 */ /* 0 */ 0x4B /* (to 0x011E state 258) */, + /* 1 */ 0x01 /* (to 0x008A state 101) */, +/* pos 008a: 101 */ /* 0 */ 0x01 /* (to 0x008C state 102) */, + /* 1 */ 0x0C /* (to 0x00A2 state 126) */, +/* pos 008c: 102 */ /* terminal 32 */ 0x20, + /* terminal 37 */ 0x25, +/* pos 008e: 104 */ /* 0 */ 0x01 /* (to 0x0090 state 105) */, + /* 1 */ 0x08 /* (to 0x009E state 119) */, +/* pos 0090: 105 */ /* terminal 33 */ 0x21, + /* terminal 34 */ 0x22, +/* pos 0092: 108 */ /* terminal 124 */ 0x7C, + /* 1 */ 0x01 /* (to 0x0094 state 109) */, +/* pos 0094: 109 */ /* terminal 35 */ 0x23, + /* terminal 62 */ 0x3E, +/* pos 0096: 113 */ /* 0 */ 0x01 /* (to 0x0098 state 114) */, + /* 1 */ 0x05 /* (to 0x00A0 state 124) */, +/* pos 0098: 114 */ /* terminal 38 */ 0x26, + /* terminal 42 */ 0x2A, +/* pos 009a: 116 */ /* terminal 63 */ 0x3F, + /* 1 */ 0x01 /* (to 0x009C state 117) */, +/* pos 009c: 117 */ /* terminal 39 */ 0x27, + /* terminal 43 */ 0x2B, +/* pos 009e: 119 */ /* terminal 40 */ 0x28, + /* terminal 41 */ 0x29, +/* pos 00a0: 124 */ /* terminal 44 */ 0x2C, + /* terminal 59 */ 0x3B, +/* pos 00a2: 126 */ /* terminal 45 */ 0x2D, + /* terminal 46 */ 0x2E, +/* pos 00a4: 129 */ /* 0 */ 0x01 /* (to 0x00A6 state 130) */, + /* 1 */ 0x08 /* (to 0x00B4 state 144) */, +/* pos 00a6: 130 */ /* 0 */ 0x01 /* (to 0x00A8 state 131) */, + /* 1 */ 0x06 /* (to 0x00B2 state 141) */, +/* pos 00a8: 131 */ /* terminal 47 */ 0x2F, + /* terminal 51 */ 0x33, +/* pos 00aa: 133 */ /* 0 */ 0x01 /* (to 0x00AC state 134) */, + /* 1 */ 0x2D /* (to 0x0104 state 229) */, +/* pos 00ac: 134 */ /* 0 */ 0x01 /* (to 0x00AE state 135) */, + /* 1 */ 0x02 /* (to 0x00B0 state 138) */, +/* pos 00ae: 135 */ /* terminal 48 */ 0x30, + /* terminal 49 */ 0x31, +/* pos 00b0: 138 */ /* terminal 50 */ 0x32, + /* terminal 97 */ 0x61, +/* pos 00b2: 141 */ /* terminal 52 */ 0x34, + /* terminal 53 */ 0x35, +/* pos 00b4: 144 */ /* 0 */ 0x01 /* (to 0x00B6 state 145) */, + /* 1 */ 0x02 /* (to 0x00B8 state 148) */, +/* pos 00b6: 145 */ /* terminal 54 */ 0x36, + /* terminal 55 */ 0x37, +/* pos 00b8: 148 */ /* terminal 56 */ 0x38, + /* terminal 57 */ 0x39, +/* pos 00ba: 151 */ /* 0 */ 0x06 /* (to 0x00C6 state 160) */, + /* 1 */ 0x01 /* (to 0x00BC state 152) */, +/* pos 00bc: 152 */ /* 0 */ 0x2C /* (to 0x0114 state 246) */, + /* 1 */ 0x01 /* (to 0x00BE state 153) */, +/* pos 00be: 153 */ /* 0 */ 0x2F /* (to 0x011C state 256) */, + /* 1 */ 0x01 /* (to 0x00C0 state 154) */, +/* pos 00c0: 154 */ /* 0 */ 0x01 /* (to 0x00C2 state 155) */, + /* 1 */ 0x07 /* (to 0x00CE state 170) */, +/* pos 00c2: 155 */ /* terminal 58 */ 0x3A, + /* terminal 66 */ 0x42, +/* pos 00c4: 158 */ /* terminal 60 */ 0x3C, + /* terminal 96 */ 0x60, +/* pos 00c6: 160 */ /* 0 */ 0x01 /* (to 0x00C8 state 161) */, + /* 1 */ 0x21 /* (to 0x0108 state 232) */, +/* pos 00c8: 161 */ /* 0 */ 0x01 /* (to 0x00CA state 162) */, + /* 1 */ 0x1D /* (to 0x0102 state 224) */, +/* pos 00ca: 162 */ /* terminal 61 */ 0x3D, + /* terminal 65 */ 0x41, +/* pos 00cc: 166 */ /* terminal 64 */ 0x40, + /* terminal 91 */ 0x5B, +/* pos 00ce: 170 */ /* terminal 67 */ 0x43, + /* terminal 68 */ 0x44, +/* pos 00d0: 173 */ /* 0 */ 0x01 /* (to 0x00D2 state 174) */, + /* 1 */ 0x08 /* (to 0x00E0 state 189) */, +/* pos 00d2: 174 */ /* 0 */ 0x01 /* (to 0x00D4 state 175) */, + /* 1 */ 0x04 /* (to 0x00DA state 182) */, +/* pos 00d4: 175 */ /* 0 */ 0x01 /* (to 0x00D6 state 176) */, + /* 1 */ 0x02 /* (to 0x00D8 state 179) */, +/* pos 00d6: 176 */ /* terminal 69 */ 0x45, + /* terminal 70 */ 0x46, +/* pos 00d8: 179 */ /* terminal 71 */ 0x47, + /* terminal 72 */ 0x48, +/* pos 00da: 182 */ /* 0 */ 0x01 /* (to 0x00DC state 183) */, + /* 1 */ 0x02 /* (to 0x00DE state 186) */, +/* pos 00dc: 183 */ /* terminal 73 */ 0x49, + /* terminal 74 */ 0x4A, +/* pos 00de: 186 */ /* terminal 75 */ 0x4B, + /* terminal 76 */ 0x4C, +/* pos 00e0: 189 */ /* 0 */ 0x01 /* (to 0x00E2 state 190) */, + /* 1 */ 0x04 /* (to 0x00E8 state 197) */, +/* pos 00e2: 190 */ /* 0 */ 0x01 /* (to 0x00E4 state 191) */, + /* 1 */ 0x02 /* (to 0x00E6 state 194) */, +/* pos 00e4: 191 */ /* terminal 77 */ 0x4D, + /* terminal 78 */ 0x4E, +/* pos 00e6: 194 */ /* terminal 79 */ 0x4F, + /* terminal 80 */ 0x50, +/* pos 00e8: 197 */ /* 0 */ 0x01 /* (to 0x00EA state 198) */, + /* 1 */ 0x02 /* (to 0x00EC state 201) */, +/* pos 00ea: 198 */ /* terminal 81 */ 0x51, + /* terminal 82 */ 0x52, +/* pos 00ec: 201 */ /* terminal 83 */ 0x53, + /* terminal 84 */ 0x54, +/* pos 00ee: 204 */ /* 0 */ 0x01 /* (to 0x00F0 state 205) */, + /* 1 */ 0x11 /* (to 0x0110 state 242) */, +/* pos 00f0: 205 */ /* 0 */ 0x01 /* (to 0x00F2 state 206) */, + /* 1 */ 0x02 /* (to 0x00F4 state 209) */, +/* pos 00f2: 206 */ /* terminal 85 */ 0x55, + /* terminal 86 */ 0x56, +/* pos 00f4: 209 */ /* terminal 87 */ 0x57, + /* terminal 89 */ 0x59, +/* pos 00f6: 211 */ /* terminal 88 */ 0x58, + /* terminal 90 */ 0x5A, +/* pos 00f8: 216 */ /* 0 */ 0x01 /* (to 0x00FA state 217) */, + /* 1 */ 0x1F /* (to 0x0136 state 286) */, +/* pos 00fa: 217 */ /* 0 */ 0x01 /* (to 0x00FC state 218) */, + /* 1 */ 0x17 /* (to 0x0128 state 276) */, +/* pos 00fc: 218 */ /* terminal 92 */ 0x5C, + /* terminal 195 */ 0xC3, +/* pos 00fe: 220 */ /* terminal 93 */ 0x5D, + /* terminal 126 */ 0x7E, +/* pos 0100: 222 */ /* terminal 94 */ 0x5E, + /* terminal 125 */ 0x7D, +/* pos 0102: 224 */ /* terminal 95 */ 0x5F, + /* terminal 98 */ 0x62, +/* pos 0104: 229 */ /* 0 */ 0x01 /* (to 0x0106 state 230) */, + /* 1 */ 0x05 /* (to 0x010E state 240) */, +/* pos 0106: 230 */ /* terminal 99 */ 0x63, + /* terminal 101 */ 0x65, +/* pos 0108: 232 */ /* 0 */ 0x01 /* (to 0x010A state 233) */, + /* 1 */ 0x02 /* (to 0x010C state 237) */, +/* pos 010a: 233 */ /* terminal 100 */ 0x64, + /* terminal 102 */ 0x66, +/* pos 010c: 237 */ /* terminal 103 */ 0x67, + /* terminal 104 */ 0x68, +/* pos 010e: 240 */ /* terminal 105 */ 0x69, + /* terminal 111 */ 0x6F, +/* pos 0110: 242 */ /* 0 */ 0x01 /* (to 0x0112 state 243) */, + /* 1 */ 0x05 /* (to 0x011A state 254) */, +/* pos 0112: 243 */ /* terminal 106 */ 0x6A, + /* terminal 107 */ 0x6B, +/* pos 0114: 246 */ /* 0 */ 0x01 /* (to 0x0116 state 247) */, + /* 1 */ 0x02 /* (to 0x0118 state 250) */, +/* pos 0116: 247 */ /* terminal 108 */ 0x6C, + /* terminal 109 */ 0x6D, +/* pos 0118: 250 */ /* terminal 110 */ 0x6E, + /* terminal 112 */ 0x70, +/* pos 011a: 254 */ /* terminal 113 */ 0x71, + /* terminal 118 */ 0x76, +/* pos 011c: 256 */ /* terminal 114 */ 0x72, + /* terminal 117 */ 0x75, +/* pos 011e: 258 */ /* terminal 115 */ 0x73, + /* terminal 116 */ 0x74, +/* pos 0120: 263 */ /* 0 */ 0x01 /* (to 0x0122 state 264) */, + /* 1 */ 0x02 /* (to 0x0124 state 267) */, +/* pos 0122: 264 */ /* terminal 119 */ 0x77, + /* terminal 120 */ 0x78, +/* pos 0124: 267 */ /* terminal 121 */ 0x79, + /* terminal 122 */ 0x7A, +/* pos 0126: 274 */ /* terminal 127 */ 0x7F, + /* terminal 220 */ 0xDC, +/* pos 0128: 276 */ /* terminal 208 */ 0xD0, + /* 1 */ 0x01 /* (to 0x012A state 277) */, +/* pos 012a: 277 */ /* terminal 128 */ 0x80, + /* terminal 130 */ 0x82, +/* pos 012c: 279 */ /* 0 */ 0x2E /* (to 0x0188 state 372) */, + /* 1 */ 0x01 /* (to 0x012E state 280) */, +/* pos 012e: 280 */ /* 0 */ 0x01 /* (to 0x0130 state 281) */, + /* 1 */ 0x1B /* (to 0x0164 state 332) */, +/* pos 0130: 281 */ /* 0 */ 0x01 /* (to 0x0132 state 282) */, + /* 1 */ 0x06 /* (to 0x013C state 291) */, +/* pos 0132: 282 */ /* terminal 230 */ 0xE6, + /* 1 */ 0x01 /* (to 0x0134 state 283) */, +/* pos 0134: 283 */ /* terminal 129 */ 0x81, + /* terminal 132 */ 0x84, +/* pos 0136: 286 */ /* 0 */ 0x01 /* (to 0x0138 state 287) */, + /* 1 */ 0x14 /* (to 0x015E state 328) */, +/* pos 0138: 287 */ /* 0 */ 0x01 /* (to 0x013A state 288) */, + /* 1 */ 0x30 /* (to 0x0198 state 388) */, +/* pos 013a: 288 */ /* terminal 131 */ 0x83, + /* terminal 162 */ 0xA2, +/* pos 013c: 291 */ /* 0 */ 0x01 /* (to 0x013E state 292) */, + /* 1 */ 0x02 /* (to 0x0140 state 296) */, +/* pos 013e: 292 */ /* terminal 133 */ 0x85, + /* terminal 134 */ 0x86, +/* pos 0140: 296 */ /* terminal 136 */ 0x88, + /* terminal 146 */ 0x92, +/* pos 0142: 298 */ /* terminal 137 */ 0x89, + /* terminal 138 */ 0x8A, +/* pos 0144: 301 */ /* 0 */ 0x01 /* (to 0x0146 state 302) */, + /* 1 */ 0x02 /* (to 0x0148 state 305) */, +/* pos 0146: 302 */ /* terminal 139 */ 0x8B, + /* terminal 140 */ 0x8C, +/* pos 0148: 305 */ /* terminal 141 */ 0x8D, + /* terminal 143 */ 0x8F, +/* pos 014a: 309 */ /* 0 */ 0x01 /* (to 0x014C state 310) */, + /* 1 */ 0x06 /* (to 0x0156 state 319) */, +/* pos 014c: 310 */ /* terminal 144 */ 0x90, + /* terminal 145 */ 0x91, +/* pos 014e: 314 */ /* 0 */ 0x01 /* (to 0x0150 state 315) */, + /* 1 */ 0x12 /* (to 0x0172 state 350) */, +/* pos 0150: 315 */ /* 0 */ 0x01 /* (to 0x0152 state 316) */, + /* 1 */ 0x05 /* (to 0x015A state 325) */, +/* pos 0152: 316 */ /* 0 */ 0x01 /* (to 0x0154 state 317) */, + /* 1 */ 0x03 /* (to 0x0158 state 322) */, +/* pos 0154: 317 */ /* terminal 147 */ 0x93, + /* terminal 149 */ 0x95, +/* pos 0156: 319 */ /* terminal 148 */ 0x94, + /* terminal 159 */ 0x9F, +/* pos 0158: 322 */ /* terminal 150 */ 0x96, + /* terminal 151 */ 0x97, +/* pos 015a: 325 */ /* 0 */ 0x01 /* (to 0x015C state 326) */, + /* 1 */ 0x08 /* (to 0x016A state 338) */, +/* pos 015c: 326 */ /* terminal 152 */ 0x98, + /* terminal 155 */ 0x9B, +/* pos 015e: 328 */ /* 0 */ 0x42 /* (to 0x01E2 state 465) */, + /* 1 */ 0x01 /* (to 0x0160 state 329) */, +/* pos 0160: 329 */ /* 0 */ 0x01 /* (to 0x0162 state 330) */, + /* 1 */ 0x0C /* (to 0x0178 state 355) */, +/* pos 0162: 330 */ /* terminal 153 */ 0x99, + /* terminal 161 */ 0xA1, +/* pos 0164: 332 */ /* 0 */ 0x01 /* (to 0x0166 state 333) */, + /* 1 */ 0x05 /* (to 0x016E state 347) */, +/* pos 0166: 333 */ /* 0 */ 0x01 /* (to 0x0168 state 334) */, + /* 1 */ 0x03 /* (to 0x016C state 342) */, +/* pos 0168: 334 */ /* terminal 154 */ 0x9A, + /* terminal 156 */ 0x9C, +/* pos 016a: 338 */ /* terminal 157 */ 0x9D, + /* terminal 158 */ 0x9E, +/* pos 016c: 342 */ /* terminal 160 */ 0xA0, + /* terminal 163 */ 0xA3, +/* pos 016e: 347 */ /* 0 */ 0x01 /* (to 0x0170 state 348) */, + /* 1 */ 0x07 /* (to 0x017C state 360) */, +/* pos 0170: 348 */ /* terminal 164 */ 0xA4, + /* terminal 169 */ 0xA9, +/* pos 0172: 350 */ /* 0 */ 0x01 /* (to 0x0174 state 351) */, + /* 1 */ 0x09 /* (to 0x0184 state 369) */, +/* pos 0174: 351 */ /* 0 */ 0x01 /* (to 0x0176 state 352) */, + /* 1 */ 0x03 /* (to 0x017A state 357) */, +/* pos 0176: 352 */ /* terminal 165 */ 0xA5, + /* terminal 166 */ 0xA6, +/* pos 0178: 355 */ /* terminal 167 */ 0xA7, + /* terminal 172 */ 0xAC, +/* pos 017a: 357 */ /* terminal 168 */ 0xA8, + /* terminal 174 */ 0xAE, +/* pos 017c: 360 */ /* terminal 170 */ 0xAA, + /* terminal 173 */ 0xAD, +/* pos 017e: 362 */ /* 0 */ 0x01 /* (to 0x0180 state 363) */, + /* 1 */ 0x1B /* (to 0x01B4 state 417) */, +/* pos 0180: 363 */ /* 0 */ 0x01 /* (to 0x0182 state 364) */, + /* 1 */ 0x2A /* (to 0x01D4 state 449) */, +/* pos 0182: 364 */ /* terminal 171 */ 0xAB, + /* terminal 206 */ 0xCE, +/* pos 0184: 369 */ /* 0 */ 0x01 /* (to 0x0186 state 370) */, + /* 1 */ 0x09 /* (to 0x0196 state 385) */, +/* pos 0186: 370 */ /* terminal 175 */ 0xAF, + /* terminal 180 */ 0xB4, +/* pos 0188: 372 */ /* 0 */ 0x01 /* (to 0x018A state 373) */, + /* 1 */ 0x27 /* (to 0x01D6 state 451) */, +/* pos 018a: 373 */ /* 0 */ 0x01 /* (to 0x018C state 374) */, + /* 1 */ 0x05 /* (to 0x0194 state 381) */, +/* pos 018c: 374 */ /* terminal 176 */ 0xB0, + /* terminal 177 */ 0xB1, +/* pos 018e: 377 */ /* 0 */ 0x01 /* (to 0x0190 state 378) */, + /* 1 */ 0x07 /* (to 0x019C state 393) */, +/* pos 0190: 378 */ /* 0 */ 0x01 /* (to 0x0192 state 379) */, + /* 1 */ 0x05 /* (to 0x019A state 390) */, +/* pos 0192: 379 */ /* terminal 178 */ 0xB2, + /* terminal 181 */ 0xB5, +/* pos 0194: 381 */ /* terminal 179 */ 0xB3, + /* terminal 209 */ 0xD1, +/* pos 0196: 385 */ /* terminal 182 */ 0xB6, + /* terminal 183 */ 0xB7, +/* pos 0198: 388 */ /* terminal 184 */ 0xB8, + /* terminal 194 */ 0xC2, +/* pos 019a: 390 */ /* terminal 185 */ 0xB9, + /* terminal 186 */ 0xBA, +/* pos 019c: 393 */ /* 0 */ 0x01 /* (to 0x019E state 394) */, + /* 1 */ 0x04 /* (to 0x01A4 state 400) */, +/* pos 019e: 394 */ /* terminal 187 */ 0xBB, + /* terminal 189 */ 0xBD, +/* pos 01a0: 396 */ /* 0 */ 0x01 /* (to 0x01A2 state 397) */, + /* 1 */ 0x07 /* (to 0x01AE state 412) */, +/* pos 01a2: 397 */ /* terminal 188 */ 0xBC, + /* terminal 191 */ 0xBF, +/* pos 01a4: 400 */ /* terminal 190 */ 0xBE, + /* terminal 196 */ 0xC4, +/* pos 01a6: 403 */ /* 0 */ 0x01 /* (to 0x01A8 state 404) */, + /* 1 */ 0x0D /* (to 0x01C0 state 427) */, +/* pos 01a8: 404 */ /* 0 */ 0x01 /* (to 0x01AA state 405) */, + /* 1 */ 0x0A /* (to 0x01BC state 424) */, +/* pos 01aa: 405 */ /* 0 */ 0x01 /* (to 0x01AC state 406) */, + /* 1 */ 0x08 /* (to 0x01BA state 421) */, +/* pos 01ac: 406 */ /* terminal 192 */ 0xC0, + /* terminal 193 */ 0xC1, +/* pos 01ae: 412 */ /* terminal 197 */ 0xC5, + /* terminal 231 */ 0xE7, +/* pos 01b0: 414 */ /* 0 */ 0x01 /* (to 0x01B2 state 415) */, + /* 1 */ 0x1B /* (to 0x01E6 state 475) */, +/* pos 01b2: 415 */ /* terminal 198 */ 0xC6, + /* terminal 228 */ 0xE4, +/* pos 01b4: 417 */ /* 0 */ 0x1B /* (to 0x01EA state 481) */, + /* 1 */ 0x01 /* (to 0x01B6 state 418) */, +/* pos 01b6: 418 */ /* 0 */ 0x01 /* (to 0x01B8 state 419) */, + /* 1 */ 0x19 /* (to 0x01E8 state 478) */, +/* pos 01b8: 419 */ /* terminal 199 */ 0xC7, + /* terminal 207 */ 0xCF, +/* pos 01ba: 421 */ /* terminal 200 */ 0xC8, + /* terminal 201 */ 0xC9, +/* pos 01bc: 424 */ /* 0 */ 0x01 /* (to 0x01BE state 425) */, + /* 1 */ 0x06 /* (to 0x01C8 state 438) */, +/* pos 01be: 425 */ /* terminal 202 */ 0xCA, + /* terminal 205 */ 0xCD, +/* pos 01c0: 427 */ /* 0 */ 0x0D /* (to 0x01DA state 455) */, + /* 1 */ 0x01 /* (to 0x01C2 state 428) */, +/* pos 01c2: 428 */ /* 0 */ 0x17 /* (to 0x01F0 state 490) */, + /* 1 */ 0x01 /* (to 0x01C4 state 429) */, +/* pos 01c4: 429 */ /* terminal 255 */ 0xFF, + /* 1 */ 0x01 /* (to 0x01C6 state 430) */, +/* pos 01c6: 430 */ /* terminal 203 */ 0xCB, + /* terminal 204 */ 0xCC, +/* pos 01c8: 438 */ /* terminal 210 */ 0xD2, + /* terminal 213 */ 0xD5, +/* pos 01ca: 440 */ /* 0 */ 0x01 /* (to 0x01CC state 441) */, + /* 1 */ 0x14 /* (to 0x01F2 state 494) */, +/* pos 01cc: 441 */ /* 0 */ 0x01 /* (to 0x01CE state 442) */, + /* 1 */ 0x09 /* (to 0x01DE state 461) */, +/* pos 01ce: 442 */ /* 0 */ 0x01 /* (to 0x01D0 state 443) */, + /* 1 */ 0x02 /* (to 0x01D2 state 447) */, +/* pos 01d0: 443 */ /* terminal 211 */ 0xD3, + /* terminal 212 */ 0xD4, +/* pos 01d2: 447 */ /* terminal 214 */ 0xD6, + /* terminal 221 */ 0xDD, +/* pos 01d4: 449 */ /* terminal 215 */ 0xD7, + /* terminal 225 */ 0xE1, +/* pos 01d6: 451 */ /* 0 */ 0x01 /* (to 0x01D8 state 452) */, + /* 1 */ 0x07 /* (to 0x01E4 state 469) */, +/* pos 01d8: 452 */ /* terminal 216 */ 0xD8, + /* terminal 217 */ 0xD9, +/* pos 01da: 455 */ /* 0 */ 0x01 /* (to 0x01DC state 456) */, + /* 1 */ 0x09 /* (to 0x01EC state 484) */, +/* pos 01dc: 456 */ /* terminal 218 */ 0xDA, + /* terminal 219 */ 0xDB, +/* pos 01de: 461 */ /* 0 */ 0x01 /* (to 0x01E0 state 462) */, + /* 1 */ 0x08 /* (to 0x01EE state 488) */, +/* pos 01e0: 462 */ /* terminal 222 */ 0xDE, + /* terminal 223 */ 0xDF, +/* pos 01e2: 465 */ /* terminal 224 */ 0xE0, + /* terminal 226 */ 0xE2, +/* pos 01e4: 469 */ /* terminal 227 */ 0xE3, + /* terminal 229 */ 0xE5, +/* pos 01e6: 475 */ /* terminal 232 */ 0xE8, + /* terminal 233 */ 0xE9, +/* pos 01e8: 478 */ /* terminal 234 */ 0xEA, + /* terminal 235 */ 0xEB, +/* pos 01ea: 481 */ /* terminal 236 */ 0xEC, + /* terminal 237 */ 0xED, +/* pos 01ec: 484 */ /* terminal 238 */ 0xEE, + /* terminal 240 */ 0xF0, +/* pos 01ee: 488 */ /* terminal 241 */ 0xF1, + /* terminal 244 */ 0xF4, +/* pos 01f0: 490 */ /* terminal 242 */ 0xF2, + /* terminal 243 */ 0xF3, +/* pos 01f2: 494 */ /* 0 */ 0x01 /* (to 0x01F4 state 495) */, + /* 1 */ 0x04 /* (to 0x01FA state 503) */, +/* pos 01f4: 495 */ /* 0 */ 0x01 /* (to 0x01F6 state 496) */, + /* 1 */ 0x02 /* (to 0x01F8 state 499) */, +/* pos 01f6: 496 */ /* terminal 245 */ 0xF5, + /* terminal 246 */ 0xF6, +/* pos 01f8: 499 */ /* terminal 247 */ 0xF7, + /* terminal 248 */ 0xF8, +/* pos 01fa: 503 */ /* 0 */ 0x01 /* (to 0x01FC state 504) */, + /* 1 */ 0x02 /* (to 0x01FE state 507) */, +/* pos 01fc: 504 */ /* terminal 250 */ 0xFA, + /* terminal 251 */ 0xFB, +/* pos 01fe: 507 */ /* terminal 252 */ 0xFC, + /* terminal 253 */ 0xFD, +/* total size 512 bytes, biggest jump 200/256, fails=0 */ +}; + + static unsigned char lextable_terms[] = { + + 0x00, 0x00, 0x00, 0x03, 0x01, 0x00, 0x03, 0x00, + 0x34, 0x0f, 0x43, 0x03, 0xf1, 0x3c, 0xfc, 0x3c, + 0x0f, 0x30, 0x37, 0xf7, 0x0f, 0xc3, 0xcf, 0x03, + 0x3c, 0xfc, 0xc0, 0xf3, 0xf0, 0x3c, 0xfc, 0xf0, + 0xcf, 0xfc, 0xcc, 0xff, 0xfc, 0x0d, 0x34, 0xcc, + 0xcf, 0x33, 0xf0, 0x33, 0x0c, 0x3f, 0xc3, 0x3f, + 0xcc, 0x30, 0xfc, 0xcf, 0x3c, 0xf0, 0x0c, 0xcf, + 0xd0, 0x03, 0x3f, 0x33, 0xff, 0xff, 0xc3, 0xf3, +}; + +/* state that points to 0x100 for disambiguation with 0x0 */ +#define HUFTABLE_0x100_PREV 118 diff --git a/lib/roles/h2/minihuf.c b/lib/roles/h2/minihuf.c new file mode 100644 index 0000000..eaf84e5 --- /dev/null +++ b/lib/roles/h2/minihuf.c @@ -0,0 +1,518 @@ +/* + * minilex.c + * + * High efficiency lexical state parser + * + * Copyright (C)2011-2014 Andy Green + * + * Licensed under LGPL2 + * + * Usage: gcc minihuf.c -o minihuf && ./minihuf > huftable.h + * + * Run it twice to test parsing on the generated table on stderr + */ + +#include +#include +#include + +#define ARRAY_SIZE(n) (sizeof(n) / sizeof(n[0])) + +struct huf { + unsigned int code; + unsigned char len; +}; + +static struct huf huf_literal[] = { + /* 0x00 */ { 0x1ff8, 13 }, + /* 0x01 */ { 0x7fffd8, 23 }, + /* 0x02 */ { 0xfffffe2, 28 }, + /* 0x03 */ { 0xfffffe3, 28 }, + /* 0x04 */ { 0xfffffe4, 28 }, + /* 0x05 */ { 0xfffffe5, 28 }, + /* 0x06 */ { 0xfffffe6, 28 }, + /* 0x07 */ { 0xfffffe7, 28 }, + /* 0x08 */ { 0xfffffe8, 28 }, + /* 0x09 */ { 0xffffea, 24 }, + /* 0x0a */ { 0x3ffffffc, 30 }, + /* 0x0b */ { 0xfffffe9, 28 }, + + /* 0x0c */ { 0xfffffea, 28 }, + /* 0x0d */ { 0x3ffffffd, 30 }, + /* 0x0e */ { 0xfffffeb, 28 }, + /* 0x0f */ { 0xfffffec, 28 }, + /* 0x10 */ { 0xfffffed, 28 }, + /* 0x11 */ { 0xfffffee, 28 }, + /* 0x12 */ { 0xfffffef, 28 }, + /* 0x13 */ { 0xffffff0, 28 }, + /* 0x14 */ { 0xffffff1, 28 }, + /* 0x15 */ { 0xffffff2, 28 }, + /* 0x16 */ { 0x3ffffffe, 30 }, + /* 0x17 */ { 0xffffff3, 28 }, + /* 0x18 */ { 0xffffff4, 28 }, + /* 0x19 */ { 0xffffff5, 28 }, + /* 0x1a */ { 0xffffff6, 28 }, + /* 0x1b */ { 0xffffff7, 28 }, + /* 0x1c */ { 0xffffff8, 28 }, + /* 0x1d */ { 0xffffff9, 28 }, + /* 0x1e */ { 0xffffffa, 28 }, + /* 0x1f */ { 0xffffffb, 28 }, + /* 0x20 */ { 0x14, 6 }, + /* 0x21 */ { 0x3f8, 10 }, + /* 0x22 */ { 0x3f9, 10 }, + /* 0x23 */ { 0xffa, 12 }, + /* 0x24 */ { 0x1ff9, 13 }, + /* 0x25 */ { 0x15, 6 }, + /* 0x26 */ { 0xf8, 8 }, + /* 0x27 */ { 0x7fa, 11 }, + /* 0x28 */ { 0x3fa, 10 }, + /* 0x29 */ { 0x3fb, 10 }, + /* 0x2a */ { 0xf9, 8 }, + /* 0x2b */ { 0x7fb, 11 }, + /* 0x2c */ { 0xfa, 8 }, + /* 0x2d */ { 0x16, 6 }, + /* 0x2e */ { 0x17, 6 }, + /* 0x2f */ { 0x18, 6 }, + /* 0x30 */ { 0x0, 5 }, + /* 0x31 */ { 0x1, 5 }, + /* 0x32 */ { 0x2, 5 }, + /* 0x33 */ { 0x19, 6 }, + /* 0x34 */ { 0x1a, 6 }, + /* 0x35 */ { 0x1b, 6 }, + /* 0x36 */ { 0x1c, 6 }, + /* 0x37 */ { 0x1d, 6 }, + /* 0x38 */ { 0x1e, 6 }, + /* 0x39 */ { 0x1f, 6 }, + /* 0x3a */ { 0x5c, 7 }, + /* 0x3b */ { 0xfb, 8 }, + + /* 0x3c */ { 0x7ffc, 15 }, + /* 0x3d */ { 0x20, 6 }, + /* 0x3e */ { 0xffb, 12 }, + /* 0x3f */ { 0x3fc, 10 }, + /* 0x40 */ { 0x1ffa, 13 }, + /* 0x41 */ { 0x21, 6 }, + /* 0x42 */ { 0x5d, 7 }, + /* 0x43 */ { 0x5e, 7 }, + /* 0x44 */ { 0x5f, 7 }, + /* 0x45 */ { 0x60, 7 }, + /* 0x46 */ { 0x61, 7 }, + /* 0x47 */ { 0x62, 7 }, + /* 0x48 */ { 0x63, 7 }, + /* 0x49 */ { 0x64, 7 }, + /* 0x4a */ { 0x65, 7 }, + /* 0x4b */ { 0x66, 7 }, + /* 0x4c */ { 0x67, 7 }, + /* 0x4d */ { 0x68, 7 }, + /* 0x4e */ { 0x69, 7 }, + /* 0x4f */ { 0x6a, 7 }, + /* 0x50 */ { 0x6b, 7 }, + /* 0x51 */ { 0x6c, 7 }, + /* 0x52 */ { 0x6d, 7 }, + /* 0x53 */ { 0x6e, 7 }, + /* 0x54 */ { 0x6f, 7 }, + /* 0x55 */ { 0x70, 7 }, + /* 0x56 */ { 0x71, 7 }, + /* 0x57 */ { 0x72, 7 }, + /* 0x58 */ { 0xfc, 8 }, + /* 0x59 */ { 0x73, 7 }, + /* 0x5a */ { 0xfd, 8 }, + /* 0x5b */ { 0x1ffb, 13 }, + /* 0x5c */ { 0x7fff0, 19 }, + /* 0x5d */ { 0x1ffc, 13 }, + /* 0x5e */ { 0x3ffc, 14 }, + /* 0x5f */ { 0x22, 6 }, + /* 0x60 */ { 0x7ffd, 15 }, + /* 0x61 */ { 0x3, 5 }, + /* 0x62 */ { 0x23, 6 }, + /* 0x63 */ { 0x4, 5 }, + /* 0x64 */ { 0x24, 6 }, + /* 0x65 */ { 0x5, 5 }, + /* 0x66 */ { 0x25, 6 }, + /* 0x67 */ { 0x26, 6 }, + /* 0x68 */ { 0x27, 6 }, + /* 0x69 */ { 0x6, 5 }, + /* 0x6a */ { 0x74, 7 }, + /* 0x6b */ { 0x75, 7 }, + + + /* 0x6c */ { 0x28, 6 }, + /* 0x6d */ { 0x29, 6 }, + /* 0x6e */ { 0x2a, 6 }, + /* 0x6f */ { 0x7, 5 }, + /* 0x70 */ { 0x2b, 6 }, + /* 0x71 */ { 0x76, 7 }, + /* 0x72 */ { 0x2c, 6 }, + /* 0x73 */ { 0x8, 5 }, + /* 0x74 */ { 0x9, 5 }, + /* 0x75 */ { 0x2d, 6 }, + /* 0x76 */ { 0x77, 7 }, + /* 0x77 */ { 0x78, 7 }, + /* 0x78 */ { 0x79, 7 }, + /* 0x79 */ { 0x7a, 7 }, + /* 0x7a */ { 0x7b, 7 }, + /* 0x7b */ { 0x7ffe, 15 }, + /* 0x7c */ { 0x7fc, 11 }, + /* 0x7d */ { 0x3ffd, 14 }, + /* 0x7e */ { 0x1ffd, 13 }, + /* 0x7f */ { 0xffffffc, 28 }, + /* 0x80 */ { 0xfffe6, 20 }, + /* 0x81 */ { 0x3fffd2, 22 }, + /* 0x82 */ { 0xfffe7, 20 }, + /* 0x83 */ { 0xfffe8, 20 }, + /* 0x84 */ { 0x3fffd3, 22 }, + /* 0x85 */ { 0x3fffd4, 22 }, + /* 0x86 */ { 0x3fffd5, 22 }, + /* 0x87 */ { 0x7fffd9, 23 }, + /* 0x88 */ { 0x3fffd6, 22 }, + /* 0x89 */ { 0x7fffda, 23 }, + /* 0x8a */ { 0x7fffdb, 23 }, + /* 0x8b */ { 0x7fffdc, 23 }, + /* 0x8c */ { 0x7fffdd, 23 }, + /* 0x8d */ { 0x7fffde, 23 }, + /* 0x8e */ { 0xffffeb, 24 }, + /* 0x8f */ { 0x7fffdf, 23 }, + /* 0x90 */ { 0xffffec, 24 }, + /* 0x91 */ { 0xffffed, 24 }, + /* 0x92 */ { 0x3fffd7, 22 }, + /* 0x93 */ { 0x7fffe0, 23 }, + /* 0x94 */ { 0xffffee, 24 }, + /* 0x95 */ { 0x7fffe1, 23 }, + /* 0x96 */ { 0x7fffe2, 23 }, + /* 0x97 */ { 0x7fffe3, 23 }, + /* 0x98 */ { 0x7fffe4, 23 }, + /* 0x99 */ { 0x1fffdc, 21 }, + /* 0x9a */ { 0x3fffd8, 22 }, + /* 0x9b */ { 0x7fffe5, 23 }, + + /* 0x9c */ { 0x3fffd9, 22 }, + /* 0x9d */ { 0x7fffe6, 23 }, + /* 0x9e */ { 0x7fffe7, 23 }, + /* 0x9f */ { 0xffffef, 24 }, + /* 0xa0 */ { 0x3fffda, 22 }, + /* 0xa1 */ { 0x1fffdd, 21 }, + /* 0xa2 */ { 0xfffe9, 20 }, + /* 0xa3 */ { 0x3fffdb, 22 }, + /* 0xa4 */ { 0x3fffdc, 22 }, + /* 0xa5 */ { 0x7fffe8, 23 }, + /* 0xa6 */ { 0x7fffe9, 23 }, + /* 0xa7 */ { 0x1fffde, 21 }, + /* 0xa8 */ { 0x7fffea, 23 }, + /* 0xa9 */ { 0x3fffdd, 22 }, + /* 0xaa */ { 0x3fffde, 22 }, + /* 0xab */ { 0xfffff0, 24 }, + /* 0xac */ { 0x1fffdf, 21 }, + /* 0xad */ { 0x3fffdf, 22 }, + /* 0xae */ { 0x7fffeb, 23 }, + /* 0xaf */ { 0x7fffec, 23 }, + /* 0xb0 */ { 0x1fffe0, 21 }, + /* 0xb1 */ { 0x1fffe1, 21 }, + /* 0xb2 */ { 0x3fffe0, 22 }, + /* 0xb3 */ { 0x1fffe2, 21 }, + /* 0xb4 */ { 0x7fffed, 23 }, + /* 0xb5 */ { 0x3fffe1, 22 }, + /* 0xb6 */ { 0x7fffee, 23 }, + /* 0xb7 */ { 0x7fffef, 23 }, + /* 0xb8 */ { 0xfffea, 20 }, + /* 0xb9 */ { 0x3fffe2, 22 }, + /* 0xba */ { 0x3fffe3, 22 }, + /* 0xbb */ { 0x3fffe4, 22 }, + /* 0xbc */ { 0x7ffff0, 23 }, + /* 0xbd */ { 0x3fffe5, 22 }, + /* 0xbe */ { 0x3fffe6, 22 }, + /* 0xbf */ { 0x7ffff1, 23 }, + /* 0xc0 */ { 0x3ffffe0, 26 }, + /* 0xc1 */ { 0x3ffffe1, 26 }, + /* 0xc2 */ { 0xfffeb, 20 }, + /* 0xc3 */ { 0x7fff1, 19 }, + /* 0xc4 */ { 0x3fffe7, 22 }, + /* 0xc5 */ { 0x7ffff2, 23 }, + /* 0xc6 */ { 0x3fffe8, 22 }, + /* 0xc7 */ { 0x1ffffec, 25 }, + /* 0xc8 */ { 0x3ffffe2, 26 }, + /* 0xc9 */ { 0x3ffffe3, 26 }, + /* 0xca */ { 0x3ffffe4, 26 }, + /* 0xcb */ { 0x7ffffde, 27 }, + + /* 0xcc */ { 0x7ffffdf, 27 }, + /* 0xcd */ { 0x3ffffe5, 26 }, + /* 0xce */ { 0xfffff1, 24 }, + /* 0xcf */ { 0x1ffffed, 25 }, + /* 0xd0 */ { 0x7fff2, 19 }, + /* 0xd1 */ { 0x1fffe3, 21 }, + /* 0xd2 */ { 0x3ffffe6, 26 }, + /* 0xd3 */ { 0x7ffffe0, 27 }, + /* 0xd4 */ { 0x7ffffe1, 27 }, + /* 0xd5 */ { 0x3ffffe7, 26 }, + /* 0xd6 */ { 0x7ffffe2, 27 }, + /* 0xd7 */ { 0xfffff2, 24 }, + /* 0xd8 */ { 0x1fffe4, 21 }, + /* 0xd9 */ { 0x1fffe5, 21 }, + /* 0xda */ { 0x3ffffe8, 26 }, + /* 0xdb */ { 0x3ffffe9, 26 }, + /* 0xdc */ { 0xffffffd, 28 }, + /* 0xdd */ { 0x7ffffe3, 27 }, + /* 0xde */ { 0x7ffffe4, 27 }, + /* 0xdf */ { 0x7ffffe5, 27 }, + /* 0xe0 */ { 0xfffec, 20 }, + /* 0xe1 */ { 0xfffff3, 24 }, + /* 0xe2 */ { 0xfffed, 20 }, + /* 0xe3 */ { 0x1fffe6, 21 }, + /* 0xe4 */ { 0x3fffe9, 22 }, + /* 0xe5 */ { 0x1fffe7, 21 }, + /* 0xe6 */ { 0x1fffe8, 21 }, + /* 0xe7 */ { 0x7ffff3, 23 }, + /* 0xe8 */ { 0x3fffea, 22 }, + /* 0xe9 */ { 0x3fffeb, 22 }, + /* 0xea */ { 0x1ffffee, 25 }, + /* 0xeb */ { 0x1ffffef, 25 }, + /* 0xec */ { 0xfffff4, 24 }, + /* 0xed */ { 0xfffff5, 24 }, + /* 0xee */ { 0x3ffffea, 26 }, + /* 0xef */ { 0x7ffff4, 23 }, + /* 0xf0 */ { 0x3ffffeb, 26 }, + /* 0xf1 */ { 0x7ffffe6, 27 }, + /* 0xf2 */ { 0x3ffffec, 26 }, + /* 0xf3 */ { 0x3ffffed, 26 }, + /* 0xf4 */ { 0x7ffffe7, 27 }, + /* 0xf5 */ { 0x7ffffe8, 27 }, + /* 0xf6 */ { 0x7ffffe9, 27 }, + /* 0xf7 */ { 0x7ffffea, 27 }, + /* 0xf8 */ { 0x7ffffeb, 27 }, + /* 0xf9 */ { 0xffffffe, 28 }, + /* 0xfa */ { 0x7ffffec, 27 }, + /* 0xfb */ { 0x7ffffed, 27 }, + + /* 0xfc */ { 0x7ffffee, 27 }, + /* 0xfd */ { 0x7ffffef, 27 }, + /* 0xfe */ { 0x7fffff0, 27 }, + /* 0xff */ { 0x3ffffee, 26 }, + /* 0x100 */ { 0x3fffffff, 30 }, +}; + +int code_bit(int idx, int bit) +{ + if (bit < huf_literal[idx].len) + return !!(huf_literal[idx].code & (1 << (huf_literal[idx].len - 1 - bit))); + + return -1; +} + +#include "huftable.h" + +#define PARALLEL 2 + +struct state { + int terminal; + int state[PARALLEL]; + int bytepos; + + int real_pos; +}; + +struct state state[2000]; +unsigned char terms[2000]; +int next = 1; + +int lextable_decode(int pos, char c) +{ + int q = pos + !!c; + + if (lextable_terms[q >> 3] & (1 << (q & 7))) /* terminal */ + return lextable[q] | 0x8000; + + return pos + (lextable[q] << 1); +} + +int main(void) +{ + int n = 0; + int m = 0; + int prev; + char c; + int walk; + int saw; + int y; + int j; + int q; + int pos = 0; + int biggest = 0; + int fails = 0; + + m = 0; + while (m < ARRAY_SIZE(state)) { + for (j = 0; j < PARALLEL; j++) { + state[m].state[j] = 0xffff; + state[m].terminal = 0; + } + m++; + } + + while (n < ARRAY_SIZE(huf_literal)) { + + m = 0; + walk = 0; + prev = 0; + + while (m < huf_literal[n].len) { + + saw = 0; + if (state[walk].state[code_bit(n, m)] != 0xffff) { + /* exists -- go forward */ + walk = state[walk].state[code_bit(n, m)]; + goto again; + } + + /* something we didn't see before */ + + state[walk].state[code_bit(n, m)] = next; + walk = next++; +again: + m++; + } + + state[walk].terminal = n++; + state[walk].state[0] = 0; /* terminal marker */ + } + + walk = 0; + for (n = 0; n < next; n++) { + state[n].bytepos = walk; + walk += (2 * 2); + } + + /* compute everyone's position first */ + + pos = 0; + walk = 0; + for (n = 0; n < next; n++) { + + state[n].real_pos = pos; + + if (state[n].state[0]) /* nonterminal */ + pos += 2; + + walk ++; + } + + fprintf(stdout, "static unsigned char lextable[] = {\n"); + +#define TERMINAL_MASK 0x8000 + + walk = 0; + pos = 0; + q = 0; + for (n = 0; n < next; n++) { + q = pos; + for (m = 0; m < 2; m++) { + saw = state[n].state[m]; + + if (saw == 0) { // c is a terminal then + m = 2; + continue; + } + if (!m) + fprintf(stdout, "/* pos %04x: %3d */ ", + state[n].real_pos, n); + else + fprintf(stdout, " "); + + if (saw == 0xffff) { + fprintf(stdout, + " 0xff, 0xff, /* 0 = fail */\n "); + pos ++; /* fail */ + fails++; + continue; + } + + if (state[saw].state[0] == 0) { /* points to terminal */ + fprintf(stdout, " /* terminal %d */ 0x%02X,\n", + state[saw].terminal, + state[saw].terminal & 0xff); + terms[(state[n].real_pos + m) >> 3] |= + 1 << ((state[n].real_pos + m) & 7); + pos++; + walk++; + continue; + } + + j = (state[saw].real_pos - q) >> 1; + + if (j > biggest) + biggest = j; + + if (j > 0xffff) { + fprintf(stderr, + "Jump > 64K bytes ahead (%d to %d)\n", + state[n].real_pos, state[saw].real_pos); + return 1; + } + + fprintf(stdout, " /* %d */ 0x%02X " + "/* (to 0x%04X state %3d) */,\n", + m, + j & 0xff, + state[saw].real_pos, saw); + pos++; + + walk++; + } + } + + fprintf(stdout, "/* total size %d bytes, biggest jump %d/256, fails=%d */\n};\n" + "\n static unsigned char lextable_terms[] = {\n", + pos, biggest, fails); + + for (n = 0; n < (walk + 7) / 8; n++) { + if (!(n & 7)) + fprintf(stdout, "\n\t"); + fprintf(stdout, "0x%02x, ", terms[n]); + } + fprintf(stdout, "\n};\n"); + + /* + * Try to parse every legal input string + */ + + for (n = 0; n < ARRAY_SIZE(huf_literal); n++) { + walk = 0; + m = 0; + y = -1; + + fprintf(stderr, " trying %d\n", n); + + while (m < huf_literal[n].len) { + prev = walk; + walk = lextable_decode(walk, code_bit(n, m)); + + if (walk == 0xffff) { + fprintf(stderr, "failed\n"); + return 3; + } + + if (walk & 0x8000) { + y = walk & 0x7fff; + if (y == 0 && m == 29) { + y |= 0x100; + fprintf(stdout, + "\n/* state that points to " + "0x100 for disambiguation with " + "0x0 */\n" + "#define HUFTABLE_0x100_PREV " + "%d\n", prev); + } + break; + } + m++; + } + + if (y != n) { + fprintf(stderr, "decode failed %d got %d (0x%x)\n", n, y, y); + return 4; + } + } + + fprintf(stderr, "All decode OK\n"); + + return 0; +} diff --git a/lib/roles/h2/ops-h2.c b/lib/roles/h2/ops-h2.c new file mode 100644 index 0000000..ded3ba2 --- /dev/null +++ b/lib/roles/h2/ops-h2.c @@ -0,0 +1,1082 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +/* + * These are the standardized defaults. + * Override what actually goes in the vhost settings in platform or user code. + * Leave these alone because they are used to determine "what is different + * from the protocol defaults". + */ +const struct http2_settings lws_h2_defaults = { { + 1, + /* H2SET_HEADER_TABLE_SIZE */ 4096, + /* *** This controls how many entries in the dynamic table *** + * Allows the sender to inform the remote endpoint of the maximum + * size of the header compression table used to decode header + * blocks, in octets. The encoder can select any size equal to or + * less than this value by using signaling specific to the header + * compression format inside a header block (see [COMPRESSION]). + * The initial value is 4,096 octets. + */ + /* H2SET_ENABLE_PUSH */ 1, + /* H2SET_MAX_CONCURRENT_STREAMS */ 0x7fffffff, + /* H2SET_INITIAL_WINDOW_SIZE */ 65535, + /* H2SET_MAX_FRAME_SIZE */ 16384, + /* H2SET_MAX_HEADER_LIST_SIZE */ 0x7fffffff, + /*< This advisory setting informs a peer of the maximum size of + * header list that the sender is prepared to accept, in octets. + * The value is based on the uncompressed size of header fields, + * including the length of the name and value in octets plus an + * overhead of 32 octets for each header field. + */ + /* H2SET_RESERVED7 */ 0, + /* H2SET_ENABLE_CONNECT_PROTOCOL */ 0, +}}; + +/* these are the "lws defaults"... they can be overridden in plat */ + +const struct http2_settings lws_h2_stock_settings = { { + 1, + /* H2SET_HEADER_TABLE_SIZE */ 65536, /* ffox */ + /* *** This controls how many entries in the dynamic table *** + * Allows the sender to inform the remote endpoint of the maximum + * size of the header compression table used to decode header + * blocks, in octets. The encoder can select any size equal to or + * less than this value by using signaling specific to the header + * compression format inside a header block (see [COMPRESSION]). + * The initial value is 4,096 octets. + * + * Can't pass h2spec with less than 4096 here... + */ + /* H2SET_ENABLE_PUSH */ 1, + /* H2SET_MAX_CONCURRENT_STREAMS */ 24, + /* H2SET_INITIAL_WINDOW_SIZE */ 65535, + /* H2SET_MAX_FRAME_SIZE */ 16384, + /* H2SET_MAX_HEADER_LIST_SIZE */ 4096, + /*< This advisory setting informs a peer of the maximum size of + * header list that the sender is prepared to accept, in octets. + * The value is based on the uncompressed size of header fields, + * including the length of the name and value in octets plus an + * overhead of 32 octets for each header field. + */ + /* H2SET_RESERVED7 */ 0, + /* H2SET_ENABLE_CONNECT_PROTOCOL */ 1, +}}; + +static int +rops_handle_POLLIN_h2(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ + struct lws_tokens eff_buf; + unsigned int pending = 0; + char draining_flow = 0; + struct lws *wsi1; + int n; + +#ifdef LWS_WITH_CGI + if (wsi->cgi && (pollfd->revents & LWS_POLLOUT)) { + if (lws_handle_POLLOUT_event(wsi, pollfd)) + return LWS_HPI_RET_CLOSE_HANDLED; + + return LWS_HPI_RET_HANDLED; + } +#endif + + lwsl_info("%s: wsistate 0x%x, pollout %d\n", __func__, + wsi->wsistate, pollfd->revents & LWS_POLLOUT); + + /* + * something went wrong with parsing the handshake, and + * we ended up back in the event loop without completing it + */ + if (lwsi_state(wsi) == LRS_PRE_WS_SERVING_ACCEPT) { + wsi->socket_is_permanently_unusable = 1; + return LWS_HPI_RET_CLOSE_HANDLED; + } + + if (lwsi_state(wsi) == LRS_WAITING_CONNECT) { +#if !defined(LWS_NO_CLIENT) + if ((pollfd->revents & LWS_POLLOUT) && + lws_handle_POLLOUT_event(wsi, pollfd)) { + lwsl_debug("POLLOUT event closed it\n"); + return LWS_HPI_RET_CLOSE_HANDLED; + } + + n = lws_client_socket_service(wsi, pollfd, NULL); + if (n) + return LWS_HPI_RET_DIE; +#endif + return LWS_HPI_RET_HANDLED; + } + + /* 1: something requested a callback when it was OK to write */ + + if ((pollfd->revents & LWS_POLLOUT) && + lwsi_state_can_handle_POLLOUT(wsi) && + lws_handle_POLLOUT_event(wsi, pollfd)) { + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) + lwsi_set_state(wsi, LRS_FLUSHING_BEFORE_CLOSE); + /* the write failed... it's had it */ + wsi->socket_is_permanently_unusable = 1; + + return LWS_HPI_RET_CLOSE_HANDLED; + } + + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || + lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE || + lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) { + /* + * we stopped caring about anything except control + * packets. Force flow control off, defeat tx + * draining. + */ + lws_rx_flow_control(wsi, 1); + if (wsi->ws) + wsi->ws->tx_draining_ext = 0; + } + + if (lws_is_flowcontrolled(wsi)) + /* We cannot deal with any kind of new RX because we are + * RX-flowcontrolled. + */ + return LWS_HPI_RET_HANDLED; + + if (wsi->http2_substream || wsi->upgraded_to_http2) { + wsi1 = lws_get_network_wsi(wsi); + if (wsi1 && wsi1->trunc_len) + /* We cannot deal with any kind of new RX + * because we are dealing with a partial send + * (new RX may trigger new http_action() that + * expect to be able to send) + */ + return LWS_HPI_RET_HANDLED; + } + + /* 3: RX Flowcontrol buffer / h2 rx scratch needs to be drained + */ + + if (wsi->rxflow_buffer) { + lwsl_info("draining rxflow (len %d)\n", + wsi->rxflow_len - wsi->rxflow_pos); + assert(wsi->rxflow_pos < wsi->rxflow_len); + /* well, drain it */ + eff_buf.token = (char *)wsi->rxflow_buffer + + wsi->rxflow_pos; + eff_buf.token_len = wsi->rxflow_len - wsi->rxflow_pos; + draining_flow = 1; + goto drain; + } + + if (wsi->upgraded_to_http2) { + struct lws_h2_netconn *h2n = wsi->h2.h2n; + + if (h2n->rx_scratch_len) { + lwsl_info("%s: %p: h2 rx pos = %d len = %d\n", + __func__, wsi, h2n->rx_scratch_pos, + h2n->rx_scratch_len); + eff_buf.token = (char *)h2n->rx_scratch + + h2n->rx_scratch_pos; + eff_buf.token_len = h2n->rx_scratch_len; + + h2n->rx_scratch_len = 0; + goto drain; + } + } + + /* 4: any incoming (or ah-stashed incoming rx) data ready? + * notice if rx flow going off raced poll(), rx flow wins + */ + + if (!(pollfd->revents & pollfd->events & LWS_POLLIN)) + return LWS_HPI_RET_HANDLED; + +read: + if (lws_is_flowcontrolled(wsi)) { + lwsl_info("%s: %p should be rxflow (bm 0x%x)..\n", + __func__, wsi, wsi->rxflow_bitmap); + return LWS_HPI_RET_HANDLED; + } + + if (wsi->ah && wsi->ah->rxlen - wsi->ah->rxpos) { + lwsl_info("%s: %p: inherited ah rx %d\n", __func__, + wsi, wsi->ah->rxlen - wsi->ah->rxpos); + eff_buf.token_len = wsi->ah->rxlen - wsi->ah->rxpos; + eff_buf.token = (char *)wsi->ah->rx + wsi->ah->rxpos; + } else { + if (!(lwsi_role_client(wsi) && + (lwsi_state(wsi) != LRS_ESTABLISHED && + lwsi_state(wsi) != LRS_H2_WAITING_TO_SEND_HEADERS))) { + /* + * extension may not consume everything + * (eg, pmd may be constrained + * as to what it can output...) has to go in + * per-wsi rx buf area. + * Otherwise in large temp serv_buf area. + */ + + if (wsi->upgraded_to_http2) { + if (!wsi->h2.h2n->rx_scratch) { + wsi->h2.h2n->rx_scratch = + lws_malloc( + wsi->vhost->h2_rx_scratch_size, + "h2 rx scratch"); + if (!wsi->h2.h2n->rx_scratch) + return LWS_HPI_RET_CLOSE_HANDLED; + } + eff_buf.token = wsi->h2.h2n->rx_scratch; + eff_buf.token_len = wsi->vhost->h2_rx_scratch_size; + } else { + eff_buf.token = (char *)pt->serv_buf; + eff_buf.token_len = + wsi->context->pt_serv_buf_size; + + if ((unsigned int)eff_buf.token_len > + wsi->context->pt_serv_buf_size) + eff_buf.token_len = + wsi->context->pt_serv_buf_size; + } + + if ((int)pending > eff_buf.token_len) + pending = eff_buf.token_len; + + eff_buf.token_len = lws_ssl_capable_read(wsi, + (unsigned char *)eff_buf.token, + pending ? (int)pending : + eff_buf.token_len); + switch (eff_buf.token_len) { + case 0: + lwsl_info("%s: zero length read\n", + __func__); + return LWS_HPI_RET_CLOSE_HANDLED; + case LWS_SSL_CAPABLE_MORE_SERVICE: + lwsl_info("SSL Capable more service\n"); + return LWS_HPI_RET_HANDLED; + case LWS_SSL_CAPABLE_ERROR: + lwsl_info("%s: LWS_SSL_CAPABLE_ERROR\n", + __func__); + return LWS_HPI_RET_CLOSE_HANDLED; + } + // lwsl_notice("Actual RX %d\n", eff_buf.token_len); + } + } + +drain: +#ifndef LWS_NO_CLIENT + if (lwsi_role_http(wsi) && lwsi_role_client(wsi) && + wsi->hdr_parsing_completed && !wsi->told_user_closed) { + + /* + * In SSL mode we get POLLIN notification about + * encrypted data in. + * + * But that is not necessarily related to decrypted + * data out becoming available; in may need to perform + * other in or out before that happens. + * + * simply mark ourselves as having readable data + * and turn off our POLLIN + */ + wsi->client_rx_avail = 1; + lws_change_pollfd(wsi, LWS_POLLIN, 0); + + /* let user code know, he'll usually ask for writeable + * callback and drain / re-enable it there + */ + if (user_callback_handle_rxflow( + wsi->protocol->callback, + wsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP, + wsi->user_space, NULL, 0)) { + lwsl_info("RECEIVE_CLIENT_HTTP closed it\n"); + return LWS_HPI_RET_CLOSE_HANDLED; + } + + return LWS_HPI_RET_HANDLED; + } +#endif + + /* service incoming data */ + + if (eff_buf.token_len) { + /* + * if draining from rxflow buffer, not + * critical to track what was used since at the + * use it bumps wsi->rxflow_pos. If we come + * around again it will pick up from where it + * left off. + */ + + if (lwsi_role_h2(wsi) && lwsi_state(wsi) != LRS_BODY) + n = lws_read_h2(wsi, (unsigned char *)eff_buf.token, + eff_buf.token_len); + else + n = lws_read_h1(wsi, (unsigned char *)eff_buf.token, + eff_buf.token_len); + + if (n < 0) { + /* we closed wsi */ + n = 0; + return LWS_HPI_RET_DIE; + } + } + + eff_buf.token = NULL; + eff_buf.token_len = 0; + + if (wsi->ah +#if !defined(LWS_NO_CLIENT) + && !wsi->client_h2_alpn +#endif + ) { + lwsl_info("%s: %p: detaching ah\n", __func__, wsi); + lws_header_table_force_to_detachable_state(wsi); + lws_header_table_detach(wsi, 0); + } + + pending = lws_ssl_pending(wsi); + if (pending) { + pending = pending > wsi->context->pt_serv_buf_size ? + wsi->context->pt_serv_buf_size : pending; + goto read; + } + + if (draining_flow && wsi->rxflow_buffer && + wsi->rxflow_pos == wsi->rxflow_len) { + lwsl_info("%s: %p flow buf: drained\n", __func__, wsi); + lws_free_set_NULL(wsi->rxflow_buffer); + /* having drained the rxflow buffer, can rearm POLLIN */ +#ifdef LWS_NO_SERVER + n = +#endif + __lws_rx_flow_control(wsi); + /* n ignored, needed for NO_SERVER case */ + } + + /* n = 0 */ + return LWS_HPI_RET_HANDLED; +} + +int rops_handle_POLLOUT_h2(struct lws *wsi) +{ + // lwsl_notice("%s\n", __func__); + + if (lwsi_state(wsi) == LRS_ISSUE_HTTP_BODY) + return LWS_HP_RET_USER_SERVICE; + + /* + * Priority 2: H2 protocol packets + */ + if ((wsi->upgraded_to_http2 +#if !defined(LWS_NO_CLIENT) + || wsi->client_h2_alpn +#endif + ) && wsi->h2.h2n->pps) { + lwsl_info("servicing pps\n"); + if (lws_h2_do_pps_send(wsi)) { + wsi->socket_is_permanently_unusable = 1; + return LWS_HP_RET_BAIL_DIE; + } + if (wsi->h2.h2n->pps) + return LWS_HP_RET_BAIL_OK; + + /* we can resume whatever we were doing */ + lws_rx_flow_control(wsi, LWS_RXFLOW_REASON_APPLIES_ENABLE | + LWS_RXFLOW_REASON_H2_PPS_PENDING); + + return LWS_HP_RET_BAIL_OK; /* leave POLLOUT active */ + } + + /* Priority 4: if we are closing, not allowed to send more data frags + * which means user callback or tx ext flush banned now + */ + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) + return LWS_HP_RET_USER_SERVICE; + + return LWS_HP_RET_USER_SERVICE; +} + +static int +rops_service_flag_pending_h2(struct lws_context *context, int tsi) +{ + /* h1 will deal with this if both h1 and h2 enabled */ + +#if !defined(LWS_ROLE_H1) + struct lws_context_per_thread *pt = &context->pt[tsi]; + struct allocated_headers *ah; + int forced = 0; + + /* POLLIN faking (the pt lock is taken by the parent) */ + + /* + * 3) For any wsi who have an ah with pending RX who did not + * complete their current headers, and are not flowcontrolled, + * fake their POLLIN status so they will be able to drain the + * rx buffered in the ah + */ + ah = pt->ah_list; + while (ah) { + if ((ah->rxpos != ah->rxlen && + !ah->wsi->hdr_parsing_completed) || ah->wsi->preamble_rx) { + pt->fds[ah->wsi->position_in_fds_table].revents |= + pt->fds[ah->wsi->position_in_fds_table].events & + LWS_POLLIN; + if (pt->fds[ah->wsi->position_in_fds_table].revents & + LWS_POLLIN) { + forced = 1; + break; + } + } + ah = ah->next; + } + + return forced; +#else + return 0; +#endif +} + +static int +rops_write_role_protocol_h2(struct lws *wsi, unsigned char *buf, size_t len, + enum lws_write_protocol *wp) +{ + unsigned char flags = 0; + int n; + + /* if not in a state to send stuff, then just send nothing */ + + if (!lwsi_role_ws(wsi) && + ((*wp) & 0x1f) != LWS_WRITE_HTTP && + ((*wp) & 0x1f) != LWS_WRITE_HTTP_FINAL && + ((*wp) & 0x1f) != LWS_WRITE_HTTP_HEADERS_CONTINUATION && + ((*wp) & 0x1f) != LWS_WRITE_HTTP_HEADERS && + ((lwsi_state(wsi) != LRS_RETURNED_CLOSE && + lwsi_state(wsi) != LRS_WAITING_TO_SEND_CLOSE && + lwsi_state(wsi) != LRS_AWAITING_CLOSE_ACK) || + ((*wp) & 0x1f) != LWS_WRITE_CLOSE)) { + //assert(0); + lwsl_notice("binning wsistate 0x%x %d\n", wsi->wsistate, *wp); + return 0; + } + + /* + * ws-over-h2 also ends up here after the ws framing applied + */ + + n = LWS_H2_FRAME_TYPE_DATA; + if ((*wp & 0x1f) == LWS_WRITE_HTTP_HEADERS) { + n = LWS_H2_FRAME_TYPE_HEADERS; + if (!((*wp) & LWS_WRITE_NO_FIN)) + flags = LWS_H2_FLAG_END_HEADERS; + if (wsi->h2.send_END_STREAM || + ((*wp) & LWS_WRITE_H2_STREAM_END)) { + flags |= LWS_H2_FLAG_END_STREAM; + wsi->h2.send_END_STREAM = 1; + } + } + + if ((*wp & 0x1f) == LWS_WRITE_HTTP_HEADERS_CONTINUATION) { + n = LWS_H2_FRAME_TYPE_CONTINUATION; + if (!((*wp) & LWS_WRITE_NO_FIN)) + flags = LWS_H2_FLAG_END_HEADERS; + if (wsi->h2.send_END_STREAM || + ((*wp) & LWS_WRITE_H2_STREAM_END)) { + flags |= LWS_H2_FLAG_END_STREAM; + wsi->h2.send_END_STREAM = 1; + } + } + + if (((*wp & 0x1f) == LWS_WRITE_HTTP || + (*wp & 0x1f) == LWS_WRITE_HTTP_FINAL) && + wsi->http.tx_content_length) { + wsi->http.tx_content_remain -= len; + lwsl_info("%s: wsi %p: tx_content_remain = %llu\n", + __func__, wsi, + (unsigned long long)wsi->http.tx_content_remain); + if (!wsi->http.tx_content_remain) { + lwsl_info("%s: selecting final write mode\n", + __func__); + *wp = LWS_WRITE_HTTP_FINAL; + } + } + + if ((*wp & 0x1f) == LWS_WRITE_HTTP_FINAL || + ((*wp) & LWS_WRITE_H2_STREAM_END)) { + //lws_get_network_wsi(wsi)->h2.END_STREAM) { + lwsl_info("%s: setting END_STREAM\n", __func__); + flags |= LWS_H2_FLAG_END_STREAM; + wsi->h2.send_END_STREAM = 1; + } + + return lws_h2_frame_write(wsi, n, flags, wsi->h2.my_sid, + (int)len, buf); +} + +static int +rops_check_upgrades_h2(struct lws *wsi) +{ +#if defined(LWS_ROLE_WS) + struct lws *nwsi; + char *p; + + /* + * with H2 there's also a way to upgrade a stream to something + * else... :method is CONNECT and :protocol says the name of + * the new protocol we want to carry. We have to have sent a + * SETTINGS saying that we support it though. + */ + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_METHOD); + if (!wsi->vhost->set.s[H2SET_ENABLE_CONNECT_PROTOCOL] || + !wsi->http2_substream || !p || strcmp(p, "CONNECT")) + return LWS_UPG_RET_CONTINUE; + + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_COLON_PROTOCOL); + if (!p || strcmp(p, "websocket")) + return LWS_UPG_RET_CONTINUE; + + nwsi = lws_get_network_wsi(wsi); + + wsi->vhost->conn_stats.ws_upg++; + lwsl_info("Upgrade h2 to ws\n"); + wsi->h2_stream_carries_ws = 1; + nwsi->ws_over_h2_count++; + if (lws_process_ws_upgrade(wsi)) + return LWS_UPG_RET_BAIL; + + if (nwsi->ws_over_h2_count == 1) + lws_set_timeout(nwsi, NO_PENDING_TIMEOUT, 0); + + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + lwsl_info("Upgraded h2 to ws OK\n"); + + return LWS_UPG_RET_DONE; +#else + return LWS_UPG_RET_CONTINUE; +#endif +} + +static int +rops_init_vhost_h2(struct lws_vhost *vh, + struct lws_context_creation_info *info) +{ + if (!info->h2_rx_scratch_size) + vh->h2_rx_scratch_size = LWS_H2_RX_SCRATCH_SIZE; + else + vh->h2_rx_scratch_size = info->h2_rx_scratch_size; + + return 0; +} + +static int +rops_init_context_h2(struct lws_context *context, + struct lws_context_creation_info *info) +{ + context->set = lws_h2_stock_settings; + + return 0; +} + +static lws_filepos_t +rops_tx_credit_h2(struct lws *wsi) +{ + return lws_h2_tx_cr_get(wsi); +} + +static int +rops_destroy_role_h2(struct lws *wsi) +{ + if (wsi->upgraded_to_http2 || wsi->http2_substream) { + lws_hpack_destroy_dynamic_header(wsi); + + if (wsi->h2.h2n) + lws_free_set_NULL(wsi->h2.h2n); + } + + return 0; +} + +static int +rops_close_kill_connection_h2(struct lws *wsi, enum lws_close_status reason) +{ + struct lws *wsi2; + + if (wsi->http2_substream && wsi->h2_stream_carries_ws) + lws_h2_rst_stream(wsi, 0, "none"); + + if (wsi->h2.parent_wsi) { + lwsl_info(" wsi: %p, his parent %p: siblings:\n", wsi, + wsi->h2.parent_wsi); + lws_start_foreach_llp(struct lws **, w, + wsi->h2.parent_wsi->h2.child_list) { + lwsl_info(" \\---- child %p\n", *w); + } lws_end_foreach_llp(w, h2.sibling_list); + } + + if (wsi->upgraded_to_http2 || wsi->http2_substream || wsi->client_h2_substream) { + lwsl_info("closing %p: parent %p\n", wsi, wsi->h2.parent_wsi); + + if (wsi->h2.child_list) { + lwsl_info(" parent %p: closing children: list:\n", wsi); + lws_start_foreach_llp(struct lws **, w, + wsi->h2.child_list) { + lwsl_info(" \\---- child %p\n", *w); + } lws_end_foreach_llp(w, h2.sibling_list); + /* trigger closing of all of our http2 children first */ + lws_start_foreach_llp(struct lws **, w, + wsi->h2.child_list) { + lwsl_info(" closing child %p\n", *w); + /* disconnect from siblings */ + wsi2 = (*w)->h2.sibling_list; + (*w)->h2.sibling_list = NULL; + (*w)->socket_is_permanently_unusable = 1; + __lws_close_free_wsi(*w, reason, "h2 child recurse"); + *w = wsi2; + continue; + } lws_end_foreach_llp(w, h2.sibling_list); + } + } + + if (wsi->upgraded_to_http2) { + /* remove pps */ + struct lws_h2_protocol_send *w = wsi->h2.h2n->pps, *w1; + while (w) { + w1 = w->next; + free(w); + w = w1; + } + wsi->h2.h2n->pps = NULL; + } + + if ((wsi->client_h2_substream || wsi->http2_substream) && + wsi->h2.parent_wsi) { + lwsl_info(" %p: disentangling from siblings\n", wsi); + lws_start_foreach_llp(struct lws **, w, + wsi->h2.parent_wsi->h2.child_list) { + /* disconnect from siblings */ + if (*w == wsi) { + wsi2 = (*w)->h2.sibling_list; + (*w)->h2.sibling_list = NULL; + *w = wsi2; + lwsl_info(" %p disentangled from sibling %p\n", + wsi, wsi2); + break; + } + } lws_end_foreach_llp(w, h2.sibling_list); + wsi->h2.parent_wsi->h2.child_count--; + wsi->h2.parent_wsi = NULL; + if (wsi->h2.pending_status_body) + lws_free_set_NULL(wsi->h2.pending_status_body); + } + + if (wsi->h2_stream_carries_ws) { + struct lws *nwsi = lws_get_network_wsi(wsi); + + nwsi->ws_over_h2_count++; + /* if no ws, then put a timeout on the parent wsi */ + if (!nwsi->ws_over_h2_count) + __lws_set_timeout(nwsi, + PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE, 31); + } + + if (wsi->upgraded_to_http2 && wsi->h2.h2n && + wsi->h2.h2n->rx_scratch) + lws_free_set_NULL(wsi->h2.h2n->rx_scratch); + + return 0; +} + +static int +rops_callback_on_writable_h2(struct lws *wsi) +{ + struct lws *network_wsi, *wsi2; + int already; + + //lwsl_notice("%s: %p (wsistate 0x%x)\n", __func__, wsi, wsi->wsistate); + +// if (!lwsi_role_h2(wsi) && !lwsi_role_h2_ENCAPSULATION(wsi)) +// return 0; + + if (wsi->h2.requested_POLLOUT +#if !defined(LWS_NO_CLIENT) + && !wsi->client_h2_alpn +#endif + ) { + lwsl_debug("already pending writable\n"); + return 1; + } + + /* is this for DATA or for control messages? */ + if (wsi->upgraded_to_http2 && !wsi->h2.h2n->pps && + !lws_h2_tx_cr_get(wsi)) { + /* + * other side is not able to cope with us sending DATA + * anything so no matter if we have POLLOUT on our side if it's + * DATA we want to send. + * + * Delay waiting for our POLLOUT until peer indicates he has + * space for more using tx window command in http2 layer + */ + lwsl_notice("%s: %p: skint (%d)\n", __func__, wsi, + wsi->h2.tx_cr); + wsi->h2.skint = 1; + return 0; + } + + wsi->h2.skint = 0; + network_wsi = lws_get_network_wsi(wsi); + already = network_wsi->h2.requested_POLLOUT; + + /* mark everybody above him as requesting pollout */ + + wsi2 = wsi; + while (wsi2) { + wsi2->h2.requested_POLLOUT = 1; + lwsl_info("mark %p pending writable\n", wsi2); + wsi2 = wsi2->h2.parent_wsi; + } + + /* for network action, act only on the network wsi */ + + wsi = network_wsi; + if (already && !wsi->client_h2_alpn +#if !defined(LWS_NO_CLIENT) + && !wsi->client_h2_substream +#endif + ) + return 1; + + return 0; +} + +static int +rops_perform_user_POLLOUT_h2(struct lws *wsi) +{ + /* + * we are the 'network wsi' for potentially many muxed child wsi with + * no network connection of their own, who have to use us for all their + * network actions. So we use a round-robin scheme to share out the + * POLLOUT notifications to our children. + * + * But because any child could exhaust the socket's ability to take + * writes, we can only let one child get notified each time. + * + * In addition children may be closed / deleted / added between POLLOUT + * notifications, so we can't hold pointers + */ + struct lws **wsi2, *wsi2a; + int write_type = LWS_WRITE_PONG, n; + + wsi = lws_get_network_wsi(wsi); + + wsi->h2.requested_POLLOUT = 0; + if (!wsi->h2.initialized) { + lwsl_info("pollout on uninitialized http2 conn\n"); + return 0; + } + + lwsl_info("%s: %p: children waiting for POLLOUT service:\n", __func__, wsi); + wsi2a = wsi->h2.child_list; + while (wsi2a) { + if (wsi2a->h2.requested_POLLOUT) + lwsl_info(" * %p %s\n", wsi2a, wsi2a->protocol->name); + else + lwsl_info(" %p %s\n", wsi2a, wsi2a->protocol->name); + + wsi2a = wsi2a->h2.sibling_list; + } + + wsi2 = &wsi->h2.child_list; + if (!*wsi2) + return 0; + + do { + struct lws *w, **wa; + + wa = &(*wsi2)->h2.sibling_list; + if (!(*wsi2)->h2.requested_POLLOUT) + goto next_child; + + /* + * we're going to do writable callback for this child. + * move him to be the last child + */ + + lwsl_debug("servicing child %p\n", *wsi2); + + w = *wsi2; + while (w) { + if (!w->h2.sibling_list) { /* w is the current last */ + lwsl_debug("w=%p, *wsi2 = %p\n", w, *wsi2); + if (w == *wsi2) /* we are already last */ + break; + /* last points to us as new last */ + w->h2.sibling_list = *wsi2; + /* guy pointing to us until now points to + * our old next */ + *wsi2 = (*wsi2)->h2.sibling_list; + /* we point to nothing because we are last */ + w->h2.sibling_list->h2.sibling_list = NULL; + /* w becomes us */ + w = w->h2.sibling_list; + break; + } + w = w->h2.sibling_list; + } + + w->h2.requested_POLLOUT = 0; + lwsl_info("%s: child %p (state %d)\n", __func__, w, lwsi_state(w)); + + /* if we arrived here, even by looping, we checked choked */ + w->could_have_pending = 0; + wsi->could_have_pending = 0; + + if (w->h2.pending_status_body) { + w->h2.send_END_STREAM = 1; + n = lws_write(w, (uint8_t *)w->h2.pending_status_body + + LWS_PRE, + strlen(w->h2.pending_status_body + + LWS_PRE), LWS_WRITE_HTTP_FINAL); + lws_free_set_NULL(w->h2.pending_status_body); + lws_close_free_wsi(w, LWS_CLOSE_STATUS_NOSTATUS, "h2 end stream 1"); + wa = &wsi->h2.child_list; + goto next_child; + } + + if (lwsi_state(w) == LRS_H2_WAITING_TO_SEND_HEADERS) { + if (lws_h2_client_handshake(w)) + return -1; + + goto next_child; + } + + if (lwsi_state(w) == LRS_DEFERRING_ACTION) { + + /* + * we had to defer the http_action to the POLLOUT + * handler, because we know it will send something and + * only in the POLLOUT handler do we know for sure + * that there is no partial pending on the network wsi. + */ + + lwsi_set_state(w, LRS_ESTABLISHED); + + lwsl_info(" h2 action start...\n"); + n = lws_http_action(w); + lwsl_info(" h2 action result %d " + "(wsi->http.rx_content_remain %lld)\n", + n, w->http.rx_content_remain); + + /* + * Commonly we only managed to start a larger transfer + * that will complete asynchronously under its own wsi + * states. In those cases we will hear about + * END_STREAM going out in the POLLOUT handler. + */ + if (n || w->h2.send_END_STREAM) { + lwsl_info("closing stream after h2 action\n"); + lws_close_free_wsi(w, LWS_CLOSE_STATUS_NOSTATUS, "h2 end stream"); + wa = &wsi->h2.child_list; + } + + goto next_child; + } + + if (lwsi_state(w) == LRS_ISSUING_FILE) { + + ((volatile struct lws *)w)->leave_pollout_active = 0; + + /* >0 == completion, <0 == error + * + * We'll get a LWS_CALLBACK_HTTP_FILE_COMPLETION + * callback when it's done. That's the case even if we + * just completed the send, so wait for that. + */ + n = lws_serve_http_file_fragment(w); + lwsl_debug("lws_serve_http_file_fragment says %d\n", n); + + /* + * We will often hear about out having sent the final + * DATA here... if so close the actual wsi + */ + if (n < 0 || w->h2.send_END_STREAM) { + lwsl_debug("Closing POLLOUT child %p\n", w); + lws_close_free_wsi(w, LWS_CLOSE_STATUS_NOSTATUS, "h2 end stream file"); + wa = &wsi->h2.child_list; + goto next_child; + } + if (n > 0) + if (lws_http_transaction_completed(w)) + return -1; + if (!n) { + lws_callback_on_writable(w); + (w)->h2.requested_POLLOUT = 1; + } + + goto next_child; + } + + /* Notify peer that we decided to close */ + + if (lwsi_state(w) == LRS_WAITING_TO_SEND_CLOSE) { + lwsl_debug("sending close packet\n"); + w->waiting_to_send_close_frame = 0; + n = lws_write(w, &w->ws->ping_payload_buf[LWS_PRE], + w->ws->close_in_ping_buffer_len, + LWS_WRITE_CLOSE); + if (n >= 0) { + lwsi_set_state(w, LRS_AWAITING_CLOSE_ACK); + lws_set_timeout(w, PENDING_TIMEOUT_CLOSE_ACK, 5); + lwsl_debug("sent close indication, awaiting ack\n"); + } + + goto next_child; + } + + /* Acknowledge receipt of peer's notification he closed, + * then logically close ourself */ + + if ((lwsi_role_ws(w) && w->ws->ping_pending_flag) || + (lwsi_state(w) == LRS_RETURNED_CLOSE && + w->ws->payload_is_close)) { + + if (w->ws->payload_is_close) + write_type = LWS_WRITE_CLOSE | + LWS_WRITE_H2_STREAM_END; + + n = lws_write(w, &w->ws->ping_payload_buf[LWS_PRE], + w->ws->ping_payload_len, write_type); + if (n < 0) + return -1; + + /* well he is sent, mark him done */ + w->ws->ping_pending_flag = 0; + if (w->ws->payload_is_close) { + /* oh... a close frame was it... then we are done */ + lwsl_debug("Acknowledged peer's close packet\n"); + w->ws->payload_is_close = 0; + lwsi_set_state(w, LRS_RETURNED_CLOSE); + lws_close_free_wsi(w, LWS_CLOSE_STATUS_NOSTATUS, "returned close packet"); + wa = &wsi->h2.child_list; + goto next_child; + } + + lws_callback_on_writable(w); + (w)->h2.requested_POLLOUT = 1; + + /* otherwise for PING, leave POLLOUT active either way */ + goto next_child; + } + + if (lws_callback_as_writeable(w)) { + lwsl_info("Closing POLLOUT child (end stream %d)\n", w->h2.send_END_STREAM); + lws_close_free_wsi(w, LWS_CLOSE_STATUS_NOSTATUS, "h2 pollout handle"); + wa = &wsi->h2.child_list; + } else + if (w->h2.send_END_STREAM) + lws_h2_state(w, LWS_H2_STATE_HALF_CLOSED_LOCAL); + +next_child: + wsi2 = wa; + } while (wsi2 && *wsi2 && !lws_send_pipe_choked(wsi)); + + lwsl_info("%s: %p: children waiting for POLLOUT service: %p\n", + __func__, wsi, wsi->h2.child_list); + wsi2a = wsi->h2.child_list; + while (wsi2a) { + if (wsi2a->h2.requested_POLLOUT) + lwsl_debug(" * %p\n", wsi2a); + else + lwsl_debug(" %p\n", wsi2a); + + wsi2a = wsi2a->h2.sibling_list; + } + + + wsi2a = wsi->h2.child_list; + while (wsi2a) { + if (wsi2a->h2.requested_POLLOUT) { + lws_change_pollfd(wsi, 0, LWS_POLLOUT); + break; + } + wsi2a = wsi2a->h2.sibling_list; + } + + return 0; +} + +static int +rops_rxflow_cache_h2(struct lws *wsi, unsigned char *buf, int n, int len) +{ + struct lws_h2_netconn *h2n; + + if (!wsi->upgraded_to_http2) + return 0; /* parent interprets as continue */ + + h2n = wsi->h2.h2n; + + assert(h2n->rx_scratch); + buf += n; + len -= n; + assert ((char *)buf >= (char *)h2n->rx_scratch && + (char *)&buf[len] <= + (char *)&h2n->rx_scratch[wsi->vhost->h2_rx_scratch_size]); + + h2n->rx_scratch_pos = lws_ptr_diff(buf, h2n->rx_scratch); + h2n->rx_scratch_len = len; + + lwsl_info("%s: %p: pausing h2 rx_scratch\n", __func__, wsi); + + return 1; /* parent interprets as return 0 */ +} + +static struct lws * +rops_encapsulation_parent_h2(struct lws *wsi) +{ + if (wsi->h2.parent_wsi) + return wsi->h2.parent_wsi; + + return NULL; +} + +struct lws_role_ops role_ops_h2 = { + "h2", + /* check_upgrades */ rops_check_upgrades_h2, + /* init_context */ rops_init_context_h2, + /* init_vhost */ rops_init_vhost_h2, + /* periodic_checks */ NULL, + /* service_flag_pending */ rops_service_flag_pending_h2, + /* handle_POLLIN */ rops_handle_POLLIN_h2, + /* handle_POLLOUT */ rops_handle_POLLOUT_h2, + /* perform_user_POLLOUT */ rops_perform_user_POLLOUT_h2, + /* callback_on_writable */ rops_callback_on_writable_h2, + /* tx_credit */ rops_tx_credit_h2, + /* write_role_protocol */ rops_write_role_protocol_h2, + /* rxflow_cache */ rops_rxflow_cache_h2, + /* encapsulation_parent */ rops_encapsulation_parent_h2, + /* close_via_role_protocol */ NULL, + /* close_role */ NULL, + /* close_kill_connection */ rops_close_kill_connection_h2, + /* destroy_role */ rops_destroy_role_h2, + /* writeable cb clnt, srv */ { LWS_CALLBACK_CLIENT_HTTP_WRITEABLE, + LWS_CALLBACK_HTTP_WRITEABLE }, + /* close cb clnt, srv */ { LWS_CALLBACK_CLOSED_CLIENT_HTTP, + LWS_CALLBACK_CLOSED_HTTP }, +}; diff --git a/lib/roles/h2/ssl-http2.c b/lib/roles/h2/ssl-http2.c new file mode 100644 index 0000000..5174b6f --- /dev/null +++ b/lib/roles/h2/ssl-http2.c @@ -0,0 +1,158 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * Some or all of this file is based on code from nghttp2, which has the + * following license. Since it's more liberal than lws license, you're also + * at liberty to get the original code from + * https://github.com/tatsuhiro-t/nghttp2 under his liberal terms alone. + * + * nghttp2 - HTTP/2.0 C Library + * + * Copyright (c) 2012 Tatsuhiro Tsujikawa + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +#include "private-libwebsockets.h" + +#if !defined(LWS_NO_SERVER) +#if defined(LWS_WITH_TLS) + +#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \ + OPENSSL_VERSION_NUMBER >= 0x10002000L) + +struct alpn_ctx { + unsigned char *data; + unsigned short len; +}; + + +static int +alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen, + const unsigned char *in, unsigned int inlen, void *arg) +{ +#if !defined(LWS_WITH_MBEDTLS) + struct alpn_ctx *alpn_ctx = arg; + + if (SSL_select_next_proto((unsigned char **)out, outlen, alpn_ctx->data, + alpn_ctx->len, in, inlen) != + OPENSSL_NPN_NEGOTIATED) + return SSL_TLSEXT_ERR_NOACK; +#endif + return SSL_TLSEXT_ERR_OK; +} +#endif + +LWS_VISIBLE void +lws_context_init_http2_ssl(struct lws_vhost *vhost) +{ +#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \ + OPENSSL_VERSION_NUMBER >= 0x10002000L) + static struct alpn_ctx protos = { (unsigned char *)"\x02h2" + "\x08http/1.1", 6 + 9 }; + + SSL_CTX_set_alpn_select_cb(vhost->ssl_ctx, alpn_cb, &protos); + lwsl_notice(" HTTP2 / ALPN enabled\n"); +#else + lwsl_notice( + " HTTP2 / ALPN configured but not supported by OpenSSL 0x%lx\n", + OPENSSL_VERSION_NUMBER); +#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L +} + +int lws_h2_configure_if_upgraded(struct lws *wsi) +{ +#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \ + OPENSSL_VERSION_NUMBER >= 0x10002000L) + struct allocated_headers *ah; + const unsigned char *name = NULL; + char cstr[10]; + unsigned len; + + if (!wsi->ssl) + return 0; + + SSL_get0_alpn_selected(wsi->ssl, &name, &len); + if (!len) { + lwsl_info("no ALPN upgrade\n"); + return 0; + } + + if (len > sizeof(cstr) - 1) + len = sizeof(cstr) - 1; + + memcpy(cstr, name, len); + cstr[len] = '\0'; + + lwsl_info("negotiated '%s' using ALPN\n", cstr); + wsi->use_ssl |= LCCSCF_USE_SSL; + if (strncmp((char *)name, "http/1.1", 8) == 0) + return 0; + + /* http2 */ + + wsi->upgraded_to_http2 = 1; + wsi->vhost->conn_stats.h2_alpn++; + + /* adopt the header info */ + + ah = wsi->ah; + + lws_role_transition(wsi, LWSIFR_SERVER, LRS_H2_AWAIT_PREFACE, + &role_ops_h2); + + /* http2 union member has http union struct at start */ + wsi->ah = ah; + + wsi->h2.h2n = lws_zalloc(sizeof(*wsi->h2.h2n), "h2n"); + if (!wsi->h2.h2n) + return 1; + + lws_h2_init(wsi); + + /* HTTP2 union */ + + lws_hpack_dynamic_size(wsi, + wsi->h2.h2n->set.s[H2SET_HEADER_TABLE_SIZE]); + wsi->h2.tx_cr = 65535; + + lwsl_info("%s: wsi %p: configured for h2\n", __func__, wsi); +#endif + return 0; +} +#endif +#endif diff --git a/lib/roles/http/client/client-handshake.c b/lib/roles/http/client/client-handshake.c new file mode 100644 index 0000000..cbd8e74 --- /dev/null +++ b/lib/roles/http/client/client-handshake.c @@ -0,0 +1,1230 @@ +#include "private-libwebsockets.h" + +static int +lws_getaddrinfo46(struct lws *wsi, const char *ads, struct addrinfo **result) +{ + struct addrinfo hints; + + memset(&hints, 0, sizeof(hints)); + *result = NULL; + +#ifdef LWS_WITH_IPV6 + if (wsi->ipv6) { + +#if !defined(__ANDROID__) + hints.ai_family = AF_INET6; + hints.ai_flags = AI_V4MAPPED; +#endif + } else +#endif + { + hints.ai_family = PF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + } + + return getaddrinfo(ads, NULL, &hints, result); +} + +struct lws * +lws_client_connect_2(struct lws *wsi) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + const char *cce = "", *iface, *adsin, *meth; + struct lws *wsi_piggyback = NULL; + struct addrinfo *result; + struct lws_pollfd pfd; + ssize_t plen = 0; + const char *ads; + sockaddr46 sa46; + int n, port; +#ifdef LWS_WITH_IPV6 + char ipv6only = lws_check_opt(wsi->vhost->options, + LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY | + LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE); + +#if defined(__ANDROID__) + ipv6only = 0; +#endif +#endif + + lwsl_client("%s: %p\n", __func__, wsi); + + if (!wsi->ah) { + cce = "ah was NULL at cc2"; + lwsl_err("%s\n", cce); + goto oom4; + } + + /* we can only piggyback GET */ + + meth = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); + if (meth && strcmp(meth, "GET")) + goto create_new_conn; + + /* we only pipeline connections that said it was okay */ + + if (!wsi->client_pipeline) + goto create_new_conn; + + /* + * let's take a look first and see if there are any already-active + * client connections we can piggy-back on. + */ + + adsin = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); + lws_vhost_lock(wsi->vhost); + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + wsi->vhost->dll_active_client_conns.next) { + struct lws *w = lws_container_of(d, struct lws, + dll_active_client_conns); + + lwsl_debug("%s: check %s %s %d %d\n", __func__, adsin, w->client_hostname_copy, wsi->c_port, w->c_port); + + if (w != wsi && w->client_hostname_copy && + !strcmp(adsin, w->client_hostname_copy) && +#if defined(LWS_WITH_TLS) + (wsi->use_ssl & (LCCSCF_NOT_H2 | LCCSCF_USE_SSL)) == + (w->use_ssl & (LCCSCF_NOT_H2 | LCCSCF_USE_SSL)) && +#endif + wsi->c_port == w->c_port) { + + /* someone else is already connected to the right guy */ + + /* do we know for a fact pipelining won't fly? */ + if (w->keepalive_rejected) { + lwsl_info("defeating pipelining due to no " + "keepalive on server\n"); + goto create_new_conn; + } +#if defined (LWS_WITH_HTTP2) + /* + * h2: in usable state already: just use it without + * going through the queue + */ + if (w->client_h2_alpn && + (lwsi_state(w) == LRS_H2_WAITING_TO_SEND_HEADERS || + lwsi_state(w) == LRS_ESTABLISHED)) { + + lwsl_info("%s: just join h2 directly\n", + __func__); + + lws_wsi_h2_adopt(w, wsi); + lws_vhost_unlock(wsi->vhost); + + return wsi; + } +#endif + + lwsl_info("applying %p to txn queue on %p (wsistate 0x%x)\n", wsi, w, + w->wsistate); + /* + * ...let's add ourselves to his transaction queue... + */ + lws_dll_lws_add_front(&wsi->dll_client_transaction_queue, + &w->dll_client_transaction_queue_head); + + /* + * h1: pipeline our headers out on him, + * and wait for our turn at client transaction_complete + * to take over parsing the rx. + */ + + wsi_piggyback = w; + + lws_vhost_unlock(wsi->vhost); + goto send_hs; + } + + } lws_end_foreach_dll_safe(d, d1); + lws_vhost_unlock(wsi->vhost); + +create_new_conn: + + /* + * clients who will create their own fresh connection keep a copy of + * the hostname they originally connected to, in case other connections + * want to use it too + */ + + if (!wsi->client_hostname_copy) + wsi->client_hostname_copy = + strdup(lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_PEER_ADDRESS)); + + /* + * If we made our own connection, and we're doing a method that can take + * a pipeline, we are an "active client connection". + * + * Add ourselves to the vhost list of those so that others can + * piggyback on our transaction queue + */ + + if (meth && !strcmp(meth, "GET") && + lws_dll_is_null(&wsi->dll_client_transaction_queue) && + lws_dll_is_null(&wsi->dll_active_client_conns)) { + lws_vhost_lock(wsi->vhost); + lws_dll_lws_add_front(&wsi->dll_active_client_conns, + &wsi->vhost->dll_active_client_conns); + lws_vhost_unlock(wsi->vhost); + } + + /* + * start off allowing ipv6 on connection if vhost allows it + */ + wsi->ipv6 = LWS_IPV6_ENABLED(wsi->vhost); + + /* Decide what it is we need to connect to: + * + * Priority 1: connect to http proxy */ + + if (wsi->vhost->http_proxy_port) { + plen = sprintf((char *)pt->serv_buf, + "CONNECT %s:%u HTTP/1.0\x0d\x0a" + "User-agent: libwebsockets\x0d\x0a", + lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS), + wsi->c_port); + + if (wsi->vhost->proxy_basic_auth_token[0]) + plen += sprintf((char *)pt->serv_buf + plen, + "Proxy-authorization: basic %s\x0d\x0a", + wsi->vhost->proxy_basic_auth_token); + + plen += sprintf((char *)pt->serv_buf + plen, "\x0d\x0a"); + ads = wsi->vhost->http_proxy_address; + port = wsi->vhost->http_proxy_port; + +#if defined(LWS_WITH_SOCKS5) + + /* Priority 2: Connect to SOCK5 Proxy */ + + } else if (wsi->vhost->socks_proxy_port) { + socks_generate_msg(wsi, SOCKS_MSG_GREETING, &plen); + lwsl_client("Sending SOCKS Greeting\n"); + ads = wsi->vhost->socks_proxy_address; + port = wsi->vhost->socks_proxy_port; +#endif + } else { + + /* Priority 3: Connect directly */ + + ads = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); + port = wsi->c_port; + } + + /* + * prepare the actual connection + * to whatever we decided to connect to + */ + + lwsl_info("%s: %p: address %s\n", __func__, wsi, ads); + + n = lws_getaddrinfo46(wsi, ads, &result); + +#ifdef LWS_WITH_IPV6 + if (wsi->ipv6) { + struct sockaddr_in6 *sa6 = + ((struct sockaddr_in6 *)result->ai_addr); + + if (n) { + /* lws_getaddrinfo46 failed, there is no usable result */ + lwsl_notice("%s: lws_getaddrinfo46 failed %d\n", + __func__, n); + cce = "ipv6 lws_getaddrinfo46 failed"; + goto oom4; + } + + memset(&sa46, 0, sizeof(sa46)); + + sa46.sa6.sin6_family = AF_INET6; + switch (result->ai_family) { + case AF_INET: + if (ipv6only) + break; + /* map IPv4 to IPv6 */ + bzero((char *)&sa46.sa6.sin6_addr, + sizeof(sa46.sa6.sin6_addr)); + sa46.sa6.sin6_addr.s6_addr[10] = 0xff; + sa46.sa6.sin6_addr.s6_addr[11] = 0xff; + memcpy(&sa46.sa6.sin6_addr.s6_addr[12], + &((struct sockaddr_in *)result->ai_addr)->sin_addr, + sizeof(struct in_addr)); + lwsl_notice("uplevelling AF_INET to AF_INET6\n"); + break; + + case AF_INET6: + memcpy(&sa46.sa6.sin6_addr, &sa6->sin6_addr, + sizeof(struct in6_addr)); + sa46.sa6.sin6_scope_id = sa6->sin6_scope_id; + sa46.sa6.sin6_flowinfo = sa6->sin6_flowinfo; + break; + default: + lwsl_err("Unknown address family\n"); + freeaddrinfo(result); + cce = "unknown address family"; + goto oom4; + } + } else +#endif /* use ipv6 */ + + /* use ipv4 */ + { + void *p = NULL; + + if (!n) { + struct addrinfo *res = result; + + /* pick the first AF_INET (IPv4) result */ + + while (!p && res) { + switch (res->ai_family) { + case AF_INET: + p = &((struct sockaddr_in *)res->ai_addr)->sin_addr; + break; + } + + res = res->ai_next; + } +#if defined(LWS_FALLBACK_GETHOSTBYNAME) + } else if (n == EAI_SYSTEM) { + struct hostent *host; + + lwsl_info("getaddrinfo (ipv4) failed, trying gethostbyname\n"); + host = gethostbyname(ads); + if (host) { + p = host->h_addr; + } else { + lwsl_err("gethostbyname failed\n"); + cce = "gethostbyname (ipv4) failed"; + goto oom4; + } +#endif + } else { + lwsl_err("getaddrinfo failed\n"); + cce = "getaddrinfo failed"; + goto oom4; + } + + if (!p) { + if (result) + freeaddrinfo(result); + lwsl_err("Couldn't identify address\n"); + cce = "unable to lookup address"; + goto oom4; + } + + sa46.sa4.sin_family = AF_INET; + sa46.sa4.sin_addr = *((struct in_addr *)p); + bzero(&sa46.sa4.sin_zero, 8); + } + + if (result) + freeaddrinfo(result); + + /* now we decided on ipv4 or ipv6, set the port */ + + if (!lws_socket_is_valid(wsi->desc.sockfd)) { + +#if defined(LWS_WITH_LIBUV) + if (LWS_LIBUV_ENABLED(context)) + if (lws_libuv_check_watcher_active(wsi)) { + lwsl_warn("Waiting for libuv watcher to close\n"); + cce = "waiting for libuv watcher to close"; + goto oom4; + } +#endif + +#ifdef LWS_WITH_IPV6 + if (wsi->ipv6) + wsi->desc.sockfd = socket(AF_INET6, SOCK_STREAM, 0); + else +#endif + wsi->desc.sockfd = socket(AF_INET, SOCK_STREAM, 0); + + if (!lws_socket_is_valid(wsi->desc.sockfd)) { + lwsl_warn("Unable to open socket\n"); + cce = "unable to open socket"; + goto oom4; + } + + if (lws_plat_set_socket_options(wsi->vhost, wsi->desc.sockfd)) { + lwsl_err("Failed to set wsi socket options\n"); + compatible_close(wsi->desc.sockfd); + cce = "set socket opts failed"; + goto oom4; + } + + lwsi_set_state(wsi, LRS_WAITING_CONNECT); + + lws_libev_accept(wsi, wsi->desc); + lws_libuv_accept(wsi, wsi->desc); + lws_libevent_accept(wsi, wsi->desc); + + if (__insert_wsi_socket_into_fds(context, wsi)) { + compatible_close(wsi->desc.sockfd); + cce = "insert wsi failed"; + goto oom4; + } + + lws_change_pollfd(wsi, 0, LWS_POLLIN); + + /* + * past here, we can't simply free the structs as error + * handling as oom4 does. We have to run the whole close flow. + */ + + if (!wsi->protocol) + wsi->protocol = &wsi->vhost->protocols[0]; + + wsi->protocol->callback(wsi, LWS_CALLBACK_WSI_CREATE, + wsi->user_space, NULL, 0); + + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CONNECT_RESPONSE, + AWAITING_TIMEOUT); + + iface = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_IFACE); + + if (iface) { + n = lws_socket_bind(wsi->vhost, wsi->desc.sockfd, 0, iface); + if (n < 0) { + cce = "unable to bind socket"; + goto failed; + } + } + } + +#ifdef LWS_WITH_IPV6 + if (wsi->ipv6) { + sa46.sa6.sin6_port = htons(port); + n = sizeof(struct sockaddr_in6); + } else +#endif + { + sa46.sa4.sin_port = htons(port); + n = sizeof(struct sockaddr); + } +lwsl_notice("%s: CONNECT\n", __func__); + if (connect(wsi->desc.sockfd, (const struct sockaddr *)&sa46, n) == -1 || + LWS_ERRNO == LWS_EISCONN) { + if (LWS_ERRNO == LWS_EALREADY || + LWS_ERRNO == LWS_EINPROGRESS || + LWS_ERRNO == LWS_EWOULDBLOCK +#ifdef _WIN32 + || LWS_ERRNO == WSAEINVAL +#endif + ) { + lwsl_client("nonblocking connect retry (errno = %d)\n", + LWS_ERRNO); + + if (lws_plat_check_connection_error(wsi)) { + cce = "socket connect failed"; + goto failed; + } + + /* + * must do specifically a POLLOUT poll to hear + * about the connect completion + */ + if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) { + cce = "POLLOUT set failed"; + goto failed; + } + + return wsi; + } + + if (LWS_ERRNO != LWS_EISCONN) { + lwsl_notice("Connect failed errno=%d\n", LWS_ERRNO); + cce = "connect failed"; + goto failed; + } + } + + lwsl_client("connected\n"); + + /* we are connected to server, or proxy */ + + /* http proxy */ + if (wsi->vhost->http_proxy_port) { + + /* + * OK from now on we talk via the proxy, so connect to that + * + * (will overwrite existing pointer, + * leaving old string/frag there but unreferenced) + */ + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, + wsi->vhost->http_proxy_address)) + goto failed; + wsi->c_port = wsi->vhost->http_proxy_port; + + n = send(wsi->desc.sockfd, (char *)pt->serv_buf, (int)plen, + MSG_NOSIGNAL); + if (n < 0) { + lwsl_debug("ERROR writing to proxy socket\n"); + cce = "proxy write failed"; + goto failed; + } + + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_PROXY_RESPONSE, + AWAITING_TIMEOUT); + + lwsi_set_state(wsi, LRS_WAITING_PROXY_REPLY); + + return wsi; + } +#if defined(LWS_WITH_SOCKS5) + /* socks proxy */ + else if (wsi->vhost->socks_proxy_port) { + n = send(wsi->desc.sockfd, (char *)pt->serv_buf, plen, + MSG_NOSIGNAL); + if (n < 0) { + lwsl_debug("ERROR writing socks greeting\n"); + cce = "socks write failed"; + goto failed; + } + + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SOCKS_GREETING_REPLY, + AWAITING_TIMEOUT); + + lwsi_set_state(wsi, LRS_WAITING_SOCKS_GREETING_REPLY); + + return wsi; + } +#endif + +send_hs: + if (wsi_piggyback && + !lws_dll_is_null(&wsi->dll_client_transaction_queue)) { + /* + * We are pipelining on an already-established connection... + * we can skip tls establishment. + */ + + lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE2); + + /* + * we can't send our headers directly, because they have to + * be sent when the parent is writeable. The parent will check + * for anybody on his client transaction queue that is in + * LRS_H1C_ISSUE_HANDSHAKE2, and let them write. + * + * If we are trying to do this too early, before the master + * connection has written his own headers, + */ + lws_callback_on_writable(wsi_piggyback); + lwsl_info("wsi %p: waiting to send headers\n", wsi); + } else { + lwsl_info("wsi %p: client creating own connection\n", wsi); + + /* we are making our own connection */ + lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE); + + /* + * provoke service to issue the handshake directly. + * + * we need to do it this way because in the proxy case, this is + * the next state and executed only if and when we get a good + * proxy response inside the state machine... but notice in + * SSL case this may not have sent anything yet with 0 return, + * and won't until many retries from main loop. To stop that + * becoming endless, cover with a timeout. + */ + + lws_set_timeout(wsi, PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE, + AWAITING_TIMEOUT); + + pfd.fd = wsi->desc.sockfd; + pfd.events = LWS_POLLIN; + pfd.revents = LWS_POLLIN; + + n = lws_service_fd(context, &pfd); + if (n < 0) { + cce = "first service failed"; + goto failed; + } + if (n) /* returns 1 on failure after closing wsi */ + return NULL; + } + + return wsi; + +oom4: + /* we're closing, losing some rx is OK */ + lws_header_table_force_to_detachable_state(wsi); + + if (lwsi_role_client(wsi) && lwsi_state_est(wsi)) { + wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_CONNECTION_ERROR, + wsi->user_space, (void *)cce, strlen(cce)); + wsi->already_did_cce = 1; + } + /* take care that we might be inserted in fds already */ + if (wsi->position_in_fds_table != -1) + goto failed1; + lws_remove_from_timeout_list(wsi); + lws_header_table_detach(wsi, 0); + lws_client_stash_destroy(wsi); + lws_free_set_NULL(wsi->client_hostname_copy); + lws_free(wsi); + + return NULL; + +failed: + wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_CONNECTION_ERROR, + wsi->user_space, (void *)cce, strlen(cce)); + wsi->already_did_cce = 1; +failed1: + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "client_connect2"); + + return NULL; +} + +/** + * lws_client_reset() - retarget a connected wsi to start over with a new connection (ie, redirect) + * this only works if still in HTTP, ie, not upgraded yet + * wsi: connection to reset + * address: network address of the new server + * port: port to connect to + * path: uri path to connect to on the new server + * host: host header to send to the new server + */ +LWS_VISIBLE struct lws * +lws_client_reset(struct lws **pwsi, int ssl, const char *address, int port, + const char *path, const char *host) +{ + char origin[300] = "", protocol[300] = "", method[32] = "", + iface[16] = "", *p; + struct lws *wsi = *pwsi; + + if (wsi->redirects == 3) { + lwsl_err("%s: Too many redirects\n", __func__); + return NULL; + } + wsi->redirects++; + + p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN); + if (p) + lws_strncpy(origin, p, sizeof(origin)); + + p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); + if (p) + lws_strncpy(protocol, p, sizeof(protocol)); + + p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); + if (p) + lws_strncpy(method, p, sizeof(method)); + + p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_IFACE); + if (p) + lws_strncpy(method, p, sizeof(iface)); + + lwsl_info("redirect ads='%s', port=%d, path='%s', ssl = %d\n", + address, port, path, ssl); + + /* close the connection by hand */ + +#if defined(LWS_WITH_TLS) + lws_ssl_close(wsi); +#endif + +#ifdef LWS_WITH_LIBUV + if (LWS_LIBUV_ENABLED(wsi->context)) { + lwsl_debug("%s: lws_libuv_closehandle: wsi %p\n", __func__, wsi); + /* + * libuv has to do his own close handle processing asynchronously + * but once it starts we can do everything else synchronously, + * including trash wsi->desc.sockfd since it took a copy. + * + * When it completes it will call compatible_close() + */ + lws_libuv_closehandle_manually(wsi); + } else +#else + compatible_close(wsi->desc.sockfd); +#endif + + __remove_wsi_socket_from_fds(wsi); + +#if defined(LWS_WITH_TLS) + wsi->use_ssl = ssl; +#else + if (ssl) { + lwsl_err("%s: not configured for ssl\n", __func__); + return NULL; + } +#endif + + wsi->desc.sockfd = LWS_SOCK_INVALID; + lwsi_set_state(wsi, LRS_UNCONNECTED); + wsi->protocol = NULL; + wsi->pending_timeout = NO_PENDING_TIMEOUT; + wsi->c_port = port; + wsi->hdr_parsing_completed = 0; + _lws_header_table_reset(wsi->ah); + + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, address)) + return NULL; + + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_HOST, host)) + return NULL; + + if (origin[0]) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ORIGIN, + origin)) + return NULL; + if (protocol[0]) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, + protocol)) + return NULL; + if (method[0]) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_METHOD, + method)) + return NULL; + + if (iface[0]) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_IFACE, + iface)) + return NULL; + + origin[0] = '/'; + strncpy(&origin[1], path, sizeof(origin) - 2); + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_URI, origin)) + return NULL; + + *pwsi = lws_client_connect_2(wsi); + + return *pwsi; +} + +#ifdef LWS_WITH_HTTP_PROXY +static hubbub_error +html_parser_cb(const hubbub_token *token, void *pw) +{ + struct lws_rewrite *r = (struct lws_rewrite *)pw; + char buf[1024], *start = buf + LWS_PRE, *p = start, + *end = &buf[sizeof(buf) - 1]; + size_t i; + + switch (token->type) { + case HUBBUB_TOKEN_DOCTYPE: + + p += lws_snprintf(p, end - p, "data.doctype.name.len, + token->data.doctype.name.ptr, + token->data.doctype.force_quirks ? + "(force-quirks) " : ""); + + if (token->data.doctype.public_missing) + lwsl_debug("\tpublic: missing\n"); + else + p += lws_snprintf(p, end - p, "PUBLIC \"%.*s\"\n", + (int) token->data.doctype.public_id.len, + token->data.doctype.public_id.ptr); + + if (token->data.doctype.system_missing) + lwsl_debug("\tsystem: missing\n"); + else + p += lws_snprintf(p, end - p, " \"%.*s\">\n", + (int) token->data.doctype.system_id.len, + token->data.doctype.system_id.ptr); + + break; + case HUBBUB_TOKEN_START_TAG: + p += lws_snprintf(p, end - p, "<%.*s", (int)token->data.tag.name.len, + token->data.tag.name.ptr); + +/* (token->data.tag.self_closing) ? + "(self-closing) " : "", + (token->data.tag.n_attributes > 0) ? + "attributes:" : ""); +*/ + for (i = 0; i < token->data.tag.n_attributes; i++) { + if (!hstrcmp(&token->data.tag.attributes[i].name, "href", 4) || + !hstrcmp(&token->data.tag.attributes[i].name, "action", 6) || + !hstrcmp(&token->data.tag.attributes[i].name, "src", 3)) { + const char *pp = (const char *)token->data.tag.attributes[i].value.ptr; + int plen = (int) token->data.tag.attributes[i].value.len; + + if (strncmp(pp, "http:", 5) && strncmp(pp, "https:", 6)) { + + if (!hstrcmp(&token->data.tag.attributes[i].value, + r->from, r->from_len)) { + pp += r->from_len; + plen -= r->from_len; + } + p += lws_snprintf(p, end - p, " %.*s=\"%s/%.*s\"", + (int) token->data.tag.attributes[i].name.len, + token->data.tag.attributes[i].name.ptr, + r->to, plen, pp); + continue; + } + } + + p += lws_snprintf(p, end - p, " %.*s=\"%.*s\"", + (int) token->data.tag.attributes[i].name.len, + token->data.tag.attributes[i].name.ptr, + (int) token->data.tag.attributes[i].value.len, + token->data.tag.attributes[i].value.ptr); + } + p += lws_snprintf(p, end - p, ">"); + break; + case HUBBUB_TOKEN_END_TAG: + p += lws_snprintf(p, end - p, "data.tag.name.len, + token->data.tag.name.ptr); +/* + (token->data.tag.self_closing) ? + "(self-closing) " : "", + (token->data.tag.n_attributes > 0) ? + "attributes:" : ""); +*/ + for (i = 0; i < token->data.tag.n_attributes; i++) { + p += lws_snprintf(p, end - p, " %.*s='%.*s'\n", + (int) token->data.tag.attributes[i].name.len, + token->data.tag.attributes[i].name.ptr, + (int) token->data.tag.attributes[i].value.len, + token->data.tag.attributes[i].value.ptr); + } + p += lws_snprintf(p, end - p, ">"); + break; + case HUBBUB_TOKEN_COMMENT: + p += lws_snprintf(p, end - p, "\n", + (int) token->data.comment.len, + token->data.comment.ptr); + break; + case HUBBUB_TOKEN_CHARACTER: + if (token->data.character.len == 1) { + if (*token->data.character.ptr == '<') { + p += lws_snprintf(p, end - p, "<"); + break; + } + if (*token->data.character.ptr == '>') { + p += lws_snprintf(p, end - p, ">"); + break; + } + if (*token->data.character.ptr == '&') { + p += lws_snprintf(p, end - p, "&"); + break; + } + } + + p += lws_snprintf(p, end - p, "%.*s", (int) token->data.character.len, + token->data.character.ptr); + break; + case HUBBUB_TOKEN_EOF: + p += lws_snprintf(p, end - p, "\n"); + break; + } + + if (user_callback_handle_rxflow(r->wsi->protocol->callback, + r->wsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ, + r->wsi->user_space, start, p - start)) + return -1; + + return HUBBUB_OK; +} +#endif + +static char * +lws_strdup(const char *s) +{ + char *d = lws_malloc(strlen(s) + 1, "strdup"); + + if (d) + strcpy(d, s); + + return d; +} + +void +lws_client_stash_destroy(struct lws *wsi) +{ + if (!wsi || !wsi->stash) + return; + + lws_free_set_NULL(wsi->stash->address); + lws_free_set_NULL(wsi->stash->path); + lws_free_set_NULL(wsi->stash->host); + lws_free_set_NULL(wsi->stash->origin); + lws_free_set_NULL(wsi->stash->protocol); + lws_free_set_NULL(wsi->stash->method); + lws_free_set_NULL(wsi->stash->iface); + + lws_free_set_NULL(wsi->stash); +} + +LWS_VISIBLE struct lws * +lws_client_connect_via_info(struct lws_client_connect_info *i) +{ + struct lws *wsi; + const struct lws_protocols *p; + const char *local = i->protocol; + + if (i->context->requested_kill) + return NULL; + + if (!i->context->protocol_init_done) + lws_protocol_init(i->context); + /* + * If we have .local_protocol_name, use it to select the + * local protocol handler to bind to. Otherwise use .protocol if + * http[s]. + */ + if (i->local_protocol_name) + local = i->local_protocol_name; + + wsi = lws_zalloc(sizeof(struct lws), "client wsi"); + if (wsi == NULL) + goto bail; + + wsi->context = i->context; + /* assert the mode and union status (hdr) clearly */ + lws_role_transition(wsi, LWSIFR_CLIENT, LRS_UNCONNECTED, &role_ops_h1); + wsi->desc.sockfd = LWS_SOCK_INVALID; + + /* 1) fill up the wsi with stuff from the connect_info as far as it + * can go. It's because not only is our connection async, we might + * not even be able to get ahold of an ah at this point. + */ + + if (!i->method) /* ie, ws */ +#if defined(LWS_ROLE_WS) + if (lws_create_client_ws_object(i, wsi)) + return NULL; +#else + return NULL; +#endif + + wsi->user_space = NULL; + wsi->pending_timeout = NO_PENDING_TIMEOUT; + wsi->position_in_fds_table = -1; + wsi->c_port = i->port; + wsi->vhost = i->vhost; + if (!wsi->vhost) + wsi->vhost = i->context->vhost_list; + + if (!wsi->vhost) { + lwsl_err("At least one vhost in the context is required\n"); + + goto bail; + } + + wsi->protocol = &wsi->vhost->protocols[0]; + wsi->client_pipeline = !!(i->ssl_connection & LCCSCF_PIPELINE); + + /* reasonable place to start */ + lws_role_transition(wsi, LWSIFR_CLIENT, LRS_UNCONNECTED, &role_ops_h1); + + /* + * 1) for http[s] connection, allow protocol selection by name + * 2) for ws[s], if local_protocol_name given also use it for + * local protocol binding... this defeats the server + * protocol negotiation if so + * + * Otherwise leave at protocols[0]... the server will tell us + * which protocol we are associated with since we can give it a + * list. + */ + if (/*(i->method || i->local_protocol_name) && */local) { + lwsl_info("binding to %s\n", local); + p = lws_vhost_name_to_protocol(wsi->vhost, local); + if (p) + wsi->protocol = p; + } + + if (wsi && !wsi->user_space && i->userdata) { + wsi->user_space_externally_allocated = 1; + wsi->user_space = i->userdata; + } else + /* if we stay in http, we can assign the user space now, + * otherwise do it after the protocol negotiated + */ + if (i->method) + if (lws_ensure_user_space(wsi)) + goto bail; + +#if defined(LWS_WITH_TLS) + wsi->use_ssl = i->ssl_connection; + + if (!i->method) /* !!! disallow ws for h2 right now */ + wsi->use_ssl |= LCCSCF_NOT_H2; +#else + if (i->ssl_connection & LCCSCF_USE_SSL) { + lwsl_err("libwebsockets not configured for ssl\n"); + goto bail; + } +#endif + + /* 2) stash the things from connect_info that we can't process without + * an ah. Because if no ah, we will go on the ah waiting list and + * process those things later (after the connect_info and maybe the + * things pointed to have gone out of scope. + */ + + wsi->stash = lws_zalloc(sizeof(*wsi->stash), "client stash"); + if (!wsi->stash) { + lwsl_err("%s: OOM\n", __func__); + goto bail1; + } + + wsi->stash->address = lws_strdup(i->address); + wsi->stash->path = lws_strdup(i->path); + wsi->stash->host = lws_strdup(i->host); + + if (!wsi->stash->address || !wsi->stash->path || !wsi->stash->host) + goto bail1; + + if (i->origin) { + wsi->stash->origin = lws_strdup(i->origin); + if (!wsi->stash->origin) + goto bail1; + } + if (i->protocol) { + wsi->stash->protocol = lws_strdup(i->protocol); + if (!wsi->stash->protocol) + goto bail1; + } + if (i->method) { + wsi->stash->method = lws_strdup(i->method); + if (!wsi->stash->method) + goto bail1; + } + if (i->iface) { + wsi->stash->iface = lws_strdup(i->iface); + if (!wsi->stash->iface) + goto bail1; + } + if (i->pwsi) + *i->pwsi = wsi; + + /* if we went on the waiting list, no probs just return the wsi + * when we get the ah, now or later, he will call + * lws_client_connect_via_info2() below. + */ + if (lws_header_table_attach(wsi, 0) < 0) { + /* + * if we failed here, the connection is already closed + * and freed. + */ + goto bail2; + } + + if (i->parent_wsi) { + lwsl_info("%s: created child %p of parent %p\n", __func__, + wsi, i->parent_wsi); + wsi->parent = i->parent_wsi; + wsi->sibling_list = i->parent_wsi->child_list; + i->parent_wsi->child_list = wsi; + } +#ifdef LWS_WITH_HTTP_PROXY + if (i->uri_replace_to) + wsi->rw = lws_rewrite_create(wsi, html_parser_cb, + i->uri_replace_from, + i->uri_replace_to); +#endif + + return wsi; + +bail1: + lws_client_stash_destroy(wsi); + +bail: + lws_free(wsi); + +bail2: + if (i->pwsi) + *i->pwsi = NULL; + + return NULL; +} + +struct lws * +lws_client_connect_via_info2(struct lws *wsi) +{ + struct client_info_stash *stash = wsi->stash; + + if (!stash) + return wsi; + + /* + * we're not necessarily in a position to action these right away, + * stash them... we only need during connect phase so u.hdr is fine + */ + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, + stash->address)) + goto bail1; + + /* these only need u.hdr lifetime as well */ + + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_URI, stash->path)) + goto bail1; + + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_HOST, stash->host)) + goto bail1; + + if (stash->origin) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ORIGIN, + stash->origin)) + goto bail1; + /* + * this is a list of protocols we tell the server we're okay with + * stash it for later when we compare server response with it + */ + if (stash->protocol) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, + stash->protocol)) + goto bail1; + if (stash->method) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_METHOD, + stash->method)) + goto bail1; + if (stash->iface) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_IFACE, + stash->iface)) + goto bail1; + +#if defined(LWS_WITH_SOCKS5) + if (!wsi->vhost->socks_proxy_port) + lws_client_stash_destroy(wsi); +#endif + + wsi->context->count_wsi_allocated++; + + return lws_client_connect_2(wsi); + +bail1: +#if defined(LWS_WITH_SOCKS5) + if (!wsi->vhost->socks_proxy_port) + lws_free_set_NULL(wsi->stash); +#endif + + return NULL; +} + +LWS_VISIBLE struct lws * +lws_client_connect_extended(struct lws_context *context, const char *address, + int port, int ssl_connection, const char *path, + const char *host, const char *origin, + const char *protocol, int ietf_version_or_minus_one, + void *userdata) +{ + struct lws_client_connect_info i; + + memset(&i, 0, sizeof(i)); + + i.context = context; + i.address = address; + i.port = port; + i.ssl_connection = ssl_connection; + i.path = path; + i.host = host; + i.origin = origin; + i.protocol = protocol; + i.ietf_version_or_minus_one = ietf_version_or_minus_one; + i.userdata = userdata; + + return lws_client_connect_via_info(&i); +} + +LWS_VISIBLE struct lws * +lws_client_connect(struct lws_context *context, const char *address, + int port, int ssl_connection, const char *path, + const char *host, const char *origin, + const char *protocol, int ietf_version_or_minus_one) +{ + struct lws_client_connect_info i; + + memset(&i, 0, sizeof(i)); + + i.context = context; + i.address = address; + i.port = port; + i.ssl_connection = ssl_connection; + i.path = path; + i.host = host; + i.origin = origin; + i.protocol = protocol; + i.ietf_version_or_minus_one = ietf_version_or_minus_one; + i.userdata = NULL; + + return lws_client_connect_via_info(&i); +} + +#if defined(LWS_WITH_SOCKS5) +void socks_generate_msg(struct lws *wsi, enum socks_msg_type type, + ssize_t *msg_len) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + ssize_t len = 0, n, passwd_len; + short net_num; + char *p; + + switch (type) { + case SOCKS_MSG_GREETING: + /* socks version, version 5 only */ + pt->serv_buf[len++] = SOCKS_VERSION_5; + /* number of methods */ + pt->serv_buf[len++] = 2; + /* username password method */ + pt->serv_buf[len++] = SOCKS_AUTH_USERNAME_PASSWORD; + /* no authentication method */ + pt->serv_buf[len++] = SOCKS_AUTH_NO_AUTH; + break; + + case SOCKS_MSG_USERNAME_PASSWORD: + n = strlen(wsi->vhost->socks_user); + passwd_len = strlen(wsi->vhost->socks_password); + + /* the subnegotiation version */ + pt->serv_buf[len++] = SOCKS_SUBNEGOTIATION_VERSION_1; + /* length of the user name */ + pt->serv_buf[len++] = n; + /* user name */ + lws_strncpy((char *)&pt->serv_buf[len], wsi->vhost->socks_user, + context->pt_serv_buf_size - len + 1); + len += n; + /* length of the password */ + pt->serv_buf[len++] = passwd_len; + /* password */ + lws_strncpy((char *)&pt->serv_buf[len], wsi->vhost->socks_password, + context->pt_serv_buf_size - len + 1); + len += passwd_len; + break; + + case SOCKS_MSG_CONNECT: + p = (char*)&net_num; + + /* socks version */ + pt->serv_buf[len++] = SOCKS_VERSION_5; + /* socks command */ + pt->serv_buf[len++] = SOCKS_COMMAND_CONNECT; + /* reserved */ + pt->serv_buf[len++] = 0; + /* address type */ + pt->serv_buf[len++] = SOCKS_ATYP_DOMAINNAME; + /* skip length, we fill it in at the end */ + n = len++; + + /* the address we tell SOCKS proxy to connect to */ + lws_strncpy((char *)&(pt->serv_buf[len]), wsi->stash->address, + context->pt_serv_buf_size - len + 1); + len += strlen(wsi->stash->address); + net_num = htons(wsi->c_port); + + /* the port we tell SOCKS proxy to connect to */ + pt->serv_buf[len++] = p[0]; + pt->serv_buf[len++] = p[1]; + + /* the length of the address, excluding port */ + pt->serv_buf[n] = strlen(wsi->stash->address); + break; + + default: + return; + } + + *msg_len = len; +} +#endif diff --git a/lib/roles/http/client/client.c b/lib/roles/http/client/client.c new file mode 100644 index 0000000..5ffaf89 --- /dev/null +++ b/lib/roles/http/client/client.c @@ -0,0 +1,1202 @@ +/* + * libwebsockets - lib/client/client.c + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +LWS_VISIBLE LWS_EXTERN void +lws_client_http_body_pending(struct lws *wsi, int something_left_to_send) +{ + wsi->client_http_body_pending = !!something_left_to_send; +} + +/* + * return self, or queued client wsi we are acting on behalf of + */ + +struct lws * +lws_client_wsi_effective(struct lws *wsi) +{ + struct lws *wsi_eff = wsi; + + if (!wsi->transaction_from_pipeline_queue || + !wsi->dll_client_transaction_queue_head.next) + return wsi; + + /* + * The head is the last queued transaction... so + * the guy we are fulfilling here is the tail + */ + + lws_vhost_lock(wsi->vhost); + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + wsi->dll_client_transaction_queue_head.next) { + if (d->next == NULL) + wsi_eff = lws_container_of(d, struct lws, + dll_client_transaction_queue); + } lws_end_foreach_dll_safe(d, d1); + lws_vhost_unlock(wsi->vhost); + + return wsi_eff; +} + +/* + * return self or the guy we are queued under + */ + +struct lws * +lws_client_wsi_master(struct lws *wsi) +{ + struct lws *wsi_eff = wsi; + struct lws_dll_lws *d; + + lws_vhost_lock(wsi->vhost); + d = wsi->dll_client_transaction_queue.prev; + while (d) { + wsi_eff = lws_container_of(d, struct lws, + dll_client_transaction_queue_head); + + d = d->prev; + } + lws_vhost_unlock(wsi->vhost); + + return wsi_eff; +} + +int +lws_client_socket_service(struct lws *wsi, struct lws_pollfd *pollfd, + struct lws *wsi_conn) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + char *p = (char *)&pt->serv_buf[0]; + struct lws *w; +#if defined(LWS_WITH_TLS) + char ebuf[128]; +#endif + const char *cce = NULL; + unsigned char c; + char *sb = p; + int n = 0; + ssize_t len = 0; +#if defined(LWS_WITH_SOCKS5) + char conn_mode = 0, pending_timeout = 0; +#endif + + if ((pollfd->revents & LWS_POLLOUT) && + wsi->keepalive_active && + wsi->dll_client_transaction_queue_head.next) { + + lwsl_debug("%s: pollout HANDSHAKE2\n", __func__); + + /* we have a transaction queue that wants to pipeline */ + lws_vhost_lock(wsi->vhost); + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + wsi->dll_client_transaction_queue_head.next) { + struct lws *w = lws_container_of(d, struct lws, + dll_client_transaction_queue); + + if (lwsi_state(w) == LRS_H1C_ISSUE_HANDSHAKE2) { + /* + * pollfd has the master sockfd in it... we + * need to use that in HANDSHAKE2 to understand + * which wsi to actually write on + */ + lws_client_socket_service(w, pollfd, wsi); + lws_callback_on_writable(wsi); + break; + } + } lws_end_foreach_dll_safe(d, d1); + lws_vhost_unlock(wsi->vhost); + + return 0; + } + + switch (lwsi_state(wsi)) { + + case LRS_WAITING_CONNECT: + + /* + * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE + * timeout protection set in client-handshake.c + */ + + if (!lws_client_connect_2(wsi)) { + /* closed */ + lwsl_client("closed\n"); + return -1; + } + + /* either still pending connection, or changed mode */ + return 0; + +#if defined(LWS_WITH_SOCKS5) + /* SOCKS Greeting Reply */ + case LRS_WAITING_SOCKS_GREETING_REPLY: + case LRS_WAITING_SOCKS_AUTH_REPLY: + case LRS_WAITING_SOCKS_CONNECT_REPLY: + + /* handle proxy hung up on us */ + + if (pollfd->revents & LWS_POLLHUP) { + lwsl_warn("SOCKS connection %p (fd=%d) dead\n", + (void *)wsi, pollfd->fd); + goto bail3; + } + + n = recv(wsi->desc.sockfd, sb, context->pt_serv_buf_size, 0); + if (n < 0) { + if (LWS_ERRNO == LWS_EAGAIN) { + lwsl_debug("SOCKS read EAGAIN, retrying\n"); + return 0; + } + lwsl_err("ERROR reading from SOCKS socket\n"); + goto bail3; + } + + switch (lwsi_state(wsi)) { + + case LRS_WAITING_SOCKS_GREETING_REPLY: + if (pt->serv_buf[0] != SOCKS_VERSION_5) + goto socks_reply_fail; + + if (pt->serv_buf[1] == SOCKS_AUTH_NO_AUTH) { + lwsl_client("SOCKS GR: No Auth Method\n"); + socks_generate_msg(wsi, SOCKS_MSG_CONNECT, &len); + conn_mode = LRS_WAITING_SOCKS_CONNECT_REPLY; + pending_timeout = + PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY; + goto socks_send; + } + + if (pt->serv_buf[1] == SOCKS_AUTH_USERNAME_PASSWORD) { + lwsl_client("SOCKS GR: User/Pw Method\n"); + socks_generate_msg(wsi, + SOCKS_MSG_USERNAME_PASSWORD, + &len); + conn_mode = LRS_WAITING_SOCKS_AUTH_REPLY; + pending_timeout = + PENDING_TIMEOUT_AWAITING_SOCKS_AUTH_REPLY; + goto socks_send; + } + goto socks_reply_fail; + + case LRS_WAITING_SOCKS_AUTH_REPLY: + if (pt->serv_buf[0] != SOCKS_SUBNEGOTIATION_VERSION_1 || + pt->serv_buf[1] != SOCKS_SUBNEGOTIATION_STATUS_SUCCESS) + goto socks_reply_fail; + + lwsl_client("SOCKS password OK, sending connect\n"); + socks_generate_msg(wsi, SOCKS_MSG_CONNECT, &len); + conn_mode = LRS_WAITING_SOCKS_CONNECT_REPLY; + pending_timeout = + PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY; +socks_send: + n = send(wsi->desc.sockfd, (char *)pt->serv_buf, len, + MSG_NOSIGNAL); + if (n < 0) { + lwsl_debug("ERROR writing to socks proxy\n"); + goto bail3; + } + + lws_set_timeout(wsi, pending_timeout, AWAITING_TIMEOUT); + lwsi_set_state(wsi, conn_mode); + break; + +socks_reply_fail: + lwsl_notice("socks reply: v%d, err %d\n", + pt->serv_buf[0], pt->serv_buf[1]); + goto bail3; + + case LRS_WAITING_SOCKS_CONNECT_REPLY: + if (pt->serv_buf[0] != SOCKS_VERSION_5 || + pt->serv_buf[1] != SOCKS_REQUEST_REPLY_SUCCESS) + goto socks_reply_fail; + + lwsl_client("socks connect OK\n"); + + /* free stash since we are done with it */ + lws_client_stash_destroy(wsi); + if (lws_hdr_simple_create(wsi, + _WSI_TOKEN_CLIENT_PEER_ADDRESS, + wsi->vhost->socks_proxy_address)) + goto bail3; + + wsi->c_port = wsi->vhost->socks_proxy_port; + + /* clear his proxy connection timeout */ + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + goto start_ws_handshake; + } + break; +#endif + + case LRS_WAITING_PROXY_REPLY: + + /* handle proxy hung up on us */ + + if (pollfd->revents & LWS_POLLHUP) { + + lwsl_warn("Proxy connection %p (fd=%d) dead\n", + (void *)wsi, pollfd->fd); + + goto bail3; + } + + n = recv(wsi->desc.sockfd, sb, context->pt_serv_buf_size, 0); + if (n < 0) { + if (LWS_ERRNO == LWS_EAGAIN) { + lwsl_debug("Proxy read EAGAIN... retrying\n"); + return 0; + } + lwsl_err("ERROR reading from proxy socket\n"); + goto bail3; + } + + pt->serv_buf[13] = '\0'; + if (strcmp(sb, "HTTP/1.0 200 ") && + strcmp(sb, "HTTP/1.1 200 ")) { + lwsl_err("ERROR proxy: %s\n", sb); + goto bail3; + } + + /* clear his proxy connection timeout */ + + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + + /* fallthru */ + + case LRS_H1C_ISSUE_HANDSHAKE: + + /* + * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE + * timeout protection set in client-handshake.c + * + * take care of our lws_callback_on_writable + * happening at a time when there's no real connection yet + */ +#if defined(LWS_WITH_SOCKS5) +start_ws_handshake: +#endif + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) + return -1; + +#if defined(LWS_WITH_TLS) + /* we can retry this... just cook the SSL BIO the first time */ + + if ((wsi->use_ssl & LCCSCF_USE_SSL) && !wsi->ssl && + lws_ssl_client_bio_create(wsi) < 0) { + cce = "bio_create failed"; + goto bail3; + } + + if (wsi->use_ssl & LCCSCF_USE_SSL) { + n = lws_ssl_client_connect1(wsi); + if (!n) + return 0; + if (n < 0) { + cce = "lws_ssl_client_connect1 failed"; + goto bail3; + } + } else + wsi->ssl = NULL; + + /* fallthru */ + + case LRS_WAITING_SSL: + + if (wsi->use_ssl & LCCSCF_USE_SSL) { + n = lws_ssl_client_connect2(wsi, ebuf, sizeof(ebuf)); + if (!n) + return 0; + if (n < 0) { + cce = ebuf; + goto bail3; + } + } else + wsi->ssl = NULL; +#endif +#if defined (LWS_WITH_HTTP2) + if (wsi->client_h2_alpn) { + /* + * We connected to the server and set up tls, and + * negotiated "h2". + * + * So this is it, we are an h2 master client connection + * now, not an h1 client connection. + */ + lwsl_info("client connection upgraded to h2\n"); + lws_h2_configure_if_upgraded(wsi); + + lws_role_transition(wsi, LWSIFR_CLIENT, + LRS_H2_CLIENT_SEND_SETTINGS, + &role_ops_h2); + + /* send the H2 preface to legitimize the connection */ + if (lws_h2_issue_preface(wsi)) { + cce = "error sending h2 preface"; + goto bail3; + } + + break; + } +#endif + lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE2); + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND, + context->timeout_secs); + + /* fallthru */ + + case LRS_H1C_ISSUE_HANDSHAKE2: + p = lws_generate_client_handshake(wsi, p); + if (p == NULL) { + if (wsi->role_ops == &role_ops_raw_skt || + wsi->role_ops == &role_ops_raw_file) + return 0; + + lwsl_err("Failed to generate handshake for client\n"); + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "chs"); + return 0; + } + + /* send our request to the server */ + lws_latency_pre(context, wsi); + + w = lws_client_wsi_master(wsi); + lwsl_debug("%s: HANDSHAKE2: %p: sending headers on %p (wsistate 0x%x 0x%x)\n", + __func__, wsi, w, wsi->wsistate, w->wsistate); + + n = lws_ssl_capable_write(w, (unsigned char *)sb, (int)(p - sb)); + lws_latency(context, wsi, "send lws_issue_raw", n, + n == p - sb); + switch (n) { + case LWS_SSL_CAPABLE_ERROR: + lwsl_debug("ERROR writing to client socket\n"); + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "cws"); + return 0; + case LWS_SSL_CAPABLE_MORE_SERVICE: + lws_callback_on_writable(wsi); + break; + } + + if (wsi->client_http_body_pending) { + lwsi_set_state(wsi, LRS_ISSUE_HTTP_BODY); + lws_set_timeout(wsi, + PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD, + context->timeout_secs); + /* user code must ask for writable callback */ + break; + } + + lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); + wsi->hdr_parsing_completed = 0; + + if (lwsi_state(w) == LRS_IDLING) { + lwsi_set_state(w, LRS_WAITING_SERVER_REPLY); + w->hdr_parsing_completed = 0; + + w->ah->parser_state = WSI_TOKEN_NAME_PART; + w->ah->lextable_pos = 0; + /* If we're (re)starting on headers, need other implied init */ + wsi->ah->ues = URIES_IDLE; + } + + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, + wsi->context->timeout_secs); + + lws_callback_on_writable(w); + + goto client_http_body_sent; + + case LRS_ISSUE_HTTP_BODY: + if (wsi->client_http_body_pending) { + lws_set_timeout(wsi, + PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD, + context->timeout_secs); + /* user code must ask for writable callback */ + break; + } +client_http_body_sent: + /* prepare ourselves to do the parsing */ + wsi->ah->parser_state = WSI_TOKEN_NAME_PART; + wsi->ah->lextable_pos = 0; + lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, + context->timeout_secs); + break; + + case LRS_WAITING_SERVER_REPLY: + /* + * handle server hanging up on us... + * but if there is POLLIN waiting, handle that first + */ + if ((pollfd->revents & (LWS_POLLIN | LWS_POLLHUP)) == + LWS_POLLHUP) { + + lwsl_debug("Server connection %p (fd=%d) dead\n", + (void *)wsi, pollfd->fd); + cce = "Peer hung up"; + goto bail3; + } + + if (!(pollfd->revents & LWS_POLLIN)) + break; + + /* interpret the server response + * + * HTTP/1.1 101 Switching Protocols + * Upgrade: websocket + * Connection: Upgrade + * Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo= + * Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC== + * Sec-WebSocket-Protocol: chat + * + * we have to take some care here to only take from the + * socket bytewise. The browser may (and has been seen to + * in the case that onopen() performs websocket traffic) + * coalesce both handshake response and websocket traffic + * in one packet, since at that point the connection is + * definitively ready from browser pov. + */ + len = 1; + while (wsi->ah->parser_state != WSI_PARSING_COMPLETE && + len > 0) { + int plen = 1; + + n = lws_ssl_capable_read(wsi, &c, 1); + lws_latency(context, wsi, "send lws_issue_raw", n, + n == 1); + switch (n) { + case 0: + case LWS_SSL_CAPABLE_ERROR: + cce = "read failed"; + goto bail3; + case LWS_SSL_CAPABLE_MORE_SERVICE: + return 0; + } + + if (lws_parse(wsi, &c, &plen)) { + lwsl_warn("problems parsing header\n"); + goto bail3; + } + } + + /* + * hs may also be coming in multiple packets, there is a 5-sec + * libwebsocket timeout still active here too, so if parsing did + * not complete just wait for next packet coming in this state + */ + if (wsi->ah->parser_state != WSI_PARSING_COMPLETE) + break; + + + + /* + * otherwise deal with the handshake. If there's any + * packet traffic already arrived we'll trigger poll() again + * right away and deal with it that way + */ + return lws_client_interpret_server_handshake(wsi); + +bail3: + lwsl_info("closing conn at LWS_CONNMODE...SERVER_REPLY\n"); + if (cce) + lwsl_info("reason: %s\n", cce); + wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_CONNECTION_ERROR, + wsi->user_space, (void *)cce, cce ? strlen(cce) : 0); + wsi->already_did_cce = 1; + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "cbail3"); + return -1; + + default: + break; + } + + return 0; +} + + + +int LWS_WARN_UNUSED_RESULT +lws_http_transaction_completed_client(struct lws *wsi) +{ + struct lws *wsi_eff = lws_client_wsi_effective(wsi); + + lwsl_info("%s: wsi: %p, wsi_eff: %p\n", __func__, wsi, wsi_eff); + + if (user_callback_handle_rxflow(wsi_eff->protocol->callback, + wsi_eff, LWS_CALLBACK_COMPLETED_CLIENT_HTTP, + wsi_eff->user_space, NULL, 0)) { + lwsl_debug("%s: Completed call returned nonzero (role 0x%x)\n", + __func__, lwsi_role(wsi_eff)); + return -1; + } + + /* + * Are we constitutionally capable of having a queue, ie, we are on + * the "active client connections" list? + * + * If not, that's it for us. + */ + + if (lws_dll_is_null(&wsi->dll_active_client_conns)) + return -1; + + /* if this was a queued guy, close him and remove from queue */ + + if (wsi->transaction_from_pipeline_queue) { + lwsl_debug("closing queued wsi %p\n", wsi_eff); + /* so the close doesn't trigger a CCE */ + wsi_eff->already_did_cce = 1; + __lws_close_free_wsi(wsi_eff, + LWS_CLOSE_STATUS_CLIENT_TRANSACTION_DONE, + "queued client done"); + } + + /* after the first one, they can only be coming from the queue */ + wsi->transaction_from_pipeline_queue = 1; + + wsi->http.rx_content_length = 0; + wsi->hdr_parsing_completed = 0; + + /* is there a new tail after removing that one? */ + wsi_eff = lws_client_wsi_effective(wsi); + + /* + * Do we have something pipelined waiting? + * it's OK if he hasn't managed to send his headers yet... he's next + * in line to do that... + */ + if (wsi_eff == wsi) { + /* + * Nothing pipelined... we should hang around a bit + * in case something turns up... + */ + lwsl_info("%s: nothing pipelined waiting\n", __func__); + lwsi_set_state(wsi, LRS_IDLING); + + lws_set_timeout(wsi, PENDING_TIMEOUT_CLIENT_CONN_IDLE, 5); + + return 0; + } + + /* + * H1: we can serialize the queued guys into the same ah + * H2: everybody needs their own ah until their own STREAM_END + */ + + /* otherwise set ourselves up ready to go again */ + lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); + + wsi->ah->parser_state = WSI_TOKEN_NAME_PART; + wsi->ah->lextable_pos = 0; + + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, + wsi->context->timeout_secs); + + /* If we're (re)starting on headers, need other implied init */ + wsi->ah->ues = URIES_IDLE; + + lwsl_info("%s: %p: new queued transaction as %p\n", __func__, wsi, wsi_eff); + lws_callback_on_writable(wsi); + + return 0; +} + +LWS_VISIBLE LWS_EXTERN unsigned int +lws_http_client_http_response(struct lws *wsi) +{ + if (!wsi->ah) + return 0; + + return wsi->ah->http_response; +} +#if defined(LWS_PLAT_OPTEE) +char * +strrchr(const char *s, int c) +{ + char *hit = NULL; + + while (*s) + if (*(s++) == (char)c) + hit = (char *)s - 1; + + return hit; +} + +#define atoll atoi +#endif + +int +lws_client_interpret_server_handshake(struct lws *wsi) +{ + int n, port = 0, ssl = 0; + int close_reason = LWS_CLOSE_STATUS_PROTOCOL_ERR; + const char *prot, *ads = NULL, *path, *cce = NULL; + struct allocated_headers *ah = NULL; + struct lws *w = lws_client_wsi_effective(wsi); + char *p, *q; + char new_path[300]; + + lws_client_stash_destroy(wsi); + + ah = wsi->ah; + if (!wsi->do_ws) { + /* we are being an http client... + */ +#if defined(LWS_ROLE_H2) + if (wsi->client_h2_alpn) + lws_role_transition(wsi, LWSIFR_CLIENT, + LRS_ESTABLISHED, &role_ops_h2); + else +#endif + lws_role_transition(wsi, LWSIFR_CLIENT, + LRS_ESTABLISHED, &role_ops_h1); + + wsi->ah = ah; + ah->http_response = 0; + } + + /* + * well, what the server sent looked reasonable for syntax. + * Now let's confirm it sent all the necessary headers + * + * http (non-ws) client will expect something like this + * + * HTTP/1.0.200 + * server:.libwebsockets + * content-type:.text/html + * content-length:.17703 + * set-cookie:.test=LWS_1456736240_336776_COOKIE;Max-Age=360000 + */ + + wsi->http.connection_type = HTTP_CONNECTION_KEEP_ALIVE; + if (!wsi->client_h2_substream) { + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP); + if (wsi->do_ws && !p) { + lwsl_info("no URI\n"); + cce = "HS: URI missing"; + goto bail3; + } + if (!p) { + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP1_0); + wsi->http.connection_type = HTTP_CONNECTION_CLOSE; + } + if (!p) { + cce = "HS: URI missing"; + lwsl_info("no URI\n"); + goto bail3; + } + } else { + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_STATUS); + if (!p) { + cce = "HS: :status missing"; + lwsl_info("no status\n"); + goto bail3; + } + } + n = atoi(p); + if (ah) + ah->http_response = n; + + if (n == 301 || n == 302 || n == 303 || n == 307 || n == 308) { + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_LOCATION); + if (!p) { + cce = "HS: Redirect code but no Location"; + goto bail3; + } + + /* Relative reference absolute path */ + if (p[0] == '/') { +#if defined(LWS_WITH_TLS) + ssl = wsi->use_ssl & LCCSCF_USE_SSL; +#endif + ads = lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_PEER_ADDRESS); + port = wsi->c_port; + /* +1 as lws_client_reset expects leading / omitted */ + path = p + 1; + } + /* Absolute (Full) URI */ + else if (strchr(p, ':')) { + if (lws_parse_uri(p, &prot, &ads, &port, &path)) { + cce = "HS: URI did not parse"; + goto bail3; + } + + if (!strcmp(prot, "wss") || !strcmp(prot, "https")) + ssl = 1; + } + /* Relative reference relative path */ + else { + /* This doesn't try to calculate an absolute path, + * that will be left to the server */ +#if defined(LWS_WITH_TLS) + ssl = wsi->use_ssl & LCCSCF_USE_SSL; +#endif + ads = lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_PEER_ADDRESS); + port = wsi->c_port; + /* +1 as lws_client_reset expects leading / omitted */ + path = new_path + 1; + lws_strncpy(new_path, lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_URI), sizeof(new_path)); + q = strrchr(new_path, '/'); + if (q) + lws_strncpy(q + 1, p, sizeof(new_path) - + (q - new_path)); + else + path = p; + } + +#if defined(LWS_WITH_TLS) + if ((wsi->use_ssl & LCCSCF_USE_SSL) && !ssl) { + cce = "HS: Redirect attempted SSL downgrade"; + goto bail3; + } +#endif + + if (!lws_client_reset(&wsi, ssl, ads, port, path, ads)) { + /* there are two ways to fail out with NULL return... + * simple, early problem where the wsi is intact, or + * we went through with the reconnect attempt and the + * wsi is already closed. In the latter case, the wsi + * has beet set to NULL additionally. + */ + lwsl_err("Redirect failed\n"); + cce = "HS: Redirect failed"; + if (wsi) + goto bail3; + + return 1; + } + return 0; + } + + if (!wsi->do_ws) { + + /* if h1 KA is allowed, enable the queued pipeline guys */ + + if (!wsi->client_h2_alpn && !wsi->client_h2_substream && w == wsi) { /* ie, coming to this for the first time */ + if (wsi->http.connection_type == HTTP_CONNECTION_KEEP_ALIVE) + wsi->keepalive_active = 1; + else { + /* + * Ugh... now the main http connection has seen + * both sides, we learn the server doesn't + * support keepalive. + * + * That means any guys queued on us are going + * to have to be restarted from connect2 with + * their own connections. + */ + + /* + * stick around telling any new guys they can't + * pipeline to this server + */ + wsi->keepalive_rejected = 1; + + lws_vhost_lock(wsi->vhost); + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + wsi->dll_client_transaction_queue_head.next) { + struct lws *ww = lws_container_of(d, struct lws, + dll_client_transaction_queue); + + /* remove him from our queue */ + lws_dll_lws_remove(&ww->dll_client_transaction_queue); + /* give up on pipelining */ + ww->client_pipeline = 0; + + /* go back to "trying to connect" state */ + lws_role_transition(ww, LWSIFR_CLIENT, + LRS_UNCONNECTED, + &role_ops_h1); + ww->user_space = NULL; + } lws_end_foreach_dll_safe(d, d1); + lws_vhost_unlock(wsi->vhost); + } + } + +#ifdef LWS_WITH_HTTP_PROXY + wsi->perform_rewrite = 0; + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE)) { + if (!strncmp(lws_hdr_simple_ptr(wsi, + WSI_TOKEN_HTTP_CONTENT_TYPE), + "text/html", 9)) + wsi->perform_rewrite = 1; + } +#endif + + /* allocate the per-connection user memory (if any) */ + if (lws_ensure_user_space(wsi)) { + lwsl_err("Problem allocating wsi user mem\n"); + cce = "HS: OOM"; + goto bail2; + } + + /* he may choose to send us stuff in chunked transfer-coding */ + wsi->chunked = 0; + wsi->chunk_remaining = 0; /* ie, next thing is chunk size */ + if (lws_hdr_total_length(wsi, + WSI_TOKEN_HTTP_TRANSFER_ENCODING)) { + wsi->chunked = !strcmp(lws_hdr_simple_ptr(wsi, + WSI_TOKEN_HTTP_TRANSFER_ENCODING), + "chunked"); + /* first thing is hex, after payload there is crlf */ + wsi->chunk_parser = ELCP_HEX; + } + + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { + wsi->http.rx_content_length = + atoll(lws_hdr_simple_ptr(wsi, + WSI_TOKEN_HTTP_CONTENT_LENGTH)); + lwsl_info("%s: incoming content length %llu\n", + __func__, (unsigned long long) + wsi->http.rx_content_length); + wsi->http.rx_content_remain = + wsi->http.rx_content_length; + } else /* can't do 1.1 without a content length or chunked */ + if (!wsi->chunked) + wsi->http.connection_type = + HTTP_CONNECTION_CLOSE; + + /* + * we seem to be good to go, give client last chance to check + * headers and OK it + */ + if (wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH, + wsi->user_space, NULL, 0)) { + + cce = "HS: disallowed by client filter"; + goto bail2; + } + + /* clear his proxy connection timeout */ + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + + wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; + + /* call him back to inform him he is up */ + if (wsi->protocol->callback(wsi, + LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP, + wsi->user_space, NULL, 0)) { + cce = "HS: disallowed at ESTABLISHED"; + goto bail3; + } + + /* + * for pipelining, master needs to keep his ah... guys who + * queued on him can drop it now though. + */ + + if (w != wsi) { + /* free up parsing allocations for queued guy */ + lws_header_table_force_to_detachable_state(w); + lws_header_table_detach(w, 0); + } + + lwsl_info("%s: client connection up\n", __func__); + + return 0; + } + +#if defined(LWS_ROLE_WS) + switch (lws_client_ws_upgrade(wsi, &cce)) { + case 2: + goto bail2; + case 3: + goto bail3; + } + + return 0; +#endif + +bail3: + close_reason = LWS_CLOSE_STATUS_NOSTATUS; + +bail2: + if (wsi->protocol) { + n = 0; + if (cce) + n = strlen(cce); + wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_CONNECTION_ERROR, + wsi->user_space, (void *)cce, + (unsigned int)n); + } + wsi->already_did_cce = 1; + + lwsl_info("closing connection due to bail2 connection error\n"); + + /* closing will free up his parsing allocations */ + lws_close_free_wsi(wsi, close_reason, "c hs interp"); + + return 1; +} + + +char * +lws_generate_client_handshake(struct lws *wsi, char *pkt) +{ + char *p = pkt; + const char *meth; + const char *pp = lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); + + meth = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); + if (!meth) { + meth = "GET"; + wsi->do_ws = 1; + } else { + wsi->do_ws = 0; + } + + if (!strcmp(meth, "RAW")) { + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + lwsl_notice("client transition to raw\n"); + + if (pp) { + const struct lws_protocols *pr; + + pr = lws_vhost_name_to_protocol(wsi->vhost, pp); + + if (!pr) { + lwsl_err("protocol %s not enabled on vhost\n", + pp); + return NULL; + } + + lws_bind_protocol(wsi, pr); + } + + if ((wsi->protocol->callback)(wsi, LWS_CALLBACK_RAW_ADOPT, + wsi->user_space, NULL, 0)) + return NULL; + + lws_header_table_force_to_detachable_state(wsi); + lws_role_transition(wsi, 0, LRS_ESTABLISHED, &role_ops_raw_skt); + lws_header_table_detach(wsi, 1); + + return NULL; + } + + /* + * 04 example client handshake + * + * GET /chat HTTP/1.1 + * Host: server.example.com + * Upgrade: websocket + * Connection: Upgrade + * Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== + * Sec-WebSocket-Origin: http://example.com + * Sec-WebSocket-Protocol: chat, superchat + * Sec-WebSocket-Version: 4 + */ + + p += sprintf(p, "%s %s HTTP/1.1\x0d\x0a", meth, + lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_URI)); + + p += sprintf(p, "Pragma: no-cache\x0d\x0a" + "Cache-Control: no-cache\x0d\x0a"); + + p += sprintf(p, "Host: %s\x0d\x0a", + lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_HOST)); + + if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN)) { + if (lws_check_opt(wsi->context->options, + LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN)) + p += sprintf(p, "Origin: %s\x0d\x0a", + lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_ORIGIN)); + else + p += sprintf(p, "Origin: http://%s\x0d\x0a", + lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_ORIGIN)); + } + + if (wsi->do_ws) + p = lws_generate_client_ws_handshake(wsi, p); + + /* give userland a chance to append, eg, cookies */ + + if (wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER, + wsi->user_space, &p, + (pkt + wsi->context->pt_serv_buf_size) - p - 12)) + return NULL; + + p += sprintf(p, "\x0d\x0a"); + + return p; +} + +LWS_VISIBLE int +lws_http_client_read(struct lws *wsi, char **buf, int *len) +{ + int rlen, n; + + rlen = lws_ssl_capable_read(wsi, (unsigned char *)*buf, *len); + *len = 0; + + // lwsl_notice("%s: rlen %d\n", __func__, rlen); + + /* allow the source to signal he has data again next time */ + lws_change_pollfd(wsi, 0, LWS_POLLIN); + + if (rlen == LWS_SSL_CAPABLE_ERROR) { + lwsl_notice("%s: SSL capable error\n", __func__); + return -1; + } + + if (rlen == 0) + return -1; + + if (rlen < 0) + return 0; + + *len = rlen; + wsi->client_rx_avail = 0; + + /* + * server may insist on transfer-encoding: chunked, + * so http client must deal with it + */ +spin_chunks: + while (wsi->chunked && (wsi->chunk_parser != ELCP_CONTENT) && *len) { + switch (wsi->chunk_parser) { + case ELCP_HEX: + if ((*buf)[0] == '\x0d') { + wsi->chunk_parser = ELCP_CR; + break; + } + n = char_to_hex((*buf)[0]); + if (n < 0) { + lwsl_debug("chunking failure\n"); + return -1; + } + wsi->chunk_remaining <<= 4; + wsi->chunk_remaining |= n; + break; + case ELCP_CR: + if ((*buf)[0] != '\x0a') { + lwsl_debug("chunking failure\n"); + return -1; + } + wsi->chunk_parser = ELCP_CONTENT; + lwsl_info("chunk %d\n", wsi->chunk_remaining); + if (wsi->chunk_remaining) + break; + lwsl_info("final chunk\n"); + goto completed; + + case ELCP_CONTENT: + break; + + case ELCP_POST_CR: + if ((*buf)[0] != '\x0d') { + lwsl_debug("chunking failure\n"); + + return -1; + } + + wsi->chunk_parser = ELCP_POST_LF; + break; + + case ELCP_POST_LF: + if ((*buf)[0] != '\x0a') + return -1; + + wsi->chunk_parser = ELCP_HEX; + wsi->chunk_remaining = 0; + break; + } + (*buf)++; + (*len)--; + } + + if (wsi->chunked && !wsi->chunk_remaining) + return 0; + + if (wsi->http.rx_content_remain && + wsi->http.rx_content_remain < (unsigned int)*len) + n = (int)wsi->http.rx_content_remain; + else + n = *len; + + if (wsi->chunked && wsi->chunk_remaining && + wsi->chunk_remaining < n) + n = wsi->chunk_remaining; + +#ifdef LWS_WITH_HTTP_PROXY + /* hubbub */ + if (wsi->perform_rewrite) + lws_rewrite_parse(wsi->rw, (unsigned char *)*buf, n); + else +#endif + { + struct lws *wsi_eff = lws_client_wsi_effective(wsi); + + if (user_callback_handle_rxflow(wsi_eff->protocol->callback, + wsi_eff, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ, + wsi_eff->user_space, *buf, n)) { + lwsl_debug("%s: RECEIVE_CLIENT_HTTP_READ returned -1\n", + __func__); + + return -1; + } + } + + if (wsi->chunked && wsi->chunk_remaining) { + (*buf) += n; + wsi->chunk_remaining -= n; + *len -= n; + } + + if (wsi->chunked && !wsi->chunk_remaining) + wsi->chunk_parser = ELCP_POST_CR; + + if (wsi->chunked && *len) + goto spin_chunks; + + if (wsi->chunked) + return 0; + + /* if we know the content length, decrement the content remaining */ + if (wsi->http.rx_content_length > 0) + wsi->http.rx_content_remain -= n; + + // lwsl_notice("rx_content_remain %lld, rx_content_length %lld\n", + // wsi->http.rx_content_remain, wsi->http.rx_content_length); + + if (wsi->http.rx_content_remain || !wsi->http.rx_content_length) + return 0; + +completed: + + if (lws_http_transaction_completed_client(wsi)) { + lwsl_notice("%s: transaction completed says -1\n", __func__); + return -1; + } + + return 0; +} diff --git a/lib/roles/http/header.c b/lib/roles/http/header.c new file mode 100644 index 0000000..5a2900d --- /dev/null +++ b/lib/roles/http/header.c @@ -0,0 +1,402 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" +#include "lextable-strings.h" + + +const unsigned char * +lws_token_to_string(enum lws_token_indexes token) +{ + if ((unsigned int)token >= ARRAY_SIZE(set)) + return NULL; + + return (unsigned char *)set[token]; +} + +int +lws_add_http_header_by_name(struct lws *wsi, const unsigned char *name, + const unsigned char *value, int length, + unsigned char **p, unsigned char *end) +{ +#ifdef LWS_WITH_HTTP2 + if (lwsi_role_h2(wsi) || lwsi_role_h2_ENCAPSULATION(wsi)) + return lws_add_http2_header_by_name(wsi, name, + value, length, p, end); +#else + (void)wsi; +#endif + if (name) { + while (*p < end && *name) + *((*p)++) = *name++; + if (*p == end) + return 1; + *((*p)++) = ' '; + } + if (*p + length + 3 >= end) + return 1; + + memcpy(*p, value, length); + *p += length; + *((*p)++) = '\x0d'; + *((*p)++) = '\x0a'; + + return 0; +} + +int lws_finalize_http_header(struct lws *wsi, unsigned char **p, + unsigned char *end) +{ +#ifdef LWS_WITH_HTTP2 + if (lwsi_role_h2(wsi) || lwsi_role_h2_ENCAPSULATION(wsi)) + return 0; +#else + (void)wsi; +#endif + if ((lws_intptr_t)(end - *p) < 3) + return 1; + *((*p)++) = '\x0d'; + *((*p)++) = '\x0a'; + + return 0; +} + +int +lws_finalize_write_http_header(struct lws *wsi, unsigned char *start, + unsigned char **pp, unsigned char *end) +{ + unsigned char *p; + int len; + + if (lws_finalize_http_header(wsi, pp, end)) + return 1; + + p = *pp; + len = lws_ptr_diff(p, start); + + if (lws_write(wsi, start, len, LWS_WRITE_HTTP_HEADERS) != len) + return 1; + + return 0; +} + +int +lws_add_http_header_by_token(struct lws *wsi, enum lws_token_indexes token, + const unsigned char *value, int length, + unsigned char **p, unsigned char *end) +{ + const unsigned char *name; +#ifdef LWS_WITH_HTTP2 + if (lwsi_role_h2(wsi) || lwsi_role_h2_ENCAPSULATION(wsi)) + return lws_add_http2_header_by_token(wsi, token, value, + length, p, end); +#endif + name = lws_token_to_string(token); + if (!name) + return 1; + + return lws_add_http_header_by_name(wsi, name, value, length, p, end); +} + +int lws_add_http_header_content_length(struct lws *wsi, + lws_filepos_t content_length, + unsigned char **p, unsigned char *end) +{ + char b[24]; + int n; + + n = sprintf(b, "%llu", (unsigned long long)content_length); + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH, + (unsigned char *)b, n, p, end)) + return 1; + wsi->http.tx_content_length = content_length; + wsi->http.tx_content_remain = content_length; + + lwsl_info("%s: wsi %p: tx_content_length/remain %llu\n", __func__, + wsi, (unsigned long long)content_length); + + return 0; +} + +int +lws_add_http_common_headers(struct lws *wsi, unsigned int code, + const char *content_type, lws_filepos_t content_len, + unsigned char **p, unsigned char *end) +{ + if (lws_add_http_header_status(wsi, code, p, end)) + return 1; + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, + (unsigned char *)content_type, + strlen(content_type), p, end)) + return 1; + if (lws_add_http_header_content_length(wsi, content_len, p, end)) + return 1; + + return 0; +} + +STORE_IN_ROM static const char * const err400[] = { + "Bad Request", + "Unauthorized", + "Payment Required", + "Forbidden", + "Not Found", + "Method Not Allowed", + "Not Acceptable", + "Proxy Auth Required", + "Request Timeout", + "Conflict", + "Gone", + "Length Required", + "Precondition Failed", + "Request Entity Too Large", + "Request URI too Long", + "Unsupported Media Type", + "Requested Range Not Satisfiable", + "Expectation Failed" +}; + +STORE_IN_ROM static const char * const err500[] = { + "Internal Server Error", + "Not Implemented", + "Bad Gateway", + "Service Unavailable", + "Gateway Timeout", + "HTTP Version Not Supported" +}; + +int +lws_add_http_header_status(struct lws *wsi, unsigned int _code, + unsigned char **p, unsigned char *end) +{ + STORE_IN_ROM static const char * const hver[] = { + "HTTP/1.0", "HTTP/1.1", "HTTP/2" + }; + const struct lws_protocol_vhost_options *headers; + unsigned int code = _code & LWSAHH_CODE_MASK; + const char *description = "", *p1; + unsigned char code_and_desc[60]; + int n; + +#ifdef LWS_WITH_ACCESS_LOG + wsi->access_log.response = code; +#endif + +#ifdef LWS_WITH_HTTP2 + if (lwsi_role_h2(wsi) || lwsi_role_h2_ENCAPSULATION(wsi)) + return lws_add_http2_header_status(wsi, code, p, end); +#endif + if (code >= 400 && code < (400 + ARRAY_SIZE(err400))) + description = err400[code - 400]; + if (code >= 500 && code < (500 + ARRAY_SIZE(err500))) + description = err500[code - 500]; + + if (code == 100) + description = "Continue"; + if (code == 200) + description = "OK"; + if (code == 304) + description = "Not Modified"; + else + if (code >= 300 && code < 400) + description = "Redirect"; + + if (wsi->http.request_version < ARRAY_SIZE(hver)) + p1 = hver[wsi->http.request_version]; + else + p1 = hver[0]; + + n = sprintf((char *)code_and_desc, "%s %u %s", p1, code, description); + + if (lws_add_http_header_by_name(wsi, NULL, code_and_desc, n, p, end)) + return 1; + + headers = wsi->vhost->headers; + while (headers) { + if (lws_add_http_header_by_name(wsi, + (const unsigned char *)headers->name, + (unsigned char *)headers->value, + (int)strlen(headers->value), p, end)) + return 1; + + headers = headers->next; + } + + if (wsi->context->server_string && + !(_code & LWSAHH_FLAG_NO_SERVER_NAME)) + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_SERVER, + (unsigned char *)wsi->context->server_string, + wsi->context->server_string_len, p, end)) + return 1; + + if (wsi->vhost->options & LWS_SERVER_OPTION_STS) + if (lws_add_http_header_by_name(wsi, (unsigned char *) + "Strict-Transport-Security:", + (unsigned char *)"max-age=15768000 ; " + "includeSubDomains", 36, p, end)) + return 1; + + return 0; +} + +LWS_VISIBLE int +lws_return_http_status(struct lws *wsi, unsigned int code, + const char *html_body) +{ + struct lws_context *context = lws_get_context(wsi); + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + unsigned char *p = pt->serv_buf + LWS_PRE; + unsigned char *start = p; + unsigned char *end = p + context->pt_serv_buf_size - LWS_PRE; + int n = 0, m = 0, len; + char slen[20]; + + if (!wsi->vhost) { + lwsl_err("%s: wsi not bound to vhost\n", __func__); + + return 1; + } + if (!wsi->handling_404 && + wsi->vhost->error_document_404 && + code == HTTP_STATUS_NOT_FOUND) + /* we should do a redirect, and do the 404 there */ + if (lws_http_redirect(wsi, HTTP_STATUS_FOUND, + (uint8_t *)wsi->vhost->error_document_404, + strlen(wsi->vhost->error_document_404), + &p, end) > 0) + return 0; + + /* if the redirect failed, just do a simple status */ + p = start; + + if (!html_body) + html_body = ""; + + if (lws_add_http_header_status(wsi, code, &p, end)) + return 1; + + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, + (unsigned char *)"text/html", 9, + &p, end)) + return 1; + + len = 35 + (int)strlen(html_body) + sprintf(slen, "%d", code); + n = sprintf(slen, "%d", len); + + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH, + (unsigned char *)slen, n, &p, end)) + return 1; + + if (lws_finalize_http_header(wsi, &p, end)) + return 1; + +#if defined(LWS_WITH_HTTP2) + if (wsi->http2_substream) { + unsigned char *body = p + 512; + + /* + * for HTTP/2, the headers must be sent separately, since they + * go out in their own frame. That puts us in a bind that + * we won't always be able to get away with two lws_write()s in + * sequence, since the first may use up the writability due to + * the pipe being choked or SSL_WANT_. + * + * However we do need to send the human-readable body, and the + * END_STREAM. + * + * Solve it by writing the headers now... + */ + m = lws_write(wsi, start, p - start, LWS_WRITE_HTTP_HEADERS); + if (m != lws_ptr_diff(p, start)) + return 1; + + /* + * ... but stash the body and send it as a priority next + * handle_POLLOUT + */ + + len = sprintf((char *)body, + "

%u

%s", + code, html_body); + wsi->http.tx_content_length = len; + wsi->http.tx_content_remain = len; + + wsi->h2.pending_status_body = lws_malloc(len + LWS_PRE + 1, + "pending status body"); + if (!wsi->h2.pending_status_body) + return -1; + + strcpy(wsi->h2.pending_status_body + LWS_PRE, + (const char *)body); + lws_callback_on_writable(wsi); + + return 0; + } else +#endif + { + /* + * for http/1, we can just append the body after the finalized + * headers and send it all in one go. + */ + p += lws_snprintf((char *)p, end - p - 1, + "

%u

%s", + code, html_body); + + n = lws_ptr_diff(p, start); + m = lws_write(wsi, start, n, LWS_WRITE_HTTP); + if (m != n) + return 1; + } + + return m != n; +} + +LWS_VISIBLE int +lws_http_redirect(struct lws *wsi, int code, const unsigned char *loc, int len, + unsigned char **p, unsigned char *end) +{ + unsigned char *start = *p; + + if (lws_add_http_header_status(wsi, code, p, end)) + return -1; + + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_LOCATION, loc, len, + p, end)) + return -1; + /* + * if we're going with http/1.1 and keepalive, we have to give fake + * content metadata so the client knows we completed the transaction and + * it can do the redirect... + */ + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, + (unsigned char *)"text/html", 9, p, + end)) + return -1; + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH, + (unsigned char *)"0", 1, p, end)) + return -1; + + if (lws_finalize_http_header(wsi, p, end)) + return -1; + + return lws_write(wsi, start, *p - start, LWS_WRITE_HTTP_HEADERS | + LWS_WRITE_H2_STREAM_END); +} diff --git a/lib/roles/http/lextable-strings.h b/lib/roles/http/lextable-strings.h new file mode 100644 index 0000000..631f5cb --- /dev/null +++ b/lib/roles/http/lextable-strings.h @@ -0,0 +1,108 @@ +/* set of parsable strings -- ALL LOWER CASE */ + +#if !defined(STORE_IN_ROM) +#define STORE_IN_ROM +#endif + +STORE_IN_ROM static const char * const set[] = { + "get ", + "post ", + "options ", + "host:", + "connection:", + "upgrade:", + "origin:", + "sec-websocket-draft:", + "\x0d\x0a", + + "sec-websocket-extensions:", + "sec-websocket-key1:", + "sec-websocket-key2:", + "sec-websocket-protocol:", + + "sec-websocket-accept:", + "sec-websocket-nonce:", + "http/1.1 ", + "http2-settings:", + + "accept:", + "access-control-request-headers:", + "if-modified-since:", + "if-none-match:", + "accept-encoding:", + "accept-language:", + "pragma:", + "cache-control:", + "authorization:", + "cookie:", + "content-length:", + "content-type:", + "date:", + "range:", + "referer:", + "sec-websocket-key:", + "sec-websocket-version:", + "sec-websocket-origin:", + + ":authority", + ":method", + ":path", + ":scheme", + ":status", + + "accept-charset:", + "accept-ranges:", + "access-control-allow-origin:", + "age:", + "allow:", + "content-disposition:", + "content-encoding:", + "content-language:", + "content-location:", + "content-range:", + "etag:", + "expect:", + "expires:", + "from:", + "if-match:", + "if-range:", + "if-unmodified-since:", + "last-modified:", + "link:", + "location:", + "max-forwards:", + "proxy-authenticate:", + "proxy-authorization:", + "refresh:", + "retry-after:", + "server:", + "set-cookie:", + "strict-transport-security:", + "transfer-encoding:", + "user-agent:", + "vary:", + "via:", + "www-authenticate:", + + "patch", + "put", + "delete", + + "uri-args", /* fake header used for uri-only storage */ + + "proxy ", + "x-real-ip:", + "http/1.0 ", + + "x-forwarded-for", + "connect ", + "head ", + "te:", /* http/2 wants it to reject it */ + "replay-nonce:", /* ACME */ + ":protocol", /* defined in mcmanus-httpbis-h2-ws-02 */ + + "x-auth-token:", + + "", /* not matchable */ + +}; diff --git a/lib/roles/http/lextable.h b/lib/roles/http/lextable.h new file mode 100644 index 0000000..9a8063b --- /dev/null +++ b/lib/roles/http/lextable.h @@ -0,0 +1,838 @@ +/* pos 0000: 0 */ 0x67 /* 'g' */, 0x40, 0x00 /* (to 0x0040 state 1) */, + 0x70 /* 'p' */, 0x42, 0x00 /* (to 0x0045 state 5) */, + 0x6F /* 'o' */, 0x51, 0x00 /* (to 0x0057 state 10) */, + 0x68 /* 'h' */, 0x5D, 0x00 /* (to 0x0066 state 18) */, + 0x63 /* 'c' */, 0x69, 0x00 /* (to 0x0075 state 23) */, + 0x75 /* 'u' */, 0x8A, 0x00 /* (to 0x0099 state 34) */, + 0x73 /* 's' */, 0xA0, 0x00 /* (to 0x00B2 state 48) */, + 0x0D /* '.' */, 0xD9, 0x00 /* (to 0x00EE state 68) */, + 0x61 /* 'a' */, 0x31, 0x01 /* (to 0x0149 state 129) */, + 0x69 /* 'i' */, 0x70, 0x01 /* (to 0x018B state 163) */, + 0x64 /* 'd' */, 0x19, 0x02 /* (to 0x0237 state 265) */, + 0x72 /* 'r' */, 0x22, 0x02 /* (to 0x0243 state 270) */, + 0x3A /* ':' */, 0x56, 0x02 /* (to 0x027A state 299) */, + 0x65 /* 'e' */, 0xE8, 0x02 /* (to 0x030F state 409) */, + 0x66 /* 'f' */, 0x04, 0x03 /* (to 0x032E state 425) */, + 0x6C /* 'l' */, 0x26, 0x03 /* (to 0x0353 state 458) */, + 0x6D /* 'm' */, 0x49, 0x03 /* (to 0x0379 state 484) */, + 0x74 /* 't' */, 0xB8, 0x03 /* (to 0x03EB state 578) */, + 0x76 /* 'v' */, 0xD9, 0x03 /* (to 0x040F state 606) */, + 0x77 /* 'w' */, 0xE6, 0x03 /* (to 0x041F state 614) */, + 0x78 /* 'x' */, 0x0D, 0x04 /* (to 0x0449 state 650) */, + 0x08, /* fail */ +/* pos 0040: 1 */ 0xE5 /* 'e' -> */, +/* pos 0041: 2 */ 0xF4 /* 't' -> */, +/* pos 0042: 3 */ 0xA0 /* ' ' -> */, +/* pos 0043: 4 */ 0x00, 0x00 /* - terminal marker 0 - */, +/* pos 0045: 5 */ 0x6F /* 'o' */, 0x0D, 0x00 /* (to 0x0052 state 6) */, + 0x72 /* 'r' */, 0x95, 0x01 /* (to 0x01DD state 211) */, + 0x61 /* 'a' */, 0xE6, 0x03 /* (to 0x0431 state 631) */, + 0x75 /* 'u' */, 0xE8, 0x03 /* (to 0x0436 state 635) */, + 0x08, /* fail */ +/* pos 0052: 6 */ 0xF3 /* 's' -> */, +/* pos 0053: 7 */ 0xF4 /* 't' -> */, +/* pos 0054: 8 */ 0xA0 /* ' ' -> */, +/* pos 0055: 9 */ 0x00, 0x01 /* - terminal marker 1 - */, +/* pos 0057: 10 */ 0x70 /* 'p' */, 0x07, 0x00 /* (to 0x005E state 11) */, + 0x72 /* 'r' */, 0x51, 0x00 /* (to 0x00AB state 42) */, + 0x08, /* fail */ +/* pos 005e: 11 */ 0xF4 /* 't' -> */, +/* pos 005f: 12 */ 0xE9 /* 'i' -> */, +/* pos 0060: 13 */ 0xEF /* 'o' -> */, +/* pos 0061: 14 */ 0xEE /* 'n' -> */, +/* pos 0062: 15 */ 0xF3 /* 's' -> */, +/* pos 0063: 16 */ 0xA0 /* ' ' -> */, +/* pos 0064: 17 */ 0x00, 0x02 /* - terminal marker 2 - */, +/* pos 0066: 18 */ 0x6F /* 'o' */, 0x0A, 0x00 /* (to 0x0070 state 19) */, + 0x74 /* 't' */, 0xBF, 0x00 /* (to 0x0128 state 110) */, + 0x65 /* 'e' */, 0x04, 0x04 /* (to 0x0470 state 676) */, + 0x08, /* fail */ +/* pos 0070: 19 */ 0xF3 /* 's' -> */, +/* pos 0071: 20 */ 0xF4 /* 't' -> */, +/* pos 0072: 21 */ 0xBA /* ':' -> */, +/* pos 0073: 22 */ 0x00, 0x03 /* - terminal marker 3 - */, +/* pos 0075: 23 */ 0x6F /* 'o' */, 0x07, 0x00 /* (to 0x007C state 24) */, + 0x61 /* 'a' */, 0x72, 0x01 /* (to 0x01EA state 217) */, + 0x08, /* fail */ +/* pos 007c: 24 */ 0x6E /* 'n' */, 0x07, 0x00 /* (to 0x0083 state 25) */, + 0x6F /* 'o' */, 0x87, 0x01 /* (to 0x0206 state 243) */, + 0x08, /* fail */ +/* pos 0083: 25 */ 0x6E /* 'n' */, 0x07, 0x00 /* (to 0x008A state 26) */, + 0x74 /* 't' */, 0x86, 0x01 /* (to 0x020C state 248) */, + 0x08, /* fail */ +/* pos 008a: 26 */ 0xE5 /* 'e' -> */, +/* pos 008b: 27 */ 0xE3 /* 'c' -> */, +/* pos 008c: 28 */ 0xF4 /* 't' -> */, +/* pos 008d: 29 */ 0x69 /* 'i' */, 0x07, 0x00 /* (to 0x0094 state 30) */, + 0x20 /* ' ' */, 0xDE, 0x03 /* (to 0x046E state 675) */, + 0x08, /* fail */ +/* pos 0094: 30 */ 0xEF /* 'o' -> */, +/* pos 0095: 31 */ 0xEE /* 'n' -> */, +/* pos 0096: 32 */ 0xBA /* ':' -> */, +/* pos 0097: 33 */ 0x00, 0x04 /* - terminal marker 4 - */, +/* pos 0099: 34 */ 0x70 /* 'p' */, 0x0A, 0x00 /* (to 0x00A3 state 35) */, + 0x73 /* 's' */, 0x68, 0x03 /* (to 0x0404 state 596) */, + 0x72 /* 'r' */, 0xA0, 0x03 /* (to 0x043F state 642) */, + 0x08, /* fail */ +/* pos 00a3: 35 */ 0xE7 /* 'g' -> */, +/* pos 00a4: 36 */ 0xF2 /* 'r' -> */, +/* pos 00a5: 37 */ 0xE1 /* 'a' -> */, +/* pos 00a6: 38 */ 0xE4 /* 'd' -> */, +/* pos 00a7: 39 */ 0xE5 /* 'e' -> */, +/* pos 00a8: 40 */ 0xBA /* ':' -> */, +/* pos 00a9: 41 */ 0x00, 0x05 /* - terminal marker 5 - */, +/* pos 00ab: 42 */ 0xE9 /* 'i' -> */, +/* pos 00ac: 43 */ 0xE7 /* 'g' -> */, +/* pos 00ad: 44 */ 0xE9 /* 'i' -> */, +/* pos 00ae: 45 */ 0xEE /* 'n' -> */, +/* pos 00af: 46 */ 0xBA /* ':' -> */, +/* pos 00b0: 47 */ 0x00, 0x06 /* - terminal marker 6 - */, +/* pos 00b2: 48 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x00B9 state 49) */, + 0x74 /* 't' */, 0x1C, 0x03 /* (to 0x03D1 state 553) */, + 0x08, /* fail */ +/* pos 00b9: 49 */ 0x63 /* 'c' */, 0x0A, 0x00 /* (to 0x00C3 state 50) */, + 0x72 /* 'r' */, 0x05, 0x03 /* (to 0x03C1 state 539) */, + 0x74 /* 't' */, 0x08, 0x03 /* (to 0x03C7 state 544) */, + 0x08, /* fail */ +/* pos 00c3: 50 */ 0xAD /* '-' -> */, +/* pos 00c4: 51 */ 0xF7 /* 'w' -> */, +/* pos 00c5: 52 */ 0xE5 /* 'e' -> */, +/* pos 00c6: 53 */ 0xE2 /* 'b' -> */, +/* pos 00c7: 54 */ 0xF3 /* 's' -> */, +/* pos 00c8: 55 */ 0xEF /* 'o' -> */, +/* pos 00c9: 56 */ 0xE3 /* 'c' -> */, +/* pos 00ca: 57 */ 0xEB /* 'k' -> */, +/* pos 00cb: 58 */ 0xE5 /* 'e' -> */, +/* pos 00cc: 59 */ 0xF4 /* 't' -> */, +/* pos 00cd: 60 */ 0xAD /* '-' -> */, +/* pos 00ce: 61 */ 0x64 /* 'd' */, 0x19, 0x00 /* (to 0x00E7 state 62) */, + 0x65 /* 'e' */, 0x20, 0x00 /* (to 0x00F1 state 70) */, + 0x6B /* 'k' */, 0x29, 0x00 /* (to 0x00FD state 81) */, + 0x70 /* 'p' */, 0x38, 0x00 /* (to 0x010F state 88) */, + 0x61 /* 'a' */, 0x3F, 0x00 /* (to 0x0119 state 97) */, + 0x6E /* 'n' */, 0x44, 0x00 /* (to 0x0121 state 104) */, + 0x76 /* 'v' */, 0x89, 0x01 /* (to 0x0269 state 284) */, + 0x6F /* 'o' */, 0x8F, 0x01 /* (to 0x0272 state 292) */, + 0x08, /* fail */ +/* pos 00e7: 62 */ 0xF2 /* 'r' -> */, +/* pos 00e8: 63 */ 0xE1 /* 'a' -> */, +/* pos 00e9: 64 */ 0xE6 /* 'f' -> */, +/* pos 00ea: 65 */ 0xF4 /* 't' -> */, +/* pos 00eb: 66 */ 0xBA /* ':' -> */, +/* pos 00ec: 67 */ 0x00, 0x07 /* - terminal marker 7 - */, +/* pos 00ee: 68 */ 0x8A /* '.' -> */, +/* pos 00ef: 69 */ 0x00, 0x08 /* - terminal marker 8 - */, +/* pos 00f1: 70 */ 0xF8 /* 'x' -> */, +/* pos 00f2: 71 */ 0xF4 /* 't' -> */, +/* pos 00f3: 72 */ 0xE5 /* 'e' -> */, +/* pos 00f4: 73 */ 0xEE /* 'n' -> */, +/* pos 00f5: 74 */ 0xF3 /* 's' -> */, +/* pos 00f6: 75 */ 0xE9 /* 'i' -> */, +/* pos 00f7: 76 */ 0xEF /* 'o' -> */, +/* pos 00f8: 77 */ 0xEE /* 'n' -> */, +/* pos 00f9: 78 */ 0xF3 /* 's' -> */, +/* pos 00fa: 79 */ 0xBA /* ':' -> */, +/* pos 00fb: 80 */ 0x00, 0x09 /* - terminal marker 9 - */, +/* pos 00fd: 81 */ 0xE5 /* 'e' -> */, +/* pos 00fe: 82 */ 0xF9 /* 'y' -> */, +/* pos 00ff: 83 */ 0x31 /* '1' */, 0x0A, 0x00 /* (to 0x0109 state 84) */, + 0x32 /* '2' */, 0x0A, 0x00 /* (to 0x010C state 86) */, + 0x3A /* ':' */, 0x62, 0x01 /* (to 0x0267 state 283) */, + 0x08, /* fail */ +/* pos 0109: 84 */ 0xBA /* ':' -> */, +/* pos 010a: 85 */ 0x00, 0x0A /* - terminal marker 10 - */, +/* pos 010c: 86 */ 0xBA /* ':' -> */, +/* pos 010d: 87 */ 0x00, 0x0B /* - terminal marker 11 - */, +/* pos 010f: 88 */ 0xF2 /* 'r' -> */, +/* pos 0110: 89 */ 0xEF /* 'o' -> */, +/* pos 0111: 90 */ 0xF4 /* 't' -> */, +/* pos 0112: 91 */ 0xEF /* 'o' -> */, +/* pos 0113: 92 */ 0xE3 /* 'c' -> */, +/* pos 0114: 93 */ 0xEF /* 'o' -> */, +/* pos 0115: 94 */ 0xEC /* 'l' -> */, +/* pos 0116: 95 */ 0xBA /* ':' -> */, +/* pos 0117: 96 */ 0x00, 0x0C /* - terminal marker 12 - */, +/* pos 0119: 97 */ 0xE3 /* 'c' -> */, +/* pos 011a: 98 */ 0xE3 /* 'c' -> */, +/* pos 011b: 99 */ 0xE5 /* 'e' -> */, +/* pos 011c: 100 */ 0xF0 /* 'p' -> */, +/* pos 011d: 101 */ 0xF4 /* 't' -> */, +/* pos 011e: 102 */ 0xBA /* ':' -> */, +/* pos 011f: 103 */ 0x00, 0x0D /* - terminal marker 13 - */, +/* pos 0121: 104 */ 0xEF /* 'o' -> */, +/* pos 0122: 105 */ 0xEE /* 'n' -> */, +/* pos 0123: 106 */ 0xE3 /* 'c' -> */, +/* pos 0124: 107 */ 0xE5 /* 'e' -> */, +/* pos 0125: 108 */ 0xBA /* ':' -> */, +/* pos 0126: 109 */ 0x00, 0x0E /* - terminal marker 14 - */, +/* pos 0128: 110 */ 0xF4 /* 't' -> */, +/* pos 0129: 111 */ 0xF0 /* 'p' -> */, +/* pos 012a: 112 */ 0x2F /* '/' */, 0x07, 0x00 /* (to 0x0131 state 113) */, + 0x32 /* '2' */, 0x10, 0x00 /* (to 0x013D state 118) */, + 0x08, /* fail */ +/* pos 0131: 113 */ 0xB1 /* '1' -> */, +/* pos 0132: 114 */ 0xAE /* '.' -> */, +/* pos 0133: 115 */ 0x31 /* '1' */, 0x07, 0x00 /* (to 0x013A state 116) */, + 0x30 /* '0' */, 0x27, 0x03 /* (to 0x045D state 660) */, + 0x08, /* fail */ +/* pos 013a: 116 */ 0xA0 /* ' ' -> */, +/* pos 013b: 117 */ 0x00, 0x0F /* - terminal marker 15 - */, +/* pos 013d: 118 */ 0xAD /* '-' -> */, +/* pos 013e: 119 */ 0xF3 /* 's' -> */, +/* pos 013f: 120 */ 0xE5 /* 'e' -> */, +/* pos 0140: 121 */ 0xF4 /* 't' -> */, +/* pos 0141: 122 */ 0xF4 /* 't' -> */, +/* pos 0142: 123 */ 0xE9 /* 'i' -> */, +/* pos 0143: 124 */ 0xEE /* 'n' -> */, +/* pos 0144: 125 */ 0xE7 /* 'g' -> */, +/* pos 0145: 126 */ 0xF3 /* 's' -> */, +/* pos 0146: 127 */ 0xBA /* ':' -> */, +/* pos 0147: 128 */ 0x00, 0x10 /* - terminal marker 16 - */, +/* pos 0149: 129 */ 0x63 /* 'c' */, 0x0D, 0x00 /* (to 0x0156 state 130) */, + 0x75 /* 'u' */, 0xAC, 0x00 /* (to 0x01F8 state 230) */, + 0x67 /* 'g' */, 0x86, 0x01 /* (to 0x02D5 state 358) */, + 0x6C /* 'l' */, 0x87, 0x01 /* (to 0x02D9 state 361) */, + 0x08, /* fail */ +/* pos 0156: 130 */ 0xE3 /* 'c' -> */, +/* pos 0157: 131 */ 0xE5 /* 'e' -> */, +/* pos 0158: 132 */ 0x70 /* 'p' */, 0x07, 0x00 /* (to 0x015F state 133) */, + 0x73 /* 's' */, 0x0E, 0x00 /* (to 0x0169 state 136) */, + 0x08, /* fail */ +/* pos 015f: 133 */ 0xF4 /* 't' -> */, +/* pos 0160: 134 */ 0x3A /* ':' */, 0x07, 0x00 /* (to 0x0167 state 135) */, + 0x2D /* '-' */, 0x59, 0x00 /* (to 0x01BC state 192) */, + 0x08, /* fail */ +/* pos 0167: 135 */ 0x00, 0x11 /* - terminal marker 17 - */, +/* pos 0169: 136 */ 0xF3 /* 's' -> */, +/* pos 016a: 137 */ 0xAD /* '-' -> */, +/* pos 016b: 138 */ 0xE3 /* 'c' -> */, +/* pos 016c: 139 */ 0xEF /* 'o' -> */, +/* pos 016d: 140 */ 0xEE /* 'n' -> */, +/* pos 016e: 141 */ 0xF4 /* 't' -> */, +/* pos 016f: 142 */ 0xF2 /* 'r' -> */, +/* pos 0170: 143 */ 0xEF /* 'o' -> */, +/* pos 0171: 144 */ 0xEC /* 'l' -> */, +/* pos 0172: 145 */ 0xAD /* '-' -> */, +/* pos 0173: 146 */ 0x72 /* 'r' */, 0x07, 0x00 /* (to 0x017A state 147) */, + 0x61 /* 'a' */, 0x51, 0x01 /* (to 0x02C7 state 345) */, + 0x08, /* fail */ +/* pos 017a: 147 */ 0xE5 /* 'e' -> */, +/* pos 017b: 148 */ 0xF1 /* 'q' -> */, +/* pos 017c: 149 */ 0xF5 /* 'u' -> */, +/* pos 017d: 150 */ 0xE5 /* 'e' -> */, +/* pos 017e: 151 */ 0xF3 /* 's' -> */, +/* pos 017f: 152 */ 0xF4 /* 't' -> */, +/* pos 0180: 153 */ 0xAD /* '-' -> */, +/* pos 0181: 154 */ 0xE8 /* 'h' -> */, +/* pos 0182: 155 */ 0xE5 /* 'e' -> */, +/* pos 0183: 156 */ 0xE1 /* 'a' -> */, +/* pos 0184: 157 */ 0xE4 /* 'd' -> */, +/* pos 0185: 158 */ 0xE5 /* 'e' -> */, +/* pos 0186: 159 */ 0xF2 /* 'r' -> */, +/* pos 0187: 160 */ 0xF3 /* 's' -> */, +/* pos 0188: 161 */ 0xBA /* ':' -> */, +/* pos 0189: 162 */ 0x00, 0x12 /* - terminal marker 18 - */, +/* pos 018b: 163 */ 0xE6 /* 'f' -> */, +/* pos 018c: 164 */ 0xAD /* '-' -> */, +/* pos 018d: 165 */ 0x6D /* 'm' */, 0x0D, 0x00 /* (to 0x019A state 166) */, + 0x6E /* 'n' */, 0x20, 0x00 /* (to 0x01B0 state 181) */, + 0x72 /* 'r' */, 0xA7, 0x01 /* (to 0x033A state 435) */, + 0x75 /* 'u' */, 0xAB, 0x01 /* (to 0x0341 state 441) */, + 0x08, /* fail */ +/* pos 019a: 166 */ 0x6F /* 'o' */, 0x07, 0x00 /* (to 0x01A1 state 167) */, + 0x61 /* 'a' */, 0x97, 0x01 /* (to 0x0334 state 430) */, + 0x08, /* fail */ +/* pos 01a1: 167 */ 0xE4 /* 'd' -> */, +/* pos 01a2: 168 */ 0xE9 /* 'i' -> */, +/* pos 01a3: 169 */ 0xE6 /* 'f' -> */, +/* pos 01a4: 170 */ 0xE9 /* 'i' -> */, +/* pos 01a5: 171 */ 0xE5 /* 'e' -> */, +/* pos 01a6: 172 */ 0xE4 /* 'd' -> */, +/* pos 01a7: 173 */ 0xAD /* '-' -> */, +/* pos 01a8: 174 */ 0xF3 /* 's' -> */, +/* pos 01a9: 175 */ 0xE9 /* 'i' -> */, +/* pos 01aa: 176 */ 0xEE /* 'n' -> */, +/* pos 01ab: 177 */ 0xE3 /* 'c' -> */, +/* pos 01ac: 178 */ 0xE5 /* 'e' -> */, +/* pos 01ad: 179 */ 0xBA /* ':' -> */, +/* pos 01ae: 180 */ 0x00, 0x13 /* - terminal marker 19 - */, +/* pos 01b0: 181 */ 0xEF /* 'o' -> */, +/* pos 01b1: 182 */ 0xEE /* 'n' -> */, +/* pos 01b2: 183 */ 0xE5 /* 'e' -> */, +/* pos 01b3: 184 */ 0xAD /* '-' -> */, +/* pos 01b4: 185 */ 0xED /* 'm' -> */, +/* pos 01b5: 186 */ 0xE1 /* 'a' -> */, +/* pos 01b6: 187 */ 0xF4 /* 't' -> */, +/* pos 01b7: 188 */ 0xE3 /* 'c' -> */, +/* pos 01b8: 189 */ 0xE8 /* 'h' -> */, +/* pos 01b9: 190 */ 0xBA /* ':' -> */, +/* pos 01ba: 191 */ 0x00, 0x14 /* - terminal marker 20 - */, +/* pos 01bc: 192 */ 0x65 /* 'e' */, 0x0D, 0x00 /* (to 0x01C9 state 193) */, + 0x6C /* 'l' */, 0x14, 0x00 /* (to 0x01D3 state 202) */, + 0x63 /* 'c' */, 0xF4, 0x00 /* (to 0x02B6 state 330) */, + 0x72 /* 'r' */, 0xFA, 0x00 /* (to 0x02BF state 338) */, + 0x08, /* fail */ +/* pos 01c9: 193 */ 0xEE /* 'n' -> */, +/* pos 01ca: 194 */ 0xE3 /* 'c' -> */, +/* pos 01cb: 195 */ 0xEF /* 'o' -> */, +/* pos 01cc: 196 */ 0xE4 /* 'd' -> */, +/* pos 01cd: 197 */ 0xE9 /* 'i' -> */, +/* pos 01ce: 198 */ 0xEE /* 'n' -> */, +/* pos 01cf: 199 */ 0xE7 /* 'g' -> */, +/* pos 01d0: 200 */ 0xBA /* ':' -> */, +/* pos 01d1: 201 */ 0x00, 0x15 /* - terminal marker 21 - */, +/* pos 01d3: 202 */ 0xE1 /* 'a' -> */, +/* pos 01d4: 203 */ 0xEE /* 'n' -> */, +/* pos 01d5: 204 */ 0xE7 /* 'g' -> */, +/* pos 01d6: 205 */ 0xF5 /* 'u' -> */, +/* pos 01d7: 206 */ 0xE1 /* 'a' -> */, +/* pos 01d8: 207 */ 0xE7 /* 'g' -> */, +/* pos 01d9: 208 */ 0xE5 /* 'e' -> */, +/* pos 01da: 209 */ 0xBA /* ':' -> */, +/* pos 01db: 210 */ 0x00, 0x16 /* - terminal marker 22 - */, +/* pos 01dd: 211 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x01E4 state 212) */, + 0x6F /* 'o' */, 0xA7, 0x01 /* (to 0x0387 state 497) */, + 0x08, /* fail */ +/* pos 01e4: 212 */ 0xE7 /* 'g' -> */, +/* pos 01e5: 213 */ 0xED /* 'm' -> */, +/* pos 01e6: 214 */ 0xE1 /* 'a' -> */, +/* pos 01e7: 215 */ 0xBA /* ':' -> */, +/* pos 01e8: 216 */ 0x00, 0x17 /* - terminal marker 23 - */, +/* pos 01ea: 217 */ 0xE3 /* 'c' -> */, +/* pos 01eb: 218 */ 0xE8 /* 'h' -> */, +/* pos 01ec: 219 */ 0xE5 /* 'e' -> */, +/* pos 01ed: 220 */ 0xAD /* '-' -> */, +/* pos 01ee: 221 */ 0xE3 /* 'c' -> */, +/* pos 01ef: 222 */ 0xEF /* 'o' -> */, +/* pos 01f0: 223 */ 0xEE /* 'n' -> */, +/* pos 01f1: 224 */ 0xF4 /* 't' -> */, +/* pos 01f2: 225 */ 0xF2 /* 'r' -> */, +/* pos 01f3: 226 */ 0xEF /* 'o' -> */, +/* pos 01f4: 227 */ 0xEC /* 'l' -> */, +/* pos 01f5: 228 */ 0xBA /* ':' -> */, +/* pos 01f6: 229 */ 0x00, 0x18 /* - terminal marker 24 - */, +/* pos 01f8: 230 */ 0xF4 /* 't' -> */, +/* pos 01f9: 231 */ 0xE8 /* 'h' -> */, +/* pos 01fa: 232 */ 0xEF /* 'o' -> */, +/* pos 01fb: 233 */ 0xF2 /* 'r' -> */, +/* pos 01fc: 234 */ 0xE9 /* 'i' -> */, +/* pos 01fd: 235 */ 0xFA /* 'z' -> */, +/* pos 01fe: 236 */ 0xE1 /* 'a' -> */, +/* pos 01ff: 237 */ 0xF4 /* 't' -> */, +/* pos 0200: 238 */ 0xE9 /* 'i' -> */, +/* pos 0201: 239 */ 0xEF /* 'o' -> */, +/* pos 0202: 240 */ 0xEE /* 'n' -> */, +/* pos 0203: 241 */ 0xBA /* ':' -> */, +/* pos 0204: 242 */ 0x00, 0x19 /* - terminal marker 25 - */, +/* pos 0206: 243 */ 0xEB /* 'k' -> */, +/* pos 0207: 244 */ 0xE9 /* 'i' -> */, +/* pos 0208: 245 */ 0xE5 /* 'e' -> */, +/* pos 0209: 246 */ 0xBA /* ':' -> */, +/* pos 020a: 247 */ 0x00, 0x1A /* - terminal marker 26 - */, +/* pos 020c: 248 */ 0xE5 /* 'e' -> */, +/* pos 020d: 249 */ 0xEE /* 'n' -> */, +/* pos 020e: 250 */ 0xF4 /* 't' -> */, +/* pos 020f: 251 */ 0xAD /* '-' -> */, +/* pos 0210: 252 */ 0x6C /* 'l' */, 0x10, 0x00 /* (to 0x0220 state 253) */, + 0x74 /* 't' */, 0x1E, 0x00 /* (to 0x0231 state 260) */, + 0x64 /* 'd' */, 0xC9, 0x00 /* (to 0x02DF state 366) */, + 0x65 /* 'e' */, 0xD3, 0x00 /* (to 0x02EC state 378) */, + 0x72 /* 'r' */, 0xEC, 0x00 /* (to 0x0308 state 403) */, + 0x08, /* fail */ +/* pos 0220: 253 */ 0x65 /* 'e' */, 0x0A, 0x00 /* (to 0x022A state 254) */, + 0x61 /* 'a' */, 0xD3, 0x00 /* (to 0x02F6 state 387) */, + 0x6F /* 'o' */, 0xD9, 0x00 /* (to 0x02FF state 395) */, + 0x08, /* fail */ +/* pos 022a: 254 */ 0xEE /* 'n' -> */, +/* pos 022b: 255 */ 0xE7 /* 'g' -> */, +/* pos 022c: 256 */ 0xF4 /* 't' -> */, +/* pos 022d: 257 */ 0xE8 /* 'h' -> */, +/* pos 022e: 258 */ 0xBA /* ':' -> */, +/* pos 022f: 259 */ 0x00, 0x1B /* - terminal marker 27 - */, +/* pos 0231: 260 */ 0xF9 /* 'y' -> */, +/* pos 0232: 261 */ 0xF0 /* 'p' -> */, +/* pos 0233: 262 */ 0xE5 /* 'e' -> */, +/* pos 0234: 263 */ 0xBA /* ':' -> */, +/* pos 0235: 264 */ 0x00, 0x1C /* - terminal marker 28 - */, +/* pos 0237: 265 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x023E state 266) */, + 0x65 /* 'e' */, 0xFF, 0x01 /* (to 0x0439 state 637) */, + 0x08, /* fail */ +/* pos 023e: 266 */ 0xF4 /* 't' -> */, +/* pos 023f: 267 */ 0xE5 /* 'e' -> */, +/* pos 0240: 268 */ 0xBA /* ':' -> */, +/* pos 0241: 269 */ 0x00, 0x1D /* - terminal marker 29 - */, +/* pos 0243: 270 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x024A state 271) */, + 0x65 /* 'e' */, 0x0A, 0x00 /* (to 0x0250 state 276) */, + 0x08, /* fail */ +/* pos 024a: 271 */ 0xEE /* 'n' -> */, +/* pos 024b: 272 */ 0xE7 /* 'g' -> */, +/* pos 024c: 273 */ 0xE5 /* 'e' -> */, +/* pos 024d: 274 */ 0xBA /* ':' -> */, +/* pos 024e: 275 */ 0x00, 0x1E /* - terminal marker 30 - */, +/* pos 0250: 276 */ 0x66 /* 'f' */, 0x0A, 0x00 /* (to 0x025A state 277) */, + 0x74 /* 't' */, 0x63, 0x01 /* (to 0x03B6 state 529) */, + 0x70 /* 'p' */, 0x22, 0x02 /* (to 0x0478 state 682) */, + 0x08, /* fail */ +/* pos 025a: 277 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x0261 state 278) */, + 0x72 /* 'r' */, 0x53, 0x01 /* (to 0x03B0 state 524) */, + 0x08, /* fail */ +/* pos 0261: 278 */ 0xF2 /* 'r' -> */, +/* pos 0262: 279 */ 0xE5 /* 'e' -> */, +/* pos 0263: 280 */ 0xF2 /* 'r' -> */, +/* pos 0264: 281 */ 0xBA /* ':' -> */, +/* pos 0265: 282 */ 0x00, 0x1F /* - terminal marker 31 - */, +/* pos 0267: 283 */ 0x00, 0x20 /* - terminal marker 32 - */, +/* pos 0269: 284 */ 0xE5 /* 'e' -> */, +/* pos 026a: 285 */ 0xF2 /* 'r' -> */, +/* pos 026b: 286 */ 0xF3 /* 's' -> */, +/* pos 026c: 287 */ 0xE9 /* 'i' -> */, +/* pos 026d: 288 */ 0xEF /* 'o' -> */, +/* pos 026e: 289 */ 0xEE /* 'n' -> */, +/* pos 026f: 290 */ 0xBA /* ':' -> */, +/* pos 0270: 291 */ 0x00, 0x21 /* - terminal marker 33 - */, +/* pos 0272: 292 */ 0xF2 /* 'r' -> */, +/* pos 0273: 293 */ 0xE9 /* 'i' -> */, +/* pos 0274: 294 */ 0xE7 /* 'g' -> */, +/* pos 0275: 295 */ 0xE9 /* 'i' -> */, +/* pos 0276: 296 */ 0xEE /* 'n' -> */, +/* pos 0277: 297 */ 0xBA /* ':' -> */, +/* pos 0278: 298 */ 0x00, 0x22 /* - terminal marker 34 - */, +/* pos 027a: 299 */ 0x61 /* 'a' */, 0x0D, 0x00 /* (to 0x0287 state 300) */, + 0x6D /* 'm' */, 0x14, 0x00 /* (to 0x0291 state 309) */, + 0x70 /* 'p' */, 0x18, 0x00 /* (to 0x0298 state 315) */, + 0x73 /* 's' */, 0x20, 0x00 /* (to 0x02A3 state 319) */, + 0x08, /* fail */ +/* pos 0287: 300 */ 0xF5 /* 'u' -> */, +/* pos 0288: 301 */ 0xF4 /* 't' -> */, +/* pos 0289: 302 */ 0xE8 /* 'h' -> */, +/* pos 028a: 303 */ 0xEF /* 'o' -> */, +/* pos 028b: 304 */ 0xF2 /* 'r' -> */, +/* pos 028c: 305 */ 0xE9 /* 'i' -> */, +/* pos 028d: 306 */ 0xF4 /* 't' -> */, +/* pos 028e: 307 */ 0xF9 /* 'y' -> */, +/* pos 028f: 308 */ 0x00, 0x23 /* - terminal marker 35 - */, +/* pos 0291: 309 */ 0xE5 /* 'e' -> */, +/* pos 0292: 310 */ 0xF4 /* 't' -> */, +/* pos 0293: 311 */ 0xE8 /* 'h' -> */, +/* pos 0294: 312 */ 0xEF /* 'o' -> */, +/* pos 0295: 313 */ 0xE4 /* 'd' -> */, +/* pos 0296: 314 */ 0x00, 0x24 /* - terminal marker 36 - */, +/* pos 0298: 315 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x029F state 316) */, + 0x72 /* 'r' */, 0xE9, 0x01 /* (to 0x0484 state 693) */, + 0x08, /* fail */ +/* pos 029f: 316 */ 0xF4 /* 't' -> */, +/* pos 02a0: 317 */ 0xE8 /* 'h' -> */, +/* pos 02a1: 318 */ 0x00, 0x25 /* - terminal marker 37 - */, +/* pos 02a3: 319 */ 0x63 /* 'c' */, 0x07, 0x00 /* (to 0x02AA state 320) */, + 0x74 /* 't' */, 0x0A, 0x00 /* (to 0x02B0 state 325) */, + 0x08, /* fail */ +/* pos 02aa: 320 */ 0xE8 /* 'h' -> */, +/* pos 02ab: 321 */ 0xE5 /* 'e' -> */, +/* pos 02ac: 322 */ 0xED /* 'm' -> */, +/* pos 02ad: 323 */ 0xE5 /* 'e' -> */, +/* pos 02ae: 324 */ 0x00, 0x26 /* - terminal marker 38 - */, +/* pos 02b0: 325 */ 0xE1 /* 'a' -> */, +/* pos 02b1: 326 */ 0xF4 /* 't' -> */, +/* pos 02b2: 327 */ 0xF5 /* 'u' -> */, +/* pos 02b3: 328 */ 0xF3 /* 's' -> */, +/* pos 02b4: 329 */ 0x00, 0x27 /* - terminal marker 39 - */, +/* pos 02b6: 330 */ 0xE8 /* 'h' -> */, +/* pos 02b7: 331 */ 0xE1 /* 'a' -> */, +/* pos 02b8: 332 */ 0xF2 /* 'r' -> */, +/* pos 02b9: 333 */ 0xF3 /* 's' -> */, +/* pos 02ba: 334 */ 0xE5 /* 'e' -> */, +/* pos 02bb: 335 */ 0xF4 /* 't' -> */, +/* pos 02bc: 336 */ 0xBA /* ':' -> */, +/* pos 02bd: 337 */ 0x00, 0x28 /* - terminal marker 40 - */, +/* pos 02bf: 338 */ 0xE1 /* 'a' -> */, +/* pos 02c0: 339 */ 0xEE /* 'n' -> */, +/* pos 02c1: 340 */ 0xE7 /* 'g' -> */, +/* pos 02c2: 341 */ 0xE5 /* 'e' -> */, +/* pos 02c3: 342 */ 0xF3 /* 's' -> */, +/* pos 02c4: 343 */ 0xBA /* ':' -> */, +/* pos 02c5: 344 */ 0x00, 0x29 /* - terminal marker 41 - */, +/* pos 02c7: 345 */ 0xEC /* 'l' -> */, +/* pos 02c8: 346 */ 0xEC /* 'l' -> */, +/* pos 02c9: 347 */ 0xEF /* 'o' -> */, +/* pos 02ca: 348 */ 0xF7 /* 'w' -> */, +/* pos 02cb: 349 */ 0xAD /* '-' -> */, +/* pos 02cc: 350 */ 0xEF /* 'o' -> */, +/* pos 02cd: 351 */ 0xF2 /* 'r' -> */, +/* pos 02ce: 352 */ 0xE9 /* 'i' -> */, +/* pos 02cf: 353 */ 0xE7 /* 'g' -> */, +/* pos 02d0: 354 */ 0xE9 /* 'i' -> */, +/* pos 02d1: 355 */ 0xEE /* 'n' -> */, +/* pos 02d2: 356 */ 0xBA /* ':' -> */, +/* pos 02d3: 357 */ 0x00, 0x2A /* - terminal marker 42 - */, +/* pos 02d5: 358 */ 0xE5 /* 'e' -> */, +/* pos 02d6: 359 */ 0xBA /* ':' -> */, +/* pos 02d7: 360 */ 0x00, 0x2B /* - terminal marker 43 - */, +/* pos 02d9: 361 */ 0xEC /* 'l' -> */, +/* pos 02da: 362 */ 0xEF /* 'o' -> */, +/* pos 02db: 363 */ 0xF7 /* 'w' -> */, +/* pos 02dc: 364 */ 0xBA /* ':' -> */, +/* pos 02dd: 365 */ 0x00, 0x2C /* - terminal marker 44 - */, +/* pos 02df: 366 */ 0xE9 /* 'i' -> */, +/* pos 02e0: 367 */ 0xF3 /* 's' -> */, +/* pos 02e1: 368 */ 0xF0 /* 'p' -> */, +/* pos 02e2: 369 */ 0xEF /* 'o' -> */, +/* pos 02e3: 370 */ 0xF3 /* 's' -> */, +/* pos 02e4: 371 */ 0xE9 /* 'i' -> */, +/* pos 02e5: 372 */ 0xF4 /* 't' -> */, +/* pos 02e6: 373 */ 0xE9 /* 'i' -> */, +/* pos 02e7: 374 */ 0xEF /* 'o' -> */, +/* pos 02e8: 375 */ 0xEE /* 'n' -> */, +/* pos 02e9: 376 */ 0xBA /* ':' -> */, +/* pos 02ea: 377 */ 0x00, 0x2D /* - terminal marker 45 - */, +/* pos 02ec: 378 */ 0xEE /* 'n' -> */, +/* pos 02ed: 379 */ 0xE3 /* 'c' -> */, +/* pos 02ee: 380 */ 0xEF /* 'o' -> */, +/* pos 02ef: 381 */ 0xE4 /* 'd' -> */, +/* pos 02f0: 382 */ 0xE9 /* 'i' -> */, +/* pos 02f1: 383 */ 0xEE /* 'n' -> */, +/* pos 02f2: 384 */ 0xE7 /* 'g' -> */, +/* pos 02f3: 385 */ 0xBA /* ':' -> */, +/* pos 02f4: 386 */ 0x00, 0x2E /* - terminal marker 46 - */, +/* pos 02f6: 387 */ 0xEE /* 'n' -> */, +/* pos 02f7: 388 */ 0xE7 /* 'g' -> */, +/* pos 02f8: 389 */ 0xF5 /* 'u' -> */, +/* pos 02f9: 390 */ 0xE1 /* 'a' -> */, +/* pos 02fa: 391 */ 0xE7 /* 'g' -> */, +/* pos 02fb: 392 */ 0xE5 /* 'e' -> */, +/* pos 02fc: 393 */ 0xBA /* ':' -> */, +/* pos 02fd: 394 */ 0x00, 0x2F /* - terminal marker 47 - */, +/* pos 02ff: 395 */ 0xE3 /* 'c' -> */, +/* pos 0300: 396 */ 0xE1 /* 'a' -> */, +/* pos 0301: 397 */ 0xF4 /* 't' -> */, +/* pos 0302: 398 */ 0xE9 /* 'i' -> */, +/* pos 0303: 399 */ 0xEF /* 'o' -> */, +/* pos 0304: 400 */ 0xEE /* 'n' -> */, +/* pos 0305: 401 */ 0xBA /* ':' -> */, +/* pos 0306: 402 */ 0x00, 0x30 /* - terminal marker 48 - */, +/* pos 0308: 403 */ 0xE1 /* 'a' -> */, +/* pos 0309: 404 */ 0xEE /* 'n' -> */, +/* pos 030a: 405 */ 0xE7 /* 'g' -> */, +/* pos 030b: 406 */ 0xE5 /* 'e' -> */, +/* pos 030c: 407 */ 0xBA /* ':' -> */, +/* pos 030d: 408 */ 0x00, 0x31 /* - terminal marker 49 - */, +/* pos 030f: 409 */ 0x74 /* 't' */, 0x07, 0x00 /* (to 0x0316 state 410) */, + 0x78 /* 'x' */, 0x09, 0x00 /* (to 0x031B state 414) */, + 0x08, /* fail */ +/* pos 0316: 410 */ 0xE1 /* 'a' -> */, +/* pos 0317: 411 */ 0xE7 /* 'g' -> */, +/* pos 0318: 412 */ 0xBA /* ':' -> */, +/* pos 0319: 413 */ 0x00, 0x32 /* - terminal marker 50 - */, +/* pos 031b: 414 */ 0xF0 /* 'p' -> */, +/* pos 031c: 415 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x0323 state 416) */, + 0x69 /* 'i' */, 0x09, 0x00 /* (to 0x0328 state 420) */, + 0x08, /* fail */ +/* pos 0323: 416 */ 0xE3 /* 'c' -> */, +/* pos 0324: 417 */ 0xF4 /* 't' -> */, +/* pos 0325: 418 */ 0xBA /* ':' -> */, +/* pos 0326: 419 */ 0x00, 0x33 /* - terminal marker 51 - */, +/* pos 0328: 420 */ 0xF2 /* 'r' -> */, +/* pos 0329: 421 */ 0xE5 /* 'e' -> */, +/* pos 032a: 422 */ 0xF3 /* 's' -> */, +/* pos 032b: 423 */ 0xBA /* ':' -> */, +/* pos 032c: 424 */ 0x00, 0x34 /* - terminal marker 52 - */, +/* pos 032e: 425 */ 0xF2 /* 'r' -> */, +/* pos 032f: 426 */ 0xEF /* 'o' -> */, +/* pos 0330: 427 */ 0xED /* 'm' -> */, +/* pos 0331: 428 */ 0xBA /* ':' -> */, +/* pos 0332: 429 */ 0x00, 0x35 /* - terminal marker 53 - */, +/* pos 0334: 430 */ 0xF4 /* 't' -> */, +/* pos 0335: 431 */ 0xE3 /* 'c' -> */, +/* pos 0336: 432 */ 0xE8 /* 'h' -> */, +/* pos 0337: 433 */ 0xBA /* ':' -> */, +/* pos 0338: 434 */ 0x00, 0x36 /* - terminal marker 54 - */, +/* pos 033a: 435 */ 0xE1 /* 'a' -> */, +/* pos 033b: 436 */ 0xEE /* 'n' -> */, +/* pos 033c: 437 */ 0xE7 /* 'g' -> */, +/* pos 033d: 438 */ 0xE5 /* 'e' -> */, +/* pos 033e: 439 */ 0xBA /* ':' -> */, +/* pos 033f: 440 */ 0x00, 0x37 /* - terminal marker 55 - */, +/* pos 0341: 441 */ 0xEE /* 'n' -> */, +/* pos 0342: 442 */ 0xED /* 'm' -> */, +/* pos 0343: 443 */ 0xEF /* 'o' -> */, +/* pos 0344: 444 */ 0xE4 /* 'd' -> */, +/* pos 0345: 445 */ 0xE9 /* 'i' -> */, +/* pos 0346: 446 */ 0xE6 /* 'f' -> */, +/* pos 0347: 447 */ 0xE9 /* 'i' -> */, +/* pos 0348: 448 */ 0xE5 /* 'e' -> */, +/* pos 0349: 449 */ 0xE4 /* 'd' -> */, +/* pos 034a: 450 */ 0xAD /* '-' -> */, +/* pos 034b: 451 */ 0xF3 /* 's' -> */, +/* pos 034c: 452 */ 0xE9 /* 'i' -> */, +/* pos 034d: 453 */ 0xEE /* 'n' -> */, +/* pos 034e: 454 */ 0xE3 /* 'c' -> */, +/* pos 034f: 455 */ 0xE5 /* 'e' -> */, +/* pos 0350: 456 */ 0xBA /* ':' -> */, +/* pos 0351: 457 */ 0x00, 0x38 /* - terminal marker 56 - */, +/* pos 0353: 458 */ 0x61 /* 'a' */, 0x0A, 0x00 /* (to 0x035D state 459) */, + 0x69 /* 'i' */, 0x15, 0x00 /* (to 0x036B state 472) */, + 0x6F /* 'o' */, 0x17, 0x00 /* (to 0x0370 state 476) */, + 0x08, /* fail */ +/* pos 035d: 459 */ 0xF3 /* 's' -> */, +/* pos 035e: 460 */ 0xF4 /* 't' -> */, +/* pos 035f: 461 */ 0xAD /* '-' -> */, +/* pos 0360: 462 */ 0xED /* 'm' -> */, +/* pos 0361: 463 */ 0xEF /* 'o' -> */, +/* pos 0362: 464 */ 0xE4 /* 'd' -> */, +/* pos 0363: 465 */ 0xE9 /* 'i' -> */, +/* pos 0364: 466 */ 0xE6 /* 'f' -> */, +/* pos 0365: 467 */ 0xE9 /* 'i' -> */, +/* pos 0366: 468 */ 0xE5 /* 'e' -> */, +/* pos 0367: 469 */ 0xE4 /* 'd' -> */, +/* pos 0368: 470 */ 0xBA /* ':' -> */, +/* pos 0369: 471 */ 0x00, 0x39 /* - terminal marker 57 - */, +/* pos 036b: 472 */ 0xEE /* 'n' -> */, +/* pos 036c: 473 */ 0xEB /* 'k' -> */, +/* pos 036d: 474 */ 0xBA /* ':' -> */, +/* pos 036e: 475 */ 0x00, 0x3A /* - terminal marker 58 - */, +/* pos 0370: 476 */ 0xE3 /* 'c' -> */, +/* pos 0371: 477 */ 0xE1 /* 'a' -> */, +/* pos 0372: 478 */ 0xF4 /* 't' -> */, +/* pos 0373: 479 */ 0xE9 /* 'i' -> */, +/* pos 0374: 480 */ 0xEF /* 'o' -> */, +/* pos 0375: 481 */ 0xEE /* 'n' -> */, +/* pos 0376: 482 */ 0xBA /* ':' -> */, +/* pos 0377: 483 */ 0x00, 0x3B /* - terminal marker 59 - */, +/* pos 0379: 484 */ 0xE1 /* 'a' -> */, +/* pos 037a: 485 */ 0xF8 /* 'x' -> */, +/* pos 037b: 486 */ 0xAD /* '-' -> */, +/* pos 037c: 487 */ 0xE6 /* 'f' -> */, +/* pos 037d: 488 */ 0xEF /* 'o' -> */, +/* pos 037e: 489 */ 0xF2 /* 'r' -> */, +/* pos 037f: 490 */ 0xF7 /* 'w' -> */, +/* pos 0380: 491 */ 0xE1 /* 'a' -> */, +/* pos 0381: 492 */ 0xF2 /* 'r' -> */, +/* pos 0382: 493 */ 0xE4 /* 'd' -> */, +/* pos 0383: 494 */ 0xF3 /* 's' -> */, +/* pos 0384: 495 */ 0xBA /* ':' -> */, +/* pos 0385: 496 */ 0x00, 0x3C /* - terminal marker 60 - */, +/* pos 0387: 497 */ 0xF8 /* 'x' -> */, +/* pos 0388: 498 */ 0xF9 /* 'y' -> */, +/* pos 0389: 499 */ 0x2D /* '-' */, 0x07, 0x00 /* (to 0x0390 state 500) */, + 0x20 /* ' ' */, 0xBB, 0x00 /* (to 0x0447 state 649) */, + 0x08, /* fail */ +/* pos 0390: 500 */ 0xE1 /* 'a' -> */, +/* pos 0391: 501 */ 0xF5 /* 'u' -> */, +/* pos 0392: 502 */ 0xF4 /* 't' -> */, +/* pos 0393: 503 */ 0xE8 /* 'h' -> */, +/* pos 0394: 504 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x039B state 505) */, + 0x6F /* 'o' */, 0x0E, 0x00 /* (to 0x03A5 state 514) */, + 0x08, /* fail */ +/* pos 039b: 505 */ 0xEE /* 'n' -> */, +/* pos 039c: 506 */ 0xF4 /* 't' -> */, +/* pos 039d: 507 */ 0xE9 /* 'i' -> */, +/* pos 039e: 508 */ 0xE3 /* 'c' -> */, +/* pos 039f: 509 */ 0xE1 /* 'a' -> */, +/* pos 03a0: 510 */ 0xF4 /* 't' -> */, +/* pos 03a1: 511 */ 0xE5 /* 'e' -> */, +/* pos 03a2: 512 */ 0xBA /* ':' -> */, +/* pos 03a3: 513 */ 0x00, 0x3D /* - terminal marker 61 - */, +/* pos 03a5: 514 */ 0xF2 /* 'r' -> */, +/* pos 03a6: 515 */ 0xE9 /* 'i' -> */, +/* pos 03a7: 516 */ 0xFA /* 'z' -> */, +/* pos 03a8: 517 */ 0xE1 /* 'a' -> */, +/* pos 03a9: 518 */ 0xF4 /* 't' -> */, +/* pos 03aa: 519 */ 0xE9 /* 'i' -> */, +/* pos 03ab: 520 */ 0xEF /* 'o' -> */, +/* pos 03ac: 521 */ 0xEE /* 'n' -> */, +/* pos 03ad: 522 */ 0xBA /* ':' -> */, +/* pos 03ae: 523 */ 0x00, 0x3E /* - terminal marker 62 - */, +/* pos 03b0: 524 */ 0xE5 /* 'e' -> */, +/* pos 03b1: 525 */ 0xF3 /* 's' -> */, +/* pos 03b2: 526 */ 0xE8 /* 'h' -> */, +/* pos 03b3: 527 */ 0xBA /* ':' -> */, +/* pos 03b4: 528 */ 0x00, 0x3F /* - terminal marker 63 - */, +/* pos 03b6: 529 */ 0xF2 /* 'r' -> */, +/* pos 03b7: 530 */ 0xF9 /* 'y' -> */, +/* pos 03b8: 531 */ 0xAD /* '-' -> */, +/* pos 03b9: 532 */ 0xE1 /* 'a' -> */, +/* pos 03ba: 533 */ 0xE6 /* 'f' -> */, +/* pos 03bb: 534 */ 0xF4 /* 't' -> */, +/* pos 03bc: 535 */ 0xE5 /* 'e' -> */, +/* pos 03bd: 536 */ 0xF2 /* 'r' -> */, +/* pos 03be: 537 */ 0xBA /* ':' -> */, +/* pos 03bf: 538 */ 0x00, 0x40 /* - terminal marker 64 - */, +/* pos 03c1: 539 */ 0xF6 /* 'v' -> */, +/* pos 03c2: 540 */ 0xE5 /* 'e' -> */, +/* pos 03c3: 541 */ 0xF2 /* 'r' -> */, +/* pos 03c4: 542 */ 0xBA /* ':' -> */, +/* pos 03c5: 543 */ 0x00, 0x41 /* - terminal marker 65 - */, +/* pos 03c7: 544 */ 0xAD /* '-' -> */, +/* pos 03c8: 545 */ 0xE3 /* 'c' -> */, +/* pos 03c9: 546 */ 0xEF /* 'o' -> */, +/* pos 03ca: 547 */ 0xEF /* 'o' -> */, +/* pos 03cb: 548 */ 0xEB /* 'k' -> */, +/* pos 03cc: 549 */ 0xE9 /* 'i' -> */, +/* pos 03cd: 550 */ 0xE5 /* 'e' -> */, +/* pos 03ce: 551 */ 0xBA /* ':' -> */, +/* pos 03cf: 552 */ 0x00, 0x42 /* - terminal marker 66 - */, +/* pos 03d1: 553 */ 0xF2 /* 'r' -> */, +/* pos 03d2: 554 */ 0xE9 /* 'i' -> */, +/* pos 03d3: 555 */ 0xE3 /* 'c' -> */, +/* pos 03d4: 556 */ 0xF4 /* 't' -> */, +/* pos 03d5: 557 */ 0xAD /* '-' -> */, +/* pos 03d6: 558 */ 0xF4 /* 't' -> */, +/* pos 03d7: 559 */ 0xF2 /* 'r' -> */, +/* pos 03d8: 560 */ 0xE1 /* 'a' -> */, +/* pos 03d9: 561 */ 0xEE /* 'n' -> */, +/* pos 03da: 562 */ 0xF3 /* 's' -> */, +/* pos 03db: 563 */ 0xF0 /* 'p' -> */, +/* pos 03dc: 564 */ 0xEF /* 'o' -> */, +/* pos 03dd: 565 */ 0xF2 /* 'r' -> */, +/* pos 03de: 566 */ 0xF4 /* 't' -> */, +/* pos 03df: 567 */ 0xAD /* '-' -> */, +/* pos 03e0: 568 */ 0xF3 /* 's' -> */, +/* pos 03e1: 569 */ 0xE5 /* 'e' -> */, +/* pos 03e2: 570 */ 0xE3 /* 'c' -> */, +/* pos 03e3: 571 */ 0xF5 /* 'u' -> */, +/* pos 03e4: 572 */ 0xF2 /* 'r' -> */, +/* pos 03e5: 573 */ 0xE9 /* 'i' -> */, +/* pos 03e6: 574 */ 0xF4 /* 't' -> */, +/* pos 03e7: 575 */ 0xF9 /* 'y' -> */, +/* pos 03e8: 576 */ 0xBA /* ':' -> */, +/* pos 03e9: 577 */ 0x00, 0x43 /* - terminal marker 67 - */, +/* pos 03eb: 578 */ 0x72 /* 'r' */, 0x07, 0x00 /* (to 0x03F2 state 579) */, + 0x65 /* 'e' */, 0x87, 0x00 /* (to 0x0475 state 680) */, + 0x08, /* fail */ +/* pos 03f2: 579 */ 0xE1 /* 'a' -> */, +/* pos 03f3: 580 */ 0xEE /* 'n' -> */, +/* pos 03f4: 581 */ 0xF3 /* 's' -> */, +/* pos 03f5: 582 */ 0xE6 /* 'f' -> */, +/* pos 03f6: 583 */ 0xE5 /* 'e' -> */, +/* pos 03f7: 584 */ 0xF2 /* 'r' -> */, +/* pos 03f8: 585 */ 0xAD /* '-' -> */, +/* pos 03f9: 586 */ 0xE5 /* 'e' -> */, +/* pos 03fa: 587 */ 0xEE /* 'n' -> */, +/* pos 03fb: 588 */ 0xE3 /* 'c' -> */, +/* pos 03fc: 589 */ 0xEF /* 'o' -> */, +/* pos 03fd: 590 */ 0xE4 /* 'd' -> */, +/* pos 03fe: 591 */ 0xE9 /* 'i' -> */, +/* pos 03ff: 592 */ 0xEE /* 'n' -> */, +/* pos 0400: 593 */ 0xE7 /* 'g' -> */, +/* pos 0401: 594 */ 0xBA /* ':' -> */, +/* pos 0402: 595 */ 0x00, 0x44 /* - terminal marker 68 - */, +/* pos 0404: 596 */ 0xE5 /* 'e' -> */, +/* pos 0405: 597 */ 0xF2 /* 'r' -> */, +/* pos 0406: 598 */ 0xAD /* '-' -> */, +/* pos 0407: 599 */ 0xE1 /* 'a' -> */, +/* pos 0408: 600 */ 0xE7 /* 'g' -> */, +/* pos 0409: 601 */ 0xE5 /* 'e' -> */, +/* pos 040a: 602 */ 0xEE /* 'n' -> */, +/* pos 040b: 603 */ 0xF4 /* 't' -> */, +/* pos 040c: 604 */ 0xBA /* ':' -> */, +/* pos 040d: 605 */ 0x00, 0x45 /* - terminal marker 69 - */, +/* pos 040f: 606 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x0416 state 607) */, + 0x69 /* 'i' */, 0x09, 0x00 /* (to 0x041B state 611) */, + 0x08, /* fail */ +/* pos 0416: 607 */ 0xF2 /* 'r' -> */, +/* pos 0417: 608 */ 0xF9 /* 'y' -> */, +/* pos 0418: 609 */ 0xBA /* ':' -> */, +/* pos 0419: 610 */ 0x00, 0x46 /* - terminal marker 70 - */, +/* pos 041b: 611 */ 0xE1 /* 'a' -> */, +/* pos 041c: 612 */ 0xBA /* ':' -> */, +/* pos 041d: 613 */ 0x00, 0x47 /* - terminal marker 71 - */, +/* pos 041f: 614 */ 0xF7 /* 'w' -> */, +/* pos 0420: 615 */ 0xF7 /* 'w' -> */, +/* pos 0421: 616 */ 0xAD /* '-' -> */, +/* pos 0422: 617 */ 0xE1 /* 'a' -> */, +/* pos 0423: 618 */ 0xF5 /* 'u' -> */, +/* pos 0424: 619 */ 0xF4 /* 't' -> */, +/* pos 0425: 620 */ 0xE8 /* 'h' -> */, +/* pos 0426: 621 */ 0xE5 /* 'e' -> */, +/* pos 0427: 622 */ 0xEE /* 'n' -> */, +/* pos 0428: 623 */ 0xF4 /* 't' -> */, +/* pos 0429: 624 */ 0xE9 /* 'i' -> */, +/* pos 042a: 625 */ 0xE3 /* 'c' -> */, +/* pos 042b: 626 */ 0xE1 /* 'a' -> */, +/* pos 042c: 627 */ 0xF4 /* 't' -> */, +/* pos 042d: 628 */ 0xE5 /* 'e' -> */, +/* pos 042e: 629 */ 0xBA /* ':' -> */, +/* pos 042f: 630 */ 0x00, 0x48 /* - terminal marker 72 - */, +/* pos 0431: 631 */ 0xF4 /* 't' -> */, +/* pos 0432: 632 */ 0xE3 /* 'c' -> */, +/* pos 0433: 633 */ 0xE8 /* 'h' -> */, +/* pos 0434: 634 */ 0x00, 0x49 /* - terminal marker 73 - */, +/* pos 0436: 635 */ 0xF4 /* 't' -> */, +/* pos 0437: 636 */ 0x00, 0x4A /* - terminal marker 74 - */, +/* pos 0439: 637 */ 0xEC /* 'l' -> */, +/* pos 043a: 638 */ 0xE5 /* 'e' -> */, +/* pos 043b: 639 */ 0xF4 /* 't' -> */, +/* pos 043c: 640 */ 0xE5 /* 'e' -> */, +/* pos 043d: 641 */ 0x00, 0x4B /* - terminal marker 75 - */, +/* pos 043f: 642 */ 0xE9 /* 'i' -> */, +/* pos 0440: 643 */ 0xAD /* '-' -> */, +/* pos 0441: 644 */ 0xE1 /* 'a' -> */, +/* pos 0442: 645 */ 0xF2 /* 'r' -> */, +/* pos 0443: 646 */ 0xE7 /* 'g' -> */, +/* pos 0444: 647 */ 0xF3 /* 's' -> */, +/* pos 0445: 648 */ 0x00, 0x4C /* - terminal marker 76 - */, +/* pos 0447: 649 */ 0x00, 0x4D /* - terminal marker 77 - */, +/* pos 0449: 650 */ 0xAD /* '-' -> */, +/* pos 044a: 651 */ 0x72 /* 'r' */, 0x0A, 0x00 /* (to 0x0454 state 652) */, + 0x66 /* 'f' */, 0x13, 0x00 /* (to 0x0460 state 662) */, + 0x61 /* 'a' */, 0x3C, 0x00 /* (to 0x048C state 700) */, + 0x08, /* fail */ +/* pos 0454: 652 */ 0xE5 /* 'e' -> */, +/* pos 0455: 653 */ 0xE1 /* 'a' -> */, +/* pos 0456: 654 */ 0xEC /* 'l' -> */, +/* pos 0457: 655 */ 0xAD /* '-' -> */, +/* pos 0458: 656 */ 0xE9 /* 'i' -> */, +/* pos 0459: 657 */ 0xF0 /* 'p' -> */, +/* pos 045a: 658 */ 0xBA /* ':' -> */, +/* pos 045b: 659 */ 0x00, 0x4E /* - terminal marker 78 - */, +/* pos 045d: 660 */ 0xA0 /* ' ' -> */, +/* pos 045e: 661 */ 0x00, 0x4F /* - terminal marker 79 - */, +/* pos 0460: 662 */ 0xEF /* 'o' -> */, +/* pos 0461: 663 */ 0xF2 /* 'r' -> */, +/* pos 0462: 664 */ 0xF7 /* 'w' -> */, +/* pos 0463: 665 */ 0xE1 /* 'a' -> */, +/* pos 0464: 666 */ 0xF2 /* 'r' -> */, +/* pos 0465: 667 */ 0xE4 /* 'd' -> */, +/* pos 0466: 668 */ 0xE5 /* 'e' -> */, +/* pos 0467: 669 */ 0xE4 /* 'd' -> */, +/* pos 0468: 670 */ 0xAD /* '-' -> */, +/* pos 0469: 671 */ 0xE6 /* 'f' -> */, +/* pos 046a: 672 */ 0xEF /* 'o' -> */, +/* pos 046b: 673 */ 0xF2 /* 'r' -> */, +/* pos 046c: 674 */ 0x00, 0x50 /* - terminal marker 80 - */, +/* pos 046e: 675 */ 0x00, 0x51 /* - terminal marker 81 - */, +/* pos 0470: 676 */ 0xE1 /* 'a' -> */, +/* pos 0471: 677 */ 0xE4 /* 'd' -> */, +/* pos 0472: 678 */ 0xA0 /* ' ' -> */, +/* pos 0473: 679 */ 0x00, 0x52 /* - terminal marker 82 - */, +/* pos 0475: 680 */ 0xBA /* ':' -> */, +/* pos 0476: 681 */ 0x00, 0x53 /* - terminal marker 83 - */, +/* pos 0478: 682 */ 0xEC /* 'l' -> */, +/* pos 0479: 683 */ 0xE1 /* 'a' -> */, +/* pos 047a: 684 */ 0xF9 /* 'y' -> */, +/* pos 047b: 685 */ 0xAD /* '-' -> */, +/* pos 047c: 686 */ 0xEE /* 'n' -> */, +/* pos 047d: 687 */ 0xEF /* 'o' -> */, +/* pos 047e: 688 */ 0xEE /* 'n' -> */, +/* pos 047f: 689 */ 0xE3 /* 'c' -> */, +/* pos 0480: 690 */ 0xE5 /* 'e' -> */, +/* pos 0481: 691 */ 0xBA /* ':' -> */, +/* pos 0482: 692 */ 0x00, 0x54 /* - terminal marker 84 - */, +/* pos 0484: 693 */ 0xEF /* 'o' -> */, +/* pos 0485: 694 */ 0xF4 /* 't' -> */, +/* pos 0486: 695 */ 0xEF /* 'o' -> */, +/* pos 0487: 696 */ 0xE3 /* 'c' -> */, +/* pos 0488: 697 */ 0xEF /* 'o' -> */, +/* pos 0489: 698 */ 0xEC /* 'l' -> */, +/* pos 048a: 699 */ 0x00, 0x55 /* - terminal marker 85 - */, +/* pos 048c: 700 */ 0xF5 /* 'u' -> */, +/* pos 048d: 701 */ 0xF4 /* 't' -> */, +/* pos 048e: 702 */ 0xE8 /* 'h' -> */, +/* pos 048f: 703 */ 0xAD /* '-' -> */, +/* pos 0490: 704 */ 0xF4 /* 't' -> */, +/* pos 0491: 705 */ 0xEF /* 'o' -> */, +/* pos 0492: 706 */ 0xEB /* 'k' -> */, +/* pos 0493: 707 */ 0xE5 /* 'e' -> */, +/* pos 0494: 708 */ 0xEE /* 'n' -> */, +/* pos 0495: 709 */ 0xBA /* ':' -> */, +/* pos 0496: 710 */ 0x00, 0x56 /* - terminal marker 86 - */, +/* total size 1176 bytes */ diff --git a/lib/roles/http/minilex.c b/lib/roles/http/minilex.c new file mode 100644 index 0000000..3cb1e33 --- /dev/null +++ b/lib/roles/http/minilex.c @@ -0,0 +1,272 @@ +/* + * minilex.c + * + * High efficiency lexical state parser + * + * Copyright (C)2011-2014 Andy Green + * + * Licensed under LGPL2 + * + * Usage: gcc minilex.c -o minilex && ./minilex > lextable.h + * + * Run it twice to test parsing on the generated table on stderr + */ + +#include +#include +#include + +#include "lextable-strings.h" + +/* + * b7 = 0 = 1-byte seq + * 0x08 = fail + * 2-byte seq + * 0x00 - 0x07, then terminal as given in 2nd byte + 3-byte seq + * no match: go fwd 3 byte, match: jump fwd by amt in +1/+2 bytes + * = 1 = 1-byte seq + * no match: die, match go fwd 1 byte + */ + +unsigned char lextable[] = { + #include "lextable.h" +}; + +#define PARALLEL 30 + +struct state { + char c[PARALLEL]; + int state[PARALLEL]; + int count; + int bytepos; + + int real_pos; +}; + +struct state state[1000]; +int next = 1; + +#define FAIL_CHAR 0x08 + +int lextable_decode(int pos, char c) +{ + while (1) { + if (lextable[pos] & (1 << 7)) { /* 1-byte, fail on mismatch */ + if ((lextable[pos] & 0x7f) != c) + return -1; + /* fall thru */ + pos++; + if (lextable[pos] == FAIL_CHAR) + return -1; + return pos; + } else { /* b7 = 0, end or 3-byte */ + if (lextable[pos] < FAIL_CHAR) /* terminal marker */ + return pos; + + if (lextable[pos] == c) /* goto */ + return pos + (lextable[pos + 1]) + + (lextable[pos + 2] << 8); + /* fall thru goto */ + pos += 3; + /* continue */ + } + } +} + +int main(void) +{ + int n = 0; + int m = 0; + int prev; + char c; + int walk; + int saw; + int y; + int j; + int pos = 0; + + while (n < sizeof(set) / sizeof(set[0])) { + + m = 0; + walk = 0; + prev = 0; + + if (set[n][0] == '\0') { + n++; + continue; + } + + while (set[n][m]) { + + saw = 0; + for (y = 0; y < state[walk].count; y++) + if (state[walk].c[y] == set[n][m]) { + /* exists -- go forward */ + walk = state[walk].state[y]; + saw = 1; + break; + } + + if (saw) + goto again; + + /* something we didn't see before */ + + state[walk].c[state[walk].count] = set[n][m]; + + state[walk].state[state[walk].count] = next; + state[walk].count++; + walk = next++; +again: + m++; + } + + state[walk].c[0] = n++; + state[walk].state[0] = 0; /* terminal marker */ + state[walk].count = 1; + } + + walk = 0; + for (n = 0; n < next; n++) { + state[n].bytepos = walk; + walk += (2 * state[n].count); + } + + /* compute everyone's position first */ + + pos = 0; + walk = 0; + for (n = 0; n < next; n++) { + + state[n].real_pos = pos; + + for (m = 0; m < state[n].count; m++) { + + if (state[n].state[m] == 0) + pos += 2; /* terminal marker */ + else { /* c is a character */ + if ((state[state[n].state[m]].bytepos - + walk) == 2) + pos++; + else { + pos += 3; + if (m == state[n].count - 1) + pos++; /* fail */ + } + } + walk += 2; + } + } + + walk = 0; + pos = 0; + for (n = 0; n < next; n++) { + for (m = 0; m < state[n].count; m++) { + + if (!m) + fprintf(stdout, "/* pos %04x: %3d */ ", + state[n].real_pos, n); + else + fprintf(stdout, " "); + + y = state[n].c[m]; + saw = state[n].state[m]; + + if (saw == 0) { // c is a terminal then + + if (y > 0x7ff) { + fprintf(stderr, "terminal too big\n"); + return 2; + } + + fprintf(stdout, " 0x%02X, 0x%02X " + " " + "/* - terminal marker %2d - */,\n", + y >> 8, y & 0xff, y & 0x7f); + pos += 2; + walk += 2; + continue; + } + + /* c is a character */ + + prev = y &0x7f; + if (prev < 32 || prev > 126) + prev = '.'; + + + if ((state[saw].bytepos - walk) == 2) { + fprintf(stdout, " 0x%02X /* '%c' -> */,\n", + y | 0x80, prev); + pos++; + walk += 2; + continue; + } + + j = state[saw].real_pos - pos; + + if (j > 0xffff) { + fprintf(stderr, + "Jump > 64K bytes ahead (%d to %d)\n", + state[n].real_pos, state[saw].real_pos); + return 1; + } + fprintf(stdout, " 0x%02X /* '%c' */, 0x%02X, 0x%02X " + "/* (to 0x%04X state %3d) */,\n", + y, prev, + j & 0xff, j >> 8, + state[saw].real_pos, saw); + pos += 3; + + if (m == state[n].count - 1) { + fprintf(stdout, + " 0x%02X, /* fail */\n", + FAIL_CHAR); + pos++; /* fail */ + } + + walk += 2; + } + } + + fprintf(stdout, "/* total size %d bytes */\n", pos); + + /* + * Try to parse every legal input string + */ + + for (n = 0; n < sizeof(set) / sizeof(set[0]); n++) { + walk = 0; + m = 0; + y = -1; + + if (set[n][0] == '\0') + continue; + + fprintf(stderr, " trying '%s'\n", set[n]); + + while (set[n][m]) { + walk = lextable_decode(walk, set[n][m]); + if (walk < 0) { + fprintf(stderr, "failed\n"); + return 3; + } + + if (lextable[walk] < FAIL_CHAR) { + y = (lextable[walk] << 8) + lextable[walk + 1]; + break; + } + m++; + } + + if (y != n) { + fprintf(stderr, "decode failed %d\n", y); + return 4; + } + } + + fprintf(stderr, "All decode OK\n"); + + return 0; +} diff --git a/lib/roles/http/server/access-log.c b/lib/roles/http/server/access-log.c new file mode 100644 index 0000000..a4e30fe --- /dev/null +++ b/lib/roles/http/server/access-log.c @@ -0,0 +1,182 @@ +/* + * libwebsockets - server access log handling + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +/* + * Produce Apache-compatible log string for wsi, like this: + * + * 2.31.234.19 - - [27/Mar/2016:03:22:44 +0800] + * "GET /aep-screen.png HTTP/1.1" + * 200 152987 "https://libwebsockets.org/index.html" + * "Mozilla/5.0 (Macint... Chrome/49.0.2623.87 Safari/537.36" + * + */ + +extern const char * const method_names[]; + +static const char * const hver[] = { + "HTTP/1.0", "HTTP/1.1", "HTTP/2" +}; + +void +lws_prepare_access_log_info(struct lws *wsi, char *uri_ptr, int meth) +{ +#ifdef LWS_WITH_IPV6 + char ads[INET6_ADDRSTRLEN]; +#else + char ads[INET_ADDRSTRLEN]; +#endif + char da[64]; + const char *pa, *me; + struct tm *tmp; + time_t t = time(NULL); + int l = 256, m; + + if (!wsi->vhost) + return; + + /* only worry about preparing it if we store it */ + if (wsi->vhost->log_fd == (int)LWS_INVALID_FILE) + return; + + if (wsi->access_log_pending) + lws_access_log(wsi); + + wsi->access_log.header_log = lws_malloc(l, "access log"); + if (wsi->access_log.header_log) { + + tmp = localtime(&t); + if (tmp) + strftime(da, sizeof(da), "%d/%b/%Y:%H:%M:%S %z", tmp); + else + strcpy(da, "01/Jan/1970:00:00:00 +0000"); + + pa = lws_get_peer_simple(wsi, ads, sizeof(ads)); + if (!pa) + pa = "(unknown)"; + + if (wsi->http2_substream) + me = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_METHOD); + else + me = method_names[meth]; + if (!me) + me = "(null)"; + + lws_snprintf(wsi->access_log.header_log, l, + "%s - - [%s] \"%s %s %s\"", + pa, da, me, uri_ptr, + hver[wsi->http.request_version]); + + l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_USER_AGENT); + if (l) { + wsi->access_log.user_agent = lws_malloc(l + 2, "access log"); + if (!wsi->access_log.user_agent) { + lwsl_err("OOM getting user agent\n"); + lws_free_set_NULL(wsi->access_log.header_log); + return; + } + + lws_hdr_copy(wsi, wsi->access_log.user_agent, + l + 1, WSI_TOKEN_HTTP_USER_AGENT); + + for (m = 0; m < l; m++) + if (wsi->access_log.user_agent[m] == '\"') + wsi->access_log.user_agent[m] = '\''; + } + l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_REFERER); + if (l) { + wsi->access_log.referrer = lws_malloc(l + 2, "referrer"); + if (!wsi->access_log.referrer) { + lwsl_err("OOM getting user agent\n"); + lws_free_set_NULL(wsi->access_log.user_agent); + lws_free_set_NULL(wsi->access_log.header_log); + return; + } + lws_hdr_copy(wsi, wsi->access_log.referrer, + l + 1, WSI_TOKEN_HTTP_REFERER); + + for (m = 0; m < l; m++) + if (wsi->access_log.referrer[m] == '\"') + wsi->access_log.referrer[m] = '\''; + } + wsi->access_log_pending = 1; + } +} + + +int +lws_access_log(struct lws *wsi) +{ + char *p = wsi->access_log.user_agent, ass[512], + *p1 = wsi->access_log.referrer; + int l; + + if (!wsi->vhost) + return 0; + + if (wsi->vhost->log_fd == (int)LWS_INVALID_FILE) + return 0; + + if (!wsi->access_log_pending) + return 0; + + if (!wsi->access_log.header_log) + return 0; + + if (!p) + p = ""; + + if (!p1) + p1 = ""; + + /* + * We do this in two parts to restrict an oversize referrer such that + * we will always have space left to append an empty useragent, while + * maintaining the structure of the log text + */ + l = lws_snprintf(ass, sizeof(ass) - 7, "%s %d %lu \"%s", + wsi->access_log.header_log, + wsi->access_log.response, wsi->access_log.sent, p1); + if (strlen(p) > sizeof(ass) - 6 - l) + p[sizeof(ass) - 6 - l] = '\0'; + l += lws_snprintf(ass + l, sizeof(ass) - 1 - l, "\" \"%s\"\n", p); + + if (write(wsi->vhost->log_fd, ass, l) != l) + lwsl_err("Failed to write log\n"); + + if (wsi->access_log.header_log) { + lws_free(wsi->access_log.header_log); + wsi->access_log.header_log = NULL; + } + if (wsi->access_log.user_agent) { + lws_free(wsi->access_log.user_agent); + wsi->access_log.user_agent = NULL; + } + if (wsi->access_log.referrer) { + lws_free(wsi->access_log.referrer); + wsi->access_log.referrer = NULL; + } + wsi->access_log_pending = 0; + + return 0; +} + diff --git a/lib/roles/http/server/fops-zip.c b/lib/roles/http/server/fops-zip.c new file mode 100644 index 0000000..f8ede1f --- /dev/null +++ b/lib/roles/http/server/fops-zip.c @@ -0,0 +1,668 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Original code used in this source file: + * + * https://github.com/PerBothner/DomTerm.git @912add15f3d0aec + * + * ./lws-term/io.c + * ./lws-term/junzip.c + * + * Copyright (C) 2017 Per Bothner + * + * MIT License + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * ( copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * + * lws rewrite: + * + * Copyright (C) 2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +#include + +/* + * This code works with zip format containers which may have files compressed + * with gzip deflate (type 8) or store uncompressed (type 0). + * + * Linux zip produces such zipfiles by default, eg + * + * $ zip ../myzip.zip file1 file2 file3 + */ + +#define ZIP_COMPRESSION_METHOD_STORE 0 +#define ZIP_COMPRESSION_METHOD_DEFLATE 8 + +typedef struct { + lws_filepos_t filename_start; + uint32_t crc32; + uint32_t comp_size; + uint32_t uncomp_size; + uint32_t offset; + uint32_t mod_time; + uint16_t filename_len; + uint16_t extra; + uint16_t method; + uint16_t file_com_len; +} lws_fops_zip_hdr_t; + +typedef struct { + struct lws_fop_fd fop_fd; /* MUST BE FIRST logical fop_fd into + * file inside zip: fops_zip fops */ + lws_fop_fd_t zip_fop_fd; /* logical fop fd on to zip file + * itself: using platform fops */ + lws_fops_zip_hdr_t hdr; + z_stream inflate; + lws_filepos_t content_start; + lws_filepos_t exp_uncomp_pos; + union { + uint8_t trailer8[8]; + uint32_t trailer32[2]; + } u; + uint8_t rbuf[128]; /* decompression chunk size */ + int entry_count; + + unsigned int decompress:1; /* 0 = direct from file */ + unsigned int add_gzip_container:1; +} *lws_fops_zip_t; + +struct lws_plat_file_ops fops_zip; +#define fop_fd_to_priv(FD) ((lws_fops_zip_t)(FD)) + +static const uint8_t hd[] = { 31, 139, 8, 0, 0, 0, 0, 0, 0, 3 }; + +enum { + ZC_SIGNATURE = 0, + ZC_VERSION_MADE_BY = 4, + ZC_VERSION_NEEDED_TO_EXTRACT = 6, + ZC_GENERAL_PURPOSE_BIT_FLAG = 8, + ZC_COMPRESSION_METHOD = 10, + ZC_LAST_MOD_FILE_TIME = 12, + ZC_LAST_MOD_FILE_DATE = 14, + ZC_CRC32 = 16, + ZC_COMPRESSED_SIZE = 20, + ZC_UNCOMPRESSED_SIZE = 24, + ZC_FILE_NAME_LENGTH = 28, + ZC_EXTRA_FIELD_LENGTH = 30, + + ZC_FILE_COMMENT_LENGTH = 32, + ZC_DISK_NUMBER_START = 34, + ZC_INTERNAL_FILE_ATTRIBUTES = 36, + ZC_EXTERNAL_FILE_ATTRIBUTES = 38, + ZC_REL_OFFSET_LOCAL_HEADER = 42, + ZC_DIRECTORY_LENGTH = 46, + + ZE_SIGNATURE_OFFSET = 0, + ZE_DESK_NUMBER = 4, + ZE_CENTRAL_DIRECTORY_DISK_NUMBER = 6, + ZE_NUM_ENTRIES_THIS_DISK = 8, + ZE_NUM_ENTRIES = 10, + ZE_CENTRAL_DIRECTORY_SIZE = 12, + ZE_CENTRAL_DIR_OFFSET = 16, + ZE_ZIP_COMMENT_LENGTH = 20, + ZE_DIRECTORY_LENGTH = 22, + + ZL_REL_OFFSET_CONTENT = 28, + ZL_HEADER_LENGTH = 30, + + LWS_FZ_ERR_SEEK_END_RECORD = 1, + LWS_FZ_ERR_READ_END_RECORD, + LWS_FZ_ERR_END_RECORD_MAGIC, + LWS_FZ_ERR_END_RECORD_SANITY, + LWS_FZ_ERR_CENTRAL_SEEK, + LWS_FZ_ERR_CENTRAL_READ, + LWS_FZ_ERR_CENTRAL_SANITY, + LWS_FZ_ERR_NAME_TOO_LONG, + LWS_FZ_ERR_NAME_SEEK, + LWS_FZ_ERR_NAME_READ, + LWS_FZ_ERR_CONTENT_SANITY, + LWS_FZ_ERR_CONTENT_SEEK, + LWS_FZ_ERR_SCAN_SEEK, + LWS_FZ_ERR_NOT_FOUND, + LWS_FZ_ERR_ZLIB_INIT, + LWS_FZ_ERR_READ_CONTENT, + LWS_FZ_ERR_SEEK_COMPRESSED, +}; + +static uint16_t +get_u16(void *p) +{ + const uint8_t *c = (const uint8_t *)p; + + return (uint16_t)((c[0] | (c[1] << 8))); +} + +static uint32_t +get_u32(void *p) +{ + const uint8_t *c = (const uint8_t *)p; + + return (uint32_t)((c[0] | (c[1] << 8) | (c[2] << 16) | (c[3] << 24))); +} + +int +lws_fops_zip_scan(lws_fops_zip_t priv, const char *name, int len) +{ + lws_filepos_t amount; + uint8_t buf[96]; + int i; + + if (lws_vfs_file_seek_end(priv->zip_fop_fd, -ZE_DIRECTORY_LENGTH) < 0) + return LWS_FZ_ERR_SEEK_END_RECORD; + + if (lws_vfs_file_read(priv->zip_fop_fd, &amount, buf, + ZE_DIRECTORY_LENGTH)) + return LWS_FZ_ERR_READ_END_RECORD; + + if (amount != ZE_DIRECTORY_LENGTH) + return LWS_FZ_ERR_READ_END_RECORD; + + /* + * We require the zip to have the last record right at the end + * Linux zip always does this if no zip comment. + */ + if (buf[0] != 'P' || buf[1] != 'K' || buf[2] != 5 || buf[3] != 6) + return LWS_FZ_ERR_END_RECORD_MAGIC; + + i = get_u16(buf + ZE_NUM_ENTRIES); + + if (get_u16(buf + ZE_DESK_NUMBER) || + get_u16(buf + ZE_CENTRAL_DIRECTORY_DISK_NUMBER) || + i != get_u16(buf + ZE_NUM_ENTRIES_THIS_DISK)) + return LWS_FZ_ERR_END_RECORD_SANITY; + + /* end record is OK... look for our file in the central dir */ + + if (lws_vfs_file_seek_set(priv->zip_fop_fd, + get_u32(buf + ZE_CENTRAL_DIR_OFFSET)) < 0) + return LWS_FZ_ERR_CENTRAL_SEEK; + + while (i--) { + priv->content_start = lws_vfs_tell(priv->zip_fop_fd); + + if (lws_vfs_file_read(priv->zip_fop_fd, &amount, buf, + ZC_DIRECTORY_LENGTH)) + return LWS_FZ_ERR_CENTRAL_READ; + + if (amount != ZC_DIRECTORY_LENGTH) + return LWS_FZ_ERR_CENTRAL_READ; + + if (get_u32(buf + ZC_SIGNATURE) != 0x02014B50) + return LWS_FZ_ERR_CENTRAL_SANITY; + + lwsl_debug("cstart 0x%lx\n", (unsigned long)priv->content_start); + + priv->hdr.filename_len = get_u16(buf + ZC_FILE_NAME_LENGTH); + priv->hdr.extra = get_u16(buf + ZC_EXTRA_FIELD_LENGTH); + priv->hdr.filename_start = lws_vfs_tell(priv->zip_fop_fd); + + priv->hdr.method = get_u16(buf + ZC_COMPRESSION_METHOD); + priv->hdr.crc32 = get_u32(buf + ZC_CRC32); + priv->hdr.comp_size = get_u32(buf + ZC_COMPRESSED_SIZE); + priv->hdr.uncomp_size = get_u32(buf + ZC_UNCOMPRESSED_SIZE); + priv->hdr.offset = get_u32(buf + ZC_REL_OFFSET_LOCAL_HEADER); + priv->hdr.mod_time = get_u32(buf + ZC_LAST_MOD_FILE_TIME); + priv->hdr.file_com_len = get_u16(buf + ZC_FILE_COMMENT_LENGTH); + + if (priv->hdr.filename_len != len) + goto next; + + if (len >= (int)sizeof(buf) - 1) + return LWS_FZ_ERR_NAME_TOO_LONG; + + if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd, + &amount, buf, len)) + return LWS_FZ_ERR_NAME_READ; + if ((int)amount != len) + return LWS_FZ_ERR_NAME_READ; + + buf[len] = '\0'; + lwsl_debug("check %s vs %s\n", buf, name); + + if (strcmp((const char *)buf, name)) + goto next; + + /* we found a match */ + if (lws_vfs_file_seek_set(priv->zip_fop_fd, priv->hdr.offset) < 0) + return LWS_FZ_ERR_NAME_SEEK; + if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd, + &amount, buf, + ZL_HEADER_LENGTH)) + return LWS_FZ_ERR_NAME_READ; + if (amount != ZL_HEADER_LENGTH) + return LWS_FZ_ERR_NAME_READ; + + priv->content_start = priv->hdr.offset + + ZL_HEADER_LENGTH + + priv->hdr.filename_len + + get_u16(buf + ZL_REL_OFFSET_CONTENT); + + lwsl_debug("content supposed to start at 0x%lx\n", + (unsigned long)priv->content_start); + + if (priv->content_start > priv->zip_fop_fd->len) + return LWS_FZ_ERR_CONTENT_SANITY; + + if (lws_vfs_file_seek_set(priv->zip_fop_fd, + priv->content_start) < 0) + return LWS_FZ_ERR_CONTENT_SEEK; + + /* we are aligned at the start of the content */ + + priv->exp_uncomp_pos = 0; + + return 0; + +next: + if (i && lws_vfs_file_seek_set(priv->zip_fop_fd, + priv->content_start + + ZC_DIRECTORY_LENGTH + + priv->hdr.filename_len + + priv->hdr.extra + + priv->hdr.file_com_len) < 0) + return LWS_FZ_ERR_SCAN_SEEK; + } + + return LWS_FZ_ERR_NOT_FOUND; +} + +static int +lws_fops_zip_reset_inflate(lws_fops_zip_t priv) +{ + if (priv->decompress) + inflateEnd(&priv->inflate); + + priv->inflate.zalloc = Z_NULL; + priv->inflate.zfree = Z_NULL; + priv->inflate.opaque = Z_NULL; + priv->inflate.avail_in = 0; + priv->inflate.next_in = Z_NULL; + + if (inflateInit2(&priv->inflate, -MAX_WBITS) != Z_OK) { + lwsl_err("inflate init failed\n"); + return LWS_FZ_ERR_ZLIB_INIT; + } + + if (lws_vfs_file_seek_set(priv->zip_fop_fd, priv->content_start) < 0) + return LWS_FZ_ERR_CONTENT_SEEK; + + priv->exp_uncomp_pos = 0; + + return 0; +} + +static lws_fop_fd_t +lws_fops_zip_open(const struct lws_plat_file_ops *fops, const char *vfs_path, + const char *vpath, lws_fop_flags_t *flags) +{ + lws_fop_flags_t local_flags = 0; + lws_fops_zip_t priv; + char rp[192]; + int m; + + /* + * vpath points at the / after the fops signature in vfs_path, eg + * with a vfs_path "/var/www/docs/manual.zip/index.html", vpath + * will come pointing at "/index.html" + */ + + priv = lws_zalloc(sizeof(*priv), "fops_zip priv"); + if (!priv) + return NULL; + + priv->fop_fd.fops = &fops_zip; + + m = sizeof(rp) - 1; + if ((vpath - vfs_path - 1) < m) + m = lws_ptr_diff(vpath, vfs_path) - 1; + lws_strncpy(rp, vfs_path, m + 1); + + /* open the zip file itself using the incoming fops, not fops_zip */ + + priv->zip_fop_fd = fops->LWS_FOP_OPEN(fops, rp, NULL, &local_flags); + if (!priv->zip_fop_fd) { + lwsl_err("unable to open zip %s\n", rp); + goto bail1; + } + + if (*vpath == '/') + vpath++; + + m = lws_fops_zip_scan(priv, vpath, (int)strlen(vpath)); + if (m) { + lwsl_err("unable to find record matching '%s' %d\n", vpath, m); + goto bail2; + } + + /* the directory metadata tells us modification time, so pass it on */ + priv->fop_fd.mod_time = priv->hdr.mod_time; + *flags |= LWS_FOP_FLAG_MOD_TIME_VALID | LWS_FOP_FLAG_VIRTUAL; + priv->fop_fd.flags = *flags; + + /* The zip fop_fd is left pointing at the start of the content. + * + * 1) Content could be uncompressed (STORE), and we can always serve + * that directly + * + * 2) Content could be compressed (GZIP), and the client can handle + * receiving GZIP... we can wrap it in a GZIP header and trailer + * and serve the content part directly. The flag indicating we + * are providing GZIP directly is set so lws will send the right + * headers. + * + * 3) Content could be compressed (GZIP) but the client can't handle + * receiving GZIP... we can decompress it and serve as it is + * inflated piecemeal. + * + * 4) Content may be compressed some unknown way... fail + * + */ + if (priv->hdr.method == ZIP_COMPRESSION_METHOD_STORE) { + /* + * it is stored uncompressed, leave it indicated as + * uncompressed, and just serve it from inside the + * zip with no gzip container; + */ + + lwsl_info("direct zip serving (stored)\n"); + + priv->fop_fd.len = priv->hdr.uncomp_size; + + return &priv->fop_fd; + } + + if ((*flags & LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP) && + priv->hdr.method == ZIP_COMPRESSION_METHOD_DEFLATE) { + + /* + * We can serve the gzipped file contents directly as gzip + * from inside the zip container; client says it is OK. + * + * To convert to standalone gzip, we have to add a 10-byte + * constant header and a variable 8-byte trailer around the + * content. + * + * The 8-byte trailer is prepared now and held in the priv. + */ + + lwsl_info("direct zip serving (gzipped)\n"); + + priv->fop_fd.len = sizeof(hd) + priv->hdr.comp_size + + sizeof(priv->u); + + if (lws_is_be()) { + uint8_t *p = priv->u.trailer8; + + *p++ = (uint8_t)priv->hdr.crc32; + *p++ = (uint8_t)(priv->hdr.crc32 >> 8); + *p++ = (uint8_t)(priv->hdr.crc32 >> 16); + *p++ = (uint8_t)(priv->hdr.crc32 >> 24); + *p++ = (uint8_t)priv->hdr.uncomp_size; + *p++ = (uint8_t)(priv->hdr.uncomp_size >> 8); + *p++ = (uint8_t)(priv->hdr.uncomp_size >> 16); + *p = (uint8_t)(priv->hdr.uncomp_size >> 24); + } else { + priv->u.trailer32[0] = priv->hdr.crc32; + priv->u.trailer32[1] = priv->hdr.uncomp_size; + } + + *flags |= LWS_FOP_FLAG_COMPR_IS_GZIP; + priv->fop_fd.flags = *flags; + priv->add_gzip_container = 1; + + return &priv->fop_fd; + } + + if (priv->hdr.method == ZIP_COMPRESSION_METHOD_DEFLATE) { + + /* we must decompress it to serve it */ + + lwsl_info("decompressed zip serving\n"); + + priv->fop_fd.len = priv->hdr.uncomp_size; + + if (lws_fops_zip_reset_inflate(priv)) { + lwsl_err("inflate init failed\n"); + goto bail2; + } + + priv->decompress = 1; + + return &priv->fop_fd; + } + + /* we can't handle it ... */ + + lwsl_err("zipped file %s compressed in unknown way (%d)\n", vfs_path, + priv->hdr.method); + +bail2: + lws_vfs_file_close(&priv->zip_fop_fd); +bail1: + free(priv); + + return NULL; +} + +/* ie, we are closing the fop_fd for the file inside the gzip */ + +static int +lws_fops_zip_close(lws_fop_fd_t *fd) +{ + lws_fops_zip_t priv = fop_fd_to_priv(*fd); + + if (priv->decompress) + inflateEnd(&priv->inflate); + + lws_vfs_file_close(&priv->zip_fop_fd); /* close the gzip fop_fd */ + + free(priv); + *fd = NULL; + + return 0; +} + +static lws_fileofs_t +lws_fops_zip_seek_cur(lws_fop_fd_t fd, lws_fileofs_t offset_from_cur_pos) +{ + fd->pos += offset_from_cur_pos; + + return fd->pos; +} + +static int +lws_fops_zip_read(lws_fop_fd_t fd, lws_filepos_t *amount, uint8_t *buf, + lws_filepos_t len) +{ + lws_fops_zip_t priv = fop_fd_to_priv(fd); + lws_filepos_t ramount, rlen, cur = lws_vfs_tell(fd); + int ret; + + if (priv->decompress) { + + if (priv->exp_uncomp_pos != fd->pos) { + /* + * there has been a seek in the uncompressed fop_fd + * we have to restart the decompression and loop eating + * the decompressed data up to the seek point + */ + lwsl_info("seek in decompressed\n"); + + lws_fops_zip_reset_inflate(priv); + + while (priv->exp_uncomp_pos != fd->pos) { + rlen = len; + if (rlen > fd->pos - priv->exp_uncomp_pos) + rlen = fd->pos - priv->exp_uncomp_pos; + if (lws_fops_zip_read(fd, amount, buf, rlen)) + return LWS_FZ_ERR_SEEK_COMPRESSED; + } + *amount = 0; + } + + priv->inflate.avail_out = (unsigned int)len; + priv->inflate.next_out = buf; + +spin: + if (!priv->inflate.avail_in) { + rlen = sizeof(priv->rbuf); + if (rlen > priv->hdr.comp_size - + (cur - priv->content_start)) + rlen = priv->hdr.comp_size - + (priv->hdr.comp_size - + priv->content_start); + + if (priv->zip_fop_fd->fops->LWS_FOP_READ( + priv->zip_fop_fd, &ramount, priv->rbuf, + rlen)) + return LWS_FZ_ERR_READ_CONTENT; + + cur += ramount; + + priv->inflate.avail_in = (unsigned int)ramount; + priv->inflate.next_in = priv->rbuf; + } + + ret = inflate(&priv->inflate, Z_NO_FLUSH); + if (ret == Z_STREAM_ERROR) + return ret; + + switch (ret) { + case Z_NEED_DICT: + ret = Z_DATA_ERROR; + /* fallthru */ + case Z_DATA_ERROR: + case Z_MEM_ERROR: + + return ret; + } + + if (!priv->inflate.avail_in && priv->inflate.avail_out && + cur != priv->content_start + priv->hdr.comp_size) + goto spin; + + *amount = len - priv->inflate.avail_out; + + priv->exp_uncomp_pos += *amount; + fd->pos += *amount; + + return 0; + } + + if (priv->add_gzip_container) { + + lwsl_info("%s: gzip + container\n", __func__); + *amount = 0; + + /* place the canned header at the start */ + + if (len && fd->pos < sizeof(hd)) { + rlen = sizeof(hd) - fd->pos; + if (rlen > len) + rlen = len; + /* provide stuff from canned header */ + memcpy(buf, hd + fd->pos, (size_t)rlen); + fd->pos += rlen; + buf += rlen; + len -= rlen; + *amount += rlen; + } + + /* serve gzipped data direct from zipfile */ + + if (len && fd->pos >= sizeof(hd) && + fd->pos < priv->hdr.comp_size + sizeof(hd)) { + + rlen = priv->hdr.comp_size - (priv->zip_fop_fd->pos - + priv->content_start); + if (rlen > len) + rlen = len; + + if (rlen && + priv->zip_fop_fd->pos < (priv->hdr.comp_size + + priv->content_start)) { + if (lws_vfs_file_read(priv->zip_fop_fd, + &ramount, buf, rlen)) + return LWS_FZ_ERR_READ_CONTENT; + *amount += ramount; + fd->pos += ramount; // virtual pos + buf += ramount; + len -= ramount; + } + } + + /* place the prepared trailer at the end */ + + if (len && fd->pos >= priv->hdr.comp_size + sizeof(hd) && + fd->pos < priv->hdr.comp_size + sizeof(hd) + + sizeof(priv->u)) { + cur = fd->pos - priv->hdr.comp_size - sizeof(hd); + rlen = sizeof(priv->u) - cur; + if (rlen > len) + rlen = len; + + memcpy(buf, priv->u.trailer8 + cur, (size_t)rlen); + + *amount += rlen; + fd->pos += rlen; + } + + return 0; + } + + lwsl_info("%s: store\n", __func__); + + if (len > priv->hdr.uncomp_size - (cur - priv->content_start)) + len = priv->hdr.comp_size - (priv->hdr.comp_size - + priv->content_start); + + if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd, + amount, buf, len)) + return LWS_FZ_ERR_READ_CONTENT; + + return 0; +} + +struct lws_plat_file_ops fops_zip = { + lws_fops_zip_open, + lws_fops_zip_close, + lws_fops_zip_seek_cur, + lws_fops_zip_read, + NULL, + { { ".zip/", 5 }, { ".jar/", 5 }, { ".war/", 5 } }, + NULL, +}; diff --git a/lib/roles/http/server/lejp-conf.c b/lib/roles/http/server/lejp-conf.c new file mode 100644 index 0000000..7a5799d --- /dev/null +++ b/lib/roles/http/server/lejp-conf.c @@ -0,0 +1,971 @@ +/* + * libwebsockets web server application + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +#ifndef _WIN32 +/* this is needed for Travis CI */ +#include +#endif + +#define ESC_INSTALL_DATADIR "_lws_ddir_" + +static const char * const paths_global[] = { + "global.uid", + "global.gid", + "global.count-threads", + "global.init-ssl", + "global.server-string", + "global.plugin-dir", + "global.ws-pingpong-secs", + "global.timeout-secs", + "global.reject-service-keywords[].*", + "global.reject-service-keywords[]", +}; + +enum lejp_global_paths { + LEJPGP_UID, + LEJPGP_GID, + LEJPGP_COUNT_THREADS, + LWJPGP_INIT_SSL, + LEJPGP_SERVER_STRING, + LEJPGP_PLUGIN_DIR, + LWJPGP_PINGPONG_SECS, + LWJPGP_TIMEOUT_SECS, + LWJPGP_REJECT_SERVICE_KEYWORDS_NAME, + LWJPGP_REJECT_SERVICE_KEYWORDS +}; + +static const char * const paths_vhosts[] = { + "vhosts[]", + "vhosts[].mounts[]", + "vhosts[].name", + "vhosts[].port", + "vhosts[].interface", + "vhosts[].unix-socket", + "vhosts[].sts", + "vhosts[].host-ssl-key", + "vhosts[].host-ssl-cert", + "vhosts[].host-ssl-ca", + "vhosts[].access-log", + "vhosts[].mounts[].mountpoint", + "vhosts[].mounts[].origin", + "vhosts[].mounts[].protocol", + "vhosts[].mounts[].default", + "vhosts[].mounts[].auth-mask", + "vhosts[].mounts[].cgi-timeout", + "vhosts[].mounts[].cgi-env[].*", + "vhosts[].mounts[].cache-max-age", + "vhosts[].mounts[].cache-reuse", + "vhosts[].mounts[].cache-revalidate", + "vhosts[].mounts[].basic-auth", + "vhosts[].mounts[].cache-intermediaries", + "vhosts[].mounts[].extra-mimetypes.*", + "vhosts[].mounts[].interpret.*", + "vhosts[].ws-protocols[].*.*", + "vhosts[].ws-protocols[].*", + "vhosts[].ws-protocols[]", + "vhosts[].keepalive_timeout", + "vhosts[].enable-client-ssl", + "vhosts[].ciphers", + "vhosts[].ecdh-curve", + "vhosts[].noipv6", + "vhosts[].ipv6only", + "vhosts[].ssl-option-set", + "vhosts[].ssl-option-clear", + "vhosts[].mounts[].pmo[].*", + "vhosts[].headers[].*", + "vhosts[].headers[]", + "vhosts[].client-ssl-key", + "vhosts[].client-ssl-cert", + "vhosts[].client-ssl-ca", + "vhosts[].client-ssl-ciphers", + "vhosts[].onlyraw", + "vhosts[].client-cert-required", + "vhosts[].ignore-missing-cert", + "vhosts[].error-document-404", +}; + +enum lejp_vhost_paths { + LEJPVP, + LEJPVP_MOUNTS, + LEJPVP_NAME, + LEJPVP_PORT, + LEJPVP_INTERFACE, + LEJPVP_UNIXSKT, + LEJPVP_STS, + LEJPVP_HOST_SSL_KEY, + LEJPVP_HOST_SSL_CERT, + LEJPVP_HOST_SSL_CA, + LEJPVP_ACCESS_LOG, + LEJPVP_MOUNTPOINT, + LEJPVP_ORIGIN, + LEJPVP_MOUNT_PROTOCOL, + LEJPVP_DEFAULT, + LEJPVP_DEFAULT_AUTH_MASK, + LEJPVP_CGI_TIMEOUT, + LEJPVP_CGI_ENV, + LEJPVP_MOUNT_CACHE_MAX_AGE, + LEJPVP_MOUNT_CACHE_REUSE, + LEJPVP_MOUNT_CACHE_REVALIDATE, + LEJPVP_MOUNT_BASIC_AUTH, + LEJPVP_MOUNT_CACHE_INTERMEDIARIES, + LEJPVP_MOUNT_EXTRA_MIMETYPES, + LEJPVP_MOUNT_INTERPRET, + LEJPVP_PROTOCOL_NAME_OPT, + LEJPVP_PROTOCOL_NAME, + LEJPVP_PROTOCOL, + LEJPVP_KEEPALIVE_TIMEOUT, + LEJPVP_ENABLE_CLIENT_SSL, + LEJPVP_CIPHERS, + LEJPVP_ECDH_CURVE, + LEJPVP_NOIPV6, + LEJPVP_IPV6ONLY, + LEJPVP_SSL_OPTION_SET, + LEJPVP_SSL_OPTION_CLEAR, + LEJPVP_PMO, + LEJPVP_HEADERS_NAME, + LEJPVP_HEADERS, + LEJPVP_CLIENT_SSL_KEY, + LEJPVP_CLIENT_SSL_CERT, + LEJPVP_CLIENT_SSL_CA, + LEJPVP_CLIENT_CIPHERS, + LEJPVP_FLAG_ONLYRAW, + LEJPVP_FLAG_CLIENT_CERT_REQUIRED, + LEJPVP_IGNORE_MISSING_CERT, + LEJPVP_ERROR_DOCUMENT_404, +}; + +static const char * const parser_errs[] = { + "", + "", + "No opening '{'", + "Expected closing '}'", + "Expected '\"'", + "String underrun", + "Illegal unescaped control char", + "Illegal escape format", + "Illegal hex number", + "Expected ':'", + "Illegal value start", + "Digit required after decimal point", + "Bad number format", + "Bad exponent format", + "Unknown token", + "Too many ']'", + "Mismatched ']'", + "Expected ']'", + "JSON nesting limit exceeded", + "Nesting tracking used up", + "Number too long", + "Comma or block end expected", + "Unknown", + "Parser callback errored (see earlier error)", +}; + +#define MAX_PLUGIN_DIRS 10 + +struct jpargs { + struct lws_context_creation_info *info; + struct lws_context *context; + const struct lws_protocols *protocols; + const struct lws_extension *extensions; + char *p, *end, valid; + struct lws_http_mount *head, *last; + + struct lws_protocol_vhost_options *pvo; + struct lws_protocol_vhost_options *pvo_em; + struct lws_protocol_vhost_options *pvo_int; + struct lws_http_mount m; + const char **plugin_dirs; + int count_plugin_dirs; + + unsigned int enable_client_ssl:1; + unsigned int fresh_mount:1; + unsigned int any_vhosts:1; +}; + +static void * +lwsws_align(struct jpargs *a) +{ + if ((lws_intptr_t)(a->p) & 15) + a->p += 16 - ((lws_intptr_t)(a->p) & 15); + + return a->p; +} + +static int +arg_to_bool(const char *s) +{ + static const char * const on[] = { "on", "yes", "true" }; + int n = atoi(s); + + if (n) + return 1; + + for (n = 0; n < (int)ARRAY_SIZE(on); n++) + if (!strcasecmp(s, on[n])) + return 1; + + return 0; +} + +static signed char +lejp_globals_cb(struct lejp_ctx *ctx, char reason) +{ + struct jpargs *a = (struct jpargs *)ctx->user; + struct lws_protocol_vhost_options *rej; + int n; + + /* we only match on the prepared path strings */ + if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match) + return 0; + + /* this catches, eg, vhosts[].headers[].xxx */ + if (reason == LEJPCB_VAL_STR_END && + ctx->path_match == LWJPGP_REJECT_SERVICE_KEYWORDS_NAME + 1) { + rej = lwsws_align(a); + a->p += sizeof(*rej); + + n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + rej->next = a->info->reject_service_keywords; + a->info->reject_service_keywords = rej; + rej->name = a->p; + lwsl_notice(" adding rej %s=%s\n", a->p, ctx->buf); + a->p += n - 1; + *(a->p++) = '\0'; + rej->value = a->p; + rej->options = NULL; + goto dostring; + } + + switch (ctx->path_match - 1) { + case LEJPGP_UID: + a->info->uid = atoi(ctx->buf); + return 0; + case LEJPGP_GID: + a->info->gid = atoi(ctx->buf); + return 0; + case LEJPGP_COUNT_THREADS: + a->info->count_threads = atoi(ctx->buf); + return 0; + case LWJPGP_INIT_SSL: + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT; + return 0; + case LEJPGP_SERVER_STRING: + a->info->server_string = a->p; + break; + case LEJPGP_PLUGIN_DIR: + if (a->count_plugin_dirs == MAX_PLUGIN_DIRS - 1) { + lwsl_err("Too many plugin dirs\n"); + return -1; + } + a->plugin_dirs[a->count_plugin_dirs++] = a->p; + break; + + case LWJPGP_PINGPONG_SECS: + a->info->ws_ping_pong_interval = atoi(ctx->buf); + return 0; + + case LWJPGP_TIMEOUT_SECS: + a->info->timeout_secs = atoi(ctx->buf); + return 0; + + default: + return 0; + } + +dostring: + a->p += lws_snprintf(a->p, a->end - a->p, "%s", ctx->buf); + *(a->p)++ = '\0'; + + return 0; +} + +static signed char +lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) +{ + struct jpargs *a = (struct jpargs *)ctx->user; + struct lws_protocol_vhost_options *pvo, *mp_cgienv, *headers; + struct lws_http_mount *m; + char *p, *p1; + int n; + +#if 0 + lwsl_notice(" %d: %s (%d)\n", reason, ctx->path, ctx->path_match); + for (n = 0; n < ctx->wildcount; n++) + lwsl_notice(" %d\n", ctx->wild[n]); +#endif + + if (reason == LEJPCB_OBJECT_START && ctx->path_match == LEJPVP + 1) { + uint32_t i[4]; + const char *ss; + + /* set the defaults for this vhost */ + a->valid = 1; + a->head = NULL; + a->last = NULL; + + i[0] = a->info->count_threads; + i[1] = a->info->options & ( + LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME | + LWS_SERVER_OPTION_LIBUV | + LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT | + LWS_SERVER_OPTION_EXPLICIT_VHOSTS | + LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN | + LWS_SERVER_OPTION_LIBEVENT | + LWS_SERVER_OPTION_LIBEV + ); + ss = a->info->server_string; + i[2] = a->info->ws_ping_pong_interval; + i[3] = a->info->timeout_secs; + + memset(a->info, 0, sizeof(*a->info)); + + a->info->count_threads = i[0]; + a->info->options = i[1]; + a->info->server_string = ss; + a->info->ws_ping_pong_interval = i[2]; + a->info->timeout_secs = i[3]; + + a->info->protocols = a->protocols; + a->info->extensions = a->extensions; +#if defined(LWS_WITH_TLS) + a->info->client_ssl_cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:" + "ECDHE-RSA-AES256-GCM-SHA384:" + "DHE-RSA-AES256-GCM-SHA384:" + "ECDHE-RSA-AES256-SHA384:" + "HIGH:!aNULL:!eNULL:!EXPORT:" + "!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:" + "!SHA1:!DHE-RSA-AES128-GCM-SHA256:" + "!DHE-RSA-AES128-SHA256:" + "!AES128-GCM-SHA256:" + "!AES128-SHA256:" + "!DHE-RSA-AES256-SHA256:" + "!AES256-GCM-SHA384:" + "!AES256-SHA256"; +#endif + a->info->ssl_cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:" + "ECDHE-RSA-AES256-GCM-SHA384:" + "DHE-RSA-AES256-GCM-SHA384:" + "ECDHE-RSA-AES256-SHA384:" + "HIGH:!aNULL:!eNULL:!EXPORT:" + "!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:" + "!SHA1:!DHE-RSA-AES128-GCM-SHA256:" + "!DHE-RSA-AES128-SHA256:" + "!AES128-GCM-SHA256:" + "!AES128-SHA256:" + "!DHE-RSA-AES256-SHA256:" + "!AES256-GCM-SHA384:" + "!AES256-SHA256"; + a->info->keepalive_timeout = 5; + } + + if (reason == LEJPCB_OBJECT_START && + ctx->path_match == LEJPVP_MOUNTS + 1) { + a->fresh_mount = 1; + memset(&a->m, 0, sizeof(a->m)); + } + + /* this catches, eg, vhosts[].ws-protocols[].xxx-protocol */ + if (reason == LEJPCB_OBJECT_START && + ctx->path_match == LEJPVP_PROTOCOL_NAME + 1) { + a->pvo = lwsws_align(a); + a->p += sizeof(*a->pvo); + + n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + /* ie, enable this protocol, no options yet */ + a->pvo->next = a->info->pvo; + a->info->pvo = a->pvo; + a->pvo->name = a->p; + lwsl_info(" adding protocol %s\n", a->p); + a->p += n; + a->pvo->value = a->p; + a->pvo->options = NULL; + goto dostring; + } + + /* this catches, eg, vhosts[].headers[].xxx */ + if (reason == LEJPCB_VAL_STR_END && + ctx->path_match == LEJPVP_HEADERS_NAME + 1) { + headers = lwsws_align(a); + a->p += sizeof(*headers); + + n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + /* ie, enable this protocol, no options yet */ + headers->next = a->info->headers; + a->info->headers = headers; + headers->name = a->p; + // lwsl_notice(" adding header %s=%s\n", a->p, ctx->buf); + a->p += n - 1; + *(a->p++) = ':'; + if (a->p < a->end) + *(a->p++) = '\0'; + else + *(a->p - 1) = '\0'; + headers->value = a->p; + headers->options = NULL; + goto dostring; + } + + if (reason == LEJPCB_OBJECT_END && + (ctx->path_match == LEJPVP + 1 || !ctx->path[0]) && + a->valid) { + + struct lws_vhost *vhost; + + //lwsl_notice("%s\n", ctx->path); + if (!a->info->port) { + lwsl_err("Port required (eg, 443)"); + return 1; + } + a->valid = 0; + a->info->mounts = a->head; + + vhost = lws_create_vhost(a->context, a->info); + if (!vhost) { + lwsl_err("Failed to create vhost %s\n", + a->info->vhost_name); + return 1; + } + a->any_vhosts = 1; + +#if defined(LWS_WITH_TLS) + if (a->enable_client_ssl) { + const char *cert_filepath = a->info->client_ssl_cert_filepath; + const char *private_key_filepath = a->info->client_ssl_private_key_filepath; + const char *ca_filepath = a->info->client_ssl_ca_filepath; + const char *cipher_list = a->info->client_ssl_cipher_list; + memset(a->info, 0, sizeof(*a->info)); + a->info->client_ssl_cert_filepath = cert_filepath; + a->info->client_ssl_private_key_filepath = private_key_filepath; + a->info->client_ssl_ca_filepath = ca_filepath; + a->info->client_ssl_cipher_list = cipher_list; + a->info->options = LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT; + lws_init_vhost_client_ssl(a->info, vhost); + } +#endif + + return 0; + } + + if (reason == LEJPCB_OBJECT_END && + ctx->path_match == LEJPVP_MOUNTS + 1) { + static const char * const mount_protocols[] = { + "http://", + "https://", + "file://", + "cgi://", + ">http://", + ">https://", + "callback://", + "gzip://", + }; + + if (!a->fresh_mount) + return 0; + + if (!a->m.mountpoint || !a->m.origin) { + lwsl_err("mountpoint and origin required\n"); + return 1; + } + lwsl_debug("adding mount %s\n", a->m.mountpoint); + m = lwsws_align(a); + memcpy(m, &a->m, sizeof(*m)); + if (a->last) + a->last->mount_next = m; + + for (n = 0; n < (int)ARRAY_SIZE(mount_protocols); n++) + if (!strncmp(a->m.origin, mount_protocols[n], + strlen(mount_protocols[n]))) { + lwsl_info("----%s\n", a->m.origin); + m->origin_protocol = n; + m->origin = a->m.origin + + strlen(mount_protocols[n]); + break; + } + + if (n == (int)ARRAY_SIZE(mount_protocols)) { + lwsl_err("unsupported protocol:// %s\n", a->m.origin); + return 1; + } + + a->p += sizeof(*m); + if (!a->head) + a->head = m; + + a->last = m; + a->fresh_mount = 0; + } + + /* we only match on the prepared path strings */ + if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match) + return 0; + + switch (ctx->path_match - 1) { + case LEJPVP_NAME: + a->info->vhost_name = a->p; + break; + case LEJPVP_PORT: + a->info->port = atoi(ctx->buf); + return 0; + case LEJPVP_INTERFACE: + a->info->iface = a->p; + break; + case LEJPVP_UNIXSKT: + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_UNIX_SOCK; + else + a->info->options &= ~(LWS_SERVER_OPTION_UNIX_SOCK); + return 0; + case LEJPVP_STS: + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_STS; + else + a->info->options &= ~(LWS_SERVER_OPTION_STS); + return 0; + case LEJPVP_HOST_SSL_KEY: + a->info->ssl_private_key_filepath = a->p; + break; + case LEJPVP_HOST_SSL_CERT: + a->info->ssl_cert_filepath = a->p; + break; + case LEJPVP_HOST_SSL_CA: + a->info->ssl_ca_filepath = a->p; + break; + case LEJPVP_ACCESS_LOG: + a->info->log_filepath = a->p; + break; + case LEJPVP_MOUNTPOINT: + a->m.mountpoint = a->p; + a->m.mountpoint_len = (unsigned char)strlen(ctx->buf); + break; + case LEJPVP_ORIGIN: + if (!strncmp(ctx->buf, "callback://", 11)) + a->m.protocol = a->p + 11; + + if (!a->m.origin) + a->m.origin = a->p; + break; + case LEJPVP_DEFAULT: + a->m.def = a->p; + break; + case LEJPVP_DEFAULT_AUTH_MASK: + a->m.auth_mask = atoi(ctx->buf); + return 0; + case LEJPVP_MOUNT_CACHE_MAX_AGE: + a->m.cache_max_age = atoi(ctx->buf); + return 0; + case LEJPVP_MOUNT_CACHE_REUSE: + a->m.cache_reusable = arg_to_bool(ctx->buf); + return 0; + case LEJPVP_MOUNT_CACHE_REVALIDATE: + a->m.cache_revalidate = arg_to_bool(ctx->buf); + return 0; + case LEJPVP_MOUNT_CACHE_INTERMEDIARIES: + a->m.cache_intermediaries = arg_to_bool(ctx->buf);; + return 0; + case LEJPVP_MOUNT_BASIC_AUTH: + a->m.basic_auth_login_file = a->p; + break; + case LEJPVP_CGI_TIMEOUT: + a->m.cgi_timeout = atoi(ctx->buf); + return 0; + case LEJPVP_KEEPALIVE_TIMEOUT: + a->info->keepalive_timeout = atoi(ctx->buf); + return 0; +#if defined(LWS_WITH_TLS) + case LEJPVP_CLIENT_CIPHERS: + a->info->client_ssl_cipher_list = a->p; + break; +#endif + case LEJPVP_CIPHERS: + a->info->ssl_cipher_list = a->p; + break; + case LEJPVP_ECDH_CURVE: + a->info->ecdh_curve = a->p; + break; + case LEJPVP_PMO: + case LEJPVP_CGI_ENV: + mp_cgienv = lwsws_align(a); + a->p += sizeof(*a->m.cgienv); + + mp_cgienv->next = a->m.cgienv; + a->m.cgienv = mp_cgienv; + + n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + mp_cgienv->name = a->p; + a->p += n; + mp_cgienv->value = a->p; + mp_cgienv->options = NULL; + //lwsl_notice(" adding pmo / cgi-env '%s' = '%s'\n", mp_cgienv->name, + // mp_cgienv->value); + goto dostring; + + case LEJPVP_PROTOCOL_NAME_OPT: + /* this catches, eg, + * vhosts[].ws-protocols[].xxx-protocol.yyy-option + * ie, these are options attached to a protocol with { } + */ + pvo = lwsws_align(a); + a->p += sizeof(*a->pvo); + + n = lejp_get_wildcard(ctx, 1, a->p, a->end - a->p); + /* ie, enable this protocol, no options yet */ + pvo->next = a->pvo->options; + a->pvo->options = pvo; + pvo->name = a->p; + a->p += n; + pvo->value = a->p; + pvo->options = NULL; + break; + + case LEJPVP_MOUNT_EXTRA_MIMETYPES: + a->pvo_em = lwsws_align(a); + a->p += sizeof(*a->pvo_em); + + n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + /* ie, enable this protocol, no options yet */ + a->pvo_em->next = a->m.extra_mimetypes; + a->m.extra_mimetypes = a->pvo_em; + a->pvo_em->name = a->p; + lwsl_notice(" adding extra-mimetypes %s -> %s\n", a->p, ctx->buf); + a->p += n; + a->pvo_em->value = a->p; + a->pvo_em->options = NULL; + break; + + case LEJPVP_MOUNT_INTERPRET: + a->pvo_int = lwsws_align(a); + a->p += sizeof(*a->pvo_int); + + n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + /* ie, enable this protocol, no options yet */ + a->pvo_int->next = a->m.interpret; + a->m.interpret = a->pvo_int; + a->pvo_int->name = a->p; + lwsl_notice(" adding interpret %s -> %s\n", a->p, + ctx->buf); + a->p += n; + a->pvo_int->value = a->p; + a->pvo_int->options = NULL; + break; + + case LEJPVP_ENABLE_CLIENT_SSL: + a->enable_client_ssl = arg_to_bool(ctx->buf); + return 0; +#if defined(LWS_WITH_TLS) + case LEJPVP_CLIENT_SSL_KEY: + a->info->client_ssl_private_key_filepath = a->p; + break; + case LEJPVP_CLIENT_SSL_CERT: + a->info->client_ssl_cert_filepath = a->p; + break; + case LEJPVP_CLIENT_SSL_CA: + a->info->client_ssl_ca_filepath = a->p; + break; +#endif + + case LEJPVP_NOIPV6: + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_DISABLE_IPV6; + else + a->info->options &= ~(LWS_SERVER_OPTION_DISABLE_IPV6); + return 0; + + case LEJPVP_FLAG_ONLYRAW: + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_ONLY_RAW; + else + a->info->options &= ~(LWS_SERVER_OPTION_ONLY_RAW); + return 0; + + case LEJPVP_IPV6ONLY: + a->info->options |= LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY; + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE; + else + a->info->options &= ~(LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE); + return 0; + + case LEJPVP_FLAG_CLIENT_CERT_REQUIRED: + if (arg_to_bool(ctx->buf)) + a->info->options |= + LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT; + return 0; + + case LEJPVP_IGNORE_MISSING_CERT: + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_IGNORE_MISSING_CERT; + else + a->info->options &= ~(LWS_SERVER_OPTION_IGNORE_MISSING_CERT); + + return 0; + + case LEJPVP_ERROR_DOCUMENT_404: + a->info->error_document_404 = a->p; + break; + + case LEJPVP_SSL_OPTION_SET: + a->info->ssl_options_set |= atol(ctx->buf); + return 0; + case LEJPVP_SSL_OPTION_CLEAR: + a->info->ssl_options_clear |= atol(ctx->buf); + return 0; + + default: + return 0; + } + +dostring: + p = ctx->buf; + p1 = strstr(p, ESC_INSTALL_DATADIR); + if (p1) { + n = p1 - p; + if (n > a->end - a->p) + n = a->end - a->p; + lws_strncpy(a->p, p, n + 1); + a->p += n; + a->p += lws_snprintf(a->p, a->end - a->p, "%s", LWS_INSTALL_DATADIR); + p += n + strlen(ESC_INSTALL_DATADIR); + } + + a->p += lws_snprintf(a->p, a->end - a->p, "%s", p); + *(a->p)++ = '\0'; + + return 0; +} + +/* + * returns 0 = OK, 1 = can't open, 2 = parsing error + */ + +static int +lwsws_get_config(void *user, const char *f, const char * const *paths, + int count_paths, lejp_callback cb) +{ + unsigned char buf[128]; + struct lejp_ctx ctx; + int n, m, fd; + + fd = open(f, O_RDONLY); + if (fd < 0) { + lwsl_err("Cannot open %s\n", f); + return 2; + } + lwsl_info("%s: %s\n", __func__, f); + lejp_construct(&ctx, cb, user, paths, count_paths); + + do { + n = read(fd, buf, sizeof(buf)); + if (!n) + break; + + m = (int)(signed char)lejp_parse(&ctx, buf, n); + } while (m == LEJP_CONTINUE); + + close(fd); + n = ctx.line; + lejp_destruct(&ctx); + + if (m < 0) { + lwsl_err("%s(%u): parsing error %d: %s\n", f, n, m, + parser_errs[-m]); + return 2; + } + + return 0; +} + +#if defined(LWS_WITH_LIBUV) && UV_VERSION_MAJOR > 0 + +static int +lwsws_get_config_d(void *user, const char *d, const char * const *paths, + int count_paths, lejp_callback cb) +{ + uv_dirent_t dent; + uv_fs_t req; + char path[256]; + int ret = 0, ir; + uv_loop_t loop; + + ir = uv_loop_init(&loop); + if (ir) { + lwsl_err("%s: loop init failed %d\n", __func__, ir); + } + + if (!uv_fs_scandir(&loop, &req, d, 0, NULL)) { + lwsl_err("Scandir on %s failed\n", d); + return 2; + } + + while (uv_fs_scandir_next(&req, &dent) != UV_EOF) { + lws_snprintf(path, sizeof(path) - 1, "%s/%s", d, dent.name); + ret = lwsws_get_config(user, path, paths, count_paths, cb); + if (ret) + goto bail; + } + +bail: + uv_fs_req_cleanup(&req); + while (uv_loop_close(&loop)) + ; + + return ret; +} + +#else + +#ifndef _WIN32 +static int filter(const struct dirent *ent) +{ + if (!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, "..")) + return 0; + + return 1; +} +#endif + +static int +lwsws_get_config_d(void *user, const char *d, const char * const *paths, + int count_paths, lejp_callback cb) +{ +#ifndef _WIN32 + struct dirent **namelist; + char path[256]; + int n, i, ret = 0; + + n = scandir(d, &namelist, filter, alphasort); + if (n < 0) { + lwsl_err("Scandir on %s failed\n", d); + return 1; + } + + for (i = 0; i < n; i++) { + if (strchr(namelist[i]->d_name, '~')) + goto skip; + lws_snprintf(path, sizeof(path) - 1, "%s/%s", d, + namelist[i]->d_name); + ret = lwsws_get_config(user, path, paths, count_paths, cb); + if (ret) { + while (i++ < n) + free(namelist[i]); + goto bail; + } +skip: + free(namelist[i]); + } + +bail: + free(namelist); + + return ret; +#else + return 0; +#endif +} + +#endif + +int +lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d, + char **cs, int *len) +{ + struct jpargs a; + const char * const *old = info->plugin_dirs; + char dd[128]; + + memset(&a, 0, sizeof(a)); + + a.info = info; + a.p = *cs; + a.end = (a.p + *len) - 1; + a.valid = 0; + + lwsws_align(&a); + info->plugin_dirs = (void *)a.p; + a.plugin_dirs = (void *)a.p; /* writeable version */ + a.p += MAX_PLUGIN_DIRS * sizeof(void *); + + /* copy any default paths */ + + while (old && *old) { + a.plugin_dirs[a.count_plugin_dirs++] = *old; + old++; + } + + lws_snprintf(dd, sizeof(dd) - 1, "%s/conf", d); + if (lwsws_get_config(&a, dd, paths_global, + ARRAY_SIZE(paths_global), lejp_globals_cb) > 1) + return 1; + lws_snprintf(dd, sizeof(dd) - 1, "%s/conf.d", d); + if (lwsws_get_config_d(&a, dd, paths_global, + ARRAY_SIZE(paths_global), lejp_globals_cb) > 1) + return 1; + + a.plugin_dirs[a.count_plugin_dirs] = NULL; + + *cs = a.p; + *len = a.end - a.p; + + return 0; +} + +int +lwsws_get_config_vhosts(struct lws_context *context, + struct lws_context_creation_info *info, const char *d, + char **cs, int *len) +{ + struct jpargs a; + char dd[128]; + + memset(&a, 0, sizeof(a)); + + a.info = info; + a.p = *cs; + a.end = a.p + *len; + a.valid = 0; + a.context = context; + a.protocols = info->protocols; + a.extensions = info->extensions; + + lws_snprintf(dd, sizeof(dd) - 1, "%s/conf", d); + if (lwsws_get_config(&a, dd, paths_vhosts, + ARRAY_SIZE(paths_vhosts), lejp_vhosts_cb) > 1) + return 1; + lws_snprintf(dd, sizeof(dd) - 1, "%s/conf.d", d); + if (lwsws_get_config_d(&a, dd, paths_vhosts, + ARRAY_SIZE(paths_vhosts), lejp_vhosts_cb) > 1) + return 1; + + *cs = a.p; + *len = a.end - a.p; + + if (!a.any_vhosts) { + lwsl_err("Need at least one vhost\n"); + return 1; + } + +// lws_finalize_startup(context); + + return 0; +} diff --git a/lib/roles/http/server/lws-spa.c b/lib/roles/http/server/lws-spa.c new file mode 100644 index 0000000..bc5acff --- /dev/null +++ b/lib/roles/http/server/lws-spa.c @@ -0,0 +1,606 @@ +/* + * libwebsockets - Stateful urldecode for POST + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +#define LWS_MAX_ELEM_NAME 32 + +enum urldecode_stateful { + US_NAME, + US_IDLE, + US_PC1, + US_PC2, + + MT_LOOK_BOUND_IN, + MT_HNAME, + MT_DISP, + MT_TYPE, + MT_IGNORE1, + MT_IGNORE2, + MT_IGNORE3, + MT_COMPLETED, +}; + +static const char * const mp_hdr[] = { + "content-disposition: ", + "content-type: ", + "\x0d\x0a" +}; + +typedef int (*lws_urldecode_stateful_cb)(void *data, + const char *name, char **buf, int len, int final); + +struct lws_urldecode_stateful { + char *out; + void *data; + struct lws *wsi; + char name[LWS_MAX_ELEM_NAME]; + char temp[LWS_MAX_ELEM_NAME]; + char content_type[32]; + char content_disp[32]; + char content_disp_filename[256]; + char mime_boundary[128]; + int out_len; + int pos; + int hdr_idx; + int mp; + int sum; + + unsigned int multipart_form_data:1; + unsigned int inside_quote:1; + unsigned int subname:1; + unsigned int boundary_real_crlf:1; + + enum urldecode_stateful state; + + lws_urldecode_stateful_cb output; +}; + +static struct lws_urldecode_stateful * +lws_urldecode_s_create(struct lws *wsi, char *out, int out_len, void *data, + lws_urldecode_stateful_cb output) +{ + struct lws_urldecode_stateful *s = lws_zalloc(sizeof(*s), + "stateful urldecode"); + char buf[200], *p; + int m = 0; + + if (!s) + return NULL; + + s->out = out; + s->out_len = out_len; + s->output = output; + s->pos = 0; + s->sum = 0; + s->mp = 0; + s->state = US_NAME; + s->name[0] = '\0'; + s->data = data; + s->wsi = wsi; + + if (lws_hdr_copy(wsi, buf, sizeof(buf), + WSI_TOKEN_HTTP_CONTENT_TYPE) > 0) { + /* multipart/form-data; boundary=----WebKitFormBoundarycc7YgAPEIHvgE9Bf */ + + if (!strncmp(buf, "multipart/form-data", 19)) { + s->multipart_form_data = 1; + s->state = MT_LOOK_BOUND_IN; + s->mp = 2; + p = strstr(buf, "boundary="); + if (p) { + p += 9; + s->mime_boundary[m++] = '\x0d'; + s->mime_boundary[m++] = '\x0a'; + s->mime_boundary[m++] = '-'; + s->mime_boundary[m++] = '-'; + while (m < (int)sizeof(s->mime_boundary) - 1 && + *p && *p != ' ') + s->mime_boundary[m++] = *p++; + + s->mime_boundary[m] = '\0'; + + lwsl_info("boundary '%s'\n", s->mime_boundary); + } + } + } + + return s; +} + +static int +lws_urldecode_s_process(struct lws_urldecode_stateful *s, const char *in, + int len) +{ + int n, m, hit = 0; + char c, was_end = 0; + + while (len--) { + if (s->pos == s->out_len - s->mp - 1) { + if (s->output(s->data, s->name, &s->out, s->pos, 0)) + return -1; + + was_end = s->pos; + s->pos = 0; + } + switch (s->state) { + + /* states for url arg style */ + + case US_NAME: + s->inside_quote = 0; + if (*in == '=') { + s->name[s->pos] = '\0'; + s->pos = 0; + s->state = US_IDLE; + in++; + continue; + } + if (*in == '&') { + s->name[s->pos] = '\0'; + if (s->output(s->data, s->name, &s->out, + s->pos, 1)) + return -1; + s->pos = 0; + s->state = US_IDLE; + in++; + continue; + } + if (s->pos >= (int)sizeof(s->name) - 1) { + lwsl_notice("Name too long\n"); + return -1; + } + s->name[s->pos++] = *in++; + break; + case US_IDLE: + if (*in == '%') { + s->state++; + in++; + continue; + } + if (*in == '&') { + s->out[s->pos] = '\0'; + if (s->output(s->data, s->name, &s->out, + s->pos, 1)) + return -1; + s->pos = 0; + s->state = US_NAME; + in++; + continue; + } + if (*in == '+') { + in++; + s->out[s->pos++] = ' '; + continue; + } + s->out[s->pos++] = *in++; + break; + case US_PC1: + n = char_to_hex(*in); + if (n < 0) + return -1; + + in++; + s->sum = n << 4; + s->state++; + break; + + case US_PC2: + n = char_to_hex(*in); + if (n < 0) + return -1; + + in++; + s->out[s->pos++] = s->sum | n; + s->state = US_IDLE; + break; + + + /* states for multipart / mime style */ + + case MT_LOOK_BOUND_IN: +retry_as_first: + if (*in == s->mime_boundary[s->mp] && + s->mime_boundary[s->mp]) { + in++; + s->mp++; + if (!s->mime_boundary[s->mp]) { + s->mp = 0; + s->state = MT_IGNORE1; + + if (s->pos || was_end) + if (s->output(s->data, s->name, + &s->out, s->pos, 1)) + return -1; + + s->pos = 0; + + s->content_disp[0] = '\0'; + s->name[0] = '\0'; + s->content_disp_filename[0] = '\0'; + s->boundary_real_crlf = 1; + } + continue; + } + if (s->mp) { + n = 0; + if (!s->boundary_real_crlf) + n = 2; + + memcpy(s->out + s->pos, s->mime_boundary + n, + s->mp - n); + s->pos += s->mp; + s->mp = 0; + goto retry_as_first; + } + + s->out[s->pos++] = *in; + in++; + s->mp = 0; + break; + + case MT_HNAME: + m = 0; + c =*in; + if (c >= 'A' && c <= 'Z') + c += 'a' - 'A'; + for (n = 0; n < (int)ARRAY_SIZE(mp_hdr); n++) + if (c == mp_hdr[n][s->mp]) { + m++; + hit = n; + } + in++; + if (!m) { + s->mp = 0; + continue; + } + + s->mp++; + if (m != 1) + continue; + + if (mp_hdr[hit][s->mp]) + continue; + + s->mp = 0; + s->temp[0] = '\0'; + s->subname = 0; + + if (hit == 2) + s->state = MT_LOOK_BOUND_IN; + else + s->state += hit + 1; + break; + + case MT_DISP: + /* form-data; name="file"; filename="t.txt" */ + + if (*in == '\x0d') { + if (s->content_disp_filename[0]) + if (s->output(s->data, s->name, + &s->out, s->pos, + LWS_UFS_OPEN)) + return -1; + s->state = MT_IGNORE2; + goto done; + } + if (*in == ';') { + s->subname = 1; + s->temp[0] = '\0'; + s->mp = 0; + goto done; + } + + if (*in == '\"') { + s->inside_quote ^= 1; + goto done; + } + + if (s->subname) { + if (*in == '=') { + s->temp[s->mp] = '\0'; + s->subname = 0; + s->mp = 0; + goto done; + } + if (s->mp < (int)sizeof(s->temp) - 1 && + (*in != ' ' || s->inside_quote)) + s->temp[s->mp++] = *in; + goto done; + } + + if (!s->temp[0]) { + if (s->mp < (int)sizeof(s->content_disp) - 1) + s->content_disp[s->mp++] = *in; + s->content_disp[s->mp] = '\0'; + goto done; + } + + if (!strcmp(s->temp, "name")) { + if (s->mp < (int)sizeof(s->name) - 1) + s->name[s->mp++] = *in; + else + s->mp = (int)sizeof(s->name) - 1; + s->name[s->mp] = '\0'; + goto done; + } + + if (!strcmp(s->temp, "filename")) { + if (s->mp < (int)sizeof(s->content_disp_filename) - 1) + s->content_disp_filename[s->mp++] = *in; + s->content_disp_filename[s->mp] = '\0'; + goto done; + } +done: + in++; + break; + + case MT_TYPE: + if (*in == '\x0d') + s->state = MT_IGNORE2; + else { + if (s->mp < (int)sizeof(s->content_type) - 1) + s->content_type[s->mp++] = *in; + s->content_type[s->mp] = '\0'; + } + in++; + break; + + case MT_IGNORE1: + if (*in == '\x0d') + s->state = MT_IGNORE2; + if (*in == '-') + s->state = MT_IGNORE3; + in++; + break; + + case MT_IGNORE2: + s->mp = 0; + if (*in == '\x0a') + s->state = MT_HNAME; + in++; + break; + + case MT_IGNORE3: + if (*in == '\x0d') + s->state = MT_IGNORE1; + if (*in == '-') { + s->state = MT_COMPLETED; + s->wsi->http.rx_content_remain = 0; + } + in++; + break; + case MT_COMPLETED: + break; + } + } + + return 0; +} + +static int +lws_urldecode_s_destroy(struct lws_urldecode_stateful *s) +{ + int ret = 0; + + if (s->state != US_IDLE) + ret = -1; + + if (!ret) + if (s->output(s->data, s->name, &s->out, s->pos, 1)) + ret = -1; + + lws_free(s); + + return ret; +} + +struct lws_spa { + struct lws_urldecode_stateful *s; + lws_spa_fileupload_cb opt_cb; + const char * const *param_names; + int count_params; + char **params; + int *param_length; + void *opt_data; + + char *storage; + char *end; + int max_storage; + + char finalized; +}; + +static int +lws_urldecode_spa_lookup(struct lws_spa *spa, + const char *name) +{ + int n; + + for (n = 0; n < spa->count_params; n++) + if (!strcmp(spa->param_names[n], name)) + return n; + + return -1; +} + +static int +lws_urldecode_spa_cb(void *data, const char *name, char **buf, int len, + int final) +{ + struct lws_spa *spa = + (struct lws_spa *)data; + int n; + + if (spa->s->content_disp_filename[0]) { + if (spa->opt_cb) { + n = spa->opt_cb(spa->opt_data, name, + spa->s->content_disp_filename, + *buf, len, final); + + if (n < 0) + return -1; + } + return 0; + } + n = lws_urldecode_spa_lookup(spa, name); + + if (n == -1 || !len) /* unrecognized */ + return 0; + + if (!spa->params[n]) + spa->params[n] = *buf; + + if ((*buf) + len >= spa->end) { + lwsl_notice("%s: exceeded storage\n", __func__); + return -1; + } + + spa->param_length[n] += len; + + /* move it on inside storage */ + (*buf) += len; + *((*buf)++) = '\0'; + + spa->s->out_len -= len + 1; + + return 0; +} + +LWS_VISIBLE LWS_EXTERN struct lws_spa * +lws_spa_create(struct lws *wsi, const char * const *param_names, + int count_params, int max_storage, + lws_spa_fileupload_cb opt_cb, void *opt_data) +{ + struct lws_spa *spa = lws_zalloc(sizeof(*spa), "spa"); + + if (!spa) + return NULL; + + spa->param_names = param_names; + spa->count_params = count_params; + spa->max_storage = max_storage; + spa->opt_cb = opt_cb; + spa->opt_data = opt_data; + + spa->storage = lws_malloc(max_storage, "spa"); + if (!spa->storage) + goto bail2; + spa->end = spa->storage + max_storage - 1; + + spa->params = lws_zalloc(sizeof(char *) * count_params, "spa params"); + if (!spa->params) + goto bail3; + + spa->s = lws_urldecode_s_create(wsi, spa->storage, max_storage, spa, + lws_urldecode_spa_cb); + if (!spa->s) + goto bail4; + + spa->param_length = lws_zalloc(sizeof(int) * count_params, + "spa param len"); + if (!spa->param_length) + goto bail5; + + lwsl_info("%s: Created SPA %p\n", __func__, spa); + + return spa; + +bail5: + lws_urldecode_s_destroy(spa->s); +bail4: + lws_free(spa->params); +bail3: + lws_free(spa->storage); +bail2: + lws_free(spa); + + return NULL; +} + +LWS_VISIBLE LWS_EXTERN int +lws_spa_process(struct lws_spa *ludspa, const char *in, int len) +{ + if (!ludspa) { + lwsl_err("%s: NULL spa\n", __func__); + return -1; + } + /* we reject any junk after the last part arrived and we finalized */ + if (ludspa->finalized) + return 0; + + return lws_urldecode_s_process(ludspa->s, in, len); +} + +LWS_VISIBLE LWS_EXTERN int +lws_spa_get_length(struct lws_spa *ludspa, int n) +{ + if (n >= ludspa->count_params) + return 0; + + return ludspa->param_length[n]; +} + +LWS_VISIBLE LWS_EXTERN const char * +lws_spa_get_string(struct lws_spa *ludspa, int n) +{ + if (n >= ludspa->count_params) + return NULL; + + return ludspa->params[n]; +} + +LWS_VISIBLE LWS_EXTERN int +lws_spa_finalize(struct lws_spa *spa) +{ + if (spa->s) { + lws_urldecode_s_destroy(spa->s); + spa->s = NULL; + } + + spa->finalized = 1; + + return 0; +} + +LWS_VISIBLE LWS_EXTERN int +lws_spa_destroy(struct lws_spa *spa) +{ + int n = 0; + + lwsl_info("%s: destroy spa %p\n", __func__, spa); + + if (spa->s) + lws_urldecode_s_destroy(spa->s); + + lwsl_debug("%s %p %p %p %p\n", __func__, + spa->param_length, + spa->params, + spa->storage, + spa); + + lws_free(spa->param_length); + lws_free(spa->params); + lws_free(spa->storage); + lws_free(spa); + + return n; +} diff --git a/lib/roles/http/server/parsers.c b/lib/roles/http/server/parsers.c new file mode 100644 index 0000000..6adb522 --- /dev/null +++ b/lib/roles/http/server/parsers.c @@ -0,0 +1,1199 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +static const unsigned char lextable[] = { + #include "../lextable.h" +}; + +#define FAIL_CHAR 0x08 + +static struct allocated_headers * +_lws_create_ah(struct lws_context_per_thread *pt, ah_data_idx_t data_size) +{ + struct allocated_headers *ah = lws_zalloc(sizeof(*ah), "ah struct"); + + if (!ah) + return NULL; + + ah->data = lws_malloc(data_size, "ah data"); + if (!ah->data) { + lws_free(ah); + + return NULL; + } + ah->next = pt->ah_list; + pt->ah_list = ah; + ah->data_length = data_size; + pt->ah_pool_length++; + + lwsl_info("%s: created ah %p (size %d): pool length %d\n", __func__, + ah, (int)data_size, pt->ah_pool_length); + + return ah; +} + +int +_lws_destroy_ah(struct lws_context_per_thread *pt, struct allocated_headers *ah) +{ + lws_start_foreach_llp(struct allocated_headers **, a, pt->ah_list) { + if ((*a) == ah) { + *a = ah->next; + pt->ah_pool_length--; + lwsl_info("%s: freed ah %p : pool length %d\n", + __func__, ah, pt->ah_pool_length); + if (ah->data) + lws_free(ah->data); + lws_free(ah); + + return 0; + } + } lws_end_foreach_llp(a, next); + + return 1; +} + +void +_lws_header_table_reset(struct allocated_headers *ah) +{ + /* init the ah to reflect no headers or data have appeared yet */ + memset(ah->frag_index, 0, sizeof(ah->frag_index)); + memset(ah->frags, 0, sizeof(ah->frags)); + ah->nfrag = 0; + ah->pos = 0; + ah->http_response = 0; +} + +// doesn't scrub the ah rxbuffer by default, parent must do if needed + +void +__lws_header_table_reset(struct lws *wsi, int autoservice) +{ + struct allocated_headers *ah = wsi->ah; + struct lws_context_per_thread *pt; + struct lws_pollfd *pfd; + + /* if we have the idea we're resetting 'our' ah, must be bound to one */ + assert(ah); + /* ah also concurs with ownership */ + assert(ah->wsi == wsi); + + _lws_header_table_reset(ah); + + ah->parser_state = WSI_TOKEN_NAME_PART; + ah->lextable_pos = 0; + + /* since we will restart the ah, our new headers are not completed */ + wsi->hdr_parsing_completed = 0; + + /* while we hold the ah, keep a timeout on the wsi */ + __lws_set_timeout(wsi, PENDING_TIMEOUT_HOLDING_AH, + wsi->vhost->timeout_secs_ah_idle); + + time(&ah->assigned); + + /* + * if we inherited pending rx (from socket adoption deferred + * processing), apply and free it. + */ + if (wsi->preamble_rx) { + memcpy(ah->rx, wsi->preamble_rx, wsi->preamble_rx_len); + ah->rxlen = wsi->preamble_rx_len; + lws_free_set_NULL(wsi->preamble_rx); + wsi->preamble_rx_len = 0; + ah->rxpos = 0; + + if (autoservice) { + lwsl_debug("%s: service on readbuf ah\n", __func__); + + pt = &wsi->context->pt[(int)wsi->tsi]; + /* + * Unlike a normal connect, we have the headers already + * (or the first part of them anyway) + */ + pfd = &pt->fds[wsi->position_in_fds_table]; + pfd->revents |= LWS_POLLIN; + lwsl_err("%s: calling service\n", __func__); + lws_service_fd_tsi(wsi->context, pfd, wsi->tsi); + } + } +} + +void +lws_header_table_reset(struct lws *wsi, int autoservice) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + + lws_pt_lock(pt, __func__); + + __lws_header_table_reset(wsi, autoservice); + + lws_pt_unlock(pt); +} + +static void +_lws_header_ensure_we_are_on_waiting_list(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + struct lws_pollargs pa; + struct lws **pwsi = &pt->ah_wait_list; + + while (*pwsi) { + if (*pwsi == wsi) + return; + pwsi = &(*pwsi)->ah_wait_list; + } + + lwsl_info("%s: wsi: %p\n", __func__, wsi); + wsi->ah_wait_list = pt->ah_wait_list; + pt->ah_wait_list = wsi; + pt->ah_wait_list_length++; + + /* we cannot accept input then */ + + _lws_change_pollfd(wsi, LWS_POLLIN, 0, &pa); +} + +static int +__lws_remove_from_ah_waiting_list(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + struct lws **pwsi =&pt->ah_wait_list; + + while (*pwsi) { + if (*pwsi == wsi) { + lwsl_info("%s: wsi %p\n", __func__, wsi); + /* point prev guy to our next */ + *pwsi = wsi->ah_wait_list; + /* we shouldn't point anywhere now */ + wsi->ah_wait_list = NULL; + pt->ah_wait_list_length--; + + return 1; + } + pwsi = &(*pwsi)->ah_wait_list; + } + + return 0; +} + +int LWS_WARN_UNUSED_RESULT +lws_header_table_attach(struct lws *wsi, int autoservice) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + struct lws_pollargs pa; + int n; + + lwsl_info("%s: wsi %p: ah %p (tsi %d, count = %d) in\n", __func__, + (void *)wsi, (void *)wsi->ah, wsi->tsi, + pt->ah_count_in_use); + + lws_pt_lock(pt, __func__); + + /* if we are already bound to one, just clear it down */ + if (wsi->ah) { + lwsl_info("%s: cleardown\n", __func__); + goto reset; + } + + n = pt->ah_count_in_use == context->max_http_header_pool; +#if defined(LWS_WITH_PEER_LIMITS) + if (!n) { + n = lws_peer_confirm_ah_attach_ok(context, wsi->peer); + if (n) + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_PEER_LIMIT_AH_DENIED, 1); + } +#endif + if (n) { + /* + * Pool is either all busy, or we don't want to give this + * particular guy an ah right now... + * + * Make sure we are on the waiting list, and return that we + * weren't able to provide the ah + */ + _lws_header_ensure_we_are_on_waiting_list(wsi); + + goto bail; + } + + __lws_remove_from_ah_waiting_list(wsi); + + wsi->ah = _lws_create_ah(pt, context->max_http_header_data); + if (!wsi->ah) { /* we could not create an ah */ + _lws_header_ensure_we_are_on_waiting_list(wsi); + + goto bail; + } + + wsi->ah->in_use = 1; + wsi->ah->wsi = wsi; /* mark our owner */ + pt->ah_count_in_use++; + +#if defined(LWS_WITH_PEER_LIMITS) + if (wsi->peer) + wsi->peer->count_ah++; +#endif + + _lws_change_pollfd(wsi, 0, LWS_POLLIN, &pa); + + lwsl_info("%s: did attach wsi %p: ah %p: count %d (on exit)\n", __func__, + (void *)wsi, (void *)wsi->ah, pt->ah_count_in_use); + +reset: + + /* and reset the rx state */ + wsi->ah->rxpos = 0; + wsi->ah->rxlen = 0; + + __lws_header_table_reset(wsi, autoservice); + + lws_pt_unlock(pt); + +#ifndef LWS_NO_CLIENT + if (lwsi_role_client(wsi) && lwsi_state(wsi) == LRS_UNCONNECTED) + if (!lws_client_connect_via_info2(wsi)) + /* our client connect has failed, the wsi + * has been closed + */ + return -1; +#endif + + return 0; + +bail: + lws_pt_unlock(pt); + + return 1; +} + +void +lws_header_table_force_to_detachable_state(struct lws *wsi) +{ + if (wsi->ah) { + wsi->ah->rxpos = -1; + wsi->ah->rxlen = -1; + wsi->hdr_parsing_completed = 1; + } +} + +int +lws_header_table_is_in_detachable_state(struct lws *wsi) +{ + struct allocated_headers *ah = wsi->ah; + + return ah && ah->rxpos == ah->rxlen && wsi->hdr_parsing_completed; +} + +int __lws_header_table_detach(struct lws *wsi, int autoservice) +{ + struct lws_context *context = wsi->context; + struct allocated_headers *ah = wsi->ah; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + struct lws_pollargs pa; + struct lws **pwsi, **pwsi_eligible; + time_t now; + + __lws_remove_from_ah_waiting_list(wsi); + + if (!ah) + return 0; + + lwsl_info("%s: wsi %p: ah %p (tsi=%d, count = %d)\n", __func__, + (void *)wsi, (void *)ah, wsi->tsi, + pt->ah_count_in_use); + + if (wsi->preamble_rx) { + lws_free_set_NULL(wsi->preamble_rx); + wsi->preamble_rx_len = 0; + } + + /* may not be detached while he still has unprocessed rx */ + if (!lws_header_table_is_in_detachable_state(wsi)) { + lwsl_err("%s: %p: CANNOT DETACH rxpos:%d, rxlen:%d, " + "wsi->hdr_parsing_completed = %d\n", __func__, wsi, + ah->rxpos, ah->rxlen, wsi->hdr_parsing_completed); + return 0; + } + + /* we did have an ah attached */ + time(&now); + if (ah->assigned && now - ah->assigned > 3) { + /* + * we're detaching the ah, but it was held an + * unreasonably long time + */ + lwsl_debug("%s: wsi %p: ah held %ds, " + "ah.rxpos %d, ah.rxlen %d, role/state 0x%x 0x%x," + "\n", __func__, wsi, + (int)(now - ah->assigned), + ah->rxpos, ah->rxlen, lwsi_role(wsi), lwsi_state(wsi)); + } + + ah->assigned = 0; + + /* if we think we're detaching one, there should be one in use */ + assert(pt->ah_count_in_use > 0); + /* and this specific one should have been in use */ + assert(ah->in_use); + memset(&wsi->ah, 0, sizeof(wsi->ah)); + ah->wsi = NULL; /* no owner */ +#if defined(LWS_WITH_PEER_LIMITS) + lws_peer_track_ah_detach(context, wsi->peer); +#endif + + pwsi = &pt->ah_wait_list; + + /* oh there is nobody on the waiting list... leave the ah unattached */ + if (!*pwsi) + goto nobody_usable_waiting; + + /* + * at least one wsi on the same tsi is waiting, give it to oldest guy + * who is allowed to take it (if any) + */ + lwsl_info("pt wait list %p\n", *pwsi); + wsi = NULL; + pwsi_eligible = NULL; + + while (*pwsi) { +#if defined(LWS_WITH_PEER_LIMITS) + /* are we willing to give this guy an ah? */ + if (!lws_peer_confirm_ah_attach_ok(context, (*pwsi)->peer)) +#endif + { + wsi = *pwsi; + pwsi_eligible = pwsi; + } +#if defined(LWS_WITH_PEER_LIMITS) + else + if (!(*pwsi)->ah_wait_list) + lws_stats_atomic_bump(context, pt, + LWSSTATS_C_PEER_LIMIT_AH_DENIED, 1); +#endif + pwsi = &(*pwsi)->ah_wait_list; + } + + if (!wsi) /* everybody waiting already has too many ah... */ + goto nobody_usable_waiting; + + lwsl_info("%s: last eligible wsi in wait list %p\n", __func__, wsi); + + wsi->ah = ah; + ah->wsi = wsi; /* new owner */ + + /* and reset the rx state */ + ah->rxpos = 0; + ah->rxlen = 0; + __lws_header_table_reset(wsi, autoservice); +#if defined(LWS_WITH_PEER_LIMITS) + if (wsi->peer) + wsi->peer->count_ah++; +#endif + + /* clients acquire the ah and then insert themselves in fds table... */ + if (wsi->position_in_fds_table != -1) { + lwsl_info("%s: Enabling %p POLLIN\n", __func__, wsi); + + /* he has been stuck waiting for an ah, but now his wait is + * over, let him progress */ + + _lws_change_pollfd(wsi, 0, LWS_POLLIN, &pa); + } + + /* point prev guy to next guy in list instead */ + *pwsi_eligible = wsi->ah_wait_list; + /* the guy who got one is out of the list */ + wsi->ah_wait_list = NULL; + pt->ah_wait_list_length--; + +#ifndef LWS_NO_CLIENT + if (lwsi_role_client(wsi) && lwsi_state(wsi) == LRS_UNCONNECTED) { + lws_pt_unlock(pt); + + if (!lws_client_connect_via_info2(wsi)) { + /* our client connect has failed, the wsi + * has been closed + */ + + return -1; + } + return 0; + } +#endif + + assert(!!pt->ah_wait_list_length == !!(lws_intptr_t)pt->ah_wait_list); +bail: + lwsl_info("%s: wsi %p: ah %p (tsi=%d, count = %d)\n", __func__, + (void *)wsi, (void *)ah, pt->tid, pt->ah_count_in_use); + + return 0; + +nobody_usable_waiting: + lwsl_info("%s: nobody usable waiting\n", __func__); + _lws_destroy_ah(pt, ah); + pt->ah_count_in_use--; + + goto bail; +} + +int lws_header_table_detach(struct lws *wsi, int autoservice) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + int n; + + lws_pt_lock(pt, __func__); + n = __lws_header_table_detach(wsi, autoservice); + lws_pt_unlock(pt); + + return n; +} + +LWS_VISIBLE int +lws_hdr_fragment_length(struct lws *wsi, enum lws_token_indexes h, int frag_idx) +{ + int n; + + if (!wsi->ah) + return 0; + + n = wsi->ah->frag_index[h]; + if (!n) + return 0; + do { + if (!frag_idx) + return wsi->ah->frags[n].len; + n = wsi->ah->frags[n].nfrag; + } while (frag_idx-- && n); + + return 0; +} + +LWS_VISIBLE int lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h) +{ + int n; + int len = 0; + + if (!wsi->ah) + return 0; + + n = wsi->ah->frag_index[h]; + if (!n) + return 0; + do { + len += wsi->ah->frags[n].len; + n = wsi->ah->frags[n].nfrag; + } while (n); + + return len; +} + +LWS_VISIBLE int lws_hdr_copy_fragment(struct lws *wsi, char *dst, int len, + enum lws_token_indexes h, int frag_idx) +{ + int n = 0; + int f; + + if (!wsi->ah) + return -1; + + f = wsi->ah->frag_index[h]; + + if (!f) + return -1; + + while (n < frag_idx) { + f = wsi->ah->frags[f].nfrag; + if (!f) + return -1; + n++; + } + + if (wsi->ah->frags[f].len >= len) + return -1; + + memcpy(dst, wsi->ah->data + wsi->ah->frags[f].offset, + wsi->ah->frags[f].len); + dst[wsi->ah->frags[f].len] = '\0'; + + return wsi->ah->frags[f].len; +} + +LWS_VISIBLE int lws_hdr_copy(struct lws *wsi, char *dst, int len, + enum lws_token_indexes h) +{ + int toklen = lws_hdr_total_length(wsi, h); + int n; + + if (toklen >= len) + return -1; + + if (!wsi->ah) + return -1; + + n = wsi->ah->frag_index[h]; + if (!n) + return 0; + + do { + if (wsi->ah->frags[n].len >= len) + return -1; + strncpy(dst, &wsi->ah->data[wsi->ah->frags[n].offset], + wsi->ah->frags[n].len); + dst += wsi->ah->frags[n].len; + len -= wsi->ah->frags[n].len; + n = wsi->ah->frags[n].nfrag; + } while (n); + *dst = '\0'; + + return toklen; +} + +char *lws_hdr_simple_ptr(struct lws *wsi, enum lws_token_indexes h) +{ + int n; + + n = wsi->ah->frag_index[h]; + if (!n) + return NULL; + + return wsi->ah->data + wsi->ah->frags[n].offset; +} + +static int LWS_WARN_UNUSED_RESULT +lws_pos_in_bounds(struct lws *wsi) +{ + if (wsi->ah->pos < + (unsigned int)wsi->context->max_http_header_data) + return 0; + + if ((int)wsi->ah->pos == wsi->context->max_http_header_data) { + lwsl_err("Ran out of header data space\n"); + return 1; + } + + /* + * with these tests everywhere, it should never be able to exceed + * the limit, only meet it + */ + lwsl_err("%s: pos %d, limit %d\n", __func__, wsi->ah->pos, + wsi->context->max_http_header_data); + assert(0); + + return 1; +} + +int LWS_WARN_UNUSED_RESULT +lws_hdr_simple_create(struct lws *wsi, enum lws_token_indexes h, const char *s) +{ + wsi->ah->nfrag++; + if (wsi->ah->nfrag == ARRAY_SIZE(wsi->ah->frags)) { + lwsl_warn("More hdr frags than we can deal with, dropping\n"); + return -1; + } + + wsi->ah->frag_index[h] = wsi->ah->nfrag; + + wsi->ah->frags[wsi->ah->nfrag].offset = wsi->ah->pos; + wsi->ah->frags[wsi->ah->nfrag].len = 0; + wsi->ah->frags[wsi->ah->nfrag].nfrag = 0; + + do { + if (lws_pos_in_bounds(wsi)) + return -1; + + wsi->ah->data[wsi->ah->pos++] = *s; + if (*s) + wsi->ah->frags[wsi->ah->nfrag].len++; + } while (*s++); + + return 0; +} + +signed char char_to_hex(const char c) +{ + if (c >= '0' && c <= '9') + return c - '0'; + + if (c >= 'a' && c <= 'f') + return c - 'a' + 10; + + if (c >= 'A' && c <= 'F') + return c - 'A' + 10; + + return -1; +} + +static int LWS_WARN_UNUSED_RESULT +issue_char(struct lws *wsi, unsigned char c) +{ + unsigned short frag_len; + + if (lws_pos_in_bounds(wsi)) + return -1; + + frag_len = wsi->ah->frags[wsi->ah->nfrag].len; + /* + * If we haven't hit the token limit, just copy the character into + * the header + */ + if (frag_len < wsi->ah->current_token_limit) { + wsi->ah->data[wsi->ah->pos++] = c; + if (c) + wsi->ah->frags[wsi->ah->nfrag].len++; + return 0; + } + + /* Insert a null character when we *hit* the limit: */ + if (frag_len == wsi->ah->current_token_limit) { + if (lws_pos_in_bounds(wsi)) + return -1; + + wsi->ah->data[wsi->ah->pos++] = '\0'; + lwsl_warn("header %i exceeds limit %d\n", + wsi->ah->parser_state, + wsi->ah->current_token_limit); + } + + return 1; +} + +int +lws_parse_urldecode(struct lws *wsi, uint8_t *_c) +{ + struct allocated_headers *ah = wsi->ah; + unsigned int enc = 0; + uint8_t c = *_c; + + // lwsl_notice("ah->ups %d\n", ah->ups); + + /* + * PRIORITY 1 + * special URI processing... convert %xx + */ + switch (ah->ues) { + case URIES_IDLE: + if (c == '%') { + ah->ues = URIES_SEEN_PERCENT; + goto swallow; + } + break; + case URIES_SEEN_PERCENT: + if (char_to_hex(c) < 0) + /* illegal post-% char */ + goto forbid; + + ah->esc_stash = c; + ah->ues = URIES_SEEN_PERCENT_H1; + goto swallow; + + case URIES_SEEN_PERCENT_H1: + if (char_to_hex(c) < 0) + /* illegal post-% char */ + goto forbid; + + *_c = (char_to_hex(ah->esc_stash) << 4) | + char_to_hex(c); + c = *_c; + enc = 1; + ah->ues = URIES_IDLE; + break; + } + + /* + * PRIORITY 2 + * special URI processing... + * convert /.. or /... or /../ etc to / + * convert /./ to / + * convert // or /// etc to / + * leave /.dir or whatever alone + */ + + switch (ah->ups) { + case URIPS_IDLE: + if (!c) + return -1; + /* genuine delimiter */ + if ((c == '&' || c == ';') && !enc) { + if (issue_char(wsi, c) < 0) + return -1; + /* swallow the terminator */ + ah->frags[ah->nfrag].len--; + /* link to next fragment */ + ah->frags[ah->nfrag].nfrag = ah->nfrag + 1; + ah->nfrag++; + if (ah->nfrag >= ARRAY_SIZE(ah->frags)) + goto excessive; + /* start next fragment after the & */ + ah->post_literal_equal = 0; + ah->frags[ah->nfrag].offset = ah->pos; + ah->frags[ah->nfrag].len = 0; + ah->frags[ah->nfrag].nfrag = 0; + goto swallow; + } + /* uriencoded = in the name part, disallow */ + if (c == '=' && enc && + ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS] && + !ah->post_literal_equal) { + c = '_'; + *_c =c; + } + + /* after the real =, we don't care how many = */ + if (c == '=' && !enc) + ah->post_literal_equal = 1; + + /* + to space */ + if (c == '+' && !enc) { + c = ' '; + *_c = c; + } + /* issue the first / always */ + if (c == '/' && !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS]) + ah->ups = URIPS_SEEN_SLASH; + break; + case URIPS_SEEN_SLASH: + /* swallow subsequent slashes */ + if (c == '/') + goto swallow; + /* track and swallow the first . after / */ + if (c == '.') { + ah->ups = URIPS_SEEN_SLASH_DOT; + goto swallow; + } + ah->ups = URIPS_IDLE; + break; + case URIPS_SEEN_SLASH_DOT: + /* swallow second . */ + if (c == '.') { + ah->ups = URIPS_SEEN_SLASH_DOT_DOT; + goto swallow; + } + /* change /./ to / */ + if (c == '/') { + ah->ups = URIPS_SEEN_SLASH; + goto swallow; + } + /* it was like /.dir ... regurgitate the . */ + ah->ups = URIPS_IDLE; + if (issue_char(wsi, '.') < 0) + return -1; + break; + + case URIPS_SEEN_SLASH_DOT_DOT: + + /* /../ or /..[End of URI] --> backup to last / */ + if (c == '/' || c == '?') { + /* + * back up one dir level if possible + * safe against header fragmentation because + * the method URI can only be in 1 fragment + */ + if (ah->frags[ah->nfrag].len > 2) { + ah->pos--; + ah->frags[ah->nfrag].len--; + do { + ah->pos--; + ah->frags[ah->nfrag].len--; + } while (ah->frags[ah->nfrag].len > 1 && + ah->data[ah->pos] != '/'); + } + ah->ups = URIPS_SEEN_SLASH; + if (ah->frags[ah->nfrag].len > 1) + break; + goto swallow; + } + + /* /..[^/] ... regurgitate and allow */ + + if (issue_char(wsi, '.') < 0) + return -1; + if (issue_char(wsi, '.') < 0) + return -1; + ah->ups = URIPS_IDLE; + break; + } + + if (c == '?' && !enc && + !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS]) { /* start of URI args */ + if (ah->ues != URIES_IDLE) + goto forbid; + + /* seal off uri header */ + if (issue_char(wsi, '\0') < 0) + return -1; + + /* move to using WSI_TOKEN_HTTP_URI_ARGS */ + ah->nfrag++; + if (ah->nfrag >= ARRAY_SIZE(ah->frags)) + goto excessive; + ah->frags[ah->nfrag].offset = ah->pos; + ah->frags[ah->nfrag].len = 0; + ah->frags[ah->nfrag].nfrag = 0; + + ah->post_literal_equal = 0; + ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS] = ah->nfrag; + ah->ups = URIPS_IDLE; + goto swallow; + } + + return LPUR_CONTINUE; + +swallow: + return LPUR_SWALLOW; + +forbid: + return LPUR_FORBID; + +excessive: + return LPUR_EXCESSIVE; +} + +static const unsigned char methods[] = { + WSI_TOKEN_GET_URI, + WSI_TOKEN_POST_URI, + WSI_TOKEN_OPTIONS_URI, + WSI_TOKEN_PUT_URI, + WSI_TOKEN_PATCH_URI, + WSI_TOKEN_DELETE_URI, + WSI_TOKEN_CONNECT, + WSI_TOKEN_HEAD_URI, +}; + +/* + * possible returns:, -1 fail, 0 ok or 2, transition to raw + */ + +int LWS_WARN_UNUSED_RESULT +lws_parse(struct lws *wsi, unsigned char *buf, int *len) +{ + struct allocated_headers *ah = wsi->ah; + struct lws_context *context = wsi->context; + unsigned int n, m; + unsigned char c; + int r, pos; + + assert(wsi->ah); + + do { + (*len)--; + c = *buf++; + + switch (ah->parser_state) { + default: + + lwsl_parser("WSI_TOK_(%d) '%c'\n", ah->parser_state, c); + + /* collect into malloc'd buffers */ + /* optional initial space swallow */ + if (!ah->frags[ah->frag_index[ah->parser_state]].len && + c == ' ') + break; + + for (m = 0; m < ARRAY_SIZE(methods); m++) + if (ah->parser_state == methods[m]) + break; + if (m == ARRAY_SIZE(methods)) + /* it was not any of the methods */ + goto check_eol; + + /* special URI processing... end at space */ + + if (c == ' ') { + /* enforce starting with / */ + if (!ah->frags[ah->nfrag].len) + if (issue_char(wsi, '/') < 0) + return -1; + + if (ah->ups == URIPS_SEEN_SLASH_DOT_DOT) { + /* + * back up one dir level if possible + * safe against header fragmentation because + * the method URI can only be in 1 fragment + */ + if (ah->frags[ah->nfrag].len > 2) { + ah->pos--; + ah->frags[ah->nfrag].len--; + do { + ah->pos--; + ah->frags[ah->nfrag].len--; + } while (ah->frags[ah->nfrag].len > 1 && + ah->data[ah->pos] != '/'); + } + } + + /* begin parsing HTTP version: */ + if (issue_char(wsi, '\0') < 0) + return -1; + ah->parser_state = WSI_TOKEN_HTTP; + goto start_fragment; + } + + r = lws_parse_urldecode(wsi, &c); + switch (r) { + case LPUR_CONTINUE: + break; + case LPUR_SWALLOW: + goto swallow; + case LPUR_FORBID: + goto forbid; + case LPUR_EXCESSIVE: + goto excessive; + default: + return -1; + } +check_eol: + /* bail at EOL */ + if (ah->parser_state != WSI_TOKEN_CHALLENGE && + c == '\x0d') { + if (ah->ues != URIES_IDLE) + goto forbid; + + c = '\0'; + ah->parser_state = WSI_TOKEN_SKIPPING_SAW_CR; + lwsl_parser("*\n"); + } + + n = issue_char(wsi, c); + if ((int)n < 0) + return -1; + if (n > 0) + ah->parser_state = WSI_TOKEN_SKIPPING; + +swallow: + /* per-protocol end of headers management */ + + if (ah->parser_state == WSI_TOKEN_CHALLENGE) + goto set_parsing_complete; + break; + + /* collecting and checking a name part */ + case WSI_TOKEN_NAME_PART: + lwsl_parser("WSI_TOKEN_NAME_PART '%c' 0x%02X (role=0x%x) " + "wsi->lextable_pos=%d\n", c, c, lwsi_role(wsi), + ah->lextable_pos); + + if (c >= 'A' && c <= 'Z') + c += 'a' - 'A'; + + pos = ah->lextable_pos; + + while (1) { + if (lextable[pos] & (1 << 7)) { /* 1-byte, fail on mismatch */ + if ((lextable[pos] & 0x7f) != c) { +nope: + ah->lextable_pos = -1; + break; + } + /* fall thru */ + pos++; + if (lextable[pos] == FAIL_CHAR) + goto nope; + + ah->lextable_pos = pos; + break; + } + + if (lextable[pos] == FAIL_CHAR) + goto nope; + + /* b7 = 0, end or 3-byte */ + if (lextable[pos] < FAIL_CHAR) { /* terminal marker */ + ah->lextable_pos = pos; + break; + } + + if (lextable[pos] == c) { /* goto */ + ah->lextable_pos = pos + (lextable[pos + 1]) + + (lextable[pos + 2] << 8); + break; + } + + /* fall thru goto */ + pos += 3; + /* continue */ + } + + /* + * If it's h1, server needs to look out for unknown + * methods... + */ + if (ah->lextable_pos < 0 && lwsi_role_h1(wsi) && + lwsi_role_server(wsi)) { + /* this is not a header we know about */ + for (m = 0; m < ARRAY_SIZE(methods); m++) + if (ah->frag_index[methods[m]]) { + /* + * already had the method, no idea what + * this crap from the client is, ignore + */ + ah->parser_state = WSI_TOKEN_SKIPPING; + break; + } + /* + * hm it's an unknown http method from a client in fact, + * it cannot be valid http + */ + if (m == ARRAY_SIZE(methods)) { + /* + * are we set up to accept raw in these cases? + */ + if (lws_check_opt(wsi->vhost->options, + LWS_SERVER_OPTION_FALLBACK_TO_RAW)) + return 2; /* transition to raw */ + + lwsl_info("Unknown method - dropping\n"); + goto forbid; + } + break; + } + /* + * ...otherwise for a client, let him ignore unknown headers + * coming from the server + */ + if (ah->lextable_pos < 0) { + ah->parser_state = WSI_TOKEN_SKIPPING; + break; + } + + if (lextable[ah->lextable_pos] < FAIL_CHAR) { + /* terminal state */ + + n = ((unsigned int)lextable[ah->lextable_pos] << 8) | + lextable[ah->lextable_pos + 1]; + + lwsl_parser("known hdr %d\n", n); + for (m = 0; m < ARRAY_SIZE(methods); m++) + if (n == methods[m] && + ah->frag_index[methods[m]]) { + lwsl_warn("Duplicated method\n"); + return -1; + } + + /* + * WSORIGIN is protocol equiv to ORIGIN, + * JWebSocket likes to send it, map to ORIGIN + */ + if (n == WSI_TOKEN_SWORIGIN) + n = WSI_TOKEN_ORIGIN; + + ah->parser_state = (enum lws_token_indexes) + (WSI_TOKEN_GET_URI + n); + ah->ups = URIPS_IDLE; + + if (context->token_limits) + ah->current_token_limit = context-> + token_limits->token_limit[ + ah->parser_state]; + else + ah->current_token_limit = + wsi->context->max_http_header_data; + + if (ah->parser_state == WSI_TOKEN_CHALLENGE) + goto set_parsing_complete; + + goto start_fragment; + } + break; + +start_fragment: + ah->nfrag++; +excessive: + if (ah->nfrag == ARRAY_SIZE(ah->frags)) { + lwsl_warn("More hdr frags than we can deal with\n"); + return -1; + } + + ah->frags[ah->nfrag].offset = ah->pos; + ah->frags[ah->nfrag].len = 0; + ah->frags[ah->nfrag].nfrag = 0; + ah->frags[ah->nfrag].flags = 2; + + n = ah->frag_index[ah->parser_state]; + if (!n) { /* first fragment */ + ah->frag_index[ah->parser_state] = ah->nfrag; + ah->hdr_token_idx = ah->parser_state; + break; + } + /* continuation */ + while (ah->frags[n].nfrag) + n = ah->frags[n].nfrag; + ah->frags[n].nfrag = ah->nfrag; + + if (issue_char(wsi, ' ') < 0) + return -1; + break; + + /* skipping arg part of a name we didn't recognize */ + case WSI_TOKEN_SKIPPING: + lwsl_parser("WSI_TOKEN_SKIPPING '%c'\n", c); + + if (c == '\x0d') + ah->parser_state = WSI_TOKEN_SKIPPING_SAW_CR; + break; + + case WSI_TOKEN_SKIPPING_SAW_CR: + lwsl_parser("WSI_TOKEN_SKIPPING_SAW_CR '%c'\n", c); + if (ah->ues != URIES_IDLE) + goto forbid; + if (c == '\x0a') { + ah->parser_state = WSI_TOKEN_NAME_PART; + ah->lextable_pos = 0; + } else + ah->parser_state = WSI_TOKEN_SKIPPING; + break; + /* we're done, ignore anything else */ + + case WSI_PARSING_COMPLETE: + lwsl_parser("WSI_PARSING_COMPLETE '%c'\n", c); + break; + } + + } while (*len); + + return 0; + +set_parsing_complete: + if (ah->ues != URIES_IDLE) + goto forbid; + if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) { + if (lws_hdr_total_length(wsi, WSI_TOKEN_VERSION)) + wsi->rx_frame_type = /* temp for ws version index */ + atoi(lws_hdr_simple_ptr(wsi, WSI_TOKEN_VERSION)); + + lwsl_parser("v%02d hdrs done\n", wsi->rx_frame_type); + } + ah->parser_state = WSI_PARSING_COMPLETE; + wsi->hdr_parsing_completed = 1; + + return 0; + +forbid: + lwsl_notice(" forbidding on uri sanitation\n"); + lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL); + + return -1; +} + diff --git a/lib/roles/http/server/ranges.c b/lib/roles/http/server/ranges.c new file mode 100644 index 0000000..bc1578d --- /dev/null +++ b/lib/roles/http/server/ranges.c @@ -0,0 +1,214 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * RFC7233 ranges parser + * + * Copyright (C) 2016 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +/* + * RFC7233 examples + * + * o The first 500 bytes (byte offsets 0-499, inclusive): + * + * bytes=0-499 + * + * o The second 500 bytes (byte offsets 500-999, inclusive): + * + * bytes=500-999 + * + * o The final 500 bytes (byte offsets 9500-9999, inclusive): + * + * bytes=-500 + * + * Or: + * + * bytes=9500- + * + * o The first and last bytes only (bytes 0 and 9999): + * + * bytes=0-0,-1 + * + * o Other valid (but not canonical) specifications of the second 500 + * bytes (byte offsets 500-999, inclusive): + * + * bytes=500-600,601-999 + * bytes=500-700,601-999 + */ + +/* + * returns 1 if the range struct represents a usable range + * if no ranges header, you get one of these for the whole + * file. Otherwise you get one for each valid range in the + * header. + * + * returns 0 if no further valid range forthcoming; rp->state + * may be LWSRS_SYNTAX or LWSRS_COMPLETED + */ + +int +lws_ranges_next(struct lws_range_parsing *rp) +{ + static const char * const beq = "bytes="; + char c; + + while (1) { + + c = rp->buf[rp->pos]; + + switch (rp->state) { + case LWSRS_SYNTAX: + case LWSRS_COMPLETED: + return 0; + + case LWSRS_NO_ACTIVE_RANGE: + rp->state = LWSRS_COMPLETED; + return 0; + + case LWSRS_BYTES_EQ: // looking for "bytes=" + if (c != beq[rp->pos]) { + rp->state = LWSRS_SYNTAX; + return -1; + } + if (rp->pos == 5) + rp->state = LWSRS_FIRST; + break; + + case LWSRS_FIRST: + rp->start = 0; + rp->end = 0; + rp->start_valid = 0; + rp->end_valid = 0; + + rp->state = LWSRS_STARTING; + + // fallthru + + case LWSRS_STARTING: + if (c == '-') { + rp->state = LWSRS_ENDING; + break; + } + + if (!(c >= '0' && c <= '9')) { + rp->state = LWSRS_SYNTAX; + return 0; + } + rp->start = (rp->start * 10) + (c - '0'); + rp->start_valid = 1; + break; + + case LWSRS_ENDING: + if (c == ',' || c == '\0') { + rp->state = LWSRS_FIRST; + if (c == ',') + rp->pos++; + + /* + * By the end of this, start and end are + * always valid if the range still is + */ + + if (!rp->start_valid) { /* eg, -500 */ + if (rp->end > rp->extent) + rp->end = rp->extent; + + rp->start = rp->extent - rp->end; + rp->end = rp->extent - 1; + } else + if (!rp->end_valid) + rp->end = rp->extent - 1; + + rp->did_try = 1; + + /* end must be >= start or ignore it */ + if (rp->end < rp->start) { + if (c == ',') + break; + rp->state = LWSRS_COMPLETED; + return 0; + } + + return 1; /* issue range */ + } + + if (!(c >= '0' && c <= '9')) { + rp->state = LWSRS_SYNTAX; + return 0; + } + rp->end = (rp->end * 10) + (c - '0'); + rp->end_valid = 1; + break; + } + + rp->pos++; + } +} + +void +lws_ranges_reset(struct lws_range_parsing *rp) +{ + rp->pos = 0; + rp->ctr = 0; + rp->start = 0; + rp->end = 0; + rp->start_valid = 0; + rp->end_valid = 0; + rp->state = LWSRS_BYTES_EQ; +} + +/* + * returns count of valid ranges + */ +int +lws_ranges_init(struct lws *wsi, struct lws_range_parsing *rp, + unsigned long long extent) +{ + rp->agg = 0; + rp->send_ctr = 0; + rp->inside = 0; + rp->count_ranges = 0; + rp->did_try = 0; + lws_ranges_reset(rp); + rp->state = LWSRS_COMPLETED; + + rp->extent = extent; + + if (lws_hdr_copy(wsi, (char *)rp->buf, sizeof(rp->buf), + WSI_TOKEN_HTTP_RANGE) <= 0) + return 0; + + rp->state = LWSRS_BYTES_EQ; + + while (lws_ranges_next(rp)) { + rp->count_ranges++; + rp->agg += rp->end - rp->start + 1; + } + + lwsl_debug("%s: count %d\n", __func__, rp->count_ranges); + lws_ranges_reset(rp); + + if (rp->did_try && !rp->count_ranges) + return -1; /* "not satisfiable */ + + lws_ranges_next(rp); + + return rp->count_ranges; +} diff --git a/lib/roles/http/server/rewrite.c b/lib/roles/http/server/rewrite.c new file mode 100644 index 0000000..2f9b0c4 --- /dev/null +++ b/lib/roles/http/server/rewrite.c @@ -0,0 +1,52 @@ +#include "private-libwebsockets.h" + + +LWS_EXTERN struct lws_rewrite * +lws_rewrite_create(struct lws *wsi, hubbub_callback_t cb, const char *from, const char *to) +{ + struct lws_rewrite *r = lws_malloc(sizeof(*r), "rewrite"); + + if (!r) { + lwsl_err("OOM\n"); + return NULL; + } + + if (hubbub_parser_create("UTF-8", false, &r->parser) != HUBBUB_OK) { + lws_free(r); + + return NULL; + } + r->from = from; + r->from_len = strlen(from); + r->to = to; + r->to_len = strlen(to); + r->params.token_handler.handler = cb; + r->wsi = wsi; + r->params.token_handler.pw = (void *)r; + if (hubbub_parser_setopt(r->parser, HUBBUB_PARSER_TOKEN_HANDLER, + &r->params) != HUBBUB_OK) { + lws_free(r); + + return NULL; + } + + return r; +} + +LWS_EXTERN int +lws_rewrite_parse(struct lws_rewrite *r, + const unsigned char *in, int in_len) +{ + if (hubbub_parser_parse_chunk(r->parser, in, in_len) != HUBBUB_OK) + return -1; + + return 0; +} + +LWS_EXTERN void +lws_rewrite_destroy(struct lws_rewrite *r) +{ + hubbub_parser_destroy(r->parser); + lws_free(r); +} + diff --git a/lib/roles/http/server/server.c b/lib/roles/http/server/server.c new file mode 100644 index 0000000..4239822 --- /dev/null +++ b/lib/roles/http/server/server.c @@ -0,0 +1,2457 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +const char * const method_names[] = { + "GET", "POST", "OPTIONS", "PUT", "PATCH", "DELETE", "CONNECT", "HEAD", +#ifdef LWS_WITH_HTTP2 + ":path", +#endif + }; + +/* + * return 0: all done + * 1: nonfatal error + * <0: fatal error + */ + +int +lws_context_init_server(struct lws_context_creation_info *info, + struct lws_vhost *vhost) +{ + int n, opt = 1, limit = 1; +#if defined(__linux__) && defined(SO_REUSEPORT) + int n1; +#endif + lws_sockfd_type sockfd; + struct lws_vhost *vh; + struct lws *wsi; + int m = 0, is; + + (void)method_names; + (void)opt; + + if (info) { + vhost->iface = info->iface; + vhost->listen_port = info->port; + } + + /* set up our external listening socket we serve on */ + + if (vhost->listen_port == CONTEXT_PORT_NO_LISTEN || + vhost->listen_port == CONTEXT_PORT_NO_LISTEN_SERVER) + return 0; + + vh = vhost->context->vhost_list; + while (vh) { + if (vh->listen_port == vhost->listen_port) { + if (((!vhost->iface && !vh->iface) || + (vhost->iface && vh->iface && + !strcmp(vhost->iface, vh->iface))) && + vh->lserv_wsi + ) { + lwsl_notice(" using listen skt from vhost %s\n", + vh->name); + return 0; + } + } + vh = vh->vhost_next; + } + + if (vhost->iface) { + /* + * let's check before we do anything else about the disposition + * of the interface he wants to bind to... + */ + is = lws_socket_bind(vhost, LWS_SOCK_INVALID, vhost->listen_port, vhost->iface); + lwsl_debug("initial if check says %d\n", is); +deal: + lws_context_lock(vhost->context); + lws_start_foreach_llp(struct lws_vhost **, pv, + vhost->context->no_listener_vhost_list) { + if (is >= LWS_ITOSA_USABLE && *pv == vhost) { + /* on the list and shouldn't be: remove it */ + lwsl_debug("deferred iface: removing vh %s\n", (*pv)->name); + *pv = vhost->no_listener_vhost_list; + vhost->no_listener_vhost_list = NULL; + goto done_list; + } + if (is < LWS_ITOSA_USABLE && *pv == vhost) + goto done_list; + } lws_end_foreach_llp(pv, no_listener_vhost_list); + + /* not on the list... */ + + if (is < LWS_ITOSA_USABLE) { + + /* ... but needs to be: so add it */ + + lwsl_debug("deferred iface: adding vh %s\n", vhost->name); + vhost->no_listener_vhost_list = vhost->context->no_listener_vhost_list; + vhost->context->no_listener_vhost_list = vhost; + } + +done_list: + lws_context_unlock(vhost->context); + + switch (is) { + default: + break; + case LWS_ITOSA_NOT_EXIST: + /* can't add it */ + if (info) /* first time */ + lwsl_err("VH %s: iface %s port %d DOESN'T EXIST\n", + vhost->name, vhost->iface, vhost->listen_port); + return 1; + case LWS_ITOSA_NOT_USABLE: + /* can't add it */ + if (info) /* first time */ + lwsl_err("VH %s: iface %s port %d NOT USABLE\n", + vhost->name, vhost->iface, vhost->listen_port); + return 1; + } + } + + (void)n; +#if defined(__linux__) + limit = vhost->context->count_threads; +#endif + + for (m = 0; m < limit; m++) { +#ifdef LWS_WITH_UNIX_SOCK + if (LWS_UNIX_SOCK_ENABLED(vhost)) + sockfd = socket(AF_UNIX, SOCK_STREAM, 0); + else +#endif +#ifdef LWS_WITH_IPV6 + if (LWS_IPV6_ENABLED(vhost)) + sockfd = socket(AF_INET6, SOCK_STREAM, 0); + else +#endif + sockfd = socket(AF_INET, SOCK_STREAM, 0); + + if (sockfd == LWS_SOCK_INVALID) { + lwsl_err("ERROR opening socket\n"); + return 1; + } +#if !defined(LWS_WITH_ESP32) +#if (defined(WIN32) || defined(_WIN32)) && defined(SO_EXCLUSIVEADDRUSE) + /* + * only accept that we are the only listener on the port + * https://msdn.microsoft.com/zh-tw/library/ + * windows/desktop/ms740621(v=vs.85).aspx + * + * for lws, to match Linux, we default to exclusive listen + */ + if (!lws_check_opt(vhost->options, + LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE)) { + if (setsockopt(sockfd, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, + (const void *)&opt, sizeof(opt)) < 0) { + lwsl_err("reuseaddr failed\n"); + compatible_close(sockfd); + return -1; + } + } else +#endif + + /* + * allow us to restart even if old sockets in TIME_WAIT + */ + if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, + (const void *)&opt, sizeof(opt)) < 0) { + lwsl_err("reuseaddr failed\n"); + compatible_close(sockfd); + return -1; + } + +#if defined(LWS_WITH_IPV6) && defined(IPV6_V6ONLY) + if (LWS_IPV6_ENABLED(vhost) && + vhost->options & LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY) { + int value = (vhost->options & + LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE) ? 1 : 0; + if (setsockopt(sockfd, IPPROTO_IPV6, IPV6_V6ONLY, + (const void*)&value, sizeof(value)) < 0) { + compatible_close(sockfd); + return -1; + } + } +#endif + +#if defined(__linux__) && defined(SO_REUSEPORT) + n1 = lws_check_opt(vhost->options, + LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE); + /* keep coverity happy */ +#if LWS_MAX_SMP > 1 + n = 1; +#else + n = n1; +#endif + if (n && vhost->context->count_threads > 1) + if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEPORT, + (const void *)&opt, sizeof(opt)) < 0) { + compatible_close(sockfd); + return -1; + } +#endif +#endif + lws_plat_set_socket_options(vhost, sockfd); + + is = lws_socket_bind(vhost, sockfd, vhost->listen_port, vhost->iface); + /* + * There is a race where the network device may come up and then + * go away and fail here. So correctly handle unexpected failure + * here despite we earlier confirmed it. + */ + if (is < 0) { + lwsl_info("%s: lws_socket_bind says %d\n", __func__, is); + compatible_close(sockfd); + goto deal; + } + vhost->listen_port = is; + + lwsl_debug("%s: lws_socket_bind says %d\n", __func__, is); + + wsi = lws_zalloc(sizeof(struct lws), "listen wsi"); + if (wsi == NULL) { + lwsl_err("Out of mem\n"); + goto bail; + } + wsi->context = vhost->context; + wsi->desc.sockfd = sockfd; + lws_role_transition(wsi, 0, LRS_UNCONNECTED, &role_ops_listen); + wsi->protocol = vhost->protocols; + wsi->tsi = m; + wsi->vhost = vhost; + wsi->listener = 1; + +#ifdef LWS_WITH_LIBUV + if (LWS_LIBUV_ENABLED(vhost->context)) + lws_uv_initvhost(vhost, wsi); +#endif + + if (__insert_wsi_socket_into_fds(vhost->context, wsi)) { + lwsl_notice("inserting wsi socket into fds failed\n"); + goto bail; + } + + vhost->context->count_wsi_allocated++; + vhost->lserv_wsi = wsi; + + n = listen(wsi->desc.sockfd, LWS_SOMAXCONN); + if (n < 0) { + lwsl_err("listen failed with error %d\n", LWS_ERRNO); + vhost->lserv_wsi = NULL; + vhost->context->count_wsi_allocated--; + __remove_wsi_socket_from_fds(wsi); + goto bail; + } + } /* for each thread able to independently listen */ + + if (!lws_check_opt(vhost->context->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) { +#ifdef LWS_WITH_UNIX_SOCK + if (LWS_UNIX_SOCK_ENABLED(vhost)) + lwsl_info(" Listening on \"%s\"\n", vhost->iface); + else +#endif + lwsl_info(" Listening on port %d\n", vhost->listen_port); + } + + return 0; + +bail: + compatible_close(sockfd); + + return -1; +} + +struct lws_vhost * +lws_select_vhost(struct lws_context *context, int port, const char *servername) +{ + struct lws_vhost *vhost = context->vhost_list; + const char *p; + int n, m, colon; + + n = (int)strlen(servername); + colon = n; + p = strchr(servername, ':'); + if (p) + colon = lws_ptr_diff(p, servername); + + /* Priotity 1: first try exact matches */ + + while (vhost) { + if (port == vhost->listen_port && + !strncmp(vhost->name, servername, colon)) { + lwsl_info("SNI: Found: %s\n", servername); + return vhost; + } + vhost = vhost->vhost_next; + } + + /* + * Priority 2: if no exact matches, try matching *.vhost-name + * unintentional matches are possible but resolve to x.com for *.x.com + * which is reasonable. If exact match exists we already chose it and + * never reach here. SSL will still fail it if the cert doesn't allow + * *.x.com. + */ + vhost = context->vhost_list; + while (vhost) { + m = (int)strlen(vhost->name); + if (port == vhost->listen_port && + m <= (colon - 2) && + servername[colon - m - 1] == '.' && + !strncmp(vhost->name, servername + colon - m, m)) { + lwsl_info("SNI: Found %s on wildcard: %s\n", + servername, vhost->name); + return vhost; + } + vhost = vhost->vhost_next; + } + + /* Priority 3: match the first vhost on our port */ + + vhost = context->vhost_list; + while (vhost) { + if (port == vhost->listen_port) { + lwsl_info("vhost match to %s based on port %d\n", + vhost->name, port); + return vhost; + } + vhost = vhost->vhost_next; + } + + /* no match */ + + return NULL; +} + +LWS_VISIBLE LWS_EXTERN const char * +lws_get_mimetype(const char *file, const struct lws_http_mount *m) +{ + int n = (int)strlen(file); + const struct lws_protocol_vhost_options *pvo = NULL; + + if (m) + pvo = m->extra_mimetypes; + + if (n < 5) + return NULL; + + if (!strcmp(&file[n - 4], ".ico")) + return "image/x-icon"; + + if (!strcmp(&file[n - 4], ".gif")) + return "image/gif"; + + if (!strcmp(&file[n - 3], ".js")) + return "text/javascript"; + + if (!strcmp(&file[n - 4], ".png")) + return "image/png"; + + if (!strcmp(&file[n - 4], ".jpg")) + return "image/jpeg"; + + if (!strcmp(&file[n - 3], ".gz")) + return "application/gzip"; + + if (!strcmp(&file[n - 4], ".JPG")) + return "image/jpeg"; + + if (!strcmp(&file[n - 5], ".html")) + return "text/html"; + + if (!strcmp(&file[n - 4], ".css")) + return "text/css"; + + if (!strcmp(&file[n - 4], ".txt")) + return "text/plain"; + + if (!strcmp(&file[n - 4], ".svg")) + return "image/svg+xml"; + + if (!strcmp(&file[n - 4], ".ttf")) + return "application/x-font-ttf"; + + if (!strcmp(&file[n - 4], ".otf")) + return "application/font-woff"; + + if (!strcmp(&file[n - 5], ".woff")) + return "application/font-woff"; + + if (!strcmp(&file[n - 4], ".xml")) + return "application/xml"; + + while (pvo) { + if (pvo->name[0] == '*') /* ie, match anything */ + return pvo->value; + + if (!strcmp(&file[n - strlen(pvo->name)], pvo->name)) + return pvo->value; + + pvo = pvo->next; + } + + return NULL; +} +static lws_fop_flags_t +lws_vfs_prepare_flags(struct lws *wsi) +{ + lws_fop_flags_t f = 0; + + if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_ACCEPT_ENCODING)) + return f; + + if (strstr(lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_ACCEPT_ENCODING), + "gzip")) { + lwsl_info("client indicates GZIP is acceptable\n"); + f |= LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP; + } + + return f; +} + +static int +lws_http_serve(struct lws *wsi, char *uri, const char *origin, + const struct lws_http_mount *m) +{ + const struct lws_protocol_vhost_options *pvo = m->interpret; + struct lws_process_html_args args; + const char *mimetype; +#if !defined(_WIN32_WCE) + const struct lws_plat_file_ops *fops; + const char *vpath; + lws_fop_flags_t fflags = LWS_O_RDONLY; +#if defined(WIN32) && defined(LWS_HAVE__STAT32I64) + struct _stat32i64 st; +#else + struct stat st; +#endif + int spin = 0; +#endif + char path[256], sym[512]; + unsigned char *p = (unsigned char *)sym + 32 + LWS_PRE, *start = p; + unsigned char *end = p + sizeof(sym) - 32 - LWS_PRE; +#if !defined(WIN32) && !defined(LWS_WITH_ESP32) + size_t len; +#endif + int n; + + wsi->handling_404 = 0; + if (!wsi->vhost) + return -1; + + if (wsi->vhost->error_document_404 && + !strcmp(uri, wsi->vhost->error_document_404)) + wsi->handling_404 = 1; + + lws_snprintf(path, sizeof(path) - 1, "%s/%s", origin, uri); + +#if !defined(_WIN32_WCE) + + fflags |= lws_vfs_prepare_flags(wsi); + + do { + spin++; + fops = lws_vfs_select_fops(wsi->context->fops, path, &vpath); + + if (wsi->http.fop_fd) + lws_vfs_file_close(&wsi->http.fop_fd); + + wsi->http.fop_fd = fops->LWS_FOP_OPEN(wsi->context->fops, + path, vpath, &fflags); + if (!wsi->http.fop_fd) { + lwsl_info("Unable to open '%s': errno %d\n", path, errno); + + return -1; + } + + /* if it can't be statted, don't try */ + if (fflags & LWS_FOP_FLAG_VIRTUAL) + break; +#if defined(LWS_WITH_ESP32) + break; +#endif +#if !defined(WIN32) + if (fstat(wsi->http.fop_fd->fd, &st)) { + lwsl_info("unable to stat %s\n", path); + goto bail; + } +#else +#if defined(LWS_HAVE__STAT32I64) + if (_stat32i64(path, &st)) { + lwsl_info("unable to stat %s\n", path); + goto bail; + } +#else + if (stat(path, &st)) { + lwsl_info("unable to stat %s\n", path); + goto bail; + } +#endif +#endif + + wsi->http.fop_fd->mod_time = (uint32_t)st.st_mtime; + fflags |= LWS_FOP_FLAG_MOD_TIME_VALID; + +#if !defined(WIN32) && !defined(LWS_WITH_ESP32) + if ((S_IFMT & st.st_mode) == S_IFLNK) { + len = readlink(path, sym, sizeof(sym) - 1); + if (len) { + lwsl_err("Failed to read link %s\n", path); + goto bail; + } + sym[len] = '\0'; + lwsl_debug("symlink %s -> %s\n", path, sym); + lws_snprintf(path, sizeof(path) - 1, "%s", sym); + } +#endif + if ((S_IFMT & st.st_mode) == S_IFDIR) { + lwsl_debug("default filename append to dir\n"); + lws_snprintf(path, sizeof(path) - 1, "%s/%s/index.html", + origin, uri); + } + + } while ((S_IFMT & st.st_mode) != S_IFREG && spin < 5); + + if (spin == 5) + lwsl_err("symlink loop %s \n", path); + + n = sprintf(sym, "%08llX%08lX", + (unsigned long long)lws_vfs_get_length(wsi->http.fop_fd), + (unsigned long)lws_vfs_get_mod_time(wsi->http.fop_fd)); + + /* disable ranges if IF_RANGE token invalid */ + + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_IF_RANGE)) + if (strcmp(sym, lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_IF_RANGE))) + /* differs - defeat Range: */ + wsi->ah->frag_index[WSI_TOKEN_HTTP_RANGE] = 0; + + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_IF_NONE_MATCH)) { + /* + * he thinks he has some version of it already, + * check if the tag matches + */ + if (!strcmp(sym, lws_hdr_simple_ptr(wsi, + WSI_TOKEN_HTTP_IF_NONE_MATCH))) { + + lwsl_debug("%s: ETAG match %s %s\n", __func__, + uri, origin); + + /* we don't need to send the payload */ + if (lws_add_http_header_status(wsi, + HTTP_STATUS_NOT_MODIFIED, &p, end)) + return -1; + + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_ETAG, + (unsigned char *)sym, n, &p, end)) + return -1; + + if (lws_finalize_http_header(wsi, &p, end)) + return -1; + + n = lws_write(wsi, start, p - start, + LWS_WRITE_HTTP_HEADERS | + LWS_WRITE_H2_STREAM_END); + if (n != (p - start)) { + lwsl_err("_write returned %d from %ld\n", n, + (long)(p - start)); + return -1; + } + + lws_vfs_file_close(&wsi->http.fop_fd); + + return lws_http_transaction_completed(wsi); + } + } + + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_ETAG, + (unsigned char *)sym, n, &p, end)) + return -1; +#endif + + mimetype = lws_get_mimetype(path, m); + if (!mimetype) { + lwsl_err("unknown mimetype for %s\n", path); + goto bail; + } + if (!mimetype[0]) + lwsl_debug("sending no mimetype for %s\n", path); + + wsi->sending_chunked = 0; + + /* + * check if this is in the list of file suffixes to be interpreted by + * a protocol + */ + while (pvo) { + n = (int)strlen(path); + if (n > (int)strlen(pvo->name) && + !strcmp(&path[n - strlen(pvo->name)], pvo->name)) { + wsi->interpreting = 1; + if (!wsi->http2_substream) + wsi->sending_chunked = 1; + wsi->protocol_interpret_idx = + (char)(lws_intptr_t)pvo->value; + lwsl_info("want %s interpreted by %s\n", path, + wsi->vhost->protocols[ + (int)(lws_intptr_t)(pvo->value)].name); + wsi->protocol = &wsi->vhost->protocols[ + (int)(lws_intptr_t)(pvo->value)]; + if (lws_ensure_user_space(wsi)) + return -1; + break; + } + pvo = pvo->next; + } + + if (m->protocol) { + const struct lws_protocols *pp = lws_vhost_name_to_protocol( + wsi->vhost, m->protocol); + + if (lws_bind_protocol(wsi, pp)) + return 1; + args.p = (char *)p; + args.max_len = lws_ptr_diff(end, p); + if (pp->callback(wsi, LWS_CALLBACK_ADD_HEADERS, + wsi->user_space, &args, 0)) + return -1; + p = (unsigned char *)args.p; + } + + n = lws_serve_http_file(wsi, path, mimetype, (char *)start, + lws_ptr_diff(p, start)); + + if (n < 0 || ((n > 0) && lws_http_transaction_completed(wsi))) + return -1; /* error or can't reuse connection: close the socket */ + + return 0; +bail: + + return -1; +} + +const struct lws_http_mount * +lws_find_mount(struct lws *wsi, const char *uri_ptr, int uri_len) +{ + const struct lws_http_mount *hm, *hit = NULL; + int best = 0; + + hm = wsi->vhost->mount_list; + while (hm) { + if (uri_len >= hm->mountpoint_len && + !strncmp(uri_ptr, hm->mountpoint, hm->mountpoint_len) && + (uri_ptr[hm->mountpoint_len] == '\0' || + uri_ptr[hm->mountpoint_len] == '/' || + hm->mountpoint_len == 1) + ) { + if (hm->origin_protocol == LWSMPRO_CALLBACK || + ((hm->origin_protocol == LWSMPRO_CGI || + lws_hdr_total_length(wsi, WSI_TOKEN_GET_URI) || + (wsi->http2_substream && + lws_hdr_total_length(wsi, + WSI_TOKEN_HTTP_COLON_PATH)) || + hm->protocol) && + hm->mountpoint_len > best)) { + best = hm->mountpoint_len; + hit = hm; + } + } + hm = hm->mount_next; + } + + return hit; +} + +#if !defined(LWS_WITH_ESP32) +static int +lws_find_string_in_file(const char *filename, const char *string, int stringlen) +{ + char buf[128]; + int fd, match = 0, pos = 0, n = 0, hit = 0; + + fd = open(filename, O_RDONLY); + if (fd < 0) { + lwsl_err("can't open auth file: %s\n", filename); + return 1; + } + + while (1) { + if (pos == n) { + n = read(fd, buf, sizeof(buf)); + if (n <= 0) { + if (match == stringlen) + hit = 1; + break; + } + pos = 0; + } + + if (match == stringlen) { + if (buf[pos] == '\r' || buf[pos] == '\n') { + hit = 1; + break; + } + match = 0; + } + + if (buf[pos] == string[match]) + match++; + else + match = 0; + + pos++; + } + + close(fd); + + return hit; +} + +static int +lws_unauthorised_basic_auth(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + unsigned char *start = pt->serv_buf + LWS_PRE, + *p = start, *end = p + 512; + char buf[64]; + int n; + + /* no auth... tell him it is required */ + + if (lws_add_http_header_status(wsi, HTTP_STATUS_UNAUTHORIZED, &p, end)) + return -1; + + n = lws_snprintf(buf, sizeof(buf), "Basic realm=\"lwsws\""); + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_WWW_AUTHENTICATE, + (unsigned char *)buf, n, &p, end)) + return -1; + + if (lws_finalize_http_header(wsi, &p, end)) + return -1; + + n = lws_write(wsi, start, p - start, LWS_WRITE_HTTP_HEADERS | + LWS_WRITE_H2_STREAM_END); + if (n < 0) + return -1; + + return lws_http_transaction_completed(wsi); + +} + +#endif + +int lws_clean_url(char *p) +{ + if (p[0] == 'h' && p[1] == 't' && p[2] == 't' && p[3] == 'p') { + p += 4; + if (*p == 's') + p++; + if (*p == ':') { + p++; + if (*p == '/') + p++; + } + } + + while (*p) { + if (p[0] == '/' && p[1] == '/') { + char *p1 = p; + while (*p1) { + *p1 = p1[1]; + p1++; + } + continue; + } + p++; + } + + return 0; +} + +static const unsigned char methods[] = { + WSI_TOKEN_GET_URI, + WSI_TOKEN_POST_URI, + WSI_TOKEN_OPTIONS_URI, + WSI_TOKEN_PUT_URI, + WSI_TOKEN_PATCH_URI, + WSI_TOKEN_DELETE_URI, + WSI_TOKEN_CONNECT, + WSI_TOKEN_HEAD_URI, +#ifdef LWS_WITH_HTTP2 + WSI_TOKEN_HTTP_COLON_PATH, +#endif +}; + +static int +lws_http_get_uri_and_method(struct lws *wsi, char **puri_ptr, int *puri_len) +{ + int n, count = 0; + + for (n = 0; n < (int)ARRAY_SIZE(methods); n++) + if (lws_hdr_total_length(wsi, methods[n])) + count++; + if (!count) { + lwsl_warn("Missing URI in HTTP request\n"); + return -1; + } + + if (count != 1 && + !(wsi->http2_substream && + lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_COLON_PATH))) { + lwsl_warn("multiple methods?\n"); + return -1; + } + + for (n = 0; n < (int)ARRAY_SIZE(methods); n++) + if (lws_hdr_total_length(wsi, methods[n])) { + *puri_ptr = lws_hdr_simple_ptr(wsi, methods[n]); + *puri_len = lws_hdr_total_length(wsi, methods[n]); + return n; + } + + return -1; +} + +int +lws_http_action(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + enum http_connection_type connection_type; + enum http_version request_version; + char content_length_str[32]; + struct lws_process_html_args args; + const struct lws_http_mount *hit = NULL; + unsigned int n; + char http_version_str[10]; + char http_conn_str[20]; + int http_version_len; + char *uri_ptr = NULL, *s; + int uri_len = 0, meth; + static const char * const oprot[] = { + "http://", "https://" + }; + + meth = lws_http_get_uri_and_method(wsi, &uri_ptr, &uri_len); + if (meth < 0 || meth >= (int)ARRAY_SIZE(method_names)) + goto bail_nuke_ah; + + /* we insist on absolute paths */ + + if (!uri_ptr || uri_ptr[0] != '/') { + lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL); + + goto bail_nuke_ah; + } + + lwsl_info("Method: '%s' (%d), request for '%s'\n", method_names[meth], + meth, uri_ptr); + + if (wsi->role_ops && wsi->role_ops->check_upgrades) + switch (wsi->role_ops->check_upgrades(wsi)) { + case LWS_UPG_RET_DONE: + return 0; + case LWS_UPG_RET_CONTINUE: + break; + case LWS_UPG_RET_BAIL: + goto bail_nuke_ah; + } + + if (lws_ensure_user_space(wsi)) + goto bail_nuke_ah; + + /* HTTP header had a content length? */ + + wsi->http.rx_content_length = 0; + if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI) || + lws_hdr_total_length(wsi, WSI_TOKEN_PATCH_URI) || + lws_hdr_total_length(wsi, WSI_TOKEN_PUT_URI)) + wsi->http.rx_content_length = 100 * 1024 * 1024; + + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { + lws_hdr_copy(wsi, content_length_str, + sizeof(content_length_str) - 1, + WSI_TOKEN_HTTP_CONTENT_LENGTH); + wsi->http.rx_content_length = atoll(content_length_str); + } + + if (wsi->http2_substream) { + wsi->http.request_version = HTTP_VERSION_2; + } else { + /* http_version? Default to 1.0, override with token: */ + request_version = HTTP_VERSION_1_0; + + /* Works for single digit HTTP versions. : */ + http_version_len = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP); + if (http_version_len > 7) { + lws_hdr_copy(wsi, http_version_str, + sizeof(http_version_str) - 1, + WSI_TOKEN_HTTP); + if (http_version_str[5] == '1' && + http_version_str[7] == '1') + request_version = HTTP_VERSION_1_1; + } + wsi->http.request_version = request_version; + + /* HTTP/1.1 defaults to "keep-alive", 1.0 to "close" */ + if (request_version == HTTP_VERSION_1_1) + connection_type = HTTP_CONNECTION_KEEP_ALIVE; + else + connection_type = HTTP_CONNECTION_CLOSE; + + /* Override default if http "Connection:" header: */ + if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECTION)) { + lws_hdr_copy(wsi, http_conn_str, + sizeof(http_conn_str) - 1, + WSI_TOKEN_CONNECTION); + http_conn_str[sizeof(http_conn_str) - 1] = '\0'; + if (!strcasecmp(http_conn_str, "keep-alive")) + connection_type = HTTP_CONNECTION_KEEP_ALIVE; + else + if (!strcasecmp(http_conn_str, "close")) + connection_type = HTTP_CONNECTION_CLOSE; + } + wsi->http.connection_type = connection_type; + } + + n = wsi->protocol->callback(wsi, LWS_CALLBACK_FILTER_HTTP_CONNECTION, + wsi->user_space, uri_ptr, uri_len); + if (n) { + lwsl_info("LWS_CALLBACK_HTTP closing\n"); + + return 1; + } + /* + * if there is content supposed to be coming, + * put a timeout on it having arrived + */ + lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT, + wsi->context->timeout_secs); +#ifdef LWS_WITH_TLS + if (wsi->redirect_to_https) { + /* + * we accepted http:// only so we could redirect to + * https://, so issue the redirect. Create the redirection + * URI from the host: header and ignore the path part + */ + unsigned char *start = pt->serv_buf + LWS_PRE, *p = start, + *end = p + 512; + + if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) + goto bail_nuke_ah; + + n = sprintf((char *)end, "https://%s/", + lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST)); + + n = lws_http_redirect(wsi, HTTP_STATUS_MOVED_PERMANENTLY, + end, n, &p, end); + if ((int)n < 0) + goto bail_nuke_ah; + + return lws_http_transaction_completed(wsi); + } +#endif + +#ifdef LWS_WITH_ACCESS_LOG + lws_prepare_access_log_info(wsi, uri_ptr, meth); +#endif + + /* can we serve it from the mount list? */ + + hit = lws_find_mount(wsi, uri_ptr, uri_len); + if (!hit) { + /* deferred cleanup and reset to protocols[0] */ + + lwsl_info("no hit\n"); + + if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0])) + return 1; + + n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, + wsi->user_space, uri_ptr, uri_len); + + goto after; + } + + s = uri_ptr + hit->mountpoint_len; + + /* + * if we have a mountpoint like https://xxx.com/yyy + * there is an implied / at the end for our purposes since + * we can only mount on a "directory". + * + * But if we just go with that, the browser cannot understand + * that he is actually looking down one "directory level", so + * even though we give him /yyy/abc.html he acts like the + * current directory level is /. So relative urls like "x.png" + * wrongly look outside the mountpoint. + * + * Therefore if we didn't come in on a url with an explicit + * / at the end, we must redirect to add it so the browser + * understands he is one "directory level" down. + */ + if ((hit->mountpoint_len > 1 || + (hit->origin_protocol == LWSMPRO_REDIR_HTTP || + hit->origin_protocol == LWSMPRO_REDIR_HTTPS)) && + (*s != '/' || + (hit->origin_protocol == LWSMPRO_REDIR_HTTP || + hit->origin_protocol == LWSMPRO_REDIR_HTTPS)) && + (hit->origin_protocol != LWSMPRO_CGI && + hit->origin_protocol != LWSMPRO_CALLBACK)) { + unsigned char *start = pt->serv_buf + LWS_PRE, + *p = start, *end = p + 512; + + lwsl_debug("Doing 301 '%s' org %s\n", s, hit->origin); + + /* > at start indicates deal with by redirect */ + if (hit->origin_protocol == LWSMPRO_REDIR_HTTP || + hit->origin_protocol == LWSMPRO_REDIR_HTTPS) + n = lws_snprintf((char *)end, 256, "%s%s", + oprot[hit->origin_protocol & 1], + hit->origin); + else { + if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { + if (!lws_hdr_total_length(wsi, + WSI_TOKEN_HTTP_COLON_AUTHORITY)) + goto bail_nuke_ah; + n = lws_snprintf((char *)end, 256, + "%s%s%s/", oprot[!!lws_is_ssl(wsi)], + lws_hdr_simple_ptr(wsi, + WSI_TOKEN_HTTP_COLON_AUTHORITY), + uri_ptr); + } else + n = lws_snprintf((char *)end, 256, + "%s%s%s/", oprot[!!lws_is_ssl(wsi)], + lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST), + uri_ptr); + } + + lws_clean_url((char *)end); + n = lws_http_redirect(wsi, HTTP_STATUS_MOVED_PERMANENTLY, + end, n, &p, end); + if ((int)n < 0) + goto bail_nuke_ah; + + return lws_http_transaction_completed(wsi); + } + + /* basic auth? */ + + if (hit->basic_auth_login_file) { + char b64[160], plain[(sizeof(b64) * 3) / 4]; + int m; + + /* Did he send auth? */ + if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_AUTHORIZATION)) + return lws_unauthorised_basic_auth(wsi); + + n = HTTP_STATUS_FORBIDDEN; + + m = lws_hdr_copy(wsi, b64, sizeof(b64), + WSI_TOKEN_HTTP_AUTHORIZATION); + if (m < 7) { + lwsl_err("b64 auth too long\n"); + goto transaction_result_n; + } + + b64[5] = '\0'; + if (strcasecmp(b64, "Basic")) { + lwsl_err("auth missing basic: %s\n", b64); + goto transaction_result_n; + } + + /* It'll be like Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l */ + + m = lws_b64_decode_string(b64 + 6, plain, sizeof(plain)); + if (m < 0) { + lwsl_err("plain auth too long\n"); + goto transaction_result_n; + } + + if (!lws_find_string_in_file(hit->basic_auth_login_file, + plain, m)) { + lwsl_err("basic auth lookup failed\n"); + return lws_unauthorised_basic_auth(wsi); + } + + lwsl_notice("basic auth accepted\n"); + + /* accept the auth */ + } + +#if defined(LWS_WITH_HTTP_PROXY) + /* + * The mount is a reverse proxy? + */ + + if (hit->origin_protocol == LWSMPRO_HTTPS || + hit->origin_protocol == LWSMPRO_HTTP) { + struct lws_client_connect_info i; + char ads[96], rpath[256], *pcolon, *pslash, *p; + int n, na; + + memset(&i, 0, sizeof(i)); + i.context = lws_get_context(wsi); + + pcolon = strchr(hit->origin, ':'); + pslash = strchr(hit->origin, '/'); + if (!pslash) { + lwsl_err("Proxy mount origin '%s' must have /\n", + hit->origin); + return -1; + } + if (pcolon > pslash) + pcolon = NULL; + + if (pcolon) + n = pcolon - hit->origin; + else + n = pslash - hit->origin; + + if (n >= (int)sizeof(ads) - 2) + n = sizeof(ads) - 2; + + memcpy(ads, hit->origin, n); + ads[n] = '\0'; + + i.address = ads; + i.port = 80; + if (hit->origin_protocol == LWSMPRO_HTTPS) { + i.port = 443; + i.ssl_connection = 1; + } + if (pcolon) + i.port = atoi(pcolon + 1); + + lws_snprintf(rpath, sizeof(rpath) - 1, "/%s/%s", pslash + 1, + uri_ptr + hit->mountpoint_len); + lws_clean_url(rpath); + na = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_URI_ARGS); + if (na) { + p = rpath + strlen(rpath); + *p++ = '?'; + lws_hdr_copy(wsi, p, &rpath[sizeof(rpath) - 1] - p, + WSI_TOKEN_HTTP_URI_ARGS); + while (--na) { + if (*p == '\0') + *p = '&'; + p++; + } + } + + + i.path = rpath; + i.host = i.address; + i.origin = NULL; + i.method = "GET"; + i.parent_wsi = wsi; + i.uri_replace_from = hit->origin; + i.uri_replace_to = hit->mountpoint; + + lwsl_notice("proxying to %s port %d url %s, ssl %d, " + "from %s, to %s\n", + i.address, i.port, i.path, i.ssl_connection, + i.uri_replace_from, i.uri_replace_to); + + if (!lws_client_connect_via_info(&i)) { + lwsl_err("proxy connect fail\n"); + return 1; + } + + return 0; + } +#endif + + /* + * A particular protocol callback is mounted here? + * + * For the duration of this http transaction, bind us to the + * associated protocol + */ + if (hit->origin_protocol == LWSMPRO_CALLBACK || hit->protocol) { + const struct lws_protocols *pp; + const char *name = hit->origin; + if (hit->protocol) + name = hit->protocol; + + pp = lws_vhost_name_to_protocol(wsi->vhost, name); + if (!pp) { + n = -1; + lwsl_err("Unable to find plugin '%s'\n", + hit->origin); + return 1; + } + + if (lws_bind_protocol(wsi, pp)) + return 1; + + args.p = uri_ptr; + args.len = uri_len; + args.max_len = hit->auth_mask; + args.final = 0; /* used to signal callback dealt with it */ + args.chunked = 0; + + n = wsi->protocol->callback(wsi, + LWS_CALLBACK_CHECK_ACCESS_RIGHTS, + wsi->user_space, &args, 0); + if (n) { + lws_return_http_status(wsi, HTTP_STATUS_UNAUTHORIZED, + NULL); + goto bail_nuke_ah; + } + if (args.final) /* callback completely handled it well */ + return 0; + + if (hit->cgienv && wsi->protocol->callback(wsi, + LWS_CALLBACK_HTTP_PMO, + wsi->user_space, (void *)hit->cgienv, 0)) + return 1; + + if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI)) { + n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, + wsi->user_space, + uri_ptr + hit->mountpoint_len, + uri_len - hit->mountpoint_len); + goto after; + } + } + +#ifdef LWS_WITH_CGI + /* did we hit something with a cgi:// origin? */ + if (hit->origin_protocol == LWSMPRO_CGI) { + const char *cmd[] = { + NULL, /* replace with cgi path */ + NULL + }; + + lwsl_debug("%s: cgi\n", __func__); + cmd[0] = hit->origin; + + n = 5; + if (hit->cgi_timeout) + n = hit->cgi_timeout; + + n = lws_cgi(wsi, cmd, hit->mountpoint_len, n, + hit->cgienv); + if (n) { + lwsl_err("%s: cgi failed\n", __func__); + return -1; + } + + goto deal_body; + } +#endif + + n = (int)strlen(s); + if (s[0] == '\0' || (n == 1 && s[n - 1] == '/')) + s = (char *)hit->def; + if (!s) + s = "index.html"; + + wsi->cache_secs = hit->cache_max_age; + wsi->cache_reuse = hit->cache_reusable; + wsi->cache_revalidate = hit->cache_revalidate; + wsi->cache_intermediaries = hit->cache_intermediaries; + + n = 1; + if (hit->origin_protocol == LWSMPRO_FILE) + n = lws_http_serve(wsi, s, hit->origin, hit); + if (n) { + /* + * lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL); + */ + if (hit->protocol) { + const struct lws_protocols *pp = + lws_vhost_name_to_protocol( + wsi->vhost, hit->protocol); + + if (lws_bind_protocol(wsi, pp)) + return 1; + + n = pp->callback(wsi, LWS_CALLBACK_HTTP, + wsi->user_space, + uri_ptr + hit->mountpoint_len, + uri_len - hit->mountpoint_len); + } else + n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, + wsi->user_space, uri_ptr, uri_len); + } + +after: + if (n) { + lwsl_info("LWS_CALLBACK_HTTP closing\n"); + + return 1; + } + +#ifdef LWS_WITH_CGI +deal_body: +#endif + /* + * If we're not issuing a file, check for content_length or + * HTTP keep-alive. No keep-alive header allocation for + * ISSUING_FILE, as this uses HTTP/1.0. + * + * In any case, return 0 and let lws_read decide how to + * proceed based on state + */ + if (lwsi_state(wsi) != LRS_ISSUING_FILE) { + /* Prepare to read body if we have a content length: */ + lwsl_debug("wsi->http.rx_content_length %lld %d %d\n", + (long long)wsi->http.rx_content_length, + wsi->upgraded_to_http2, wsi->http2_substream); + if (wsi->http.rx_content_length > 0) { + lwsi_set_state(wsi, LRS_BODY); + lwsl_info("%s: %p: LRS_BODY state set (0x%x)\n", + __func__, wsi, wsi->wsistate); + wsi->http.rx_content_remain = + wsi->http.rx_content_length; + } + } + + return 0; + +bail_nuke_ah: + /* we're closing, losing some rx is OK */ + lws_header_table_force_to_detachable_state(wsi); + lws_header_table_detach(wsi, 1); + + return 1; + +transaction_result_n: + lws_return_http_status(wsi, n, NULL); + + return lws_http_transaction_completed(wsi); +} + +int +lws_handshake_server(struct lws *wsi, unsigned char **buf, size_t len) +{ + struct lws_context *context = lws_get_context(wsi); + unsigned char *obuf = *buf; +#if defined(LWS_WITH_HTTP2) + char tbuf[128], *p; +#endif + size_t olen = len; + int n = 0, m, i; + + if (len >= 10000000) { + lwsl_err("%s: assert: len %ld\n", __func__, (long)len); + assert(0); + } + + if (!wsi->ah) { + lwsl_err("%s: assert: NULL ah\n", __func__); + assert(0); + } + + while (len) { + if (!lwsi_role_server(wsi) || !lwsi_role_http(wsi)) { + lwsl_err("%s: bad wsi role 0x%x\n", __func__, + lwsi_role(wsi)); + goto bail_nuke_ah; + } + + i = (int)len; + m = lws_parse(wsi, *buf, &i); + lwsl_info("%s: parsed count %d\n", __func__, (int)len - i); + (*buf) += (int)len - i; + len = i; + if (m) { + if (m == 2) { + /* + * we are transitioning from http with + * an AH, to raw. Drop the ah and set + * the mode. + */ +raw_transition: + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + lws_bind_protocol(wsi, &wsi->vhost->protocols[ + wsi->vhost-> + raw_protocol_index]); + lwsl_info("transition to raw vh %s prot %d\n", + wsi->vhost->name, + wsi->vhost->raw_protocol_index); + if ((wsi->protocol->callback)(wsi, + LWS_CALLBACK_RAW_ADOPT, + wsi->user_space, NULL, 0)) + goto bail_nuke_ah; + + lws_header_table_force_to_detachable_state(wsi); + lws_role_transition(wsi, 0, LRS_ESTABLISHED, + &role_ops_raw_skt); + lws_header_table_detach(wsi, 1); + + if (m == 2 && (wsi->protocol->callback)(wsi, + LWS_CALLBACK_RAW_RX, + wsi->user_space, obuf, olen)) + return 1; + + return 0; + } + lwsl_info("lws_parse failed\n"); + goto bail_nuke_ah; + } + + if (wsi->ah->parser_state != WSI_PARSING_COMPLETE) + continue; + + lwsl_parser("%s: lws_parse sees parsing complete\n", __func__); + + /* select vhost */ + + if (lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { + struct lws_vhost *vhost = lws_select_vhost( + context, wsi->vhost->listen_port, + lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST)); + + if (vhost) + wsi->vhost = vhost; + } else + lwsl_info("no host\n"); + + if (!lwsi_role_h2(wsi) || !lwsi_role_server(wsi)) { + wsi->vhost->conn_stats.h1_trans++; + if (!wsi->conn_stat_done) { + wsi->vhost->conn_stats.h1_conn++; + wsi->conn_stat_done = 1; + } + } + + /* check for unwelcome guests */ + + if (wsi->context->reject_service_keywords) { + const struct lws_protocol_vhost_options *rej = + wsi->context->reject_service_keywords; + char ua[384], *msg = NULL; + + if (lws_hdr_copy(wsi, ua, sizeof(ua) - 1, + WSI_TOKEN_HTTP_USER_AGENT) > 0) { +#ifdef LWS_WITH_ACCESS_LOG + char *uri_ptr = NULL; + int meth, uri_len; +#endif + ua[sizeof(ua) - 1] = '\0'; + while (rej) { + if (!strstr(ua, rej->name)) { + rej = rej->next; + continue; + } + + msg = strchr(rej->value, ' '); + if (msg) + msg++; + lws_return_http_status(wsi, + atoi(rej->value), msg); +#ifdef LWS_WITH_ACCESS_LOG + meth = lws_http_get_uri_and_method(wsi, + &uri_ptr, &uri_len); + if (meth >= 0) + lws_prepare_access_log_info(wsi, + uri_ptr, meth); + + /* wsi close will do the log */ +#endif + wsi->vhost->conn_stats.rejected++; + /* + * We don't want anything from + * this rejected guy. Follow + * the close flow, not the + * transaction complete flow. + */ + goto bail_nuke_ah; + } + } + } + + + if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECT)) { + lwsl_info("Changing to RAW mode\n"); + m = 0; + goto raw_transition; + } + + lwsi_set_state(wsi, LRS_PRE_WS_SERVING_ACCEPT); + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + + /* is this websocket protocol or normal http 1.0? */ + + if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) { + if (!strcasecmp(lws_hdr_simple_ptr(wsi, + WSI_TOKEN_UPGRADE), + "websocket")) { + wsi->vhost->conn_stats.ws_upg++; + lwsl_info("Upgrade to ws\n"); + goto upgrade_ws; + } +#if defined(LWS_WITH_HTTP2) + if (!strcasecmp(lws_hdr_simple_ptr(wsi, + WSI_TOKEN_UPGRADE), + "h2c")) { + wsi->vhost->conn_stats.h2_upg++; + lwsl_info("Upgrade to h2c\n"); + goto upgrade_h2c; + } +#endif + lwsl_info("Unknown upgrade\n"); + /* dunno what he wanted to upgrade to */ + goto bail_nuke_ah; + } + + /* no upgrade ack... he remained as HTTP */ + + lwsl_info("No upgrade\n"); + + lwsi_set_state(wsi, LRS_ESTABLISHED); + wsi->http.fop_fd = NULL; + + lwsl_debug("%s: wsi %p: ah %p\n", __func__, (void *)wsi, + (void *)wsi->ah); + + n = lws_http_action(wsi); + + return n; + +#if defined(LWS_WITH_HTTP2) +upgrade_h2c: + if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP2_SETTINGS)) { + lwsl_info("missing http2_settings\n"); + goto bail_nuke_ah; + } + + lwsl_info("h2c upgrade...\n"); + + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP2_SETTINGS); + /* convert the peer's HTTP-Settings */ + n = lws_b64_decode_string(p, tbuf, sizeof(tbuf)); + if (n < 0) { + lwsl_parser("HTTP2_SETTINGS too long\n"); + return 1; + } + + /* adopt the header info */ + + if (!wsi->h2.h2n) { + wsi->h2.h2n = lws_zalloc(sizeof(*wsi->h2.h2n), + "h2n"); + if (!wsi->h2.h2n) + return 1; + } + + lws_h2_init(wsi); + + /* HTTP2 union */ + + lws_h2_settings(wsi, &wsi->h2.h2n->set, (unsigned char *)tbuf, n); + + lws_hpack_dynamic_size(wsi, wsi->h2.h2n->set.s[ + H2SET_HEADER_TABLE_SIZE]); + + strcpy(tbuf, "HTTP/1.1 101 Switching Protocols\x0d\x0a" + "Connection: Upgrade\x0d\x0a" + "Upgrade: h2c\x0d\x0a\x0d\x0a"); + m = (int)strlen(tbuf); + n = lws_issue_raw(wsi, (unsigned char *)tbuf, m); + if (n != m) { + lwsl_debug("http2 switch: ERROR writing to socket\n"); + return 1; + } + + lwsi_set_state(wsi, LRS_H2_AWAIT_PREFACE); + wsi->upgraded_to_http2 = 1; + + return 0; +#endif + +upgrade_ws: + if (lws_process_ws_upgrade(wsi)) + goto bail_nuke_ah; + + return 0; + + } /* while all chars are handled */ + + return 0; + +bail_nuke_ah: + /* drop the header info */ + /* we're closing, losing some rx is OK */ + lws_header_table_force_to_detachable_state(wsi); + lws_header_table_detach(wsi, 1); + + return 1; +} + + +static int +lws_get_idlest_tsi(struct lws_context *context) +{ + unsigned int lowest = ~0; + int n = 0, hit = -1; + + for (; n < context->count_threads; n++) { + if ((unsigned int)context->pt[n].fds_count != + context->fd_limit_per_thread - 1 && + (unsigned int)context->pt[n].fds_count < lowest) { + lowest = context->pt[n].fds_count; + hit = n; + } + } + + return hit; +} + +struct lws * +lws_create_new_server_wsi(struct lws_vhost *vhost) +{ + struct lws *new_wsi; + int n = lws_get_idlest_tsi(vhost->context); + + if (n < 0) { + lwsl_err("no space for new conn\n"); + return NULL; + } + + new_wsi = lws_zalloc(sizeof(struct lws), "new server wsi"); + if (new_wsi == NULL) { + lwsl_err("Out of memory for new connection\n"); + return NULL; + } + + new_wsi->tsi = n; + lwsl_debug("new wsi %p joining vhost %s, tsi %d\n", new_wsi, + vhost->name, new_wsi->tsi); + + new_wsi->vhost = vhost; + new_wsi->context = vhost->context; + new_wsi->pending_timeout = NO_PENDING_TIMEOUT; + new_wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; + + /* initialize the instance struct */ + + lwsi_set_state(new_wsi, LRS_UNCONNECTED); + new_wsi->hdr_parsing_completed = 0; + +#ifdef LWS_WITH_TLS + new_wsi->use_ssl = LWS_SSL_ENABLED(vhost); +#endif + + /* + * these can only be set once the protocol is known + * we set an un-established connection's protocol pointer + * to the start of the supported list, so it can look + * for matching ones during the handshake + */ + new_wsi->protocol = vhost->protocols; + new_wsi->user_space = NULL; + new_wsi->desc.sockfd = LWS_SOCK_INVALID; + new_wsi->position_in_fds_table = -1; + + vhost->context->count_wsi_allocated++; + + /* + * outermost create notification for wsi + * no user_space because no protocol selection + */ + vhost->protocols[0].callback(new_wsi, LWS_CALLBACK_WSI_CREATE, + NULL, NULL, 0); + + return new_wsi; +} + +LWS_VISIBLE int LWS_WARN_UNUSED_RESULT +lws_http_transaction_completed(struct lws *wsi) +{ + int n = NO_PENDING_TIMEOUT; + + lwsl_info("%s: wsi %p\n", __func__, wsi); + if (wsi->ah) + lwsl_info("ah attached, pos %d, len %d\n", wsi->ah->rxpos, wsi->ah->rxlen); + lws_access_log(wsi); + + if (!wsi->hdr_parsing_completed) { + lwsl_notice("%s: ignoring, ah parsing incomplete\n", __func__); + return 0; + } + + /* if we can't go back to accept new headers, drop the connection */ + if (wsi->http2_substream) + return 0; + + if (wsi->seen_zero_length_recv) + return 1; + + if (wsi->http.connection_type != HTTP_CONNECTION_KEEP_ALIVE) { + lwsl_info("%s: %p: close connection\n", __func__, wsi); + return 1; + } + + if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0])) + return 1; + + /* + * otherwise set ourselves up ready to go again, but because we have no + * idea about the wsi writability, we make put it in a holding state + * until we can verify POLLOUT. The part of this that confirms POLLOUT + * with no partials is in lws_server_socket_service() below. + */ + lwsi_set_state(wsi, LRS_DEFERRING_ACTION); + wsi->http.tx_content_length = 0; + wsi->http.tx_content_remain = 0; + wsi->hdr_parsing_completed = 0; +#ifdef LWS_WITH_ACCESS_LOG + wsi->access_log.sent = 0; +#endif + + if (wsi->vhost->keepalive_timeout) + n = PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE; + lws_set_timeout(wsi, n, wsi->vhost->keepalive_timeout); + + /* + * We already know we are on http1.1 / keepalive and the next thing + * coming will be another header set. + * + * If there is no pending rx and we still have the ah, drop it and + * reacquire a new ah when the new headers start to arrive. (Otherwise + * we needlessly hog an ah indefinitely.) + * + * However if there is pending rx and we know from the keepalive state + * that is already at least the start of another header set, simply + * reset the existing header table and keep it. + */ + if (wsi->ah) { + if (wsi->ah->rxpos == wsi->ah->rxlen && !wsi->preamble_rx) { + lws_header_table_force_to_detachable_state(wsi); + lws_header_table_detach(wsi, 1); +#ifdef LWS_WITH_TLS + /* + * additionally... if we are hogging an SSL instance + * with no pending pipelined headers (or ah now), and + * SSL is scarce, drop this connection without waiting + */ + + if (wsi->vhost->use_ssl && + wsi->context->simultaneous_ssl_restriction && + wsi->context->simultaneous_ssl == + wsi->context->simultaneous_ssl_restriction) { + lwsl_info("%s: simultaneous_ssl_restriction\n", + __func__); + return 1; + } +#endif + } else { + lws_header_table_reset(wsi, 0); + /* + * If we kept the ah, we should restrict the amount + * of time we are willing to keep it. Otherwise it + * will be bound the whole time the connection remains + * open. + */ + lws_set_timeout(wsi, PENDING_TIMEOUT_HOLDING_AH, + wsi->vhost->keepalive_timeout); + } + /* If we're (re)starting on headers, need other implied init */ + if (wsi->ah) + wsi->ah->ues = URIES_IDLE; + + lwsi_set_state(wsi, LRS_ESTABLISHED); + } else + if (wsi->preamble_rx) + if (lws_header_table_attach(wsi, 0)) + lwsl_debug("acquired ah\n"); + + + lwsl_info("%s: %p: keep-alive await new transaction\n", __func__, wsi); + lws_callback_on_writable(wsi); + + return 0; +} + +/* if not a socket, it's a raw, non-ssl file descriptor */ + +LWS_VISIBLE struct lws * +lws_adopt_descriptor_vhost(struct lws_vhost *vh, lws_adoption_type type, + lws_sock_file_fd_type fd, const char *vh_prot_name, + struct lws *parent) +{ + struct lws_context *context = vh->context; + struct lws *new_wsi; + struct lws_context_per_thread *pt; + int n, ssl = 0; + +#if defined(LWS_WITH_PEER_LIMITS) + struct lws_peer *peer = NULL; + + if (type & LWS_ADOPT_SOCKET && !(type & LWS_ADOPT_WS_PARENTIO)) { + peer = lws_get_or_create_peer(vh, fd.sockfd); + + if (peer && context->ip_limit_wsi && + peer->count_wsi >= context->ip_limit_wsi) { + lwsl_notice("Peer reached wsi limit %d\n", + context->ip_limit_wsi); + lws_stats_atomic_bump(context, &context->pt[0], + LWSSTATS_C_PEER_LIMIT_WSI_DENIED, 1); + return NULL; + } + } +#endif + + new_wsi = lws_create_new_server_wsi(vh); + if (!new_wsi) { + if (type & LWS_ADOPT_SOCKET && !(type & LWS_ADOPT_WS_PARENTIO)) + compatible_close(fd.sockfd); + return NULL; + } +#if defined(LWS_WITH_PEER_LIMITS) + if (peer) + lws_peer_add_wsi(context, peer, new_wsi); +#endif + pt = &context->pt[(int)new_wsi->tsi]; + lws_stats_atomic_bump(context, pt, LWSSTATS_C_CONNECTIONS, 1); + + if (parent) { + new_wsi->parent = parent; + new_wsi->sibling_list = parent->child_list; + parent->child_list = new_wsi; + + if (type & LWS_ADOPT_WS_PARENTIO) + new_wsi->parent_carries_io = 1; + } + + new_wsi->desc = fd; + + if (vh_prot_name) { + new_wsi->protocol = lws_vhost_name_to_protocol(new_wsi->vhost, + vh_prot_name); + if (!new_wsi->protocol) { + lwsl_err("Protocol %s not enabled on vhost %s\n", + vh_prot_name, new_wsi->vhost->name); + goto bail; + } + if (lws_ensure_user_space(new_wsi)) { + lwsl_notice("OOM trying to get user_space\n"); + goto bail; + } + if (type & LWS_ADOPT_WS_PARENTIO) { + new_wsi->desc.sockfd = LWS_SOCK_INVALID; + lwsl_debug("binding to %s\n", new_wsi->protocol->name); + lws_bind_protocol(new_wsi, new_wsi->protocol); + lws_role_transition(new_wsi, LWSIFR_SERVER, + LRS_ESTABLISHED, &role_ops_ws); + /* allocate the ws struct for the wsi */ + new_wsi->ws = lws_zalloc(sizeof(*new_wsi->ws), "ws struct"); + if (!new_wsi->ws) { + lwsl_notice("OOM\n"); + goto bail; + } + lws_server_init_wsi_for_ws(new_wsi); + + return new_wsi; + } + } else + if (type & LWS_ADOPT_HTTP) {/* he will transition later */ + new_wsi->protocol = + &vh->protocols[vh->default_protocol_index]; + new_wsi->role_ops = &role_ops_h1; + } + else { /* this is the only time he will transition */ + lws_bind_protocol(new_wsi, + &vh->protocols[vh->raw_protocol_index]); + lws_role_transition(new_wsi, 0, LRS_ESTABLISHED, + &role_ops_raw_skt); + } + + if (type & LWS_ADOPT_SOCKET) { /* socket desc */ + lwsl_debug("%s: new wsi %p, sockfd %d\n", __func__, new_wsi, + (int)(lws_intptr_t)fd.sockfd); + + if (type & LWS_ADOPT_FLAG_UDP) + /* + * these can be >128 bytes, so just alloc for UDP + */ + new_wsi->udp = lws_malloc(sizeof(*new_wsi->udp), + "udp struct"); + + if (type & LWS_ADOPT_HTTP) + /* the transport is accepted... + * give him time to negotiate */ + lws_set_timeout(new_wsi, + PENDING_TIMEOUT_ESTABLISH_WITH_SERVER, + context->timeout_secs); + + } else /* file desc */ + lwsl_debug("%s: new wsi %p, filefd %d\n", __func__, new_wsi, + (int)(lws_intptr_t)fd.filefd); + + /* + * A new connection was accepted. Give the user a chance to + * set properties of the newly created wsi. There's no protocol + * selected yet so we issue this to the vhosts's default protocol, + * itself by default protocols[0] + */ + n = LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED; + if (!(type & LWS_ADOPT_HTTP)) { + if (!(type & LWS_ADOPT_SOCKET)) + n = LWS_CALLBACK_RAW_ADOPT_FILE; + else + n = LWS_CALLBACK_RAW_ADOPT; + } + + if (!LWS_SSL_ENABLED(new_wsi->vhost) || !(type & LWS_ADOPT_ALLOW_SSL) || + !(type & LWS_ADOPT_SOCKET)) { + /* non-SSL */ + if (!(type & LWS_ADOPT_HTTP)) { + if (!(type & LWS_ADOPT_SOCKET)) + lws_role_transition(new_wsi, 0, LRS_UNCONNECTED, + &role_ops_raw_file); + else + lws_role_transition(new_wsi, 0, LRS_UNCONNECTED, + &role_ops_raw_skt); + } else + lws_role_transition(new_wsi, LWSIFR_SERVER, + LRS_HEADERS, &role_ops_h1); + } else { + /* SSL */ + if (!(type & LWS_ADOPT_HTTP)) + lws_role_transition(new_wsi, 0, LRS_SSL_INIT, + &role_ops_raw_skt); + else + lws_role_transition(new_wsi, LWSIFR_SERVER, + LRS_SSL_INIT, &role_ops_h1); + + ssl = 1; + } + + lwsl_debug("new wsi wsistate 0x%x\n", new_wsi->wsistate); + + lws_libev_accept(new_wsi, new_wsi->desc); + lws_libuv_accept(new_wsi, new_wsi->desc); + lws_libevent_accept(new_wsi, new_wsi->desc); + + if (!ssl) { + lws_pt_lock(pt, __func__); + if (__insert_wsi_socket_into_fds(context, new_wsi)) { + lws_pt_unlock(pt); + lwsl_err("%s: fail inserting socket\n", __func__); + goto fail; + } + lws_pt_unlock(pt); + } else + if (lws_server_socket_service_ssl(new_wsi, fd.sockfd)) { + lwsl_info("%s: fail ssl negotiation\n", __func__); + goto fail; + } + + /* + * by deferring callback to this point, after insertion to fds, + * lws_callback_on_writable() can work from the callback + */ + if ((new_wsi->protocol->callback)( + new_wsi, n, new_wsi->user_space, NULL, 0)) + goto fail; + + if (type & LWS_ADOPT_HTTP) { + if (!lws_header_table_attach(new_wsi, 0)) + lwsl_debug("Attached ah immediately\n"); + else + lwsl_info("%s: waiting for ah\n", __func__); + } + + lws_cancel_service_pt(new_wsi); + + return new_wsi; + +fail: + if (type & LWS_ADOPT_SOCKET) + lws_close_free_wsi(new_wsi, LWS_CLOSE_STATUS_NOSTATUS, "adopt skt fail"); + + return NULL; + +bail: + lwsl_notice("%s: exiting on bail\n", __func__); + if (parent) + parent->child_list = new_wsi->sibling_list; + if (new_wsi->user_space) + lws_free(new_wsi->user_space); + lws_free(new_wsi); + compatible_close(fd.sockfd); + + return NULL; +} + +LWS_VISIBLE struct lws * +lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd) +{ + lws_sock_file_fd_type fd; + + fd.sockfd = accept_fd; + return lws_adopt_descriptor_vhost(vh, LWS_ADOPT_SOCKET | + LWS_ADOPT_HTTP | LWS_ADOPT_ALLOW_SSL, fd, NULL, NULL); +} + +LWS_VISIBLE struct lws * +lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd) +{ + return lws_adopt_socket_vhost(context->vhost_list, accept_fd); +} + +/* Common read-buffer adoption for lws_adopt_*_readbuf */ +static struct lws* +adopt_socket_readbuf(struct lws *wsi, const char *readbuf, size_t len) +{ + struct lws_context_per_thread *pt; + struct allocated_headers *ah; + struct lws_pollfd *pfd; + + if (!wsi) + return NULL; + + if (!readbuf || len == 0) + return wsi; + + if (len > sizeof(ah->rx)) { + lwsl_err("%s: rx in too big\n", __func__); + goto bail; + } + + /* + * we can't process the initial read data until we can attach an ah. + * + * if one is available, get it and place the data in his ah rxbuf... + * wsi with ah that have pending rxbuf get auto-POLLIN service. + * + * no autoservice because we didn't get a chance to attach the + * readbuf data to wsi or ah yet, and we will do it next if we get + * the ah. + */ + if (wsi->ah || !lws_header_table_attach(wsi, 0)) { + ah = wsi->ah; + memcpy(ah->rx, readbuf, len); + ah->rxpos = 0; + ah->rxlen = (int16_t)len; + + lwsl_notice("%s: calling service on readbuf ah\n", __func__); + pt = &wsi->context->pt[(int)wsi->tsi]; + + /* unlike a normal connect, we have the headers already + * (or the first part of them anyway). + * libuv won't come back and service us without a network + * event, so we need to do the header service right here. + */ + pfd = &pt->fds[wsi->position_in_fds_table]; + pfd->revents |= LWS_POLLIN; + lwsl_err("%s: calling service\n", __func__); + if (lws_service_fd_tsi(wsi->context, pfd, wsi->tsi)) + /* service closed us */ + return NULL; + + return wsi; + } + lwsl_err("%s: deferring handling ah\n", __func__); + /* + * hum if no ah came, we are on the wait list and must defer + * dealing with this until the ah arrives. + * + * later successful lws_header_table_attach() will apply the + * below to the rx buffer (via lws_header_table_reset()). + */ + wsi->preamble_rx = lws_malloc(len, "preamble_rx"); + if (!wsi->preamble_rx) { + lwsl_err("OOM\n"); + goto bail; + } + memcpy(wsi->preamble_rx, readbuf, len); + wsi->preamble_rx_len = (int)len; + + return wsi; + +bail: + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "adopt skt readbuf fail"); + + return NULL; +} + +LWS_VISIBLE struct lws * +lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd, + const char *readbuf, size_t len) +{ + return adopt_socket_readbuf(lws_adopt_socket(context, accept_fd), + readbuf, len); +} + +LWS_VISIBLE struct lws * +lws_adopt_socket_vhost_readbuf(struct lws_vhost *vhost, + lws_sockfd_type accept_fd, + const char *readbuf, size_t len) +{ + return adopt_socket_readbuf(lws_adopt_socket_vhost(vhost, accept_fd), + readbuf, len); +} + +LWS_VISIBLE int +lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type, + const char *other_headers, int other_headers_len) +{ + static const char * const intermediates[] = { "private", "public" }; + struct lws_context *context = lws_get_context(wsi); + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; +#if defined(LWS_WITH_RANGES) + struct lws_range_parsing *rp = &wsi->http.range; +#endif + char cache_control[50], *cc = "no-store"; + unsigned char *response = pt->serv_buf + LWS_PRE; + unsigned char *p = response; + unsigned char *end = p + context->pt_serv_buf_size - LWS_PRE; + lws_filepos_t total_content_length; + int ret = 0, cclen = 8, n = HTTP_STATUS_OK; + lws_fop_flags_t fflags = LWS_O_RDONLY; +#if defined(LWS_WITH_RANGES) + int ranges; +#endif + const struct lws_plat_file_ops *fops; + const char *vpath; + + if (wsi->handling_404) + n = HTTP_STATUS_NOT_FOUND; + + /* + * We either call the platform fops .open with first arg platform fops, + * or we call fops_zip .open with first arg platform fops, and fops_zip + * open will decide whether to switch to fops_zip or stay with fops_def. + * + * If wsi->http.fop_fd is already set, the caller already opened it + */ + if (!wsi->http.fop_fd) { + fops = lws_vfs_select_fops(wsi->context->fops, file, &vpath); + fflags |= lws_vfs_prepare_flags(wsi); + wsi->http.fop_fd = fops->LWS_FOP_OPEN(wsi->context->fops, + file, vpath, &fflags); + if (!wsi->http.fop_fd) { + lwsl_info("Unable to open: '%s': errno %d\n", file, errno); + + return -1; + } + } + wsi->http.filelen = lws_vfs_get_length(wsi->http.fop_fd); + total_content_length = wsi->http.filelen; + +#if defined(LWS_WITH_RANGES) + ranges = lws_ranges_init(wsi, rp, wsi->http.filelen); + + lwsl_debug("Range count %d\n", ranges); + /* + * no ranges -> 200; + * 1 range -> 206 + Content-Type: normal; Content-Range; + * more -> 206 + Content-Type: multipart/byteranges + * Repeat the true Content-Type in each multipart header + * along with Content-Range + */ + if (ranges < 0) { + /* it means he expressed a range in Range:, but it was illegal */ + lws_return_http_status(wsi, HTTP_STATUS_REQ_RANGE_NOT_SATISFIABLE, + NULL); + if (lws_http_transaction_completed(wsi)) + return -1; /* <0 means just hang up */ + + lws_vfs_file_close(&wsi->http.fop_fd); + + return 0; /* == 0 means we dealt with the transaction complete */ + } + if (ranges) + n = HTTP_STATUS_PARTIAL_CONTENT; +#endif + + if (lws_add_http_header_status(wsi, n, &p, end)) + return -1; + + if ((wsi->http.fop_fd->flags & (LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP | + LWS_FOP_FLAG_COMPR_IS_GZIP)) == + (LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP | LWS_FOP_FLAG_COMPR_IS_GZIP)) { + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_CONTENT_ENCODING, + (unsigned char *)"gzip", 4, &p, end)) + return -1; + lwsl_info("file is being provided in gzip\n"); + } + + if ( +#if defined(LWS_WITH_RANGES) + ranges < 2 && +#endif + content_type && content_type[0]) + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_CONTENT_TYPE, + (unsigned char *)content_type, + (int)strlen(content_type), + &p, end)) + return -1; + +#if defined(LWS_WITH_RANGES) + if (ranges >= 2) { /* multipart byteranges */ + lws_strncpy(wsi->http.multipart_content_type, content_type, + sizeof(wsi->http.multipart_content_type)); + + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_CONTENT_TYPE, + (unsigned char *) + "multipart/byteranges; " + "boundary=_lws", + 20, &p, end)) + return -1; + + /* + * our overall content length has to include + * + * - (n + 1) x "_lws\r\n" + * - n x Content-Type: xxx/xxx\r\n + * - n x Content-Range: bytes xxx-yyy/zzz\r\n + * - n x /r/n + * - the actual payloads (aggregated in rp->agg) + * + * Precompute it for the main response header + */ + + total_content_length = (lws_filepos_t)rp->agg + + 6 /* final _lws\r\n */; + + lws_ranges_reset(rp); + while (lws_ranges_next(rp)) { + n = lws_snprintf(cache_control, sizeof(cache_control), + "bytes %llu-%llu/%llu", + rp->start, rp->end, rp->extent); + + total_content_length += + 6 /* header _lws\r\n */ + + /* Content-Type: xxx/xxx\r\n */ + 14 + strlen(content_type) + 2 + + /* Content-Range: xxxx\r\n */ + 15 + n + 2 + + 2; /* /r/n */ + } + + lws_ranges_reset(rp); + lws_ranges_next(rp); + } + + if (ranges == 1) { + total_content_length = (lws_filepos_t)rp->agg; + n = lws_snprintf(cache_control, sizeof(cache_control), + "bytes %llu-%llu/%llu", + rp->start, rp->end, rp->extent); + + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_CONTENT_RANGE, + (unsigned char *)cache_control, + n, &p, end)) + return -1; + } + + wsi->http.range.inside = 0; + + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_ACCEPT_RANGES, + (unsigned char *)"bytes", 5, &p, end)) + return -1; +#endif + + if (!wsi->http2_substream) { + if (!wsi->sending_chunked) { + if (lws_add_http_header_content_length(wsi, + total_content_length, + &p, end)) + return -1; + } else { + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_TRANSFER_ENCODING, + (unsigned char *)"chunked", + 7, &p, end)) + return -1; + } + } + + if (wsi->cache_secs && wsi->cache_reuse) { + if (wsi->cache_revalidate) { + cc = cache_control; + cclen = sprintf(cache_control, "%s max-age: %u", + intermediates[wsi->cache_intermediaries], + wsi->cache_secs); + } else { + cc = "no-cache"; + cclen = 8; + } + } + + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CACHE_CONTROL, + (unsigned char *)cc, cclen, &p, end)) + return -1; + + if (wsi->http.connection_type == HTTP_CONNECTION_KEEP_ALIVE) + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_CONNECTION, + (unsigned char *)"keep-alive", 10, &p, end)) + return -1; + + if (other_headers) { + if ((end - p) < other_headers_len) + return -1; + memcpy(p, other_headers, other_headers_len); + p += other_headers_len; + } + + if (lws_finalize_http_header(wsi, &p, end)) + return -1; + + ret = lws_write(wsi, response, p - response, LWS_WRITE_HTTP_HEADERS); + if (ret != (p - response)) { + lwsl_err("_write returned %d from %ld\n", ret, + (long)(p - response)); + return -1; + } + + wsi->http.filepos = 0; + lwsi_set_state(wsi, LRS_ISSUING_FILE); + + lws_callback_on_writable(wsi); + + return 0; +} + +LWS_VISIBLE void +lws_server_get_canonical_hostname(struct lws_context *context, + struct lws_context_creation_info *info) +{ + if (lws_check_opt(info->options, + LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME)) + return; +#if !defined(LWS_WITH_ESP32) + /* find canonical hostname */ + gethostname((char *)context->canonical_hostname, + sizeof(context->canonical_hostname) - 1); + + lwsl_info(" canonical_hostname = %s\n", context->canonical_hostname); +#else + (void)context; +#endif +} + + +LWS_VISIBLE LWS_EXTERN int +lws_chunked_html_process(struct lws_process_html_args *args, + struct lws_process_html_state *s) +{ + char *sp, buffer[32]; + const char *pc; + int old_len, n; + + /* do replacements */ + sp = args->p; + old_len = args->len; + args->len = 0; + s->start = sp; + while (sp < args->p + old_len) { + + if (args->len + 7 >= args->max_len) { + lwsl_err("Used up interpret padding\n"); + return -1; + } + + if ((!s->pos && *sp == '$') || s->pos) { + int hits = 0, hit = 0; + + if (!s->pos) + s->start = sp; + s->swallow[s->pos++] = *sp; + if (s->pos == sizeof(s->swallow) - 1) + goto skip; + for (n = 0; n < s->count_vars; n++) + if (!strncmp(s->swallow, s->vars[n], s->pos)) { + hits++; + hit = n; + } + if (!hits) { +skip: + s->swallow[s->pos] = '\0'; + memcpy(s->start, s->swallow, s->pos); + args->len++; + s->pos = 0; + sp = s->start + 1; + continue; + } + if (hits == 1 && s->pos == (int)strlen(s->vars[hit])) { + pc = s->replace(s->data, hit); + if (!pc) + pc = "NULL"; + n = (int)strlen(pc); + s->swallow[s->pos] = '\0'; + if (n != s->pos) { + memmove(s->start + n, + s->start + s->pos, + old_len - (sp - args->p)); + old_len += (n - s->pos) + 1; + } + memcpy(s->start, pc, n); + args->len++; + sp = s->start + 1; + + s->pos = 0; + } + sp++; + continue; + } + + args->len++; + sp++; + } + + if (args->chunked) { + /* no space left for final chunk trailer */ + if (args->final && args->len + 7 >= args->max_len) + return -1; + + n = sprintf(buffer, "%X\x0d\x0a", args->len); + + args->p -= n; + memcpy(args->p, buffer, n); + args->len += n; + + if (args->final) { + sp = args->p + args->len; + *sp++ = '\x0d'; + *sp++ = '\x0a'; + *sp++ = '0'; + *sp++ = '\x0d'; + *sp++ = '\x0a'; + *sp++ = '\x0d'; + *sp++ = '\x0a'; + args->len += 7; + } else { + sp = args->p + args->len; + *sp++ = '\x0d'; + *sp++ = '\x0a'; + args->len += 2; + } + } + + return 0; +} diff --git a/lib/roles/listen/ops-listen.c b/lib/roles/listen/ops-listen.c new file mode 100644 index 0000000..e9d4d14 --- /dev/null +++ b/lib/roles/listen/ops-listen.c @@ -0,0 +1,171 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +static int +rops_handle_POLLIN_listen(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ + struct lws_context *context = wsi->context; + lws_sockfd_type accept_fd = LWS_SOCK_INVALID; + lws_sock_file_fd_type fd; + int opts = LWS_ADOPT_SOCKET | LWS_ADOPT_ALLOW_SSL; + struct sockaddr_storage cli_addr; + socklen_t clilen; + + /* pollin means a client has connected to us then + * + * pollout is a hack on esp32 for background accepts signalling + * they completed + */ + + do { + struct lws *cwsi; + + if (!(pollfd->revents & (LWS_POLLIN | LWS_POLLOUT)) || + !(pollfd->events & LWS_POLLIN)) + break; + +#if defined(LWS_WITH_TLS) + /* + * can we really accept it, with regards to SSL limit? + * another vhost may also have had POLLIN on his + * listener this round and used it up already + */ + if (wsi->vhost->use_ssl && + context->simultaneous_ssl_restriction && + context->simultaneous_ssl == + context->simultaneous_ssl_restriction) + /* + * no... ignore it, he won't come again until + * we are below the simultaneous_ssl_restriction + * limit and POLLIN is enabled on him again + */ + break; +#endif + /* listen socket got an unencrypted connection... */ + + clilen = sizeof(cli_addr); + lws_latency_pre(context, wsi); + + /* + * We cannot identify the peer who is in the listen + * socket connect queue before we accept it; even if + * we could, not accepting it due to PEER_LIMITS would + * block the connect queue for other legit peers. + */ + + accept_fd = accept((int)pollfd->fd, + (struct sockaddr *)&cli_addr, &clilen); + lws_latency(context, wsi, "listener accept", + (int)accept_fd, accept_fd != LWS_SOCK_INVALID); + if (accept_fd == LWS_SOCK_INVALID) { + if (LWS_ERRNO == LWS_EAGAIN || + LWS_ERRNO == LWS_EWOULDBLOCK) { + break; + } + lwsl_err("ERROR on accept: %s\n", + strerror(LWS_ERRNO)); + break; + } + + lws_plat_set_socket_options(wsi->vhost, accept_fd); + +#if defined(LWS_WITH_IPV6) + lwsl_debug("accepted new conn port %u on fd=%d\n", + ((cli_addr.ss_family == AF_INET6) ? + ntohs(((struct sockaddr_in6 *) &cli_addr)->sin6_port) : + ntohs(((struct sockaddr_in *) &cli_addr)->sin_port)), + accept_fd); +#else + lwsl_debug("accepted new conn port %u on fd=%d\n", + ntohs(((struct sockaddr_in *) &cli_addr)->sin_port), + accept_fd); +#endif + + /* + * look at who we connected to and give user code a + * chance to reject based on client IP. There's no + * protocol selected yet so we issue this to + * protocols[0] + */ + if ((wsi->vhost->protocols[0].callback)(wsi, + LWS_CALLBACK_FILTER_NETWORK_CONNECTION, + NULL, + (void *)(lws_intptr_t)accept_fd, 0)) { + lwsl_debug("Callback denied net connection\n"); + compatible_close(accept_fd); + break; + } + + if (!(wsi->vhost->options & LWS_SERVER_OPTION_ONLY_RAW)) + opts |= LWS_ADOPT_HTTP; + else + opts = LWS_ADOPT_SOCKET; + + fd.sockfd = accept_fd; + cwsi = lws_adopt_descriptor_vhost(wsi->vhost, opts, fd, + NULL, NULL); + if (!cwsi) + /* already closed cleanly as necessary */ + return LWS_HPI_RET_DIE; + + if (lws_server_socket_service_ssl(cwsi, accept_fd)) + lws_close_free_wsi(cwsi, LWS_CLOSE_STATUS_NOSTATUS, + "listen svc fail"); + + lwsl_info("%s: new wsi %p: wsistate 0x%x, role_ops %s\n", + __func__, cwsi, cwsi->wsistate, cwsi->role_ops->name); + + } while (pt->fds_count < context->fd_limit_per_thread - 1 && + lws_poll_listen_fd(&pt->fds[wsi->position_in_fds_table]) > 0); + + return LWS_HPI_RET_HANDLED; +} + +int rops_handle_POLLOUT_listen(struct lws *wsi) +{ + return LWS_HP_RET_USER_SERVICE; +} + +struct lws_role_ops role_ops_listen = { + "listen", + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ NULL, + /* periodic_checks */ NULL, + /* service_flag_pending */ NULL, + /* handle_POLLIN */ rops_handle_POLLIN_listen, + /* handle_POLLOUT */ rops_handle_POLLOUT_listen, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ NULL, + /* tx_credit */ NULL, + /* write_role_protocol */ NULL, + /* rxflow_cache */ NULL, + /* encapsulation_parent */ NULL, + /* close_via_role_protocol */ NULL, + /* close_role */ NULL, + /* close_kill_connection */ NULL, + /* destroy_role */ NULL, + /* writeable cb clnt, srv */ { 0, 0 }, + /* close cb clnt, srv */ { 0, 0 }, +}; diff --git a/lib/roles/pipe/ops-pipe.c b/lib/roles/pipe/ops-pipe.c new file mode 100644 index 0000000..8a573e7 --- /dev/null +++ b/lib/roles/pipe/ops-pipe.c @@ -0,0 +1,78 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +static int +rops_handle_POLLIN_pipe(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ +#if !defined(WIN32) && !defined(_WIN32) + char s[10]; + int n; + + /* + * discard the byte(s) that signaled us + * We really don't care about the number of bytes, but coverity + * thinks we should. + */ + n = read(wsi->desc.sockfd, s, sizeof(s)); + (void)n; + if (n < 0) + return LWS_HPI_RET_CLOSE_HANDLED; +#endif + /* + * the poll() wait, or the event loop for libuv etc is a + * process-wide resource that we interrupted. So let every + * protocol that may be interested in the pipe event know that + * it happened. + */ + if (lws_broadcast(wsi->context, LWS_CALLBACK_EVENT_WAIT_CANCELLED, + NULL, 0)) { + lwsl_info("closed in event cancel\n"); + return LWS_HPI_RET_CLOSE_HANDLED; + } + + return LWS_HPI_RET_HANDLED; +} + +struct lws_role_ops role_ops_pipe = { + "pipe", + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ NULL, + /* periodic_checks */ NULL, + /* service_flag_pending */ NULL, + /* handle_POLLIN */ rops_handle_POLLIN_pipe, + /* handle_POLLOUT */ NULL, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ NULL, + /* tx_credit */ NULL, + /* write_role_protocol */ NULL, + /* rxflow_cache */ NULL, + /* encapsulation_parent */ NULL, + /* close_via_role_protocol */ NULL, + /* close_role */ NULL, + /* close_kill_connection */ NULL, + /* destroy_role */ NULL, + /* writeable cb clnt, srv */ { 0, 0 }, + /* close cb clnt, srv */ { 0, 0 }, +}; diff --git a/lib/roles/raw/ops-raw.c b/lib/roles/raw/ops-raw.c new file mode 100644 index 0000000..1afb4b9 --- /dev/null +++ b/lib/roles/raw/ops-raw.c @@ -0,0 +1,199 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +static int +rops_handle_POLLIN_raw_skt(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ + int len, n; + + /* pending truncated sends have uber priority */ + + if (wsi->trunc_len) { + if (!(pollfd->revents & LWS_POLLOUT)) + return LWS_HPI_RET_HANDLED; + + if (lws_issue_raw(wsi, wsi->trunc_alloc + wsi->trunc_offset, + wsi->trunc_len) < 0) + goto fail; + /* + * we can't afford to allow input processing to send + * something new, so spin around he event loop until + * he doesn't have any partials + */ + return LWS_HPI_RET_HANDLED; + } + + if ((pollfd->revents & pollfd->events & LWS_POLLIN) && + /* any tunnel has to have been established... */ + lwsi_state(wsi) != LRS_SSL_ACK_PENDING && + !(wsi->favoured_pollin && + (pollfd->revents & pollfd->events & LWS_POLLOUT))) { + + len = lws_read_or_use_preamble(pt, wsi); + if (len < 0) + goto fail; + + if (!len) + goto try_pollout; + + n = user_callback_handle_rxflow(wsi->protocol->callback, + wsi, LWS_CALLBACK_RAW_RX, + wsi->user_space, pt->serv_buf, + len); + if (n < 0) { + lwsl_info("LWS_CALLBACK_RAW_RX_fail\n"); + goto fail; + } + } else + if (wsi->favoured_pollin && + (pollfd->revents & pollfd->events & LWS_POLLOUT)) + /* we balanced the last favouring of pollin */ + wsi->favoured_pollin = 0; + +try_pollout: + + /* this handles POLLOUT for http serving fragments */ + + if (!(pollfd->revents & LWS_POLLOUT)) + return LWS_HPI_RET_HANDLED; + + /* one shot */ + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_notice("%s a\n", __func__); + goto fail; + } + + /* clear back-to-back write detection */ + wsi->could_have_pending = 0; + + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_WRITEABLE_CB, 1); +#if defined(LWS_WITH_STATS) + if (wsi->active_writable_req_us) { + uint64_t ul = time_in_microseconds() - + wsi->active_writable_req_us; + + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_MS_WRITABLE_DELAY, ul); + lws_stats_atomic_max(wsi->context, pt, + LWSSTATS_MS_WORST_WRITABLE_DELAY, ul); + wsi->active_writable_req_us = 0; + } +#endif + n = user_callback_handle_rxflow(wsi->protocol->callback, + wsi, LWS_CALLBACK_RAW_WRITEABLE, + wsi->user_space, NULL, 0); + if (n < 0) { + lwsl_info("writeable_fail\n"); + goto fail; + } + + return LWS_HPI_RET_HANDLED; + +fail: + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "raw svc fail"); + + return LWS_HPI_RET_CLOSE_HANDLED; +} + + +static int +rops_handle_POLLIN_raw_file(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ + int n; + + if (pollfd->revents & LWS_POLLOUT) { + n = lws_callback_as_writeable(wsi); + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_info("failed at set pollfd\n"); + return LWS_HPI_RET_DIE; + } + if (n) + return LWS_HPI_RET_CLOSE_HANDLED; + } + + if (pollfd->revents & LWS_POLLIN) { + if (user_callback_handle_rxflow(wsi->protocol->callback, + wsi, LWS_CALLBACK_RAW_RX_FILE, + wsi->user_space, NULL, 0)) { + lwsl_debug("raw rx callback closed it\n"); + return LWS_HPI_RET_CLOSE_HANDLED; + } + } + + if (pollfd->revents & LWS_POLLHUP) + return LWS_HPI_RET_CLOSE_HANDLED; + + return LWS_HPI_RET_HANDLED; +} + + +struct lws_role_ops role_ops_raw_skt = { + "raw-skt", + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ NULL, + /* periodic_checks */ NULL, + /* service_flag_pending */ NULL, + /* handle_POLLIN */ rops_handle_POLLIN_raw_skt, + /* handle_POLLOUT */ NULL, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ NULL, + /* tx_credit */ NULL, + /* write_role_protocol */ NULL, + /* rxflow_cache */ NULL, + /* encapsulation_parent */ NULL, + /* close_via_role_protocol */ NULL, + /* close_role */ NULL, + /* close_kill_connection */ NULL, + /* destroy_role */ NULL, + /* writeable cb clnt, srv */ { LWS_CALLBACK_RAW_WRITEABLE, 0 }, + /* close cb clnt, srv */ { LWS_CALLBACK_RAW_CLOSE, 0 }, +}; + + + +struct lws_role_ops role_ops_raw_file = { + "raw-file", + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ NULL, + /* periodic_checks */ NULL, + /* service_flag_pending */ NULL, + /* handle_POLLIN */ rops_handle_POLLIN_raw_file, + /* handle_POLLOUT */ NULL, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ NULL, + /* tx_credit */ NULL, + /* write_role_protocol */ NULL, + /* rxflow_cache */ NULL, + /* encapsulation_parent */ NULL, + /* close_via_role_protocol */ NULL, + /* close_role */ NULL, + /* close_kill_connection */ NULL, + /* destroy_role */ NULL, + /* writeable cb clnt, srv */ { LWS_CALLBACK_RAW_WRITEABLE_FILE, 0 }, + /* close cb clnt, srv */ { LWS_CALLBACK_RAW_CLOSE_FILE, 0 }, +}; diff --git a/lib/roles/ws/client-parser.c b/lib/roles/ws/client-parser.c new file mode 100644 index 0000000..d348511 --- /dev/null +++ b/lib/roles/ws/client-parser.c @@ -0,0 +1,606 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +/* + * parsers.c: lws_ws_rx_sm() needs to be roughly kept in + * sync with changes here, esp related to ext draining + */ + +int lws_client_rx_sm(struct lws *wsi, unsigned char c) +{ + int callback_action = LWS_CALLBACK_CLIENT_RECEIVE; + int handled, n, m, rx_draining_ext = 0; + unsigned short close_code; + struct lws_tokens eff_buf; + unsigned char *pp; + + if (wsi->ws->rx_draining_ext) { + assert(!c); + eff_buf.token = NULL; + eff_buf.token_len = 0; + lws_remove_wsi_from_draining_ext_list(wsi); + rx_draining_ext = 1; + lwsl_debug("%s: doing draining flow\n", __func__); + + goto drain_extension; + } + + if (wsi->socket_is_permanently_unusable) + return -1; + + switch (wsi->lws_rx_parse_state) { + case LWS_RXPS_NEW: + /* control frames (PING) may interrupt checkable sequences */ + wsi->ws->defeat_check_utf8 = 0; + + switch (wsi->ws->ietf_spec_revision) { + case 13: + wsi->ws->opcode = c & 0xf; + /* revisit if an extension wants them... */ + switch (wsi->ws->opcode) { + case LWSWSOPC_TEXT_FRAME: + wsi->ws->rsv_first_msg = (c & 0x70); + wsi->ws->continuation_possible = 1; + wsi->ws->check_utf8 = lws_check_opt( + wsi->context->options, + LWS_SERVER_OPTION_VALIDATE_UTF8); + wsi->ws->utf8 = 0; + break; + case LWSWSOPC_BINARY_FRAME: + wsi->ws->rsv_first_msg = (c & 0x70); + wsi->ws->check_utf8 = 0; + wsi->ws->continuation_possible = 1; + break; + case LWSWSOPC_CONTINUATION: + if (!wsi->ws->continuation_possible) { + lwsl_info("disordered continuation\n"); + return -1; + } + break; + case LWSWSOPC_CLOSE: + wsi->ws->check_utf8 = 0; + wsi->ws->utf8 = 0; + break; + case 3: + case 4: + case 5: + case 6: + case 7: + case 0xb: + case 0xc: + case 0xd: + case 0xe: + case 0xf: + lwsl_info("illegal opcode\n"); + return -1; + default: + wsi->ws->defeat_check_utf8 = 1; + break; + } + wsi->ws->rsv = (c & 0x70); + /* revisit if an extension wants them... */ + if ( +#if !defined(LWS_WITHOUT_EXTENSIONS) + !wsi->count_act_ext && +#endif + wsi->ws->rsv) { + lwsl_info("illegal rsv bits set\n"); + return -1; + } + wsi->ws->final = !!((c >> 7) & 1); + lwsl_ext("%s: This RX frame Final %d\n", __func__, + wsi->ws->final); + + if (wsi->ws->owed_a_fin && + (wsi->ws->opcode == LWSWSOPC_TEXT_FRAME || + wsi->ws->opcode == LWSWSOPC_BINARY_FRAME)) { + lwsl_info("hey you owed us a FIN\n"); + return -1; + } + if ((!(wsi->ws->opcode & 8)) && wsi->ws->final) { + wsi->ws->continuation_possible = 0; + wsi->ws->owed_a_fin = 0; + } + + if ((wsi->ws->opcode & 8) && !wsi->ws->final) { + lwsl_info("control msg can't be fragmented\n"); + return -1; + } + if (!wsi->ws->final) + wsi->ws->owed_a_fin = 1; + + switch (wsi->ws->opcode) { + case LWSWSOPC_TEXT_FRAME: + case LWSWSOPC_BINARY_FRAME: + wsi->ws->frame_is_binary = wsi->ws->opcode == + LWSWSOPC_BINARY_FRAME; + break; + } + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN; + break; + + default: + lwsl_err("unknown spec version %02d\n", + wsi->ws->ietf_spec_revision); + break; + } + break; + + case LWS_RXPS_04_FRAME_HDR_LEN: + + wsi->ws->this_frame_masked = !!(c & 0x80); + + switch (c & 0x7f) { + case 126: + /* control frames are not allowed to have big lengths */ + if (wsi->ws->opcode & 8) + goto illegal_ctl_length; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_2; + break; + case 127: + /* control frames are not allowed to have big lengths */ + if (wsi->ws->opcode & 8) + goto illegal_ctl_length; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_8; + break; + default: + wsi->ws->rx_packet_length = c; + if (wsi->ws->this_frame_masked) + wsi->lws_rx_parse_state = + LWS_RXPS_07_COLLECT_FRAME_KEY_1; + else { + if (c) + wsi->lws_rx_parse_state = + LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; + else { + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + } + break; + } + break; + + case LWS_RXPS_04_FRAME_HDR_LEN16_2: + wsi->ws->rx_packet_length = c << 8; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_1; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN16_1: + wsi->ws->rx_packet_length |= c; + if (wsi->ws->this_frame_masked) + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_1; + else { + if (wsi->ws->rx_packet_length) + wsi->lws_rx_parse_state = + LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; + else { + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + } + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_8: + if (c & 0x80) { + lwsl_warn("b63 of length must be zero\n"); + /* kill the connection */ + return -1; + } +#if defined __LP64__ + wsi->ws->rx_packet_length = ((size_t)c) << 56; +#else + wsi->ws->rx_packet_length = 0; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_7; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_7: +#if defined __LP64__ + wsi->ws->rx_packet_length |= ((size_t)c) << 48; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_6; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_6: +#if defined __LP64__ + wsi->ws->rx_packet_length |= ((size_t)c) << 40; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_5; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_5: +#if defined __LP64__ + wsi->ws->rx_packet_length |= ((size_t)c) << 32; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_4; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_4: + wsi->ws->rx_packet_length |= ((size_t)c) << 24; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_3; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_3: + wsi->ws->rx_packet_length |= ((size_t)c) << 16; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_2; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_2: + wsi->ws->rx_packet_length |= ((size_t)c) << 8; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_1; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_1: + wsi->ws->rx_packet_length |= (size_t)c; + if (wsi->ws->this_frame_masked) + wsi->lws_rx_parse_state = + LWS_RXPS_07_COLLECT_FRAME_KEY_1; + else { + if (wsi->ws->rx_packet_length) + wsi->lws_rx_parse_state = + LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; + else { + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + } + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_1: + wsi->ws->mask[0] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_2; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_2: + wsi->ws->mask[1] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_3; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_3: + wsi->ws->mask[2] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_4; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_4: + wsi->ws->mask[3] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + + if (wsi->ws->rx_packet_length) + wsi->lws_rx_parse_state = + LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; + else { + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + break; + + case LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED: + + assert(wsi->ws->rx_ubuf); + + if (wsi->ws->rx_draining_ext) + goto drain_extension; + + if (wsi->ws->this_frame_masked && !wsi->ws->all_zero_nonce) + c ^= wsi->ws->mask[(wsi->ws->mask_idx++) & 3]; + + wsi->ws->rx_ubuf[LWS_PRE + (wsi->ws->rx_ubuf_head++)] = c; + + if (--wsi->ws->rx_packet_length == 0) { + /* spill because we have the whole frame */ + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + + /* + * if there's no protocol max frame size given, we are + * supposed to default to context->pt_serv_buf_size + */ + if (!wsi->protocol->rx_buffer_size && + wsi->ws->rx_ubuf_head != wsi->context->pt_serv_buf_size) + break; + + if (wsi->protocol->rx_buffer_size && + wsi->ws->rx_ubuf_head != wsi->protocol->rx_buffer_size) + break; + + /* spill because we filled our rx buffer */ +spill: + + handled = 0; + + /* + * is this frame a control packet we should take care of at this + * layer? If so service it and hide it from the user callback + */ + + switch (wsi->ws->opcode) { + case LWSWSOPC_CLOSE: + pp = (unsigned char *)&wsi->ws->rx_ubuf[LWS_PRE]; + if (lws_check_opt(wsi->context->options, + LWS_SERVER_OPTION_VALIDATE_UTF8) && + wsi->ws->rx_ubuf_head > 2 && + lws_check_utf8(&wsi->ws->utf8, pp + 2, + wsi->ws->rx_ubuf_head - 2)) + goto utf8_fail; + + /* is this an acknowledgment of our close? */ + if (lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) { + /* + * fine he has told us he is closing too, let's + * finish our close + */ + lwsl_parser("seen server's close ack\n"); + return -1; + } + + lwsl_parser("client sees server close len = %d\n", + wsi->ws->rx_ubuf_head); + if (wsi->ws->rx_ubuf_head >= 2) { + close_code = (pp[0] << 8) | pp[1]; + if (close_code < 1000 || + close_code == 1004 || + close_code == 1005 || + close_code == 1006 || + close_code == 1012 || + close_code == 1013 || + close_code == 1014 || + close_code == 1015 || + (close_code >= 1016 && close_code < 3000) + ) { + pp[0] = (LWS_CLOSE_STATUS_PROTOCOL_ERR >> 8) & 0xff; + pp[1] = LWS_CLOSE_STATUS_PROTOCOL_ERR & 0xff; + } + } + if (user_callback_handle_rxflow( + wsi->protocol->callback, wsi, + LWS_CALLBACK_WS_PEER_INITIATED_CLOSE, + wsi->user_space, pp, + wsi->ws->rx_ubuf_head)) + return -1; + + if (lws_partial_buffered(wsi)) + /* + * if we're in the middle of something, + * we can't do a normal close response and + * have to just close our end. + */ + wsi->socket_is_permanently_unusable = 1; + else + /* + * parrot the close packet payload back + * we do not care about how it went, we are closing + * immediately afterwards + */ + lws_write(wsi, (unsigned char *) + &wsi->ws->rx_ubuf[LWS_PRE], + wsi->ws->rx_ubuf_head, + LWS_WRITE_CLOSE); + lwsi_set_state(wsi, LRS_RETURNED_CLOSE); + /* close the connection */ + return -1; + + case LWSWSOPC_PING: + lwsl_info("received %d byte ping, sending pong\n", + wsi->ws->rx_ubuf_head); + + /* he set a close reason on this guy, ignore PING */ + if (wsi->ws->close_in_ping_buffer_len) + goto ping_drop; + + if (wsi->ws->ping_pending_flag) { + /* + * there is already a pending ping payload + * we should just log and drop + */ + lwsl_parser("DROP PING since one pending\n"); + goto ping_drop; + } + + /* control packets can only be < 128 bytes long */ + if (wsi->ws->rx_ubuf_head > 128 - 3) { + lwsl_parser("DROP PING payload too large\n"); + goto ping_drop; + } + + /* stash the pong payload */ + memcpy(wsi->ws->ping_payload_buf + LWS_PRE, + &wsi->ws->rx_ubuf[LWS_PRE], + wsi->ws->rx_ubuf_head); + + wsi->ws->ping_payload_len = wsi->ws->rx_ubuf_head; + wsi->ws->ping_pending_flag = 1; + + /* get it sent as soon as possible */ + lws_callback_on_writable(wsi); +ping_drop: + wsi->ws->rx_ubuf_head = 0; + handled = 1; + break; + + case LWSWSOPC_PONG: + lwsl_info("client receied pong\n"); + lwsl_hexdump(&wsi->ws->rx_ubuf[LWS_PRE], + wsi->ws->rx_ubuf_head); + + if (wsi->pending_timeout == + PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG) { + lwsl_info("%p: received expected PONG\n", wsi); + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + } + + /* issue it */ + callback_action = LWS_CALLBACK_CLIENT_RECEIVE_PONG; + break; + + case LWSWSOPC_CONTINUATION: + case LWSWSOPC_TEXT_FRAME: + case LWSWSOPC_BINARY_FRAME: + break; + + default: + + lwsl_parser("Reserved opc 0x%2X\n", wsi->ws->opcode); + + /* + * It's something special we can't understand here. + * Pass the payload up to the extension's parsing + * state machine. + */ + + eff_buf.token = &wsi->ws->rx_ubuf[LWS_PRE]; + eff_buf.token_len = wsi->ws->rx_ubuf_head; + + if (lws_ext_cb_active(wsi, + LWS_EXT_CB_EXTENDED_PAYLOAD_RX, + &eff_buf, 0) <= 0) { + /* not handled or failed */ + lwsl_ext("Unhandled ext opc 0x%x\n", + wsi->ws->opcode); + wsi->ws->rx_ubuf_head = 0; + + return 0; + } + handled = 1; + break; + } + + /* + * No it's real payload, pass it up to the user callback. + * It's nicely buffered with the pre-padding taken care of + * so it can be sent straight out again using lws_write + */ + if (handled) + goto already_done; + + eff_buf.token = &wsi->ws->rx_ubuf[LWS_PRE]; + eff_buf.token_len = wsi->ws->rx_ubuf_head; + + if (wsi->ws->opcode == LWSWSOPC_PONG && !eff_buf.token_len) + goto already_done; + +drain_extension: +#if !defined(LWS_WITHOUT_EXTENSIONS) + lwsl_ext("%s: passing %d to ext\n", __func__, eff_buf.token_len); + + n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, &eff_buf, 0); + lwsl_ext("Ext RX returned %d\n", n); + if (n < 0) { + wsi->socket_is_permanently_unusable = 1; + return -1; + } +#else + n = 0; +#endif + lwsl_ext("post inflate eff_buf len %d\n", eff_buf.token_len); + + if (rx_draining_ext && !eff_buf.token_len) { + lwsl_debug(" --- ending drain on 0 read result\n"); + goto already_done; + } + + if (wsi->ws->check_utf8 && !wsi->ws->defeat_check_utf8) { + if (lws_check_utf8(&wsi->ws->utf8, + (unsigned char *)eff_buf.token, + eff_buf.token_len)) + goto utf8_fail; + + /* we are ending partway through utf-8 character? */ + if (!wsi->ws->rx_packet_length && wsi->ws->final && + wsi->ws->utf8 && !n) { + lwsl_info("FINAL utf8 error\n"); +utf8_fail: + lwsl_info("utf8 error\n"); + return -1; + } + } + + if (eff_buf.token_len < 0 && + callback_action != LWS_CALLBACK_CLIENT_RECEIVE_PONG) + goto already_done; + + if (!eff_buf.token) + goto already_done; + + eff_buf.token[eff_buf.token_len] = '\0'; + + if (!wsi->protocol->callback) + goto already_done; + + if (callback_action == LWS_CALLBACK_CLIENT_RECEIVE_PONG) + lwsl_info("Client doing pong callback\n"); + + if ( + /* coverity says dead code otherwise */ +#if !defined(LWS_WITHOUT_EXTENSIONS) + n && +#endif + eff_buf.token_len) + /* extension had more... main loop will come back + * we want callback to be done with this set, if so, + * because lws_is_final() hides it was final until the + * last chunk + */ + lws_add_wsi_to_draining_ext_list(wsi); + else + lws_remove_wsi_from_draining_ext_list(wsi); + + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || + lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE || + lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) + goto already_done; + + m = wsi->protocol->callback(wsi, + (enum lws_callback_reasons)callback_action, + wsi->user_space, eff_buf.token, eff_buf.token_len); + + /* if user code wants to close, let caller know */ + if (m) + return 1; + +already_done: + wsi->ws->rx_ubuf_head = 0; + break; + default: + lwsl_err("client rx illegal state\n"); + return 1; + } + + return 0; + +illegal_ctl_length: + lwsl_warn("Control frame asking for extended length is illegal\n"); + + /* kill the connection */ + return -1; +} + + diff --git a/lib/roles/ws/client-ws.c b/lib/roles/ws/client-ws.c new file mode 100644 index 0000000..8fd29f6 --- /dev/null +++ b/lib/roles/ws/client-ws.c @@ -0,0 +1,604 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +/* + * In-place str to lower case + */ + +static void +strtolower(char *s) +{ + while (*s) { +#ifdef LWS_PLAT_OPTEE + int tolower_optee(int c); + *s = tolower_optee((int)*s); +#else + *s = tolower((int)*s); +#endif + s++; + } +} + +int +lws_create_client_ws_object(struct lws_client_connect_info *i, struct lws *wsi) +{ + int v = SPEC_LATEST_SUPPORTED; + + /* allocate the ws struct for the wsi */ + wsi->ws = lws_zalloc(sizeof(*wsi->ws), "client ws struct"); + if (!wsi->ws) { + lwsl_notice("OOM\n"); + return 1; + } + + /* -1 means just use latest supported */ + if (i->ietf_version_or_minus_one != -1 && + i->ietf_version_or_minus_one) + v = i->ietf_version_or_minus_one; + + wsi->ws->ietf_spec_revision = v; + + return 0; +} + +char * +lws_generate_client_ws_handshake(struct lws *wsi, char *p) +{ + char buf[128], hash[20], key_b64[40]; + int n; +#if !defined(LWS_WITHOUT_EXTENSIONS) + const struct lws_extension *ext; + int ext_count = 0; +#endif + + /* + * create the random key + */ + n = lws_get_random(wsi->context, hash, 16); + if (n != 16) { + lwsl_err("Unable to read from random dev %s\n", + SYSTEM_RANDOM_FILEPATH); + return NULL; + } + + lws_b64_encode_string(hash, 16, key_b64, sizeof(key_b64)); + + p += sprintf(p, "Upgrade: websocket\x0d\x0a" + "Connection: Upgrade\x0d\x0a" + "Sec-WebSocket-Key: "); + strcpy(p, key_b64); + p += strlen(key_b64); + p += sprintf(p, "\x0d\x0a"); + if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS)) + p += sprintf(p, "Sec-WebSocket-Protocol: %s\x0d\x0a", + lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_SENT_PROTOCOLS)); + + /* tell the server what extensions we could support */ + +#if !defined(LWS_WITHOUT_EXTENSIONS) + ext = wsi->vhost->extensions; + while (ext && ext->callback) { + n = lws_ext_cb_all_exts(wsi->context, wsi, + LWS_EXT_CB_CHECK_OK_TO_PROPOSE_EXTENSION, + (char *)ext->name, 0); + if (n) { /* an extension vetos us */ + lwsl_ext("ext %s vetoed\n", (char *)ext->name); + ext++; + continue; + } + n = wsi->vhost->protocols[0].callback(wsi, + LWS_CALLBACK_CLIENT_CONFIRM_EXTENSION_SUPPORTED, + wsi->user_space, (char *)ext->name, 0); + + /* + * zero return from callback means go ahead and allow + * the extension, it's what we get if the callback is + * unhandled + */ + + if (n) { + ext++; + continue; + } + + /* apply it */ + + if (ext_count) + *p++ = ','; + else + p += sprintf(p, "Sec-WebSocket-Extensions: "); + p += sprintf(p, "%s", ext->client_offer); + ext_count++; + + ext++; + } + if (ext_count) + p += sprintf(p, "\x0d\x0a"); +#endif + + if (wsi->ws->ietf_spec_revision) + p += sprintf(p, "Sec-WebSocket-Version: %d\x0d\x0a", + wsi->ws->ietf_spec_revision); + + /* prepare the expected server accept response */ + + key_b64[39] = '\0'; /* enforce composed length below buf sizeof */ + n = sprintf(buf, "%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11", + key_b64); + + lws_SHA1((unsigned char *)buf, n, (unsigned char *)hash); + + lws_b64_encode_string(hash, 20, + wsi->ah->initial_handshake_hash_base64, + sizeof(wsi->ah->initial_handshake_hash_base64)); + + return p; +} + +int +lws_client_ws_upgrade(struct lws *wsi, const char **cce) +{ + int n, len, okay = 0; + struct lws_context *context = wsi->context; + const char *pc; + char *p; +#if !defined(LWS_WITHOUT_EXTENSIONS) + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + char *sb = (char *)&pt->serv_buf[0]; + const struct lws_ext_options *opts; + const struct lws_extension *ext; + char ext_name[128]; + const char *c, *a; + char ignore; + int more = 1; + void *v; +#endif + + if (wsi->client_h2_substream) {/* !!! client ws-over-h2 not there yet */ + lwsl_warn("%s: client ws-over-h2 upgrade not supported yet\n", + __func__); + *cce = "HS: h2 / ws upgrade unsupported"; + goto bail3; + } + + if (wsi->ah->http_response != 401) { + lwsl_warn( + "lws_client_handshake: got bad HTTP response '%d'\n", + wsi->ah->http_response); + *cce = "HS: ws upgrade unauthorized"; + goto bail3; + } + + if (wsi->ah->http_response != 101) { + lwsl_warn( + "lws_client_handshake: got bad HTTP response '%d'\n", + wsi->ah->http_response); + *cce = "HS: ws upgrade response not 101"; + goto bail3; + } + + if (lws_hdr_total_length(wsi, WSI_TOKEN_ACCEPT) == 0) { + lwsl_info("no ACCEPT\n"); + *cce = "HS: ACCEPT missing"; + goto bail3; + } + + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_UPGRADE); + if (!p) { + lwsl_info("no UPGRADE\n"); + *cce = "HS: UPGRADE missing"; + goto bail3; + } + strtolower(p); + if (strcmp(p, "websocket")) { + lwsl_warn( + "lws_client_handshake: got bad Upgrade header '%s'\n", p); + *cce = "HS: Upgrade to something other than websocket"; + goto bail3; + } + + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_CONNECTION); + if (!p) { + lwsl_info("no Connection hdr\n"); + *cce = "HS: CONNECTION missing"; + goto bail3; + } + strtolower(p); + if (strcmp(p, "upgrade")) { + lwsl_warn("lws_client_int_s_hs: bad header %s\n", p); + *cce = "HS: UPGRADE malformed"; + goto bail3; + } + + pc = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); + if (!pc) { + lwsl_parser("lws_client_int_s_hs: no protocol list\n"); + } else + lwsl_parser("lws_client_int_s_hs: protocol list '%s'\n", pc); + + /* + * confirm the protocol the server wants to talk was in the list + * of protocols we offered + */ + + len = lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL); + if (!len) { + lwsl_info("%s: WSI_TOKEN_PROTOCOL is null\n", __func__); + /* + * no protocol name to work from, + * default to first protocol + */ + n = 0; + wsi->protocol = &wsi->vhost->protocols[0]; + goto check_extensions; + } + + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL); + len = (int)strlen(p); + + while (pc && *pc && !okay) { + if (!strncmp(pc, p, len) && + (pc[len] == ',' || pc[len] == '\0')) { + okay = 1; + continue; + } + while (*pc && *pc++ != ',') + ; + while (*pc && *pc == ' ') + pc++; + } + + if (!okay) { + lwsl_info("%s: got bad protocol %s\n", __func__, p); + *cce = "HS: PROTOCOL malformed"; + goto bail2; + } + + /* + * identify the selected protocol struct and set it + */ + n = 0; + /* keep client connection pre-bound protocol */ + if (!lwsi_role_client(wsi)) + wsi->protocol = NULL; + + while (wsi->vhost->protocols[n].callback) { + if (!wsi->protocol && + strcmp(p, wsi->vhost->protocols[n].name) == 0) { + wsi->protocol = &wsi->vhost->protocols[n]; + break; + } + n++; + } + + if (!wsi->vhost->protocols[n].callback) { /* no match */ + /* if server, that's already fatal */ + if (!lwsi_role_client(wsi)) { + lwsl_info("%s: fail protocol %s\n", __func__, p); + *cce = "HS: Cannot match protocol"; + goto bail2; + } + + /* for client, find the index of our pre-bound protocol */ + + n = 0; + while (wsi->vhost->protocols[n].callback) { + if (wsi->protocol && strcmp(wsi->protocol->name, + wsi->vhost->protocols[n].name) == 0) { + wsi->protocol = &wsi->vhost->protocols[n]; + break; + } + n++; + } + + if (!wsi->vhost->protocols[n].callback) { + if (wsi->protocol) + lwsl_err("Failed to match protocol %s\n", + wsi->protocol->name); + else + lwsl_err("No protocol on client\n"); + goto bail2; + } + } + + lwsl_debug("Selected protocol %s\n", wsi->protocol->name); + +check_extensions: + /* + * stitch protocol choice into the vh protocol linked list + * We always insert ourselves at the start of the list + * + * X <-> B + * X <-> pAn <-> pB + */ + + lws_vhost_lock(wsi->vhost); + + wsi->same_vh_protocol_prev = /* guy who points to us */ + &wsi->vhost->same_vh_protocol_list[n]; + wsi->same_vh_protocol_next = /* old first guy is our next */ + wsi->vhost->same_vh_protocol_list[n]; + /* we become the new first guy */ + wsi->vhost->same_vh_protocol_list[n] = wsi; + + if (wsi->same_vh_protocol_next) + /* old first guy points back to us now */ + wsi->same_vh_protocol_next->same_vh_protocol_prev = + &wsi->same_vh_protocol_next; + wsi->on_same_vh_list = 1; + + lws_vhost_unlock(wsi->vhost); + +#if !defined(LWS_WITHOUT_EXTENSIONS) + /* instantiate the accepted extensions */ + + if (!lws_hdr_total_length(wsi, WSI_TOKEN_EXTENSIONS)) { + lwsl_ext("no client extensions allowed by server\n"); + goto check_accept; + } + + /* + * break down the list of server accepted extensions + * and go through matching them or identifying bogons + */ + + if (lws_hdr_copy(wsi, sb, context->pt_serv_buf_size, + WSI_TOKEN_EXTENSIONS) < 0) { + lwsl_warn("ext list from server failed to copy\n"); + *cce = "HS: EXT: list too big"; + goto bail2; + } + + c = sb; + n = 0; + ignore = 0; + a = NULL; + while (more) { + + if (*c && (*c != ',' && *c != '\t')) { + if (*c == ';') { + ignore = 1; + if (!a) + a = c + 1; + } + if (ignore || *c == ' ') { + c++; + continue; + } + + ext_name[n] = *c++; + if (n < (int)sizeof(ext_name) - 1) + n++; + continue; + } + ext_name[n] = '\0'; + ignore = 0; + if (!*c) + more = 0; + else { + c++; + if (!n) + continue; + } + + /* check we actually support it */ + + lwsl_notice("checking client ext %s\n", ext_name); + + n = 0; + ext = wsi->vhost->extensions; + while (ext && ext->callback) { + if (strcmp(ext_name, ext->name)) { + ext++; + continue; + } + + n = 1; + lwsl_notice("instantiating client ext %s\n", ext_name); + + /* instantiate the extension on this conn */ + + wsi->active_extensions[wsi->count_act_ext] = ext; + + /* allow him to construct his ext instance */ + + if (ext->callback(lws_get_context(wsi), ext, wsi, + LWS_EXT_CB_CLIENT_CONSTRUCT, + (void *)&wsi->act_ext_user[wsi->count_act_ext], + (void *)&opts, 0)) { + lwsl_info(" ext %s failed construction\n", + ext_name); + ext++; + continue; + } + + /* + * allow the user code to override ext defaults if it + * wants to + */ + ext_name[0] = '\0'; + if (user_callback_handle_rxflow(wsi->protocol->callback, + wsi, LWS_CALLBACK_WS_EXT_DEFAULTS, + (char *)ext->name, ext_name, + sizeof(ext_name))) { + *cce = "HS: EXT: failed setting defaults"; + goto bail2; + } + + if (ext_name[0] && + lws_ext_parse_options(ext, wsi, wsi->act_ext_user[ + wsi->count_act_ext], opts, ext_name, + (int)strlen(ext_name))) { + lwsl_err("%s: unable to parse user defaults '%s'", + __func__, ext_name); + *cce = "HS: EXT: failed parsing defaults"; + goto bail2; + } + + /* + * give the extension the server options + */ + if (a && lws_ext_parse_options(ext, wsi, + wsi->act_ext_user[wsi->count_act_ext], + opts, a, lws_ptr_diff(c, a))) { + lwsl_err("%s: unable to parse remote def '%s'", + __func__, a); + *cce = "HS: EXT: failed parsing options"; + goto bail2; + } + + if (ext->callback(lws_get_context(wsi), ext, wsi, + LWS_EXT_CB_OPTION_CONFIRM, + wsi->act_ext_user[wsi->count_act_ext], + NULL, 0)) { + lwsl_err("%s: ext %s rejects server options %s", + __func__, ext->name, a); + *cce = "HS: EXT: Rejects server options"; + goto bail2; + } + + wsi->count_act_ext++; + + ext++; + } + + if (n == 0) { + lwsl_warn("Unknown ext '%s'!\n", ext_name); + *cce = "HS: EXT: unknown ext"; + goto bail2; + } + + a = NULL; + n = 0; + } + +check_accept: +#endif + + /* + * Confirm his accept token is the one we precomputed + */ + + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_ACCEPT); + if (strcmp(p, wsi->ah->initial_handshake_hash_base64)) { + lwsl_warn("lws_client_int_s_hs: accept '%s' wrong vs '%s'\n", p, + wsi->ah->initial_handshake_hash_base64); + *cce = "HS: Accept hash wrong"; + goto bail2; + } + + /* allocate the per-connection user memory (if any) */ + if (lws_ensure_user_space(wsi)) { + lwsl_err("Problem allocating wsi user mem\n"); + *cce = "HS: OOM"; + goto bail2; + } + + /* + * we seem to be good to go, give client last chance to check + * headers and OK it + */ + if (wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH, + wsi->user_space, NULL, 0)) { + *cce = "HS: Rejected by filter cb"; + goto bail2; + } + + /* clear his proxy connection timeout */ + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + + /* free up his parsing allocations */ + lws_header_table_detach(wsi, 0); + + lws_role_transition(wsi, LWSIFR_CLIENT, LRS_ESTABLISHED, + &role_ops_ws); + lws_restart_ws_ping_pong_timer(wsi); + + wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; + + /* + * create the frame buffer for this connection according to the + * size mentioned in the protocol definition. If 0 there, then + * use a big default for compatibility + */ + n = (int)wsi->protocol->rx_buffer_size; + if (!n) + n = context->pt_serv_buf_size; + n += LWS_PRE; + wsi->ws->rx_ubuf = lws_malloc(n + 4 /* 0x0000ffff zlib */, + "client frame buffer"); + if (!wsi->ws->rx_ubuf) { + lwsl_err("Out of Mem allocating rx buffer %d\n", n); + *cce = "HS: OOM"; + goto bail2; + } + wsi->ws->rx_ubuf_alloc = n; + lwsl_info("Allocating client RX buffer %d\n", n); + +#if !defined(LWS_WITH_ESP32) + if (setsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_SNDBUF, + (const char *)&n, sizeof n)) { + lwsl_warn("Failed to set SNDBUF to %d", n); + *cce = "HS: SO_SNDBUF failed"; + goto bail3; + } +#endif + + lwsl_debug("handshake OK for protocol %s\n", wsi->protocol->name); + + /* call him back to inform him he is up */ + + if (wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_ESTABLISHED, + wsi->user_space, NULL, 0)) { + *cce = "HS: Rejected at CLIENT_ESTABLISHED"; + goto bail3; + } +#if !defined(LWS_WITHOUT_EXTENSIONS) + /* + * inform all extensions, not just active ones since they + * already know + */ + ext = wsi->vhost->extensions; + + while (ext && ext->callback) { + v = NULL; + for (n = 0; n < wsi->count_act_ext; n++) + if (wsi->active_extensions[n] == ext) + v = wsi->act_ext_user[n]; + + ext->callback(context, ext, wsi, + LWS_EXT_CB_ANY_WSI_ESTABLISHED, v, NULL, 0); + ext++; + } +#endif + + return 0; + +bail3: + return 3; + +bail2: + return 2; +} diff --git a/lib/roles/ws/ext/extension-permessage-deflate.c b/lib/roles/ws/ext/extension-permessage-deflate.c new file mode 100644 index 0000000..e0c3773 --- /dev/null +++ b/lib/roles/ws/ext/extension-permessage-deflate.c @@ -0,0 +1,480 @@ +/* + * ./lib/extension-permessage-deflate.c + * + * Copyright (C) 2016 - 2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" +#include "extension-permessage-deflate.h" +#include +#include +#include + +#define LWS_ZLIB_MEMLEVEL 8 + +const struct lws_ext_options lws_ext_pm_deflate_options[] = { + /* public RFC7692 settings */ + { "server_no_context_takeover", EXTARG_NONE }, + { "client_no_context_takeover", EXTARG_NONE }, + { "server_max_window_bits", EXTARG_OPT_DEC }, + { "client_max_window_bits", EXTARG_OPT_DEC }, + /* ones only user code can set */ + { "rx_buf_size", EXTARG_DEC }, + { "tx_buf_size", EXTARG_DEC }, + { "compression_level", EXTARG_DEC }, + { "mem_level", EXTARG_DEC }, + { NULL, 0 }, /* sentinel */ +}; + +static void +lws_extension_pmdeflate_restrict_args(struct lws *wsi, + struct lws_ext_pm_deflate_priv *priv) +{ + int n, extra; + + /* cap the RX buf at the nearest power of 2 to protocol rx buf */ + + n = wsi->context->pt_serv_buf_size; + if (wsi->protocol->rx_buffer_size) + n = (int)wsi->protocol->rx_buffer_size; + + extra = 7; + while (n >= 1 << (extra + 1)) + extra++; + + if (extra < priv->args[PMD_RX_BUF_PWR2]) { + priv->args[PMD_RX_BUF_PWR2] = extra; + lwsl_info(" Capping pmd rx to %d\n", 1 << extra); + } +} + +LWS_VISIBLE int +lws_extension_callback_pm_deflate(struct lws_context *context, + const struct lws_extension *ext, + struct lws *wsi, + enum lws_extension_callback_reasons reason, + void *user, void *in, size_t len) +{ + struct lws_ext_pm_deflate_priv *priv = + (struct lws_ext_pm_deflate_priv *)user; + struct lws_tokens *eff_buf = (struct lws_tokens *)in; + static unsigned char trail[] = { 0, 0, 0xff, 0xff }; + int n, ret = 0, was_fin = 0, extra; + struct lws_ext_option_arg *oa; + + switch (reason) { + case LWS_EXT_CB_NAMED_OPTION_SET: + oa = in; + if (!oa->option_name) + break; + for (n = 0; n < (int)ARRAY_SIZE(lws_ext_pm_deflate_options); n++) + if (!strcmp(lws_ext_pm_deflate_options[n].name, + oa->option_name)) + break; + + if (n == (int)ARRAY_SIZE(lws_ext_pm_deflate_options)) + break; + oa->option_index = n; + + /* fallthru */ + + case LWS_EXT_CB_OPTION_SET: + oa = in; + lwsl_notice("%s: option set: idx %d, %s, len %d\n", __func__, + oa->option_index, oa->start, oa->len); + if (oa->start) + priv->args[oa->option_index] = atoi(oa->start); + else + priv->args[oa->option_index] = 1; + + if (priv->args[PMD_CLIENT_MAX_WINDOW_BITS] == 8) + priv->args[PMD_CLIENT_MAX_WINDOW_BITS] = 9; + + lws_extension_pmdeflate_restrict_args(wsi, priv); + break; + + case LWS_EXT_CB_OPTION_CONFIRM: + if (priv->args[PMD_SERVER_MAX_WINDOW_BITS] < 8 || + priv->args[PMD_SERVER_MAX_WINDOW_BITS] > 15 || + priv->args[PMD_CLIENT_MAX_WINDOW_BITS] < 8 || + priv->args[PMD_CLIENT_MAX_WINDOW_BITS] > 15) + return -1; + break; + + case LWS_EXT_CB_CLIENT_CONSTRUCT: + case LWS_EXT_CB_CONSTRUCT: + + n = context->pt_serv_buf_size; + if (wsi->protocol->rx_buffer_size) + n = (int)wsi->protocol->rx_buffer_size; + + if (n < 128) { + lwsl_info(" permessage-deflate requires the protocol " + "(%s) to have an RX buffer >= 128\n", + wsi->protocol->name); + return -1; + } + + /* fill in **user */ + priv = lws_zalloc(sizeof(*priv), "pmd priv"); + *((void **)user) = priv; + lwsl_ext("%s: LWS_EXT_CB_*CONSTRUCT\n", __func__); + memset(priv, 0, sizeof(*priv)); + + /* fill in pointer to options list */ + if (in) + *((const struct lws_ext_options **)in) = + lws_ext_pm_deflate_options; + + /* fallthru */ + + case LWS_EXT_CB_OPTION_DEFAULT: + + /* set the public, RFC7692 defaults... */ + + priv->args[PMD_SERVER_NO_CONTEXT_TAKEOVER] = 0, + priv->args[PMD_CLIENT_NO_CONTEXT_TAKEOVER] = 0; + priv->args[PMD_SERVER_MAX_WINDOW_BITS] = 15; + priv->args[PMD_CLIENT_MAX_WINDOW_BITS] = 15; + + /* ...and the ones the user code can override */ + + priv->args[PMD_RX_BUF_PWR2] = 10; /* ie, 1024 */ + priv->args[PMD_TX_BUF_PWR2] = 10; /* ie, 1024 */ + priv->args[PMD_COMP_LEVEL] = 1; + priv->args[PMD_MEM_LEVEL] = 8; + + lws_extension_pmdeflate_restrict_args(wsi, priv); + break; + + case LWS_EXT_CB_DESTROY: + lwsl_ext("%s: LWS_EXT_CB_DESTROY\n", __func__); + lws_free(priv->buf_rx_inflated); + lws_free(priv->buf_tx_deflated); + if (priv->rx_init) + (void)inflateEnd(&priv->rx); + if (priv->tx_init) + (void)deflateEnd(&priv->tx); + lws_free(priv); + return ret; + + case LWS_EXT_CB_PAYLOAD_RX: + lwsl_ext(" %s: LWS_EXT_CB_PAYLOAD_RX: in %d, existing in %d\n", + __func__, eff_buf->token_len, priv->rx.avail_in); + if (!(wsi->ws->rsv_first_msg & 0x40)) + return 0; + +#if 0 + for (n = 0; n < eff_buf->token_len; n++) { + printf("%02X ", (unsigned char)eff_buf->token[n]); + if ((n & 15) == 15) + printf("\n"); + } + printf("\n"); +#endif + if (!priv->rx_init) + if (inflateInit2(&priv->rx, + -priv->args[PMD_SERVER_MAX_WINDOW_BITS]) != Z_OK) { + lwsl_err("%s: iniflateInit failed\n", __func__); + return -1; + } + priv->rx_init = 1; + if (!priv->buf_rx_inflated) + priv->buf_rx_inflated = lws_malloc(LWS_PRE + 7 + 5 + + (1 << priv->args[PMD_RX_BUF_PWR2]), + "pmd rx inflate buf"); + if (!priv->buf_rx_inflated) { + lwsl_err("%s: OOM\n", __func__); + return -1; + } + + /* + * We have to leave the input stream alone if we didn't + * finish with it yet. The input stream is held in the wsi + * rx buffer by the caller, so this assumption is safe while + * we block new rx while draining the existing rx + */ + if (!priv->rx.avail_in && eff_buf->token && + eff_buf->token_len) { + priv->rx.next_in = (unsigned char *)eff_buf->token; + priv->rx.avail_in = eff_buf->token_len; + } + priv->rx.next_out = priv->buf_rx_inflated + LWS_PRE; + eff_buf->token = (char *)priv->rx.next_out; + priv->rx.avail_out = 1 << priv->args[PMD_RX_BUF_PWR2]; + + if (priv->rx_held_valid) { + lwsl_ext("-- RX piling on held byte --\n"); + *(priv->rx.next_out++) = priv->rx_held; + priv->rx.avail_out--; + priv->rx_held_valid = 0; + } + + /* if... + * + * - he has no remaining input content for this message, and + * - and this is the final fragment, and + * - we used everything that could be drained on the input side + * + * ...then put back the 00 00 FF FF the sender stripped as our + * input to zlib + */ + if (!priv->rx.avail_in && wsi->ws->final && + !wsi->ws->rx_packet_length) { + lwsl_ext("RX APPEND_TRAILER-DO\n"); + was_fin = 1; + priv->rx.next_in = trail; + priv->rx.avail_in = sizeof(trail); + } + + n = inflate(&priv->rx, Z_NO_FLUSH); + lwsl_ext("inflate ret %d, avi %d, avo %d, wsifinal %d\n", n, + priv->rx.avail_in, priv->rx.avail_out, wsi->ws->final); + switch (n) { + case Z_NEED_DICT: + case Z_STREAM_ERROR: + case Z_DATA_ERROR: + case Z_MEM_ERROR: + lwsl_info("zlib error inflate %d: %s\n", + n, priv->rx.msg); + return -1; + } + /* + * If we did not already send in the 00 00 FF FF, and he's + * out of input, he did not EXACTLY fill the output buffer + * (which is ambiguous and we will force it to go around + * again by withholding a byte), and he's otherwise working on + * being a FIN fragment, then do the FIN message processing + * of faking up the 00 00 FF FF that the sender stripped. + */ + if (!priv->rx.avail_in && wsi->ws->final && + !wsi->ws->rx_packet_length && !was_fin && + priv->rx.avail_out /* ambiguous as to if it is the end */ + ) { + lwsl_ext("RX APPEND_TRAILER-DO\n"); + was_fin = 1; + priv->rx.next_in = trail; + priv->rx.avail_in = sizeof(trail); + n = inflate(&priv->rx, Z_SYNC_FLUSH); + lwsl_ext("RX trailer inf returned %d, avi %d, avo %d\n", + n, priv->rx.avail_in, priv->rx.avail_out); + switch (n) { + case Z_NEED_DICT: + case Z_STREAM_ERROR: + case Z_DATA_ERROR: + case Z_MEM_ERROR: + lwsl_info("zlib error inflate %d: %s\n", + n, priv->rx.msg); + return -1; + } + } + /* + * we must announce in our returncode now if there is more + * output to be expected from inflate, so we can decide to + * set the FIN bit on this bufferload or not. However zlib + * is ambiguous when we exactly filled the inflate buffer. It + * does not give us a clue as to whether we should understand + * that to mean he ended on a buffer boundary, or if there is + * more in the pipeline. + * + * So to work around that safely, if it used all output space + * exactly, we ALWAYS say there is more coming and we withhold + * the last byte of the buffer to guarantee that is true. + * + * That still leaves us at least one byte to finish with a FIN + * on, even if actually nothing more is coming from the next + * inflate action itself. + */ + if (!priv->rx.avail_out) { /* he used all available out buf */ + lwsl_ext("-- rx grabbing held --\n"); + /* snip the last byte and hold it for next time */ + priv->rx_held = *(--priv->rx.next_out); + priv->rx_held_valid = 1; + } + + eff_buf->token_len = lws_ptr_diff(priv->rx.next_out, + eff_buf->token); + priv->count_rx_between_fin += eff_buf->token_len; + + lwsl_ext(" %s: RX leaving with new effbuff len %d, " + "ret %d, rx.avail_in=%d, TOTAL RX since FIN %lu\n", + __func__, eff_buf->token_len, priv->rx_held_valid, + priv->rx.avail_in, + (unsigned long)priv->count_rx_between_fin); + + if (was_fin) { + priv->count_rx_between_fin = 0; + if (priv->args[PMD_SERVER_NO_CONTEXT_TAKEOVER]) { + (void)inflateEnd(&priv->rx); + priv->rx_init = 0; + } + } +#if 0 + for (n = 0; n < eff_buf->token_len; n++) + putchar(eff_buf->token[n]); + puts("\n"); +#endif + + return priv->rx_held_valid; + + case LWS_EXT_CB_PAYLOAD_TX: + + if (!priv->tx_init) { + n = deflateInit2(&priv->tx, priv->args[PMD_COMP_LEVEL], + Z_DEFLATED, + -priv->args[PMD_SERVER_MAX_WINDOW_BITS + + (wsi->vhost->listen_port <= 0)], + priv->args[PMD_MEM_LEVEL], + Z_DEFAULT_STRATEGY); + if (n != Z_OK) { + lwsl_ext("inflateInit2 failed %d\n", n); + return 1; + } + } + priv->tx_init = 1; + if (!priv->buf_tx_deflated) + priv->buf_tx_deflated = lws_malloc(LWS_PRE + 7 + 5 + + (1 << priv->args[PMD_TX_BUF_PWR2]), + "pmd tx deflate buf"); + if (!priv->buf_tx_deflated) { + lwsl_err("%s: OOM\n", __func__); + return -1; + } + + if (eff_buf->token) { + lwsl_ext("%s: TX: eff_buf length %d\n", __func__, + eff_buf->token_len); + priv->tx.next_in = (unsigned char *)eff_buf->token; + priv->tx.avail_in = eff_buf->token_len; + } + +#if 0 + for (n = 0; n < eff_buf->token_len; n++) { + printf("%02X ", (unsigned char)eff_buf->token[n]); + if ((n & 15) == 15) + printf("\n"); + } + printf("\n"); +#endif + + priv->tx.next_out = priv->buf_tx_deflated + LWS_PRE + 5; + eff_buf->token = (char *)priv->tx.next_out; + priv->tx.avail_out = 1 << priv->args[PMD_TX_BUF_PWR2]; + + n = deflate(&priv->tx, Z_SYNC_FLUSH); + if (n == Z_STREAM_ERROR) { + lwsl_ext("%s: Z_STREAM_ERROR\n", __func__); + return -1; + } + + if (priv->tx_held_valid) { + priv->tx_held_valid = 0; + if ((int)priv->tx.avail_out == 1 << priv->args[PMD_TX_BUF_PWR2]) + /* + * we can get a situation he took something in + * but did not generate anything out, at the end + * of a message (eg, next thing he sends is 80 + * 00, a zero length FIN, like Authobahn can + * send). + * If we have come back as a FIN, we must not + * place the pending trailer 00 00 FF FF, just + * the 1 byte of live data + */ + *(--eff_buf->token) = priv->tx_held[0]; + else { + /* he generated data, prepend whole pending */ + eff_buf->token -= 5; + for (n = 0; n < 5; n++) + eff_buf->token[n] = priv->tx_held[n]; + + } + } + priv->compressed_out = 1; + eff_buf->token_len = lws_ptr_diff(priv->tx.next_out, + eff_buf->token); + + /* + * we must announce in our returncode now if there is more + * output to be expected from inflate, so we can decide to + * set the FIN bit on this bufferload or not. However zlib + * is ambiguous when we exactly filled the inflate buffer. It + * does not give us a clue as to whether we should understand + * that to mean he ended on a buffer boundary, or if there is + * more in the pipeline. + * + * Worse, the guy providing the stuff we are sending may not + * know until after that this was, actually, the last chunk, + * that can happen even if we did not fill the output buf, ie + * he may send after this a zero-length FIN fragment. + * + * This is super difficult because we must snip the last 4 + * bytes in the case this is the last compressed output of the + * message. The only way to deal with it is defer sending the + * last 5 bytes of each frame until the next one, when we will + * be in a position to understand if that has a FIN or not. + */ + + extra = !!(len & LWS_WRITE_NO_FIN) || !priv->tx.avail_out; + + if (eff_buf->token_len >= 4 + extra) { + lwsl_ext("tx held %d\n", 4 + extra); + priv->tx_held_valid = extra; + for (n = 3 + extra; n >= 0; n--) + priv->tx_held[n] = *(--priv->tx.next_out); + eff_buf->token_len -= 4 + extra; + } + lwsl_ext(" TX rewritten with new effbuff len %d, ret %d\n", + eff_buf->token_len, !priv->tx.avail_out); + + return !priv->tx.avail_out; /* 1 == have more tx pending */ + + case LWS_EXT_CB_PACKET_TX_PRESEND: + if (!priv->compressed_out) + break; + priv->compressed_out = 0; + + if ((*(eff_buf->token) & 0x80) && + priv->args[PMD_CLIENT_NO_CONTEXT_TAKEOVER]) { + lwsl_debug("PMD_CLIENT_NO_CONTEXT_TAKEOVER\n"); + (void)deflateEnd(&priv->tx); + priv->tx_init = 0; + } + + n = *(eff_buf->token) & 15; + /* set RSV1, but not on CONTINUATION */ + if (n == LWSWSOPC_TEXT_FRAME || n == LWSWSOPC_BINARY_FRAME) + *eff_buf->token |= 0x40; +#if 0 + for (n = 0; n < eff_buf->token_len; n++) { + printf("%02X ", (unsigned char)eff_buf->token[n]); + if ((n & 15) == 15) + puts("\n"); + } + puts("\n"); +#endif + lwsl_ext("%s: tx opcode 0x%02X\n", __func__, + (unsigned char)*eff_buf->token); + break; + + default: + break; + } + + return 0; +} + diff --git a/lib/roles/ws/ext/extension-permessage-deflate.h b/lib/roles/ws/ext/extension-permessage-deflate.h new file mode 100644 index 0000000..8737736 --- /dev/null +++ b/lib/roles/ws/ext/extension-permessage-deflate.h @@ -0,0 +1,41 @@ + +#include + +#define DEFLATE_FRAME_COMPRESSION_LEVEL_SERVER 1 +#define DEFLATE_FRAME_COMPRESSION_LEVEL_CLIENT Z_DEFAULT_COMPRESSION + +enum arg_indexes { + PMD_SERVER_NO_CONTEXT_TAKEOVER, + PMD_CLIENT_NO_CONTEXT_TAKEOVER, + PMD_SERVER_MAX_WINDOW_BITS, + PMD_CLIENT_MAX_WINDOW_BITS, + PMD_RX_BUF_PWR2, + PMD_TX_BUF_PWR2, + PMD_COMP_LEVEL, + PMD_MEM_LEVEL, + + PMD_ARG_COUNT +}; + +struct lws_ext_pm_deflate_priv { + z_stream rx; + z_stream tx; + + unsigned char *buf_rx_inflated; /* RX inflated output buffer */ + unsigned char *buf_tx_deflated; /* TX deflated output buffer */ + + size_t count_rx_between_fin; + + unsigned char args[PMD_ARG_COUNT]; + unsigned char tx_held[5]; + unsigned char rx_held; + + unsigned char tx_init:1; + unsigned char rx_init:1; + unsigned char compressed_out:1; + unsigned char rx_held_valid:1; + unsigned char tx_held_valid:1; + unsigned char rx_append_trailer:1; + unsigned char pending_tx_trailer:1; +}; + diff --git a/lib/roles/ws/ext/extension.c b/lib/roles/ws/ext/extension.c new file mode 100644 index 0000000..a8855a5 --- /dev/null +++ b/lib/roles/ws/ext/extension.c @@ -0,0 +1,344 @@ +#include "private-libwebsockets.h" + +#include "extension-permessage-deflate.h" + +LWS_VISIBLE void +lws_context_init_extensions(struct lws_context_creation_info *info, + struct lws_context *context) +{ + lwsl_info(" LWS_MAX_EXTENSIONS_ACTIVE: %u\n", LWS_MAX_EXTENSIONS_ACTIVE); +} + +enum lws_ext_option_parser_states { + LEAPS_SEEK_NAME, + LEAPS_EAT_NAME, + LEAPS_SEEK_VAL, + LEAPS_EAT_DEC, + LEAPS_SEEK_ARG_TERM +}; + +LWS_VISIBLE int +lws_ext_parse_options(const struct lws_extension *ext, struct lws *wsi, + void *ext_user, const struct lws_ext_options *opts, + const char *in, int len) +{ + enum lws_ext_option_parser_states leap = LEAPS_SEEK_NAME; + unsigned int match_map = 0, n, m, w = 0, count_options = 0, + pending_close_quote = 0; + struct lws_ext_option_arg oa; + + oa.option_name = NULL; + + while (opts[count_options].name) + count_options++; + while (len) { + lwsl_ext("'%c' %d", *in, leap); + switch (leap) { + case LEAPS_SEEK_NAME: + if (*in == ' ') + break; + if (*in == ',') { + len = 1; + break; + } + match_map = (1 << count_options) - 1; + leap = LEAPS_EAT_NAME; + w = 0; + + /* fallthru */ + + case LEAPS_EAT_NAME: + oa.start = NULL; + oa.len = 0; + m = match_map; + n = 0; + pending_close_quote = 0; + while (m) { + if (m & 1) { + lwsl_ext(" m=%d, n=%d, w=%d\n", m, n, w); + + if (*in == opts[n].name[w]) { + if (!opts[n].name[w + 1]) { + oa.option_index = n; + lwsl_ext("hit %d\n", oa.option_index); + leap = LEAPS_SEEK_VAL; + if (len == 1) + goto set_arg; + break; + } + } else { + match_map &= ~(1 << n); + if (!match_map) { + lwsl_ext("empty match map\n"); + return -1; + } + } + } + m >>= 1; + n++; + } + w++; + break; + case LEAPS_SEEK_VAL: + if (*in == ' ') + break; + if (*in == ',') { + len = 1; + break; + } + if (*in == ';' || len == 1) { /* ie,nonoptional */ + if (opts[oa.option_index].type == EXTARG_DEC) + return -1; + leap = LEAPS_SEEK_NAME; + goto set_arg; + } + if (*in == '=') { + w = 0; + pending_close_quote = 0; + if (opts[oa.option_index].type == EXTARG_NONE) + return -1; + + leap = LEAPS_EAT_DEC; + break; + } + return -1; + + case LEAPS_EAT_DEC: + if (*in >= '0' && *in <= '9') { + if (!w) + oa.start = in; + w++; + if (len != 1) + break; + } + if (!w && *in =='"') { + pending_close_quote = 1; + break; + } + if (!w) + return -1; + if (pending_close_quote && *in != '"' && len != 1) + return -1; + leap = LEAPS_SEEK_ARG_TERM; + if (oa.start) + oa.len = lws_ptr_diff(in, oa.start); + if (len == 1) + oa.len++; + +set_arg: + ext->callback(lws_get_context(wsi), + ext, wsi, LWS_EXT_CB_OPTION_SET, + ext_user, (char *)&oa, 0); + if (len == 1) + break; + if (pending_close_quote && *in == '"') + break; + + /* fallthru */ + + case LEAPS_SEEK_ARG_TERM: + if (*in == ' ') + break; + if (*in == ';') { + leap = LEAPS_SEEK_NAME; + break; + } + if (*in == ',') { + len = 1; + break; + } + return -1; + } + len--; + in++; + } + + return 0; +} + + +/* 0 = nobody had nonzero return, 1 = somebody had positive return, -1 = fail */ + +int lws_ext_cb_active(struct lws *wsi, int reason, void *arg, int len) +{ + int n, m, handled = 0; + + for (n = 0; n < wsi->count_act_ext; n++) { + m = wsi->active_extensions[n]->callback(lws_get_context(wsi), + wsi->active_extensions[n], wsi, reason, + wsi->act_ext_user[n], arg, len); + if (m < 0) { + lwsl_ext("Ext '%s' failed to handle callback %d!\n", + wsi->active_extensions[n]->name, reason); + return -1; + } + /* valgrind... */ + if (reason == LWS_EXT_CB_DESTROY) + wsi->act_ext_user[n] = NULL; + if (m > handled) + handled = m; + } + + return handled; +} + +int lws_ext_cb_all_exts(struct lws_context *context, struct lws *wsi, + int reason, void *arg, int len) +{ + int n = 0, m, handled = 0; + const struct lws_extension *ext; + + if (!wsi || !wsi->vhost) + return 0; + + ext = wsi->vhost->extensions; + + while (ext && ext->callback && !handled) { + m = ext->callback(context, ext, wsi, reason, + (void *)(lws_intptr_t)n, arg, len); + if (m < 0) { + lwsl_ext("Ext '%s' failed to handle callback %d!\n", + wsi->active_extensions[n]->name, reason); + return -1; + } + if (m) + handled = 1; + + ext++; + n++; + } + + return 0; +} + +int +lws_issue_raw_ext_access(struct lws *wsi, unsigned char *buf, size_t len) +{ + struct lws_tokens eff_buf; + int ret, m, n = 0; + + eff_buf.token = (char *)buf; + eff_buf.token_len = (int)len; + + /* + * while we have original buf to spill ourselves, or extensions report + * more in their pipeline + */ + + ret = 1; + while (ret == 1) { + + /* default to nobody has more to spill */ + + ret = 0; + + /* show every extension the new incoming data */ + m = lws_ext_cb_active(wsi, + LWS_EXT_CB_PACKET_TX_PRESEND, &eff_buf, 0); + if (m < 0) + return -1; + if (m) /* handled */ + ret = 1; + + if ((char *)buf != eff_buf.token) + /* + * extension recreated it: + * need to buffer this if not all sent + */ + wsi->ws->clean_buffer = 0; + + /* assuming they left us something to send, send it */ + + if (eff_buf.token_len) { + n = lws_issue_raw(wsi, (unsigned char *)eff_buf.token, + eff_buf.token_len); + if (n < 0) { + lwsl_info("closing from ext access\n"); + return -1; + } + + /* always either sent it all or privately buffered */ + if (wsi->ws->clean_buffer) + len = n; + } + + lwsl_parser("written %d bytes to client\n", n); + + /* no extension has more to spill? Then we can go */ + + if (!ret) + break; + + /* we used up what we had */ + + eff_buf.token = NULL; + eff_buf.token_len = 0; + + /* + * Did that leave the pipe choked? + * Or we had to hold on to some of it? + */ + + if (!lws_send_pipe_choked(wsi) && !wsi->trunc_len) + /* no we could add more, lets's do that */ + continue; + + lwsl_debug("choked\n"); + + /* + * Yes, he's choked. Don't spill the rest now get a callback + * when he is ready to send and take care of it there + */ + lws_callback_on_writable(wsi); + wsi->extension_data_pending = 1; + ret = 0; + } + + return (int)len; +} + +int +lws_any_extension_handled(struct lws *wsi, enum lws_extension_callback_reasons r, + void *v, size_t len) +{ + struct lws_context *context = wsi->context; + int n, handled = 0; + + /* maybe an extension will take care of it for us */ + + for (n = 0; n < wsi->count_act_ext && !handled; n++) { + if (!wsi->active_extensions[n]->callback) + continue; + + handled |= wsi->active_extensions[n]->callback(context, + wsi->active_extensions[n], wsi, + r, wsi->act_ext_user[n], v, len); + } + + return handled; +} + +int +lws_set_extension_option(struct lws *wsi, const char *ext_name, + const char *opt_name, const char *opt_val) +{ + struct lws_ext_option_arg oa; + int idx = 0; + + /* first identify if the ext is active on this wsi */ + while (idx < wsi->count_act_ext && + strcmp(wsi->active_extensions[idx]->name, ext_name)) + idx++; + + if (idx == wsi->count_act_ext) + return -1; /* request ext not active on this wsi */ + + oa.option_name = opt_name; + oa.option_index = 0; + oa.start = opt_val; + oa.len = 0; + + return wsi->active_extensions[idx]->callback( + wsi->context, wsi->active_extensions[idx], wsi, + LWS_EXT_CB_NAMED_OPTION_SET, wsi->act_ext_user[idx], &oa, 0); +} diff --git a/lib/roles/ws/ops-ws.c b/lib/roles/ws/ops-ws.c new file mode 100644 index 0000000..914b348 --- /dev/null +++ b/lib/roles/ws/ops-ws.c @@ -0,0 +1,1872 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +#define LWS_CPYAPP(ptr, str) { strcpy(ptr, str); ptr += strlen(str); } + +/* + * client-parser.c: lws_client_rx_sm() needs to be roughly kept in + * sync with changes here, esp related to ext draining + */ + +int +lws_ws_rx_sm(struct lws *wsi, unsigned char c) +{ + int callback_action = LWS_CALLBACK_RECEIVE; + int ret = 0, rx_draining_ext = 0; + struct lws_tokens eff_buf; +#if !defined(LWS_WITHOUT_EXTENSIONS) + int n; +#endif + + eff_buf.token = NULL; + eff_buf.token_len = 0; + if (wsi->socket_is_permanently_unusable) + return -1; + + switch (wsi->lws_rx_parse_state) { + case LWS_RXPS_NEW: + if (wsi->ws->rx_draining_ext) { + eff_buf.token = NULL; + eff_buf.token_len = 0; + lws_remove_wsi_from_draining_ext_list(wsi); + rx_draining_ext = 1; + lwsl_debug("%s: doing draining flow\n", __func__); + + goto drain_extension; + } + switch (wsi->ws->ietf_spec_revision) { + case 13: + /* + * no prepended frame key any more + */ + wsi->ws->all_zero_nonce = 1; + goto handle_first; + + default: + lwsl_warn("lws_ws_rx_sm: unknown spec version %d\n", + wsi->ws->ietf_spec_revision); + break; + } + break; + case LWS_RXPS_04_mask_1: + wsi->ws->mask[1] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_04_mask_2; + break; + case LWS_RXPS_04_mask_2: + wsi->ws->mask[2] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_04_mask_3; + break; + case LWS_RXPS_04_mask_3: + wsi->ws->mask[3] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + + /* + * start from the zero'th byte in the XOR key buffer since + * this is the start of a frame with a new key + */ + + wsi->ws->mask_idx = 0; + + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_1; + break; + + /* + * 04 logical framing from the spec (all this is masked when incoming + * and has to be unmasked) + * + * We ignore the possibility of extension data because we don't + * negotiate any extensions at the moment. + * + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-------+-+-------------+-------------------------------+ + * |F|R|R|R| opcode|R| Payload len | Extended payload length | + * |I|S|S|S| (4) |S| (7) | (16/63) | + * |N|V|V|V| |V| | (if payload len==126/127) | + * | |1|2|3| |4| | | + * +-+-+-+-+-------+-+-------------+ - - - - - - - - - - - - - - - + + * | Extended payload length continued, if payload len == 127 | + * + - - - - - - - - - - - - - - - +-------------------------------+ + * | | Extension data | + * +-------------------------------+ - - - - - - - - - - - - - - - + + * : : + * +---------------------------------------------------------------+ + * : Application data : + * +---------------------------------------------------------------+ + * + * We pass payload through to userland as soon as we get it, ignoring + * FIN. It's up to userland to buffer it up if it wants to see a + * whole unfragmented block of the original size (which may be up to + * 2^63 long!) + */ + + case LWS_RXPS_04_FRAME_HDR_1: +handle_first: + + wsi->ws->opcode = c & 0xf; + wsi->ws->rsv = c & 0x70; + wsi->ws->final = !!((c >> 7) & 1); + + switch (wsi->ws->opcode) { + case LWSWSOPC_TEXT_FRAME: + case LWSWSOPC_BINARY_FRAME: + wsi->ws->rsv_first_msg = (c & 0x70); + wsi->ws->frame_is_binary = + wsi->ws->opcode == LWSWSOPC_BINARY_FRAME; + wsi->ws->first_fragment = 1; + break; + case 3: + case 4: + case 5: + case 6: + case 7: + case 0xb: + case 0xc: + case 0xd: + case 0xe: + case 0xf: + lwsl_info("illegal opcode\n"); + return -1; + } + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN: + + wsi->ws->this_frame_masked = !!(c & 0x80); + + switch (c & 0x7f) { + case 126: + /* control frames are not allowed to have big lengths */ + if (wsi->ws->opcode & 8) + goto illegal_ctl_length; + + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_2; + break; + case 127: + /* control frames are not allowed to have big lengths */ + if (wsi->ws->opcode & 8) + goto illegal_ctl_length; + + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_8; + break; + default: + wsi->ws->rx_packet_length = c & 0x7f; + if (wsi->ws->this_frame_masked) + wsi->lws_rx_parse_state = + LWS_RXPS_07_COLLECT_FRAME_KEY_1; + else + if (wsi->ws->rx_packet_length) + wsi->lws_rx_parse_state = + LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; + else { + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + break; + } + break; + + case LWS_RXPS_04_FRAME_HDR_LEN16_2: + wsi->ws->rx_packet_length = c << 8; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_1; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN16_1: + wsi->ws->rx_packet_length |= c; + if (wsi->ws->this_frame_masked) + wsi->lws_rx_parse_state = + LWS_RXPS_07_COLLECT_FRAME_KEY_1; + else + wsi->lws_rx_parse_state = + LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_8: + if (c & 0x80) { + lwsl_warn("b63 of length must be zero\n"); + /* kill the connection */ + return -1; + } +#if defined __LP64__ + wsi->ws->rx_packet_length = ((size_t)c) << 56; +#else + wsi->ws->rx_packet_length = 0; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_7; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_7: +#if defined __LP64__ + wsi->ws->rx_packet_length |= ((size_t)c) << 48; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_6; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_6: +#if defined __LP64__ + wsi->ws->rx_packet_length |= ((size_t)c) << 40; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_5; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_5: +#if defined __LP64__ + wsi->ws->rx_packet_length |= ((size_t)c) << 32; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_4; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_4: + wsi->ws->rx_packet_length |= ((size_t)c) << 24; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_3; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_3: + wsi->ws->rx_packet_length |= ((size_t)c) << 16; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_2; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_2: + wsi->ws->rx_packet_length |= ((size_t)c) << 8; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_1; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_1: + wsi->ws->rx_packet_length |= ((size_t)c); + if (wsi->ws->this_frame_masked) + wsi->lws_rx_parse_state = + LWS_RXPS_07_COLLECT_FRAME_KEY_1; + else + wsi->lws_rx_parse_state = + LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_1: + wsi->ws->mask[0] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_2; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_2: + wsi->ws->mask[1] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_3; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_3: + wsi->ws->mask[2] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_4; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_4: + wsi->ws->mask[3] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = + LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; + wsi->ws->mask_idx = 0; + if (wsi->ws->rx_packet_length == 0) { + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + break; + + + case LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED: + assert(wsi->ws->rx_ubuf); + + if (wsi->ws->rx_draining_ext) + goto drain_extension; + + if (wsi->ws->rx_ubuf_head + LWS_PRE >= + wsi->ws->rx_ubuf_alloc) { + lwsl_err("Attempted overflow \n"); + return -1; + } + if (wsi->ws->all_zero_nonce) + wsi->ws->rx_ubuf[LWS_PRE + + (wsi->ws->rx_ubuf_head++)] = c; + else + wsi->ws->rx_ubuf[LWS_PRE + + (wsi->ws->rx_ubuf_head++)] = + c ^ wsi->ws->mask[ + (wsi->ws->mask_idx++) & 3]; + + if (--wsi->ws->rx_packet_length == 0) { + /* spill because we have the whole frame */ + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + + /* + * if there's no protocol max frame size given, we are + * supposed to default to context->pt_serv_buf_size + */ + if (!wsi->protocol->rx_buffer_size && + wsi->ws->rx_ubuf_head != wsi->context->pt_serv_buf_size) + break; + + if (wsi->protocol->rx_buffer_size && + wsi->ws->rx_ubuf_head != wsi->protocol->rx_buffer_size) + break; + + /* spill because we filled our rx buffer */ +spill: + /* + * is this frame a control packet we should take care of at this + * layer? If so service it and hide it from the user callback + */ + + lwsl_parser("spill on %s\n", wsi->protocol->name); + + switch (wsi->ws->opcode) { + case LWSWSOPC_CLOSE: + + /* is this an acknowledgment of our close? */ + if (lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) { + /* + * fine he has told us he is closing too, let's + * finish our close + */ + lwsl_parser("seen client close ack\n"); + return -1; + } + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) + /* if he sends us 2 CLOSE, kill him */ + return -1; + + if (lws_partial_buffered(wsi)) { + /* + * if we're in the middle of something, + * we can't do a normal close response and + * have to just close our end. + */ + wsi->socket_is_permanently_unusable = 1; + lwsl_parser("Closing on peer close due to Pending tx\n"); + return -1; + } + + if (user_callback_handle_rxflow( + wsi->protocol->callback, wsi, + LWS_CALLBACK_WS_PEER_INITIATED_CLOSE, + wsi->user_space, + &wsi->ws->rx_ubuf[LWS_PRE], + wsi->ws->rx_ubuf_head)) + return -1; + + lwsl_parser("server sees client close packet\n"); + lwsi_set_state(wsi, LRS_RETURNED_CLOSE); + /* deal with the close packet contents as a PONG */ + wsi->ws->payload_is_close = 1; + goto process_as_ping; + + case LWSWSOPC_PING: + lwsl_info("received %d byte ping, sending pong\n", + wsi->ws->rx_ubuf_head); + + if (wsi->ws->ping_pending_flag) { + /* + * there is already a pending ping payload + * we should just log and drop + */ + lwsl_parser("DROP PING since one pending\n"); + goto ping_drop; + } +process_as_ping: + /* control packets can only be < 128 bytes long */ + if (wsi->ws->rx_ubuf_head > 128 - 3) { + lwsl_parser("DROP PING payload too large\n"); + goto ping_drop; + } + + /* stash the pong payload */ + memcpy(wsi->ws->ping_payload_buf + LWS_PRE, + &wsi->ws->rx_ubuf[LWS_PRE], + wsi->ws->rx_ubuf_head); + + wsi->ws->ping_payload_len = wsi->ws->rx_ubuf_head; + wsi->ws->ping_pending_flag = 1; + + /* get it sent as soon as possible */ + lws_callback_on_writable(wsi); +ping_drop: + wsi->ws->rx_ubuf_head = 0; + return 0; + + case LWSWSOPC_PONG: + lwsl_info("received pong\n"); + lwsl_hexdump(&wsi->ws->rx_ubuf[LWS_PRE], + wsi->ws->rx_ubuf_head); + + if (wsi->pending_timeout == + PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG) { + lwsl_info("received expected PONG on wsi %p\n", + wsi); + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + } + + /* issue it */ + callback_action = LWS_CALLBACK_RECEIVE_PONG; + break; + + case LWSWSOPC_TEXT_FRAME: + case LWSWSOPC_BINARY_FRAME: + case LWSWSOPC_CONTINUATION: + break; + + default: + lwsl_parser("passing opc %x up to exts\n", + wsi->ws->opcode); + /* + * It's something special we can't understand here. + * Pass the payload up to the extension's parsing + * state machine. + */ + + eff_buf.token = &wsi->ws->rx_ubuf[LWS_PRE]; + eff_buf.token_len = wsi->ws->rx_ubuf_head; + + if (lws_ext_cb_active(wsi, + LWS_EXT_CB_EXTENDED_PAYLOAD_RX, + &eff_buf, 0) <= 0) + /* not handle or fail */ + lwsl_ext("ext opc opcode 0x%x unknown\n", + wsi->ws->opcode); + + wsi->ws->rx_ubuf_head = 0; + return 0; + } + + /* + * No it's real payload, pass it up to the user callback. + * It's nicely buffered with the pre-padding taken care of + * so it can be sent straight out again using lws_write + */ + + eff_buf.token = &wsi->ws->rx_ubuf[LWS_PRE]; + eff_buf.token_len = wsi->ws->rx_ubuf_head; + + if (wsi->ws->opcode == LWSWSOPC_PONG && !eff_buf.token_len) + goto already_done; + +drain_extension: + lwsl_ext("%s: passing %d to ext\n", __func__, eff_buf.token_len); + + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || + lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) + goto already_done; +#if !defined(LWS_WITHOUT_EXTENSIONS) + n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, &eff_buf, 0); +#endif + /* + * eff_buf may be pointing somewhere completely different now, + * it's the output + */ + wsi->ws->first_fragment = 0; +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (n < 0) { + /* + * we may rely on this to get RX, just drop connection + */ + wsi->socket_is_permanently_unusable = 1; + return -1; + } +#endif + if (rx_draining_ext && eff_buf.token_len == 0) + goto already_done; + + if ( +#if !defined(LWS_WITHOUT_EXTENSIONS) + n && +#endif + eff_buf.token_len) + /* extension had more... main loop will come back */ + lws_add_wsi_to_draining_ext_list(wsi); + else + lws_remove_wsi_from_draining_ext_list(wsi); + + if (eff_buf.token_len > 0 || + callback_action == LWS_CALLBACK_RECEIVE_PONG) { + eff_buf.token[eff_buf.token_len] = '\0'; + + if (wsi->protocol->callback) { + if (callback_action == LWS_CALLBACK_RECEIVE_PONG) + lwsl_info("Doing pong callback\n"); + + ret = user_callback_handle_rxflow( + wsi->protocol->callback, + wsi, (enum lws_callback_reasons) + callback_action, + wsi->user_space, + eff_buf.token, + eff_buf.token_len); + } + else + lwsl_err("No callback on payload spill!\n"); + } + +already_done: + wsi->ws->rx_ubuf_head = 0; + break; + } + + return ret; + +illegal_ctl_length: + + lwsl_warn("Control frame with xtended length is illegal\n"); + /* kill the connection */ + return -1; +} + + +LWS_VISIBLE size_t +lws_remaining_packet_payload(struct lws *wsi) +{ + return wsi->ws->rx_packet_length; +} + +LWS_VISIBLE int lws_frame_is_binary(struct lws *wsi) +{ + return wsi->ws->frame_is_binary; +} + +void +lws_add_wsi_to_draining_ext_list(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + + if (wsi->ws->rx_draining_ext) + return; + + lwsl_ext("%s: RX EXT DRAINING: Adding to list\n", __func__); + + wsi->ws->rx_draining_ext = 1; + wsi->ws->rx_draining_ext_list = pt->rx_draining_ext_list; + pt->rx_draining_ext_list = wsi; +} + +void +lws_remove_wsi_from_draining_ext_list(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + struct lws **w = &pt->rx_draining_ext_list; + + if (!wsi->ws->rx_draining_ext) + return; + + lwsl_ext("%s: RX EXT DRAINING: Removing from list\n", __func__); + + wsi->ws->rx_draining_ext = 0; + + /* remove us from context draining ext list */ + while (*w) { + if (*w == wsi) { + /* if us, point it instead to who we were pointing to */ + *w = wsi->ws->rx_draining_ext_list; + break; + } + w = &((*w)->ws->rx_draining_ext_list); + } + wsi->ws->rx_draining_ext_list = NULL; +} + +LWS_EXTERN void +lws_restart_ws_ping_pong_timer(struct lws *wsi) +{ + if (!wsi->context->ws_ping_pong_interval || + !lwsi_role_ws(wsi)) + return; + + wsi->ws->time_next_ping_check = (time_t)lws_now_secs(); +} + +static int +lws_0405_frame_mask_generate(struct lws *wsi) +{ + int n; + /* fetch the per-frame nonce */ + + n = lws_get_random(lws_get_context(wsi), wsi->ws->mask, 4); + if (n != 4) { + lwsl_parser("Unable to read from random device %s %d\n", + SYSTEM_RANDOM_FILEPATH, n); + return 1; + } + + /* start masking from first byte of masking key buffer */ + wsi->ws->mask_idx = 0; + + return 0; +} + +/* Once we reach LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED, we know how much + * to expect in that state and can deal with it in bulk more efficiently. + */ + +int +lws_payload_until_length_exhausted(struct lws *wsi, unsigned char **buf, + size_t *len) +{ + unsigned char *buffer = *buf, mask[4]; + int buffer_size, n; + unsigned int avail; + char *rx_ubuf; + + if (wsi->protocol->rx_buffer_size) + buffer_size = (int)wsi->protocol->rx_buffer_size; + else + buffer_size = wsi->context->pt_serv_buf_size; + avail = buffer_size - wsi->ws->rx_ubuf_head; + + /* do not consume more than we should */ + if (avail > wsi->ws->rx_packet_length) + avail = (unsigned int)wsi->ws->rx_packet_length; + + /* do not consume more than what is in the buffer */ + if (avail > *len) + avail = (unsigned int)(*len); + + /* we want to leave 1 byte for the parser to handle properly */ + if (avail <= 1) + return 0; + + avail--; + rx_ubuf = wsi->ws->rx_ubuf + LWS_PRE + wsi->ws->rx_ubuf_head; + if (wsi->ws->all_zero_nonce) + memcpy(rx_ubuf, buffer, avail); + else { + + for (n = 0; n < 4; n++) + mask[n] = wsi->ws->mask[(wsi->ws->mask_idx + n) & 3]; + + /* deal with 4-byte chunks using unwrapped loop */ + n = avail >> 2; + while (n--) { + *(rx_ubuf++) = *(buffer++) ^ mask[0]; + *(rx_ubuf++) = *(buffer++) ^ mask[1]; + *(rx_ubuf++) = *(buffer++) ^ mask[2]; + *(rx_ubuf++) = *(buffer++) ^ mask[3]; + } + /* and the remaining bytes bytewise */ + for (n = 0; n < (int)(avail & 3); n++) + *(rx_ubuf++) = *(buffer++) ^ mask[n]; + + wsi->ws->mask_idx = (wsi->ws->mask_idx + avail) & 3; + } + + (*buf) += avail; + wsi->ws->rx_ubuf_head += avail; + wsi->ws->rx_packet_length -= avail; + *len -= avail; + + return avail; +} + + +int +lws_server_init_wsi_for_ws(struct lws *wsi) +{ + int n; + + lwsi_set_state(wsi, LRS_ESTABLISHED); + lws_restart_ws_ping_pong_timer(wsi); + + /* + * create the frame buffer for this connection according to the + * size mentioned in the protocol definition. If 0 there, use + * a big default for compatibility + */ + + n = (int)wsi->protocol->rx_buffer_size; + if (!n) + n = wsi->context->pt_serv_buf_size; + n += LWS_PRE; + wsi->ws->rx_ubuf = lws_malloc(n + 4 /* 0x0000ffff zlib */, "rx_ubuf"); + if (!wsi->ws->rx_ubuf) { + lwsl_err("Out of Mem allocating rx buffer %d\n", n); + return 1; + } + wsi->ws->rx_ubuf_alloc = n; + lwsl_debug("Allocating RX buffer %d\n", n); + +#if !defined(LWS_WITH_ESP32) + if (!wsi->parent_carries_io && + !wsi->h2_stream_carries_ws) + if (setsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_SNDBUF, + (const char *)&n, sizeof n)) { + lwsl_warn("Failed to set SNDBUF to %d", n); + return 1; + } +#endif + + /* notify user code that we're ready to roll */ + + if (wsi->protocol->callback) + if (wsi->protocol->callback(wsi, LWS_CALLBACK_ESTABLISHED, + wsi->user_space, +#ifdef LWS_WITH_TLS + wsi->ssl, +#else + NULL, +#endif + wsi->h2_stream_carries_ws)) + return 1; + + lwsl_debug("ws established\n"); + + return 0; +} + + + +LWS_VISIBLE int +lws_is_final_fragment(struct lws *wsi) +{ + lwsl_info("%s: final %d, rx pk length %ld, draining %ld\n", __func__, + wsi->ws->final, (long)wsi->ws->rx_packet_length, + (long)wsi->ws->rx_draining_ext); + return wsi->ws->final && !wsi->ws->rx_packet_length && + !wsi->ws->rx_draining_ext; +} + +LWS_VISIBLE int +lws_is_first_fragment(struct lws *wsi) +{ + return wsi->ws->first_fragment; +} + +LWS_VISIBLE unsigned char +lws_get_reserved_bits(struct lws *wsi) +{ + return wsi->ws->rsv; +} + +LWS_VISIBLE LWS_EXTERN int +lws_get_close_length(struct lws *wsi) +{ + return wsi->ws->close_in_ping_buffer_len; +} + +LWS_VISIBLE LWS_EXTERN unsigned char * +lws_get_close_payload(struct lws *wsi) +{ + return &wsi->ws->ping_payload_buf[LWS_PRE]; +} + +LWS_VISIBLE LWS_EXTERN void +lws_close_reason(struct lws *wsi, enum lws_close_status status, + unsigned char *buf, size_t len) +{ + unsigned char *p, *start; + int budget = sizeof(wsi->ws->ping_payload_buf) - LWS_PRE; + + assert(lwsi_role_ws(wsi)); + + start = p = &wsi->ws->ping_payload_buf[LWS_PRE]; + + *p++ = (((int)status) >> 8) & 0xff; + *p++ = ((int)status) & 0xff; + + if (buf) + while (len-- && p < start + budget) + *p++ = *buf++; + + wsi->ws->close_in_ping_buffer_len = lws_ptr_diff(p, start); +} + +static int +lws_is_ws_with_ext(struct lws *wsi) +{ +#if defined(LWS_WITHOUT_EXTENSIONS) + return 0; +#else + return lwsi_role_ws(wsi) && !!wsi->count_act_ext; +#endif +} + +static int +rops_handle_POLLIN_ws(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ + struct lws_tokens eff_buf; + unsigned int pending = 0; + char draining_flow = 0; + int n = 0, m; +#if defined(LWS_WITH_HTTP2) + struct lws *wsi1; +#endif + + // lwsl_notice("%s: %s\n", __func__, wsi->protocol->name); + + lwsl_info("%s: wsistate 0x%x, pollout %d\n", __func__, + wsi->wsistate, pollfd->revents & LWS_POLLOUT); + + /* + * something went wrong with parsing the handshake, and + * we ended up back in the event loop without completing it + */ + if (lwsi_state(wsi) == LRS_PRE_WS_SERVING_ACCEPT) { + wsi->socket_is_permanently_unusable = 1; + return LWS_HPI_RET_CLOSE_HANDLED; + } + + if (lwsi_state(wsi) == LRS_WAITING_CONNECT) { +#if !defined(LWS_NO_CLIENT) + if ((pollfd->revents & LWS_POLLOUT) && + lws_handle_POLLOUT_event(wsi, pollfd)) { + lwsl_debug("POLLOUT event closed it\n"); + return LWS_HPI_RET_CLOSE_HANDLED; + } + + n = lws_client_socket_service(wsi, pollfd, NULL); + if (n) + return LWS_HPI_RET_DIE; +#endif + return LWS_HPI_RET_HANDLED; + } + + /* 1: something requested a callback when it was OK to write */ + + if ((pollfd->revents & LWS_POLLOUT) && + lwsi_state_can_handle_POLLOUT(wsi) && + lws_handle_POLLOUT_event(wsi, pollfd)) { + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) + lwsi_set_state(wsi, LRS_FLUSHING_BEFORE_CLOSE); + /* the write failed... it's had it */ + wsi->socket_is_permanently_unusable = 1; + return LWS_HPI_RET_CLOSE_HANDLED; + } + + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || + lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE || + lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) { + /* + * we stopped caring about anything except control + * packets. Force flow control off, defeat tx + * draining. + */ + lws_rx_flow_control(wsi, 1); + if (wsi->ws) + wsi->ws->tx_draining_ext = 0; + } + + if (wsi->ws && wsi->ws->tx_draining_ext) + /* + * We cannot deal with new RX until the TX ext path has + * been drained. It's because new rx will, eg, crap on + * the wsi rx buf that may be needed to retain state. + * + * TX ext drain path MUST go through event loop to avoid + * blocking. + */ + return LWS_HPI_RET_HANDLED; + + if (lws_is_flowcontrolled(wsi)) + /* We cannot deal with any kind of new RX because we are + * RX-flowcontrolled. + */ + return LWS_HPI_RET_HANDLED; + +#if defined(LWS_WITH_HTTP2) + if (wsi->http2_substream || wsi->upgraded_to_http2) { + wsi1 = lws_get_network_wsi(wsi); + if (wsi1 && wsi1->trunc_len) + /* We cannot deal with any kind of new RX + * because we are dealing with a partial send + * (new RX may trigger new http_action() that + * expect to be able to send) + */ + return LWS_HPI_RET_HANDLED; + } +#endif + + /* 2: RX Extension needs to be drained + */ + + if (lwsi_role_ws(wsi) && wsi->ws && wsi->ws->rx_draining_ext) { + + lwsl_ext("%s: RX EXT DRAINING: Service\n", __func__); +#ifndef LWS_NO_CLIENT + if (lwsi_role_client(wsi)) { + n = lws_client_rx_sm(wsi, 0); + if (n < 0) + /* we closed wsi */ + n = 0; + } else +#endif + n = lws_ws_rx_sm(wsi, 0); + + return LWS_HPI_RET_HANDLED; + } + + if (wsi->ws && wsi->ws->rx_draining_ext) + /* + * We have RX EXT content to drain, but can't do it + * right now. That means we cannot do anything lower + * priority either. + */ + return LWS_HPI_RET_HANDLED; + + /* 3: RX Flowcontrol buffer / h2 rx scratch needs to be drained + */ + + if (wsi->rxflow_buffer) { + lwsl_info("draining rxflow (len %d)\n", + wsi->rxflow_len - wsi->rxflow_pos); + assert(wsi->rxflow_pos < wsi->rxflow_len); + /* well, drain it */ + eff_buf.token = (char *)wsi->rxflow_buffer + + wsi->rxflow_pos; + eff_buf.token_len = wsi->rxflow_len - wsi->rxflow_pos; + draining_flow = 1; + goto drain; + } + +#if defined(LWS_WITH_HTTP2) + if (wsi->upgraded_to_http2) { + struct lws_h2_netconn *h2n = wsi->h2.h2n; + + if (h2n->rx_scratch_len) { + lwsl_info("%s: %p: h2 rx pos = %d len = %d\n", + __func__, wsi, h2n->rx_scratch_pos, + h2n->rx_scratch_len); + eff_buf.token = (char *)h2n->rx_scratch + + h2n->rx_scratch_pos; + eff_buf.token_len = h2n->rx_scratch_len; + + h2n->rx_scratch_len = 0; + goto drain; + } + } +#endif + + /* 4: any incoming (or ah-stashed incoming rx) data ready? + * notice if rx flow going off raced poll(), rx flow wins + */ + + if (!(pollfd->revents & pollfd->events & LWS_POLLIN) && !wsi->ah) + return LWS_HPI_RET_HANDLED; + +read: + if (lws_is_flowcontrolled(wsi)) { + lwsl_info("%s: %p should be rxflow (bm 0x%x)..\n", + __func__, wsi, wsi->rxflow_bitmap); + return LWS_HPI_RET_HANDLED; + } + + if (wsi->ah && wsi->ah->rxlen == wsi->ah->rxpos) { + /* we drained the excess data in the ah */ + lwsl_info("%s: %p: dropping ah on ws post-upgrade\n", __func__, wsi); + lws_header_table_force_to_detachable_state(wsi); + lws_header_table_detach(wsi, 0); + } else + if (wsi->ah) + lwsl_info("%s: %p: unable to drop yet %d vs %d\n", + __func__, wsi, wsi->ah->rxpos, wsi->ah->rxlen); + + if (wsi->ah && wsi->ah->rxlen - wsi->ah->rxpos) { + lwsl_info("%s: %p: inherited ah rx %d\n", __func__, + wsi, wsi->ah->rxlen - wsi->ah->rxpos); + eff_buf.token_len = wsi->ah->rxlen - wsi->ah->rxpos; + eff_buf.token = (char *)wsi->ah->rx + wsi->ah->rxpos; + } else { + if (!(lwsi_role_client(wsi) && + (lwsi_state(wsi) != LRS_ESTABLISHED && + lwsi_state(wsi) != LRS_H2_WAITING_TO_SEND_HEADERS))) { + /* + * extension may not consume everything + * (eg, pmd may be constrained + * as to what it can output...) has to go in + * per-wsi rx buf area. + * Otherwise in large temp serv_buf area. + */ + +#if defined(LWS_WITH_HTTP2) + if (wsi->upgraded_to_http2) { + if (!wsi->h2.h2n->rx_scratch) { + wsi->h2.h2n->rx_scratch = + lws_malloc( + wsi->vhost->h2_rx_scratch_size, + "h2 rx scratch"); + if (!wsi->h2.h2n->rx_scratch) + return LWS_HPI_RET_CLOSE_HANDLED; + } + eff_buf.token = wsi->h2.h2n->rx_scratch; + eff_buf.token_len = wsi->vhost->h2_rx_scratch_size; + } else +#endif + { + eff_buf.token = (char *)pt->serv_buf; + if (lws_is_ws_with_ext(wsi)) { + eff_buf.token_len = + wsi->ws->rx_ubuf_alloc; + } else { + eff_buf.token_len = + wsi->context->pt_serv_buf_size; + } + + if ((unsigned int)eff_buf.token_len > + wsi->context->pt_serv_buf_size) + eff_buf.token_len = + wsi->context->pt_serv_buf_size; + } + + if ((int)pending > eff_buf.token_len) + pending = eff_buf.token_len; + + eff_buf.token_len = lws_ssl_capable_read(wsi, + (unsigned char *)eff_buf.token, + pending ? (int)pending : + eff_buf.token_len); + switch (eff_buf.token_len) { + case 0: + lwsl_info("%s: zero length read\n", + __func__); + return LWS_HPI_RET_CLOSE_HANDLED; + case LWS_SSL_CAPABLE_MORE_SERVICE: + lwsl_info("SSL Capable more service\n"); + return LWS_HPI_RET_HANDLED; + case LWS_SSL_CAPABLE_ERROR: + lwsl_info("%s: LWS_SSL_CAPABLE_ERROR\n", + __func__); + return LWS_HPI_RET_CLOSE_HANDLED; + } + // lwsl_notice("Actual RX %d\n", eff_buf.token_len); + + /* + * coverity thinks ssl_capable_read() may read over + * 2GB. Dissuade it... + */ + eff_buf.token_len &= 0x7fffffff; + } + } + +drain: + + /* + * give any active extensions a chance to munge the buffer + * before parse. We pass in a pointer to an lws_tokens struct + * prepared with the default buffer and content length that's in + * there. Rather than rewrite the default buffer, extensions + * that expect to grow the buffer can adapt .token to + * point to their own per-connection buffer in the extension + * user allocation. By default with no extensions or no + * extension callback handling, just the normal input buffer is + * used then so it is efficient. + */ + m = 0; + do { +#if !defined(LWS_WITHOUT_EXTENSIONS) + m = lws_ext_cb_active(wsi, LWS_EXT_CB_PACKET_RX_PREPARSE, + &eff_buf, 0); + if (m < 0) + return LWS_HPI_RET_CLOSE_HANDLED; +#endif + + /* service incoming data */ + + if (eff_buf.token_len) { + /* + * if draining from rxflow buffer, not + * critical to track what was used since at the + * use it bumps wsi->rxflow_pos. If we come + * around again it will pick up from where it + * left off. + */ +#if defined(LWS_ROLE_H2) + if (lwsi_role_h2(wsi) && lwsi_state(wsi) != LRS_BODY) + n = lws_read_h2(wsi, (unsigned char *)eff_buf.token, + eff_buf.token_len); + else +#endif + n = lws_read_h1(wsi, (unsigned char *)eff_buf.token, + eff_buf.token_len); + + if (n < 0) { + /* we closed wsi */ + n = 0; + return LWS_HPI_RET_DIE; + } + } + + eff_buf.token = NULL; + eff_buf.token_len = 0; + } while (m); + + if (wsi->ah +#if !defined(LWS_NO_CLIENT) + && !wsi->client_h2_alpn +#endif + ) { + lwsl_info("%s: %p: detaching ah\n", __func__, wsi); + lws_header_table_force_to_detachable_state(wsi); + lws_header_table_detach(wsi, 0); + } + + pending = lws_ssl_pending(wsi); + if (pending) { + if (lws_is_ws_with_ext(wsi)) + pending = pending > wsi->ws->rx_ubuf_alloc ? + wsi->ws->rx_ubuf_alloc : pending; + else + pending = pending > wsi->context->pt_serv_buf_size ? + wsi->context->pt_serv_buf_size : pending; + goto read; + } + + if (draining_flow && wsi->rxflow_buffer && + wsi->rxflow_pos == wsi->rxflow_len) { + lwsl_info("%s: %p flow buf: drained\n", __func__, wsi); + lws_free_set_NULL(wsi->rxflow_buffer); + /* having drained the rxflow buffer, can rearm POLLIN */ +#ifdef LWS_NO_SERVER + n = +#endif + __lws_rx_flow_control(wsi); + /* n ignored, needed for NO_SERVER case */ + } + + /* n = 0 */ + return LWS_HPI_RET_HANDLED; +} + + +int rops_handle_POLLOUT_ws(struct lws *wsi) +{ + int write_type = LWS_WRITE_PONG; +#if !defined(LWS_WITHOUT_EXTENSIONS) + struct lws_tokens eff_buf; + int ret, m; +#endif + int n; + + // lwsl_notice("%s: %s\n", __func__, wsi->protocol->name); + + /* Priority 3: pending control packets (pong or close) + * + * 3a: close notification packet requested from close api + */ + + if (lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE) { + lwsl_debug("sending close packet\n"); + wsi->waiting_to_send_close_frame = 0; + n = lws_write(wsi, &wsi->ws->ping_payload_buf[LWS_PRE], + wsi->ws->close_in_ping_buffer_len, + LWS_WRITE_CLOSE); + if (n >= 0) { + lwsi_set_state(wsi, LRS_AWAITING_CLOSE_ACK); + lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_ACK, 5); + lwsl_debug("sent close indication, awaiting ack\n"); + + return LWS_HP_RET_BAIL_OK; + } + + return LWS_HP_RET_BAIL_DIE; + } + + /* else, the send failed and we should just hang up */ + + if ((lwsi_role_ws(wsi) && wsi->ws->ping_pending_flag) || + (lwsi_state(wsi) == LRS_RETURNED_CLOSE && + wsi->ws->payload_is_close)) { + + if (wsi->ws->payload_is_close) + write_type = LWS_WRITE_CLOSE; + + n = lws_write(wsi, &wsi->ws->ping_payload_buf[LWS_PRE], + wsi->ws->ping_payload_len, write_type); + if (n < 0) + return LWS_HP_RET_BAIL_DIE; + + /* well he is sent, mark him done */ + wsi->ws->ping_pending_flag = 0; + if (wsi->ws->payload_is_close) { + // assert(0); + /* oh... a close frame was it... then we are done */ + return LWS_HP_RET_BAIL_DIE; + } + + /* otherwise for PING, leave POLLOUT active either way */ + return LWS_HP_RET_BAIL_OK; + } + + if (lwsi_role_client(wsi) && !wsi->socket_is_permanently_unusable && + wsi->ws->send_check_ping) { + + lwsl_info("issuing ping on wsi %p\n", wsi); + wsi->ws->send_check_ping = 0; + n = lws_write(wsi, &wsi->ws->ping_payload_buf[LWS_PRE], + 0, LWS_WRITE_PING); + if (n < 0) + return LWS_HP_RET_BAIL_DIE; + + /* + * we apparently were able to send the PING in a reasonable time + * now reset the clock on our peer to be able to send the + * PONG in a reasonable time. + */ + + lws_set_timeout(wsi, PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG, + wsi->context->timeout_secs); + + return LWS_HP_RET_BAIL_OK; + } + + /* Priority 4: if we are closing, not allowed to send more data frags + * which means user callback or tx ext flush banned now + */ + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) + return LWS_HP_RET_USER_SERVICE; + + /* Priority 5: Tx path extension with more to send + * + * These are handled as new fragments each time around + * So while we must block new writeable callback to enforce + * payload ordering, but since they are always complete + * fragments control packets can interleave OK. + */ + if (lwsi_role_client(wsi) && wsi->ws->tx_draining_ext) { + lwsl_ext("SERVICING TX EXT DRAINING\n"); + if (lws_write(wsi, NULL, 0, LWS_WRITE_CONTINUATION) < 0) + return LWS_HP_RET_BAIL_DIE; + /* leave POLLOUT active */ + return LWS_HP_RET_BAIL_OK; + } + + /* Priority 6: extensions + */ +#if !defined(LWS_WITHOUT_EXTENSIONS) + m = lws_ext_cb_active(wsi, LWS_EXT_CB_IS_WRITEABLE, NULL, 0); + if (m) + return LWS_HP_RET_BAIL_DIE; + + if (!wsi->extension_data_pending) + return LWS_HP_RET_USER_SERVICE; + + /* + * check in on the active extensions, see if they + * had pending stuff to spill... they need to get the + * first look-in otherwise sequence will be disordered + * + * NULL, zero-length eff_buf means just spill pending + */ + + ret = 1; + if (wsi->role_ops == &role_ops_raw_skt || + wsi->role_ops == &role_ops_raw_file) + ret = 0; + + while (ret == 1) { + + /* default to nobody has more to spill */ + + ret = 0; + eff_buf.token = NULL; + eff_buf.token_len = 0; + + /* give every extension a chance to spill */ + + m = lws_ext_cb_active(wsi, LWS_EXT_CB_PACKET_TX_PRESEND, + &eff_buf, 0); + if (m < 0) { + lwsl_err("ext reports fatal error\n"); + return LWS_HP_RET_BAIL_DIE; + } + if (m) + /* + * at least one extension told us he has more + * to spill, so we will go around again after + */ + ret = 1; + + /* assuming they gave us something to send, send it */ + + if (eff_buf.token_len) { + n = lws_issue_raw(wsi, (unsigned char *)eff_buf.token, + eff_buf.token_len); + if (n < 0) { + lwsl_info("closing from POLLOUT spill\n"); + return LWS_HP_RET_BAIL_DIE; + } + /* + * Keep amount spilled small to minimize chance of this + */ + if (n != eff_buf.token_len) { + lwsl_err("Unable to spill ext %d vs %d\n", + eff_buf.token_len, n); + return LWS_HP_RET_BAIL_DIE; + } + } else + continue; + + /* no extension has more to spill */ + + if (!ret) + continue; + + /* + * There's more to spill from an extension, but we just sent + * something... did that leave the pipe choked? + */ + + if (!lws_send_pipe_choked(wsi)) + /* no we could add more */ + continue; + + lwsl_info("choked in POLLOUT service\n"); + + /* + * Yes, he's choked. Leave the POLLOUT masked on so we will + * come back here when he is unchoked. Don't call the user + * callback to enforce ordering of spilling, he'll get called + * when we come back here and there's nothing more to spill. + */ + + return LWS_HP_RET_BAIL_OK; + } + + wsi->extension_data_pending = 0; +#endif + + return LWS_HP_RET_USER_SERVICE; +} + +static int +rops_periodic_checks_ws(struct lws_context *context, int tsi, time_t now) +{ + struct lws_vhost *vh; + + if (!context->ws_ping_pong_interval || + context->last_ws_ping_pong_check_s >= now + 10) + return 0; + + vh = context->vhost_list; + context->last_ws_ping_pong_check_s = now; + + while (vh) { + int n; + + lws_vhost_lock(vh); + + for (n = 0; n < vh->count_protocols; n++) { + struct lws *wsi = vh->same_vh_protocol_list[n]; + + while (wsi) { + if (lwsi_role_ws(wsi) && + !wsi->socket_is_permanently_unusable && + !wsi->ws->send_check_ping && + wsi->ws->time_next_ping_check && + lws_compare_time_t(context, now, + wsi->ws->time_next_ping_check) > + context->ws_ping_pong_interval) { + + lwsl_info("req pp on wsi %p\n", + wsi); + wsi->ws->send_check_ping = 1; + lws_set_timeout(wsi, + PENDING_TIMEOUT_WS_PONG_CHECK_SEND_PING, + context->timeout_secs); + lws_callback_on_writable(wsi); + wsi->ws->time_next_ping_check = + now; + } + wsi = wsi->same_vh_protocol_next; + } + } + + lws_vhost_unlock(vh); + vh = vh->vhost_next; + } + + return 0; +} + +static int +rops_service_flag_pending_ws(struct lws_context *context, int tsi) +{ + struct lws_context_per_thread *pt = &context->pt[tsi]; + struct lws *wsi; + int forced = 0; + + /* POLLIN faking (the pt lock is taken by the parent) */ + + /* + * 1) For all guys with already-available ext data to drain, if they are + * not flowcontrolled, fake their POLLIN status + */ + wsi = pt->rx_draining_ext_list; + while (wsi) { + pt->fds[wsi->position_in_fds_table].revents |= + pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN; + if (pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN) + forced = 1; + + wsi = wsi->ws->rx_draining_ext_list; + } + + return forced; +} + +static int +rops_close_via_role_protocol_ws(struct lws *wsi, enum lws_close_status reason) +{ + if (!wsi->ws->close_in_ping_buffer_len && /* already a reason */ + (reason == LWS_CLOSE_STATUS_NOSTATUS || + reason == LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY)) + return 0; + + lwsl_debug("%s: sending close indication...\n", __func__); + + /* if no prepared close reason, use 1000 and no aux data */ + + if (!wsi->ws->close_in_ping_buffer_len) { + wsi->ws->close_in_ping_buffer_len = 2; + wsi->ws->ping_payload_buf[LWS_PRE] = (reason >> 8) & 0xff; + wsi->ws->ping_payload_buf[LWS_PRE + 1] = reason & 0xff; + } + + wsi->waiting_to_send_close_frame = 1; + lwsi_set_state(wsi, LRS_WAITING_TO_SEND_CLOSE); + __lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_SEND, 5); + + lws_callback_on_writable(wsi); + + return 1; +} + +static int +rops_close_role_ws(struct lws_context_per_thread *pt, struct lws *wsi) +{ + if (wsi->ws->rx_draining_ext) { + struct lws **w = &pt->rx_draining_ext_list; + + wsi->ws->rx_draining_ext = 0; + /* remove us from context draining ext list */ + while (*w) { + if (*w == wsi) { + *w = wsi->ws->rx_draining_ext_list; + break; + } + w = &((*w)->ws->rx_draining_ext_list); + } + wsi->ws->rx_draining_ext_list = NULL; + } + + if (wsi->ws->tx_draining_ext) { + struct lws **w = &pt->tx_draining_ext_list; + + wsi->ws->tx_draining_ext = 0; + /* remove us from context draining ext list */ + while (*w) { + if (*w == wsi) { + *w = wsi->ws->tx_draining_ext_list; + break; + } + w = &((*w)->ws->tx_draining_ext_list); + } + wsi->ws->tx_draining_ext_list = NULL; + } + lws_free_set_NULL(wsi->ws->rx_ubuf); + + if (wsi->trunc_alloc) + /* not going to be completed... nuke it */ + lws_free_set_NULL(wsi->trunc_alloc); + + wsi->ws->ping_payload_len = 0; + wsi->ws->ping_pending_flag = 0; + + return 0; +} + +static int +rops_write_role_protocol_ws(struct lws *wsi, unsigned char *buf, size_t len, + enum lws_write_protocol *wp) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + int masked7 = lwsi_role_client(wsi); + unsigned char is_masked_bit = 0; + unsigned char *dropmask = NULL; + struct lws_tokens eff_buf; + size_t orig_len = len; + int pre = 0, n; + + if (wsi->ws->tx_draining_ext) { + /* remove us from the list */ + struct lws **w = &pt->tx_draining_ext_list; + + wsi->ws->tx_draining_ext = 0; + /* remove us from context draining ext list */ + while (*w) { + if (*w == wsi) { + *w = wsi->ws->tx_draining_ext_list; + break; + } + w = &((*w)->ws->tx_draining_ext_list); + } + wsi->ws->tx_draining_ext_list = NULL; + *wp = (wsi->ws->tx_draining_stashed_wp & 0xc0) | + LWS_WRITE_CONTINUATION; + + lwsl_ext("FORCED draining wp to 0x%02X\n", *wp); + } + + lws_restart_ws_ping_pong_timer(wsi); + + if (((*wp) & 0x1f) == LWS_WRITE_HTTP || + ((*wp) & 0x1f) == LWS_WRITE_HTTP_FINAL || + ((*wp) & 0x1f) == LWS_WRITE_HTTP_HEADERS_CONTINUATION || + ((*wp) & 0x1f) == LWS_WRITE_HTTP_HEADERS) + goto send_raw; + + + + /* if we are continuing a frame that already had its header done */ + + if (wsi->ws->inside_frame) { + lwsl_debug("INSIDE FRAME\n"); + goto do_more_inside_frame; + } + + wsi->ws->clean_buffer = 1; + + /* + * give a chance to the extensions to modify payload + * the extension may decide to produce unlimited payload erratically + * (eg, compression extension), so we require only that if he produces + * something, it will be a complete fragment of the length known at + * the time (just the fragment length known), and if he has + * more we will come back next time he is writeable and allow him to + * produce more fragments until he's drained. + * + * This allows what is sent each time it is writeable to be limited to + * a size that can be sent without partial sends or blocking, allows + * interleaving of control frames and other connection service. + */ + eff_buf.token = (char *)buf; + eff_buf.token_len = (int)len; + + switch ((int)*wp) { + case LWS_WRITE_PING: + case LWS_WRITE_PONG: + case LWS_WRITE_CLOSE: + break; + default: +#if !defined(LWS_WITHOUT_EXTENSIONS) + lwsl_debug("LWS_EXT_CB_PAYLOAD_TX\n"); + n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_TX, &eff_buf, *wp); + if (n < 0) + return -1; + + if (n && eff_buf.token_len) { + lwsl_debug("drain len %d\n", (int)eff_buf.token_len); + /* extension requires further draining */ + wsi->ws->tx_draining_ext = 1; + wsi->ws->tx_draining_ext_list = + pt->tx_draining_ext_list; + pt->tx_draining_ext_list = wsi; + /* we must come back to do more */ + lws_callback_on_writable(wsi); + /* + * keep a copy of the write type for the overall + * action that has provoked generation of these + * fragments, so the last guy can use its FIN state. + */ + wsi->ws->tx_draining_stashed_wp = *wp; + /* this is definitely not actually the last fragment + * because the extension asserted he has more coming + * So make sure this intermediate one doesn't go out + * with a FIN. + */ + *wp |= LWS_WRITE_NO_FIN; + } +#endif + if (eff_buf.token_len && wsi->ws->stashed_write_pending) { + wsi->ws->stashed_write_pending = 0; + *wp = ((*wp) & 0xc0) | (int)wsi->ws->stashed_write_type; + } + } + + /* + * an extension did something we need to keep... for example, if + * compression extension, it has already updated its state according + * to this being issued + */ + if ((char *)buf != eff_buf.token) { + /* + * ext might eat it, but not have anything to issue yet. + * In that case we have to follow his lead, but stash and + * replace the write type that was lost here the first time. + */ + if (len && !eff_buf.token_len) { + if (!wsi->ws->stashed_write_pending) + wsi->ws->stashed_write_type = (char)(*wp) & 0x3f; + wsi->ws->stashed_write_pending = 1; + return (int)len; + } + /* + * extension recreated it: + * need to buffer this if not all sent + */ + wsi->ws->clean_buffer = 0; + } + + buf = (unsigned char *)eff_buf.token; + len = eff_buf.token_len; + + if (!buf) { + lwsl_err("null buf (%d)\n", (int)len); + return -1; + } + + switch (wsi->ws->ietf_spec_revision) { + case 13: + if (masked7) { + pre += 4; + dropmask = &buf[0 - pre]; + is_masked_bit = 0x80; + } + + switch ((*wp) & 0xf) { + case LWS_WRITE_TEXT: + n = LWSWSOPC_TEXT_FRAME; + break; + case LWS_WRITE_BINARY: + n = LWSWSOPC_BINARY_FRAME; + break; + case LWS_WRITE_CONTINUATION: + n = LWSWSOPC_CONTINUATION; + break; + + case LWS_WRITE_CLOSE: + n = LWSWSOPC_CLOSE; + break; + case LWS_WRITE_PING: + n = LWSWSOPC_PING; + break; + case LWS_WRITE_PONG: + n = LWSWSOPC_PONG; + break; + default: + lwsl_warn("lws_write: unknown write opc / wp\n"); + return -1; + } + + if (!((*wp) & LWS_WRITE_NO_FIN)) + n |= 1 << 7; + + if (len < 126) { + pre += 2; + buf[-pre] = n; + buf[-pre + 1] = (unsigned char)(len | is_masked_bit); + } else { + if (len < 65536) { + pre += 4; + buf[-pre] = n; + buf[-pre + 1] = 126 | is_masked_bit; + buf[-pre + 2] = (unsigned char)(len >> 8); + buf[-pre + 3] = (unsigned char)len; + } else { + pre += 10; + buf[-pre] = n; + buf[-pre + 1] = 127 | is_masked_bit; +#if defined __LP64__ + buf[-pre + 2] = (len >> 56) & 0x7f; + buf[-pre + 3] = len >> 48; + buf[-pre + 4] = len >> 40; + buf[-pre + 5] = len >> 32; +#else + buf[-pre + 2] = 0; + buf[-pre + 3] = 0; + buf[-pre + 4] = 0; + buf[-pre + 5] = 0; +#endif + buf[-pre + 6] = (unsigned char)(len >> 24); + buf[-pre + 7] = (unsigned char)(len >> 16); + buf[-pre + 8] = (unsigned char)(len >> 8); + buf[-pre + 9] = (unsigned char)len; + } + } + break; + } + +do_more_inside_frame: + + /* + * Deal with masking if we are in client -> server direction and + * the wp demands it + */ + + if (masked7) { + if (!wsi->ws->inside_frame) + if (lws_0405_frame_mask_generate(wsi)) { + lwsl_err("frame mask generation failed\n"); + return -1; + } + + /* + * in v7, just mask the payload + */ + if (dropmask) { /* never set if already inside frame */ + for (n = 4; n < (int)len + 4; n++) + dropmask[n] = dropmask[n] ^ wsi->ws->mask[ + (wsi->ws->mask_idx++) & 3]; + + /* copy the frame nonce into place */ + memcpy(dropmask, wsi->ws->mask, 4); + } + } + + if (lwsi_role_h2_ENCAPSULATION(wsi)) { + struct lws *encap = lws_get_network_wsi(wsi); + + assert(encap != wsi); + return encap->role_ops->write_role_protocol(wsi, buf - pre, + len + pre, wp); + } + + switch ((*wp) & 0x1f) { + case LWS_WRITE_TEXT: + case LWS_WRITE_BINARY: + case LWS_WRITE_CONTINUATION: + if (!wsi->h2_stream_carries_ws) { + + /* + * give any active extensions a chance to munge the + * buffer before send. We pass in a pointer to an + * lws_tokens struct prepared with the default buffer + * and content length that's in there. Rather than + * rewrite the default buffer, extensions that expect + * to grow the buffer can adapt .token to point to their + * own per-connection buffer in the extension user + * allocation. By default with no extensions or no + * extension callback handling, just the normal input + * buffer is used then so it is efficient. + * + * callback returns 1 in case it wants to spill more + * buffers + * + * This takes care of holding the buffer if send is + * incomplete, ie, if wsi->ws->clean_buffer is 0 + * (meaning an extension meddled with the buffer). If + * wsi->ws->clean_buffer is 1, it will instead return + * to the user code how much OF THE USER BUFFER was + * consumed. + */ + + n = lws_issue_raw_ext_access(wsi, buf - pre, len + pre); + wsi->ws->inside_frame = 1; + if (n <= 0) + return n; + + if (n == (int)len + pre) { + /* everything in the buffer was handled + * (or rebuffered...) */ + wsi->ws->inside_frame = 0; + return (int)orig_len; + } + + /* + * it is how many bytes of user buffer got sent... may + * be < orig_len in which case callback when writable + * has already been arranged and user code can call + * lws_write() again with the rest later. + */ + + return n - pre; + } + break; + default: + break; + } + +send_raw: + return lws_issue_raw(wsi, (unsigned char *)buf - pre, len + pre); +} + +static int +rops_close_kill_connection_ws(struct lws *wsi, enum lws_close_status reason) +{ + /* deal with ws encapsulation in h2 */ +#if defined(LWS_WITH_HTTP2) + if (wsi->http2_substream && wsi->h2_stream_carries_ws) + return role_ops_h2.close_kill_connection(wsi, reason); + + return 0; +#else + return 0; +#endif +} + +static int +rops_callback_on_writable_ws(struct lws *wsi) +{ + if (lws_ext_cb_active(wsi, LWS_EXT_CB_REQUEST_ON_WRITEABLE, NULL, 0)) + return 1; +#if defined(LWS_WITH_HTTP2) + if (lwsi_role_h2_ENCAPSULATION(wsi)) { + /* we know then that it has an h2 parent */ + struct lws *enc = role_ops_h2.encapsulation_parent(wsi); + + assert(enc); + if (enc->role_ops->callback_on_writable(wsi)) + return 1; + } +#endif + return 0; +} + +struct lws_role_ops role_ops_ws = { + "ws", + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ NULL, + /* periodic_checks */ rops_periodic_checks_ws, + /* service_flag_pending */ rops_service_flag_pending_ws, + /* handle_POLLIN */ rops_handle_POLLIN_ws, + /* handle_POLLOUT */ rops_handle_POLLOUT_ws, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ rops_callback_on_writable_ws, + /* tx_credit */ NULL, + /* write_role_protocol */ rops_write_role_protocol_ws, + /* rxflow_cache */ NULL, + /* encapsulation_parent */ NULL, + /* close_via_role_protocol */ rops_close_via_role_protocol_ws, + /* close_role */ rops_close_role_ws, + /* close_kill_connection */ rops_close_kill_connection_ws, + /* destroy_role */ NULL, + /* writeable cb clnt, srv */ { LWS_CALLBACK_CLIENT_WRITEABLE, + LWS_CALLBACK_SERVER_WRITEABLE }, + /* close cb clnt, srv */ { LWS_CALLBACK_CLIENT_CLOSED, + LWS_CALLBACK_CLOSED }, +}; diff --git a/lib/roles/ws/server-ws.c b/lib/roles/ws/server-ws.c new file mode 100644 index 0000000..d2db682 --- /dev/null +++ b/lib/roles/ws/server-ws.c @@ -0,0 +1,621 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +#define LWS_CPYAPP(ptr, str) { strcpy(ptr, str); ptr += strlen(str); } + +#if !defined(LWS_WITHOUT_EXTENSIONS) +static int +lws_extension_server_handshake(struct lws *wsi, char **p, int budget) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + char ext_name[64], *args, *end = (*p) + budget - 1; + const struct lws_ext_options *opts, *po; + const struct lws_extension *ext; + struct lws_ext_option_arg oa; + int n, m, more = 1; + int ext_count = 0; + char ignore; + char *c; + + /* + * Figure out which extensions the client has that we want to + * enable on this connection, and give him back the list + */ + if (!lws_hdr_total_length(wsi, WSI_TOKEN_EXTENSIONS)) + return 0; + + /* + * break down the list of client extensions + * and go through them + */ + + if (lws_hdr_copy(wsi, (char *)pt->serv_buf, context->pt_serv_buf_size, + WSI_TOKEN_EXTENSIONS) < 0) + return 1; + + c = (char *)pt->serv_buf; + lwsl_parser("WSI_TOKEN_EXTENSIONS = '%s'\n", c); + wsi->count_act_ext = 0; + ignore = 0; + n = 0; + args = NULL; + + /* + * We may get a simple request + * + * Sec-WebSocket-Extensions: permessage-deflate + * + * or an elaborated one with requested options + * + * Sec-WebSocket-Extensions: permessage-deflate; \ + * server_no_context_takeover; \ + * client_no_context_takeover + */ + + while (more) { + + if (*c && (*c != ',' && *c != '\t')) { + if (*c == ';') { + ignore = 1; + args = c + 1; + } + if (ignore || *c == ' ') { + c++; + continue; + } + ext_name[n] = *c++; + if (n < (int)sizeof(ext_name) - 1) + n++; + continue; + } + ext_name[n] = '\0'; + + ignore = 0; + if (!*c) + more = 0; + else { + c++; + if (!n) + continue; + } + + while (args && *args && *args == ' ') + args++; + + /* check a client's extension against our support */ + + ext = wsi->vhost->extensions; + + while (ext && ext->callback) { + + if (strcmp(ext_name, ext->name)) { + ext++; + continue; + } + + /* + * oh, we do support this one he asked for... but let's + * confirm he only gave it once + */ + for (m = 0; m < wsi->count_act_ext; m++) + if (wsi->active_extensions[m] == ext) { + lwsl_info("extension mentioned twice\n"); + return 1; /* shenanigans */ + } + + /* + * ask user code if it's OK to apply it on this + * particular connection + protocol + */ + m = (wsi->protocol->callback)(wsi, + LWS_CALLBACK_CONFIRM_EXTENSION_OKAY, + wsi->user_space, ext_name, 0); + + /* + * zero return from callback means go ahead and allow + * the extension, it's what we get if the callback is + * unhandled + */ + if (m) { + ext++; + continue; + } + + /* apply it */ + + ext_count++; + + /* instantiate the extension on this conn */ + + wsi->active_extensions[wsi->count_act_ext] = ext; + + /* allow him to construct his context */ + + if (ext->callback(lws_get_context(wsi), ext, wsi, + LWS_EXT_CB_CONSTRUCT, + (void *)&wsi->act_ext_user[ + wsi->count_act_ext], + (void *)&opts, 0)) { + lwsl_info("ext %s failed construction\n", + ext_name); + ext_count--; + ext++; + + continue; + } + + if (ext_count > 1) + *(*p)++ = ','; + else + LWS_CPYAPP(*p, + "\x0d\x0aSec-WebSocket-Extensions: "); + *p += lws_snprintf(*p, (end - *p), "%s", ext_name); + + /* + * go through the options trying to apply the + * recognized ones + */ + + lwsl_debug("ext args %s", args); + + while (args && *args && *args != ',') { + while (*args == ' ') + args++; + po = opts; + while (po->name) { + /* only support arg-less options... */ + if (po->type != EXTARG_NONE || + strncmp(args, po->name, + strlen(po->name))) { + po++; + continue; + } + oa.option_name = NULL; + oa.option_index = (int)(po - opts); + oa.start = NULL; + lwsl_debug("setting %s\n", po->name); + if (!ext->callback( + lws_get_context(wsi), ext, wsi, + LWS_EXT_CB_OPTION_SET, + wsi->act_ext_user[ + wsi->count_act_ext], + &oa, (end - *p))) { + + *p += lws_snprintf(*p, (end - *p), + "; %s", po->name); + lwsl_debug("adding option %s\n", + po->name); + } + po++; + } + while (*args && *args != ',' && *args != ';') + args++; + } + + wsi->count_act_ext++; + lwsl_parser("cnt_act_ext <- %d\n", wsi->count_act_ext); + + ext++; + } + + n = 0; + args = NULL; + } + + return 0; +} +#endif + + + +int +lws_process_ws_upgrade(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + char protocol_list[128], protocol_name[64], *p; + int protocol_len, hit, n = 0, non_space_char_found = 0; + + if (!wsi->protocol) + lwsl_err("NULL protocol at lws_read\n"); + + /* + * It's either websocket or h2->websocket + * + * Select the first protocol we support from the list + * the client sent us. + * + * Copy it to remove header fragmentation + */ + + if (lws_hdr_copy(wsi, protocol_list, sizeof(protocol_list) - 1, + WSI_TOKEN_PROTOCOL) < 0) { + lwsl_err("protocol list too long"); + return 1; + } + + protocol_len = lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL); + protocol_list[protocol_len] = '\0'; + p = protocol_list; + hit = 0; + + while (*p && !hit) { + n = 0; + non_space_char_found = 0; + while (n < (int)sizeof(protocol_name) - 1 && + *p && *p != ',') { + /* ignore leading spaces */ + if (!non_space_char_found && *p == ' ') { + n++; + continue; + } + non_space_char_found = 1; + protocol_name[n++] = *p++; + } + protocol_name[n] = '\0'; + if (*p) + p++; + + lwsl_debug("checking %s\n", protocol_name); + + n = 0; + while (wsi->vhost->protocols[n].callback) { + lwsl_debug("try %s\n", + wsi->vhost->protocols[n].name); + + if (wsi->vhost->protocols[n].name && + !strcmp(wsi->vhost->protocols[n].name, + protocol_name)) { + wsi->protocol = &wsi->vhost->protocols[n]; + hit = 1; + break; + } + + n++; + } + } + + /* we didn't find a protocol he wanted? */ + + if (!hit) { + if (lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL)) { + lwsl_notice("No protocol from \"%s\" supported\n", + protocol_list); + return 1; + } + /* + * some clients only have one protocol and + * do not send the protocol list header... + * allow it and match to the vhost's default + * protocol (which itself defaults to zero) + */ + lwsl_info("defaulting to prot handler %d\n", + wsi->vhost->default_protocol_index); + n = wsi->vhost->default_protocol_index; + wsi->protocol = &wsi->vhost->protocols[ + (int)wsi->vhost->default_protocol_index]; + } + + /* allocate the ws struct for the wsi */ + wsi->ws = lws_zalloc(sizeof(*wsi->ws), "ws struct"); + if (!wsi->ws) { + lwsl_notice("OOM\n"); + return 1; + } + + if (lws_hdr_total_length(wsi, WSI_TOKEN_VERSION)) + wsi->ws->ietf_spec_revision = + atoi(lws_hdr_simple_ptr(wsi, WSI_TOKEN_VERSION)); + + /* allocate wsi->user storage */ + if (lws_ensure_user_space(wsi)) { + lwsl_notice("problem with user space\n"); + return 1; + } + + /* + * Give the user code a chance to study the request and + * have the opportunity to deny it + */ + if ((wsi->protocol->callback)(wsi, + LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION, + wsi->user_space, + lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL), 0)) { + lwsl_warn("User code denied connection\n"); + return 1; + } + + /* + * Perform the handshake according to the protocol version the + * client announced + */ + + switch (wsi->ws->ietf_spec_revision) { + default: + lwsl_notice("Unknown client spec version %d\n", + wsi->ws->ietf_spec_revision); + wsi->ws->ietf_spec_revision = 13; + //return 1; + /* fallthru */ + case 13: +#if defined(LWS_WITH_HTTP2) + if (wsi->h2_stream_carries_ws) { + if (lws_h2_ws_handshake(wsi)) { + lwsl_notice("h2 ws handshake failed\n"); + return 1; + } + } else +#endif + { + lwsl_parser("lws_parse calling handshake_04\n"); + if (handshake_0405(wsi->context, wsi)) { + lwsl_notice("hs0405 has failed the connection\n"); + return 1; + } + } + break; + } + + lws_same_vh_protocol_insert(wsi, n); + + /* + * We are upgrading to ws, so http/1.1 + h2 and keepalive + pipelined + * header considerations about keeping the ah around no longer apply. + * + * However it's common for the first ws protocol data to have been + * coalesced with the browser upgrade request and to already be in the + * ah rx buffer. + */ + + lwsl_debug("%s: %p: inheriting ws ah (rxpos:%d, rxlen:%d)\n", + __func__, wsi, wsi->ah->rxpos, wsi->ah->rxlen); + lws_pt_lock(pt, __func__); + + if (wsi->h2_stream_carries_ws) + lws_role_transition(wsi, LWSIFR_SERVER | LWSIFR_P_ENCAP_H2, + LRS_ESTABLISHED, &role_ops_ws); + else + lws_role_transition(wsi, LWSIFR_SERVER, LRS_ESTABLISHED, + &role_ops_ws); + /* + * Because rxpos/rxlen shows something in the ah, we will get + * service guaranteed next time around the event loop + */ + + lws_pt_unlock(pt); + + lws_server_init_wsi_for_ws(wsi); + lwsl_parser("accepted v%02d connection\n", wsi->ws->ietf_spec_revision); + + /* !!! drop ah unreservedly after ESTABLISHED */ + if (wsi->ah->rxpos == wsi->ah->rxlen) { + lwsl_info("%s: %p: dropping ah on ws upgrade\n", __func__, wsi); + lws_header_table_force_to_detachable_state(wsi); + lws_header_table_detach(wsi, 1); + } else + lwsl_info("%s: %p: unable to drop ah at ws upgrade %d vs %d\n", + __func__, wsi, wsi->ah->rxpos, wsi->ah->rxlen); + + return 0; +} + +int +handshake_0405(struct lws_context *context, struct lws *wsi) +{ + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + struct lws_process_html_args args; + unsigned char hash[20]; + int n, accept_len; + char *response; + char *p; + + if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST) || + !lws_hdr_total_length(wsi, WSI_TOKEN_KEY)) { + lwsl_info("handshake_04 missing pieces\n"); + /* completed header processing, but missing some bits */ + goto bail; + } + + if (lws_hdr_total_length(wsi, WSI_TOKEN_KEY) >= MAX_WEBSOCKET_04_KEY_LEN) { + lwsl_warn("Client key too long %d\n", MAX_WEBSOCKET_04_KEY_LEN); + goto bail; + } + + /* + * since key length is restricted above (currently 128), cannot + * overflow + */ + n = sprintf((char *)pt->serv_buf, + "%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11", + lws_hdr_simple_ptr(wsi, WSI_TOKEN_KEY)); + + lws_SHA1(pt->serv_buf, n, hash); + + accept_len = lws_b64_encode_string((char *)hash, 20, + (char *)pt->serv_buf, context->pt_serv_buf_size); + if (accept_len < 0) { + lwsl_warn("Base64 encoded hash too long\n"); + goto bail; + } + + /* allocate the per-connection user memory (if any) */ + if (lws_ensure_user_space(wsi)) + goto bail; + + /* create the response packet */ + + /* make a buffer big enough for everything */ + + response = (char *)pt->serv_buf + MAX_WEBSOCKET_04_KEY_LEN + LWS_PRE; + p = response; + LWS_CPYAPP(p, "HTTP/1.1 101 Switching Protocols\x0d\x0a" + "Upgrade: WebSocket\x0d\x0a" + "Connection: Upgrade\x0d\x0a" + "Sec-WebSocket-Accept: "); + strcpy(p, (char *)pt->serv_buf); + p += accept_len; + + /* we can only return the protocol header if: + * - one came in, and ... */ + if (lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL) && + /* - it is not an empty string */ + wsi->protocol->name && + wsi->protocol->name[0]) { + LWS_CPYAPP(p, "\x0d\x0aSec-WebSocket-Protocol: "); + p += lws_snprintf(p, 128, "%s", wsi->protocol->name); + } + +#if !defined(LWS_WITHOUT_EXTENSIONS) + /* + * Figure out which extensions the client has that we want to + * enable on this connection, and give him back the list. + * + * Give him a limited write bugdet + */ + if (lws_extension_server_handshake(wsi, &p, 192)) + goto bail; +#endif + LWS_CPYAPP(p, "\x0d\x0a"); + + args.p = p; + args.max_len = lws_ptr_diff((char *)pt->serv_buf + + context->pt_serv_buf_size, p); + if (user_callback_handle_rxflow(wsi->protocol->callback, wsi, + LWS_CALLBACK_ADD_HEADERS, + wsi->user_space, &args, 0)) + goto bail; + + p = args.p; + + /* end of response packet */ + + LWS_CPYAPP(p, "\x0d\x0a"); + + if (!lws_any_extension_handled(wsi, LWS_EXT_CB_HANDSHAKE_REPLY_TX, + response, p - response)) { + + /* okay send the handshake response accepting the connection */ + + lwsl_parser("issuing resp pkt %d len\n", + lws_ptr_diff(p, response)); +#if defined(DEBUG) + fwrite(response, 1, p - response, stderr); +#endif + n = lws_write(wsi, (unsigned char *)response, p - response, + LWS_WRITE_HTTP_HEADERS); + if (n != (p - response)) { + lwsl_info("%s: ERROR writing to socket %d\n", __func__, n); + goto bail; + } + + } + + /* alright clean up and set ourselves into established state */ + + lwsi_set_state(wsi, LRS_ESTABLISHED); + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + + { + const char * uri_ptr = + lws_hdr_simple_ptr(wsi, WSI_TOKEN_GET_URI); + int uri_len = lws_hdr_total_length(wsi, WSI_TOKEN_GET_URI); + const struct lws_http_mount *hit = + lws_find_mount(wsi, uri_ptr, uri_len); + if (hit && hit->cgienv && + wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_PMO, + wsi->user_space, (void *)hit->cgienv, 0)) + return 1; + } + + return 0; + + +bail: + /* caller will free up his parsing allocations */ + return -1; +} + + +int +lws_interpret_incoming_packet(struct lws *wsi, unsigned char **buf, size_t len) +{ + int m; + + lwsl_parser("%s: received %d byte packet\n", __func__, (int)len); + + /* let the rx protocol state machine have as much as it needs */ + + while (len) { + /* + * we were accepting input but now we stopped doing so + */ + if (wsi->rxflow_bitmap) { + lws_rxflow_cache(wsi, *buf, 0, (int)len); + lwsl_parser("%s: cached %ld\n", __func__, (long)len); + return 1; + } + + if (wsi->ws->rx_draining_ext) { + m = lws_ws_rx_sm(wsi, 0); + if (m < 0) + return -1; + continue; + } + + /* account for what we're using in rxflow buffer */ + if (wsi->rxflow_buffer) { + wsi->rxflow_pos++; + if (wsi->rxflow_pos > wsi->rxflow_len) + assert(0); + } + + /* consume payload bytes efficiently */ + if (wsi->lws_rx_parse_state == + LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED) { + m = lws_payload_until_length_exhausted(wsi, buf, &len); + if (wsi->rxflow_buffer) + wsi->rxflow_pos += m; + } + + /* process the byte */ + m = lws_ws_rx_sm(wsi, *(*buf)++); + if (m < 0) + return -1; + len--; + + if (wsi->rxflow_buffer && wsi->rxflow_pos == wsi->rxflow_len) { + lwsl_debug("%s: %p flow buf: drained\n", __func__, wsi); + lws_free_set_NULL(wsi->rxflow_buffer); + /* having drained the rxflow buffer, can rearm POLLIN */ +#ifdef LWS_NO_SERVER + m = +#endif + __lws_rx_flow_control(wsi); + /* m ignored, needed for NO_SERVER case */ + } + } + + lwsl_parser("%s: exit with %d unused\n", __func__, (int)len); + + return 0; +} diff --git a/lib/server/access-log.c b/lib/server/access-log.c deleted file mode 100644 index a4e30fe..0000000 --- a/lib/server/access-log.c +++ /dev/null @@ -1,182 +0,0 @@ -/* - * libwebsockets - server access log handling - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -/* - * Produce Apache-compatible log string for wsi, like this: - * - * 2.31.234.19 - - [27/Mar/2016:03:22:44 +0800] - * "GET /aep-screen.png HTTP/1.1" - * 200 152987 "https://libwebsockets.org/index.html" - * "Mozilla/5.0 (Macint... Chrome/49.0.2623.87 Safari/537.36" - * - */ - -extern const char * const method_names[]; - -static const char * const hver[] = { - "HTTP/1.0", "HTTP/1.1", "HTTP/2" -}; - -void -lws_prepare_access_log_info(struct lws *wsi, char *uri_ptr, int meth) -{ -#ifdef LWS_WITH_IPV6 - char ads[INET6_ADDRSTRLEN]; -#else - char ads[INET_ADDRSTRLEN]; -#endif - char da[64]; - const char *pa, *me; - struct tm *tmp; - time_t t = time(NULL); - int l = 256, m; - - if (!wsi->vhost) - return; - - /* only worry about preparing it if we store it */ - if (wsi->vhost->log_fd == (int)LWS_INVALID_FILE) - return; - - if (wsi->access_log_pending) - lws_access_log(wsi); - - wsi->access_log.header_log = lws_malloc(l, "access log"); - if (wsi->access_log.header_log) { - - tmp = localtime(&t); - if (tmp) - strftime(da, sizeof(da), "%d/%b/%Y:%H:%M:%S %z", tmp); - else - strcpy(da, "01/Jan/1970:00:00:00 +0000"); - - pa = lws_get_peer_simple(wsi, ads, sizeof(ads)); - if (!pa) - pa = "(unknown)"; - - if (wsi->http2_substream) - me = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_METHOD); - else - me = method_names[meth]; - if (!me) - me = "(null)"; - - lws_snprintf(wsi->access_log.header_log, l, - "%s - - [%s] \"%s %s %s\"", - pa, da, me, uri_ptr, - hver[wsi->http.request_version]); - - l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_USER_AGENT); - if (l) { - wsi->access_log.user_agent = lws_malloc(l + 2, "access log"); - if (!wsi->access_log.user_agent) { - lwsl_err("OOM getting user agent\n"); - lws_free_set_NULL(wsi->access_log.header_log); - return; - } - - lws_hdr_copy(wsi, wsi->access_log.user_agent, - l + 1, WSI_TOKEN_HTTP_USER_AGENT); - - for (m = 0; m < l; m++) - if (wsi->access_log.user_agent[m] == '\"') - wsi->access_log.user_agent[m] = '\''; - } - l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_REFERER); - if (l) { - wsi->access_log.referrer = lws_malloc(l + 2, "referrer"); - if (!wsi->access_log.referrer) { - lwsl_err("OOM getting user agent\n"); - lws_free_set_NULL(wsi->access_log.user_agent); - lws_free_set_NULL(wsi->access_log.header_log); - return; - } - lws_hdr_copy(wsi, wsi->access_log.referrer, - l + 1, WSI_TOKEN_HTTP_REFERER); - - for (m = 0; m < l; m++) - if (wsi->access_log.referrer[m] == '\"') - wsi->access_log.referrer[m] = '\''; - } - wsi->access_log_pending = 1; - } -} - - -int -lws_access_log(struct lws *wsi) -{ - char *p = wsi->access_log.user_agent, ass[512], - *p1 = wsi->access_log.referrer; - int l; - - if (!wsi->vhost) - return 0; - - if (wsi->vhost->log_fd == (int)LWS_INVALID_FILE) - return 0; - - if (!wsi->access_log_pending) - return 0; - - if (!wsi->access_log.header_log) - return 0; - - if (!p) - p = ""; - - if (!p1) - p1 = ""; - - /* - * We do this in two parts to restrict an oversize referrer such that - * we will always have space left to append an empty useragent, while - * maintaining the structure of the log text - */ - l = lws_snprintf(ass, sizeof(ass) - 7, "%s %d %lu \"%s", - wsi->access_log.header_log, - wsi->access_log.response, wsi->access_log.sent, p1); - if (strlen(p) > sizeof(ass) - 6 - l) - p[sizeof(ass) - 6 - l] = '\0'; - l += lws_snprintf(ass + l, sizeof(ass) - 1 - l, "\" \"%s\"\n", p); - - if (write(wsi->vhost->log_fd, ass, l) != l) - lwsl_err("Failed to write log\n"); - - if (wsi->access_log.header_log) { - lws_free(wsi->access_log.header_log); - wsi->access_log.header_log = NULL; - } - if (wsi->access_log.user_agent) { - lws_free(wsi->access_log.user_agent); - wsi->access_log.user_agent = NULL; - } - if (wsi->access_log.referrer) { - lws_free(wsi->access_log.referrer); - wsi->access_log.referrer = NULL; - } - wsi->access_log_pending = 0; - - return 0; -} - diff --git a/lib/server/cgi.c b/lib/server/cgi.c deleted file mode 100644 index e1cbc12..0000000 --- a/lib/server/cgi.c +++ /dev/null @@ -1,1118 +0,0 @@ -/* - * libwebsockets - CGI management - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -#if defined(WIN32) || defined(_WIN32) -#else -#include -#endif - -static const char *hex = "0123456789ABCDEF"; - -static int -urlencode(const char *in, int inlen, char *out, int outlen) -{ - char *start = out, *end = out + outlen; - - while (inlen-- && out < end - 4) { - if ((*in >= 'A' && *in <= 'Z') || - (*in >= 'a' && *in <= 'z') || - (*in >= '0' && *in <= '9') || - *in == '-' || - *in == '_' || - *in == '.' || - *in == '~') { - *out++ = *in++; - continue; - } - if (*in == ' ') { - *out++ = '+'; - in++; - continue; - } - *out++ = '%'; - *out++ = hex[(*in) >> 4]; - *out++ = hex[(*in++) & 15]; - } - *out = '\0'; - - if (out >= end - 4) - return -1; - - return out - start; -} - -static struct lws * -lws_create_basic_wsi(struct lws_context *context, int tsi) -{ - struct lws *new_wsi; - - if (!context->vhost_list) - return NULL; - - if ((unsigned int)context->pt[tsi].fds_count == - context->fd_limit_per_thread - 1) { - lwsl_err("no space for new conn\n"); - return NULL; - } - - new_wsi = lws_zalloc(sizeof(struct lws), "new wsi"); - if (new_wsi == NULL) { - lwsl_err("Out of memory for new connection\n"); - return NULL; - } - - new_wsi->tsi = tsi; - new_wsi->context = context; - new_wsi->pending_timeout = NO_PENDING_TIMEOUT; - new_wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; - - /* initialize the instance struct */ - - lws_role_transition(new_wsi, LWSI_ROLE_CGI, LRS_ESTABLISHED); - - new_wsi->hdr_parsing_completed = 0; - new_wsi->position_in_fds_table = -1; - - /* - * these can only be set once the protocol is known - * we set an unestablished connection's protocol pointer - * to the start of the defauly vhost supported list, so it can look - * for matching ones during the handshake - */ - new_wsi->protocol = context->vhost_list->protocols; - new_wsi->user_space = NULL; - new_wsi->desc.sockfd = LWS_SOCK_INVALID; - context->count_wsi_allocated++; - - return new_wsi; -} - -LWS_VISIBLE LWS_EXTERN int -lws_cgi(struct lws *wsi, const char * const *exec_array, int script_uri_path_len, - int timeout_secs, const struct lws_protocol_vhost_options *mp_cgienv) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - char *env_array[30], cgi_path[400], e[1024], *p = e, - *end = p + sizeof(e) - 1, tok[256], *t, *sum, *sumend; - struct lws_cgi *cgi; - int n, m = 0, i, uritok = -1; - - /* - * give the master wsi a cgi struct - */ - - wsi->cgi = lws_zalloc(sizeof(*wsi->cgi), "new cgi"); - if (!wsi->cgi) { - lwsl_err("%s: OOM\n", __func__); - return -1; - } - - wsi->cgi->response_code = HTTP_STATUS_OK; - - cgi = wsi->cgi; - cgi->wsi = wsi; /* set cgi's owning wsi */ - sum = cgi->summary; - sumend = sum + strlen(cgi->summary) - 1; - - /* create pipes for [stdin|stdout] and [stderr] */ - - for (n = 0; n < 3; n++) - if (pipe(cgi->pipe_fds[n]) == -1) - goto bail1; - - /* create cgi wsis for each stdin/out/err fd */ - - for (n = 0; n < 3; n++) { - cgi->stdwsi[n] = lws_create_basic_wsi(wsi->context, wsi->tsi); - if (!cgi->stdwsi[n]) - goto bail2; - cgi->stdwsi[n]->cgi_channel = n; - cgi->stdwsi[n]->vhost = wsi->vhost; - - lwsl_debug("%s: cgi %p: pipe fd %d -> fd %d / %d\n", __func__, - cgi->stdwsi[n], n, cgi->pipe_fds[n][!!(n == 0)], - cgi->pipe_fds[n][!(n == 0)]); - - /* read side is 0, stdin we want the write side, others read */ - cgi->stdwsi[n]->desc.sockfd = cgi->pipe_fds[n][!!(n == 0)]; - if (fcntl(cgi->pipe_fds[n][!!(n == 0)], F_SETFL, - O_NONBLOCK) < 0) { - lwsl_err("%s: setting NONBLOCK failed\n", __func__); - goto bail2; - } - } - - for (n = 0; n < 3; n++) { - lws_libuv_accept(cgi->stdwsi[n], cgi->stdwsi[n]->desc); - if (__insert_wsi_socket_into_fds(wsi->context, cgi->stdwsi[n])) - goto bail3; - cgi->stdwsi[n]->parent = wsi; - cgi->stdwsi[n]->sibling_list = wsi->child_list; - wsi->child_list = cgi->stdwsi[n]; - } - - lws_change_pollfd(cgi->stdwsi[LWS_STDIN], LWS_POLLIN, LWS_POLLOUT); - lws_change_pollfd(cgi->stdwsi[LWS_STDOUT], LWS_POLLOUT, LWS_POLLIN); - lws_change_pollfd(cgi->stdwsi[LWS_STDERR], LWS_POLLOUT, LWS_POLLIN); - - lwsl_debug("%s: fds in %d, out %d, err %d\n", __func__, - cgi->stdwsi[LWS_STDIN]->desc.sockfd, - cgi->stdwsi[LWS_STDOUT]->desc.sockfd, - cgi->stdwsi[LWS_STDERR]->desc.sockfd); - - if (timeout_secs) - lws_set_timeout(wsi, PENDING_TIMEOUT_CGI, timeout_secs); - - /* the cgi stdout is always sending us http1.x header data first */ - wsi->hdr_state = LCHS_HEADER; - - /* add us to the pt list of active cgis */ - lwsl_debug("%s: adding cgi %p to list\n", __func__, wsi->cgi); - cgi->cgi_list = pt->cgi_list; - pt->cgi_list = cgi; - - sum += lws_snprintf(sum, sumend - sum, "%s ", exec_array[0]); - - /* prepare his CGI env */ - - n = 0; - - if (lws_is_ssl(wsi)) - env_array[n++] = "HTTPS=ON"; - if (wsi->ah) { - static const unsigned char meths[] = { - WSI_TOKEN_GET_URI, - WSI_TOKEN_POST_URI, - WSI_TOKEN_OPTIONS_URI, - WSI_TOKEN_PUT_URI, - WSI_TOKEN_PATCH_URI, - WSI_TOKEN_DELETE_URI, - WSI_TOKEN_CONNECT, - WSI_TOKEN_HEAD_URI, - #ifdef LWS_WITH_HTTP2 - WSI_TOKEN_HTTP_COLON_PATH, - #endif - }; - static const char * const meth_names[] = { - "GET", "POST", "OPTIONS", "PUT", "PATCH", "DELETE", - "CONNECT", ":path" - }; - - if (script_uri_path_len >= 0) - for (m = 0; m < (int)ARRAY_SIZE(meths); m++) - if (lws_hdr_total_length(wsi, meths[m]) >= - script_uri_path_len) { - uritok = meths[m]; - break; - } - - if (script_uri_path_len < 0 && uritok < 0) - goto bail3; -// if (script_uri_path_len < 0) -// uritok = 0; - - if (uritok >= 0) { - lws_snprintf(cgi_path, sizeof(cgi_path) - 1, - "REQUEST_URI=%s", - lws_hdr_simple_ptr(wsi, uritok)); - cgi_path[sizeof(cgi_path) - 1] = '\0'; - env_array[n++] = cgi_path; - } - - if (m >= 0) { - env_array[n++] = p; - if (m < 8) { - p += lws_snprintf(p, end - p, - "REQUEST_METHOD=%s", - meth_names[m]); - sum += lws_snprintf(sum, sumend - sum, "%s ", meth_names[m]); - } else { - p += lws_snprintf(p, end - p, - "REQUEST_METHOD=%s", - lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_METHOD)); - sum += lws_snprintf(sum, sumend - sum, "%s ", - lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_METHOD)); - } - p++; - } - - if (uritok >= 0) - sum += lws_snprintf(sum, sumend - sum, "%s ", - lws_hdr_simple_ptr(wsi, uritok)); - - env_array[n++] = p; - p += lws_snprintf(p, end - p, "QUERY_STRING="); - /* dump the individual URI Arg parameters */ - m = 0; - while (script_uri_path_len >= 0) { - i = lws_hdr_copy_fragment(wsi, tok, sizeof(tok), - WSI_TOKEN_HTTP_URI_ARGS, m); - if (i < 0) - break; - t = tok; - while (*t && *t != '=' && p < end - 4) - *p++ = *t++; - if (*t == '=') - *p++ = *t++; - i = urlencode(t, i- (t - tok), p, end - p); - if (i > 0) { - p += i; - *p++ = '&'; - } - m++; - } - if (m) - p--; - *p++ = '\0'; - - sum += lws_snprintf(sum, sumend - sum, "%s", env_array[n - 1]); - - if (script_uri_path_len >= 0) { - env_array[n++] = p; - p += lws_snprintf(p, end - p, "PATH_INFO=%s", - lws_hdr_simple_ptr(wsi, uritok) + - script_uri_path_len); - p++; - } - } - if (script_uri_path_len >= 0 && - lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_REFERER)) { - env_array[n++] = p; - p += lws_snprintf(p, end - p, "HTTP_REFERER=%s", - lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_REFERER)); - p++; - } - if (script_uri_path_len >= 0 && - lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { - env_array[n++] = p; - p += lws_snprintf(p, end - p, "HTTP_HOST=%s", - lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST)); - p++; - } - if (script_uri_path_len >= 0 && - lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_COOKIE)) { - env_array[n++] = p; - p += lws_snprintf(p, end - p, "HTTP_COOKIE="); - m = lws_hdr_copy(wsi, p, end - p, WSI_TOKEN_HTTP_COOKIE); - if (m > 0) - p += lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_COOKIE); - *p++ = '\0'; - } - if (script_uri_path_len >= 0 && - lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_USER_AGENT)) { - env_array[n++] = p; - p += lws_snprintf(p, end - p, "USER_AGENT=%s", - lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_USER_AGENT)); - p++; - } - if (script_uri_path_len >= 0 && - uritok == WSI_TOKEN_POST_URI) { - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE)) { - env_array[n++] = p; - p += lws_snprintf(p, end - p, "CONTENT_TYPE=%s", - lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE)); - p++; - } - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { - env_array[n++] = p; - p += lws_snprintf(p, end - p, "CONTENT_LENGTH=%s", - lws_hdr_simple_ptr(wsi, - WSI_TOKEN_HTTP_CONTENT_LENGTH)); - p++; - } - } - env_array[n++] = "PATH=/bin:/usr/bin:/usr/local/bin:/var/www/cgi-bin"; - - env_array[n++] = p; - p += lws_snprintf(p, end - p, "SCRIPT_PATH=%s", exec_array[0]) + 1; - - while (mp_cgienv) { - env_array[n++] = p; - p += lws_snprintf(p, end - p, "%s=%s", mp_cgienv->name, - mp_cgienv->value); - lwsl_debug(" Applying mount-specific cgi env '%s'\n", - env_array[n - 1]); - p++; - mp_cgienv = mp_cgienv->next; - } - - env_array[n++] = "SERVER_SOFTWARE=libwebsockets"; - env_array[n] = NULL; - -#if 0 - for (m = 0; m < n; m++) - lwsl_err(" %s\n", env_array[m]); -#endif - - /* - * Actually having made the env, as a cgi we don't need the ah - * any more - */ - if (script_uri_path_len >= 0 && - lws_header_table_is_in_detachable_state(wsi)) - lws_header_table_detach(wsi, 0); - - /* we are ready with the redirection pipes... run the thing */ -#if !defined(LWS_HAVE_VFORK) || !defined(LWS_HAVE_EXECVPE) - cgi->pid = fork(); -#else - cgi->pid = vfork(); -#endif - if (cgi->pid < 0) { - lwsl_err("fork failed, errno %d", errno); - goto bail3; - } - -#if defined(__linux__) - prctl(PR_SET_PDEATHSIG, SIGTERM); -#endif - if (script_uri_path_len >= 0) - /* stops non-daemonized main processess getting SIGINT - * from TTY */ - setpgrp(); - - if (cgi->pid) { - /* we are the parent process */ - wsi->context->count_cgi_spawned++; - lwsl_debug("%s: cgi %p spawned PID %d\n", __func__, - cgi, cgi->pid); - - for (n = 0; n < 3; n++) - close(cgi->pipe_fds[n][!(n == 0)]); - - /* inform cgi owner of the child PID */ - n = user_callback_handle_rxflow(wsi->protocol->callback, wsi, - LWS_CALLBACK_CGI_PROCESS_ATTACH, - wsi->user_space, NULL, cgi->pid); - (void)n; - - return 0; - } - - /* somewhere we can at least read things and enter it */ - if (chdir("/tmp")) - lwsl_notice("%s: Failed to chdir\n", __func__); - - /* We are the forked process, redirect and kill inherited things. - * - * Because of vfork(), we cannot do anything that changes pages in - * the parent environment. Stuff that changes kernel state for the - * process is OK. Stuff that happens after the execvpe() is OK. - */ - - for (n = 0; n < 3; n++) { - if (dup2(cgi->pipe_fds[n][!(n == 0)], n) < 0) { - lwsl_err("%s: stdin dup2 failed\n", __func__); - goto bail3; - } - close(cgi->pipe_fds[n][!(n == 0)]); - } - -#if !defined(LWS_HAVE_VFORK) || !defined(LWS_HAVE_EXECVPE) - for (m = 0; m < n; m++) { - p = strchr(env_array[m], '='); - *p++ = '\0'; - setenv(env_array[m], p, 1); - } - execvp(exec_array[0], (char * const *)&exec_array[0]); -#else - execvpe(exec_array[0], (char * const *)&exec_array[0], &env_array[0]); -#endif - - exit(1); - -bail3: - /* drop us from the pt cgi list */ - pt->cgi_list = cgi->cgi_list; - - while (--n >= 0) - __remove_wsi_socket_from_fds(wsi->cgi->stdwsi[n]); -bail2: - for (n = 0; n < 3; n++) - if (wsi->cgi->stdwsi[n]) - __lws_free_wsi(cgi->stdwsi[n]); - -bail1: - for (n = 0; n < 3; n++) { - if (cgi->pipe_fds[n][0]) - close(cgi->pipe_fds[n][0]); - if (cgi->pipe_fds[n][1]) - close(cgi->pipe_fds[n][1]); - } - - lws_free_set_NULL(wsi->cgi); - - lwsl_err("%s: failed\n", __func__); - - return -1; -} - -/* we have to parse out these headers in the CGI output */ - -static const char * const significant_hdr[SIGNIFICANT_HDR_COUNT] = { - "content-length: ", - "location: ", - "status: ", - "transfer-encoding: chunked", -}; - -enum header_recode { - HR_NAME, - HR_WHITESPACE, - HR_ARG, - HR_CRLF, -}; - -LWS_VISIBLE LWS_EXTERN int -lws_cgi_write_split_stdout_headers(struct lws *wsi) -{ - int n, m, cmd; - unsigned char buf[LWS_PRE + 1024], *start = &buf[LWS_PRE], *p = start, - *end = &buf[sizeof(buf) - 1 - LWS_PRE], *name, - *value = NULL; - char c, hrs; - - if (!wsi->cgi) - return -1; - - while (wsi->hdr_state != LHCS_PAYLOAD) { - /* - * We have to separate header / finalize and payload chunks, - * since they need to be handled separately - */ - switch (wsi->hdr_state) { - case LHCS_RESPONSE: - lwsl_debug("LHCS_RESPONSE: issuing response %d\n", - wsi->cgi->response_code); - if (lws_add_http_header_status(wsi, - wsi->cgi->response_code, - &p, end)) - return 1; - if (!wsi->cgi->explicitly_chunked && - !wsi->cgi->content_length && - lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_TRANSFER_ENCODING, - (unsigned char *)"chunked", 7, &p, end)) - return 1; - if (!(wsi->http2_substream)) - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_CONNECTION, - (unsigned char *)"close", 5, - &p, end)) - return 1; - n = lws_write(wsi, start, p - start, - LWS_WRITE_HTTP_HEADERS | LWS_WRITE_NO_FIN); - - /* - * so we have a bunch of http/1 style ascii headers - * starting from wsi->cgi->headers_buf through - * wsi->cgi->headers_pos. These are OK for http/1 - * connections, but they're no good for http/2 conns. - * - * Let's redo them at headers_pos forward using the - * correct coding for http/1 or http/2 - */ - if (!wsi->http2_substream) - goto post_hpack_recode; - - p = wsi->cgi->headers_start; - wsi->cgi->headers_start = wsi->cgi->headers_pos; - wsi->cgi->headers_dumped = wsi->cgi->headers_start; - hrs = HR_NAME; - name = buf; - - while (p < wsi->cgi->headers_start) { - switch (hrs) { - case HR_NAME: - /* - * in http/2 upper-case header names - * are illegal. So convert to lower- - * case. - */ - if (name - buf > 64) - return -1; - if (*p != ':') { - if (*p >= 'A' && *p <= 'Z') - *name++ = (*p++) + - ('a' - 'A'); - else - *name++ = *p++; - } else { - p++; - *name++ = '\0'; - value = name; - hrs = HR_WHITESPACE; - } - break; - case HR_WHITESPACE: - if (*p == ' ') { - p++; - break; - } - hrs = HR_ARG; - /* fallthru */ - case HR_ARG: - if (name > end - 64) - return -1; - - if (*p != '\x0a' && *p != '\x0d') { - *name++ = *p++; - break; - } - hrs = HR_CRLF; - /* fallthru */ - case HR_CRLF: - if ((*p != '\x0a' && *p != '\x0d') || - p + 1 == wsi->cgi->headers_start) { - *name = '\0'; - if ((strcmp((const char *)buf, - "transfer-encoding") - )) { - lwsl_debug("+ %s: %s\n", - buf, value); - if ( - lws_add_http_header_by_name(wsi, buf, - (unsigned char *)value, name - value, - (unsigned char **)&wsi->cgi->headers_pos, - (unsigned char *)wsi->cgi->headers_end)) - return 1; - hrs = HR_NAME; - name = buf; - break; - } - } - p++; - break; - } - } -post_hpack_recode: - /* finalize cached headers before dumping them */ - if (lws_finalize_http_header(wsi, - (unsigned char **)&wsi->cgi->headers_pos, - (unsigned char *)wsi->cgi->headers_end)) { - - lwsl_notice("finalize failed\n"); - return -1; - } - - wsi->hdr_state = LHCS_DUMP_HEADERS; - wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI_HEADERS; - lws_callback_on_writable(wsi); - /* back to the loop for writeability again */ - return 0; - - case LHCS_DUMP_HEADERS: - - n = wsi->cgi->headers_pos - wsi->cgi->headers_dumped; - if (n > 512) - n = 512; - - lwsl_debug("LHCS_DUMP_HEADERS: %d\n", n); - - cmd = LWS_WRITE_HTTP_HEADERS_CONTINUATION; - if (wsi->cgi->headers_dumped + n != - wsi->cgi->headers_pos) { - lwsl_notice("adding no fin flag\n"); - cmd |= LWS_WRITE_NO_FIN; - } - - m = lws_write(wsi, - (unsigned char *)wsi->cgi->headers_dumped, - n, cmd); - if (m < 0) { - lwsl_debug("%s: write says %d\n", __func__, m); - return -1; - } - wsi->cgi->headers_dumped += n; - if (wsi->cgi->headers_dumped == wsi->cgi->headers_pos) { - wsi->hdr_state = LHCS_PAYLOAD; - lws_free_set_NULL(wsi->cgi->headers_buf); - lwsl_debug("freed cgi headers\n"); - } else { - wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI_HEADERS; - lws_callback_on_writable(wsi); - } - - /* writeability becomes uncertain now we wrote - * something, we must return to the event loop - */ - return 0; - } - - if (!wsi->cgi->headers_buf) { - /* if we don't already have a headers buf, cook one up */ - n = 2048; - if (wsi->http2_substream) - n = 4096; - wsi->cgi->headers_buf = lws_malloc(n + LWS_PRE, - "cgi hdr buf"); - if (!wsi->cgi->headers_buf) { - lwsl_err("OOM\n"); - return -1; - } - - lwsl_debug("allocated cgi hdrs\n"); - wsi->cgi->headers_start = wsi->cgi->headers_buf + LWS_PRE; - wsi->cgi->headers_pos = wsi->cgi->headers_start; - wsi->cgi->headers_dumped = wsi->cgi->headers_pos; - wsi->cgi->headers_end = wsi->cgi->headers_buf + n - 1; - - for (n = 0; n < SIGNIFICANT_HDR_COUNT; n++) { - wsi->cgi->match[n] = 0; - wsi->cgi->lp = 0; - } - } - - n = lws_get_socket_fd(wsi->cgi->stdwsi[LWS_STDOUT]); - if (n < 0) - return -1; - n = read(n, &c, 1); - if (n < 0) { - if (errno != EAGAIN) { - lwsl_debug("%s: read says %d\n", __func__, n); - return -1; - } - else - n = 0; - - if (wsi->cgi->headers_pos >= wsi->cgi->headers_end - 4) { - lwsl_notice("CGI hdrs > buf size\n"); - - return -1; - } - } - if (!n) - goto agin; - - lwsl_debug("-- 0x%02X %c %d %d\n", (unsigned char)c, c, - wsi->cgi->match[1], wsi->hdr_state); - if (!c) - return -1; - switch (wsi->hdr_state) { - case LCHS_HEADER: - hdr: - for (n = 0; n < SIGNIFICANT_HDR_COUNT; n++) { - /* - * significant headers with - * numeric decimal payloads - */ - if (!significant_hdr[n][wsi->cgi->match[n]] && - (c >= '0' && c <= '9') && - wsi->cgi->lp < (int)sizeof(wsi->cgi->l) - 1) { - wsi->cgi->l[wsi->cgi->lp++] = c; - wsi->cgi->l[wsi->cgi->lp] = '\0'; - switch (n) { - case SIGNIFICANT_HDR_CONTENT_LENGTH: - wsi->cgi->content_length = - atoll(wsi->cgi->l); - break; - case SIGNIFICANT_HDR_STATUS: - wsi->cgi->response_code = - atol(wsi->cgi->l); - lwsl_debug("Status set to %d\n", - wsi->cgi->response_code); - break; - default: - break; - } - } - /* hits up to the NUL are sticky until next hdr */ - if (significant_hdr[n][wsi->cgi->match[n]]) { - if (tolower(c) == - significant_hdr[n][wsi->cgi->match[n]]) - wsi->cgi->match[n]++; - else - wsi->cgi->match[n] = 0; - } - } - - /* some cgi only send us \x0a for EOL */ - if (c == '\x0a') { - wsi->hdr_state = LCHS_SINGLE_0A; - *wsi->cgi->headers_pos++ = '\x0d'; - } - *wsi->cgi->headers_pos++ = c; - if (c == '\x0d') - wsi->hdr_state = LCHS_LF1; - - if (wsi->hdr_state != LCHS_HEADER && - !significant_hdr[SIGNIFICANT_HDR_TRANSFER_ENCODING] - [wsi->cgi->match[ - SIGNIFICANT_HDR_TRANSFER_ENCODING]]) { - lwsl_debug("cgi produced chunked\n"); - wsi->cgi->explicitly_chunked = 1; - } - - /* presence of Location: mandates 302 retcode */ - if (wsi->hdr_state != LCHS_HEADER && - !significant_hdr[SIGNIFICANT_HDR_LOCATION][ - wsi->cgi->match[SIGNIFICANT_HDR_LOCATION]]) { - lwsl_debug("CGI: Location hdr seen\n"); - wsi->cgi->response_code = 302; - } - - break; - case LCHS_LF1: - *wsi->cgi->headers_pos++ = c; - if (c == '\x0a') { - wsi->hdr_state = LCHS_CR2; - break; - } - /* we got \r[^\n]... it's unreasonable */ - lwsl_debug("%s: funny CRLF 0x%02X\n", __func__, - (unsigned char)c); - return -1; - - case LCHS_CR2: - if (c == '\x0d') { - /* drop the \x0d */ - wsi->hdr_state = LCHS_LF2; - break; - } - wsi->hdr_state = LCHS_HEADER; - for (n = 0; n < SIGNIFICANT_HDR_COUNT; n++) - wsi->cgi->match[n] = 0; - wsi->cgi->lp = 0; - goto hdr; - - case LCHS_LF2: - case LCHS_SINGLE_0A: - m = wsi->hdr_state; - if (c == '\x0a') { - lwsl_debug("Content-Length: %lld\n", - (unsigned long long) - wsi->cgi->content_length); - wsi->hdr_state = LHCS_RESPONSE; - /* - * drop the \0xa ... finalize - * will add it if needed (HTTP/1) - */ - break; - } - if (m == LCHS_LF2) - /* we got \r\n\r[^\n]... unreasonable */ - return -1; - /* we got \x0anext header, it's reasonable */ - *wsi->cgi->headers_pos++ = c; - wsi->hdr_state = LCHS_HEADER; - for (n = 0; n < SIGNIFICANT_HDR_COUNT; n++) - wsi->cgi->match[n] = 0; - wsi->cgi->lp = 0; - break; - case LHCS_PAYLOAD: - break; - } - -agin: - /* ran out of input, ended the hdrs, or filled up the hdrs buf */ - if (!n || wsi->hdr_state == LHCS_PAYLOAD) - return 0; - } - - /* payload processing */ - - m = !wsi->cgi->explicitly_chunked && !wsi->cgi->content_length; - n = lws_get_socket_fd(wsi->cgi->stdwsi[LWS_STDOUT]); - if (n < 0) - return -1; - n = read(n, start, sizeof(buf) - LWS_PRE - - (m ? LWS_HTTP_CHUNK_HDR_SIZE : 0)); - - if (n < 0 && errno != EAGAIN) { - lwsl_debug("%s: stdout read says %d\n", __func__, n); - return -1; - } - if (n > 0) { - if (!wsi->http2_substream && m) { - char chdr[LWS_HTTP_CHUNK_HDR_SIZE]; - m = lws_snprintf(chdr, LWS_HTTP_CHUNK_HDR_SIZE - 3, - "%X\x0d\x0a", n); - memmove(start + m, start, n); - memcpy(start, chdr, m); - memcpy(start + m + n, "\x0d\x0a", 2); - n += m + 2; - } - cmd = LWS_WRITE_HTTP; - if (wsi->cgi->content_length_seen + n == wsi->cgi->content_length) - cmd = LWS_WRITE_HTTP_FINAL; - m = lws_write(wsi, (unsigned char *)start, n, cmd); - //lwsl_notice("write %d\n", m); - if (m < 0) { - lwsl_debug("%s: stdout write says %d\n", __func__, m); - return -1; - } - wsi->cgi->content_length_seen += n; - } else { - if (wsi->cgi_stdout_zero_length) { - lwsl_debug("%s: stdout is POLLHUP'd\n", __func__); - if (wsi->http2_substream) - m = lws_write(wsi, (unsigned char *)start, 0, - LWS_WRITE_HTTP_FINAL); - return 1; - } - wsi->cgi_stdout_zero_length = 1; - } - return 0; -} - -LWS_VISIBLE LWS_EXTERN int -lws_cgi_kill(struct lws *wsi) -{ - struct lws_cgi_args args; - int status, n; - - lwsl_debug("%s: %p\n", __func__, wsi); - - if (!wsi->cgi) - return 0; - - if (wsi->cgi->pid > 0) { - n = waitpid(wsi->cgi->pid, &status, WNOHANG); - if (n > 0) { - lwsl_debug("%s: PID %d reaped\n", __func__, - wsi->cgi->pid); - goto handled; - } - /* kill the process group */ - n = kill(-wsi->cgi->pid, SIGTERM); - lwsl_debug("%s: SIGTERM child PID %d says %d (errno %d)\n", - __func__, wsi->cgi->pid, n, errno); - if (n < 0) { - /* - * hum seen errno=3 when process is listed in ps, - * it seems we don't always retain process grouping - * - * Direct these fallback attempt to the exact child - */ - n = kill(wsi->cgi->pid, SIGTERM); - if (n < 0) { - n = kill(wsi->cgi->pid, SIGPIPE); - if (n < 0) { - n = kill(wsi->cgi->pid, SIGKILL); - if (n < 0) - lwsl_err("%s: SIGKILL PID %d " - "failed errno %d " - "(maybe zombie)\n", - __func__, - wsi->cgi->pid, errno); - } - } - } - /* He could be unkillable because he's a zombie */ - n = 1; - while (n > 0) { - n = waitpid(-wsi->cgi->pid, &status, WNOHANG); - if (n > 0) - lwsl_debug("%s: reaped PID %d\n", __func__, n); - if (n <= 0) { - n = waitpid(wsi->cgi->pid, &status, WNOHANG); - if (n > 0) - lwsl_debug("%s: reaped PID %d\n", - __func__, n); - } - } - } - -handled: - args.stdwsi = &wsi->cgi->stdwsi[0]; - - if (wsi->cgi->pid != -1) { - n = user_callback_handle_rxflow(wsi->protocol->callback, wsi, - LWS_CALLBACK_CGI_TERMINATED, - wsi->user_space, - (void *)&args, wsi->cgi->pid); - wsi->cgi->pid = -1; - if (n && !wsi->cgi->being_closed) - lws_close_free_wsi(wsi, 0, "lws_cgi_kill"); - } - - return 0; -} - -LWS_EXTERN int -lws_cgi_kill_terminated(struct lws_context_per_thread *pt) -{ - struct lws_cgi **pcgi, *cgi = NULL; - int status, n = 1; - - while (n > 0) { - /* find finished guys but don't reap yet */ - n = waitpid(-1, &status, WNOHANG); - if (n <= 0) - continue; - lwsl_debug("%s: observed PID %d terminated\n", __func__, n); - - pcgi = &pt->cgi_list; - - /* check all the subprocesses on the cgi list */ - while (*pcgi) { - /* get the next one first as list may change */ - cgi = *pcgi; - pcgi = &(*pcgi)->cgi_list; - - if (cgi->pid <= 0) - continue; - - /* finish sending cached headers */ - if (cgi->headers_buf) - continue; - - /* wait for stdout to be drained */ - if (cgi->content_length > cgi->content_length_seen) - continue; - - if (cgi->content_length) { - lwsl_debug("%s: wsi %p: expected content length seen: %lld\n", - __func__, cgi->wsi, - (unsigned long long)cgi->content_length_seen); - } - - /* reap it */ - waitpid(n, &status, WNOHANG); - /* - * he's already terminated so no need for kill() - * but we should do the terminated cgi callback - * and close him if he's not already closing - */ - if (n == cgi->pid) { - lwsl_debug("%s: found PID %d on cgi list\n", - __func__, n); - - if (!cgi->content_length) { - /* - * well, if he sends chunked... - * give him 2s after the - * cgi terminated to send buffered - */ - cgi->chunked_grace++; - continue; - } - - /* defeat kill() */ - cgi->pid = 0; - lws_cgi_kill(cgi->wsi); - - break; - } - cgi = NULL; - } - /* if not found on the cgi list, as he's one of ours, reap */ - if (!cgi) { - lwsl_debug("%s: reading PID %d although no cgi match\n", - __func__, n); - waitpid(n, &status, WNOHANG); - } - } - - pcgi = &pt->cgi_list; - - /* check all the subprocesses on the cgi list */ - while (*pcgi) { - /* get the next one first as list may change */ - cgi = *pcgi; - pcgi = &(*pcgi)->cgi_list; - - if (cgi->pid <= 0) - continue; - - /* we deferred killing him after reaping his PID */ - if (cgi->chunked_grace) { - cgi->chunked_grace++; - if (cgi->chunked_grace < 2) - continue; - goto finish_him; - } - - /* finish sending cached headers */ - if (cgi->headers_buf) - continue; - - /* wait for stdout to be drained */ - if (cgi->content_length > cgi->content_length_seen) - continue; - - if (cgi->content_length) - lwsl_debug("%s: wsi %p: expected content length seen: %lld\n", - __func__, cgi->wsi, - (unsigned long long)cgi->content_length_seen); - - /* reap it */ - if (waitpid(cgi->pid, &status, WNOHANG) > 0) { - - if (!cgi->content_length) { - /* - * well, if he sends chunked... - * give him 2s after the - * cgi terminated to send buffered - */ - cgi->chunked_grace++; - continue; - } -finish_him: - lwsl_debug("%s: found PID %d on cgi list\n", - __func__, cgi->pid); - - /* defeat kill() */ - cgi->pid = 0; - lws_cgi_kill(cgi->wsi); - - break; - } - } - - return 0; -} - -LWS_VISIBLE LWS_EXTERN struct lws * -lws_cgi_get_stdwsi(struct lws *wsi, enum lws_enum_stdinouterr ch) -{ - if (!wsi->cgi) - return NULL; - - return wsi->cgi->stdwsi[ch]; -} - -void -lws_cgi_remove_and_kill(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - struct lws_cgi **pcgi = &pt->cgi_list; - - /* remove us from the cgi list */ - lwsl_debug("%s: remove cgi %p from list\n", __func__, wsi->cgi); - while (*pcgi) { - if (*pcgi == wsi->cgi) { - /* drop us from the pt cgi list */ - *pcgi = (*pcgi)->cgi_list; - break; - } - pcgi = &(*pcgi)->cgi_list; - } - if (wsi->cgi->headers_buf) { - lwsl_debug("close: freed cgi headers\n"); - lws_free_set_NULL(wsi->cgi->headers_buf); - } - /* we have a cgi going, we must kill it */ - wsi->cgi->being_closed = 1; - lws_cgi_kill(wsi); -} diff --git a/lib/server/daemonize.c b/lib/server/daemonize.c deleted file mode 100644 index eb92821..0000000 --- a/lib/server/daemonize.c +++ /dev/null @@ -1,225 +0,0 @@ -/* - * This code is mainly taken from Doug Potter's page - * - * http://www-theorie.physik.unizh.ch/~dpotter/howto/daemonize - * - * I contacted him 2007-04-16 about the license for the original code, - * he replied it is Public Domain. Use the URL above to get the original - * Public Domain version if you want it. - * - * This version is LGPL2.1+SLE like the rest of libwebsockets and is - * Copyright (c)2006 - 2013 Andy Green - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "private-libwebsockets.h" - -int pid_daemon; -static char *lock_path; - -int get_daemonize_pid() -{ - return pid_daemon; -} - -static void -child_handler(int signum) -{ - int fd, len, sent; - char sz[20]; - - switch (signum) { - - case SIGALRM: /* timed out daemonizing */ - exit(0); - break; - - case SIGUSR1: /* positive confirmation we daemonized well */ - - if (lock_path) { - /* Create the lock file as the current user */ - - fd = open(lock_path, O_TRUNC | O_RDWR | O_CREAT, 0640); - if (fd < 0) { - fprintf(stderr, - "unable to create lock file %s, code=%d (%s)\n", - lock_path, errno, strerror(errno)); - exit(0); - } - len = sprintf(sz, "%u", pid_daemon); - sent = write(fd, sz, len); - if (sent != len) - fprintf(stderr, - "unable to write pid to lock file %s, code=%d (%s)\n", - lock_path, errno, strerror(errno)); - - close(fd); - } - exit(0); - //!!(sent == len)); - - case SIGCHLD: /* daemonization failed */ - exit(0); - break; - } -} - -static void lws_daemon_closing(int sigact) -{ - if (getpid() == pid_daemon) - if (lock_path) { - unlink(lock_path); - lws_free_set_NULL(lock_path); - } - - kill(getpid(), SIGKILL); -} - -/* - * You just need to call this from your main(), when it - * returns you are all set "in the background" decoupled - * from the console you were started from. - * - * The process context you called from has been terminated then. - */ - -LWS_VISIBLE int -lws_daemonize(const char *_lock_path) -{ - struct sigaction act; - pid_t sid, parent; - int n, fd, ret; - char buf[10]; - - /* already a daemon */ -// if (getppid() == 1) -// return 1; - - if (_lock_path) { - fd = open(_lock_path, O_RDONLY); - if (fd >= 0) { - n = read(fd, buf, sizeof(buf)); - close(fd); - if (n) { - n = atoi(buf); - ret = kill(n, 0); - if (ret >= 0) { - fprintf(stderr, - "Daemon already running from pid %d\n", n); - exit(1); - } - fprintf(stderr, - "Removing stale lock file %s from dead pid %d\n", - _lock_path, n); - unlink(lock_path); - } - } - - n = strlen(_lock_path) + 1; - lock_path = lws_malloc(n, "daemonize lock"); - if (!lock_path) { - fprintf(stderr, "Out of mem in lws_daemonize\n"); - return 1; - } - strcpy(lock_path, _lock_path); - } - - /* Trap signals that we expect to receive */ - signal(SIGCHLD, child_handler); /* died */ - signal(SIGUSR1, child_handler); /* was happy */ - signal(SIGALRM, child_handler); /* timeout daemonizing */ - - /* Fork off the parent process */ - pid_daemon = fork(); - if (pid_daemon < 0) { - fprintf(stderr, "unable to fork daemon, code=%d (%s)", - errno, strerror(errno)); - exit(9); - } - - /* If we got a good PID, then we can exit the parent process. */ - if (pid_daemon > 0) { - - /* - * Wait for confirmation signal from the child via - * SIGCHILD / USR1, or for two seconds to elapse - * (SIGALRM). pause() should not return. - */ - alarm(2); - - pause(); - /* should not be reachable */ - exit(1); - } - - /* At this point we are executing as the child process */ - parent = getppid(); - pid_daemon = getpid(); - - /* Cancel certain signals */ - signal(SIGCHLD, SIG_DFL); /* A child process dies */ - signal(SIGTSTP, SIG_IGN); /* Various TTY signals */ - signal(SIGTTOU, SIG_IGN); - signal(SIGTTIN, SIG_IGN); - signal(SIGHUP, SIG_IGN); /* Ignore hangup signal */ - - /* Change the file mode mask */ - umask(0); - - /* Create a new SID for the child process */ - sid = setsid(); - if (sid < 0) { - fprintf(stderr, - "unable to create a new session, code %d (%s)", - errno, strerror(errno)); - exit(2); - } - - /* - * Change the current working directory. This prevents the current - * directory from being locked; hence not being able to remove it. - */ - if (chdir("/tmp") < 0) { - fprintf(stderr, - "unable to change directory to %s, code %d (%s)", - "/", errno, strerror(errno)); - exit(3); - } - - /* Redirect standard files to /dev/null */ - if (!freopen("/dev/null", "r", stdin)) - fprintf(stderr, "unable to freopen() stdin, code %d (%s)", - errno, strerror(errno)); - - if (!freopen("/dev/null", "w", stdout)) - fprintf(stderr, "unable to freopen() stdout, code %d (%s)", - errno, strerror(errno)); - - if (!freopen("/dev/null", "w", stderr)) - fprintf(stderr, "unable to freopen() stderr, code %d (%s)", - errno, strerror(errno)); - - /* Tell the parent process that we are A-okay */ - kill(parent, SIGUSR1); - - act.sa_handler = lws_daemon_closing; - sigemptyset(&act.sa_mask); - act.sa_flags = 0; - - sigaction(SIGTERM, &act, NULL); - - /* return to continue what is now "the daemon" */ - - return 0; -} - diff --git a/lib/server/fops-zip.c b/lib/server/fops-zip.c deleted file mode 100644 index f8ede1f..0000000 --- a/lib/server/fops-zip.c +++ /dev/null @@ -1,668 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Original code used in this source file: - * - * https://github.com/PerBothner/DomTerm.git @912add15f3d0aec - * - * ./lws-term/io.c - * ./lws-term/junzip.c - * - * Copyright (C) 2017 Per Bothner - * - * MIT License - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * ( copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - * SOFTWARE. - * - * - * lws rewrite: - * - * Copyright (C) 2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -#include - -/* - * This code works with zip format containers which may have files compressed - * with gzip deflate (type 8) or store uncompressed (type 0). - * - * Linux zip produces such zipfiles by default, eg - * - * $ zip ../myzip.zip file1 file2 file3 - */ - -#define ZIP_COMPRESSION_METHOD_STORE 0 -#define ZIP_COMPRESSION_METHOD_DEFLATE 8 - -typedef struct { - lws_filepos_t filename_start; - uint32_t crc32; - uint32_t comp_size; - uint32_t uncomp_size; - uint32_t offset; - uint32_t mod_time; - uint16_t filename_len; - uint16_t extra; - uint16_t method; - uint16_t file_com_len; -} lws_fops_zip_hdr_t; - -typedef struct { - struct lws_fop_fd fop_fd; /* MUST BE FIRST logical fop_fd into - * file inside zip: fops_zip fops */ - lws_fop_fd_t zip_fop_fd; /* logical fop fd on to zip file - * itself: using platform fops */ - lws_fops_zip_hdr_t hdr; - z_stream inflate; - lws_filepos_t content_start; - lws_filepos_t exp_uncomp_pos; - union { - uint8_t trailer8[8]; - uint32_t trailer32[2]; - } u; - uint8_t rbuf[128]; /* decompression chunk size */ - int entry_count; - - unsigned int decompress:1; /* 0 = direct from file */ - unsigned int add_gzip_container:1; -} *lws_fops_zip_t; - -struct lws_plat_file_ops fops_zip; -#define fop_fd_to_priv(FD) ((lws_fops_zip_t)(FD)) - -static const uint8_t hd[] = { 31, 139, 8, 0, 0, 0, 0, 0, 0, 3 }; - -enum { - ZC_SIGNATURE = 0, - ZC_VERSION_MADE_BY = 4, - ZC_VERSION_NEEDED_TO_EXTRACT = 6, - ZC_GENERAL_PURPOSE_BIT_FLAG = 8, - ZC_COMPRESSION_METHOD = 10, - ZC_LAST_MOD_FILE_TIME = 12, - ZC_LAST_MOD_FILE_DATE = 14, - ZC_CRC32 = 16, - ZC_COMPRESSED_SIZE = 20, - ZC_UNCOMPRESSED_SIZE = 24, - ZC_FILE_NAME_LENGTH = 28, - ZC_EXTRA_FIELD_LENGTH = 30, - - ZC_FILE_COMMENT_LENGTH = 32, - ZC_DISK_NUMBER_START = 34, - ZC_INTERNAL_FILE_ATTRIBUTES = 36, - ZC_EXTERNAL_FILE_ATTRIBUTES = 38, - ZC_REL_OFFSET_LOCAL_HEADER = 42, - ZC_DIRECTORY_LENGTH = 46, - - ZE_SIGNATURE_OFFSET = 0, - ZE_DESK_NUMBER = 4, - ZE_CENTRAL_DIRECTORY_DISK_NUMBER = 6, - ZE_NUM_ENTRIES_THIS_DISK = 8, - ZE_NUM_ENTRIES = 10, - ZE_CENTRAL_DIRECTORY_SIZE = 12, - ZE_CENTRAL_DIR_OFFSET = 16, - ZE_ZIP_COMMENT_LENGTH = 20, - ZE_DIRECTORY_LENGTH = 22, - - ZL_REL_OFFSET_CONTENT = 28, - ZL_HEADER_LENGTH = 30, - - LWS_FZ_ERR_SEEK_END_RECORD = 1, - LWS_FZ_ERR_READ_END_RECORD, - LWS_FZ_ERR_END_RECORD_MAGIC, - LWS_FZ_ERR_END_RECORD_SANITY, - LWS_FZ_ERR_CENTRAL_SEEK, - LWS_FZ_ERR_CENTRAL_READ, - LWS_FZ_ERR_CENTRAL_SANITY, - LWS_FZ_ERR_NAME_TOO_LONG, - LWS_FZ_ERR_NAME_SEEK, - LWS_FZ_ERR_NAME_READ, - LWS_FZ_ERR_CONTENT_SANITY, - LWS_FZ_ERR_CONTENT_SEEK, - LWS_FZ_ERR_SCAN_SEEK, - LWS_FZ_ERR_NOT_FOUND, - LWS_FZ_ERR_ZLIB_INIT, - LWS_FZ_ERR_READ_CONTENT, - LWS_FZ_ERR_SEEK_COMPRESSED, -}; - -static uint16_t -get_u16(void *p) -{ - const uint8_t *c = (const uint8_t *)p; - - return (uint16_t)((c[0] | (c[1] << 8))); -} - -static uint32_t -get_u32(void *p) -{ - const uint8_t *c = (const uint8_t *)p; - - return (uint32_t)((c[0] | (c[1] << 8) | (c[2] << 16) | (c[3] << 24))); -} - -int -lws_fops_zip_scan(lws_fops_zip_t priv, const char *name, int len) -{ - lws_filepos_t amount; - uint8_t buf[96]; - int i; - - if (lws_vfs_file_seek_end(priv->zip_fop_fd, -ZE_DIRECTORY_LENGTH) < 0) - return LWS_FZ_ERR_SEEK_END_RECORD; - - if (lws_vfs_file_read(priv->zip_fop_fd, &amount, buf, - ZE_DIRECTORY_LENGTH)) - return LWS_FZ_ERR_READ_END_RECORD; - - if (amount != ZE_DIRECTORY_LENGTH) - return LWS_FZ_ERR_READ_END_RECORD; - - /* - * We require the zip to have the last record right at the end - * Linux zip always does this if no zip comment. - */ - if (buf[0] != 'P' || buf[1] != 'K' || buf[2] != 5 || buf[3] != 6) - return LWS_FZ_ERR_END_RECORD_MAGIC; - - i = get_u16(buf + ZE_NUM_ENTRIES); - - if (get_u16(buf + ZE_DESK_NUMBER) || - get_u16(buf + ZE_CENTRAL_DIRECTORY_DISK_NUMBER) || - i != get_u16(buf + ZE_NUM_ENTRIES_THIS_DISK)) - return LWS_FZ_ERR_END_RECORD_SANITY; - - /* end record is OK... look for our file in the central dir */ - - if (lws_vfs_file_seek_set(priv->zip_fop_fd, - get_u32(buf + ZE_CENTRAL_DIR_OFFSET)) < 0) - return LWS_FZ_ERR_CENTRAL_SEEK; - - while (i--) { - priv->content_start = lws_vfs_tell(priv->zip_fop_fd); - - if (lws_vfs_file_read(priv->zip_fop_fd, &amount, buf, - ZC_DIRECTORY_LENGTH)) - return LWS_FZ_ERR_CENTRAL_READ; - - if (amount != ZC_DIRECTORY_LENGTH) - return LWS_FZ_ERR_CENTRAL_READ; - - if (get_u32(buf + ZC_SIGNATURE) != 0x02014B50) - return LWS_FZ_ERR_CENTRAL_SANITY; - - lwsl_debug("cstart 0x%lx\n", (unsigned long)priv->content_start); - - priv->hdr.filename_len = get_u16(buf + ZC_FILE_NAME_LENGTH); - priv->hdr.extra = get_u16(buf + ZC_EXTRA_FIELD_LENGTH); - priv->hdr.filename_start = lws_vfs_tell(priv->zip_fop_fd); - - priv->hdr.method = get_u16(buf + ZC_COMPRESSION_METHOD); - priv->hdr.crc32 = get_u32(buf + ZC_CRC32); - priv->hdr.comp_size = get_u32(buf + ZC_COMPRESSED_SIZE); - priv->hdr.uncomp_size = get_u32(buf + ZC_UNCOMPRESSED_SIZE); - priv->hdr.offset = get_u32(buf + ZC_REL_OFFSET_LOCAL_HEADER); - priv->hdr.mod_time = get_u32(buf + ZC_LAST_MOD_FILE_TIME); - priv->hdr.file_com_len = get_u16(buf + ZC_FILE_COMMENT_LENGTH); - - if (priv->hdr.filename_len != len) - goto next; - - if (len >= (int)sizeof(buf) - 1) - return LWS_FZ_ERR_NAME_TOO_LONG; - - if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd, - &amount, buf, len)) - return LWS_FZ_ERR_NAME_READ; - if ((int)amount != len) - return LWS_FZ_ERR_NAME_READ; - - buf[len] = '\0'; - lwsl_debug("check %s vs %s\n", buf, name); - - if (strcmp((const char *)buf, name)) - goto next; - - /* we found a match */ - if (lws_vfs_file_seek_set(priv->zip_fop_fd, priv->hdr.offset) < 0) - return LWS_FZ_ERR_NAME_SEEK; - if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd, - &amount, buf, - ZL_HEADER_LENGTH)) - return LWS_FZ_ERR_NAME_READ; - if (amount != ZL_HEADER_LENGTH) - return LWS_FZ_ERR_NAME_READ; - - priv->content_start = priv->hdr.offset + - ZL_HEADER_LENGTH + - priv->hdr.filename_len + - get_u16(buf + ZL_REL_OFFSET_CONTENT); - - lwsl_debug("content supposed to start at 0x%lx\n", - (unsigned long)priv->content_start); - - if (priv->content_start > priv->zip_fop_fd->len) - return LWS_FZ_ERR_CONTENT_SANITY; - - if (lws_vfs_file_seek_set(priv->zip_fop_fd, - priv->content_start) < 0) - return LWS_FZ_ERR_CONTENT_SEEK; - - /* we are aligned at the start of the content */ - - priv->exp_uncomp_pos = 0; - - return 0; - -next: - if (i && lws_vfs_file_seek_set(priv->zip_fop_fd, - priv->content_start + - ZC_DIRECTORY_LENGTH + - priv->hdr.filename_len + - priv->hdr.extra + - priv->hdr.file_com_len) < 0) - return LWS_FZ_ERR_SCAN_SEEK; - } - - return LWS_FZ_ERR_NOT_FOUND; -} - -static int -lws_fops_zip_reset_inflate(lws_fops_zip_t priv) -{ - if (priv->decompress) - inflateEnd(&priv->inflate); - - priv->inflate.zalloc = Z_NULL; - priv->inflate.zfree = Z_NULL; - priv->inflate.opaque = Z_NULL; - priv->inflate.avail_in = 0; - priv->inflate.next_in = Z_NULL; - - if (inflateInit2(&priv->inflate, -MAX_WBITS) != Z_OK) { - lwsl_err("inflate init failed\n"); - return LWS_FZ_ERR_ZLIB_INIT; - } - - if (lws_vfs_file_seek_set(priv->zip_fop_fd, priv->content_start) < 0) - return LWS_FZ_ERR_CONTENT_SEEK; - - priv->exp_uncomp_pos = 0; - - return 0; -} - -static lws_fop_fd_t -lws_fops_zip_open(const struct lws_plat_file_ops *fops, const char *vfs_path, - const char *vpath, lws_fop_flags_t *flags) -{ - lws_fop_flags_t local_flags = 0; - lws_fops_zip_t priv; - char rp[192]; - int m; - - /* - * vpath points at the / after the fops signature in vfs_path, eg - * with a vfs_path "/var/www/docs/manual.zip/index.html", vpath - * will come pointing at "/index.html" - */ - - priv = lws_zalloc(sizeof(*priv), "fops_zip priv"); - if (!priv) - return NULL; - - priv->fop_fd.fops = &fops_zip; - - m = sizeof(rp) - 1; - if ((vpath - vfs_path - 1) < m) - m = lws_ptr_diff(vpath, vfs_path) - 1; - lws_strncpy(rp, vfs_path, m + 1); - - /* open the zip file itself using the incoming fops, not fops_zip */ - - priv->zip_fop_fd = fops->LWS_FOP_OPEN(fops, rp, NULL, &local_flags); - if (!priv->zip_fop_fd) { - lwsl_err("unable to open zip %s\n", rp); - goto bail1; - } - - if (*vpath == '/') - vpath++; - - m = lws_fops_zip_scan(priv, vpath, (int)strlen(vpath)); - if (m) { - lwsl_err("unable to find record matching '%s' %d\n", vpath, m); - goto bail2; - } - - /* the directory metadata tells us modification time, so pass it on */ - priv->fop_fd.mod_time = priv->hdr.mod_time; - *flags |= LWS_FOP_FLAG_MOD_TIME_VALID | LWS_FOP_FLAG_VIRTUAL; - priv->fop_fd.flags = *flags; - - /* The zip fop_fd is left pointing at the start of the content. - * - * 1) Content could be uncompressed (STORE), and we can always serve - * that directly - * - * 2) Content could be compressed (GZIP), and the client can handle - * receiving GZIP... we can wrap it in a GZIP header and trailer - * and serve the content part directly. The flag indicating we - * are providing GZIP directly is set so lws will send the right - * headers. - * - * 3) Content could be compressed (GZIP) but the client can't handle - * receiving GZIP... we can decompress it and serve as it is - * inflated piecemeal. - * - * 4) Content may be compressed some unknown way... fail - * - */ - if (priv->hdr.method == ZIP_COMPRESSION_METHOD_STORE) { - /* - * it is stored uncompressed, leave it indicated as - * uncompressed, and just serve it from inside the - * zip with no gzip container; - */ - - lwsl_info("direct zip serving (stored)\n"); - - priv->fop_fd.len = priv->hdr.uncomp_size; - - return &priv->fop_fd; - } - - if ((*flags & LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP) && - priv->hdr.method == ZIP_COMPRESSION_METHOD_DEFLATE) { - - /* - * We can serve the gzipped file contents directly as gzip - * from inside the zip container; client says it is OK. - * - * To convert to standalone gzip, we have to add a 10-byte - * constant header and a variable 8-byte trailer around the - * content. - * - * The 8-byte trailer is prepared now and held in the priv. - */ - - lwsl_info("direct zip serving (gzipped)\n"); - - priv->fop_fd.len = sizeof(hd) + priv->hdr.comp_size + - sizeof(priv->u); - - if (lws_is_be()) { - uint8_t *p = priv->u.trailer8; - - *p++ = (uint8_t)priv->hdr.crc32; - *p++ = (uint8_t)(priv->hdr.crc32 >> 8); - *p++ = (uint8_t)(priv->hdr.crc32 >> 16); - *p++ = (uint8_t)(priv->hdr.crc32 >> 24); - *p++ = (uint8_t)priv->hdr.uncomp_size; - *p++ = (uint8_t)(priv->hdr.uncomp_size >> 8); - *p++ = (uint8_t)(priv->hdr.uncomp_size >> 16); - *p = (uint8_t)(priv->hdr.uncomp_size >> 24); - } else { - priv->u.trailer32[0] = priv->hdr.crc32; - priv->u.trailer32[1] = priv->hdr.uncomp_size; - } - - *flags |= LWS_FOP_FLAG_COMPR_IS_GZIP; - priv->fop_fd.flags = *flags; - priv->add_gzip_container = 1; - - return &priv->fop_fd; - } - - if (priv->hdr.method == ZIP_COMPRESSION_METHOD_DEFLATE) { - - /* we must decompress it to serve it */ - - lwsl_info("decompressed zip serving\n"); - - priv->fop_fd.len = priv->hdr.uncomp_size; - - if (lws_fops_zip_reset_inflate(priv)) { - lwsl_err("inflate init failed\n"); - goto bail2; - } - - priv->decompress = 1; - - return &priv->fop_fd; - } - - /* we can't handle it ... */ - - lwsl_err("zipped file %s compressed in unknown way (%d)\n", vfs_path, - priv->hdr.method); - -bail2: - lws_vfs_file_close(&priv->zip_fop_fd); -bail1: - free(priv); - - return NULL; -} - -/* ie, we are closing the fop_fd for the file inside the gzip */ - -static int -lws_fops_zip_close(lws_fop_fd_t *fd) -{ - lws_fops_zip_t priv = fop_fd_to_priv(*fd); - - if (priv->decompress) - inflateEnd(&priv->inflate); - - lws_vfs_file_close(&priv->zip_fop_fd); /* close the gzip fop_fd */ - - free(priv); - *fd = NULL; - - return 0; -} - -static lws_fileofs_t -lws_fops_zip_seek_cur(lws_fop_fd_t fd, lws_fileofs_t offset_from_cur_pos) -{ - fd->pos += offset_from_cur_pos; - - return fd->pos; -} - -static int -lws_fops_zip_read(lws_fop_fd_t fd, lws_filepos_t *amount, uint8_t *buf, - lws_filepos_t len) -{ - lws_fops_zip_t priv = fop_fd_to_priv(fd); - lws_filepos_t ramount, rlen, cur = lws_vfs_tell(fd); - int ret; - - if (priv->decompress) { - - if (priv->exp_uncomp_pos != fd->pos) { - /* - * there has been a seek in the uncompressed fop_fd - * we have to restart the decompression and loop eating - * the decompressed data up to the seek point - */ - lwsl_info("seek in decompressed\n"); - - lws_fops_zip_reset_inflate(priv); - - while (priv->exp_uncomp_pos != fd->pos) { - rlen = len; - if (rlen > fd->pos - priv->exp_uncomp_pos) - rlen = fd->pos - priv->exp_uncomp_pos; - if (lws_fops_zip_read(fd, amount, buf, rlen)) - return LWS_FZ_ERR_SEEK_COMPRESSED; - } - *amount = 0; - } - - priv->inflate.avail_out = (unsigned int)len; - priv->inflate.next_out = buf; - -spin: - if (!priv->inflate.avail_in) { - rlen = sizeof(priv->rbuf); - if (rlen > priv->hdr.comp_size - - (cur - priv->content_start)) - rlen = priv->hdr.comp_size - - (priv->hdr.comp_size - - priv->content_start); - - if (priv->zip_fop_fd->fops->LWS_FOP_READ( - priv->zip_fop_fd, &ramount, priv->rbuf, - rlen)) - return LWS_FZ_ERR_READ_CONTENT; - - cur += ramount; - - priv->inflate.avail_in = (unsigned int)ramount; - priv->inflate.next_in = priv->rbuf; - } - - ret = inflate(&priv->inflate, Z_NO_FLUSH); - if (ret == Z_STREAM_ERROR) - return ret; - - switch (ret) { - case Z_NEED_DICT: - ret = Z_DATA_ERROR; - /* fallthru */ - case Z_DATA_ERROR: - case Z_MEM_ERROR: - - return ret; - } - - if (!priv->inflate.avail_in && priv->inflate.avail_out && - cur != priv->content_start + priv->hdr.comp_size) - goto spin; - - *amount = len - priv->inflate.avail_out; - - priv->exp_uncomp_pos += *amount; - fd->pos += *amount; - - return 0; - } - - if (priv->add_gzip_container) { - - lwsl_info("%s: gzip + container\n", __func__); - *amount = 0; - - /* place the canned header at the start */ - - if (len && fd->pos < sizeof(hd)) { - rlen = sizeof(hd) - fd->pos; - if (rlen > len) - rlen = len; - /* provide stuff from canned header */ - memcpy(buf, hd + fd->pos, (size_t)rlen); - fd->pos += rlen; - buf += rlen; - len -= rlen; - *amount += rlen; - } - - /* serve gzipped data direct from zipfile */ - - if (len && fd->pos >= sizeof(hd) && - fd->pos < priv->hdr.comp_size + sizeof(hd)) { - - rlen = priv->hdr.comp_size - (priv->zip_fop_fd->pos - - priv->content_start); - if (rlen > len) - rlen = len; - - if (rlen && - priv->zip_fop_fd->pos < (priv->hdr.comp_size + - priv->content_start)) { - if (lws_vfs_file_read(priv->zip_fop_fd, - &ramount, buf, rlen)) - return LWS_FZ_ERR_READ_CONTENT; - *amount += ramount; - fd->pos += ramount; // virtual pos - buf += ramount; - len -= ramount; - } - } - - /* place the prepared trailer at the end */ - - if (len && fd->pos >= priv->hdr.comp_size + sizeof(hd) && - fd->pos < priv->hdr.comp_size + sizeof(hd) + - sizeof(priv->u)) { - cur = fd->pos - priv->hdr.comp_size - sizeof(hd); - rlen = sizeof(priv->u) - cur; - if (rlen > len) - rlen = len; - - memcpy(buf, priv->u.trailer8 + cur, (size_t)rlen); - - *amount += rlen; - fd->pos += rlen; - } - - return 0; - } - - lwsl_info("%s: store\n", __func__); - - if (len > priv->hdr.uncomp_size - (cur - priv->content_start)) - len = priv->hdr.comp_size - (priv->hdr.comp_size - - priv->content_start); - - if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd, - amount, buf, len)) - return LWS_FZ_ERR_READ_CONTENT; - - return 0; -} - -struct lws_plat_file_ops fops_zip = { - lws_fops_zip_open, - lws_fops_zip_close, - lws_fops_zip_seek_cur, - lws_fops_zip_read, - NULL, - { { ".zip/", 5 }, { ".jar/", 5 }, { ".war/", 5 } }, - NULL, -}; diff --git a/lib/server/lejp-conf.c b/lib/server/lejp-conf.c deleted file mode 100644 index 01ddcbe..0000000 --- a/lib/server/lejp-conf.c +++ /dev/null @@ -1,971 +0,0 @@ -/* - * libwebsockets web server application - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -#ifndef _WIN32 -/* this is needed for Travis CI */ -#include -#endif - -#define ESC_INSTALL_DATADIR "_lws_ddir_" - -static const char * const paths_global[] = { - "global.uid", - "global.gid", - "global.count-threads", - "global.init-ssl", - "global.server-string", - "global.plugin-dir", - "global.ws-pingpong-secs", - "global.timeout-secs", - "global.reject-service-keywords[].*", - "global.reject-service-keywords[]", -}; - -enum lejp_global_paths { - LEJPGP_UID, - LEJPGP_GID, - LEJPGP_COUNT_THREADS, - LWJPGP_INIT_SSL, - LEJPGP_SERVER_STRING, - LEJPGP_PLUGIN_DIR, - LWJPGP_PINGPONG_SECS, - LWJPGP_TIMEOUT_SECS, - LWJPGP_REJECT_SERVICE_KEYWORDS_NAME, - LWJPGP_REJECT_SERVICE_KEYWORDS -}; - -static const char * const paths_vhosts[] = { - "vhosts[]", - "vhosts[].mounts[]", - "vhosts[].name", - "vhosts[].port", - "vhosts[].interface", - "vhosts[].unix-socket", - "vhosts[].sts", - "vhosts[].host-ssl-key", - "vhosts[].host-ssl-cert", - "vhosts[].host-ssl-ca", - "vhosts[].access-log", - "vhosts[].mounts[].mountpoint", - "vhosts[].mounts[].origin", - "vhosts[].mounts[].protocol", - "vhosts[].mounts[].default", - "vhosts[].mounts[].auth-mask", - "vhosts[].mounts[].cgi-timeout", - "vhosts[].mounts[].cgi-env[].*", - "vhosts[].mounts[].cache-max-age", - "vhosts[].mounts[].cache-reuse", - "vhosts[].mounts[].cache-revalidate", - "vhosts[].mounts[].basic-auth", - "vhosts[].mounts[].cache-intermediaries", - "vhosts[].mounts[].extra-mimetypes.*", - "vhosts[].mounts[].interpret.*", - "vhosts[].ws-protocols[].*.*", - "vhosts[].ws-protocols[].*", - "vhosts[].ws-protocols[]", - "vhosts[].keepalive_timeout", - "vhosts[].enable-client-ssl", - "vhosts[].ciphers", - "vhosts[].ecdh-curve", - "vhosts[].noipv6", - "vhosts[].ipv6only", - "vhosts[].ssl-option-set", - "vhosts[].ssl-option-clear", - "vhosts[].mounts[].pmo[].*", - "vhosts[].headers[].*", - "vhosts[].headers[]", - "vhosts[].client-ssl-key", - "vhosts[].client-ssl-cert", - "vhosts[].client-ssl-ca", - "vhosts[].client-ssl-ciphers", - "vhosts[].onlyraw", - "vhosts[].client-cert-required", - "vhosts[].ignore-missing-cert", - "vhosts[].error-document-404", -}; - -enum lejp_vhost_paths { - LEJPVP, - LEJPVP_MOUNTS, - LEJPVP_NAME, - LEJPVP_PORT, - LEJPVP_INTERFACE, - LEJPVP_UNIXSKT, - LEJPVP_STS, - LEJPVP_HOST_SSL_KEY, - LEJPVP_HOST_SSL_CERT, - LEJPVP_HOST_SSL_CA, - LEJPVP_ACCESS_LOG, - LEJPVP_MOUNTPOINT, - LEJPVP_ORIGIN, - LEJPVP_MOUNT_PROTOCOL, - LEJPVP_DEFAULT, - LEJPVP_DEFAULT_AUTH_MASK, - LEJPVP_CGI_TIMEOUT, - LEJPVP_CGI_ENV, - LEJPVP_MOUNT_CACHE_MAX_AGE, - LEJPVP_MOUNT_CACHE_REUSE, - LEJPVP_MOUNT_CACHE_REVALIDATE, - LEJPVP_MOUNT_BASIC_AUTH, - LEJPVP_MOUNT_CACHE_INTERMEDIARIES, - LEJPVP_MOUNT_EXTRA_MIMETYPES, - LEJPVP_MOUNT_INTERPRET, - LEJPVP_PROTOCOL_NAME_OPT, - LEJPVP_PROTOCOL_NAME, - LEJPVP_PROTOCOL, - LEJPVP_KEEPALIVE_TIMEOUT, - LEJPVP_ENABLE_CLIENT_SSL, - LEJPVP_CIPHERS, - LEJPVP_ECDH_CURVE, - LEJPVP_NOIPV6, - LEJPVP_IPV6ONLY, - LEJPVP_SSL_OPTION_SET, - LEJPVP_SSL_OPTION_CLEAR, - LEJPVP_PMO, - LEJPVP_HEADERS_NAME, - LEJPVP_HEADERS, - LEJPVP_CLIENT_SSL_KEY, - LEJPVP_CLIENT_SSL_CERT, - LEJPVP_CLIENT_SSL_CA, - LEJPVP_CLIENT_CIPHERS, - LEJPVP_FLAG_ONLYRAW, - LEJPVP_FLAG_CLIENT_CERT_REQUIRED, - LEJPVP_IGNORE_MISSING_CERT, - LEJPVP_ERROR_DOCUMENT_404, -}; - -static const char * const parser_errs[] = { - "", - "", - "No opening '{'", - "Expected closing '}'", - "Expected '\"'", - "String underrun", - "Illegal unescaped control char", - "Illegal escape format", - "Illegal hex number", - "Expected ':'", - "Illegal value start", - "Digit required after decimal point", - "Bad number format", - "Bad exponent format", - "Unknown token", - "Too many ']'", - "Mismatched ']'", - "Expected ']'", - "JSON nesting limit exceeded", - "Nesting tracking used up", - "Number too long", - "Comma or block end expected", - "Unknown", - "Parser callback errored (see earlier error)", -}; - -#define MAX_PLUGIN_DIRS 10 - -struct jpargs { - struct lws_context_creation_info *info; - struct lws_context *context; - const struct lws_protocols *protocols; - const struct lws_extension *extensions; - char *p, *end, valid; - struct lws_http_mount *head, *last; - - struct lws_protocol_vhost_options *pvo; - struct lws_protocol_vhost_options *pvo_em; - struct lws_protocol_vhost_options *pvo_int; - struct lws_http_mount m; - const char **plugin_dirs; - int count_plugin_dirs; - - unsigned int enable_client_ssl:1; - unsigned int fresh_mount:1; - unsigned int any_vhosts:1; -}; - -static void * -lwsws_align(struct jpargs *a) -{ - if ((lws_intptr_t)(a->p) & 15) - a->p += 16 - ((lws_intptr_t)(a->p) & 15); - - return a->p; -} - -static int -arg_to_bool(const char *s) -{ - static const char * const on[] = { "on", "yes", "true" }; - int n = atoi(s); - - if (n) - return 1; - - for (n = 0; n < (int)ARRAY_SIZE(on); n++) - if (!strcasecmp(s, on[n])) - return 1; - - return 0; -} - -static signed char -lejp_globals_cb(struct lejp_ctx *ctx, char reason) -{ - struct jpargs *a = (struct jpargs *)ctx->user; - struct lws_protocol_vhost_options *rej; - int n; - - /* we only match on the prepared path strings */ - if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match) - return 0; - - /* this catches, eg, vhosts[].headers[].xxx */ - if (reason == LEJPCB_VAL_STR_END && - ctx->path_match == LWJPGP_REJECT_SERVICE_KEYWORDS_NAME + 1) { - rej = lwsws_align(a); - a->p += sizeof(*rej); - - n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); - rej->next = a->info->reject_service_keywords; - a->info->reject_service_keywords = rej; - rej->name = a->p; - lwsl_notice(" adding rej %s=%s\n", a->p, ctx->buf); - a->p += n - 1; - *(a->p++) = '\0'; - rej->value = a->p; - rej->options = NULL; - goto dostring; - } - - switch (ctx->path_match - 1) { - case LEJPGP_UID: - a->info->uid = atoi(ctx->buf); - return 0; - case LEJPGP_GID: - a->info->gid = atoi(ctx->buf); - return 0; - case LEJPGP_COUNT_THREADS: - a->info->count_threads = atoi(ctx->buf); - return 0; - case LWJPGP_INIT_SSL: - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT; - return 0; - case LEJPGP_SERVER_STRING: - a->info->server_string = a->p; - break; - case LEJPGP_PLUGIN_DIR: - if (a->count_plugin_dirs == MAX_PLUGIN_DIRS - 1) { - lwsl_err("Too many plugin dirs\n"); - return -1; - } - a->plugin_dirs[a->count_plugin_dirs++] = a->p; - break; - - case LWJPGP_PINGPONG_SECS: - a->info->ws_ping_pong_interval = atoi(ctx->buf); - return 0; - - case LWJPGP_TIMEOUT_SECS: - a->info->timeout_secs = atoi(ctx->buf); - return 0; - - default: - return 0; - } - -dostring: - a->p += lws_snprintf(a->p, a->end - a->p, "%s", ctx->buf); - *(a->p)++ = '\0'; - - return 0; -} - -static signed char -lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) -{ - struct jpargs *a = (struct jpargs *)ctx->user; - struct lws_protocol_vhost_options *pvo, *mp_cgienv, *headers; - struct lws_http_mount *m; - char *p, *p1; - int n; - -#if 0 - lwsl_notice(" %d: %s (%d)\n", reason, ctx->path, ctx->path_match); - for (n = 0; n < ctx->wildcount; n++) - lwsl_notice(" %d\n", ctx->wild[n]); -#endif - - if (reason == LEJPCB_OBJECT_START && ctx->path_match == LEJPVP + 1) { - uint32_t i[4]; - const char *ss; - - /* set the defaults for this vhost */ - a->valid = 1; - a->head = NULL; - a->last = NULL; - - i[0] = a->info->count_threads; - i[1] = a->info->options & ( - LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME | - LWS_SERVER_OPTION_LIBUV | - LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT | - LWS_SERVER_OPTION_EXPLICIT_VHOSTS | - LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN | - LWS_SERVER_OPTION_LIBEVENT | - LWS_SERVER_OPTION_LIBEV - ); - ss = a->info->server_string; - i[2] = a->info->ws_ping_pong_interval; - i[3] = a->info->timeout_secs; - - memset(a->info, 0, sizeof(*a->info)); - - a->info->count_threads = i[0]; - a->info->options = i[1]; - a->info->server_string = ss; - a->info->ws_ping_pong_interval = i[2]; - a->info->timeout_secs = i[3]; - - a->info->protocols = a->protocols; - a->info->extensions = a->extensions; -#ifdef LWS_OPENSSL_SUPPORT - a->info->client_ssl_cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-GCM-SHA384:" - "DHE-RSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-SHA384:" - "HIGH:!aNULL:!eNULL:!EXPORT:" - "!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:" - "!SHA1:!DHE-RSA-AES128-GCM-SHA256:" - "!DHE-RSA-AES128-SHA256:" - "!AES128-GCM-SHA256:" - "!AES128-SHA256:" - "!DHE-RSA-AES256-SHA256:" - "!AES256-GCM-SHA384:" - "!AES256-SHA256"; -#endif - a->info->ssl_cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-GCM-SHA384:" - "DHE-RSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-SHA384:" - "HIGH:!aNULL:!eNULL:!EXPORT:" - "!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:" - "!SHA1:!DHE-RSA-AES128-GCM-SHA256:" - "!DHE-RSA-AES128-SHA256:" - "!AES128-GCM-SHA256:" - "!AES128-SHA256:" - "!DHE-RSA-AES256-SHA256:" - "!AES256-GCM-SHA384:" - "!AES256-SHA256"; - a->info->keepalive_timeout = 5; - } - - if (reason == LEJPCB_OBJECT_START && - ctx->path_match == LEJPVP_MOUNTS + 1) { - a->fresh_mount = 1; - memset(&a->m, 0, sizeof(a->m)); - } - - /* this catches, eg, vhosts[].ws-protocols[].xxx-protocol */ - if (reason == LEJPCB_OBJECT_START && - ctx->path_match == LEJPVP_PROTOCOL_NAME + 1) { - a->pvo = lwsws_align(a); - a->p += sizeof(*a->pvo); - - n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); - /* ie, enable this protocol, no options yet */ - a->pvo->next = a->info->pvo; - a->info->pvo = a->pvo; - a->pvo->name = a->p; - lwsl_info(" adding protocol %s\n", a->p); - a->p += n; - a->pvo->value = a->p; - a->pvo->options = NULL; - goto dostring; - } - - /* this catches, eg, vhosts[].headers[].xxx */ - if (reason == LEJPCB_VAL_STR_END && - ctx->path_match == LEJPVP_HEADERS_NAME + 1) { - headers = lwsws_align(a); - a->p += sizeof(*headers); - - n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); - /* ie, enable this protocol, no options yet */ - headers->next = a->info->headers; - a->info->headers = headers; - headers->name = a->p; - // lwsl_notice(" adding header %s=%s\n", a->p, ctx->buf); - a->p += n - 1; - *(a->p++) = ':'; - if (a->p < a->end) - *(a->p++) = '\0'; - else - *(a->p - 1) = '\0'; - headers->value = a->p; - headers->options = NULL; - goto dostring; - } - - if (reason == LEJPCB_OBJECT_END && - (ctx->path_match == LEJPVP + 1 || !ctx->path[0]) && - a->valid) { - - struct lws_vhost *vhost; - - //lwsl_notice("%s\n", ctx->path); - if (!a->info->port) { - lwsl_err("Port required (eg, 443)"); - return 1; - } - a->valid = 0; - a->info->mounts = a->head; - - vhost = lws_create_vhost(a->context, a->info); - if (!vhost) { - lwsl_err("Failed to create vhost %s\n", - a->info->vhost_name); - return 1; - } - a->any_vhosts = 1; - -#ifdef LWS_OPENSSL_SUPPORT - if (a->enable_client_ssl) { - const char *cert_filepath = a->info->client_ssl_cert_filepath; - const char *private_key_filepath = a->info->client_ssl_private_key_filepath; - const char *ca_filepath = a->info->client_ssl_ca_filepath; - const char *cipher_list = a->info->client_ssl_cipher_list; - memset(a->info, 0, sizeof(*a->info)); - a->info->client_ssl_cert_filepath = cert_filepath; - a->info->client_ssl_private_key_filepath = private_key_filepath; - a->info->client_ssl_ca_filepath = ca_filepath; - a->info->client_ssl_cipher_list = cipher_list; - a->info->options = LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT; - lws_init_vhost_client_ssl(a->info, vhost); - } -#endif - - return 0; - } - - if (reason == LEJPCB_OBJECT_END && - ctx->path_match == LEJPVP_MOUNTS + 1) { - static const char * const mount_protocols[] = { - "http://", - "https://", - "file://", - "cgi://", - ">http://", - ">https://", - "callback://", - "gzip://", - }; - - if (!a->fresh_mount) - return 0; - - if (!a->m.mountpoint || !a->m.origin) { - lwsl_err("mountpoint and origin required\n"); - return 1; - } - lwsl_debug("adding mount %s\n", a->m.mountpoint); - m = lwsws_align(a); - memcpy(m, &a->m, sizeof(*m)); - if (a->last) - a->last->mount_next = m; - - for (n = 0; n < (int)ARRAY_SIZE(mount_protocols); n++) - if (!strncmp(a->m.origin, mount_protocols[n], - strlen(mount_protocols[n]))) { - lwsl_info("----%s\n", a->m.origin); - m->origin_protocol = n; - m->origin = a->m.origin + - strlen(mount_protocols[n]); - break; - } - - if (n == (int)ARRAY_SIZE(mount_protocols)) { - lwsl_err("unsupported protocol:// %s\n", a->m.origin); - return 1; - } - - a->p += sizeof(*m); - if (!a->head) - a->head = m; - - a->last = m; - a->fresh_mount = 0; - } - - /* we only match on the prepared path strings */ - if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match) - return 0; - - switch (ctx->path_match - 1) { - case LEJPVP_NAME: - a->info->vhost_name = a->p; - break; - case LEJPVP_PORT: - a->info->port = atoi(ctx->buf); - return 0; - case LEJPVP_INTERFACE: - a->info->iface = a->p; - break; - case LEJPVP_UNIXSKT: - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_UNIX_SOCK; - else - a->info->options &= ~(LWS_SERVER_OPTION_UNIX_SOCK); - return 0; - case LEJPVP_STS: - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_STS; - else - a->info->options &= ~(LWS_SERVER_OPTION_STS); - return 0; - case LEJPVP_HOST_SSL_KEY: - a->info->ssl_private_key_filepath = a->p; - break; - case LEJPVP_HOST_SSL_CERT: - a->info->ssl_cert_filepath = a->p; - break; - case LEJPVP_HOST_SSL_CA: - a->info->ssl_ca_filepath = a->p; - break; - case LEJPVP_ACCESS_LOG: - a->info->log_filepath = a->p; - break; - case LEJPVP_MOUNTPOINT: - a->m.mountpoint = a->p; - a->m.mountpoint_len = (unsigned char)strlen(ctx->buf); - break; - case LEJPVP_ORIGIN: - if (!strncmp(ctx->buf, "callback://", 11)) - a->m.protocol = a->p + 11; - - if (!a->m.origin) - a->m.origin = a->p; - break; - case LEJPVP_DEFAULT: - a->m.def = a->p; - break; - case LEJPVP_DEFAULT_AUTH_MASK: - a->m.auth_mask = atoi(ctx->buf); - return 0; - case LEJPVP_MOUNT_CACHE_MAX_AGE: - a->m.cache_max_age = atoi(ctx->buf); - return 0; - case LEJPVP_MOUNT_CACHE_REUSE: - a->m.cache_reusable = arg_to_bool(ctx->buf); - return 0; - case LEJPVP_MOUNT_CACHE_REVALIDATE: - a->m.cache_revalidate = arg_to_bool(ctx->buf); - return 0; - case LEJPVP_MOUNT_CACHE_INTERMEDIARIES: - a->m.cache_intermediaries = arg_to_bool(ctx->buf);; - return 0; - case LEJPVP_MOUNT_BASIC_AUTH: - a->m.basic_auth_login_file = a->p; - break; - case LEJPVP_CGI_TIMEOUT: - a->m.cgi_timeout = atoi(ctx->buf); - return 0; - case LEJPVP_KEEPALIVE_TIMEOUT: - a->info->keepalive_timeout = atoi(ctx->buf); - return 0; -#ifdef LWS_OPENSSL_SUPPORT - case LEJPVP_CLIENT_CIPHERS: - a->info->client_ssl_cipher_list = a->p; - break; -#endif - case LEJPVP_CIPHERS: - a->info->ssl_cipher_list = a->p; - break; - case LEJPVP_ECDH_CURVE: - a->info->ecdh_curve = a->p; - break; - case LEJPVP_PMO: - case LEJPVP_CGI_ENV: - mp_cgienv = lwsws_align(a); - a->p += sizeof(*a->m.cgienv); - - mp_cgienv->next = a->m.cgienv; - a->m.cgienv = mp_cgienv; - - n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); - mp_cgienv->name = a->p; - a->p += n; - mp_cgienv->value = a->p; - mp_cgienv->options = NULL; - //lwsl_notice(" adding pmo / cgi-env '%s' = '%s'\n", mp_cgienv->name, - // mp_cgienv->value); - goto dostring; - - case LEJPVP_PROTOCOL_NAME_OPT: - /* this catches, eg, - * vhosts[].ws-protocols[].xxx-protocol.yyy-option - * ie, these are options attached to a protocol with { } - */ - pvo = lwsws_align(a); - a->p += sizeof(*a->pvo); - - n = lejp_get_wildcard(ctx, 1, a->p, a->end - a->p); - /* ie, enable this protocol, no options yet */ - pvo->next = a->pvo->options; - a->pvo->options = pvo; - pvo->name = a->p; - a->p += n; - pvo->value = a->p; - pvo->options = NULL; - break; - - case LEJPVP_MOUNT_EXTRA_MIMETYPES: - a->pvo_em = lwsws_align(a); - a->p += sizeof(*a->pvo_em); - - n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); - /* ie, enable this protocol, no options yet */ - a->pvo_em->next = a->m.extra_mimetypes; - a->m.extra_mimetypes = a->pvo_em; - a->pvo_em->name = a->p; - lwsl_notice(" adding extra-mimetypes %s -> %s\n", a->p, ctx->buf); - a->p += n; - a->pvo_em->value = a->p; - a->pvo_em->options = NULL; - break; - - case LEJPVP_MOUNT_INTERPRET: - a->pvo_int = lwsws_align(a); - a->p += sizeof(*a->pvo_int); - - n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); - /* ie, enable this protocol, no options yet */ - a->pvo_int->next = a->m.interpret; - a->m.interpret = a->pvo_int; - a->pvo_int->name = a->p; - lwsl_notice(" adding interpret %s -> %s\n", a->p, - ctx->buf); - a->p += n; - a->pvo_int->value = a->p; - a->pvo_int->options = NULL; - break; - - case LEJPVP_ENABLE_CLIENT_SSL: - a->enable_client_ssl = arg_to_bool(ctx->buf); - return 0; -#ifdef LWS_OPENSSL_SUPPORT - case LEJPVP_CLIENT_SSL_KEY: - a->info->client_ssl_private_key_filepath = a->p; - break; - case LEJPVP_CLIENT_SSL_CERT: - a->info->client_ssl_cert_filepath = a->p; - break; - case LEJPVP_CLIENT_SSL_CA: - a->info->client_ssl_ca_filepath = a->p; - break; -#endif - - case LEJPVP_NOIPV6: - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_DISABLE_IPV6; - else - a->info->options &= ~(LWS_SERVER_OPTION_DISABLE_IPV6); - return 0; - - case LEJPVP_FLAG_ONLYRAW: - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_ONLY_RAW; - else - a->info->options &= ~(LWS_SERVER_OPTION_ONLY_RAW); - return 0; - - case LEJPVP_IPV6ONLY: - a->info->options |= LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY; - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE; - else - a->info->options &= ~(LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE); - return 0; - - case LEJPVP_FLAG_CLIENT_CERT_REQUIRED: - if (arg_to_bool(ctx->buf)) - a->info->options |= - LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT; - return 0; - - case LEJPVP_IGNORE_MISSING_CERT: - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_IGNORE_MISSING_CERT; - else - a->info->options &= ~(LWS_SERVER_OPTION_IGNORE_MISSING_CERT); - - return 0; - - case LEJPVP_ERROR_DOCUMENT_404: - a->info->error_document_404 = a->p; - break; - - case LEJPVP_SSL_OPTION_SET: - a->info->ssl_options_set |= atol(ctx->buf); - return 0; - case LEJPVP_SSL_OPTION_CLEAR: - a->info->ssl_options_clear |= atol(ctx->buf); - return 0; - - default: - return 0; - } - -dostring: - p = ctx->buf; - p1 = strstr(p, ESC_INSTALL_DATADIR); - if (p1) { - n = p1 - p; - if (n > a->end - a->p) - n = a->end - a->p; - lws_strncpy(a->p, p, n + 1); - a->p += n; - a->p += lws_snprintf(a->p, a->end - a->p, "%s", LWS_INSTALL_DATADIR); - p += n + strlen(ESC_INSTALL_DATADIR); - } - - a->p += lws_snprintf(a->p, a->end - a->p, "%s", p); - *(a->p)++ = '\0'; - - return 0; -} - -/* - * returns 0 = OK, 1 = can't open, 2 = parsing error - */ - -static int -lwsws_get_config(void *user, const char *f, const char * const *paths, - int count_paths, lejp_callback cb) -{ - unsigned char buf[128]; - struct lejp_ctx ctx; - int n, m, fd; - - fd = open(f, O_RDONLY); - if (fd < 0) { - lwsl_err("Cannot open %s\n", f); - return 2; - } - lwsl_info("%s: %s\n", __func__, f); - lejp_construct(&ctx, cb, user, paths, count_paths); - - do { - n = read(fd, buf, sizeof(buf)); - if (!n) - break; - - m = (int)(signed char)lejp_parse(&ctx, buf, n); - } while (m == LEJP_CONTINUE); - - close(fd); - n = ctx.line; - lejp_destruct(&ctx); - - if (m < 0) { - lwsl_err("%s(%u): parsing error %d: %s\n", f, n, m, - parser_errs[-m]); - return 2; - } - - return 0; -} - -#if defined(LWS_WITH_LIBUV) && UV_VERSION_MAJOR > 0 - -static int -lwsws_get_config_d(void *user, const char *d, const char * const *paths, - int count_paths, lejp_callback cb) -{ - uv_dirent_t dent; - uv_fs_t req; - char path[256]; - int ret = 0, ir; - uv_loop_t loop; - - ir = uv_loop_init(&loop); - if (ir) { - lwsl_err("%s: loop init failed %d\n", __func__, ir); - } - - if (!uv_fs_scandir(&loop, &req, d, 0, NULL)) { - lwsl_err("Scandir on %s failed\n", d); - return 2; - } - - while (uv_fs_scandir_next(&req, &dent) != UV_EOF) { - lws_snprintf(path, sizeof(path) - 1, "%s/%s", d, dent.name); - ret = lwsws_get_config(user, path, paths, count_paths, cb); - if (ret) - goto bail; - } - -bail: - uv_fs_req_cleanup(&req); - while (uv_loop_close(&loop)) - ; - - return ret; -} - -#else - -#ifndef _WIN32 -static int filter(const struct dirent *ent) -{ - if (!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, "..")) - return 0; - - return 1; -} -#endif - -static int -lwsws_get_config_d(void *user, const char *d, const char * const *paths, - int count_paths, lejp_callback cb) -{ -#ifndef _WIN32 - struct dirent **namelist; - char path[256]; - int n, i, ret = 0; - - n = scandir(d, &namelist, filter, alphasort); - if (n < 0) { - lwsl_err("Scandir on %s failed\n", d); - return 1; - } - - for (i = 0; i < n; i++) { - if (strchr(namelist[i]->d_name, '~')) - goto skip; - lws_snprintf(path, sizeof(path) - 1, "%s/%s", d, - namelist[i]->d_name); - ret = lwsws_get_config(user, path, paths, count_paths, cb); - if (ret) { - while (i++ < n) - free(namelist[i]); - goto bail; - } -skip: - free(namelist[i]); - } - -bail: - free(namelist); - - return ret; -#else - return 0; -#endif -} - -#endif - -int -lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d, - char **cs, int *len) -{ - struct jpargs a; - const char * const *old = info->plugin_dirs; - char dd[128]; - - memset(&a, 0, sizeof(a)); - - a.info = info; - a.p = *cs; - a.end = (a.p + *len) - 1; - a.valid = 0; - - lwsws_align(&a); - info->plugin_dirs = (void *)a.p; - a.plugin_dirs = (void *)a.p; /* writeable version */ - a.p += MAX_PLUGIN_DIRS * sizeof(void *); - - /* copy any default paths */ - - while (old && *old) { - a.plugin_dirs[a.count_plugin_dirs++] = *old; - old++; - } - - lws_snprintf(dd, sizeof(dd) - 1, "%s/conf", d); - if (lwsws_get_config(&a, dd, paths_global, - ARRAY_SIZE(paths_global), lejp_globals_cb) > 1) - return 1; - lws_snprintf(dd, sizeof(dd) - 1, "%s/conf.d", d); - if (lwsws_get_config_d(&a, dd, paths_global, - ARRAY_SIZE(paths_global), lejp_globals_cb) > 1) - return 1; - - a.plugin_dirs[a.count_plugin_dirs] = NULL; - - *cs = a.p; - *len = a.end - a.p; - - return 0; -} - -int -lwsws_get_config_vhosts(struct lws_context *context, - struct lws_context_creation_info *info, const char *d, - char **cs, int *len) -{ - struct jpargs a; - char dd[128]; - - memset(&a, 0, sizeof(a)); - - a.info = info; - a.p = *cs; - a.end = a.p + *len; - a.valid = 0; - a.context = context; - a.protocols = info->protocols; - a.extensions = info->extensions; - - lws_snprintf(dd, sizeof(dd) - 1, "%s/conf", d); - if (lwsws_get_config(&a, dd, paths_vhosts, - ARRAY_SIZE(paths_vhosts), lejp_vhosts_cb) > 1) - return 1; - lws_snprintf(dd, sizeof(dd) - 1, "%s/conf.d", d); - if (lwsws_get_config_d(&a, dd, paths_vhosts, - ARRAY_SIZE(paths_vhosts), lejp_vhosts_cb) > 1) - return 1; - - *cs = a.p; - *len = a.end - a.p; - - if (!a.any_vhosts) { - lwsl_err("Need at least one vhost\n"); - return 1; - } - -// lws_finalize_startup(context); - - return 0; -} diff --git a/lib/server/lws-spa.c b/lib/server/lws-spa.c deleted file mode 100644 index bc5acff..0000000 --- a/lib/server/lws-spa.c +++ /dev/null @@ -1,606 +0,0 @@ -/* - * libwebsockets - Stateful urldecode for POST - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -#define LWS_MAX_ELEM_NAME 32 - -enum urldecode_stateful { - US_NAME, - US_IDLE, - US_PC1, - US_PC2, - - MT_LOOK_BOUND_IN, - MT_HNAME, - MT_DISP, - MT_TYPE, - MT_IGNORE1, - MT_IGNORE2, - MT_IGNORE3, - MT_COMPLETED, -}; - -static const char * const mp_hdr[] = { - "content-disposition: ", - "content-type: ", - "\x0d\x0a" -}; - -typedef int (*lws_urldecode_stateful_cb)(void *data, - const char *name, char **buf, int len, int final); - -struct lws_urldecode_stateful { - char *out; - void *data; - struct lws *wsi; - char name[LWS_MAX_ELEM_NAME]; - char temp[LWS_MAX_ELEM_NAME]; - char content_type[32]; - char content_disp[32]; - char content_disp_filename[256]; - char mime_boundary[128]; - int out_len; - int pos; - int hdr_idx; - int mp; - int sum; - - unsigned int multipart_form_data:1; - unsigned int inside_quote:1; - unsigned int subname:1; - unsigned int boundary_real_crlf:1; - - enum urldecode_stateful state; - - lws_urldecode_stateful_cb output; -}; - -static struct lws_urldecode_stateful * -lws_urldecode_s_create(struct lws *wsi, char *out, int out_len, void *data, - lws_urldecode_stateful_cb output) -{ - struct lws_urldecode_stateful *s = lws_zalloc(sizeof(*s), - "stateful urldecode"); - char buf[200], *p; - int m = 0; - - if (!s) - return NULL; - - s->out = out; - s->out_len = out_len; - s->output = output; - s->pos = 0; - s->sum = 0; - s->mp = 0; - s->state = US_NAME; - s->name[0] = '\0'; - s->data = data; - s->wsi = wsi; - - if (lws_hdr_copy(wsi, buf, sizeof(buf), - WSI_TOKEN_HTTP_CONTENT_TYPE) > 0) { - /* multipart/form-data; boundary=----WebKitFormBoundarycc7YgAPEIHvgE9Bf */ - - if (!strncmp(buf, "multipart/form-data", 19)) { - s->multipart_form_data = 1; - s->state = MT_LOOK_BOUND_IN; - s->mp = 2; - p = strstr(buf, "boundary="); - if (p) { - p += 9; - s->mime_boundary[m++] = '\x0d'; - s->mime_boundary[m++] = '\x0a'; - s->mime_boundary[m++] = '-'; - s->mime_boundary[m++] = '-'; - while (m < (int)sizeof(s->mime_boundary) - 1 && - *p && *p != ' ') - s->mime_boundary[m++] = *p++; - - s->mime_boundary[m] = '\0'; - - lwsl_info("boundary '%s'\n", s->mime_boundary); - } - } - } - - return s; -} - -static int -lws_urldecode_s_process(struct lws_urldecode_stateful *s, const char *in, - int len) -{ - int n, m, hit = 0; - char c, was_end = 0; - - while (len--) { - if (s->pos == s->out_len - s->mp - 1) { - if (s->output(s->data, s->name, &s->out, s->pos, 0)) - return -1; - - was_end = s->pos; - s->pos = 0; - } - switch (s->state) { - - /* states for url arg style */ - - case US_NAME: - s->inside_quote = 0; - if (*in == '=') { - s->name[s->pos] = '\0'; - s->pos = 0; - s->state = US_IDLE; - in++; - continue; - } - if (*in == '&') { - s->name[s->pos] = '\0'; - if (s->output(s->data, s->name, &s->out, - s->pos, 1)) - return -1; - s->pos = 0; - s->state = US_IDLE; - in++; - continue; - } - if (s->pos >= (int)sizeof(s->name) - 1) { - lwsl_notice("Name too long\n"); - return -1; - } - s->name[s->pos++] = *in++; - break; - case US_IDLE: - if (*in == '%') { - s->state++; - in++; - continue; - } - if (*in == '&') { - s->out[s->pos] = '\0'; - if (s->output(s->data, s->name, &s->out, - s->pos, 1)) - return -1; - s->pos = 0; - s->state = US_NAME; - in++; - continue; - } - if (*in == '+') { - in++; - s->out[s->pos++] = ' '; - continue; - } - s->out[s->pos++] = *in++; - break; - case US_PC1: - n = char_to_hex(*in); - if (n < 0) - return -1; - - in++; - s->sum = n << 4; - s->state++; - break; - - case US_PC2: - n = char_to_hex(*in); - if (n < 0) - return -1; - - in++; - s->out[s->pos++] = s->sum | n; - s->state = US_IDLE; - break; - - - /* states for multipart / mime style */ - - case MT_LOOK_BOUND_IN: -retry_as_first: - if (*in == s->mime_boundary[s->mp] && - s->mime_boundary[s->mp]) { - in++; - s->mp++; - if (!s->mime_boundary[s->mp]) { - s->mp = 0; - s->state = MT_IGNORE1; - - if (s->pos || was_end) - if (s->output(s->data, s->name, - &s->out, s->pos, 1)) - return -1; - - s->pos = 0; - - s->content_disp[0] = '\0'; - s->name[0] = '\0'; - s->content_disp_filename[0] = '\0'; - s->boundary_real_crlf = 1; - } - continue; - } - if (s->mp) { - n = 0; - if (!s->boundary_real_crlf) - n = 2; - - memcpy(s->out + s->pos, s->mime_boundary + n, - s->mp - n); - s->pos += s->mp; - s->mp = 0; - goto retry_as_first; - } - - s->out[s->pos++] = *in; - in++; - s->mp = 0; - break; - - case MT_HNAME: - m = 0; - c =*in; - if (c >= 'A' && c <= 'Z') - c += 'a' - 'A'; - for (n = 0; n < (int)ARRAY_SIZE(mp_hdr); n++) - if (c == mp_hdr[n][s->mp]) { - m++; - hit = n; - } - in++; - if (!m) { - s->mp = 0; - continue; - } - - s->mp++; - if (m != 1) - continue; - - if (mp_hdr[hit][s->mp]) - continue; - - s->mp = 0; - s->temp[0] = '\0'; - s->subname = 0; - - if (hit == 2) - s->state = MT_LOOK_BOUND_IN; - else - s->state += hit + 1; - break; - - case MT_DISP: - /* form-data; name="file"; filename="t.txt" */ - - if (*in == '\x0d') { - if (s->content_disp_filename[0]) - if (s->output(s->data, s->name, - &s->out, s->pos, - LWS_UFS_OPEN)) - return -1; - s->state = MT_IGNORE2; - goto done; - } - if (*in == ';') { - s->subname = 1; - s->temp[0] = '\0'; - s->mp = 0; - goto done; - } - - if (*in == '\"') { - s->inside_quote ^= 1; - goto done; - } - - if (s->subname) { - if (*in == '=') { - s->temp[s->mp] = '\0'; - s->subname = 0; - s->mp = 0; - goto done; - } - if (s->mp < (int)sizeof(s->temp) - 1 && - (*in != ' ' || s->inside_quote)) - s->temp[s->mp++] = *in; - goto done; - } - - if (!s->temp[0]) { - if (s->mp < (int)sizeof(s->content_disp) - 1) - s->content_disp[s->mp++] = *in; - s->content_disp[s->mp] = '\0'; - goto done; - } - - if (!strcmp(s->temp, "name")) { - if (s->mp < (int)sizeof(s->name) - 1) - s->name[s->mp++] = *in; - else - s->mp = (int)sizeof(s->name) - 1; - s->name[s->mp] = '\0'; - goto done; - } - - if (!strcmp(s->temp, "filename")) { - if (s->mp < (int)sizeof(s->content_disp_filename) - 1) - s->content_disp_filename[s->mp++] = *in; - s->content_disp_filename[s->mp] = '\0'; - goto done; - } -done: - in++; - break; - - case MT_TYPE: - if (*in == '\x0d') - s->state = MT_IGNORE2; - else { - if (s->mp < (int)sizeof(s->content_type) - 1) - s->content_type[s->mp++] = *in; - s->content_type[s->mp] = '\0'; - } - in++; - break; - - case MT_IGNORE1: - if (*in == '\x0d') - s->state = MT_IGNORE2; - if (*in == '-') - s->state = MT_IGNORE3; - in++; - break; - - case MT_IGNORE2: - s->mp = 0; - if (*in == '\x0a') - s->state = MT_HNAME; - in++; - break; - - case MT_IGNORE3: - if (*in == '\x0d') - s->state = MT_IGNORE1; - if (*in == '-') { - s->state = MT_COMPLETED; - s->wsi->http.rx_content_remain = 0; - } - in++; - break; - case MT_COMPLETED: - break; - } - } - - return 0; -} - -static int -lws_urldecode_s_destroy(struct lws_urldecode_stateful *s) -{ - int ret = 0; - - if (s->state != US_IDLE) - ret = -1; - - if (!ret) - if (s->output(s->data, s->name, &s->out, s->pos, 1)) - ret = -1; - - lws_free(s); - - return ret; -} - -struct lws_spa { - struct lws_urldecode_stateful *s; - lws_spa_fileupload_cb opt_cb; - const char * const *param_names; - int count_params; - char **params; - int *param_length; - void *opt_data; - - char *storage; - char *end; - int max_storage; - - char finalized; -}; - -static int -lws_urldecode_spa_lookup(struct lws_spa *spa, - const char *name) -{ - int n; - - for (n = 0; n < spa->count_params; n++) - if (!strcmp(spa->param_names[n], name)) - return n; - - return -1; -} - -static int -lws_urldecode_spa_cb(void *data, const char *name, char **buf, int len, - int final) -{ - struct lws_spa *spa = - (struct lws_spa *)data; - int n; - - if (spa->s->content_disp_filename[0]) { - if (spa->opt_cb) { - n = spa->opt_cb(spa->opt_data, name, - spa->s->content_disp_filename, - *buf, len, final); - - if (n < 0) - return -1; - } - return 0; - } - n = lws_urldecode_spa_lookup(spa, name); - - if (n == -1 || !len) /* unrecognized */ - return 0; - - if (!spa->params[n]) - spa->params[n] = *buf; - - if ((*buf) + len >= spa->end) { - lwsl_notice("%s: exceeded storage\n", __func__); - return -1; - } - - spa->param_length[n] += len; - - /* move it on inside storage */ - (*buf) += len; - *((*buf)++) = '\0'; - - spa->s->out_len -= len + 1; - - return 0; -} - -LWS_VISIBLE LWS_EXTERN struct lws_spa * -lws_spa_create(struct lws *wsi, const char * const *param_names, - int count_params, int max_storage, - lws_spa_fileupload_cb opt_cb, void *opt_data) -{ - struct lws_spa *spa = lws_zalloc(sizeof(*spa), "spa"); - - if (!spa) - return NULL; - - spa->param_names = param_names; - spa->count_params = count_params; - spa->max_storage = max_storage; - spa->opt_cb = opt_cb; - spa->opt_data = opt_data; - - spa->storage = lws_malloc(max_storage, "spa"); - if (!spa->storage) - goto bail2; - spa->end = spa->storage + max_storage - 1; - - spa->params = lws_zalloc(sizeof(char *) * count_params, "spa params"); - if (!spa->params) - goto bail3; - - spa->s = lws_urldecode_s_create(wsi, spa->storage, max_storage, spa, - lws_urldecode_spa_cb); - if (!spa->s) - goto bail4; - - spa->param_length = lws_zalloc(sizeof(int) * count_params, - "spa param len"); - if (!spa->param_length) - goto bail5; - - lwsl_info("%s: Created SPA %p\n", __func__, spa); - - return spa; - -bail5: - lws_urldecode_s_destroy(spa->s); -bail4: - lws_free(spa->params); -bail3: - lws_free(spa->storage); -bail2: - lws_free(spa); - - return NULL; -} - -LWS_VISIBLE LWS_EXTERN int -lws_spa_process(struct lws_spa *ludspa, const char *in, int len) -{ - if (!ludspa) { - lwsl_err("%s: NULL spa\n", __func__); - return -1; - } - /* we reject any junk after the last part arrived and we finalized */ - if (ludspa->finalized) - return 0; - - return lws_urldecode_s_process(ludspa->s, in, len); -} - -LWS_VISIBLE LWS_EXTERN int -lws_spa_get_length(struct lws_spa *ludspa, int n) -{ - if (n >= ludspa->count_params) - return 0; - - return ludspa->param_length[n]; -} - -LWS_VISIBLE LWS_EXTERN const char * -lws_spa_get_string(struct lws_spa *ludspa, int n) -{ - if (n >= ludspa->count_params) - return NULL; - - return ludspa->params[n]; -} - -LWS_VISIBLE LWS_EXTERN int -lws_spa_finalize(struct lws_spa *spa) -{ - if (spa->s) { - lws_urldecode_s_destroy(spa->s); - spa->s = NULL; - } - - spa->finalized = 1; - - return 0; -} - -LWS_VISIBLE LWS_EXTERN int -lws_spa_destroy(struct lws_spa *spa) -{ - int n = 0; - - lwsl_info("%s: destroy spa %p\n", __func__, spa); - - if (spa->s) - lws_urldecode_s_destroy(spa->s); - - lwsl_debug("%s %p %p %p %p\n", __func__, - spa->param_length, - spa->params, - spa->storage, - spa); - - lws_free(spa->param_length); - lws_free(spa->params); - lws_free(spa->storage); - lws_free(spa); - - return n; -} diff --git a/lib/server/parsers.c b/lib/server/parsers.c deleted file mode 100644 index 7577d75..0000000 --- a/lib/server/parsers.c +++ /dev/null @@ -1,1838 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -static const unsigned char lextable[] = { - #include "lextable.h" -}; - -#define FAIL_CHAR 0x08 - -static struct allocated_headers * -_lws_create_ah(struct lws_context_per_thread *pt, ah_data_idx_t data_size) -{ - struct allocated_headers *ah = lws_zalloc(sizeof(*ah), "ah struct"); - - if (!ah) - return NULL; - - ah->data = lws_malloc(data_size, "ah data"); - if (!ah->data) { - lws_free(ah); - - return NULL; - } - ah->next = pt->ah_list; - pt->ah_list = ah; - ah->data_length = data_size; - pt->ah_pool_length++; - - lwsl_info("%s: created ah %p (size %d): pool length %d\n", __func__, - ah, (int)data_size, pt->ah_pool_length); - - return ah; -} - -int -_lws_destroy_ah(struct lws_context_per_thread *pt, struct allocated_headers *ah) -{ - lws_start_foreach_llp(struct allocated_headers **, a, pt->ah_list) { - if ((*a) == ah) { - *a = ah->next; - pt->ah_pool_length--; - lwsl_info("%s: freed ah %p : pool length %d\n", - __func__, ah, pt->ah_pool_length); - if (ah->data) - lws_free(ah->data); - lws_free(ah); - - return 0; - } - } lws_end_foreach_llp(a, next); - - return 1; -} - -void -_lws_header_table_reset(struct allocated_headers *ah) -{ - /* init the ah to reflect no headers or data have appeared yet */ - memset(ah->frag_index, 0, sizeof(ah->frag_index)); - memset(ah->frags, 0, sizeof(ah->frags)); - ah->nfrag = 0; - ah->pos = 0; - ah->http_response = 0; -} - -// doesn't scrub the ah rxbuffer by default, parent must do if needed - -void -__lws_header_table_reset(struct lws *wsi, int autoservice) -{ - struct allocated_headers *ah = wsi->ah; - struct lws_context_per_thread *pt; - struct lws_pollfd *pfd; - - /* if we have the idea we're resetting 'our' ah, must be bound to one */ - assert(ah); - /* ah also concurs with ownership */ - assert(ah->wsi == wsi); - - _lws_header_table_reset(ah); - - ah->parser_state = WSI_TOKEN_NAME_PART; - ah->lextable_pos = 0; - - /* since we will restart the ah, our new headers are not completed */ - wsi->hdr_parsing_completed = 0; - - /* while we hold the ah, keep a timeout on the wsi */ - __lws_set_timeout(wsi, PENDING_TIMEOUT_HOLDING_AH, - wsi->vhost->timeout_secs_ah_idle); - - time(&ah->assigned); - - /* - * if we inherited pending rx (from socket adoption deferred - * processing), apply and free it. - */ - if (wsi->preamble_rx) { - memcpy(ah->rx, wsi->preamble_rx, wsi->preamble_rx_len); - ah->rxlen = wsi->preamble_rx_len; - lws_free_set_NULL(wsi->preamble_rx); - wsi->preamble_rx_len = 0; - ah->rxpos = 0; - - if (autoservice) { - lwsl_debug("%s: service on readbuf ah\n", __func__); - - pt = &wsi->context->pt[(int)wsi->tsi]; - /* - * Unlike a normal connect, we have the headers already - * (or the first part of them anyway) - */ - pfd = &pt->fds[wsi->position_in_fds_table]; - pfd->revents |= LWS_POLLIN; - lwsl_err("%s: calling service\n", __func__); - lws_service_fd_tsi(wsi->context, pfd, wsi->tsi); - } - } -} - -void -lws_header_table_reset(struct lws *wsi, int autoservice) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - - lws_pt_lock(pt, __func__); - - __lws_header_table_reset(wsi, autoservice); - - lws_pt_unlock(pt); -} - -static void -_lws_header_ensure_we_are_on_waiting_list(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - struct lws_pollargs pa; - struct lws **pwsi = &pt->ah_wait_list; - - while (*pwsi) { - if (*pwsi == wsi) - return; - pwsi = &(*pwsi)->ah_wait_list; - } - - lwsl_info("%s: wsi: %p\n", __func__, wsi); - wsi->ah_wait_list = pt->ah_wait_list; - pt->ah_wait_list = wsi; - pt->ah_wait_list_length++; - - /* we cannot accept input then */ - - _lws_change_pollfd(wsi, LWS_POLLIN, 0, &pa); -} - -static int -__lws_remove_from_ah_waiting_list(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - struct lws **pwsi =&pt->ah_wait_list; - - while (*pwsi) { - if (*pwsi == wsi) { - lwsl_info("%s: wsi %p\n", __func__, wsi); - /* point prev guy to our next */ - *pwsi = wsi->ah_wait_list; - /* we shouldn't point anywhere now */ - wsi->ah_wait_list = NULL; - pt->ah_wait_list_length--; - - return 1; - } - pwsi = &(*pwsi)->ah_wait_list; - } - - return 0; -} - -int LWS_WARN_UNUSED_RESULT -lws_header_table_attach(struct lws *wsi, int autoservice) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - struct lws_pollargs pa; - int n; - - lwsl_info("%s: wsi %p: ah %p (tsi %d, count = %d) in\n", __func__, - (void *)wsi, (void *)wsi->ah, wsi->tsi, - pt->ah_count_in_use); - - lws_pt_lock(pt, __func__); - - /* if we are already bound to one, just clear it down */ - if (wsi->ah) { - lwsl_info("%s: cleardown\n", __func__); - goto reset; - } - - n = pt->ah_count_in_use == context->max_http_header_pool; -#if defined(LWS_WITH_PEER_LIMITS) - if (!n) { - n = lws_peer_confirm_ah_attach_ok(context, wsi->peer); - if (n) - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_PEER_LIMIT_AH_DENIED, 1); - } -#endif - if (n) { - /* - * Pool is either all busy, or we don't want to give this - * particular guy an ah right now... - * - * Make sure we are on the waiting list, and return that we - * weren't able to provide the ah - */ - _lws_header_ensure_we_are_on_waiting_list(wsi); - - goto bail; - } - - __lws_remove_from_ah_waiting_list(wsi); - - wsi->ah = _lws_create_ah(pt, context->max_http_header_data); - if (!wsi->ah) { /* we could not create an ah */ - _lws_header_ensure_we_are_on_waiting_list(wsi); - - goto bail; - } - - wsi->ah->in_use = 1; - wsi->ah->wsi = wsi; /* mark our owner */ - pt->ah_count_in_use++; - -#if defined(LWS_WITH_PEER_LIMITS) - if (wsi->peer) - wsi->peer->count_ah++; -#endif - - _lws_change_pollfd(wsi, 0, LWS_POLLIN, &pa); - - lwsl_info("%s: did attach wsi %p: ah %p: count %d (on exit)\n", __func__, - (void *)wsi, (void *)wsi->ah, pt->ah_count_in_use); - -reset: - - /* and reset the rx state */ - wsi->ah->rxpos = 0; - wsi->ah->rxlen = 0; - - __lws_header_table_reset(wsi, autoservice); - - lws_pt_unlock(pt); - -#ifndef LWS_NO_CLIENT - if (lwsi_role_client(wsi) && lwsi_state(wsi) == LRS_UNCONNECTED) - if (!lws_client_connect_via_info2(wsi)) - /* our client connect has failed, the wsi - * has been closed - */ - return -1; -#endif - - return 0; - -bail: - lws_pt_unlock(pt); - - return 1; -} - -void -lws_header_table_force_to_detachable_state(struct lws *wsi) -{ - if (wsi->ah) { - wsi->ah->rxpos = -1; - wsi->ah->rxlen = -1; - wsi->hdr_parsing_completed = 1; - } -} - -int -lws_header_table_is_in_detachable_state(struct lws *wsi) -{ - struct allocated_headers *ah = wsi->ah; - - return ah && ah->rxpos == ah->rxlen && wsi->hdr_parsing_completed; -} - -int __lws_header_table_detach(struct lws *wsi, int autoservice) -{ - struct lws_context *context = wsi->context; - struct allocated_headers *ah = wsi->ah; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - struct lws_pollargs pa; - struct lws **pwsi, **pwsi_eligible; - time_t now; - - __lws_remove_from_ah_waiting_list(wsi); - - if (!ah) - return 0; - - lwsl_info("%s: wsi %p: ah %p (tsi=%d, count = %d)\n", __func__, - (void *)wsi, (void *)ah, wsi->tsi, - pt->ah_count_in_use); - - if (wsi->preamble_rx) { - lws_free_set_NULL(wsi->preamble_rx); - wsi->preamble_rx_len = 0; - } - - /* may not be detached while he still has unprocessed rx */ - if (!lws_header_table_is_in_detachable_state(wsi)) { - lwsl_err("%s: %p: CANNOT DETACH rxpos:%d, rxlen:%d, " - "wsi->hdr_parsing_completed = %d\n", __func__, wsi, - ah->rxpos, ah->rxlen, wsi->hdr_parsing_completed); - return 0; - } - - /* we did have an ah attached */ - time(&now); - if (ah->assigned && now - ah->assigned > 3) { - /* - * we're detaching the ah, but it was held an - * unreasonably long time - */ - lwsl_debug("%s: wsi %p: ah held %ds, " - "ah.rxpos %d, ah.rxlen %d, role/state 0x%x 0x%x," - "\n", __func__, wsi, - (int)(now - ah->assigned), - ah->rxpos, ah->rxlen, lwsi_role(wsi), lwsi_state(wsi)); - } - - ah->assigned = 0; - - /* if we think we're detaching one, there should be one in use */ - assert(pt->ah_count_in_use > 0); - /* and this specific one should have been in use */ - assert(ah->in_use); - memset(&wsi->ah, 0, sizeof(wsi->ah)); - ah->wsi = NULL; /* no owner */ -#if defined(LWS_WITH_PEER_LIMITS) - lws_peer_track_ah_detach(context, wsi->peer); -#endif - - pwsi = &pt->ah_wait_list; - - /* oh there is nobody on the waiting list... leave the ah unattached */ - if (!*pwsi) - goto nobody_usable_waiting; - - /* - * at least one wsi on the same tsi is waiting, give it to oldest guy - * who is allowed to take it (if any) - */ - lwsl_info("pt wait list %p\n", *pwsi); - wsi = NULL; - pwsi_eligible = NULL; - - while (*pwsi) { -#if defined(LWS_WITH_PEER_LIMITS) - /* are we willing to give this guy an ah? */ - if (!lws_peer_confirm_ah_attach_ok(context, (*pwsi)->peer)) -#endif - { - wsi = *pwsi; - pwsi_eligible = pwsi; - } -#if defined(LWS_WITH_PEER_LIMITS) - else - if (!(*pwsi)->ah_wait_list) - lws_stats_atomic_bump(context, pt, - LWSSTATS_C_PEER_LIMIT_AH_DENIED, 1); -#endif - pwsi = &(*pwsi)->ah_wait_list; - } - - if (!wsi) /* everybody waiting already has too many ah... */ - goto nobody_usable_waiting; - - lwsl_info("%s: last eligible wsi in wait list %p\n", __func__, wsi); - - wsi->ah = ah; - ah->wsi = wsi; /* new owner */ - - /* and reset the rx state */ - ah->rxpos = 0; - ah->rxlen = 0; - __lws_header_table_reset(wsi, autoservice); -#if defined(LWS_WITH_PEER_LIMITS) - if (wsi->peer) - wsi->peer->count_ah++; -#endif - - /* clients acquire the ah and then insert themselves in fds table... */ - if (wsi->position_in_fds_table != -1) { - lwsl_info("%s: Enabling %p POLLIN\n", __func__, wsi); - - /* he has been stuck waiting for an ah, but now his wait is - * over, let him progress */ - - _lws_change_pollfd(wsi, 0, LWS_POLLIN, &pa); - } - - /* point prev guy to next guy in list instead */ - *pwsi_eligible = wsi->ah_wait_list; - /* the guy who got one is out of the list */ - wsi->ah_wait_list = NULL; - pt->ah_wait_list_length--; - -#ifndef LWS_NO_CLIENT - if (lwsi_role_client(wsi) && lwsi_state(wsi) == LRS_UNCONNECTED) { - lws_pt_unlock(pt); - - if (!lws_client_connect_via_info2(wsi)) { - /* our client connect has failed, the wsi - * has been closed - */ - - return -1; - } - return 0; - } -#endif - - assert(!!pt->ah_wait_list_length == !!(lws_intptr_t)pt->ah_wait_list); -bail: - lwsl_info("%s: wsi %p: ah %p (tsi=%d, count = %d)\n", __func__, - (void *)wsi, (void *)ah, pt->tid, pt->ah_count_in_use); - - return 0; - -nobody_usable_waiting: - lwsl_info("%s: nobody usable waiting\n", __func__); - _lws_destroy_ah(pt, ah); - pt->ah_count_in_use--; - - goto bail; -} - -int lws_header_table_detach(struct lws *wsi, int autoservice) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - int n; - - lws_pt_lock(pt, __func__); - n = __lws_header_table_detach(wsi, autoservice); - lws_pt_unlock(pt); - - return n; -} - -LWS_VISIBLE int -lws_hdr_fragment_length(struct lws *wsi, enum lws_token_indexes h, int frag_idx) -{ - int n; - - if (!wsi->ah) - return 0; - - n = wsi->ah->frag_index[h]; - if (!n) - return 0; - do { - if (!frag_idx) - return wsi->ah->frags[n].len; - n = wsi->ah->frags[n].nfrag; - } while (frag_idx-- && n); - - return 0; -} - -LWS_VISIBLE int lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h) -{ - int n; - int len = 0; - - if (!wsi->ah) - return 0; - - n = wsi->ah->frag_index[h]; - if (!n) - return 0; - do { - len += wsi->ah->frags[n].len; - n = wsi->ah->frags[n].nfrag; - } while (n); - - return len; -} - -LWS_VISIBLE int lws_hdr_copy_fragment(struct lws *wsi, char *dst, int len, - enum lws_token_indexes h, int frag_idx) -{ - int n = 0; - int f; - - if (!wsi->ah) - return -1; - - f = wsi->ah->frag_index[h]; - - if (!f) - return -1; - - while (n < frag_idx) { - f = wsi->ah->frags[f].nfrag; - if (!f) - return -1; - n++; - } - - if (wsi->ah->frags[f].len >= len) - return -1; - - memcpy(dst, wsi->ah->data + wsi->ah->frags[f].offset, - wsi->ah->frags[f].len); - dst[wsi->ah->frags[f].len] = '\0'; - - return wsi->ah->frags[f].len; -} - -LWS_VISIBLE int lws_hdr_copy(struct lws *wsi, char *dst, int len, - enum lws_token_indexes h) -{ - int toklen = lws_hdr_total_length(wsi, h); - int n; - - if (toklen >= len) - return -1; - - if (!wsi->ah) - return -1; - - n = wsi->ah->frag_index[h]; - if (!n) - return 0; - - do { - if (wsi->ah->frags[n].len >= len) - return -1; - strncpy(dst, &wsi->ah->data[wsi->ah->frags[n].offset], - wsi->ah->frags[n].len); - dst += wsi->ah->frags[n].len; - len -= wsi->ah->frags[n].len; - n = wsi->ah->frags[n].nfrag; - } while (n); - *dst = '\0'; - - return toklen; -} - -char *lws_hdr_simple_ptr(struct lws *wsi, enum lws_token_indexes h) -{ - int n; - - n = wsi->ah->frag_index[h]; - if (!n) - return NULL; - - return wsi->ah->data + wsi->ah->frags[n].offset; -} - -static int LWS_WARN_UNUSED_RESULT -lws_pos_in_bounds(struct lws *wsi) -{ - if (wsi->ah->pos < - (unsigned int)wsi->context->max_http_header_data) - return 0; - - if ((int)wsi->ah->pos == wsi->context->max_http_header_data) { - lwsl_err("Ran out of header data space\n"); - return 1; - } - - /* - * with these tests everywhere, it should never be able to exceed - * the limit, only meet it - */ - lwsl_err("%s: pos %d, limit %d\n", __func__, wsi->ah->pos, - wsi->context->max_http_header_data); - assert(0); - - return 1; -} - -int LWS_WARN_UNUSED_RESULT -lws_hdr_simple_create(struct lws *wsi, enum lws_token_indexes h, const char *s) -{ - wsi->ah->nfrag++; - if (wsi->ah->nfrag == ARRAY_SIZE(wsi->ah->frags)) { - lwsl_warn("More hdr frags than we can deal with, dropping\n"); - return -1; - } - - wsi->ah->frag_index[h] = wsi->ah->nfrag; - - wsi->ah->frags[wsi->ah->nfrag].offset = wsi->ah->pos; - wsi->ah->frags[wsi->ah->nfrag].len = 0; - wsi->ah->frags[wsi->ah->nfrag].nfrag = 0; - - do { - if (lws_pos_in_bounds(wsi)) - return -1; - - wsi->ah->data[wsi->ah->pos++] = *s; - if (*s) - wsi->ah->frags[wsi->ah->nfrag].len++; - } while (*s++); - - return 0; -} - -signed char char_to_hex(const char c) -{ - if (c >= '0' && c <= '9') - return c - '0'; - - if (c >= 'a' && c <= 'f') - return c - 'a' + 10; - - if (c >= 'A' && c <= 'F') - return c - 'A' + 10; - - return -1; -} - -static int LWS_WARN_UNUSED_RESULT -issue_char(struct lws *wsi, unsigned char c) -{ - unsigned short frag_len; - - if (lws_pos_in_bounds(wsi)) - return -1; - - frag_len = wsi->ah->frags[wsi->ah->nfrag].len; - /* - * If we haven't hit the token limit, just copy the character into - * the header - */ - if (frag_len < wsi->ah->current_token_limit) { - wsi->ah->data[wsi->ah->pos++] = c; - if (c) - wsi->ah->frags[wsi->ah->nfrag].len++; - return 0; - } - - /* Insert a null character when we *hit* the limit: */ - if (frag_len == wsi->ah->current_token_limit) { - if (lws_pos_in_bounds(wsi)) - return -1; - - wsi->ah->data[wsi->ah->pos++] = '\0'; - lwsl_warn("header %i exceeds limit %d\n", - wsi->ah->parser_state, - wsi->ah->current_token_limit); - } - - return 1; -} - -int -lws_parse_urldecode(struct lws *wsi, uint8_t *_c) -{ - struct allocated_headers *ah = wsi->ah; - unsigned int enc = 0; - uint8_t c = *_c; - - // lwsl_notice("ah->ups %d\n", ah->ups); - - /* - * PRIORITY 1 - * special URI processing... convert %xx - */ - switch (ah->ues) { - case URIES_IDLE: - if (c == '%') { - ah->ues = URIES_SEEN_PERCENT; - goto swallow; - } - break; - case URIES_SEEN_PERCENT: - if (char_to_hex(c) < 0) - /* illegal post-% char */ - goto forbid; - - ah->esc_stash = c; - ah->ues = URIES_SEEN_PERCENT_H1; - goto swallow; - - case URIES_SEEN_PERCENT_H1: - if (char_to_hex(c) < 0) - /* illegal post-% char */ - goto forbid; - - *_c = (char_to_hex(ah->esc_stash) << 4) | - char_to_hex(c); - c = *_c; - enc = 1; - ah->ues = URIES_IDLE; - break; - } - - /* - * PRIORITY 2 - * special URI processing... - * convert /.. or /... or /../ etc to / - * convert /./ to / - * convert // or /// etc to / - * leave /.dir or whatever alone - */ - - switch (ah->ups) { - case URIPS_IDLE: - if (!c) - return -1; - /* genuine delimiter */ - if ((c == '&' || c == ';') && !enc) { - if (issue_char(wsi, c) < 0) - return -1; - /* swallow the terminator */ - ah->frags[ah->nfrag].len--; - /* link to next fragment */ - ah->frags[ah->nfrag].nfrag = ah->nfrag + 1; - ah->nfrag++; - if (ah->nfrag >= ARRAY_SIZE(ah->frags)) - goto excessive; - /* start next fragment after the & */ - ah->post_literal_equal = 0; - ah->frags[ah->nfrag].offset = ah->pos; - ah->frags[ah->nfrag].len = 0; - ah->frags[ah->nfrag].nfrag = 0; - goto swallow; - } - /* uriencoded = in the name part, disallow */ - if (c == '=' && enc && - ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS] && - !ah->post_literal_equal) { - c = '_'; - *_c =c; - } - - /* after the real =, we don't care how many = */ - if (c == '=' && !enc) - ah->post_literal_equal = 1; - - /* + to space */ - if (c == '+' && !enc) { - c = ' '; - *_c = c; - } - /* issue the first / always */ - if (c == '/' && !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS]) - ah->ups = URIPS_SEEN_SLASH; - break; - case URIPS_SEEN_SLASH: - /* swallow subsequent slashes */ - if (c == '/') - goto swallow; - /* track and swallow the first . after / */ - if (c == '.') { - ah->ups = URIPS_SEEN_SLASH_DOT; - goto swallow; - } - ah->ups = URIPS_IDLE; - break; - case URIPS_SEEN_SLASH_DOT: - /* swallow second . */ - if (c == '.') { - ah->ups = URIPS_SEEN_SLASH_DOT_DOT; - goto swallow; - } - /* change /./ to / */ - if (c == '/') { - ah->ups = URIPS_SEEN_SLASH; - goto swallow; - } - /* it was like /.dir ... regurgitate the . */ - ah->ups = URIPS_IDLE; - if (issue_char(wsi, '.') < 0) - return -1; - break; - - case URIPS_SEEN_SLASH_DOT_DOT: - - /* /../ or /..[End of URI] --> backup to last / */ - if (c == '/' || c == '?') { - /* - * back up one dir level if possible - * safe against header fragmentation because - * the method URI can only be in 1 fragment - */ - if (ah->frags[ah->nfrag].len > 2) { - ah->pos--; - ah->frags[ah->nfrag].len--; - do { - ah->pos--; - ah->frags[ah->nfrag].len--; - } while (ah->frags[ah->nfrag].len > 1 && - ah->data[ah->pos] != '/'); - } - ah->ups = URIPS_SEEN_SLASH; - if (ah->frags[ah->nfrag].len > 1) - break; - goto swallow; - } - - /* /..[^/] ... regurgitate and allow */ - - if (issue_char(wsi, '.') < 0) - return -1; - if (issue_char(wsi, '.') < 0) - return -1; - ah->ups = URIPS_IDLE; - break; - } - - if (c == '?' && !enc && - !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS]) { /* start of URI args */ - if (ah->ues != URIES_IDLE) - goto forbid; - - /* seal off uri header */ - if (issue_char(wsi, '\0') < 0) - return -1; - - /* move to using WSI_TOKEN_HTTP_URI_ARGS */ - ah->nfrag++; - if (ah->nfrag >= ARRAY_SIZE(ah->frags)) - goto excessive; - ah->frags[ah->nfrag].offset = ah->pos; - ah->frags[ah->nfrag].len = 0; - ah->frags[ah->nfrag].nfrag = 0; - - ah->post_literal_equal = 0; - ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS] = ah->nfrag; - ah->ups = URIPS_IDLE; - goto swallow; - } - - return LPUR_CONTINUE; - -swallow: - return LPUR_SWALLOW; - -forbid: - return LPUR_FORBID; - -excessive: - return LPUR_EXCESSIVE; -} - -static const unsigned char methods[] = { - WSI_TOKEN_GET_URI, - WSI_TOKEN_POST_URI, - WSI_TOKEN_OPTIONS_URI, - WSI_TOKEN_PUT_URI, - WSI_TOKEN_PATCH_URI, - WSI_TOKEN_DELETE_URI, - WSI_TOKEN_CONNECT, - WSI_TOKEN_HEAD_URI, -}; - -/* - * possible returns:, -1 fail, 0 ok or 2, transition to raw - */ - -int LWS_WARN_UNUSED_RESULT -lws_parse(struct lws *wsi, unsigned char *buf, int *len) -{ - struct allocated_headers *ah = wsi->ah; - struct lws_context *context = wsi->context; - unsigned int n, m; - unsigned char c; - int r, pos; - - assert(wsi->ah); - - do { - (*len)--; - c = *buf++; - - switch (ah->parser_state) { - default: - - lwsl_parser("WSI_TOK_(%d) '%c'\n", ah->parser_state, c); - - /* collect into malloc'd buffers */ - /* optional initial space swallow */ - if (!ah->frags[ah->frag_index[ah->parser_state]].len && - c == ' ') - break; - - for (m = 0; m < ARRAY_SIZE(methods); m++) - if (ah->parser_state == methods[m]) - break; - if (m == ARRAY_SIZE(methods)) - /* it was not any of the methods */ - goto check_eol; - - /* special URI processing... end at space */ - - if (c == ' ') { - /* enforce starting with / */ - if (!ah->frags[ah->nfrag].len) - if (issue_char(wsi, '/') < 0) - return -1; - - if (ah->ups == URIPS_SEEN_SLASH_DOT_DOT) { - /* - * back up one dir level if possible - * safe against header fragmentation because - * the method URI can only be in 1 fragment - */ - if (ah->frags[ah->nfrag].len > 2) { - ah->pos--; - ah->frags[ah->nfrag].len--; - do { - ah->pos--; - ah->frags[ah->nfrag].len--; - } while (ah->frags[ah->nfrag].len > 1 && - ah->data[ah->pos] != '/'); - } - } - - /* begin parsing HTTP version: */ - if (issue_char(wsi, '\0') < 0) - return -1; - ah->parser_state = WSI_TOKEN_HTTP; - goto start_fragment; - } - - r = lws_parse_urldecode(wsi, &c); - switch (r) { - case LPUR_CONTINUE: - break; - case LPUR_SWALLOW: - goto swallow; - case LPUR_FORBID: - goto forbid; - case LPUR_EXCESSIVE: - goto excessive; - default: - return -1; - } -check_eol: - /* bail at EOL */ - if (ah->parser_state != WSI_TOKEN_CHALLENGE && - c == '\x0d') { - if (ah->ues != URIES_IDLE) - goto forbid; - - c = '\0'; - ah->parser_state = WSI_TOKEN_SKIPPING_SAW_CR; - lwsl_parser("*\n"); - } - - n = issue_char(wsi, c); - if ((int)n < 0) - return -1; - if (n > 0) - ah->parser_state = WSI_TOKEN_SKIPPING; - -swallow: - /* per-protocol end of headers management */ - - if (ah->parser_state == WSI_TOKEN_CHALLENGE) - goto set_parsing_complete; - break; - - /* collecting and checking a name part */ - case WSI_TOKEN_NAME_PART: - lwsl_parser("WSI_TOKEN_NAME_PART '%c' 0x%02X (role=0x%x) " - "wsi->lextable_pos=%d\n", c, c, lwsi_role(wsi), - ah->lextable_pos); - - if (c >= 'A' && c <= 'Z') - c += 'a' - 'A'; - - pos = ah->lextable_pos; - - while (1) { - if (lextable[pos] & (1 << 7)) { /* 1-byte, fail on mismatch */ - if ((lextable[pos] & 0x7f) != c) { -nope: - ah->lextable_pos = -1; - break; - } - /* fall thru */ - pos++; - if (lextable[pos] == FAIL_CHAR) - goto nope; - - ah->lextable_pos = pos; - break; - } - - if (lextable[pos] == FAIL_CHAR) - goto nope; - - /* b7 = 0, end or 3-byte */ - if (lextable[pos] < FAIL_CHAR) { /* terminal marker */ - ah->lextable_pos = pos; - break; - } - - if (lextable[pos] == c) { /* goto */ - ah->lextable_pos = pos + (lextable[pos + 1]) + - (lextable[pos + 2] << 8); - break; - } - - /* fall thru goto */ - pos += 3; - /* continue */ - } - - /* - * If it's h1, server needs to look out for unknown - * methods... - */ - if (ah->lextable_pos < 0 && - lwsi_role(wsi) == LWSI_ROLE_H1_SERVER) { - /* this is not a header we know about */ - for (m = 0; m < ARRAY_SIZE(methods); m++) - if (ah->frag_index[methods[m]]) { - /* - * already had the method, no idea what - * this crap from the client is, ignore - */ - ah->parser_state = WSI_TOKEN_SKIPPING; - break; - } - /* - * hm it's an unknown http method from a client in fact, - * it cannot be valid http - */ - if (m == ARRAY_SIZE(methods)) { - /* - * are we set up to accept raw in these cases? - */ - if (lws_check_opt(wsi->vhost->options, - LWS_SERVER_OPTION_FALLBACK_TO_RAW)) - return 2; /* transition to raw */ - - lwsl_info("Unknown method - dropping\n"); - goto forbid; - } - break; - } - /* - * ...otherwise for a client, let him ignore unknown headers - * coming from the server - */ - if (ah->lextable_pos < 0) { - ah->parser_state = WSI_TOKEN_SKIPPING; - break; - } - - if (lextable[ah->lextable_pos] < FAIL_CHAR) { - /* terminal state */ - - n = ((unsigned int)lextable[ah->lextable_pos] << 8) | - lextable[ah->lextable_pos + 1]; - - lwsl_parser("known hdr %d\n", n); - for (m = 0; m < ARRAY_SIZE(methods); m++) - if (n == methods[m] && - ah->frag_index[methods[m]]) { - lwsl_warn("Duplicated method\n"); - return -1; - } - - /* - * WSORIGIN is protocol equiv to ORIGIN, - * JWebSocket likes to send it, map to ORIGIN - */ - if (n == WSI_TOKEN_SWORIGIN) - n = WSI_TOKEN_ORIGIN; - - ah->parser_state = (enum lws_token_indexes) - (WSI_TOKEN_GET_URI + n); - ah->ups = URIPS_IDLE; - - if (context->token_limits) - ah->current_token_limit = context-> - token_limits->token_limit[ - ah->parser_state]; - else - ah->current_token_limit = - wsi->context->max_http_header_data; - - if (ah->parser_state == WSI_TOKEN_CHALLENGE) - goto set_parsing_complete; - - goto start_fragment; - } - break; - -start_fragment: - ah->nfrag++; -excessive: - if (ah->nfrag == ARRAY_SIZE(ah->frags)) { - lwsl_warn("More hdr frags than we can deal with\n"); - return -1; - } - - ah->frags[ah->nfrag].offset = ah->pos; - ah->frags[ah->nfrag].len = 0; - ah->frags[ah->nfrag].nfrag = 0; - ah->frags[ah->nfrag].flags = 2; - - n = ah->frag_index[ah->parser_state]; - if (!n) { /* first fragment */ - ah->frag_index[ah->parser_state] = ah->nfrag; - ah->hdr_token_idx = ah->parser_state; - break; - } - /* continuation */ - while (ah->frags[n].nfrag) - n = ah->frags[n].nfrag; - ah->frags[n].nfrag = ah->nfrag; - - if (issue_char(wsi, ' ') < 0) - return -1; - break; - - /* skipping arg part of a name we didn't recognize */ - case WSI_TOKEN_SKIPPING: - lwsl_parser("WSI_TOKEN_SKIPPING '%c'\n", c); - - if (c == '\x0d') - ah->parser_state = WSI_TOKEN_SKIPPING_SAW_CR; - break; - - case WSI_TOKEN_SKIPPING_SAW_CR: - lwsl_parser("WSI_TOKEN_SKIPPING_SAW_CR '%c'\n", c); - if (ah->ues != URIES_IDLE) - goto forbid; - if (c == '\x0a') { - ah->parser_state = WSI_TOKEN_NAME_PART; - ah->lextable_pos = 0; - } else - ah->parser_state = WSI_TOKEN_SKIPPING; - break; - /* we're done, ignore anything else */ - - case WSI_PARSING_COMPLETE: - lwsl_parser("WSI_PARSING_COMPLETE '%c'\n", c); - break; - } - - } while (*len); - - return 0; - -set_parsing_complete: - if (ah->ues != URIES_IDLE) - goto forbid; - if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) { - if (lws_hdr_total_length(wsi, WSI_TOKEN_VERSION)) - wsi->rx_frame_type = /* temp for ws version index */ - atoi(lws_hdr_simple_ptr(wsi, WSI_TOKEN_VERSION)); - - lwsl_parser("v%02d hdrs done\n", wsi->rx_frame_type); - } - ah->parser_state = WSI_PARSING_COMPLETE; - wsi->hdr_parsing_completed = 1; - - return 0; - -forbid: - lwsl_notice(" forbidding on uri sanitation\n"); - lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL); - - return -1; -} - -LWS_VISIBLE int lws_frame_is_binary(struct lws *wsi) -{ - return wsi->ws->frame_is_binary; -} - -void -lws_add_wsi_to_draining_ext_list(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - - if (wsi->ws->rx_draining_ext) - return; - - lwsl_ext("%s: RX EXT DRAINING: Adding to list\n", __func__); - - wsi->ws->rx_draining_ext = 1; - wsi->ws->rx_draining_ext_list = pt->rx_draining_ext_list; - pt->rx_draining_ext_list = wsi; -} - -void -lws_remove_wsi_from_draining_ext_list(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - struct lws **w = &pt->rx_draining_ext_list; - - if (!wsi->ws->rx_draining_ext) - return; - - lwsl_ext("%s: RX EXT DRAINING: Removing from list\n", __func__); - - wsi->ws->rx_draining_ext = 0; - - /* remove us from context draining ext list */ - while (*w) { - if (*w == wsi) { - /* if us, point it instead to who we were pointing to */ - *w = wsi->ws->rx_draining_ext_list; - break; - } - w = &((*w)->ws->rx_draining_ext_list); - } - wsi->ws->rx_draining_ext_list = NULL; -} - -/* - * client-parser.c: lws_client_rx_sm() needs to be roughly kept in - * sync with changes here, esp related to ext draining - */ - -int -lws_rx_sm(struct lws *wsi, unsigned char c) -{ - int callback_action = LWS_CALLBACK_RECEIVE; - int ret = 0, rx_draining_ext = 0; - struct lws_tokens eff_buf; -#if !defined(LWS_WITHOUT_EXTENSIONS) - int n; -#endif - - eff_buf.token = NULL; - eff_buf.token_len = 0; - if (wsi->socket_is_permanently_unusable) - return -1; - - switch (wsi->lws_rx_parse_state) { - case LWS_RXPS_NEW: - if (wsi->ws->rx_draining_ext) { - eff_buf.token = NULL; - eff_buf.token_len = 0; - lws_remove_wsi_from_draining_ext_list(wsi); - rx_draining_ext = 1; - lwsl_debug("%s: doing draining flow\n", __func__); - - goto drain_extension; - } - switch (wsi->ws->ietf_spec_revision) { - case 13: - /* - * no prepended frame key any more - */ - wsi->ws->all_zero_nonce = 1; - goto handle_first; - - default: - lwsl_warn("lws_rx_sm: unknown spec version %d\n", - wsi->ws->ietf_spec_revision); - break; - } - break; - case LWS_RXPS_04_mask_1: - wsi->ws->mask[1] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_04_mask_2; - break; - case LWS_RXPS_04_mask_2: - wsi->ws->mask[2] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_04_mask_3; - break; - case LWS_RXPS_04_mask_3: - wsi->ws->mask[3] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - - /* - * start from the zero'th byte in the XOR key buffer since - * this is the start of a frame with a new key - */ - - wsi->ws->mask_idx = 0; - - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_1; - break; - - /* - * 04 logical framing from the spec (all this is masked when incoming - * and has to be unmasked) - * - * We ignore the possibility of extension data because we don't - * negotiate any extensions at the moment. - * - * 0 1 2 3 - * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - * +-+-+-+-+-------+-+-------------+-------------------------------+ - * |F|R|R|R| opcode|R| Payload len | Extended payload length | - * |I|S|S|S| (4) |S| (7) | (16/63) | - * |N|V|V|V| |V| | (if payload len==126/127) | - * | |1|2|3| |4| | | - * +-+-+-+-+-------+-+-------------+ - - - - - - - - - - - - - - - + - * | Extended payload length continued, if payload len == 127 | - * + - - - - - - - - - - - - - - - +-------------------------------+ - * | | Extension data | - * +-------------------------------+ - - - - - - - - - - - - - - - + - * : : - * +---------------------------------------------------------------+ - * : Application data : - * +---------------------------------------------------------------+ - * - * We pass payload through to userland as soon as we get it, ignoring - * FIN. It's up to userland to buffer it up if it wants to see a - * whole unfragmented block of the original size (which may be up to - * 2^63 long!) - */ - - case LWS_RXPS_04_FRAME_HDR_1: -handle_first: - - wsi->ws->opcode = c & 0xf; - wsi->ws->rsv = c & 0x70; - wsi->ws->final = !!((c >> 7) & 1); - - switch (wsi->ws->opcode) { - case LWSWSOPC_TEXT_FRAME: - case LWSWSOPC_BINARY_FRAME: - wsi->ws->rsv_first_msg = (c & 0x70); - wsi->ws->frame_is_binary = - wsi->ws->opcode == LWSWSOPC_BINARY_FRAME; - wsi->ws->first_fragment = 1; - break; - case 3: - case 4: - case 5: - case 6: - case 7: - case 0xb: - case 0xc: - case 0xd: - case 0xe: - case 0xf: - lwsl_info("illegal opcode\n"); - return -1; - } - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN: - - wsi->ws->this_frame_masked = !!(c & 0x80); - - switch (c & 0x7f) { - case 126: - /* control frames are not allowed to have big lengths */ - if (wsi->ws->opcode & 8) - goto illegal_ctl_length; - - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_2; - break; - case 127: - /* control frames are not allowed to have big lengths */ - if (wsi->ws->opcode & 8) - goto illegal_ctl_length; - - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_8; - break; - default: - wsi->ws->rx_packet_length = c & 0x7f; - if (wsi->ws->this_frame_masked) - wsi->lws_rx_parse_state = - LWS_RXPS_07_COLLECT_FRAME_KEY_1; - else - if (wsi->ws->rx_packet_length) - wsi->lws_rx_parse_state = - LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; - else { - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - break; - } - break; - - case LWS_RXPS_04_FRAME_HDR_LEN16_2: - wsi->ws->rx_packet_length = c << 8; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_1; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN16_1: - wsi->ws->rx_packet_length |= c; - if (wsi->ws->this_frame_masked) - wsi->lws_rx_parse_state = - LWS_RXPS_07_COLLECT_FRAME_KEY_1; - else - wsi->lws_rx_parse_state = - LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_8: - if (c & 0x80) { - lwsl_warn("b63 of length must be zero\n"); - /* kill the connection */ - return -1; - } -#if defined __LP64__ - wsi->ws->rx_packet_length = ((size_t)c) << 56; -#else - wsi->ws->rx_packet_length = 0; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_7; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_7: -#if defined __LP64__ - wsi->ws->rx_packet_length |= ((size_t)c) << 48; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_6; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_6: -#if defined __LP64__ - wsi->ws->rx_packet_length |= ((size_t)c) << 40; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_5; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_5: -#if defined __LP64__ - wsi->ws->rx_packet_length |= ((size_t)c) << 32; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_4; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_4: - wsi->ws->rx_packet_length |= ((size_t)c) << 24; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_3; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_3: - wsi->ws->rx_packet_length |= ((size_t)c) << 16; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_2; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_2: - wsi->ws->rx_packet_length |= ((size_t)c) << 8; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_1; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_1: - wsi->ws->rx_packet_length |= ((size_t)c); - if (wsi->ws->this_frame_masked) - wsi->lws_rx_parse_state = - LWS_RXPS_07_COLLECT_FRAME_KEY_1; - else - wsi->lws_rx_parse_state = - LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_1: - wsi->ws->mask[0] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_2; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_2: - wsi->ws->mask[1] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_3; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_3: - wsi->ws->mask[2] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_4; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_4: - wsi->ws->mask[3] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = - LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED; - wsi->ws->mask_idx = 0; - if (wsi->ws->rx_packet_length == 0) { - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - break; - - - case LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED: - assert(wsi->ws->rx_ubuf); - - if (wsi->ws->rx_draining_ext) - goto drain_extension; - - if (wsi->ws->rx_ubuf_head + LWS_PRE >= - wsi->ws->rx_ubuf_alloc) { - lwsl_err("Attempted overflow \n"); - return -1; - } - if (wsi->ws->all_zero_nonce) - wsi->ws->rx_ubuf[LWS_PRE + - (wsi->ws->rx_ubuf_head++)] = c; - else - wsi->ws->rx_ubuf[LWS_PRE + - (wsi->ws->rx_ubuf_head++)] = - c ^ wsi->ws->mask[ - (wsi->ws->mask_idx++) & 3]; - - if (--wsi->ws->rx_packet_length == 0) { - /* spill because we have the whole frame */ - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - - /* - * if there's no protocol max frame size given, we are - * supposed to default to context->pt_serv_buf_size - */ - if (!wsi->protocol->rx_buffer_size && - wsi->ws->rx_ubuf_head != wsi->context->pt_serv_buf_size) - break; - - if (wsi->protocol->rx_buffer_size && - wsi->ws->rx_ubuf_head != wsi->protocol->rx_buffer_size) - break; - - /* spill because we filled our rx buffer */ -spill: - /* - * is this frame a control packet we should take care of at this - * layer? If so service it and hide it from the user callback - */ - - lwsl_parser("spill on %s\n", wsi->protocol->name); - - switch (wsi->ws->opcode) { - case LWSWSOPC_CLOSE: - - /* is this an acknowledgment of our close? */ - if (lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) { - /* - * fine he has told us he is closing too, let's - * finish our close - */ - lwsl_parser("seen client close ack\n"); - return -1; - } - if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) - /* if he sends us 2 CLOSE, kill him */ - return -1; - - if (lws_partial_buffered(wsi)) { - /* - * if we're in the middle of something, - * we can't do a normal close response and - * have to just close our end. - */ - wsi->socket_is_permanently_unusable = 1; - lwsl_parser("Closing on peer close due to Pending tx\n"); - return -1; - } - - if (user_callback_handle_rxflow( - wsi->protocol->callback, wsi, - LWS_CALLBACK_WS_PEER_INITIATED_CLOSE, - wsi->user_space, - &wsi->ws->rx_ubuf[LWS_PRE], - wsi->ws->rx_ubuf_head)) - return -1; - - lwsl_parser("server sees client close packet\n"); - lwsi_set_state(wsi, LRS_RETURNED_CLOSE); - /* deal with the close packet contents as a PONG */ - wsi->ws->payload_is_close = 1; - goto process_as_ping; - - case LWSWSOPC_PING: - lwsl_info("received %d byte ping, sending pong\n", - wsi->ws->rx_ubuf_head); - - if (wsi->ws->ping_pending_flag) { - /* - * there is already a pending ping payload - * we should just log and drop - */ - lwsl_parser("DROP PING since one pending\n"); - goto ping_drop; - } -process_as_ping: - /* control packets can only be < 128 bytes long */ - if (wsi->ws->rx_ubuf_head > 128 - 3) { - lwsl_parser("DROP PING payload too large\n"); - goto ping_drop; - } - - /* stash the pong payload */ - memcpy(wsi->ws->ping_payload_buf + LWS_PRE, - &wsi->ws->rx_ubuf[LWS_PRE], - wsi->ws->rx_ubuf_head); - - wsi->ws->ping_payload_len = wsi->ws->rx_ubuf_head; - wsi->ws->ping_pending_flag = 1; - - /* get it sent as soon as possible */ - lws_callback_on_writable(wsi); -ping_drop: - wsi->ws->rx_ubuf_head = 0; - return 0; - - case LWSWSOPC_PONG: - lwsl_info("received pong\n"); - lwsl_hexdump(&wsi->ws->rx_ubuf[LWS_PRE], - wsi->ws->rx_ubuf_head); - - if (wsi->pending_timeout == - PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG) { - lwsl_info("received expected PONG on wsi %p\n", - wsi); - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - } - - /* issue it */ - callback_action = LWS_CALLBACK_RECEIVE_PONG; - break; - - case LWSWSOPC_TEXT_FRAME: - case LWSWSOPC_BINARY_FRAME: - case LWSWSOPC_CONTINUATION: - break; - - default: - lwsl_parser("passing opc %x up to exts\n", - wsi->ws->opcode); - /* - * It's something special we can't understand here. - * Pass the payload up to the extension's parsing - * state machine. - */ - - eff_buf.token = &wsi->ws->rx_ubuf[LWS_PRE]; - eff_buf.token_len = wsi->ws->rx_ubuf_head; - - if (lws_ext_cb_active(wsi, - LWS_EXT_CB_EXTENDED_PAYLOAD_RX, - &eff_buf, 0) <= 0) - /* not handle or fail */ - lwsl_ext("ext opc opcode 0x%x unknown\n", - wsi->ws->opcode); - - wsi->ws->rx_ubuf_head = 0; - return 0; - } - - /* - * No it's real payload, pass it up to the user callback. - * It's nicely buffered with the pre-padding taken care of - * so it can be sent straight out again using lws_write - */ - - eff_buf.token = &wsi->ws->rx_ubuf[LWS_PRE]; - eff_buf.token_len = wsi->ws->rx_ubuf_head; - - if (wsi->ws->opcode == LWSWSOPC_PONG && !eff_buf.token_len) - goto already_done; - -drain_extension: - lwsl_ext("%s: passing %d to ext\n", __func__, eff_buf.token_len); - - if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || - lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) - goto already_done; -#if !defined(LWS_WITHOUT_EXTENSIONS) - n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, &eff_buf, 0); -#endif - /* - * eff_buf may be pointing somewhere completely different now, - * it's the output - */ - wsi->ws->first_fragment = 0; -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (n < 0) { - /* - * we may rely on this to get RX, just drop connection - */ - wsi->socket_is_permanently_unusable = 1; - return -1; - } -#endif - if (rx_draining_ext && eff_buf.token_len == 0) - goto already_done; - - if ( -#if !defined(LWS_WITHOUT_EXTENSIONS) - n && -#endif - eff_buf.token_len) - /* extension had more... main loop will come back */ - lws_add_wsi_to_draining_ext_list(wsi); - else - lws_remove_wsi_from_draining_ext_list(wsi); - - if (eff_buf.token_len > 0 || - callback_action == LWS_CALLBACK_RECEIVE_PONG) { - eff_buf.token[eff_buf.token_len] = '\0'; - - if (wsi->protocol->callback) { - if (callback_action == LWS_CALLBACK_RECEIVE_PONG) - lwsl_info("Doing pong callback\n"); - - ret = user_callback_handle_rxflow( - wsi->protocol->callback, - wsi, (enum lws_callback_reasons) - callback_action, - wsi->user_space, - eff_buf.token, - eff_buf.token_len); - } - else - lwsl_err("No callback on payload spill!\n"); - } - -already_done: - wsi->ws->rx_ubuf_head = 0; - break; - } - - return ret; - -illegal_ctl_length: - - lwsl_warn("Control frame with xtended length is illegal\n"); - /* kill the connection */ - return -1; -} - -LWS_VISIBLE size_t -lws_remaining_packet_payload(struct lws *wsi) -{ - return wsi->ws->rx_packet_length; -} - -/* Once we reach LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED, we know how much - * to expect in that state and can deal with it in bulk more efficiently. - */ - -int -lws_payload_until_length_exhausted(struct lws *wsi, unsigned char **buf, - size_t *len) -{ - unsigned char *buffer = *buf, mask[4]; - int buffer_size, n; - unsigned int avail; - char *rx_ubuf; - - if (wsi->protocol->rx_buffer_size) - buffer_size = (int)wsi->protocol->rx_buffer_size; - else - buffer_size = wsi->context->pt_serv_buf_size; - avail = buffer_size - wsi->ws->rx_ubuf_head; - - /* do not consume more than we should */ - if (avail > wsi->ws->rx_packet_length) - avail = (unsigned int)wsi->ws->rx_packet_length; - - /* do not consume more than what is in the buffer */ - if (avail > *len) - avail = (unsigned int)(*len); - - /* we want to leave 1 byte for the parser to handle properly */ - if (avail <= 1) - return 0; - - avail--; - rx_ubuf = wsi->ws->rx_ubuf + LWS_PRE + wsi->ws->rx_ubuf_head; - if (wsi->ws->all_zero_nonce) - memcpy(rx_ubuf, buffer, avail); - else { - - for (n = 0; n < 4; n++) - mask[n] = wsi->ws->mask[(wsi->ws->mask_idx + n) & 3]; - - /* deal with 4-byte chunks using unwrapped loop */ - n = avail >> 2; - while (n--) { - *(rx_ubuf++) = *(buffer++) ^ mask[0]; - *(rx_ubuf++) = *(buffer++) ^ mask[1]; - *(rx_ubuf++) = *(buffer++) ^ mask[2]; - *(rx_ubuf++) = *(buffer++) ^ mask[3]; - } - /* and the remaining bytes bytewise */ - for (n = 0; n < (int)(avail & 3); n++) - *(rx_ubuf++) = *(buffer++) ^ mask[n]; - - wsi->ws->mask_idx = (wsi->ws->mask_idx + avail) & 3; - } - - (*buf) += avail; - wsi->ws->rx_ubuf_head += avail; - wsi->ws->rx_packet_length -= avail; - *len -= avail; - - return avail; -} diff --git a/lib/server/peer-limits.c b/lib/server/peer-limits.c deleted file mode 100644 index 707454f..0000000 --- a/lib/server/peer-limits.c +++ /dev/null @@ -1,254 +0,0 @@ -/* - * libwebsockets - peer limits tracking - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -/* requires context->lock */ -static void -__lws_peer_remove_from_peer_wait_list(struct lws_context *context, - struct lws_peer *peer) -{ - struct lws_peer *df; - - lws_start_foreach_llp(struct lws_peer **, p, context->peer_wait_list) { - if (*p == peer) { - df = *p; - - *p = df->peer_wait_list; - df->peer_wait_list = NULL; - - return; - } - } lws_end_foreach_llp(p, peer_wait_list); -} - -/* requires context->lock */ -static void -__lws_peer_add_to_peer_wait_list(struct lws_context *context, - struct lws_peer *peer) -{ - __lws_peer_remove_from_peer_wait_list(context, peer); - - peer->peer_wait_list = context->peer_wait_list; - context->peer_wait_list = peer; -} - - -struct lws_peer * -lws_get_or_create_peer(struct lws_vhost *vhost, lws_sockfd_type sockfd) -{ - struct lws_context *context = vhost->context; - socklen_t rlen = 0; - void *q; - uint8_t *q8; - struct lws_peer *peer; - uint32_t hash = 0; - int n, af = AF_INET; - struct sockaddr_storage addr; - -#ifdef LWS_WITH_IPV6 - if (LWS_IPV6_ENABLED(vhost)) { - af = AF_INET6; - } -#endif - rlen = sizeof(addr); - if (getpeername(sockfd, (struct sockaddr*)&addr, &rlen)) - /* eg, udp doesn't have to have a peer */ - return NULL; - - if (af == AF_INET) { - struct sockaddr_in *s = (struct sockaddr_in *)&addr; - q = &s->sin_addr; - rlen = sizeof(s->sin_addr); - } else -#ifdef LWS_WITH_IPV6 - { - struct sockaddr_in6 *s = (struct sockaddr_in6 *)&addr; - q = &s->sin6_addr; - rlen = sizeof(s->sin6_addr); - } -#else - return NULL; -#endif - - q8 = q; - for (n = 0; n < (int)rlen; n++) - hash = (((hash << 4) | (hash >> 28)) * n) ^ q8[n]; - - hash = hash % context->pl_hash_elements; - - lws_context_lock(context); /* <====================================== */ - - lws_start_foreach_ll(struct lws_peer *, peerx, - context->pl_hash_table[hash]) { - if (peerx->af == af && !memcmp(q, peerx->addr, rlen)) { - lws_context_unlock(context); /* === */ - return peerx; - } - } lws_end_foreach_ll(peerx, next); - - lwsl_info("%s: creating new peer\n", __func__); - - peer = lws_zalloc(sizeof(*peer), "peer"); - if (!peer) { - lws_context_unlock(context); /* === */ - lwsl_err("%s: OOM for new peer\n", __func__); - return NULL; - } - - context->count_peers++; - peer->next = context->pl_hash_table[hash]; - peer->hash = hash; - peer->af = af; - context->pl_hash_table[hash] = peer; - memcpy(peer->addr, q, rlen); - time(&peer->time_created); - /* - * On creation, the peer has no wsi attached, so is created on the - * wait list. When a wsi is added it is removed from the wait list. - */ - time(&peer->time_closed_all); - __lws_peer_add_to_peer_wait_list(context, peer); - - lws_context_unlock(context); /* ====================================> */ - - return peer; -} - -/* requires context->lock */ -static int -__lws_peer_destroy(struct lws_context *context, struct lws_peer *peer) -{ - lws_start_foreach_llp(struct lws_peer **, p, - context->pl_hash_table[peer->hash]) { - if (*p == peer) { - struct lws_peer *df = *p; - *p = df->next; - lws_free(df); - context->count_peers--; - - return 0; - } - } lws_end_foreach_llp(p, next); - - return 1; -} - -void -lws_peer_cull_peer_wait_list(struct lws_context *context) -{ - struct lws_peer *df; - time_t t; - - time(&t); - - if (context->next_cull && t < context->next_cull) - return; - - lws_context_lock(context); /* <====================================== */ - - context->next_cull = t + 5; - - lws_start_foreach_llp(struct lws_peer **, p, context->peer_wait_list) { - if (t - (*p)->time_closed_all > 10) { - df = *p; - - /* remove us from the peer wait list */ - *p = df->peer_wait_list; - df->peer_wait_list = NULL; - - __lws_peer_destroy(context, df); - continue; /* we already point to next, if any */ - } - } lws_end_foreach_llp(p, peer_wait_list); - - lws_context_unlock(context); /* ====================================> */ -} - -void -lws_peer_add_wsi(struct lws_context *context, struct lws_peer *peer, - struct lws *wsi) -{ - if (!peer) - return; - - lws_context_lock(context); /* <====================================== */ - - peer->count_wsi++; - wsi->peer = peer; - __lws_peer_remove_from_peer_wait_list(context, peer); - - lws_context_unlock(context); /* ====================================> */ -} - -void -lws_peer_track_wsi_close(struct lws_context *context, struct lws_peer *peer) -{ - if (!peer) - return; - - lws_context_lock(context); /* <====================================== */ - - assert(peer->count_wsi); - peer->count_wsi--; - - if (!peer->count_wsi && !peer->count_ah) { - /* - * in order that we can accumulate peer activity correctly - * allowing for periods when the peer has no connections, - * we don't synchronously destroy the peer when his last - * wsi closes. Instead we mark the time his last wsi - * closed and add him to a peer_wait_list to be reaped - * later if no further activity is coming. - */ - time(&peer->time_closed_all); - __lws_peer_add_to_peer_wait_list(context, peer); - } - - lws_context_unlock(context); /* ====================================> */ -} - -int -lws_peer_confirm_ah_attach_ok(struct lws_context *context, struct lws_peer *peer) -{ - if (!peer) - return 0; - - if (context->ip_limit_ah && peer->count_ah >= context->ip_limit_ah) { - lwsl_info("peer reached ah limit %d, deferring\n", - context->ip_limit_ah); - - return 1; - } - - return 0; -} - -void -lws_peer_track_ah_detach(struct lws_context *context, struct lws_peer *peer) -{ - if (!peer) - return; - - assert(peer->count_ah); - peer->count_ah--; -} - diff --git a/lib/server/ranges.c b/lib/server/ranges.c deleted file mode 100644 index bc1578d..0000000 --- a/lib/server/ranges.c +++ /dev/null @@ -1,214 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * RFC7233 ranges parser - * - * Copyright (C) 2016 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -/* - * RFC7233 examples - * - * o The first 500 bytes (byte offsets 0-499, inclusive): - * - * bytes=0-499 - * - * o The second 500 bytes (byte offsets 500-999, inclusive): - * - * bytes=500-999 - * - * o The final 500 bytes (byte offsets 9500-9999, inclusive): - * - * bytes=-500 - * - * Or: - * - * bytes=9500- - * - * o The first and last bytes only (bytes 0 and 9999): - * - * bytes=0-0,-1 - * - * o Other valid (but not canonical) specifications of the second 500 - * bytes (byte offsets 500-999, inclusive): - * - * bytes=500-600,601-999 - * bytes=500-700,601-999 - */ - -/* - * returns 1 if the range struct represents a usable range - * if no ranges header, you get one of these for the whole - * file. Otherwise you get one for each valid range in the - * header. - * - * returns 0 if no further valid range forthcoming; rp->state - * may be LWSRS_SYNTAX or LWSRS_COMPLETED - */ - -int -lws_ranges_next(struct lws_range_parsing *rp) -{ - static const char * const beq = "bytes="; - char c; - - while (1) { - - c = rp->buf[rp->pos]; - - switch (rp->state) { - case LWSRS_SYNTAX: - case LWSRS_COMPLETED: - return 0; - - case LWSRS_NO_ACTIVE_RANGE: - rp->state = LWSRS_COMPLETED; - return 0; - - case LWSRS_BYTES_EQ: // looking for "bytes=" - if (c != beq[rp->pos]) { - rp->state = LWSRS_SYNTAX; - return -1; - } - if (rp->pos == 5) - rp->state = LWSRS_FIRST; - break; - - case LWSRS_FIRST: - rp->start = 0; - rp->end = 0; - rp->start_valid = 0; - rp->end_valid = 0; - - rp->state = LWSRS_STARTING; - - // fallthru - - case LWSRS_STARTING: - if (c == '-') { - rp->state = LWSRS_ENDING; - break; - } - - if (!(c >= '0' && c <= '9')) { - rp->state = LWSRS_SYNTAX; - return 0; - } - rp->start = (rp->start * 10) + (c - '0'); - rp->start_valid = 1; - break; - - case LWSRS_ENDING: - if (c == ',' || c == '\0') { - rp->state = LWSRS_FIRST; - if (c == ',') - rp->pos++; - - /* - * By the end of this, start and end are - * always valid if the range still is - */ - - if (!rp->start_valid) { /* eg, -500 */ - if (rp->end > rp->extent) - rp->end = rp->extent; - - rp->start = rp->extent - rp->end; - rp->end = rp->extent - 1; - } else - if (!rp->end_valid) - rp->end = rp->extent - 1; - - rp->did_try = 1; - - /* end must be >= start or ignore it */ - if (rp->end < rp->start) { - if (c == ',') - break; - rp->state = LWSRS_COMPLETED; - return 0; - } - - return 1; /* issue range */ - } - - if (!(c >= '0' && c <= '9')) { - rp->state = LWSRS_SYNTAX; - return 0; - } - rp->end = (rp->end * 10) + (c - '0'); - rp->end_valid = 1; - break; - } - - rp->pos++; - } -} - -void -lws_ranges_reset(struct lws_range_parsing *rp) -{ - rp->pos = 0; - rp->ctr = 0; - rp->start = 0; - rp->end = 0; - rp->start_valid = 0; - rp->end_valid = 0; - rp->state = LWSRS_BYTES_EQ; -} - -/* - * returns count of valid ranges - */ -int -lws_ranges_init(struct lws *wsi, struct lws_range_parsing *rp, - unsigned long long extent) -{ - rp->agg = 0; - rp->send_ctr = 0; - rp->inside = 0; - rp->count_ranges = 0; - rp->did_try = 0; - lws_ranges_reset(rp); - rp->state = LWSRS_COMPLETED; - - rp->extent = extent; - - if (lws_hdr_copy(wsi, (char *)rp->buf, sizeof(rp->buf), - WSI_TOKEN_HTTP_RANGE) <= 0) - return 0; - - rp->state = LWSRS_BYTES_EQ; - - while (lws_ranges_next(rp)) { - rp->count_ranges++; - rp->agg += rp->end - rp->start + 1; - } - - lwsl_debug("%s: count %d\n", __func__, rp->count_ranges); - lws_ranges_reset(rp); - - if (rp->did_try && !rp->count_ranges) - return -1; /* "not satisfiable */ - - lws_ranges_next(rp); - - return rp->count_ranges; -} diff --git a/lib/server/rewrite.c b/lib/server/rewrite.c deleted file mode 100644 index 2f9b0c4..0000000 --- a/lib/server/rewrite.c +++ /dev/null @@ -1,52 +0,0 @@ -#include "private-libwebsockets.h" - - -LWS_EXTERN struct lws_rewrite * -lws_rewrite_create(struct lws *wsi, hubbub_callback_t cb, const char *from, const char *to) -{ - struct lws_rewrite *r = lws_malloc(sizeof(*r), "rewrite"); - - if (!r) { - lwsl_err("OOM\n"); - return NULL; - } - - if (hubbub_parser_create("UTF-8", false, &r->parser) != HUBBUB_OK) { - lws_free(r); - - return NULL; - } - r->from = from; - r->from_len = strlen(from); - r->to = to; - r->to_len = strlen(to); - r->params.token_handler.handler = cb; - r->wsi = wsi; - r->params.token_handler.pw = (void *)r; - if (hubbub_parser_setopt(r->parser, HUBBUB_PARSER_TOKEN_HANDLER, - &r->params) != HUBBUB_OK) { - lws_free(r); - - return NULL; - } - - return r; -} - -LWS_EXTERN int -lws_rewrite_parse(struct lws_rewrite *r, - const unsigned char *in, int in_len) -{ - if (hubbub_parser_parse_chunk(r->parser, in, in_len) != HUBBUB_OK) - return -1; - - return 0; -} - -LWS_EXTERN void -lws_rewrite_destroy(struct lws_rewrite *r) -{ - hubbub_parser_destroy(r->parser); - lws_free(r); -} - diff --git a/lib/server/server-handshake.c b/lib/server/server-handshake.c deleted file mode 100644 index c3590cb..0000000 --- a/lib/server/server-handshake.c +++ /dev/null @@ -1,364 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2013 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -#define LWS_CPYAPP(ptr, str) { strcpy(ptr, str); ptr += strlen(str); } - -#if !defined(LWS_WITHOUT_EXTENSIONS) -static int -lws_extension_server_handshake(struct lws *wsi, char **p, int budget) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - char ext_name[64], *args, *end = (*p) + budget - 1; - const struct lws_ext_options *opts, *po; - const struct lws_extension *ext; - struct lws_ext_option_arg oa; - int n, m, more = 1; - int ext_count = 0; - char ignore; - char *c; - - /* - * Figure out which extensions the client has that we want to - * enable on this connection, and give him back the list - */ - if (!lws_hdr_total_length(wsi, WSI_TOKEN_EXTENSIONS)) - return 0; - - /* - * break down the list of client extensions - * and go through them - */ - - if (lws_hdr_copy(wsi, (char *)pt->serv_buf, context->pt_serv_buf_size, - WSI_TOKEN_EXTENSIONS) < 0) - return 1; - - c = (char *)pt->serv_buf; - lwsl_parser("WSI_TOKEN_EXTENSIONS = '%s'\n", c); - wsi->count_act_ext = 0; - ignore = 0; - n = 0; - args = NULL; - - /* - * We may get a simple request - * - * Sec-WebSocket-Extensions: permessage-deflate - * - * or an elaborated one with requested options - * - * Sec-WebSocket-Extensions: permessage-deflate; \ - * server_no_context_takeover; \ - * client_no_context_takeover - */ - - while (more) { - - if (*c && (*c != ',' && *c != '\t')) { - if (*c == ';') { - ignore = 1; - args = c + 1; - } - if (ignore || *c == ' ') { - c++; - continue; - } - ext_name[n] = *c++; - if (n < (int)sizeof(ext_name) - 1) - n++; - continue; - } - ext_name[n] = '\0'; - - ignore = 0; - if (!*c) - more = 0; - else { - c++; - if (!n) - continue; - } - - while (args && *args && *args == ' ') - args++; - - /* check a client's extension against our support */ - - ext = wsi->vhost->extensions; - - while (ext && ext->callback) { - - if (strcmp(ext_name, ext->name)) { - ext++; - continue; - } - - /* - * oh, we do support this one he asked for... but let's - * confirm he only gave it once - */ - for (m = 0; m < wsi->count_act_ext; m++) - if (wsi->active_extensions[m] == ext) { - lwsl_info("extension mentioned twice\n"); - return 1; /* shenanigans */ - } - - /* - * ask user code if it's OK to apply it on this - * particular connection + protocol - */ - m = (wsi->protocol->callback)(wsi, - LWS_CALLBACK_CONFIRM_EXTENSION_OKAY, - wsi->user_space, ext_name, 0); - - /* - * zero return from callback means go ahead and allow - * the extension, it's what we get if the callback is - * unhandled - */ - if (m) { - ext++; - continue; - } - - /* apply it */ - - ext_count++; - - /* instantiate the extension on this conn */ - - wsi->active_extensions[wsi->count_act_ext] = ext; - - /* allow him to construct his context */ - - if (ext->callback(lws_get_context(wsi), ext, wsi, - LWS_EXT_CB_CONSTRUCT, - (void *)&wsi->act_ext_user[ - wsi->count_act_ext], - (void *)&opts, 0)) { - lwsl_info("ext %s failed construction\n", - ext_name); - ext_count--; - ext++; - - continue; - } - - if (ext_count > 1) - *(*p)++ = ','; - else - LWS_CPYAPP(*p, - "\x0d\x0aSec-WebSocket-Extensions: "); - *p += lws_snprintf(*p, (end - *p), "%s", ext_name); - - /* - * go through the options trying to apply the - * recognized ones - */ - - lwsl_debug("ext args %s", args); - - while (args && *args && *args != ',') { - while (*args == ' ') - args++; - po = opts; - while (po->name) { - /* only support arg-less options... */ - if (po->type != EXTARG_NONE || - strncmp(args, po->name, - strlen(po->name))) { - po++; - continue; - } - oa.option_name = NULL; - oa.option_index = (int)(po - opts); - oa.start = NULL; - lwsl_debug("setting %s\n", po->name); - if (!ext->callback( - lws_get_context(wsi), ext, wsi, - LWS_EXT_CB_OPTION_SET, - wsi->act_ext_user[ - wsi->count_act_ext], - &oa, (end - *p))) { - - *p += lws_snprintf(*p, (end - *p), - "; %s", po->name); - lwsl_debug("adding option %s\n", - po->name); - } - po++; - } - while (*args && *args != ',' && *args != ';') - args++; - } - - wsi->count_act_ext++; - lwsl_parser("cnt_act_ext <- %d\n", wsi->count_act_ext); - - ext++; - } - - n = 0; - args = NULL; - } - - return 0; -} -#endif -int -handshake_0405(struct lws_context *context, struct lws *wsi) -{ - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - struct lws_process_html_args args; - unsigned char hash[20]; - int n, accept_len; - char *response; - char *p; - - if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST) || - !lws_hdr_total_length(wsi, WSI_TOKEN_KEY)) { - lwsl_parser("handshake_04 missing pieces\n"); - /* completed header processing, but missing some bits */ - goto bail; - } - - if (lws_hdr_total_length(wsi, WSI_TOKEN_KEY) >= MAX_WEBSOCKET_04_KEY_LEN) { - lwsl_warn("Client key too long %d\n", MAX_WEBSOCKET_04_KEY_LEN); - goto bail; - } - - /* - * since key length is restricted above (currently 128), cannot - * overflow - */ - n = sprintf((char *)pt->serv_buf, - "%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11", - lws_hdr_simple_ptr(wsi, WSI_TOKEN_KEY)); - - lws_SHA1(pt->serv_buf, n, hash); - - accept_len = lws_b64_encode_string((char *)hash, 20, - (char *)pt->serv_buf, context->pt_serv_buf_size); - if (accept_len < 0) { - lwsl_warn("Base64 encoded hash too long\n"); - goto bail; - } - - /* allocate the per-connection user memory (if any) */ - if (lws_ensure_user_space(wsi)) - goto bail; - - /* create the response packet */ - - /* make a buffer big enough for everything */ - - response = (char *)pt->serv_buf + MAX_WEBSOCKET_04_KEY_LEN + LWS_PRE; - p = response; - LWS_CPYAPP(p, "HTTP/1.1 101 Switching Protocols\x0d\x0a" - "Upgrade: WebSocket\x0d\x0a" - "Connection: Upgrade\x0d\x0a" - "Sec-WebSocket-Accept: "); - strcpy(p, (char *)pt->serv_buf); - p += accept_len; - - /* we can only return the protocol header if: - * - one came in, and ... */ - if (lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL) && - /* - it is not an empty string */ - wsi->protocol->name && - wsi->protocol->name[0]) { - LWS_CPYAPP(p, "\x0d\x0aSec-WebSocket-Protocol: "); - p += lws_snprintf(p, 128, "%s", wsi->protocol->name); - } - -#if !defined(LWS_WITHOUT_EXTENSIONS) - /* - * Figure out which extensions the client has that we want to - * enable on this connection, and give him back the list. - * - * Give him a limited write bugdet - */ - if (lws_extension_server_handshake(wsi, &p, 192)) - goto bail; -#endif - LWS_CPYAPP(p, "\x0d\x0a"); - - args.p = p; - args.max_len = lws_ptr_diff((char *)pt->serv_buf + - context->pt_serv_buf_size, p); - if (user_callback_handle_rxflow(wsi->protocol->callback, wsi, - LWS_CALLBACK_ADD_HEADERS, - wsi->user_space, &args, 0)) - goto bail; - - p = args.p; - - /* end of response packet */ - - LWS_CPYAPP(p, "\x0d\x0a"); - - if (!lws_any_extension_handled(wsi, LWS_EXT_CB_HANDSHAKE_REPLY_TX, - response, p - response)) { - - /* okay send the handshake response accepting the connection */ - - lwsl_parser("issuing resp pkt %d len\n", - lws_ptr_diff(p, response)); -#if defined(DEBUG) - fwrite(response, 1, p - response, stderr); -#endif - n = lws_write(wsi, (unsigned char *)response, - p - response, LWS_WRITE_HTTP_HEADERS); - if (n != (p - response)) { - lwsl_debug("handshake_0405: ERROR writing to socket\n"); - goto bail; - } - - } - - /* alright clean up and set ourselves into established state */ - - lwsi_set_state(wsi, LRS_ESTABLISHED); - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - - { - const char * uri_ptr = - lws_hdr_simple_ptr(wsi, WSI_TOKEN_GET_URI); - int uri_len = lws_hdr_total_length(wsi, WSI_TOKEN_GET_URI); - const struct lws_http_mount *hit = - lws_find_mount(wsi, uri_ptr, uri_len); - if (hit && hit->cgienv && - wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_PMO, - wsi->user_space, (void *)hit->cgienv, 0)) - return 1; - } - - return 0; - - -bail: - /* caller will free up his parsing allocations */ - return -1; -} - diff --git a/lib/server/server.c b/lib/server/server.c deleted file mode 100644 index a99b114..0000000 --- a/lib/server/server.c +++ /dev/null @@ -1,3253 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -const char * const method_names[] = { - "GET", "POST", "OPTIONS", "PUT", "PATCH", "DELETE", "CONNECT", "HEAD", -#ifdef LWS_WITH_HTTP2 - ":path", -#endif - }; - -/* - * return 0: all done - * 1: nonfatal error - * <0: fatal error - */ - -int -lws_context_init_server(struct lws_context_creation_info *info, - struct lws_vhost *vhost) -{ -#if LWS_POSIX - int n, opt = 1, limit = 1; -#if defined(__linux__) && defined(SO_REUSEPORT) - int n1; -#endif -#endif - lws_sockfd_type sockfd; - struct lws_vhost *vh; - struct lws *wsi; - int m = 0, is; - - (void)method_names; - (void)opt; - - if (info) { - vhost->iface = info->iface; - vhost->listen_port = info->port; - } - - /* set up our external listening socket we serve on */ - - if (vhost->listen_port == CONTEXT_PORT_NO_LISTEN || - vhost->listen_port == CONTEXT_PORT_NO_LISTEN_SERVER) - return 0; - - vh = vhost->context->vhost_list; - while (vh) { - if (vh->listen_port == vhost->listen_port) { - if (((!vhost->iface && !vh->iface) || - (vhost->iface && vh->iface && - !strcmp(vhost->iface, vh->iface))) && - vh->lserv_wsi - ) { - lwsl_notice(" using listen skt from vhost %s\n", - vh->name); - return 0; - } - } - vh = vh->vhost_next; - } - - if (vhost->iface) { - /* - * let's check before we do anything else about the disposition - * of the interface he wants to bind to... - */ - is = lws_socket_bind(vhost, LWS_SOCK_INVALID, vhost->listen_port, vhost->iface); - lwsl_debug("initial if check says %d\n", is); -deal: - lws_context_lock(vhost->context); - lws_start_foreach_llp(struct lws_vhost **, pv, - vhost->context->no_listener_vhost_list) { - if (is >= LWS_ITOSA_USABLE && *pv == vhost) { - /* on the list and shouldn't be: remove it */ - lwsl_debug("deferred iface: removing vh %s\n", (*pv)->name); - *pv = vhost->no_listener_vhost_list; - vhost->no_listener_vhost_list = NULL; - goto done_list; - } - if (is < LWS_ITOSA_USABLE && *pv == vhost) - goto done_list; - } lws_end_foreach_llp(pv, no_listener_vhost_list); - - /* not on the list... */ - - if (is < LWS_ITOSA_USABLE) { - - /* ... but needs to be: so add it */ - - lwsl_debug("deferred iface: adding vh %s\n", vhost->name); - vhost->no_listener_vhost_list = vhost->context->no_listener_vhost_list; - vhost->context->no_listener_vhost_list = vhost; - } - -done_list: - lws_context_unlock(vhost->context); - - switch (is) { - default: - break; - case LWS_ITOSA_NOT_EXIST: - /* can't add it */ - if (info) /* first time */ - lwsl_err("VH %s: iface %s port %d DOESN'T EXIST\n", - vhost->name, vhost->iface, vhost->listen_port); - return 1; - case LWS_ITOSA_NOT_USABLE: - /* can't add it */ - if (info) /* first time */ - lwsl_err("VH %s: iface %s port %d NOT USABLE\n", - vhost->name, vhost->iface, vhost->listen_port); - return 1; - } - } - -#if LWS_POSIX - (void)n; -#if defined(__linux__) - limit = vhost->context->count_threads; -#endif - - for (m = 0; m < limit; m++) { -#ifdef LWS_WITH_UNIX_SOCK - if (LWS_UNIX_SOCK_ENABLED(vhost)) - sockfd = socket(AF_UNIX, SOCK_STREAM, 0); - else -#endif -#ifdef LWS_WITH_IPV6 - if (LWS_IPV6_ENABLED(vhost)) - sockfd = socket(AF_INET6, SOCK_STREAM, 0); - else -#endif - sockfd = socket(AF_INET, SOCK_STREAM, 0); - - if (sockfd == LWS_SOCK_INVALID) { -#endif /* LWS_POSIX */ - lwsl_err("ERROR opening socket\n"); - return 1; - } -#if LWS_POSIX && !defined(LWS_WITH_ESP32) -#if (defined(WIN32) || defined(_WIN32)) && defined(SO_EXCLUSIVEADDRUSE) - /* - * only accept that we are the only listener on the port - * https://msdn.microsoft.com/zh-tw/library/ - * windows/desktop/ms740621(v=vs.85).aspx - * - * for lws, to match Linux, we default to exclusive listen - */ - if (!lws_check_opt(vhost->options, - LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE)) { - if (setsockopt(sockfd, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, - (const void *)&opt, sizeof(opt)) < 0) { - lwsl_err("reuseaddr failed\n"); - compatible_close(sockfd); - return -1; - } - } else -#endif - - /* - * allow us to restart even if old sockets in TIME_WAIT - */ - if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, - (const void *)&opt, sizeof(opt)) < 0) { - lwsl_err("reuseaddr failed\n"); - compatible_close(sockfd); - return -1; - } - -#if defined(LWS_WITH_IPV6) && defined(IPV6_V6ONLY) - if (LWS_IPV6_ENABLED(vhost) && - vhost->options & LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY) { - int value = (vhost->options & - LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE) ? 1 : 0; - if (setsockopt(sockfd, IPPROTO_IPV6, IPV6_V6ONLY, - (const void*)&value, sizeof(value)) < 0) { - compatible_close(sockfd); - return -1; - } - } -#endif - -#if defined(__linux__) && defined(SO_REUSEPORT) - n1 = lws_check_opt(vhost->options, - LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE); - /* keep coverity happy */ -#if LWS_MAX_SMP > 1 - n = 1; -#else - n = n1; -#endif - if (n && vhost->context->count_threads > 1) - if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEPORT, - (const void *)&opt, sizeof(opt)) < 0) { - compatible_close(sockfd); - return -1; - } -#endif -#endif - lws_plat_set_socket_options(vhost, sockfd); - -#if LWS_POSIX - is = lws_socket_bind(vhost, sockfd, vhost->listen_port, vhost->iface); - /* - * There is a race where the network device may come up and then - * go away and fail here. So correctly handle unexpected failure - * here despite we earlier confirmed it. - */ - if (is < 0) { - lwsl_info("%s: lws_socket_bind says %d\n", __func__, is); - compatible_close(sockfd); - goto deal; - } - vhost->listen_port = is; - - lwsl_debug("%s: lws_socket_bind says %d\n", __func__, is); -#endif - - wsi = lws_zalloc(sizeof(struct lws), "listen wsi"); - if (wsi == NULL) { - lwsl_err("Out of mem\n"); - goto bail; - } - wsi->context = vhost->context; - wsi->desc.sockfd = sockfd; - lwsi_set_role(wsi, LWSI_ROLE_LISTEN_SOCKET); - wsi->protocol = vhost->protocols; - wsi->tsi = m; - wsi->vhost = vhost; - wsi->listener = 1; - -#ifdef LWS_WITH_LIBUV - if (LWS_LIBUV_ENABLED(vhost->context)) - lws_uv_initvhost(vhost, wsi); -#endif - - if (__insert_wsi_socket_into_fds(vhost->context, wsi)) { - lwsl_notice("inserting wsi socket into fds failed\n"); - goto bail; - } - - vhost->context->count_wsi_allocated++; - vhost->lserv_wsi = wsi; - -#if LWS_POSIX - n = listen(wsi->desc.sockfd, LWS_SOMAXCONN); - if (n < 0) { - lwsl_err("listen failed with error %d\n", LWS_ERRNO); - vhost->lserv_wsi = NULL; - vhost->context->count_wsi_allocated--; - __remove_wsi_socket_from_fds(wsi); - goto bail; - } - } /* for each thread able to independently listen */ -#endif - if (!lws_check_opt(vhost->context->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) { -#ifdef LWS_WITH_UNIX_SOCK - if (LWS_UNIX_SOCK_ENABLED(vhost)) - lwsl_info(" Listening on \"%s\"\n", vhost->iface); - else -#endif - lwsl_info(" Listening on port %d\n", vhost->listen_port); - } - - return 0; - -bail: - compatible_close(sockfd); - - return -1; -} - -struct lws_vhost * -lws_select_vhost(struct lws_context *context, int port, const char *servername) -{ - struct lws_vhost *vhost = context->vhost_list; - const char *p; - int n, m, colon; - - n = (int)strlen(servername); - colon = n; - p = strchr(servername, ':'); - if (p) - colon = lws_ptr_diff(p, servername); - - /* Priotity 1: first try exact matches */ - - while (vhost) { - if (port == vhost->listen_port && - !strncmp(vhost->name, servername, colon)) { - lwsl_info("SNI: Found: %s\n", servername); - return vhost; - } - vhost = vhost->vhost_next; - } - - /* - * Priority 2: if no exact matches, try matching *.vhost-name - * unintentional matches are possible but resolve to x.com for *.x.com - * which is reasonable. If exact match exists we already chose it and - * never reach here. SSL will still fail it if the cert doesn't allow - * *.x.com. - */ - vhost = context->vhost_list; - while (vhost) { - m = (int)strlen(vhost->name); - if (port == vhost->listen_port && - m <= (colon - 2) && - servername[colon - m - 1] == '.' && - !strncmp(vhost->name, servername + colon - m, m)) { - lwsl_info("SNI: Found %s on wildcard: %s\n", - servername, vhost->name); - return vhost; - } - vhost = vhost->vhost_next; - } - - /* Priority 3: match the first vhost on our port */ - - vhost = context->vhost_list; - while (vhost) { - if (port == vhost->listen_port) { - lwsl_info("vhost match to %s based on port %d\n", - vhost->name, port); - return vhost; - } - vhost = vhost->vhost_next; - } - - /* no match */ - - return NULL; -} - -LWS_VISIBLE LWS_EXTERN const char * -lws_get_mimetype(const char *file, const struct lws_http_mount *m) -{ - int n = (int)strlen(file); - const struct lws_protocol_vhost_options *pvo = NULL; - - if (m) - pvo = m->extra_mimetypes; - - if (n < 5) - return NULL; - - if (!strcmp(&file[n - 4], ".ico")) - return "image/x-icon"; - - if (!strcmp(&file[n - 4], ".gif")) - return "image/gif"; - - if (!strcmp(&file[n - 3], ".js")) - return "text/javascript"; - - if (!strcmp(&file[n - 4], ".png")) - return "image/png"; - - if (!strcmp(&file[n - 4], ".jpg")) - return "image/jpeg"; - - if (!strcmp(&file[n - 3], ".gz")) - return "application/gzip"; - - if (!strcmp(&file[n - 4], ".JPG")) - return "image/jpeg"; - - if (!strcmp(&file[n - 5], ".html")) - return "text/html"; - - if (!strcmp(&file[n - 4], ".css")) - return "text/css"; - - if (!strcmp(&file[n - 4], ".txt")) - return "text/plain"; - - if (!strcmp(&file[n - 4], ".svg")) - return "image/svg+xml"; - - if (!strcmp(&file[n - 4], ".ttf")) - return "application/x-font-ttf"; - - if (!strcmp(&file[n - 4], ".otf")) - return "application/font-woff"; - - if (!strcmp(&file[n - 5], ".woff")) - return "application/font-woff"; - - if (!strcmp(&file[n - 4], ".xml")) - return "application/xml"; - - while (pvo) { - if (pvo->name[0] == '*') /* ie, match anything */ - return pvo->value; - - if (!strcmp(&file[n - strlen(pvo->name)], pvo->name)) - return pvo->value; - - pvo = pvo->next; - } - - return NULL; -} -static lws_fop_flags_t -lws_vfs_prepare_flags(struct lws *wsi) -{ - lws_fop_flags_t f = 0; - - if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_ACCEPT_ENCODING)) - return f; - - if (strstr(lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_ACCEPT_ENCODING), - "gzip")) { - lwsl_info("client indicates GZIP is acceptable\n"); - f |= LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP; - } - - return f; -} - -static int -lws_http_serve(struct lws *wsi, char *uri, const char *origin, - const struct lws_http_mount *m) -{ - const struct lws_protocol_vhost_options *pvo = m->interpret; - struct lws_process_html_args args; - const char *mimetype; -#if !defined(_WIN32_WCE) - const struct lws_plat_file_ops *fops; - const char *vpath; - lws_fop_flags_t fflags = LWS_O_RDONLY; -#if defined(WIN32) && defined(LWS_HAVE__STAT32I64) - struct _stat32i64 st; -#else - struct stat st; -#endif - int spin = 0; -#endif - char path[256], sym[512]; - unsigned char *p = (unsigned char *)sym + 32 + LWS_PRE, *start = p; - unsigned char *end = p + sizeof(sym) - 32 - LWS_PRE; -#if !defined(WIN32) && LWS_POSIX && !defined(LWS_WITH_ESP32) - size_t len; -#endif - int n; - - wsi->handling_404 = 0; - if (!wsi->vhost) - return -1; - - if (wsi->vhost->error_document_404 && - !strcmp(uri, wsi->vhost->error_document_404)) - wsi->handling_404 = 1; - - lws_snprintf(path, sizeof(path) - 1, "%s/%s", origin, uri); - -#if !defined(_WIN32_WCE) - - fflags |= lws_vfs_prepare_flags(wsi); - - do { - spin++; - fops = lws_vfs_select_fops(wsi->context->fops, path, &vpath); - - if (wsi->http.fop_fd) - lws_vfs_file_close(&wsi->http.fop_fd); - - wsi->http.fop_fd = fops->LWS_FOP_OPEN(wsi->context->fops, - path, vpath, &fflags); - if (!wsi->http.fop_fd) { - lwsl_info("Unable to open '%s': errno %d\n", path, errno); - - return -1; - } - - /* if it can't be statted, don't try */ - if (fflags & LWS_FOP_FLAG_VIRTUAL) - break; -#if defined(LWS_WITH_ESP32) - break; -#endif -#if !defined(WIN32) - if (fstat(wsi->http.fop_fd->fd, &st)) { - lwsl_info("unable to stat %s\n", path); - goto bail; - } -#else -#if defined(LWS_HAVE__STAT32I64) - if (_stat32i64(path, &st)) { - lwsl_info("unable to stat %s\n", path); - goto bail; - } -#else - if (stat(path, &st)) { - lwsl_info("unable to stat %s\n", path); - goto bail; - } -#endif -#endif - - wsi->http.fop_fd->mod_time = (uint32_t)st.st_mtime; - fflags |= LWS_FOP_FLAG_MOD_TIME_VALID; - -#if !defined(WIN32) && LWS_POSIX && !defined(LWS_WITH_ESP32) - if ((S_IFMT & st.st_mode) == S_IFLNK) { - len = readlink(path, sym, sizeof(sym) - 1); - if (len) { - lwsl_err("Failed to read link %s\n", path); - goto bail; - } - sym[len] = '\0'; - lwsl_debug("symlink %s -> %s\n", path, sym); - lws_snprintf(path, sizeof(path) - 1, "%s", sym); - } -#endif - if ((S_IFMT & st.st_mode) == S_IFDIR) { - lwsl_debug("default filename append to dir\n"); - lws_snprintf(path, sizeof(path) - 1, "%s/%s/index.html", - origin, uri); - } - - } while ((S_IFMT & st.st_mode) != S_IFREG && spin < 5); - - if (spin == 5) - lwsl_err("symlink loop %s \n", path); - - n = sprintf(sym, "%08llX%08lX", - (unsigned long long)lws_vfs_get_length(wsi->http.fop_fd), - (unsigned long)lws_vfs_get_mod_time(wsi->http.fop_fd)); - - /* disable ranges if IF_RANGE token invalid */ - - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_IF_RANGE)) - if (strcmp(sym, lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_IF_RANGE))) - /* differs - defeat Range: */ - wsi->ah->frag_index[WSI_TOKEN_HTTP_RANGE] = 0; - - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_IF_NONE_MATCH)) { - /* - * he thinks he has some version of it already, - * check if the tag matches - */ - if (!strcmp(sym, lws_hdr_simple_ptr(wsi, - WSI_TOKEN_HTTP_IF_NONE_MATCH))) { - - lwsl_debug("%s: ETAG match %s %s\n", __func__, - uri, origin); - - /* we don't need to send the payload */ - if (lws_add_http_header_status(wsi, - HTTP_STATUS_NOT_MODIFIED, &p, end)) - return -1; - - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_ETAG, - (unsigned char *)sym, n, &p, end)) - return -1; - - if (lws_finalize_http_header(wsi, &p, end)) - return -1; - - n = lws_write(wsi, start, p - start, - LWS_WRITE_HTTP_HEADERS | - LWS_WRITE_H2_STREAM_END); - if (n != (p - start)) { - lwsl_err("_write returned %d from %ld\n", n, - (long)(p - start)); - return -1; - } - - lws_vfs_file_close(&wsi->http.fop_fd); - - return lws_http_transaction_completed(wsi); - } - } - - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_ETAG, - (unsigned char *)sym, n, &p, end)) - return -1; -#endif - - mimetype = lws_get_mimetype(path, m); - if (!mimetype) { - lwsl_err("unknown mimetype for %s\n", path); - goto bail; - } - if (!mimetype[0]) - lwsl_debug("sending no mimetype for %s\n", path); - - wsi->sending_chunked = 0; - - /* - * check if this is in the list of file suffixes to be interpreted by - * a protocol - */ - while (pvo) { - n = (int)strlen(path); - if (n > (int)strlen(pvo->name) && - !strcmp(&path[n - strlen(pvo->name)], pvo->name)) { - wsi->interpreting = 1; - if (!wsi->http2_substream) - wsi->sending_chunked = 1; - wsi->protocol_interpret_idx = - (char)(lws_intptr_t)pvo->value; - lwsl_info("want %s interpreted by %s\n", path, - wsi->vhost->protocols[ - (int)(lws_intptr_t)(pvo->value)].name); - wsi->protocol = &wsi->vhost->protocols[ - (int)(lws_intptr_t)(pvo->value)]; - if (lws_ensure_user_space(wsi)) - return -1; - break; - } - pvo = pvo->next; - } - - if (m->protocol) { - const struct lws_protocols *pp = lws_vhost_name_to_protocol( - wsi->vhost, m->protocol); - - if (lws_bind_protocol(wsi, pp)) - return 1; - args.p = (char *)p; - args.max_len = lws_ptr_diff(end, p); - if (pp->callback(wsi, LWS_CALLBACK_ADD_HEADERS, - wsi->user_space, &args, 0)) - return -1; - p = (unsigned char *)args.p; - } - - n = lws_serve_http_file(wsi, path, mimetype, (char *)start, - lws_ptr_diff(p, start)); - - if (n < 0 || ((n > 0) && lws_http_transaction_completed(wsi))) - return -1; /* error or can't reuse connection: close the socket */ - - return 0; -bail: - - return -1; -} - -const struct lws_http_mount * -lws_find_mount(struct lws *wsi, const char *uri_ptr, int uri_len) -{ - const struct lws_http_mount *hm, *hit = NULL; - int best = 0; - - hm = wsi->vhost->mount_list; - while (hm) { - if (uri_len >= hm->mountpoint_len && - !strncmp(uri_ptr, hm->mountpoint, hm->mountpoint_len) && - (uri_ptr[hm->mountpoint_len] == '\0' || - uri_ptr[hm->mountpoint_len] == '/' || - hm->mountpoint_len == 1) - ) { - if (hm->origin_protocol == LWSMPRO_CALLBACK || - ((hm->origin_protocol == LWSMPRO_CGI || - lws_hdr_total_length(wsi, WSI_TOKEN_GET_URI) || - (wsi->http2_substream && - lws_hdr_total_length(wsi, - WSI_TOKEN_HTTP_COLON_PATH)) || - hm->protocol) && - hm->mountpoint_len > best)) { - best = hm->mountpoint_len; - hit = hm; - } - } - hm = hm->mount_next; - } - - return hit; -} - -#if LWS_POSIX -#if !defined(LWS_WITH_ESP32) -static int -lws_find_string_in_file(const char *filename, const char *string, int stringlen) -{ - char buf[128]; - int fd, match = 0, pos = 0, n = 0, hit = 0; - - fd = open(filename, O_RDONLY); - if (fd < 0) { - lwsl_err("can't open auth file: %s\n", filename); - return 1; - } - - while (1) { - if (pos == n) { - n = read(fd, buf, sizeof(buf)); - if (n <= 0) { - if (match == stringlen) - hit = 1; - break; - } - pos = 0; - } - - if (match == stringlen) { - if (buf[pos] == '\r' || buf[pos] == '\n') { - hit = 1; - break; - } - match = 0; - } - - if (buf[pos] == string[match]) - match++; - else - match = 0; - - pos++; - } - - close(fd); - - return hit; -} -#endif - -static int -lws_unauthorised_basic_auth(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - unsigned char *start = pt->serv_buf + LWS_PRE, - *p = start, *end = p + 512; - char buf[64]; - int n; - - /* no auth... tell him it is required */ - - if (lws_add_http_header_status(wsi, HTTP_STATUS_UNAUTHORIZED, &p, end)) - return -1; - - n = lws_snprintf(buf, sizeof(buf), "Basic realm=\"lwsws\""); - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_WWW_AUTHENTICATE, - (unsigned char *)buf, n, &p, end)) - return -1; - - if (lws_finalize_http_header(wsi, &p, end)) - return -1; - - n = lws_write(wsi, start, p - start, LWS_WRITE_HTTP_HEADERS | - LWS_WRITE_H2_STREAM_END); - if (n < 0) - return -1; - - return lws_http_transaction_completed(wsi); - -} - -#endif - -int lws_clean_url(char *p) -{ - if (p[0] == 'h' && p[1] == 't' && p[2] == 't' && p[3] == 'p') { - p += 4; - if (*p == 's') - p++; - if (*p == ':') { - p++; - if (*p == '/') - p++; - } - } - - while (*p) { - if (p[0] == '/' && p[1] == '/') { - char *p1 = p; - while (*p1) { - *p1 = p1[1]; - p1++; - } - continue; - } - p++; - } - - return 0; -} - -static int -lws_server_init_wsi_for_ws(struct lws *wsi) -{ - int n; - - lwsi_set_state(wsi, LRS_ESTABLISHED); - lws_restart_ws_ping_pong_timer(wsi); - - /* - * create the frame buffer for this connection according to the - * size mentioned in the protocol definition. If 0 there, use - * a big default for compatibility - */ - - n = (int)wsi->protocol->rx_buffer_size; - if (!n) - n = wsi->context->pt_serv_buf_size; - n += LWS_PRE; - wsi->ws->rx_ubuf = lws_malloc(n + 4 /* 0x0000ffff zlib */, "rx_ubuf"); - if (!wsi->ws->rx_ubuf) { - lwsl_err("Out of Mem allocating rx buffer %d\n", n); - return 1; - } - wsi->ws->rx_ubuf_alloc = n; - lwsl_debug("Allocating RX buffer %d\n", n); - -#if LWS_POSIX && !defined(LWS_WITH_ESP32) - if (!wsi->parent_carries_io && - !wsi->h2_stream_carries_ws) - if (setsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_SNDBUF, - (const char *)&n, sizeof n)) { - lwsl_warn("Failed to set SNDBUF to %d", n); - return 1; - } -#endif - - /* notify user code that we're ready to roll */ - - if (wsi->protocol->callback) - if (wsi->protocol->callback(wsi, LWS_CALLBACK_ESTABLISHED, - wsi->user_space, -#ifdef LWS_OPENSSL_SUPPORT - wsi->ssl, -#else - NULL, -#endif - wsi->h2_stream_carries_ws)) - return 1; - - lwsl_debug("ws established\n"); - - return 0; -} - -static int -lws_process_ws_upgrade(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - char protocol_list[128], protocol_name[64], *p; - int protocol_len, hit, n = 0, non_space_char_found = 0; - - if (!wsi->protocol) - lwsl_err("NULL protocol at lws_read\n"); - - /* - * It's either websocket or h2->websocket - * - * Select the first protocol we support from the list - * the client sent us. - * - * Copy it to remove header fragmentation - */ - - if (lws_hdr_copy(wsi, protocol_list, sizeof(protocol_list) - 1, - WSI_TOKEN_PROTOCOL) < 0) { - lwsl_err("protocol list too long"); - return 1; - } - - protocol_len = lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL); - protocol_list[protocol_len] = '\0'; - p = protocol_list; - hit = 0; - - while (*p && !hit) { - n = 0; - non_space_char_found = 0; - while (n < (int)sizeof(protocol_name) - 1 && - *p && *p != ',') { - /* ignore leading spaces */ - if (!non_space_char_found && *p == ' ') { - n++; - continue; - } - non_space_char_found = 1; - protocol_name[n++] = *p++; - } - protocol_name[n] = '\0'; - if (*p) - p++; - - lwsl_debug("checking %s\n", protocol_name); - - n = 0; - while (wsi->vhost->protocols[n].callback) { - lwsl_debug("try %s\n", - wsi->vhost->protocols[n].name); - - if (wsi->vhost->protocols[n].name && - !strcmp(wsi->vhost->protocols[n].name, - protocol_name)) { - wsi->protocol = &wsi->vhost->protocols[n]; - hit = 1; - break; - } - - n++; - } - } - - /* we didn't find a protocol he wanted? */ - - if (!hit) { - if (lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL)) { - lwsl_notice("No protocol from \"%s\" supported\n", - protocol_list); - return 1; - } - /* - * some clients only have one protocol and - * do not send the protocol list header... - * allow it and match to the vhost's default - * protocol (which itself defaults to zero) - */ - lwsl_info("defaulting to prot handler %d\n", - wsi->vhost->default_protocol_index); - n = wsi->vhost->default_protocol_index; - wsi->protocol = &wsi->vhost->protocols[ - (int)wsi->vhost->default_protocol_index]; - } - - /* allocate the ws struct for the wsi */ - wsi->ws = lws_zalloc(sizeof(*wsi->ws), "ws struct"); - if (!wsi->ws) { - lwsl_notice("OOM\n"); - return 1; - } - - if (lws_hdr_total_length(wsi, WSI_TOKEN_VERSION)) - wsi->ws->ietf_spec_revision = - atoi(lws_hdr_simple_ptr(wsi, WSI_TOKEN_VERSION)); - - /* allocate wsi->user storage */ - if (lws_ensure_user_space(wsi)) { - lwsl_notice("problem with user space\n"); - return 1; - } - - /* - * Give the user code a chance to study the request and - * have the opportunity to deny it - */ - if ((wsi->protocol->callback)(wsi, - LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION, - wsi->user_space, - lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL), 0)) { - lwsl_warn("User code denied connection\n"); - return 1; - } - - /* - * Perform the handshake according to the protocol version the - * client announced - */ - - switch (wsi->ws->ietf_spec_revision) { - default: - lwsl_notice("Unknown client spec version %d\n", - wsi->ws->ietf_spec_revision); - wsi->ws->ietf_spec_revision = 13; - //return 1; - /* fallthru */ - case 13: -#if defined(LWS_WITH_HTTP2) - if (wsi->h2_stream_carries_ws) { - if (lws_h2_ws_handshake(wsi)) { - lwsl_notice("h2 ws handshake failed\n"); - return 1; - } - } else -#endif - { - lwsl_parser("lws_parse calling handshake_04\n"); - if (handshake_0405(wsi->context, wsi)) { - lwsl_notice("hs0405 has failed the connection\n"); - return 1; - } - } - break; - } - - lws_same_vh_protocol_insert(wsi, n); - - /* we are upgrading to ws, so http/1.1 + h2 and keepalive + - * pipelined header considerations about keeping the ah around - * no longer apply. However it's common for the first ws - * protocol data to have been coalesced with the browser - * upgrade request and to already be in the ah rx buffer. - */ - - lwsl_debug("%s: %p: inheriting ws ah (rxpos:%d, rxlen:%d)\n", - __func__, wsi, wsi->ah->rxpos, wsi->ah->rxlen); - lws_pt_lock(pt, __func__); - - if (wsi->h2_stream_carries_ws) - lws_role_transition(wsi, LWSI_ROLE_WS2_SERVER, LRS_ESTABLISHED); - else - lws_role_transition(wsi, LWSI_ROLE_WS1_SERVER, LRS_ESTABLISHED); - /* - * Because rxpos/rxlen shows something in the ah, we will get - * service guaranteed next time around the event loop - */ - - lws_pt_unlock(pt); - - lws_server_init_wsi_for_ws(wsi); - lwsl_parser("accepted v%02d connection\n", - wsi->ws->ietf_spec_revision); - - /* !!! drop ah unreservedly after ESTABLISHED */ - if (wsi->ah->rxpos == wsi->ah->rxlen ) { - lws_header_table_force_to_detachable_state(wsi); - lws_header_table_detach(wsi, 1); - } - - return 0; -} - - -static const unsigned char methods[] = { - WSI_TOKEN_GET_URI, - WSI_TOKEN_POST_URI, - WSI_TOKEN_OPTIONS_URI, - WSI_TOKEN_PUT_URI, - WSI_TOKEN_PATCH_URI, - WSI_TOKEN_DELETE_URI, - WSI_TOKEN_CONNECT, - WSI_TOKEN_HEAD_URI, -#ifdef LWS_WITH_HTTP2 - WSI_TOKEN_HTTP_COLON_PATH, -#endif -}; - -static int -lws_http_get_uri_and_method(struct lws *wsi, char **puri_ptr, int *puri_len) -{ - int n, count = 0; - - for (n = 0; n < (int)ARRAY_SIZE(methods); n++) - if (lws_hdr_total_length(wsi, methods[n])) - count++; - if (!count) { - lwsl_warn("Missing URI in HTTP request\n"); - return -1; - } - - if (count != 1 && - !(wsi->http2_substream && - lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_COLON_PATH))) { - lwsl_warn("multiple methods?\n"); - return -1; - } - - for (n = 0; n < (int)ARRAY_SIZE(methods); n++) - if (lws_hdr_total_length(wsi, methods[n])) { - *puri_ptr = lws_hdr_simple_ptr(wsi, methods[n]); - *puri_len = lws_hdr_total_length(wsi, methods[n]); - return n; - } - - return -1; -} - -int -lws_http_action(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - enum http_connection_type connection_type; - enum http_version request_version; - char content_length_str[32]; - struct lws_process_html_args args; - const struct lws_http_mount *hit = NULL; - unsigned int n; - char http_version_str[10]; - char http_conn_str[20]; -#if defined(LWS_WITH_HTTP2) - char *p; -#endif - int http_version_len; - char *uri_ptr = NULL, *s; - int uri_len = 0, meth; - static const char * const oprot[] = { - "http://", "https://" - }; - - meth = lws_http_get_uri_and_method(wsi, &uri_ptr, &uri_len); - if (meth < 0 || meth >= (int)ARRAY_SIZE(method_names)) - goto bail_nuke_ah; - - /* we insist on absolute paths */ - - if (!uri_ptr || uri_ptr[0] != '/') { - lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL); - - goto bail_nuke_ah; - } - - lwsl_info("Method: '%s' (%d), request for '%s'\n", method_names[meth], - meth, uri_ptr); - -#if defined(LWS_WITH_HTTP2) - /* - * with H2 there's also a way to upgrade a stream to something - * else... :method is CONNECT and :protocol says the name of - * the new protocol we want to carry. We have to have sent a - * SETTINGS saying that we support it though. - */ - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_METHOD); - if (wsi->vhost->set.s[H2SET_ENABLE_CONNECT_PROTOCOL] && - wsi->http2_substream && p && !strcmp(p, "CONNECT")) { - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_COLON_PROTOCOL); - if (p && !strcmp(p, "websocket")) { - struct lws *nwsi = lws_get_network_wsi(wsi); - - wsi->vhost->conn_stats.ws_upg++; - lwsl_info("Upgrade h2 to ws\n"); - wsi->h2_stream_carries_ws = 1; - nwsi->ws_over_h2_count++; - if (lws_process_ws_upgrade(wsi)) - goto bail_nuke_ah; - - if (nwsi->ws_over_h2_count == 1) - lws_set_timeout(nwsi, NO_PENDING_TIMEOUT, 0); - - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - lwsl_info("Upgraded h2 to ws OK\n"); - return 0; - } - } -#endif - - if (lws_ensure_user_space(wsi)) - goto bail_nuke_ah; - - /* HTTP header had a content length? */ - - wsi->http.rx_content_length = 0; - if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI) || - lws_hdr_total_length(wsi, WSI_TOKEN_PATCH_URI) || - lws_hdr_total_length(wsi, WSI_TOKEN_PUT_URI)) - wsi->http.rx_content_length = 100 * 1024 * 1024; - - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { - lws_hdr_copy(wsi, content_length_str, - sizeof(content_length_str) - 1, - WSI_TOKEN_HTTP_CONTENT_LENGTH); - wsi->http.rx_content_length = atoll(content_length_str); - } - - if (wsi->http2_substream) { - wsi->http.request_version = HTTP_VERSION_2; - } else { - /* http_version? Default to 1.0, override with token: */ - request_version = HTTP_VERSION_1_0; - - /* Works for single digit HTTP versions. : */ - http_version_len = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP); - if (http_version_len > 7) { - lws_hdr_copy(wsi, http_version_str, - sizeof(http_version_str) - 1, - WSI_TOKEN_HTTP); - if (http_version_str[5] == '1' && - http_version_str[7] == '1') - request_version = HTTP_VERSION_1_1; - } - wsi->http.request_version = request_version; - - /* HTTP/1.1 defaults to "keep-alive", 1.0 to "close" */ - if (request_version == HTTP_VERSION_1_1) - connection_type = HTTP_CONNECTION_KEEP_ALIVE; - else - connection_type = HTTP_CONNECTION_CLOSE; - - /* Override default if http "Connection:" header: */ - if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECTION)) { - lws_hdr_copy(wsi, http_conn_str, - sizeof(http_conn_str) - 1, - WSI_TOKEN_CONNECTION); - http_conn_str[sizeof(http_conn_str) - 1] = '\0'; - if (!strcasecmp(http_conn_str, "keep-alive")) - connection_type = HTTP_CONNECTION_KEEP_ALIVE; - else - if (!strcasecmp(http_conn_str, "close")) - connection_type = HTTP_CONNECTION_CLOSE; - } - wsi->http.connection_type = connection_type; - } - - n = wsi->protocol->callback(wsi, LWS_CALLBACK_FILTER_HTTP_CONNECTION, - wsi->user_space, uri_ptr, uri_len); - if (n) { - lwsl_info("LWS_CALLBACK_HTTP closing\n"); - - return 1; - } - /* - * if there is content supposed to be coming, - * put a timeout on it having arrived - */ - lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT, - wsi->context->timeout_secs); -#ifdef LWS_OPENSSL_SUPPORT - if (wsi->redirect_to_https) { - /* - * we accepted http:// only so we could redirect to - * https://, so issue the redirect. Create the redirection - * URI from the host: header and ignore the path part - */ - unsigned char *start = pt->serv_buf + LWS_PRE, *p = start, - *end = p + 512; - - if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) - goto bail_nuke_ah; - - n = sprintf((char *)end, "https://%s/", - lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST)); - - n = lws_http_redirect(wsi, HTTP_STATUS_MOVED_PERMANENTLY, - end, n, &p, end); - if ((int)n < 0) - goto bail_nuke_ah; - - return lws_http_transaction_completed(wsi); - } -#endif - -#ifdef LWS_WITH_ACCESS_LOG - lws_prepare_access_log_info(wsi, uri_ptr, meth); -#endif - - /* can we serve it from the mount list? */ - - hit = lws_find_mount(wsi, uri_ptr, uri_len); - if (!hit) { - /* deferred cleanup and reset to protocols[0] */ - - lwsl_info("no hit\n"); - - if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0])) - return 1; - - n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, - wsi->user_space, uri_ptr, uri_len); - - goto after; - } - - s = uri_ptr + hit->mountpoint_len; - - /* - * if we have a mountpoint like https://xxx.com/yyy - * there is an implied / at the end for our purposes since - * we can only mount on a "directory". - * - * But if we just go with that, the browser cannot understand - * that he is actually looking down one "directory level", so - * even though we give him /yyy/abc.html he acts like the - * current directory level is /. So relative urls like "x.png" - * wrongly look outside the mountpoint. - * - * Therefore if we didn't come in on a url with an explicit - * / at the end, we must redirect to add it so the browser - * understands he is one "directory level" down. - */ - if ((hit->mountpoint_len > 1 || - (hit->origin_protocol == LWSMPRO_REDIR_HTTP || - hit->origin_protocol == LWSMPRO_REDIR_HTTPS)) && - (*s != '/' || - (hit->origin_protocol == LWSMPRO_REDIR_HTTP || - hit->origin_protocol == LWSMPRO_REDIR_HTTPS)) && - (hit->origin_protocol != LWSMPRO_CGI && - hit->origin_protocol != LWSMPRO_CALLBACK)) { - unsigned char *start = pt->serv_buf + LWS_PRE, - *p = start, *end = p + 512; - - lwsl_debug("Doing 301 '%s' org %s\n", s, hit->origin); - - /* > at start indicates deal with by redirect */ - if (hit->origin_protocol == LWSMPRO_REDIR_HTTP || - hit->origin_protocol == LWSMPRO_REDIR_HTTPS) - n = lws_snprintf((char *)end, 256, "%s%s", - oprot[hit->origin_protocol & 1], - hit->origin); - else { - if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { - if (!lws_hdr_total_length(wsi, - WSI_TOKEN_HTTP_COLON_AUTHORITY)) - goto bail_nuke_ah; - n = lws_snprintf((char *)end, 256, - "%s%s%s/", oprot[!!lws_is_ssl(wsi)], - lws_hdr_simple_ptr(wsi, - WSI_TOKEN_HTTP_COLON_AUTHORITY), - uri_ptr); - } else - n = lws_snprintf((char *)end, 256, - "%s%s%s/", oprot[!!lws_is_ssl(wsi)], - lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST), - uri_ptr); - } - - lws_clean_url((char *)end); - n = lws_http_redirect(wsi, HTTP_STATUS_MOVED_PERMANENTLY, - end, n, &p, end); - if ((int)n < 0) - goto bail_nuke_ah; - - return lws_http_transaction_completed(wsi); - } - -#if LWS_POSIX - /* basic auth? */ - - if (hit->basic_auth_login_file) { - char b64[160], plain[(sizeof(b64) * 3) / 4]; - int m; - - /* Did he send auth? */ - if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_AUTHORIZATION)) - return lws_unauthorised_basic_auth(wsi); - - n = HTTP_STATUS_FORBIDDEN; - - m = lws_hdr_copy(wsi, b64, sizeof(b64), - WSI_TOKEN_HTTP_AUTHORIZATION); - if (m < 7) { - lwsl_err("b64 auth too long\n"); - goto transaction_result_n; - } - - b64[5] = '\0'; - if (strcasecmp(b64, "Basic")) { - lwsl_err("auth missing basic: %s\n", b64); - goto transaction_result_n; - } - - /* It'll be like Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l */ - - m = lws_b64_decode_string(b64 + 6, plain, sizeof(plain)); - if (m < 0) { - lwsl_err("plain auth too long\n"); - goto transaction_result_n; - } - - if (!lws_find_string_in_file(hit->basic_auth_login_file, - plain, m)) { - lwsl_err("basic auth lookup failed\n"); - return lws_unauthorised_basic_auth(wsi); - } - - lwsl_notice("basic auth accepted\n"); - - /* accept the auth */ - } -#endif - -#if defined(LWS_WITH_HTTP_PROXY) - /* - * The mount is a reverse proxy? - */ - - if (hit->origin_protocol == LWSMPRO_HTTPS || - hit->origin_protocol == LWSMPRO_HTTP) { - struct lws_client_connect_info i; - char ads[96], rpath[256], *pcolon, *pslash, *p; - int n, na; - - memset(&i, 0, sizeof(i)); - i.context = lws_get_context(wsi); - - pcolon = strchr(hit->origin, ':'); - pslash = strchr(hit->origin, '/'); - if (!pslash) { - lwsl_err("Proxy mount origin '%s' must have /\n", - hit->origin); - return -1; - } - if (pcolon > pslash) - pcolon = NULL; - - if (pcolon) - n = pcolon - hit->origin; - else - n = pslash - hit->origin; - - if (n >= (int)sizeof(ads) - 2) - n = sizeof(ads) - 2; - - memcpy(ads, hit->origin, n); - ads[n] = '\0'; - - i.address = ads; - i.port = 80; - if (hit->origin_protocol == LWSMPRO_HTTPS) { - i.port = 443; - i.ssl_connection = 1; - } - if (pcolon) - i.port = atoi(pcolon + 1); - - lws_snprintf(rpath, sizeof(rpath) - 1, "/%s/%s", pslash + 1, - uri_ptr + hit->mountpoint_len); - lws_clean_url(rpath); - na = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_URI_ARGS); - if (na) { - p = rpath + strlen(rpath); - *p++ = '?'; - lws_hdr_copy(wsi, p, &rpath[sizeof(rpath) - 1] - p, - WSI_TOKEN_HTTP_URI_ARGS); - while (--na) { - if (*p == '\0') - *p = '&'; - p++; - } - } - - - i.path = rpath; - i.host = i.address; - i.origin = NULL; - i.method = "GET"; - i.parent_wsi = wsi; - i.uri_replace_from = hit->origin; - i.uri_replace_to = hit->mountpoint; - - lwsl_notice("proxying to %s port %d url %s, ssl %d, " - "from %s, to %s\n", - i.address, i.port, i.path, i.ssl_connection, - i.uri_replace_from, i.uri_replace_to); - - if (!lws_client_connect_via_info(&i)) { - lwsl_err("proxy connect fail\n"); - return 1; - } - - return 0; - } -#endif - - /* - * A particular protocol callback is mounted here? - * - * For the duration of this http transaction, bind us to the - * associated protocol - */ - if (hit->origin_protocol == LWSMPRO_CALLBACK || hit->protocol) { - const struct lws_protocols *pp; - const char *name = hit->origin; - if (hit->protocol) - name = hit->protocol; - - pp = lws_vhost_name_to_protocol(wsi->vhost, name); - if (!pp) { - n = -1; - lwsl_err("Unable to find plugin '%s'\n", - hit->origin); - return 1; - } - - if (lws_bind_protocol(wsi, pp)) - return 1; - - args.p = uri_ptr; - args.len = uri_len; - args.max_len = hit->auth_mask; - args.final = 0; /* used to signal callback dealt with it */ - args.chunked = 0; - - n = wsi->protocol->callback(wsi, - LWS_CALLBACK_CHECK_ACCESS_RIGHTS, - wsi->user_space, &args, 0); - if (n) { - lws_return_http_status(wsi, HTTP_STATUS_UNAUTHORIZED, - NULL); - goto bail_nuke_ah; - } - if (args.final) /* callback completely handled it well */ - return 0; - - if (hit->cgienv && wsi->protocol->callback(wsi, - LWS_CALLBACK_HTTP_PMO, - wsi->user_space, (void *)hit->cgienv, 0)) - return 1; - - if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI)) { - n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, - wsi->user_space, - uri_ptr + hit->mountpoint_len, - uri_len - hit->mountpoint_len); - goto after; - } - } - -#ifdef LWS_WITH_CGI - /* did we hit something with a cgi:// origin? */ - if (hit->origin_protocol == LWSMPRO_CGI) { - const char *cmd[] = { - NULL, /* replace with cgi path */ - NULL - }; - - lwsl_debug("%s: cgi\n", __func__); - cmd[0] = hit->origin; - - n = 5; - if (hit->cgi_timeout) - n = hit->cgi_timeout; - - n = lws_cgi(wsi, cmd, hit->mountpoint_len, n, - hit->cgienv); - if (n) { - lwsl_err("%s: cgi failed\n", __func__); - return -1; - } - - goto deal_body; - } -#endif - - n = (int)strlen(s); - if (s[0] == '\0' || (n == 1 && s[n - 1] == '/')) - s = (char *)hit->def; - if (!s) - s = "index.html"; - - wsi->cache_secs = hit->cache_max_age; - wsi->cache_reuse = hit->cache_reusable; - wsi->cache_revalidate = hit->cache_revalidate; - wsi->cache_intermediaries = hit->cache_intermediaries; - - n = 1; - if (hit->origin_protocol == LWSMPRO_FILE) - n = lws_http_serve(wsi, s, hit->origin, hit); - if (n) { - /* - * lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL); - */ - if (hit->protocol) { - const struct lws_protocols *pp = - lws_vhost_name_to_protocol( - wsi->vhost, hit->protocol); - - if (lws_bind_protocol(wsi, pp)) - return 1; - - n = pp->callback(wsi, LWS_CALLBACK_HTTP, - wsi->user_space, - uri_ptr + hit->mountpoint_len, - uri_len - hit->mountpoint_len); - } else - n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, - wsi->user_space, uri_ptr, uri_len); - } - -after: - if (n) { - lwsl_info("LWS_CALLBACK_HTTP closing\n"); - - return 1; - } - -#ifdef LWS_WITH_CGI -deal_body: -#endif - /* - * If we're not issuing a file, check for content_length or - * HTTP keep-alive. No keep-alive header allocation for - * ISSUING_FILE, as this uses HTTP/1.0. - * - * In any case, return 0 and let lws_read decide how to - * proceed based on state - */ - if (lwsi_state(wsi) != LRS_ISSUING_FILE) { - /* Prepare to read body if we have a content length: */ - lwsl_debug("wsi->http.rx_content_length %lld %d %d\n", - (long long)wsi->http.rx_content_length, - wsi->upgraded_to_http2, wsi->http2_substream); - if (wsi->http.rx_content_length > 0) { - lwsi_set_state(wsi, LRS_BODY); - lwsl_info("%s: %p: LRS_BODY state set (0x%x)\n", - __func__, wsi, wsi->wsistate); - wsi->http.rx_content_remain = - wsi->http.rx_content_length; - } - } - - return 0; - -bail_nuke_ah: - /* we're closing, losing some rx is OK */ - lws_header_table_force_to_detachable_state(wsi); - lws_header_table_detach(wsi, 1); - - return 1; - -#if LWS_POSIX -transaction_result_n: - lws_return_http_status(wsi, n, NULL); - - return lws_http_transaction_completed(wsi); -#endif -} - -int -lws_handshake_server(struct lws *wsi, unsigned char **buf, size_t len) -{ - struct lws_context *context = lws_get_context(wsi); - unsigned char *obuf = *buf; -#if defined(LWS_WITH_HTTP2) - char tbuf[128], *p; -#endif - size_t olen = len; - int n = 0, m, i; - - if (len >= 10000000) { - lwsl_err("%s: assert: len %ld\n", __func__, (long)len); - assert(0); - } - - if (!wsi->ah) { - lwsl_err("%s: assert: NULL ah\n", __func__); - assert(0); - } - - while (len) { - if (!lwsi_role_http_server(wsi)) { - lwsl_err("%s: bad wsi role 0x%x\n", __func__, - lwsi_role(wsi)); - goto bail_nuke_ah; - } - - i = (int)len; - m = lws_parse(wsi, *buf, &i); - (*buf) += (int)len - i; - len = i; - if (m) { - if (m == 2) { - /* - * we are transitioning from http with - * an AH, to raw. Drop the ah and set - * the mode. - */ -raw_transition: - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - lws_bind_protocol(wsi, &wsi->vhost->protocols[ - wsi->vhost-> - raw_protocol_index]); - lwsl_info("transition to raw vh %s prot %d\n", - wsi->vhost->name, - wsi->vhost->raw_protocol_index); - if ((wsi->protocol->callback)(wsi, - LWS_CALLBACK_RAW_ADOPT, - wsi->user_space, NULL, 0)) - goto bail_nuke_ah; - - lws_header_table_force_to_detachable_state(wsi); - lws_role_transition(wsi, LWSI_ROLE_RAW_SOCKET, - LRS_ESTABLISHED); - lws_header_table_detach(wsi, 1); - - if (m == 2 && (wsi->protocol->callback)(wsi, - LWS_CALLBACK_RAW_RX, - wsi->user_space, obuf, olen)) - return 1; - - return 0; - } - lwsl_info("lws_parse failed\n"); - goto bail_nuke_ah; - } - - if (wsi->ah->parser_state != WSI_PARSING_COMPLETE) - continue; - - lwsl_parser("%s: lws_parse sees parsing complete\n", __func__); - - /* select vhost */ - - if (lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { - struct lws_vhost *vhost = lws_select_vhost( - context, wsi->vhost->listen_port, - lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST)); - - if (vhost) - wsi->vhost = vhost; - } else - lwsl_info("no host\n"); - - if (lwsi_role(wsi) != LWSI_ROLE_H2_SERVER) { - wsi->vhost->conn_stats.h1_trans++; - if (!wsi->conn_stat_done) { - wsi->vhost->conn_stats.h1_conn++; - wsi->conn_stat_done = 1; - } - } - - /* check for unwelcome guests */ - - if (wsi->context->reject_service_keywords) { - const struct lws_protocol_vhost_options *rej = - wsi->context->reject_service_keywords; - char ua[384], *msg = NULL; - - if (lws_hdr_copy(wsi, ua, sizeof(ua) - 1, - WSI_TOKEN_HTTP_USER_AGENT) > 0) { -#ifdef LWS_WITH_ACCESS_LOG - char *uri_ptr = NULL; - int meth, uri_len; -#endif - ua[sizeof(ua) - 1] = '\0'; - while (rej) { - if (!strstr(ua, rej->name)) { - rej = rej->next; - continue; - } - - msg = strchr(rej->value, ' '); - if (msg) - msg++; - lws_return_http_status(wsi, - atoi(rej->value), msg); -#ifdef LWS_WITH_ACCESS_LOG - meth = lws_http_get_uri_and_method(wsi, - &uri_ptr, &uri_len); - if (meth >= 0) - lws_prepare_access_log_info(wsi, - uri_ptr, meth); - - /* wsi close will do the log */ -#endif - wsi->vhost->conn_stats.rejected++; - /* - * We don't want anything from - * this rejected guy. Follow - * the close flow, not the - * transaction complete flow. - */ - goto bail_nuke_ah; - } - } - } - - - if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECT)) { - lwsl_info("Changing to RAW mode\n"); - m = 0; - goto raw_transition; - } - - lwsi_set_state(wsi, LRS_PRE_WS_SERVING_ACCEPT); - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - - /* is this websocket protocol or normal http 1.0? */ - - if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) { - if (!strcasecmp(lws_hdr_simple_ptr(wsi, - WSI_TOKEN_UPGRADE), - "websocket")) { - wsi->vhost->conn_stats.ws_upg++; - lwsl_info("Upgrade to ws\n"); - goto upgrade_ws; - } -#if defined(LWS_WITH_HTTP2) - if (!strcasecmp(lws_hdr_simple_ptr(wsi, - WSI_TOKEN_UPGRADE), - "h2c")) { - wsi->vhost->conn_stats.h2_upg++; - lwsl_info("Upgrade to h2c\n"); - goto upgrade_h2c; - } -#endif - lwsl_info("Unknown upgrade\n"); - /* dunno what he wanted to upgrade to */ - goto bail_nuke_ah; - } - - /* no upgrade ack... he remained as HTTP */ - - lwsl_info("No upgrade\n"); - - lwsi_set_state(wsi, LRS_ESTABLISHED); - wsi->http.fop_fd = NULL; - - lwsl_debug("%s: wsi %p: ah %p\n", __func__, (void *)wsi, - (void *)wsi->ah); - - n = lws_http_action(wsi); - - return n; - -#if defined(LWS_WITH_HTTP2) -upgrade_h2c: - if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP2_SETTINGS)) { - lwsl_info("missing http2_settings\n"); - goto bail_nuke_ah; - } - - lwsl_info("h2c upgrade...\n"); - - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP2_SETTINGS); - /* convert the peer's HTTP-Settings */ - n = lws_b64_decode_string(p, tbuf, sizeof(tbuf)); - if (n < 0) { - lwsl_parser("HTTP2_SETTINGS too long\n"); - return 1; - } - - /* adopt the header info */ - - if (!wsi->h2.h2n) { - wsi->h2.h2n = lws_zalloc(sizeof(*wsi->h2.h2n), - "h2n"); - if (!wsi->h2.h2n) - return 1; - } - - lws_h2_init(wsi); - - /* HTTP2 union */ - - lws_h2_settings(wsi, &wsi->h2.h2n->set, (unsigned char *)tbuf, n); - - lws_hpack_dynamic_size(wsi, wsi->h2.h2n->set.s[ - H2SET_HEADER_TABLE_SIZE]); - - strcpy(tbuf, "HTTP/1.1 101 Switching Protocols\x0d\x0a" - "Connection: Upgrade\x0d\x0a" - "Upgrade: h2c\x0d\x0a\x0d\x0a"); - m = (int)strlen(tbuf); - n = lws_issue_raw(wsi, (unsigned char *)tbuf, m); - if (n != m) { - lwsl_debug("http2 switch: ERROR writing to socket\n"); - return 1; - } - - lwsi_set_state(wsi, LRS_H2_AWAIT_PREFACE); - wsi->upgraded_to_http2 = 1; - - return 0; -#endif - -upgrade_ws: - if (lws_process_ws_upgrade(wsi)) - goto bail_nuke_ah; - - return 0; - - } /* while all chars are handled */ - - return 0; - -bail_nuke_ah: - /* drop the header info */ - /* we're closing, losing some rx is OK */ - lws_header_table_force_to_detachable_state(wsi); - lws_header_table_detach(wsi, 1); - - return 1; -} - - -static int -lws_get_idlest_tsi(struct lws_context *context) -{ - unsigned int lowest = ~0; - int n = 0, hit = -1; - - for (; n < context->count_threads; n++) { - if ((unsigned int)context->pt[n].fds_count != - context->fd_limit_per_thread - 1 && - (unsigned int)context->pt[n].fds_count < lowest) { - lowest = context->pt[n].fds_count; - hit = n; - } - } - - return hit; -} - -struct lws * -lws_create_new_server_wsi(struct lws_vhost *vhost) -{ - struct lws *new_wsi; - int n = lws_get_idlest_tsi(vhost->context); - - if (n < 0) { - lwsl_err("no space for new conn\n"); - return NULL; - } - - new_wsi = lws_zalloc(sizeof(struct lws), "new server wsi"); - if (new_wsi == NULL) { - lwsl_err("Out of memory for new connection\n"); - return NULL; - } - - new_wsi->tsi = n; - lwsl_debug("new wsi %p joining vhost %s, tsi %d\n", new_wsi, - vhost->name, new_wsi->tsi); - - new_wsi->vhost = vhost; - new_wsi->context = vhost->context; - new_wsi->pending_timeout = NO_PENDING_TIMEOUT; - new_wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; - - /* initialize the instance struct */ - - lwsi_set_state(new_wsi, LRS_UNCONNECTED); - new_wsi->hdr_parsing_completed = 0; - -#ifdef LWS_OPENSSL_SUPPORT - new_wsi->use_ssl = LWS_SSL_ENABLED(vhost); -#endif - - /* - * these can only be set once the protocol is known - * we set an un-established connection's protocol pointer - * to the start of the supported list, so it can look - * for matching ones during the handshake - */ - new_wsi->protocol = vhost->protocols; - new_wsi->user_space = NULL; - new_wsi->desc.sockfd = LWS_SOCK_INVALID; - new_wsi->position_in_fds_table = -1; - - vhost->context->count_wsi_allocated++; - - /* - * outermost create notification for wsi - * no user_space because no protocol selection - */ - vhost->protocols[0].callback(new_wsi, LWS_CALLBACK_WSI_CREATE, - NULL, NULL, 0); - - return new_wsi; -} - -LWS_VISIBLE int LWS_WARN_UNUSED_RESULT -lws_http_transaction_completed(struct lws *wsi) -{ - int n = NO_PENDING_TIMEOUT; - - lwsl_info("%s: wsi %p\n", __func__, wsi); - if (wsi->ah) - lwsl_info("ah attached, pos %d, len %d\n", wsi->ah->rxpos, wsi->ah->rxlen); - lws_access_log(wsi); - - if (!wsi->hdr_parsing_completed) { - lwsl_notice("%s: ignoring, ah parsing incomplete\n", __func__); - return 0; - } - - /* if we can't go back to accept new headers, drop the connection */ - if (wsi->http2_substream) - return 0; - - if (wsi->seen_zero_length_recv) - return 1; - - if (wsi->http.connection_type != HTTP_CONNECTION_KEEP_ALIVE) { - lwsl_info("%s: %p: close connection\n", __func__, wsi); - return 1; - } - - if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0])) - return 1; - - /* - * otherwise set ourselves up ready to go again, but because we have no - * idea about the wsi writability, we make put it in a holding state - * until we can verify POLLOUT. The part of this that confirms POLLOUT - * with no partials is in lws_server_socket_service() below. - */ - lwsi_set_state(wsi, LRS_DEFERRING_ACTION); - wsi->http.tx_content_length = 0; - wsi->http.tx_content_remain = 0; - wsi->hdr_parsing_completed = 0; -#ifdef LWS_WITH_ACCESS_LOG - wsi->access_log.sent = 0; -#endif - - if (wsi->vhost->keepalive_timeout) - n = PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE; - lws_set_timeout(wsi, n, wsi->vhost->keepalive_timeout); - - /* - * We already know we are on http1.1 / keepalive and the next thing - * coming will be another header set. - * - * If there is no pending rx and we still have the ah, drop it and - * reacquire a new ah when the new headers start to arrive. (Otherwise - * we needlessly hog an ah indefinitely.) - * - * However if there is pending rx and we know from the keepalive state - * that is already at least the start of another header set, simply - * reset the existing header table and keep it. - */ - if (wsi->ah) { - if (wsi->ah->rxpos == wsi->ah->rxlen && !wsi->preamble_rx) { - lws_header_table_force_to_detachable_state(wsi); - lws_header_table_detach(wsi, 1); -#ifdef LWS_OPENSSL_SUPPORT - /* - * additionally... if we are hogging an SSL instance - * with no pending pipelined headers (or ah now), and - * SSL is scarce, drop this connection without waiting - */ - - if (wsi->vhost->use_ssl && - wsi->context->simultaneous_ssl_restriction && - wsi->context->simultaneous_ssl == - wsi->context->simultaneous_ssl_restriction) { - lwsl_info("%s: simultaneous_ssl_restriction\n", - __func__); - return 1; - } -#endif - } else { - lws_header_table_reset(wsi, 0); - /* - * If we kept the ah, we should restrict the amount - * of time we are willing to keep it. Otherwise it - * will be bound the whole time the connection remains - * open. - */ - lws_set_timeout(wsi, PENDING_TIMEOUT_HOLDING_AH, - wsi->vhost->keepalive_timeout); - } - /* If we're (re)starting on headers, need other implied init */ - if (wsi->ah) - wsi->ah->ues = URIES_IDLE; - - lwsi_set_state(wsi, LRS_ESTABLISHED); - } else - if (wsi->preamble_rx) - if (lws_header_table_attach(wsi, 0)) - lwsl_debug("acquired ah\n"); - - - lwsl_info("%s: %p: keep-alive await new transaction\n", __func__, wsi); - lws_callback_on_writable(wsi); - - return 0; -} - -/* if not a socket, it's a raw, non-ssl file descriptor */ - -LWS_VISIBLE struct lws * -lws_adopt_descriptor_vhost(struct lws_vhost *vh, lws_adoption_type type, - lws_sock_file_fd_type fd, const char *vh_prot_name, - struct lws *parent) -{ - struct lws_context *context = vh->context; - struct lws *new_wsi; - struct lws_context_per_thread *pt; - int n, ssl = 0; - -#if defined(LWS_WITH_PEER_LIMITS) - struct lws_peer *peer = NULL; - - if (type & LWS_ADOPT_SOCKET && !(type & LWS_ADOPT_WS_PARENTIO)) { - peer = lws_get_or_create_peer(vh, fd.sockfd); - - if (peer && context->ip_limit_wsi && - peer->count_wsi >= context->ip_limit_wsi) { - lwsl_notice("Peer reached wsi limit %d\n", - context->ip_limit_wsi); - lws_stats_atomic_bump(context, &context->pt[0], - LWSSTATS_C_PEER_LIMIT_WSI_DENIED, 1); - return NULL; - } - } -#endif - - new_wsi = lws_create_new_server_wsi(vh); - if (!new_wsi) { - if (type & LWS_ADOPT_SOCKET && !(type & LWS_ADOPT_WS_PARENTIO)) - compatible_close(fd.sockfd); - return NULL; - } -#if defined(LWS_WITH_PEER_LIMITS) - if (peer) - lws_peer_add_wsi(context, peer, new_wsi); -#endif - pt = &context->pt[(int)new_wsi->tsi]; - lws_stats_atomic_bump(context, pt, LWSSTATS_C_CONNECTIONS, 1); - - if (parent) { - new_wsi->parent = parent; - new_wsi->sibling_list = parent->child_list; - parent->child_list = new_wsi; - - if (type & LWS_ADOPT_WS_PARENTIO) - new_wsi->parent_carries_io = 1; - } - - new_wsi->desc = fd; - - if (vh_prot_name) { - new_wsi->protocol = lws_vhost_name_to_protocol(new_wsi->vhost, - vh_prot_name); - if (!new_wsi->protocol) { - lwsl_err("Protocol %s not enabled on vhost %s\n", - vh_prot_name, new_wsi->vhost->name); - goto bail; - } - if (lws_ensure_user_space(new_wsi)) { - lwsl_notice("OOM trying to get user_space\n"); - goto bail; - } - if (type & LWS_ADOPT_WS_PARENTIO) { - new_wsi->desc.sockfd = LWS_SOCK_INVALID; - lwsl_debug("binding to %s\n", new_wsi->protocol->name); - lws_bind_protocol(new_wsi, new_wsi->protocol); - lws_role_transition(new_wsi, LWSI_ROLE_WS1_SERVER, LRS_ESTABLISHED); - /* allocate the ws struct for the wsi */ - new_wsi->ws = lws_zalloc(sizeof(*new_wsi->ws), "ws struct"); - if (!new_wsi->ws) { - lwsl_notice("OOM\n"); - goto bail; - } - lws_server_init_wsi_for_ws(new_wsi); - - return new_wsi; - } - } else - if (type & LWS_ADOPT_HTTP) /* he will transition later */ - new_wsi->protocol = - &vh->protocols[vh->default_protocol_index]; - else { /* this is the only time he will transition */ - lws_bind_protocol(new_wsi, - &vh->protocols[vh->raw_protocol_index]); - lws_role_transition(new_wsi, LWSI_ROLE_RAW_SOCKET, - LRS_ESTABLISHED); - } - - if (type & LWS_ADOPT_SOCKET) { /* socket desc */ - lwsl_debug("%s: new wsi %p, sockfd %d\n", __func__, new_wsi, - (int)(lws_intptr_t)fd.sockfd); - - if (type & LWS_ADOPT_FLAG_UDP) - /* - * these can be >128 bytes, so just alloc for UDP - */ - new_wsi->udp = lws_malloc(sizeof(*new_wsi->udp), - "udp struct"); - - if (type & LWS_ADOPT_HTTP) - /* the transport is accepted... - * give him time to negotiate */ - lws_set_timeout(new_wsi, - PENDING_TIMEOUT_ESTABLISH_WITH_SERVER, - context->timeout_secs); - - } else /* file desc */ - lwsl_debug("%s: new wsi %p, filefd %d\n", __func__, new_wsi, - (int)(lws_intptr_t)fd.filefd); - - /* - * A new connection was accepted. Give the user a chance to - * set properties of the newly created wsi. There's no protocol - * selected yet so we issue this to the vhosts's default protocol, - * itself by default protocols[0] - */ - n = LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED; - if (!(type & LWS_ADOPT_HTTP)) { - if (!(type & LWS_ADOPT_SOCKET)) - n = LWS_CALLBACK_RAW_ADOPT_FILE; - else - n = LWS_CALLBACK_RAW_ADOPT; - } - - if (!LWS_SSL_ENABLED(new_wsi->vhost) || !(type & LWS_ADOPT_ALLOW_SSL) || - !(type & LWS_ADOPT_SOCKET)) { - /* non-SSL */ - if (!(type & LWS_ADOPT_HTTP)) { - if (!(type & LWS_ADOPT_SOCKET)) - lwsi_set_role(new_wsi, LWSI_ROLE_RAW_FILE); - else - lwsi_set_role(new_wsi, LWSI_ROLE_RAW_SOCKET); - } else { - lwsi_set_role(new_wsi, LWSI_ROLE_H1_SERVER); - lwsi_set_state(new_wsi, LRS_HEADERS); - } - } else { - /* SSL */ - if (!(type & LWS_ADOPT_HTTP)) - lwsi_set_role(new_wsi, LWSI_ROLE_RAW_SOCKET); - else - lwsi_set_role(new_wsi, LWSI_ROLE_H1_SERVER); - - lwsi_set_state(new_wsi, LRS_SSL_INIT); - ssl = 1; - } - - lwsl_debug("new wsi wsistate 0x%x\n", new_wsi->wsistate); - - lws_libev_accept(new_wsi, new_wsi->desc); - lws_libuv_accept(new_wsi, new_wsi->desc); - lws_libevent_accept(new_wsi, new_wsi->desc); - - if (!ssl) { - lws_pt_lock(pt, __func__); - if (__insert_wsi_socket_into_fds(context, new_wsi)) { - lws_pt_unlock(pt); - lwsl_err("%s: fail inserting socket\n", __func__); - goto fail; - } - lws_pt_unlock(pt); - } else - if (lws_server_socket_service_ssl(new_wsi, fd.sockfd)) { - lwsl_info("%s: fail ssl negotiation\n", __func__); - goto fail; - } - - /* - * by deferring callback to this point, after insertion to fds, - * lws_callback_on_writable() can work from the callback - */ - if ((new_wsi->protocol->callback)( - new_wsi, n, new_wsi->user_space, NULL, 0)) - goto fail; - - if (type & LWS_ADOPT_HTTP) { - if (!lws_header_table_attach(new_wsi, 0)) - lwsl_debug("Attached ah immediately\n"); - else - lwsl_info("%s: waiting for ah\n", __func__); - } - - lws_cancel_service_pt(new_wsi); - - return new_wsi; - -fail: - if (type & LWS_ADOPT_SOCKET) - lws_close_free_wsi(new_wsi, LWS_CLOSE_STATUS_NOSTATUS, "adopt skt fail"); - - return NULL; - -bail: - lwsl_notice("%s: exiting on bail\n", __func__); - if (parent) - parent->child_list = new_wsi->sibling_list; - if (new_wsi->user_space) - lws_free(new_wsi->user_space); - lws_free(new_wsi); - compatible_close(fd.sockfd); - - return NULL; -} - -LWS_VISIBLE struct lws * -lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd) -{ - lws_sock_file_fd_type fd; - - fd.sockfd = accept_fd; - return lws_adopt_descriptor_vhost(vh, LWS_ADOPT_SOCKET | - LWS_ADOPT_HTTP | LWS_ADOPT_ALLOW_SSL, fd, NULL, NULL); -} - -LWS_VISIBLE struct lws * -lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd) -{ - return lws_adopt_socket_vhost(context->vhost_list, accept_fd); -} - -/* Common read-buffer adoption for lws_adopt_*_readbuf */ -static struct lws* -adopt_socket_readbuf(struct lws *wsi, const char *readbuf, size_t len) -{ - struct lws_context_per_thread *pt; - struct allocated_headers *ah; - struct lws_pollfd *pfd; - - if (!wsi) - return NULL; - - if (!readbuf || len == 0) - return wsi; - - if (len > sizeof(ah->rx)) { - lwsl_err("%s: rx in too big\n", __func__); - goto bail; - } - - /* - * we can't process the initial read data until we can attach an ah. - * - * if one is available, get it and place the data in his ah rxbuf... - * wsi with ah that have pending rxbuf get auto-POLLIN service. - * - * no autoservice because we didn't get a chance to attach the - * readbuf data to wsi or ah yet, and we will do it next if we get - * the ah. - */ - if (wsi->ah || !lws_header_table_attach(wsi, 0)) { - ah = wsi->ah; - memcpy(ah->rx, readbuf, len); - ah->rxpos = 0; - ah->rxlen = (int16_t)len; - - lwsl_notice("%s: calling service on readbuf ah\n", __func__); - pt = &wsi->context->pt[(int)wsi->tsi]; - - /* unlike a normal connect, we have the headers already - * (or the first part of them anyway). - * libuv won't come back and service us without a network - * event, so we need to do the header service right here. - */ - pfd = &pt->fds[wsi->position_in_fds_table]; - pfd->revents |= LWS_POLLIN; - lwsl_err("%s: calling service\n", __func__); - if (lws_service_fd_tsi(wsi->context, pfd, wsi->tsi)) - /* service closed us */ - return NULL; - - return wsi; - } - lwsl_err("%s: deferring handling ah\n", __func__); - /* - * hum if no ah came, we are on the wait list and must defer - * dealing with this until the ah arrives. - * - * later successful lws_header_table_attach() will apply the - * below to the rx buffer (via lws_header_table_reset()). - */ - wsi->preamble_rx = lws_malloc(len, "preamble_rx"); - if (!wsi->preamble_rx) { - lwsl_err("OOM\n"); - goto bail; - } - memcpy(wsi->preamble_rx, readbuf, len); - wsi->preamble_rx_len = (int)len; - - return wsi; - -bail: - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "adopt skt readbuf fail"); - - return NULL; -} - -LWS_VISIBLE struct lws * -lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd, - const char *readbuf, size_t len) -{ - return adopt_socket_readbuf(lws_adopt_socket(context, accept_fd), - readbuf, len); -} - -LWS_VISIBLE struct lws * -lws_adopt_socket_vhost_readbuf(struct lws_vhost *vhost, - lws_sockfd_type accept_fd, - const char *readbuf, size_t len) -{ - return adopt_socket_readbuf(lws_adopt_socket_vhost(vhost, accept_fd), - readbuf, len); -} - -LWS_VISIBLE int -lws_server_socket_service(struct lws_context *context, struct lws *wsi, - struct lws_pollfd *pollfd) -{ - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - lws_sockfd_type accept_fd = LWS_SOCK_INVALID; - struct allocated_headers *ah; - lws_sock_file_fd_type fd; - int opts = LWS_ADOPT_SOCKET | LWS_ADOPT_ALLOW_SSL; -#if LWS_POSIX - struct sockaddr_storage cli_addr; - socklen_t clilen; -#endif - int n, len; - - switch (lwsi_role(wsi)) { - - case LWSI_ROLE_H1_SERVER: - case LWSI_ROLE_H2_SERVER: - case LWSI_ROLE_RAW_SOCKET: - case LWSI_ROLE_RAW_FILE: - - /* handle http headers coming in */ - - /* pending truncated sends have uber priority */ - - if (wsi->trunc_len) { - if (!(pollfd->revents & LWS_POLLOUT)) - break; - - if (lws_issue_raw(wsi, wsi->trunc_alloc + - wsi->trunc_offset, - wsi->trunc_len) < 0) - goto fail; - /* - * we can't afford to allow input processing to send - * something new, so spin around he event loop until - * he doesn't have any partials - */ - break; - } - - if (lwsi_state(wsi) == LRS_DEFERRING_ACTION) - goto try_pollout; - - /* any incoming data ready? */ - - if (!(pollfd->revents & pollfd->events & LWS_POLLIN)) - goto try_pollout; - - /* - * If we previously just did POLLIN when IN and OUT were - * signalled (because POLLIN processing may have used up - * the POLLOUT), don't let that happen twice in a row... - * next time we see the situation favour POLLOUT - */ - if (wsi->favoured_pollin && - (pollfd->revents & pollfd->events & LWS_POLLOUT)) { - lwsl_notice("favouring pollout\n"); - wsi->favoured_pollin = 0; - goto try_pollout; - } - - /* - * We haven't processed that the tunnel is set up yet, so - * defer reading - */ - if (lwsi_state(wsi) == LRS_SSL_ACK_PENDING) - break; - - /* these states imply we MUST have an ah attached */ - - if (!lwsi_role_raw(wsi) && - (lwsi_state(wsi) == LRS_ESTABLISHED || - lwsi_state(wsi) == LRS_ISSUING_FILE || - lwsi_state(wsi) == LRS_HEADERS)) { - if (!wsi->ah) { - /* no autoservice beacuse we will do it next */ - if (lws_header_table_attach(wsi, 0)) { - lwsl_info("wsi %p: ah get fail\n", wsi); - goto try_pollout; - } - } - ah = wsi->ah; - - assert(ah->rxpos <= ah->rxlen); - /* if nothing in ah rx buffer, get some fresh rx */ - if (ah->rxpos == ah->rxlen) { - - if (wsi->preamble_rx) { - memcpy(ah->rx, wsi->preamble_rx, wsi->preamble_rx_len); - lws_free_set_NULL(wsi->preamble_rx); - ah->rxlen = wsi->preamble_rx_len; - wsi->preamble_rx_len = 0; - } else { - ah->rxlen = lws_ssl_capable_read(wsi, ah->rx, - sizeof(ah->rx)); - } - - ah->rxpos = 0; - switch (ah->rxlen) { - case 0: - lwsl_info("%s: read 0 len a\n", - __func__); - wsi->seen_zero_length_recv = 1; - lws_change_pollfd(wsi, LWS_POLLIN, 0); - goto try_pollout; - //goto fail; - - case LWS_SSL_CAPABLE_ERROR: - goto fail; - case LWS_SSL_CAPABLE_MORE_SERVICE: - ah->rxlen = ah->rxpos = 0; - goto try_pollout; - } - } - - if (!(ah->rxpos != ah->rxlen && ah->rxlen)) { - lwsl_err("%s: assert: rxpos %d, rxlen %d\n", - __func__, ah->rxpos, ah->rxlen); - - assert(0); - } - - /* just ignore incoming if waiting for close */ - if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE || - lwsi_state(wsi) == LRS_ISSUING_FILE) - goto try_pollout; - - /* - * otherwise give it to whoever wants it - * according to the connection state - */ - - n = lws_read(wsi, ah->rx + ah->rxpos, - ah->rxlen - ah->rxpos); - if (n < 0) /* we closed wsi */ - return 1; - - if (!wsi->ah) - break; - if ( wsi->ah->rxlen) - wsi->ah->rxpos += n; - - lwsl_debug("%s: wsi %p: ah read rxpos %d, rxlen %d\n", - __func__, wsi, wsi->ah->rxpos, - wsi->ah->rxlen); - - if (lws_header_table_is_in_detachable_state(wsi) && - lwsi_role_raw(wsi)) // ??? - lws_header_table_detach(wsi, 1); - - break; - } - - if (wsi->preamble_rx && wsi->preamble_rx_len) { - memcpy(pt->serv_buf, wsi->preamble_rx, wsi->preamble_rx_len); - lws_free_set_NULL(wsi->preamble_rx); - len = wsi->preamble_rx_len; - lwsl_debug("bringing %d out of stash\n", wsi->preamble_rx_len); - wsi->preamble_rx_len = 0; - } else { - - /* - * ... in the case of pipelined HTTP, this may be - * POST data followed by next headers... - */ - - len = lws_ssl_capable_read(wsi, pt->serv_buf, - context->pt_serv_buf_size); - lwsl_debug("%s: wsi %p read %d (wsistate 0x%x)\n", - __func__, wsi, len, wsi->wsistate); - switch (len) { - case 0: - lwsl_info("%s: read 0 len b\n", __func__); - - /* fallthru */ - case LWS_SSL_CAPABLE_ERROR: - goto fail; - case LWS_SSL_CAPABLE_MORE_SERVICE: - goto try_pollout; - } - - if (len < 0) /* coverity */ - goto fail; - } - if (lwsi_role_raw(wsi)) { - n = user_callback_handle_rxflow(wsi->protocol->callback, - wsi, LWS_CALLBACK_RAW_RX, - wsi->user_space, - pt->serv_buf, len); - if (n < 0) { - lwsl_info("LWS_CALLBACK_RAW_RX_fail\n"); - goto fail; - } - goto try_pollout; - } - - /* just ignore incoming if waiting for close */ - if (lwsi_state(wsi) != LRS_FLUSHING_BEFORE_CLOSE && - lwsi_state(wsi) != LRS_ISSUING_FILE) { - /* - * this may want to send - * (via HTTP callback for example) - * - * returns number of bytes used - */ - - n = lws_read(wsi, pt->serv_buf, len); - if (n < 0) /* we closed wsi */ - return 1; - - if (n != len) { - if (wsi->preamble_rx) { - lwsl_err("DISCARDING %d (ah %p)\n", len - n, wsi->ah); - - goto fail; - } - assert(n < len); - wsi->preamble_rx = lws_malloc(len - n, "preamble_rx"); - if (!wsi->preamble_rx) { - lwsl_err("OOM\n"); - goto fail; - } - memcpy(wsi->preamble_rx, pt->serv_buf + n, len - n); - wsi->preamble_rx_len = (int)len - n; - lwsl_debug("stashed %d\n", (int)wsi->preamble_rx_len); - } - - /* - * he may have used up the - * writability above, if we will defer POLLOUT - * processing in favour of POLLIN, note it - */ - if (pollfd->revents & LWS_POLLOUT) - wsi->favoured_pollin = 1; - break; - } - /* - * he may have used up the - * writability above, if we will defer POLLOUT - * processing in favour of POLLIN, note it - */ - if (pollfd->revents & LWS_POLLOUT) - wsi->favoured_pollin = 1; - -try_pollout: - - /* this handles POLLOUT for http serving fragments */ - - if (!(pollfd->revents & LWS_POLLOUT)) - break; - - /* one shot */ - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { - lwsl_notice("%s a\n", __func__); - goto fail; - } - - /* clear back-to-back write detection */ - wsi->could_have_pending = 0; - - if (lwsi_state(wsi) == LRS_DEFERRING_ACTION) { - lwsl_debug("%s: LRS_DEFERRING_ACTION now writable\n", - __func__); - - if (wsi->ah) - lwsl_debug(" existing ah rxpos %d / rxlen %d\n", - wsi->ah->rxpos, wsi->ah->rxlen); - lwsi_set_state(wsi, LRS_ESTABLISHED); - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { - lwsl_info("failed at set pollfd\n"); - goto fail; - } - } - - if (lwsi_role_raw(wsi)) { - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_WRITEABLE_CB, 1); -#if defined(LWS_WITH_STATS) - if (wsi->active_writable_req_us) { - uint64_t ul = time_in_microseconds() - - wsi->active_writable_req_us; - - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_MS_WRITABLE_DELAY, ul); - lws_stats_atomic_max(wsi->context, pt, - LWSSTATS_MS_WORST_WRITABLE_DELAY, ul); - wsi->active_writable_req_us = 0; - } -#endif - n = user_callback_handle_rxflow(wsi->protocol->callback, - wsi, LWS_CALLBACK_RAW_WRITEABLE, - wsi->user_space, NULL, 0); - if (n < 0) { - lwsl_info("writeable_fail\n"); - goto fail; - } - break; - } - - if (!wsi->hdr_parsing_completed) - break; - - if (lwsi_state(wsi) != LRS_ISSUING_FILE) { - - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_WRITEABLE_CB, 1); -#if defined(LWS_WITH_STATS) - if (wsi->active_writable_req_us) { - uint64_t ul = time_in_microseconds() - - wsi->active_writable_req_us; - - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_MS_WRITABLE_DELAY, ul); - lws_stats_atomic_max(wsi->context, pt, - LWSSTATS_MS_WORST_WRITABLE_DELAY, ul); - wsi->active_writable_req_us = 0; - } -#endif - - n = user_callback_handle_rxflow(wsi->protocol->callback, - wsi, LWS_CALLBACK_HTTP_WRITEABLE, - wsi->user_space, NULL, 0); - if (n < 0) { - lwsl_info("writeable_fail\n"); - goto fail; - } - break; - } - - /* >0 == completion, <0 == error - * - * We'll get a LWS_CALLBACK_HTTP_FILE_COMPLETION callback when - * it's done. That's the case even if we just completed the - * send, so wait for that. - */ - n = lws_serve_http_file_fragment(wsi); - if (n < 0) - goto fail; - - break; - - case LWSI_ROLE_LISTEN_SOCKET: - -#if LWS_POSIX - /* pollin means a client has connected to us then - * pollout is a hack on esp32 for background accepts signalling - * they completed - * */ - - do { - if (!(pollfd->revents & (LWS_POLLIN |LWS_POLLOUT)) || - !(pollfd->events & LWS_POLLIN)) - break; - -#ifdef LWS_OPENSSL_SUPPORT - /* - * can we really accept it, with regards to SSL limit? - * another vhost may also have had POLLIN on his - * listener this round and used it up already - */ - if (wsi->vhost->use_ssl && - context->simultaneous_ssl_restriction && - context->simultaneous_ssl == - context->simultaneous_ssl_restriction) - /* - * no... ignore it, he won't come again until - * we are below the simultaneous_ssl_restriction - * limit and POLLIN is enabled on him again - */ - break; -#endif - /* listen socket got an unencrypted connection... */ - - clilen = sizeof(cli_addr); - lws_latency_pre(context, wsi); - - /* - * We cannot identify the peer who is in the listen - * socket connect queue before we accept it; even if - * we could, not accepting it due to PEER_LIMITS would - * block the connect queue for other legit peers. - */ - accept_fd = accept((int)pollfd->fd, - (struct sockaddr *)&cli_addr, - &clilen); - lws_latency(context, wsi, "listener accept", - (int)accept_fd, accept_fd != LWS_SOCK_INVALID); - if (accept_fd == LWS_SOCK_INVALID) { - if (LWS_ERRNO == LWS_EAGAIN || - LWS_ERRNO == LWS_EWOULDBLOCK) { - break; - } - lwsl_err("ERROR on accept: %s\n", - strerror(LWS_ERRNO)); - break; - } - - lws_plat_set_socket_options(wsi->vhost, accept_fd); - -#if defined(LWS_WITH_IPV6) - lwsl_debug("accepted new conn port %u on fd=%d\n", - ((cli_addr.ss_family == AF_INET6) ? - ntohs(((struct sockaddr_in6 *) &cli_addr)->sin6_port) : - ntohs(((struct sockaddr_in *) &cli_addr)->sin_port)), - accept_fd); -#else - lwsl_debug("accepted new conn port %u on fd=%d\n", - ntohs(((struct sockaddr_in *) &cli_addr)->sin_port), - accept_fd); -#endif - -#else - /* not very beautiful... */ - accept_fd = (lws_sockfd_type)pollfd; -#endif - /* - * look at who we connected to and give user code a - * chance to reject based on client IP. There's no - * protocol selected yet so we issue this to - * protocols[0] - */ - if ((wsi->vhost->protocols[0].callback)(wsi, - LWS_CALLBACK_FILTER_NETWORK_CONNECTION, - NULL, - (void *)(lws_intptr_t)accept_fd, 0)) { - lwsl_debug("Callback denied net connection\n"); - compatible_close(accept_fd); - break; - } - - if (!(wsi->vhost->options & LWS_SERVER_OPTION_ONLY_RAW)) - opts |= LWS_ADOPT_HTTP; - else - opts = LWS_ADOPT_SOCKET; - - fd.sockfd = accept_fd; - if (!lws_adopt_descriptor_vhost(wsi->vhost, opts, fd, - NULL, NULL)) - /* already closed cleanly as necessary */ - return 1; - -#if LWS_POSIX - } while (pt->fds_count < context->fd_limit_per_thread - 1 && - lws_poll_listen_fd(&pt->fds[wsi->position_in_fds_table]) > 0); -#endif - return 0; - - default: - break; - } - - if (!lws_server_socket_service_ssl(wsi, accept_fd)) - return 0; - -fail: - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "server socket svc fail"); - - return 1; -} - -LWS_VISIBLE int -lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type, - const char *other_headers, int other_headers_len) -{ - static const char * const intermediates[] = { "private", "public" }; - struct lws_context *context = lws_get_context(wsi); - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; -#if defined(LWS_WITH_RANGES) - struct lws_range_parsing *rp = &wsi->http.range; -#endif - char cache_control[50], *cc = "no-store"; - unsigned char *response = pt->serv_buf + LWS_PRE; - unsigned char *p = response; - unsigned char *end = p + context->pt_serv_buf_size - LWS_PRE; - lws_filepos_t total_content_length; - int ret = 0, cclen = 8, n = HTTP_STATUS_OK; - lws_fop_flags_t fflags = LWS_O_RDONLY; -#if defined(LWS_WITH_RANGES) - int ranges; -#endif - const struct lws_plat_file_ops *fops; - const char *vpath; - - if (wsi->handling_404) - n = HTTP_STATUS_NOT_FOUND; - - /* - * We either call the platform fops .open with first arg platform fops, - * or we call fops_zip .open with first arg platform fops, and fops_zip - * open will decide whether to switch to fops_zip or stay with fops_def. - * - * If wsi->http.fop_fd is already set, the caller already opened it - */ - if (!wsi->http.fop_fd) { - fops = lws_vfs_select_fops(wsi->context->fops, file, &vpath); - fflags |= lws_vfs_prepare_flags(wsi); - wsi->http.fop_fd = fops->LWS_FOP_OPEN(wsi->context->fops, - file, vpath, &fflags); - if (!wsi->http.fop_fd) { - lwsl_info("Unable to open: '%s': errno %d\n", file, errno); - - return -1; - } - } - wsi->http.filelen = lws_vfs_get_length(wsi->http.fop_fd); - total_content_length = wsi->http.filelen; - -#if defined(LWS_WITH_RANGES) - ranges = lws_ranges_init(wsi, rp, wsi->http.filelen); - - lwsl_debug("Range count %d\n", ranges); - /* - * no ranges -> 200; - * 1 range -> 206 + Content-Type: normal; Content-Range; - * more -> 206 + Content-Type: multipart/byteranges - * Repeat the true Content-Type in each multipart header - * along with Content-Range - */ - if (ranges < 0) { - /* it means he expressed a range in Range:, but it was illegal */ - lws_return_http_status(wsi, HTTP_STATUS_REQ_RANGE_NOT_SATISFIABLE, - NULL); - if (lws_http_transaction_completed(wsi)) - return -1; /* <0 means just hang up */ - - lws_vfs_file_close(&wsi->http.fop_fd); - - return 0; /* == 0 means we dealt with the transaction complete */ - } - if (ranges) - n = HTTP_STATUS_PARTIAL_CONTENT; -#endif - - if (lws_add_http_header_status(wsi, n, &p, end)) - return -1; - - if ((wsi->http.fop_fd->flags & (LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP | - LWS_FOP_FLAG_COMPR_IS_GZIP)) == - (LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP | LWS_FOP_FLAG_COMPR_IS_GZIP)) { - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_CONTENT_ENCODING, - (unsigned char *)"gzip", 4, &p, end)) - return -1; - lwsl_info("file is being provided in gzip\n"); - } - - if ( -#if defined(LWS_WITH_RANGES) - ranges < 2 && -#endif - content_type && content_type[0]) - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_CONTENT_TYPE, - (unsigned char *)content_type, - (int)strlen(content_type), - &p, end)) - return -1; - -#if defined(LWS_WITH_RANGES) - if (ranges >= 2) { /* multipart byteranges */ - lws_strncpy(wsi->http.multipart_content_type, content_type, - sizeof(wsi->http.multipart_content_type)); - - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_CONTENT_TYPE, - (unsigned char *) - "multipart/byteranges; " - "boundary=_lws", - 20, &p, end)) - return -1; - - /* - * our overall content length has to include - * - * - (n + 1) x "_lws\r\n" - * - n x Content-Type: xxx/xxx\r\n - * - n x Content-Range: bytes xxx-yyy/zzz\r\n - * - n x /r/n - * - the actual payloads (aggregated in rp->agg) - * - * Precompute it for the main response header - */ - - total_content_length = (lws_filepos_t)rp->agg + - 6 /* final _lws\r\n */; - - lws_ranges_reset(rp); - while (lws_ranges_next(rp)) { - n = lws_snprintf(cache_control, sizeof(cache_control), - "bytes %llu-%llu/%llu", - rp->start, rp->end, rp->extent); - - total_content_length += - 6 /* header _lws\r\n */ + - /* Content-Type: xxx/xxx\r\n */ - 14 + strlen(content_type) + 2 + - /* Content-Range: xxxx\r\n */ - 15 + n + 2 + - 2; /* /r/n */ - } - - lws_ranges_reset(rp); - lws_ranges_next(rp); - } - - if (ranges == 1) { - total_content_length = (lws_filepos_t)rp->agg; - n = lws_snprintf(cache_control, sizeof(cache_control), - "bytes %llu-%llu/%llu", - rp->start, rp->end, rp->extent); - - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_CONTENT_RANGE, - (unsigned char *)cache_control, - n, &p, end)) - return -1; - } - - wsi->http.range.inside = 0; - - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_ACCEPT_RANGES, - (unsigned char *)"bytes", 5, &p, end)) - return -1; -#endif - - if (!wsi->http2_substream) { - if (!wsi->sending_chunked) { - if (lws_add_http_header_content_length(wsi, - total_content_length, - &p, end)) - return -1; - } else { - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_TRANSFER_ENCODING, - (unsigned char *)"chunked", - 7, &p, end)) - return -1; - } - } - - if (wsi->cache_secs && wsi->cache_reuse) { - if (wsi->cache_revalidate) { - cc = cache_control; - cclen = sprintf(cache_control, "%s max-age: %u", - intermediates[wsi->cache_intermediaries], - wsi->cache_secs); - } else { - cc = "no-cache"; - cclen = 8; - } - } - - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CACHE_CONTROL, - (unsigned char *)cc, cclen, &p, end)) - return -1; - - if (wsi->http.connection_type == HTTP_CONNECTION_KEEP_ALIVE) - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_CONNECTION, - (unsigned char *)"keep-alive", 10, &p, end)) - return -1; - - if (other_headers) { - if ((end - p) < other_headers_len) - return -1; - memcpy(p, other_headers, other_headers_len); - p += other_headers_len; - } - - if (lws_finalize_http_header(wsi, &p, end)) - return -1; - - ret = lws_write(wsi, response, p - response, LWS_WRITE_HTTP_HEADERS); - if (ret != (p - response)) { - lwsl_err("_write returned %d from %ld\n", ret, - (long)(p - response)); - return -1; - } - - wsi->http.filepos = 0; - lwsi_set_state(wsi, LRS_ISSUING_FILE); - - lws_callback_on_writable(wsi); - - return 0; -} - -int -lws_interpret_incoming_packet(struct lws *wsi, unsigned char **buf, size_t len) -{ - int m; - - lwsl_parser("%s: received %d byte packet\n", __func__, (int)len); - - /* let the rx protocol state machine have as much as it needs */ - - while (len) { - /* - * we were accepting input but now we stopped doing so - */ - if (wsi->rxflow_bitmap) { - lws_rxflow_cache(wsi, *buf, 0, (int)len); - lwsl_parser("%s: cached %ld\n", __func__, (long)len); - return 1; - } - - if (wsi->ws->rx_draining_ext) { - m = lws_rx_sm(wsi, 0); - if (m < 0) - return -1; - continue; - } - - /* account for what we're using in rxflow buffer */ - if (wsi->rxflow_buffer) { - wsi->rxflow_pos++; - if (wsi->rxflow_pos > wsi->rxflow_len) - assert(0); - } - - /* consume payload bytes efficiently */ - if (wsi->lws_rx_parse_state == - LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED) { - m = lws_payload_until_length_exhausted(wsi, buf, &len); - if (wsi->rxflow_buffer) - wsi->rxflow_pos += m; - } - - /* process the byte */ - m = lws_rx_sm(wsi, *(*buf)++); - if (m < 0) - return -1; - len--; - - if (wsi->rxflow_buffer && wsi->rxflow_pos == wsi->rxflow_len) { - lwsl_debug("%s: %p flow buf: drained\n", __func__, wsi); - lws_free_set_NULL(wsi->rxflow_buffer); - /* having drained the rxflow buffer, can rearm POLLIN */ -#ifdef LWS_NO_SERVER - m = -#endif - __lws_rx_flow_control(wsi); - /* m ignored, needed for NO_SERVER case */ - } - } - - lwsl_parser("%s: exit with %d unused\n", __func__, (int)len); - - return 0; -} - -LWS_VISIBLE void -lws_server_get_canonical_hostname(struct lws_context *context, - struct lws_context_creation_info *info) -{ - if (lws_check_opt(info->options, - LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME)) - return; -#if LWS_POSIX && !defined(LWS_WITH_ESP32) - /* find canonical hostname */ - gethostname((char *)context->canonical_hostname, - sizeof(context->canonical_hostname) - 1); - - lwsl_info(" canonical_hostname = %s\n", context->canonical_hostname); -#else - (void)context; -#endif -} - - -LWS_VISIBLE LWS_EXTERN int -lws_chunked_html_process(struct lws_process_html_args *args, - struct lws_process_html_state *s) -{ - char *sp, buffer[32]; - const char *pc; - int old_len, n; - - /* do replacements */ - sp = args->p; - old_len = args->len; - args->len = 0; - s->start = sp; - while (sp < args->p + old_len) { - - if (args->len + 7 >= args->max_len) { - lwsl_err("Used up interpret padding\n"); - return -1; - } - - if ((!s->pos && *sp == '$') || s->pos) { - int hits = 0, hit = 0; - - if (!s->pos) - s->start = sp; - s->swallow[s->pos++] = *sp; - if (s->pos == sizeof(s->swallow) - 1) - goto skip; - for (n = 0; n < s->count_vars; n++) - if (!strncmp(s->swallow, s->vars[n], s->pos)) { - hits++; - hit = n; - } - if (!hits) { -skip: - s->swallow[s->pos] = '\0'; - memcpy(s->start, s->swallow, s->pos); - args->len++; - s->pos = 0; - sp = s->start + 1; - continue; - } - if (hits == 1 && s->pos == (int)strlen(s->vars[hit])) { - pc = s->replace(s->data, hit); - if (!pc) - pc = "NULL"; - n = (int)strlen(pc); - s->swallow[s->pos] = '\0'; - if (n != s->pos) { - memmove(s->start + n, - s->start + s->pos, - old_len - (sp - args->p)); - old_len += (n - s->pos) + 1; - } - memcpy(s->start, pc, n); - args->len++; - sp = s->start + 1; - - s->pos = 0; - } - sp++; - continue; - } - - args->len++; - sp++; - } - - if (args->chunked) { - /* no space left for final chunk trailer */ - if (args->final && args->len + 7 >= args->max_len) - return -1; - - n = sprintf(buffer, "%X\x0d\x0a", args->len); - - args->p -= n; - memcpy(args->p, buffer, n); - args->len += n; - - if (args->final) { - sp = args->p + args->len; - *sp++ = '\x0d'; - *sp++ = '\x0a'; - *sp++ = '0'; - *sp++ = '\x0d'; - *sp++ = '\x0a'; - *sp++ = '\x0d'; - *sp++ = '\x0a'; - args->len += 7; - } else { - sp = args->p + args->len; - *sp++ = '\x0d'; - *sp++ = '\x0a'; - args->len += 2; - } - } - - return 0; -} diff --git a/lib/server/ssl-server.c b/lib/server/ssl-server.c deleted file mode 100644 index c2a16f7..0000000 --- a/lib/server/ssl-server.c +++ /dev/null @@ -1,316 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "private-libwebsockets.h" - -LWS_VISIBLE int -lws_context_init_server_ssl(struct lws_context_creation_info *info, - struct lws_vhost *vhost) -{ - struct lws_context *context = vhost->context; - struct lws wsi; - - if (!lws_check_opt(info->options, - LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) { - vhost->use_ssl = 0; - - return 0; - } - - /* - * If he is giving a cert filepath, take it as a sign he wants to use - * it on this vhost. User code can leave the cert filepath NULL and - * set the LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX option itself, in - * which case he's expected to set up the cert himself at - * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, which - * provides the vhost SSL_CTX * in the user parameter. - */ - if (info->ssl_cert_filepath) - info->options |= LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX; - - if (info->port != CONTEXT_PORT_NO_LISTEN) { - - vhost->use_ssl = lws_check_opt(info->options, - LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX); - - if (vhost->use_ssl && info->ssl_cipher_list) - lwsl_notice(" SSL ciphers: '%s'\n", - info->ssl_cipher_list); - - if (vhost->use_ssl) - lwsl_notice(" Using SSL mode\n"); - else - lwsl_notice(" Using non-SSL mode\n"); - } - - /* - * give him a fake wsi with context + vhost set, so he can use - * lws_get_context() in the callback - */ - memset(&wsi, 0, sizeof(wsi)); - wsi.vhost = vhost; - wsi.context = context; - - /* - * as a server, if we are requiring clients to identify themselves - * then set the backend up for it - */ - if (lws_check_opt(info->options, - LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT)) - /* Normally SSL listener rejects non-ssl, optionally allow */ - vhost->allow_non_ssl_on_ssl_port = 1; - - /* - * give user code a chance to load certs into the server - * allowing it to verify incoming client certs - */ - if (vhost->use_ssl) { - if (lws_tls_server_vhost_backend_init(info, vhost, &wsi)) - return -1; - - lws_tls_server_client_cert_verify_config(vhost); - - if (vhost->protocols[0].callback(&wsi, - LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, - vhost->ssl_ctx, vhost, 0)) - return -1; - } - - if (vhost->use_ssl) - /* - * SSL is happy and has a cert it's content with - * If we're supporting HTTP2, initialize that - */ - lws_context_init_http2_ssl(vhost); - - return 0; -} - -LWS_VISIBLE int -lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd) -{ - struct lws_context *context = wsi->context; - struct lws_vhost *vh; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - int n; - char buf[256]; - - (void)buf; - - if (!LWS_SSL_ENABLED(wsi->vhost)) - return 0; - - switch (lwsi_state(wsi)) { - case LRS_SSL_INIT: - - if (wsi->ssl) - lwsl_err("%s: leaking ssl\n", __func__); - if (accept_fd == LWS_SOCK_INVALID) - assert(0); - if (context->simultaneous_ssl_restriction && - context->simultaneous_ssl >= - context->simultaneous_ssl_restriction) { - lwsl_notice("unable to deal with SSL connection\n"); - return 1; - } - - if (lws_tls_server_new_nonblocking(wsi, accept_fd)) { - if (accept_fd != LWS_SOCK_INVALID) - compatible_close(accept_fd); - goto fail; - } - - if (context->simultaneous_ssl_restriction && - ++context->simultaneous_ssl == - context->simultaneous_ssl_restriction) - /* that was the last allowed SSL connection */ - lws_gate_accepts(context, 0); - -#if defined(LWS_WITH_STATS) - context->updated = 1; -#endif - /* - * we are not accepted yet, but we need to enter ourselves - * as a live connection. That way we can retry when more - * pieces come if we're not sorted yet - */ - lwsi_set_state(wsi, LRS_SSL_ACK_PENDING); - - lws_pt_lock(pt, __func__); - if (__insert_wsi_socket_into_fds(context, wsi)) { - lwsl_err("%s: failed to insert into fds\n", __func__); - goto fail; - } - lws_pt_unlock(pt); - - lws_set_timeout(wsi, PENDING_TIMEOUT_SSL_ACCEPT, - context->timeout_secs); - - lwsl_debug("inserted SSL accept into fds, trying SSL_accept\n"); - - /* fallthru */ - - case LRS_SSL_ACK_PENDING: - - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { - lwsl_err("%s: lws_change_pollfd failed\n", __func__); - goto fail; - } - - lws_latency_pre(context, wsi); - - if (wsi->vhost->allow_non_ssl_on_ssl_port) { - - n = recv(wsi->desc.sockfd, (char *)pt->serv_buf, - context->pt_serv_buf_size, MSG_PEEK); - - /* - * optionally allow non-SSL connect on SSL listening socket - * This is disabled by default, if enabled it goes around any - * SSL-level access control (eg, client-side certs) so leave - * it disabled unless you know it's not a problem for you - */ - if (n >= 1 && pt->serv_buf[0] >= ' ') { - /* - * TLS content-type for Handshake is 0x16, and - * for ChangeCipherSpec Record, it's 0x14 - * - * A non-ssl session will start with the HTTP - * method in ASCII. If we see it's not a legit - * SSL handshake kill the SSL for this - * connection and try to handle as a HTTP - * connection upgrade directly. - */ - wsi->use_ssl = 0; - - lws_tls_server_abort_connection(wsi); - /* - * care... this creates wsi with no ssl - * when ssl is enabled and normally - * mandatory - */ - wsi->ssl = NULL; - if (lws_check_opt(context->options, - LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS)) - wsi->redirect_to_https = 1; - lwsl_debug("accepted as non-ssl\n"); - goto accepted; - } - if (!n) { - /* - * connection is gone, fail out - */ - lwsl_debug("PEEKed 0\n"); - goto fail; - } - if (n < 0 && (LWS_ERRNO == LWS_EAGAIN || - LWS_ERRNO == LWS_EWOULDBLOCK)) { - /* - * well, we get no way to know ssl or not - * so go around again waiting for something - * to come and give us a hint, or timeout the - * connection. - */ - if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) { - lwsl_info("%s: change_pollfd failed\n", - __func__); - return -1; - } - - lwsl_info("SSL_ERROR_WANT_READ\n"); - return 0; - } - } - - /* normal SSL connection processing path */ - -#if defined(LWS_WITH_STATS) - if (!wsi->accept_start_us) - wsi->accept_start_us = time_in_microseconds(); -#endif - errno = 0; - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN, 1); - n = lws_tls_server_accept(wsi); - lws_latency(context, wsi, - "SSL_accept LRS_SSL_ACK_PENDING\n", n, n == 1); - lwsl_info("SSL_accept says %d\n", n); - switch (n) { - case LWS_SSL_CAPABLE_DONE: - break; - case LWS_SSL_CAPABLE_ERROR: - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_SSL_CONNECTIONS_FAILED, 1); - lwsl_info("SSL_accept failed socket %u: %d\n", - wsi->desc.sockfd, n); - wsi->socket_is_permanently_unusable = 1; - goto fail; - - default: /* MORE_SERVICE */ - return 0; - } - - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED, 1); -#if defined(LWS_WITH_STATS) - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY, - time_in_microseconds() - wsi->accept_start_us); - wsi->accept_start_us = time_in_microseconds(); -#endif - -accepted: - - /* adapt our vhost to match the SNI SSL_CTX that was chosen */ - vh = context->vhost_list; - while (vh) { - if (!vh->being_destroyed && wsi->ssl && - vh->ssl_ctx == lws_tls_ctx_from_wsi(wsi)) { - lwsl_info("setting wsi to vh %s\n", vh->name); - wsi->vhost = vh; - break; - } - vh = vh->vhost_next; - } - - /* OK, we are accepted... give him some time to negotiate */ - lws_set_timeout(wsi, PENDING_TIMEOUT_ESTABLISH_WITH_SERVER, - context->timeout_secs); - - lwsi_set_state(wsi, LRS_ESTABLISHED); - -#if defined(LWS_WITH_HTTP2) - if (lws_h2_configure_if_upgraded(wsi)) - goto fail; -#endif - lwsl_debug("accepted new SSL conn\n"); - break; - - default: - break; - } - - return 0; - -fail: - return 1; -} - diff --git a/lib/service.c b/lib/service.c index c9210a2..74d8586 100644 --- a/lib/service.c +++ b/lib/service.c @@ -1,7 +1,7 @@ /* * libwebsockets - small server side websockets and web server implementation * - * Copyright (C) 2010-2017 Andy Green + * Copyright (C) 2010-2018 Andy Green * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -21,8 +21,8 @@ #include "private-libwebsockets.h" -static int -lws_calllback_as_writeable(struct lws *wsi) +int +lws_callback_as_writeable(struct lws *wsi) { struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; int n, m; @@ -41,33 +41,11 @@ lws_calllback_as_writeable(struct lws *wsi) } #endif - switch (lwsi_role(wsi)) { - case LWSI_ROLE_RAW_SOCKET: - n = LWS_CALLBACK_RAW_WRITEABLE; - break; - case LWSI_ROLE_RAW_FILE: - n = LWS_CALLBACK_RAW_WRITEABLE_FILE; - break; - case LWSI_ROLE_WS1_CLIENT: - case LWSI_ROLE_WS2_CLIENT: - n = LWS_CALLBACK_CLIENT_WRITEABLE; - break; - case LWSI_ROLE_H1_CLIENT: - case LWSI_ROLE_H2_CLIENT: - n = LWS_CALLBACK_CLIENT_HTTP_WRITEABLE; - break; - case LWSI_ROLE_WS1_SERVER: - case LWSI_ROLE_WS2_SERVER: - n = LWS_CALLBACK_SERVER_WRITEABLE; - break; - default: - n = LWS_CALLBACK_HTTP_WRITEABLE; - break; - } + n = wsi->role_ops->writeable_cb[lwsi_role_server(wsi)]; m = user_callback_handle_rxflow(wsi->protocol->callback, - wsi, (enum lws_callback_reasons) n, - wsi->user_space, NULL, 0); + wsi, (enum lws_callback_reasons) n, + wsi->user_space, NULL, 0); return m; } @@ -75,17 +53,8 @@ lws_calllback_as_writeable(struct lws *wsi) LWS_VISIBLE int lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd) { - int write_type = LWS_WRITE_PONG; -#ifdef LWS_WITH_HTTP2 - struct lws **wsi2, *wsi2a; -#endif - int n; volatile struct lws *vwsi = (volatile struct lws *)wsi; - -#if !defined(LWS_WITHOUT_EXTENSIONS) - struct lws_tokens eff_buf; - int ret, m; -#endif + int n; lwsl_info("%s: %p\n", __func__, wsi); @@ -96,17 +65,17 @@ lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd) * handling_pollout is set, he will only set leave_pollout_active. * If we are going to disable POLLOUT, we will check that first. */ + wsi->could_have_pending = 0; /* clear back-to-back write detection */ /* * user callback is lowest priority to get these notifications * actually, since other pending things cannot be disordered - */ - - /* Priority 1: pending truncated sends are incomplete ws fragments + * + * Priority 1: pending truncated sends are incomplete ws fragments * If anything else sent first the protocol would be * corrupted. */ - wsi->could_have_pending = 0; /* clear back-to-back write detection */ + if (wsi->trunc_len) { //lwsl_notice("%s: completing partial\n", __func__); if (lws_issue_raw(wsi, wsi->trunc_alloc + wsi->trunc_offset, @@ -122,35 +91,11 @@ lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd) goto bail_die; /* retry closing now */ } - if (lwsi_state(wsi) == LRS_ISSUE_HTTP_BODY) - goto user_service; - -#ifdef LWS_WITH_HTTP2 +#ifdef LWS_WITH_CGI /* - * Priority 2: protocol packets + * A cgi master's wire protocol remains h1 or h2. He is just getting + * his data from his child cgis. */ - if ((wsi->upgraded_to_http2 -#if !defined(LWS_NO_CLIENT) - || wsi->client_h2_alpn -#endif - ) && wsi->h2.h2n->pps) { - lwsl_info("servicing pps\n"); - if (lws_h2_do_pps_send(wsi)) { - wsi->socket_is_permanently_unusable = 1; - goto bail_die; - } - if (wsi->h2.h2n->pps) - goto bail_ok; - - /* we can resume whatever we were doing */ - lws_rx_flow_control(wsi, LWS_RXFLOW_REASON_APPLIES_ENABLE | - LWS_RXFLOW_REASON_H2_PPS_PENDING); - - goto bail_ok; /* leave POLLOUT active */ - } -#endif - -#ifdef LWS_WITH_CGI if (wsi->cgi) { /* also one shot */ if (pollfd) @@ -162,199 +107,30 @@ lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd) } #endif - /* Priority 3: pending control packets (pong or close) - * - * 3a: close notification packet requested from close api - */ - - if (lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE) { - lwsl_debug("sending close packet\n"); - wsi->waiting_to_send_close_frame = 0; - n = lws_write(wsi, &wsi->ws->ping_payload_buf[LWS_PRE], - wsi->ws->close_in_ping_buffer_len, - LWS_WRITE_CLOSE); - if (n >= 0) { - lwsi_set_state(wsi, LRS_AWAITING_CLOSE_ACK); - lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_ACK, 5); - lwsl_debug("sent close indication, awaiting ack\n"); - - goto bail_ok; - } - - goto bail_die; - } - - /* else, the send failed and we should just hang up */ - - if ((lwsi_role_ws(wsi) && wsi->ws->ping_pending_flag) || - (lwsi_state(wsi) == LRS_RETURNED_CLOSE && - wsi->ws->payload_is_close)) { - - if (wsi->ws->payload_is_close) - write_type = LWS_WRITE_CLOSE; - - n = lws_write(wsi, &wsi->ws->ping_payload_buf[LWS_PRE], - wsi->ws->ping_payload_len, write_type); - if (n < 0) - goto bail_die; - - /* well he is sent, mark him done */ - wsi->ws->ping_pending_flag = 0; - if (wsi->ws->payload_is_close) { - // assert(0); - /* oh... a close frame was it... then we are done */ - goto bail_die; - } - - /* otherwise for PING, leave POLLOUT active either way */ - goto bail_ok; - } - - if (lwsi_role_ws_client(wsi) && !wsi->socket_is_permanently_unusable && - wsi->ws->send_check_ping) { - - lwsl_info("issuing ping on wsi %p\n", wsi); - wsi->ws->send_check_ping = 0; - n = lws_write(wsi, &wsi->ws->ping_payload_buf[LWS_PRE], - 0, LWS_WRITE_PING); - if (n < 0) - goto bail_die; - - /* - * we apparently were able to send the PING in a reasonable time - * now reset the clock on our peer to be able to send the - * PONG in a reasonable time. - */ - - lws_set_timeout(wsi, PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG, - wsi->context->timeout_secs); + /* if we got here, we should have wire protocol ops set on the wsi */ + assert(wsi->role_ops); + if (!wsi->role_ops->handle_POLLOUT) goto bail_ok; - } - - /* Priority 4: if we are closing, not allowed to send more data frags - * which means user callback or tx ext flush banned now - */ - if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) - goto user_service; - /* Priority 5: Tx path extension with more to send - * - * These are handled as new fragments each time around - * So while we must block new writeable callback to enforce - * payload ordering, but since they are always complete - * fragments control packets can interleave OK. - */ - if (lwsi_role_ws_client(wsi) && wsi->ws->tx_draining_ext) { - lwsl_ext("SERVICING TX EXT DRAINING\n"); - if (lws_write(wsi, NULL, 0, LWS_WRITE_CONTINUATION) < 0) - goto bail_die; - /* leave POLLOUT active */ + switch ((wsi->role_ops->handle_POLLOUT)(wsi)) { + case LWS_HP_RET_BAIL_OK: goto bail_ok; - } - - /* Priority 6: extensions - */ -#if !defined(LWS_WITHOUT_EXTENSIONS) - m = lws_ext_cb_active(wsi, LWS_EXT_CB_IS_WRITEABLE, NULL, 0); - if (m) + case LWS_HP_RET_BAIL_DIE: goto bail_die; - - if (!wsi->extension_data_pending) - goto user_service; - - /* - * check in on the active extensions, see if they - * had pending stuff to spill... they need to get the - * first look-in otherwise sequence will be disordered - * - * NULL, zero-length eff_buf means just spill pending - */ - - ret = 1; - if (lwsi_role_raw(wsi)) - ret = 0; - - while (ret == 1) { - - /* default to nobody has more to spill */ - - ret = 0; - eff_buf.token = NULL; - eff_buf.token_len = 0; - - /* give every extension a chance to spill */ - - m = lws_ext_cb_active(wsi, LWS_EXT_CB_PACKET_TX_PRESEND, - &eff_buf, 0); - if (m < 0) { - lwsl_err("ext reports fatal error\n"); - goto bail_die; - } - if (m) - /* - * at least one extension told us he has more - * to spill, so we will go around again after - */ - ret = 1; - - /* assuming they gave us something to send, send it */ - - if (eff_buf.token_len) { - n = lws_issue_raw(wsi, (unsigned char *)eff_buf.token, - eff_buf.token_len); - if (n < 0) { - lwsl_info("closing from POLLOUT spill\n"); - goto bail_die; - } - /* - * Keep amount spilled small to minimize chance of this - */ - if (n != eff_buf.token_len) { - lwsl_err("Unable to spill ext %d vs %d\n", - eff_buf.token_len, n); - goto bail_die; - } - } else - continue; - - /* no extension has more to spill */ - - if (!ret) - continue; - - /* - * There's more to spill from an extension, but we just sent - * something... did that leave the pipe choked? - */ - - if (!lws_send_pipe_choked(wsi)) - /* no we could add more */ - continue; - - lwsl_info("choked in POLLOUT service\n"); - - /* - * Yes, he's choked. Leave the POLLOUT masked on so we will - * come back here when he is unchoked. Don't call the user - * callback to enforce ordering of spilling, he'll get called - * when we come back here and there's nothing more to spill. - */ - - goto bail_ok; + case LWS_HP_RET_USER_SERVICE: + break; + default: + assert(0); } - wsi->extension_data_pending = 0; -#endif - -user_service: /* one shot */ if (wsi->parent_carries_io) { vwsi->handling_pollout = 0; vwsi->leave_pollout_active = 0; - return lws_calllback_as_writeable(wsi); + return lws_callback_as_writeable(wsi); } if (pollfd) { @@ -384,8 +160,9 @@ user_service: vwsi->leave_pollout_active = 0; } - if (lwsi_role_client(wsi) && !wsi->hdr_parsing_completed && - lwsi_state(wsi) != LRS_H2_WAITING_TO_SEND_HEADERS) + if (lwsi_role_client(wsi) && + !wsi->hdr_parsing_completed && + lwsi_state(wsi) != LRS_H2_WAITING_TO_SEND_HEADERS) goto bail_ok; @@ -393,274 +170,20 @@ user_service: user_service_go_again: #endif -#ifdef LWS_WITH_HTTP2 - /* - * we are the 'network wsi' for potentially many muxed child wsi with - * no network connection of their own, who have to use us for all their - * network actions. So we use a round-robin scheme to share out the - * POLLOUT notifications to our children. - * - * But because any child could exhaust the socket's ability to take - * writes, we can only let one child get notified each time. - * - * In addition children may be closed / deleted / added between POLLOUT - * notifications, so we can't hold pointers - */ - - if (!lwsi_role_h2(wsi)) { - lwsl_info("%s: non http2\n", __func__); - goto notify; - } - - wsi = lws_get_network_wsi(wsi); - - wsi->h2.requested_POLLOUT = 0; - if (!wsi->h2.initialized) { - lwsl_info("pollout on uninitialized http2 conn\n"); - goto bail_ok; - } - -// if (SSL_want_read(wsi->ssl) || SSL_want_write(wsi->ssl)) { -// lws_callback_on_writable(wsi); -// goto bail_ok; -// } - - lwsl_info("%s: %p: children waiting for POLLOUT service:\n", __func__, wsi); - wsi2a = wsi->h2.child_list; - while (wsi2a) { - if (wsi2a->h2.requested_POLLOUT) - lwsl_debug(" * %p %s\n", wsi2a, wsi2a->protocol->name); + if (wsi->role_ops->perform_user_POLLOUT) { + if (wsi->role_ops->perform_user_POLLOUT(wsi) == -1) + goto bail_die; else - lwsl_debug(" %p %s\n", wsi2a, wsi2a->protocol->name); - - wsi2a = wsi2a->h2.sibling_list; + goto bail_ok; } - - wsi2 = &wsi->h2.child_list; - if (!*wsi2) - goto bail_ok; - - do { - struct lws *w, **wa; - wa = &(*wsi2)->h2.sibling_list; - if (!(*wsi2)->h2.requested_POLLOUT) - goto next_child; - - /* - * we're going to do writable callback for this child. - * move him to be the last child - */ - - lwsl_debug("servicing child %p\n", *wsi2); - - w = *wsi2; - while (w) { - if (!w->h2.sibling_list) { /* w is the current last */ - lwsl_debug("w=%p, *wsi2 = %p\n", w, *wsi2); - if (w == *wsi2) /* we are already last */ - break; - /* last points to us as new last */ - w->h2.sibling_list = *wsi2; - /* guy pointing to us until now points to - * our old next */ - *wsi2 = (*wsi2)->h2.sibling_list; - /* we point to nothing because we are last */ - w->h2.sibling_list->h2.sibling_list = NULL; - /* w becomes us */ - w = w->h2.sibling_list; - break; - } - w = w->h2.sibling_list; - } - - w->h2.requested_POLLOUT = 0; - lwsl_info("%s: child %p (state %d)\n", __func__, w, lwsi_state(w)); - - /* if we arrived here, even by looping, we checked choked */ - w->could_have_pending = 0; - wsi->could_have_pending = 0; - - if (w->h2.pending_status_body) { - w->h2.send_END_STREAM = 1; - n = lws_write(w, (uint8_t *)w->h2.pending_status_body + - LWS_PRE, - strlen(w->h2.pending_status_body + - LWS_PRE), LWS_WRITE_HTTP_FINAL); - lws_free_set_NULL(w->h2.pending_status_body); - lws_close_free_wsi(w, LWS_CLOSE_STATUS_NOSTATUS, "h2 end stream 1"); - wa = &wsi->h2.child_list; - goto next_child; - } - - if (lwsi_state(w) == LRS_H2_WAITING_TO_SEND_HEADERS) { - if (lws_h2_client_handshake(w)) - return -1; - - goto next_child; - } - - if (lwsi_state(w) == LRS_DEFERRING_ACTION) { - - /* - * we had to defer the http_action to the POLLOUT - * handler, because we know it will send something and - * only in the POLLOUT handler do we know for sure - * that there is no partial pending on the network wsi. - */ - - lwsi_set_state(w, LRS_ESTABLISHED); - - lwsl_info(" h2 action start...\n"); - n = lws_http_action(w); - lwsl_info(" h2 action result %d " - "(wsi->http.rx_content_remain %lld)\n", - n, w->http.rx_content_remain); - - /* - * Commonly we only managed to start a larger transfer - * that will complete asynchronously under its own wsi - * states. In those cases we will hear about - * END_STREAM going out in the POLLOUT handler. - */ - if (n || w->h2.send_END_STREAM) { - lwsl_info("closing stream after h2 action\n"); - lws_close_free_wsi(w, LWS_CLOSE_STATUS_NOSTATUS, "h2 end stream"); - wa = &wsi->h2.child_list; - } - - goto next_child; - } - - if (lwsi_state(w) == LRS_ISSUING_FILE) { - - ((volatile struct lws *)w)->leave_pollout_active = 0; - - /* >0 == completion, <0 == error - * - * We'll get a LWS_CALLBACK_HTTP_FILE_COMPLETION - * callback when it's done. That's the case even if we - * just completed the send, so wait for that. - */ - n = lws_serve_http_file_fragment(w); - lwsl_debug("lws_serve_http_file_fragment says %d\n", n); - - /* - * We will often hear about out having sent the final - * DATA here... if so close the actual wsi - */ - if (n < 0 || w->h2.send_END_STREAM) { - lwsl_debug("Closing POLLOUT child %p\n", w); - lws_close_free_wsi(w, LWS_CLOSE_STATUS_NOSTATUS, "h2 end stream file"); - wa = &wsi->h2.child_list; - goto next_child; - } - if (n > 0) - if (lws_http_transaction_completed(w)) - goto bail_die; - if (!n) { - lws_callback_on_writable(w); - (w)->h2.requested_POLLOUT = 1; - } - - goto next_child; - } - - /* Notify peer that we decided to close */ - - if (lwsi_state(w) == LRS_WAITING_TO_SEND_CLOSE) { - lwsl_debug("sending close packet\n"); - w->waiting_to_send_close_frame = 0; - n = lws_write(w, &w->ws->ping_payload_buf[LWS_PRE], - w->ws->close_in_ping_buffer_len, - LWS_WRITE_CLOSE); - if (n >= 0) { - lwsi_set_state(w, LRS_AWAITING_CLOSE_ACK); - lws_set_timeout(w, PENDING_TIMEOUT_CLOSE_ACK, 5); - lwsl_debug("sent close indication, awaiting ack\n"); - } - - goto next_child; - } - - /* Acknowledge receipt of peer's notification he closed, - * then logically close ourself */ - - if ((lwsi_role_ws(w) && w->ws->ping_pending_flag) || - (lwsi_state(w) == LRS_RETURNED_CLOSE && - w->ws->payload_is_close)) { - - if (w->ws->payload_is_close) - write_type = LWS_WRITE_CLOSE | - LWS_WRITE_H2_STREAM_END; - - n = lws_write(w, &w->ws->ping_payload_buf[LWS_PRE], - w->ws->ping_payload_len, write_type); - if (n < 0) - goto bail_die; - - /* well he is sent, mark him done */ - w->ws->ping_pending_flag = 0; - if (w->ws->payload_is_close) { - /* oh... a close frame was it... then we are done */ - lwsl_debug("Acknowledged peer's close packet\n"); - w->ws->payload_is_close = 0; - lwsi_set_state(w, LRS_RETURNED_CLOSE); - lws_close_free_wsi(w, LWS_CLOSE_STATUS_NOSTATUS, "returned close packet"); - wa = &wsi->h2.child_list; - goto next_child; - } + lwsl_debug("%s: %p: non mux: wsistate 0x%x, ops %s\n", __func__, wsi, + wsi->wsistate, wsi->role_ops->name); - lws_callback_on_writable(w); - (w)->h2.requested_POLLOUT = 1; - - /* otherwise for PING, leave POLLOUT active either way */ - goto next_child; - } - - if (lws_calllback_as_writeable(w)) { - lwsl_info("Closing POLLOUT child (end stream %d)\n", w->h2.send_END_STREAM); - lws_close_free_wsi(w, LWS_CLOSE_STATUS_NOSTATUS, "h2 pollout handle"); - wa = &wsi->h2.child_list; - } else - if (w->h2.send_END_STREAM) - lws_h2_state(w, LWS_H2_STATE_HALF_CLOSED_LOCAL); - -next_child: - wsi2 = wa; - } while (wsi2 && *wsi2 && !lws_send_pipe_choked(wsi)); - - lwsl_info("%s: %p: children waiting for POLLOUT service: %p\n", - __func__, wsi, wsi->h2.child_list); - wsi2a = wsi->h2.child_list; - while (wsi2a) { - if (wsi2a->h2.requested_POLLOUT) - lwsl_debug(" * %p\n", wsi2a); - else - lwsl_debug(" %p\n", wsi2a); - - wsi2a = wsi2a->h2.sibling_list; - } - - - wsi2a = wsi->h2.child_list; - while (wsi2a) { - if (wsi2a->h2.requested_POLLOUT) { - lws_change_pollfd(wsi, 0, LWS_POLLOUT); - break; - } - wsi2a = wsi2a->h2.sibling_list; - } - - goto bail_ok; - - -notify: -#endif vwsi = (volatile struct lws *)wsi; vwsi->leave_pollout_active = 0; - n = lws_calllback_as_writeable(wsi); + n = lws_callback_as_writeable(wsi); vwsi->handling_pollout = 0; if (vwsi->leave_pollout_active) @@ -754,25 +277,10 @@ __lws_service_timeout_check(struct lws *wsi, time_t sec) int lws_rxflow_cache(struct lws *wsi, unsigned char *buf, int n, int len) { -#if defined(LWS_WITH_HTTP2) - if (wsi->upgraded_to_http2) { - struct lws_h2_netconn *h2n = wsi->h2.h2n; - - assert(h2n->rx_scratch); - buf += n; - len -= n; - assert ((char *)buf >= (char *)h2n->rx_scratch && - (char *)&buf[len] <= - (char *)&h2n->rx_scratch[wsi->vhost->h2_rx_scratch_size]); - - h2n->rx_scratch_pos = lws_ptr_diff(buf, h2n->rx_scratch); - h2n->rx_scratch_len = len; - - lwsl_info("%s: %p: pausing h2 rx_scratch\n", __func__, wsi); + if (wsi->role_ops->rxflow_cache) + if (wsi->role_ops->rxflow_cache(wsi, buf, n, len)) + return 0; - return 0; - } -#endif /* his RX is flowcontrolled, don't send remaining now */ if (wsi->rxflow_buffer) { if (buf >= wsi->rxflow_buffer && @@ -821,7 +329,7 @@ lws_service_adjust_timeout(struct lws_context *context, int timeout_ms, int tsi) if (pt->rx_draining_ext_list) return 0; -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) /* 2) if we know we have non-network pending data, do not wait in poll */ if (lws_ssl_anybody_has_buffered_read_tsi(context, tsi)) { lwsl_info("ssl buffered read\n"); @@ -845,6 +353,49 @@ lws_service_adjust_timeout(struct lws_context *context, int timeout_ms, int tsi) return timeout_ms; } + +int +lws_read_or_use_preamble(struct lws_context_per_thread *pt, struct lws *wsi) +{ + int len; + + if (wsi->preamble_rx && wsi->preamble_rx_len) { + memcpy(pt->serv_buf, wsi->preamble_rx, wsi->preamble_rx_len); + lws_free_set_NULL(wsi->preamble_rx); + len = wsi->preamble_rx_len; + lwsl_debug("bringing %d out of stash\n", wsi->preamble_rx_len); + wsi->preamble_rx_len = 0; + + return len; + } + + /* + * ... in the case of pipelined HTTP, this may be + * POST data followed by next headers... + */ + + len = lws_ssl_capable_read(wsi, pt->serv_buf, + wsi->context->pt_serv_buf_size); + lwsl_debug("%s: wsi %p read %d (wsistate 0x%x)\n", + __func__, wsi, len, wsi->wsistate); + switch (len) { + case 0: + lwsl_info("%s: read 0 len b\n", __func__); + + /* fallthru */ + case LWS_SSL_CAPABLE_ERROR: + return -1; + case LWS_SSL_CAPABLE_MORE_SERVICE: + return 0; + } + + if (len < 0) /* coverity */ + return -1; + + return len; +} + + /* * guys that need POLLIN service again without waiting for network action * can force POLLIN here if not flowcontrolled, so they will get service. @@ -855,33 +406,19 @@ int lws_service_flag_pending(struct lws_context *context, int tsi) { struct lws_context_per_thread *pt = &context->pt[tsi]; - struct allocated_headers *ah; -#ifdef LWS_OPENSSL_SUPPORT - struct lws *wsi_next; + +#if defined(LWS_WITH_TLS) + struct lws *wsi, *wsi_next; #endif - struct lws *wsi; int forced = 0; lws_pt_lock(pt, __func__); - /* POLLIN faking */ - - /* - * 1) For all guys with already-available ext data to drain, if they are - * not flowcontrolled, fake their POLLIN status - */ - wsi = pt->rx_draining_ext_list; - while (wsi) { - pt->fds[wsi->position_in_fds_table].revents |= - pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN; - if (pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN) { - forced = 1; - break; - } - wsi = wsi->ws->rx_draining_ext_list; - } +#if defined(LWS_ROLE_WS) + forced |= role_ops_ws.service_flag_pending(context, tsi); +#endif -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) /* * 2) For all guys with buffered SSL read data already saved up, if they * are not flowcontrolled, fake their POLLIN status so they'll get @@ -907,210 +444,34 @@ lws_service_flag_pending(struct lws_context *context, int tsi) wsi = wsi_next; } #endif - /* - * 3) For any wsi who have an ah with pending RX who did not - * complete their current headers, and are not flowcontrolled, - * fake their POLLIN status so they will be able to drain the - * rx buffered in the ah - */ - ah = pt->ah_list; - while (ah) { - if ((ah->rxpos != ah->rxlen && - !ah->wsi->hdr_parsing_completed) || ah->wsi->preamble_rx) { - pt->fds[ah->wsi->position_in_fds_table].revents |= - pt->fds[ah->wsi->position_in_fds_table].events & - LWS_POLLIN; - if (pt->fds[ah->wsi->position_in_fds_table].revents & - LWS_POLLIN) { - forced = 1; - break; - } - } - ah = ah->next; - } + +#if defined(LWS_ROLE_H1) + forced |= role_ops_h1.service_flag_pending(context, tsi); +#else /* they do the same thing... only need one or the other if h1 and h2 */ +#if defined(LWS_ROLE_H2) + forced |= role_ops_h2.service_flag_pending(context, tsi); +#endif +#endif lws_pt_unlock(pt); return forced; } -#ifndef LWS_NO_CLIENT - -LWS_VISIBLE int -lws_http_client_read(struct lws *wsi, char **buf, int *len) -{ - int rlen, n; - - rlen = lws_ssl_capable_read(wsi, (unsigned char *)*buf, *len); - *len = 0; - - /* allow the source to signal he has data again next time */ - lws_change_pollfd(wsi, 0, LWS_POLLIN); - - if (rlen == LWS_SSL_CAPABLE_ERROR) { - lwsl_notice("%s: SSL capable error\n", __func__); - return -1; - } - - if (rlen == 0) - return -1; - - if (rlen < 0) - return 0; - - *len = rlen; - wsi->client_rx_avail = 0; - - /* - * server may insist on transfer-encoding: chunked, - * so http client must deal with it - */ -spin_chunks: - while (wsi->chunked && (wsi->chunk_parser != ELCP_CONTENT) && *len) { - switch (wsi->chunk_parser) { - case ELCP_HEX: - if ((*buf)[0] == '\x0d') { - wsi->chunk_parser = ELCP_CR; - break; - } - n = char_to_hex((*buf)[0]); - if (n < 0) { - lwsl_debug("chunking failure\n"); - return -1; - } - wsi->chunk_remaining <<= 4; - wsi->chunk_remaining |= n; - break; - case ELCP_CR: - if ((*buf)[0] != '\x0a') { - lwsl_debug("chunking failure\n"); - return -1; - } - wsi->chunk_parser = ELCP_CONTENT; - lwsl_info("chunk %d\n", wsi->chunk_remaining); - if (wsi->chunk_remaining) - break; - lwsl_info("final chunk\n"); - goto completed; - - case ELCP_CONTENT: - break; - - case ELCP_POST_CR: - if ((*buf)[0] != '\x0d') { - lwsl_debug("chunking failure\n"); - - return -1; - } - - wsi->chunk_parser = ELCP_POST_LF; - break; - - case ELCP_POST_LF: - if ((*buf)[0] != '\x0a') - return -1; - - wsi->chunk_parser = ELCP_HEX; - wsi->chunk_remaining = 0; - break; - } - (*buf)++; - (*len)--; - } - - if (wsi->chunked && !wsi->chunk_remaining) - return 0; - - if (wsi->http.rx_content_remain && - wsi->http.rx_content_remain < (unsigned int)*len) - n = (int)wsi->http.rx_content_remain; - else - n = *len; - - if (wsi->chunked && wsi->chunk_remaining && - wsi->chunk_remaining < n) - n = wsi->chunk_remaining; - -#ifdef LWS_WITH_HTTP_PROXY - /* hubbub */ - if (wsi->perform_rewrite) - lws_rewrite_parse(wsi->rw, (unsigned char *)*buf, n); - else -#endif - { - struct lws *wsi_eff = lws_client_wsi_effective(wsi); - - if (user_callback_handle_rxflow(wsi_eff->protocol->callback, - wsi_eff, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ, - wsi_eff->user_space, *buf, n)) { - lwsl_debug("%s: RECEIVE_CLIENT_HTTP_READ returned -1\n", - __func__); - - return -1; - } - } - - if (wsi->chunked && wsi->chunk_remaining) { - (*buf) += n; - wsi->chunk_remaining -= n; - *len -= n; - } - - if (wsi->chunked && !wsi->chunk_remaining) - wsi->chunk_parser = ELCP_POST_CR; - - if (wsi->chunked && *len) - goto spin_chunks; - - if (wsi->chunked) - return 0; - - /* if we know the content length, decrement the content remaining */ - if (wsi->http.rx_content_length > 0) - wsi->http.rx_content_remain -= n; - - if (wsi->http.rx_content_remain || !wsi->http.rx_content_length) - return 0; - -completed: - - if (lws_http_transaction_completed_client(wsi)) { - lwsl_notice("%s: transaction completed says -1\n", __func__); - return -1; - } - - return 0; -} -#endif - -static int -lws_is_ws_with_ext(struct lws *wsi) -{ -#if defined(LWS_WITHOUT_EXTENSIONS) - return 0; -#else - return lwsi_role_ws(wsi) && !!wsi->count_act_ext; -#endif -} - -LWS_VISIBLE int -lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, - int tsi) +static int +lws_service_periodic_checks(struct lws_context *context, + struct lws_pollfd *pollfd, int tsi) { struct lws_context_per_thread *pt = &context->pt[tsi]; lws_sockfd_type our_fd = 0, tmp_fd; struct allocated_headers *ah; - struct lws_tokens eff_buf; - unsigned int pending = 0; struct lws *wsi; - char draining_flow = 0; int timed_out = 0; time_t now; - int n = 0, m; - -#if defined(LWS_WITH_HTTP2) - struct lws *wsi1; +#if defined(LWS_WITH_TLS) + int n = 0; #endif + int m; if (!context->protocol_init_done) if (lws_protocol_init(context)) @@ -1149,266 +510,238 @@ lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, context->last_timeout_check_s = now - 1; } - if (lws_compare_time_t(context, context->last_timeout_check_s, now)) { - context->last_timeout_check_s = now; + if (!lws_compare_time_t(context, context->last_timeout_check_s, now)) + return 0; + + context->last_timeout_check_s = now; #if defined(LWS_WITH_STATS) - if (!tsi && now - context->last_dump > 10) { - lws_stats_log_dump(context); - context->last_dump = now; - } + if (!tsi && now - context->last_dump > 10) { + lws_stats_log_dump(context); + context->last_dump = now; + } #endif - lws_plat_service_periodic(context); - lws_check_deferred_free(context, 0); + lws_plat_service_periodic(context); + lws_check_deferred_free(context, 0); #if defined(LWS_WITH_PEER_LIMITS) - lws_peer_cull_peer_wait_list(context); + lws_peer_cull_peer_wait_list(context); #endif - /* retire unused deprecated context */ + /* retire unused deprecated context */ #if !defined(LWS_PLAT_OPTEE) && !defined(LWS_WITH_ESP32) -#if LWS_POSIX && !defined(_WIN32) - if (context->deprecated && !context->count_wsi_allocated) { - lwsl_notice("%s: ending deprecated context\n", __func__); - kill(getpid(), SIGINT); - return 0; - } +#if !defined(_WIN32) + if (context->deprecated && !context->count_wsi_allocated) { + lwsl_notice("%s: ending deprecated context\n", __func__); + kill(getpid(), SIGINT); + return 0; + } #endif #endif - /* global timeout check once per second */ + /* global timeout check once per second */ - if (pollfd) - our_fd = pollfd->fd; + if (pollfd) + our_fd = pollfd->fd; - /* - * Phase 1: check every wsi on the timeout check list - */ + /* + * Phase 1: check every wsi on the timeout check list + */ - lws_pt_lock(pt, __func__); - - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - context->pt[tsi].dll_head_timeout.next) { - wsi = lws_container_of(d, struct lws, dll_timeout); - tmp_fd = wsi->desc.sockfd; - if (__lws_service_timeout_check(wsi, now)) { - /* he did time out... */ - if (tmp_fd == our_fd) - /* it was the guy we came to service! */ - timed_out = 1; - /* he's gone, no need to mark as handled */ - } - } lws_end_foreach_dll_safe(d, d1); + lws_pt_lock(pt, __func__); - /* - * Phase 2: double-check active ah timeouts independent of wsi - * timeout status - */ + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + context->pt[tsi].dll_head_timeout.next) { + wsi = lws_container_of(d, struct lws, dll_timeout); + tmp_fd = wsi->desc.sockfd; + if (__lws_service_timeout_check(wsi, now)) { + /* he did time out... */ + if (tmp_fd == our_fd) + /* it was the guy we came to service! */ + timed_out = 1; + /* he's gone, no need to mark as handled */ + } + } lws_end_foreach_dll_safe(d, d1); - ah = pt->ah_list; - while (ah) { - int len; - char buf[256]; - const unsigned char *c; - - if (!ah->in_use || !ah->wsi || !ah->assigned || - (ah->wsi->vhost && - lws_compare_time_t(context, now, ah->assigned) < - ah->wsi->vhost->timeout_secs_ah_idle + 360)) { - ah = ah->next; - continue; - } + /* + * Phase 2: double-check active ah timeouts independent of wsi + * timeout status + */ - /* - * a single ah session somehow got held for - * an unreasonable amount of time. - * - * Dump info on the connection... - */ - wsi = ah->wsi; - buf[0] = '\0'; + ah = pt->ah_list; + while (ah) { + int len; + char buf[256]; + const unsigned char *c; + + if (!ah->in_use || !ah->wsi || !ah->assigned || + (ah->wsi->vhost && + lws_compare_time_t(context, now, ah->assigned) < + ah->wsi->vhost->timeout_secs_ah_idle + 360)) { + ah = ah->next; + continue; + } + + /* + * a single ah session somehow got held for + * an unreasonable amount of time. + * + * Dump info on the connection... + */ + wsi = ah->wsi; + buf[0] = '\0'; #if !defined(LWS_PLAT_OPTEE) - lws_get_peer_simple(wsi, buf, sizeof(buf)); + lws_get_peer_simple(wsi, buf, sizeof(buf)); #else - buf[0] = '\0'; -#endif - lwsl_notice("ah excessive hold: wsi %p\n" - " peer address: %s\n" - " ah rxpos %u, rxlen %u, pos %u\n", - wsi, buf, ah->rxpos, ah->rxlen, - ah->pos); - buf[0] = '\0'; - m = 0; - do { - c = lws_token_to_string(m); - if (!c) - break; - if (!(*c)) - break; - - len = lws_hdr_total_length(wsi, m); - if (!len || len > (int)sizeof(buf) - 1) { - m++; - continue; - } - - if (lws_hdr_copy(wsi, buf, - sizeof buf, m) > 0) { - buf[sizeof(buf) - 1] = '\0'; + buf[0] = '\0'; +#endif + lwsl_notice("ah excessive hold: wsi %p\n" + " peer address: %s\n" + " ah rxpos %u, rxlen %u, pos %u\n", + wsi, buf, ah->rxpos, ah->rxlen, + ah->pos); + buf[0] = '\0'; + m = 0; + do { + c = lws_token_to_string(m); + if (!c) + break; + if (!(*c)) + break; - lwsl_notice(" %s = %s\n", - (const char *)c, buf); - } + len = lws_hdr_total_length(wsi, m); + if (!len || len > (int)sizeof(buf) - 1) { m++; - } while (1); + continue; + } - /* explicitly detach the ah */ + if (lws_hdr_copy(wsi, buf, + sizeof buf, m) > 0) { + buf[sizeof(buf) - 1] = '\0'; - lws_header_table_force_to_detachable_state(wsi); - lws_header_table_detach(wsi, 0); + lwsl_notice(" %s = %s\n", + (const char *)c, buf); + } + m++; + } while (1); - /* ... and then drop the connection */ + /* explicitly detach the ah */ - if (wsi->desc.sockfd == our_fd) - /* it was the guy we came to service! */ - timed_out = 1; + lws_header_table_force_to_detachable_state(wsi); + lws_header_table_detach(wsi, 0); - __lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "excessive ah"); + /* ... and then drop the connection */ - ah = pt->ah_list; - } + m = 0; + if (wsi->desc.sockfd == our_fd) { + m = timed_out; - lws_pt_unlock(pt); + /* it was the guy we came to service! */ + timed_out = 1; + } -#ifdef LWS_WITH_CGI - /* - * Phase 3: handle cgi timeouts - */ - lws_cgi_kill_terminated(pt); -#endif -#if 0 - { - char s[300], *p = s; + if (!m) /* if he didn't already timeout */ + __lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "excessive ah"); - for (n = 0; n < context->count_threads; n++) - p += sprintf(p, " %7lu (%5d), ", - context->pt[n].count_conns, - context->pt[n].fds_count); + ah = pt->ah_list; + } - lwsl_notice("load: %s\n", s); - } -#endif - /* - * Phase 4: vhost / protocol timer callbacks - */ + lws_pt_unlock(pt); - wsi = NULL; - lws_start_foreach_ll(struct lws_vhost *, v, context->vhost_list) { - struct lws_timed_vh_protocol *nx; - if (v->timed_vh_protocol_list) { - lws_start_foreach_ll(struct lws_timed_vh_protocol *, - q, v->timed_vh_protocol_list) { - if (now >= q->time) { - if (!wsi) - wsi = lws_zalloc(sizeof(*wsi), "cbwsi"); - wsi->context = context; - wsi->vhost = v; - wsi->protocol = q->protocol; - lwsl_debug("timed cb: vh %s, protocol %s, reason %d\n", v->name, q->protocol->name, q->reason); - q->protocol->callback(wsi, q->reason, NULL, NULL, 0); - nx = q->next; - lws_timed_callback_remove(v, q); - q = nx; - continue; /* we pointed ourselves to the next from the now-deleted guy */ - } - } lws_end_foreach_ll(q, next); - } - } lws_end_foreach_ll(v, vhost_next); - if (wsi) - lws_free(wsi); +#if 0 + { + char s[300], *p = s; - /* - * Phase 5: check for unconfigured vhosts due to required - * interface missing before - */ + for (n = 0; n < context->count_threads; n++) + p += sprintf(p, " %7lu (%5d), ", + context->pt[n].count_conns, + context->pt[n].fds_count); - lws_context_lock(context); - lws_start_foreach_llp(struct lws_vhost **, pv, - context->no_listener_vhost_list) { - struct lws_vhost *v = *pv; - lwsl_debug("deferred iface: checking if on vh %s\n", (*pv)->name); - if (lws_context_init_server(NULL, *pv) == 0) { - /* became happy */ - lwsl_notice("vh %s: became connected\n", v->name); - *pv = v->no_listener_vhost_list; - v->no_listener_vhost_list = NULL; - break; - } - } lws_end_foreach_llp(pv, no_listener_vhost_list); - lws_context_unlock(context); + lwsl_notice("load: %s\n", s); } - +#endif /* - * at intervals, check for ws connections needing ping-pong checks + * Phase 3: vhost / protocol timer callbacks */ - if (context->ws_ping_pong_interval && - context->last_ws_ping_pong_check_s < now + 10) { - struct lws_vhost *vh = context->vhost_list; - context->last_ws_ping_pong_check_s = now; - - while (vh) { - - lws_vhost_lock(vh); - - for (n = 0; n < vh->count_protocols; n++) { - wsi = vh->same_vh_protocol_list[n]; - - while (wsi) { - if (lwsi_role_ws(wsi) && - !wsi->socket_is_permanently_unusable && - !wsi->ws->send_check_ping && - wsi->ws->time_next_ping_check && - lws_compare_time_t(context, now, - wsi->ws->time_next_ping_check) > - context->ws_ping_pong_interval) { - - lwsl_info("req pp on wsi %p\n", - wsi); - wsi->ws->send_check_ping = 1; - lws_set_timeout(wsi, - PENDING_TIMEOUT_WS_PONG_CHECK_SEND_PING, - context->timeout_secs); - lws_callback_on_writable(wsi); - wsi->ws->time_next_ping_check = - now; - } - wsi = wsi->same_vh_protocol_next; + wsi = NULL; + lws_start_foreach_ll(struct lws_vhost *, v, context->vhost_list) { + struct lws_timed_vh_protocol *nx; + if (v->timed_vh_protocol_list) { + lws_start_foreach_ll(struct lws_timed_vh_protocol *, + q, v->timed_vh_protocol_list) { + if (now >= q->time) { + if (!wsi) + wsi = lws_zalloc(sizeof(*wsi), "cbwsi"); + wsi->context = context; + wsi->vhost = v; + wsi->protocol = q->protocol; + lwsl_debug("timed cb: vh %s, protocol %s, reason %d\n", v->name, q->protocol->name, q->reason); + q->protocol->callback(wsi, q->reason, NULL, NULL, 0); + nx = q->next; + lws_timed_callback_remove(v, q); + q = nx; + continue; /* we pointed ourselves to the next from the now-deleted guy */ } - } + } lws_end_foreach_ll(q, next); + } + } lws_end_foreach_ll(v, vhost_next); + if (wsi) + lws_free(wsi); - lws_vhost_unlock(vh); + /* + * Phase 4: check for unconfigured vhosts due to required + * interface missing before + */ - vh = vh->vhost_next; + lws_context_lock(context); + lws_start_foreach_llp(struct lws_vhost **, pv, + context->no_listener_vhost_list) { + struct lws_vhost *v = *pv; + lwsl_debug("deferred iface: checking if on vh %s\n", (*pv)->name); + if (lws_context_init_server(NULL, *pv) == 0) { + /* became happy */ + lwsl_notice("vh %s: became connected\n", v->name); + *pv = v->no_listener_vhost_list; + v->no_listener_vhost_list = NULL; + break; } - } + } lws_end_foreach_llp(pv, no_listener_vhost_list); + lws_context_unlock(context); -#ifdef LWS_OPENSSL_SUPPORT /* - * check the remaining cert lifetime daily + * Phase 5: role periodic checks */ +#if defined(LWS_ROLE_WS) + role_ops_ws.periodic_checks(context, tsi, now); +#endif +#if defined(LWS_ROLE_CGI) + role_ops_cgi.periodic_checks(context, tsi, now); +#endif + + /* + * Phase 6: check the remaining cert lifetime daily + */ +#if defined(LWS_WITH_TLS) n = lws_compare_time_t(context, now, context->last_cert_check_s); if ((!context->last_cert_check_s || n > (24 * 60 * 60)) && !lws_tls_check_all_cert_lifetimes(context)) context->last_cert_check_s = now; #endif - /* the socket we came to service timed out, nothing to do */ - if (timed_out) - return 0; + return timed_out; +} + +LWS_VISIBLE int +lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, + int tsi) +{ + struct lws_context_per_thread *pt = &context->pt[tsi]; + struct lws *wsi; - /* just here for timeout management? */ - if (!pollfd) + /* the socket we came to service timed out, nothing to do */ + if (lws_service_periodic_checks(context, pollfd, tsi) || !pollfd) return 0; /* no, here to service a socket descriptor */ @@ -1422,14 +755,13 @@ lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, * zero down pollfd->revents after handling */ -#if LWS_POSIX /* handle session socket closed */ if ((!(pollfd->revents & pollfd->events & LWS_POLLIN)) && (pollfd->revents & LWS_POLLHUP)) { wsi->socket_is_permanently_unusable = 1; lwsl_debug("Session Socket %p (fd=%d) dead\n", - (void *)wsi, pollfd->fd); + (void *)wsi, pollfd->fd); goto close_and_handled; } @@ -1439,8 +771,6 @@ lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, wsi->sock_send_blocking = FALSE; #endif -#endif - if ((!(pollfd->revents & pollfd->events & LWS_POLLIN)) && (pollfd->revents & LWS_POLLHUP)) { lwsl_debug("pollhup\n"); @@ -1448,9 +778,8 @@ lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, goto close_and_handled; } -#ifdef LWS_OPENSSL_SUPPORT +#if defined(LWS_WITH_TLS) if (lwsi_state(wsi) == LRS_SHUTDOWN && lws_is_ssl(wsi) && wsi->ssl) { - n = 0; switch (__lws_tls_shutdown(wsi)) { case LWS_SSL_CAPABLE_DONE: case LWS_SSL_CAPABLE_ERROR: @@ -1467,501 +796,38 @@ lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, /* okay, what we came here to do... */ - // lwsl_err("x 0x%x\n", wsi->wsistate); + /* if we got here, we should have wire protocol ops set on the wsi */ + assert(wsi->role_ops); - switch (lwsi_role(wsi)) { - case LWSI_ROLE_EVENT_PIPE: - { -#if !defined(WIN32) && !defined(_WIN32) - char s[10]; + // lwsl_notice("%s: %s: wsistate 0x%x\n", __func__, wsi->role_ops->name, + // wsi->wsistate); + switch ((wsi->role_ops->handle_POLLIN)(pt, wsi, pollfd)) { + case LWS_HPI_RET_DIE: + return 1; + case LWS_HPI_RET_HANDLED: + break; + case LWS_HPI_RET_CLOSE_HANDLED: +close_and_handled: + lwsl_debug("%p: Close and handled\n", wsi); + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "close_and_handled"); /* - * discard the byte(s) that signaled us - * We really don't care about the number of bytes, but coverity - * thinks we should. - */ - n = read(wsi->desc.sockfd, s, sizeof(s)); - (void)n; - if (n < 0) - goto close_and_handled; -#endif - /* - * the poll() wait, or the event loop for libuv etc is a - * process-wide resource that we interrupted. So let every - * protocol that may be interested in the pipe event know that - * it happened. - */ - if (lws_broadcast(context, LWS_CALLBACK_EVENT_WAIT_CANCELLED, - NULL, 0)) { - lwsl_info("closed in event cancel\n"); - goto close_and_handled; - } - - goto handled; - } - - case LWSI_ROLE_H1_CLIENT: - - if (lwsi_state(wsi) == LRS_ESTABLISHED) - goto handled; - - goto do_client; - - case LWSI_ROLE_H1_SERVER: - case LWSI_ROLE_LISTEN_SOCKET: - -#ifdef LWS_WITH_CGI - if (wsi->cgi && (pollfd->revents & LWS_POLLOUT)) { - n = lws_handle_POLLOUT_event(wsi, pollfd); - if (n) - goto close_and_handled; - goto handled; - } -#endif - /* fallthru */ - case LWSI_ROLE_RAW_SOCKET: - n = lws_server_socket_service(context, wsi, pollfd); - if (n) /* closed by above */ - return 1; - goto handled; - - case LWSI_ROLE_RAW_FILE: - - if (pollfd->revents & LWS_POLLOUT) { - n = lws_calllback_as_writeable(wsi); - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { - lwsl_info("failed at set pollfd\n"); - return 1; - } - if (n) - goto close_and_handled; - } - n = LWS_CALLBACK_RAW_RX; - if (lwsi_role(wsi) == LWSI_ROLE_RAW_FILE) - n = LWS_CALLBACK_RAW_RX_FILE; - - if (pollfd->revents & LWS_POLLIN) { - if (user_callback_handle_rxflow( - wsi->protocol->callback, - wsi, n, wsi->user_space, NULL, 0)) { - lwsl_debug("raw rx callback closed it\n"); - goto close_and_handled; - } - } - - if (pollfd->revents & LWS_POLLHUP) - goto close_and_handled; - n = 0; - goto handled; - - case LWSI_ROLE_WS1_SERVER: - case LWSI_ROLE_WS1_CLIENT: - case LWSI_ROLE_H2_SERVER: - case LWSI_ROLE_WS2_SERVER: - case LWSI_ROLE_H2_CLIENT: - case LWSI_ROLE_WS2_CLIENT: - - lwsl_info("%s: wsistate 0x%x, pollout %d\n", __func__, - wsi->wsistate, pollfd->revents & LWS_POLLOUT); - - /* - * something went wrong with parsing the handshake, and - * we ended up back in the event loop without completing it - */ - if (lwsi_state(wsi) == LRS_PRE_WS_SERVING_ACCEPT) { - wsi->socket_is_permanently_unusable = 1; - goto close_and_handled; - } - - if (lwsi_state(wsi) == LRS_WAITING_CONNECT) - goto do_client; - - /* 1: something requested a callback when it was OK to write */ - - if ((pollfd->revents & LWS_POLLOUT) && - (lwsi_state(wsi) & LWSIFS_POCB) /* ...our state cares ... */ && - lws_handle_POLLOUT_event(wsi, pollfd)) { - if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) - lwsi_set_state(wsi, LRS_FLUSHING_BEFORE_CLOSE); - // lwsl_notice("lws_service_fd: closing\n"); - /* the write failed... it's had it */ - wsi->socket_is_permanently_unusable = 1; - goto close_and_handled; - } - - if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || - lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE || - lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) { - /* - * we stopped caring about anything except control - * packets. Force flow control off, defeat tx - * draining. - */ - lws_rx_flow_control(wsi, 1); - if (wsi->ws) - wsi->ws->tx_draining_ext = 0; - } - - if (wsi->ws && wsi->ws->tx_draining_ext) - /* - * We cannot deal with new RX until the TX ext path has - * been drained. It's because new rx will, eg, crap on - * the wsi rx buf that may be needed to retain state. - * - * TX ext drain path MUST go through event loop to avoid - * blocking. - */ - break; - - if (lws_is_flowcontrolled(wsi)) - /* We cannot deal with any kind of new RX because we are - * RX-flowcontrolled. - */ - break; - -#if defined(LWS_WITH_HTTP2) - if (wsi->http2_substream || wsi->upgraded_to_http2) { - wsi1 = lws_get_network_wsi(wsi); - if (wsi1 && wsi1->trunc_len) - /* We cannot deal with any kind of new RX - * because we are dealing with a partial send - * (new RX may trigger new http_action() that - * expect to be able to send) - */ - break; - } -#endif - - /* 2: RX Extension needs to be drained - */ - - if (lwsi_role_ws(wsi) && wsi->ws && wsi->ws->rx_draining_ext) { - - lwsl_ext("%s: RX EXT DRAINING: Service\n", __func__); -#ifndef LWS_NO_CLIENT - if (lwsi_role_ws_client(wsi)) { - n = lws_client_rx_sm(wsi, 0); - if (n < 0) - /* we closed wsi */ - n = 0; - } else -#endif - n = lws_rx_sm(wsi, 0); - - goto handled; - } - - if (wsi->ws && wsi->ws->rx_draining_ext) - /* - * We have RX EXT content to drain, but can't do it - * right now. That means we cannot do anything lower - * priority either. - */ - break; - - /* 3: RX Flowcontrol buffer / h2 rx scratch needs to be drained - */ - - if (wsi->rxflow_buffer) { - lwsl_info("draining rxflow (len %d)\n", - wsi->rxflow_len - wsi->rxflow_pos); - assert(wsi->rxflow_pos < wsi->rxflow_len); - /* well, drain it */ - eff_buf.token = (char *)wsi->rxflow_buffer + - wsi->rxflow_pos; - eff_buf.token_len = wsi->rxflow_len - wsi->rxflow_pos; - draining_flow = 1; - goto drain; - } - -#if defined(LWS_WITH_HTTP2) - if (wsi->upgraded_to_http2) { - struct lws_h2_netconn *h2n = wsi->h2.h2n; - - if (h2n->rx_scratch_len) { - lwsl_info("%s: %p: h2 rx pos = %d len = %d\n", - __func__, wsi, h2n->rx_scratch_pos, - h2n->rx_scratch_len); - eff_buf.token = (char *)h2n->rx_scratch + - h2n->rx_scratch_pos; - eff_buf.token_len = h2n->rx_scratch_len; - - h2n->rx_scratch_len = 0; - goto drain; - } - } -#endif - - /* 4: any incoming (or ah-stashed incoming rx) data ready? - * notice if rx flow going off raced poll(), rx flow wins - */ - - if (!(pollfd->revents & pollfd->events & LWS_POLLIN)) - break; - -read: - if (lws_is_flowcontrolled(wsi)) { - lwsl_info("%s: %p should be rxflow (bm 0x%x)..\n", - __func__, wsi, wsi->rxflow_bitmap); - break; - } - - if (wsi->ah && wsi->ah->rxlen - wsi->ah->rxpos) { - lwsl_info("%s: %p: inherited ah rx %d\n", __func__, - wsi, wsi->ah->rxlen - wsi->ah->rxpos); - eff_buf.token_len = wsi->ah->rxlen - - wsi->ah->rxpos; - eff_buf.token = (char *)wsi->ah->rx + - wsi->ah->rxpos; - } else { - if (!(lwsi_role_client(wsi) && - (lwsi_state(wsi) != LRS_ESTABLISHED && - lwsi_state(wsi) != LRS_H2_WAITING_TO_SEND_HEADERS))) { - /* - * extension may not consume everything - * (eg, pmd may be constrained - * as to what it can output...) has to go in - * per-wsi rx buf area. - * Otherwise in large temp serv_buf area. - */ - -#if defined(LWS_WITH_HTTP2) - if (wsi->upgraded_to_http2) { - if (!wsi->h2.h2n->rx_scratch) { - wsi->h2.h2n->rx_scratch = - lws_malloc( - wsi->vhost->h2_rx_scratch_size, - "h2 rx scratch"); - if (!wsi->h2.h2n->rx_scratch) - goto close_and_handled; - } - eff_buf.token = wsi->h2.h2n->rx_scratch; - eff_buf.token_len = wsi->vhost->h2_rx_scratch_size; - } else -#endif - { - eff_buf.token = (char *)pt->serv_buf; - if (lws_is_ws_with_ext(wsi)) { - eff_buf.token_len = - wsi->ws->rx_ubuf_alloc; - } else { - eff_buf.token_len = - context->pt_serv_buf_size; - } - - if ((unsigned int)eff_buf.token_len > - context->pt_serv_buf_size) - eff_buf.token_len = - context->pt_serv_buf_size; - } - - if ((int)pending > eff_buf.token_len) - pending = eff_buf.token_len; - - eff_buf.token_len = lws_ssl_capable_read(wsi, - (unsigned char *)eff_buf.token, - pending ? (int)pending : - eff_buf.token_len); - switch (eff_buf.token_len) { - case 0: - lwsl_info("%s: zero length read\n", - __func__); - goto close_and_handled; - case LWS_SSL_CAPABLE_MORE_SERVICE: - lwsl_info("SSL Capable more service\n"); - n = 0; - goto handled; - case LWS_SSL_CAPABLE_ERROR: - lwsl_info("%s: LWS_SSL_CAPABLE_ERROR\n", - __func__); - goto close_and_handled; - } - // lwsl_notice("Actual RX %d\n", eff_buf.token_len); - } - } - -drain: -#ifndef LWS_NO_CLIENT - if (lwsi_role_http_client(wsi) && - wsi->hdr_parsing_completed && - !wsi->told_user_closed) { - - /* - * In SSL mode we get POLLIN notification about - * encrypted data in. - * - * But that is not necessarily related to decrypted - * data out becoming available; in may need to perform - * other in or out before that happens. - * - * simply mark ourselves as having readable data - * and turn off our POLLIN - */ - wsi->client_rx_avail = 1; - lws_change_pollfd(wsi, LWS_POLLIN, 0); - - /* let user code know, he'll usually ask for writeable - * callback and drain / re-enable it there - */ - if (user_callback_handle_rxflow( - wsi->protocol->callback, - wsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP, - wsi->user_space, NULL, 0)) { - lwsl_info("RECEIVE_CLIENT_HTTP closed it\n"); - goto close_and_handled; - } - - n = 0; - goto handled; - } -#endif - /* - * give any active extensions a chance to munge the buffer - * before parse. We pass in a pointer to an lws_tokens struct - * prepared with the default buffer and content length that's in - * there. Rather than rewrite the default buffer, extensions - * that expect to grow the buffer can adapt .token to - * point to their own per-connection buffer in the extension - * user allocation. By default with no extensions or no - * extension callback handling, just the normal input buffer is - * used then so it is efficient. + * pollfd may point to something else after the close + * due to pollfd swapping scheme on delete on some platforms + * we can't clear revents now because it'd be the wrong guy's + * revents */ - m = 0; - do { -#if !defined(LWS_WITHOUT_EXTENSIONS) - m = lws_ext_cb_active(wsi, LWS_EXT_CB_PACKET_RX_PREPARSE, - &eff_buf, 0); - if (m < 0) - goto close_and_handled; -#endif - - /* service incoming data */ - - if (eff_buf.token_len) { - /* - * if draining from rxflow buffer, not - * critical to track what was used since at the - * use it bumps wsi->rxflow_pos. If we come - * around again it will pick up from where it - * left off. - */ - n = lws_read(wsi, (unsigned char *)eff_buf.token, - eff_buf.token_len); - if (n < 0) { - /* we closed wsi */ - n = 0; - goto handled; - } - } - - eff_buf.token = NULL; - eff_buf.token_len = 0; - } while (m); - - if (wsi->ah -#if !defined(LWS_NO_CLIENT) - && !wsi->client_h2_alpn -#endif - ) { - lwsl_info("%s: %p: detaching ah\n", __func__, wsi); - lws_header_table_force_to_detachable_state(wsi); - lws_header_table_detach(wsi, 0); - } - - pending = lws_ssl_pending(wsi); - if (pending) { - if (lws_is_ws_with_ext(wsi)) - pending = pending > wsi->ws->rx_ubuf_alloc ? - wsi->ws->rx_ubuf_alloc : pending; - else - pending = pending > context->pt_serv_buf_size ? - context->pt_serv_buf_size : pending; - goto read; - } - - if (draining_flow && wsi->rxflow_buffer && - wsi->rxflow_pos == wsi->rxflow_len) { - lwsl_info("%s: %p flow buf: drained\n", __func__, wsi); - lws_free_set_NULL(wsi->rxflow_buffer); - /* having drained the rxflow buffer, can rearm POLLIN */ -#ifdef LWS_NO_SERVER - n = -#endif - __lws_rx_flow_control(wsi); - /* n ignored, needed for NO_SERVER case */ - } - - break; -#ifdef LWS_WITH_CGI - case LWSI_ROLE_CGI: /* we exist to handle a cgi's stdin/out/err data... - * do the callback on our master wsi - */ - { - struct lws_cgi_args args; - - if (wsi->cgi_channel >= LWS_STDOUT && - !(pollfd->revents & pollfd->events & LWS_POLLIN)) - break; - if (wsi->cgi_channel == LWS_STDIN && - !(pollfd->revents & pollfd->events & LWS_POLLOUT)) - break; - - if (wsi->cgi_channel == LWS_STDIN) - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { - lwsl_info("failed at set pollfd\n"); - return 1; - } - - args.ch = wsi->cgi_channel; - args.stdwsi = &wsi->parent->cgi->stdwsi[0]; - args.hdr_state = wsi->hdr_state; - - lwsl_debug("CGI LWS_STDOUT %p role 0x%x state 0x%x\n", - wsi->parent, lwsi_role(wsi->parent), - lwsi_state(wsi->parent)); - - if (user_callback_handle_rxflow( - wsi->parent->protocol->callback, - wsi->parent, LWS_CALLBACK_CGI, - wsi->parent->user_space, - (void *)&args, 0)) - return 1; - - break; - } -#endif - } - - n = 0; - goto handled; - -do_client: -#if !defined(LWS_NO_CLIENT) - if ((pollfd->revents & LWS_POLLOUT) && - lws_handle_POLLOUT_event(wsi, pollfd)) { - lwsl_debug("POLLOUT event closed it\n"); - goto close_and_handled; - } - - n = lws_client_socket_service(wsi, pollfd, NULL); - if (n) return 1; -#endif - goto handled; - -close_and_handled: - lwsl_debug("%p: Close and handled\n", wsi); - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "close_and_handled"); - /* - * pollfd may point to something else after the close - * due to pollfd swapping scheme on delete on some platforms - * we can't clear revents now because it'd be the wrong guy's revents - */ - return 1; - + default: + assert(0); + } +#if defined(LWS_WITH_TLS) handled: +#endif pollfd->revents = 0; - return n; + + return 0; } LWS_VISIBLE int diff --git a/lib/tls/tls-client.c b/lib/tls/tls-client.c new file mode 100644 index 0000000..82bdb89 --- /dev/null +++ b/lib/tls/tls-client.c @@ -0,0 +1,150 @@ +/* + * libwebsockets - client-related ssl code independent of backend + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +int +lws_ssl_client_connect1(struct lws *wsi) +{ + struct lws_context *context = wsi->context; + int n = 0; + + lws_latency_pre(context, wsi); + n = lws_tls_client_connect(wsi); + lws_latency(context, wsi, "SSL_connect hs", n, n > 0); + + switch (n) { + case LWS_SSL_CAPABLE_ERROR: + return -1; + case LWS_SSL_CAPABLE_DONE: + return 1; /* connected */ + case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE: + lws_callback_on_writable(wsi); + /* fallthru */ + case LWS_SSL_CAPABLE_MORE_SERVICE_READ: + lwsi_set_state(wsi, LRS_WAITING_SSL); + break; + case LWS_SSL_CAPABLE_MORE_SERVICE: + break; + } + + return 0; /* retry */ +} + +int +lws_ssl_client_connect2(struct lws *wsi, char *errbuf, int len) +{ + int n = 0; + + if (lwsi_state(wsi) == LRS_WAITING_SSL) { + lws_latency_pre(wsi->context, wsi); + + n = lws_tls_client_connect(wsi); + lwsl_debug("%s: SSL_connect says %d\n", __func__, n); + lws_latency(wsi->context, wsi, + "SSL_connect LRS_WAITING_SSL", n, n > 0); + + switch (n) { + case LWS_SSL_CAPABLE_ERROR: + lws_snprintf(errbuf, len, "client connect failed"); + return -1; + case LWS_SSL_CAPABLE_DONE: + break; /* connected */ + case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE: + lws_callback_on_writable(wsi); + /* fallthru */ + case LWS_SSL_CAPABLE_MORE_SERVICE_READ: + lwsi_set_state(wsi, LRS_WAITING_SSL); + /* fallthru */ + case LWS_SSL_CAPABLE_MORE_SERVICE: + return 0; + } + } + + if (lws_tls_client_confirm_peer_cert(wsi, errbuf, len)) + return -1; + + return 1; +} + + +int lws_context_init_client_ssl(struct lws_context_creation_info *info, + struct lws_vhost *vhost) +{ + const char *ca_filepath = info->ssl_ca_filepath; + const char *cipher_list = info->ssl_cipher_list; + const char *private_key_filepath = info->ssl_private_key_filepath; + const char *cert_filepath = info->ssl_cert_filepath; + struct lws wsi; + + if (vhost->options & LWS_SERVER_OPTION_ONLY_RAW) + return 0; + + /* + * for backwards-compatibility default to using ssl_... members, but + * if the newer client-specific ones are given, use those + */ + if (info->client_ssl_cipher_list) + cipher_list = info->client_ssl_cipher_list; + if (info->client_ssl_cert_filepath) + cert_filepath = info->client_ssl_cert_filepath; + if (info->client_ssl_private_key_filepath) + private_key_filepath = info->client_ssl_private_key_filepath; + + if (info->client_ssl_ca_filepath) + ca_filepath = info->client_ssl_ca_filepath; + + if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) + return 0; + + if (vhost->ssl_client_ctx) + return 0; + + if (info->provided_client_ssl_ctx) { + /* use the provided OpenSSL context if given one */ + vhost->ssl_client_ctx = info->provided_client_ssl_ctx; + /* nothing for lib to delete */ + vhost->user_supplied_ssl_ctx = 1; + + return 0; + } + + if (lws_tls_client_create_vhost_context(vhost, info, cipher_list, + ca_filepath, cert_filepath, + private_key_filepath)) + return 1; + + lwsl_notice("created client ssl context for %s\n", vhost->name); + + /* + * give him a fake wsi with context set, so he can use + * lws_get_context() in the callback + */ + memset(&wsi, 0, sizeof(wsi)); + wsi.vhost = vhost; + wsi.context = vhost->context; + + vhost->protocols[0].callback(&wsi, + LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS, + vhost->ssl_client_ctx, NULL, 0); + + return 0; +} diff --git a/lib/tls/tls-server.c b/lib/tls/tls-server.c new file mode 100644 index 0000000..c2a16f7 --- /dev/null +++ b/lib/tls/tls-server.c @@ -0,0 +1,316 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "private-libwebsockets.h" + +LWS_VISIBLE int +lws_context_init_server_ssl(struct lws_context_creation_info *info, + struct lws_vhost *vhost) +{ + struct lws_context *context = vhost->context; + struct lws wsi; + + if (!lws_check_opt(info->options, + LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) { + vhost->use_ssl = 0; + + return 0; + } + + /* + * If he is giving a cert filepath, take it as a sign he wants to use + * it on this vhost. User code can leave the cert filepath NULL and + * set the LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX option itself, in + * which case he's expected to set up the cert himself at + * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, which + * provides the vhost SSL_CTX * in the user parameter. + */ + if (info->ssl_cert_filepath) + info->options |= LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX; + + if (info->port != CONTEXT_PORT_NO_LISTEN) { + + vhost->use_ssl = lws_check_opt(info->options, + LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX); + + if (vhost->use_ssl && info->ssl_cipher_list) + lwsl_notice(" SSL ciphers: '%s'\n", + info->ssl_cipher_list); + + if (vhost->use_ssl) + lwsl_notice(" Using SSL mode\n"); + else + lwsl_notice(" Using non-SSL mode\n"); + } + + /* + * give him a fake wsi with context + vhost set, so he can use + * lws_get_context() in the callback + */ + memset(&wsi, 0, sizeof(wsi)); + wsi.vhost = vhost; + wsi.context = context; + + /* + * as a server, if we are requiring clients to identify themselves + * then set the backend up for it + */ + if (lws_check_opt(info->options, + LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT)) + /* Normally SSL listener rejects non-ssl, optionally allow */ + vhost->allow_non_ssl_on_ssl_port = 1; + + /* + * give user code a chance to load certs into the server + * allowing it to verify incoming client certs + */ + if (vhost->use_ssl) { + if (lws_tls_server_vhost_backend_init(info, vhost, &wsi)) + return -1; + + lws_tls_server_client_cert_verify_config(vhost); + + if (vhost->protocols[0].callback(&wsi, + LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, + vhost->ssl_ctx, vhost, 0)) + return -1; + } + + if (vhost->use_ssl) + /* + * SSL is happy and has a cert it's content with + * If we're supporting HTTP2, initialize that + */ + lws_context_init_http2_ssl(vhost); + + return 0; +} + +LWS_VISIBLE int +lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd) +{ + struct lws_context *context = wsi->context; + struct lws_vhost *vh; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + int n; + char buf[256]; + + (void)buf; + + if (!LWS_SSL_ENABLED(wsi->vhost)) + return 0; + + switch (lwsi_state(wsi)) { + case LRS_SSL_INIT: + + if (wsi->ssl) + lwsl_err("%s: leaking ssl\n", __func__); + if (accept_fd == LWS_SOCK_INVALID) + assert(0); + if (context->simultaneous_ssl_restriction && + context->simultaneous_ssl >= + context->simultaneous_ssl_restriction) { + lwsl_notice("unable to deal with SSL connection\n"); + return 1; + } + + if (lws_tls_server_new_nonblocking(wsi, accept_fd)) { + if (accept_fd != LWS_SOCK_INVALID) + compatible_close(accept_fd); + goto fail; + } + + if (context->simultaneous_ssl_restriction && + ++context->simultaneous_ssl == + context->simultaneous_ssl_restriction) + /* that was the last allowed SSL connection */ + lws_gate_accepts(context, 0); + +#if defined(LWS_WITH_STATS) + context->updated = 1; +#endif + /* + * we are not accepted yet, but we need to enter ourselves + * as a live connection. That way we can retry when more + * pieces come if we're not sorted yet + */ + lwsi_set_state(wsi, LRS_SSL_ACK_PENDING); + + lws_pt_lock(pt, __func__); + if (__insert_wsi_socket_into_fds(context, wsi)) { + lwsl_err("%s: failed to insert into fds\n", __func__); + goto fail; + } + lws_pt_unlock(pt); + + lws_set_timeout(wsi, PENDING_TIMEOUT_SSL_ACCEPT, + context->timeout_secs); + + lwsl_debug("inserted SSL accept into fds, trying SSL_accept\n"); + + /* fallthru */ + + case LRS_SSL_ACK_PENDING: + + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_err("%s: lws_change_pollfd failed\n", __func__); + goto fail; + } + + lws_latency_pre(context, wsi); + + if (wsi->vhost->allow_non_ssl_on_ssl_port) { + + n = recv(wsi->desc.sockfd, (char *)pt->serv_buf, + context->pt_serv_buf_size, MSG_PEEK); + + /* + * optionally allow non-SSL connect on SSL listening socket + * This is disabled by default, if enabled it goes around any + * SSL-level access control (eg, client-side certs) so leave + * it disabled unless you know it's not a problem for you + */ + if (n >= 1 && pt->serv_buf[0] >= ' ') { + /* + * TLS content-type for Handshake is 0x16, and + * for ChangeCipherSpec Record, it's 0x14 + * + * A non-ssl session will start with the HTTP + * method in ASCII. If we see it's not a legit + * SSL handshake kill the SSL for this + * connection and try to handle as a HTTP + * connection upgrade directly. + */ + wsi->use_ssl = 0; + + lws_tls_server_abort_connection(wsi); + /* + * care... this creates wsi with no ssl + * when ssl is enabled and normally + * mandatory + */ + wsi->ssl = NULL; + if (lws_check_opt(context->options, + LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS)) + wsi->redirect_to_https = 1; + lwsl_debug("accepted as non-ssl\n"); + goto accepted; + } + if (!n) { + /* + * connection is gone, fail out + */ + lwsl_debug("PEEKed 0\n"); + goto fail; + } + if (n < 0 && (LWS_ERRNO == LWS_EAGAIN || + LWS_ERRNO == LWS_EWOULDBLOCK)) { + /* + * well, we get no way to know ssl or not + * so go around again waiting for something + * to come and give us a hint, or timeout the + * connection. + */ + if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) { + lwsl_info("%s: change_pollfd failed\n", + __func__); + return -1; + } + + lwsl_info("SSL_ERROR_WANT_READ\n"); + return 0; + } + } + + /* normal SSL connection processing path */ + +#if defined(LWS_WITH_STATS) + if (!wsi->accept_start_us) + wsi->accept_start_us = time_in_microseconds(); +#endif + errno = 0; + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN, 1); + n = lws_tls_server_accept(wsi); + lws_latency(context, wsi, + "SSL_accept LRS_SSL_ACK_PENDING\n", n, n == 1); + lwsl_info("SSL_accept says %d\n", n); + switch (n) { + case LWS_SSL_CAPABLE_DONE: + break; + case LWS_SSL_CAPABLE_ERROR: + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_SSL_CONNECTIONS_FAILED, 1); + lwsl_info("SSL_accept failed socket %u: %d\n", + wsi->desc.sockfd, n); + wsi->socket_is_permanently_unusable = 1; + goto fail; + + default: /* MORE_SERVICE */ + return 0; + } + + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED, 1); +#if defined(LWS_WITH_STATS) + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY, + time_in_microseconds() - wsi->accept_start_us); + wsi->accept_start_us = time_in_microseconds(); +#endif + +accepted: + + /* adapt our vhost to match the SNI SSL_CTX that was chosen */ + vh = context->vhost_list; + while (vh) { + if (!vh->being_destroyed && wsi->ssl && + vh->ssl_ctx == lws_tls_ctx_from_wsi(wsi)) { + lwsl_info("setting wsi to vh %s\n", vh->name); + wsi->vhost = vh; + break; + } + vh = vh->vhost_next; + } + + /* OK, we are accepted... give him some time to negotiate */ + lws_set_timeout(wsi, PENDING_TIMEOUT_ESTABLISH_WITH_SERVER, + context->timeout_secs); + + lwsi_set_state(wsi, LRS_ESTABLISHED); + +#if defined(LWS_WITH_HTTP2) + if (lws_h2_configure_if_upgraded(wsi)) + goto fail; +#endif + lwsl_debug("accepted new SSL conn\n"); + break; + + default: + break; + } + + return 0; + +fail: + return 1; +} + diff --git a/minimal-examples/http-client/minimal-http-client-multi/README.md b/minimal-examples/http-client/minimal-http-client-multi/README.md index b47f66c..f31b622 100644 --- a/minimal-examples/http-client/minimal-http-client-multi/README.md +++ b/minimal-examples/http-client/minimal-http-client-multi/README.md @@ -13,3 +13,12 @@ same as minimal http client. However it does it for 8 client connections concurrently. +## Commandline Options + +Option|Meaning +---|--- +-s|Stagger the connections by 100ms, the last by 1s +-p|Use http/1.1 pipelining or h2 simultaneous streams +--h1|Force http/1 only +-l|Connect to server on https://localhost:7681 instead of https://warmcat.com:443 + diff --git a/minimal-examples/http-client/minimal-http-client-multi/minimal-http-client-multi.c b/minimal-examples/http-client/minimal-http-client-multi/minimal-http-client-multi.c index a1a213d..6e27103 100644 --- a/minimal-examples/http-client/minimal-http-client-multi/minimal-http-client-multi.c +++ b/minimal-examples/http-client/minimal-http-client-multi/minimal-http-client-multi.c @@ -35,7 +35,6 @@ #include #define COUNT 8 -//#define STAGGERED_CONNECTIONS struct user { int index; @@ -136,36 +135,15 @@ unsigned long long us(void) } static void -lws_try_client_connection(struct lws_context *context, int m) +lws_try_client_connection(struct lws_client_connect_info *i, int m) { - struct lws_client_connect_info i; - - memset(&i, 0, sizeof i); /* otherwise uninitialized garbage */ - i.context = context; - -#if 0 - i.port = 7681; - i.address = "localhost"; -#else - i.port = 443; - i.address = "warmcat.com"; -#endif - i.path = "/"; - i.host = i.address; - i.origin = i.address; - i.ssl_connection = LCCSCF_PIPELINE | /* enables h1 or h2 connection sharing */ - // LCCSCF_NOT_H2 | /* forces http/1 */ - LCCSCF_ALLOW_SELFSIGNED | /* allow selfsigned cert */ - LCCSCF_USE_SSL; - i.method = "GET"; + i->path = "/"; - i.protocol = protocols[0].name; - - i.pwsi = &client_wsi[m]; + i->pwsi = &client_wsi[m]; user[m].index = m; - i.userdata = &user[m]; + i->userdata = &user[m]; - if (!lws_client_connect_via_info(&i)) { + if (!lws_client_connect_via_info(i)) { failed++; if (++completed == COUNT) { lwsl_user("Done: failed: %d\n", failed); @@ -175,27 +153,45 @@ lws_try_client_connection(struct lws_context *context, int m) lwsl_user("started connection %d\n", m); } +static int commandline_option(int argc, char **argv, const char *val) +{ + int n = strlen(val); + + while (--argc > 0) { + if (!strncmp(argv[argc], val, n)) + return argc; + } + + return 0; +} + int main(int argc, char **argv) { struct lws_context_creation_info info; + struct lws_client_connect_info i; struct lws_context *context; - unsigned long long start -#if defined(STAGGERED_CONNECTIONS) - , next -#endif - ; - int n = 0, m; + unsigned long long start, next; + int n = 0, m, staggered = 0, logs = + LLL_USER | LLL_ERR | LLL_WARN | LLL_NOTICE + /* for LLL_ verbosity above NOTICE to be built into lws, + * lws must have been configured and built with + * -DCMAKE_BUILD_TYPE=DEBUG instead of =RELEASE */ + /* | LLL_INFO */ /* | LLL_PARSER */ /* | LLL_HEADER */ + /* | LLL_EXT */ /* | LLL_CLIENT */ /* | LLL_LATENCY */ + /* | LLL_DEBUG */; signal(SIGINT, sigint_handler); - lws_set_log_level(LLL_USER | LLL_ERR | LLL_WARN | LLL_NOTICE - /* for LLL_ verbosity above NOTICE to be built into lws, - * lws must have been configured and built with - * -DCMAKE_BUILD_TYPE=DEBUG instead of =RELEASE */ - /* | LLL_INFO */ /* | LLL_PARSER */ /* | LLL_HEADER */ - /* | LLL_EXT */ /* | LLL_CLIENT */ /* | LLL_LATENCY */ - /* | LLL_DEBUG */, NULL); - lwsl_user("LWS minimal http client\n"); + memset(&i, 0, sizeof i); /* otherwise uninitialized garbage */ + + staggered = !!commandline_option(argc, argv, "-s"); + m = commandline_option(argc, argv, "-d"); + if (m && m + 1 < argc) + logs = atoi(argv[m + 1]); + + lws_set_log_level(logs, NULL); + lwsl_user("LWS minimal http client [-s (staggered)] [-p (pipeline)]\n"); + lwsl_user(" [--h1 (http/1 only)] [-l (localhost)]\n"); memset(&info, 0, sizeof info); /* otherwise uninitialized garbage */ info.options = LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT; @@ -218,43 +214,67 @@ int main(int argc, char **argv) return 1; } -#if !defined(STAGGERED_CONNECTIONS) - /* - * just pile on all the connections at once, testing the queueing - */ - for (m = 0; m < (int)LWS_ARRAY_SIZE(client_wsi); m++) - lws_try_client_connection(context, m); -#else - next = -#endif - start = us(); - m = 0; - while (n >= 0 && !interrupted) { + i.context = context; + i.ssl_connection = LCCSCF_USE_SSL; + + /* enables h1 or h2 connection sharing */ + if (commandline_option(argc, argv, "-p")) + i.ssl_connection |= LCCSCF_PIPELINE; + + /* force h1 even if h2 available */ + if (commandline_option(argc, argv, "--h1")) + i.ssl_connection |= LCCSCF_NOT_H2; + + if (commandline_option(argc, argv, "-l")) { + i.port = 7681; + i.address = "localhost"; + i.ssl_connection |= LCCSCF_ALLOW_SELFSIGNED; + } else { + i.port = 443; + i.address = "warmcat.com"; + } + + i.host = i.address; + i.origin = i.address; + i.method = "GET"; + i.protocol = protocols[0].name; -#if defined(STAGGERED_CONNECTIONS) + if (!staggered) /* - * open the connections at 100ms intervals, with the last - * one being after 1s, testing queueing, and direct H2 stream - * addition stability + * just pile on all the connections at once, testing the + * pipeline queueing before the first is connected */ - if (us() > next && m < (int)LWS_ARRAY_SIZE(client_wsi)) { + for (m = 0; m < (int)LWS_ARRAY_SIZE(client_wsi); m++) + lws_try_client_connection(&i, m); + + next = start = us(); + m = 0; + while (n >= 0 && !interrupted) { - lws_try_client_connection(context, m++); + if (staggered) { + /* + * open the connections at 100ms intervals, with the + * last one being after 1s, testing both queueing, and + * direct H2 stream addition stability + */ + if (us() > next && m < (int)LWS_ARRAY_SIZE(client_wsi)) { - if (m == (int)LWS_ARRAY_SIZE(client_wsi) - 1) - next = us() + 1000000; - else - next = us() + 100000; + lws_try_client_connection(&i, m++); + + if (m == (int)LWS_ARRAY_SIZE(client_wsi) - 1) + next = us() + 1000000; + else + next = us() + 100000; + } } -#endif - n = lws_service(context, 1000); + n = lws_service(context, 100); } lwsl_user("Duration: %lldms\n", (us() - start) / 1000); - lws_context_destroy(context); - lwsl_user("Completed\n"); - return 0; + lwsl_user("Exiting with %d\n", failed || completed != COUNT); + + return failed || completed != COUNT; } diff --git a/minimal-examples/raw/minimal-raw-adopt-tcp/README.md b/minimal-examples/raw/minimal-raw-adopt-tcp/README.md index 6f54806..605c722 100644 --- a/minimal-examples/raw/minimal-raw-adopt-tcp/README.md +++ b/minimal-examples/raw/minimal-raw-adopt-tcp/README.md @@ -16,6 +16,9 @@ The example connects a socket itself to libwebsockets.org:80, and then has lws adopt it as a raw wsi. The lws protocol writes "GET / HTTP/1.1" to the socket and hexdumps what was sent back. +The socket won't close until the server side times it out, since it's +a raw socket that doesn't understand it's looking at http. + ## build ``` diff --git a/minimal-examples/raw/minimal-raw-adopt-tcp/minimal-raw-adopt-tcp.c b/minimal-examples/raw/minimal-raw-adopt-tcp/minimal-raw-adopt-tcp.c index 86b82ca..b975662 100644 --- a/minimal-examples/raw/minimal-raw-adopt-tcp/minimal-raw-adopt-tcp.c +++ b/minimal-examples/raw/minimal-raw-adopt-tcp/minimal-raw-adopt-tcp.c @@ -111,7 +111,7 @@ int main(int argc, char **argv) return 1; } - info.port = 7681; + info.port = CONTEXT_PORT_NO_LISTEN_SERVER; info.protocols = protocols; vhost = lws_create_vhost(context, &info); diff --git a/test-apps/test-client.c b/test-apps/test-client.c index 88bc8de..6905640 100644 --- a/test-apps/test-client.c +++ b/test-apps/test-client.c @@ -54,7 +54,7 @@ static struct lws_poly_gen tx = { { 0xabcde, 0x23456789 } }, rx = { { 0xabcde, 0x23456789 } } ; -#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param) +#if defined(LWS_WITH_TLS) && defined(LWS_HAVE_SSL_CTX_set1_param) char crl_path[1024] = ""; #endif @@ -116,7 +116,7 @@ static int callback_dumb_increment(struct lws *wsi, enum lws_callback_reasons reason, void *user, void *in, size_t len) { -#if defined(LWS_OPENSSL_SUPPORT) +#if defined(LWS_WITH_TLS) union lws_tls_cert_info_results ci; #endif const char *which = "http"; @@ -177,7 +177,7 @@ callback_dumb_increment(struct lws *wsi, enum lws_callback_reasons reason, case LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP: lwsl_notice("lws_http_client_http_response %d\n", lws_http_client_http_response(wsi)); -#if defined(LWS_OPENSSL_SUPPORT) +#if defined(LWS_WITH_TLS) if (!lws_tls_peer_cert_info(wsi, LWS_TLS_CERT_INFO_COMMON_NAME, &ci, sizeof(ci.ns.name))) lwsl_notice(" Peer Cert CN : %s\n", ci.ns.name); @@ -272,7 +272,7 @@ callback_dumb_increment(struct lws *wsi, enum lws_callback_reasons reason, force_exit = 1; break; -#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param) && \ +#if defined(LWS_WITH_TLS) && defined(LWS_HAVE_SSL_CTX_set1_param) && \ !defined(LWS_WITH_MBEDTLS) case LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS: if (crl_path[0]) { @@ -419,7 +419,7 @@ callback_lws_mirror(struct lws *wsi, enum lws_callback_reasons reason, lws_callback_on_writable(wsi); #if !defined(_WIN32) && !defined(WIN32) - usleep(250); + usleep(50); #endif break; @@ -545,7 +545,7 @@ static struct option options[] = { { "ssl-cert", required_argument, NULL, 'C' }, { "ssl-key", required_argument, NULL, 'K' }, { "ssl-ca", required_argument, NULL, 'A' }, -#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param) +#if defined(LWS_WITH_TLS) && defined(LWS_HAVE_SSL_CTX_set1_param) { "ssl-crl", required_argument, NULL, 'R' }, #endif { NULL, 0, 0, 0 } @@ -650,7 +650,7 @@ int main(int argc, char **argv) lws_strncpy(ca_path, optarg, sizeof(ca_path)); break; -#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param) +#if defined(LWS_WITH_TLS) && defined(LWS_HAVE_SSL_CTX_set1_param) case 'R': lws_strncpy(crl_path, optarg, sizeof(crl_path)); break; @@ -697,7 +697,7 @@ int main(int argc, char **argv) info.ws_ping_pong_interval = pp_secs; info.extensions = exts; -#if defined(LWS_OPENSSL_SUPPORT) +#if defined(LWS_WITH_TLS) info.options |= LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT; #endif @@ -718,7 +718,7 @@ int main(int argc, char **argv) if (ca_path[0]) info.client_ssl_ca_filepath = ca_path; -#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param) +#if defined(LWS_WITH_TLS) && defined(LWS_HAVE_SSL_CTX_set1_param) else if (crl_path[0]) lwsl_notice("WARNING, providing a CRL requires a CA cert!\n"); #endif diff --git a/test-apps/test-server-http.c b/test-apps/test-server-http.c index d895d26..1fb9f50 100644 --- a/test-apps/test-server-http.c +++ b/test-apps/test-server-http.c @@ -34,7 +34,7 @@ * using this protocol, including the sender */ -#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param) +#if defined(LWS_WITH_TLS) && defined(LWS_HAVE_SSL_CTX_set1_param) /* location of the certificate revocation list */ extern char crl_path[1024]; #endif @@ -230,7 +230,7 @@ int callback_http(struct lws *wsi, enum lws_callback_reasons reason, void *user, goto try_to_reuse; } -#if !defined(LWS_NO_CLIENT) && defined(LWS_OPENSSL_SUPPORT) +#if !defined(LWS_NO_CLIENT) && defined(LWS_WITH_TLS) if (!strncmp(in, "/proxytest", 10)) { struct lws_client_connect_info i; char *rootpath = "/git/"; @@ -773,7 +773,7 @@ bail: break; -#if defined(LWS_OPENSSL_SUPPORT) && !defined(LWS_WITH_MBEDTLS) +#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) case LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION: /* Verify the client certificate */ if (!len || (SSL_get_verify_result((SSL*)in) != X509_V_OK)) { diff --git a/test-apps/test-server-libev.c b/test-apps/test-server-libev.c index 5766c0c..5b86bd6 100644 --- a/test-apps/test-server-libev.c +++ b/test-apps/test-server-libev.c @@ -30,7 +30,7 @@ struct lws_plat_file_ops fops_plat; #define LOCAL_RESOURCE_PATH INSTALL_DATADIR"/libwebsockets-test-server" char *resource_path = LOCAL_RESOURCE_PATH; -#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param) +#if defined(LWS_WITH_TLS) && defined(LWS_HAVE_SSL_CTX_set1_param) char crl_path[1024] = ""; #endif diff --git a/test-apps/test-server-libevent.c b/test-apps/test-server-libevent.c index 932701e..d57622d 100644 --- a/test-apps/test-server-libevent.c +++ b/test-apps/test-server-libevent.c @@ -30,7 +30,7 @@ struct lws_plat_file_ops fops_plat; #define LOCAL_RESOURCE_PATH INSTALL_DATADIR"/libwebsockets-test-server" char *resource_path = LOCAL_RESOURCE_PATH; -#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param) +#if defined(LWS_WITH_TLS) && defined(LWS_HAVE_SSL_CTX_set1_param) char crl_path[1024] = ""; #endif diff --git a/test-apps/test-server-libuv.c b/test-apps/test-server-libuv.c index c4612e5..c27e779 100644 --- a/test-apps/test-server-libuv.c +++ b/test-apps/test-server-libuv.c @@ -33,7 +33,7 @@ struct lws_plat_file_ops fops_plat; #define LOCAL_RESOURCE_PATH INSTALL_DATADIR"/libwebsockets-test-server" char *resource_path = LOCAL_RESOURCE_PATH; -#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param) +#if defined(LWS_WITH_TLS) && defined(LWS_HAVE_SSL_CTX_set1_param) char crl_path[1024] = ""; #endif diff --git a/test-apps/test-server-pthreads.c b/test-apps/test-server-pthreads.c index bb090a2..b7dbd42 100644 --- a/test-apps/test-server-pthreads.c +++ b/test-apps/test-server-pthreads.c @@ -33,7 +33,7 @@ int count_pollfds; volatile int force_exit = 0; struct lws_context *context; -#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param) +#if defined(LWS_WITH_TLS) && defined(LWS_HAVE_SSL_CTX_set1_param) char crl_path[1024] = ""; #endif diff --git a/test-apps/test-server-v2.0.c b/test-apps/test-server-v2.0.c index ee2c032..5e1fda7 100644 --- a/test-apps/test-server-v2.0.c +++ b/test-apps/test-server-v2.0.c @@ -46,7 +46,7 @@ uv_timer_t timeout_watcher; #define LOCAL_RESOURCE_PATH INSTALL_DATADIR"/libwebsockets-test-server" char *resource_path = LOCAL_RESOURCE_PATH; -#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param) +#if defined(LWS_WITH_TLS) && defined(LWS_HAVE_SSL_CTX_set1_param) char crl_path[1024] = ""; #endif @@ -296,7 +296,7 @@ static const struct option options[] = { { "ssl-cert", required_argument, NULL, 'C' }, { "ssl-key", required_argument, NULL, 'K' }, { "ssl-ca", required_argument, NULL, 'A' }, -#if defined(LWS_OPENSSL_SUPPORT) +#if defined(LWS_WITH_TLS) { "ssl-verify-client", no_argument, NULL, 'v' }, #if defined(LWS_HAVE_SSL_CTX_set1_param) { "ssl-crl", required_argument, NULL, 'R' }, @@ -363,7 +363,7 @@ int main(int argc, char **argv) use_ssl = 1; break; case 'S': -#if defined(LWS_OPENSSL_SUPPORT) && !defined(LWS_WITH_MBEDTLS) +#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) info.ssl_info_event_mask |= SSL_CB_ALERT; #endif break; @@ -390,7 +390,7 @@ int main(int argc, char **argv) case 'A': lws_strncpy(ca_path, optarg, sizeof(ca_path)); break; -#if defined(LWS_OPENSSL_SUPPORT) +#if defined(LWS_WITH_TLS) case 'v': use_ssl = 1; opts |= LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT; diff --git a/test-apps/test-server.c b/test-apps/test-server.c index 9e75a0f..9e86590 100644 --- a/test-apps/test-server.c +++ b/test-apps/test-server.c @@ -37,7 +37,7 @@ struct lws_plat_file_ops fops_plat; /* http server gets files from this path */ #define LOCAL_RESOURCE_PATH INSTALL_DATADIR"/libwebsockets-test-server" char *resource_path = LOCAL_RESOURCE_PATH; -#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param) +#if defined(LWS_WITH_TLS) && defined(LWS_HAVE_SSL_CTX_set1_param) char crl_path[1024] = ""; #endif @@ -211,7 +211,7 @@ static struct option options[] = { { "ssl-cert", required_argument, NULL, 'C' }, { "ssl-key", required_argument, NULL, 'K' }, { "ssl-ca", required_argument, NULL, 'A' }, -#if defined(LWS_OPENSSL_SUPPORT) +#if defined(LWS_WITH_TLS) { "ssl-verify-client", no_argument, NULL, 'v' }, #if defined(LWS_HAVE_SSL_CTX_set1_param) { "ssl-crl", required_argument, NULL, 'R' }, @@ -339,7 +339,7 @@ int main(int argc, char **argv) pp_secs = atoi(optarg); lwsl_notice("Setting pingpong interval to %d\n", pp_secs); break; -#if defined(LWS_OPENSSL_SUPPORT) +#if defined(LWS_WITH_TLS) case 'v': use_ssl = 1; opts |= LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT; @@ -475,7 +475,7 @@ int main(int argc, char **argv) info.port++; -#if !defined(LWS_NO_CLIENT) && defined(LWS_OPENSSL_SUPPORT) +#if !defined(LWS_NO_CLIENT) && defined(LWS_WITH_TLS) lws_init_vhost_client_ssl(&info, vhost); #endif diff --git a/test-apps/test-server.h b/test-apps/test-server.h index 892f1e0..c877504 100644 --- a/test-apps/test-server.h +++ b/test-apps/test-server.h @@ -63,7 +63,7 @@ extern int count_pollfds; extern volatile int force_exit; extern struct lws_context *context; extern char *resource_path; -#if defined(LWS_OPENSSL_SUPPORT) && defined(LWS_HAVE_SSL_CTX_set1_param) +#if defined(LWS_WITH_TLS) && defined(LWS_HAVE_SSL_CTX_set1_param) extern char crl_path[1024]; #endif