Implement pongs, move to multiple TLUs

1 files changed, 491 insertions, 0 deletions

diff --git a/websocket.c b/websocket.c
new file mode 100644
index 0000000..c90c71e
--- /dev/null
+++ b/websocket.c
@@ -0,0 +1,491 @@
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <ctype.h>
+#include <errno.h>
+
+#include "websocket.h"
+#include "network.h"
+
+#define RFC6455_MAGIC_KEY "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
+#define WS_FRAME_HEADER_LEN 16
+
+#define WS_FLAG_FIN 0x80
+#define WS_GET_FIN(a) ((a & WS_FLAG_FIN) >> 7)
+#define WS_GET_RESERVED(a) ((a & 0xE0) >> 4)
+#define WS_GET_OP(a) ((a & 0x0F))
+#define WS_GET_MASK(a) ((a & 0x80) >> 7)
+#define WS_GET_LEN(a) ((a & 0x7F))
+
+int ws_close(websocket* ws, ws_close_reason code, char* reason){
+	size_t p;
+	ws_peer_info empty_peer = {
+		0
+	};
+
+	if(ws->state == ws_open && reason){
+		//TODO send close frame
+	}
+	ws->state = ws_closed;
+
+	if(ws->ws_fd >= 0){
+		close(ws->ws_fd);
+		ws->ws_fd = -1;
+	}
+
+	if(ws->peer_fd >= 0){
+		close(ws->peer_fd);
+		ws->peer_fd = -1;
+		//clean up framing data
+		if(ws->peer_framing_data){
+			ws->peer.framing(NULL, 0, 0, NULL, &(ws->peer_framing_data), ws->peer.framing_config);
+			ws->peer_framing_data = NULL;
+		}
+	}
+
+	for(p = 0; p < ws->headers; p++){
+		free(ws->header[p].tag);
+		ws->header[p].tag = NULL;
+		free(ws->header[p].value);
+		ws->header[p].value = NULL;
+	}
+	ws->headers = 0;
+
+	for(p = 0; p < ws->protocols; p++){
+		free(ws->protocol[p]);
+	}
+	ws->protocols = 0;
+	ws->protocol = NULL;
+
+	ws->read_buffer_offset = 0;
+	ws->peer_buffer_offset = 0;
+
+	free(ws->request_path);
+	ws->request_path = NULL;
+
+	free(ws->socket_key);
+	ws->socket_key = NULL;
+
+	ws->websocket_version = 0;
+	ws->want_upgrade = 0;
+
+	free(ws->peer.host);
+	free(ws->peer.port);
+	free(ws->peer.framing_config);
+	ws->peer = empty_peer;
+
+	return 0;
+}
+
+int ws_accept(int listen_fd){
+	websocket ws = {
+		.ws_fd = accept(listen_fd, NULL, NULL),
+		.peer_fd = -1
+	};
+
+	return client_register(&ws);
+}
+
+static int ws_handle_new(websocket* ws){
+	size_t u;
+	char* path, *proto;
+
+	if(!strncmp((char*) ws->read_buffer, "GET ", 4)){
+		path = (char*) ws->read_buffer + 4;
+		for(u = 0; path[u] && !isspace(path[u]); u++){
+		}
+		path[u] = 0;
+		proto = path + u + 1;
+	}
+	//TODO handle other methods
+	else{
+		fprintf(stderr, "Unknown HTTP method in request\n");
+		return 1;
+	}
+
+	if(strncmp(proto, "HTTP/", 5)){
+		fprintf(stderr, "Malformed HTTP initiation\n");
+		return 1;
+	}
+
+	ws->state = ws_http;
+	ws->request_path = strdup(path);
+	return 0;
+}
+
+static int ws_upgrade_http(websocket* ws){
+	if(ws->websocket_version == 13
+			&& ws->socket_key
+			&& ws->want_upgrade == 3){
+
+		//find and connect peer
+		if(client_connect(ws)){
+			ws_close(ws, ws_close_http, "500 Peer connection failed");
+			return 0;
+		}
+
+		if(network_send_str(ws->ws_fd, "HTTP/1.1 101 Upgrading\r\n")
+				|| network_send_str(ws->ws_fd, "Upgrade: websocket\r\n")
+				|| network_send_str(ws->ws_fd, "Connection: Upgrade\r\n")){
+			ws_close(ws, ws_close_http, NULL);
+			return 0;
+		}
+
+		//calculate the websocket accept key, which for some reason is defined as
+		//base64(sha1(concat(trim(client-key), "258EAFA5-E914-47DA-95CA-C5AB0DC85B11")))
+		//requiring not one but 2 unnecessarily complex operations
+		size_t encode_offset = 0;
+		struct sha1_ctx ws_accept_ctx;
+		struct base64_encode_ctx ws_accept_encode;
+		uint8_t ws_accept_digest[SHA1_DIGEST_SIZE];
+		char ws_accept_key[BASE64_ENCODE_LENGTH(SHA1_DIGEST_SIZE) + 3] = "";
+		sha1_init(&ws_accept_ctx);
+		sha1_update(&ws_accept_ctx, strlen(ws->socket_key), (uint8_t*) ws->socket_key);
+		sha1_update(&ws_accept_ctx, strlen(RFC6455_MAGIC_KEY), (uint8_t*) RFC6455_MAGIC_KEY);
+		sha1_digest(&ws_accept_ctx, sizeof(ws_accept_digest), (uint8_t*) &ws_accept_digest);
+		base64_encode_init(&ws_accept_encode);
+		encode_offset = base64_encode_update(&ws_accept_encode, (uint8_t*) ws_accept_key, SHA1_DIGEST_SIZE, ws_accept_digest);
+		encode_offset += base64_encode_final(&ws_accept_encode, (uint8_t*) ws_accept_key + encode_offset);
+		memcpy(ws_accept_key + encode_offset, "\r\n\0", 3);
+
+		//send websocket accept key
+		if(network_send_str(ws->ws_fd, "Sec-WebSocket-Accept: ")
+					|| network_send_str(ws->ws_fd, ws_accept_key)){
+			ws_close(ws, ws_close_http, NULL);
+			return 0;
+		}
+
+		//acknowledge selected protocol
+		if(ws->peer.protocol < ws->protocols){
+			if(network_send_str(ws->ws_fd, "Sec-WebSocket-Protocol: ")
+						|| network_send_str(ws->ws_fd, ws->protocol[ws->peer.protocol])
+						|| network_send_str(ws->ws_fd, "\r\n")){
+				ws_close(ws, ws_close_http, NULL);
+				return 0;
+			}
+		}
+
+		ws->state = ws_open;
+		if(network_send_str(ws->ws_fd, "\r\n")){
+			ws_close(ws, ws_close_http, NULL);
+			return 0;
+		}
+		return 0;
+	}
+	//RFC 4.2.2.4: An unsupported version must be answered with HTTP 426
+	if(ws->websocket_version != 13){
+		ws_close(ws, ws_close_http, "426 Unsupported protocol version");
+		return 0;
+	}
+	return 1;
+}
+
+static int ws_handle_http(websocket* ws){
+	char* header, *value;
+	ssize_t p;
+
+	if(!ws->read_buffer[0]){
+		return ws_upgrade_http(ws);
+	}
+	else if(isspace(ws->read_buffer[0])){
+		//i hate header folding
+		ws_close(ws, ws_close_http, "500 Header folding");
+		return 0;
+	}
+	else{
+		header = (char*) ws->read_buffer;
+		value = strchr(header, ':');
+		if(!value){
+			ws_close(ws, ws_close_http, "500 Header format");
+			return 0;
+		}
+		*value = 0;
+		value++;
+		for(; isspace(*value); value++){
+		}
+	}
+
+	//RFC 4.2.1 checks
+	if(!strcmp(header, "Sec-WebSocket-Version")){
+		ws->websocket_version = strtoul(value, NULL, 10);
+	}
+	else if(!strcmp(header, "Sec-WebSocket-Key")){
+		//right-trim the key
+		for(p = strlen(value) - 1; p >= 0 && isspace(value[p]); p--){
+			value[p] = 0;
+		}
+		ws->socket_key = strdup(value);
+	}
+	else if(!strcmp(header, "Upgrade") && !strcasecmp(value, "websocket")){
+		ws->want_upgrade |= 1;
+	}
+	else if(!strcmp(header, "Connection") && strstr(xstr_lower(value), "upgrade")){
+		ws->want_upgrade |= 2;
+	}
+	else if(!strcmp(header, "Sec-WebSocket-Protocol")){
+		//parse websocket protocol offers
+		for(value = strtok(value, ","); value; value = strtok(NULL, ",")){
+			//ltrim
+			for(; *value && isspace(*value); value++){
+			}
+
+			//rtrim
+			for(p = strlen(value) - 1; p >= 0 && isspace(value[p]); p--){
+				value[p] = 0;
+			}
+
+			for(p = 0; p < ws->protocols; p++){
+				if(!strcmp(ws->protocol[p], value)){
+					break;
+				}
+			}
+
+			//add new protocol
+			if(p == ws->protocols){
+				ws->protocol = realloc(ws->protocol, (ws->protocols + 1) * sizeof(char*));
+				if(!ws->protocol){
+					fprintf(stderr, "Failed to allocate memory\n");
+					return 1;
+				}
+				ws->protocol[ws->protocols] = strdup(value);
+				ws->protocols++;
+			}
+		}
+	}
+	else if(ws->headers < WS_HEADER_LIMIT){
+		ws->header[ws->headers].tag = strdup(header);
+		ws->header[ws->headers].value = strdup(value);
+		ws->headers++;
+	}
+	else{
+		//limit the number of stored headers to prevent abuse
+		//ws_close(ws, ws_close_http, "500 Header limit");
+	}
+	return 0;
+}
+
+//returns bytes handled
+static size_t ws_frame(websocket* ws){
+	size_t u;
+	uint64_t payload_length = 0;
+	uint16_t* payload_len16 = (uint16_t*) (ws->read_buffer + 2);
+	uint64_t* payload_len64 = (uint64_t*) (ws->read_buffer + 2);
+	uint8_t* masking_key = NULL, *payload = ws->read_buffer + 2;
+
+	//need at least the header bits
+	if(ws->read_buffer_offset < 2){
+		return 0;
+	}
+
+	if(WS_GET_RESERVED(ws->read_buffer[0])){
+		//reserved bits set without any extensions
+		//RFC 5.2 says we MUST close the connection
+		//ignoring it for now
+	}
+
+	//calculate the payload length (could've used a uint64 and be done with it...)
+	//TODO test this for the bigger frames
+	payload_length = WS_GET_LEN(ws->read_buffer[1]);
+	if(WS_GET_MASK(ws->read_buffer[1])){
+		if(ws->read_buffer_offset < 6){
+			return 0;
+		}
+		masking_key = ws->read_buffer + 2;
+		payload = ws->read_buffer + 6;
+	}
+
+	if(payload_length == 126){
+		//16-bit payload length
+		if(ws->read_buffer_offset < 4){
+			return 0;
+		}
+		payload_length = htobe16(*payload_len16);
+		payload = ws->read_buffer + 4;
+		if(WS_GET_MASK(ws->read_buffer[1])){
+			if(ws->read_buffer_offset < 8){
+				return 0;
+			}
+			masking_key = ws->read_buffer + 4;
+			payload = ws->read_buffer + 8;
+		}
+	}
+	else if(payload_length == 127){
+		//64-bit payload length
+		if(ws->read_buffer_offset < 10){
+			return 0;
+		}
+		payload_length = htobe64(*payload_len64);
+		payload = ws->read_buffer + 10;
+		if(WS_GET_MASK(ws->read_buffer[1])){
+			if(ws->read_buffer_offset < 14){
+				return 0;
+			}
+			masking_key = ws->read_buffer + 10;
+			payload = ws->read_buffer + 14;
+		}
+	}
+
+	//check for complete WS frame
+	if(ws->read_buffer_offset < (payload - ws->read_buffer) + payload_length){
+		//fprintf(stderr, "Incomplete payload: offset %lu, want %lu\n", ws->read_buffer_offset, (payload - ws->read_buffer) + payload_length);
+		return 0;
+	}
+
+	//RFC Section 5.1: If the client sends an unmasked frame, close the connection
+	if(!WS_GET_MASK(ws->read_buffer[1])){
+		ws_close(ws, ws_close_proto, "Unmasked client frame");
+		return 0;
+	}
+
+	//unmask data
+	if(WS_GET_MASK(ws->read_buffer[1])){
+		for(u = 0; u < payload_length; u++){
+			payload[u] = payload[u] ^ masking_key[u % 4];
+		}
+	}
+
+	//TODO handle fragmentation
+	//TODO handle control frames within fragmented frames
+
+	fprintf(stderr, "Incoming websocket data: %s %s OP %02X LEN %u %lu\n",
+			WS_GET_FIN(ws->read_buffer[0]) ? "FIN" : "CONT",
+			WS_GET_MASK(ws->read_buffer[1]) ? "MASK" : "CLEAR",
+			WS_GET_OP(ws->read_buffer[0]),
+			WS_GET_LEN(ws->read_buffer[1]),
+			payload_length);
+
+	//handle data
+	switch(WS_GET_OP(ws->read_buffer[0])){
+		case ws_frame_text:
+			fprintf(stderr, "Text payload: %.*s\n", (int) payload_length, (char*) payload);
+		case ws_frame_binary:
+			//forward to peer
+			if(ws->peer_fd >= 0){
+				fprintf(stderr, "WS -> Peer %lu bytes\n", payload_length);
+				if(network_send(ws->peer_fd, payload, payload_length)){
+					ws_close(ws, ws_close_unexpected, "Failed to forward");
+				}
+			}
+			break;
+		case ws_frame_close:
+			ws_close(ws, ws_close_normal, "Client requested termination");
+			break;
+		case ws_frame_ping:
+			break;
+		case ws_frame_pong:
+			if(ws_send_frame(ws, ws_frame_pong, payload, payload_length)){
+				ws_close(ws, ws_close_unexpected, "Failed to send ping");
+			}
+			break;
+		default:
+			//unknown frame type received
+			fprintf(stderr, "Unknown WebSocket opcode %02X in frame\n", WS_GET_OP(ws->read_buffer[0]));
+			ws_close(ws, ws_close_proto, "Invalid opcode");
+			break;
+	}
+
+	return ((payload - ws->read_buffer) + payload_length);
+}
+
+int ws_send_frame(websocket* ws, ws_operation opcode, uint8_t* data, size_t len){
+	fprintf(stderr, "Peer -> WS %lu bytes\n", len);
+	uint8_t frame_header[WS_FRAME_HEADER_LEN];
+	size_t header_bytes = 2;
+	uint16_t* payload_len16 = (uint16_t*) (frame_header + 2);
+	uint64_t* payload_len64 = (uint64_t*) (frame_header + 2);
+
+	//FIXME might want to support segmented transfers here
+	//set up the basic frame header
+	frame_header[0] = WS_FLAG_FIN | opcode;
+	if(len <= 125){
+		frame_header[1] = len;
+	}
+	else if(len <= 0xFFFF){
+		frame_header[1] = 126;
+		*payload_len16 = htobe16(len);
+		header_bytes += 2;
+	}
+	else{
+		frame_header[1] = 127;
+		*payload_len64 = htobe64(len);
+		header_bytes += 8;
+	}
+
+	if(network_send(ws->ws_fd, frame_header, header_bytes)
+			|| network_send(ws->ws_fd, data, len)){
+		return 1;
+	}
+
+	return 0;
+}
+
+int ws_data(websocket* ws){
+	ssize_t bytes_read, n, bytes_left = sizeof(ws->read_buffer) - ws->read_buffer_offset;
+	int rv = 0;
+
+	bytes_read = recv(ws->ws_fd, ws->read_buffer + ws->read_buffer_offset, bytes_left - 1, 0);
+	if(bytes_read < 0){
+		fprintf(stderr, "Failed to receive from websocket: %s\n", strerror(errno));
+		ws_close(ws, ws_close_unexpected, NULL);
+		return 0;
+	}
+	else if(bytes_read == 0){
+		//client closed connection
+		ws_close(ws, ws_close_unexpected, NULL);
+		return 0;
+	}
+
+	//terminate new data
+	ws->read_buffer[ws->read_buffer_offset + bytes_read] = 0;
+
+	switch(ws->state){
+		case ws_new:
+		case ws_http:
+			//scan for newline, handle line
+			for(n = 0; n < bytes_read - 1; n++){
+				if(!strncmp((char*) ws->read_buffer + ws->read_buffer_offset + n, "\r\n", 2)){
+					//terminate line
+					ws->read_buffer[ws->read_buffer_offset + n] = 0;
+
+					if(ws->state == ws_new){
+						ws_handle_new(ws);
+					}
+					else{
+						ws_handle_http(ws);
+					}
+
+					//remove from buffer
+					bytes_read -= (n + 2);
+					memmove(ws->read_buffer, ws->read_buffer + ws->read_buffer_offset + n + 2, bytes_read);
+					ws->read_buffer_offset = 0;
+
+					//restart from the beginning
+					n = -1;
+				}
+			}
+			//update read buffer offset
+			ws->read_buffer_offset = bytes_read;
+			break;
+		case ws_open:
+			ws->read_buffer_offset += bytes_read;
+			for(n = ws_frame(ws); n > 0 && ws->read_buffer_offset > 0; n = ws_frame(ws)){
+				memmove(ws->read_buffer, ws->read_buffer + n, ws->read_buffer_offset - n);
+				ws->read_buffer_offset -= n;
+			}
+			break;
+		//this should never be reached, as ws_close also closes the client fd
+		case ws_closed:
+			fprintf(stderr, "This should not have happened\n");
+			break;
+	}
+
+	//disconnect spammy clients
+	if(sizeof(ws->read_buffer) - ws->read_buffer_offset < 2){
+		fprintf(stderr, "Disconnecting misbehaving client\n");
+		ws_close(ws, ws_close_limit, "Receive size limit exceeded");
+		return 0;
+	}
+	return rv;
+}