summaryrefslogtreecommitdiff
path: root/thirdparty/libwebsockets/roles/http/server
diff options
context:
space:
mode:
Diffstat (limited to 'thirdparty/libwebsockets/roles/http/server')
-rw-r--r--thirdparty/libwebsockets/roles/http/server/access-log.c182
-rw-r--r--thirdparty/libwebsockets/roles/http/server/fops-zip.c668
-rw-r--r--thirdparty/libwebsockets/roles/http/server/lejp-conf.c993
-rw-r--r--thirdparty/libwebsockets/roles/http/server/parsers.c1137
-rw-r--r--thirdparty/libwebsockets/roles/http/server/server.c2765
5 files changed, 5745 insertions, 0 deletions
diff --git a/thirdparty/libwebsockets/roles/http/server/access-log.c b/thirdparty/libwebsockets/roles/http/server/access-log.c
new file mode 100644
index 0000000000..0e75309d7a
--- /dev/null
+++ b/thirdparty/libwebsockets/roles/http/server/access-log.c
@@ -0,0 +1,182 @@
+/*
+ * libwebsockets - server access log handling
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation:
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301 USA
+ */
+
+#include "core/private.h"
+
+/*
+ * Produce Apache-compatible log string for wsi, like this:
+ *
+ * 2.31.234.19 - - [27/Mar/2016:03:22:44 +0800]
+ * "GET /aep-screen.png HTTP/1.1"
+ * 200 152987 "https://libwebsockets.org/index.html"
+ * "Mozilla/5.0 (Macint... Chrome/49.0.2623.87 Safari/537.36"
+ *
+ */
+
+extern const char * const method_names[];
+
+static const char * const hver[] = {
+ "HTTP/1.0", "HTTP/1.1", "HTTP/2"
+};
+
+void
+lws_prepare_access_log_info(struct lws *wsi, char *uri_ptr, int meth)
+{
+#ifdef LWS_WITH_IPV6
+ char ads[INET6_ADDRSTRLEN];
+#else
+ char ads[INET_ADDRSTRLEN];
+#endif
+ char da[64];
+ const char *pa, *me;
+ struct tm *tmp;
+ time_t t = time(NULL);
+ int l = 256, m;
+
+ if (!wsi->vhost)
+ return;
+
+ /* only worry about preparing it if we store it */
+ if (wsi->vhost->log_fd == (int)LWS_INVALID_FILE)
+ return;
+
+ if (wsi->access_log_pending)
+ lws_access_log(wsi);
+
+ wsi->http.access_log.header_log = lws_malloc(l, "access log");
+ if (wsi->http.access_log.header_log) {
+
+ tmp = localtime(&t);
+ if (tmp)
+ strftime(da, sizeof(da), "%d/%b/%Y:%H:%M:%S %z", tmp);
+ else
+ strcpy(da, "01/Jan/1970:00:00:00 +0000");
+
+ pa = lws_get_peer_simple(wsi, ads, sizeof(ads));
+ if (!pa)
+ pa = "(unknown)";
+
+ if (wsi->http2_substream)
+ me = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_METHOD);
+ else
+ me = method_names[meth];
+ if (!me)
+ me = "(null)";
+
+ lws_snprintf(wsi->http.access_log.header_log, l,
+ "%s - - [%s] \"%s %s %s\"",
+ pa, da, me, uri_ptr,
+ hver[wsi->http.request_version]);
+
+ l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_USER_AGENT);
+ if (l) {
+ wsi->http.access_log.user_agent = lws_malloc(l + 2, "access log");
+ if (!wsi->http.access_log.user_agent) {
+ lwsl_err("OOM getting user agent\n");
+ lws_free_set_NULL(wsi->http.access_log.header_log);
+ return;
+ }
+
+ lws_hdr_copy(wsi, wsi->http.access_log.user_agent,
+ l + 1, WSI_TOKEN_HTTP_USER_AGENT);
+
+ for (m = 0; m < l; m++)
+ if (wsi->http.access_log.user_agent[m] == '\"')
+ wsi->http.access_log.user_agent[m] = '\'';
+ }
+ l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_REFERER);
+ if (l) {
+ wsi->http.access_log.referrer = lws_malloc(l + 2, "referrer");
+ if (!wsi->http.access_log.referrer) {
+ lwsl_err("OOM getting user agent\n");
+ lws_free_set_NULL(wsi->http.access_log.user_agent);
+ lws_free_set_NULL(wsi->http.access_log.header_log);
+ return;
+ }
+ lws_hdr_copy(wsi, wsi->http.access_log.referrer,
+ l + 1, WSI_TOKEN_HTTP_REFERER);
+
+ for (m = 0; m < l; m++)
+ if (wsi->http.access_log.referrer[m] == '\"')
+ wsi->http.access_log.referrer[m] = '\'';
+ }
+ wsi->access_log_pending = 1;
+ }
+}
+
+
+int
+lws_access_log(struct lws *wsi)
+{
+ char *p = wsi->http.access_log.user_agent, ass[512],
+ *p1 = wsi->http.access_log.referrer;
+ int l;
+
+ if (!wsi->vhost)
+ return 0;
+
+ if (wsi->vhost->log_fd == (int)LWS_INVALID_FILE)
+ return 0;
+
+ if (!wsi->access_log_pending)
+ return 0;
+
+ if (!wsi->http.access_log.header_log)
+ return 0;
+
+ if (!p)
+ p = "";
+
+ if (!p1)
+ p1 = "";
+
+ /*
+ * We do this in two parts to restrict an oversize referrer such that
+ * we will always have space left to append an empty useragent, while
+ * maintaining the structure of the log text
+ */
+ l = lws_snprintf(ass, sizeof(ass) - 7, "%s %d %lu \"%s",
+ wsi->http.access_log.header_log,
+ wsi->http.access_log.response, wsi->http.access_log.sent, p1);
+ if (strlen(p) > sizeof(ass) - 6 - l)
+ p[sizeof(ass) - 6 - l] = '\0';
+ l += lws_snprintf(ass + l, sizeof(ass) - 1 - l, "\" \"%s\"\n", p);
+
+ if (write(wsi->vhost->log_fd, ass, l) != l)
+ lwsl_err("Failed to write log\n");
+
+ if (wsi->http.access_log.header_log) {
+ lws_free(wsi->http.access_log.header_log);
+ wsi->http.access_log.header_log = NULL;
+ }
+ if (wsi->http.access_log.user_agent) {
+ lws_free(wsi->http.access_log.user_agent);
+ wsi->http.access_log.user_agent = NULL;
+ }
+ if (wsi->http.access_log.referrer) {
+ lws_free(wsi->http.access_log.referrer);
+ wsi->http.access_log.referrer = NULL;
+ }
+ wsi->access_log_pending = 0;
+
+ return 0;
+}
+
diff --git a/thirdparty/libwebsockets/roles/http/server/fops-zip.c b/thirdparty/libwebsockets/roles/http/server/fops-zip.c
new file mode 100644
index 0000000000..4db83ce621
--- /dev/null
+++ b/thirdparty/libwebsockets/roles/http/server/fops-zip.c
@@ -0,0 +1,668 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Original code used in this source file:
+ *
+ * https://github.com/PerBothner/DomTerm.git @912add15f3d0aec
+ *
+ * ./lws-term/io.c
+ * ./lws-term/junzip.c
+ *
+ * Copyright (C) 2017 Per Bothner <per@bothner.com>
+ *
+ * MIT License
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * ( copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ *
+ *
+ * lws rewrite:
+ *
+ * Copyright (C) 2017 Andy Green <andy@warmcat.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation:
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301 USA
+ */
+
+#include "core/private.h"
+
+#include <zlib.h>
+
+/*
+ * This code works with zip format containers which may have files compressed
+ * with gzip deflate (type 8) or store uncompressed (type 0).
+ *
+ * Linux zip produces such zipfiles by default, eg
+ *
+ * $ zip ../myzip.zip file1 file2 file3
+ */
+
+#define ZIP_COMPRESSION_METHOD_STORE 0
+#define ZIP_COMPRESSION_METHOD_DEFLATE 8
+
+typedef struct {
+ lws_filepos_t filename_start;
+ uint32_t crc32;
+ uint32_t comp_size;
+ uint32_t uncomp_size;
+ uint32_t offset;
+ uint32_t mod_time;
+ uint16_t filename_len;
+ uint16_t extra;
+ uint16_t method;
+ uint16_t file_com_len;
+} lws_fops_zip_hdr_t;
+
+typedef struct {
+ struct lws_fop_fd fop_fd; /* MUST BE FIRST logical fop_fd into
+ * file inside zip: fops_zip fops */
+ lws_fop_fd_t zip_fop_fd; /* logical fop fd on to zip file
+ * itself: using platform fops */
+ lws_fops_zip_hdr_t hdr;
+ z_stream inflate;
+ lws_filepos_t content_start;
+ lws_filepos_t exp_uncomp_pos;
+ union {
+ uint8_t trailer8[8];
+ uint32_t trailer32[2];
+ } u;
+ uint8_t rbuf[128]; /* decompression chunk size */
+ int entry_count;
+
+ unsigned int decompress:1; /* 0 = direct from file */
+ unsigned int add_gzip_container:1;
+} *lws_fops_zip_t;
+
+struct lws_plat_file_ops fops_zip;
+#define fop_fd_to_priv(FD) ((lws_fops_zip_t)(FD))
+
+static const uint8_t hd[] = { 31, 139, 8, 0, 0, 0, 0, 0, 0, 3 };
+
+enum {
+ ZC_SIGNATURE = 0,
+ ZC_VERSION_MADE_BY = 4,
+ ZC_VERSION_NEEDED_TO_EXTRACT = 6,
+ ZC_GENERAL_PURPOSE_BIT_FLAG = 8,
+ ZC_COMPRESSION_METHOD = 10,
+ ZC_LAST_MOD_FILE_TIME = 12,
+ ZC_LAST_MOD_FILE_DATE = 14,
+ ZC_CRC32 = 16,
+ ZC_COMPRESSED_SIZE = 20,
+ ZC_UNCOMPRESSED_SIZE = 24,
+ ZC_FILE_NAME_LENGTH = 28,
+ ZC_EXTRA_FIELD_LENGTH = 30,
+
+ ZC_FILE_COMMENT_LENGTH = 32,
+ ZC_DISK_NUMBER_START = 34,
+ ZC_INTERNAL_FILE_ATTRIBUTES = 36,
+ ZC_EXTERNAL_FILE_ATTRIBUTES = 38,
+ ZC_REL_OFFSET_LOCAL_HEADER = 42,
+ ZC_DIRECTORY_LENGTH = 46,
+
+ ZE_SIGNATURE_OFFSET = 0,
+ ZE_DESK_NUMBER = 4,
+ ZE_CENTRAL_DIRECTORY_DISK_NUMBER = 6,
+ ZE_NUM_ENTRIES_THIS_DISK = 8,
+ ZE_NUM_ENTRIES = 10,
+ ZE_CENTRAL_DIRECTORY_SIZE = 12,
+ ZE_CENTRAL_DIR_OFFSET = 16,
+ ZE_ZIP_COMMENT_LENGTH = 20,
+ ZE_DIRECTORY_LENGTH = 22,
+
+ ZL_REL_OFFSET_CONTENT = 28,
+ ZL_HEADER_LENGTH = 30,
+
+ LWS_FZ_ERR_SEEK_END_RECORD = 1,
+ LWS_FZ_ERR_READ_END_RECORD,
+ LWS_FZ_ERR_END_RECORD_MAGIC,
+ LWS_FZ_ERR_END_RECORD_SANITY,
+ LWS_FZ_ERR_CENTRAL_SEEK,
+ LWS_FZ_ERR_CENTRAL_READ,
+ LWS_FZ_ERR_CENTRAL_SANITY,
+ LWS_FZ_ERR_NAME_TOO_LONG,
+ LWS_FZ_ERR_NAME_SEEK,
+ LWS_FZ_ERR_NAME_READ,
+ LWS_FZ_ERR_CONTENT_SANITY,
+ LWS_FZ_ERR_CONTENT_SEEK,
+ LWS_FZ_ERR_SCAN_SEEK,
+ LWS_FZ_ERR_NOT_FOUND,
+ LWS_FZ_ERR_ZLIB_INIT,
+ LWS_FZ_ERR_READ_CONTENT,
+ LWS_FZ_ERR_SEEK_COMPRESSED,
+};
+
+static uint16_t
+get_u16(void *p)
+{
+ const uint8_t *c = (const uint8_t *)p;
+
+ return (uint16_t)((c[0] | (c[1] << 8)));
+}
+
+static uint32_t
+get_u32(void *p)
+{
+ const uint8_t *c = (const uint8_t *)p;
+
+ return (uint32_t)((c[0] | (c[1] << 8) | (c[2] << 16) | (c[3] << 24)));
+}
+
+int
+lws_fops_zip_scan(lws_fops_zip_t priv, const char *name, int len)
+{
+ lws_filepos_t amount;
+ uint8_t buf[96];
+ int i;
+
+ if (lws_vfs_file_seek_end(priv->zip_fop_fd, -ZE_DIRECTORY_LENGTH) < 0)
+ return LWS_FZ_ERR_SEEK_END_RECORD;
+
+ if (lws_vfs_file_read(priv->zip_fop_fd, &amount, buf,
+ ZE_DIRECTORY_LENGTH))
+ return LWS_FZ_ERR_READ_END_RECORD;
+
+ if (amount != ZE_DIRECTORY_LENGTH)
+ return LWS_FZ_ERR_READ_END_RECORD;
+
+ /*
+ * We require the zip to have the last record right at the end
+ * Linux zip always does this if no zip comment.
+ */
+ if (buf[0] != 'P' || buf[1] != 'K' || buf[2] != 5 || buf[3] != 6)
+ return LWS_FZ_ERR_END_RECORD_MAGIC;
+
+ i = get_u16(buf + ZE_NUM_ENTRIES);
+
+ if (get_u16(buf + ZE_DESK_NUMBER) ||
+ get_u16(buf + ZE_CENTRAL_DIRECTORY_DISK_NUMBER) ||
+ i != get_u16(buf + ZE_NUM_ENTRIES_THIS_DISK))
+ return LWS_FZ_ERR_END_RECORD_SANITY;
+
+ /* end record is OK... look for our file in the central dir */
+
+ if (lws_vfs_file_seek_set(priv->zip_fop_fd,
+ get_u32(buf + ZE_CENTRAL_DIR_OFFSET)) < 0)
+ return LWS_FZ_ERR_CENTRAL_SEEK;
+
+ while (i--) {
+ priv->content_start = lws_vfs_tell(priv->zip_fop_fd);
+
+ if (lws_vfs_file_read(priv->zip_fop_fd, &amount, buf,
+ ZC_DIRECTORY_LENGTH))
+ return LWS_FZ_ERR_CENTRAL_READ;
+
+ if (amount != ZC_DIRECTORY_LENGTH)
+ return LWS_FZ_ERR_CENTRAL_READ;
+
+ if (get_u32(buf + ZC_SIGNATURE) != 0x02014B50)
+ return LWS_FZ_ERR_CENTRAL_SANITY;
+
+ lwsl_debug("cstart 0x%lx\n", (unsigned long)priv->content_start);
+
+ priv->hdr.filename_len = get_u16(buf + ZC_FILE_NAME_LENGTH);
+ priv->hdr.extra = get_u16(buf + ZC_EXTRA_FIELD_LENGTH);
+ priv->hdr.filename_start = lws_vfs_tell(priv->zip_fop_fd);
+
+ priv->hdr.method = get_u16(buf + ZC_COMPRESSION_METHOD);
+ priv->hdr.crc32 = get_u32(buf + ZC_CRC32);
+ priv->hdr.comp_size = get_u32(buf + ZC_COMPRESSED_SIZE);
+ priv->hdr.uncomp_size = get_u32(buf + ZC_UNCOMPRESSED_SIZE);
+ priv->hdr.offset = get_u32(buf + ZC_REL_OFFSET_LOCAL_HEADER);
+ priv->hdr.mod_time = get_u32(buf + ZC_LAST_MOD_FILE_TIME);
+ priv->hdr.file_com_len = get_u16(buf + ZC_FILE_COMMENT_LENGTH);
+
+ if (priv->hdr.filename_len != len)
+ goto next;
+
+ if (len >= (int)sizeof(buf) - 1)
+ return LWS_FZ_ERR_NAME_TOO_LONG;
+
+ if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd,
+ &amount, buf, len))
+ return LWS_FZ_ERR_NAME_READ;
+ if ((int)amount != len)
+ return LWS_FZ_ERR_NAME_READ;
+
+ buf[len] = '\0';
+ lwsl_debug("check %s vs %s\n", buf, name);
+
+ if (strcmp((const char *)buf, name))
+ goto next;
+
+ /* we found a match */
+ if (lws_vfs_file_seek_set(priv->zip_fop_fd, priv->hdr.offset) < 0)
+ return LWS_FZ_ERR_NAME_SEEK;
+ if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd,
+ &amount, buf,
+ ZL_HEADER_LENGTH))
+ return LWS_FZ_ERR_NAME_READ;
+ if (amount != ZL_HEADER_LENGTH)
+ return LWS_FZ_ERR_NAME_READ;
+
+ priv->content_start = priv->hdr.offset +
+ ZL_HEADER_LENGTH +
+ priv->hdr.filename_len +
+ get_u16(buf + ZL_REL_OFFSET_CONTENT);
+
+ lwsl_debug("content supposed to start at 0x%lx\n",
+ (unsigned long)priv->content_start);
+
+ if (priv->content_start > priv->zip_fop_fd->len)
+ return LWS_FZ_ERR_CONTENT_SANITY;
+
+ if (lws_vfs_file_seek_set(priv->zip_fop_fd,
+ priv->content_start) < 0)
+ return LWS_FZ_ERR_CONTENT_SEEK;
+
+ /* we are aligned at the start of the content */
+
+ priv->exp_uncomp_pos = 0;
+
+ return 0;
+
+next:
+ if (i && lws_vfs_file_seek_set(priv->zip_fop_fd,
+ priv->content_start +
+ ZC_DIRECTORY_LENGTH +
+ priv->hdr.filename_len +
+ priv->hdr.extra +
+ priv->hdr.file_com_len) < 0)
+ return LWS_FZ_ERR_SCAN_SEEK;
+ }
+
+ return LWS_FZ_ERR_NOT_FOUND;
+}
+
+static int
+lws_fops_zip_reset_inflate(lws_fops_zip_t priv)
+{
+ if (priv->decompress)
+ inflateEnd(&priv->inflate);
+
+ priv->inflate.zalloc = Z_NULL;
+ priv->inflate.zfree = Z_NULL;
+ priv->inflate.opaque = Z_NULL;
+ priv->inflate.avail_in = 0;
+ priv->inflate.next_in = Z_NULL;
+
+ if (inflateInit2(&priv->inflate, -MAX_WBITS) != Z_OK) {
+ lwsl_err("inflate init failed\n");
+ return LWS_FZ_ERR_ZLIB_INIT;
+ }
+
+ if (lws_vfs_file_seek_set(priv->zip_fop_fd, priv->content_start) < 0)
+ return LWS_FZ_ERR_CONTENT_SEEK;
+
+ priv->exp_uncomp_pos = 0;
+
+ return 0;
+}
+
+static lws_fop_fd_t
+lws_fops_zip_open(const struct lws_plat_file_ops *fops, const char *vfs_path,
+ const char *vpath, lws_fop_flags_t *flags)
+{
+ lws_fop_flags_t local_flags = 0;
+ lws_fops_zip_t priv;
+ char rp[192];
+ int m;
+
+ /*
+ * vpath points at the / after the fops signature in vfs_path, eg
+ * with a vfs_path "/var/www/docs/manual.zip/index.html", vpath
+ * will come pointing at "/index.html"
+ */
+
+ priv = lws_zalloc(sizeof(*priv), "fops_zip priv");
+ if (!priv)
+ return NULL;
+
+ priv->fop_fd.fops = &fops_zip;
+
+ m = sizeof(rp) - 1;
+ if ((vpath - vfs_path - 1) < m)
+ m = lws_ptr_diff(vpath, vfs_path) - 1;
+ lws_strncpy(rp, vfs_path, m + 1);
+
+ /* open the zip file itself using the incoming fops, not fops_zip */
+
+ priv->zip_fop_fd = fops->LWS_FOP_OPEN(fops, rp, NULL, &local_flags);
+ if (!priv->zip_fop_fd) {
+ lwsl_err("unable to open zip %s\n", rp);
+ goto bail1;
+ }
+
+ if (*vpath == '/')
+ vpath++;
+
+ m = lws_fops_zip_scan(priv, vpath, (int)strlen(vpath));
+ if (m) {
+ lwsl_err("unable to find record matching '%s' %d\n", vpath, m);
+ goto bail2;
+ }
+
+ /* the directory metadata tells us modification time, so pass it on */
+ priv->fop_fd.mod_time = priv->hdr.mod_time;
+ *flags |= LWS_FOP_FLAG_MOD_TIME_VALID | LWS_FOP_FLAG_VIRTUAL;
+ priv->fop_fd.flags = *flags;
+
+ /* The zip fop_fd is left pointing at the start of the content.
+ *
+ * 1) Content could be uncompressed (STORE), and we can always serve
+ * that directly
+ *
+ * 2) Content could be compressed (GZIP), and the client can handle
+ * receiving GZIP... we can wrap it in a GZIP header and trailer
+ * and serve the content part directly. The flag indicating we
+ * are providing GZIP directly is set so lws will send the right
+ * headers.
+ *
+ * 3) Content could be compressed (GZIP) but the client can't handle
+ * receiving GZIP... we can decompress it and serve as it is
+ * inflated piecemeal.
+ *
+ * 4) Content may be compressed some unknown way... fail
+ *
+ */
+ if (priv->hdr.method == ZIP_COMPRESSION_METHOD_STORE) {
+ /*
+ * it is stored uncompressed, leave it indicated as
+ * uncompressed, and just serve it from inside the
+ * zip with no gzip container;
+ */
+
+ lwsl_info("direct zip serving (stored)\n");
+
+ priv->fop_fd.len = priv->hdr.uncomp_size;
+
+ return &priv->fop_fd;
+ }
+
+ if ((*flags & LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP) &&
+ priv->hdr.method == ZIP_COMPRESSION_METHOD_DEFLATE) {
+
+ /*
+ * We can serve the gzipped file contents directly as gzip
+ * from inside the zip container; client says it is OK.
+ *
+ * To convert to standalone gzip, we have to add a 10-byte
+ * constant header and a variable 8-byte trailer around the
+ * content.
+ *
+ * The 8-byte trailer is prepared now and held in the priv.
+ */
+
+ lwsl_info("direct zip serving (gzipped)\n");
+
+ priv->fop_fd.len = sizeof(hd) + priv->hdr.comp_size +
+ sizeof(priv->u);
+
+ if (lws_is_be()) {
+ uint8_t *p = priv->u.trailer8;
+
+ *p++ = (uint8_t)priv->hdr.crc32;
+ *p++ = (uint8_t)(priv->hdr.crc32 >> 8);
+ *p++ = (uint8_t)(priv->hdr.crc32 >> 16);
+ *p++ = (uint8_t)(priv->hdr.crc32 >> 24);
+ *p++ = (uint8_t)priv->hdr.uncomp_size;
+ *p++ = (uint8_t)(priv->hdr.uncomp_size >> 8);
+ *p++ = (uint8_t)(priv->hdr.uncomp_size >> 16);
+ *p = (uint8_t)(priv->hdr.uncomp_size >> 24);
+ } else {
+ priv->u.trailer32[0] = priv->hdr.crc32;
+ priv->u.trailer32[1] = priv->hdr.uncomp_size;
+ }
+
+ *flags |= LWS_FOP_FLAG_COMPR_IS_GZIP;
+ priv->fop_fd.flags = *flags;
+ priv->add_gzip_container = 1;
+
+ return &priv->fop_fd;
+ }
+
+ if (priv->hdr.method == ZIP_COMPRESSION_METHOD_DEFLATE) {
+
+ /* we must decompress it to serve it */
+
+ lwsl_info("decompressed zip serving\n");
+
+ priv->fop_fd.len = priv->hdr.uncomp_size;
+
+ if (lws_fops_zip_reset_inflate(priv)) {
+ lwsl_err("inflate init failed\n");
+ goto bail2;
+ }
+
+ priv->decompress = 1;
+
+ return &priv->fop_fd;
+ }
+
+ /* we can't handle it ... */
+
+ lwsl_err("zipped file %s compressed in unknown way (%d)\n", vfs_path,
+ priv->hdr.method);
+
+bail2:
+ lws_vfs_file_close(&priv->zip_fop_fd);
+bail1:
+ free(priv);
+
+ return NULL;
+}
+
+/* ie, we are closing the fop_fd for the file inside the gzip */
+
+static int
+lws_fops_zip_close(lws_fop_fd_t *fd)
+{
+ lws_fops_zip_t priv = fop_fd_to_priv(*fd);
+
+ if (priv->decompress)
+ inflateEnd(&priv->inflate);
+
+ lws_vfs_file_close(&priv->zip_fop_fd); /* close the gzip fop_fd */
+
+ free(priv);
+ *fd = NULL;
+
+ return 0;
+}
+
+static lws_fileofs_t
+lws_fops_zip_seek_cur(lws_fop_fd_t fd, lws_fileofs_t offset_from_cur_pos)
+{
+ fd->pos += offset_from_cur_pos;
+
+ return fd->pos;
+}
+
+static int
+lws_fops_zip_read(lws_fop_fd_t fd, lws_filepos_t *amount, uint8_t *buf,
+ lws_filepos_t len)
+{
+ lws_fops_zip_t priv = fop_fd_to_priv(fd);
+ lws_filepos_t ramount, rlen, cur = lws_vfs_tell(fd);
+ int ret;
+
+ if (priv->decompress) {
+
+ if (priv->exp_uncomp_pos != fd->pos) {
+ /*
+ * there has been a seek in the uncompressed fop_fd
+ * we have to restart the decompression and loop eating
+ * the decompressed data up to the seek point
+ */
+ lwsl_info("seek in decompressed\n");
+
+ lws_fops_zip_reset_inflate(priv);
+
+ while (priv->exp_uncomp_pos != fd->pos) {
+ rlen = len;
+ if (rlen > fd->pos - priv->exp_uncomp_pos)
+ rlen = fd->pos - priv->exp_uncomp_pos;
+ if (lws_fops_zip_read(fd, amount, buf, rlen))
+ return LWS_FZ_ERR_SEEK_COMPRESSED;
+ }
+ *amount = 0;
+ }
+
+ priv->inflate.avail_out = (unsigned int)len;
+ priv->inflate.next_out = buf;
+
+spin:
+ if (!priv->inflate.avail_in) {
+ rlen = sizeof(priv->rbuf);
+ if (rlen > priv->hdr.comp_size -
+ (cur - priv->content_start))
+ rlen = priv->hdr.comp_size -
+ (priv->hdr.comp_size -
+ priv->content_start);
+
+ if (priv->zip_fop_fd->fops->LWS_FOP_READ(
+ priv->zip_fop_fd, &ramount, priv->rbuf,
+ rlen))
+ return LWS_FZ_ERR_READ_CONTENT;
+
+ cur += ramount;
+
+ priv->inflate.avail_in = (unsigned int)ramount;
+ priv->inflate.next_in = priv->rbuf;
+ }
+
+ ret = inflate(&priv->inflate, Z_NO_FLUSH);
+ if (ret == Z_STREAM_ERROR)
+ return ret;
+
+ switch (ret) {
+ case Z_NEED_DICT:
+ ret = Z_DATA_ERROR;
+ /* fallthru */
+ case Z_DATA_ERROR:
+ case Z_MEM_ERROR:
+
+ return ret;
+ }
+
+ if (!priv->inflate.avail_in && priv->inflate.avail_out &&
+ cur != priv->content_start + priv->hdr.comp_size)
+ goto spin;
+
+ *amount = len - priv->inflate.avail_out;
+
+ priv->exp_uncomp_pos += *amount;
+ fd->pos += *amount;
+
+ return 0;
+ }
+
+ if (priv->add_gzip_container) {
+
+ lwsl_info("%s: gzip + container\n", __func__);
+ *amount = 0;
+
+ /* place the canned header at the start */
+
+ if (len && fd->pos < sizeof(hd)) {
+ rlen = sizeof(hd) - fd->pos;
+ if (rlen > len)
+ rlen = len;
+ /* provide stuff from canned header */
+ memcpy(buf, hd + fd->pos, (size_t)rlen);
+ fd->pos += rlen;
+ buf += rlen;
+ len -= rlen;
+ *amount += rlen;
+ }
+
+ /* serve gzipped data direct from zipfile */
+
+ if (len && fd->pos >= sizeof(hd) &&
+ fd->pos < priv->hdr.comp_size + sizeof(hd)) {
+
+ rlen = priv->hdr.comp_size - (priv->zip_fop_fd->pos -
+ priv->content_start);
+ if (rlen > len)
+ rlen = len;
+
+ if (rlen &&
+ priv->zip_fop_fd->pos < (priv->hdr.comp_size +
+ priv->content_start)) {
+ if (lws_vfs_file_read(priv->zip_fop_fd,
+ &ramount, buf, rlen))
+ return LWS_FZ_ERR_READ_CONTENT;
+ *amount += ramount;
+ fd->pos += ramount; // virtual pos
+ buf += ramount;
+ len -= ramount;
+ }
+ }
+
+ /* place the prepared trailer at the end */
+
+ if (len && fd->pos >= priv->hdr.comp_size + sizeof(hd) &&
+ fd->pos < priv->hdr.comp_size + sizeof(hd) +
+ sizeof(priv->u)) {
+ cur = fd->pos - priv->hdr.comp_size - sizeof(hd);
+ rlen = sizeof(priv->u) - cur;
+ if (rlen > len)
+ rlen = len;
+
+ memcpy(buf, priv->u.trailer8 + cur, (size_t)rlen);
+
+ *amount += rlen;
+ fd->pos += rlen;
+ }
+
+ return 0;
+ }
+
+ lwsl_info("%s: store\n", __func__);
+
+ if (len > priv->hdr.uncomp_size - (cur - priv->content_start))
+ len = priv->hdr.comp_size - (priv->hdr.comp_size -
+ priv->content_start);
+
+ if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd,
+ amount, buf, len))
+ return LWS_FZ_ERR_READ_CONTENT;
+
+ return 0;
+}
+
+struct lws_plat_file_ops fops_zip = {
+ lws_fops_zip_open,
+ lws_fops_zip_close,
+ lws_fops_zip_seek_cur,
+ lws_fops_zip_read,
+ NULL,
+ { { ".zip/", 5 }, { ".jar/", 5 }, { ".war/", 5 } },
+ NULL,
+};
diff --git a/thirdparty/libwebsockets/roles/http/server/lejp-conf.c b/thirdparty/libwebsockets/roles/http/server/lejp-conf.c
new file mode 100644
index 0000000000..fbf10c288e
--- /dev/null
+++ b/thirdparty/libwebsockets/roles/http/server/lejp-conf.c
@@ -0,0 +1,993 @@
+/*
+ * libwebsockets web server application
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation:
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301 USA
+ */
+
+#include "core/private.h"
+
+#ifndef _WIN32
+/* this is needed for Travis CI */
+#include <dirent.h>
+#endif
+
+#define ESC_INSTALL_DATADIR "_lws_ddir_"
+
+static const char * const paths_global[] = {
+ "global.uid",
+ "global.gid",
+ "global.count-threads",
+ "global.init-ssl",
+ "global.server-string",
+ "global.plugin-dir",
+ "global.ws-pingpong-secs",
+ "global.timeout-secs",
+ "global.reject-service-keywords[].*",
+ "global.reject-service-keywords[]",
+ "global.default-alpn",
+};
+
+enum lejp_global_paths {
+ LEJPGP_UID,
+ LEJPGP_GID,
+ LEJPGP_COUNT_THREADS,
+ LWJPGP_INIT_SSL,
+ LEJPGP_SERVER_STRING,
+ LEJPGP_PLUGIN_DIR,
+ LWJPGP_PINGPONG_SECS,
+ LWJPGP_TIMEOUT_SECS,
+ LWJPGP_REJECT_SERVICE_KEYWORDS_NAME,
+ LWJPGP_REJECT_SERVICE_KEYWORDS,
+ LWJPGP_DEFAULT_ALPN,
+};
+
+static const char * const paths_vhosts[] = {
+ "vhosts[]",
+ "vhosts[].mounts[]",
+ "vhosts[].name",
+ "vhosts[].port",
+ "vhosts[].interface",
+ "vhosts[].unix-socket",
+ "vhosts[].sts",
+ "vhosts[].host-ssl-key",
+ "vhosts[].host-ssl-cert",
+ "vhosts[].host-ssl-ca",
+ "vhosts[].access-log",
+ "vhosts[].mounts[].mountpoint",
+ "vhosts[].mounts[].origin",
+ "vhosts[].mounts[].protocol",
+ "vhosts[].mounts[].default",
+ "vhosts[].mounts[].auth-mask",
+ "vhosts[].mounts[].cgi-timeout",
+ "vhosts[].mounts[].cgi-env[].*",
+ "vhosts[].mounts[].cache-max-age",
+ "vhosts[].mounts[].cache-reuse",
+ "vhosts[].mounts[].cache-revalidate",
+ "vhosts[].mounts[].basic-auth",
+ "vhosts[].mounts[].cache-intermediaries",
+ "vhosts[].mounts[].extra-mimetypes.*",
+ "vhosts[].mounts[].interpret.*",
+ "vhosts[].ws-protocols[].*.*",
+ "vhosts[].ws-protocols[].*",
+ "vhosts[].ws-protocols[]",
+ "vhosts[].keepalive_timeout",
+ "vhosts[].enable-client-ssl",
+ "vhosts[].ciphers",
+ "vhosts[].ecdh-curve",
+ "vhosts[].noipv6",
+ "vhosts[].ipv6only",
+ "vhosts[].ssl-option-set",
+ "vhosts[].ssl-option-clear",
+ "vhosts[].mounts[].pmo[].*",
+ "vhosts[].headers[].*",
+ "vhosts[].headers[]",
+ "vhosts[].client-ssl-key",
+ "vhosts[].client-ssl-cert",
+ "vhosts[].client-ssl-ca",
+ "vhosts[].client-ssl-ciphers",
+ "vhosts[].onlyraw",
+ "vhosts[].client-cert-required",
+ "vhosts[].ignore-missing-cert",
+ "vhosts[].error-document-404",
+ "vhosts[].alpn",
+};
+
+enum lejp_vhost_paths {
+ LEJPVP,
+ LEJPVP_MOUNTS,
+ LEJPVP_NAME,
+ LEJPVP_PORT,
+ LEJPVP_INTERFACE,
+ LEJPVP_UNIXSKT,
+ LEJPVP_STS,
+ LEJPVP_HOST_SSL_KEY,
+ LEJPVP_HOST_SSL_CERT,
+ LEJPVP_HOST_SSL_CA,
+ LEJPVP_ACCESS_LOG,
+ LEJPVP_MOUNTPOINT,
+ LEJPVP_ORIGIN,
+ LEJPVP_MOUNT_PROTOCOL,
+ LEJPVP_DEFAULT,
+ LEJPVP_DEFAULT_AUTH_MASK,
+ LEJPVP_CGI_TIMEOUT,
+ LEJPVP_CGI_ENV,
+ LEJPVP_MOUNT_CACHE_MAX_AGE,
+ LEJPVP_MOUNT_CACHE_REUSE,
+ LEJPVP_MOUNT_CACHE_REVALIDATE,
+ LEJPVP_MOUNT_BASIC_AUTH,
+ LEJPVP_MOUNT_CACHE_INTERMEDIARIES,
+ LEJPVP_MOUNT_EXTRA_MIMETYPES,
+ LEJPVP_MOUNT_INTERPRET,
+ LEJPVP_PROTOCOL_NAME_OPT,
+ LEJPVP_PROTOCOL_NAME,
+ LEJPVP_PROTOCOL,
+ LEJPVP_KEEPALIVE_TIMEOUT,
+ LEJPVP_ENABLE_CLIENT_SSL,
+ LEJPVP_CIPHERS,
+ LEJPVP_ECDH_CURVE,
+ LEJPVP_NOIPV6,
+ LEJPVP_IPV6ONLY,
+ LEJPVP_SSL_OPTION_SET,
+ LEJPVP_SSL_OPTION_CLEAR,
+ LEJPVP_PMO,
+ LEJPVP_HEADERS_NAME,
+ LEJPVP_HEADERS,
+ LEJPVP_CLIENT_SSL_KEY,
+ LEJPVP_CLIENT_SSL_CERT,
+ LEJPVP_CLIENT_SSL_CA,
+ LEJPVP_CLIENT_CIPHERS,
+ LEJPVP_FLAG_ONLYRAW,
+ LEJPVP_FLAG_CLIENT_CERT_REQUIRED,
+ LEJPVP_IGNORE_MISSING_CERT,
+ LEJPVP_ERROR_DOCUMENT_404,
+ LEJPVP_ALPN,
+};
+
+static const char * const parser_errs[] = {
+ "",
+ "",
+ "No opening '{'",
+ "Expected closing '}'",
+ "Expected '\"'",
+ "String underrun",
+ "Illegal unescaped control char",
+ "Illegal escape format",
+ "Illegal hex number",
+ "Expected ':'",
+ "Illegal value start",
+ "Digit required after decimal point",
+ "Bad number format",
+ "Bad exponent format",
+ "Unknown token",
+ "Too many ']'",
+ "Mismatched ']'",
+ "Expected ']'",
+ "JSON nesting limit exceeded",
+ "Nesting tracking used up",
+ "Number too long",
+ "Comma or block end expected",
+ "Unknown",
+ "Parser callback errored (see earlier error)",
+};
+
+#define MAX_PLUGIN_DIRS 10
+
+struct jpargs {
+ struct lws_context_creation_info *info;
+ struct lws_context *context;
+ const struct lws_protocols *protocols;
+ const struct lws_extension *extensions;
+ char *p, *end, valid;
+ struct lws_http_mount *head, *last;
+
+ struct lws_protocol_vhost_options *pvo;
+ struct lws_protocol_vhost_options *pvo_em;
+ struct lws_protocol_vhost_options *pvo_int;
+ struct lws_http_mount m;
+ const char **plugin_dirs;
+ int count_plugin_dirs;
+
+ unsigned int enable_client_ssl:1;
+ unsigned int fresh_mount:1;
+ unsigned int any_vhosts:1;
+ unsigned int chunk:1;
+};
+
+static void *
+lwsws_align(struct jpargs *a)
+{
+ if ((lws_intptr_t)(a->p) & 15)
+ a->p += 16 - ((lws_intptr_t)(a->p) & 15);
+
+ a->chunk = 0;
+
+ return a->p;
+}
+
+static int
+arg_to_bool(const char *s)
+{
+ static const char * const on[] = { "on", "yes", "true" };
+ int n = atoi(s);
+
+ if (n)
+ return 1;
+
+ for (n = 0; n < (int)LWS_ARRAY_SIZE(on); n++)
+ if (!strcasecmp(s, on[n]))
+ return 1;
+
+ return 0;
+}
+
+static signed char
+lejp_globals_cb(struct lejp_ctx *ctx, char reason)
+{
+ struct jpargs *a = (struct jpargs *)ctx->user;
+ struct lws_protocol_vhost_options *rej;
+ int n;
+
+ /* we only match on the prepared path strings */
+ if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match)
+ return 0;
+
+ /* this catches, eg, vhosts[].headers[].xxx */
+ if (reason == LEJPCB_VAL_STR_END &&
+ ctx->path_match == LWJPGP_REJECT_SERVICE_KEYWORDS_NAME + 1) {
+ rej = lwsws_align(a);
+ a->p += sizeof(*rej);
+
+ n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p);
+ rej->next = a->info->reject_service_keywords;
+ a->info->reject_service_keywords = rej;
+ rej->name = a->p;
+ lwsl_notice(" adding rej %s=%s\n", a->p, ctx->buf);
+ a->p += n - 1;
+ *(a->p++) = '\0';
+ rej->value = a->p;
+ rej->options = NULL;
+ goto dostring;
+ }
+
+ switch (ctx->path_match - 1) {
+ case LEJPGP_UID:
+ a->info->uid = atoi(ctx->buf);
+ return 0;
+ case LEJPGP_GID:
+ a->info->gid = atoi(ctx->buf);
+ return 0;
+ case LEJPGP_COUNT_THREADS:
+ a->info->count_threads = atoi(ctx->buf);
+ return 0;
+ case LWJPGP_INIT_SSL:
+ if (arg_to_bool(ctx->buf))
+ a->info->options |= LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT;
+ return 0;
+ case LEJPGP_SERVER_STRING:
+ a->info->server_string = a->p;
+ break;
+ case LEJPGP_PLUGIN_DIR:
+ if (a->count_plugin_dirs == MAX_PLUGIN_DIRS - 1) {
+ lwsl_err("Too many plugin dirs\n");
+ return -1;
+ }
+ a->plugin_dirs[a->count_plugin_dirs++] = a->p;
+ break;
+
+ case LWJPGP_PINGPONG_SECS:
+ a->info->ws_ping_pong_interval = atoi(ctx->buf);
+ return 0;
+
+ case LWJPGP_TIMEOUT_SECS:
+ a->info->timeout_secs = atoi(ctx->buf);
+ return 0;
+
+ case LWJPGP_DEFAULT_ALPN:
+ a->info->alpn = a->p;
+ break;
+
+ default:
+ return 0;
+ }
+
+dostring:
+ a->p += lws_snprintf(a->p, a->end - a->p, "%s", ctx->buf);
+ *(a->p)++ = '\0';
+
+ return 0;
+}
+
+static signed char
+lejp_vhosts_cb(struct lejp_ctx *ctx, char reason)
+{
+ struct jpargs *a = (struct jpargs *)ctx->user;
+ struct lws_protocol_vhost_options *pvo, *mp_cgienv, *headers;
+ struct lws_http_mount *m;
+ char *p, *p1;
+ int n;
+
+#if 0
+ lwsl_notice(" %d: %s (%d)\n", reason, ctx->path, ctx->path_match);
+ for (n = 0; n < ctx->wildcount; n++)
+ lwsl_notice(" %d\n", ctx->wild[n]);
+#endif
+
+ if (reason == LEJPCB_OBJECT_START && ctx->path_match == LEJPVP + 1) {
+ uint32_t i[4];
+ const char *ss;
+
+ /* set the defaults for this vhost */
+ a->valid = 1;
+ a->head = NULL;
+ a->last = NULL;
+
+ i[0] = a->info->count_threads;
+ i[1] = a->info->options & (
+ LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME |
+ LWS_SERVER_OPTION_LIBUV |
+ LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT |
+ LWS_SERVER_OPTION_EXPLICIT_VHOSTS |
+ LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN |
+ LWS_SERVER_OPTION_LIBEVENT |
+ LWS_SERVER_OPTION_LIBEV
+ );
+ ss = a->info->server_string;
+ i[2] = a->info->ws_ping_pong_interval;
+ i[3] = a->info->timeout_secs;
+
+ memset(a->info, 0, sizeof(*a->info));
+
+ a->info->count_threads = i[0];
+ a->info->options = i[1];
+ a->info->server_string = ss;
+ a->info->ws_ping_pong_interval = i[2];
+ a->info->timeout_secs = i[3];
+
+ a->info->protocols = a->protocols;
+ a->info->extensions = a->extensions;
+#if defined(LWS_WITH_TLS)
+ a->info->client_ssl_cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:"
+ "ECDHE-RSA-AES256-GCM-SHA384:"
+ "DHE-RSA-AES256-GCM-SHA384:"
+ "ECDHE-RSA-AES256-SHA384:"
+ "HIGH:!aNULL:!eNULL:!EXPORT:"
+ "!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:"
+ "!SHA1:!DHE-RSA-AES128-GCM-SHA256:"
+ "!DHE-RSA-AES128-SHA256:"
+ "!AES128-GCM-SHA256:"
+ "!AES128-SHA256:"
+ "!DHE-RSA-AES256-SHA256:"
+ "!AES256-GCM-SHA384:"
+ "!AES256-SHA256";
+#endif
+ a->info->ssl_cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:"
+ "ECDHE-RSA-AES256-GCM-SHA384:"
+ "DHE-RSA-AES256-GCM-SHA384:"
+ "ECDHE-RSA-AES256-SHA384:"
+ "HIGH:!aNULL:!eNULL:!EXPORT:"
+ "!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:"
+ "!SHA1:!DHE-RSA-AES128-GCM-SHA256:"
+ "!DHE-RSA-AES128-SHA256:"
+ "!AES128-GCM-SHA256:"
+ "!AES128-SHA256:"
+ "!DHE-RSA-AES256-SHA256:"
+ "!AES256-GCM-SHA384:"
+ "!AES256-SHA256";
+ a->info->keepalive_timeout = 5;
+ }
+
+ if (reason == LEJPCB_OBJECT_START &&
+ ctx->path_match == LEJPVP_MOUNTS + 1) {
+ a->fresh_mount = 1;
+ memset(&a->m, 0, sizeof(a->m));
+ }
+
+ /* this catches, eg, vhosts[].ws-protocols[].xxx-protocol */
+ if (reason == LEJPCB_OBJECT_START &&
+ ctx->path_match == LEJPVP_PROTOCOL_NAME + 1) {
+ a->pvo = lwsws_align(a);
+ a->p += sizeof(*a->pvo);
+
+ n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p);
+ /* ie, enable this protocol, no options yet */
+ a->pvo->next = a->info->pvo;
+ a->info->pvo = a->pvo;
+ a->pvo->name = a->p;
+ lwsl_info(" adding protocol %s\n", a->p);
+ a->p += n;
+ a->pvo->value = a->p;
+ a->pvo->options = NULL;
+ goto dostring;
+ }
+
+ /* this catches, eg, vhosts[].headers[].xxx */
+ if ((reason == LEJPCB_VAL_STR_END || reason == LEJPCB_VAL_STR_CHUNK) &&
+ ctx->path_match == LEJPVP_HEADERS_NAME + 1) {
+ if (!a->chunk) {
+ headers = lwsws_align(a);
+ a->p += sizeof(*headers);
+
+ n = lejp_get_wildcard(ctx, 0, a->p,
+ lws_ptr_diff(a->end, a->p));
+ /* ie, add this header */
+ headers->next = a->info->headers;
+ a->info->headers = headers;
+ headers->name = a->p;
+
+ lwsl_notice(" adding header %s=%s\n", a->p, ctx->buf);
+ a->p += n - 1;
+ *(a->p++) = ':';
+ if (a->p < a->end)
+ *(a->p++) = '\0';
+ else
+ *(a->p - 1) = '\0';
+ headers->value = a->p;
+ headers->options = NULL;
+ }
+ a->chunk = reason == LEJPCB_VAL_STR_CHUNK;
+ goto dostring;
+ }
+
+ if (reason == LEJPCB_OBJECT_END &&
+ (ctx->path_match == LEJPVP + 1 || !ctx->path[0]) &&
+ a->valid) {
+
+ struct lws_vhost *vhost;
+
+ //lwsl_notice("%s\n", ctx->path);
+ if (!a->info->port) {
+ lwsl_err("Port required (eg, 443)");
+ return 1;
+ }
+ a->valid = 0;
+ a->info->mounts = a->head;
+
+ vhost = lws_create_vhost(a->context, a->info);
+ if (!vhost) {
+ lwsl_err("Failed to create vhost %s\n",
+ a->info->vhost_name);
+ return 1;
+ }
+ a->any_vhosts = 1;
+
+#if defined(LWS_WITH_TLS)
+ if (a->enable_client_ssl) {
+ const char *cert_filepath = a->info->client_ssl_cert_filepath;
+ const char *private_key_filepath = a->info->client_ssl_private_key_filepath;
+ const char *ca_filepath = a->info->client_ssl_ca_filepath;
+ const char *cipher_list = a->info->client_ssl_cipher_list;
+ memset(a->info, 0, sizeof(*a->info));
+ a->info->client_ssl_cert_filepath = cert_filepath;
+ a->info->client_ssl_private_key_filepath = private_key_filepath;
+ a->info->client_ssl_ca_filepath = ca_filepath;
+ a->info->client_ssl_cipher_list = cipher_list;
+ a->info->options = LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT;
+ lws_init_vhost_client_ssl(a->info, vhost);
+ }
+#endif
+
+ return 0;
+ }
+
+ if (reason == LEJPCB_OBJECT_END &&
+ ctx->path_match == LEJPVP_MOUNTS + 1) {
+ static const char * const mount_protocols[] = {
+ "http://",
+ "https://",
+ "file://",
+ "cgi://",
+ ">http://",
+ ">https://",
+ "callback://",
+ "gzip://",
+ };
+
+ if (!a->fresh_mount)
+ return 0;
+
+ if (!a->m.mountpoint || !a->m.origin) {
+ lwsl_err("mountpoint and origin required\n");
+ return 1;
+ }
+ lwsl_debug("adding mount %s\n", a->m.mountpoint);
+ m = lwsws_align(a);
+ memcpy(m, &a->m, sizeof(*m));
+ if (a->last)
+ a->last->mount_next = m;
+
+ for (n = 0; n < (int)LWS_ARRAY_SIZE(mount_protocols); n++)
+ if (!strncmp(a->m.origin, mount_protocols[n],
+ strlen(mount_protocols[n]))) {
+ lwsl_info("----%s\n", a->m.origin);
+ m->origin_protocol = n;
+ m->origin = a->m.origin +
+ strlen(mount_protocols[n]);
+ break;
+ }
+
+ if (n == (int)LWS_ARRAY_SIZE(mount_protocols)) {
+ lwsl_err("unsupported protocol:// %s\n", a->m.origin);
+ return 1;
+ }
+
+ a->p += sizeof(*m);
+ if (!a->head)
+ a->head = m;
+
+ a->last = m;
+ a->fresh_mount = 0;
+ }
+
+ /* we only match on the prepared path strings */
+ if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match)
+ return 0;
+
+ switch (ctx->path_match - 1) {
+ case LEJPVP_NAME:
+ a->info->vhost_name = a->p;
+ break;
+ case LEJPVP_PORT:
+ a->info->port = atoi(ctx->buf);
+ return 0;
+ case LEJPVP_INTERFACE:
+ a->info->iface = a->p;
+ break;
+ case LEJPVP_UNIXSKT:
+ if (arg_to_bool(ctx->buf))
+ a->info->options |= LWS_SERVER_OPTION_UNIX_SOCK;
+ else
+ a->info->options &= ~(LWS_SERVER_OPTION_UNIX_SOCK);
+ return 0;
+ case LEJPVP_STS:
+ if (arg_to_bool(ctx->buf))
+ a->info->options |= LWS_SERVER_OPTION_STS;
+ else
+ a->info->options &= ~(LWS_SERVER_OPTION_STS);
+ return 0;
+ case LEJPVP_HOST_SSL_KEY:
+ a->info->ssl_private_key_filepath = a->p;
+ break;
+ case LEJPVP_HOST_SSL_CERT:
+ a->info->ssl_cert_filepath = a->p;
+ break;
+ case LEJPVP_HOST_SSL_CA:
+ a->info->ssl_ca_filepath = a->p;
+ break;
+ case LEJPVP_ACCESS_LOG:
+ a->info->log_filepath = a->p;
+ break;
+ case LEJPVP_MOUNTPOINT:
+ a->m.mountpoint = a->p;
+ a->m.mountpoint_len = (unsigned char)strlen(ctx->buf);
+ break;
+ case LEJPVP_ORIGIN:
+ if (!strncmp(ctx->buf, "callback://", 11))
+ a->m.protocol = a->p + 11;
+
+ if (!a->m.origin)
+ a->m.origin = a->p;
+ break;
+ case LEJPVP_DEFAULT:
+ a->m.def = a->p;
+ break;
+ case LEJPVP_DEFAULT_AUTH_MASK:
+ a->m.auth_mask = atoi(ctx->buf);
+ return 0;
+ case LEJPVP_MOUNT_CACHE_MAX_AGE:
+ a->m.cache_max_age = atoi(ctx->buf);
+ return 0;
+ case LEJPVP_MOUNT_CACHE_REUSE:
+ a->m.cache_reusable = arg_to_bool(ctx->buf);
+ return 0;
+ case LEJPVP_MOUNT_CACHE_REVALIDATE:
+ a->m.cache_revalidate = arg_to_bool(ctx->buf);
+ return 0;
+ case LEJPVP_MOUNT_CACHE_INTERMEDIARIES:
+ a->m.cache_intermediaries = arg_to_bool(ctx->buf);;
+ return 0;
+ case LEJPVP_MOUNT_BASIC_AUTH:
+ a->m.basic_auth_login_file = a->p;
+ break;
+ case LEJPVP_CGI_TIMEOUT:
+ a->m.cgi_timeout = atoi(ctx->buf);
+ return 0;
+ case LEJPVP_KEEPALIVE_TIMEOUT:
+ a->info->keepalive_timeout = atoi(ctx->buf);
+ return 0;
+#if defined(LWS_WITH_TLS)
+ case LEJPVP_CLIENT_CIPHERS:
+ a->info->client_ssl_cipher_list = a->p;
+ break;
+#endif
+ case LEJPVP_CIPHERS:
+ a->info->ssl_cipher_list = a->p;
+ break;
+ case LEJPVP_ECDH_CURVE:
+ a->info->ecdh_curve = a->p;
+ break;
+ case LEJPVP_PMO:
+ case LEJPVP_CGI_ENV:
+ mp_cgienv = lwsws_align(a);
+ a->p += sizeof(*a->m.cgienv);
+
+ mp_cgienv->next = a->m.cgienv;
+ a->m.cgienv = mp_cgienv;
+
+ n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p);
+ mp_cgienv->name = a->p;
+ a->p += n;
+ mp_cgienv->value = a->p;
+ mp_cgienv->options = NULL;
+ //lwsl_notice(" adding pmo / cgi-env '%s' = '%s'\n", mp_cgienv->name,
+ // mp_cgienv->value);
+ goto dostring;
+
+ case LEJPVP_PROTOCOL_NAME_OPT:
+ /* this catches, eg,
+ * vhosts[].ws-protocols[].xxx-protocol.yyy-option
+ * ie, these are options attached to a protocol with { }
+ */
+ pvo = lwsws_align(a);
+ a->p += sizeof(*a->pvo);
+
+ n = lejp_get_wildcard(ctx, 1, a->p, a->end - a->p);
+ /* ie, enable this protocol, no options yet */
+ pvo->next = a->pvo->options;
+ a->pvo->options = pvo;
+ pvo->name = a->p;
+ a->p += n;
+ pvo->value = a->p;
+ pvo->options = NULL;
+ break;
+
+ case LEJPVP_MOUNT_EXTRA_MIMETYPES:
+ a->pvo_em = lwsws_align(a);
+ a->p += sizeof(*a->pvo_em);
+
+ n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p);
+ /* ie, enable this protocol, no options yet */
+ a->pvo_em->next = a->m.extra_mimetypes;
+ a->m.extra_mimetypes = a->pvo_em;
+ a->pvo_em->name = a->p;
+ lwsl_notice(" adding extra-mimetypes %s -> %s\n", a->p, ctx->buf);
+ a->p += n;
+ a->pvo_em->value = a->p;
+ a->pvo_em->options = NULL;
+ break;
+
+ case LEJPVP_MOUNT_INTERPRET:
+ a->pvo_int = lwsws_align(a);
+ a->p += sizeof(*a->pvo_int);
+
+ n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p);
+ /* ie, enable this protocol, no options yet */
+ a->pvo_int->next = a->m.interpret;
+ a->m.interpret = a->pvo_int;
+ a->pvo_int->name = a->p;
+ lwsl_notice(" adding interpret %s -> %s\n", a->p,
+ ctx->buf);
+ a->p += n;
+ a->pvo_int->value = a->p;
+ a->pvo_int->options = NULL;
+ break;
+
+ case LEJPVP_ENABLE_CLIENT_SSL:
+ a->enable_client_ssl = arg_to_bool(ctx->buf);
+ return 0;
+#if defined(LWS_WITH_TLS)
+ case LEJPVP_CLIENT_SSL_KEY:
+ a->info->client_ssl_private_key_filepath = a->p;
+ break;
+ case LEJPVP_CLIENT_SSL_CERT:
+ a->info->client_ssl_cert_filepath = a->p;
+ break;
+ case LEJPVP_CLIENT_SSL_CA:
+ a->info->client_ssl_ca_filepath = a->p;
+ break;
+#endif
+
+ case LEJPVP_NOIPV6:
+ if (arg_to_bool(ctx->buf))
+ a->info->options |= LWS_SERVER_OPTION_DISABLE_IPV6;
+ else
+ a->info->options &= ~(LWS_SERVER_OPTION_DISABLE_IPV6);
+ return 0;
+
+ case LEJPVP_FLAG_ONLYRAW:
+ if (arg_to_bool(ctx->buf))
+ a->info->options |= LWS_SERVER_OPTION_ONLY_RAW;
+ else
+ a->info->options &= ~(LWS_SERVER_OPTION_ONLY_RAW);
+ return 0;
+
+ case LEJPVP_IPV6ONLY:
+ a->info->options |= LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY;
+ if (arg_to_bool(ctx->buf))
+ a->info->options |= LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE;
+ else
+ a->info->options &= ~(LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE);
+ return 0;
+
+ case LEJPVP_FLAG_CLIENT_CERT_REQUIRED:
+ if (arg_to_bool(ctx->buf))
+ a->info->options |=
+ LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT;
+ return 0;
+
+ case LEJPVP_IGNORE_MISSING_CERT:
+ if (arg_to_bool(ctx->buf))
+ a->info->options |= LWS_SERVER_OPTION_IGNORE_MISSING_CERT;
+ else
+ a->info->options &= ~(LWS_SERVER_OPTION_IGNORE_MISSING_CERT);
+
+ return 0;
+
+ case LEJPVP_ERROR_DOCUMENT_404:
+ a->info->error_document_404 = a->p;
+ break;
+
+ case LEJPVP_SSL_OPTION_SET:
+ a->info->ssl_options_set |= atol(ctx->buf);
+ return 0;
+ case LEJPVP_SSL_OPTION_CLEAR:
+ a->info->ssl_options_clear |= atol(ctx->buf);
+ return 0;
+
+ case LEJPVP_ALPN:
+ a->info->alpn = a->p;
+ break;
+
+ default:
+ return 0;
+ }
+
+dostring:
+ p = ctx->buf;
+ p[LEJP_STRING_CHUNK] = '\0';
+ p1 = strstr(p, ESC_INSTALL_DATADIR);
+ if (p1) {
+ n = p1 - p;
+ if (n > a->end - a->p)
+ n = a->end - a->p;
+ lws_strncpy(a->p, p, n + 1);
+ a->p += n;
+ a->p += lws_snprintf(a->p, a->end - a->p, "%s", LWS_INSTALL_DATADIR);
+ p += n + strlen(ESC_INSTALL_DATADIR);
+ }
+
+ a->p += lws_snprintf(a->p, a->end - a->p, "%s", p);
+ if (reason == LEJPCB_VAL_STR_END)
+ *(a->p)++ = '\0';
+
+ return 0;
+}
+
+/*
+ * returns 0 = OK, 1 = can't open, 2 = parsing error
+ */
+
+static int
+lwsws_get_config(void *user, const char *f, const char * const *paths,
+ int count_paths, lejp_callback cb)
+{
+ unsigned char buf[128];
+ struct lejp_ctx ctx;
+ int n, m, fd;
+
+ fd = lws_open(f, O_RDONLY);
+ if (fd < 0) {
+ lwsl_err("Cannot open %s\n", f);
+ return 2;
+ }
+ lwsl_info("%s: %s\n", __func__, f);
+ lejp_construct(&ctx, cb, user, paths, count_paths);
+
+ do {
+ n = read(fd, buf, sizeof(buf));
+ if (!n)
+ break;
+
+ m = (int)(signed char)lejp_parse(&ctx, buf, n);
+ } while (m == LEJP_CONTINUE);
+
+ close(fd);
+ n = ctx.line;
+ lejp_destruct(&ctx);
+
+ if (m < 0) {
+ lwsl_err("%s(%u): parsing error %d: %s\n", f, n, m,
+ parser_errs[-m]);
+ return 2;
+ }
+
+ return 0;
+}
+
+#if defined(LWS_WITH_LIBUV) && UV_VERSION_MAJOR > 0
+
+static int
+lwsws_get_config_d(void *user, const char *d, const char * const *paths,
+ int count_paths, lejp_callback cb)
+{
+ uv_dirent_t dent;
+ uv_fs_t req;
+ char path[256];
+ int ret = 0, ir;
+ uv_loop_t loop;
+
+ ir = uv_loop_init(&loop);
+ if (ir) {
+ lwsl_err("%s: loop init failed %d\n", __func__, ir);
+ }
+
+ if (!uv_fs_scandir(&loop, &req, d, 0, NULL)) {
+ lwsl_err("Scandir on %s failed\n", d);
+ return 2;
+ }
+
+ while (uv_fs_scandir_next(&req, &dent) != UV_EOF) {
+ lws_snprintf(path, sizeof(path) - 1, "%s/%s", d, dent.name);
+ ret = lwsws_get_config(user, path, paths, count_paths, cb);
+ if (ret)
+ goto bail;
+ }
+
+bail:
+ uv_fs_req_cleanup(&req);
+ while (uv_loop_close(&loop))
+ ;
+
+ return ret;
+}
+
+#else
+
+#ifndef _WIN32
+static int filter(const struct dirent *ent)
+{
+ if (!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, ".."))
+ return 0;
+
+ return 1;
+}
+#endif
+
+static int
+lwsws_get_config_d(void *user, const char *d, const char * const *paths,
+ int count_paths, lejp_callback cb)
+{
+#ifndef _WIN32
+ struct dirent **namelist;
+ char path[256];
+ int n, i, ret = 0;
+
+ n = scandir(d, &namelist, filter, alphasort);
+ if (n < 0) {
+ lwsl_err("Scandir on %s failed\n", d);
+ return 1;
+ }
+
+ for (i = 0; i < n; i++) {
+ if (strchr(namelist[i]->d_name, '~'))
+ goto skip;
+ lws_snprintf(path, sizeof(path) - 1, "%s/%s", d,
+ namelist[i]->d_name);
+ ret = lwsws_get_config(user, path, paths, count_paths, cb);
+ if (ret) {
+ while (i++ < n)
+ free(namelist[i]);
+ goto bail;
+ }
+skip:
+ free(namelist[i]);
+ }
+
+bail:
+ free(namelist);
+
+ return ret;
+#else
+ return 0;
+#endif
+}
+
+#endif
+
+int
+lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d,
+ char **cs, int *len)
+{
+ struct jpargs a;
+ const char * const *old = info->plugin_dirs;
+ char dd[128];
+
+ memset(&a, 0, sizeof(a));
+
+ a.info = info;
+ a.p = *cs;
+ a.end = (a.p + *len) - 1;
+ a.valid = 0;
+
+ lwsws_align(&a);
+ info->plugin_dirs = (void *)a.p;
+ a.plugin_dirs = (void *)a.p; /* writeable version */
+ a.p += MAX_PLUGIN_DIRS * sizeof(void *);
+
+ /* copy any default paths */
+
+ while (old && *old) {
+ a.plugin_dirs[a.count_plugin_dirs++] = *old;
+ old++;
+ }
+
+ lws_snprintf(dd, sizeof(dd) - 1, "%s/conf", d);
+ if (lwsws_get_config(&a, dd, paths_global,
+ LWS_ARRAY_SIZE(paths_global), lejp_globals_cb) > 1)
+ return 1;
+ lws_snprintf(dd, sizeof(dd) - 1, "%s/conf.d", d);
+ if (lwsws_get_config_d(&a, dd, paths_global,
+ LWS_ARRAY_SIZE(paths_global), lejp_globals_cb) > 1)
+ return 1;
+
+ a.plugin_dirs[a.count_plugin_dirs] = NULL;
+
+ *cs = a.p;
+ *len = a.end - a.p;
+
+ return 0;
+}
+
+int
+lwsws_get_config_vhosts(struct lws_context *context,
+ struct lws_context_creation_info *info, const char *d,
+ char **cs, int *len)
+{
+ struct jpargs a;
+ char dd[128];
+
+ memset(&a, 0, sizeof(a));
+
+ a.info = info;
+ a.p = *cs;
+ a.end = a.p + *len;
+ a.valid = 0;
+ a.context = context;
+ a.protocols = info->protocols;
+ a.extensions = info->extensions;
+
+ lws_snprintf(dd, sizeof(dd) - 1, "%s/conf", d);
+ if (lwsws_get_config(&a, dd, paths_vhosts,
+ LWS_ARRAY_SIZE(paths_vhosts), lejp_vhosts_cb) > 1)
+ return 1;
+ lws_snprintf(dd, sizeof(dd) - 1, "%s/conf.d", d);
+ if (lwsws_get_config_d(&a, dd, paths_vhosts,
+ LWS_ARRAY_SIZE(paths_vhosts), lejp_vhosts_cb) > 1)
+ return 1;
+
+ *cs = a.p;
+ *len = a.end - a.p;
+
+ if (!a.any_vhosts) {
+ lwsl_err("Need at least one vhost\n");
+ return 1;
+ }
+
+// lws_finalize_startup(context);
+
+ return 0;
+}
diff --git a/thirdparty/libwebsockets/roles/http/server/parsers.c b/thirdparty/libwebsockets/roles/http/server/parsers.c
new file mode 100644
index 0000000000..482bdc676a
--- /dev/null
+++ b/thirdparty/libwebsockets/roles/http/server/parsers.c
@@ -0,0 +1,1137 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation:
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301 USA
+ */
+
+#include "core/private.h"
+
+static const unsigned char lextable[] = {
+ #include "../lextable.h"
+};
+
+#define FAIL_CHAR 0x08
+
+static struct allocated_headers *
+_lws_create_ah(struct lws_context_per_thread *pt, ah_data_idx_t data_size)
+{
+ struct allocated_headers *ah = lws_zalloc(sizeof(*ah), "ah struct");
+
+ if (!ah)
+ return NULL;
+
+ ah->data = lws_malloc(data_size, "ah data");
+ if (!ah->data) {
+ lws_free(ah);
+
+ return NULL;
+ }
+ ah->next = pt->http.ah_list;
+ pt->http.ah_list = ah;
+ ah->data_length = data_size;
+ pt->http.ah_pool_length++;
+
+ lwsl_info("%s: created ah %p (size %d): pool length %d\n", __func__,
+ ah, (int)data_size, pt->http.ah_pool_length);
+
+ return ah;
+}
+
+int
+_lws_destroy_ah(struct lws_context_per_thread *pt, struct allocated_headers *ah)
+{
+ lws_start_foreach_llp(struct allocated_headers **, a, pt->http.ah_list) {
+ if ((*a) == ah) {
+ *a = ah->next;
+ pt->http.ah_pool_length--;
+ lwsl_info("%s: freed ah %p : pool length %d\n",
+ __func__, ah, pt->http.ah_pool_length);
+ if (ah->data)
+ lws_free(ah->data);
+ lws_free(ah);
+
+ return 0;
+ }
+ } lws_end_foreach_llp(a, next);
+
+ return 1;
+}
+
+void
+_lws_header_table_reset(struct allocated_headers *ah)
+{
+ /* init the ah to reflect no headers or data have appeared yet */
+ memset(ah->frag_index, 0, sizeof(ah->frag_index));
+ memset(ah->frags, 0, sizeof(ah->frags));
+ ah->nfrag = 0;
+ ah->pos = 0;
+ ah->http_response = 0;
+ ah->parser_state = WSI_TOKEN_NAME_PART;
+ ah->lextable_pos = 0;
+}
+
+// doesn't scrub the ah rxbuffer by default, parent must do if needed
+
+void
+__lws_header_table_reset(struct lws *wsi, int autoservice)
+{
+ struct allocated_headers *ah = wsi->http.ah;
+ struct lws_context_per_thread *pt;
+ struct lws_pollfd *pfd;
+
+ /* if we have the idea we're resetting 'our' ah, must be bound to one */
+ assert(ah);
+ /* ah also concurs with ownership */
+ assert(ah->wsi == wsi);
+
+ _lws_header_table_reset(ah);
+
+ /* since we will restart the ah, our new headers are not completed */
+ wsi->hdr_parsing_completed = 0;
+
+ /* while we hold the ah, keep a timeout on the wsi */
+ __lws_set_timeout(wsi, PENDING_TIMEOUT_HOLDING_AH,
+ wsi->vhost->timeout_secs_ah_idle);
+
+ time(&ah->assigned);
+
+ if (wsi->position_in_fds_table != LWS_NO_FDS_POS &&
+ lws_buflist_next_segment_len(&wsi->buflist, NULL) &&
+ autoservice) {
+ lwsl_debug("%s: service on readbuf ah\n", __func__);
+
+ pt = &wsi->context->pt[(int)wsi->tsi];
+ /*
+ * Unlike a normal connect, we have the headers already
+ * (or the first part of them anyway)
+ */
+ pfd = &pt->fds[wsi->position_in_fds_table];
+ pfd->revents |= LWS_POLLIN;
+ lwsl_err("%s: calling service\n", __func__);
+ lws_service_fd_tsi(wsi->context, pfd, wsi->tsi);
+ }
+}
+
+void
+lws_header_table_reset(struct lws *wsi, int autoservice)
+{
+ struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+
+ lws_pt_lock(pt, __func__);
+
+ __lws_header_table_reset(wsi, autoservice);
+
+ lws_pt_unlock(pt);
+}
+
+static void
+_lws_header_ensure_we_are_on_waiting_list(struct lws *wsi)
+{
+ struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+ struct lws_pollargs pa;
+ struct lws **pwsi = &pt->http.ah_wait_list;
+
+ while (*pwsi) {
+ if (*pwsi == wsi)
+ return;
+ pwsi = &(*pwsi)->http.ah_wait_list;
+ }
+
+ lwsl_info("%s: wsi: %p\n", __func__, wsi);
+ wsi->http.ah_wait_list = pt->http.ah_wait_list;
+ pt->http.ah_wait_list = wsi;
+ pt->http.ah_wait_list_length++;
+
+ /* we cannot accept input then */
+
+ _lws_change_pollfd(wsi, LWS_POLLIN, 0, &pa);
+}
+
+static int
+__lws_remove_from_ah_waiting_list(struct lws *wsi)
+{
+ struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+ struct lws **pwsi =&pt->http.ah_wait_list;
+
+ while (*pwsi) {
+ if (*pwsi == wsi) {
+ lwsl_info("%s: wsi %p\n", __func__, wsi);
+ /* point prev guy to our next */
+ *pwsi = wsi->http.ah_wait_list;
+ /* we shouldn't point anywhere now */
+ wsi->http.ah_wait_list = NULL;
+ pt->http.ah_wait_list_length--;
+
+ return 1;
+ }
+ pwsi = &(*pwsi)->http.ah_wait_list;
+ }
+
+ return 0;
+}
+
+int LWS_WARN_UNUSED_RESULT
+lws_header_table_attach(struct lws *wsi, int autoservice)
+{
+ struct lws_context *context = wsi->context;
+ struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+ struct lws_pollargs pa;
+ int n;
+
+ lwsl_info("%s: wsi %p: ah %p (tsi %d, count = %d) in\n", __func__,
+ (void *)wsi, (void *)wsi->http.ah, wsi->tsi,
+ pt->http.ah_count_in_use);
+
+ lws_pt_lock(pt, __func__);
+
+ /* if we are already bound to one, just clear it down */
+ if (wsi->http.ah) {
+ lwsl_info("%s: cleardown\n", __func__);
+ goto reset;
+ }
+
+ n = pt->http.ah_count_in_use == context->max_http_header_pool;
+#if defined(LWS_WITH_PEER_LIMITS)
+ if (!n) {
+ n = lws_peer_confirm_ah_attach_ok(context, wsi->peer);
+ if (n)
+ lws_stats_atomic_bump(wsi->context, pt,
+ LWSSTATS_C_PEER_LIMIT_AH_DENIED, 1);
+ }
+#endif
+ if (n) {
+ /*
+ * Pool is either all busy, or we don't want to give this
+ * particular guy an ah right now...
+ *
+ * Make sure we are on the waiting list, and return that we
+ * weren't able to provide the ah
+ */
+ _lws_header_ensure_we_are_on_waiting_list(wsi);
+
+ goto bail;
+ }
+
+ __lws_remove_from_ah_waiting_list(wsi);
+
+ wsi->http.ah = _lws_create_ah(pt, context->max_http_header_data);
+ if (!wsi->http.ah) { /* we could not create an ah */
+ _lws_header_ensure_we_are_on_waiting_list(wsi);
+
+ goto bail;
+ }
+
+ wsi->http.ah->in_use = 1;
+ wsi->http.ah->wsi = wsi; /* mark our owner */
+ pt->http.ah_count_in_use++;
+
+#if defined(LWS_WITH_PEER_LIMITS) && (defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2))
+ lws_context_lock(context); /* <====================================== */
+ if (wsi->peer)
+ wsi->peer->http.count_ah++;
+ lws_context_unlock(context); /* ====================================> */
+#endif
+
+ _lws_change_pollfd(wsi, 0, LWS_POLLIN, &pa);
+
+ lwsl_info("%s: did attach wsi %p: ah %p: count %d (on exit)\n", __func__,
+ (void *)wsi, (void *)wsi->http.ah, pt->http.ah_count_in_use);
+
+reset:
+ __lws_header_table_reset(wsi, autoservice);
+
+ lws_pt_unlock(pt);
+
+#ifndef LWS_NO_CLIENT
+ if (lwsi_role_client(wsi) && lwsi_state(wsi) == LRS_UNCONNECTED)
+ if (!lws_client_connect_via_info2(wsi))
+ /* our client connect has failed, the wsi
+ * has been closed
+ */
+ return -1;
+#endif
+
+ return 0;
+
+bail:
+ lws_pt_unlock(pt);
+
+ return 1;
+}
+
+int __lws_header_table_detach(struct lws *wsi, int autoservice)
+{
+ struct lws_context *context = wsi->context;
+ struct allocated_headers *ah = wsi->http.ah;
+ struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+ struct lws_pollargs pa;
+ struct lws **pwsi, **pwsi_eligible;
+ time_t now;
+
+ __lws_remove_from_ah_waiting_list(wsi);
+
+ if (!ah)
+ return 0;
+
+ lwsl_info("%s: wsi %p: ah %p (tsi=%d, count = %d)\n", __func__,
+ (void *)wsi, (void *)ah, wsi->tsi,
+ pt->http.ah_count_in_use);
+
+ /* we did have an ah attached */
+ time(&now);
+ if (ah->assigned && now - ah->assigned > 3) {
+ /*
+ * we're detaching the ah, but it was held an
+ * unreasonably long time
+ */
+ lwsl_debug("%s: wsi %p: ah held %ds, role/state 0x%x 0x%x,"
+ "\n", __func__, wsi, (int)(now - ah->assigned),
+ lwsi_role(wsi), lwsi_state(wsi));
+ }
+
+ ah->assigned = 0;
+
+ /* if we think we're detaching one, there should be one in use */
+ assert(pt->http.ah_count_in_use > 0);
+ /* and this specific one should have been in use */
+ assert(ah->in_use);
+ memset(&wsi->http.ah, 0, sizeof(wsi->http.ah));
+
+#if defined(LWS_WITH_PEER_LIMITS)
+ if (ah->wsi)
+ lws_peer_track_ah_detach(context, wsi->peer);
+#endif
+ ah->wsi = NULL; /* no owner */
+
+ pwsi = &pt->http.ah_wait_list;
+
+ /* oh there is nobody on the waiting list... leave the ah unattached */
+ if (!*pwsi)
+ goto nobody_usable_waiting;
+
+ /*
+ * at least one wsi on the same tsi is waiting, give it to oldest guy
+ * who is allowed to take it (if any)
+ */
+ lwsl_info("pt wait list %p\n", *pwsi);
+ wsi = NULL;
+ pwsi_eligible = NULL;
+
+ while (*pwsi) {
+#if defined(LWS_WITH_PEER_LIMITS)
+ /* are we willing to give this guy an ah? */
+ if (!lws_peer_confirm_ah_attach_ok(context, (*pwsi)->peer))
+#endif
+ {
+ wsi = *pwsi;
+ pwsi_eligible = pwsi;
+ }
+#if defined(LWS_WITH_PEER_LIMITS)
+ else
+ if (!(*pwsi)->http.ah_wait_list)
+ lws_stats_atomic_bump(context, pt,
+ LWSSTATS_C_PEER_LIMIT_AH_DENIED, 1);
+#endif
+ pwsi = &(*pwsi)->http.ah_wait_list;
+ }
+
+ if (!wsi) /* everybody waiting already has too many ah... */
+ goto nobody_usable_waiting;
+
+ lwsl_info("%s: transferring ah to last eligible wsi in wait list %p (wsistate 0x%x)\n", __func__, wsi, wsi->wsistate);
+
+ wsi->http.ah = ah;
+ ah->wsi = wsi; /* new owner */
+
+ __lws_header_table_reset(wsi, autoservice);
+#if defined(LWS_WITH_PEER_LIMITS) && (defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2))
+ lws_context_lock(context); /* <====================================== */
+ if (wsi->peer)
+ wsi->peer->http.count_ah++;
+ lws_context_unlock(context); /* ====================================> */
+#endif
+
+ /* clients acquire the ah and then insert themselves in fds table... */
+ if (wsi->position_in_fds_table != LWS_NO_FDS_POS) {
+ lwsl_info("%s: Enabling %p POLLIN\n", __func__, wsi);
+
+ /* he has been stuck waiting for an ah, but now his wait is
+ * over, let him progress */
+
+ _lws_change_pollfd(wsi, 0, LWS_POLLIN, &pa);
+ }
+
+ /* point prev guy to next guy in list instead */
+ *pwsi_eligible = wsi->http.ah_wait_list;
+ /* the guy who got one is out of the list */
+ wsi->http.ah_wait_list = NULL;
+ pt->http.ah_wait_list_length--;
+
+#ifndef LWS_NO_CLIENT
+ if (lwsi_role_client(wsi) && lwsi_state(wsi) == LRS_UNCONNECTED) {
+ lws_pt_unlock(pt);
+
+ if (!lws_client_connect_via_info2(wsi)) {
+ /* our client connect has failed, the wsi
+ * has been closed
+ */
+
+ return -1;
+ }
+ return 0;
+ }
+#endif
+
+ assert(!!pt->http.ah_wait_list_length == !!(lws_intptr_t)pt->http.ah_wait_list);
+bail:
+ lwsl_info("%s: wsi %p: ah %p (tsi=%d, count = %d)\n", __func__,
+ (void *)wsi, (void *)ah, pt->tid, pt->http.ah_count_in_use);
+
+ return 0;
+
+nobody_usable_waiting:
+ lwsl_info("%s: nobody usable waiting\n", __func__);
+ _lws_destroy_ah(pt, ah);
+ pt->http.ah_count_in_use--;
+
+ goto bail;
+}
+
+int lws_header_table_detach(struct lws *wsi, int autoservice)
+{
+ struct lws_context *context = wsi->context;
+ struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+ int n;
+
+ lws_pt_lock(pt, __func__);
+ n = __lws_header_table_detach(wsi, autoservice);
+ lws_pt_unlock(pt);
+
+ return n;
+}
+
+LWS_VISIBLE int
+lws_hdr_fragment_length(struct lws *wsi, enum lws_token_indexes h, int frag_idx)
+{
+ int n;
+
+ if (!wsi->http.ah)
+ return 0;
+
+ n = wsi->http.ah->frag_index[h];
+ if (!n)
+ return 0;
+ do {
+ if (!frag_idx)
+ return wsi->http.ah->frags[n].len;
+ n = wsi->http.ah->frags[n].nfrag;
+ } while (frag_idx-- && n);
+
+ return 0;
+}
+
+LWS_VISIBLE int lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h)
+{
+ int n;
+ int len = 0;
+
+ if (!wsi->http.ah)
+ return 0;
+
+ n = wsi->http.ah->frag_index[h];
+ if (!n)
+ return 0;
+ do {
+ len += wsi->http.ah->frags[n].len;
+ n = wsi->http.ah->frags[n].nfrag;
+ } while (n);
+
+ return len;
+}
+
+LWS_VISIBLE int lws_hdr_copy_fragment(struct lws *wsi, char *dst, int len,
+ enum lws_token_indexes h, int frag_idx)
+{
+ int n = 0;
+ int f;
+
+ if (!wsi->http.ah)
+ return -1;
+
+ f = wsi->http.ah->frag_index[h];
+
+ if (!f)
+ return -1;
+
+ while (n < frag_idx) {
+ f = wsi->http.ah->frags[f].nfrag;
+ if (!f)
+ return -1;
+ n++;
+ }
+
+ if (wsi->http.ah->frags[f].len >= len)
+ return -1;
+
+ memcpy(dst, wsi->http.ah->data + wsi->http.ah->frags[f].offset,
+ wsi->http.ah->frags[f].len);
+ dst[wsi->http.ah->frags[f].len] = '\0';
+
+ return wsi->http.ah->frags[f].len;
+}
+
+LWS_VISIBLE int lws_hdr_copy(struct lws *wsi, char *dst, int len,
+ enum lws_token_indexes h)
+{
+ int toklen = lws_hdr_total_length(wsi, h);
+ int n;
+
+ if (toklen >= len)
+ return -1;
+
+ if (!wsi->http.ah)
+ return -1;
+
+ n = wsi->http.ah->frag_index[h];
+ if (!n)
+ return 0;
+
+ do {
+ if (wsi->http.ah->frags[n].len >= len)
+ return -1;
+ strncpy(dst, &wsi->http.ah->data[wsi->http.ah->frags[n].offset],
+ wsi->http.ah->frags[n].len);
+ dst += wsi->http.ah->frags[n].len;
+ len -= wsi->http.ah->frags[n].len;
+ n = wsi->http.ah->frags[n].nfrag;
+ } while (n);
+ *dst = '\0';
+
+ return toklen;
+}
+
+char *lws_hdr_simple_ptr(struct lws *wsi, enum lws_token_indexes h)
+{
+ int n;
+
+ n = wsi->http.ah->frag_index[h];
+ if (!n)
+ return NULL;
+
+ return wsi->http.ah->data + wsi->http.ah->frags[n].offset;
+}
+
+static int LWS_WARN_UNUSED_RESULT
+lws_pos_in_bounds(struct lws *wsi)
+{
+ if (wsi->http.ah->pos <
+ (unsigned int)wsi->context->max_http_header_data)
+ return 0;
+
+ if ((int)wsi->http.ah->pos == wsi->context->max_http_header_data) {
+ lwsl_err("Ran out of header data space\n");
+ return 1;
+ }
+
+ /*
+ * with these tests everywhere, it should never be able to exceed
+ * the limit, only meet it
+ */
+ lwsl_err("%s: pos %d, limit %d\n", __func__, wsi->http.ah->pos,
+ wsi->context->max_http_header_data);
+ assert(0);
+
+ return 1;
+}
+
+int LWS_WARN_UNUSED_RESULT
+lws_hdr_simple_create(struct lws *wsi, enum lws_token_indexes h, const char *s)
+{
+ wsi->http.ah->nfrag++;
+ if (wsi->http.ah->nfrag == LWS_ARRAY_SIZE(wsi->http.ah->frags)) {
+ lwsl_warn("More hdr frags than we can deal with, dropping\n");
+ return -1;
+ }
+
+ wsi->http.ah->frag_index[h] = wsi->http.ah->nfrag;
+
+ wsi->http.ah->frags[wsi->http.ah->nfrag].offset = wsi->http.ah->pos;
+ wsi->http.ah->frags[wsi->http.ah->nfrag].len = 0;
+ wsi->http.ah->frags[wsi->http.ah->nfrag].nfrag = 0;
+
+ do {
+ if (lws_pos_in_bounds(wsi))
+ return -1;
+
+ wsi->http.ah->data[wsi->http.ah->pos++] = *s;
+ if (*s)
+ wsi->http.ah->frags[wsi->http.ah->nfrag].len++;
+ } while (*s++);
+
+ return 0;
+}
+
+static int LWS_WARN_UNUSED_RESULT
+issue_char(struct lws *wsi, unsigned char c)
+{
+ unsigned short frag_len;
+
+ if (lws_pos_in_bounds(wsi))
+ return -1;
+
+ frag_len = wsi->http.ah->frags[wsi->http.ah->nfrag].len;
+ /*
+ * If we haven't hit the token limit, just copy the character into
+ * the header
+ */
+ if (frag_len < wsi->http.ah->current_token_limit) {
+ wsi->http.ah->data[wsi->http.ah->pos++] = c;
+ if (c)
+ wsi->http.ah->frags[wsi->http.ah->nfrag].len++;
+ return 0;
+ }
+
+ /* Insert a null character when we *hit* the limit: */
+ if (frag_len == wsi->http.ah->current_token_limit) {
+ if (lws_pos_in_bounds(wsi))
+ return -1;
+
+ wsi->http.ah->data[wsi->http.ah->pos++] = '\0';
+ lwsl_warn("header %i exceeds limit %d\n",
+ wsi->http.ah->parser_state,
+ wsi->http.ah->current_token_limit);
+ }
+
+ return 1;
+}
+
+int
+lws_parse_urldecode(struct lws *wsi, uint8_t *_c)
+{
+ struct allocated_headers *ah = wsi->http.ah;
+ unsigned int enc = 0;
+ uint8_t c = *_c;
+
+ // lwsl_notice("ah->ups %d\n", ah->ups);
+
+ /*
+ * PRIORITY 1
+ * special URI processing... convert %xx
+ */
+ switch (ah->ues) {
+ case URIES_IDLE:
+ if (c == '%') {
+ ah->ues = URIES_SEEN_PERCENT;
+ goto swallow;
+ }
+ break;
+ case URIES_SEEN_PERCENT:
+ if (char_to_hex(c) < 0)
+ /* illegal post-% char */
+ goto forbid;
+
+ ah->esc_stash = c;
+ ah->ues = URIES_SEEN_PERCENT_H1;
+ goto swallow;
+
+ case URIES_SEEN_PERCENT_H1:
+ if (char_to_hex(c) < 0)
+ /* illegal post-% char */
+ goto forbid;
+
+ *_c = (char_to_hex(ah->esc_stash) << 4) |
+ char_to_hex(c);
+ c = *_c;
+ enc = 1;
+ ah->ues = URIES_IDLE;
+ break;
+ }
+
+ /*
+ * PRIORITY 2
+ * special URI processing...
+ * convert /.. or /... or /../ etc to /
+ * convert /./ to /
+ * convert // or /// etc to /
+ * leave /.dir or whatever alone
+ */
+
+ switch (ah->ups) {
+ case URIPS_IDLE:
+ if (!c)
+ return -1;
+ /* genuine delimiter */
+ if ((c == '&' || c == ';') && !enc) {
+ if (issue_char(wsi, '\0') < 0)
+ return -1;
+ /* link to next fragment */
+ ah->frags[ah->nfrag].nfrag = ah->nfrag + 1;
+ ah->nfrag++;
+ if (ah->nfrag >= LWS_ARRAY_SIZE(ah->frags))
+ goto excessive;
+ /* start next fragment after the & */
+ ah->post_literal_equal = 0;
+ ah->frags[ah->nfrag].offset = ++ah->pos;
+ ah->frags[ah->nfrag].len = 0;
+ ah->frags[ah->nfrag].nfrag = 0;
+ goto swallow;
+ }
+ /* uriencoded = in the name part, disallow */
+ if (c == '=' && enc &&
+ ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS] &&
+ !ah->post_literal_equal) {
+ c = '_';
+ *_c =c;
+ }
+
+ /* after the real =, we don't care how many = */
+ if (c == '=' && !enc)
+ ah->post_literal_equal = 1;
+
+ /* + to space */
+ if (c == '+' && !enc) {
+ c = ' ';
+ *_c = c;
+ }
+ /* issue the first / always */
+ if (c == '/' && !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS])
+ ah->ups = URIPS_SEEN_SLASH;
+ break;
+ case URIPS_SEEN_SLASH:
+ /* swallow subsequent slashes */
+ if (c == '/')
+ goto swallow;
+ /* track and swallow the first . after / */
+ if (c == '.') {
+ ah->ups = URIPS_SEEN_SLASH_DOT;
+ goto swallow;
+ }
+ ah->ups = URIPS_IDLE;
+ break;
+ case URIPS_SEEN_SLASH_DOT:
+ /* swallow second . */
+ if (c == '.') {
+ ah->ups = URIPS_SEEN_SLASH_DOT_DOT;
+ goto swallow;
+ }
+ /* change /./ to / */
+ if (c == '/') {
+ ah->ups = URIPS_SEEN_SLASH;
+ goto swallow;
+ }
+ /* it was like /.dir ... regurgitate the . */
+ ah->ups = URIPS_IDLE;
+ if (issue_char(wsi, '.') < 0)
+ return -1;
+ break;
+
+ case URIPS_SEEN_SLASH_DOT_DOT:
+
+ /* /../ or /..[End of URI] --> backup to last / */
+ if (c == '/' || c == '?') {
+ /*
+ * back up one dir level if possible
+ * safe against header fragmentation because
+ * the method URI can only be in 1 fragment
+ */
+ if (ah->frags[ah->nfrag].len > 2) {
+ ah->pos--;
+ ah->frags[ah->nfrag].len--;
+ do {
+ ah->pos--;
+ ah->frags[ah->nfrag].len--;
+ } while (ah->frags[ah->nfrag].len > 1 &&
+ ah->data[ah->pos] != '/');
+ }
+ ah->ups = URIPS_SEEN_SLASH;
+ if (ah->frags[ah->nfrag].len > 1)
+ break;
+ goto swallow;
+ }
+
+ /* /..[^/] ... regurgitate and allow */
+
+ if (issue_char(wsi, '.') < 0)
+ return -1;
+ if (issue_char(wsi, '.') < 0)
+ return -1;
+ ah->ups = URIPS_IDLE;
+ break;
+ }
+
+ if (c == '?' && !enc &&
+ !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS]) { /* start of URI args */
+ if (ah->ues != URIES_IDLE)
+ goto forbid;
+
+ /* seal off uri header */
+ if (issue_char(wsi, '\0') < 0)
+ return -1;
+
+ /* move to using WSI_TOKEN_HTTP_URI_ARGS */
+ ah->nfrag++;
+ if (ah->nfrag >= LWS_ARRAY_SIZE(ah->frags))
+ goto excessive;
+ ah->frags[ah->nfrag].offset = ++ah->pos;
+ ah->frags[ah->nfrag].len = 0;
+ ah->frags[ah->nfrag].nfrag = 0;
+
+ ah->post_literal_equal = 0;
+ ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS] = ah->nfrag;
+ ah->ups = URIPS_IDLE;
+ goto swallow;
+ }
+
+ return LPUR_CONTINUE;
+
+swallow:
+ return LPUR_SWALLOW;
+
+forbid:
+ return LPUR_FORBID;
+
+excessive:
+ return LPUR_EXCESSIVE;
+}
+
+static const unsigned char methods[] = {
+ WSI_TOKEN_GET_URI,
+ WSI_TOKEN_POST_URI,
+ WSI_TOKEN_OPTIONS_URI,
+ WSI_TOKEN_PUT_URI,
+ WSI_TOKEN_PATCH_URI,
+ WSI_TOKEN_DELETE_URI,
+ WSI_TOKEN_CONNECT,
+ WSI_TOKEN_HEAD_URI,
+};
+
+/*
+ * possible returns:, -1 fail, 0 ok or 2, transition to raw
+ */
+
+int LWS_WARN_UNUSED_RESULT
+lws_parse(struct lws *wsi, unsigned char *buf, int *len)
+{
+ struct allocated_headers *ah = wsi->http.ah;
+ struct lws_context *context = wsi->context;
+ unsigned int n, m;
+ unsigned char c;
+ int r, pos;
+
+ assert(wsi->http.ah);
+
+ do {
+ (*len)--;
+ c = *buf++;
+
+ switch (ah->parser_state) {
+ default:
+
+ lwsl_parser("WSI_TOK_(%d) '%c'\n", ah->parser_state, c);
+
+ /* collect into malloc'd buffers */
+ /* optional initial space swallow */
+ if (!ah->frags[ah->frag_index[ah->parser_state]].len &&
+ c == ' ')
+ break;
+
+ for (m = 0; m < LWS_ARRAY_SIZE(methods); m++)
+ if (ah->parser_state == methods[m])
+ break;
+ if (m == LWS_ARRAY_SIZE(methods))
+ /* it was not any of the methods */
+ goto check_eol;
+
+ /* special URI processing... end at space */
+
+ if (c == ' ') {
+ /* enforce starting with / */
+ if (!ah->frags[ah->nfrag].len)
+ if (issue_char(wsi, '/') < 0)
+ return -1;
+
+ if (ah->ups == URIPS_SEEN_SLASH_DOT_DOT) {
+ /*
+ * back up one dir level if possible
+ * safe against header fragmentation because
+ * the method URI can only be in 1 fragment
+ */
+ if (ah->frags[ah->nfrag].len > 2) {
+ ah->pos--;
+ ah->frags[ah->nfrag].len--;
+ do {
+ ah->pos--;
+ ah->frags[ah->nfrag].len--;
+ } while (ah->frags[ah->nfrag].len > 1 &&
+ ah->data[ah->pos] != '/');
+ }
+ }
+
+ /* begin parsing HTTP version: */
+ if (issue_char(wsi, '\0') < 0)
+ return -1;
+ ah->parser_state = WSI_TOKEN_HTTP;
+ goto start_fragment;
+ }
+
+ r = lws_parse_urldecode(wsi, &c);
+ switch (r) {
+ case LPUR_CONTINUE:
+ break;
+ case LPUR_SWALLOW:
+ goto swallow;
+ case LPUR_FORBID:
+ goto forbid;
+ case LPUR_EXCESSIVE:
+ goto excessive;
+ default:
+ return -1;
+ }
+check_eol:
+ /* bail at EOL */
+ if (ah->parser_state != WSI_TOKEN_CHALLENGE &&
+ c == '\x0d') {
+ if (ah->ues != URIES_IDLE)
+ goto forbid;
+
+ c = '\0';
+ ah->parser_state = WSI_TOKEN_SKIPPING_SAW_CR;
+ lwsl_parser("*\n");
+ }
+
+ n = issue_char(wsi, c);
+ if ((int)n < 0)
+ return -1;
+ if (n > 0)
+ ah->parser_state = WSI_TOKEN_SKIPPING;
+
+swallow:
+ /* per-protocol end of headers management */
+
+ if (ah->parser_state == WSI_TOKEN_CHALLENGE)
+ goto set_parsing_complete;
+ break;
+
+ /* collecting and checking a name part */
+ case WSI_TOKEN_NAME_PART:
+ lwsl_parser("WSI_TOKEN_NAME_PART '%c' 0x%02X (role=0x%x) "
+ "wsi->lextable_pos=%d\n", c, c, lwsi_role(wsi),
+ ah->lextable_pos);
+
+ if (c >= 'A' && c <= 'Z')
+ c += 'a' - 'A';
+
+ pos = ah->lextable_pos;
+
+ while (1) {
+ if (lextable[pos] & (1 << 7)) { /* 1-byte, fail on mismatch */
+ if ((lextable[pos] & 0x7f) != c) {
+nope:
+ ah->lextable_pos = -1;
+ break;
+ }
+ /* fall thru */
+ pos++;
+ if (lextable[pos] == FAIL_CHAR)
+ goto nope;
+
+ ah->lextable_pos = pos;
+ break;
+ }
+
+ if (lextable[pos] == FAIL_CHAR)
+ goto nope;
+
+ /* b7 = 0, end or 3-byte */
+ if (lextable[pos] < FAIL_CHAR) { /* terminal marker */
+ ah->lextable_pos = pos;
+ break;
+ }
+
+ if (lextable[pos] == c) { /* goto */
+ ah->lextable_pos = pos + (lextable[pos + 1]) +
+ (lextable[pos + 2] << 8);
+ break;
+ }
+
+ /* fall thru goto */
+ pos += 3;
+ /* continue */
+ }
+
+ /*
+ * If it's h1, server needs to look out for unknown
+ * methods...
+ */
+ if (ah->lextable_pos < 0 && lwsi_role_h1(wsi) &&
+ lwsi_role_server(wsi)) {
+ /* this is not a header we know about */
+ for (m = 0; m < LWS_ARRAY_SIZE(methods); m++)
+ if (ah->frag_index[methods[m]]) {
+ /*
+ * already had the method, no idea what
+ * this crap from the client is, ignore
+ */
+ ah->parser_state = WSI_TOKEN_SKIPPING;
+ break;
+ }
+ /*
+ * hm it's an unknown http method from a client in fact,
+ * it cannot be valid http
+ */
+ if (m == LWS_ARRAY_SIZE(methods)) {
+ /*
+ * are we set up to accept raw in these cases?
+ */
+ if (lws_check_opt(wsi->vhost->options,
+ LWS_SERVER_OPTION_FALLBACK_TO_RAW))
+ return 2; /* transition to raw */
+
+ lwsl_info("Unknown method - dropping\n");
+ goto forbid;
+ }
+ break;
+ }
+ /*
+ * ...otherwise for a client, let him ignore unknown headers
+ * coming from the server
+ */
+ if (ah->lextable_pos < 0) {
+ ah->parser_state = WSI_TOKEN_SKIPPING;
+ break;
+ }
+
+ if (lextable[ah->lextable_pos] < FAIL_CHAR) {
+ /* terminal state */
+
+ n = ((unsigned int)lextable[ah->lextable_pos] << 8) |
+ lextable[ah->lextable_pos + 1];
+
+ lwsl_parser("known hdr %d\n", n);
+ for (m = 0; m < LWS_ARRAY_SIZE(methods); m++)
+ if (n == methods[m] &&
+ ah->frag_index[methods[m]]) {
+ lwsl_warn("Duplicated method\n");
+ return -1;
+ }
+
+ /*
+ * WSORIGIN is protocol equiv to ORIGIN,
+ * JWebSocket likes to send it, map to ORIGIN
+ */
+ if (n == WSI_TOKEN_SWORIGIN)
+ n = WSI_TOKEN_ORIGIN;
+
+ ah->parser_state = (enum lws_token_indexes)
+ (WSI_TOKEN_GET_URI + n);
+ ah->ups = URIPS_IDLE;
+
+ if (context->token_limits)
+ ah->current_token_limit = context->
+ token_limits->token_limit[
+ ah->parser_state];
+ else
+ ah->current_token_limit =
+ wsi->context->max_http_header_data;
+
+ if (ah->parser_state == WSI_TOKEN_CHALLENGE)
+ goto set_parsing_complete;
+
+ goto start_fragment;
+ }
+ break;
+
+start_fragment:
+ ah->nfrag++;
+excessive:
+ if (ah->nfrag == LWS_ARRAY_SIZE(ah->frags)) {
+ lwsl_warn("More hdr frags than we can deal with\n");
+ return -1;
+ }
+
+ ah->frags[ah->nfrag].offset = ah->pos;
+ ah->frags[ah->nfrag].len = 0;
+ ah->frags[ah->nfrag].nfrag = 0;
+ ah->frags[ah->nfrag].flags = 2;
+
+ n = ah->frag_index[ah->parser_state];
+ if (!n) { /* first fragment */
+ ah->frag_index[ah->parser_state] = ah->nfrag;
+ ah->hdr_token_idx = ah->parser_state;
+ break;
+ }
+ /* continuation */
+ while (ah->frags[n].nfrag)
+ n = ah->frags[n].nfrag;
+ ah->frags[n].nfrag = ah->nfrag;
+
+ if (issue_char(wsi, ' ') < 0)
+ return -1;
+ break;
+
+ /* skipping arg part of a name we didn't recognize */
+ case WSI_TOKEN_SKIPPING:
+ lwsl_parser("WSI_TOKEN_SKIPPING '%c'\n", c);
+
+ if (c == '\x0d')
+ ah->parser_state = WSI_TOKEN_SKIPPING_SAW_CR;
+ break;
+
+ case WSI_TOKEN_SKIPPING_SAW_CR:
+ lwsl_parser("WSI_TOKEN_SKIPPING_SAW_CR '%c'\n", c);
+ if (ah->ues != URIES_IDLE)
+ goto forbid;
+ if (c == '\x0a') {
+ ah->parser_state = WSI_TOKEN_NAME_PART;
+ ah->lextable_pos = 0;
+ } else
+ ah->parser_state = WSI_TOKEN_SKIPPING;
+ break;
+ /* we're done, ignore anything else */
+
+ case WSI_PARSING_COMPLETE:
+ lwsl_parser("WSI_PARSING_COMPLETE '%c'\n", c);
+ break;
+ }
+
+ } while (*len);
+
+ return 0;
+
+set_parsing_complete:
+ if (ah->ues != URIES_IDLE)
+ goto forbid;
+ if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) {
+ if (lws_hdr_total_length(wsi, WSI_TOKEN_VERSION))
+ wsi->rx_frame_type = /* temp for ws version index */
+ atoi(lws_hdr_simple_ptr(wsi, WSI_TOKEN_VERSION));
+
+ lwsl_parser("v%02d hdrs done\n", wsi->rx_frame_type);
+ }
+ ah->parser_state = WSI_PARSING_COMPLETE;
+ wsi->hdr_parsing_completed = 1;
+
+ return 0;
+
+forbid:
+ lwsl_notice(" forbidding on uri sanitation\n");
+ lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL);
+
+ return -1;
+}
+
diff --git a/thirdparty/libwebsockets/roles/http/server/server.c b/thirdparty/libwebsockets/roles/http/server/server.c
new file mode 100644
index 0000000000..abd86dc9b5
--- /dev/null
+++ b/thirdparty/libwebsockets/roles/http/server/server.c
@@ -0,0 +1,2765 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation:
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301 USA
+ */
+
+#include "core/private.h"
+
+const char * const method_names[] = {
+ "GET", "POST", "OPTIONS", "PUT", "PATCH", "DELETE", "CONNECT", "HEAD",
+#ifdef LWS_WITH_HTTP2
+ ":path",
+#endif
+ };
+
+/*
+ * return 0: all done
+ * 1: nonfatal error
+ * <0: fatal error
+ *
+ * REQUIRES CONTEXT LOCK HELD
+ */
+
+int
+_lws_vhost_init_server(const struct lws_context_creation_info *info,
+ struct lws_vhost *vhost)
+{
+ int n, opt = 1, limit = 1;
+ lws_sockfd_type sockfd;
+ struct lws_vhost *vh;
+ struct lws *wsi;
+ int m = 0, is;
+
+ (void)method_names;
+ (void)opt;
+
+ if (info) {
+ vhost->iface = info->iface;
+ vhost->listen_port = info->port;
+ }
+
+ /* set up our external listening socket we serve on */
+
+ if (vhost->listen_port == CONTEXT_PORT_NO_LISTEN ||
+ vhost->listen_port == CONTEXT_PORT_NO_LISTEN_SERVER)
+ return 0;
+
+ vh = vhost->context->vhost_list;
+ while (vh) {
+ if (vh->listen_port == vhost->listen_port) {
+ if (((!vhost->iface && !vh->iface) ||
+ (vhost->iface && vh->iface &&
+ !strcmp(vhost->iface, vh->iface))) &&
+ vh->lserv_wsi
+ ) {
+ lwsl_notice(" using listen skt from vhost %s\n",
+ vh->name);
+ return 0;
+ }
+ }
+ vh = vh->vhost_next;
+ }
+
+ if (vhost->iface) {
+ /*
+ * let's check before we do anything else about the disposition
+ * of the interface he wants to bind to...
+ */
+ is = lws_socket_bind(vhost, LWS_SOCK_INVALID, vhost->listen_port, vhost->iface);
+ lwsl_debug("initial if check says %d\n", is);
+deal:
+
+ lws_start_foreach_llp(struct lws_vhost **, pv,
+ vhost->context->no_listener_vhost_list) {
+ if (is >= LWS_ITOSA_USABLE && *pv == vhost) {
+ /* on the list and shouldn't be: remove it */
+ lwsl_debug("deferred iface: removing vh %s\n", (*pv)->name);
+ *pv = vhost->no_listener_vhost_list;
+ vhost->no_listener_vhost_list = NULL;
+ goto done_list;
+ }
+ if (is < LWS_ITOSA_USABLE && *pv == vhost)
+ goto done_list;
+ } lws_end_foreach_llp(pv, no_listener_vhost_list);
+
+ /* not on the list... */
+
+ if (is < LWS_ITOSA_USABLE) {
+
+ /* ... but needs to be: so add it */
+
+ lwsl_debug("deferred iface: adding vh %s\n", vhost->name);
+ vhost->no_listener_vhost_list = vhost->context->no_listener_vhost_list;
+ vhost->context->no_listener_vhost_list = vhost;
+ }
+
+done_list:
+
+ switch (is) {
+ default:
+ break;
+ case LWS_ITOSA_NOT_EXIST:
+ /* can't add it */
+ if (info) /* first time */
+ lwsl_err("VH %s: iface %s port %d DOESN'T EXIST\n",
+ vhost->name, vhost->iface, vhost->listen_port);
+ return 1;
+ case LWS_ITOSA_NOT_USABLE:
+ /* can't add it */
+ if (info) /* first time */
+ lwsl_err("VH %s: iface %s port %d NOT USABLE\n",
+ vhost->name, vhost->iface, vhost->listen_port);
+ return 1;
+ }
+ }
+
+ (void)n;
+#if defined(__linux__)
+#ifdef LWS_WITH_UNIX_SOCK
+ /*
+ * A Unix domain sockets cannot be bound for several times, even if we set
+ * the SO_REUSE* options on.
+ * However, fortunately, each thread is able to independently listen when
+ * running on a reasonably new Linux kernel. So we can safely assume
+ * creating just one listening socket for a multi-threaded environment won't
+ * fail in most cases.
+ */
+ if (!LWS_UNIX_SOCK_ENABLED(vhost))
+#endif
+ limit = vhost->context->count_threads;
+#endif
+
+ for (m = 0; m < limit; m++) {
+#ifdef LWS_WITH_UNIX_SOCK
+ if (LWS_UNIX_SOCK_ENABLED(vhost))
+ sockfd = socket(AF_UNIX, SOCK_STREAM, 0);
+ else
+#endif
+#ifdef LWS_WITH_IPV6
+ if (LWS_IPV6_ENABLED(vhost))
+ sockfd = socket(AF_INET6, SOCK_STREAM, 0);
+ else
+#endif
+ sockfd = socket(AF_INET, SOCK_STREAM, 0);
+
+ if (sockfd == LWS_SOCK_INVALID) {
+ lwsl_err("ERROR opening socket\n");
+ return 1;
+ }
+#if !defined(LWS_WITH_ESP32)
+#if (defined(WIN32) || defined(_WIN32)) && defined(SO_EXCLUSIVEADDRUSE)
+ /*
+ * only accept that we are the only listener on the port
+ * https://msdn.microsoft.com/zh-tw/library/
+ * windows/desktop/ms740621(v=vs.85).aspx
+ *
+ * for lws, to match Linux, we default to exclusive listen
+ */
+ if (!lws_check_opt(vhost->options,
+ LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE)) {
+ if (setsockopt(sockfd, SOL_SOCKET, SO_EXCLUSIVEADDRUSE,
+ (const void *)&opt, sizeof(opt)) < 0) {
+ lwsl_err("reuseaddr failed\n");
+ compatible_close(sockfd);
+ return -1;
+ }
+ } else
+#endif
+
+ /*
+ * allow us to restart even if old sockets in TIME_WAIT
+ */
+ if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR,
+ (const void *)&opt, sizeof(opt)) < 0) {
+ lwsl_err("reuseaddr failed\n");
+ compatible_close(sockfd);
+ return -1;
+ }
+
+#if defined(LWS_WITH_IPV6) && defined(IPV6_V6ONLY)
+ if (LWS_IPV6_ENABLED(vhost) &&
+ vhost->options & LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY) {
+ int value = (vhost->options &
+ LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE) ? 1 : 0;
+ if (setsockopt(sockfd, IPPROTO_IPV6, IPV6_V6ONLY,
+ (const void*)&value, sizeof(value)) < 0) {
+ compatible_close(sockfd);
+ return -1;
+ }
+ }
+#endif
+
+#if defined(__linux__) && defined(SO_REUSEPORT)
+ /* keep coverity happy */
+#if LWS_MAX_SMP > 1
+ n = 1;
+#else
+ n = lws_check_opt(vhost->options,
+ LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE);
+#endif
+ if (n && vhost->context->count_threads > 1)
+ if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEPORT,
+ (const void *)&opt, sizeof(opt)) < 0) {
+ compatible_close(sockfd);
+ return -1;
+ }
+#endif
+#endif
+ lws_plat_set_socket_options(vhost, sockfd);
+
+ is = lws_socket_bind(vhost, sockfd, vhost->listen_port, vhost->iface);
+ /*
+ * There is a race where the network device may come up and then
+ * go away and fail here. So correctly handle unexpected failure
+ * here despite we earlier confirmed it.
+ */
+ if (is < 0) {
+ lwsl_info("%s: lws_socket_bind says %d\n", __func__, is);
+ compatible_close(sockfd);
+ goto deal;
+ }
+ vhost->listen_port = is;
+
+ lwsl_debug("%s: lws_socket_bind says %d\n", __func__, is);
+
+ wsi = lws_zalloc(sizeof(struct lws), "listen wsi");
+ if (wsi == NULL) {
+ lwsl_err("Out of mem\n");
+ goto bail;
+ }
+ wsi->context = vhost->context;
+ wsi->desc.sockfd = sockfd;
+ lws_role_transition(wsi, 0, LRS_UNCONNECTED, &role_ops_listen);
+ wsi->protocol = vhost->protocols;
+ wsi->tsi = m;
+ wsi->vhost = vhost;
+ wsi->listener = 1;
+
+ if (wsi->context->event_loop_ops->init_vhost_listen_wsi)
+ wsi->context->event_loop_ops->init_vhost_listen_wsi(wsi);
+
+ if (__insert_wsi_socket_into_fds(vhost->context, wsi)) {
+ lwsl_notice("inserting wsi socket into fds failed\n");
+ goto bail;
+ }
+
+ vhost->context->count_wsi_allocated++;
+ vhost->lserv_wsi = wsi;
+
+ n = listen(wsi->desc.sockfd, LWS_SOMAXCONN);
+ if (n < 0) {
+ lwsl_err("listen failed with error %d\n", LWS_ERRNO);
+ vhost->lserv_wsi = NULL;
+ vhost->context->count_wsi_allocated--;
+ __remove_wsi_socket_from_fds(wsi);
+ goto bail;
+ }
+ } /* for each thread able to independently listen */
+
+ if (!lws_check_opt(vhost->context->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) {
+#ifdef LWS_WITH_UNIX_SOCK
+ if (LWS_UNIX_SOCK_ENABLED(vhost))
+ lwsl_info(" Listening on \"%s\"\n", vhost->iface);
+ else
+#endif
+ lwsl_info(" Listening on port %d\n", vhost->listen_port);
+ }
+
+ // info->port = vhost->listen_port;
+
+ return 0;
+
+bail:
+ compatible_close(sockfd);
+
+ return -1;
+}
+
+struct lws_vhost *
+lws_select_vhost(struct lws_context *context, int port, const char *servername)
+{
+ struct lws_vhost *vhost = context->vhost_list;
+ const char *p;
+ int n, m, colon;
+
+ n = (int)strlen(servername);
+ colon = n;
+ p = strchr(servername, ':');
+ if (p)
+ colon = lws_ptr_diff(p, servername);
+
+ /* Priotity 1: first try exact matches */
+
+ while (vhost) {
+ if (port == vhost->listen_port &&
+ !strncmp(vhost->name, servername, colon)) {
+ lwsl_info("SNI: Found: %s\n", servername);
+ return vhost;
+ }
+ vhost = vhost->vhost_next;
+ }
+
+ /*
+ * Priority 2: if no exact matches, try matching *.vhost-name
+ * unintentional matches are possible but resolve to x.com for *.x.com
+ * which is reasonable. If exact match exists we already chose it and
+ * never reach here. SSL will still fail it if the cert doesn't allow
+ * *.x.com.
+ */
+ vhost = context->vhost_list;
+ while (vhost) {
+ m = (int)strlen(vhost->name);
+ if (port == vhost->listen_port &&
+ m <= (colon - 2) &&
+ servername[colon - m - 1] == '.' &&
+ !strncmp(vhost->name, servername + colon - m, m)) {
+ lwsl_info("SNI: Found %s on wildcard: %s\n",
+ servername, vhost->name);
+ return vhost;
+ }
+ vhost = vhost->vhost_next;
+ }
+
+ /* Priority 3: match the first vhost on our port */
+
+ vhost = context->vhost_list;
+ while (vhost) {
+ if (port == vhost->listen_port) {
+ lwsl_info("%s: vhost match to %s based on port %d\n",
+ __func__, vhost->name, port);
+ return vhost;
+ }
+ vhost = vhost->vhost_next;
+ }
+
+ /* no match */
+
+ return NULL;
+}
+
+LWS_VISIBLE LWS_EXTERN const char *
+lws_get_mimetype(const char *file, const struct lws_http_mount *m)
+{
+ int n = (int)strlen(file);
+ const struct lws_protocol_vhost_options *pvo = NULL;
+
+ if (m)
+ pvo = m->extra_mimetypes;
+
+ if (n < 5)
+ return NULL;
+
+ if (!strcmp(&file[n - 4], ".ico"))
+ return "image/x-icon";
+
+ if (!strcmp(&file[n - 4], ".gif"))
+ return "image/gif";
+
+ if (!strcmp(&file[n - 3], ".js"))
+ return "text/javascript";
+
+ if (!strcmp(&file[n - 4], ".png"))
+ return "image/png";
+
+ if (!strcmp(&file[n - 4], ".jpg"))
+ return "image/jpeg";
+
+ if (!strcmp(&file[n - 3], ".gz"))
+ return "application/gzip";
+
+ if (!strcmp(&file[n - 4], ".JPG"))
+ return "image/jpeg";
+
+ if (!strcmp(&file[n - 5], ".html"))
+ return "text/html";
+
+ if (!strcmp(&file[n - 4], ".css"))
+ return "text/css";
+
+ if (!strcmp(&file[n - 4], ".txt"))
+ return "text/plain";
+
+ if (!strcmp(&file[n - 4], ".svg"))
+ return "image/svg+xml";
+
+ if (!strcmp(&file[n - 4], ".ttf"))
+ return "application/x-font-ttf";
+
+ if (!strcmp(&file[n - 4], ".otf"))
+ return "application/font-woff";
+
+ if (!strcmp(&file[n - 5], ".woff"))
+ return "application/font-woff";
+
+ if (!strcmp(&file[n - 4], ".xml"))
+ return "application/xml";
+
+ while (pvo) {
+ if (pvo->name[0] == '*') /* ie, match anything */
+ return pvo->value;
+
+ if (!strcmp(&file[n - strlen(pvo->name)], pvo->name))
+ return pvo->value;
+
+ pvo = pvo->next;
+ }
+
+ return NULL;
+}
+static lws_fop_flags_t
+lws_vfs_prepare_flags(struct lws *wsi)
+{
+ lws_fop_flags_t f = 0;
+
+ if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_ACCEPT_ENCODING))
+ return f;
+
+ if (strstr(lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_ACCEPT_ENCODING),
+ "gzip")) {
+ lwsl_info("client indicates GZIP is acceptable\n");
+ f |= LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP;
+ }
+
+ return f;
+}
+
+static int
+lws_http_serve(struct lws *wsi, char *uri, const char *origin,
+ const struct lws_http_mount *m)
+{
+ const struct lws_protocol_vhost_options *pvo = m->interpret;
+ struct lws_process_html_args args;
+ const char *mimetype;
+#if !defined(_WIN32_WCE)
+ const struct lws_plat_file_ops *fops;
+ const char *vpath;
+ lws_fop_flags_t fflags = LWS_O_RDONLY;
+#if defined(WIN32) && defined(LWS_HAVE__STAT32I64)
+ struct _stat32i64 st;
+#else
+ struct stat st;
+#endif
+ int spin = 0;
+#endif
+ char path[256], sym[512];
+ unsigned char *p = (unsigned char *)sym + 32 + LWS_PRE, *start = p;
+ unsigned char *end = p + sizeof(sym) - 32 - LWS_PRE;
+#if !defined(WIN32) && !defined(LWS_WITH_ESP32)
+ size_t len;
+#endif
+ int n;
+
+ wsi->handling_404 = 0;
+ if (!wsi->vhost)
+ return -1;
+
+#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2)
+ if (wsi->vhost->http.error_document_404 &&
+ !strcmp(uri, wsi->vhost->http.error_document_404))
+ wsi->handling_404 = 1;
+#endif
+
+ lws_snprintf(path, sizeof(path) - 1, "%s/%s", origin, uri);
+
+#if !defined(_WIN32_WCE)
+
+ fflags |= lws_vfs_prepare_flags(wsi);
+
+ do {
+ spin++;
+ fops = lws_vfs_select_fops(wsi->context->fops, path, &vpath);
+
+ if (wsi->http.fop_fd)
+ lws_vfs_file_close(&wsi->http.fop_fd);
+
+ wsi->http.fop_fd = fops->LWS_FOP_OPEN(wsi->context->fops,
+ path, vpath, &fflags);
+ if (!wsi->http.fop_fd) {
+ lwsl_info("%s: Unable to open '%s': errno %d\n",
+ __func__, path, errno);
+
+ return -1;
+ }
+
+ /* if it can't be statted, don't try */
+ if (fflags & LWS_FOP_FLAG_VIRTUAL)
+ break;
+#if defined(LWS_WITH_ESP32)
+ break;
+#endif
+#if !defined(WIN32)
+ if (fstat(wsi->http.fop_fd->fd, &st)) {
+ lwsl_info("unable to stat %s\n", path);
+ goto bail;
+ }
+#else
+#if defined(LWS_HAVE__STAT32I64)
+ if (_stat32i64(path, &st)) {
+ lwsl_info("unable to stat %s\n", path);
+ goto bail;
+ }
+#else
+ if (stat(path, &st)) {
+ lwsl_info("unable to stat %s\n", path);
+ goto bail;
+ }
+#endif
+#endif
+
+ wsi->http.fop_fd->mod_time = (uint32_t)st.st_mtime;
+ fflags |= LWS_FOP_FLAG_MOD_TIME_VALID;
+
+#if !defined(WIN32) && !defined(LWS_WITH_ESP32)
+ if ((S_IFMT & st.st_mode) == S_IFLNK) {
+ len = readlink(path, sym, sizeof(sym) - 1);
+ if (len) {
+ lwsl_err("Failed to read link %s\n", path);
+ goto bail;
+ }
+ sym[len] = '\0';
+ lwsl_debug("symlink %s -> %s\n", path, sym);
+ lws_snprintf(path, sizeof(path) - 1, "%s", sym);
+ }
+#endif
+ if ((S_IFMT & st.st_mode) == S_IFDIR) {
+ lwsl_debug("default filename append to dir\n");
+ lws_snprintf(path, sizeof(path) - 1, "%s/%s/index.html",
+ origin, uri);
+ }
+
+ } while ((S_IFMT & st.st_mode) != S_IFREG && spin < 5);
+
+ if (spin == 5)
+ lwsl_err("symlink loop %s \n", path);
+
+ n = sprintf(sym, "%08llX%08lX",
+ (unsigned long long)lws_vfs_get_length(wsi->http.fop_fd),
+ (unsigned long)lws_vfs_get_mod_time(wsi->http.fop_fd));
+
+ /* disable ranges if IF_RANGE token invalid */
+
+ if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_IF_RANGE))
+ if (strcmp(sym, lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_IF_RANGE)))
+ /* differs - defeat Range: */
+ wsi->http.ah->frag_index[WSI_TOKEN_HTTP_RANGE] = 0;
+
+ if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_IF_NONE_MATCH)) {
+ /*
+ * he thinks he has some version of it already,
+ * check if the tag matches
+ */
+ if (!strcmp(sym, lws_hdr_simple_ptr(wsi,
+ WSI_TOKEN_HTTP_IF_NONE_MATCH))) {
+
+ lwsl_debug("%s: ETAG match %s %s\n", __func__,
+ uri, origin);
+
+ /* we don't need to send the payload */
+ if (lws_add_http_header_status(wsi,
+ HTTP_STATUS_NOT_MODIFIED, &p, end))
+ return -1;
+
+ if (lws_add_http_header_by_token(wsi,
+ WSI_TOKEN_HTTP_ETAG,
+ (unsigned char *)sym, n, &p, end))
+ return -1;
+
+ if (lws_finalize_http_header(wsi, &p, end))
+ return -1;
+
+ n = lws_write(wsi, start, p - start,
+ LWS_WRITE_HTTP_HEADERS |
+ LWS_WRITE_H2_STREAM_END);
+ if (n != (p - start)) {
+ lwsl_err("_write returned %d from %ld\n", n,
+ (long)(p - start));
+ return -1;
+ }
+
+ lws_vfs_file_close(&wsi->http.fop_fd);
+
+ return lws_http_transaction_completed(wsi);
+ }
+ }
+
+ if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_ETAG,
+ (unsigned char *)sym, n, &p, end))
+ return -1;
+#endif
+
+ mimetype = lws_get_mimetype(path, m);
+ if (!mimetype) {
+ lwsl_err("unknown mimetype for %s\n", path);
+ goto bail;
+ }
+ if (!mimetype[0])
+ lwsl_debug("sending no mimetype for %s\n", path);
+
+ wsi->sending_chunked = 0;
+
+ /*
+ * check if this is in the list of file suffixes to be interpreted by
+ * a protocol
+ */
+ while (pvo) {
+ n = (int)strlen(path);
+ if (n > (int)strlen(pvo->name) &&
+ !strcmp(&path[n - strlen(pvo->name)], pvo->name)) {
+ wsi->interpreting = 1;
+ if (!wsi->http2_substream)
+ wsi->sending_chunked = 1;
+ wsi->protocol_interpret_idx =
+ (char)(lws_intptr_t)pvo->value;
+ lwsl_info("want %s interpreted by %s\n", path,
+ wsi->vhost->protocols[
+ (int)(lws_intptr_t)(pvo->value)].name);
+ wsi->protocol = &wsi->vhost->protocols[
+ (int)(lws_intptr_t)(pvo->value)];
+ if (lws_ensure_user_space(wsi))
+ return -1;
+ break;
+ }
+ pvo = pvo->next;
+ }
+
+ if (m->protocol) {
+ const struct lws_protocols *pp = lws_vhost_name_to_protocol(
+ wsi->vhost, m->protocol);
+
+ if (lws_bind_protocol(wsi, pp))
+ return 1;
+ args.p = (char *)p;
+ args.max_len = lws_ptr_diff(end, p);
+ if (pp->callback(wsi, LWS_CALLBACK_ADD_HEADERS,
+ wsi->user_space, &args, 0))
+ return -1;
+ p = (unsigned char *)args.p;
+ }
+
+ n = lws_serve_http_file(wsi, path, mimetype, (char *)start,
+ lws_ptr_diff(p, start));
+
+ if (n < 0 || ((n > 0) && lws_http_transaction_completed(wsi)))
+ return -1; /* error or can't reuse connection: close the socket */
+
+ return 0;
+bail:
+
+ return -1;
+}
+
+#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2)
+const struct lws_http_mount *
+lws_find_mount(struct lws *wsi, const char *uri_ptr, int uri_len)
+{
+ const struct lws_http_mount *hm, *hit = NULL;
+ int best = 0;
+
+ hm = wsi->vhost->http.mount_list;
+ while (hm) {
+ if (uri_len >= hm->mountpoint_len &&
+ !strncmp(uri_ptr, hm->mountpoint, hm->mountpoint_len) &&
+ (uri_ptr[hm->mountpoint_len] == '\0' ||
+ uri_ptr[hm->mountpoint_len] == '/' ||
+ hm->mountpoint_len == 1)
+ ) {
+ if (hm->origin_protocol == LWSMPRO_CALLBACK ||
+ ((hm->origin_protocol == LWSMPRO_CGI ||
+ lws_hdr_total_length(wsi, WSI_TOKEN_GET_URI) ||
+ (wsi->http2_substream &&
+ lws_hdr_total_length(wsi,
+ WSI_TOKEN_HTTP_COLON_PATH)) ||
+ hm->protocol) &&
+ hm->mountpoint_len > best)) {
+ best = hm->mountpoint_len;
+ hit = hm;
+ }
+ }
+ hm = hm->mount_next;
+ }
+
+ return hit;
+}
+#endif
+
+#if !defined(LWS_WITH_ESP32)
+static int
+lws_find_string_in_file(const char *filename, const char *string, int stringlen)
+{
+ char buf[128];
+ int fd, match = 0, pos = 0, n = 0, hit = 0;
+
+ fd = lws_open(filename, O_RDONLY);
+ if (fd < 0) {
+ lwsl_err("can't open auth file: %s\n", filename);
+ return 0;
+ }
+
+ while (1) {
+ if (pos == n) {
+ n = read(fd, buf, sizeof(buf));
+ if (n <= 0) {
+ if (match == stringlen)
+ hit = 1;
+ break;
+ }
+ pos = 0;
+ }
+
+ if (match == stringlen) {
+ if (buf[pos] == '\r' || buf[pos] == '\n') {
+ hit = 1;
+ break;
+ }
+ match = 0;
+ }
+
+ if (buf[pos] == string[match])
+ match++;
+ else
+ match = 0;
+
+ pos++;
+ }
+
+ close(fd);
+
+ return hit;
+}
+#endif
+
+static int
+lws_unauthorised_basic_auth(struct lws *wsi)
+{
+ struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+ unsigned char *start = pt->serv_buf + LWS_PRE,
+ *p = start, *end = p + 512;
+ char buf[64];
+ int n;
+
+ /* no auth... tell him it is required */
+
+ if (lws_add_http_header_status(wsi, HTTP_STATUS_UNAUTHORIZED, &p, end))
+ return -1;
+
+ n = lws_snprintf(buf, sizeof(buf), "Basic realm=\"lwsws\"");
+ if (lws_add_http_header_by_token(wsi,
+ WSI_TOKEN_HTTP_WWW_AUTHENTICATE,
+ (unsigned char *)buf, n, &p, end))
+ return -1;
+
+ if (lws_finalize_http_header(wsi, &p, end))
+ return -1;
+
+ n = lws_write(wsi, start, p - start, LWS_WRITE_HTTP_HEADERS |
+ LWS_WRITE_H2_STREAM_END);
+ if (n < 0)
+ return -1;
+
+ return lws_http_transaction_completed(wsi);
+
+}
+
+int lws_clean_url(char *p)
+{
+ if (p[0] == 'h' && p[1] == 't' && p[2] == 't' && p[3] == 'p') {
+ p += 4;
+ if (*p == 's')
+ p++;
+ if (*p == ':') {
+ p++;
+ if (*p == '/')
+ p++;
+ }
+ }
+
+ while (*p) {
+ if (p[0] == '/' && p[1] == '/') {
+ char *p1 = p;
+ while (*p1) {
+ *p1 = p1[1];
+ p1++;
+ }
+ continue;
+ }
+ p++;
+ }
+
+ return 0;
+}
+
+static const unsigned char methods[] = {
+ WSI_TOKEN_GET_URI,
+ WSI_TOKEN_POST_URI,
+ WSI_TOKEN_OPTIONS_URI,
+ WSI_TOKEN_PUT_URI,
+ WSI_TOKEN_PATCH_URI,
+ WSI_TOKEN_DELETE_URI,
+ WSI_TOKEN_CONNECT,
+ WSI_TOKEN_HEAD_URI,
+#ifdef LWS_WITH_HTTP2
+ WSI_TOKEN_HTTP_COLON_PATH,
+#endif
+};
+
+static int
+lws_http_get_uri_and_method(struct lws *wsi, char **puri_ptr, int *puri_len)
+{
+ int n, count = 0;
+
+ for (n = 0; n < (int)LWS_ARRAY_SIZE(methods); n++)
+ if (lws_hdr_total_length(wsi, methods[n]))
+ count++;
+ if (!count) {
+ lwsl_warn("Missing URI in HTTP request\n");
+ return -1;
+ }
+
+ if (count != 1 &&
+ !(wsi->http2_substream &&
+ lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_COLON_PATH))) {
+ lwsl_warn("multiple methods?\n");
+ return -1;
+ }
+
+ for (n = 0; n < (int)LWS_ARRAY_SIZE(methods); n++)
+ if (lws_hdr_total_length(wsi, methods[n])) {
+ *puri_ptr = lws_hdr_simple_ptr(wsi, methods[n]);
+ *puri_len = lws_hdr_total_length(wsi, methods[n]);
+ return n;
+ }
+
+ return -1;
+}
+
+int
+lws_http_action(struct lws *wsi)
+{
+ struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+ enum http_connection_type connection_type;
+ enum http_version request_version;
+ char content_length_str[32];
+ struct lws_process_html_args args;
+ const struct lws_http_mount *hit = NULL;
+ unsigned int n;
+ char http_version_str[10];
+ char http_conn_str[20];
+ int http_version_len;
+ char *uri_ptr = NULL, *s;
+ int uri_len = 0, meth;
+ static const char * const oprot[] = {
+ "http://", "https://"
+ };
+
+ meth = lws_http_get_uri_and_method(wsi, &uri_ptr, &uri_len);
+ if (meth < 0 || meth >= (int)LWS_ARRAY_SIZE(method_names))
+ goto bail_nuke_ah;
+
+ /* we insist on absolute paths */
+
+ if (!uri_ptr || uri_ptr[0] != '/') {
+ lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL);
+
+ goto bail_nuke_ah;
+ }
+
+ lwsl_info("Method: '%s' (%d), request for '%s'\n", method_names[meth],
+ meth, uri_ptr);
+
+ if (wsi->role_ops && wsi->role_ops->check_upgrades)
+ switch (wsi->role_ops->check_upgrades(wsi)) {
+ case LWS_UPG_RET_DONE:
+ return 0;
+ case LWS_UPG_RET_CONTINUE:
+ break;
+ case LWS_UPG_RET_BAIL:
+ goto bail_nuke_ah;
+ }
+
+ if (lws_ensure_user_space(wsi))
+ goto bail_nuke_ah;
+
+ /* HTTP header had a content length? */
+
+ wsi->http.rx_content_length = 0;
+ if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI) ||
+ lws_hdr_total_length(wsi, WSI_TOKEN_PATCH_URI) ||
+ lws_hdr_total_length(wsi, WSI_TOKEN_PUT_URI))
+ wsi->http.rx_content_length = 100 * 1024 * 1024;
+
+ if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) {
+ lws_hdr_copy(wsi, content_length_str,
+ sizeof(content_length_str) - 1,
+ WSI_TOKEN_HTTP_CONTENT_LENGTH);
+ wsi->http.rx_content_length = atoll(content_length_str);
+ }
+
+ if (wsi->http2_substream) {
+ wsi->http.request_version = HTTP_VERSION_2;
+ } else {
+ /* http_version? Default to 1.0, override with token: */
+ request_version = HTTP_VERSION_1_0;
+
+ /* Works for single digit HTTP versions. : */
+ http_version_len = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP);
+ if (http_version_len > 7) {
+ lws_hdr_copy(wsi, http_version_str,
+ sizeof(http_version_str) - 1,
+ WSI_TOKEN_HTTP);
+ if (http_version_str[5] == '1' &&
+ http_version_str[7] == '1')
+ request_version = HTTP_VERSION_1_1;
+ }
+ wsi->http.request_version = request_version;
+
+ /* HTTP/1.1 defaults to "keep-alive", 1.0 to "close" */
+ if (request_version == HTTP_VERSION_1_1)
+ connection_type = HTTP_CONNECTION_KEEP_ALIVE;
+ else
+ connection_type = HTTP_CONNECTION_CLOSE;
+
+ /* Override default if http "Connection:" header: */
+ if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECTION)) {
+ lws_hdr_copy(wsi, http_conn_str,
+ sizeof(http_conn_str) - 1,
+ WSI_TOKEN_CONNECTION);
+ http_conn_str[sizeof(http_conn_str) - 1] = '\0';
+ if (!strcasecmp(http_conn_str, "keep-alive"))
+ connection_type = HTTP_CONNECTION_KEEP_ALIVE;
+ else
+ if (!strcasecmp(http_conn_str, "close"))
+ connection_type = HTTP_CONNECTION_CLOSE;
+ }
+ wsi->http.connection_type = connection_type;
+ }
+
+ n = wsi->protocol->callback(wsi, LWS_CALLBACK_FILTER_HTTP_CONNECTION,
+ wsi->user_space, uri_ptr, uri_len);
+ if (n) {
+ lwsl_info("LWS_CALLBACK_HTTP closing\n");
+
+ return 1;
+ }
+ /*
+ * if there is content supposed to be coming,
+ * put a timeout on it having arrived
+ */
+ lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT,
+ wsi->context->timeout_secs);
+#ifdef LWS_WITH_TLS
+ if (wsi->tls.redirect_to_https) {
+ /*
+ * we accepted http:// only so we could redirect to
+ * https://, so issue the redirect. Create the redirection
+ * URI from the host: header and ignore the path part
+ */
+ unsigned char *start = pt->serv_buf + LWS_PRE, *p = start,
+ *end = p + 512;
+
+ if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST))
+ goto bail_nuke_ah;
+
+ n = sprintf((char *)end, "https://%s/",
+ lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST));
+
+ n = lws_http_redirect(wsi, HTTP_STATUS_MOVED_PERMANENTLY,
+ end, n, &p, end);
+ if ((int)n < 0)
+ goto bail_nuke_ah;
+
+ return lws_http_transaction_completed(wsi);
+ }
+#endif
+
+#ifdef LWS_WITH_ACCESS_LOG
+ lws_prepare_access_log_info(wsi, uri_ptr, meth);
+#endif
+
+ /* can we serve it from the mount list? */
+
+ hit = lws_find_mount(wsi, uri_ptr, uri_len);
+ if (!hit) {
+ /* deferred cleanup and reset to protocols[0] */
+
+ lwsl_info("no hit\n");
+
+ if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0]))
+ return 1;
+
+ lwsi_set_state(wsi, LRS_DOING_TRANSACTION);
+
+ n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP,
+ wsi->user_space, uri_ptr, uri_len);
+
+ goto after;
+ }
+
+ s = uri_ptr + hit->mountpoint_len;
+
+ /*
+ * if we have a mountpoint like https://xxx.com/yyy
+ * there is an implied / at the end for our purposes since
+ * we can only mount on a "directory".
+ *
+ * But if we just go with that, the browser cannot understand
+ * that he is actually looking down one "directory level", so
+ * even though we give him /yyy/abc.html he acts like the
+ * current directory level is /. So relative urls like "x.png"
+ * wrongly look outside the mountpoint.
+ *
+ * Therefore if we didn't come in on a url with an explicit
+ * / at the end, we must redirect to add it so the browser
+ * understands he is one "directory level" down.
+ */
+ if ((hit->mountpoint_len > 1 ||
+ (hit->origin_protocol == LWSMPRO_REDIR_HTTP ||
+ hit->origin_protocol == LWSMPRO_REDIR_HTTPS)) &&
+ (*s != '/' ||
+ (hit->origin_protocol == LWSMPRO_REDIR_HTTP ||
+ hit->origin_protocol == LWSMPRO_REDIR_HTTPS)) &&
+ (hit->origin_protocol != LWSMPRO_CGI &&
+ hit->origin_protocol != LWSMPRO_CALLBACK)) {
+ unsigned char *start = pt->serv_buf + LWS_PRE,
+ *p = start, *end = p + 512;
+
+ lwsl_debug("Doing 301 '%s' org %s\n", s, hit->origin);
+
+ /* > at start indicates deal with by redirect */
+ if (hit->origin_protocol == LWSMPRO_REDIR_HTTP ||
+ hit->origin_protocol == LWSMPRO_REDIR_HTTPS)
+ n = lws_snprintf((char *)end, 256, "%s%s",
+ oprot[hit->origin_protocol & 1],
+ hit->origin);
+ else {
+ if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) {
+ if (!lws_hdr_total_length(wsi,
+ WSI_TOKEN_HTTP_COLON_AUTHORITY))
+ goto bail_nuke_ah;
+ n = lws_snprintf((char *)end, 256,
+ "%s%s%s/", oprot[!!lws_is_ssl(wsi)],
+ lws_hdr_simple_ptr(wsi,
+ WSI_TOKEN_HTTP_COLON_AUTHORITY),
+ uri_ptr);
+ } else
+ n = lws_snprintf((char *)end, 256,
+ "%s%s%s/", oprot[!!lws_is_ssl(wsi)],
+ lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST),
+ uri_ptr);
+ }
+
+ lws_clean_url((char *)end);
+ n = lws_http_redirect(wsi, HTTP_STATUS_MOVED_PERMANENTLY,
+ end, n, &p, end);
+ if ((int)n < 0)
+ goto bail_nuke_ah;
+
+ return lws_http_transaction_completed(wsi);
+ }
+
+ /* basic auth? */
+
+ if (hit->basic_auth_login_file) {
+ char b64[160], plain[(sizeof(b64) * 3) / 4];
+ int m;
+
+ /* Did he send auth? */
+ if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_AUTHORIZATION))
+ return lws_unauthorised_basic_auth(wsi);
+
+ n = HTTP_STATUS_FORBIDDEN;
+
+ m = lws_hdr_copy(wsi, b64, sizeof(b64),
+ WSI_TOKEN_HTTP_AUTHORIZATION);
+ if (m < 7) {
+ lwsl_err("b64 auth too long\n");
+ goto transaction_result_n;
+ }
+
+ b64[5] = '\0';
+ if (strcasecmp(b64, "Basic")) {
+ lwsl_err("auth missing basic: %s\n", b64);
+ goto transaction_result_n;
+ }
+
+ /* It'll be like Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l */
+
+ m = lws_b64_decode_string(b64 + 6, plain, sizeof(plain));
+ if (m < 0) {
+ lwsl_err("plain auth too long\n");
+ goto transaction_result_n;
+ }
+
+ if (!lws_find_string_in_file(hit->basic_auth_login_file,
+ plain, m)) {
+ lwsl_err("basic auth lookup failed\n");
+ return lws_unauthorised_basic_auth(wsi);
+ }
+
+ lwsl_info("basic auth accepted\n");
+
+ /* accept the auth */
+ }
+
+#if defined(LWS_WITH_HTTP_PROXY)
+ /*
+ * The mount is a reverse proxy?
+ */
+
+ if (hit->origin_protocol == LWSMPRO_HTTPS ||
+ hit->origin_protocol == LWSMPRO_HTTP) {
+ struct lws_client_connect_info i;
+ char ads[96], rpath[256], *pcolon, *pslash, *p;
+ int n, na;
+
+ memset(&i, 0, sizeof(i));
+ i.context = lws_get_context(wsi);
+
+ pcolon = strchr(hit->origin, ':');
+ pslash = strchr(hit->origin, '/');
+ if (!pslash) {
+ lwsl_err("Proxy mount origin '%s' must have /\n",
+ hit->origin);
+ return -1;
+ }
+ if (pcolon > pslash)
+ pcolon = NULL;
+
+ if (pcolon)
+ n = pcolon - hit->origin;
+ else
+ n = pslash - hit->origin;
+
+ if (n >= (int)sizeof(ads) - 2)
+ n = sizeof(ads) - 2;
+
+ memcpy(ads, hit->origin, n);
+ ads[n] = '\0';
+
+ i.address = ads;
+ i.port = 80;
+ if (hit->origin_protocol == LWSMPRO_HTTPS) {
+ i.port = 443;
+ i.ssl_connection = 1;
+ }
+ if (pcolon)
+ i.port = atoi(pcolon + 1);
+
+ lws_snprintf(rpath, sizeof(rpath) - 1, "/%s/%s", pslash + 1,
+ uri_ptr + hit->mountpoint_len);
+ lws_clean_url(rpath);
+ na = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_URI_ARGS);
+ if (na) {
+ p = rpath + strlen(rpath);
+ *p++ = '?';
+ lws_hdr_copy(wsi, p, &rpath[sizeof(rpath) - 1] - p,
+ WSI_TOKEN_HTTP_URI_ARGS);
+ while (--na) {
+ if (*p == '\0')
+ *p = '&';
+ p++;
+ }
+ }
+
+
+ i.path = rpath;
+ i.host = i.address;
+ i.origin = NULL;
+ i.method = "GET";
+ i.parent_wsi = wsi;
+ i.uri_replace_from = hit->origin;
+ i.uri_replace_to = hit->mountpoint;
+
+ lwsl_notice("proxying to %s port %d url %s, ssl %d, "
+ "from %s, to %s\n",
+ i.address, i.port, i.path, i.ssl_connection,
+ i.uri_replace_from, i.uri_replace_to);
+
+ if (!lws_client_connect_via_info(&i)) {
+ lwsl_err("proxy connect fail\n");
+ return 1;
+ }
+
+ return 0;
+ }
+#endif
+
+ /*
+ * A particular protocol callback is mounted here?
+ *
+ * For the duration of this http transaction, bind us to the
+ * associated protocol
+ */
+ if (hit->origin_protocol == LWSMPRO_CALLBACK || hit->protocol) {
+ const struct lws_protocols *pp;
+ const char *name = hit->origin;
+ if (hit->protocol)
+ name = hit->protocol;
+
+ pp = lws_vhost_name_to_protocol(wsi->vhost, name);
+ if (!pp) {
+ n = -1;
+ lwsl_err("Unable to find plugin '%s'\n",
+ hit->origin);
+ return 1;
+ }
+
+ if (lws_bind_protocol(wsi, pp))
+ return 1;
+
+ args.p = uri_ptr;
+ args.len = uri_len;
+ args.max_len = hit->auth_mask;
+ args.final = 0; /* used to signal callback dealt with it */
+ args.chunked = 0;
+
+ n = wsi->protocol->callback(wsi,
+ LWS_CALLBACK_CHECK_ACCESS_RIGHTS,
+ wsi->user_space, &args, 0);
+ if (n) {
+ lws_return_http_status(wsi, HTTP_STATUS_UNAUTHORIZED,
+ NULL);
+ goto bail_nuke_ah;
+ }
+ if (args.final) /* callback completely handled it well */
+ return 0;
+
+ if (hit->cgienv && wsi->protocol->callback(wsi,
+ LWS_CALLBACK_HTTP_PMO,
+ wsi->user_space, (void *)hit->cgienv, 0))
+ return 1;
+
+ if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI)) {
+ n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP,
+ wsi->user_space,
+ uri_ptr + hit->mountpoint_len,
+ uri_len - hit->mountpoint_len);
+ goto after;
+ }
+ }
+
+#ifdef LWS_WITH_CGI
+ /* did we hit something with a cgi:// origin? */
+ if (hit->origin_protocol == LWSMPRO_CGI) {
+ const char *cmd[] = {
+ NULL, /* replace with cgi path */
+ NULL
+ };
+
+ lwsl_debug("%s: cgi\n", __func__);
+ cmd[0] = hit->origin;
+
+ n = 5;
+ if (hit->cgi_timeout)
+ n = hit->cgi_timeout;
+
+ n = lws_cgi(wsi, cmd, hit->mountpoint_len, n,
+ hit->cgienv);
+ if (n) {
+ lwsl_err("%s: cgi failed\n", __func__);
+ return -1;
+ }
+
+ goto deal_body;
+ }
+#endif
+
+ n = (int)strlen(s);
+ if (s[0] == '\0' || (n == 1 && s[n - 1] == '/'))
+ s = (char *)hit->def;
+ if (!s)
+ s = "index.html";
+
+ wsi->cache_secs = hit->cache_max_age;
+ wsi->cache_reuse = hit->cache_reusable;
+ wsi->cache_revalidate = hit->cache_revalidate;
+ wsi->cache_intermediaries = hit->cache_intermediaries;
+
+ n = 1;
+ if (hit->origin_protocol == LWSMPRO_FILE)
+ n = lws_http_serve(wsi, s, hit->origin, hit);
+ if (n) {
+ /*
+ * lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL);
+ */
+ if (hit->protocol) {
+ const struct lws_protocols *pp =
+ lws_vhost_name_to_protocol(
+ wsi->vhost, hit->protocol);
+
+ if (lws_bind_protocol(wsi, pp))
+ return 1;
+
+ n = pp->callback(wsi, LWS_CALLBACK_HTTP,
+ wsi->user_space,
+ uri_ptr + hit->mountpoint_len,
+ uri_len - hit->mountpoint_len);
+ } else
+ n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP,
+ wsi->user_space, uri_ptr, uri_len);
+ }
+
+after:
+ if (n) {
+ lwsl_info("LWS_CALLBACK_HTTP closing\n");
+
+ return 1;
+ }
+
+#ifdef LWS_WITH_CGI
+deal_body:
+#endif
+ /*
+ * If we're not issuing a file, check for content_length or
+ * HTTP keep-alive. No keep-alive header allocation for
+ * ISSUING_FILE, as this uses HTTP/1.0.
+ *
+ * In any case, return 0 and let lws_read decide how to
+ * proceed based on state
+ */
+ if (lwsi_state(wsi) != LRS_ISSUING_FILE) {
+ /* Prepare to read body if we have a content length: */
+ lwsl_debug("wsi->http.rx_content_length %lld %d %d\n",
+ (long long)wsi->http.rx_content_length,
+ wsi->upgraded_to_http2, wsi->http2_substream);
+ if (wsi->http.rx_content_length > 0) {
+ struct lws_tokens ebuf;
+ int m;
+
+ lwsi_set_state(wsi, LRS_BODY);
+ lwsl_info("%s: %p: LRS_BODY state set (0x%x)\n",
+ __func__, wsi, wsi->wsistate);
+ wsi->http.rx_content_remain =
+ wsi->http.rx_content_length;
+
+ /*
+ * At this point we have transitioned from deferred
+ * action to expecting BODY on the stream wsi, if it's
+ * in a bundle like h2. So if the stream wsi has its
+ * own buflist, we need to deal with that first.
+ */
+
+ while (1) {
+ ebuf.len = (int)lws_buflist_next_segment_len(
+ &wsi->buflist, (uint8_t **)&ebuf.token);
+ if (!ebuf.len)
+ break;
+ lwsl_notice("%s: consuming %d\n", __func__, (int)ebuf.len);
+ m = lws_read_h1(wsi, (uint8_t *)ebuf.token, ebuf.len);
+ if (m < 0)
+ return -1;
+
+ if (lws_buflist_aware_consume(wsi, &ebuf, m, 1))
+ return -1;
+ }
+ }
+ }
+
+ return 0;
+
+bail_nuke_ah:
+ lws_header_table_detach(wsi, 1);
+
+ return 1;
+
+transaction_result_n:
+ lws_return_http_status(wsi, n, NULL);
+
+ return lws_http_transaction_completed(wsi);
+}
+
+int
+lws_handshake_server(struct lws *wsi, unsigned char **buf, size_t len)
+{
+ struct lws_context *context = lws_get_context(wsi);
+ unsigned char *obuf = *buf;
+#if defined(LWS_WITH_HTTP2)
+ char tbuf[128], *p;
+#endif
+ size_t olen = len;
+ int n = 0, m, i;
+
+ if (len >= 10000000) {
+ lwsl_err("%s: assert: len %ld\n", __func__, (long)len);
+ assert(0);
+ }
+
+ if (!wsi->http.ah) {
+ lwsl_err("%s: assert: NULL ah\n", __func__);
+ assert(0);
+ }
+
+ while (len) {
+ if (!lwsi_role_server(wsi) || !lwsi_role_http(wsi)) {
+ lwsl_err("%s: bad wsi role 0x%x\n", __func__,
+ lwsi_role(wsi));
+ goto bail_nuke_ah;
+ }
+
+ i = (int)len;
+ m = lws_parse(wsi, *buf, &i);
+ lwsl_info("%s: parsed count %d\n", __func__, (int)len - i);
+ (*buf) += (int)len - i;
+ len = i;
+ if (m) {
+ if (m == 2) {
+ /*
+ * we are transitioning from http with
+ * an AH, to raw. Drop the ah and set
+ * the mode.
+ */
+raw_transition:
+ lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
+ lws_bind_protocol(wsi, &wsi->vhost->protocols[
+ wsi->vhost->
+ raw_protocol_index]);
+ lwsl_info("transition to raw vh %s prot %d\n",
+ wsi->vhost->name,
+ wsi->vhost->raw_protocol_index);
+ if ((wsi->protocol->callback)(wsi,
+ LWS_CALLBACK_RAW_ADOPT,
+ wsi->user_space, NULL, 0))
+ goto bail_nuke_ah;
+
+ lws_role_transition(wsi, 0, LRS_ESTABLISHED,
+ &role_ops_raw_skt);
+ lws_header_table_detach(wsi, 1);
+
+ if (m == 2 && (wsi->protocol->callback)(wsi,
+ LWS_CALLBACK_RAW_RX,
+ wsi->user_space, obuf, olen))
+ return 1;
+
+ return 0;
+ }
+ lwsl_info("lws_parse failed\n");
+ goto bail_nuke_ah;
+ }
+
+ if (wsi->http.ah->parser_state != WSI_PARSING_COMPLETE)
+ continue;
+
+ lwsl_parser("%s: lws_parse sees parsing complete\n", __func__);
+
+ /* select vhost */
+
+ if (lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) {
+ struct lws_vhost *vhost = lws_select_vhost(
+ context, wsi->vhost->listen_port,
+ lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST));
+
+ if (vhost)
+ wsi->vhost = vhost;
+ } else
+ lwsl_info("no host\n");
+
+ if (!lwsi_role_h2(wsi) || !lwsi_role_server(wsi)) {
+ wsi->vhost->conn_stats.h1_trans++;
+ if (!wsi->conn_stat_done) {
+ wsi->vhost->conn_stats.h1_conn++;
+ wsi->conn_stat_done = 1;
+ }
+ }
+
+ /* check for unwelcome guests */
+
+ if (wsi->context->reject_service_keywords) {
+ const struct lws_protocol_vhost_options *rej =
+ wsi->context->reject_service_keywords;
+ char ua[384], *msg = NULL;
+
+ if (lws_hdr_copy(wsi, ua, sizeof(ua) - 1,
+ WSI_TOKEN_HTTP_USER_AGENT) > 0) {
+#ifdef LWS_WITH_ACCESS_LOG
+ char *uri_ptr = NULL;
+ int meth, uri_len;
+#endif
+ ua[sizeof(ua) - 1] = '\0';
+ while (rej) {
+ if (!strstr(ua, rej->name)) {
+ rej = rej->next;
+ continue;
+ }
+
+ msg = strchr(rej->value, ' ');
+ if (msg)
+ msg++;
+ lws_return_http_status(wsi,
+ atoi(rej->value), msg);
+#ifdef LWS_WITH_ACCESS_LOG
+ meth = lws_http_get_uri_and_method(wsi,
+ &uri_ptr, &uri_len);
+ if (meth >= 0)
+ lws_prepare_access_log_info(wsi,
+ uri_ptr, meth);
+
+ /* wsi close will do the log */
+#endif
+ wsi->vhost->conn_stats.rejected++;
+ /*
+ * We don't want anything from
+ * this rejected guy. Follow
+ * the close flow, not the
+ * transaction complete flow.
+ */
+ goto bail_nuke_ah;
+ }
+ }
+ }
+
+
+ if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECT)) {
+ lwsl_info("Changing to RAW mode\n");
+ m = 0;
+ goto raw_transition;
+ }
+
+ lwsi_set_state(wsi, LRS_PRE_WS_SERVING_ACCEPT);
+ lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
+
+ /* is this websocket protocol or normal http 1.0? */
+
+ if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) {
+ if (!strcasecmp(lws_hdr_simple_ptr(wsi,
+ WSI_TOKEN_UPGRADE),
+ "websocket")) {
+#if defined(LWS_ROLE_WS)
+ wsi->vhost->conn_stats.ws_upg++;
+ lwsl_info("Upgrade to ws\n");
+ goto upgrade_ws;
+#endif
+ }
+#if defined(LWS_WITH_HTTP2)
+ if (!strcasecmp(lws_hdr_simple_ptr(wsi,
+ WSI_TOKEN_UPGRADE),
+ "h2c")) {
+ wsi->vhost->conn_stats.h2_upg++;
+ lwsl_info("Upgrade to h2c\n");
+ goto upgrade_h2c;
+ }
+#endif
+ lwsl_info("Unknown upgrade\n");
+ /* dunno what he wanted to upgrade to */
+ goto bail_nuke_ah;
+ }
+
+ /* no upgrade ack... he remained as HTTP */
+
+ lwsl_info("%s: %p: No upgrade\n", __func__, wsi);
+
+ lwsi_set_state(wsi, LRS_ESTABLISHED);
+ wsi->http.fop_fd = NULL;
+
+ lwsl_debug("%s: wsi %p: ah %p\n", __func__, (void *)wsi,
+ (void *)wsi->http.ah);
+
+ n = lws_http_action(wsi);
+
+ return n;
+
+#if defined(LWS_WITH_HTTP2)
+upgrade_h2c:
+ if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP2_SETTINGS)) {
+ lwsl_info("missing http2_settings\n");
+ goto bail_nuke_ah;
+ }
+
+ lwsl_info("h2c upgrade...\n");
+
+ p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP2_SETTINGS);
+ /* convert the peer's HTTP-Settings */
+ n = lws_b64_decode_string(p, tbuf, sizeof(tbuf));
+ if (n < 0) {
+ lwsl_parser("HTTP2_SETTINGS too long\n");
+ return 1;
+ }
+
+ /* adopt the header info */
+
+ if (!wsi->h2.h2n) {
+ wsi->h2.h2n = lws_zalloc(sizeof(*wsi->h2.h2n),
+ "h2n");
+ if (!wsi->h2.h2n)
+ return 1;
+ }
+
+ lws_h2_init(wsi);
+
+ /* HTTP2 union */
+
+ lws_h2_settings(wsi, &wsi->h2.h2n->set, (unsigned char *)tbuf, n);
+
+ lws_hpack_dynamic_size(wsi, wsi->h2.h2n->set.s[
+ H2SET_HEADER_TABLE_SIZE]);
+
+ strcpy(tbuf, "HTTP/1.1 101 Switching Protocols\x0d\x0a"
+ "Connection: Upgrade\x0d\x0a"
+ "Upgrade: h2c\x0d\x0a\x0d\x0a");
+ m = (int)strlen(tbuf);
+ n = lws_issue_raw(wsi, (unsigned char *)tbuf, m);
+ if (n != m) {
+ lwsl_debug("http2 switch: ERROR writing to socket\n");
+ return 1;
+ }
+
+ lwsi_set_state(wsi, LRS_H2_AWAIT_PREFACE);
+ wsi->upgraded_to_http2 = 1;
+
+ return 0;
+#endif
+#if defined(LWS_ROLE_WS)
+upgrade_ws:
+ if (lws_process_ws_upgrade(wsi))
+ goto bail_nuke_ah;
+
+ return 0;
+#endif
+ } /* while all chars are handled */
+
+ return 0;
+
+bail_nuke_ah:
+ /* drop the header info */
+ lws_header_table_detach(wsi, 1);
+
+ return 1;
+}
+
+
+static int
+lws_get_idlest_tsi(struct lws_context *context)
+{
+ unsigned int lowest = ~0;
+ int n = 0, hit = -1;
+
+ for (; n < context->count_threads; n++) {
+ if ((unsigned int)context->pt[n].fds_count !=
+ context->fd_limit_per_thread - 1 &&
+ (unsigned int)context->pt[n].fds_count < lowest) {
+ lowest = context->pt[n].fds_count;
+ hit = n;
+ }
+ }
+
+ return hit;
+}
+
+struct lws *
+lws_create_new_server_wsi(struct lws_vhost *vhost, int fixed_tsi)
+{
+ struct lws *new_wsi;
+ int n = fixed_tsi;
+
+ if (n < 0)
+ n = lws_get_idlest_tsi(vhost->context);
+
+ if (n < 0) {
+ lwsl_err("no space for new conn\n");
+ return NULL;
+ }
+
+ new_wsi = lws_zalloc(sizeof(struct lws), "new server wsi");
+ if (new_wsi == NULL) {
+ lwsl_err("Out of memory for new connection\n");
+ return NULL;
+ }
+
+ new_wsi->tsi = n;
+ lwsl_debug("new wsi %p joining vhost %s, tsi %d\n", new_wsi,
+ vhost->name, new_wsi->tsi);
+
+ new_wsi->vhost = vhost;
+ new_wsi->context = vhost->context;
+ new_wsi->pending_timeout = NO_PENDING_TIMEOUT;
+ new_wsi->rxflow_change_to = LWS_RXFLOW_ALLOW;
+
+ /* initialize the instance struct */
+
+ lwsi_set_state(new_wsi, LRS_UNCONNECTED);
+ new_wsi->hdr_parsing_completed = 0;
+
+#ifdef LWS_WITH_TLS
+ new_wsi->tls.use_ssl = LWS_SSL_ENABLED(vhost);
+#endif
+
+ /*
+ * these can only be set once the protocol is known
+ * we set an un-established connection's protocol pointer
+ * to the start of the supported list, so it can look
+ * for matching ones during the handshake
+ */
+ new_wsi->protocol = vhost->protocols;
+ new_wsi->user_space = NULL;
+ new_wsi->desc.sockfd = LWS_SOCK_INVALID;
+ new_wsi->position_in_fds_table = LWS_NO_FDS_POS;
+
+ vhost->context->count_wsi_allocated++;
+
+ /*
+ * outermost create notification for wsi
+ * no user_space because no protocol selection
+ */
+ vhost->protocols[0].callback(new_wsi, LWS_CALLBACK_WSI_CREATE,
+ NULL, NULL, 0);
+
+ return new_wsi;
+}
+
+LWS_VISIBLE int LWS_WARN_UNUSED_RESULT
+lws_http_transaction_completed(struct lws *wsi)
+{
+ int n = NO_PENDING_TIMEOUT;
+
+ if (wsi->trunc_len) {
+ /*
+ * ...so he tried to send something large as the http reply,
+ * it went as a partial, but he immediately said the
+ * transaction was completed.
+ *
+ * Defer the transaction completed until the last part of the
+ * partial is sent.
+ */
+ lwsl_notice("%s: deferring due to partial\n", __func__);
+ wsi->http.deferred_transaction_completed = 1;
+
+ return 0;
+ }
+
+ lwsl_info("%s: wsi %p\n", __func__, wsi);
+
+ lws_access_log(wsi);
+
+ if (!wsi->hdr_parsing_completed) {
+ char peer[64];
+ lws_get_peer_simple(wsi, peer, sizeof(peer) - 1);
+ peer[sizeof(peer) - 1] = '\0';
+ lwsl_notice("%s: (from %s) ignoring, ah parsing incomplete\n",
+ __func__, peer);
+ return 0;
+ }
+
+ /* if we can't go back to accept new headers, drop the connection */
+ if (wsi->http2_substream)
+ return 0;
+
+ if (wsi->seen_zero_length_recv)
+ return 1;
+
+ if (wsi->http.connection_type != HTTP_CONNECTION_KEEP_ALIVE) {
+ lwsl_notice("%s: %p: close connection\n", __func__, wsi);
+ return 1;
+ }
+
+ if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0]))
+ return 1;
+
+ /*
+ * otherwise set ourselves up ready to go again, but because we have no
+ * idea about the wsi writability, we make put it in a holding state
+ * until we can verify POLLOUT. The part of this that confirms POLLOUT
+ * with no partials is in lws_server_socket_service() below.
+ */
+ lwsl_debug("%s: %p: setting DEF_ACT from 0x%x\n", __func__,
+ wsi, wsi->wsistate);
+ lwsi_set_state(wsi, LRS_DEFERRING_ACTION);
+ wsi->http.tx_content_length = 0;
+ wsi->http.tx_content_remain = 0;
+ wsi->hdr_parsing_completed = 0;
+#ifdef LWS_WITH_ACCESS_LOG
+ wsi->http.access_log.sent = 0;
+#endif
+
+ if (wsi->vhost->keepalive_timeout)
+ n = PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE;
+ lws_set_timeout(wsi, n, wsi->vhost->keepalive_timeout);
+
+ /*
+ * We already know we are on http1.1 / keepalive and the next thing
+ * coming will be another header set.
+ *
+ * If there is no pending rx and we still have the ah, drop it and
+ * reacquire a new ah when the new headers start to arrive. (Otherwise
+ * we needlessly hog an ah indefinitely.)
+ *
+ * However if there is pending rx and we know from the keepalive state
+ * that is already at least the start of another header set, simply
+ * reset the existing header table and keep it.
+ */
+ if (wsi->http.ah) {
+ // lws_buflist_describe(&wsi->buflist, wsi);
+ if (!lws_buflist_next_segment_len(&wsi->buflist, NULL)) {
+ lwsl_info("%s: %p: nothing in buflist so detaching ah\n",
+ __func__, wsi);
+ lws_header_table_detach(wsi, 1);
+#ifdef LWS_WITH_TLS
+ /*
+ * additionally... if we are hogging an SSL instance
+ * with no pending pipelined headers (or ah now), and
+ * SSL is scarce, drop this connection without waiting
+ */
+
+ if (wsi->vhost->tls.use_ssl &&
+ wsi->context->simultaneous_ssl_restriction &&
+ wsi->context->simultaneous_ssl ==
+ wsi->context->simultaneous_ssl_restriction) {
+ lwsl_info("%s: simultaneous_ssl_restriction\n",
+ __func__);
+ return 1;
+ }
+#endif
+ } else {
+ lwsl_info("%s: %p: resetting and keeping ah as pipeline\n",
+ __func__, wsi);
+ lws_header_table_reset(wsi, 0);
+ /*
+ * If we kept the ah, we should restrict the amount
+ * of time we are willing to keep it. Otherwise it
+ * will be bound the whole time the connection remains
+ * open.
+ */
+ lws_set_timeout(wsi, PENDING_TIMEOUT_HOLDING_AH,
+ wsi->vhost->keepalive_timeout);
+ }
+ /* If we're (re)starting on headers, need other implied init */
+ if (wsi->http.ah)
+ wsi->http.ah->ues = URIES_IDLE;
+
+ //lwsi_set_state(wsi, LRS_ESTABLISHED);
+ } else
+ if (lws_buflist_next_segment_len(&wsi->buflist, NULL))
+ if (lws_header_table_attach(wsi, 0))
+ lwsl_debug("acquired ah\n");
+
+ lwsl_info("%s: %p: keep-alive await new transaction\n", __func__, wsi);
+ lws_callback_on_writable(wsi);
+
+ return 0;
+}
+
+/* if not a socket, it's a raw, non-ssl file descriptor */
+
+LWS_VISIBLE struct lws *
+lws_adopt_descriptor_vhost(struct lws_vhost *vh, lws_adoption_type type,
+ lws_sock_file_fd_type fd, const char *vh_prot_name,
+ struct lws *parent)
+{
+ struct lws_context *context = vh->context;
+ struct lws *new_wsi;
+ struct lws_context_per_thread *pt;
+ int n, ssl = 0;
+
+#if defined(LWS_WITH_PEER_LIMITS)
+ struct lws_peer *peer = NULL;
+
+ if (type & LWS_ADOPT_SOCKET && !(type & LWS_ADOPT_WS_PARENTIO)) {
+ peer = lws_get_or_create_peer(vh, fd.sockfd);
+
+ if (peer && context->ip_limit_wsi &&
+ peer->count_wsi >= context->ip_limit_wsi) {
+ lwsl_notice("Peer reached wsi limit %d\n",
+ context->ip_limit_wsi);
+ lws_stats_atomic_bump(context, &context->pt[0],
+ LWSSTATS_C_PEER_LIMIT_WSI_DENIED, 1);
+ return NULL;
+ }
+ }
+#endif
+
+ n = -1;
+ if (parent)
+ n = parent->tsi;
+ new_wsi = lws_create_new_server_wsi(vh, n);
+ if (!new_wsi) {
+ if (type & LWS_ADOPT_SOCKET && !(type & LWS_ADOPT_WS_PARENTIO))
+ compatible_close(fd.sockfd);
+ return NULL;
+ }
+#if defined(LWS_WITH_PEER_LIMITS)
+ if (peer)
+ lws_peer_add_wsi(context, peer, new_wsi);
+#endif
+ pt = &context->pt[(int)new_wsi->tsi];
+ lws_stats_atomic_bump(context, pt, LWSSTATS_C_CONNECTIONS, 1);
+
+ if (parent) {
+ new_wsi->parent = parent;
+ new_wsi->sibling_list = parent->child_list;
+ parent->child_list = new_wsi;
+
+ if (type & LWS_ADOPT_WS_PARENTIO)
+ new_wsi->parent_carries_io = 1;
+ }
+
+ new_wsi->desc = fd;
+
+ if (vh_prot_name) {
+ new_wsi->protocol = lws_vhost_name_to_protocol(new_wsi->vhost,
+ vh_prot_name);
+ if (!new_wsi->protocol) {
+ lwsl_err("Protocol %s not enabled on vhost %s\n",
+ vh_prot_name, new_wsi->vhost->name);
+ goto bail;
+ }
+ if (lws_ensure_user_space(new_wsi)) {
+ lwsl_notice("OOM trying to get user_space\n");
+ goto bail;
+ }
+#if defined(LWS_ROLE_WS)
+ if (type & LWS_ADOPT_WS_PARENTIO) {
+ new_wsi->desc.sockfd = LWS_SOCK_INVALID;
+ lwsl_debug("binding to %s\n", new_wsi->protocol->name);
+ lws_bind_protocol(new_wsi, new_wsi->protocol);
+ lws_role_transition(new_wsi, LWSIFR_SERVER,
+ LRS_ESTABLISHED, &role_ops_ws);
+ /* allocate the ws struct for the wsi */
+ new_wsi->ws = lws_zalloc(sizeof(*new_wsi->ws), "ws struct");
+ if (!new_wsi->ws) {
+ lwsl_notice("OOM\n");
+ goto bail;
+ }
+ lws_server_init_wsi_for_ws(new_wsi);
+
+ return new_wsi;
+ }
+#endif
+ } else
+#if defined(LWS_ROLE_H1)
+ if (type & LWS_ADOPT_HTTP) {/* he will transition later */
+ new_wsi->protocol =
+ &vh->protocols[vh->default_protocol_index];
+ new_wsi->role_ops = &role_ops_h1;
+ }
+ else
+#endif
+ { /* this is the only time he will transition */
+ lws_bind_protocol(new_wsi,
+ &vh->protocols[vh->raw_protocol_index]);
+ lws_role_transition(new_wsi, 0, LRS_ESTABLISHED,
+ &role_ops_raw_skt);
+ }
+
+ if (type & LWS_ADOPT_SOCKET) { /* socket desc */
+ lwsl_debug("%s: new wsi %p, sockfd %d\n", __func__, new_wsi,
+ (int)(lws_intptr_t)fd.sockfd);
+#if !defined(LWS_WITH_ESP32)
+ if (type & LWS_ADOPT_FLAG_UDP)
+ /*
+ * these can be >128 bytes, so just alloc for UDP
+ */
+ new_wsi->udp = lws_malloc(sizeof(*new_wsi->udp),
+ "udp struct");
+#endif
+
+ if (type & LWS_ADOPT_HTTP)
+ /* the transport is accepted...
+ * give him time to negotiate */
+ lws_set_timeout(new_wsi,
+ PENDING_TIMEOUT_ESTABLISH_WITH_SERVER,
+ context->timeout_secs);
+
+ } else /* file desc */
+ lwsl_debug("%s: new wsi %p, filefd %d\n", __func__, new_wsi,
+ (int)(lws_intptr_t)fd.filefd);
+
+ /*
+ * A new connection was accepted. Give the user a chance to
+ * set properties of the newly created wsi. There's no protocol
+ * selected yet so we issue this to the vhosts's default protocol,
+ * itself by default protocols[0]
+ */
+ n = LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED;
+ if (!(type & LWS_ADOPT_HTTP)) {
+ if (!(type & LWS_ADOPT_SOCKET))
+ n = LWS_CALLBACK_RAW_ADOPT_FILE;
+ else
+ n = LWS_CALLBACK_RAW_ADOPT;
+ }
+
+ if (!LWS_SSL_ENABLED(new_wsi->vhost) || !(type & LWS_ADOPT_ALLOW_SSL) ||
+ !(type & LWS_ADOPT_SOCKET)) {
+ /* non-SSL */
+ if (!(type & LWS_ADOPT_HTTP)) {
+ if (!(type & LWS_ADOPT_SOCKET))
+ lws_role_transition(new_wsi, 0, LRS_ESTABLISHED,
+ &role_ops_raw_file);
+ else
+ lws_role_transition(new_wsi, 0, LRS_ESTABLISHED,
+ &role_ops_raw_skt);
+ }
+#if defined(LWS_ROLE_H1)
+ else
+ lws_role_transition(new_wsi, LWSIFR_SERVER,
+ LRS_HEADERS, &role_ops_h1);
+#endif
+ } else {
+ /* SSL */
+ if (!(type & LWS_ADOPT_HTTP))
+ lws_role_transition(new_wsi, 0, LRS_SSL_INIT,
+ &role_ops_raw_skt);
+#if defined(LWS_ROLE_H1)
+ else
+ lws_role_transition(new_wsi, LWSIFR_SERVER,
+ LRS_SSL_INIT, &role_ops_h1);
+#endif
+ ssl = 1;
+ }
+
+ lwsl_debug("new wsi wsistate 0x%x\n", new_wsi->wsistate);
+
+ if (context->event_loop_ops->accept)
+ context->event_loop_ops->accept(new_wsi);
+
+ if (!ssl) {
+ lws_pt_lock(pt, __func__);
+ if (__insert_wsi_socket_into_fds(context, new_wsi)) {
+ lws_pt_unlock(pt);
+ lwsl_err("%s: fail inserting socket\n", __func__);
+ goto fail;
+ }
+ lws_pt_unlock(pt);
+ } else
+ if (lws_server_socket_service_ssl(new_wsi, fd.sockfd)) {
+ lwsl_info("%s: fail ssl negotiation\n", __func__);
+ goto fail;
+ }
+
+ /*
+ * by deferring callback to this point, after insertion to fds,
+ * lws_callback_on_writable() can work from the callback
+ */
+ if ((new_wsi->protocol->callback)(
+ new_wsi, n, new_wsi->user_space, NULL, 0))
+ goto fail;
+
+ if (type & LWS_ADOPT_HTTP) {
+ if (!lws_header_table_attach(new_wsi, 0))
+ lwsl_debug("Attached ah immediately\n");
+ else
+ lwsl_info("%s: waiting for ah\n", __func__);
+ }
+
+ lws_cancel_service_pt(new_wsi);
+
+ return new_wsi;
+
+fail:
+ if (type & LWS_ADOPT_SOCKET)
+ lws_close_free_wsi(new_wsi, LWS_CLOSE_STATUS_NOSTATUS, "adopt skt fail");
+
+ return NULL;
+
+bail:
+ lwsl_notice("%s: exiting on bail\n", __func__);
+ if (parent)
+ parent->child_list = new_wsi->sibling_list;
+ if (new_wsi->user_space)
+ lws_free(new_wsi->user_space);
+ lws_free(new_wsi);
+ compatible_close(fd.sockfd);
+
+ return NULL;
+}
+
+LWS_VISIBLE struct lws *
+lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd)
+{
+ lws_sock_file_fd_type fd;
+
+ fd.sockfd = accept_fd;
+ return lws_adopt_descriptor_vhost(vh, LWS_ADOPT_SOCKET |
+ LWS_ADOPT_HTTP | LWS_ADOPT_ALLOW_SSL, fd, NULL, NULL);
+}
+
+LWS_VISIBLE struct lws *
+lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd)
+{
+ return lws_adopt_socket_vhost(context->vhost_list, accept_fd);
+}
+
+/* Common read-buffer adoption for lws_adopt_*_readbuf */
+static struct lws*
+adopt_socket_readbuf(struct lws *wsi, const char *readbuf, size_t len)
+{
+ struct lws_context_per_thread *pt;
+ struct lws_pollfd *pfd;
+ int n;
+
+ if (!wsi)
+ return NULL;
+
+ if (!readbuf || len == 0)
+ return wsi;
+
+ if (wsi->position_in_fds_table == LWS_NO_FDS_POS)
+ return wsi;
+
+ pt = &wsi->context->pt[(int)wsi->tsi];
+
+ n = lws_buflist_append_segment(&wsi->buflist, (const uint8_t *)readbuf, len);
+ if (n < 0)
+ goto bail;
+ if (n)
+ lws_dll_lws_add_front(&wsi->dll_buflist, &pt->dll_head_buflist);
+
+ /*
+ * we can't process the initial read data until we can attach an ah.
+ *
+ * if one is available, get it and place the data in his ah rxbuf...
+ * wsi with ah that have pending rxbuf get auto-POLLIN service.
+ *
+ * no autoservice because we didn't get a chance to attach the
+ * readbuf data to wsi or ah yet, and we will do it next if we get
+ * the ah.
+ */
+ if (wsi->http.ah || !lws_header_table_attach(wsi, 0)) {
+
+ lwsl_notice("%s: calling service on readbuf ah\n", __func__);
+
+ /* unlike a normal connect, we have the headers already
+ * (or the first part of them anyway).
+ * libuv won't come back and service us without a network
+ * event, so we need to do the header service right here.
+ */
+ pfd = &pt->fds[wsi->position_in_fds_table];
+ pfd->revents |= LWS_POLLIN;
+ lwsl_err("%s: calling service\n", __func__);
+ if (lws_service_fd_tsi(wsi->context, pfd, wsi->tsi))
+ /* service closed us */
+ return NULL;
+
+ return wsi;
+ }
+ lwsl_err("%s: deferring handling ah\n", __func__);
+
+ return wsi;
+
+bail:
+ lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "adopt skt readbuf fail");
+
+ return NULL;
+}
+
+LWS_VISIBLE struct lws *
+lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd,
+ const char *readbuf, size_t len)
+{
+ return adopt_socket_readbuf(lws_adopt_socket(context, accept_fd),
+ readbuf, len);
+}
+
+LWS_VISIBLE struct lws *
+lws_adopt_socket_vhost_readbuf(struct lws_vhost *vhost,
+ lws_sockfd_type accept_fd,
+ const char *readbuf, size_t len)
+{
+ return adopt_socket_readbuf(lws_adopt_socket_vhost(vhost, accept_fd),
+ readbuf, len);
+}
+
+LWS_VISIBLE int
+lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type,
+ const char *other_headers, int other_headers_len)
+{
+ static const char * const intermediates[] = { "private", "public" };
+ struct lws_context *context = lws_get_context(wsi);
+ struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+#if defined(LWS_WITH_RANGES)
+ struct lws_range_parsing *rp = &wsi->http.range;
+#endif
+ char cache_control[50], *cc = "no-store";
+ unsigned char *response = pt->serv_buf + LWS_PRE;
+ unsigned char *p = response;
+ unsigned char *end = p + context->pt_serv_buf_size - LWS_PRE;
+ lws_filepos_t total_content_length;
+ int ret = 0, cclen = 8, n = HTTP_STATUS_OK;
+ lws_fop_flags_t fflags = LWS_O_RDONLY;
+#if defined(LWS_WITH_RANGES)
+ int ranges;
+#endif
+ const struct lws_plat_file_ops *fops;
+ const char *vpath;
+
+ if (wsi->handling_404)
+ n = HTTP_STATUS_NOT_FOUND;
+
+ /*
+ * We either call the platform fops .open with first arg platform fops,
+ * or we call fops_zip .open with first arg platform fops, and fops_zip
+ * open will decide whether to switch to fops_zip or stay with fops_def.
+ *
+ * If wsi->http.fop_fd is already set, the caller already opened it
+ */
+ if (!wsi->http.fop_fd) {
+ fops = lws_vfs_select_fops(wsi->context->fops, file, &vpath);
+ fflags |= lws_vfs_prepare_flags(wsi);
+ wsi->http.fop_fd = fops->LWS_FOP_OPEN(wsi->context->fops,
+ file, vpath, &fflags);
+ if (!wsi->http.fop_fd) {
+ lwsl_info("%s: Unable to open: '%s': errno %d\n",
+ __func__, file, errno);
+ if (lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL))
+ return -1;
+ return !wsi->http2_substream;
+ }
+ }
+ wsi->http.filelen = lws_vfs_get_length(wsi->http.fop_fd);
+ total_content_length = wsi->http.filelen;
+
+#if defined(LWS_WITH_RANGES)
+ ranges = lws_ranges_init(wsi, rp, wsi->http.filelen);
+
+ lwsl_debug("Range count %d\n", ranges);
+ /*
+ * no ranges -> 200;
+ * 1 range -> 206 + Content-Type: normal; Content-Range;
+ * more -> 206 + Content-Type: multipart/byteranges
+ * Repeat the true Content-Type in each multipart header
+ * along with Content-Range
+ */
+ if (ranges < 0) {
+ /* it means he expressed a range in Range:, but it was illegal */
+ lws_return_http_status(wsi, HTTP_STATUS_REQ_RANGE_NOT_SATISFIABLE,
+ NULL);
+ if (lws_http_transaction_completed(wsi))
+ return -1; /* <0 means just hang up */
+
+ lws_vfs_file_close(&wsi->http.fop_fd);
+
+ return 0; /* == 0 means we dealt with the transaction complete */
+ }
+ if (ranges)
+ n = HTTP_STATUS_PARTIAL_CONTENT;
+#endif
+
+ if (lws_add_http_header_status(wsi, n, &p, end))
+ return -1;
+
+ if ((wsi->http.fop_fd->flags & (LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP |
+ LWS_FOP_FLAG_COMPR_IS_GZIP)) ==
+ (LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP | LWS_FOP_FLAG_COMPR_IS_GZIP)) {
+ if (lws_add_http_header_by_token(wsi,
+ WSI_TOKEN_HTTP_CONTENT_ENCODING,
+ (unsigned char *)"gzip", 4, &p, end))
+ return -1;
+ lwsl_info("file is being provided in gzip\n");
+ }
+
+ if (
+#if defined(LWS_WITH_RANGES)
+ ranges < 2 &&
+#endif
+ content_type && content_type[0])
+ if (lws_add_http_header_by_token(wsi,
+ WSI_TOKEN_HTTP_CONTENT_TYPE,
+ (unsigned char *)content_type,
+ (int)strlen(content_type),
+ &p, end))
+ return -1;
+
+#if defined(LWS_WITH_RANGES)
+ if (ranges >= 2) { /* multipart byteranges */
+ lws_strncpy(wsi->http.multipart_content_type, content_type,
+ sizeof(wsi->http.multipart_content_type));
+
+ if (lws_add_http_header_by_token(wsi,
+ WSI_TOKEN_HTTP_CONTENT_TYPE,
+ (unsigned char *)
+ "multipart/byteranges; "
+ "boundary=_lws",
+ 20, &p, end))
+ return -1;
+
+ /*
+ * our overall content length has to include
+ *
+ * - (n + 1) x "_lws\r\n"
+ * - n x Content-Type: xxx/xxx\r\n
+ * - n x Content-Range: bytes xxx-yyy/zzz\r\n
+ * - n x /r/n
+ * - the actual payloads (aggregated in rp->agg)
+ *
+ * Precompute it for the main response header
+ */
+
+ total_content_length = (lws_filepos_t)rp->agg +
+ 6 /* final _lws\r\n */;
+
+ lws_ranges_reset(rp);
+ while (lws_ranges_next(rp)) {
+ n = lws_snprintf(cache_control, sizeof(cache_control),
+ "bytes %llu-%llu/%llu",
+ rp->start, rp->end, rp->extent);
+
+ total_content_length +=
+ 6 /* header _lws\r\n */ +
+ /* Content-Type: xxx/xxx\r\n */
+ 14 + strlen(content_type) + 2 +
+ /* Content-Range: xxxx\r\n */
+ 15 + n + 2 +
+ 2; /* /r/n */
+ }
+
+ lws_ranges_reset(rp);
+ lws_ranges_next(rp);
+ }
+
+ if (ranges == 1) {
+ total_content_length = (lws_filepos_t)rp->agg;
+ n = lws_snprintf(cache_control, sizeof(cache_control),
+ "bytes %llu-%llu/%llu",
+ rp->start, rp->end, rp->extent);
+
+ if (lws_add_http_header_by_token(wsi,
+ WSI_TOKEN_HTTP_CONTENT_RANGE,
+ (unsigned char *)cache_control,
+ n, &p, end))
+ return -1;
+ }
+
+ wsi->http.range.inside = 0;
+
+ if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_ACCEPT_RANGES,
+ (unsigned char *)"bytes", 5, &p, end))
+ return -1;
+#endif
+
+ if (!wsi->http2_substream) {
+ if (!wsi->sending_chunked) {
+ if (lws_add_http_header_content_length(wsi,
+ total_content_length,
+ &p, end))
+ return -1;
+ } else {
+ if (lws_add_http_header_by_token(wsi,
+ WSI_TOKEN_HTTP_TRANSFER_ENCODING,
+ (unsigned char *)"chunked",
+ 7, &p, end))
+ return -1;
+ }
+ }
+
+ if (wsi->cache_secs && wsi->cache_reuse) {
+ if (wsi->cache_revalidate) {
+ cc = cache_control;
+ cclen = sprintf(cache_control, "%s max-age: %u",
+ intermediates[wsi->cache_intermediaries],
+ wsi->cache_secs);
+ } else {
+ cc = "no-cache";
+ cclen = 8;
+ }
+ }
+
+ if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CACHE_CONTROL,
+ (unsigned char *)cc, cclen, &p, end))
+ return -1;
+
+ if (wsi->http.connection_type == HTTP_CONNECTION_KEEP_ALIVE)
+ if (lws_add_http_header_by_token(wsi, WSI_TOKEN_CONNECTION,
+ (unsigned char *)"keep-alive", 10, &p, end))
+ return -1;
+
+ if (other_headers) {
+ if ((end - p) < other_headers_len)
+ return -1;
+ memcpy(p, other_headers, other_headers_len);
+ p += other_headers_len;
+ }
+
+ if (lws_finalize_http_header(wsi, &p, end))
+ return -1;
+
+ ret = lws_write(wsi, response, p - response, LWS_WRITE_HTTP_HEADERS);
+ if (ret != (p - response)) {
+ lwsl_err("_write returned %d from %ld\n", ret,
+ (long)(p - response));
+ return -1;
+ }
+
+ wsi->http.filepos = 0;
+ lwsi_set_state(wsi, LRS_ISSUING_FILE);
+
+ lws_callback_on_writable(wsi);
+
+ return 0;
+}
+
+LWS_VISIBLE int lws_serve_http_file_fragment(struct lws *wsi)
+{
+ struct lws_context *context = wsi->context;
+ struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+ struct lws_process_html_args args;
+ lws_filepos_t amount, poss;
+ unsigned char *p, *pstart;
+#if defined(LWS_WITH_RANGES)
+ unsigned char finished = 0;
+#endif
+ int n, m;
+
+ lwsl_debug("wsi->http2_substream %d\n", wsi->http2_substream);
+
+ do {
+
+ if (wsi->trunc_len) {
+ if (lws_issue_raw(wsi, wsi->trunc_alloc +
+ wsi->trunc_offset,
+ wsi->trunc_len) < 0) {
+ lwsl_info("%s: closing\n", __func__);
+ goto file_had_it;
+ }
+ break;
+ }
+
+ if (wsi->http.filepos == wsi->http.filelen)
+ goto all_sent;
+
+ n = 0;
+
+ pstart = pt->serv_buf + LWS_H2_FRAME_HEADER_LENGTH;
+
+ p = pstart;
+
+#if defined(LWS_WITH_RANGES)
+ if (wsi->http.range.count_ranges && !wsi->http.range.inside) {
+
+ lwsl_notice("%s: doing range start %llu\n", __func__,
+ wsi->http.range.start);
+
+ if ((long long)lws_vfs_file_seek_cur(wsi->http.fop_fd,
+ wsi->http.range.start -
+ wsi->http.filepos) < 0)
+ goto file_had_it;
+
+ wsi->http.filepos = wsi->http.range.start;
+
+ if (wsi->http.range.count_ranges > 1) {
+ n = lws_snprintf((char *)p,
+ context->pt_serv_buf_size -
+ LWS_H2_FRAME_HEADER_LENGTH,
+ "_lws\x0d\x0a"
+ "Content-Type: %s\x0d\x0a"
+ "Content-Range: bytes %llu-%llu/%llu\x0d\x0a"
+ "\x0d\x0a",
+ wsi->http.multipart_content_type,
+ wsi->http.range.start,
+ wsi->http.range.end,
+ wsi->http.range.extent);
+ p += n;
+ }
+
+ wsi->http.range.budget = wsi->http.range.end -
+ wsi->http.range.start + 1;
+ wsi->http.range.inside = 1;
+ }
+#endif
+
+ poss = context->pt_serv_buf_size - n - LWS_H2_FRAME_HEADER_LENGTH;
+
+ if (wsi->http.tx_content_length)
+ if (poss > wsi->http.tx_content_remain)
+ poss = wsi->http.tx_content_remain;
+
+ /*
+ * if there is a hint about how much we will do well to send at
+ * one time, restrict ourselves to only trying to send that.
+ */
+ if (wsi->protocol->tx_packet_size &&
+ poss > wsi->protocol->tx_packet_size)
+ poss = wsi->protocol->tx_packet_size;
+
+ if (wsi->role_ops->tx_credit) {
+ lws_filepos_t txc = wsi->role_ops->tx_credit(wsi);
+
+ if (!txc) {
+ lwsl_info("%s: came here with no tx credit\n",
+ __func__);
+ return 0;
+ }
+ if (txc < poss)
+ poss = txc;
+
+ /*
+ * consumption of the actual payload amount sent will be
+ * handled when the role data frame is sent
+ */
+ }
+
+#if defined(LWS_WITH_RANGES)
+ if (wsi->http.range.count_ranges) {
+ if (wsi->http.range.count_ranges > 1)
+ poss -= 7; /* allow for final boundary */
+ if (poss > wsi->http.range.budget)
+ poss = wsi->http.range.budget;
+ }
+#endif
+ if (wsi->sending_chunked) {
+ /* we need to drop the chunk size in here */
+ p += 10;
+ /* allow for the chunk to grow by 128 in translation */
+ poss -= 10 + 128;
+ }
+
+ if (lws_vfs_file_read(wsi->http.fop_fd, &amount, p, poss) < 0)
+ goto file_had_it; /* caller will close */
+
+ if (wsi->sending_chunked)
+ n = (int)amount;
+ else
+ n = lws_ptr_diff(p, pstart) + (int)amount;
+
+ lwsl_debug("%s: sending %d\n", __func__, n);
+
+ if (n) {
+ lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT,
+ context->timeout_secs);
+
+ if (wsi->interpreting) {
+ args.p = (char *)p;
+ args.len = n;
+ args.max_len = (unsigned int)poss + 128;
+ args.final = wsi->http.filepos + n ==
+ wsi->http.filelen;
+ args.chunked = wsi->sending_chunked;
+ if (user_callback_handle_rxflow(
+ wsi->vhost->protocols[
+ (int)wsi->protocol_interpret_idx].callback,
+ wsi, LWS_CALLBACK_PROCESS_HTML,
+ wsi->user_space, &args, 0) < 0)
+ goto file_had_it;
+ n = args.len;
+ p = (unsigned char *)args.p;
+ } else
+ p = pstart;
+
+#if defined(LWS_WITH_RANGES)
+ if (wsi->http.range.send_ctr + 1 ==
+ wsi->http.range.count_ranges && // last range
+ wsi->http.range.count_ranges > 1 && // was 2+ ranges (ie, multipart)
+ wsi->http.range.budget - amount == 0) {// final part
+ n += lws_snprintf((char *)pstart + n, 6,
+ "_lws\x0d\x0a"); // append trailing boundary
+ lwsl_debug("added trailing boundary\n");
+ }
+#endif
+ m = lws_write(wsi, p, n,
+ wsi->http.filepos + amount == wsi->http.filelen ?
+ LWS_WRITE_HTTP_FINAL :
+ LWS_WRITE_HTTP
+ );
+ if (m < 0)
+ goto file_had_it;
+
+ wsi->http.filepos += amount;
+
+#if defined(LWS_WITH_RANGES)
+ if (wsi->http.range.count_ranges >= 1) {
+ wsi->http.range.budget -= amount;
+ if (wsi->http.range.budget == 0) {
+ lwsl_notice("range budget exhausted\n");
+ wsi->http.range.inside = 0;
+ wsi->http.range.send_ctr++;
+
+ if (lws_ranges_next(&wsi->http.range) < 1) {
+ finished = 1;
+ goto all_sent;
+ }
+ }
+ }
+#endif
+
+ if (m != n) {
+ /* adjust for what was not sent */
+ if (lws_vfs_file_seek_cur(wsi->http.fop_fd,
+ m - n) ==
+ (lws_fileofs_t)-1)
+ goto file_had_it;
+ }
+ }
+
+all_sent:
+ if ((!wsi->trunc_len && wsi->http.filepos >= wsi->http.filelen)
+#if defined(LWS_WITH_RANGES)
+ || finished)
+#else
+ )
+#endif
+ {
+ lwsi_set_state(wsi, LRS_ESTABLISHED);
+ /* we might be in keepalive, so close it off here */
+ lws_vfs_file_close(&wsi->http.fop_fd);
+
+ lwsl_debug("file completed\n");
+
+ if (wsi->protocol->callback &&
+ user_callback_handle_rxflow(wsi->protocol->callback,
+ wsi, LWS_CALLBACK_HTTP_FILE_COMPLETION,
+ wsi->user_space, NULL,
+ 0) < 0) {
+ /*
+ * For http/1.x, the choices from
+ * transaction_completed are either
+ * 0 to use the connection for pipelined
+ * or nonzero to hang it up.
+ *
+ * However for http/2. while we are
+ * still interested in hanging up the
+ * nwsi if there was a network-level
+ * fatal error, simply completing the
+ * transaction is a matter of the stream
+ * state, not the root connection at the
+ * network level
+ */
+ if (wsi->http2_substream)
+ return 1;
+ else
+ return -1;
+ }
+
+ return 1; /* >0 indicates completed */
+ }
+ } while (0); // while (!lws_send_pipe_choked(wsi))
+
+ lws_callback_on_writable(wsi);
+
+ return 0; /* indicates further processing must be done */
+
+file_had_it:
+ lws_vfs_file_close(&wsi->http.fop_fd);
+
+ return -1;
+}
+
+
+LWS_VISIBLE void
+lws_server_get_canonical_hostname(struct lws_context *context,
+ const struct lws_context_creation_info *info)
+{
+ if (lws_check_opt(info->options,
+ LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME))
+ return;
+#if !defined(LWS_WITH_ESP32)
+ /* find canonical hostname */
+ gethostname((char *)context->canonical_hostname,
+ sizeof(context->canonical_hostname) - 1);
+
+ lwsl_info(" canonical_hostname = %s\n", context->canonical_hostname);
+#else
+ (void)context;
+#endif
+}
+
+
+LWS_VISIBLE LWS_EXTERN int
+lws_chunked_html_process(struct lws_process_html_args *args,
+ struct lws_process_html_state *s)
+{
+ char *sp, buffer[32];
+ const char *pc;
+ int old_len, n;
+
+ /* do replacements */
+ sp = args->p;
+ old_len = args->len;
+ args->len = 0;
+ s->start = sp;
+ while (sp < args->p + old_len) {
+
+ if (args->len + 7 >= args->max_len) {
+ lwsl_err("Used up interpret padding\n");
+ return -1;
+ }
+
+ if ((!s->pos && *sp == '$') || s->pos) {
+ int hits = 0, hit = 0;
+
+ if (!s->pos)
+ s->start = sp;
+ s->swallow[s->pos++] = *sp;
+ if (s->pos == sizeof(s->swallow) - 1)
+ goto skip;
+ for (n = 0; n < s->count_vars; n++)
+ if (!strncmp(s->swallow, s->vars[n], s->pos)) {
+ hits++;
+ hit = n;
+ }
+ if (!hits) {
+skip:
+ s->swallow[s->pos] = '\0';
+ memcpy(s->start, s->swallow, s->pos);
+ args->len++;
+ s->pos = 0;
+ sp = s->start + 1;
+ continue;
+ }
+ if (hits == 1 && s->pos == (int)strlen(s->vars[hit])) {
+ pc = s->replace(s->data, hit);
+ if (!pc)
+ pc = "NULL";
+ n = (int)strlen(pc);
+ s->swallow[s->pos] = '\0';
+ if (n != s->pos) {
+ memmove(s->start + n,
+ s->start + s->pos,
+ old_len - (sp - args->p));
+ old_len += (n - s->pos) + 1;
+ }
+ memcpy(s->start, pc, n);
+ args->len++;
+ sp = s->start + 1;
+
+ s->pos = 0;
+ }
+ sp++;
+ continue;
+ }
+
+ args->len++;
+ sp++;
+ }
+
+ if (args->chunked) {
+ /* no space left for final chunk trailer */
+ if (args->final && args->len + 7 >= args->max_len)
+ return -1;
+
+ n = sprintf(buffer, "%X\x0d\x0a", args->len);
+
+ args->p -= n;
+ memcpy(args->p, buffer, n);
+ args->len += n;
+
+ if (args->final) {
+ sp = args->p + args->len;
+ *sp++ = '\x0d';
+ *sp++ = '\x0a';
+ *sp++ = '0';
+ *sp++ = '\x0d';
+ *sp++ = '\x0a';
+ *sp++ = '\x0d';
+ *sp++ = '\x0a';
+ args->len += 7;
+ } else {
+ sp = args->p + args->len;
+ *sp++ = '\x0d';
+ *sp++ = '\x0a';
+ args->len += 2;
+ }
+ }
+
+ return 0;
+}