diff options
Diffstat (limited to 'thirdparty')
348 files changed, 34622 insertions, 36322 deletions
diff --git a/thirdparty/README.md b/thirdparty/README.md index 186f183ea2..4fb4786d67 100644 --- a/thirdparty/README.md +++ b/thirdparty/README.md @@ -19,7 +19,7 @@ comments. ## bullet - Upstream: https://github.com/bulletphysics/bullet3 -- Version: git (126b676, 2018-12-31) +- Version: 2.88 - License: zlib Files extracted from upstream source: @@ -128,7 +128,7 @@ Files extracted from upstream source: ## glad - Upstream: https://github.com/Dav1dde/glad -- Version: 0.1.28 +- Version: 0.1.29 - License: MIT The files we package are automatically generated. @@ -202,6 +202,9 @@ Files extracted from upstream source: - all .h files in include/theora/ as theora/ - COPYING and LICENSE +Upstream patches included in the `patches` directory have been applied +on top of the 1.1.1 source (not included in any stable release yet). + ## libvorbis @@ -236,7 +239,7 @@ from the Android NDK r18. ## libwebp - Upstream: https://chromium.googlesource.com/webm/libwebp/ -- Version: 1.0.1 +- Version: 1.0.2 - License: BSD-3-Clause Files extracted from upstream source: @@ -252,23 +255,25 @@ changes are marked with `// -- GODOT --` comments. ## libwebsockets - Upstream: https://github.com/warmcat/libwebsockets -- Version: 3.0.0 +- Version: 3.1.0 - License: LGPLv2.1 + static linking exception File extracted from upstream source: -- From `lib/` into `thirdparty/libwebsockets`: +- From `lib/` into `thirdparty/libwebsockets/lib`: - Everything from `core` - - From `event-libs` only the `poll` subfolder - - From `misc` only `base64-decode.c`, `getifaddrs.c`, `getifaddrs.h`, `lejp.c`, and `sha-1.c` - - From `plat` only `lws-plat-unix.c` and `lws-plat-win.c` + - From `event-libs` only the `poll` subfolder and the `private.h` header + - From `misc` only `base64-decode.c`, `getifaddrs.c`, `getifaddrs.h`, `lejp.c`, and `sha-1.c` (and the `private.h` header) + - From `plat` everything from `unix` and `windows` (and the `private.h` header) - From `roles` only `private.h`, `h1`, `http`, `listen`, `pipe`, `raw`, `ws` - - From `roles/http` exclude `minilex.c` + - From `roles/http` exclude `minilex.c` and the `compression` subfolder - From `roles/http/server` exclude `access-log.c`, `lws-spa.c`, `ranges.c`, and `rewrite.c` - From `roles/ws` exclude `ext` folder. - From `tls` exclude `openssl` folder. - Also copy `win32helpers/` from `win32port/` inside `thirdparty/libwebsockets` - A fix has been added to allow building for 32-bits UWP, replacing `GetFileSize[Ex]` and `CreateFileW` with supported functions. There is a diff for this change in `thirdparty/libwebsockets/uwp_fixes.diff` +- A fix to disable V6ONLY flag from IPv6 sockets (on by default on some systems) has been also applied. + The diff for this change can be found in `thirdparty/libwebsockets/ipv6_fixes.diff` Important: `lws_config.h` and `lws_config_private.h` contains custom Godot build configurations, check them out when updating. @@ -277,22 +282,23 @@ Godot build configurations, check them out when updating. ## mbedtls - Upstream: https://tls.mbed.org/ -- Version: 2.12.0 +- Version: 2.16.0 - License: Apache 2.0 -File extracted from upstream release tarball `mbedtls-2.12.0-apache.tgz`: +File extracted from upstream release tarball `mbedtls-2.16.0-apache.tgz`: - All `*.h` from `include/mbedtls/` to `thirdparty/mbedtls/include/mbedtls/` - All `*.c` from `library/` to `thirdparty/mbedtls/library/` - Applied the patch in `thirdparty/mbedtls/1453.diff` (PR 1453). Soon to be merged upstream. Check it out at next update. - +- Applied the patch in `thirdparty/mbedtls/padlock.diff`. This disables VIA padlock support which defines a symbol `unsupported` which clashses with a symbol in libwebsockets. ## miniupnpc - Upstream: https://github.com/miniupnp/miniupnp/tree/master/miniupnpc -- Version: 2.1 (git 25615e0, 2018-05-08) with modifications +- Version: git (25615e0, 2018) - License: BSD-3-Clause -The only modified file is miniupnpcstrings.h, which was created for Godot (is usually autogenerated by cmake). +The only modified file is miniupnpcstrings.h, which was created for Godot +(it is usually autogenerated by cmake). ## minizip @@ -377,7 +383,7 @@ Collection of single-file libraries used in Godot components. - `ifaddrs-android.{cc,h}` * Upstream: https://chromium.googlesource.com/external/webrtc/stable/talk/+/master/base/ifaddrs-android.h - * Version: 5976650 (2013) + * Version: git (5976650, 2013) * License: BSD-3-Clause ### scene @@ -392,18 +398,18 @@ Collection of single-file libraries used in Godot components. * License: zlib - `stb_truetype.h` * Upstream: https://github.com/nothings/stb - * Version: 1.19 + * Version: 1.21 * License: Public Domain (Unlicense) or MIT - `stb_vorbis.c` * Upstream: https://github.com/nothings/stb - * Version: 1.14 + * Version: 1.15 * License: Public Domain (Unlicense) or MIT ## nanosvg - Upstream: https://github.com/memononen/nanosvg -- Version: 9a74da4 (git) +- Version: git (c1f6e20, 2018) - License: zlib Files extracted from the upstream source: @@ -420,9 +426,11 @@ Files extracted from the upstream source: Files extracted from upstream source: -- all .c and .h files in src/ (both opus and opusfile), - except `opus_demo.c` +- all .c and .h files in src/ (both opus and opusfile) - all .h files in include/ (both opus and opusfile) as opus/ +- remove unused `opus_demo.c`, +- remove `http.c`, `wincerts.c` and `winerrno.h` (part of + unused libopusurl) - celt/ and silk/ subfolders - COPYING @@ -430,16 +438,16 @@ Files extracted from upstream source: ## pcre2 - Upstream: http://www.pcre.org/ -- Version: 10.31 +- Version: 10.32 - License: BSD-3-Clause Files extracted from upstream source: - Files listed in the file NON-AUTOTOOLS-BUILD steps 1-4 -- All .h files in src/ +- All .h files in src/ apart from pcre2posix.h +- src/pcre2_jit_compile.c - src/pcre2_jit_match.c - src/pcre2_jit_misc.c -- src/pcre2_jit_maketables.c - src/sljit/* - AUTHORS and LICENCE @@ -468,17 +476,6 @@ Files extracted from upstream source: - License.txt -## rtaudio - -- Upstream: http://www.music.mcgill.ca/~gary/rtaudio/ -- Version: 4.1.2 -- License: MIT-like - -Files extracted from upstream source: - -- `RtAudio.{cpp,h}` - - ## squish - Upstream: https://sourceforge.net/projects/libsquish @@ -512,7 +509,7 @@ changes are marked with `// -- GODOT --` comments. ## tinyexr - Upstream: https://github.com/syoyo/tinyexr -- Version: git (5ae30aa, 2018) +- Version: git (65f9859, 2018) - License: BSD-3-Clause Files extracted from upstream source: diff --git a/thirdparty/glad/LICENSE b/thirdparty/glad/LICENSE new file mode 100644 index 0000000000..b6e2ca25b0 --- /dev/null +++ b/thirdparty/glad/LICENSE @@ -0,0 +1,20 @@ +The MIT License (MIT) + +Copyright (c) 2013-2018 David Herberth + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/thirdparty/glad/glad.c b/thirdparty/glad/glad.c index 8cc09e46e1..e7c64a7e17 100644 --- a/thirdparty/glad/glad.c +++ b/thirdparty/glad/glad.c @@ -1,6 +1,6 @@ /* - OpenGL loader generated by glad 0.1.28 on Thu Nov 22 16:50:04 2018. + OpenGL loader generated by glad 0.1.29 on Mon Mar 4 12:47:22 2019. Language/Generator: C/C++ Specification: gl @@ -180,11 +180,7 @@ static int get_exts(void) { num_exts_i = 0; glGetIntegerv(GL_NUM_EXTENSIONS, &num_exts_i); if (num_exts_i > 0) { - char **tmp_exts_i = (char **)realloc((void *)exts_i, (size_t)num_exts_i * (sizeof *exts_i)); - if (tmp_exts_i == NULL) { - return 0; - } - exts_i = tmp_exts_i; + exts_i = (char **)malloc((size_t)num_exts_i * (sizeof *exts_i)); } if (exts_i == NULL) { diff --git a/thirdparty/glad/glad/glad.h b/thirdparty/glad/glad/glad.h index 52b05e0ae6..6345de6f7a 100644 --- a/thirdparty/glad/glad/glad.h +++ b/thirdparty/glad/glad/glad.h @@ -1,6 +1,6 @@ /* - OpenGL loader generated by glad 0.1.28 on Thu Nov 22 16:50:04 2018. + OpenGL loader generated by glad 0.1.29 on Mon Mar 4 12:47:22 2019. Language/Generator: C/C++ Specification: gl diff --git a/thirdparty/libpng/LICENSE b/thirdparty/libpng/LICENSE index 6ee9c8f554..62ab8e48dc 100644 --- a/thirdparty/libpng/LICENSE +++ b/thirdparty/libpng/LICENSE @@ -1,14 +1,43 @@ +COPYRIGHT NOTICE, DISCLAIMER, and LICENSE +========================================= -This copy of the libpng notices is provided for your convenience. In case of -any discrepancy between this copy and the notices in the file png.h that is -included in the libpng distribution, the latter shall prevail. +PNG Reference Library License version 2 +--------------------------------------- -COPYRIGHT NOTICE, DISCLAIMER, and LICENSE: + * Copyright (c) 1995-2018 The PNG Reference Library Authors. + * Copyright (c) 2018 Cosmin Truta. + * Copyright (c) 2000-2002, 2004, 2006-2018 Glenn Randers-Pehrson. + * Copyright (c) 1996-1997 Andreas Dilger. + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. -If you modify libpng you may insert additional notices immediately following -this sentence. +The software is supplied "as is", without warranty of any kind, +express or implied, including, without limitation, the warranties +of merchantability, fitness for a particular purpose, title, and +non-infringement. In no even shall the Copyright owners, or +anyone distributing the software, be liable for any damages or +other liability, whether in contract, tort or otherwise, arising +from, out of, or in connection with the software, or the use or +other dealings in the software, even if advised of the possibility +of such damage. -This code is released under the libpng license. +Permission is hereby granted to use, copy, modify, and distribute +this software, or portions hereof, for any purpose, without fee, +subject to the following restrictions: + + 1. The origin of this software must not be misrepresented; you + must not claim that you wrote the original software. If you + use this software in a product, an acknowledgment in the product + documentation would be appreciated, but is not required. + + 2. Altered source versions must be plainly marked as such, and must + not be misrepresented as being the original software. + + 3. This Copyright notice may not be removed or altered from any + source or altered source distribution. + + +PNG Reference Library License version 1 (for libpng 0.5 through 1.6.35) +----------------------------------------------------------------------- libpng versions 1.0.7, July 1, 2000 through 1.6.35, July 15, 2018 are Copyright (c) 2000-2002, 2004, 2006-2018 Glenn Randers-Pehrson, are @@ -16,38 +45,38 @@ derived from libpng-1.0.6, and are distributed according to the same disclaimer and license as libpng-1.0.6 with the following individuals added to the list of Contributing Authors: - Simon-Pierre Cadieux - Eric S. Raymond - Mans Rullgard - Cosmin Truta - Gilles Vollant - James Yu - Mandar Sahastrabuddhe - Google Inc. - Vadim Barkov + Simon-Pierre Cadieux + Eric S. Raymond + Mans Rullgard + Cosmin Truta + Gilles Vollant + James Yu + Mandar Sahastrabuddhe + Google Inc. + Vadim Barkov and with the following additions to the disclaimer: - There is no warranty against interference with your enjoyment of the - library or against infringement. There is no warranty that our - efforts or the library will fulfill any of your particular purposes - or needs. This library is provided with all faults, and the entire - risk of satisfactory quality, performance, accuracy, and effort is with - the user. + There is no warranty against interference with your enjoyment of + the library or against infringement. There is no warranty that our + efforts or the library will fulfill any of your particular purposes + or needs. This library is provided with all faults, and the entire + risk of satisfactory quality, performance, accuracy, and effort is + with the user. Some files in the "contrib" directory and some configure-generated -files that are distributed with libpng have other copyright owners and +files that are distributed with libpng have other copyright owners, and are released under other open source licenses. libpng versions 0.97, January 1998, through 1.0.6, March 20, 2000, are Copyright (c) 1998-2000 Glenn Randers-Pehrson, are derived from libpng-0.96, and are distributed according to the same disclaimer and -license as libpng-0.96, with the following individuals added to the list -of Contributing Authors: +license as libpng-0.96, with the following individuals added to the +list of Contributing Authors: - Tom Lane - Glenn Randers-Pehrson - Willem van Schaik + Tom Lane + Glenn Randers-Pehrson + Willem van Schaik libpng versions 0.89, June 1996, through 0.96, May 1997, are Copyright (c) 1996-1997 Andreas Dilger, are derived from libpng-0.88, @@ -55,14 +84,14 @@ and are distributed according to the same disclaimer and license as libpng-0.88, with the following individuals added to the list of Contributing Authors: - John Bowler - Kevin Bracey - Sam Bushell - Magnus Holmgren - Greg Roelofs - Tom Tanner + John Bowler + Kevin Bracey + Sam Bushell + Magnus Holmgren + Greg Roelofs + Tom Tanner -Some files in the "scripts" directory have other copyright owners +Some files in the "scripts" directory have other copyright owners, but are released under this license. libpng versions 0.5, May 1995, through 0.88, January 1996, are @@ -71,63 +100,35 @@ Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. For the purposes of this copyright and license, "Contributing Authors" is defined as the following set of individuals: - Andreas Dilger - Dave Martindale - Guy Eric Schalnat - Paul Schmidt - Tim Wegner - -The PNG Reference Library is supplied "AS IS". The Contributing Authors -and Group 42, Inc. disclaim all warranties, expressed or implied, -including, without limitation, the warranties of merchantability and of -fitness for any purpose. The Contributing Authors and Group 42, Inc. -assume no liability for direct, indirect, incidental, special, exemplary, -or consequential damages, which may result from the use of the PNG -Reference Library, even if advised of the possibility of such damage. + Andreas Dilger + Dave Martindale + Guy Eric Schalnat + Paul Schmidt + Tim Wegner + +The PNG Reference Library is supplied "AS IS". The Contributing +Authors and Group 42, Inc. disclaim all warranties, expressed or +implied, including, without limitation, the warranties of +merchantability and of fitness for any purpose. The Contributing +Authors and Group 42, Inc. assume no liability for direct, indirect, +incidental, special, exemplary, or consequential damages, which may +result from the use of the PNG Reference Library, even if advised of +the possibility of such damage. Permission is hereby granted to use, copy, modify, and distribute this source code, or portions hereof, for any purpose, without fee, subject to the following restrictions: - 1. The origin of this source code must not be misrepresented. - - 2. Altered versions must be plainly marked as such and must not - be misrepresented as being the original source. - - 3. This Copyright notice may not be removed or altered from any - source or altered source distribution. - -The Contributing Authors and Group 42, Inc. specifically permit, without -fee, and encourage the use of this source code as a component to -supporting the PNG file format in commercial products. If you use this -source code in a product, acknowledgment is not required but would be -appreciated. - -END OF COPYRIGHT NOTICE, DISCLAIMER, and LICENSE. - -TRADEMARK: - -The name "libpng" has not been registered by the Copyright owner -as a trademark in any jurisdiction. However, because libpng has -been distributed and maintained world-wide, continually since 1995, -the Copyright owner claims "common-law trademark protection" in any -jurisdiction where common-law trademark is recognized. - -OSI CERTIFICATION: - -Libpng is OSI Certified Open Source Software. OSI Certified Open Source is -a certification mark of the Open Source Initiative. OSI has not addressed -the additional disclaimers inserted at version 1.0.7. + 1. The origin of this source code must not be misrepresented. -EXPORT CONTROL: + 2. Altered versions must be plainly marked as such and must not + be misrepresented as being the original source. -The Copyright owner believes that the Export Control Classification -Number (ECCN) for libpng is EAR99, which means not subject to export -controls or International Traffic in Arms Regulations (ITAR) because -it is open source, publicly available software, that does not contain -any encryption software. See the EAR, paragraphs 734.3(b)(3) and -734.7(b). + 3. This Copyright notice may not be removed or altered from any + source or altered source distribution. -Glenn Randers-Pehrson -glennrp at users.sourceforge.net -July 15, 2018 +The Contributing Authors and Group 42, Inc. specifically permit, +without fee, and encourage the use of this source code as a component +to supporting the PNG file format in commercial products. If you use +this source code in a product, acknowledgment is not required but would +be appreciated. diff --git a/thirdparty/libpng/arm/arm_init.c b/thirdparty/libpng/arm/arm_init.c index 02df812e77..a34ecdbef7 100644 --- a/thirdparty/libpng/arm/arm_init.c +++ b/thirdparty/libpng/arm/arm_init.c @@ -1,14 +1,15 @@ /* arm_init.c - NEON optimised filter functions * + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 2014,2016 Glenn Randers-Pehrson * Written by Mans Rullgard, 2011. - * Last changed in libpng 1.6.22 [May 26, 2016] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer * and license in png.h */ + /* Below, after checking __linux__, various non-C90 POSIX 1003.1 functions are * called. */ diff --git a/thirdparty/libpng/arm/filter_neon.S b/thirdparty/libpng/arm/filter_neon.S index 000764cd21..2308aad13e 100644 --- a/thirdparty/libpng/arm/filter_neon.S +++ b/thirdparty/libpng/arm/filter_neon.S @@ -1,9 +1,9 @@ /* filter_neon.S - NEON optimised filter functions * + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 2014,2017 Glenn Randers-Pehrson * Written by Mans Rullgard, 2011. - * Last changed in libpng 1.6.31 [July 27, 2017] * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/thirdparty/libpng/arm/filter_neon_intrinsics.c b/thirdparty/libpng/arm/filter_neon_intrinsics.c index ea7e356bcc..553c0be21c 100644 --- a/thirdparty/libpng/arm/filter_neon_intrinsics.c +++ b/thirdparty/libpng/arm/filter_neon_intrinsics.c @@ -1,12 +1,11 @@ /* filter_neon_intrinsics.c - NEON optimised filter functions * + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 2014,2016 Glenn Randers-Pehrson * Written by James Yu <james.yu at linaro.org>, October 2013. * Based on filter_neon.S, written by Mans Rullgard, 2011. * - * Last changed in libpng 1.6.22 [May 26, 2016] - * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer * and license in png.h @@ -19,7 +18,11 @@ /* This code requires -mfpu=neon on the command line: */ #if PNG_ARM_NEON_IMPLEMENTATION == 1 /* intrinsics code from pngpriv.h */ -#include <arm_neon.h> +#if defined(_MSC_VER) && defined(_M_ARM64) +# include <arm64_neon.h> +#else +# include <arm_neon.h> +#endif /* libpng row pointers are not necessarily aligned to any particular boundary, * however this code will only work with appropriate alignment. arm/arm_init.c @@ -33,6 +36,11 @@ * 'type'. This is written this way just to hide the GCC strict aliasing * warning; note that the code is safe because there never is an alias between * the input and output pointers. + * + * When compiling with MSVC ARM64, the png_ldr macro can't be passed directly + * to vst4_lane_u32, because of an internal compiler error inside MSVC. + * To avoid this compiler bug, we use a temporary variable (vdest_val) to store + * the result of png_ldr. */ #define png_ldr(type,pointer)\ (temp_pointer = png_ptr(type,pointer), *temp_pointer) @@ -125,12 +133,15 @@ png_read_filter_row_sub4_neon(png_row_infop row_info, png_bytep row, uint8x8x4_t *vrpt = png_ptr(uint8x8x4_t,&vtmp); uint8x8x4_t vrp = *vrpt; uint32x2x4_t *temp_pointer; + uint32x2x4_t vdest_val; vdest.val[0] = vadd_u8(vdest.val[3], vrp.val[0]); vdest.val[1] = vadd_u8(vdest.val[0], vrp.val[1]); vdest.val[2] = vadd_u8(vdest.val[1], vrp.val[2]); vdest.val[3] = vadd_u8(vdest.val[2], vrp.val[3]); - vst4_lane_u32(png_ptr(uint32_t,rp), png_ldr(uint32x2x4_t,&vdest), 0); + + vdest_val = png_ldr(uint32x2x4_t, &vdest); + vst4_lane_u32(png_ptr(uint32_t,rp), vdest_val, 0); } PNG_UNUSED(prev_row) @@ -223,6 +234,7 @@ png_read_filter_row_avg4_neon(png_row_infop row_info, png_bytep row, uint8x8x4_t *vrpt, *vppt; uint8x8x4_t vrp, vpp; uint32x2x4_t *temp_pointer; + uint32x2x4_t vdest_val; vtmp = vld4_u32(png_ptr(uint32_t,rp)); vrpt = png_ptr(uint8x8x4_t,&vtmp); @@ -240,7 +252,8 @@ png_read_filter_row_avg4_neon(png_row_infop row_info, png_bytep row, vdest.val[3] = vhadd_u8(vdest.val[2], vpp.val[3]); vdest.val[3] = vadd_u8(vdest.val[3], vrp.val[3]); - vst4_lane_u32(png_ptr(uint32_t,rp), png_ldr(uint32x2x4_t,&vdest), 0); + vdest_val = png_ldr(uint32x2x4_t, &vdest); + vst4_lane_u32(png_ptr(uint32_t,rp), vdest_val, 0); } } @@ -359,6 +372,7 @@ png_read_filter_row_paeth4_neon(png_row_infop row_info, png_bytep row, uint8x8x4_t *vrpt, *vppt; uint8x8x4_t vrp, vpp; uint32x2x4_t *temp_pointer; + uint32x2x4_t vdest_val; vtmp = vld4_u32(png_ptr(uint32_t,rp)); vrpt = png_ptr(uint8x8x4_t,&vtmp); @@ -378,7 +392,8 @@ png_read_filter_row_paeth4_neon(png_row_infop row_info, png_bytep row, vlast = vpp.val[3]; - vst4_lane_u32(png_ptr(uint32_t,rp), png_ldr(uint32x2x4_t,&vdest), 0); + vdest_val = png_ldr(uint32x2x4_t, &vdest); + vst4_lane_u32(png_ptr(uint32_t,rp), vdest_val, 0); } } diff --git a/thirdparty/libpng/arm/palette_neon_intrinsics.c b/thirdparty/libpng/arm/palette_neon_intrinsics.c new file mode 100644 index 0000000000..fa02d6a8b3 --- /dev/null +++ b/thirdparty/libpng/arm/palette_neon_intrinsics.c @@ -0,0 +1,149 @@ + +/* palette_neon_intrinsics.c - NEON optimised palette expansion functions + * + * Copyright (c) 2018 Cosmin Truta + * Copyright (c) 2017-2018 Arm Holdings. All rights reserved. + * Written by Richard Townsend <Richard.Townsend@arm.com>, February 2017. + * + * This code is released under the libpng license. + * For conditions of distribution and use, see the disclaimer + * and license in png.h + */ + +#include "../pngpriv.h" + +#if PNG_ARM_NEON_IMPLEMENTATION == 1 + +#if defined(_MSC_VER) && defined(_M_ARM64) +# include <arm64_neon.h> +#else +# include <arm_neon.h> +#endif + +/* Build an RGBA palette from the RGB and separate alpha palettes. */ +void +png_riffle_palette_rgba(png_structrp png_ptr, png_row_infop row_info) +{ + png_const_colorp palette = png_ptr->palette; + png_bytep riffled_palette = png_ptr->riffled_palette; + png_const_bytep trans_alpha = png_ptr->trans_alpha; + int num_trans = png_ptr->num_trans; + int i; + + /* Initially black, opaque. */ + uint8x16x4_t w = {{ + vdupq_n_u8(0x00), + vdupq_n_u8(0x00), + vdupq_n_u8(0x00), + vdupq_n_u8(0xff), + }}; + + if (row_info->bit_depth != 8) + { + png_error(png_ptr, "bit_depth must be 8 for png_riffle_palette_rgba"); + return; + } + + /* First, riffle the RGB colours into a RGBA palette, the A value is + * set to opaque for now. + */ + for (i = 0; i < (1 << row_info->bit_depth); i += 16) + { + uint8x16x3_t v = vld3q_u8((png_const_bytep)(palette + i)); + w.val[0] = v.val[0]; + w.val[1] = v.val[1]; + w.val[2] = v.val[2]; + vst4q_u8(riffled_palette + (i << 2), w); + } + + /* Fix up the missing transparency values. */ + for (i = 0; i < num_trans; i++) + riffled_palette[(i << 2) + 3] = trans_alpha[i]; +} + +/* Expands a palettized row into RGBA. */ +int +png_do_expand_palette_neon_rgba(png_structrp png_ptr, png_row_infop row_info, + png_const_bytep row, png_bytepp ssp, png_bytepp ddp) +{ + png_uint_32 row_width = row_info->width; + const png_uint_32 *riffled_palette = + (const png_uint_32 *)png_ptr->riffled_palette; + const png_int_32 pixels_per_chunk = 4; + int i; + + if (row_width < pixels_per_chunk) + return 0; + + /* This function originally gets the last byte of the output row. + * The NEON part writes forward from a given position, so we have + * to seek this back by 4 pixels x 4 bytes. + */ + *ddp = *ddp - ((pixels_per_chunk * sizeof(png_uint_32)) - 1); + + for (i = 0; i < row_width; i += pixels_per_chunk) + { + uint32x4_t cur; + png_bytep sp = *ssp - i, dp = *ddp - (i << 2); + cur = vld1q_dup_u32 (riffled_palette + *(sp - 3)); + cur = vld1q_lane_u32(riffled_palette + *(sp - 2), cur, 1); + cur = vld1q_lane_u32(riffled_palette + *(sp - 1), cur, 2); + cur = vld1q_lane_u32(riffled_palette + *(sp - 0), cur, 3); + vst1q_u32((void *)dp, cur); + } + if (i != row_width) + { + /* Remove the amount that wasn't processed. */ + i -= pixels_per_chunk; + } + + /* Decrement output pointers. */ + *ssp = *ssp - i; + *ddp = *ddp - (i << 2); + return i; +} + +/* Expands a palettized row into RGB format. */ +int +png_do_expand_palette_neon_rgb(png_structrp png_ptr, png_row_infop row_info, + png_const_bytep row, png_bytepp ssp, png_bytepp ddp) +{ + png_uint_32 row_width = row_info->width; + png_const_bytep palette = (png_const_bytep)png_ptr->palette; + const png_uint_32 pixels_per_chunk = 8; + int i; + + if (row_width <= pixels_per_chunk) + return 0; + + /* Seeking this back by 8 pixels x 3 bytes. */ + *ddp = *ddp - ((pixels_per_chunk * sizeof(png_color)) - 1); + + for (i = 0; i < row_width; i += pixels_per_chunk) + { + uint8x8x3_t cur; + png_bytep sp = *ssp - i, dp = *ddp - ((i << 1) + i); + cur = vld3_dup_u8(palette + sizeof(png_color) * (*(sp - 7))); + cur = vld3_lane_u8(palette + sizeof(png_color) * (*(sp - 6)), cur, 1); + cur = vld3_lane_u8(palette + sizeof(png_color) * (*(sp - 5)), cur, 2); + cur = vld3_lane_u8(palette + sizeof(png_color) * (*(sp - 4)), cur, 3); + cur = vld3_lane_u8(palette + sizeof(png_color) * (*(sp - 3)), cur, 4); + cur = vld3_lane_u8(palette + sizeof(png_color) * (*(sp - 2)), cur, 5); + cur = vld3_lane_u8(palette + sizeof(png_color) * (*(sp - 1)), cur, 6); + cur = vld3_lane_u8(palette + sizeof(png_color) * (*(sp - 0)), cur, 7); + vst3_u8((void *)dp, cur); + } + + if (i != row_width) + { + /* Remove the amount that wasn't processed. */ + i -= pixels_per_chunk; + } + + /* Decrement output pointers. */ + *ssp = *ssp - i; + *ddp = *ddp - ((i << 1) + i); + return i; +} + +#endif /* PNG_ARM_NEON_IMPLEMENTATION */ diff --git a/thirdparty/libpng/png.c b/thirdparty/libpng/png.c index a25afebcc8..3dce191d17 100644 --- a/thirdparty/libpng/png.c +++ b/thirdparty/libpng/png.c @@ -1,10 +1,10 @@ /* png.c - location for general purpose libpng functions * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -14,7 +14,7 @@ #include "pngpriv.h" /* Generate a compiler error if there is an old png.h in the search path. */ -typedef png_libpng_version_1_6_35 Your_png_h_is_not_version_1_6_35; +typedef png_libpng_version_1_6_36 Your_png_h_is_not_version_1_6_36; #ifdef __GNUC__ /* The version tests may need to be added to, but the problem warning has @@ -736,7 +736,7 @@ png_save_int_32(png_bytep buf, png_int_32 i) int PNGAPI png_convert_to_rfc1123_buffer(char out[29], png_const_timep ptime) { - static PNG_CONST char short_months[12][4] = + static const char short_months[12][4] = {"Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"}; @@ -814,20 +814,14 @@ png_get_copyright(png_const_structrp png_ptr) #ifdef PNG_STRING_COPYRIGHT return PNG_STRING_COPYRIGHT #else -# ifdef __STDC__ return PNG_STRING_NEWLINE \ - "libpng version 1.6.35 - July 15, 2018" PNG_STRING_NEWLINE \ + "libpng version 1.6.36" PNG_STRING_NEWLINE \ + "Copyright (c) 2018 Cosmin Truta" PNG_STRING_NEWLINE \ "Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson" \ PNG_STRING_NEWLINE \ "Copyright (c) 1996-1997 Andreas Dilger" PNG_STRING_NEWLINE \ "Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc." \ PNG_STRING_NEWLINE; -# else - return "libpng version 1.6.35 - July 15, 2018\ - Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson\ - Copyright (c) 1996-1997 Andreas Dilger\ - Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc."; -# endif #endif } @@ -1121,7 +1115,7 @@ png_colorspace_set_gamma(png_const_structrp png_ptr, png_colorspacerp colorspace, png_fixed_point gAMA) { /* Changed in libpng-1.5.4 to limit the values to ensure overflow can't - * occur. Since the fixed point representation is asymetrical it is + * occur. Since the fixed point representation is asymmetrical it is * possible for 1/gamma to overflow the limit of 21474 and this means the * gamma value must be at least 5/100000 and hence at most 20000.0. For * safety the limits here are a little narrower. The values are 0.00016 to @@ -3134,11 +3128,11 @@ png_ascii_from_fp(png_const_structrp png_ptr, png_charp ascii, size_t size, /* The total output count (max) is now 4+precision */ /* Check for an exponent, if we don't need one we are - * done and just need to terminate the string. At - * this point exp_b10==(-1) is effectively a flag - it got - * to '-1' because of the decrement after outputting - * the decimal point above (the exponent required is - * *not* -1!) + * done and just need to terminate the string. At this + * point, exp_b10==(-1) is effectively a flag: it got + * to '-1' because of the decrement, after outputting + * the decimal point above. (The exponent required is + * *not* -1.) */ if (exp_b10 >= (-1) && exp_b10 <= 2) { @@ -3976,18 +3970,18 @@ png_gamma_correct(png_structrp png_ptr, unsigned int value, */ static void png_build_16bit_table(png_structrp png_ptr, png_uint_16pp *ptable, - PNG_CONST unsigned int shift, PNG_CONST png_fixed_point gamma_val) + unsigned int shift, png_fixed_point gamma_val) { /* Various values derived from 'shift': */ - PNG_CONST unsigned int num = 1U << (8U - shift); + unsigned int num = 1U << (8U - shift); #ifdef PNG_FLOATING_ARITHMETIC_SUPPORTED /* CSE the division and work round wacky GCC warnings (see the comments * in png_gamma_8bit_correct for where these come from.) */ - PNG_CONST double fmax = 1./(((png_int_32)1 << (16U - shift))-1); + double fmax = 1.0 / (((png_int_32)1 << (16U - shift)) - 1); #endif - PNG_CONST unsigned int max = (1U << (16U - shift))-1U; - PNG_CONST unsigned int max_by_2 = 1U << (15U-shift); + unsigned int max = (1U << (16U - shift)) - 1U; + unsigned int max_by_2 = 1U << (15U - shift); unsigned int i; png_uint_16pp table = *ptable = @@ -4053,10 +4047,10 @@ png_build_16bit_table(png_structrp png_ptr, png_uint_16pp *ptable, */ static void png_build_16to8_table(png_structrp png_ptr, png_uint_16pp *ptable, - PNG_CONST unsigned int shift, PNG_CONST png_fixed_point gamma_val) + unsigned int shift, png_fixed_point gamma_val) { - PNG_CONST unsigned int num = 1U << (8U - shift); - PNG_CONST unsigned int max = (1U << (16U - shift))-1U; + unsigned int num = 1U << (8U - shift); + unsigned int max = (1U << (16U - shift))-1U; unsigned int i; png_uint_32 last; @@ -4121,7 +4115,7 @@ png_build_16to8_table(png_structrp png_ptr, png_uint_16pp *ptable, */ static void png_build_8bit_table(png_structrp png_ptr, png_bytepp ptable, - PNG_CONST png_fixed_point gamma_val) + png_fixed_point gamma_val) { unsigned int i; png_bytep table = *ptable = (png_bytep)png_malloc(png_ptr, 256); diff --git a/thirdparty/libpng/png.h b/thirdparty/libpng/png.h index 19e464cc17..8e272a0553 100644 --- a/thirdparty/libpng/png.h +++ b/thirdparty/libpng/png.h @@ -1,29 +1,65 @@ /* png.h - header file for PNG reference library * - * libpng version 1.6.35, July 15, 2018 + * libpng version 1.6.36 - December 1, 2018 * + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * - * This code is released under the libpng license (See LICENSE, below) + * This code is released under the libpng license. (See LICENSE, below.) * * Authors and maintainers: * libpng versions 0.71, May 1995, through 0.88, January 1996: Guy Schalnat * libpng versions 0.89, June 1996, through 0.96, May 1997: Andreas Dilger - * libpng versions 0.97, January 1998, through 1.6.35, July 15, 2018: + * libpng versions 0.97, January 1998, through 1.6.35, July 2018: * Glenn Randers-Pehrson. + * libpng version 1.6.36, December 1, 2018: Cosmin Truta * See also "Contributing Authors", below. */ /* - * COPYRIGHT NOTICE, DISCLAIMER, and LICENSE: + * COPYRIGHT NOTICE, DISCLAIMER, and LICENSE + * ========================================= + * + * PNG Reference Library License version 2 + * --------------------------------------- + * + * * Copyright (c) 1995-2018 The PNG Reference Library Authors. + * * Copyright (c) 2018 Cosmin Truta. + * * Copyright (c) 2000-2002, 2004, 2006-2018 Glenn Randers-Pehrson. + * * Copyright (c) 1996-1997 Andreas Dilger. + * * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. + * + * The software is supplied "as is", without warranty of any kind, + * express or implied, including, without limitation, the warranties + * of merchantability, fitness for a particular purpose, title, and + * non-infringement. In no even shall the Copyright owners, or + * anyone distributing the software, be liable for any damages or + * other liability, whether in contract, tort or otherwise, arising + * from, out of, or in connection with the software, or the use or + * other dealings in the software, even if advised of the possibility + * of such damage. + * + * Permission is hereby granted to use, copy, modify, and distribute + * this software, or portions hereof, for any purpose, without fee, + * subject to the following restrictions: * - * If you modify libpng you may insert additional notices immediately following - * this sentence. + * 1. The origin of this software must not be misrepresented; you + * must not claim that you wrote the original software. If you + * use this software in a product, an acknowledgment in the product + * documentation would be appreciated, but is not required. * - * This code is released under the libpng license. + * 2. Altered source versions must be plainly marked as such, and must + * not be misrepresented as being the original software. + * + * 3. This Copyright notice may not be removed or altered from any + * source or altered source distribution. + * + * + * PNG Reference Library License version 1 (for libpng 0.5 through 1.6.35) + * ----------------------------------------------------------------------- * * libpng versions 1.0.7, July 1, 2000 through 1.6.35, July 15, 2018 are * Copyright (c) 2000-2002, 2004, 2006-2018 Glenn Randers-Pehrson, are @@ -31,38 +67,38 @@ * disclaimer and license as libpng-1.0.6 with the following individuals * added to the list of Contributing Authors: * - * Simon-Pierre Cadieux - * Eric S. Raymond - * Mans Rullgard - * Cosmin Truta - * Gilles Vollant - * James Yu - * Mandar Sahastrabuddhe - * Google Inc. - * Vadim Barkov + * Simon-Pierre Cadieux + * Eric S. Raymond + * Mans Rullgard + * Cosmin Truta + * Gilles Vollant + * James Yu + * Mandar Sahastrabuddhe + * Google Inc. + * Vadim Barkov * * and with the following additions to the disclaimer: * - * There is no warranty against interference with your enjoyment of the - * library or against infringement. There is no warranty that our - * efforts or the library will fulfill any of your particular purposes - * or needs. This library is provided with all faults, and the entire - * risk of satisfactory quality, performance, accuracy, and effort is with - * the user. + * There is no warranty against interference with your enjoyment of + * the library or against infringement. There is no warranty that our + * efforts or the library will fulfill any of your particular purposes + * or needs. This library is provided with all faults, and the entire + * risk of satisfactory quality, performance, accuracy, and effort is + * with the user. * * Some files in the "contrib" directory and some configure-generated - * files that are distributed with libpng have other copyright owners and + * files that are distributed with libpng have other copyright owners, and * are released under other open source licenses. * * libpng versions 0.97, January 1998, through 1.0.6, March 20, 2000, are * Copyright (c) 1998-2000 Glenn Randers-Pehrson, are derived from * libpng-0.96, and are distributed according to the same disclaimer and - * license as libpng-0.96, with the following individuals added to the list - * of Contributing Authors: + * license as libpng-0.96, with the following individuals added to the + * list of Contributing Authors: * - * Tom Lane - * Glenn Randers-Pehrson - * Willem van Schaik + * Tom Lane + * Glenn Randers-Pehrson + * Willem van Schaik * * libpng versions 0.89, June 1996, through 0.96, May 1997, are * Copyright (c) 1996-1997 Andreas Dilger, are derived from libpng-0.88, @@ -70,14 +106,14 @@ * libpng-0.88, with the following individuals added to the list of * Contributing Authors: * - * John Bowler - * Kevin Bracey - * Sam Bushell - * Magnus Holmgren - * Greg Roelofs - * Tom Tanner + * John Bowler + * Kevin Bracey + * Sam Bushell + * Magnus Holmgren + * Greg Roelofs + * Tom Tanner * - * Some files in the "scripts" directory have other copyright owners + * Some files in the "scripts" directory have other copyright owners, * but are released under this license. * * libpng versions 0.5, May 1995, through 0.88, January 1996, are @@ -86,62 +122,49 @@ * For the purposes of this copyright and license, "Contributing Authors" * is defined as the following set of individuals: * - * Andreas Dilger - * Dave Martindale - * Guy Eric Schalnat - * Paul Schmidt - * Tim Wegner - * - * The PNG Reference Library is supplied "AS IS". The Contributing Authors - * and Group 42, Inc. disclaim all warranties, expressed or implied, - * including, without limitation, the warranties of merchantability and of - * fitness for any purpose. The Contributing Authors and Group 42, Inc. - * assume no liability for direct, indirect, incidental, special, exemplary, - * or consequential damages, which may result from the use of the PNG - * Reference Library, even if advised of the possibility of such damage. + * Andreas Dilger + * Dave Martindale + * Guy Eric Schalnat + * Paul Schmidt + * Tim Wegner + * + * The PNG Reference Library is supplied "AS IS". The Contributing + * Authors and Group 42, Inc. disclaim all warranties, expressed or + * implied, including, without limitation, the warranties of + * merchantability and of fitness for any purpose. The Contributing + * Authors and Group 42, Inc. assume no liability for direct, indirect, + * incidental, special, exemplary, or consequential damages, which may + * result from the use of the PNG Reference Library, even if advised of + * the possibility of such damage. * * Permission is hereby granted to use, copy, modify, and distribute this * source code, or portions hereof, for any purpose, without fee, subject * to the following restrictions: * - * 1. The origin of this source code must not be misrepresented. + * 1. The origin of this source code must not be misrepresented. * - * 2. Altered versions must be plainly marked as such and must not - * be misrepresented as being the original source. + * 2. Altered versions must be plainly marked as such and must not + * be misrepresented as being the original source. * - * 3. This Copyright notice may not be removed or altered from any - * source or altered source distribution. + * 3. This Copyright notice may not be removed or altered from any + * source or altered source distribution. * - * The Contributing Authors and Group 42, Inc. specifically permit, without - * fee, and encourage the use of this source code as a component to - * supporting the PNG file format in commercial products. If you use this - * source code in a product, acknowledgment is not required but would be - * appreciated. + * The Contributing Authors and Group 42, Inc. specifically permit, + * without fee, and encourage the use of this source code as a component + * to supporting the PNG file format in commercial products. If you use + * this source code in a product, acknowledgment is not required but would + * be appreciated. * * END OF COPYRIGHT NOTICE, DISCLAIMER, and LICENSE. * - * TRADEMARK: + * TRADEMARK + * ========= * - * The name "libpng" has not been registered by the Copyright owner + * The name "libpng" has not been registered by the Copyright owners * as a trademark in any jurisdiction. However, because libpng has * been distributed and maintained world-wide, continually since 1995, - * the Copyright owner claims "common-law trademark protection" in any + * the Copyright owners claim "common-law trademark protection" in any * jurisdiction where common-law trademark is recognized. - * - * OSI CERTIFICATION: - * - * Libpng is OSI Certified Open Source Software. OSI Certified Open Source is - * a certification mark of the Open Source Initiative. OSI has not addressed - * the additional disclaimers inserted at version 1.0.7. - * - * EXPORT CONTROL: - * - * The Copyright owner believes that the Export Control Classification - * Number (ECCN) for libpng is EAR99, which means not subject to export - * controls or International Traffic in Arms Regulations (ITAR) because - * it is open source, publicly available software, that does not contain - * any encryption software. See the EAR, paragraphs 734.3(b)(3) and - * 734.7(b). */ /* @@ -207,23 +230,25 @@ * 1.0.7rc1-2 1 10007 2.1.0.7rc1-2 (binary compatible) * 1.0.7 1 10007 (still compatible) * ... - * 1.0.19 10 10019 10.so.0.19[.0] + * 1.0.69 10 10069 10.so.0.69[.0] * ... - * 1.2.59 13 10257 12.so.0.59[.0] + * 1.2.59 13 10259 12.so.0.59[.0] * ... - * 1.5.30 15 10527 15.so.15.30[.0] + * 1.4.20 14 10420 14.so.0.20[.0] * ... - * 1.6.35 16 10635 16.so.16.35[.0] - * - * Henceforth the source version will match the shared-library major - * and minor numbers; the shared-library major version number will be - * used for changes in backward compatibility, as it is intended. The - * PNG_LIBPNG_VER macro, which is not used within libpng but is available - * for applications, is an unsigned integer of the form xyyzz corresponding - * to the source version x.y.z (leading zeros in y and z). Beta versions - * were given the previous public release number plus a letter, until - * version 1.0.6j; from then on they were given the upcoming public - * release number plus "betaNN" or "rcNN". + * 1.5.30 15 10530 15.so.15.30[.0] + * ... + * 1.6.36 16 10636 16.so.16.36[.0] + * + * Henceforth the source version will match the shared-library major and + * minor numbers; the shared-library major version number will be used for + * changes in backward compatibility, as it is intended. + * The PNG_LIBPNG_VER macro, which is not used within libpng but is + * available for applications, is an unsigned integer of the form XYYZZ + * corresponding to the source version X.Y.Z (leading zeros in Y and Z). + * Beta versions were given the previous public release number plus a + * letter, until version 1.0.6j; from then on they were given the upcoming + * public release number plus "betaNN" or "rcNN". * * Binary incompatibility exists only when applications make direct access * to the info_ptr or png_ptr members through png.h, and the compiled @@ -233,65 +258,8 @@ * in binary compatibility (e.g., when a new feature is added). * * See libpng.txt or libpng.3 for more information. The PNG specification - * is available as a W3C Recommendation and as an ISO Specification, - * <https://www.w3.org/TR/2003/REC-PNG-20031110/ - */ - -/* - * Y2K compliance in libpng: - * ========================= - * - * July 15, 2018 - * - * Since the PNG Development group is an ad-hoc body, we can't make - * an official declaration. - * - * This is your unofficial assurance that libpng from version 0.71 and - * upward through 1.6.35 are Y2K compliant. It is my belief that - * earlier versions were also Y2K compliant. - * - * Libpng only has two year fields. One is a 2-byte unsigned integer - * that will hold years up to 65535. The other, which is deprecated, - * holds the date in text format, and will hold years up to 9999. - * - * The integer is - * "png_uint_16 year" in png_time_struct. - * - * The string is - * "char time_buffer[29]" in png_struct. This is no longer used - * in libpng-1.6.x and will be removed from libpng-1.7.0. - * - * There are seven time-related functions: - * png.c: png_convert_to_rfc_1123_buffer() in png.c - * (formerly png_convert_to_rfc_1123() prior to libpng-1.5.x and - * png_convert_to_rfc_1152() in error prior to libpng-0.98) - * png_convert_from_struct_tm() in pngwrite.c, called in pngwrite.c - * png_convert_from_time_t() in pngwrite.c - * png_get_tIME() in pngget.c - * png_handle_tIME() in pngrutil.c, called in pngread.c - * png_set_tIME() in pngset.c - * png_write_tIME() in pngwutil.c, called in pngwrite.c - * - * All handle dates properly in a Y2K environment. The - * png_convert_from_time_t() function calls gmtime() to convert from system - * clock time, which returns (year - 1900), which we properly convert to - * the full 4-digit year. There is a possibility that libpng applications - * are not passing 4-digit years into the png_convert_to_rfc_1123_buffer() - * function, or that they are incorrectly passing only a 2-digit year - * instead of "year - 1900" into the png_convert_from_struct_tm() function, - * but this is not under our control. The libpng documentation has always - * stated that it works with 4-digit years, and the APIs have been - * documented as such. - * - * The tIME chunk itself is also Y2K compliant. It uses a 2-byte unsigned - * integer to hold the year, and can hold years as large as 65535. - * - * zlib, upon which libpng depends, is also Y2K compliant. It contains - * no date-related code. - * - * Glenn Randers-Pehrson - * libpng maintainer - * PNG Development Group + * is available as a W3C Recommendation and as an ISO/IEC Standard; see + * <https://www.w3.org/TR/2003/REC-PNG-20031110/> */ #ifndef PNG_H @@ -309,8 +277,8 @@ */ /* Version information for png.h - this should match the version in png.c */ -#define PNG_LIBPNG_VER_STRING "1.6.35" -#define PNG_HEADER_VERSION_STRING " libpng version 1.6.35 - July 15, 2018\n" +#define PNG_LIBPNG_VER_STRING "1.6.36" +#define PNG_HEADER_VERSION_STRING " libpng version 1.6.36 - December 1, 2018\n" #define PNG_LIBPNG_VER_SONUM 16 #define PNG_LIBPNG_VER_DLLNUM 16 @@ -318,13 +286,13 @@ /* These should match the first 3 components of PNG_LIBPNG_VER_STRING: */ #define PNG_LIBPNG_VER_MAJOR 1 #define PNG_LIBPNG_VER_MINOR 6 -#define PNG_LIBPNG_VER_RELEASE 35 +#define PNG_LIBPNG_VER_RELEASE 36 /* This should match the numeric part of the final component of * PNG_LIBPNG_VER_STRING, omitting any leading zero: */ -#define PNG_LIBPNG_VER_BUILD 02 +#define PNG_LIBPNG_VER_BUILD 0 /* Release Status */ #define PNG_LIBPNG_BUILD_ALPHA 1 @@ -341,15 +309,16 @@ #define PNG_LIBPNG_BUILD_SPECIAL 32 /* Cannot be OR'ed with PNG_LIBPNG_BUILD_PRIVATE */ -#define PNG_LIBPNG_BUILD_BASE_TYPE PNG_LIBPNG_BUILD_BETA +#define PNG_LIBPNG_BUILD_BASE_TYPE PNG_LIBPNG_BUILD_STABLE -/* Careful here. At one time, Guy wanted to use 082, but that would be octal. - * We must not include leading zeros. - * Versions 0.7 through 1.0.0 were in the range 0 to 100 here (only - * version 1.0.0 was mis-numbered 100 instead of 10000). From - * version 1.0.1 it's xxyyzz, where x=major, y=minor, z=release +/* Careful here. At one time, Guy wanted to use 082, but that + * would be octal. We must not include leading zeros. + * Versions 0.7 through 1.0.0 were in the range 0 to 100 here + * (only version 1.0.0 was mis-numbered 100 instead of 10000). + * From version 1.0.1 it is: + * XXYYZZ, where XX=major, YY=minor, ZZ=release */ -#define PNG_LIBPNG_VER 10635 /* 1.6.35 */ +#define PNG_LIBPNG_VER 10636 /* 1.6.36 */ /* Library configuration: these options cannot be changed after * the library has been built. @@ -459,7 +428,7 @@ extern "C" { /* This triggers a compiler error in png.c, if png.c and png.h * do not agree upon the version number. */ -typedef char* png_libpng_version_1_6_35; +typedef char* png_libpng_version_1_6_36; /* Basic control structions. Read libpng-manual.txt or libpng.3 for more info. * @@ -2013,12 +1982,12 @@ PNG_FIXED_EXPORT(233, void, png_set_cHRM_XYZ_fixed, (png_const_structrp png_ptr, PNG_EXPORT(246, png_uint_32, png_get_eXIf, (png_const_structrp png_ptr, png_inforp info_ptr, png_bytep *exif)); PNG_EXPORT(247, void, png_set_eXIf, (png_const_structrp png_ptr, - png_inforp info_ptr, const png_bytep exif)); + png_inforp info_ptr, png_bytep exif)); PNG_EXPORT(248, png_uint_32, png_get_eXIf_1, (png_const_structrp png_ptr, png_const_inforp info_ptr, png_uint_32 *num_exif, png_bytep *exif)); PNG_EXPORT(249, void, png_set_eXIf_1, (png_const_structrp png_ptr, - png_inforp info_ptr, const png_uint_32 num_exif, const png_bytep exif)); + png_inforp info_ptr, png_uint_32 num_exif, png_bytep exif)); #endif #ifdef PNG_gAMA_SUPPORTED @@ -2764,7 +2733,7 @@ typedef struct * * When the simplified API needs to convert between sRGB and linear colorspaces, * the actual sRGB transfer curve defined in the sRGB specification (see the - * article at https://en.wikipedia.org/wiki/SRGB) is used, not the gamma=1/2.2 + * article at <https://en.wikipedia.org/wiki/SRGB>) is used, not the gamma=1/2.2 * approximation used elsewhere in libpng. * * When an alpha channel is present it is expected to denote pixel coverage @@ -2967,7 +2936,7 @@ typedef struct * 'flags' field of png_image. */ #define PNG_IMAGE_FLAG_COLORSPACE_NOT_sRGB 0x01 - /* This indicates the the RGB values of the in-memory bitmap do not + /* This indicates that the RGB values of the in-memory bitmap do not * correspond to the red, green and blue end-points defined by sRGB. */ diff --git a/thirdparty/libpng/pngconf.h b/thirdparty/libpng/pngconf.h index a4646bab85..5e641b2509 100644 --- a/thirdparty/libpng/pngconf.h +++ b/thirdparty/libpng/pngconf.h @@ -1,11 +1,12 @@ /* pngconf.h - machine configurable file for libpng * - * libpng version 1.6.35, July 15, 2018 + * libpng version 1.6.36 * + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2016,2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -57,14 +58,13 @@ #endif /* PNG_BUILDING_SYMBOL_TABLE */ -/* Prior to 1.6.0 it was possible to turn off 'const' in declarations using - * PNG_NO_CONST; this is no longer supported except for data declarations which - * apparently still cause problems in 2011 on some compilers. +/* Prior to 1.6.0, it was possible to turn off 'const' in declarations, + * using PNG_NO_CONST. This is no longer supported. */ #define PNG_CONST const /* backward compatibility only */ -/* This controls optimization of the reading of 16-bit and 32-bit values - * from PNG files. It can be set on a per-app-file basis - it +/* This controls optimization of the reading of 16-bit and 32-bit + * values from PNG files. It can be set on a per-app-file basis: it * just changes whether a macro is used when the function is called. * The library builder sets the default; if read functions are not * built into the library the macro implementation is forced on. diff --git a/thirdparty/libpng/pngdebug.h b/thirdparty/libpng/pngdebug.h index 15a7ed0c95..00d5a4569e 100644 --- a/thirdparty/libpng/pngdebug.h +++ b/thirdparty/libpng/pngdebug.h @@ -1,10 +1,10 @@ /* pngdebug.h - Debugging macros for libpng, also used in pngtest.c * - * Last changed in libpng 1.6.8 [December 19, 2013] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2013 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/thirdparty/libpng/pngerror.c b/thirdparty/libpng/pngerror.c index ad48bfb986..ec3a709b9d 100644 --- a/thirdparty/libpng/pngerror.c +++ b/thirdparty/libpng/pngerror.c @@ -1,10 +1,10 @@ /* pngerror.c - stub functions for i/o and memory allocation * - * Last changed in libpng 1.6.31 [July 27, 2017] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2017 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -425,7 +425,7 @@ png_app_error(png_const_structrp png_ptr, png_const_charp error_message) * if the character is invalid. */ #define isnonalpha(c) ((c) < 65 || (c) > 122 || ((c) > 90 && (c) < 97)) -static PNG_CONST char png_digit[16] = { +static const char png_digit[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' }; @@ -885,7 +885,7 @@ PNG_FUNCTION(void /* PRIVATE */, (PNGCBAPI png_safe_error),(png_structp png_nonconst_ptr, png_const_charp error_message), PNG_NORETURN) { - const png_const_structrp png_ptr = png_nonconst_ptr; + png_const_structrp png_ptr = png_nonconst_ptr; png_imagep image = png_voidcast(png_imagep, png_ptr->error_ptr); /* An error is always logged here, overwriting anything (typically a warning) @@ -920,7 +920,7 @@ png_safe_error),(png_structp png_nonconst_ptr, png_const_charp error_message), void /* PRIVATE */ PNGCBAPI png_safe_warning(png_structp png_nonconst_ptr, png_const_charp warning_message) { - const png_const_structrp png_ptr = png_nonconst_ptr; + png_const_structrp png_ptr = png_nonconst_ptr; png_imagep image = png_voidcast(png_imagep, png_ptr->error_ptr); /* A warning is only logged if there is no prior warning or error. */ diff --git a/thirdparty/libpng/pngget.c b/thirdparty/libpng/pngget.c index 2325508f1d..5abf1efd9f 100644 --- a/thirdparty/libpng/pngget.c +++ b/thirdparty/libpng/pngget.c @@ -1,10 +1,10 @@ /* pngget.c - retrieval of values from info struct * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/thirdparty/libpng/pnginfo.h b/thirdparty/libpng/pnginfo.h index 2fcf868dac..1f98dedc42 100644 --- a/thirdparty/libpng/pnginfo.h +++ b/thirdparty/libpng/pnginfo.h @@ -1,10 +1,10 @@ /* pnginfo.h - header file for PNG reference library * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2013,2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/thirdparty/libpng/pnglibconf.h b/thirdparty/libpng/pnglibconf.h index 00acecc69b..00340c678b 100644 --- a/thirdparty/libpng/pnglibconf.h +++ b/thirdparty/libpng/pnglibconf.h @@ -1,10 +1,9 @@ -/* libpng 1.6.35 STANDARD API DEFINITION */ - /* pnglibconf.h - library build configuration */ -/* Libpng version 1.6.35 - July 15, 2018 */ +/* libpng version 1.6.36 */ -/* Copyright (c) 1998-2018 Glenn Randers-Pehrson */ +/* Copyright (c) 2018 Cosmin Truta */ +/* Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson */ /* This code is released under the libpng license. */ /* For conditions of distribution and use, see the disclaimer */ @@ -20,8 +19,6 @@ #define PNG_ALIGNED_MEMORY_SUPPORTED /*#undef PNG_ARM_NEON_API_SUPPORTED*/ /*#undef PNG_ARM_NEON_CHECK_SUPPORTED*/ -/*#undef PNG_POWERPC_VSX_API_SUPPORTED*/ -/*#undef PNG_POWERPC_VSX_CHECK_SUPPORTED*/ #define PNG_BENIGN_ERRORS_SUPPORTED #define PNG_BENIGN_READ_ERRORS_SUPPORTED /*#undef PNG_BENIGN_WRITE_ERRORS_SUPPORTED*/ @@ -46,6 +43,8 @@ #define PNG_IO_STATE_SUPPORTED #define PNG_MNG_FEATURES_SUPPORTED #define PNG_POINTER_INDEXING_SUPPORTED +/*#undef PNG_POWERPC_VSX_API_SUPPORTED*/ +/*#undef PNG_POWERPC_VSX_CHECK_SUPPORTED*/ #define PNG_PROGRESSIVE_READ_SUPPORTED #define PNG_READ_16BIT_SUPPORTED #define PNG_READ_ALPHA_MODE_SUPPORTED diff --git a/thirdparty/libpng/pngmem.c b/thirdparty/libpng/pngmem.c index ff3ef7e88c..09ed9c1c99 100644 --- a/thirdparty/libpng/pngmem.c +++ b/thirdparty/libpng/pngmem.c @@ -1,10 +1,10 @@ /* pngmem.c - stub functions for memory allocation * - * Last changed in libpng 1.6.26 [October 20, 2016] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2014,2016 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/thirdparty/libpng/pngpread.c b/thirdparty/libpng/pngpread.c index c4ba51c4d4..e283627b77 100644 --- a/thirdparty/libpng/pngpread.c +++ b/thirdparty/libpng/pngpread.c @@ -1,10 +1,10 @@ /* pngpread.c - read a png file in push mode * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -972,20 +972,20 @@ png_read_push_finish_row(png_structrp png_ptr) /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */ /* Start of interlace block */ - static PNG_CONST png_byte png_pass_start[] = {0, 4, 0, 2, 0, 1, 0}; + static const png_byte png_pass_start[] = {0, 4, 0, 2, 0, 1, 0}; /* Offset to next interlace block */ - static PNG_CONST png_byte png_pass_inc[] = {8, 8, 4, 4, 2, 2, 1}; + static const png_byte png_pass_inc[] = {8, 8, 4, 4, 2, 2, 1}; /* Start of interlace block in the y direction */ - static PNG_CONST png_byte png_pass_ystart[] = {0, 0, 4, 0, 2, 0, 1}; + static const png_byte png_pass_ystart[] = {0, 0, 4, 0, 2, 0, 1}; /* Offset to next interlace block in the y direction */ - static PNG_CONST png_byte png_pass_yinc[] = {8, 8, 8, 4, 4, 2, 2}; + static const png_byte png_pass_yinc[] = {8, 8, 8, 4, 4, 2, 2}; /* Height of interlace block. This is not currently used - if you need * it, uncomment it here and in png.h - static PNG_CONST png_byte png_pass_height[] = {8, 8, 4, 4, 2, 2, 1}; + static const png_byte png_pass_height[] = {8, 8, 4, 4, 2, 2, 1}; */ #endif diff --git a/thirdparty/libpng/pngpriv.h b/thirdparty/libpng/pngpriv.h index 3581f67919..973c3eac1f 100644 --- a/thirdparty/libpng/pngpriv.h +++ b/thirdparty/libpng/pngpriv.h @@ -1,10 +1,10 @@ /* pngpriv.h - private declarations for use inside libpng * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -174,7 +174,10 @@ # else /* !defined __ARM_NEON__ */ /* The 'intrinsics' code simply won't compile without this -mfpu=neon: */ -# define PNG_ARM_NEON_IMPLEMENTATION 2 +# if !defined(__aarch64__) + /* The assembler code currently does not work on ARM64 */ +# define PNG_ARM_NEON_IMPLEMENTATION 2 +# endif /* __aarch64__ */ # endif /* __ARM_NEON__ */ # endif /* !PNG_ARM_NEON_IMPLEMENTATION */ @@ -1534,10 +1537,10 @@ PNG_INTERNAL_FUNCTION(void,png_handle_zTXt,(png_structrp png_ptr, #endif PNG_INTERNAL_FUNCTION(void,png_check_chunk_name,(png_const_structrp png_ptr, - const png_uint_32 chunk_name),PNG_EMPTY); + png_uint_32 chunk_name),PNG_EMPTY); PNG_INTERNAL_FUNCTION(void,png_check_chunk_length,(png_const_structrp png_ptr, - const png_uint_32 chunk_length),PNG_EMPTY); + png_uint_32 chunk_length),PNG_EMPTY); PNG_INTERNAL_FUNCTION(void,png_handle_unknown,(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length, int keep),PNG_EMPTY); @@ -2114,6 +2117,29 @@ PNG_INTERNAL_FUNCTION(void, png_init_filter_functions_sse2, PNG_INTERNAL_FUNCTION(png_uint_32, png_check_keyword, (png_structrp png_ptr, png_const_charp key, png_bytep new_key), PNG_EMPTY); +#if PNG_ARM_NEON_IMPLEMENTATION == 1 +PNG_INTERNAL_FUNCTION(void, + png_riffle_palette_rgba, + (png_structrp, png_row_infop), + PNG_EMPTY); +PNG_INTERNAL_FUNCTION(int, + png_do_expand_palette_neon_rgba, + (png_structrp, + png_row_infop, + png_const_bytep, + const png_bytepp, + const png_bytepp), + PNG_EMPTY); +PNG_INTERNAL_FUNCTION(int, + png_do_expand_palette_neon_rgb, + (png_structrp, + png_row_infop, + png_const_bytep, + const png_bytepp, + const png_bytepp), + PNG_EMPTY); +#endif + /* Maintainer: Put new private prototypes here ^ */ #include "pngdebug.h" diff --git a/thirdparty/libpng/pngread.c b/thirdparty/libpng/pngread.c index bff7503ee3..f8e762196e 100644 --- a/thirdparty/libpng/pngread.c +++ b/thirdparty/libpng/pngread.c @@ -1,10 +1,10 @@ /* pngread.c - read a PNG file * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -1621,7 +1621,7 @@ png_image_skip_unused_chunks(png_structrp png_ptr) * errors (which are unfortunately quite common.) */ { - static PNG_CONST png_byte chunks_to_process[] = { + static const png_byte chunks_to_process[] = { 98, 75, 71, 68, '\0', /* bKGD */ 99, 72, 82, 77, '\0', /* cHRM */ 103, 65, 77, 65, '\0', /* gAMA */ @@ -1758,9 +1758,9 @@ png_create_colormap_entry(png_image_read_control *display, png_uint_32 alpha, int encoding) { png_imagep image = display->image; - const int output_encoding = (image->format & PNG_FORMAT_FLAG_LINEAR) != 0 ? + int output_encoding = (image->format & PNG_FORMAT_FLAG_LINEAR) != 0 ? P_LINEAR : P_sRGB; - const int convert_to_Y = (image->format & PNG_FORMAT_FLAG_COLOR) == 0 && + int convert_to_Y = (image->format & PNG_FORMAT_FLAG_COLOR) == 0 && (red != green || green != blue); if (ip > 255) @@ -1869,13 +1869,13 @@ png_create_colormap_entry(png_image_read_control *display, /* Store the value. */ { # ifdef PNG_FORMAT_AFIRST_SUPPORTED - const int afirst = (image->format & PNG_FORMAT_FLAG_AFIRST) != 0 && + int afirst = (image->format & PNG_FORMAT_FLAG_AFIRST) != 0 && (image->format & PNG_FORMAT_FLAG_ALPHA) != 0; # else # define afirst 0 # endif # ifdef PNG_FORMAT_BGR_SUPPORTED - const int bgr = (image->format & PNG_FORMAT_FLAG_BGR) != 0 ? 2 : 0; + int bgr = (image->format & PNG_FORMAT_FLAG_BGR) != 0 ? 2 : 0; # else # define bgr 0 # endif @@ -2085,11 +2085,11 @@ png_image_read_colormap(png_voidp argument) { png_image_read_control *display = png_voidcast(png_image_read_control*, argument); - const png_imagep image = display->image; + png_imagep image = display->image; - const png_structrp png_ptr = image->opaque->png_ptr; - const png_uint_32 output_format = image->format; - const int output_encoding = (output_format & PNG_FORMAT_FLAG_LINEAR) != 0 ? + png_structrp png_ptr = image->opaque->png_ptr; + png_uint_32 output_format = image->format; + int output_encoding = (output_format & PNG_FORMAT_FLAG_LINEAR) != 0 ? P_LINEAR : P_sRGB; unsigned int cmap_entries; @@ -2802,7 +2802,7 @@ png_image_read_colormap(png_voidp argument) unsigned int num_trans = png_ptr->num_trans; png_const_bytep trans = num_trans > 0 ? png_ptr->trans_alpha : NULL; png_const_colorp colormap = png_ptr->palette; - const int do_background = trans != NULL && + int do_background = trans != NULL && (output_format & PNG_FORMAT_FLAG_ALPHA) == 0; unsigned int i; @@ -3946,7 +3946,7 @@ png_image_read_direct(png_voidp argument) */ if (linear != 0) { - PNG_CONST png_uint_16 le = 0x0001; + png_uint_16 le = 0x0001; if ((*(png_const_bytep) & le) != 0) png_set_swap(png_ptr); @@ -4108,7 +4108,7 @@ png_image_finish_read(png_imagep image, png_const_colorp background, * original PNG format because it may not occur in the output PNG format * and libpng deals with the issues of reading the original. */ - const unsigned int channels = PNG_IMAGE_PIXEL_CHANNELS(image->format); + unsigned int channels = PNG_IMAGE_PIXEL_CHANNELS(image->format); /* The following checks just the 'row_stride' calculation to ensure it * fits in a signed 32-bit value. Because channels/components can be @@ -4119,7 +4119,7 @@ png_image_finish_read(png_imagep image, png_const_colorp background, if (image->width <= 0x7fffffffU/channels) /* no overflow */ { png_uint_32 check; - const png_uint_32 png_row_stride = image->width * channels; + png_uint_32 png_row_stride = image->width * channels; if (row_stride == 0) row_stride = (png_int_32)/*SAFE*/png_row_stride; diff --git a/thirdparty/libpng/pngrio.c b/thirdparty/libpng/pngrio.c index 372221483f..7946358101 100644 --- a/thirdparty/libpng/pngrio.c +++ b/thirdparty/libpng/pngrio.c @@ -1,10 +1,10 @@ /* pngrio.c - functions for data input * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2016,2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/thirdparty/libpng/pngrtran.c b/thirdparty/libpng/pngrtran.c index 67d1f249a6..ccc58ce6f1 100644 --- a/thirdparty/libpng/pngrtran.c +++ b/thirdparty/libpng/pngrtran.c @@ -1,10 +1,10 @@ /* pngrtran.c - transforms the data in a row for PNG readers * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -18,6 +18,17 @@ #include "pngpriv.h" +#ifdef PNG_ARM_NEON_IMPLEMENTATION +# if PNG_ARM_NEON_IMPLEMENTATION == 1 +# define PNG_ARM_NEON_INTRINSICS_AVAILABLE +# if defined(_MSC_VER) && defined(_M_ARM64) +# include <arm64_neon.h> +# else +# include <arm_neon.h> +# endif +# endif +#endif + #ifdef PNG_READ_SUPPORTED /* Set the action on getting a CRC error for an ancillary or critical chunk. */ @@ -2986,7 +2997,6 @@ png_do_gray_to_rgb(png_row_infop row_info, png_bytep row) */ static int png_do_rgb_to_gray(png_structrp png_ptr, png_row_infop row_info, png_bytep row) - { int rgb_error = 0; @@ -2995,12 +3005,11 @@ png_do_rgb_to_gray(png_structrp png_ptr, png_row_infop row_info, png_bytep row) if ((row_info->color_type & PNG_COLOR_MASK_PALETTE) == 0 && (row_info->color_type & PNG_COLOR_MASK_COLOR) != 0) { - PNG_CONST png_uint_32 rc = png_ptr->rgb_to_gray_red_coeff; - PNG_CONST png_uint_32 gc = png_ptr->rgb_to_gray_green_coeff; - PNG_CONST png_uint_32 bc = 32768 - rc - gc; - PNG_CONST png_uint_32 row_width = row_info->width; - PNG_CONST int have_alpha = - (row_info->color_type & PNG_COLOR_MASK_ALPHA) != 0; + png_uint_32 rc = png_ptr->rgb_to_gray_red_coeff; + png_uint_32 gc = png_ptr->rgb_to_gray_green_coeff; + png_uint_32 bc = 32768 - rc - gc; + png_uint_32 row_width = row_info->width; + int have_alpha = (row_info->color_type & PNG_COLOR_MASK_ALPHA) != 0; if (row_info->bit_depth == 8) { @@ -4143,12 +4152,11 @@ png_do_encode_alpha(png_row_infop row_info, png_bytep row, png_structrp png_ptr) { if (row_info->bit_depth == 8) { - PNG_CONST png_bytep table = png_ptr->gamma_from_1; + png_bytep table = png_ptr->gamma_from_1; if (table != NULL) { - PNG_CONST int step = - (row_info->color_type & PNG_COLOR_MASK_COLOR) ? 4 : 2; + int step = (row_info->color_type & PNG_COLOR_MASK_COLOR) ? 4 : 2; /* The alpha channel is the last component: */ row += step - 1; @@ -4162,13 +4170,12 @@ png_do_encode_alpha(png_row_infop row_info, png_bytep row, png_structrp png_ptr) else if (row_info->bit_depth == 16) { - PNG_CONST png_uint_16pp table = png_ptr->gamma_16_from_1; - PNG_CONST int gamma_shift = png_ptr->gamma_shift; + png_uint_16pp table = png_ptr->gamma_16_from_1; + int gamma_shift = png_ptr->gamma_shift; if (table != NULL) { - PNG_CONST int step = - (row_info->color_type & PNG_COLOR_MASK_COLOR) ? 8 : 4; + int step = (row_info->color_type & PNG_COLOR_MASK_COLOR) ? 8 : 4; /* The alpha channel is the last component: */ row += step - 2; @@ -4199,8 +4206,9 @@ png_do_encode_alpha(png_row_infop row_info, png_bytep row, png_structrp png_ptr) * upon whether you supply trans and num_trans. */ static void -png_do_expand_palette(png_row_infop row_info, png_bytep row, - png_const_colorp palette, png_const_bytep trans_alpha, int num_trans) +png_do_expand_palette(png_structrp png_ptr, png_row_infop row_info, + png_bytep row, png_const_colorp palette, png_const_bytep trans_alpha, + int num_trans) { int shift, value; png_bytep sp, dp; @@ -4304,14 +4312,25 @@ png_do_expand_palette(png_row_infop row_info, png_bytep row, sp = row + (size_t)row_width - 1; dp = row + ((size_t)row_width << 2) - 1; - for (i = 0; i < row_width; i++) + i = 0; +#ifdef PNG_ARM_NEON_INTRINSICS_AVAILABLE + if (png_ptr->riffled_palette != NULL) + { + /* The RGBA optimization works with png_ptr->bit_depth == 8 + * but sometimes row_info->bit_depth has been changed to 8. + * In these cases, the palette hasn't been riffled. + */ + i = png_do_expand_palette_neon_rgba(png_ptr, row_info, row, + &sp, &dp); + } +#endif + + for (; i < row_width; i++) { if ((int)(*sp) >= num_trans) *dp-- = 0xff; - else *dp-- = trans_alpha[*sp]; - *dp-- = palette[*sp].blue; *dp-- = palette[*sp].green; *dp-- = palette[*sp].red; @@ -4328,8 +4347,13 @@ png_do_expand_palette(png_row_infop row_info, png_bytep row, { sp = row + (size_t)row_width - 1; dp = row + (size_t)(row_width * 3) - 1; + i = 0; +#ifdef PNG_ARM_NEON_INTRINSICS_AVAILABLE + i = png_do_expand_palette_neon_rgb(png_ptr, row_info, row, + &sp, &dp); +#endif - for (i = 0; i < row_width; i++) + for (; i < row_width; i++) { *dp-- = palette[*sp].blue; *dp-- = palette[*sp].green; @@ -4743,8 +4767,22 @@ png_do_read_transformations(png_structrp png_ptr, png_row_infop row_info) { if (row_info->color_type == PNG_COLOR_TYPE_PALETTE) { - png_do_expand_palette(row_info, png_ptr->row_buf + 1, - png_ptr->palette, png_ptr->trans_alpha, png_ptr->num_trans); +#ifdef PNG_ARM_NEON_INTRINSICS_AVAILABLE + if ((png_ptr->num_trans > 0) && (png_ptr->bit_depth == 8)) + { + /* Allocate space for the decompressed full palette. */ + if (png_ptr->riffled_palette == NULL) + { + png_ptr->riffled_palette = png_malloc(png_ptr, 256*4); + if (png_ptr->riffled_palette == NULL) + png_error(png_ptr, "NULL row buffer"); + /* Build the RGBA palette. */ + png_riffle_palette_rgba(png_ptr, row_info); + } + } +#endif + png_do_expand_palette(png_ptr, row_info, png_ptr->row_buf + 1, + png_ptr->palette, png_ptr->trans_alpha, png_ptr->num_trans); } else diff --git a/thirdparty/libpng/pngrutil.c b/thirdparty/libpng/pngrutil.c index 7001f1976e..d5fa08c397 100644 --- a/thirdparty/libpng/pngrutil.c +++ b/thirdparty/libpng/pngrutil.c @@ -1,10 +1,10 @@ /* pngrutil.c - utilities to read a PNG file * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -1461,8 +1461,7 @@ png_handle_iCCP(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) { /* We have the ICC profile header; do the basic header checks. */ - const png_uint_32 profile_length = - png_get_uint_32(profile_header); + png_uint_32 profile_length = png_get_uint_32(profile_header); if (png_icc_check_length(png_ptr, &png_ptr->colorspace, keyword, profile_length) != 0) @@ -1479,8 +1478,8 @@ png_handle_iCCP(png_structrp png_ptr, png_inforp info_ptr, png_uint_32 length) * profile. The header check has already validated * that none of this stuff will overflow. */ - const png_uint_32 tag_count = png_get_uint_32( - profile_header+128); + png_uint_32 tag_count = + png_get_uint_32(profile_header + 128); png_bytep profile = png_read_buffer(png_ptr, profile_length, 2/*silent*/); @@ -3132,7 +3131,7 @@ png_handle_unknown(png_structrp png_ptr, png_inforp info_ptr, */ void /* PRIVATE */ -png_check_chunk_name(png_const_structrp png_ptr, const png_uint_32 chunk_name) +png_check_chunk_name(png_const_structrp png_ptr, png_uint_32 chunk_name) { int i; png_uint_32 cn=chunk_name; @@ -3151,7 +3150,7 @@ png_check_chunk_name(png_const_structrp png_ptr, const png_uint_32 chunk_name) } void /* PRIVATE */ -png_check_chunk_length(png_const_structrp png_ptr, const png_uint_32 length) +png_check_chunk_length(png_const_structrp png_ptr, png_uint_32 length) { png_alloc_size_t limit = PNG_UINT_31_MAX; @@ -3363,7 +3362,7 @@ png_combine_row(png_const_structrp png_ptr, png_bytep dp, int display) /* Hence the pre-compiled masks indexed by PACKSWAP (or not), depth and * then pass: */ - static PNG_CONST png_uint_32 row_mask[2/*PACKSWAP*/][3/*depth*/][6] = + static const png_uint_32 row_mask[2/*PACKSWAP*/][3/*depth*/][6] = { /* Little-endian byte masks for PACKSWAP */ { S_MASKS(1,0), S_MASKS(2,0), S_MASKS(4,0) }, @@ -3374,7 +3373,7 @@ png_combine_row(png_const_structrp png_ptr, png_bytep dp, int display) /* display_mask has only three entries for the odd passes, so index by * pass>>1. */ - static PNG_CONST png_uint_32 display_mask[2][3][3] = + static const png_uint_32 display_mask[2][3][3] = { /* Little-endian byte masks for PACKSWAP */ { B_MASKS(1,0), B_MASKS(2,0), B_MASKS(4,0) }, @@ -3687,7 +3686,7 @@ png_do_read_interlace(png_row_infop row_info, png_bytep row, int pass, { /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */ /* Offset to next interlace block */ - static PNG_CONST unsigned int png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; + static const unsigned int png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; png_debug(1, "in png_do_read_interlace"); if (row != NULL && row_info != NULL) @@ -4329,16 +4328,16 @@ png_read_finish_row(png_structrp png_ptr) /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */ /* Start of interlace block */ - static PNG_CONST png_byte png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0}; + static const png_byte png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0}; /* Offset to next interlace block */ - static PNG_CONST png_byte png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; + static const png_byte png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; /* Start of interlace block in the y direction */ - static PNG_CONST png_byte png_pass_ystart[7] = {0, 0, 4, 0, 2, 0, 1}; + static const png_byte png_pass_ystart[7] = {0, 0, 4, 0, 2, 0, 1}; /* Offset to next interlace block in the y direction */ - static PNG_CONST png_byte png_pass_yinc[7] = {8, 8, 8, 4, 4, 2, 2}; + static const png_byte png_pass_yinc[7] = {8, 8, 8, 4, 4, 2, 2}; png_debug(1, "in png_read_finish_row"); png_ptr->row_number++; @@ -4394,16 +4393,16 @@ png_read_start_row(png_structrp png_ptr) /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */ /* Start of interlace block */ - static PNG_CONST png_byte png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0}; + static const png_byte png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0}; /* Offset to next interlace block */ - static PNG_CONST png_byte png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; + static const png_byte png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; /* Start of interlace block in the y direction */ - static PNG_CONST png_byte png_pass_ystart[7] = {0, 0, 4, 0, 2, 0, 1}; + static const png_byte png_pass_ystart[7] = {0, 0, 4, 0, 2, 0, 1}; /* Offset to next interlace block in the y direction */ - static PNG_CONST png_byte png_pass_yinc[7] = {8, 8, 8, 4, 4, 2, 2}; + static const png_byte png_pass_yinc[7] = {8, 8, 8, 4, 4, 2, 2}; unsigned int max_pixel_depth; size_t row_bytes; diff --git a/thirdparty/libpng/pngset.c b/thirdparty/libpng/pngset.c index 7cf54d9248..ec75dbe369 100644 --- a/thirdparty/libpng/pngset.c +++ b/thirdparty/libpng/pngset.c @@ -1,10 +1,10 @@ /* pngset.c - storage of image information into info struct * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -137,7 +137,7 @@ png_set_cHRM_XYZ(png_const_structrp png_ptr, png_inforp info_ptr, double red_X, #ifdef PNG_eXIf_SUPPORTED void PNGAPI png_set_eXIf(png_const_structrp png_ptr, png_inforp info_ptr, - const png_bytep eXIf_buf) + png_bytep eXIf_buf) { png_warning(png_ptr, "png_set_eXIf does not work; use png_set_eXIf_1"); PNG_UNUSED(info_ptr) @@ -146,7 +146,7 @@ png_set_eXIf(png_const_structrp png_ptr, png_inforp info_ptr, void PNGAPI png_set_eXIf_1(png_const_structrp png_ptr, png_inforp info_ptr, - const png_uint_32 num_exif, const png_bytep eXIf_buf) + png_uint_32 num_exif, png_bytep eXIf_buf) { int i; @@ -1399,7 +1399,7 @@ png_set_keep_unknown_chunks(png_structrp png_ptr, int keep, /* Ignore all unknown chunks and all chunks recognized by * libpng except for IHDR, PLTE, tRNS, IDAT, and IEND */ - static PNG_CONST png_byte chunks_to_ignore[] = { + static const png_byte chunks_to_ignore[] = { 98, 75, 71, 68, '\0', /* bKGD */ 99, 72, 82, 77, '\0', /* cHRM */ 101, 88, 73, 102, '\0', /* eXIf */ diff --git a/thirdparty/libpng/pngstruct.h b/thirdparty/libpng/pngstruct.h index 699e8ac68a..94a6d041ff 100644 --- a/thirdparty/libpng/pngstruct.h +++ b/thirdparty/libpng/pngstruct.h @@ -1,10 +1,10 @@ /* pngstruct.h - header file for PNG reference library * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -228,6 +228,10 @@ struct png_struct_def * big_row_buf; while writing it is separately * allocated. */ +#ifdef PNG_READ_EXPAND_SUPPORTED + /* Buffer to accelerate palette transformations. */ + png_bytep riffled_palette; +#endif #ifdef PNG_WRITE_FILTER_SUPPORTED png_bytep try_row; /* buffer to save trial row when filtering */ png_bytep tst_row; /* buffer to save best trial row when filtering */ diff --git a/thirdparty/libpng/pngtrans.c b/thirdparty/libpng/pngtrans.c index de84aa6d6b..1100f46ebe 100644 --- a/thirdparty/libpng/pngtrans.c +++ b/thirdparty/libpng/pngtrans.c @@ -1,10 +1,10 @@ /* pngtrans.c - transforms the data in a row (used by both readers and writers) * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -345,7 +345,7 @@ png_do_swap(png_row_infop row_info, png_bytep row) #endif #if defined(PNG_READ_PACKSWAP_SUPPORTED)||defined(PNG_WRITE_PACKSWAP_SUPPORTED) -static PNG_CONST png_byte onebppswaptable[256] = { +static const png_byte onebppswaptable[256] = { 0x00, 0x80, 0x40, 0xC0, 0x20, 0xA0, 0x60, 0xE0, 0x10, 0x90, 0x50, 0xD0, 0x30, 0xB0, 0x70, 0xF0, 0x08, 0x88, 0x48, 0xC8, 0x28, 0xA8, 0x68, 0xE8, @@ -380,7 +380,7 @@ static PNG_CONST png_byte onebppswaptable[256] = { 0x1F, 0x9F, 0x5F, 0xDF, 0x3F, 0xBF, 0x7F, 0xFF }; -static PNG_CONST png_byte twobppswaptable[256] = { +static const png_byte twobppswaptable[256] = { 0x00, 0x40, 0x80, 0xC0, 0x10, 0x50, 0x90, 0xD0, 0x20, 0x60, 0xA0, 0xE0, 0x30, 0x70, 0xB0, 0xF0, 0x04, 0x44, 0x84, 0xC4, 0x14, 0x54, 0x94, 0xD4, @@ -415,7 +415,7 @@ static PNG_CONST png_byte twobppswaptable[256] = { 0x2F, 0x6F, 0xAF, 0xEF, 0x3F, 0x7F, 0xBF, 0xFF }; -static PNG_CONST png_byte fourbppswaptable[256] = { +static const png_byte fourbppswaptable[256] = { 0x00, 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80, 0x90, 0xA0, 0xB0, 0xC0, 0xD0, 0xE0, 0xF0, 0x01, 0x11, 0x21, 0x31, 0x41, 0x51, 0x61, 0x71, diff --git a/thirdparty/libpng/pngwio.c b/thirdparty/libpng/pngwio.c index e5391687a2..10e919dd03 100644 --- a/thirdparty/libpng/pngwio.c +++ b/thirdparty/libpng/pngwio.c @@ -1,10 +1,10 @@ /* pngwio.c - functions for data output * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2014,2016,2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer diff --git a/thirdparty/libpng/pngwrite.c b/thirdparty/libpng/pngwrite.c index 5bd87f373e..160c877d38 100644 --- a/thirdparty/libpng/pngwrite.c +++ b/thirdparty/libpng/pngwrite.c @@ -1,10 +1,10 @@ /* pngwrite.c - general routines to write a PNG file * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -469,7 +469,7 @@ png_write_end(png_structrp png_ptr, png_inforp info_ptr) #ifdef PNG_CONVERT_tIME_SUPPORTED void PNGAPI -png_convert_from_struct_tm(png_timep ptime, PNG_CONST struct tm * ttime) +png_convert_from_struct_tm(png_timep ptime, const struct tm * ttime) { png_debug(1, "in png_convert_from_struct_tm"); @@ -948,6 +948,10 @@ png_write_destroy(png_structrp png_ptr) png_free_buffer_list(png_ptr, &png_ptr->zbuffer_list); png_free(png_ptr, png_ptr->row_buf); png_ptr->row_buf = NULL; +#ifdef PNG_READ_EXPANDED_SUPPORTED + png_free(png_ptr, png_ptr->riffled_palette); + png_ptr->riffled_palette = NULL; +#endif #ifdef PNG_WRITE_FILTER_SUPPORTED png_free(png_ptr, png_ptr->prev_row); png_free(png_ptr, png_ptr->try_row); @@ -1536,7 +1540,7 @@ png_write_image_16bit(png_voidp argument) display->first_row); png_uint_16p output_row = png_voidcast(png_uint_16p, display->local_row); png_uint_16p row_end; - const unsigned int channels = (image->format & PNG_FORMAT_FLAG_COLOR) != 0 ? + unsigned int channels = (image->format & PNG_FORMAT_FLAG_COLOR) != 0 ? 3 : 1; int aindex = 0; png_uint_32 y = image->height; @@ -1573,7 +1577,7 @@ png_write_image_16bit(png_voidp argument) while (out_ptr < row_end) { - const png_uint_16 alpha = in_ptr[aindex]; + png_uint_16 alpha = in_ptr[aindex]; png_uint_32 reciprocal = 0; int c; @@ -1695,7 +1699,7 @@ png_write_image_8bit(png_voidp argument) display->first_row); png_bytep output_row = png_voidcast(png_bytep, display->local_row); png_uint_32 y = image->height; - const unsigned int channels = (image->format & PNG_FORMAT_FLAG_COLOR) != 0 ? + unsigned int channels = (image->format & PNG_FORMAT_FLAG_COLOR) != 0 ? 3 : 1; if ((image->format & PNG_FORMAT_FLAG_ALPHA) != 0) @@ -1783,25 +1787,25 @@ png_write_image_8bit(png_voidp argument) static void png_image_set_PLTE(png_image_write_control *display) { - const png_imagep image = display->image; + png_imagep image = display->image; const void *cmap = display->colormap; - const int entries = image->colormap_entries > 256 ? 256 : + int entries = image->colormap_entries > 256 ? 256 : (int)image->colormap_entries; /* NOTE: the caller must check for cmap != NULL and entries != 0 */ - const png_uint_32 format = image->format; - const unsigned int channels = PNG_IMAGE_SAMPLE_CHANNELS(format); + png_uint_32 format = image->format; + unsigned int channels = PNG_IMAGE_SAMPLE_CHANNELS(format); # if defined(PNG_FORMAT_BGR_SUPPORTED) &&\ defined(PNG_SIMPLIFIED_WRITE_AFIRST_SUPPORTED) - const int afirst = (format & PNG_FORMAT_FLAG_AFIRST) != 0 && + int afirst = (format & PNG_FORMAT_FLAG_AFIRST) != 0 && (format & PNG_FORMAT_FLAG_ALPHA) != 0; # else # define afirst 0 # endif # ifdef PNG_FORMAT_BGR_SUPPORTED - const int bgr = (format & PNG_FORMAT_FLAG_BGR) != 0 ? 2 : 0; + int bgr = (format & PNG_FORMAT_FLAG_BGR) != 0 ? 2 : 0; # else # define bgr 0 # endif @@ -1951,12 +1955,12 @@ png_image_write_main(png_voidp argument) * and total image size to ensure that they are within the system limits. */ { - const unsigned int channels = PNG_IMAGE_PIXEL_CHANNELS(image->format); + unsigned int channels = PNG_IMAGE_PIXEL_CHANNELS(image->format); if (image->width <= 0x7fffffffU/channels) /* no overflow */ { png_uint_32 check; - const png_uint_32 png_row_stride = image->width * channels; + png_uint_32 png_row_stride = image->width * channels; if (display->row_stride == 0) display->row_stride = (png_int_32)/*SAFE*/png_row_stride; @@ -2052,7 +2056,7 @@ png_image_write_main(png_voidp argument) */ if (write_16bit != 0) { - PNG_CONST png_uint_16 le = 0x0001; + png_uint_16 le = 0x0001; if ((*(png_const_bytep) & le) != 0) png_set_swap(png_ptr); @@ -2166,7 +2170,7 @@ image_memory_write)(png_structp png_ptr, png_bytep/*const*/ data, size_t size) { png_image_write_control *display = png_voidcast(png_image_write_control*, png_ptr->io_ptr/*backdoor: png_get_io_ptr(png_ptr)*/); - const png_alloc_size_t ob = display->output_bytes; + png_alloc_size_t ob = display->output_bytes; /* Check for overflow; this should never happen: */ if (size <= ((png_alloc_size_t)-1) - ob) diff --git a/thirdparty/libpng/pngwtran.c b/thirdparty/libpng/pngwtran.c index 3a1e0a21d2..49a13c1e98 100644 --- a/thirdparty/libpng/pngwtran.c +++ b/thirdparty/libpng/pngwtran.c @@ -1,10 +1,10 @@ /* pngwtran.c - transforms the data in a row for PNG writers * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2016,2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -254,8 +254,7 @@ png_do_shift(png_row_infop row_info, png_bytep row, for (i = 0; i < istop; i++, bp++) { - - const unsigned int c = i%channels; + unsigned int c = i%channels; int j; unsigned int v, out; @@ -283,7 +282,7 @@ png_do_shift(png_row_infop row_info, png_bytep row, for (bp = row, i = 0; i < istop; i++) { - const unsigned int c = i%channels; + unsigned int c = i%channels; int j; unsigned int value, v; diff --git a/thirdparty/libpng/pngwutil.c b/thirdparty/libpng/pngwutil.c index ab431e712c..16345e4c0b 100644 --- a/thirdparty/libpng/pngwutil.c +++ b/thirdparty/libpng/pngwutil.c @@ -1,10 +1,10 @@ /* pngwutil.c - utilities to write a PNG file * - * Last changed in libpng 1.6.35 [July 15, 2018] + * Copyright (c) 2018 Cosmin Truta * Copyright (c) 1998-2002,2004,2006-2018 Glenn Randers-Pehrson - * (Version 0.96 Copyright (c) 1996, 1997 Andreas Dilger) - * (Version 0.88 Copyright (c) 1995, 1996 Guy Eric Schalnat, Group 42, Inc.) + * Copyright (c) 1996-1997 Andreas Dilger + * Copyright (c) 1995-1996 Guy Eric Schalnat, Group 42, Inc. * * This code is released under the libpng license. * For conditions of distribution and use, see the disclaimer @@ -1893,16 +1893,16 @@ png_write_start_row(png_structrp png_ptr) /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */ /* Start of interlace block */ - static PNG_CONST png_byte png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0}; + static const png_byte png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0}; /* Offset to next interlace block */ - static PNG_CONST png_byte png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; + static const png_byte png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; /* Start of interlace block in the y direction */ - static PNG_CONST png_byte png_pass_ystart[7] = {0, 0, 4, 0, 2, 0, 1}; + static const png_byte png_pass_ystart[7] = {0, 0, 4, 0, 2, 0, 1}; /* Offset to next interlace block in the y direction */ - static PNG_CONST png_byte png_pass_yinc[7] = {8, 8, 8, 4, 4, 2, 2}; + static const png_byte png_pass_yinc[7] = {8, 8, 8, 4, 4, 2, 2}; #endif png_alloc_size_t buf_size; @@ -2008,16 +2008,16 @@ png_write_finish_row(png_structrp png_ptr) /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */ /* Start of interlace block */ - static PNG_CONST png_byte png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0}; + static const png_byte png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0}; /* Offset to next interlace block */ - static PNG_CONST png_byte png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; + static const png_byte png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; /* Start of interlace block in the y direction */ - static PNG_CONST png_byte png_pass_ystart[7] = {0, 0, 4, 0, 2, 0, 1}; + static const png_byte png_pass_ystart[7] = {0, 0, 4, 0, 2, 0, 1}; /* Offset to next interlace block in the y direction */ - static PNG_CONST png_byte png_pass_yinc[7] = {8, 8, 8, 4, 4, 2, 2}; + static const png_byte png_pass_yinc[7] = {8, 8, 8, 4, 4, 2, 2}; #endif png_debug(1, "in png_write_finish_row"); @@ -2098,10 +2098,10 @@ png_do_write_interlace(png_row_infop row_info, png_bytep row, int pass) /* Arrays to facilitate easy interlacing - use pass (0 - 6) as index */ /* Start of interlace block */ - static PNG_CONST png_byte png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0}; + static const png_byte png_pass_start[7] = {0, 4, 0, 2, 0, 1, 0}; /* Offset to next interlace block */ - static PNG_CONST png_byte png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; + static const png_byte png_pass_inc[7] = {8, 8, 4, 4, 2, 2, 1}; png_debug(1, "in png_do_write_interlace"); @@ -2276,7 +2276,7 @@ png_write_filtered_row(png_structrp png_ptr, png_bytep filtered_row, #ifdef PNG_WRITE_FILTER_SUPPORTED static size_t /* PRIVATE */ -png_setup_sub_row(png_structrp png_ptr, const png_uint_32 bpp, +png_setup_sub_row(png_structrp png_ptr, png_uint_32 bpp, size_t row_bytes, size_t lmins) { png_bytep rp, dp, lp; @@ -2315,7 +2315,7 @@ png_setup_sub_row(png_structrp png_ptr, const png_uint_32 bpp, } static void /* PRIVATE */ -png_setup_sub_row_only(png_structrp png_ptr, const png_uint_32 bpp, +png_setup_sub_row_only(png_structrp png_ptr, png_uint_32 bpp, size_t row_bytes) { png_bytep rp, dp, lp; @@ -2380,7 +2380,7 @@ png_setup_up_row_only(png_structrp png_ptr, size_t row_bytes) } static size_t /* PRIVATE */ -png_setup_avg_row(png_structrp png_ptr, const png_uint_32 bpp, +png_setup_avg_row(png_structrp png_ptr, png_uint_32 bpp, size_t row_bytes, size_t lmins) { png_bytep rp, dp, pp, lp; @@ -2420,7 +2420,7 @@ png_setup_avg_row(png_structrp png_ptr, const png_uint_32 bpp, return (sum); } static void /* PRIVATE */ -png_setup_avg_row_only(png_structrp png_ptr, const png_uint_32 bpp, +png_setup_avg_row_only(png_structrp png_ptr, png_uint_32 bpp, size_t row_bytes) { png_bytep rp, dp, pp, lp; @@ -2442,7 +2442,7 @@ png_setup_avg_row_only(png_structrp png_ptr, const png_uint_32 bpp, } static size_t /* PRIVATE */ -png_setup_paeth_row(png_structrp png_ptr, const png_uint_32 bpp, +png_setup_paeth_row(png_structrp png_ptr, png_uint_32 bpp, size_t row_bytes, size_t lmins) { png_bytep rp, dp, pp, cp, lp; @@ -2503,7 +2503,7 @@ png_setup_paeth_row(png_structrp png_ptr, const png_uint_32 bpp, return (sum); } static void /* PRIVATE */ -png_setup_paeth_row_only(png_structrp png_ptr, const png_uint_32 bpp, +png_setup_paeth_row_only(png_structrp png_ptr, png_uint_32 bpp, size_t row_bytes) { png_bytep rp, dp, pp, cp, lp; diff --git a/thirdparty/libtheora/decode.c b/thirdparty/libtheora/decode.c index 7be66463d8..bde967b794 100644 --- a/thirdparty/libtheora/decode.c +++ b/thirdparty/libtheora/decode.c @@ -397,10 +397,10 @@ static int oc_dec_init(oc_dec_ctx *_dec,const th_info *_info, int qsum; qsum=0; for(qti=0;qti<2;qti++)for(pli=0;pli<3;pli++){ - qsum+=_dec->state.dequant_tables[qti][pli][qi][12]+ - _dec->state.dequant_tables[qti][pli][qi][17]+ - _dec->state.dequant_tables[qti][pli][qi][18]+ - _dec->state.dequant_tables[qti][pli][qi][24]<<(pli==0); + qsum+=_dec->state.dequant_tables[qi][pli][qti][12]+ + _dec->state.dequant_tables[qi][pli][qti][17]+ + _dec->state.dequant_tables[qi][pli][qti][18]+ + _dec->state.dequant_tables[qi][pli][qti][24]<<(pli==0); } _dec->pp_sharp_mod[qi]=-(qsum>>11); } diff --git a/thirdparty/libtheora/patches/theora.git-0ae66d565e6bead8604d312bc1a4e9dccf245c88.patch b/thirdparty/libtheora/patches/theora.git-0ae66d565e6bead8604d312bc1a4e9dccf245c88.patch new file mode 100644 index 0000000000..1b9c8e20be --- /dev/null +++ b/thirdparty/libtheora/patches/theora.git-0ae66d565e6bead8604d312bc1a4e9dccf245c88.patch @@ -0,0 +1,38 @@ +From 0ae66d565e6bead8604d312bc1a4e9dccf245c88 Mon Sep 17 00:00:00 2001 +From: Tim Terriberry <tterribe@xiph.org> +Date: Tue, 8 May 2012 02:51:57 +0000 +Subject: [PATCH] Fix pp_sharp_mod calculation. + +This was broken when the dequant_tables indexing changed in commit + r16102, but it only affected post-processing quality, so we never + noticed. +With gcc 4.8.0, this can now trigger a segfault during decoder + initialization. + +svn path=/trunk/theora/; revision=18268 +--- + decode.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/decode.c b/decode.c +index b803505..9f2516a 100644 +--- a/decode.c ++++ b/decode.c +@@ -400,10 +400,10 @@ static int oc_dec_init(oc_dec_ctx *_dec,const th_info *_info, + int qsum; + qsum=0; + for(qti=0;qti<2;qti++)for(pli=0;pli<3;pli++){ +- qsum+=_dec->state.dequant_tables[qti][pli][qi][12]+ +- _dec->state.dequant_tables[qti][pli][qi][17]+ +- _dec->state.dequant_tables[qti][pli][qi][18]+ +- _dec->state.dequant_tables[qti][pli][qi][24]<<(pli==0); ++ qsum+=_dec->state.dequant_tables[qi][pli][qti][12]+ ++ _dec->state.dequant_tables[qi][pli][qti][17]+ ++ _dec->state.dequant_tables[qi][pli][qti][18]+ ++ _dec->state.dequant_tables[qi][pli][qti][24]<<(pli==0); + } + _dec->pp_sharp_mod[qi]=-(qsum>>11); + } +-- +2.11.0 + diff --git a/thirdparty/libvpx/rtcd/vpx_dsp_rtcd_x86.h b/thirdparty/libvpx/rtcd/vpx_dsp_rtcd_x86.h index 82574e096c..c2a68330ac 100644 --- a/thirdparty/libvpx/rtcd/vpx_dsp_rtcd_x86.h +++ b/thirdparty/libvpx/rtcd/vpx_dsp_rtcd_x86.h @@ -22,7 +22,6 @@ extern "C" { void vpx_convolve8_c(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); void vpx_convolve8_sse2(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); void vpx_convolve8_ssse3(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); -void vpx_convolve8_avx2(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); RTCD_EXTERN void (*vpx_convolve8)(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); void vpx_convolve8_avg_c(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); @@ -43,13 +42,11 @@ RTCD_EXTERN void (*vpx_convolve8_avg_vert)(const uint8_t *src, ptrdiff_t src_str void vpx_convolve8_horiz_c(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); void vpx_convolve8_horiz_sse2(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); void vpx_convolve8_horiz_ssse3(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); -void vpx_convolve8_horiz_avx2(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); RTCD_EXTERN void (*vpx_convolve8_horiz)(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); void vpx_convolve8_vert_c(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); void vpx_convolve8_vert_sse2(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); void vpx_convolve8_vert_ssse3(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); -void vpx_convolve8_vert_avx2(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); RTCD_EXTERN void (*vpx_convolve8_vert)(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); void vpx_convolve_avg_c(const uint8_t *src, ptrdiff_t src_stride, uint8_t *dst, ptrdiff_t dst_stride, const int16_t *filter_x, int x_step_q4, const int16_t *filter_y, int y_step_q4, int w, int h); @@ -343,12 +340,10 @@ RTCD_EXTERN void (*vpx_lpf_horizontal_8_dual)(uint8_t *s, int pitch, const uint8 void vpx_lpf_horizontal_edge_16_c(uint8_t *s, int pitch, const uint8_t *blimit, const uint8_t *limit, const uint8_t *thresh); void vpx_lpf_horizontal_edge_16_sse2(uint8_t *s, int pitch, const uint8_t *blimit, const uint8_t *limit, const uint8_t *thresh); -void vpx_lpf_horizontal_edge_16_avx2(uint8_t *s, int pitch, const uint8_t *blimit, const uint8_t *limit, const uint8_t *thresh); RTCD_EXTERN void (*vpx_lpf_horizontal_edge_16)(uint8_t *s, int pitch, const uint8_t *blimit, const uint8_t *limit, const uint8_t *thresh); void vpx_lpf_horizontal_edge_8_c(uint8_t *s, int pitch, const uint8_t *blimit, const uint8_t *limit, const uint8_t *thresh); void vpx_lpf_horizontal_edge_8_sse2(uint8_t *s, int pitch, const uint8_t *blimit, const uint8_t *limit, const uint8_t *thresh); -void vpx_lpf_horizontal_edge_8_avx2(uint8_t *s, int pitch, const uint8_t *blimit, const uint8_t *limit, const uint8_t *thresh); RTCD_EXTERN void (*vpx_lpf_horizontal_edge_8)(uint8_t *s, int pitch, const uint8_t *blimit, const uint8_t *limit, const uint8_t *thresh); void vpx_lpf_vertical_16_c(uint8_t *s, int pitch, const uint8_t *blimit, const uint8_t *limit, const uint8_t *thresh); @@ -440,7 +435,6 @@ static void setup_rtcd_internal(void) vpx_convolve8 = vpx_convolve8_c; if (flags & HAS_SSE2) vpx_convolve8 = vpx_convolve8_sse2; if (flags & HAS_SSSE3) vpx_convolve8 = vpx_convolve8_ssse3; - if (flags & HAS_AVX2) vpx_convolve8 = vpx_convolve8_avx2; vpx_convolve8_avg = vpx_convolve8_avg_c; if (flags & HAS_SSE2) vpx_convolve8_avg = vpx_convolve8_avg_sse2; if (flags & HAS_SSSE3) vpx_convolve8_avg = vpx_convolve8_avg_ssse3; @@ -453,11 +447,9 @@ static void setup_rtcd_internal(void) vpx_convolve8_horiz = vpx_convolve8_horiz_c; if (flags & HAS_SSE2) vpx_convolve8_horiz = vpx_convolve8_horiz_sse2; if (flags & HAS_SSSE3) vpx_convolve8_horiz = vpx_convolve8_horiz_ssse3; - if (flags & HAS_AVX2) vpx_convolve8_horiz = vpx_convolve8_horiz_avx2; vpx_convolve8_vert = vpx_convolve8_vert_c; if (flags & HAS_SSE2) vpx_convolve8_vert = vpx_convolve8_vert_sse2; if (flags & HAS_SSSE3) vpx_convolve8_vert = vpx_convolve8_vert_ssse3; - if (flags & HAS_AVX2) vpx_convolve8_vert = vpx_convolve8_vert_avx2; vpx_convolve_avg = vpx_convolve_avg_c; if (flags & HAS_SSE2) vpx_convolve_avg = vpx_convolve_avg_sse2; vpx_convolve_copy = vpx_convolve_copy_c; @@ -570,10 +562,8 @@ static void setup_rtcd_internal(void) if (flags & HAS_SSE2) vpx_lpf_horizontal_8_dual = vpx_lpf_horizontal_8_dual_sse2; vpx_lpf_horizontal_edge_16 = vpx_lpf_horizontal_edge_16_c; if (flags & HAS_SSE2) vpx_lpf_horizontal_edge_16 = vpx_lpf_horizontal_edge_16_sse2; - if (flags & HAS_AVX2) vpx_lpf_horizontal_edge_16 = vpx_lpf_horizontal_edge_16_avx2; vpx_lpf_horizontal_edge_8 = vpx_lpf_horizontal_edge_8_c; if (flags & HAS_SSE2) vpx_lpf_horizontal_edge_8 = vpx_lpf_horizontal_edge_8_sse2; - if (flags & HAS_AVX2) vpx_lpf_horizontal_edge_8 = vpx_lpf_horizontal_edge_8_avx2; vpx_lpf_vertical_16 = vpx_lpf_vertical_16_c; if (flags & HAS_SSE2) vpx_lpf_vertical_16 = vpx_lpf_vertical_16_sse2; vpx_lpf_vertical_16_dual = vpx_lpf_vertical_16_dual_c; diff --git a/thirdparty/libvpx/vpx_config.h b/thirdparty/libvpx/vpx_config.h index 6caec50c81..e8e91fa6ef 100644 --- a/thirdparty/libvpx/vpx_config.h +++ b/thirdparty/libvpx/vpx_config.h @@ -29,7 +29,7 @@ #define HAVE_MMX 1 #define HAVE_SSE2 1 #define HAVE_SSSE3 1 - #define HAVE_AVX2 1 + #define HAVE_AVX2 0 #elif defined(__x86_64) || defined(__x86_64__) || defined(__amd64) || defined(_M_X64) #define ARCH_X86 0 #define ARCH_X86_64 1 @@ -41,7 +41,7 @@ #define HAVE_MMX 1 #define HAVE_SSE2 1 #define HAVE_SSSE3 1 - #define HAVE_AVX2 1 + #define HAVE_AVX2 0 #elif defined(__arm__) || defined(__TARGET_ARCH_ARM) || defined(_M_ARM) #define ARCH_X86 0 #define ARCH_X86_64 0 diff --git a/thirdparty/libwebp/AUTHORS b/thirdparty/libwebp/AUTHORS index 83c7b9c5eb..0d70b7fb2a 100644 --- a/thirdparty/libwebp/AUTHORS +++ b/thirdparty/libwebp/AUTHORS @@ -1,4 +1,5 @@ Contributors: +- Alan Browning (browning at google dot com) - Charles Munger (clm at google dot com) - Christian Duvivier (cduvivier at google dot com) - Djordje Pesut (djordje dot pesut at imgtec dot com) @@ -6,9 +7,10 @@ Contributors: - James Zern (jzern at google dot com) - Jan Engelhardt (jengelh at medozas dot de) - Jehan (jehan at girinstud dot io) -- Johann (johann dot koenig at duck dot com) +- Johann Koenig (johann dot koenig at duck dot com) - Jovan Zelincevic (jovan dot zelincevic at imgtec dot com) - Jyrki Alakuijala (jyrki at google dot com) +- Konstantin Ivlev (tomskside at gmail dot com) - Lode Vandevenne (lode at google dot com) - Lou Quillio (louquillio at google dot com) - Mans Rullgard (mans at mansr dot com) @@ -37,3 +39,4 @@ Contributors: - Vincent Rabaud (vrabaud at google dot com) - Vlad Tsyrklevich (vtsyrklevich at chromium dot org) - Yang Zhang (yang dot zhang at arm dot com) +- Yannis Guyon (yguyon at google dot com) diff --git a/thirdparty/libwebp/src/dec/vp8i_dec.h b/thirdparty/libwebp/src/dec/vp8i_dec.h index e5e89df57d..2d7900aae1 100644 --- a/thirdparty/libwebp/src/dec/vp8i_dec.h +++ b/thirdparty/libwebp/src/dec/vp8i_dec.h @@ -32,7 +32,7 @@ extern "C" { // version numbers #define DEC_MAJ_VERSION 1 #define DEC_MIN_VERSION 0 -#define DEC_REV_VERSION 1 +#define DEC_REV_VERSION 2 // YUV-cache parameters. Cache is 32-bytes wide (= one cacheline). // Constraints are: We need to store one 16x16 block of luma samples (y), diff --git a/thirdparty/libwebp/src/demux/demux.c b/thirdparty/libwebp/src/demux/demux.c index a69c65b7cf..d8f7a40a56 100644 --- a/thirdparty/libwebp/src/demux/demux.c +++ b/thirdparty/libwebp/src/demux/demux.c @@ -25,7 +25,7 @@ #define DMUX_MAJ_VERSION 1 #define DMUX_MIN_VERSION 0 -#define DMUX_REV_VERSION 1 +#define DMUX_REV_VERSION 2 typedef struct { size_t start_; // start location of the data diff --git a/thirdparty/libwebp/src/dsp/cost.c b/thirdparty/libwebp/src/dsp/cost.c index 634ccc2085..cc681cdd4b 100644 --- a/thirdparty/libwebp/src/dsp/cost.c +++ b/thirdparty/libwebp/src/dsp/cost.c @@ -377,6 +377,7 @@ VP8SetResidualCoeffsFunc VP8SetResidualCoeffs; extern void VP8EncDspCostInitMIPS32(void); extern void VP8EncDspCostInitMIPSdspR2(void); extern void VP8EncDspCostInitSSE2(void); +extern void VP8EncDspCostInitNEON(void); WEBP_DSP_INIT_FUNC(VP8EncDspCostInit) { VP8GetResidualCost = GetResidualCost_C; @@ -399,6 +400,11 @@ WEBP_DSP_INIT_FUNC(VP8EncDspCostInit) { VP8EncDspCostInitSSE2(); } #endif +#if defined(WEBP_USE_NEON) + if (VP8GetCPUInfo(kNEON)) { + VP8EncDspCostInitNEON(); + } +#endif } } diff --git a/thirdparty/libwebp/src/dsp/cost_neon.c b/thirdparty/libwebp/src/dsp/cost_neon.c new file mode 100644 index 0000000000..8cc8ce58aa --- /dev/null +++ b/thirdparty/libwebp/src/dsp/cost_neon.c @@ -0,0 +1,122 @@ +// Copyright 2018 Google Inc. All Rights Reserved. +// +// Use of this source code is governed by a BSD-style license +// that can be found in the COPYING file in the root of the source +// tree. An additional intellectual property rights grant can be found +// in the file PATENTS. All contributing project authors may +// be found in the AUTHORS file in the root of the source tree. +// ----------------------------------------------------------------------------- +// +// ARM NEON version of cost functions + +#include "src/dsp/dsp.h" + +#if defined(WEBP_USE_NEON) + +#include "src/dsp/neon.h" +#include "src/enc/cost_enc.h" + +static const uint8_t position[16] = { 1, 2, 3, 4, 5, 6, 7, 8, + 9, 10, 11, 12, 13, 14, 15, 16 }; + +static void SetResidualCoeffs_NEON(const int16_t* const coeffs, + VP8Residual* const res) { + const int16x8_t minus_one = vdupq_n_s16(-1); + const int16x8_t coeffs_0 = vld1q_s16(coeffs); + const int16x8_t coeffs_1 = vld1q_s16(coeffs + 8); + const uint16x8_t eob_0 = vtstq_s16(coeffs_0, minus_one); + const uint16x8_t eob_1 = vtstq_s16(coeffs_1, minus_one); + const uint8x16_t eob = vcombine_u8(vqmovn_u16(eob_0), vqmovn_u16(eob_1)); + const uint8x16_t masked = vandq_u8(eob, vld1q_u8(position)); + +#ifdef __aarch64__ + res->last = vmaxvq_u8(masked) - 1; +#else + const uint8x8_t eob_8x8 = vmax_u8(vget_low_u8(masked), vget_high_u8(masked)); + const uint16x8_t eob_16x8 = vmovl_u8(eob_8x8); + const uint16x4_t eob_16x4 = + vmax_u16(vget_low_u16(eob_16x8), vget_high_u16(eob_16x8)); + const uint32x4_t eob_32x4 = vmovl_u16(eob_16x4); + uint32x2_t eob_32x2 = + vmax_u32(vget_low_u32(eob_32x4), vget_high_u32(eob_32x4)); + eob_32x2 = vpmax_u32(eob_32x2, eob_32x2); + + vst1_lane_s32(&res->last, vreinterpret_s32_u32(eob_32x2), 0); + --res->last; +#endif // __aarch64__ + + res->coeffs = coeffs; +} + +static int GetResidualCost_NEON(int ctx0, const VP8Residual* const res) { + uint8_t levels[16], ctxs[16]; + uint16_t abs_levels[16]; + int n = res->first; + // should be prob[VP8EncBands[n]], but it's equivalent for n=0 or 1 + const int p0 = res->prob[n][ctx0][0]; + CostArrayPtr const costs = res->costs; + const uint16_t* t = costs[n][ctx0]; + // bit_cost(1, p0) is already incorporated in t[] tables, but only if ctx != 0 + // (as required by the syntax). For ctx0 == 0, we need to add it here or it'll + // be missing during the loop. + int cost = (ctx0 == 0) ? VP8BitCost(1, p0) : 0; + + if (res->last < 0) { + return VP8BitCost(0, p0); + } + + { // precompute clamped levels and contexts, packed to 8b. + const uint8x16_t kCst2 = vdupq_n_u8(2); + const uint8x16_t kCst67 = vdupq_n_u8(MAX_VARIABLE_LEVEL); + const int16x8_t c0 = vld1q_s16(res->coeffs); + const int16x8_t c1 = vld1q_s16(res->coeffs + 8); + const uint16x8_t E0 = vreinterpretq_u16_s16(vabsq_s16(c0)); + const uint16x8_t E1 = vreinterpretq_u16_s16(vabsq_s16(c1)); + const uint8x16_t F = vcombine_u8(vqmovn_u16(E0), vqmovn_u16(E1)); + const uint8x16_t G = vminq_u8(F, kCst2); // context = 0,1,2 + const uint8x16_t H = vminq_u8(F, kCst67); // clamp_level in [0..67] + + vst1q_u8(ctxs, G); + vst1q_u8(levels, H); + + vst1q_u16(abs_levels, E0); + vst1q_u16(abs_levels + 8, E1); + } + for (; n < res->last; ++n) { + const int ctx = ctxs[n]; + const int level = levels[n]; + const int flevel = abs_levels[n]; // full level + cost += VP8LevelFixedCosts[flevel] + t[level]; // simplified VP8LevelCost() + t = costs[n + 1][ctx]; + } + // Last coefficient is always non-zero + { + const int level = levels[n]; + const int flevel = abs_levels[n]; + assert(flevel != 0); + cost += VP8LevelFixedCosts[flevel] + t[level]; + if (n < 15) { + const int b = VP8EncBands[n + 1]; + const int ctx = ctxs[n]; + const int last_p0 = res->prob[b][ctx][0]; + cost += VP8BitCost(0, last_p0); + } + } + return cost; +} + +//------------------------------------------------------------------------------ +// Entry point + +extern void VP8EncDspCostInitNEON(void); + +WEBP_TSAN_IGNORE_FUNCTION void VP8EncDspCostInitNEON(void) { + VP8SetResidualCoeffs = SetResidualCoeffs_NEON; + VP8GetResidualCost = GetResidualCost_NEON; +} + +#else // !WEBP_USE_NEON + +WEBP_DSP_INIT_STUB(VP8EncDspCostInitNEON) + +#endif // WEBP_USE_NEON diff --git a/thirdparty/libwebp/src/dsp/quant.h b/thirdparty/libwebp/src/dsp/quant.h new file mode 100644 index 0000000000..5ba6f9c377 --- /dev/null +++ b/thirdparty/libwebp/src/dsp/quant.h @@ -0,0 +1,70 @@ +// Copyright 2018 Google Inc. All Rights Reserved. +// +// Use of this source code is governed by a BSD-style license +// that can be found in the COPYING file in the root of the source +// tree. An additional intellectual property rights grant can be found +// in the file PATENTS. All contributing project authors may +// be found in the AUTHORS file in the root of the source tree. +// ----------------------------------------------------------------------------- + +#ifndef WEBP_DSP_QUANT_H_ +#define WEBP_DSP_QUANT_H_ + +#include "src/dsp/dsp.h" +#include "src/webp/types.h" + +#if defined(WEBP_USE_NEON) && !defined(WEBP_ANDROID_NEON) && \ + !defined(WEBP_HAVE_NEON_RTCD) +#include <arm_neon.h> + +#define IsFlat IsFlat_NEON + +static uint32x2_t horizontal_add_uint32x4(const uint32x4_t a) { + const uint64x2_t b = vpaddlq_u32(a); + return vadd_u32(vreinterpret_u32_u64(vget_low_u64(b)), + vreinterpret_u32_u64(vget_high_u64(b))); +} + +static WEBP_INLINE int IsFlat(const int16_t* levels, int num_blocks, + int thresh) { + const int16x8_t tst_ones = vdupq_n_s16(-1); + uint32x4_t sum = vdupq_n_u32(0); + + for (int i = 0; i < num_blocks; ++i) { + // Set DC to zero. + const int16x8_t a_0 = vsetq_lane_s16(0, vld1q_s16(levels), 0); + const int16x8_t a_1 = vld1q_s16(levels + 8); + + const uint16x8_t b_0 = vshrq_n_u16(vtstq_s16(a_0, tst_ones), 15); + const uint16x8_t b_1 = vshrq_n_u16(vtstq_s16(a_1, tst_ones), 15); + + sum = vpadalq_u16(sum, b_0); + sum = vpadalq_u16(sum, b_1); + + levels += 16; + } + return thresh >= (int32_t)vget_lane_u32(horizontal_add_uint32x4(sum), 0); +} + +#else + +#define IsFlat IsFlat_C + +static WEBP_INLINE int IsFlat(const int16_t* levels, int num_blocks, + int thresh) { + int score = 0; + while (num_blocks-- > 0) { // TODO(skal): refine positional scoring? + int i; + for (i = 1; i < 16; ++i) { // omit DC, we're only interested in AC + score += (levels[i] != 0); + if (score > thresh) return 0; + } + levels += 16; + } + return 1; +} + +#endif // defined(WEBP_USE_NEON) && !defined(WEBP_ANDROID_NEON) && + // !defined(WEBP_HAVE_NEON_RTCD) + +#endif // WEBP_DSP_QUANT_H_ diff --git a/thirdparty/libwebp/src/enc/histogram_enc.c b/thirdparty/libwebp/src/enc/histogram_enc.c index 4e49e0a201..8ac6fa8e02 100644 --- a/thirdparty/libwebp/src/enc/histogram_enc.c +++ b/thirdparty/libwebp/src/enc/histogram_enc.c @@ -165,7 +165,7 @@ VP8LHistogramSet* VP8LAllocateHistogramSet(int size, int cache_bits) { void VP8LHistogramSetClear(VP8LHistogramSet* const set) { int i; const int cache_bits = set->histograms[0]->palette_code_bits_; - const int size = set->size; + const int size = set->max_size; const size_t total_size = HistogramSetTotalSize(size, cache_bits); uint8_t* memory = (uint8_t*)set; @@ -180,6 +180,20 @@ void VP8LHistogramSetClear(VP8LHistogramSet* const set) { } } +// Removes the histogram 'i' from 'set' by setting it to NULL. +static void HistogramSetRemoveHistogram(VP8LHistogramSet* const set, int i, + int* const num_used) { + assert(set->histograms[i] != NULL); + set->histograms[i] = NULL; + --*num_used; + // If we remove the last valid one, shrink until the next valid one. + if (i == set->size - 1) { + while (set->size >= 1 && set->histograms[set->size - 1] == NULL) { + --set->size; + } + } +} + // ----------------------------------------------------------------------------- void VP8LHistogramAddSinglePixOrCopy(VP8LHistogram* const histo, @@ -447,7 +461,9 @@ static double HistogramAddEval(const VP8LHistogram* const a, static double HistogramAddThresh(const VP8LHistogram* const a, const VP8LHistogram* const b, double cost_threshold) { - double cost = -a->bit_cost_; + double cost; + assert(a != NULL && b != NULL); + cost = -a->bit_cost_; GetCombinedHistogramEntropy(a, b, cost_threshold, &cost); return cost; } @@ -561,14 +577,17 @@ static void HistogramBuild( } // Copies the histograms and computes its bit_cost. -static void HistogramCopyAndAnalyze( - VP8LHistogramSet* const orig_histo, VP8LHistogramSet* const image_histo) { - int i; - const int histo_size = orig_histo->size; +static const uint16_t kInvalidHistogramSymbol = (uint16_t)(-1); +static void HistogramCopyAndAnalyze(VP8LHistogramSet* const orig_histo, + VP8LHistogramSet* const image_histo, + int* const num_used, + uint16_t* const histogram_symbols) { + int i, cluster_id; + int num_used_orig = *num_used; VP8LHistogram** const orig_histograms = orig_histo->histograms; VP8LHistogram** const histograms = image_histo->histograms; - image_histo->size = 0; - for (i = 0; i < histo_size; ++i) { + assert(image_histo->max_size == orig_histo->max_size); + for (cluster_id = 0, i = 0; i < orig_histo->max_size; ++i) { VP8LHistogram* const histo = orig_histograms[i]; UpdateHistogramCost(histo); @@ -576,10 +595,19 @@ static void HistogramCopyAndAnalyze( // with no information (when they are skipped because of LZ77). if (!histo->is_used_[0] && !histo->is_used_[1] && !histo->is_used_[2] && !histo->is_used_[3] && !histo->is_used_[4]) { - continue; + // The first histogram is always used. If an histogram is empty, we set + // its id to be the same as the previous one: this will improve + // compressibility for later LZ77. + assert(i > 0); + HistogramSetRemoveHistogram(image_histo, i, num_used); + HistogramSetRemoveHistogram(orig_histo, i, &num_used_orig); + histogram_symbols[i] = kInvalidHistogramSymbol; + } else { + // Copy histograms from orig_histo[] to image_histo[]. + HistogramCopy(histo, histograms[i]); + histogram_symbols[i] = cluster_id++; + assert(cluster_id <= image_histo->max_size); } - // Copy histograms from orig_histo[] to image_histo[]. - HistogramCopy(histo, histograms[image_histo->size++]); } } @@ -596,29 +624,33 @@ static void HistogramAnalyzeEntropyBin(VP8LHistogramSet* const image_histo, // Analyze the dominant (literal, red and blue) entropy costs. for (i = 0; i < histo_size; ++i) { + if (histograms[i] == NULL) continue; UpdateDominantCostRange(histograms[i], &cost_range); } // bin-hash histograms on three of the dominant (literal, red and blue) // symbol costs and store the resulting bin_id for each histogram. for (i = 0; i < histo_size; ++i) { + // bin_map[i] is not set to a special value as its use will later be guarded + // by another (histograms[i] == NULL). + if (histograms[i] == NULL) continue; bin_map[i] = GetHistoBinIndex(histograms[i], &cost_range, low_effort); } } -// Compact image_histo[] by merging some histograms with same bin_id together if -// it's advantageous. +// Merges some histograms with same bin_id together if it's advantageous. +// Sets the remaining histograms to NULL. static void HistogramCombineEntropyBin(VP8LHistogramSet* const image_histo, + int *num_used, + const uint16_t* const clusters, + uint16_t* const cluster_mappings, VP8LHistogram* cur_combo, const uint16_t* const bin_map, - int bin_map_size, int num_bins, + int num_bins, double combine_cost_factor, int low_effort) { VP8LHistogram** const histograms = image_histo->histograms; int idx; - // Work in-place: processed histograms are put at the beginning of - // image_histo[]. At the end, we just have to truncate the array. - int size = 0; struct { int16_t first; // position of the histogram that accumulates all // histograms with the same bin_id @@ -631,16 +663,19 @@ static void HistogramCombineEntropyBin(VP8LHistogramSet* const image_histo, bin_info[idx].num_combine_failures = 0; } - for (idx = 0; idx < bin_map_size; ++idx) { - const int bin_id = bin_map[idx]; - const int first = bin_info[bin_id].first; - assert(size <= idx); + // By default, a cluster matches itself. + for (idx = 0; idx < *num_used; ++idx) cluster_mappings[idx] = idx; + for (idx = 0; idx < image_histo->size; ++idx) { + int bin_id, first; + if (histograms[idx] == NULL) continue; + bin_id = bin_map[idx]; + first = bin_info[bin_id].first; if (first == -1) { - // just move histogram #idx to its final position - histograms[size] = histograms[idx]; - bin_info[bin_id].first = size++; + bin_info[bin_id].first = idx; } else if (low_effort) { HistogramAdd(histograms[idx], histograms[first], histograms[first]); + HistogramSetRemoveHistogram(image_histo, idx, num_used); + cluster_mappings[clusters[idx]] = clusters[first]; } else { // try to merge #idx into #first (both share the same bin_id) const double bit_cost = histograms[idx]->bit_cost_; @@ -663,19 +698,18 @@ static void HistogramCombineEntropyBin(VP8LHistogramSet* const image_histo, bin_info[bin_id].num_combine_failures >= max_combine_failures) { // move the (better) merged histogram to its final slot HistogramSwap(&cur_combo, &histograms[first]); + HistogramSetRemoveHistogram(image_histo, idx, num_used); + cluster_mappings[clusters[idx]] = clusters[first]; } else { - histograms[size++] = histograms[idx]; ++bin_info[bin_id].num_combine_failures; } - } else { - histograms[size++] = histograms[idx]; } } } - image_histo->size = size; if (low_effort) { // for low_effort case, update the final cost when everything is merged - for (idx = 0; idx < size; ++idx) { + for (idx = 0; idx < image_histo->size; ++idx) { + if (histograms[idx] == NULL) continue; UpdateHistogramCost(histograms[idx]); } } @@ -706,16 +740,9 @@ typedef struct { int max_size; } HistoQueue; -static int HistoQueueInit(HistoQueue* const histo_queue, const int max_index) { +static int HistoQueueInit(HistoQueue* const histo_queue, const int max_size) { histo_queue->size = 0; - // max_index^2 for the queue size is safe. If you look at - // HistogramCombineGreedy, and imagine that UpdateQueueFront always pushes - // data to the queue, you insert at most: - // - max_index*(max_index-1)/2 (the first two for loops) - // - max_index - 1 in the last for loop at the first iteration of the while - // loop, max_index - 2 at the second iteration ... therefore - // max_index*(max_index-1)/2 overall too - histo_queue->max_size = max_index * max_index; + histo_queue->max_size = max_size; // We allocate max_size + 1 because the last element at index "size" is // used as temporary data (and it could be up to max_size). histo_queue->queue = (HistogramPair*)WebPSafeMalloc( @@ -778,6 +805,8 @@ static double HistoQueuePush(HistoQueue* const histo_queue, const VP8LHistogram* h2; HistogramPair pair; + // Stop here if the queue is full. + if (histo_queue->size == histo_queue->max_size) return 0.; assert(threshold <= 0.); if (idx1 > idx2) { const int tmp = idx2; @@ -794,8 +823,6 @@ static double HistoQueuePush(HistoQueue* const histo_queue, // Do not even consider the pair if it does not improve the entropy. if (pair.cost_diff >= threshold) return 0.; - // We cannot add more elements than the capacity. - assert(histo_queue->size < histo_queue->max_size); histo_queue->queue[histo_queue->size++] = pair; HistoQueueUpdateHead(histo_queue, &histo_queue->queue[histo_queue->size - 1]); @@ -806,42 +833,43 @@ static double HistoQueuePush(HistoQueue* const histo_queue, // Combines histograms by continuously choosing the one with the highest cost // reduction. -static int HistogramCombineGreedy(VP8LHistogramSet* const image_histo) { +static int HistogramCombineGreedy(VP8LHistogramSet* const image_histo, + int* const num_used) { int ok = 0; - int image_histo_size = image_histo->size; + const int image_histo_size = image_histo->size; int i, j; VP8LHistogram** const histograms = image_histo->histograms; - // Indexes of remaining histograms. - int* const clusters = - (int*)WebPSafeMalloc(image_histo_size, sizeof(*clusters)); // Priority queue of histogram pairs. HistoQueue histo_queue; - if (!HistoQueueInit(&histo_queue, image_histo_size) || clusters == NULL) { + // image_histo_size^2 for the queue size is safe. If you look at + // HistogramCombineGreedy, and imagine that UpdateQueueFront always pushes + // data to the queue, you insert at most: + // - image_histo_size*(image_histo_size-1)/2 (the first two for loops) + // - image_histo_size - 1 in the last for loop at the first iteration of + // the while loop, image_histo_size - 2 at the second iteration ... + // therefore image_histo_size*(image_histo_size-1)/2 overall too + if (!HistoQueueInit(&histo_queue, image_histo_size * image_histo_size)) { goto End; } for (i = 0; i < image_histo_size; ++i) { - // Initialize clusters indexes. - clusters[i] = i; + if (image_histo->histograms[i] == NULL) continue; for (j = i + 1; j < image_histo_size; ++j) { - // Initialize positions array. + // Initialize queue. + if (image_histo->histograms[j] == NULL) continue; HistoQueuePush(&histo_queue, histograms, i, j, 0.); } } - while (image_histo_size > 1 && histo_queue.size > 0) { + while (histo_queue.size > 0) { const int idx1 = histo_queue.queue[0].idx1; const int idx2 = histo_queue.queue[0].idx2; HistogramAdd(histograms[idx2], histograms[idx1], histograms[idx1]); histograms[idx1]->bit_cost_ = histo_queue.queue[0].cost_combo; + // Remove merged histogram. - for (i = 0; i + 1 < image_histo_size; ++i) { - if (clusters[i] >= idx2) { - clusters[i] = clusters[i + 1]; - } - } - --image_histo_size; + HistogramSetRemoveHistogram(image_histo, idx2, num_used); // Remove pairs intersecting the just combined best pair. for (i = 0; i < histo_queue.size;) { @@ -856,24 +884,15 @@ static int HistogramCombineGreedy(VP8LHistogramSet* const image_histo) { } // Push new pairs formed with combined histogram to the queue. - for (i = 0; i < image_histo_size; ++i) { - if (clusters[i] != idx1) { - HistoQueuePush(&histo_queue, histograms, idx1, clusters[i], 0.); - } - } - } - // Move remaining histograms to the beginning of the array. - for (i = 0; i < image_histo_size; ++i) { - if (i != clusters[i]) { // swap the two histograms - HistogramSwap(&histograms[i], &histograms[clusters[i]]); + for (i = 0; i < image_histo->size; ++i) { + if (i == idx1 || image_histo->histograms[i] == NULL) continue; + HistoQueuePush(&histo_queue, image_histo->histograms, idx1, i, 0.); } } - image_histo->size = image_histo_size; ok = 1; End: - WebPSafeFree(clusters); HistoQueueClear(&histo_queue); return ok; } @@ -881,47 +900,69 @@ static int HistogramCombineGreedy(VP8LHistogramSet* const image_histo) { // Perform histogram aggregation using a stochastic approach. // 'do_greedy' is set to 1 if a greedy approach needs to be performed // afterwards, 0 otherwise. +static int PairComparison(const void* idx1, const void* idx2) { + // To be used with bsearch: <0 when *idx1<*idx2, >0 if >, 0 when ==. + return (*(int*) idx1 - *(int*) idx2); +} static int HistogramCombineStochastic(VP8LHistogramSet* const image_histo, - int min_cluster_size, + int* const num_used, int min_cluster_size, int* const do_greedy) { - int iter; + int j, iter; uint32_t seed = 1; int tries_with_no_success = 0; - int image_histo_size = image_histo->size; - const int outer_iters = image_histo_size; + const int outer_iters = *num_used; const int num_tries_no_success = outer_iters / 2; VP8LHistogram** const histograms = image_histo->histograms; - // Priority queue of histogram pairs. Its size of "kCostHeapSizeSqrt"^2 + // Priority queue of histogram pairs. Its size of 'kHistoQueueSize' // impacts the quality of the compression and the speed: the smaller the // faster but the worse for the compression. HistoQueue histo_queue; - const int kHistoQueueSizeSqrt = 3; + const int kHistoQueueSize = 9; int ok = 0; + // mapping from an index in image_histo with no NULL histogram to the full + // blown image_histo. + int* mappings; - if (!HistoQueueInit(&histo_queue, kHistoQueueSizeSqrt)) { + if (*num_used < min_cluster_size) { + *do_greedy = 1; + return 1; + } + + mappings = (int*) WebPSafeMalloc(*num_used, sizeof(*mappings)); + if (mappings == NULL || !HistoQueueInit(&histo_queue, kHistoQueueSize)) { goto End; } + // Fill the initial mapping. + for (j = 0, iter = 0; iter < image_histo->size; ++iter) { + if (histograms[iter] == NULL) continue; + mappings[j++] = iter; + } + assert(j == *num_used); + // Collapse similar histograms in 'image_histo'. - ++min_cluster_size; - for (iter = 0; iter < outer_iters && image_histo_size >= min_cluster_size && - ++tries_with_no_success < num_tries_no_success; + for (iter = 0; + iter < outer_iters && *num_used >= min_cluster_size && + ++tries_with_no_success < num_tries_no_success; ++iter) { + int* mapping_index; double best_cost = (histo_queue.size == 0) ? 0. : histo_queue.queue[0].cost_diff; int best_idx1 = -1, best_idx2 = 1; - int j; - const uint32_t rand_range = (image_histo_size - 1) * image_histo_size; - // image_histo_size / 2 was chosen empirically. Less means faster but worse + const uint32_t rand_range = (*num_used - 1) * (*num_used); + // (*num_used) / 2 was chosen empirically. Less means faster but worse // compression. - const int num_tries = image_histo_size / 2; + const int num_tries = (*num_used) / 2; - for (j = 0; j < num_tries; ++j) { + // Pick random samples. + for (j = 0; *num_used >= 2 && j < num_tries; ++j) { double curr_cost; // Choose two different histograms at random and try to combine them. const uint32_t tmp = MyRand(&seed) % rand_range; - const uint32_t idx1 = tmp / (image_histo_size - 1); - uint32_t idx2 = tmp % (image_histo_size - 1); + uint32_t idx1 = tmp / (*num_used - 1); + uint32_t idx2 = tmp % (*num_used - 1); if (idx2 >= idx1) ++idx2; + idx1 = mappings[idx1]; + idx2 = mappings[idx2]; // Calculate cost reduction on combination. curr_cost = @@ -934,18 +975,21 @@ static int HistogramCombineStochastic(VP8LHistogramSet* const image_histo, } if (histo_queue.size == 0) continue; - // Merge the two best histograms. + // Get the best histograms. best_idx1 = histo_queue.queue[0].idx1; best_idx2 = histo_queue.queue[0].idx2; assert(best_idx1 < best_idx2); - HistogramAddEval(histograms[best_idx1], histograms[best_idx2], - histograms[best_idx1], 0); - // Swap the best_idx2 histogram with the last one (which is now unused). - --image_histo_size; - if (best_idx2 != image_histo_size) { - HistogramSwap(&histograms[image_histo_size], &histograms[best_idx2]); - } - histograms[image_histo_size] = NULL; + // Pop best_idx2 from mappings. + mapping_index = (int*) bsearch(&best_idx2, mappings, *num_used, + sizeof(best_idx2), &PairComparison); + assert(mapping_index != NULL); + memmove(mapping_index, mapping_index + 1, sizeof(*mapping_index) * + ((*num_used) - (mapping_index - mappings) - 1)); + // Merge the histograms and remove best_idx2 from the queue. + HistogramAdd(histograms[best_idx2], histograms[best_idx1], + histograms[best_idx1]); + histograms[best_idx1]->bit_cost_ = histo_queue.queue[0].cost_combo; + HistogramSetRemoveHistogram(image_histo, best_idx2, num_used); // Parse the queue and update each pair that deals with best_idx1, // best_idx2 or image_histo_size. for (j = 0; j < histo_queue.size;) { @@ -968,12 +1012,6 @@ static int HistogramCombineStochastic(VP8LHistogramSet* const image_histo, p->idx2 = best_idx1; do_eval = 1; } - if (p->idx2 == image_histo_size) { - // No need to re-evaluate here as it does not involve a pair - // containing best_idx1 or best_idx2. - p->idx2 = best_idx2; - } - assert(p->idx2 < image_histo_size); // Make sure the index order is respected. if (p->idx1 > p->idx2) { const int tmp = p->idx2; @@ -991,15 +1029,14 @@ static int HistogramCombineStochastic(VP8LHistogramSet* const image_histo, HistoQueueUpdateHead(&histo_queue, p); ++j; } - tries_with_no_success = 0; } - image_histo->size = image_histo_size; - *do_greedy = (image_histo->size <= min_cluster_size); + *do_greedy = (*num_used <= min_cluster_size); ok = 1; End: HistoQueueClear(&histo_queue); + WebPSafeFree(mappings); return ok; } @@ -1007,23 +1044,29 @@ End: // Histogram refinement // Find the best 'out' histogram for each of the 'in' histograms. +// At call-time, 'out' contains the histograms of the clusters. // Note: we assume that out[]->bit_cost_ is already up-to-date. static void HistogramRemap(const VP8LHistogramSet* const in, - const VP8LHistogramSet* const out, + VP8LHistogramSet* const out, uint16_t* const symbols) { int i; VP8LHistogram** const in_histo = in->histograms; VP8LHistogram** const out_histo = out->histograms; - const int in_size = in->size; + const int in_size = out->max_size; const int out_size = out->size; if (out_size > 1) { for (i = 0; i < in_size; ++i) { int best_out = 0; double best_bits = MAX_COST; int k; + if (in_histo[i] == NULL) { + // Arbitrarily set to the previous value if unused to help future LZ77. + symbols[i] = symbols[i - 1]; + continue; + } for (k = 0; k < out_size; ++k) { - const double cur_bits = - HistogramAddThresh(out_histo[k], in_histo[i], best_bits); + double cur_bits; + cur_bits = HistogramAddThresh(out_histo[k], in_histo[i], best_bits); if (k == 0 || cur_bits < best_bits) { best_bits = cur_bits; best_out = k; @@ -1039,12 +1082,13 @@ static void HistogramRemap(const VP8LHistogramSet* const in, } // Recompute each out based on raw and symbols. - for (i = 0; i < out_size; ++i) { - HistogramClear(out_histo[i]); - } + VP8LHistogramSetClear(out); + out->size = out_size; for (i = 0; i < in_size; ++i) { - const int idx = symbols[i]; + int idx; + if (in_histo[i] == NULL) continue; + idx = symbols[i]; HistogramAdd(in_histo[i], out_histo[idx], out_histo[idx]); } } @@ -1060,6 +1104,70 @@ static double GetCombineCostFactor(int histo_size, int quality) { return combine_cost_factor; } +// Given a HistogramSet 'set', the mapping of clusters 'cluster_mapping' and the +// current assignment of the cells in 'symbols', merge the clusters and +// assign the smallest possible clusters values. +static void OptimizeHistogramSymbols(const VP8LHistogramSet* const set, + uint16_t* const cluster_mappings, + int num_clusters, + uint16_t* const cluster_mappings_tmp, + uint16_t* const symbols) { + int i, cluster_max; + int do_continue = 1; + // First, assign the lowest cluster to each pixel. + while (do_continue) { + do_continue = 0; + for (i = 0; i < num_clusters; ++i) { + int k; + k = cluster_mappings[i]; + while (k != cluster_mappings[k]) { + cluster_mappings[k] = cluster_mappings[cluster_mappings[k]]; + k = cluster_mappings[k]; + } + if (k != cluster_mappings[i]) { + do_continue = 1; + cluster_mappings[i] = k; + } + } + } + // Create a mapping from a cluster id to its minimal version. + cluster_max = 0; + memset(cluster_mappings_tmp, 0, + set->max_size * sizeof(*cluster_mappings_tmp)); + assert(cluster_mappings[0] == 0); + // Re-map the ids. + for (i = 0; i < set->max_size; ++i) { + int cluster; + if (symbols[i] == kInvalidHistogramSymbol) continue; + cluster = cluster_mappings[symbols[i]]; + assert(symbols[i] < num_clusters); + if (cluster > 0 && cluster_mappings_tmp[cluster] == 0) { + ++cluster_max; + cluster_mappings_tmp[cluster] = cluster_max; + } + symbols[i] = cluster_mappings_tmp[cluster]; + } + + // Make sure all cluster values are used. + cluster_max = 0; + for (i = 0; i < set->max_size; ++i) { + if (symbols[i] == kInvalidHistogramSymbol) continue; + if (symbols[i] <= cluster_max) continue; + ++cluster_max; + assert(symbols[i] == cluster_max); + } +} + +static void RemoveEmptyHistograms(VP8LHistogramSet* const image_histo) { + uint32_t size; + int i; + for (i = 0, size = 0; i < image_histo->size; ++i) { + if (image_histo->histograms[i] == NULL) continue; + image_histo->histograms[size++] = image_histo->histograms[i]; + } + image_histo->size = size; +} + int VP8LGetHistoImageSymbols(int xsize, int ysize, const VP8LBackwardRefs* const refs, int quality, int low_effort, @@ -1078,27 +1186,36 @@ int VP8LGetHistoImageSymbols(int xsize, int ysize, // maximum quality q==100 (to preserve the compression gains at that level). const int entropy_combine_num_bins = low_effort ? NUM_PARTITIONS : BIN_SIZE; int entropy_combine; - - if (orig_histo == NULL) goto Error; + uint16_t* const map_tmp = + WebPSafeMalloc(2 * image_histo_raw_size, sizeof(map_tmp)); + uint16_t* const cluster_mappings = map_tmp + image_histo_raw_size; + int num_used = image_histo_raw_size; + if (orig_histo == NULL || map_tmp == NULL) goto Error; // Construct the histograms from backward references. HistogramBuild(xsize, histo_bits, refs, orig_histo); // Copies the histograms and computes its bit_cost. - HistogramCopyAndAnalyze(orig_histo, image_histo); + // histogram_symbols is optimized + HistogramCopyAndAnalyze(orig_histo, image_histo, &num_used, + histogram_symbols); + entropy_combine = - (image_histo->size > entropy_combine_num_bins * 2) && (quality < 100); + (num_used > entropy_combine_num_bins * 2) && (quality < 100); + if (entropy_combine) { - const int bin_map_size = image_histo->size; - // Reuse histogram_symbols storage. By definition, it's guaranteed to be ok. - uint16_t* const bin_map = histogram_symbols; + uint16_t* const bin_map = map_tmp; const double combine_cost_factor = GetCombineCostFactor(image_histo_raw_size, quality); + const uint32_t num_clusters = num_used; HistogramAnalyzeEntropyBin(image_histo, bin_map, low_effort); // Collapse histograms with similar entropy. - HistogramCombineEntropyBin(image_histo, tmp_histo, bin_map, bin_map_size, + HistogramCombineEntropyBin(image_histo, &num_used, histogram_symbols, + cluster_mappings, tmp_histo, bin_map, entropy_combine_num_bins, combine_cost_factor, low_effort); + OptimizeHistogramSymbols(image_histo, cluster_mappings, num_clusters, + map_tmp, histogram_symbols); } // Don't combine the histograms using stochastic and greedy heuristics for @@ -1108,21 +1225,26 @@ int VP8LGetHistoImageSymbols(int xsize, int ysize, // cubic ramp between 1 and MAX_HISTO_GREEDY: const int threshold_size = (int)(1 + (x * x * x) * (MAX_HISTO_GREEDY - 1)); int do_greedy; - if (!HistogramCombineStochastic(image_histo, threshold_size, &do_greedy)) { + if (!HistogramCombineStochastic(image_histo, &num_used, threshold_size, + &do_greedy)) { goto Error; } - if (do_greedy && !HistogramCombineGreedy(image_histo)) { - goto Error; + if (do_greedy) { + RemoveEmptyHistograms(image_histo); + if (!HistogramCombineGreedy(image_histo, &num_used)) { + goto Error; + } } } - // TODO(vrabaud): Optimize HistogramRemap for low-effort compression mode. // Find the optimal map from original histograms to the final ones. + RemoveEmptyHistograms(image_histo); HistogramRemap(orig_histo, image_histo, histogram_symbols); ok = 1; Error: VP8LFreeHistogramSet(orig_histo); + WebPSafeFree(map_tmp); return ok; } diff --git a/thirdparty/libwebp/src/enc/predictor_enc.c b/thirdparty/libwebp/src/enc/predictor_enc.c index f3715f515e..802e89693e 100644 --- a/thirdparty/libwebp/src/enc/predictor_enc.c +++ b/thirdparty/libwebp/src/enc/predictor_enc.c @@ -177,12 +177,15 @@ static uint8_t NearLosslessComponent(uint8_t value, uint8_t predict, } } +static WEBP_INLINE uint8_t NearLosslessDiff(uint8_t a, uint8_t b) { + return (uint8_t)((((int)(a) - (int)(b))) & 0xff); +} + // Quantize every component of the difference between the actual pixel value and // its prediction to a multiple of a quantization (a power of 2, not larger than // max_quantization which is a power of 2, smaller than max_diff). Take care if // value and predict have undergone subtract green, which means that red and // blue are represented as offsets from green. -#define NEAR_LOSSLESS_DIFF(a, b) (uint8_t)((((int)(a) - (int)(b))) & 0xff) static uint32_t NearLossless(uint32_t value, uint32_t predict, int max_quantization, int max_diff, int used_subtract_green) { @@ -199,7 +202,7 @@ static uint32_t NearLossless(uint32_t value, uint32_t predict, } if ((value >> 24) == 0 || (value >> 24) == 0xff) { // Preserve transparency of fully transparent or fully opaque pixels. - a = NEAR_LOSSLESS_DIFF(value >> 24, predict >> 24); + a = NearLosslessDiff(value >> 24, predict >> 24); } else { a = NearLosslessComponent(value >> 24, predict >> 24, 0xff, quantization); } @@ -212,16 +215,15 @@ static uint32_t NearLossless(uint32_t value, uint32_t predict, // The amount by which green has been adjusted during quantization. It is // subtracted from red and blue for compensation, to avoid accumulating two // quantization errors in them. - green_diff = NEAR_LOSSLESS_DIFF(new_green, value >> 8); + green_diff = NearLosslessDiff(new_green, value >> 8); } - r = NearLosslessComponent(NEAR_LOSSLESS_DIFF(value >> 16, green_diff), + r = NearLosslessComponent(NearLosslessDiff(value >> 16, green_diff), (predict >> 16) & 0xff, 0xff - new_green, quantization); - b = NearLosslessComponent(NEAR_LOSSLESS_DIFF(value, green_diff), + b = NearLosslessComponent(NearLosslessDiff(value, green_diff), predict & 0xff, 0xff - new_green, quantization); return ((uint32_t)a << 24) | ((uint32_t)r << 16) | ((uint32_t)g << 8) | b; } -#undef NEAR_LOSSLESS_DIFF #endif // (WEBP_NEAR_LOSSLESS == 1) // Stores the difference between the pixel and its prediction in "out". diff --git a/thirdparty/libwebp/src/enc/quant_enc.c b/thirdparty/libwebp/src/enc/quant_enc.c index 35bfaf21ef..03c682e3ae 100644 --- a/thirdparty/libwebp/src/enc/quant_enc.c +++ b/thirdparty/libwebp/src/enc/quant_enc.c @@ -15,6 +15,7 @@ #include <math.h> #include <stdlib.h> // for abs() +#include "src/dsp/quant.h" #include "src/enc/vp8i_enc.h" #include "src/enc/cost_enc.h" @@ -977,19 +978,6 @@ static void SwapOut(VP8EncIterator* const it) { SwapPtr(&it->yuv_out_, &it->yuv_out2_); } -static score_t IsFlat(const int16_t* levels, int num_blocks, score_t thresh) { - score_t score = 0; - while (num_blocks-- > 0) { // TODO(skal): refine positional scoring? - int i; - for (i = 1; i < 16; ++i) { // omit DC, we're only interested in AC - score += (levels[i] != 0); - if (score > thresh) return 0; - } - levels += 16; - } - return 1; -} - static void PickBestIntra16(VP8EncIterator* const it, VP8ModeScore* rd) { const int kNumBlocks = 16; VP8SegmentInfo* const dqm = &it->enc_->dqm_[it->mb_->segment_]; diff --git a/thirdparty/libwebp/src/enc/vp8i_enc.h b/thirdparty/libwebp/src/enc/vp8i_enc.h index 92439febb8..3a1967da88 100644 --- a/thirdparty/libwebp/src/enc/vp8i_enc.h +++ b/thirdparty/libwebp/src/enc/vp8i_enc.h @@ -32,7 +32,7 @@ extern "C" { // version numbers #define ENC_MAJ_VERSION 1 #define ENC_MIN_VERSION 0 -#define ENC_REV_VERSION 1 +#define ENC_REV_VERSION 2 enum { MAX_LF_LEVELS = 64, // Maximum loop filter level MAX_VARIABLE_LEVEL = 67, // last (inclusive) level with variable cost diff --git a/thirdparty/libwebp/src/enc/vp8l_enc.c b/thirdparty/libwebp/src/enc/vp8l_enc.c index 2713edcd95..2efd403f77 100644 --- a/thirdparty/libwebp/src/enc/vp8l_enc.c +++ b/thirdparty/libwebp/src/enc/vp8l_enc.c @@ -462,6 +462,7 @@ static int GetHuffBitLengthsAndCodes( for (i = 0; i < histogram_image_size; ++i) { const VP8LHistogram* const histo = histogram_image->histograms[i]; HuffmanTreeCode* const codes = &huffman_codes[5 * i]; + assert(histo != NULL); for (k = 0; k < 5; ++k) { const int num_symbols = (k == 0) ? VP8LHistogramNumCodes(histo->palette_code_bits_) : diff --git a/thirdparty/libwebp/src/mux/muxi.h b/thirdparty/libwebp/src/mux/muxi.h index df9f74c63c..3e9d8c48d8 100644 --- a/thirdparty/libwebp/src/mux/muxi.h +++ b/thirdparty/libwebp/src/mux/muxi.h @@ -29,7 +29,7 @@ extern "C" { #define MUX_MAJ_VERSION 1 #define MUX_MIN_VERSION 0 -#define MUX_REV_VERSION 1 +#define MUX_REV_VERSION 2 // Chunk object. typedef struct WebPChunk WebPChunk; diff --git a/thirdparty/libwebp/src/utils/bit_writer_utils.c b/thirdparty/libwebp/src/utils/bit_writer_utils.c index f4f476ce3f..7f83b4c8a2 100644 --- a/thirdparty/libwebp/src/utils/bit_writer_utils.c +++ b/thirdparty/libwebp/src/utils/bit_writer_utils.c @@ -248,6 +248,7 @@ int VP8LBitWriterClone(const VP8LBitWriter* const src, dst->bits_ = src->bits_; dst->used_ = src->used_; dst->error_ = src->error_; + dst->cur_ = dst->buf_ + current_size; return 1; } diff --git a/thirdparty/libwebp/src/utils/utils.h b/thirdparty/libwebp/src/utils/utils.h index da97b5d38f..c7620f91ec 100644 --- a/thirdparty/libwebp/src/utils/utils.h +++ b/thirdparty/libwebp/src/utils/utils.h @@ -107,19 +107,6 @@ static WEBP_INLINE void PutLE32(uint8_t* const data, uint32_t val) { PutLE16(data + 2, (int)(val >> 16)); } -// Returns 31 ^ clz(n) = log2(n). This is the default C-implementation, either -// based on table or not. Can be used as fallback if clz() is not available. -#define WEBP_NEED_LOG_TABLE_8BIT -extern const uint8_t WebPLogTable8bit[256]; -static WEBP_INLINE int WebPLog2FloorC(uint32_t n) { - int log_value = 0; - while (n >= 256) { - log_value += 8; - n >>= 8; - } - return log_value + WebPLogTable8bit[n]; -} - // Returns (int)floor(log2(n)). n must be > 0. // use GNU builtins where available. #if defined(__GNUC__) && \ @@ -138,6 +125,19 @@ static WEBP_INLINE int BitsLog2Floor(uint32_t n) { return first_set_bit; } #else // default: use the C-version. +// Returns 31 ^ clz(n) = log2(n). This is the default C-implementation, either +// based on table or not. Can be used as fallback if clz() is not available. +#define WEBP_NEED_LOG_TABLE_8BIT +extern const uint8_t WebPLogTable8bit[256]; +static WEBP_INLINE int WebPLog2FloorC(uint32_t n) { + int log_value = 0; + while (n >= 256) { + log_value += 8; + n >>= 8; + } + return log_value + WebPLogTable8bit[n]; +} + static WEBP_INLINE int BitsLog2Floor(uint32_t n) { return WebPLog2FloorC(n); } #endif diff --git a/thirdparty/libwebp/src/webp/decode.h b/thirdparty/libwebp/src/webp/decode.h index 95d31e7619..ae8bfe840e 100644 --- a/thirdparty/libwebp/src/webp/decode.h +++ b/thirdparty/libwebp/src/webp/decode.h @@ -42,6 +42,12 @@ WEBP_EXTERN int WebPGetDecoderVersion(void); // This function will also validate the header, returning true on success, // false otherwise. '*width' and '*height' are only valid on successful return. // Pointers 'width' and 'height' can be passed NULL if deemed irrelevant. +// Note: The following chunk sequences (before the raw VP8/VP8L data) are +// considered valid by this function: +// RIFF + VP8(L) +// RIFF + VP8X + (optional chunks) + VP8(L) +// ALPH + VP8 <-- Not a valid WebP format: only allowed for internal purpose. +// VP8(L) <-- Not a valid WebP format: only allowed for internal purpose. WEBP_EXTERN int WebPGetInfo(const uint8_t* data, size_t data_size, int* width, int* height); @@ -425,6 +431,12 @@ WEBP_EXTERN VP8StatusCode WebPGetFeaturesInternal( // Returns VP8_STATUS_OK when the features are successfully retrieved. Returns // VP8_STATUS_NOT_ENOUGH_DATA when more data is needed to retrieve the // features from headers. Returns error in other cases. +// Note: The following chunk sequences (before the raw VP8/VP8L data) are +// considered valid by this function: +// RIFF + VP8(L) +// RIFF + VP8X + (optional chunks) + VP8(L) +// ALPH + VP8 <-- Not a valid WebP format: only allowed for internal purpose. +// VP8(L) <-- Not a valid WebP format: only allowed for internal purpose. static WEBP_INLINE VP8StatusCode WebPGetFeatures( const uint8_t* data, size_t data_size, WebPBitstreamFeatures* features) { diff --git a/thirdparty/libwebsockets/include/libwebsockets.h b/thirdparty/libwebsockets/include/libwebsockets.h new file mode 100644 index 0000000000..7cc5c28b78 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets.h @@ -0,0 +1,435 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +/** @file */ + +#ifndef LIBWEBSOCKET_H_3060898B846849FF9F88F5DB59B5950C +#define LIBWEBSOCKET_H_3060898B846849FF9F88F5DB59B5950C + +#ifdef __cplusplus +#include <cstddef> +#include <cstdarg> + +extern "C" { +#else +#include <stdarg.h> +#endif + +#include <string.h> +#include <stdlib.h> + +#include "lws_config.h" + +/* + * CARE: everything using cmake defines needs to be below here + */ + +#if defined(LWS_HAS_INTPTR_T) +#include <stdint.h> +#define lws_intptr_t intptr_t +#else +typedef unsigned long long lws_intptr_t; +#endif + +#if defined(WIN32) || defined(_WIN32) +#ifndef WIN32_LEAN_AND_MEAN +#define WIN32_LEAN_AND_MEAN +#endif + +#include <winsock2.h> +#include <ws2tcpip.h> +#include <stddef.h> +#include <basetsd.h> +#include <io.h> +#ifndef _WIN32_WCE +#include <fcntl.h> +#else +#define _O_RDONLY 0x0000 +#define O_RDONLY _O_RDONLY +#endif + +#define LWS_INLINE __inline +#define LWS_VISIBLE +#define LWS_WARN_UNUSED_RESULT +#define LWS_WARN_DEPRECATED +#define LWS_FORMAT(string_index) + +#if !defined(LWS_EXTERN) +#ifdef LWS_DLL +#ifdef LWS_INTERNAL +#define LWS_EXTERN extern __declspec(dllexport) +#else +#define LWS_EXTERN extern __declspec(dllimport) +#endif +#else +#define LWS_EXTERN +#endif +#endif + +#define LWS_INVALID_FILE INVALID_HANDLE_VALUE +#define LWS_O_RDONLY _O_RDONLY +#define LWS_O_WRONLY _O_WRONLY +#define LWS_O_CREAT _O_CREAT +#define LWS_O_TRUNC _O_TRUNC + +#ifndef __func__ +#define __func__ __FUNCTION__ +#endif + +#else /* NOT WIN32 */ +#include <unistd.h> +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) +#include <sys/capability.h> +#endif + +#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__QNX__) || defined(__OpenBSD__) +#include <sys/socket.h> +#include <netinet/in.h> +#endif + +#define LWS_INLINE inline +#define LWS_O_RDONLY O_RDONLY +#define LWS_O_WRONLY O_WRONLY +#define LWS_O_CREAT O_CREAT +#define LWS_O_TRUNC O_TRUNC + +#if !defined(LWS_PLAT_OPTEE) && !defined(OPTEE_TA) && !defined(LWS_WITH_ESP32) +#include <poll.h> +#include <netdb.h> +#define LWS_INVALID_FILE -1 +#else +#define getdtablesize() (30) +#if defined(LWS_WITH_ESP32) +#define LWS_INVALID_FILE NULL +#else +#define LWS_INVALID_FILE NULL +#endif +#endif + +#if defined(__GNUC__) + +/* warn_unused_result attribute only supported by GCC 3.4 or later */ +#if __GNUC__ >= 4 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4) +#define LWS_WARN_UNUSED_RESULT __attribute__((warn_unused_result)) +#else +#define LWS_WARN_UNUSED_RESULT +#endif + +#define LWS_VISIBLE __attribute__((visibility("default"))) +#define LWS_WARN_DEPRECATED __attribute__ ((deprecated)) +#define LWS_FORMAT(string_index) __attribute__ ((format(printf, string_index, string_index+1))) +#else +#define LWS_VISIBLE +#define LWS_WARN_UNUSED_RESULT +#define LWS_WARN_DEPRECATED +#define LWS_FORMAT(string_index) +#endif + +#if defined(__ANDROID__) +#include <netinet/in.h> +#include <unistd.h> +#define getdtablesize() sysconf(_SC_OPEN_MAX) +#endif + +#endif + +#if defined(LWS_WITH_LIBEV) +#include <ev.h> +#endif /* LWS_WITH_LIBEV */ +#ifdef LWS_WITH_LIBUV +#include <uv.h> +#ifdef LWS_HAVE_UV_VERSION_H +#include <uv-version.h> +#endif +#ifdef LWS_HAVE_NEW_UV_VERSION_H +#include <uv/version.h> +#endif +#endif /* LWS_WITH_LIBUV */ +#if defined(LWS_WITH_LIBEVENT) +#include <event2/event.h> +#endif /* LWS_WITH_LIBEVENT */ + +#ifndef LWS_EXTERN +#define LWS_EXTERN extern +#endif + +#ifdef _WIN32 +#define random rand +#else +#if !defined(OPTEE_TA) +#include <sys/time.h> +#include <unistd.h> +#endif +#endif + +#if defined(LWS_WITH_TLS) + +#ifdef USE_WOLFSSL +#ifdef USE_OLD_CYASSL +#ifdef _WIN32 +/* + * Include user-controlled settings for windows from + * <wolfssl-root>/IDE/WIN/user_settings.h + */ +#include <IDE/WIN/user_settings.h> +#include <cyassl/ctaocrypt/settings.h> +#else +#include <cyassl/options.h> +#endif +#include <cyassl/openssl/ssl.h> +#include <cyassl/error-ssl.h> + +#else +#ifdef _WIN32 +/* + * Include user-controlled settings for windows from + * <wolfssl-root>/IDE/WIN/user_settings.h + */ +#include <IDE/WIN/user_settings.h> +#include <wolfssl/wolfcrypt/settings.h> +#else +#include <wolfssl/options.h> +#endif +#include <wolfssl/openssl/ssl.h> +#include <wolfssl/error-ssl.h> +#endif /* not USE_OLD_CYASSL */ +#else +#if defined(LWS_WITH_MBEDTLS) +#if defined(LWS_WITH_ESP32) +/* this filepath is passed to us but without quotes or <> */ +#undef MBEDTLS_CONFIG_FILE +#define MBEDTLS_CONFIG_FILE <mbedtls/esp_config.h> +#endif +#include <mbedtls/ssl.h> +#else +#include <openssl/ssl.h> +#if !defined(LWS_WITH_MBEDTLS) +#include <openssl/err.h> +#endif +#endif +#endif /* not USE_WOLFSSL */ +#endif + +/* + * Helpers for pthread mutex in user code... if lws is built for + * multiple service threads, these resolve to pthread mutex + * operations. In the case LWS_MAX_SMP is 1 (the default), they + * are all NOPs and no pthread type or api is referenced. + */ + +#if LWS_MAX_SMP > 1 + +#include <pthread.h> + +#define lws_pthread_mutex(name) pthread_mutex_t name; + +static LWS_INLINE void +lws_pthread_mutex_init(pthread_mutex_t *lock) +{ + pthread_mutex_init(lock, NULL); +} + +static LWS_INLINE void +lws_pthread_mutex_destroy(pthread_mutex_t *lock) +{ + pthread_mutex_destroy(lock); +} + +static LWS_INLINE void +lws_pthread_mutex_lock(pthread_mutex_t *lock) +{ + pthread_mutex_lock(lock); +} + +static LWS_INLINE void +lws_pthread_mutex_unlock(pthread_mutex_t *lock) +{ + pthread_mutex_unlock(lock); +} + +#else +#define lws_pthread_mutex(name) +#define lws_pthread_mutex_init(_a) +#define lws_pthread_mutex_destroy(_a) +#define lws_pthread_mutex_lock(_a) +#define lws_pthread_mutex_unlock(_a) +#endif + + +#define CONTEXT_PORT_NO_LISTEN -1 +#define CONTEXT_PORT_NO_LISTEN_SERVER -2 + +#include <libwebsockets/lws-logs.h> + + +#include <stddef.h> + +#ifndef lws_container_of +#define lws_container_of(P,T,M) ((T *)((char *)(P) - offsetof(T, M))) +#endif + +struct lws; + +typedef int64_t lws_usec_t; + +/* api change list for user code to test against */ + +#define LWS_FEATURE_SERVE_HTTP_FILE_HAS_OTHER_HEADERS_ARG + +/* the struct lws_protocols has the id field present */ +#define LWS_FEATURE_PROTOCOLS_HAS_ID_FIELD + +/* you can call lws_get_peer_write_allowance */ +#define LWS_FEATURE_PROTOCOLS_HAS_PEER_WRITE_ALLOWANCE + +/* extra parameter introduced in 917f43ab821 */ +#define LWS_FEATURE_SERVE_HTTP_FILE_HAS_OTHER_HEADERS_LEN + +/* File operations stuff exists */ +#define LWS_FEATURE_FOPS + + +#if defined(_WIN32) +#if !defined(LWS_WIN32_HANDLE_TYPES) +typedef SOCKET lws_sockfd_type; +typedef HANDLE lws_filefd_type; +#endif + +struct lws_pollfd { + lws_sockfd_type fd; /**< file descriptor */ + SHORT events; /**< which events to respond to */ + SHORT revents; /**< which events happened */ +}; +#define LWS_POLLHUP (FD_CLOSE) +#define LWS_POLLIN (FD_READ | FD_ACCEPT) +#define LWS_POLLOUT (FD_WRITE) +#else + + +#if defined(LWS_WITH_ESP32) +#include <libwebsockets/lws-esp32.h> +#else +typedef int lws_sockfd_type; +typedef int lws_filefd_type; +#endif + +#define lws_pollfd pollfd +#define LWS_POLLHUP (POLLHUP|POLLERR) +#define LWS_POLLIN (POLLIN) +#define LWS_POLLOUT (POLLOUT) +#endif + + +#if (defined(WIN32) || defined(_WIN32)) && !defined(__MINGW32__) +/* ... */ +#define ssize_t SSIZE_T +#endif + +#if defined(WIN32) && defined(LWS_HAVE__STAT32I64) +#include <sys/types.h> +#include <sys/stat.h> +#endif + +#if defined(LWS_HAVE_STDINT_H) +#include <stdint.h> +#else +#if defined(WIN32) || defined(_WIN32) +/* !!! >:-[ */ +typedef unsigned __int32 uint32_t; +typedef unsigned __int16 uint16_t; +typedef unsigned __int8 uint8_t; +#else +typedef unsigned int uint32_t; +typedef unsigned short uint16_t; +typedef unsigned char uint8_t; +#endif +#endif + +typedef unsigned long long lws_filepos_t; +typedef long long lws_fileofs_t; +typedef uint32_t lws_fop_flags_t; + +/** struct lws_pollargs - argument structure for all external poll related calls + * passed in via 'in' */ +struct lws_pollargs { + lws_sockfd_type fd; /**< applicable socket descriptor */ + int events; /**< the new event mask */ + int prev_events; /**< the previous event mask */ +}; + +struct lws_extension; /* needed even with ws exts disabled for create context */ +struct lws_token_limits; +struct lws_context; +struct lws_tokens; +struct lws_vhost; +struct lws; + +#include <libwebsockets/lws-ws-close.h> +#include <libwebsockets/lws-callbacks.h> +#include <libwebsockets/lws-ws-state.h> +#include <libwebsockets/lws-ws-ext.h> +#include <libwebsockets/lws-protocols-plugins.h> +#include <libwebsockets/lws-plugin-generic-sessions.h> +#include <libwebsockets/lws-context-vhost.h> +#include <libwebsockets/lws-client.h> +#include <libwebsockets/lws-http.h> +#include <libwebsockets/lws-spa.h> +#include <libwebsockets/lws-purify.h> +#include <libwebsockets/lws-timeout-timer.h> +#include <libwebsockets/lws-service.h> +#include <libwebsockets/lws-write.h> +#include <libwebsockets/lws-writeable.h> +#include <libwebsockets/lws-adopt.h> +#include <libwebsockets/lws-network-helper.h> +#include <libwebsockets/lws-misc.h> +#include <libwebsockets/lws-ring.h> +#include <libwebsockets/lws-sha1-base64.h> +#include <libwebsockets/lws-x509.h> +#include <libwebsockets/lws-cgi.h> +#include <libwebsockets/lws-vfs.h> +#include <libwebsockets/lws-lejp.h> +#include <libwebsockets/lws-stats.h> +#include <libwebsockets/lws-threadpool.h> +#include <libwebsockets/lws-tokenize.h> +#include <libwebsockets/lws-lwsac.h> +#include <libwebsockets/lws-fts.h> +#include <libwebsockets/lws-diskcache.h> + +#if defined(LWS_WITH_TLS) + +#if defined(LWS_WITH_MBEDTLS) +#include <mbedtls/sha1.h> +#include <mbedtls/sha256.h> +#include <mbedtls/sha512.h> +#endif + +#include <libwebsockets/lws-genhash.h> +#include <libwebsockets/lws-genrsa.h> +#include <libwebsockets/lws-jwk.h> +#include <libwebsockets/lws-jws.h> + +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-adopt.h b/thirdparty/libwebsockets/include/libwebsockets/lws-adopt.h new file mode 100644 index 0000000000..256e3f9fdf --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-adopt.h @@ -0,0 +1,185 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup sock-adopt Socket adoption helpers + * ##Socket adoption helpers + * + * When integrating with an external app with its own event loop, these can + * be used to accept connections from someone else's listening socket. + * + * When using lws own event loop, these are not needed. + */ +///@{ + +/** + * lws_adopt_socket() - adopt foreign socket as if listen socket accepted it + * for the default vhost of context. + * + * \param context: lws context + * \param accept_fd: fd of already-accepted socket to adopt + * + * Either returns new wsi bound to accept_fd, or closes accept_fd and + * returns NULL, having cleaned up any new wsi pieces. + * + * LWS adopts the socket in http serving mode, it's ready to accept an upgrade + * to ws or just serve http. + */ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd); +/** + * lws_adopt_socket_vhost() - adopt foreign socket as if listen socket accepted + * it for vhost + * + * \param vh: lws vhost + * \param accept_fd: fd of already-accepted socket to adopt + * + * Either returns new wsi bound to accept_fd, or closes accept_fd and + * returns NULL, having cleaned up any new wsi pieces. + * + * LWS adopts the socket in http serving mode, it's ready to accept an upgrade + * to ws or just serve http. + */ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd); + +typedef enum { + LWS_ADOPT_RAW_FILE_DESC = 0, /* convenience constant */ + LWS_ADOPT_HTTP = 1, /* flag: absent implies RAW */ + LWS_ADOPT_SOCKET = 2, /* flag: absent implies file descr */ + LWS_ADOPT_ALLOW_SSL = 4, /* flag: if set requires LWS_ADOPT_SOCKET */ + LWS_ADOPT_FLAG_UDP = 16, /* flag: socket is UDP */ + + LWS_ADOPT_RAW_SOCKET_UDP = LWS_ADOPT_SOCKET | LWS_ADOPT_FLAG_UDP, +} lws_adoption_type; + +typedef union { + lws_sockfd_type sockfd; + lws_filefd_type filefd; +} lws_sock_file_fd_type; + +#if !defined(LWS_WITH_ESP32) +struct lws_udp { + struct sockaddr sa; + socklen_t salen; + + struct sockaddr sa_pending; + socklen_t salen_pending; +}; +#endif + +/* +* lws_adopt_descriptor_vhost() - adopt foreign socket or file descriptor +* if socket descriptor, should already have been accepted from listen socket +* +* \param vhost: lws vhost +* \param type: OR-ed combinations of lws_adoption_type flags +* \param fd: union with either .sockfd or .filefd set +* \param vh_prot_name: NULL or vh protocol name to bind raw connection to +* \param parent: NULL or struct lws to attach new_wsi to as a child +* +* Either returns new wsi bound to accept_fd, or closes accept_fd and +* returns NULL, having cleaned up any new wsi pieces. +* +* If LWS_ADOPT_SOCKET is set, LWS adopts the socket in http serving mode, it's +* ready to accept an upgrade to ws or just serve http. +* +* parent may be NULL, if given it should be an existing wsi that will become the +* parent of the new wsi created by this call. +*/ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_adopt_descriptor_vhost(struct lws_vhost *vh, lws_adoption_type type, + lws_sock_file_fd_type fd, const char *vh_prot_name, + struct lws *parent); + +/** + * lws_adopt_socket_readbuf() - adopt foreign socket and first rx as if listen socket accepted it + * for the default vhost of context. + * \param context: lws context + * \param accept_fd: fd of already-accepted socket to adopt + * \param readbuf: NULL or pointer to data that must be drained before reading from + * accept_fd + * \param len: The length of the data held at \param readbuf + * + * Either returns new wsi bound to accept_fd, or closes accept_fd and + * returns NULL, having cleaned up any new wsi pieces. + * + * LWS adopts the socket in http serving mode, it's ready to accept an upgrade + * to ws or just serve http. + * + * If your external code did not already read from the socket, you can use + * lws_adopt_socket() instead. + * + * This api is guaranteed to use the data at \param readbuf first, before reading from + * the socket. + * + * readbuf is limited to the size of the ah rx buf, currently 2048 bytes. + */ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd, + const char *readbuf, size_t len); +/** + * lws_adopt_socket_vhost_readbuf() - adopt foreign socket and first rx as if listen socket + * accepted it for vhost. + * \param vhost: lws vhost + * \param accept_fd: fd of already-accepted socket to adopt + * \param readbuf: NULL or pointer to data that must be drained before + * reading from accept_fd + * \param len: The length of the data held at \param readbuf + * + * Either returns new wsi bound to accept_fd, or closes accept_fd and + * returns NULL, having cleaned up any new wsi pieces. + * + * LWS adopts the socket in http serving mode, it's ready to accept an upgrade + * to ws or just serve http. + * + * If your external code did not already read from the socket, you can use + * lws_adopt_socket() instead. + * + * This api is guaranteed to use the data at \param readbuf first, before reading from + * the socket. + * + * readbuf is limited to the size of the ah rx buf, currently 2048 bytes. + */ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_adopt_socket_vhost_readbuf(struct lws_vhost *vhost, + lws_sockfd_type accept_fd, const char *readbuf, + size_t len); + +#define LWS_CAUDP_BIND 1 + +/** + * lws_create_adopt_udp() - create, bind and adopt a UDP socket + * + * \param vhost: lws vhost + * \param port: UDP port to bind to, -1 means unbound + * \param flags: 0 or LWS_CAUDP_NO_BIND + * \param protocol_name: Name of protocol on vhost to bind wsi to + * \param parent_wsi: NULL or parent wsi new wsi will be a child of + * + * Either returns new wsi bound to accept_fd, or closes accept_fd and + * returns NULL, having cleaned up any new wsi pieces. + * */ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_create_adopt_udp(struct lws_vhost *vhost, int port, int flags, + const char *protocol_name, struct lws *parent_wsi); +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-callbacks.h b/thirdparty/libwebsockets/include/libwebsockets/lws-callbacks.h new file mode 100644 index 0000000000..8b49218e9c --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-callbacks.h @@ -0,0 +1,807 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup usercb User Callback + * + * ##User protocol callback + * + * The protocol callback is the primary way lws interacts with + * user code. For one of a list of a few dozen reasons the callback gets + * called at some event to be handled. + * + * All of the events can be ignored, returning 0 is taken as "OK" and returning + * nonzero in most cases indicates that the connection should be closed. + */ +///@{ + +struct lws_ssl_info { + int where; + int ret; +}; + +enum lws_cert_update_state { + LWS_CUS_IDLE, + LWS_CUS_STARTING, + LWS_CUS_SUCCESS, + LWS_CUS_FAILED, + + LWS_CUS_CREATE_KEYS, + LWS_CUS_REG, + LWS_CUS_AUTH, + LWS_CUS_CHALLENGE, + LWS_CUS_CREATE_REQ, + LWS_CUS_REQ, + LWS_CUS_CONFIRM, + LWS_CUS_ISSUE, +}; + +enum { + LWS_TLS_REQ_ELEMENT_COUNTRY, + LWS_TLS_REQ_ELEMENT_STATE, + LWS_TLS_REQ_ELEMENT_LOCALITY, + LWS_TLS_REQ_ELEMENT_ORGANIZATION, + LWS_TLS_REQ_ELEMENT_COMMON_NAME, + LWS_TLS_REQ_ELEMENT_EMAIL, + + LWS_TLS_REQ_ELEMENT_COUNT, + + LWS_TLS_SET_DIR_URL = LWS_TLS_REQ_ELEMENT_COUNT, + LWS_TLS_SET_AUTH_PATH, + LWS_TLS_SET_CERT_PATH, + LWS_TLS_SET_KEY_PATH, + + LWS_TLS_TOTAL_COUNT +}; + +struct lws_acme_cert_aging_args { + struct lws_vhost *vh; + const char *element_overrides[LWS_TLS_TOTAL_COUNT]; /* NULL = use pvo */ +}; + +/* + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ +/** enum lws_callback_reasons - reason you're getting a protocol callback */ +enum lws_callback_reasons { + + /* --------------------------------------------------------------------- + * ----- Callbacks related to wsi and protocol binding lifecycle ----- + */ + + LWS_CALLBACK_PROTOCOL_INIT = 27, + /**< One-time call per protocol, per-vhost using it, so it can + * do initial setup / allocations etc */ + + LWS_CALLBACK_PROTOCOL_DESTROY = 28, + /**< One-time call per protocol, per-vhost using it, indicating + * this protocol won't get used at all after this callback, the + * vhost is getting destroyed. Take the opportunity to + * deallocate everything that was allocated by the protocol. */ + + LWS_CALLBACK_WSI_CREATE = 29, + /**< outermost (earliest) wsi create notification to protocols[0] */ + + LWS_CALLBACK_WSI_DESTROY = 30, + /**< outermost (latest) wsi destroy notification to protocols[0] */ + + + /* --------------------------------------------------------------------- + * ----- Callbacks related to Server TLS ----- + */ + + LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS = 21, + /**< if configured for + * including OpenSSL support, this callback allows your user code + * to perform extra SSL_CTX_load_verify_locations() or similar + * calls to direct OpenSSL where to find certificates the client + * can use to confirm the remote server identity. user is the + * OpenSSL SSL_CTX* */ + + LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS = 22, + /**< if configured for + * including OpenSSL support, this callback allows your user code + * to load extra certificates into the server which allow it to + * verify the validity of certificates returned by clients. user + * is the server's OpenSSL SSL_CTX* and in is the lws_vhost */ + + LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION = 23, + /**< if the libwebsockets vhost was created with the option + * LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT, then this + * callback is generated during OpenSSL verification of the cert + * sent from the client. It is sent to protocol[0] callback as + * no protocol has been negotiated on the connection yet. + * Notice that the libwebsockets context and wsi are both NULL + * during this callback. See + * http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html + * to understand more detail about the OpenSSL callback that + * generates this libwebsockets callback and the meanings of the + * arguments passed. In this callback, user is the x509_ctx, + * in is the ssl pointer and len is preverify_ok + * Notice that this callback maintains libwebsocket return + * conventions, return 0 to mean the cert is OK or 1 to fail it. + * This also means that if you don't handle this callback then + * the default callback action of returning 0 allows the client + * certificates. */ + + LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY = 37, + /**< if configured for including OpenSSL support but no private key + * file has been specified (ssl_private_key_filepath is NULL), this is + * called to allow the user to set the private key directly via + * libopenssl and perform further operations if required; this might be + * useful in situations where the private key is not directly accessible + * by the OS, for example if it is stored on a smartcard. + * user is the server's OpenSSL SSL_CTX* */ + + LWS_CALLBACK_SSL_INFO = 67, + /**< SSL connections only. An event you registered an + * interest in at the vhost has occurred on a connection + * using the vhost. in is a pointer to a + * struct lws_ssl_info containing information about the + * event*/ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to Client TLS ----- + */ + + LWS_CALLBACK_OPENSSL_PERFORM_SERVER_CERT_VERIFICATION = 58, + /**< Similar to LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION + * this callback is called during OpenSSL verification of the cert + * sent from the server to the client. It is sent to protocol[0] + * callback as no protocol has been negotiated on the connection yet. + * Notice that the wsi is set because lws_client_connect_via_info was + * successful. + * + * See http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html + * to understand more detail about the OpenSSL callback that + * generates this libwebsockets callback and the meanings of the + * arguments passed. In this callback, user is the x509_ctx, + * in is the ssl pointer and len is preverify_ok. + * + * THIS IS NOT RECOMMENDED BUT if a cert validation error shall be + * overruled and cert shall be accepted as ok, + * X509_STORE_CTX_set_error((X509_STORE_CTX*)user, X509_V_OK); must be + * called and return value must be 0 to mean the cert is OK; + * returning 1 will fail the cert in any case. + * + * This also means that if you don't handle this callback then + * the default callback action of returning 0 will not accept the + * certificate in case of a validation error decided by the SSL lib. + * + * This is expected and secure behaviour when validating certificates. + * + * Note: LCCSCF_ALLOW_SELFSIGNED and + * LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK still work without this + * callback being implemented. + */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to HTTP Server ----- + */ + + LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED = 19, + /**< A new client has been accepted by the ws server. This + * callback allows setting any relevant property to it. Because this + * happens immediately after the instantiation of a new client, + * there's no websocket protocol selected yet so this callback is + * issued only to protocol 0. Only wsi is defined, pointing to the + * new client, and the return value is ignored. */ + + LWS_CALLBACK_HTTP = 12, + /**< an http request has come from a client that is not + * asking to upgrade the connection to a websocket + * one. This is a chance to serve http content, + * for example, to send a script to the client + * which will then open the websockets connection. + * in points to the URI path requested and + * lws_serve_http_file() makes it very + * simple to send back a file to the client. + * Normally after sending the file you are done + * with the http connection, since the rest of the + * activity will come by websockets from the script + * that was delivered by http, so you will want to + * return 1; to close and free up the connection. */ + + LWS_CALLBACK_HTTP_BODY = 13, + /**< the next len bytes data from the http + * request body HTTP connection is now available in in. */ + + LWS_CALLBACK_HTTP_BODY_COMPLETION = 14, + /**< the expected amount of http request body has been delivered */ + + LWS_CALLBACK_HTTP_FILE_COMPLETION = 15, + /**< a file requested to be sent down http link has completed. */ + + LWS_CALLBACK_HTTP_WRITEABLE = 16, + /**< you can write more down the http protocol link now. */ + + LWS_CALLBACK_CLOSED_HTTP = 5, + /**< when a HTTP (non-websocket) session ends */ + + LWS_CALLBACK_FILTER_HTTP_CONNECTION = 18, + /**< called when the request has + * been received and parsed from the client, but the response is + * not sent yet. Return non-zero to disallow the connection. + * user is a pointer to the connection user space allocation, + * in is the URI, eg, "/" + * In your handler you can use the public APIs + * lws_hdr_total_length() / lws_hdr_copy() to access all of the + * headers using the header enums lws_token_indexes from + * libwebsockets.h to check for and read the supported header + * presence and content before deciding to allow the http + * connection to proceed or to kill the connection. */ + + LWS_CALLBACK_ADD_HEADERS = 53, + /**< This gives your user code a chance to add headers to a server + * transaction bound to your protocol. `in` points to a + * `struct lws_process_html_args` describing a buffer and length + * you can add headers into using the normal lws apis. + * + * (see LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER to add headers to + * a client transaction) + * + * Only `args->p` and `args->len` are valid, and `args->p` should + * be moved on by the amount of bytes written, if any. Eg + * + * case LWS_CALLBACK_ADD_HEADERS: + * + * struct lws_process_html_args *args = + * (struct lws_process_html_args *)in; + * + * if (lws_add_http_header_by_name(wsi, + * (unsigned char *)"set-cookie:", + * (unsigned char *)cookie, cookie_len, + * (unsigned char **)&args->p, + * (unsigned char *)args->p + args->max_len)) + * return 1; + * + * break; + */ + + LWS_CALLBACK_CHECK_ACCESS_RIGHTS = 51, + /**< This gives the user code a chance to forbid an http access. + * `in` points to a `struct lws_process_html_args`, which + * describes the URL, and a bit mask describing the type of + * authentication required. If the callback returns nonzero, + * the transaction ends with HTTP_STATUS_UNAUTHORIZED. */ + + LWS_CALLBACK_PROCESS_HTML = 52, + /**< This gives your user code a chance to mangle outgoing + * HTML. `in` points to a `struct lws_process_html_args` + * which describes the buffer containing outgoing HTML. + * The buffer may grow up to `.max_len` (currently +128 + * bytes per buffer). + */ + + LWS_CALLBACK_HTTP_BIND_PROTOCOL = 49, + /**< By default, all HTTP handling is done in protocols[0]. + * However you can bind different protocols (by name) to + * different parts of the URL space using callback mounts. This + * callback occurs in the new protocol when a wsi is bound + * to that protocol. Any protocol allocation related to the + * http transaction processing should be created then. + * These specific callbacks are necessary because with HTTP/1.1, + * a single connection may perform at series of different + * transactions at different URLs, thus the lifetime of the + * protocol bind is just for one transaction, not connection. */ + + LWS_CALLBACK_HTTP_DROP_PROTOCOL = 50, + /**< This is called when a transaction is unbound from a protocol. + * It indicates the connection completed its transaction and may + * do something different now. Any protocol allocation related + * to the http transaction processing should be destroyed. */ + + LWS_CALLBACK_HTTP_CONFIRM_UPGRADE = 86, + /**< This is your chance to reject an HTTP upgrade action. The + * name of the protocol being upgraded to is in 'in', and the ah + * is still bound to the wsi, so you can look at the headers. + * + * The default of returning 0 (ie, also if not handled) means the + * upgrade may proceed. Return <0 to just hang up the connection, + * or >0 if you have rejected the connection by returning http headers + * and response code yourself. + * + * There is no need for you to call transaction_completed() as the + * caller will take care of it when it sees you returned >0. + */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to HTTP Client ----- + */ + + LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP = 44, + /**< The HTTP client connection has succeeded, and is now + * connected to the server */ + + LWS_CALLBACK_CLOSED_CLIENT_HTTP = 45, + /**< The HTTP client connection is closing */ + + LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ = 48, + /**< This is generated by lws_http_client_read() used to drain + * incoming data. In the case the incoming data was chunked, it will + * be split into multiple smaller callbacks for each chunk block, + * removing the chunk headers. If not chunked, it will appear all in + * one callback. */ + + LWS_CALLBACK_RECEIVE_CLIENT_HTTP = 46, + /**< This simply indicates data was received on the HTTP client + * connection. It does NOT drain or provide the data. + * This exists to neatly allow a proxying type situation, + * where this incoming data will go out on another connection. + * If the outgoing connection stalls, we should stall processing + * the incoming data. So a handler for this in that case should + * simply set a flag to indicate there is incoming data ready + * and ask for a writeable callback on the outgoing connection. + * In the writable callback he can check the flag and then get + * and drain the waiting incoming data using lws_http_client_read(). + * This will use callbacks to LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ + * to get and drain the incoming data, where it should be sent + * back out on the outgoing connection. */ + LWS_CALLBACK_COMPLETED_CLIENT_HTTP = 47, + /**< The client transaction completed... at the moment this + * is the same as closing since transaction pipelining on + * client side is not yet supported. */ + + LWS_CALLBACK_CLIENT_HTTP_WRITEABLE = 57, + /**< when doing an HTTP type client connection, you can call + * lws_client_http_body_pending(wsi, 1) from + * LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER to get these callbacks + * sending the HTTP headers. + * + * From this callback, when you have sent everything, you should let + * lws know by calling lws_client_http_body_pending(wsi, 0) + */ + + LWS_CALLBACK_CLIENT_HTTP_BIND_PROTOCOL = 85, + LWS_CALLBACK_CLIENT_HTTP_DROP_PROTOCOL = 76, + + /* --------------------------------------------------------------------- + * ----- Callbacks related to Websocket Server ----- + */ + + LWS_CALLBACK_ESTABLISHED = 0, + /**< (VH) after the server completes a handshake with an incoming + * client. If you built the library with ssl support, in is a + * pointer to the ssl struct associated with the connection or NULL. + * + * b0 of len is set if the connection was made using ws-over-h2 + */ + + LWS_CALLBACK_CLOSED = 4, + /**< when the websocket session ends */ + + LWS_CALLBACK_SERVER_WRITEABLE = 11, + /**< See LWS_CALLBACK_CLIENT_WRITEABLE */ + + LWS_CALLBACK_RECEIVE = 6, + /**< data has appeared for this server endpoint from a + * remote client, it can be found at *in and is + * len bytes long */ + + LWS_CALLBACK_RECEIVE_PONG = 7, + /**< servers receive PONG packets with this callback reason */ + + LWS_CALLBACK_WS_PEER_INITIATED_CLOSE = 38, + /**< The peer has sent an unsolicited Close WS packet. in and + * len are the optional close code (first 2 bytes, network + * order) and the optional additional information which is not + * defined in the standard, and may be a string or non human-readable + * data. + * If you return 0 lws will echo the close and then close the + * connection. If you return nonzero lws will just close the + * connection. */ + + LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION = 20, + /**< called when the handshake has + * been received and parsed from the client, but the response is + * not sent yet. Return non-zero to disallow the connection. + * user is a pointer to the connection user space allocation, + * in is the requested protocol name + * In your handler you can use the public APIs + * lws_hdr_total_length() / lws_hdr_copy() to access all of the + * headers using the header enums lws_token_indexes from + * libwebsockets.h to check for and read the supported header + * presence and content before deciding to allow the handshake + * to proceed or to kill the connection. */ + + LWS_CALLBACK_CONFIRM_EXTENSION_OKAY = 25, + /**< When the server handshake code + * sees that it does support a requested extension, before + * accepting the extension by additing to the list sent back to + * the client it gives this callback just to check that it's okay + * to use that extension. It calls back to the requested protocol + * and with in being the extension name, len is 0 and user is + * valid. Note though at this time the ESTABLISHED callback hasn't + * happened yet so if you initialize user content there, user + * content during this callback might not be useful for anything. */ + + LWS_CALLBACK_WS_SERVER_BIND_PROTOCOL = 77, + LWS_CALLBACK_WS_SERVER_DROP_PROTOCOL = 78, + + /* --------------------------------------------------------------------- + * ----- Callbacks related to Websocket Client ----- + */ + + LWS_CALLBACK_CLIENT_CONNECTION_ERROR = 1, + /**< the request client connection has been unable to complete a + * handshake with the remote server. If in is non-NULL, you can + * find an error string of length len where it points to + * + * Diagnostic strings that may be returned include + * + * "getaddrinfo (ipv6) failed" + * "unknown address family" + * "getaddrinfo (ipv4) failed" + * "set socket opts failed" + * "insert wsi failed" + * "lws_ssl_client_connect1 failed" + * "lws_ssl_client_connect2 failed" + * "Peer hung up" + * "read failed" + * "HS: URI missing" + * "HS: Redirect code but no Location" + * "HS: URI did not parse" + * "HS: Redirect failed" + * "HS: Server did not return 200" + * "HS: OOM" + * "HS: disallowed by client filter" + * "HS: disallowed at ESTABLISHED" + * "HS: ACCEPT missing" + * "HS: ws upgrade response not 101" + * "HS: UPGRADE missing" + * "HS: Upgrade to something other than websocket" + * "HS: CONNECTION missing" + * "HS: UPGRADE malformed" + * "HS: PROTOCOL malformed" + * "HS: Cannot match protocol" + * "HS: EXT: list too big" + * "HS: EXT: failed setting defaults" + * "HS: EXT: failed parsing defaults" + * "HS: EXT: failed parsing options" + * "HS: EXT: Rejects server options" + * "HS: EXT: unknown ext" + * "HS: Accept hash wrong" + * "HS: Rejected by filter cb" + * "HS: OOM" + * "HS: SO_SNDBUF failed" + * "HS: Rejected at CLIENT_ESTABLISHED" + */ + + LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH = 2, + /**< this is the last chance for the client user code to examine the + * http headers and decide to reject the connection. If the + * content in the headers is interesting to the + * client (url, etc) it needs to copy it out at + * this point since it will be destroyed before + * the CLIENT_ESTABLISHED call */ + + LWS_CALLBACK_CLIENT_ESTABLISHED = 3, + /**< after your client connection completed the websocket upgrade + * handshake with the remote server */ + + LWS_CALLBACK_CLIENT_CLOSED = 75, + /**< when a client websocket session ends */ + + LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER = 24, + /**< this callback happens + * when a client handshake is being compiled. user is NULL, + * in is a char **, it's pointing to a char * which holds the + * next location in the header buffer where you can add + * headers, and len is the remaining space in the header buffer, + * which is typically some hundreds of bytes. So, to add a canned + * cookie, your handler code might look similar to: + * + * char **p = (char **)in, *end = (*p) + len; + * + * if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_COOKIE, + * (unsigned char)"a=b", 3, p, end)) + * return -1; + * + * See LWS_CALLBACK_ADD_HEADERS for adding headers to server + * transactions. + */ + + LWS_CALLBACK_CLIENT_RECEIVE = 8, + /**< data has appeared from the server for the client connection, it + * can be found at *in and is len bytes long */ + + LWS_CALLBACK_CLIENT_RECEIVE_PONG = 9, + /**< clients receive PONG packets with this callback reason */ + + LWS_CALLBACK_CLIENT_WRITEABLE = 10, + /**< If you call lws_callback_on_writable() on a connection, you will + * get one of these callbacks coming when the connection socket + * is able to accept another write packet without blocking. + * If it already was able to take another packet without blocking, + * you'll get this callback at the next call to the service loop + * function. Notice that CLIENTs get LWS_CALLBACK_CLIENT_WRITEABLE + * and servers get LWS_CALLBACK_SERVER_WRITEABLE. */ + + LWS_CALLBACK_CLIENT_CONFIRM_EXTENSION_SUPPORTED = 26, + /**< When a ws client + * connection is being prepared to start a handshake to a server, + * each supported extension is checked with protocols[0] callback + * with this reason, giving the user code a chance to suppress the + * claim to support that extension by returning non-zero. If + * unhandled, by default 0 will be returned and the extension + * support included in the header to the server. Notice this + * callback comes to protocols[0]. */ + + LWS_CALLBACK_WS_EXT_DEFAULTS = 39, + /**< Gives client connections an opportunity to adjust negotiated + * extension defaults. `user` is the extension name that was + * negotiated (eg, "permessage-deflate"). `in` points to a + * buffer and `len` is the buffer size. The user callback can + * set the buffer to a string describing options the extension + * should parse. Or just ignore for defaults. */ + + + LWS_CALLBACK_FILTER_NETWORK_CONNECTION = 17, + /**< called when a client connects to + * the server at network level; the connection is accepted but then + * passed to this callback to decide whether to hang up immediately + * or not, based on the client IP. in contains the connection + * socket's descriptor. Since the client connection information is + * not available yet, wsi still pointing to the main server socket. + * Return non-zero to terminate the connection before sending or + * receiving anything. Because this happens immediately after the + * network connection from the client, there's no websocket protocol + * selected yet so this callback is issued only to protocol 0. */ + + LWS_CALLBACK_WS_CLIENT_BIND_PROTOCOL = 79, + LWS_CALLBACK_WS_CLIENT_DROP_PROTOCOL = 80, + + /* --------------------------------------------------------------------- + * ----- Callbacks related to external poll loop integration ----- + */ + + LWS_CALLBACK_GET_THREAD_ID = 31, + /**< lws can accept callback when writable requests from other + * threads, if you implement this callback and return an opaque + * current thread ID integer. */ + + /* external poll() management support */ + LWS_CALLBACK_ADD_POLL_FD = 32, + /**< lws normally deals with its poll() or other event loop + * internally, but in the case you are integrating with another + * server you will need to have lws sockets share a + * polling array with the other server. This and the other + * POLL_FD related callbacks let you put your specialized + * poll array interface code in the callback for protocol 0, the + * first protocol you support, usually the HTTP protocol in the + * serving case. + * This callback happens when a socket needs to be + * added to the polling loop: in points to a struct + * lws_pollargs; the fd member of the struct is the file + * descriptor, and events contains the active events + * + * If you are using the internal lws polling / event loop + * you can just ignore these callbacks. */ + + LWS_CALLBACK_DEL_POLL_FD = 33, + /**< This callback happens when a socket descriptor + * needs to be removed from an external polling array. in is + * again the struct lws_pollargs containing the fd member + * to be removed. If you are using the internal polling + * loop, you can just ignore it. */ + + LWS_CALLBACK_CHANGE_MODE_POLL_FD = 34, + /**< This callback happens when lws wants to modify the events for + * a connection. + * in is the struct lws_pollargs with the fd to change. + * The new event mask is in events member and the old mask is in + * the prev_events member. + * If you are using the internal polling loop, you can just ignore + * it. */ + + LWS_CALLBACK_LOCK_POLL = 35, + /**< These allow the external poll changes driven + * by lws to participate in an external thread locking + * scheme around the changes, so the whole thing is threadsafe. + * These are called around three activities in the library, + * - inserting a new wsi in the wsi / fd table (len=1) + * - deleting a wsi from the wsi / fd table (len=1) + * - changing a wsi's POLLIN/OUT state (len=0) + * Locking and unlocking external synchronization objects when + * len == 1 allows external threads to be synchronized against + * wsi lifecycle changes if it acquires the same lock for the + * duration of wsi dereference from the other thread context. */ + + LWS_CALLBACK_UNLOCK_POLL = 36, + /**< See LWS_CALLBACK_LOCK_POLL, ignore if using lws internal poll */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to CGI serving ----- + */ + + LWS_CALLBACK_CGI = 40, + /**< CGI: CGI IO events on stdin / out / err are sent here on + * protocols[0]. The provided `lws_callback_http_dummy()` + * handles this and the callback should be directed there if + * you use CGI. */ + + LWS_CALLBACK_CGI_TERMINATED = 41, + /**< CGI: The related CGI process ended, this is called before + * the wsi is closed. Used to, eg, terminate chunking. + * The provided `lws_callback_http_dummy()` + * handles this and the callback should be directed there if + * you use CGI. The child PID that terminated is in len. */ + + LWS_CALLBACK_CGI_STDIN_DATA = 42, + /**< CGI: Data is, to be sent to the CGI process stdin, eg from + * a POST body. The provided `lws_callback_http_dummy()` + * handles this and the callback should be directed there if + * you use CGI. */ + + LWS_CALLBACK_CGI_STDIN_COMPLETED = 43, + /**< CGI: no more stdin is coming. The provided + * `lws_callback_http_dummy()` handles this and the callback + * should be directed there if you use CGI. */ + + LWS_CALLBACK_CGI_PROCESS_ATTACH = 70, + /**< CGI: Sent when the CGI process is spawned for the wsi. The + * len parameter is the PID of the child process */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to Generic Sessions ----- + */ + + LWS_CALLBACK_SESSION_INFO = 54, + /**< This is only generated by user code using generic sessions. + * It's used to get a `struct lws_session_info` filled in by + * generic sessions with information about the logged-in user. + * See the messageboard sample for an example of how to use. */ + + LWS_CALLBACK_GS_EVENT = 55, + /**< Indicates an event happened to the Generic Sessions session. + * `in` contains a `struct lws_gs_event_args` describing the event. */ + + LWS_CALLBACK_HTTP_PMO = 56, + /**< per-mount options for this connection, called before + * the normal LWS_CALLBACK_HTTP when the mount has per-mount + * options. + */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to RAW sockets ----- + */ + + LWS_CALLBACK_RAW_RX = 59, + /**< RAW mode connection RX */ + + LWS_CALLBACK_RAW_CLOSE = 60, + /**< RAW mode connection is closing */ + + LWS_CALLBACK_RAW_WRITEABLE = 61, + /**< RAW mode connection may be written */ + + LWS_CALLBACK_RAW_ADOPT = 62, + /**< RAW mode connection was adopted (equivalent to 'wsi created') */ + + LWS_CALLBACK_RAW_SKT_BIND_PROTOCOL = 81, + LWS_CALLBACK_RAW_SKT_DROP_PROTOCOL = 82, + + /* --------------------------------------------------------------------- + * ----- Callbacks related to RAW file handles ----- + */ + + LWS_CALLBACK_RAW_ADOPT_FILE = 63, + /**< RAW mode file was adopted (equivalent to 'wsi created') */ + + LWS_CALLBACK_RAW_RX_FILE = 64, + /**< This is the indication the RAW mode file has something to read. + * This doesn't actually do the read of the file and len is always + * 0... your code should do the read having been informed there is + * something to read now. */ + + LWS_CALLBACK_RAW_WRITEABLE_FILE = 65, + /**< RAW mode file is writeable */ + + LWS_CALLBACK_RAW_CLOSE_FILE = 66, + /**< RAW mode wsi that adopted a file is closing */ + + LWS_CALLBACK_RAW_FILE_BIND_PROTOCOL = 83, + LWS_CALLBACK_RAW_FILE_DROP_PROTOCOL = 84, + + /* --------------------------------------------------------------------- + * ----- Callbacks related to generic wsi events ----- + */ + + LWS_CALLBACK_TIMER = 73, + /**< When the time elapsed after a call to + * lws_set_timer_usecs(wsi, usecs) is up, the wsi will get one of + * these callbacks. The deadline can be continuously extended into the + * future by later calls to lws_set_timer_usecs() before the deadline + * expires, or cancelled by lws_set_timer_usecs(wsi, -1); + */ + + LWS_CALLBACK_EVENT_WAIT_CANCELLED = 71, + /**< This is sent to every protocol of every vhost in response + * to lws_cancel_service() or lws_cancel_service_pt(). This + * callback is serialized in the lws event loop normally, even + * if the lws_cancel_service[_pt]() call was from a different + * thread. */ + + LWS_CALLBACK_CHILD_CLOSING = 69, + /**< Sent to parent to notify them a child is closing / being + * destroyed. in is the child wsi. + */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to TLS certificate management ----- + */ + + LWS_CALLBACK_VHOST_CERT_AGING = 72, + /**< When a vhost TLS cert has its expiry checked, this callback + * is broadcast to every protocol of every vhost in case the + * protocol wants to take some action with this information. + * \p in is a pointer to a struct lws_acme_cert_aging_args, + * and \p len is the number of days left before it expires, as + * a (ssize_t). In the struct lws_acme_cert_aging_args, vh + * points to the vhost the cert aging information applies to, + * and element_overrides[] is an optional way to update information + * from the pvos... NULL in an index means use the information from + * from the pvo for the cert renewal, non-NULL in the array index + * means use that pointer instead for the index. */ + + LWS_CALLBACK_VHOST_CERT_UPDATE = 74, + /**< When a vhost TLS cert is being updated, progress is + * reported to the vhost in question here, including completion + * and failure. in points to optional JSON, and len represents the + * connection state using enum lws_cert_update_state */ + + + /****** add new things just above ---^ ******/ + + LWS_CALLBACK_USER = 1000, + /**< user code can use any including above without fear of clashes */ +}; + + + +/** + * typedef lws_callback_function() - User server actions + * \param wsi: Opaque websocket instance pointer + * \param reason: The reason for the call + * \param user: Pointer to per-session user data allocated by library + * \param in: Pointer used for some callback reasons + * \param len: Length set for some callback reasons + * + * This callback is the way the user controls what is served. All the + * protocol detail is hidden and handled by the library. + * + * For each connection / session there is user data allocated that is + * pointed to by "user". You set the size of this user data area when + * the library is initialized with lws_create_server. + */ +typedef int +lws_callback_function(struct lws *wsi, enum lws_callback_reasons reason, + void *user, void *in, size_t len); + +#define LWS_CB_REASON_AUX_BF__CGI 1 +#define LWS_CB_REASON_AUX_BF__PROXY 2 +#define LWS_CB_REASON_AUX_BF__CGI_CHUNK_END 4 +#define LWS_CB_REASON_AUX_BF__CGI_HEADERS 8 +#define LWS_CB_REASON_AUX_BF__PROXY_TRANS_END 16 +#define LWS_CB_REASON_AUX_BF__PROXY_HEADERS 32 +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-cgi.h b/thirdparty/libwebsockets/include/libwebsockets/lws-cgi.h new file mode 100644 index 0000000000..7a5eca2855 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-cgi.h @@ -0,0 +1,103 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup cgi cgi handling + * + * ##CGI handling + * + * These functions allow low-level control over stdin/out/err of the cgi. + * + * However for most cases, binding the cgi to http in and out, the default + * lws implementation already does the right thing. + */ + +enum lws_enum_stdinouterr { + LWS_STDIN = 0, + LWS_STDOUT = 1, + LWS_STDERR = 2, +}; + +enum lws_cgi_hdr_state { + LCHS_HEADER, + LCHS_CR1, + LCHS_LF1, + LCHS_CR2, + LCHS_LF2, + LHCS_RESPONSE, + LHCS_DUMP_HEADERS, + LHCS_PAYLOAD, + LCHS_SINGLE_0A, +}; + +struct lws_cgi_args { + struct lws **stdwsi; /**< get fd with lws_get_socket_fd() */ + enum lws_enum_stdinouterr ch; /**< channel index */ + unsigned char *data; /**< for messages with payload */ + enum lws_cgi_hdr_state hdr_state; /**< track where we are in cgi headers */ + int len; /**< length */ +}; + +#ifdef LWS_WITH_CGI +/** + * lws_cgi: spawn network-connected cgi process + * + * \param wsi: connection to own the process + * \param exec_array: array of "exec-name" "arg1" ... "argn" NULL + * \param script_uri_path_len: how many chars on the left of the uri are the + * path to the cgi, or -1 to spawn without URL-related env vars + * \param timeout_secs: seconds script should be allowed to run + * \param mp_cgienv: pvo list with per-vhost cgi options to put in env + */ +LWS_VISIBLE LWS_EXTERN int +lws_cgi(struct lws *wsi, const char * const *exec_array, + int script_uri_path_len, int timeout_secs, + const struct lws_protocol_vhost_options *mp_cgienv); + +/** + * lws_cgi_write_split_stdout_headers: write cgi output accounting for header part + * + * \param wsi: connection to own the process + */ +LWS_VISIBLE LWS_EXTERN int +lws_cgi_write_split_stdout_headers(struct lws *wsi); + +/** + * lws_cgi_kill: terminate cgi process associated with wsi + * + * \param wsi: connection to own the process + */ +LWS_VISIBLE LWS_EXTERN int +lws_cgi_kill(struct lws *wsi); + +/** + * lws_cgi_get_stdwsi: get wsi for stdin, stdout, or stderr + * + * \param wsi: parent wsi that has cgi + * \param ch: which of LWS_STDIN, LWS_STDOUT or LWS_STDERR + */ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_cgi_get_stdwsi(struct lws *wsi, enum lws_enum_stdinouterr ch); + +#endif +///@} + diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-client.h b/thirdparty/libwebsockets/include/libwebsockets/lws-client.h new file mode 100644 index 0000000000..a1661b0a9f --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-client.h @@ -0,0 +1,231 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup client Client related functions + * ##Client releated functions + * \ingroup lwsapi + * + * */ +///@{ + +/** enum lws_client_connect_ssl_connection_flags - flags that may be used + * with struct lws_client_connect_info ssl_connection member to control if + * and how SSL checks apply to the client connection being created + */ + +enum lws_client_connect_ssl_connection_flags { + LCCSCF_USE_SSL = (1 << 0), + LCCSCF_ALLOW_SELFSIGNED = (1 << 1), + LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK = (1 << 2), + LCCSCF_ALLOW_EXPIRED = (1 << 3), + + LCCSCF_PIPELINE = (1 << 16), + /**< Serialize / pipeline multiple client connections + * on a single connection where possible. + * + * HTTP/1.0: possible if Keep-Alive: yes sent by server + * HTTP/1.1: always possible... uses pipelining + * HTTP/2: always possible... uses parallel streams + * */ +}; + +/** struct lws_client_connect_info - parameters to connect with when using + * lws_client_connect_via_info() */ + +struct lws_client_connect_info { + struct lws_context *context; + /**< lws context to create connection in */ + const char *address; + /**< remote address to connect to */ + int port; + /**< remote port to connect to */ + int ssl_connection; + /**< 0, or a combination of LCCSCF_ flags */ + const char *path; + /**< uri path */ + const char *host; + /**< content of host header */ + const char *origin; + /**< content of origin header */ + const char *protocol; + /**< list of ws protocols we could accept */ + int ietf_version_or_minus_one; + /**< deprecated: currently leave at 0 or -1 */ + void *userdata; + /**< if non-NULL, use this as wsi user_data instead of malloc it */ + const void *client_exts; + /**< UNUSED... provide in info.extensions at context creation time */ + const char *method; + /**< if non-NULL, do this http method instead of ws[s] upgrade. + * use "GET" to be a simple http client connection. "RAW" gets + * you a connected socket that lws itself will leave alone once + * connected. */ + struct lws *parent_wsi; + /**< if another wsi is responsible for this connection, give it here. + * this is used to make sure if the parent closes so do any + * child connections first. */ + const char *uri_replace_from; + /**< if non-NULL, when this string is found in URIs in + * text/html content-encoding, it's replaced with uri_replace_to */ + const char *uri_replace_to; + /**< see uri_replace_from */ + struct lws_vhost *vhost; + /**< vhost to bind to (used to determine related SSL_CTX) */ + struct lws **pwsi; + /**< if not NULL, store the new wsi here early in the connection + * process. Although we return the new wsi, the call to create the + * client connection does progress the connection somewhat and may + * meet an error that will result in the connection being scrubbed and + * NULL returned. While the wsi exists though, he may process a + * callback like CLIENT_CONNECTION_ERROR with his wsi: this gives the + * user callback a way to identify which wsi it is that faced the error + * even before the new wsi is returned and even if ultimately no wsi + * is returned. + */ + const char *iface; + /**< NULL to allow routing on any interface, or interface name or IP + * to bind the socket to */ + const char *local_protocol_name; + /**< NULL: .protocol is used both to select the local protocol handler + * to bind to and as the list of remote ws protocols we could + * accept. + * non-NULL: this protocol name is used to bind the connection to + * the local protocol handler. .protocol is used for the + * list of remote ws protocols we could accept */ + const char *alpn; + /**< NULL: allow lws default ALPN list, from vhost if present or from + * list of roles built into lws + * non-NULL: require one from provided comma-separated list of alpn + * tokens + */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility + * + * The below is to ensure later library versions with new + * members added above will see 0 (default) even if the app + * was not built against the newer headers. + */ + + void *_unused[4]; /**< dummy */ +}; + +/** + * lws_client_connect_via_info() - Connect to another websocket server + * \param ccinfo: pointer to lws_client_connect_info struct + * + * This function creates a connection to a remote server using the + * information provided in ccinfo. + */ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_client_connect_via_info(const struct lws_client_connect_info *ccinfo); + +/** + * lws_init_vhost_client_ssl() - also enable client SSL on an existing vhost + * + * \param info: client ssl related info + * \param vhost: which vhost to initialize client ssl operations on + * + * You only need to call this if you plan on using SSL client connections on + * the vhost. For non-SSL client connections, it's not necessary to call this. + * + * The following members of info are used during the call + * + * - options must have LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT set, + * otherwise the call does nothing + * - provided_client_ssl_ctx must be NULL to get a generated client + * ssl context, otherwise you can pass a prepared one in by setting it + * - ssl_cipher_list may be NULL or set to the client valid cipher list + * - ssl_ca_filepath may be NULL or client cert filepath + * - ssl_cert_filepath may be NULL or client cert filepath + * - ssl_private_key_filepath may be NULL or client cert private key + * + * You must create your vhost explicitly if you want to use this, so you have + * a pointer to the vhost. Create the context first with the option flag + * LWS_SERVER_OPTION_EXPLICIT_VHOSTS and then call lws_create_vhost() with + * the same info struct. + */ +LWS_VISIBLE LWS_EXTERN int +lws_init_vhost_client_ssl(const struct lws_context_creation_info *info, + struct lws_vhost *vhost); +/** + * lws_http_client_read() - consume waiting received http client data + * + * \param wsi: client connection + * \param buf: pointer to buffer pointer - fill with pointer to your buffer + * \param len: pointer to chunk length - fill with max length of buffer + * + * This is called when the user code is notified client http data has arrived. + * The user code may choose to delay calling it to consume the data, for example + * waiting until an onward connection is writeable. + * + * For non-chunked connections, up to len bytes of buf are filled with the + * received content. len is set to the actual amount filled before return. + * + * For chunked connections, the linear buffer content contains the chunking + * headers and it cannot be passed in one lump. Instead, this function will + * call back LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ with in pointing to the + * chunk start and len set to the chunk length. There will be as many calls + * as there are chunks or partial chunks in the buffer. + */ +LWS_VISIBLE LWS_EXTERN int +lws_http_client_read(struct lws *wsi, char **buf, int *len); + +/** + * lws_http_client_http_response() - get last HTTP response code + * + * \param wsi: client connection + * + * Returns the last server response code, eg, 200 for client http connections. + * + * You should capture this during the LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP + * callback, because after that the memory reserved for storing the related + * headers is freed and this value is lost. + */ +LWS_VISIBLE LWS_EXTERN unsigned int +lws_http_client_http_response(struct lws *wsi); + +LWS_VISIBLE LWS_EXTERN void +lws_client_http_body_pending(struct lws *wsi, int something_left_to_send); + +/** + * lws_client_http_body_pending() - control if client connection neeeds to send body + * + * \param wsi: client connection + * \param something_left_to_send: nonzero if need to send more body, 0 (default) + * if nothing more to send + * + * If you will send payload data with your HTTP client connection, eg, for POST, + * when you set the related http headers in + * LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER callback you should also call + * this API with something_left_to_send nonzero, and call + * lws_callback_on_writable(wsi); + * + * After sending the headers, lws will call your callback with + * LWS_CALLBACK_CLIENT_HTTP_WRITEABLE reason when writable. You can send the + * next part of the http body payload, calling lws_callback_on_writable(wsi); + * if there is more to come, or lws_client_http_body_pending(wsi, 0); to + * let lws know the last part is sent and the connection can move on. + */ + +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-context-vhost.h b/thirdparty/libwebsockets/include/libwebsockets/lws-context-vhost.h new file mode 100644 index 0000000000..a63d708629 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-context-vhost.h @@ -0,0 +1,927 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup context-and-vhost context and vhost related functions + * ##Context and Vhost releated functions + * \ingroup lwsapi + * + * + * LWS requires that there is one context, in which you may define multiple + * vhosts. Each vhost is a virtual host, with either its own listen port + * or sharing an existing one. Each vhost has its own SSL context that can + * be set up individually or left disabled. + * + * If you don't care about multiple "site" support, you can ignore it and + * lws will create a single default vhost at context creation time. + */ +///@{ + +/* + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ + +/** enum lws_context_options - context and vhost options */ +enum lws_context_options { + LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT = (1 << 1) | + (1 << 12), + /**< (VH) Don't allow the connection unless the client has a + * client cert that we recognize; provides + * LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT */ + LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME = (1 << 2), + /**< (CTX) Don't try to get the server's hostname */ + LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT = (1 << 3) | + (1 << 12), + /**< (VH) Allow non-SSL (plaintext) connections on the same + * port as SSL is listening... undermines the security of SSL; + * provides LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT */ + LWS_SERVER_OPTION_LIBEV = (1 << 4), + /**< (CTX) Use libev event loop */ + LWS_SERVER_OPTION_DISABLE_IPV6 = (1 << 5), + /**< (VH) Disable IPV6 support */ + LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS = (1 << 6), + /**< (VH) Don't load OS CA certs, you will need to load your + * own CA cert(s) */ + LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED = (1 << 7), + /**< (VH) Accept connections with no valid Cert (eg, selfsigned) */ + LWS_SERVER_OPTION_VALIDATE_UTF8 = (1 << 8), + /**< (VH) Check UT-8 correctness */ + LWS_SERVER_OPTION_SSL_ECDH = (1 << 9) | + (1 << 12), + /**< (VH) initialize ECDH ciphers */ + LWS_SERVER_OPTION_LIBUV = (1 << 10), + /**< (CTX) Use libuv event loop */ + LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS = (1 << 11) | + (1 << 12), + /**< (VH) Use http redirect to force http to https + * (deprecated: use mount redirection) */ + LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT = (1 << 12), + /**< (CTX) Initialize the SSL library at all */ + LWS_SERVER_OPTION_EXPLICIT_VHOSTS = (1 << 13), + /**< (CTX) Only create the context when calling context + * create api, implies user code will create its own vhosts */ + LWS_SERVER_OPTION_UNIX_SOCK = (1 << 14), + /**< (VH) Use Unix socket */ + LWS_SERVER_OPTION_STS = (1 << 15), + /**< (VH) Send Strict Transport Security header, making + * clients subsequently go to https even if user asked for http */ + LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY = (1 << 16), + /**< (VH) Enable LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE to take effect */ + LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE = (1 << 17), + /**< (VH) if set, only ipv6 allowed on the vhost */ + LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN = (1 << 18), + /**< (CTX) Libuv only: Do not spin on SIGSEGV / SIGFPE. A segfault + * normally makes the lib spin so you can attach a debugger to it + * even if it happened without a debugger in place. You can disable + * that by giving this option. + */ + LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN = (1 << 19), + /**< For backwards-compatibility reasons, by default + * lws prepends "http://" to the origin you give in the client + * connection info struct. If you give this flag when you create + * the context, only the string you give in the client connect + * info for .origin (if any) will be used directly. + */ + LWS_SERVER_OPTION_FALLBACK_TO_RAW = (1 << 20), + /**< (VH) if invalid http is coming in the first line, */ + LWS_SERVER_OPTION_LIBEVENT = (1 << 21), + /**< (CTX) Use libevent event loop */ + LWS_SERVER_OPTION_ONLY_RAW = (1 << 22), + /**< (VH) All connections to this vhost / port are RAW as soon as + * the connection is accepted, no HTTP is going to be coming. + */ + LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE = (1 << 23), + /**< (VH) Set to allow multiple listen sockets on one interface + + * address + port. The default is to strictly allow only one + * listen socket at a time. This is automatically selected if you + * have multiple service threads. + */ + LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX = (1 << 24), + /**< (VH) Force setting up the vhost SSL_CTX, even though the user + * code doesn't explicitly provide a cert in the info struct. It + * implies the user code is going to provide a cert at the + * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS callback, which + * provides the vhost SSL_CTX * in the user parameter. + */ + LWS_SERVER_OPTION_SKIP_PROTOCOL_INIT = (1 << 25), + /**< (VH) You probably don't want this. It forces this vhost to not + * call LWS_CALLBACK_PROTOCOL_INIT on its protocols. It's used in the + * special case of a temporary vhost bound to a single protocol. + */ + LWS_SERVER_OPTION_IGNORE_MISSING_CERT = (1 << 26), + /**< (VH) Don't fail if the vhost TLS cert or key are missing, just + * continue. The vhost won't be able to serve anything, but if for + * example the ACME plugin was configured to fetch a cert, this lets + * you bootstrap your vhost from having no cert to start with. + */ + LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK = (1 << 27), + /**< (VH) On this vhost, if the connection is being upgraded, insist + * that there's a Host: header and that the contents match the vhost + * name + port (443 / 80 are assumed if no :port given based on if the + * connection is using TLS). + * + * By default, without this flag, on upgrade lws just checks that the + * Host: header was given without checking the contents... this is to + * allow lax hostname mappings like localhost / 127.0.0.1, and CNAME + * mappings like www.mysite.com / mysite.com + */ + LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE = (1 << 28), + /**< (VH) Send lws default HTTP headers recommended by Mozilla + * Observatory for security. This is a helper option that sends canned + * headers on each http response enabling a VERY strict Content Security + * Policy. The policy is so strict, for example it won't let the page + * run its own inline JS nor show images or take CSS from a different + * server. In many cases your JS only comes from your server as do the + * image sources and CSS, so that is what you want... attackers hoping + * to inject JS into your DOM are completely out of luck since even if + * they succeed, it will be rejected for execution by the browser + * according to the strict CSP. In other cases you have to deviate from + * the complete strictness, in which case don't use this flag: use the + * .headers member in the vhost init described in struct + * lws_context_creation_info instead to send the adapted headers + * yourself. + */ + + /****** add new things just above ---^ ******/ +}; + +#define lws_check_opt(c, f) (((c) & (f)) == (f)) + +struct lws_plat_file_ops; + +/** struct lws_context_creation_info - parameters to create context and /or vhost with + * + * This is also used to create vhosts.... if LWS_SERVER_OPTION_EXPLICIT_VHOSTS + * is not given, then for backwards compatibility one vhost is created at + * context-creation time using the info from this struct. + * + * If LWS_SERVER_OPTION_EXPLICIT_VHOSTS is given, then no vhosts are created + * at the same time as the context, they are expected to be created afterwards. + */ +struct lws_context_creation_info { + int port; + /**< VHOST: Port to listen on. Use CONTEXT_PORT_NO_LISTEN to suppress + * listening for a client. Use CONTEXT_PORT_NO_LISTEN_SERVER if you are + * writing a server but you are using \ref sock-adopt instead of the + * built-in listener. + * + * You can also set port to 0, in which case the kernel will pick + * a random port that is not already in use. You can find out what + * port the vhost is listening on using lws_get_vhost_listen_port() */ + const char *iface; + /**< VHOST: NULL to bind the listen socket to all interfaces, or the + * interface name, eg, "eth2" + * If options specifies LWS_SERVER_OPTION_UNIX_SOCK, this member is + * the pathname of a UNIX domain socket. you can use the UNIX domain + * sockets in abstract namespace, by prepending an at symbol to the + * socket name. */ + const struct lws_protocols *protocols; + /**< VHOST: Array of structures listing supported protocols and a + * protocol-specific callback for each one. The list is ended with an + * entry that has a NULL callback pointer. */ + const struct lws_extension *extensions; + /**< VHOST: NULL or array of lws_extension structs listing the + * extensions this context supports. */ + const struct lws_token_limits *token_limits; + /**< CONTEXT: NULL or struct lws_token_limits pointer which is + * initialized with a token length limit for each possible WSI_TOKEN_ */ + const char *ssl_private_key_password; + /**< VHOST: NULL or the passphrase needed for the private key. (For + * backwards compatibility, this can also be used to pass the client + * cert passphrase when setting up a vhost client SSL context, but it is + * preferred to use .client_ssl_private_key_password for that.) */ + const char *ssl_cert_filepath; + /**< VHOST: If libwebsockets was compiled to use ssl, and you want + * to listen using SSL, set to the filepath to fetch the + * server cert from, otherwise NULL for unencrypted. (For backwards + * compatibility, this can also be used to pass the client certificate + * when setting up a vhost client SSL context, but it is preferred to + * use .client_ssl_cert_filepath for that.) */ + const char *ssl_private_key_filepath; + /**< VHOST: filepath to private key if wanting SSL mode; + * if this is set to NULL but ssl_cert_filepath is set, the + * OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY callback is called + * to allow setting of the private key directly via openSSL + * library calls. (For backwards compatibility, this can also be used + * to pass the client cert private key filepath when setting up a + * vhost client SSL context, but it is preferred to use + * .client_ssl_private_key_filepath for that.) */ + const char *ssl_ca_filepath; + /**< VHOST: CA certificate filepath or NULL. (For backwards + * compatibility, this can also be used to pass the client CA + * filepath when setting up a vhost client SSL context, + * but it is preferred to use .client_ssl_ca_filepath for that.) */ + const char *ssl_cipher_list; + /**< VHOST: List of valid ciphers to use ON TLS1.2 AND LOWER ONLY (eg, + * "RC4-MD5:RC4-SHA:AES128-SHA:AES256-SHA:HIGH:!DSS:!aNULL" + * or you can leave it as NULL to get "DEFAULT" (For backwards + * compatibility, this can also be used to pass the client cipher + * list when setting up a vhost client SSL context, + * but it is preferred to use .client_ssl_cipher_list for that.) + * SEE .tls1_3_plus_cipher_list and .client_tls_1_3_plus_cipher_list + * for the equivalent for tls1.3. + */ + const char *http_proxy_address; + /**< VHOST: If non-NULL, attempts to proxy via the given address. + * If proxy auth is required, use format + * "username:password\@server:port" */ + unsigned int http_proxy_port; + /**< VHOST: If http_proxy_address was non-NULL, uses this port */ + int gid; + /**< CONTEXT: group id to change to after setting listen socket, + * or -1. */ + int uid; + /**< CONTEXT: user id to change to after setting listen socket, + * or -1. */ + unsigned int options; + /**< VHOST + CONTEXT: 0, or LWS_SERVER_OPTION_... bitfields */ + void *user; + /**< VHOST + CONTEXT: optional user pointer that will be associated + * with the context when creating the context (and can be retrieved by + * lws_context_user(context), or with the vhost when creating the vhost + * (and can be retrieved by lws_vhost_user(vhost)). You will need to + * use LWS_SERVER_OPTION_EXPLICIT_VHOSTS and create the vhost separately + * if you care about giving the context and vhost different user pointer + * values. + */ + int ka_time; + /**< CONTEXT: 0 for no TCP keepalive, otherwise apply this keepalive + * timeout to all libwebsocket sockets, client or server */ + int ka_probes; + /**< CONTEXT: if ka_time was nonzero, after the timeout expires how many + * times to try to get a response from the peer before giving up + * and killing the connection */ + int ka_interval; + /**< CONTEXT: if ka_time was nonzero, how long to wait before each ka_probes + * attempt */ +#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) + SSL_CTX *provided_client_ssl_ctx; + /**< CONTEXT: If non-null, swap out libwebsockets ssl + * implementation for the one provided by provided_ssl_ctx. + * Libwebsockets no longer is responsible for freeing the context + * if this option is selected. */ +#else /* maintain structure layout either way */ + void *provided_client_ssl_ctx; /**< dummy if ssl disabled */ +#endif + + unsigned short max_http_header_data; + /**< CONTEXT: The max amount of header payload that can be handled + * in an http request (unrecognized header payload is dropped) */ + unsigned short max_http_header_pool; + /**< CONTEXT: The max number of connections with http headers that + * can be processed simultaneously (the corresponding memory is + * allocated and deallocated dynamically as needed). If the pool is + * fully busy new incoming connections must wait for accept until one + * becomes free. 0 = allow as many ah as number of availble fds for + * the process */ + + unsigned int count_threads; + /**< CONTEXT: how many contexts to create in an array, 0 = 1 */ + unsigned int fd_limit_per_thread; + /**< CONTEXT: nonzero means restrict each service thread to this + * many fds, 0 means the default which is divide the process fd + * limit by the number of threads. */ + unsigned int timeout_secs; + /**< VHOST: various processes involving network roundtrips in the + * library are protected from hanging forever by timeouts. If + * nonzero, this member lets you set the timeout used in seconds. + * Otherwise a default timeout is used. */ + const char *ecdh_curve; + /**< VHOST: if NULL, defaults to initializing server with + * "prime256v1" */ + const char *vhost_name; + /**< VHOST: name of vhost, must match external DNS name used to + * access the site, like "warmcat.com" as it's used to match + * Host: header and / or SNI name for SSL. */ + const char * const *plugin_dirs; + /**< CONTEXT: NULL, or NULL-terminated array of directories to + * scan for lws protocol plugins at context creation time */ + const struct lws_protocol_vhost_options *pvo; + /**< VHOST: pointer to optional linked list of per-vhost + * options made accessible to protocols */ + int keepalive_timeout; + /**< VHOST: (default = 0 = 5s) seconds to allow remote + * client to hold on to an idle HTTP/1.1 connection */ + const char *log_filepath; + /**< VHOST: filepath to append logs to... this is opened before + * any dropping of initial privileges */ + const struct lws_http_mount *mounts; + /**< VHOST: optional linked list of mounts for this vhost */ + const char *server_string; + /**< CONTEXT: string used in HTTP headers to identify server + * software, if NULL, "libwebsockets". */ + unsigned int pt_serv_buf_size; + /**< CONTEXT: 0 = default of 4096. This buffer is used by + * various service related features including file serving, it + * defines the max chunk of file that can be sent at once. + * At the risk of lws having to buffer failed large sends, it + * can be increased to, eg, 128KiB to improve throughput. */ + unsigned int max_http_header_data2; + /**< CONTEXT: if max_http_header_data is 0 and this + * is nonzero, this will be used in place of the default. It's + * like this for compatibility with the original short version, + * this is unsigned int length. */ + long ssl_options_set; + /**< VHOST: Any bits set here will be set as server SSL options */ + long ssl_options_clear; + /**< VHOST: Any bits set here will be cleared as server SSL options */ + unsigned short ws_ping_pong_interval; + /**< CONTEXT: 0 for none, else interval in seconds between sending + * PINGs on idle websocket connections. When the PING is sent, + * the PONG must come within the normal timeout_secs timeout period + * or the connection will be dropped. + * Any RX or TX traffic on the connection restarts the interval timer, + * so a connection which always sends or receives something at intervals + * less than the interval given here will never send PINGs / expect + * PONGs. Conversely as soon as the ws connection is established, an + * idle connection will do the PING / PONG roundtrip as soon as + * ws_ping_pong_interval seconds has passed without traffic + */ + const struct lws_protocol_vhost_options *headers; + /**< VHOST: pointer to optional linked list of per-vhost + * canned headers that are added to server responses */ + + const struct lws_protocol_vhost_options *reject_service_keywords; + /**< CONTEXT: Optional list of keywords and rejection codes + text. + * + * The keywords are checked for existing in the user agent string. + * + * Eg, "badrobot" "404 Not Found" + */ + void *external_baggage_free_on_destroy; + /**< CONTEXT: NULL, or pointer to something externally malloc'd, that + * should be freed when the context is destroyed. This allows you to + * automatically sync the freeing action to the context destruction + * action, so there is no need for an external free() if the context + * succeeded to create. + */ + + const char *client_ssl_private_key_password; + /**< VHOST: Client SSL context init: NULL or the passphrase needed + * for the private key */ + const char *client_ssl_cert_filepath; + /**< VHOST: Client SSL context init:T he certificate the client + * should present to the peer on connection */ + const char *client_ssl_private_key_filepath; + /**< VHOST: Client SSL context init: filepath to client private key + * if this is set to NULL but client_ssl_cert_filepath is set, you + * can handle the LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS + * callback of protocols[0] to allow setting of the private key directly + * via openSSL library calls */ + const char *client_ssl_ca_filepath; + /**< VHOST: Client SSL context init: CA certificate filepath or NULL */ + const void *client_ssl_ca_mem; + /**< VHOST: Client SSL context init: CA certificate memory buffer or + * NULL... use this to load CA cert from memory instead of file */ + unsigned int client_ssl_ca_mem_len; + /**< VHOST: Client SSL context init: length of client_ssl_ca_mem in + * bytes */ + + const char *client_ssl_cipher_list; + /**< VHOST: Client SSL context init: List of valid ciphers to use (eg, + * "RC4-MD5:RC4-SHA:AES128-SHA:AES256-SHA:HIGH:!DSS:!aNULL" + * or you can leave it as NULL to get "DEFAULT" */ + + const struct lws_plat_file_ops *fops; + /**< CONTEXT: NULL, or pointer to an array of fops structs, terminated + * by a sentinel with NULL .open. + * + * If NULL, lws provides just the platform file operations struct for + * backwards compatibility. + */ + int simultaneous_ssl_restriction; + /**< CONTEXT: 0 (no limit) or limit of simultaneous SSL sessions + * possible.*/ + const char *socks_proxy_address; + /**< VHOST: If non-NULL, attempts to proxy via the given address. + * If proxy auth is required, use format + * "username:password\@server:port" */ + unsigned int socks_proxy_port; + /**< VHOST: If socks_proxy_address was non-NULL, uses this port */ +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) + cap_value_t caps[4]; + /**< CONTEXT: array holding Linux capabilities you want to + * continue to be available to the server after it transitions + * to a noprivileged user. Usually none are needed but for, eg, + * .bind_iface, CAP_NET_RAW is required. This gives you a way + * to still have the capability but drop root. + */ + char count_caps; + /**< CONTEXT: count of Linux capabilities in .caps[]. 0 means + * no capabilities will be inherited from root (the default) */ +#endif + int bind_iface; + /**< VHOST: nonzero to strictly bind sockets to the interface name in + * .iface (eg, "eth2"), using SO_BIND_TO_DEVICE. + * + * Requires SO_BINDTODEVICE support from your OS and CAP_NET_RAW + * capability. + * + * Notice that common things like access network interface IP from + * your local machine use your lo / loopback interface and will be + * disallowed by this. + */ + int ssl_info_event_mask; + /**< VHOST: mask of ssl events to be reported on LWS_CALLBACK_SSL_INFO + * callback for connections on this vhost. The mask values are of + * the form SSL_CB_ALERT, defined in openssl/ssl.h. The default of + * 0 means no info events will be reported. + */ + unsigned int timeout_secs_ah_idle; + /**< VHOST: seconds to allow a client to hold an ah without using it. + * 0 defaults to 10s. */ + unsigned short ip_limit_ah; + /**< CONTEXT: max number of ah a single IP may use simultaneously + * 0 is no limit. This is a soft limit: if the limit is + * reached, connections from that IP will wait in the ah + * waiting list and not be able to acquire an ah until + * a connection belonging to the IP relinquishes one it + * already has. + */ + unsigned short ip_limit_wsi; + /**< CONTEXT: max number of wsi a single IP may use simultaneously. + * 0 is no limit. This is a hard limit, connections from + * the same IP will simply be dropped once it acquires the + * amount of simultaneous wsi / accepted connections + * given here. + */ + uint32_t http2_settings[7]; + /**< VHOST: if http2_settings[0] is nonzero, the values given in + * http2_settings[1]..[6] are used instead of the lws + * platform default values. + * Just leave all at 0 if you don't care. + */ + const char *error_document_404; + /**< VHOST: If non-NULL, when asked to serve a non-existent file, + * lws attempts to server this url path instead. Eg, + * "/404.html" */ + const char *alpn; + /**< CONTEXT: If non-NULL, default list of advertised alpn, comma- + * separated + * + * VHOST: If non-NULL, per-vhost list of advertised alpn, comma- + * separated + */ + void **foreign_loops; + /**< CONTEXT: This is ignored if the context is not being started with + * an event loop, ie, .options has a flag like + * LWS_SERVER_OPTION_LIBUV. + * + * NULL indicates lws should start its own even loop for + * each service thread, and deal with closing the loops + * when the context is destroyed. + * + * Non-NULL means it points to an array of external + * ("foreign") event loops that are to be used in turn for + * each service thread. In the default case of 1 service + * thread, it can just point to one foreign event loop. + */ + void (*signal_cb)(void *event_lib_handle, int signum); + /**< CONTEXT: NULL: default signal handling. Otherwise this receives + * the signal handler callback. event_lib_handle is the + * native event library signal handle, eg uv_signal_t * + * for libuv. + */ + struct lws_context **pcontext; + /**< CONTEXT: if non-NULL, at the end of context destroy processing, + * the pointer pointed to by pcontext is written with NULL. You can + * use this to let foreign event loops know that lws context destruction + * is fully completed. + */ + void (*finalize)(struct lws_vhost *vh, void *arg); + /**< VHOST: NULL, or pointer to function that will be called back + * when the vhost is just about to be freed. The arg parameter + * will be set to whatever finalize_arg is below. + */ + void *finalize_arg; + /**< VHOST: opaque pointer lws ignores but passes to the finalize + * callback. If you don't care, leave it NULL. + */ + unsigned int max_http_header_pool2; + /**< CONTEXT: if max_http_header_pool is 0 and this + * is nonzero, this will be used in place of the default. It's + * like this for compatibility with the original short version: + * this is unsigned int length. */ + + long ssl_client_options_set; + /**< VHOST: Any bits set here will be set as CLIENT SSL options */ + long ssl_client_options_clear; + /**< VHOST: Any bits set here will be cleared as CLIENT SSL options */ + + const char *tls1_3_plus_cipher_list; + /**< VHOST: List of valid ciphers to use for incoming server connections + * ON TLS1.3 AND ABOVE (eg, "TLS_CHACHA20_POLY1305_SHA256" on this vhost + * or you can leave it as NULL to get "DEFAULT". + * SEE .client_tls_1_3_plus_cipher_list to do the same on the vhost + * client SSL_CTX. + */ + const char *client_tls_1_3_plus_cipher_list; + /**< VHOST: List of valid ciphers to use for outgoing client connections + * ON TLS1.3 AND ABOVE on this vhost (eg, + * "TLS_CHACHA20_POLY1305_SHA256") or you can leave it as NULL to get + * "DEFAULT". + */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility + * + * The below is to ensure later library versions with new + * members added above will see 0 (default) even if the app + * was not built against the newer headers. + */ + + void *_unused[4]; /**< dummy */ +}; + +/** + * lws_create_context() - Create the websocket handler + * \param info: pointer to struct with parameters + * + * This function creates the listening socket (if serving) and takes care + * of all initialization in one step. + * + * If option LWS_SERVER_OPTION_EXPLICIT_VHOSTS is given, no vhost is + * created; you're expected to create your own vhosts afterwards using + * lws_create_vhost(). Otherwise a vhost named "default" is also created + * using the information in the vhost-related members, for compatibility. + * + * After initialization, it returns a struct lws_context * that + * represents this server. After calling, user code needs to take care + * of calling lws_service() with the context pointer to get the + * server's sockets serviced. This must be done in the same process + * context as the initialization call. + * + * The protocol callback functions are called for a handful of events + * including http requests coming in, websocket connections becoming + * established, and data arriving; it's also called periodically to allow + * async transmission. + * + * HTTP requests are sent always to the FIRST protocol in protocol, since + * at that time websocket protocol has not been negotiated. Other + * protocols after the first one never see any HTTP callback activity. + * + * The server created is a simple http server by default; part of the + * websocket standard is upgrading this http connection to a websocket one. + * + * This allows the same server to provide files like scripts and favicon / + * images or whatever over http and dynamic data over websockets all in + * one place; they're all handled in the user callback. + */ +LWS_VISIBLE LWS_EXTERN struct lws_context * +lws_create_context(const struct lws_context_creation_info *info); + + +/** + * lws_context_destroy() - Destroy the websocket context + * \param context: Websocket context + * + * This function closes any active connections and then frees the + * context. After calling this, any further use of the context is + * undefined. + */ +LWS_VISIBLE LWS_EXTERN void +lws_context_destroy(struct lws_context *context); + +typedef int (*lws_reload_func)(void); + +/** + * lws_context_deprecate() - Deprecate the websocket context + * + * \param context: Websocket context + * \param cb: Callback notified when old context listen sockets are closed + * + * This function is used on an existing context before superceding it + * with a new context. + * + * It closes any listen sockets in the context, so new connections are + * not possible. + * + * And it marks the context to be deleted when the number of active + * connections into it falls to zero. + * + * This is aimed at allowing seamless configuration reloads. + * + * The callback cb will be called after the listen sockets are actually + * closed and may be reopened. In the callback the new context should be + * configured and created. (With libuv, socket close happens async after + * more loop events). + */ +LWS_VISIBLE LWS_EXTERN void +lws_context_deprecate(struct lws_context *context, lws_reload_func cb); + +LWS_VISIBLE LWS_EXTERN int +lws_context_is_deprecated(struct lws_context *context); + +/** + * lws_set_proxy() - Setups proxy to lws_context. + * \param vhost: pointer to struct lws_vhost you want set proxy for + * \param proxy: pointer to c string containing proxy in format address:port + * + * Returns 0 if proxy string was parsed and proxy was setup. + * Returns -1 if proxy is NULL or has incorrect format. + * + * This is only required if your OS does not provide the http_proxy + * environment variable (eg, OSX) + * + * IMPORTANT! You should call this function right after creation of the + * lws_context and before call to connect. If you call this + * function after connect behavior is undefined. + * This function will override proxy settings made on lws_context + * creation with genenv() call. + */ +LWS_VISIBLE LWS_EXTERN int +lws_set_proxy(struct lws_vhost *vhost, const char *proxy); + +/** + * lws_set_socks() - Setup socks to lws_context. + * \param vhost: pointer to struct lws_vhost you want set socks for + * \param socks: pointer to c string containing socks in format address:port + * + * Returns 0 if socks string was parsed and socks was setup. + * Returns -1 if socks is NULL or has incorrect format. + * + * This is only required if your OS does not provide the socks_proxy + * environment variable (eg, OSX) + * + * IMPORTANT! You should call this function right after creation of the + * lws_context and before call to connect. If you call this + * function after connect behavior is undefined. + * This function will override proxy settings made on lws_context + * creation with genenv() call. + */ +LWS_VISIBLE LWS_EXTERN int +lws_set_socks(struct lws_vhost *vhost, const char *socks); + +struct lws_vhost; + +/** + * lws_create_vhost() - Create a vhost (virtual server context) + * \param context: pointer to result of lws_create_context() + * \param info: pointer to struct with parameters + * + * This function creates a virtual server (vhost) using the vhost-related + * members of the info struct. You can create many vhosts inside one context + * if you created the context with the option LWS_SERVER_OPTION_EXPLICIT_VHOSTS + */ +LWS_VISIBLE LWS_EXTERN struct lws_vhost * +lws_create_vhost(struct lws_context *context, + const struct lws_context_creation_info *info); + +/** + * lws_vhost_destroy() - Destroy a vhost (virtual server context) + * + * \param vh: pointer to result of lws_create_vhost() + * + * This function destroys a vhost. Normally, if you just want to exit, + * then lws_destroy_context() will take care of everything. If you want + * to destroy an individual vhost and all connections and allocations, you + * can do it with this. + * + * If the vhost has a listen sockets shared by other vhosts, it will be given + * to one of the vhosts sharing it rather than closed. + * + * The vhost close is staged according to the needs of the event loop, and if + * there are multiple service threads. At the point the vhost itself if + * about to be freed, if you provided a finalize callback and optional arg at + * vhost creation time, it will be called just before the vhost is freed. + */ +LWS_VISIBLE LWS_EXTERN void +lws_vhost_destroy(struct lws_vhost *vh); + +/** + * lwsws_get_config_globals() - Parse a JSON server config file + * \param info: pointer to struct with parameters + * \param d: filepath of the config file + * \param config_strings: storage for the config strings extracted from JSON, + * the pointer is incremented as strings are stored + * \param len: pointer to the remaining length left in config_strings + * the value is decremented as strings are stored + * + * This function prepares a n lws_context_creation_info struct with global + * settings from a file d. + * + * Requires CMake option LWS_WITH_LEJP_CONF to have been enabled + */ +LWS_VISIBLE LWS_EXTERN int +lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d, + char **config_strings, int *len); + +/** + * lwsws_get_config_vhosts() - Create vhosts from a JSON server config file + * \param context: pointer to result of lws_create_context() + * \param info: pointer to struct with parameters + * \param d: filepath of the config file + * \param config_strings: storage for the config strings extracted from JSON, + * the pointer is incremented as strings are stored + * \param len: pointer to the remaining length left in config_strings + * the value is decremented as strings are stored + * + * This function creates vhosts into a context according to the settings in + *JSON files found in directory d. + * + * Requires CMake option LWS_WITH_LEJP_CONF to have been enabled + */ +LWS_VISIBLE LWS_EXTERN int +lwsws_get_config_vhosts(struct lws_context *context, + struct lws_context_creation_info *info, const char *d, + char **config_strings, int *len); + +/** lws_vhost_get() - \deprecated deprecated: use lws_get_vhost() */ +LWS_VISIBLE LWS_EXTERN struct lws_vhost * +lws_vhost_get(struct lws *wsi) LWS_WARN_DEPRECATED; + +/** + * lws_get_vhost() - return the vhost a wsi belongs to + * + * \param wsi: which connection + */ +LWS_VISIBLE LWS_EXTERN struct lws_vhost * +lws_get_vhost(struct lws *wsi); + +/** + * lws_get_vhost_name() - returns the name of a vhost + * + * \param vhost: which vhost + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_get_vhost_name(struct lws_vhost *vhost); + +/** + * lws_get_vhost_port() - returns the port a vhost listens on, or -1 + * + * \param vhost: which vhost + */ +LWS_VISIBLE LWS_EXTERN int +lws_get_vhost_port(struct lws_vhost *vhost); + +/** + * lws_get_vhost_user() - returns the user pointer for the vhost + * + * \param vhost: which vhost + */ +LWS_VISIBLE LWS_EXTERN void * +lws_get_vhost_user(struct lws_vhost *vhost); + +/** + * lws_get_vhost_iface() - returns the binding for the vhost listen socket + * + * \param vhost: which vhost + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_get_vhost_iface(struct lws_vhost *vhost); + +/** + * lws_json_dump_vhost() - describe vhost state and stats in JSON + * + * \param vh: the vhost + * \param buf: buffer to fill with JSON + * \param len: max length of buf + */ +LWS_VISIBLE LWS_EXTERN int +lws_json_dump_vhost(const struct lws_vhost *vh, char *buf, int len); + +/** + * lws_json_dump_context() - describe context state and stats in JSON + * + * \param context: the context + * \param buf: buffer to fill with JSON + * \param len: max length of buf + * \param hide_vhosts: nonzero to not provide per-vhost mount etc information + * + * Generates a JSON description of vhost state into buf + */ +LWS_VISIBLE LWS_EXTERN int +lws_json_dump_context(const struct lws_context *context, char *buf, int len, + int hide_vhosts); + +/** + * lws_vhost_user() - get the user data associated with the vhost + * \param vhost: Websocket vhost + * + * This returns the optional user pointer that can be attached to + * a vhost when it was created. Lws never dereferences this pointer, it only + * sets it when the vhost is created, and returns it using this api. + */ +LWS_VISIBLE LWS_EXTERN void * +lws_vhost_user(struct lws_vhost *vhost); + +/** + * lws_context_user() - get the user data associated with the context + * \param context: Websocket context + * + * This returns the optional user allocation that can be attached to + * the context the sockets live in at context_create time. It's a way + * to let all sockets serviced in the same context share data without + * using globals statics in the user code. + */ +LWS_VISIBLE LWS_EXTERN void * +lws_context_user(struct lws_context *context); + +/*! \defgroup vhost-mounts Vhost mounts and options + * \ingroup context-and-vhost-creation + * + * ##Vhost mounts and options + */ +///@{ +/** struct lws_protocol_vhost_options - linked list of per-vhost protocol + * name=value options + * + * This provides a general way to attach a linked-list of name=value pairs, + * which can also have an optional child link-list using the options member. + */ +struct lws_protocol_vhost_options { + const struct lws_protocol_vhost_options *next; /**< linked list */ + const struct lws_protocol_vhost_options *options; /**< child linked-list of more options for this node */ + const char *name; /**< name of name=value pair */ + const char *value; /**< value of name=value pair */ +}; + +/** enum lws_mount_protocols + * This specifies the mount protocol for a mountpoint, whether it is to be + * served from a filesystem, or it is a cgi etc. + */ +enum lws_mount_protocols { + LWSMPRO_HTTP = 0, /**< http reverse proxy */ + LWSMPRO_HTTPS = 1, /**< https reverse proxy */ + LWSMPRO_FILE = 2, /**< serve from filesystem directory */ + LWSMPRO_CGI = 3, /**< pass to CGI to handle */ + LWSMPRO_REDIR_HTTP = 4, /**< redirect to http:// url */ + LWSMPRO_REDIR_HTTPS = 5, /**< redirect to https:// url */ + LWSMPRO_CALLBACK = 6, /**< hand by named protocol's callback */ +}; + +/** struct lws_http_mount + * + * arguments for mounting something in a vhost's url namespace + */ +struct lws_http_mount { + const struct lws_http_mount *mount_next; + /**< pointer to next struct lws_http_mount */ + const char *mountpoint; + /**< mountpoint in http pathspace, eg, "/" */ + const char *origin; + /**< path to be mounted, eg, "/var/www/warmcat.com" */ + const char *def; + /**< default target, eg, "index.html" */ + const char *protocol; + /**<"protocol-name" to handle mount */ + + const struct lws_protocol_vhost_options *cgienv; + /**< optional linked-list of cgi options. These are created + * as environment variables for the cgi process + */ + const struct lws_protocol_vhost_options *extra_mimetypes; + /**< optional linked-list of mimetype mappings */ + const struct lws_protocol_vhost_options *interpret; + /**< optional linked-list of files to be interpreted */ + + int cgi_timeout; + /**< seconds cgi is allowed to live, if cgi://mount type */ + int cache_max_age; + /**< max-age for reuse of client cache of files, seconds */ + unsigned int auth_mask; + /**< bits set here must be set for authorized client session */ + + unsigned int cache_reusable:1; /**< set if client cache may reuse this */ + unsigned int cache_revalidate:1; /**< set if client cache should revalidate on use */ + unsigned int cache_intermediaries:1; /**< set if intermediaries are allowed to cache */ + + unsigned char origin_protocol; /**< one of enum lws_mount_protocols */ + unsigned char mountpoint_len; /**< length of mountpoint string */ + + const char *basic_auth_login_file; + /**<NULL, or filepath to use to check basic auth logins against */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility + * + * The below is to ensure later library versions with new + * members added above will see 0 (default) even if the app + * was not built against the newer headers. + */ + + void *_unused[2]; /**< dummy */ +}; + +///@} +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-dbus.h b/thirdparty/libwebsockets/include/libwebsockets/lws-dbus.h new file mode 100644 index 0000000000..63cfd15f18 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-dbus.h @@ -0,0 +1,90 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * must be included manually as + * + * #include <libwebsockets/lws-dbus.h> + * + * if dbus apis needed + */ + +#if !defined(__LWS_DBUS_H__) +#define __LWS_DBUS_H__ + +#include <dbus/dbus.h> + +/* helper type to simplify implementing methods as individual functions */ +typedef DBusHandlerResult (*lws_dbus_message_handler)(DBusConnection *conn, + DBusMessage *message, DBusMessage **reply, void *d); + +struct lws_dbus_ctx; +typedef void (*lws_dbus_closing_t)(struct lws_dbus_ctx *ctx); + +struct lws_dbus_ctx { + struct lws_dll next; /* dbusserver ctx: HEAD of accepted list */ + struct lws_vhost *vh; /* the vhost we logically bind to in lws */ + int tsi; /* the lws thread service index (0 if only one service + thread as is the default */ + DBusConnection *conn; + DBusServer *dbs; + DBusWatch *w[4]; + DBusPendingCall *pc; + + char hup; + char timeouts; + + /* cb_closing callback will be called after the connection and this + * related ctx struct have effectively gone out of scope. + * + * The callback should close and clean up the connection and free the + * ctx. + */ + lws_dbus_closing_t cb_closing; +}; + +/** + * lws_dbus_connection_setup() - bind dbus connection object to lws event loop + * + * \param ctx: additional information about the connection + * \param conn: the DBusConnection object to bind + * + * This configures a DBusConnection object to use lws for watchers and timeout + * operations. + */ +LWS_VISIBLE LWS_EXTERN int +lws_dbus_connection_setup(struct lws_dbus_ctx *ctx, DBusConnection *conn, + lws_dbus_closing_t cb_closing); + +/** + * lws_dbus_server_listen() - bind dbus connection object to lws event loop + * + * \param ctx: additional information about the connection + * \param ads: the DBUS address to listen on, eg, "unix:abstract=mysocket" + * \param err: a DBusError object to take any extra error information + * \param new_conn: a callback function to prepare new accepted connections + * + * This creates a DBusServer and binds it to the lws event loop, and your + * callback to accept new connections. + */ +LWS_VISIBLE LWS_EXTERN DBusServer * +lws_dbus_server_listen(struct lws_dbus_ctx *ctx, const char *ads, + DBusError *err, DBusNewConnectionFunction new_conn); + +#endif diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-diskcache.h b/thirdparty/libwebsockets/include/libwebsockets/lws-diskcache.h new file mode 100644 index 0000000000..eb63fdd855 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-diskcache.h @@ -0,0 +1,185 @@ +/* + * libwebsockets - disk cache helpers + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup diskcache LWS disk cache + * ## Disk cache API + * + * Lws provides helper apis useful if you need a disk cache containing hashed + * files and need to delete files from it on an LRU basis to keep it below some + * size limit. + * + * The API `lws_diskcache_prepare()` deals with creating the cache dir and + * 256 subdirs, which are used according to the first two chars of the hex + * hash of the cache file. + * + * `lws_diskcache_create()` and `lws_diskcache_destroy()` allocate and free + * an opaque struct that represents the disk cache. + * + * `lws_diskcache_trim()` should be called at eg, 1s intervals to perform the + * cache dir monitoring and LRU autodelete in the background lazily. It can + * be done in its own thread or on a timer... it monitors the directories in a + * stateful way that stats one or more file in the cache per call, and keeps + * a list of the oldest files as it goes. When it completes a scan, if the + * aggregate size is over the limit, it will delete oldest files first to try + * to keep it under the limit. + * + * The cache size monitoring is extremely efficient in time and memory even when + * the cache directory becomes huge. + * + * `lws_diskcache_query()` is used to determine if the file already exists in + * the cache, or if it must be created. If it must be created, then the file + * is opened using a temp name that must be converted to a findable name with + * `lws_diskcache_finalize_name()` when the generation of the file contents are + * complete. Aborted cached files that did not complete generation will be + * flushed by the LRU eventually. If the file already exists, it is 'touched' + * to make it new again and the fd returned. + * + */ +///@{ + +struct lws_diskcache_scan; + +/** + * lws_diskcache_create() - creates an opaque struct representing the disk cache + * + * \param cache_dir_base: The cache dir path, eg `/var/cache/mycache` + * \param cache_size_limit: maximum size on disk the cache is allowed to use + * + * This returns an opaque `struct lws_diskcache_scan *` which represents the + * disk cache, the trim scanning state and so on. You should use + * `lws_diskcache_destroy()` to free it to destroy it. + */ +LWS_VISIBLE LWS_EXTERN struct lws_diskcache_scan * +lws_diskcache_create(const char *cache_dir_base, uint64_t cache_size_limit); + +/** + * lws_diskcache_destroy() - destroys the pointer returned by ...create() + * + * \param lds: pointer to the pointer returned by lws_diskcache_create() + * + * Frees *lds and any allocations it did, and then sets *lds to NULL and + * returns. + */ +LWS_VISIBLE LWS_EXTERN void +lws_diskcache_destroy(struct lws_diskcache_scan **lds); + +/** + * lws_diskcache_prepare() - ensures the cache dir structure exists on disk + * + * \param cache_base_dir: The cache dir path, eg `/var/cache/mycache` + * \param mode: octal dir mode to enforce, like 0700 + * \param uid: uid the cache dir should belong to + * + * This should be called while your app is still privileged. It will create + * the cache directory structure on disk as necessary, enforce the given access + * mode on it and set the given uid as the owner. It won't make any trouble + * if the cache already exists. + * + * Typically the mode is 0700 and the owner is the user that your application + * will transition to use when it drops root privileges. + */ +LWS_VISIBLE LWS_EXTERN int +lws_diskcache_prepare(const char *cache_base_dir, int mode, int uid); + +#define LWS_DISKCACHE_QUERY_NO_CACHE 0 +#define LWS_DISKCACHE_QUERY_EXISTS 1 +#define LWS_DISKCACHE_QUERY_CREATING 2 +#define LWS_DISKCACHE_QUERY_ONGOING 3 /* something else is creating it */ + +/** + * lws_diskcache_query() - ensures the cache dir structure exists on disk + * + * \param lds: The opaque struct representing the disk cache + * \param is_bot: nonzero means the request is from a bot. Don't create new cache contents if so. + * \param hash_hex: hex string representation of the cache object hash + * \param _fd: pointer to the fd to be set + * \param cache: destination string to take the cache filepath + * \param cache_len: length of the buffer at `cache` + * \param extant_cache_len: pointer to a size_t to take any extant cached file size + * + * This function is called when you want to find if the hashed name already + * exists in the cache. The possibilities for the return value are + * + * - LWS_DISKCACHE_QUERY_NO_CACHE: It's not in the cache and you can't create + * it in the cache for whatever reason. + * - LWS_DISKCACHE_QUERY_EXISTS: It exists in the cache. It's open RDONLY and + * *_fd has been set to the file descriptor. *extant_cache_len has been set + * to the size of the cached file in bytes. cache has been set to the + * full filepath of the cached file. Closing _fd is your responsibility. + * - LWS_DISKCACHE_QUERY_CREATING: It didn't exist, but a temp file has been + * created in the cache and *_fd set to a file descriptor opened on it RDWR. + * You should create the contents, and call `lws_diskcache_finalize_name()` + * when it is done. Closing _fd is your responsibility. + * - LWS_DISKCACHE_QUERY_ONGOING: not returned by this api, but you may find it + * desirable to make a wrapper function which can handle another asynchronous + * process that is already creating the cached file. This can be used to + * indicate that situation externally... how to determine the same thing is + * already being generated is out of scope of this api. + */ +LWS_VISIBLE LWS_EXTERN int +lws_diskcache_query(struct lws_diskcache_scan *lds, int is_bot, + const char *hash_hex, int *_fd, char *cache, int cache_len, + size_t *extant_cache_len); + +/** + * lws_diskcache_query() - ensures the cache dir structure exists on disk + * + * \param cache: The cache file temp name returned with LWS_DISKCACHE_QUERY_CREATING + * + * This renames the cache file you are creating to its final name. It should + * be called on the temp name returned by `lws_diskcache_query()` if it gave a + * LWS_DISKCACHE_QUERY_CREATING return, after you have filled the cache file and + * closed it. + */ +LWS_VISIBLE LWS_EXTERN int +lws_diskcache_finalize_name(char *cache); + +/** + * lws_diskcache_trim() - performs one or more file checks in the cache for size management + * + * \param lds: The opaque object representing the cache + * + * This should be called periodically to statefully walk the cache on disk + * collecting the oldest files. When it has visited every file, if the cache + * is oversize it will delete the oldest files until it's back under size again. + * + * Each time it's called, it will look at one or more dir in the cache. If + * called when the cache is oversize, it increases the amount of work done each + * call until it is reduced again. Typically it will take 256 calls before it + * deletes anything, so if called once per second, it will delete files once + * every 4 minutes. Each call is very inexpensive both in memory and time. + */ +LWS_VISIBLE LWS_EXTERN int +lws_diskcache_trim(struct lws_diskcache_scan *lds); + + +/** + * lws_diskcache_secs_to_idle() - see how long to idle before calling trim + * + * \param lds: The opaque object representing the cache + * + * If the cache is undersize, there's no need to monitor it immediately. This + * suggests how long to "sleep" before calling `lws_diskcache_trim()` again. + */ +LWS_VISIBLE LWS_EXTERN int +lws_diskcache_secs_to_idle(struct lws_diskcache_scan *lds); diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-esp32.h b/thirdparty/libwebsockets/include/libwebsockets/lws-esp32.h new file mode 100644 index 0000000000..2d1c0f42bb --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-esp32.h @@ -0,0 +1,226 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +typedef int lws_sockfd_type; +typedef int lws_filefd_type; + +struct pollfd { + lws_sockfd_type fd; /**< fd related to */ + short events; /**< which POLL... events to respond to */ + short revents; /**< which POLL... events occurred */ +}; +#define POLLIN 0x0001 +#define POLLPRI 0x0002 +#define POLLOUT 0x0004 +#define POLLERR 0x0008 +#define POLLHUP 0x0010 +#define POLLNVAL 0x0020 + +#include <freertos/FreeRTOS.h> +#include <freertos/event_groups.h> +#include <string.h> +#include "esp_wifi.h" +#include "esp_system.h" +#include "esp_event.h" +#include "esp_event_loop.h" +#include "nvs.h" +#include "driver/gpio.h" +#include "esp_spi_flash.h" +#include "freertos/timers.h" + +#if !defined(CONFIG_FREERTOS_HZ) +#define CONFIG_FREERTOS_HZ 100 +#endif + +typedef TimerHandle_t uv_timer_t; +typedef void uv_cb_t(uv_timer_t *); +typedef void * uv_handle_t; + +struct timer_mapping { + uv_cb_t *cb; + uv_timer_t *t; +}; + +#define UV_VERSION_MAJOR 1 + +#define lws_uv_getloop(a, b) (NULL) + +static LWS_INLINE void uv_timer_init(void *l, uv_timer_t *t) +{ + (void)l; + *t = NULL; +} + +extern void esp32_uvtimer_cb(TimerHandle_t t); + +static LWS_INLINE void uv_timer_start(uv_timer_t *t, uv_cb_t *cb, int first, int rep) +{ + struct timer_mapping *tm = (struct timer_mapping *)malloc(sizeof(*tm)); + + if (!tm) + return; + + tm->t = t; + tm->cb = cb; + + *t = xTimerCreate("x", pdMS_TO_TICKS(first), !!rep, tm, + (TimerCallbackFunction_t)esp32_uvtimer_cb); + xTimerStart(*t, 0); +} + +static LWS_INLINE void uv_timer_stop(uv_timer_t *t) +{ + xTimerStop(*t, 0); +} + +static LWS_INLINE void uv_close(uv_handle_t *h, void *v) +{ + free(pvTimerGetTimerID((uv_timer_t)h)); + xTimerDelete(*(uv_timer_t *)h, 0); +} + +/* ESP32 helper declarations */ + +#include <mdns.h> +#include <esp_partition.h> + +#define LWS_PLUGIN_STATIC +#define LWS_MAGIC_REBOOT_TYPE_ADS 0x50001ffc +#define LWS_MAGIC_REBOOT_TYPE_REQ_FACTORY 0xb00bcafe +#define LWS_MAGIC_REBOOT_TYPE_FORCED_FACTORY 0xfaceb00b +#define LWS_MAGIC_REBOOT_TYPE_FORCED_FACTORY_BUTTON 0xf0cedfac +#define LWS_MAGIC_REBOOT_TYPE_REQ_FACTORY_ERASE_OTA 0xfac0eeee + +/* user code provides these */ + +extern void +lws_esp32_identify_physical_device(void); + +/* lws-plat-esp32 provides these */ + +typedef void (*lws_cb_scan_done)(uint16_t count, wifi_ap_record_t *recs, void *arg); + +enum genled_state { + LWSESP32_GENLED__INIT, + LWSESP32_GENLED__LOST_NETWORK, + LWSESP32_GENLED__NO_NETWORK, + LWSESP32_GENLED__CONN_AP, + LWSESP32_GENLED__GOT_IP, + LWSESP32_GENLED__OK, +}; + +struct lws_group_member { + struct lws_group_member *next; + uint64_t last_seen; + char model[16]; + char role[16]; + char host[32]; + char mac[20]; + int width, height; + struct ip4_addr addr; + struct ip6_addr addrv6; + uint8_t flags; +}; + +#define LWS_SYSTEM_GROUP_MEMBER_ADD 1 +#define LWS_SYSTEM_GROUP_MEMBER_CHANGE 2 +#define LWS_SYSTEM_GROUP_MEMBER_REMOVE 3 + +#define LWS_GROUP_FLAG_SELF 1 + +struct lws_esp32 { + char sta_ip[16]; + char sta_mask[16]; + char sta_gw[16]; + char serial[16]; + char opts[16]; + char model[16]; + char group[16]; + char role[16]; + char ssid[4][64]; + char password[4][64]; + char active_ssid[64]; + char access_pw[16]; + char hostname[32]; + char mac[20]; + char le_dns[64]; + char le_email[64]; + char region; + char inet; + char conn_ap; + + enum genled_state genled; + uint64_t genled_t; + + lws_cb_scan_done scan_consumer; + void *scan_consumer_arg; + struct lws_group_member *first; + int extant_group_members; + + char acme; + char upload; + + volatile char button_is_down; +}; + +struct lws_esp32_image { + uint32_t romfs; + uint32_t romfs_len; + uint32_t json; + uint32_t json_len; +}; + +extern struct lws_esp32 lws_esp32; +struct lws_vhost; + +extern esp_err_t +lws_esp32_event_passthru(void *ctx, system_event_t *event); +extern void +lws_esp32_wlan_config(void); +extern void +lws_esp32_wlan_start_ap(void); +extern void +lws_esp32_wlan_start_station(void); +struct lws_context_creation_info; +extern void +lws_esp32_set_creation_defaults(struct lws_context_creation_info *info); +extern struct lws_context * +lws_esp32_init(struct lws_context_creation_info *, struct lws_vhost **pvh); +extern int +lws_esp32_wlan_nvs_get(int retry); +extern esp_err_t +lws_nvs_set_str(nvs_handle handle, const char* key, const char* value); +extern void +lws_esp32_restart_guided(uint32_t type); +extern const esp_partition_t * +lws_esp_ota_get_boot_partition(void); +extern int +lws_esp32_get_image_info(const esp_partition_t *part, struct lws_esp32_image *i, char *json, int json_len); +extern int +lws_esp32_leds_network_indication(void); + +extern uint32_t lws_esp32_get_reboot_type(void); +extern uint16_t lws_esp32_sine_interp(int n); + +/* required in external code by esp32 plat (may just return if no leds) */ +extern void lws_esp32_leds_timer_cb(TimerHandle_t th); diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-fts.h b/thirdparty/libwebsockets/include/libwebsockets/lws-fts.h new file mode 100644 index 0000000000..29405bd6fd --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-fts.h @@ -0,0 +1,214 @@ +/* + * libwebsockets - fulltext search + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup search Search + * + * ##Full-text search + * + * Lws provides superfast indexing and fulltext searching from index files on + * storage. + */ +///@{ + +struct lws_fts; +struct lws_fts_file; + +/* + * Queries produce their results in an lwsac, using these public API types. + * The first thing in the lwsac is always a struct lws_fts_result (see below) + * containing heads for linked-lists of the other result types. + */ + +/* one filepath's results */ + +struct lws_fts_result_filepath { + struct lws_fts_result_filepath *next; + int matches; /* logical number of matches */ + int matches_length; /* bytes in length table (may be zero) */ + int lines_in_file; + int filepath_length; + + /* - uint32_t line table follows (first for alignment) */ + /* - filepath (of filepath_length) follows */ +}; + +/* autocomplete result */ + +struct lws_fts_result_autocomplete { + struct lws_fts_result_autocomplete *next; + int instances; + int agg_instances; + int ac_length; + char elided; /* children skipped in interest of antecedent children */ + char has_children; + + /* - autocomplete suggestion (of length ac_length) follows */ +}; + +/* + * The results lwsac always starts with this. If no results and / or no + * autocomplete the members may be NULL. This implies the symbol nor any + * suffix on it exists in the trie file. + */ +struct lws_fts_result { + struct lws_fts_result_filepath *filepath_head; + struct lws_fts_result_autocomplete *autocomplete_head; + int duration_ms; + int effective_flags; /* the search flags that were used */ +}; + +/* + * index creation functions + */ + +/** + * lws_fts_create() - Create a new index file + * + * \param fd: The fd opened for write + * + * Inits a new index file, returning a struct lws_fts to represent it + */ +LWS_VISIBLE LWS_EXTERN struct lws_fts * +lws_fts_create(int fd); + +/** + * lws_fts_destroy() - Finalize a new index file / destroy the trie lwsac + * + * \param trie: The previously opened index being finalized + * + * Finalizes an index file that was being created, and frees the memory involved + * *trie is set to NULL afterwards. + */ +LWS_VISIBLE LWS_EXTERN void +lws_fts_destroy(struct lws_fts **trie); + +/** + * lws_fts_file_index() - Create a new entry in the trie file for an input path + * + * \param t: The previously opened index being written + * \param filepath: The filepath (which may be virtual) associated with this file + * \param filepath_len: The number of chars in the filepath + * \param priority: not used yet + * + * Returns an ordinal that represents this new filepath in the index file. + */ +LWS_VISIBLE LWS_EXTERN int +lws_fts_file_index(struct lws_fts *t, const char *filepath, int filepath_len, + int priority); + +/** + * lws_fts_fill() - Process all or a bufferload of input file + * + * \param t: The previously opened index being written + * \param file_index: The ordinal representing this input filepath + * \param buf: A bufferload of data from the input file + * \param len: The number of bytes in buf + * + * Indexes a buffer of data from the input file. + */ +LWS_VISIBLE LWS_EXTERN int +lws_fts_fill(struct lws_fts *t, uint32_t file_index, const char *buf, + size_t len); + +/** + * lws_fts_serialize() - Store the in-memory trie into the index file + * + * \param t: The previously opened index being written + * + * The trie is held in memory where it can be added to... after all the input + * filepaths and data have been processed, this is called to serialize / + * write the trie data into the index file. + */ +LWS_VISIBLE LWS_EXTERN int +lws_fts_serialize(struct lws_fts *t); + +/* + * index search functions + */ + +/** + * lws_fts_open() - Open an existing index file to search it + * + * \param filepath: The filepath to the index file to open + * + * Opening the index file returns an opaque struct lws_fts_file * that is + * used to perform other operations on it, or NULL if it can't be opened. + */ +LWS_VISIBLE LWS_EXTERN struct lws_fts_file * +lws_fts_open(const char *filepath); + +#define LWSFTS_F_QUERY_AUTOCOMPLETE (1 << 0) +#define LWSFTS_F_QUERY_FILES (1 << 1) +#define LWSFTS_F_QUERY_FILE_LINES (1 << 2) +#define LWSFTS_F_QUERY_QUOTE_LINE (1 << 3) + +struct lws_fts_search_params { + /* the actual search term */ + const char *needle; + /* if non-NULL, FILE results for this filepath only */ + const char *only_filepath; + /* will be set to the results lwsac */ + struct lwsac *results_head; + /* combination of LWSFTS_F_QUERY_* flags */ + int flags; + /* maximum number of autocomplete suggestions to return */ + int max_autocomplete; + /* maximum number of filepaths to return */ + int max_files; + /* maximum number of line number results to return per filepath */ + int max_lines; +}; + +/** + * lws_fts_search() - Perform a search operation on an index + * + * \param jtf: The index file struct returned by lws_fts_open + * \param ftsp: The struct lws_fts_search_params filled in by the caller + * + * The caller should memset the ftsp struct to 0 to ensure members that may be + * introduced in later versions contain known values, then set the related + * members to describe the kind of search action required. + * + * ftsp->results_head is the results lwsac, or NULL. It should be freed with + * lwsac_free() when the results are finished with. + * + * Returns a pointer into the results lwsac that is a struct lws_fts_result + * containing the head pointers into linked-lists of results for autocomplete + * and filepath data, along with some sundry information. This does not need + * to be freed since freeing the lwsac will also remove this and everything it + * points to. + */ +LWS_VISIBLE LWS_EXTERN struct lws_fts_result * +lws_fts_search(struct lws_fts_file *jtf, struct lws_fts_search_params *ftsp); + +/** + * lws_fts_close() - Close a previously-opened index file + * + * \param jtf: The pointer returned from the open + * + * Closes the file handle on the index and frees any allocations + */ +LWS_VISIBLE LWS_EXTERN void +lws_fts_close(struct lws_fts_file *jtf); + +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-genhash.h b/thirdparty/libwebsockets/include/libwebsockets/lws-genhash.h new file mode 100644 index 0000000000..a2e4f8ab6a --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-genhash.h @@ -0,0 +1,171 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup generic hash + * ## Generic Hash related functions + * + * Lws provides generic hash / digest accessors that abstract the ones + * provided by whatever OpenSSL library you are linking against. + * + * It lets you use the same code if you build against mbedtls or OpenSSL + * for example. + */ +///@{ + +enum lws_genhash_types { + LWS_GENHASH_TYPE_SHA1, + LWS_GENHASH_TYPE_SHA256, + LWS_GENHASH_TYPE_SHA384, + LWS_GENHASH_TYPE_SHA512, +}; + +enum lws_genhmac_types { + LWS_GENHMAC_TYPE_SHA256, + LWS_GENHMAC_TYPE_SHA384, + LWS_GENHMAC_TYPE_SHA512, +}; + +#define LWS_GENHASH_LARGEST 64 + +struct lws_genhash_ctx { + uint8_t type; +#if defined(LWS_WITH_MBEDTLS) + union { + mbedtls_sha1_context sha1; + mbedtls_sha256_context sha256; + mbedtls_sha512_context sha512; /* 384 also uses this */ + const mbedtls_md_info_t *hmac; + } u; +#else + const EVP_MD *evp_type; + EVP_MD_CTX *mdctx; +#endif +}; + +struct lws_genhmac_ctx { + uint8_t type; +#if defined(LWS_WITH_MBEDTLS) + const mbedtls_md_info_t *hmac; + mbedtls_md_context_t ctx; +#else + const EVP_MD *evp_type; + EVP_MD_CTX *ctx; +#endif +}; + +/** lws_genhash_size() - get hash size in bytes + * + * \param type: one of LWS_GENHASH_TYPE_... + * + * Returns number of bytes in this type of hash + */ +LWS_VISIBLE LWS_EXTERN size_t LWS_WARN_UNUSED_RESULT +lws_genhash_size(enum lws_genhash_types type); + +/** lws_genhmac_size() - get hash size in bytes + * + * \param type: one of LWS_GENHASH_TYPE_... + * + * Returns number of bytes in this type of hmac + */ +LWS_VISIBLE LWS_EXTERN size_t LWS_WARN_UNUSED_RESULT +lws_genhmac_size(enum lws_genhmac_types type); + +/** lws_genhash_init() - prepare your struct lws_genhash_ctx for use + * + * \param ctx: your struct lws_genhash_ctx + * \param type: one of LWS_GENHASH_TYPE_... + * + * Initializes the hash context for the type you requested + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_genhash_init(struct lws_genhash_ctx *ctx, enum lws_genhash_types type); + +/** lws_genhash_update() - digest len bytes of the buffer starting at in + * + * \param ctx: your struct lws_genhash_ctx + * \param in: start of the bytes to digest + * \param len: count of bytes to digest + * + * Updates the state of your hash context to reflect digesting len bytes from in + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_genhash_update(struct lws_genhash_ctx *ctx, const void *in, size_t len); + +/** lws_genhash_destroy() - copy out the result digest and destroy the ctx + * + * \param ctx: your struct lws_genhash_ctx + * \param result: NULL, or where to copy the result hash + * + * Finalizes the hash and copies out the digest. Destroys any allocations such + * that ctx can safely go out of scope after calling this. + * + * NULL result is supported so that you can destroy the ctx cleanly on error + * conditions, where there is no valid result. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genhash_destroy(struct lws_genhash_ctx *ctx, void *result); + +/** lws_genhmac_init() - prepare your struct lws_genhmac_ctx for use + * + * \param ctx: your struct lws_genhmac_ctx + * \param type: one of LWS_GENHMAC_TYPE_... + * \param key: pointer to the start of the HMAC key + * \param key_len: length of the HMAC key + * + * Initializes the hash context for the type you requested + * + * If the return is nonzero, it failed and there is nothing needing to be + * destroyed. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_genhmac_init(struct lws_genhmac_ctx *ctx, enum lws_genhmac_types type, + const uint8_t *key, size_t key_len); + +/** lws_genhmac_update() - digest len bytes of the buffer starting at in + * + * \param ctx: your struct lws_genhmac_ctx + * \param in: start of the bytes to digest + * \param len: count of bytes to digest + * + * Updates the state of your hash context to reflect digesting len bytes from in + * + * If the return is nonzero, it failed and needs destroying. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_genhmac_update(struct lws_genhmac_ctx *ctx, const void *in, size_t len); + +/** lws_genhmac_destroy() - copy out the result digest and destroy the ctx + * + * \param ctx: your struct lws_genhmac_ctx + * \param result: NULL, or where to copy the result hash + * + * Finalizes the hash and copies out the digest. Destroys any allocations such + * that ctx can safely go out of scope after calling this. + * + * NULL result is supported so that you can destroy the ctx cleanly on error + * conditions, where there is no valid result. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genhmac_destroy(struct lws_genhmac_ctx *ctx, void *result); +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-genrsa.h b/thirdparty/libwebsockets/include/libwebsockets/lws-genrsa.h new file mode 100644 index 0000000000..3e427e2927 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-genrsa.h @@ -0,0 +1,190 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup generic RSA + * ## Generic RSA related functions + * + * Lws provides generic RSA functions that abstract the ones + * provided by whatever OpenSSL library you are linking against. + * + * It lets you use the same code if you build against mbedtls or OpenSSL + * for example. + */ +///@{ + +enum enum_jwk_tok { + JWK_KEY_E, + JWK_KEY_N, + JWK_KEY_D, + JWK_KEY_P, + JWK_KEY_Q, + JWK_KEY_DP, + JWK_KEY_DQ, + JWK_KEY_QI, + JWK_KTY, /* also serves as count of real elements */ + JWK_KEY, +}; + +#define LWS_COUNT_RSA_ELEMENTS JWK_KTY + +struct lws_genrsa_ctx { +#if defined(LWS_WITH_MBEDTLS) + mbedtls_rsa_context *ctx; +#else + BIGNUM *bn[LWS_COUNT_RSA_ELEMENTS]; + RSA *rsa; +#endif +}; + +struct lws_genrsa_element { + uint8_t *buf; + uint16_t len; +}; + +struct lws_genrsa_elements { + struct lws_genrsa_element e[LWS_COUNT_RSA_ELEMENTS]; +}; + +/** lws_jwk_destroy_genrsa_elements() - Free allocations in genrsa_elements + * + * \param el: your struct lws_genrsa_elements + * + * This is a helper for user code making use of struct lws_genrsa_elements + * where the elements are allocated on the heap, it frees any non-NULL + * buf element and sets the buf to NULL. + * + * NB: lws_genrsa_public_... apis do not need this as they take care of the key + * creation and destruction themselves. + */ +LWS_VISIBLE LWS_EXTERN void +lws_jwk_destroy_genrsa_elements(struct lws_genrsa_elements *el); + +/** lws_genrsa_public_decrypt_create() - Create RSA public decrypt context + * + * \param ctx: your struct lws_genrsa_ctx + * \param el: struct prepared with key element data + * + * Creates an RSA context with a public key associated with it, formed from + * the key elements in \p el. + * + * Returns 0 for OK or nonzero for error. + * + * This and related APIs operate identically with OpenSSL or mbedTLS backends. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genrsa_create(struct lws_genrsa_ctx *ctx, struct lws_genrsa_elements *el); + +/** lws_genrsa_new_keypair() - Create new RSA keypair + * + * \param context: your struct lws_context (may be used for RNG) + * \param ctx: your struct lws_genrsa_ctx + * \param el: struct to get the new key element data allocated into it + * \param bits: key size, eg, 4096 + * + * Creates a new RSA context and generates a new keypair into it, with \p bits + * bits. + * + * Returns 0 for OK or nonzero for error. + * + * This and related APIs operate identically with OpenSSL or mbedTLS backends. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genrsa_new_keypair(struct lws_context *context, struct lws_genrsa_ctx *ctx, + struct lws_genrsa_elements *el, int bits); + +/** lws_genrsa_public_decrypt() - Perform RSA public decryption + * + * \param ctx: your struct lws_genrsa_ctx + * \param in: encrypted input + * \param in_len: length of encrypted input + * \param out: decrypted output + * \param out_max: size of output buffer + * + * Performs the decryption. + * + * Returns <0 for error, or length of decrypted data. + * + * This and related APIs operate identically with OpenSSL or mbedTLS backends. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, + size_t in_len, uint8_t *out, size_t out_max); + +/** lws_genrsa_public_verify() - Perform RSA public verification + * + * \param ctx: your struct lws_genrsa_ctx + * \param in: unencrypted payload (usually a recomputed hash) + * \param hash_type: one of LWS_GENHASH_TYPE_ + * \param sig: pointer to the signature we received with the payload + * \param sig_len: length of the signature we are checking in bytes + * + * Returns <0 for error, or 0 if signature matches the payload + key. + * + * This and related APIs operate identically with OpenSSL or mbedTLS backends. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genrsa_public_verify(struct lws_genrsa_ctx *ctx, const uint8_t *in, + enum lws_genhash_types hash_type, + const uint8_t *sig, size_t sig_len); + +/** lws_genrsa_public_sign() - Create RSA signature + * + * \param ctx: your struct lws_genrsa_ctx + * \param in: precomputed hash + * \param hash_type: one of LWS_GENHASH_TYPE_ + * \param sig: pointer to buffer to take signature + * \param sig_len: length of the buffer (must be >= length of key N) + * + * Returns <0 for error, or 0 for success. + * + * This and related APIs operate identically with OpenSSL or mbedTLS backends. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genrsa_public_sign(struct lws_genrsa_ctx *ctx, const uint8_t *in, + enum lws_genhash_types hash_type, uint8_t *sig, + size_t sig_len); + +/** lws_genrsa_public_decrypt_destroy() - Destroy RSA public decrypt context + * + * \param ctx: your struct lws_genrsa_ctx + * + * Destroys any allocations related to \p ctx. + * + * This and related APIs operate identically with OpenSSL or mbedTLS backends. + */ +LWS_VISIBLE LWS_EXTERN void +lws_genrsa_destroy(struct lws_genrsa_ctx *ctx); + +/** lws_genrsa_render_pkey_asn1() - Exports public or private key to ASN1/DER + * + * \param ctx: your struct lws_genrsa_ctx + * \param _private: 0 = public part only, 1 = all parts of the key + * \param pkey_asn1: pointer to buffer to take the ASN1 + * \param pkey_asn1_len: max size of the pkey_asn1_len + * + * Returns length of pkey_asn1 written, or -1 for error. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genrsa_render_pkey_asn1(struct lws_genrsa_ctx *ctx, int _private, + uint8_t *pkey_asn1, size_t pkey_asn1_len); +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-http.h b/thirdparty/libwebsockets/include/libwebsockets/lws-http.h new file mode 100644 index 0000000000..eb3d826ebd --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-http.h @@ -0,0 +1,685 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/* minimal space for typical headers and CSP stuff */ + +#define LWS_RECOMMENDED_MIN_HEADER_SPACE 2048 + +/*! \defgroup http HTTP + + Modules related to handling HTTP +*/ +//@{ + +/*! \defgroup httpft HTTP File transfer + * \ingroup http + + APIs for sending local files in response to HTTP requests +*/ +//@{ + +/** + * lws_get_mimetype() - Determine mimetype to use from filename + * + * \param file: filename + * \param m: NULL, or mount context + * + * This uses a canned list of known filetypes first, if no match and m is + * non-NULL, then tries a list of per-mount file suffix to mimtype mappings. + * + * Returns either NULL or a pointer to the mimetype matching the file. + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_get_mimetype(const char *file, const struct lws_http_mount *m); + +/** + * lws_serve_http_file() - Send a file back to the client using http + * \param wsi: Websocket instance (available from user callback) + * \param file: The file to issue over http + * \param content_type: The http content type, eg, text/html + * \param other_headers: NULL or pointer to header string + * \param other_headers_len: length of the other headers if non-NULL + * + * This function is intended to be called from the callback in response + * to http requests from the client. It allows the callback to issue + * local files down the http link in a single step. + * + * Returning <0 indicates error and the wsi should be closed. Returning + * >0 indicates the file was completely sent and + * lws_http_transaction_completed() called on the wsi (and close if != 0) + * ==0 indicates the file transfer is started and needs more service later, + * the wsi should be left alone. + */ +LWS_VISIBLE LWS_EXTERN int +lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type, + const char *other_headers, int other_headers_len); + +LWS_VISIBLE LWS_EXTERN int +lws_serve_http_file_fragment(struct lws *wsi); +//@} + + +enum http_status { + HTTP_STATUS_CONTINUE = 100, + + HTTP_STATUS_OK = 200, + HTTP_STATUS_NO_CONTENT = 204, + HTTP_STATUS_PARTIAL_CONTENT = 206, + + HTTP_STATUS_MOVED_PERMANENTLY = 301, + HTTP_STATUS_FOUND = 302, + HTTP_STATUS_SEE_OTHER = 303, + HTTP_STATUS_NOT_MODIFIED = 304, + + HTTP_STATUS_BAD_REQUEST = 400, + HTTP_STATUS_UNAUTHORIZED, + HTTP_STATUS_PAYMENT_REQUIRED, + HTTP_STATUS_FORBIDDEN, + HTTP_STATUS_NOT_FOUND, + HTTP_STATUS_METHOD_NOT_ALLOWED, + HTTP_STATUS_NOT_ACCEPTABLE, + HTTP_STATUS_PROXY_AUTH_REQUIRED, + HTTP_STATUS_REQUEST_TIMEOUT, + HTTP_STATUS_CONFLICT, + HTTP_STATUS_GONE, + HTTP_STATUS_LENGTH_REQUIRED, + HTTP_STATUS_PRECONDITION_FAILED, + HTTP_STATUS_REQ_ENTITY_TOO_LARGE, + HTTP_STATUS_REQ_URI_TOO_LONG, + HTTP_STATUS_UNSUPPORTED_MEDIA_TYPE, + HTTP_STATUS_REQ_RANGE_NOT_SATISFIABLE, + HTTP_STATUS_EXPECTATION_FAILED, + + HTTP_STATUS_INTERNAL_SERVER_ERROR = 500, + HTTP_STATUS_NOT_IMPLEMENTED, + HTTP_STATUS_BAD_GATEWAY, + HTTP_STATUS_SERVICE_UNAVAILABLE, + HTTP_STATUS_GATEWAY_TIMEOUT, + HTTP_STATUS_HTTP_VERSION_NOT_SUPPORTED, +}; +/*! \defgroup html-chunked-substitution HTML Chunked Substitution + * \ingroup http + * + * ##HTML chunked Substitution + * + * APIs for receiving chunks of text, replacing a set of variable names via + * a callback, and then prepending and appending HTML chunked encoding + * headers. + */ +//@{ + +struct lws_process_html_args { + char *p; /**< pointer to the buffer containing the data */ + int len; /**< length of the original data at p */ + int max_len; /**< maximum length we can grow the data to */ + int final; /**< set if this is the last chunk of the file */ + int chunked; /**< 0 == unchunked, 1 == produce chunk headers + (incompatible with HTTP/2) */ +}; + +typedef const char *(*lws_process_html_state_cb)(void *data, int index); + +struct lws_process_html_state { + char *start; /**< pointer to start of match */ + char swallow[16]; /**< matched character buffer */ + int pos; /**< position in match */ + void *data; /**< opaque pointer */ + const char * const *vars; /**< list of variable names */ + int count_vars; /**< count of variable names */ + + lws_process_html_state_cb replace; + /**< called on match to perform substitution */ +}; + +/*! lws_chunked_html_process() - generic chunked substitution + * \param args: buffer to process using chunked encoding + * \param s: current processing state + */ +LWS_VISIBLE LWS_EXTERN int +lws_chunked_html_process(struct lws_process_html_args *args, + struct lws_process_html_state *s); +//@} + +/** \defgroup HTTP-headers-read HTTP headers: read + * \ingroup http + * + * ##HTTP header releated functions + * + * In lws the client http headers are temporarily stored in a pool, only for the + * duration of the http part of the handshake. It's because in most cases, + * the header content is ignored for the whole rest of the connection lifetime + * and would then just be taking up space needlessly. + * + * During LWS_CALLBACK_HTTP when the URI path is delivered is the last time + * the http headers are still allocated, you can use these apis then to + * look at and copy out interesting header content (cookies, etc) + * + * Notice that the header total length reported does not include a terminating + * '\0', however you must allocate for it when using the _copy apis. So the + * length reported for a header containing "123" is 3, but you must provide + * a buffer of length 4 so that "123\0" may be copied into it, or the copy + * will fail with a nonzero return code. + * + * In the special case of URL arguments, like ?x=1&y=2, the arguments are + * stored in a token named for the method, eg, WSI_TOKEN_GET_URI if it + * was a GET or WSI_TOKEN_POST_URI if POST. You can check the total + * length to confirm the method. + * + * For URL arguments, each argument is stored urldecoded in a "fragment", so + * you can use the fragment-aware api lws_hdr_copy_fragment() to access each + * argument in turn: the fragments contain urldecoded strings like x=1 or y=2. + * + * As a convenience, lws has an api that will find the fragment with a + * given name= part, lws_get_urlarg_by_name(). + */ +///@{ + +/** struct lws_tokens + * you need these to look at headers that have been parsed if using the + * LWS_CALLBACK_FILTER_CONNECTION callback. If a header from the enum + * list below is absent, .token = NULL and len = 0. Otherwise .token + * points to .len chars containing that header content. + */ +struct lws_tokens { + char *token; /**< pointer to start of the token */ + int len; /**< length of the token's value */ +}; + +/* enum lws_token_indexes + * these have to be kept in sync with lextable.h / minilex.c + * + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ +enum lws_token_indexes { + WSI_TOKEN_GET_URI = 0, + WSI_TOKEN_POST_URI = 1, + WSI_TOKEN_OPTIONS_URI = 2, + WSI_TOKEN_HOST = 3, + WSI_TOKEN_CONNECTION = 4, + WSI_TOKEN_UPGRADE = 5, + WSI_TOKEN_ORIGIN = 6, + WSI_TOKEN_DRAFT = 7, + WSI_TOKEN_CHALLENGE = 8, + WSI_TOKEN_EXTENSIONS = 9, + WSI_TOKEN_KEY1 = 10, + WSI_TOKEN_KEY2 = 11, + WSI_TOKEN_PROTOCOL = 12, + WSI_TOKEN_ACCEPT = 13, + WSI_TOKEN_NONCE = 14, + WSI_TOKEN_HTTP = 15, + WSI_TOKEN_HTTP2_SETTINGS = 16, + WSI_TOKEN_HTTP_ACCEPT = 17, + WSI_TOKEN_HTTP_AC_REQUEST_HEADERS = 18, + WSI_TOKEN_HTTP_IF_MODIFIED_SINCE = 19, + WSI_TOKEN_HTTP_IF_NONE_MATCH = 20, + WSI_TOKEN_HTTP_ACCEPT_ENCODING = 21, + WSI_TOKEN_HTTP_ACCEPT_LANGUAGE = 22, + WSI_TOKEN_HTTP_PRAGMA = 23, + WSI_TOKEN_HTTP_CACHE_CONTROL = 24, + WSI_TOKEN_HTTP_AUTHORIZATION = 25, + WSI_TOKEN_HTTP_COOKIE = 26, + WSI_TOKEN_HTTP_CONTENT_LENGTH = 27, + WSI_TOKEN_HTTP_CONTENT_TYPE = 28, + WSI_TOKEN_HTTP_DATE = 29, + WSI_TOKEN_HTTP_RANGE = 30, + WSI_TOKEN_HTTP_REFERER = 31, + WSI_TOKEN_KEY = 32, + WSI_TOKEN_VERSION = 33, + WSI_TOKEN_SWORIGIN = 34, + + WSI_TOKEN_HTTP_COLON_AUTHORITY = 35, + WSI_TOKEN_HTTP_COLON_METHOD = 36, + WSI_TOKEN_HTTP_COLON_PATH = 37, + WSI_TOKEN_HTTP_COLON_SCHEME = 38, + WSI_TOKEN_HTTP_COLON_STATUS = 39, + + WSI_TOKEN_HTTP_ACCEPT_CHARSET = 40, + WSI_TOKEN_HTTP_ACCEPT_RANGES = 41, + WSI_TOKEN_HTTP_ACCESS_CONTROL_ALLOW_ORIGIN = 42, + WSI_TOKEN_HTTP_AGE = 43, + WSI_TOKEN_HTTP_ALLOW = 44, + WSI_TOKEN_HTTP_CONTENT_DISPOSITION = 45, + WSI_TOKEN_HTTP_CONTENT_ENCODING = 46, + WSI_TOKEN_HTTP_CONTENT_LANGUAGE = 47, + WSI_TOKEN_HTTP_CONTENT_LOCATION = 48, + WSI_TOKEN_HTTP_CONTENT_RANGE = 49, + WSI_TOKEN_HTTP_ETAG = 50, + WSI_TOKEN_HTTP_EXPECT = 51, + WSI_TOKEN_HTTP_EXPIRES = 52, + WSI_TOKEN_HTTP_FROM = 53, + WSI_TOKEN_HTTP_IF_MATCH = 54, + WSI_TOKEN_HTTP_IF_RANGE = 55, + WSI_TOKEN_HTTP_IF_UNMODIFIED_SINCE = 56, + WSI_TOKEN_HTTP_LAST_MODIFIED = 57, + WSI_TOKEN_HTTP_LINK = 58, + WSI_TOKEN_HTTP_LOCATION = 59, + WSI_TOKEN_HTTP_MAX_FORWARDS = 60, + WSI_TOKEN_HTTP_PROXY_AUTHENTICATE = 61, + WSI_TOKEN_HTTP_PROXY_AUTHORIZATION = 62, + WSI_TOKEN_HTTP_REFRESH = 63, + WSI_TOKEN_HTTP_RETRY_AFTER = 64, + WSI_TOKEN_HTTP_SERVER = 65, + WSI_TOKEN_HTTP_SET_COOKIE = 66, + WSI_TOKEN_HTTP_STRICT_TRANSPORT_SECURITY = 67, + WSI_TOKEN_HTTP_TRANSFER_ENCODING = 68, + WSI_TOKEN_HTTP_USER_AGENT = 69, + WSI_TOKEN_HTTP_VARY = 70, + WSI_TOKEN_HTTP_VIA = 71, + WSI_TOKEN_HTTP_WWW_AUTHENTICATE = 72, + + WSI_TOKEN_PATCH_URI = 73, + WSI_TOKEN_PUT_URI = 74, + WSI_TOKEN_DELETE_URI = 75, + + WSI_TOKEN_HTTP_URI_ARGS = 76, + WSI_TOKEN_PROXY = 77, + WSI_TOKEN_HTTP_X_REAL_IP = 78, + WSI_TOKEN_HTTP1_0 = 79, + WSI_TOKEN_X_FORWARDED_FOR = 80, + WSI_TOKEN_CONNECT = 81, + WSI_TOKEN_HEAD_URI = 82, + WSI_TOKEN_TE = 83, + WSI_TOKEN_REPLAY_NONCE = 84, + WSI_TOKEN_COLON_PROTOCOL = 85, + WSI_TOKEN_X_AUTH_TOKEN = 86, + + /****** add new things just above ---^ ******/ + + /* use token storage to stash these internally, not for + * user use */ + + _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, + _WSI_TOKEN_CLIENT_PEER_ADDRESS, + _WSI_TOKEN_CLIENT_URI, + _WSI_TOKEN_CLIENT_HOST, + _WSI_TOKEN_CLIENT_ORIGIN, + _WSI_TOKEN_CLIENT_METHOD, + _WSI_TOKEN_CLIENT_IFACE, + _WSI_TOKEN_CLIENT_ALPN, + + /* always last real token index*/ + WSI_TOKEN_COUNT, + + /* parser state additions, no storage associated */ + WSI_TOKEN_NAME_PART, + WSI_TOKEN_SKIPPING, + WSI_TOKEN_SKIPPING_SAW_CR, + WSI_PARSING_COMPLETE, + WSI_INIT_TOKEN_MUXURL, +}; + +struct lws_token_limits { + unsigned short token_limit[WSI_TOKEN_COUNT]; /**< max chars for this token */ +}; + +/** + * lws_token_to_string() - returns a textual representation of a hdr token index + * + * \param token: token index + */ +LWS_VISIBLE LWS_EXTERN const unsigned char * +lws_token_to_string(enum lws_token_indexes token); + +/** + * lws_hdr_total_length: report length of all fragments of a header totalled up + * The returned length does not include the space for a + * terminating '\0' + * + * \param wsi: websocket connection + * \param h: which header index we are interested in + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h); + +/** + * lws_hdr_fragment_length: report length of a single fragment of a header + * The returned length does not include the space for a + * terminating '\0' + * + * \param wsi: websocket connection + * \param h: which header index we are interested in + * \param frag_idx: which fragment of h we want to get the length of + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_hdr_fragment_length(struct lws *wsi, enum lws_token_indexes h, + int frag_idx); + +/** + * lws_hdr_copy() - copy all fragments of the given header to a buffer + * The buffer length len must include space for an additional + * terminating '\0', or it will fail returning -1. + * + * \param wsi: websocket connection + * \param dest: destination buffer + * \param len: length of destination buffer + * \param h: which header index we are interested in + * + * copies the whole, aggregated header, even if it was delivered in + * several actual headers piece by piece. Returns -1 or length of the whole + * header. + */ +LWS_VISIBLE LWS_EXTERN int +lws_hdr_copy(struct lws *wsi, char *dest, int len, enum lws_token_indexes h); + +/** + * lws_hdr_copy_fragment() - copy a single fragment of the given header to a buffer + * The buffer length len must include space for an additional + * terminating '\0', or it will fail returning -1. + * If the requested fragment index is not present, it fails + * returning -1. + * + * \param wsi: websocket connection + * \param dest: destination buffer + * \param len: length of destination buffer + * \param h: which header index we are interested in + * \param frag_idx: which fragment of h we want to copy + * + * Normally this is only useful + * to parse URI arguments like ?x=1&y=2, token index WSI_TOKEN_HTTP_URI_ARGS + * fragment 0 will contain "x=1" and fragment 1 "y=2" + */ +LWS_VISIBLE LWS_EXTERN int +lws_hdr_copy_fragment(struct lws *wsi, char *dest, int len, + enum lws_token_indexes h, int frag_idx); + +/** + * lws_get_urlarg_by_name() - return pointer to arg value if present + * \param wsi: the connection to check + * \param name: the arg name, like "token=" + * \param buf: the buffer to receive the urlarg (including the name= part) + * \param len: the length of the buffer to receive the urlarg + * + * Returns NULL if not found or a pointer inside buf to just after the + * name= part. + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_get_urlarg_by_name(struct lws *wsi, const char *name, char *buf, int len); +///@} + +/*! \defgroup HTTP-headers-create HTTP headers: create + * + * ## HTTP headers: Create + * + * These apis allow you to create HTTP response headers in a way compatible with + * both HTTP/1.x and HTTP/2. + * + * They each append to a buffer taking care about the buffer end, which is + * passed in as a pointer. When data is written to the buffer, the current + * position p is updated accordingly. + * + * All of these apis are LWS_WARN_UNUSED_RESULT as they can run out of space + * and fail with nonzero return. + */ +///@{ + +#define LWSAHH_CODE_MASK ((1 << 16) - 1) +#define LWSAHH_FLAG_NO_SERVER_NAME (1 << 30) + +/** + * lws_add_http_header_status() - add the HTTP response status code + * + * \param wsi: the connection to check + * \param code: an HTTP code like 200, 404 etc (see enum http_status) + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Adds the initial response code, so should be called first. + * + * Code may additionally take OR'd flags: + * + * LWSAHH_FLAG_NO_SERVER_NAME: don't apply server name header this time + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_add_http_header_status(struct lws *wsi, + unsigned int code, unsigned char **p, + unsigned char *end); +/** + * lws_add_http_header_by_name() - append named header and value + * + * \param wsi: the connection to check + * \param name: the hdr name, like "my-header" + * \param value: the value after the = for this header + * \param length: the length of the value + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Appends name: value to the headers + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_add_http_header_by_name(struct lws *wsi, const unsigned char *name, + const unsigned char *value, int length, + unsigned char **p, unsigned char *end); +/** + * lws_add_http_header_by_token() - append given header and value + * + * \param wsi: the connection to check + * \param token: the token index for the hdr + * \param value: the value after the = for this header + * \param length: the length of the value + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Appends name=value to the headers, but is able to take advantage of better + * HTTP/2 coding mechanisms where possible. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_add_http_header_by_token(struct lws *wsi, enum lws_token_indexes token, + const unsigned char *value, int length, + unsigned char **p, unsigned char *end); +/** + * lws_add_http_header_content_length() - append content-length helper + * + * \param wsi: the connection to check + * \param content_length: the content length to use + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Appends content-length: content_length to the headers + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_add_http_header_content_length(struct lws *wsi, + lws_filepos_t content_length, + unsigned char **p, unsigned char *end); +/** + * lws_finalize_http_header() - terminate header block + * + * \param wsi: the connection to check + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Indicates no more headers will be added + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_finalize_http_header(struct lws *wsi, unsigned char **p, + unsigned char *end); + +/** + * lws_finalize_write_http_header() - Helper finializing and writing http headers + * + * \param wsi: the connection to check + * \param start: pointer to the start of headers in the buffer, eg &buf[LWS_PRE] + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Terminates the headers correctly accoring to the protocol in use (h1 / h2) + * and writes the headers. Returns nonzero for error. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_finalize_write_http_header(struct lws *wsi, unsigned char *start, + unsigned char **p, unsigned char *end); + +#define LWS_ILLEGAL_HTTP_CONTENT_LEN ((lws_filepos_t)-1ll) + +/** + * lws_add_http_common_headers() - Helper preparing common http headers + * + * \param wsi: the connection to check + * \param code: an HTTP code like 200, 404 etc (see enum http_status) + * \param content_type: the content type, like "text/html" + * \param content_len: the content length, in bytes + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Adds the initial response code, so should be called first. + * + * Code may additionally take OR'd flags: + * + * LWSAHH_FLAG_NO_SERVER_NAME: don't apply server name header this time + * + * This helper just calls public apis to simplify adding headers that are + * commonly needed. If it doesn't fit your case, or you want to add additional + * headers just call the public apis directly yourself for what you want. + * + * You can miss out the content length header by providing the constant + * LWS_ILLEGAL_HTTP_CONTENT_LEN for the content_len. + * + * It does not call lws_finalize_http_header(), to allow you to add further + * headers after calling this. You will need to call that yourself at the end. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_add_http_common_headers(struct lws *wsi, unsigned int code, + const char *content_type, lws_filepos_t content_len, + unsigned char **p, unsigned char *end); + +///@} + +/*! \defgroup urlendec Urlencode and Urldecode + * \ingroup http + * + * ##HTML chunked Substitution + * + * APIs for receiving chunks of text, replacing a set of variable names via + * a callback, and then prepending and appending HTML chunked encoding + * headers. + */ +//@{ + +/** + * lws_urlencode() - like strncpy but with urlencoding + * + * \param escaped: output buffer + * \param string: input buffer ('/0' terminated) + * \param len: output buffer max length + * + * Because urlencoding expands the output string, it's not + * possible to do it in-place, ie, with escaped == string + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_urlencode(char *escaped, const char *string, int len); + +/* + * URLDECODE 1 / 2 + * + * This simple urldecode only operates until the first '\0' and requires the + * data to exist all at once + */ +/** + * lws_urldecode() - like strncpy but with urldecoding + * + * \param string: output buffer + * \param escaped: input buffer ('\0' terminated) + * \param len: output buffer max length + * + * This is only useful for '\0' terminated strings + * + * Since urldecoding only shrinks the output string, it is possible to + * do it in-place, ie, string == escaped + * + * Returns 0 if completed OK or nonzero for urldecode violation (non-hex chars + * where hex required, etc) + */ +LWS_VISIBLE LWS_EXTERN int +lws_urldecode(char *string, const char *escaped, int len); +///@} + +/** + * lws_return_http_status() - Return simple http status + * \param wsi: Websocket instance (available from user callback) + * \param code: Status index, eg, 404 + * \param html_body: User-readable HTML description < 1KB, or NULL + * + * Helper to report HTTP errors back to the client cleanly and + * consistently + */ +LWS_VISIBLE LWS_EXTERN int +lws_return_http_status(struct lws *wsi, unsigned int code, + const char *html_body); + +/** + * lws_http_redirect() - write http redirect out on wsi + * + * \param wsi: websocket connection + * \param code: HTTP response code (eg, 301) + * \param loc: where to redirect to + * \param len: length of loc + * \param p: pointer current position in buffer (updated as we write) + * \param end: pointer to end of buffer + * + * Returns amount written, or < 0 indicating fatal write failure. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_http_redirect(struct lws *wsi, int code, const unsigned char *loc, int len, + unsigned char **p, unsigned char *end); + +/** + * lws_http_transaction_completed() - wait for new http transaction or close + * \param wsi: websocket connection + * + * Returns 1 if the HTTP connection must close now + * Returns 0 and resets connection to wait for new HTTP header / + * transaction if possible + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_http_transaction_completed(struct lws *wsi); + +/** + * lws_http_compression_apply() - apply an http compression transform + * + * \param wsi: the wsi to apply the compression transform to + * \param name: NULL, or the name of the compression transform, eg, "deflate" + * \param p: pointer to pointer to headers buffer + * \param end: pointer to end of headers buffer + * \param decomp: 0 = add compressor to wsi, 1 = add decompressor + * + * This allows transparent compression of dynamically generated HTTP. The + * requested compression (eg, "deflate") is only applied if the client headers + * indicated it was supported (and it has support in lws), otherwise it's a NOP. + * + * If the requested compression method is NULL, then the supported compression + * formats are tried, and for non-decompression (server) mode the first that's + * found on the client's accept-encoding header is chosen. + * + * NOTE: the compression transform, same as h2 support, relies on the user + * code using LWS_WRITE_HTTP and then LWS_WRITE_HTTP_FINAL on the last part + * written. The internal lws fileserving code already does this. + * + * If the library was built without the cmake option + * LWS_WITH_HTTP_STREAM_COMPRESSION set, then a NOP is provided for this api, + * allowing user code to build either way and use compression if available. + */ +LWS_VISIBLE int +lws_http_compression_apply(struct lws *wsi, const char *name, + unsigned char **p, unsigned char *end, char decomp); +///@} + diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-jwk.h b/thirdparty/libwebsockets/include/libwebsockets/lws-jwk.h new file mode 100644 index 0000000000..2e2eabd73e --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-jwk.h @@ -0,0 +1,110 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + + +/*! \defgroup jwk JSON Web Keys + * ## JSON Web Keys API + * + * Lws provides an API to parse JSON Web Keys into a struct lws_genrsa_elements. + * + * "oct" and "RSA" type keys are supported. For "oct" keys, they are held in + * the "e" member of the struct lws_genrsa_elements. + * + * Keys elements are allocated on the heap. You must destroy the allocations + * in the struct lws_genrsa_elements by calling + * lws_jwk_destroy_genrsa_elements() when you are finished with it. + */ +///@{ + +struct lws_jwk { + char keytype[5]; /**< "oct" or "RSA" */ + struct lws_genrsa_elements el; /**< OCTet key is in el.e */ +}; + +/** lws_jwk_import() - Create a JSON Web key from the textual representation + * + * \param s: the JWK object to create + * \param in: a single JWK JSON stanza in utf-8 + * \param len: the length of the JWK JSON stanza in bytes + * + * Creates an lws_jwk struct filled with data from the JSON representation. + * "oct" and "rsa" key types are supported. + * + * For "oct" type keys, it is loaded into el.e. + */ +LWS_VISIBLE LWS_EXTERN int +lws_jwk_import(struct lws_jwk *s, const char *in, size_t len); + +/** lws_jwk_destroy() - Destroy a JSON Web key + * + * \param s: the JWK object to destroy + * + * All allocations in the lws_jwk are destroyed + */ +LWS_VISIBLE LWS_EXTERN void +lws_jwk_destroy(struct lws_jwk *s); + +/** lws_jwk_export() - Export a JSON Web key to a textual representation + * + * \param s: the JWK object to export + * \param _private: 0 = just export public parts, 1 = export everything + * \param p: the buffer to write the exported JWK to + * \param len: the length of the buffer \p p in bytes + * + * Returns length of the used part of the buffer if OK, or -1 for error. + * + * Serializes the content of the JWK into a char buffer. + */ +LWS_VISIBLE LWS_EXTERN int +lws_jwk_export(struct lws_jwk *s, int _private, char *p, size_t len); + +/** lws_jwk_load() - Import a JSON Web key from a file + * + * \param s: the JWK object to load into + * \param filename: filename to load from + * + * Returns 0 for OK or -1 for failure + */ +LWS_VISIBLE int +lws_jwk_load(struct lws_jwk *s, const char *filename); + +/** lws_jwk_save() - Export a JSON Web key to a file + * + * \param s: the JWK object to save from + * \param filename: filename to save to + * + * Returns 0 for OK or -1 for failure + */ +LWS_VISIBLE int +lws_jwk_save(struct lws_jwk *s, const char *filename); + +/** lws_jwk_rfc7638_fingerprint() - jwk to RFC7638 compliant fingerprint + * + * \param s: the JWK object to fingerprint + * \param digest32: buffer to take 32-byte digest + * + * Returns 0 for OK or -1 for failure + */ +LWS_VISIBLE int +lws_jwk_rfc7638_fingerprint(struct lws_jwk *s, char *digest32); +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-jws.h b/thirdparty/libwebsockets/include/libwebsockets/lws-jws.h new file mode 100644 index 0000000000..7112fc3dba --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-jws.h @@ -0,0 +1,101 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup jws JSON Web Signature + * ## JSON Web Signature API + * + * Lws provides an API to check and create RFC7515 JSON Web Signatures + * + * SHA256/384/512 HMAC, and RSA 256/384/512 are supported. + * + * The API uses your TLS library crypto, but works exactly the same no matter + * what you TLS backend is. + */ +///@{ + +LWS_VISIBLE LWS_EXTERN int +lws_jws_confirm_sig(const char *in, size_t len, struct lws_jwk *jwk); + +/** + * lws_jws_sign_from_b64() - add b64 sig to b64 hdr + payload + * + * \param b64_hdr: protected header encoded in b64, may be NULL + * \param hdr_len: bytes in b64 coding of protected header + * \param b64_pay: payload encoded in b64 + * \param pay_len: bytes in b64 coding of payload + * \param b64_sig: buffer to write the b64 encoded signature into + * \param sig_len: max bytes we can write at b64_sig + * \param hash_type: one of LWS_GENHASH_TYPE_SHA[256|384|512] + * \param jwk: the struct lws_jwk containing the signing key + * + * This adds a b64-coded JWS signature of the b64-encoded protected header + * and b64-encoded payload, at \p b64_sig. The signature will be as large + * as the N element of the RSA key when the RSA key is used, eg, 512 bytes for + * a 4096-bit key, and then b64-encoding on top. + * + * In some special cases, there is only payload to sign and no header, in that + * case \p b64_hdr may be NULL, and only the payload will be hashed before + * signing. + * + * Returns the length of the encoded signature written to \p b64_sig, or -1. + */ +LWS_VISIBLE LWS_EXTERN int +lws_jws_sign_from_b64(const char *b64_hdr, size_t hdr_len, const char *b64_pay, + size_t pay_len, char *b64_sig, size_t sig_len, + enum lws_genhash_types hash_type, struct lws_jwk *jwk); + +/** + * lws_jws_create_packet() - add b64 sig to b64 hdr + payload + * + * \param jwk: the struct lws_jwk containing the signing key + * \param payload: unencoded payload JSON + * \param len: length of unencoded payload JSON + * \param nonce: Nonse string to include in protected header + * \param out: buffer to take signed packet + * \param out_len: size of \p out buffer + * + * This creates a "flattened" JWS packet from the jwk and the plaintext + * payload, and signs it. The packet is written into \p out. + * + * This does the whole packet assembly and signing, calling through to + * lws_jws_sign_from_b64() as part of the process. + * + * Returns the length written to \p out, or -1. + */ +LWS_VISIBLE LWS_EXTERN int +lws_jws_create_packet(struct lws_jwk *jwk, const char *payload, size_t len, + const char *nonce, char *out, size_t out_len); + +/** + * lws_jws_base64_enc() - encode input data into b64url data + * + * \param in: the incoming plaintext + * \param in_len: the length of the incoming plaintext in bytes + * \param out: the buffer to store the b64url encoded data to + * \param out_max: the length of \p out in bytes + * + * Returns either -1 if problems, or the number of bytes written to \p out. + */ +LWS_VISIBLE LWS_EXTERN int +lws_jws_base64_enc(const char *in, size_t in_len, char *out, size_t out_max); +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-lejp.h b/thirdparty/libwebsockets/include/libwebsockets/lws-lejp.h new file mode 100644 index 0000000000..f3f7e59a64 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-lejp.h @@ -0,0 +1,262 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup lejp JSON parser + * ##JSON parsing related functions + * \ingroup lwsapi + * + * LEJP is an extremely lightweight JSON stream parser included in lws. + */ +//@{ +struct lejp_ctx; + +#if !defined(LWS_ARRAY_SIZE) +#define LWS_ARRAY_SIZE(_x) (sizeof(_x) / sizeof(_x[0])) +#endif +#define LEJP_FLAG_WS_KEEP 64 +#define LEJP_FLAG_WS_COMMENTLINE 32 + +enum lejp_states { + LEJP_IDLE = 0, + LEJP_MEMBERS = 1, + LEJP_M_P = 2, + LEJP_MP_STRING = LEJP_FLAG_WS_KEEP | 3, + LEJP_MP_STRING_ESC = LEJP_FLAG_WS_KEEP | 4, + LEJP_MP_STRING_ESC_U1 = LEJP_FLAG_WS_KEEP | 5, + LEJP_MP_STRING_ESC_U2 = LEJP_FLAG_WS_KEEP | 6, + LEJP_MP_STRING_ESC_U3 = LEJP_FLAG_WS_KEEP | 7, + LEJP_MP_STRING_ESC_U4 = LEJP_FLAG_WS_KEEP | 8, + LEJP_MP_DELIM = 9, + LEJP_MP_VALUE = 10, + LEJP_MP_VALUE_NUM_INT = LEJP_FLAG_WS_KEEP | 11, + LEJP_MP_VALUE_NUM_EXP = LEJP_FLAG_WS_KEEP | 12, + LEJP_MP_VALUE_TOK = LEJP_FLAG_WS_KEEP | 13, + LEJP_MP_COMMA_OR_END = 14, + LEJP_MP_ARRAY_END = 15, +}; + +enum lejp_reasons { + LEJP_CONTINUE = -1, + LEJP_REJECT_IDLE_NO_BRACE = -2, + LEJP_REJECT_MEMBERS_NO_CLOSE = -3, + LEJP_REJECT_MP_NO_OPEN_QUOTE = -4, + LEJP_REJECT_MP_STRING_UNDERRUN = -5, + LEJP_REJECT_MP_ILLEGAL_CTRL = -6, + LEJP_REJECT_MP_STRING_ESC_ILLEGAL_ESC = -7, + LEJP_REJECT_ILLEGAL_HEX = -8, + LEJP_REJECT_MP_DELIM_MISSING_COLON = -9, + LEJP_REJECT_MP_DELIM_BAD_VALUE_START = -10, + LEJP_REJECT_MP_VAL_NUM_INT_NO_FRAC = -11, + LEJP_REJECT_MP_VAL_NUM_FORMAT = -12, + LEJP_REJECT_MP_VAL_NUM_EXP_BAD_EXP = -13, + LEJP_REJECT_MP_VAL_TOK_UNKNOWN = -14, + LEJP_REJECT_MP_C_OR_E_UNDERF = -15, + LEJP_REJECT_MP_C_OR_E_NOTARRAY = -16, + LEJP_REJECT_MP_ARRAY_END_MISSING = -17, + LEJP_REJECT_STACK_OVERFLOW = -18, + LEJP_REJECT_MP_DELIM_ISTACK = -19, + LEJP_REJECT_NUM_TOO_LONG = -20, + LEJP_REJECT_MP_C_OR_E_NEITHER = -21, + LEJP_REJECT_UNKNOWN = -22, + LEJP_REJECT_CALLBACK = -23 +}; + +#define LEJP_FLAG_CB_IS_VALUE 64 + +enum lejp_callbacks { + LEJPCB_CONSTRUCTED = 0, + LEJPCB_DESTRUCTED = 1, + + LEJPCB_START = 2, + LEJPCB_COMPLETE = 3, + LEJPCB_FAILED = 4, + + LEJPCB_PAIR_NAME = 5, + + LEJPCB_VAL_TRUE = LEJP_FLAG_CB_IS_VALUE | 6, + LEJPCB_VAL_FALSE = LEJP_FLAG_CB_IS_VALUE | 7, + LEJPCB_VAL_NULL = LEJP_FLAG_CB_IS_VALUE | 8, + LEJPCB_VAL_NUM_INT = LEJP_FLAG_CB_IS_VALUE | 9, + LEJPCB_VAL_NUM_FLOAT = LEJP_FLAG_CB_IS_VALUE | 10, + LEJPCB_VAL_STR_START = 11, /* notice handle separately */ + LEJPCB_VAL_STR_CHUNK = LEJP_FLAG_CB_IS_VALUE | 12, + LEJPCB_VAL_STR_END = LEJP_FLAG_CB_IS_VALUE | 13, + + LEJPCB_ARRAY_START = 14, + LEJPCB_ARRAY_END = 15, + + LEJPCB_OBJECT_START = 16, + LEJPCB_OBJECT_END = 17 +}; + +/** + * _lejp_callback() - User parser actions + * \param ctx: LEJP context + * \param reason: Callback reason + * + * Your user callback is associated with the context at construction time, + * and receives calls as the parsing progresses. + * + * All of the callbacks may be ignored and just return 0. + * + * The reasons it might get called, found in @reason, are: + * + * LEJPCB_CONSTRUCTED: The context was just constructed... you might want to + * perform one-time allocation for the life of the context. + * + * LEJPCB_DESTRUCTED: The context is being destructed... if you made any + * allocations at construction-time, you can free them now + * + * LEJPCB_START: Parsing is beginning at the first byte of input + * + * LEJPCB_COMPLETE: Parsing has completed successfully. You'll get a 0 or + * positive return code from lejp_parse indicating the + * amount of unused bytes left in the input buffer + * + * LEJPCB_FAILED: Parsing failed. You'll get a negative error code + * returned from lejp_parse + * + * LEJPCB_PAIR_NAME: When a "name":"value" pair has had the name parsed, + * this callback occurs. You can find the new name at + * the end of ctx->path[] + * + * LEJPCB_VAL_TRUE: The "true" value appeared + * + * LEJPCB_VAL_FALSE: The "false" value appeared + * + * LEJPCB_VAL_NULL: The "null" value appeared + * + * LEJPCB_VAL_NUM_INT: A string representing an integer is in ctx->buf + * + * LEJPCB_VAL_NUM_FLOAT: A string representing a float is in ctx->buf + * + * LEJPCB_VAL_STR_START: We are starting to parse a string, no data yet + * + * LEJPCB_VAL_STR_CHUNK: We parsed LEJP_STRING_CHUNK -1 bytes of string data in + * ctx->buf, which is as much as we can buffer, so we are + * spilling it. If all your strings are less than + * LEJP_STRING_CHUNK - 1 bytes, you will never see this + * callback. + * + * LEJPCB_VAL_STR_END: String parsing has completed, the last chunk of the + * string is in ctx->buf. + * + * LEJPCB_ARRAY_START: An array started + * + * LEJPCB_ARRAY_END: An array ended + * + * LEJPCB_OBJECT_START: An object started + * + * LEJPCB_OBJECT_END: An object ended + */ +LWS_EXTERN signed char _lejp_callback(struct lejp_ctx *ctx, char reason); + +typedef signed char (*lejp_callback)(struct lejp_ctx *ctx, char reason); + +#ifndef LEJP_MAX_DEPTH +#define LEJP_MAX_DEPTH 12 +#endif +#ifndef LEJP_MAX_INDEX_DEPTH +#define LEJP_MAX_INDEX_DEPTH 5 +#endif +#ifndef LEJP_MAX_PATH +#define LEJP_MAX_PATH 128 +#endif +#ifndef LEJP_STRING_CHUNK +/* must be >= 30 to assemble floats */ +#define LEJP_STRING_CHUNK 254 +#endif + +enum num_flags { + LEJP_SEEN_MINUS = (1 << 0), + LEJP_SEEN_POINT = (1 << 1), + LEJP_SEEN_POST_POINT = (1 << 2), + LEJP_SEEN_EXP = (1 << 3) +}; + +struct _lejp_stack { + char s; /* lejp_state stack*/ + char p; /* path length */ + char i; /* index array length */ + char b; /* user bitfield */ +}; + +struct lejp_ctx { + + /* sorted by type for most compact alignment + * + * pointers + */ + + signed char (*callback)(struct lejp_ctx *ctx, char reason); + void *user; + const char * const *paths; + + /* arrays */ + + struct _lejp_stack st[LEJP_MAX_DEPTH]; + uint16_t i[LEJP_MAX_INDEX_DEPTH]; /* index array */ + uint16_t wild[LEJP_MAX_INDEX_DEPTH]; /* index array */ + char path[LEJP_MAX_PATH]; + char buf[LEJP_STRING_CHUNK + 1]; + + /* int */ + + uint32_t line; + + /* short */ + + uint16_t uni; + + /* char */ + + uint8_t npos; + uint8_t dcount; + uint8_t f; + uint8_t sp; /* stack head */ + uint8_t ipos; /* index stack depth */ + uint8_t ppos; + uint8_t count_paths; + uint8_t path_match; + uint8_t path_match_len; + uint8_t wildcount; +}; + +LWS_VISIBLE LWS_EXTERN void +lejp_construct(struct lejp_ctx *ctx, + signed char (*callback)(struct lejp_ctx *ctx, char reason), + void *user, const char * const *paths, unsigned char paths_count); + +LWS_VISIBLE LWS_EXTERN void +lejp_destruct(struct lejp_ctx *ctx); + +LWS_VISIBLE LWS_EXTERN int +lejp_parse(struct lejp_ctx *ctx, const unsigned char *json, int len); + +LWS_VISIBLE LWS_EXTERN void +lejp_change_callback(struct lejp_ctx *ctx, + signed char (*callback)(struct lejp_ctx *ctx, char reason)); + +LWS_VISIBLE LWS_EXTERN int +lejp_get_wildcard(struct lejp_ctx *ctx, int wildcard, char *dest, int len); +//@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-logs.h b/thirdparty/libwebsockets/include/libwebsockets/lws-logs.h new file mode 100644 index 0000000000..9317dcc70c --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-logs.h @@ -0,0 +1,224 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup log Logging + * + * ##Logging + * + * Lws provides flexible and filterable logging facilities, which can be + * used inside lws and in user code. + * + * Log categories may be individually filtered bitwise, and directed to built-in + * sinks for syslog-compatible logging, or a user-defined function. + */ +///@{ + +enum lws_log_levels { + LLL_ERR = 1 << 0, + LLL_WARN = 1 << 1, + LLL_NOTICE = 1 << 2, + LLL_INFO = 1 << 3, + LLL_DEBUG = 1 << 4, + LLL_PARSER = 1 << 5, + LLL_HEADER = 1 << 6, + LLL_EXT = 1 << 7, + LLL_CLIENT = 1 << 8, + LLL_LATENCY = 1 << 9, + LLL_USER = 1 << 10, + LLL_THREAD = 1 << 11, + + LLL_COUNT = 12 /* set to count of valid flags */ +}; + +LWS_VISIBLE LWS_EXTERN void _lws_log(int filter, const char *format, ...) LWS_FORMAT(2); +LWS_VISIBLE LWS_EXTERN void _lws_logv(int filter, const char *format, va_list vl); +/** + * lwsl_timestamp: generate logging timestamp string + * + * \param level: logging level + * \param p: char * buffer to take timestamp + * \param len: length of p + * + * returns length written in p + */ +LWS_VISIBLE LWS_EXTERN int +lwsl_timestamp(int level, char *p, int len); + +/* these guys are unconditionally included */ + +#define lwsl_err(...) _lws_log(LLL_ERR, __VA_ARGS__) +#define lwsl_user(...) _lws_log(LLL_USER, __VA_ARGS__) + +#if !defined(LWS_WITH_NO_LOGS) +/* notice and warn are usually included by being compiled in */ +#define lwsl_warn(...) _lws_log(LLL_WARN, __VA_ARGS__) +#define lwsl_notice(...) _lws_log(LLL_NOTICE, __VA_ARGS__) +#endif +/* + * weaker logging can be deselected by telling CMake to build in RELEASE mode + * that gets rid of the overhead of checking while keeping _warn and _err + * active + */ + +#ifdef _DEBUG +#if defined(LWS_WITH_NO_LOGS) +/* notice, warn and log are always compiled in */ +#define lwsl_warn(...) _lws_log(LLL_WARN, __VA_ARGS__) +#define lwsl_notice(...) _lws_log(LLL_NOTICE, __VA_ARGS__) +#endif +#define lwsl_info(...) _lws_log(LLL_INFO, __VA_ARGS__) +#define lwsl_debug(...) _lws_log(LLL_DEBUG, __VA_ARGS__) +#define lwsl_parser(...) _lws_log(LLL_PARSER, __VA_ARGS__) +#define lwsl_header(...) _lws_log(LLL_HEADER, __VA_ARGS__) +#define lwsl_ext(...) _lws_log(LLL_EXT, __VA_ARGS__) +#define lwsl_client(...) _lws_log(LLL_CLIENT, __VA_ARGS__) +#define lwsl_latency(...) _lws_log(LLL_LATENCY, __VA_ARGS__) +#define lwsl_thread(...) _lws_log(LLL_THREAD, __VA_ARGS__) + +#else /* no debug */ +#if defined(LWS_WITH_NO_LOGS) +#define lwsl_warn(...) do {} while(0) +#define lwsl_notice(...) do {} while(0) +#endif +#define lwsl_info(...) do {} while(0) +#define lwsl_debug(...) do {} while(0) +#define lwsl_parser(...) do {} while(0) +#define lwsl_header(...) do {} while(0) +#define lwsl_ext(...) do {} while(0) +#define lwsl_client(...) do {} while(0) +#define lwsl_latency(...) do {} while(0) +#define lwsl_thread(...) do {} while(0) + +#endif + +#define lwsl_hexdump_err(...) lwsl_hexdump_level(LLL_ERR, __VA_ARGS__) +#define lwsl_hexdump_warn(...) lwsl_hexdump_level(LLL_WARN, __VA_ARGS__) +#define lwsl_hexdump_notice(...) lwsl_hexdump_level(LLL_NOTICE, __VA_ARGS__) +#define lwsl_hexdump_info(...) lwsl_hexdump_level(LLL_INFO, __VA_ARGS__) +#define lwsl_hexdump_debug(...) lwsl_hexdump_level(LLL_DEBUG, __VA_ARGS__) + +/** + * lwsl_hexdump_level() - helper to hexdump a buffer at a selected debug level + * + * \param level: one of LLL_ constants + * \param vbuf: buffer start to dump + * \param len: length of buffer to dump + * + * If \p level is visible, does a nice hexdump -C style dump of \p vbuf for + * \p len bytes. This can be extremely convenient while debugging. + */ +LWS_VISIBLE LWS_EXTERN void +lwsl_hexdump_level(int level, const void *vbuf, size_t len); + +/** + * lwsl_hexdump() - helper to hexdump a buffer (DEBUG builds only) + * + * \param buf: buffer start to dump + * \param len: length of buffer to dump + * + * Calls through to lwsl_hexdump_level(LLL_DEBUG, ... for compatability. + * It's better to use lwsl_hexdump_level(level, ... directly so you can control + * the visibility. + */ +LWS_VISIBLE LWS_EXTERN void +lwsl_hexdump(const void *buf, size_t len); + +/** + * lws_is_be() - returns nonzero if the platform is Big Endian + */ +static LWS_INLINE int lws_is_be(void) { + const int probe = ~0xff; + + return *(const char *)&probe; +} + +/** + * lws_set_log_level() - Set the logging bitfield + * \param level: OR together the LLL_ debug contexts you want output from + * \param log_emit_function: NULL to leave it as it is, or a user-supplied + * function to perform log string emission instead of + * the default stderr one. + * + * log level defaults to "err", "warn" and "notice" contexts enabled and + * emission on stderr. If stderr is a tty (according to isatty()) then + * the output is coloured according to the log level using ANSI escapes. + */ +LWS_VISIBLE LWS_EXTERN void +lws_set_log_level(int level, + void (*log_emit_function)(int level, const char *line)); + +/** + * lwsl_emit_syslog() - helper log emit function writes to system log + * + * \param level: one of LLL_ log level indexes + * \param line: log string + * + * You use this by passing the function pointer to lws_set_log_level(), to set + * it as the log emit function, it is not called directly. + */ +LWS_VISIBLE LWS_EXTERN void +lwsl_emit_syslog(int level, const char *line); + +/** + * lwsl_emit_stderr() - helper log emit function writes to stderr + * + * \param level: one of LLL_ log level indexes + * \param line: log string + * + * You use this by passing the function pointer to lws_set_log_level(), to set + * it as the log emit function, it is not called directly. + * + * It prepends a system timestamp like [2018/11/13 07:41:57:3989] + * + * If stderr is a tty, then ansi colour codes are added. + */ +LWS_VISIBLE LWS_EXTERN void +lwsl_emit_stderr(int level, const char *line); + +/** + * lwsl_emit_stderr_notimestamp() - helper log emit function writes to stderr + * + * \param level: one of LLL_ log level indexes + * \param line: log string + * + * You use this by passing the function pointer to lws_set_log_level(), to set + * it as the log emit function, it is not called directly. + * + * If stderr is a tty, then ansi colour codes are added. + */ +LWS_VISIBLE LWS_EXTERN void +lwsl_emit_stderr_notimestamp(int level, const char *line); + +/** + * lwsl_visible() - returns true if the log level should be printed + * + * \param level: one of LLL_ log level indexes + * + * This is useful if you have to do work to generate the log content, you + * can skip the work if the log level used to print it is not actually + * enabled at runtime. + */ +LWS_VISIBLE LWS_EXTERN int +lwsl_visible(int level); + +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-lwsac.h b/thirdparty/libwebsockets/include/libwebsockets/lws-lwsac.h new file mode 100644 index 0000000000..1f914b66a6 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-lwsac.h @@ -0,0 +1,191 @@ +/* + * libwebsockets - lws alloc chunk + * + * Copyright (C) 2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup log lwsac + * + * ##Allocated Chunks + * + * If you know you will be allocating a large, unknown number of same or + * differently sized objects, it's certainly possible to do it with libc + * malloc. However the allocation cost in time and memory overhead can + * add up, and deallocation means walking the structure of every object and + * freeing them in turn. + * + * lwsac (LWS Allocated Chunks) allocates chunks intended to be larger + * than your objects (4000 bytes by default) which you linearly allocate from + * using lwsac_use(). + * + * If your next request won't fit in the current chunk, a new chunk is added + * to the chain of chunks and the allocaton done from there. If the request + * is larger than the chunk size, an oversize chunk is created to satisfy it. + * + * When you are finished with the allocations, you call lwsac_free() and + * free all the *chunks*. So you may have thousands of objects in the chunks, + * but they are all destroyed with the chunks without having to deallocate them + * one by one pointlessly. + */ +///@{ + +struct lwsac; +typedef unsigned char * lwsac_cached_file_t; + + +#define lws_list_ptr_container(P,T,M) ((T *)((char *)(P) - offsetof(T, M))) + +/* + * linked-list helper that's commonly useful to manage lists of things + * allocated using lwsac. + * + * These lists point to their corresponding "next" member in the target, NOT + * the original containing struct. To get the containing struct, you must use + * lws_list_ptr_container() to convert. + * + * It's like that because it means we no longer have to have the next pointer + * at the start of the struct, and we can have the same struct on multiple + * linked-lists with everything held in the struct itself. + */ +typedef void * lws_list_ptr; + +/* + * optional sorting callback called by lws_list_ptr_insert() to sort the right + * things inside the opqaue struct being sorted / inserted on the list. + */ +typedef int (*lws_list_ptr_sort_func_t)(lws_list_ptr a, lws_list_ptr b); + +#define lws_list_ptr_advance(_lp) _lp = *((void **)_lp) + +/* sort may be NULL if you don't care about order */ +LWS_VISIBLE LWS_EXTERN void +lws_list_ptr_insert(lws_list_ptr *phead, lws_list_ptr *add, + lws_list_ptr_sort_func_t sort); + + +/** + * lwsac_use - allocate / use some memory from a lwsac + * + * \param head: pointer to the lwsac list object + * \param ensure: the number of bytes we want to use + * \param chunk_size: 0, or the size of the chunk to (over)allocate if + * what we want won't fit in the current tail chunk. If + * 0, the default value of 4000 is used. If ensure is + * larger, it is used instead. + * + * This also serves to init the lwsac if *head is NULL. Basically it does + * whatever is necessary to return you a pointer to ensure bytes of memory + * reserved for the caller. + * + * Returns NULL if OOM. + */ +LWS_VISIBLE LWS_EXTERN void * +lwsac_use(struct lwsac **head, size_t ensure, size_t chunk_size); + +/** + * lwsac_free - deallocate all chunks in the lwsac and set head NULL + * + * \param head: pointer to the lwsac list object + * + * This deallocates all chunks in the lwsac, then sets *head to NULL. All + * lwsac_use() pointers are invalidated in one hit without individual frees. + */ +LWS_VISIBLE LWS_EXTERN void +lwsac_free(struct lwsac **head); + +/* + * Optional helpers useful for where consumers may need to defer destruction + * until all consumers are finished with the lwsac + */ + +/** + * lwsac_detach() - destroy an lwsac unless somebody else is referencing it + * + * \param head: pointer to the lwsac list object + * + * The creator of the lwsac can all this instead of lwsac_free() when it itself + * has finished with the lwsac, but other code may be consuming it. + * + * If there are no other references, the lwsac is destroyed, *head is set to + * NULL and that's the end; however if something else has called + * lwsac_reference() on the lwsac, it simply returns. When lws_unreference() + * is called and no references are left, it will be destroyed then. + */ +LWS_VISIBLE LWS_EXTERN void +lwsac_detach(struct lwsac **head); + +/** + * lwsac_reference() - increase the lwsac reference count + * + * \param head: pointer to the lwsac list object + * + * Increment the reference count on the lwsac to defer destruction. + */ +LWS_VISIBLE LWS_EXTERN void +lwsac_reference(struct lwsac *head); + +/** + * lwsac_reference() - increase the lwsac reference count + * + * \param head: pointer to the lwsac list object + * + * Decrement the reference count on the lwsac... if it reached 0 on a detached + * lwsac then the lwsac is immediately destroyed and *head set to NULL. + */ +LWS_VISIBLE LWS_EXTERN void +lwsac_unreference(struct lwsac **head); + + +/* helpers to keep a file cached in memory */ + +LWS_VISIBLE LWS_EXTERN void +lwsac_use_cached_file_start(lwsac_cached_file_t cache); + +LWS_VISIBLE LWS_EXTERN void +lwsac_use_cached_file_end(lwsac_cached_file_t *cache); + +LWS_VISIBLE LWS_EXTERN void +lwsac_use_cached_file_detach(lwsac_cached_file_t *cache); + +LWS_VISIBLE LWS_EXTERN int +lwsac_cached_file(const char *filepath, lwsac_cached_file_t *cache, + size_t *len); + +/* more advanced helpers */ + +LWS_VISIBLE LWS_EXTERN size_t +lwsac_sizeof(void); + +LWS_VISIBLE LWS_EXTERN size_t +lwsac_get_tail_pos(struct lwsac *lac); + +LWS_VISIBLE LWS_EXTERN struct lwsac * +lwsac_get_next(struct lwsac *lac); + +LWS_VISIBLE LWS_EXTERN size_t +lwsac_align(size_t length); + +LWS_VISIBLE LWS_EXTERN void +lwsac_info(struct lwsac *head); + +LWS_VISIBLE LWS_EXTERN uint64_t +lwsac_total_alloc(struct lwsac *head); + +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-misc.h b/thirdparty/libwebsockets/include/libwebsockets/lws-misc.h new file mode 100644 index 0000000000..02fe432d5b --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-misc.h @@ -0,0 +1,836 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup misc Miscellaneous APIs +* ##Miscellaneous APIs +* +* Various APIs outside of other categories +*/ +///@{ + +/** + * lws_start_foreach_ll(): linkedlist iterator helper start + * + * \param type: type of iteration, eg, struct xyz * + * \param it: iterator var name to create + * \param start: start of list + * + * This helper creates an iterator and starts a while (it) { + * loop. The iterator runs through the linked list starting at start and + * ends when it gets a NULL. + * The while loop should be terminated using lws_start_foreach_ll(). + */ +#define lws_start_foreach_ll(type, it, start)\ +{ \ + type it = start; \ + while (it) { + +/** + * lws_end_foreach_ll(): linkedlist iterator helper end + * + * \param it: same iterator var name given when starting + * \param nxt: member name in the iterator pointing to next list element + * + * This helper is the partner for lws_start_foreach_ll() that ends the + * while loop. + */ + +#define lws_end_foreach_ll(it, nxt) \ + it = it->nxt; \ + } \ +} + +/** + * lws_start_foreach_ll_safe(): linkedlist iterator helper start safe against delete + * + * \param type: type of iteration, eg, struct xyz * + * \param it: iterator var name to create + * \param start: start of list + * \param nxt: member name in the iterator pointing to next list element + * + * This helper creates an iterator and starts a while (it) { + * loop. The iterator runs through the linked list starting at start and + * ends when it gets a NULL. + * The while loop should be terminated using lws_end_foreach_ll_safe(). + * Performs storage of next increment for situations where iterator can become invalidated + * during iteration. + */ +#define lws_start_foreach_ll_safe(type, it, start, nxt)\ +{ \ + type it = start; \ + while (it) { \ + type next_##it = it->nxt; + +/** + * lws_end_foreach_ll_safe(): linkedlist iterator helper end (pre increment storage) + * + * \param it: same iterator var name given when starting + * + * This helper is the partner for lws_start_foreach_ll_safe() that ends the + * while loop. It uses the precreated next_ variable already stored during + * start. + */ + +#define lws_end_foreach_ll_safe(it) \ + it = next_##it; \ + } \ +} + +/** + * lws_start_foreach_llp(): linkedlist pointer iterator helper start + * + * \param type: type of iteration, eg, struct xyz ** + * \param it: iterator var name to create + * \param start: start of list + * + * This helper creates an iterator and starts a while (it) { + * loop. The iterator runs through the linked list starting at the + * address of start and ends when it gets a NULL. + * The while loop should be terminated using lws_start_foreach_llp(). + * + * This helper variant iterates using a pointer to the previous linked-list + * element. That allows you to easily delete list members by rewriting the + * previous pointer to the element's next pointer. + */ +#define lws_start_foreach_llp(type, it, start)\ +{ \ + type it = &(start); \ + while (*(it)) { + +#define lws_start_foreach_llp_safe(type, it, start, nxt)\ +{ \ + type it = &(start); \ + type next; \ + while (*(it)) { \ + next = &((*(it))->nxt); \ + +/** + * lws_end_foreach_llp(): linkedlist pointer iterator helper end + * + * \param it: same iterator var name given when starting + * \param nxt: member name in the iterator pointing to next list element + * + * This helper is the partner for lws_start_foreach_llp() that ends the + * while loop. + */ + +#define lws_end_foreach_llp(it, nxt) \ + it = &(*(it))->nxt; \ + } \ +} + +#define lws_end_foreach_llp_safe(it) \ + it = next; \ + } \ +} + +#define lws_ll_fwd_insert(\ + ___new_object, /* pointer to new object */ \ + ___m_list, /* member for next list object ptr */ \ + ___list_head /* list head */ \ + ) {\ + ___new_object->___m_list = ___list_head; \ + ___list_head = ___new_object; \ + } + +#define lws_ll_fwd_remove(\ + ___type, /* type of listed object */ \ + ___m_list, /* member for next list object ptr */ \ + ___target, /* object to remove from list */ \ + ___list_head /* list head */ \ + ) { \ + lws_start_foreach_llp(___type **, ___ppss, ___list_head) { \ + if (*___ppss == ___target) { \ + *___ppss = ___target->___m_list; \ + break; \ + } \ + } lws_end_foreach_llp(___ppss, ___m_list); \ + } + +/* + * doubly linked-list + */ + +struct lws_dll { /* abstract */ + struct lws_dll *prev; + struct lws_dll *next; +}; + +/* + * these all point to the composed list objects... you have to use the + * lws_container_of() helper to recover the start of the containing struct + */ + +LWS_VISIBLE LWS_EXTERN void +lws_dll_add_front(struct lws_dll *d, struct lws_dll *phead); + +LWS_VISIBLE LWS_EXTERN void +lws_dll_remove(struct lws_dll *d); + +struct lws_dll_lws { /* typed as struct lws * */ + struct lws_dll_lws *prev; + struct lws_dll_lws *next; +}; + +#define lws_dll_is_null(___dll) (!(___dll)->prev && !(___dll)->next) + +static LWS_INLINE void +lws_dll_lws_add_front(struct lws_dll_lws *_a, struct lws_dll_lws *_head) +{ + lws_dll_add_front((struct lws_dll *)_a, (struct lws_dll *)_head); +} + +static LWS_INLINE void +lws_dll_lws_remove(struct lws_dll_lws *_a) +{ + lws_dll_remove((struct lws_dll *)_a); +} + +/* + * these are safe against the current container object getting deleted, + * since the hold his next in a temp and go to that next. ___tmp is + * the temp. + */ + +#define lws_start_foreach_dll_safe(___type, ___it, ___tmp, ___start) \ +{ \ + ___type ___it = ___start; \ + while (___it) { \ + ___type ___tmp = (___it)->next; + +#define lws_end_foreach_dll_safe(___it, ___tmp) \ + ___it = ___tmp; \ + } \ +} + +#define lws_start_foreach_dll(___type, ___it, ___start) \ +{ \ + ___type ___it = ___start; \ + while (___it) { + +#define lws_end_foreach_dll(___it) \ + ___it = (___it)->next; \ + } \ +} + +struct lws_buflist; + +/** + * lws_buflist_append_segment(): add buffer to buflist at head + * + * \param head: list head + * \param buf: buffer to stash + * \param len: length of buffer to stash + * + * Returns -1 on OOM, 1 if this was the first segment on the list, and 0 if + * it was a subsequent segment. + */ +LWS_VISIBLE LWS_EXTERN int +lws_buflist_append_segment(struct lws_buflist **head, const uint8_t *buf, + size_t len); +/** + * lws_buflist_next_segment_len(): number of bytes left in current segment + * + * \param head: list head + * \param buf: if non-NULL, *buf is written with the address of the start of + * the remaining data in the segment + * + * Returns the number of bytes left in the current segment. 0 indicates + * that the buflist is empty (there are no segments on the buflist). + */ +LWS_VISIBLE LWS_EXTERN size_t +lws_buflist_next_segment_len(struct lws_buflist **head, uint8_t **buf); +/** + * lws_buflist_use_segment(): remove len bytes from the current segment + * + * \param head: list head + * \param len: number of bytes to mark as used + * + * If len is less than the remaining length of the current segment, the position + * in the current segment is simply advanced and it returns. + * + * If len uses up the remaining length of the current segment, then the segment + * is deleted and the list head moves to the next segment if any. + * + * Returns the number of bytes left in the current segment. 0 indicates + * that the buflist is empty (there are no segments on the buflist). + */ +LWS_VISIBLE LWS_EXTERN int +lws_buflist_use_segment(struct lws_buflist **head, size_t len); +/** + * lws_buflist_destroy_all_segments(): free all segments on the list + * + * \param head: list head + * + * This frees everything on the list unconditionally. *head is always + * NULL after this. + */ +LWS_VISIBLE LWS_EXTERN void +lws_buflist_destroy_all_segments(struct lws_buflist **head); + +void +lws_buflist_describe(struct lws_buflist **head, void *id); + +/** + * lws_ptr_diff(): helper to report distance between pointers as an int + * + * \param head: the pointer with the larger address + * \param tail: the pointer with the smaller address + * + * This helper gives you an int representing the number of bytes further + * forward the first pointer is compared to the second pointer. + */ +#define lws_ptr_diff(head, tail) \ + ((int)((char *)(head) - (char *)(tail))) + +/** + * lws_snprintf(): snprintf that truncates the returned length too + * + * \param str: destination buffer + * \param size: bytes left in destination buffer + * \param format: format string + * \param ...: args for format + * + * This lets you correctly truncate buffers by concatenating lengths, if you + * reach the limit the reported length doesn't exceed the limit. + */ +LWS_VISIBLE LWS_EXTERN int +lws_snprintf(char *str, size_t size, const char *format, ...) LWS_FORMAT(3); + +/** + * lws_strncpy(): strncpy that guarantees NUL on truncated copy + * + * \param dest: destination buffer + * \param src: source buffer + * \param size: bytes left in destination buffer + * + * This lets you correctly truncate buffers by concatenating lengths, if you + * reach the limit the reported length doesn't exceed the limit. + */ +LWS_VISIBLE LWS_EXTERN char * +lws_strncpy(char *dest, const char *src, size_t size); + +/** + * lws_get_random(): fill a buffer with platform random data + * + * \param context: the lws context + * \param buf: buffer to fill + * \param len: how much to fill + * + * This is intended to be called from the LWS_CALLBACK_RECEIVE callback if + * it's interested to see if the frame it's dealing with was sent in binary + * mode. + */ +LWS_VISIBLE LWS_EXTERN int +lws_get_random(struct lws_context *context, void *buf, int len); +/** + * lws_daemonize(): make current process run in the background + * + * \param _lock_path: the filepath to write the lock file + * + * Spawn lws as a background process, taking care of various things + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_daemonize(const char *_lock_path); +/** + * lws_get_library_version(): return string describing the version of lws + * + * On unix, also includes the git describe + */ +LWS_VISIBLE LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT +lws_get_library_version(void); + +/** + * lws_wsi_user() - get the user data associated with the connection + * \param wsi: lws connection + * + * Not normally needed since it's passed into the callback + */ +LWS_VISIBLE LWS_EXTERN void * +lws_wsi_user(struct lws *wsi); + +/** + * lws_wsi_set_user() - set the user data associated with the client connection + * \param wsi: lws connection + * \param user: user data + * + * By default lws allocates this and it's not legal to externally set it + * yourself. However client connections may have it set externally when the + * connection is created... if so, this api can be used to modify it at + * runtime additionally. + */ +LWS_VISIBLE LWS_EXTERN void +lws_set_wsi_user(struct lws *wsi, void *user); + +/** + * lws_parse_uri: cut up prot:/ads:port/path into pieces + * Notice it does so by dropping '\0' into input string + * and the leading / on the path is consequently lost + * + * \param p: incoming uri string.. will get written to + * \param prot: result pointer for protocol part (https://) + * \param ads: result pointer for address part + * \param port: result pointer for port part + * \param path: result pointer for path part + * + * You may also refer to unix socket addresses, using a '+' at the start of + * the address. In this case, the address should end with ':', which is + * treated as the separator between the address and path (the normal separator + * '/' is a valid part of the socket path). Eg, + * + * http://+/var/run/mysocket:/my/path + * + * If the first character after the + is '@', it's interpreted by lws client + * processing as meaning to use linux abstract namespace sockets, the @ is + * replaced with a '\0' before use. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_parse_uri(char *p, const char **prot, const char **ads, int *port, + const char **path); +/** + * lws_cmdline_option(): simple commandline parser + * + * \param argc: count of argument strings + * \param argv: argument strings + * \param val: string to find + * + * Returns NULL if the string \p val is not found in the arguments. + * + * If it is found, then it returns a pointer to the next character after \p val. + * So if \p val is "-d", then for the commandlines "myapp -d15" and + * "myapp -d 15", in both cases the return will point to the "15". + * + * In the case there is no argument, like "myapp -d", the return will + * either point to the '\\0' at the end of -d, or to the start of the + * next argument, ie, will be non-NULL. + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_cmdline_option(int argc, const char **argv, const char *val); + +/** + * lws_now_secs(): return seconds since 1970-1-1 + */ +LWS_VISIBLE LWS_EXTERN unsigned long +lws_now_secs(void); + +/** + * lws_now_usecs(): return useconds since 1970-1-1 + */ +LWS_VISIBLE LWS_EXTERN lws_usec_t +lws_now_usecs(void); + +/** + * lws_compare_time_t(): return relationship between two time_t + * + * \param context: struct lws_context + * \param t1: time_t 1 + * \param t2: time_t 2 + * + * returns <0 if t2 > t1; >0 if t1 > t2; or == 0 if t1 == t2. + * + * This is aware of clock discontiguities that may have affected either t1 or + * t2 and adapts the comparison for them. + * + * For the discontiguity detection to work, you must avoid any arithmetic on + * the times being compared. For example to have a timeout that triggers + * 15s from when it was set, store the time it was set and compare like + * `if (lws_compare_time_t(context, now, set_time) > 15)` + */ +LWS_VISIBLE LWS_EXTERN int +lws_compare_time_t(struct lws_context *context, time_t t1, time_t t2); + +/** + * lws_get_context - Allow getting lws_context from a Websocket connection + * instance + * + * With this function, users can access context in the callback function. + * Otherwise users may have to declare context as a global variable. + * + * \param wsi: Websocket connection instance + */ +LWS_VISIBLE LWS_EXTERN struct lws_context * LWS_WARN_UNUSED_RESULT +lws_get_context(const struct lws *wsi); + +/** + * lws_get_vhost_listen_port - Find out the port number a vhost is listening on + * + * In the case you passed 0 for the port number at context creation time, you + * can discover the port number that was actually chosen for the vhost using + * this api. + * + * \param vhost: Vhost to get listen port from + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_get_vhost_listen_port(struct lws_vhost *vhost); + +/** + * lws_get_count_threads(): how many service threads the context uses + * + * \param context: the lws context + * + * By default this is always 1, if you asked for more than lws can handle it + * will clip the number of threads. So you can use this to find out how many + * threads are actually in use. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_get_count_threads(struct lws_context *context); + +/** + * lws_get_parent() - get parent wsi or NULL + * \param wsi: lws connection + * + * Specialized wsi like cgi stdin/out/err are associated to a parent wsi, + * this allows you to get their parent. + */ +LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT +lws_get_parent(const struct lws *wsi); + +/** + * lws_get_child() - get child wsi or NULL + * \param wsi: lws connection + * + * Allows you to find a related wsi from the parent wsi. + */ +LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT +lws_get_child(const struct lws *wsi); + +/** + * lws_get_effective_uid_gid() - find out eventual uid and gid while still root + * + * \param context: lws context + * \param uid: pointer to uid result + * \param gid: pointer to gid result + * + * This helper allows you to find out what the uid and gid for the process will + * be set to after the privileges are dropped, beforehand. So while still root, + * eg in LWS_CALLBACK_PROTOCOL_INIT, you can arrange things like cache dir + * and subdir creation / permissions down /var/cache dynamically. + */ +LWS_VISIBLE LWS_EXTERN void +lws_get_effective_uid_gid(struct lws_context *context, int *uid, int *gid); + +/** + * lws_get_udp() - get wsi's udp struct + * + * \param wsi: lws connection + * + * Returns NULL or pointer to the wsi's UDP-specific information + */ +LWS_VISIBLE LWS_EXTERN const struct lws_udp * LWS_WARN_UNUSED_RESULT +lws_get_udp(const struct lws *wsi); + +LWS_VISIBLE LWS_EXTERN void * +lws_get_opaque_parent_data(const struct lws *wsi); + +LWS_VISIBLE LWS_EXTERN void +lws_set_opaque_parent_data(struct lws *wsi, void *data); + +LWS_VISIBLE LWS_EXTERN int +lws_get_child_pending_on_writable(const struct lws *wsi); + +LWS_VISIBLE LWS_EXTERN void +lws_clear_child_pending_on_writable(struct lws *wsi); + +LWS_VISIBLE LWS_EXTERN int +lws_get_close_length(struct lws *wsi); + +LWS_VISIBLE LWS_EXTERN unsigned char * +lws_get_close_payload(struct lws *wsi); + +/** + * lws_get_network_wsi() - Returns wsi that has the tcp connection for this wsi + * + * \param wsi: wsi you have + * + * Returns wsi that has the tcp connection (which may be the incoming wsi) + * + * HTTP/1 connections will always return the incoming wsi + * HTTP/2 connections may return a different wsi that has the tcp connection + */ +LWS_VISIBLE LWS_EXTERN +struct lws *lws_get_network_wsi(struct lws *wsi); + +/** + * lws_set_allocator() - custom allocator support + * + * \param realloc + * + * Allows you to replace the allocator (and deallocator) used by lws + */ +LWS_VISIBLE LWS_EXTERN void +lws_set_allocator(void *(*realloc)(void *ptr, size_t size, const char *reason)); + +enum { + /* + * Flags for enable and disable rxflow with reason bitmap and with + * backwards-compatible single bool + */ + LWS_RXFLOW_REASON_USER_BOOL = (1 << 0), + LWS_RXFLOW_REASON_HTTP_RXBUFFER = (1 << 6), + LWS_RXFLOW_REASON_H2_PPS_PENDING = (1 << 7), + + LWS_RXFLOW_REASON_APPLIES = (1 << 14), + LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT = (1 << 13), + LWS_RXFLOW_REASON_APPLIES_ENABLE = LWS_RXFLOW_REASON_APPLIES | + LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT, + LWS_RXFLOW_REASON_APPLIES_DISABLE = LWS_RXFLOW_REASON_APPLIES, + LWS_RXFLOW_REASON_FLAG_PROCESS_NOW = (1 << 12), + +}; + +/** + * lws_rx_flow_control() - Enable and disable socket servicing for + * received packets. + * + * If the output side of a server process becomes choked, this allows flow + * control for the input side. + * + * \param wsi: Websocket connection instance to get callback for + * \param enable: 0 = disable read servicing for this connection, 1 = enable + * + * If you need more than one additive reason for rxflow control, you can give + * iLWS_RXFLOW_REASON_APPLIES_ENABLE or _DISABLE together with one or more of + * b5..b0 set to idicate which bits to enable or disable. If any bits are + * enabled, rx on the connection is suppressed. + * + * LWS_RXFLOW_REASON_FLAG_PROCESS_NOW flag may also be given to force any change + * in rxflowbstatus to benapplied immediately, this should be used when you are + * changing a wsi flow control state from outside a callback on that wsi. + */ +LWS_VISIBLE LWS_EXTERN int +lws_rx_flow_control(struct lws *wsi, int enable); + +/** + * lws_rx_flow_allow_all_protocol() - Allow all connections with this protocol to receive + * + * When the user server code realizes it can accept more input, it can + * call this to have the RX flow restriction removed from all connections using + * the given protocol. + * \param context: lws_context + * \param protocol: all connections using this protocol will be allowed to receive + */ +LWS_VISIBLE LWS_EXTERN void +lws_rx_flow_allow_all_protocol(const struct lws_context *context, + const struct lws_protocols *protocol); + +/** + * lws_remaining_packet_payload() - Bytes to come before "overall" + * rx fragment is complete + * \param wsi: Websocket instance (available from user callback) + * + * This tracks how many bytes are left in the current ws fragment, according + * to the ws length given in the fragment header. + * + * If the message was in a single fragment, and there is no compression, this + * is the same as "how much data is left to read for this message". + * + * However, if the message is being sent in multiple fragments, this will + * reflect the unread amount of the current **fragment**, not the message. With + * ws, it is legal to not know the length of the message before it completes. + * + * Additionally if the message is sent via the negotiated permessage-deflate + * extension, this number only tells the amount of **compressed** data left to + * be read, since that is the only information available at the ws layer. + */ +LWS_VISIBLE LWS_EXTERN size_t +lws_remaining_packet_payload(struct lws *wsi); + + + +/** + * lws_is_ssl() - Find out if connection is using SSL + * \param wsi: websocket connection to check + * + * Returns 0 if the connection is not using SSL, 1 if using SSL and + * using verified cert, and 2 if using SSL but the cert was not + * checked (appears for client wsi told to skip check on connection) + */ +LWS_VISIBLE LWS_EXTERN int +lws_is_ssl(struct lws *wsi); +/** + * lws_is_cgi() - find out if this wsi is running a cgi process + * \param wsi: lws connection + */ +LWS_VISIBLE LWS_EXTERN int +lws_is_cgi(struct lws *wsi); + +/** + * lws_open() - platform-specific wrapper for open that prepares the fd + * + * \param file: the filepath to open + * \param oflag: option flags + * \param mode: optional mode of any created file + * + * This is a wrapper around platform open() that sets options on the fd + * according to lws policy. Currently that is FD_CLOEXEC to stop the opened + * fd being available to any child process forked by user code. + */ +LWS_VISIBLE LWS_EXTERN int +lws_open(const char *__file, int __oflag, ...); + +struct lws_wifi_scan { /* generic wlan scan item */ + struct lws_wifi_scan *next; + char ssid[32]; + int32_t rssi; /* divide by .count to get db */ + uint8_t bssid[6]; + uint8_t count; + uint8_t channel; + uint8_t authmode; +}; + +#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) +/** + * lws_get_ssl() - Return wsi's SSL context structure + * \param wsi: websocket connection + * + * Returns pointer to the SSL library's context structure + */ +LWS_VISIBLE LWS_EXTERN SSL* +lws_get_ssl(struct lws *wsi); +#endif + +/** \defgroup smtp SMTP related functions + * ##SMTP related functions + * \ingroup lwsapi + * + * These apis let you communicate with a local SMTP server to send email from + * lws. It handles all the SMTP sequencing and protocol actions. + * + * Your system should have postfix, sendmail or another MTA listening on port + * 25 and able to send email using the "mail" commandline app. Usually distro + * MTAs are configured for this by default. + * + * It runs via its own libuv events if initialized (which requires giving it + * a libuv loop to attach to). + * + * It operates using three callbacks, on_next() queries if there is a new email + * to send, on_get_body() asks for the body of the email, and on_sent() is + * called after the email is successfully sent. + * + * To use it + * + * - create an lws_email struct + * + * - initialize data, loop, the email_* strings, max_content_size and + * the callbacks + * + * - call lws_email_init() + * + * When you have at least one email to send, call lws_email_check() to + * schedule starting to send it. + */ +//@{ +#ifdef LWS_WITH_SMTP + +/** enum lwsgs_smtp_states - where we are in SMTP protocol sequence */ +enum lwsgs_smtp_states { + LGSSMTP_IDLE, /**< awaiting new email */ + LGSSMTP_CONNECTING, /**< opening tcp connection to MTA */ + LGSSMTP_CONNECTED, /**< tcp connection to MTA is connected */ + LGSSMTP_SENT_HELO, /**< sent the HELO */ + LGSSMTP_SENT_FROM, /**< sent FROM */ + LGSSMTP_SENT_TO, /**< sent TO */ + LGSSMTP_SENT_DATA, /**< sent DATA request */ + LGSSMTP_SENT_BODY, /**< sent the email body */ + LGSSMTP_SENT_QUIT, /**< sent the session quit */ +}; + +/** struct lws_email - abstract context for performing SMTP operations */ +struct lws_email { + void *data; + /**< opaque pointer set by user code and available to the callbacks */ + uv_loop_t *loop; + /**< the libuv loop we will work on */ + + char email_smtp_ip[32]; /**< Fill before init, eg, "127.0.0.1" */ + char email_helo[32]; /**< Fill before init, eg, "myserver.com" */ + char email_from[100]; /**< Fill before init or on_next */ + char email_to[100]; /**< Fill before init or on_next */ + + unsigned int max_content_size; + /**< largest possible email body size */ + + /* Fill all the callbacks before init */ + + int (*on_next)(struct lws_email *email); + /**< (Fill in before calling lws_email_init) + * called when idle, 0 = another email to send, nonzero is idle. + * If you return 0, all of the email_* char arrays must be set + * to something useful. */ + int (*on_sent)(struct lws_email *email); + /**< (Fill in before calling lws_email_init) + * called when transfer of the email to the SMTP server was + * successful, your callback would remove the current email + * from its queue */ + int (*on_get_body)(struct lws_email *email, char *buf, int len); + /**< (Fill in before calling lws_email_init) + * called when the body part of the queued email is about to be + * sent to the SMTP server. */ + + + /* private things */ + uv_timer_t timeout_email; /**< private */ + enum lwsgs_smtp_states estate; /**< private */ + uv_connect_t email_connect_req; /**< private */ + uv_tcp_t email_client; /**< private */ + time_t email_connect_started; /**< private */ + char email_buf[256]; /**< private */ + char *content; /**< private */ +}; + +/** + * lws_email_init() - Initialize a struct lws_email + * + * \param email: struct lws_email to init + * \param loop: libuv loop to use + * \param max_content: max email content size + * + * Prepares a struct lws_email for use ending SMTP + */ +LWS_VISIBLE LWS_EXTERN int +lws_email_init(struct lws_email *email, uv_loop_t *loop, int max_content); + +/** + * lws_email_check() - Request check for new email + * + * \param email: struct lws_email context to check + * + * Schedules a check for new emails in 1s... call this when you have queued an + * email for send. + */ +LWS_VISIBLE LWS_EXTERN void +lws_email_check(struct lws_email *email); +/** + * lws_email_destroy() - stop using the struct lws_email + * + * \param email: the struct lws_email context + * + * Stop sending email using email and free allocations + */ +LWS_VISIBLE LWS_EXTERN void +lws_email_destroy(struct lws_email *email); + +#endif +//@} + +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-network-helper.h b/thirdparty/libwebsockets/include/libwebsockets/lws-network-helper.h new file mode 100644 index 0000000000..94ee8d9a5d --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-network-helper.h @@ -0,0 +1,105 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup net Network related helper APIs + * ##Network related helper APIs + * + * These wrap miscellaneous useful network-related functions + */ +///@{ + +/** + * lws_canonical_hostname() - returns this host's hostname + * + * This is typically used by client code to fill in the host parameter + * when making a client connection. You can only call it after the context + * has been created. + * + * \param context: Websocket context + */ +LWS_VISIBLE LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT +lws_canonical_hostname(struct lws_context *context); + +/** + * lws_get_peer_addresses() - Get client address information + * \param wsi: Local struct lws associated with + * \param fd: Connection socket descriptor + * \param name: Buffer to take client address name + * \param name_len: Length of client address name buffer + * \param rip: Buffer to take client address IP dotted quad + * \param rip_len: Length of client address IP buffer + * + * This function fills in name and rip with the name and IP of + * the client connected with socket descriptor fd. Names may be + * truncated if there is not enough room. If either cannot be + * determined, they will be returned as valid zero-length strings. + */ +LWS_VISIBLE LWS_EXTERN void +lws_get_peer_addresses(struct lws *wsi, lws_sockfd_type fd, char *name, + int name_len, char *rip, int rip_len); + +/** + * lws_get_peer_simple() - Get client address information without RDNS + * + * \param wsi: Local struct lws associated with + * \param name: Buffer to take client address name + * \param namelen: Length of client address name buffer + * + * This provides a 123.123.123.123 type IP address in name from the + * peer that has connected to wsi + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_get_peer_simple(struct lws *wsi, char *name, int namelen); + +#define LWS_ITOSA_USABLE 0 +#define LWS_ITOSA_NOT_EXIST -1 +#define LWS_ITOSA_NOT_USABLE -2 +#define LWS_ITOSA_BUSY -3 /* only returned by lws_socket_bind() on + EADDRINUSE */ + +#if !defined(LWS_WITH_ESP32) +/** + * lws_interface_to_sa() - Convert interface name or IP to sockaddr struct + * + * \param ipv6: Allow IPV6 addresses + * \param ifname: Interface name or IP + * \param addr: struct sockaddr_in * to be written + * \param addrlen: Length of addr + * + * This converts a textual network interface name to a sockaddr usable by + * other network functions. + * + * If the network interface doesn't exist, it will return LWS_ITOSA_NOT_EXIST. + * + * If the network interface is not usable, eg ethernet cable is removed, it + * may logically exist but not have any IP address. As such it will return + * LWS_ITOSA_NOT_USABLE. + * + * If the network interface exists and is usable, it will return + * LWS_ITOSA_USABLE. + */ +LWS_VISIBLE LWS_EXTERN int +lws_interface_to_sa(int ipv6, const char *ifname, struct sockaddr_in *addr, + size_t addrlen); +#endif +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-plugin-generic-sessions.h b/thirdparty/libwebsockets/include/libwebsockets/lws-plugin-generic-sessions.h new file mode 100644 index 0000000000..7f46f854ec --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-plugin-generic-sessions.h @@ -0,0 +1,74 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup generic-sessions plugin: generic-sessions + * \ingroup Protocols-and-Plugins + * + * ##Plugin Generic-sessions related + * + * generic-sessions plugin provides a reusable, generic session and login / + * register / forgot password framework including email verification. + */ +///@{ + +#define LWSGS_EMAIL_CONTENT_SIZE 16384 +/**< Maximum size of email we might send */ + +/* SHA-1 binary and hexified versions */ +/** typedef struct lwsgw_hash_bin */ +typedef struct { unsigned char bin[20]; /**< binary representation of hash */} lwsgw_hash_bin; +/** typedef struct lwsgw_hash */ +typedef struct { char id[41]; /**< ascii hex representation of hash */ } lwsgw_hash; + +/** enum lwsgs_auth_bits */ +enum lwsgs_auth_bits { + LWSGS_AUTH_LOGGED_IN = 1, /**< user is logged in as somebody */ + LWSGS_AUTH_ADMIN = 2, /**< logged in as the admin user */ + LWSGS_AUTH_VERIFIED = 4, /**< user has verified his email */ + LWSGS_AUTH_FORGOT_FLOW = 8, /**< just completed "forgot password" */ +}; + +/** struct lws_session_info - information about user session status */ +struct lws_session_info { + char username[32]; /**< username logged in as, or empty string */ + char email[100]; /**< email address associated with login, or empty string */ + char ip[72]; /**< ip address session was started from */ + unsigned int mask; /**< access rights mask associated with session + * see enum lwsgs_auth_bits */ + char session[42]; /**< session id string, usable as opaque uid when not logged in */ +}; + +/** enum lws_gs_event */ +enum lws_gs_event { + LWSGSE_CREATED, /**< a new user was created */ + LWSGSE_DELETED /**< an existing user was deleted */ +}; + +/** struct lws_gs_event_args */ +struct lws_gs_event_args { + enum lws_gs_event event; /**< which event happened */ + const char *username; /**< which username the event happened to */ + const char *email; /**< the email address of that user */ +}; + +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-protocols-plugins.h b/thirdparty/libwebsockets/include/libwebsockets/lws-protocols-plugins.h new file mode 100644 index 0000000000..b6cc44e27f --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-protocols-plugins.h @@ -0,0 +1,229 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup Protocols-and-Plugins Protocols and Plugins + * \ingroup lwsapi + * + * ##Protocol and protocol plugin -related apis + * + * Protocols bind ws protocol names to a custom callback specific to that + * protocol implementaion. + * + * A list of protocols can be passed in at context creation time, but it is + * also legal to leave that NULL and add the protocols and their callback code + * using plugins. + * + * Plugins are much preferable compared to cut and pasting code into an + * application each time, since they can be used standalone. + */ +///@{ +/** struct lws_protocols - List of protocols and handlers client or server + * supports. */ + +struct lws_protocols { + const char *name; + /**< Protocol name that must match the one given in the client + * Javascript new WebSocket(url, 'protocol') name. */ + lws_callback_function *callback; + /**< The service callback used for this protocol. It allows the + * service action for an entire protocol to be encapsulated in + * the protocol-specific callback */ + size_t per_session_data_size; + /**< Each new connection using this protocol gets + * this much memory allocated on connection establishment and + * freed on connection takedown. A pointer to this per-connection + * allocation is passed into the callback in the 'user' parameter */ + size_t rx_buffer_size; + /**< lws allocates this much space for rx data and informs callback + * when something came. Due to rx flow control, the callback may not + * be able to consume it all without having to return to the event + * loop. That is supported in lws. + * + * If .tx_packet_size is 0, this also controls how much may be sent at + * once for backwards compatibility. + */ + unsigned int id; + /**< ignored by lws, but useful to contain user information bound + * to the selected protocol. For example if this protocol was + * called "myprotocol-v2", you might set id to 2, and the user + * code that acts differently according to the version can do so by + * switch (wsi->protocol->id), user code might use some bits as + * capability flags based on selected protocol version, etc. */ + void *user; /**< ignored by lws, but user code can pass a pointer + here it can later access from the protocol callback */ + size_t tx_packet_size; + /**< 0 indicates restrict send() size to .rx_buffer_size for backwards- + * compatibility. + * If greater than zero, a single send() is restricted to this amount + * and any remainder is buffered by lws and sent afterwards also in + * these size chunks. Since that is expensive, it's preferable + * to restrict one fragment you are trying to send to match this + * size. + */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility */ +}; + +/** + * lws_vhost_name_to_protocol() - get vhost's protocol object from its name + * + * \param vh: vhost to search + * \param name: protocol name + * + * Returns NULL or a pointer to the vhost's protocol of the requested name + */ +LWS_VISIBLE LWS_EXTERN const struct lws_protocols * +lws_vhost_name_to_protocol(struct lws_vhost *vh, const char *name); + +/** + * lws_get_protocol() - Returns a protocol pointer from a websocket + * connection. + * \param wsi: pointer to struct websocket you want to know the protocol of + * + * + * Some apis can act on all live connections of a given protocol, + * this is how you can get a pointer to the active protocol if needed. + */ +LWS_VISIBLE LWS_EXTERN const struct lws_protocols * +lws_get_protocol(struct lws *wsi); + +/** lws_protocol_get() - deprecated: use lws_get_protocol */ +LWS_VISIBLE LWS_EXTERN const struct lws_protocols * +lws_protocol_get(struct lws *wsi) LWS_WARN_DEPRECATED; + +/** + * lws_protocol_vh_priv_zalloc() - Allocate and zero down a protocol's per-vhost + * storage + * \param vhost: vhost the instance is related to + * \param prot: protocol the instance is related to + * \param size: bytes to allocate + * + * Protocols often find it useful to allocate a per-vhost struct, this is a + * helper to be called in the per-vhost init LWS_CALLBACK_PROTOCOL_INIT + */ +LWS_VISIBLE LWS_EXTERN void * +lws_protocol_vh_priv_zalloc(struct lws_vhost *vhost, + const struct lws_protocols *prot, int size); + +/** + * lws_protocol_vh_priv_get() - retreive a protocol's per-vhost storage + * + * \param vhost: vhost the instance is related to + * \param prot: protocol the instance is related to + * + * Recover a pointer to the allocated per-vhost storage for the protocol created + * by lws_protocol_vh_priv_zalloc() earlier + */ +LWS_VISIBLE LWS_EXTERN void * +lws_protocol_vh_priv_get(struct lws_vhost *vhost, + const struct lws_protocols *prot); + +/** + * lws_adjust_protocol_psds - change a vhost protocol's per session data size + * + * \param wsi: a connection with the protocol to change + * \param new_size: the new size of the per session data size for the protocol + * + * Returns user_space for the wsi, after allocating + * + * This should not be used except to initalize a vhost protocol's per session + * data size one time, before any connections are accepted. + * + * Sometimes the protocol wraps another protocol and needs to discover and set + * its per session data size at runtime. + */ +LWS_VISIBLE LWS_EXTERN void * +lws_adjust_protocol_psds(struct lws *wsi, size_t new_size); + +/** + * lws_finalize_startup() - drop initial process privileges + * + * \param context: lws context + * + * This is called after the end of the vhost protocol initializations, but + * you may choose to call it earlier + */ +LWS_VISIBLE LWS_EXTERN int +lws_finalize_startup(struct lws_context *context); + +/** + * lws_pvo_search() - helper to find a named pvo in a linked-list + * + * \param pvo: the first pvo in the linked-list + * \param name: the name of the pvo to return if found + * + * Returns NULL, or a pointer to the name pvo in the linked-list + */ +LWS_VISIBLE LWS_EXTERN const struct lws_protocol_vhost_options * +lws_pvo_search(const struct lws_protocol_vhost_options *pvo, const char *name); + +/** + * lws_pvo_get_str() - retreive a string pvo value + * + * \param pvo: the first pvo in the linked-list + * \param name: the name of the pvo to return if found + * \param result: pointer to a const char * to get the result if any + * + * Returns 0 if found and *result set, or nonzero if not found + */ +LWS_VISIBLE LWS_EXTERN int +lws_pvo_get_str(void *in, const char *name, const char **result); + +LWS_VISIBLE LWS_EXTERN int +lws_protocol_init(struct lws_context *context); + +#ifdef LWS_WITH_PLUGINS + +/* PLUGINS implies LIBUV */ + +#define LWS_PLUGIN_API_MAGIC 180 + +/** struct lws_plugin_capability - how a plugin introduces itself to lws */ +struct lws_plugin_capability { + unsigned int api_magic; /**< caller fills this in, plugin fills rest */ + const struct lws_protocols *protocols; /**< array of supported protocols provided by plugin */ + int count_protocols; /**< how many protocols */ + const struct lws_extension *extensions; /**< array of extensions provided by plugin */ + int count_extensions; /**< how many extensions */ +}; + +typedef int (*lws_plugin_init_func)(struct lws_context *, + struct lws_plugin_capability *); +typedef int (*lws_plugin_destroy_func)(struct lws_context *); + +/** struct lws_plugin */ +struct lws_plugin { + struct lws_plugin *list; /**< linked list */ +#if (UV_VERSION_MAJOR > 0) + uv_lib_t lib; /**< shared library pointer */ +#else + void *l; /**< so we can compile on ancient libuv */ +#endif + char name[64]; /**< name of the plugin */ + struct lws_plugin_capability caps; /**< plugin capabilities */ +}; + +#endif + +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-purify.h b/thirdparty/libwebsockets/include/libwebsockets/lws-purify.h new file mode 100644 index 0000000000..0ae35ce33c --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-purify.h @@ -0,0 +1,81 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + + +/*! \defgroup pur Sanitize / purify SQL and JSON helpers + * + * ##Sanitize / purify SQL and JSON helpers + * + * APIs for escaping untrusted JSON and SQL safely before use + */ +//@{ + +/** + * lws_sql_purify() - like strncpy but with escaping for sql quotes + * + * \param escaped: output buffer + * \param string: input buffer ('/0' terminated) + * \param len: output buffer max length + * + * Because escaping expands the output string, it's not + * possible to do it in-place, ie, with escaped == string + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_sql_purify(char *escaped, const char *string, int len); + +/** + * lws_json_purify() - like strncpy but with escaping for json chars + * + * \param escaped: output buffer + * \param string: input buffer ('/0' terminated) + * \param len: output buffer max length + * + * Because escaping expands the output string, it's not + * possible to do it in-place, ie, with escaped == string + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_json_purify(char *escaped, const char *string, int len); + +/** + * lws_filename_purify_inplace() - replace scary filename chars with underscore + * + * \param filename: filename to be purified + * + * Replace scary characters in the filename (it should not be a path) + * with underscore, so it's safe to use. + */ +LWS_VISIBLE LWS_EXTERN void +lws_filename_purify_inplace(char *filename); + +LWS_VISIBLE LWS_EXTERN int +lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, + int len); +LWS_VISIBLE LWS_EXTERN int +lws_plat_write_file(const char *filename, void *buf, int len); + +LWS_VISIBLE LWS_EXTERN int +lws_plat_read_file(const char *filename, void *buf, int len); + +LWS_VISIBLE LWS_EXTERN int +lws_plat_recommended_rsa_bits(void); +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-ring.h b/thirdparty/libwebsockets/include/libwebsockets/lws-ring.h new file mode 100644 index 0000000000..9a5ec2e10b --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-ring.h @@ -0,0 +1,305 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup lws_ring LWS Ringbuffer APIs + * ##lws_ring: generic ringbuffer struct + * + * Provides an abstract ringbuffer api supporting one head and one or an + * unlimited number of tails. + * + * All of the members are opaque and manipulated by lws_ring_...() apis. + * + * The lws_ring and its buffer is allocated at runtime on the heap, using + * + * - lws_ring_create() + * - lws_ring_destroy() + * + * It may contain any type, the size of the "element" stored in the ring + * buffer and the number of elements is given at creation time. + * + * When you create the ringbuffer, you can optionally provide an element + * destroy callback that frees any allocations inside the element. This is then + * automatically called for elements with no tail behind them, ie, elements + * which don't have any pending consumer are auto-freed. + * + * Whole elements may be inserted into the ringbuffer and removed from it, using + * + * - lws_ring_insert() + * - lws_ring_consume() + * + * You can find out how many whole elements are free or waiting using + * + * - lws_ring_get_count_free_elements() + * - lws_ring_get_count_waiting_elements() + * + * In addition there are special purpose optional byte-centric apis + * + * - lws_ring_next_linear_insert_range() + * - lws_ring_bump_head() + * + * which let you, eg, read() directly into the ringbuffer without needing + * an intermediate bounce buffer. + * + * The accessors understand that the ring wraps, and optimizes insertion and + * consumption into one or two memcpy()s depending on if the head or tail + * wraps. + * + * lws_ring only supports a single head, but optionally multiple tails with + * an API to inform it when the "oldest" tail has moved on. You can give + * NULL where-ever an api asks for a tail pointer, and it will use an internal + * single tail pointer for convenience. + * + * The "oldest tail", which is the only tail if you give it NULL instead of + * some other tail, is used to track which elements in the ringbuffer are + * still unread by anyone. + * + * - lws_ring_update_oldest_tail() + */ +///@{ +struct lws_ring; + +/** + * lws_ring_create(): create a new ringbuffer + * + * \param element_len: the size in bytes of one element in the ringbuffer + * \param count: the number of elements the ringbuffer can contain + * \param destroy_element: NULL, or callback to be called for each element + * that is removed from the ringbuffer due to the + * oldest tail moving beyond it + * + * Creates the ringbuffer and allocates the storage. Returns the new + * lws_ring *, or NULL if the allocation failed. + * + * If non-NULL, destroy_element will get called back for every element that is + * retired from the ringbuffer after the oldest tail has gone past it, and for + * any element still left in the ringbuffer when it is destroyed. It replaces + * all other element destruction code in your user code. + */ +LWS_VISIBLE LWS_EXTERN struct lws_ring * +lws_ring_create(size_t element_len, size_t count, + void (*destroy_element)(void *element)); + +/** + * lws_ring_destroy(): destroy a previously created ringbuffer + * + * \param ring: the struct lws_ring to destroy + * + * Destroys the ringbuffer allocation and the struct lws_ring itself. + */ +LWS_VISIBLE LWS_EXTERN void +lws_ring_destroy(struct lws_ring *ring); + +/** + * lws_ring_get_count_free_elements(): return how many elements can fit + * in the free space + * + * \param ring: the struct lws_ring to report on + * + * Returns how much room is left in the ringbuffer for whole element insertion. + */ +LWS_VISIBLE LWS_EXTERN size_t +lws_ring_get_count_free_elements(struct lws_ring *ring); + +/** + * lws_ring_get_count_waiting_elements(): return how many elements can be consumed + * + * \param ring: the struct lws_ring to report on + * \param tail: a pointer to the tail struct to use, or NULL for single tail + * + * Returns how many elements are waiting to be consumed from the perspective + * of the tail pointer given. + */ +LWS_VISIBLE LWS_EXTERN size_t +lws_ring_get_count_waiting_elements(struct lws_ring *ring, uint32_t *tail); + +/** + * lws_ring_insert(): attempt to insert up to max_count elements from src + * + * \param ring: the struct lws_ring to report on + * \param src: the array of elements to be inserted + * \param max_count: the number of available elements at src + * + * Attempts to insert as many of the elements at src as possible, up to the + * maximum max_count. Returns the number of elements actually inserted. + */ +LWS_VISIBLE LWS_EXTERN size_t +lws_ring_insert(struct lws_ring *ring, const void *src, size_t max_count); + +/** + * lws_ring_consume(): attempt to copy out and remove up to max_count elements + * to src + * + * \param ring: the struct lws_ring to report on + * \param tail: a pointer to the tail struct to use, or NULL for single tail + * \param dest: the array of elements to be inserted. or NULL for no copy + * \param max_count: the number of available elements at src + * + * Attempts to copy out as many waiting elements as possible into dest, from + * the perspective of the given tail, up to max_count. If dest is NULL, the + * copying out is not done but the elements are logically consumed as usual. + * NULL dest is useful in combination with lws_ring_get_element(), where you + * can use the element direct from the ringbuffer and then call this with NULL + * dest to logically consume it. + * + * Increments the tail position according to how many elements could be + * consumed. + * + * Returns the number of elements consumed. + */ +LWS_VISIBLE LWS_EXTERN size_t +lws_ring_consume(struct lws_ring *ring, uint32_t *tail, void *dest, + size_t max_count); + +/** + * lws_ring_get_element(): get a pointer to the next waiting element for tail + * + * \param ring: the struct lws_ring to report on + * \param tail: a pointer to the tail struct to use, or NULL for single tail + * + * Points to the next element that tail would consume, directly in the + * ringbuffer. This lets you write() or otherwise use the element without + * having to copy it out somewhere first. + * + * After calling this, you must call lws_ring_consume(ring, &tail, NULL, 1) + * which will logically consume the element you used up and increment your + * tail (tail may also be NULL there if you use a single tail). + * + * Returns NULL if no waiting element, or a const void * pointing to it. + */ +LWS_VISIBLE LWS_EXTERN const void * +lws_ring_get_element(struct lws_ring *ring, uint32_t *tail); + +/** + * lws_ring_update_oldest_tail(): free up elements older than tail for reuse + * + * \param ring: the struct lws_ring to report on + * \param tail: a pointer to the tail struct to use, or NULL for single tail + * + * If you are using multiple tails, you must use this API to inform the + * lws_ring when none of the tails still need elements in the fifo any more, + * by updating it when the "oldest" tail has moved on. + */ +LWS_VISIBLE LWS_EXTERN void +lws_ring_update_oldest_tail(struct lws_ring *ring, uint32_t tail); + +/** + * lws_ring_get_oldest_tail(): get current oldest available data index + * + * \param ring: the struct lws_ring to report on + * + * If you are initializing a new ringbuffer consumer, you can set its tail to + * this to start it from the oldest ringbuffer entry still available. + */ +LWS_VISIBLE LWS_EXTERN uint32_t +lws_ring_get_oldest_tail(struct lws_ring *ring); + +/** + * lws_ring_next_linear_insert_range(): used to write directly into the ring + * + * \param ring: the struct lws_ring to report on + * \param start: pointer to a void * set to the start of the next ringbuffer area + * \param bytes: pointer to a size_t set to the max length you may use from *start + * + * This provides a low-level, bytewise access directly into the ringbuffer + * allowing direct insertion of data without having to use a bounce buffer. + * + * The api reports the position and length of the next linear range that can + * be written in the ringbuffer, ie, up to the point it would wrap, and sets + * *start and *bytes accordingly. You can then, eg, directly read() into + * *start for up to *bytes, and use lws_ring_bump_head() to update the lws_ring + * with what you have done. + * + * Returns nonzero if no insertion is currently possible. + */ +LWS_VISIBLE LWS_EXTERN int +lws_ring_next_linear_insert_range(struct lws_ring *ring, void **start, + size_t *bytes); + +/** + * lws_ring_bump_head(): used to write directly into the ring + * + * \param ring: the struct lws_ring to operate on + * \param bytes: the number of bytes you inserted at the current head + */ +LWS_VISIBLE LWS_EXTERN void +lws_ring_bump_head(struct lws_ring *ring, size_t bytes); + +LWS_VISIBLE LWS_EXTERN void +lws_ring_dump(struct lws_ring *ring, uint32_t *tail); + +/* + * This is a helper that combines the common pattern of needing to consume + * some ringbuffer elements, move the consumer tail on, and check if that + * has moved any ringbuffer elements out of scope, because it was the last + * consumer that had not already consumed them. + * + * Elements that go out of scope because the oldest tail is now after them + * get garbage-collected by calling the destroy_element callback on them + * defined when the ringbuffer was created. + */ + +#define lws_ring_consume_and_update_oldest_tail(\ + ___ring, /* the lws_ring object */ \ + ___type, /* type of objects with tails */ \ + ___ptail, /* ptr to tail of obj with tail doing consuming */ \ + ___count, /* count of payload objects being consumed */ \ + ___list_head, /* head of list of objects with tails */ \ + ___mtail, /* member name of tail in ___type */ \ + ___mlist /* member name of next list member ptr in ___type */ \ + ) { \ + int ___n, ___m; \ + \ + ___n = lws_ring_get_oldest_tail(___ring) == *(___ptail); \ + lws_ring_consume(___ring, ___ptail, NULL, ___count); \ + if (___n) { \ + uint32_t ___oldest; \ + ___n = 0; \ + ___oldest = *(___ptail); \ + lws_start_foreach_llp(___type **, ___ppss, ___list_head) { \ + ___m = lws_ring_get_count_waiting_elements( \ + ___ring, &(*___ppss)->tail); \ + if (___m >= ___n) { \ + ___n = ___m; \ + ___oldest = (*___ppss)->tail; \ + } \ + } lws_end_foreach_llp(___ppss, ___mlist); \ + \ + lws_ring_update_oldest_tail(___ring, ___oldest); \ + } \ +} + +/* + * This does the same as the lws_ring_consume_and_update_oldest_tail() + * helper, but for the simpler case there is only one consumer, so one + * tail, and that tail is always the oldest tail. + */ + +#define lws_ring_consume_single_tail(\ + ___ring, /* the lws_ring object */ \ + ___ptail, /* ptr to tail of obj with tail doing consuming */ \ + ___count /* count of payload objects being consumed */ \ + ) { \ + lws_ring_consume(___ring, ___ptail, NULL, ___count); \ + lws_ring_update_oldest_tail(___ring, *(___ptail)); \ +} +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-service.h b/thirdparty/libwebsockets/include/libwebsockets/lws-service.h new file mode 100644 index 0000000000..f4109f0431 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-service.h @@ -0,0 +1,215 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup service Built-in service loop entry + * + * ##Built-in service loop entry + * + * If you're not using libev / libuv, these apis are needed to enter the poll() + * wait in lws and service any connections with pending events. + */ +///@{ + +/** + * lws_service() - Service any pending websocket activity + * \param context: Websocket context + * \param timeout_ms: Timeout for poll; 0 means return immediately if nothing needed + * service otherwise block and service immediately, returning + * after the timeout if nothing needed service. + * + * This function deals with any pending websocket traffic, for three + * kinds of event. It handles these events on both server and client + * types of connection the same. + * + * 1) Accept new connections to our context's server + * + * 2) Call the receive callback for incoming frame data received by + * server or client connections. + * + * You need to call this service function periodically to all the above + * functions to happen; if your application is single-threaded you can + * just call it in your main event loop. + * + * Alternatively you can fork a new process that asynchronously handles + * calling this service in a loop. In that case you are happy if this + * call blocks your thread until it needs to take care of something and + * would call it with a large nonzero timeout. Your loop then takes no + * CPU while there is nothing happening. + * + * If you are calling it in a single-threaded app, you don't want it to + * wait around blocking other things in your loop from happening, so you + * would call it with a timeout_ms of 0, so it returns immediately if + * nothing is pending, or as soon as it services whatever was pending. + */ +LWS_VISIBLE LWS_EXTERN int +lws_service(struct lws_context *context, int timeout_ms); + +/** + * lws_service_tsi() - Service any pending websocket activity + * + * \param context: Websocket context + * \param timeout_ms: Timeout for poll; 0 means return immediately if nothing needed + * service otherwise block and service immediately, returning + * after the timeout if nothing needed service. + * \param tsi: Thread service index, starting at 0 + * + * Same as lws_service(), but for a specific thread service index. Only needed + * if you are spawning multiple service threads. + */ +LWS_VISIBLE LWS_EXTERN int +lws_service_tsi(struct lws_context *context, int timeout_ms, int tsi); + +/** + * lws_cancel_service_pt() - Cancel servicing of pending socket activity + * on one thread + * \param wsi: Cancel service on the thread this wsi is serviced by + * + * Same as lws_cancel_service(), but targets a single service thread, the one + * the wsi belongs to. You probably want to use lws_cancel_service() instead. + */ +LWS_VISIBLE LWS_EXTERN void +lws_cancel_service_pt(struct lws *wsi); + +/** + * lws_cancel_service() - Cancel wait for new pending socket activity + * \param context: Websocket context + * + * This function creates an immediate "synchronous interrupt" to the lws poll() + * wait or event loop. As soon as possible in the serialzed service sequencing, + * a LWS_CALLBACK_EVENT_WAIT_CANCELLED callback is sent to every protocol on + * every vhost. + * + * lws_cancel_service() may be called from another thread while the context + * exists, and its effect will be immediately serialized. + */ +LWS_VISIBLE LWS_EXTERN void +lws_cancel_service(struct lws_context *context); + +/** + * lws_service_fd() - Service polled socket with something waiting + * \param context: Websocket context + * \param pollfd: The pollfd entry describing the socket fd and which events + * happened, or NULL to tell lws to do only timeout servicing. + * + * This function takes a pollfd that has POLLIN or POLLOUT activity and + * services it according to the state of the associated + * struct lws. + * + * The one call deals with all "service" that might happen on a socket + * including listen accepts, http files as well as websocket protocol. + * + * If a pollfd says it has something, you can just pass it to + * lws_service_fd() whether it is a socket handled by lws or not. + * If it sees it is a lws socket, the traffic will be handled and + * pollfd->revents will be zeroed now. + * + * If the socket is foreign to lws, it leaves revents alone. So you can + * see if you should service yourself by checking the pollfd revents + * after letting lws try to service it. + * + * You should also call this with pollfd = NULL to just allow the + * once-per-second global timeout checks; if less than a second since the last + * check it returns immediately then. + */ +LWS_VISIBLE LWS_EXTERN int +lws_service_fd(struct lws_context *context, struct lws_pollfd *pollfd); + +/** + * lws_service_fd_tsi() - Service polled socket in specific service thread + * \param context: Websocket context + * \param pollfd: The pollfd entry describing the socket fd and which events + * happened. + * \param tsi: thread service index + * + * Same as lws_service_fd() but used with multiple service threads + */ +LWS_VISIBLE LWS_EXTERN int +lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, + int tsi); + +/** + * lws_service_adjust_timeout() - Check for any connection needing forced service + * \param context: Websocket context + * \param timeout_ms: The original poll timeout value. You can just set this + * to 1 if you don't really have a poll timeout. + * \param tsi: thread service index + * + * Under some conditions connections may need service even though there is no + * pending network action on them, this is "forced service". For default + * poll() and libuv / libev, the library takes care of calling this and + * dealing with it for you. But for external poll() integration, you need + * access to the apis. + * + * If anybody needs "forced service", returned timeout is zero. In that case, + * you can call lws_service_tsi() with a timeout of -1 to only service + * guys who need forced service. + */ +LWS_VISIBLE LWS_EXTERN int +lws_service_adjust_timeout(struct lws_context *context, int timeout_ms, int tsi); + +/* Backwards compatibility */ +#define lws_plat_service_tsi lws_service_tsi + +LWS_VISIBLE LWS_EXTERN int +lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd); + +///@} + +/*! \defgroup uv libuv helpers + * + * ##libuv helpers + * + * APIs specific to libuv event loop itegration + */ +///@{ +#ifdef LWS_WITH_LIBUV +/* + * Any direct libuv allocations in lws protocol handlers must participate in the + * lws reference counting scheme. Two apis are provided: + * + * - lws_libuv_static_refcount_add(handle, context) to mark the handle with + * a pointer to the context and increment the global uv object counter + * + * - lws_libuv_static_refcount_del() which should be used as the close callback + * for your own libuv objects declared in the protocol scope. + * + * Using the apis allows lws to detach itself from a libuv loop completely + * cleanly and at the moment all of its libuv objects have completed close. + */ + +LWS_VISIBLE LWS_EXTERN uv_loop_t * +lws_uv_getloop(struct lws_context *context, int tsi); + +LWS_VISIBLE LWS_EXTERN void +lws_libuv_static_refcount_add(uv_handle_t *, struct lws_context *context); + +LWS_VISIBLE LWS_EXTERN void +lws_libuv_static_refcount_del(uv_handle_t *); + +#endif /* LWS_WITH_LIBUV */ + +#if defined(LWS_WITH_ESP32) +#define lws_libuv_static_refcount_add(_a, _b) +#define lws_libuv_static_refcount_del NULL +#endif +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-sha1-base64.h b/thirdparty/libwebsockets/include/libwebsockets/lws-sha1-base64.h new file mode 100644 index 0000000000..5a2bfdbbb0 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-sha1-base64.h @@ -0,0 +1,93 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup sha SHA and B64 helpers + * ##SHA and B64 helpers + * + * These provide SHA-1 and B64 helper apis + */ +///@{ +#ifdef LWS_SHA1_USE_OPENSSL_NAME +#define lws_SHA1 SHA1 +#else +/** + * lws_SHA1(): make a SHA-1 digest of a buffer + * + * \param d: incoming buffer + * \param n: length of incoming buffer + * \param md: buffer for message digest (must be >= 20 bytes) + * + * Reduces any size buffer into a 20-byte SHA-1 hash. + */ +LWS_VISIBLE LWS_EXTERN unsigned char * +lws_SHA1(const unsigned char *d, size_t n, unsigned char *md); +#endif +/** + * lws_b64_encode_string(): encode a string into base 64 + * + * \param in: incoming buffer + * \param in_len: length of incoming buffer + * \param out: result buffer + * \param out_size: length of result buffer + * + * Encodes a string using b64 + */ +LWS_VISIBLE LWS_EXTERN int +lws_b64_encode_string(const char *in, int in_len, char *out, int out_size); +/** + * lws_b64_encode_string_url(): encode a string into base 64 + * + * \param in: incoming buffer + * \param in_len: length of incoming buffer + * \param out: result buffer + * \param out_size: length of result buffer + * + * Encodes a string using b64 with the "URL" variant (+ -> -, and / -> _) + */ +LWS_VISIBLE LWS_EXTERN int +lws_b64_encode_string_url(const char *in, int in_len, char *out, int out_size); +/** + * lws_b64_decode_string(): decode a string from base 64 + * + * \param in: incoming buffer + * \param out: result buffer + * \param out_size: length of result buffer + * + * Decodes a NUL-terminated string using b64 + */ +LWS_VISIBLE LWS_EXTERN int +lws_b64_decode_string(const char *in, char *out, int out_size); +/** + * lws_b64_decode_string_len(): decode a string from base 64 + * + * \param in: incoming buffer + * \param in_len: length of incoming buffer + * \param out: result buffer + * \param out_size: length of result buffer + * + * Decodes a range of chars using b64 + */ +LWS_VISIBLE LWS_EXTERN int +lws_b64_decode_string_len(const char *in, int in_len, char *out, int out_size); +///@} + diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-spa.h b/thirdparty/libwebsockets/include/libwebsockets/lws-spa.h new file mode 100644 index 0000000000..fcaf3889f5 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-spa.h @@ -0,0 +1,140 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup form-parsing Form Parsing + * \ingroup http + * ##POSTed form parsing functions + * + * These lws_spa (stateful post arguments) apis let you parse and urldecode + * POSTed form arguments, both using simple urlencoded and multipart transfer + * encoding. + * + * It's capable of handling file uploads as well a named input parsing, + * and the apis are the same for both form upload styles. + * + * You feed it a list of parameter names and it creates pointers to the + * urldecoded arguments: file upload parameters pass the file data in chunks to + * a user-supplied callback as they come. + * + * Since it's stateful, it handles the incoming data needing more than one + * POST_BODY callback and has no limit on uploaded file size. + */ +///@{ + +/** enum lws_spa_fileupload_states */ +enum lws_spa_fileupload_states { + LWS_UFS_CONTENT, + /**< a chunk of file content has arrived */ + LWS_UFS_FINAL_CONTENT, + /**< the last chunk (possibly zero length) of file content has arrived */ + LWS_UFS_OPEN + /**< a new file is starting to arrive */ +}; + +/** + * lws_spa_fileupload_cb() - callback to receive file upload data + * + * \param data: opt_data pointer set in lws_spa_create + * \param name: name of the form field being uploaded + * \param filename: original filename from client + * \param buf: start of data to receive + * \param len: length of data to receive + * \param state: information about how this call relates to file + * + * Notice name and filename shouldn't be trusted, as they are passed from + * HTTP provided by the client. + */ +typedef int (*lws_spa_fileupload_cb)(void *data, const char *name, + const char *filename, char *buf, int len, + enum lws_spa_fileupload_states state); + +/** struct lws_spa - opaque urldecode parser capable of handling multipart + * and file uploads */ +struct lws_spa; + +/** + * lws_spa_create() - create urldecode parser + * + * \param wsi: lws connection (used to find Content Type) + * \param param_names: array of form parameter names, like "username" + * \param count_params: count of param_names + * \param max_storage: total amount of form parameter values we can store + * \param opt_cb: NULL, or callback to receive file upload data. + * \param opt_data: NULL, or user pointer provided to opt_cb. + * + * Creates a urldecode parser and initializes it. + * + * opt_cb can be NULL if you just want normal name=value parsing, however + * if one or more entries in your form are bulk data (file transfer), you + * can provide this callback and filter on the name callback parameter to + * treat that urldecoded data separately. The callback should return -1 + * in case of fatal error, and 0 if OK. + */ +LWS_VISIBLE LWS_EXTERN struct lws_spa * +lws_spa_create(struct lws *wsi, const char * const *param_names, + int count_params, int max_storage, lws_spa_fileupload_cb opt_cb, + void *opt_data); + +/** + * lws_spa_process() - parses a chunk of input data + * + * \param spa: the parser object previously created + * \param in: incoming, urlencoded data + * \param len: count of bytes valid at \param in + */ +LWS_VISIBLE LWS_EXTERN int +lws_spa_process(struct lws_spa *spa, const char *in, int len); + +/** + * lws_spa_finalize() - indicate incoming data completed + * + * \param spa: the parser object previously created + */ +LWS_VISIBLE LWS_EXTERN int +lws_spa_finalize(struct lws_spa *spa); + +/** + * lws_spa_get_length() - return length of parameter value + * + * \param spa: the parser object previously created + * \param n: parameter ordinal to return length of value for + */ +LWS_VISIBLE LWS_EXTERN int +lws_spa_get_length(struct lws_spa *spa, int n); + +/** + * lws_spa_get_string() - return pointer to parameter value + * \param spa: the parser object previously created + * \param n: parameter ordinal to return pointer to value for + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_spa_get_string(struct lws_spa *spa, int n); + +/** + * lws_spa_destroy() - destroy parser object + * + * \param spa: the parser object previously created + */ +LWS_VISIBLE LWS_EXTERN int +lws_spa_destroy(struct lws_spa *spa); +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-stats.h b/thirdparty/libwebsockets/include/libwebsockets/lws-stats.h new file mode 100644 index 0000000000..b0031ca3e5 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-stats.h @@ -0,0 +1,75 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/* + * Stats are all uint64_t numbers that start at 0. + * Index names here have the convention + * + * _C_ counter + * _B_ byte count + * _MS_ millisecond count + */ + +enum { + LWSSTATS_C_CONNECTIONS, /**< count incoming connections */ + LWSSTATS_C_API_CLOSE, /**< count calls to close api */ + LWSSTATS_C_API_READ, /**< count calls to read from socket api */ + LWSSTATS_C_API_LWS_WRITE, /**< count calls to lws_write API */ + LWSSTATS_C_API_WRITE, /**< count calls to write API */ + LWSSTATS_C_WRITE_PARTIALS, /**< count of partial writes */ + LWSSTATS_C_WRITEABLE_CB_REQ, /**< count of writable callback requests */ + LWSSTATS_C_WRITEABLE_CB_EFF_REQ, /**< count of effective writable callback requests */ + LWSSTATS_C_WRITEABLE_CB, /**< count of writable callbacks */ + LWSSTATS_C_SSL_CONNECTIONS_FAILED, /**< count of failed SSL connections */ + LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED, /**< count of accepted SSL connections */ + LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN, /**< count of SSL_accept() attempts */ + LWSSTATS_C_SSL_CONNS_HAD_RX, /**< count of accepted SSL conns that have had some RX */ + LWSSTATS_C_TIMEOUTS, /**< count of timed-out connections */ + LWSSTATS_C_SERVICE_ENTRY, /**< count of entries to lws service loop */ + LWSSTATS_B_READ, /**< aggregate bytes read */ + LWSSTATS_B_WRITE, /**< aggregate bytes written */ + LWSSTATS_B_PARTIALS_ACCEPTED_PARTS, /**< aggreate of size of accepted write data from new partials */ + LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY, /**< aggregate delay in accepting connection */ + LWSSTATS_MS_WRITABLE_DELAY, /**< aggregate delay between asking for writable and getting cb */ + LWSSTATS_MS_WORST_WRITABLE_DELAY, /**< single worst delay between asking for writable and getting cb */ + LWSSTATS_MS_SSL_RX_DELAY, /**< aggregate delay between ssl accept complete and first RX */ + LWSSTATS_C_PEER_LIMIT_AH_DENIED, /**< number of times we would have given an ah but for the peer limit */ + LWSSTATS_C_PEER_LIMIT_WSI_DENIED, /**< number of times we would have given a wsi but for the peer limit */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility */ + LWSSTATS_SIZE +}; + +#if defined(LWS_WITH_STATS) + +LWS_VISIBLE LWS_EXTERN uint64_t +lws_stats_get(struct lws_context *context, int index); +LWS_VISIBLE LWS_EXTERN void +lws_stats_log_dump(struct lws_context *context); +#else +static LWS_INLINE uint64_t +lws_stats_get(struct lws_context *context, int index) { (void)context; (void)index; return 0; } +static LWS_INLINE void +lws_stats_log_dump(struct lws_context *context) { (void)context; } +#endif diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-threadpool.h b/thirdparty/libwebsockets/include/libwebsockets/lws-threadpool.h new file mode 100644 index 0000000000..eb6c6e1a16 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-threadpool.h @@ -0,0 +1,231 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup threadpool Threadpool related functions + * ##Threadpool + * \ingroup lwsapi + * + * This allows you to create one or more pool of threads which can run tasks + * associated with a wsi. If the pool is busy, tasks wait on a queue. + * + * Tasks don't have to be atomic, if they will take more than a few tens of ms + * they should return back to the threadpool worker with a return of 0. This + * will allow them to abort cleanly. + */ +//@{ + +struct lws_threadpool; +struct lws_threadpool_task; + +enum lws_threadpool_task_status { + LWS_TP_STATUS_QUEUED, + LWS_TP_STATUS_RUNNING, + LWS_TP_STATUS_SYNCING, + LWS_TP_STATUS_STOPPING, + LWS_TP_STATUS_FINISHED, /* lws_threadpool_task_status() frees task */ + LWS_TP_STATUS_STOPPED, /* lws_threadpool_task_status() frees task */ +}; + +enum lws_threadpool_task_return { + /** Still work to do, just confirming not being stopped */ + LWS_TP_RETURN_CHECKING_IN, + /** Still work to do, enter cond_wait until service thread syncs. This + * is used if you have filled your buffer(s) of data to the service + * thread and are blocked until the service thread completes sending at + * least one. + */ + LWS_TP_RETURN_SYNC, + /** No more work to do... */ + LWS_TP_RETURN_FINISHED, + /** Responding to request to stop */ + LWS_TP_RETURN_STOPPED, + + /* OR on to indicate this task wishes to outlive its wsi */ + LWS_TP_RETURN_FLAG_OUTLIVE = 64 +}; + +struct lws_threadpool_create_args { + int threads; + int max_queue_depth; +}; + +struct lws_threadpool_task_args { + struct lws *wsi; /**< user must set to wsi task is bound to */ + void *user; /**< user may set (user-private pointer) */ + const char *name; /**< user may set to describe task */ + char async_task; /**< set to allow the task to shrug off the loss + of the associated wsi and continue to + completion */ + enum lws_threadpool_task_return (*task)(void *user, + enum lws_threadpool_task_status s); + /**< user must set to actual task function */ + void (*cleanup)(struct lws *wsi, void *user); + /**< socket lifecycle may end while task is not stoppable, so the task + * must be able to detach from any wsi and clean itself up when it does + * stop. If NULL, no cleanup necessary, otherwise point to a user- + * supplied function that destroys the stuff in \p user. + * + * wsi may be NULL on entry, indicating the task got detached due to the + * wsi closing before. + */ +}; + +/** + * lws_threadpool_create() - create a pool of worker threads + * + * \param context: the lws_context the threadpool will exist inside + * \param args: argument struct prepared by caller + * \param format: printf-type format for the task name + * \param ...: printf type args for the task name format + * + * Creates a pool of worker threads with \p threads and a queue of up to + * \p max_queue_depth waiting tasks if all the threads are busy. + * + * Returns NULL if OOM, or a struct lws_threadpool pointer that must be + * destroyed by lws_threadpool_destroy(). + */ +LWS_VISIBLE LWS_EXTERN struct lws_threadpool * +lws_threadpool_create(struct lws_context *context, + const struct lws_threadpool_create_args *args, + const char *format, ...) LWS_FORMAT(3); + +/** + * lws_threadpool_finish() - Stop all pending and running tasks + * + * \param tp: the threadpool object + * + * Marks the threadpool as under destruction. Removes everything from the + * pending queue and completes those tasks as LWS_TP_STATUS_STOPPED. + * + * Running tasks will also get LWS_TP_STATUS_STOPPED as soon as they + * "resurface". + * + * This doesn't reap tasks or free the threadpool, the reaping is done by the + * lws_threadpool_task_status() on the done task. + */ +LWS_VISIBLE LWS_EXTERN void +lws_threadpool_finish(struct lws_threadpool *tp); + +/** + * lws_threadpool_destroy() - Destroy a threadpool + * + * \param tp: the threadpool object + * + * Waits for all worker threads to stop, ends the threads and frees the tp. + */ +LWS_VISIBLE LWS_EXTERN void +lws_threadpool_destroy(struct lws_threadpool *tp); + +/** + * lws_threadpool_enqueue() - Queue the task and run it on a worker thread when possible + * + * \param tp: the threadpool to queue / run on + * \param args: information about what to run + * \param format: printf-type format for the task name + * \param ...: printf type args for the task name format + * + * This asks for a task to run ASAP on a worker thread in threadpool \p tp. + * + * The args defines the wsi, a user-private pointer, a timeout in secs and + * a pointer to the task function. + * + * Returns NULL or an opaque pointer to the queued (or running, or completed) + * task. + * + * Once a task is created and enqueued, it can only be destroyed by calling + * lws_threadpool_task_status() on it after it has reached the state + * LWS_TP_STATUS_FINISHED or LWS_TP_STATUS_STOPPED. + */ +LWS_VISIBLE LWS_EXTERN struct lws_threadpool_task * +lws_threadpool_enqueue(struct lws_threadpool *tp, + const struct lws_threadpool_task_args *args, + const char *format, ...) LWS_FORMAT(3); + +/** + * lws_threadpool_dequeue() - Dequeue or try to stop a running task + * + * \param wsi: the wsi whose current task we want to eliminate + * + * Returns 0 is the task was dequeued or already compeleted, or 1 if the task + * has been asked to stop asynchronously. + * + * This doesn't free the task. It only shortcuts it to state + * LWS_TP_STATUS_STOPPED. lws_threadpool_task_status() must be performed on + * the task separately once it is in LWS_TP_STATUS_STOPPED to free the task. + */ +LWS_VISIBLE LWS_EXTERN int +lws_threadpool_dequeue(struct lws *wsi); + +/** + * lws_threadpool_task_status() - Dequeue or try to stop a running task + * + * \param wsi: the wsi to query the current task of + * \param task: receives a pointer to the opaque task + * \param user: receives a void * pointer to the task user data + * + * This is the equivalent of posix waitpid()... it returns the status of the + * task, and if the task is in state LWS_TP_STATUS_FINISHED or + * LWS_TP_STATUS_STOPPED, frees \p task. If in another state, the task + * continues to exist. + * + * This is designed to be called from the service thread. + * + * Its use is to make sure the service thread has seen the state of the task + * before deleting it. + */ +LWS_VISIBLE LWS_EXTERN enum lws_threadpool_task_status +lws_threadpool_task_status_wsi(struct lws *wsi, + struct lws_threadpool_task **task, void **user); + +/** + * lws_threadpool_task_sync() - Indicate to a stalled task it may continue + * + * \param task: the task to unblock + * \param stop: 0 = run after unblock, 1 = when he unblocks, stop him + * + * Inform the task that the service thread has finished with the shared data + * and that the task, if blocked in LWS_TP_RETURN_SYNC, may continue. + * + * If the lws service context determined that the task must be aborted, it + * should still call this but with stop = 1, causing the task to finish. + */ +LWS_VISIBLE LWS_EXTERN void +lws_threadpool_task_sync(struct lws_threadpool_task *task, int stop); + +/** + * lws_threadpool_dump() - dump the state of a threadpool to the log + * + * \param tp: The threadpool to dump + * + * This locks the threadpool and then dumps the pending queue, the worker + * threads and the done queue, together with time information for how long + * the tasks have been in their current state, how long they have occupied a + * thread, etc. + * + * This only does anything on lws builds with CMAKE_BUILD_TYPE=DEBUG, otherwise + * while it still exists, it's a NOP. + */ + +LWS_VISIBLE LWS_EXTERN void +lws_threadpool_dump(struct lws_threadpool *tp); +//@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-timeout-timer.h b/thirdparty/libwebsockets/include/libwebsockets/lws-timeout-timer.h new file mode 100644 index 0000000000..e715ba15a3 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-timeout-timer.h @@ -0,0 +1,164 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup timeout Connection timeouts + + APIs related to setting connection timeouts +*/ +//@{ + +/* + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ +enum pending_timeout { + NO_PENDING_TIMEOUT = 0, + PENDING_TIMEOUT_AWAITING_PROXY_RESPONSE = 1, + PENDING_TIMEOUT_AWAITING_CONNECT_RESPONSE = 2, + PENDING_TIMEOUT_ESTABLISH_WITH_SERVER = 3, + PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE = 4, + PENDING_TIMEOUT_AWAITING_PING = 5, + PENDING_TIMEOUT_CLOSE_ACK = 6, + PENDING_TIMEOUT_UNUSED1 = 7, + PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE = 8, + PENDING_TIMEOUT_SSL_ACCEPT = 9, + PENDING_TIMEOUT_HTTP_CONTENT = 10, + PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND = 11, + PENDING_FLUSH_STORED_SEND_BEFORE_CLOSE = 12, + PENDING_TIMEOUT_SHUTDOWN_FLUSH = 13, + PENDING_TIMEOUT_CGI = 14, + PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE = 15, + PENDING_TIMEOUT_WS_PONG_CHECK_SEND_PING = 16, + PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG = 17, + PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD = 18, + PENDING_TIMEOUT_AWAITING_SOCKS_GREETING_REPLY = 19, + PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY = 20, + PENDING_TIMEOUT_AWAITING_SOCKS_AUTH_REPLY = 21, + PENDING_TIMEOUT_KILLED_BY_SSL_INFO = 22, + PENDING_TIMEOUT_KILLED_BY_PARENT = 23, + PENDING_TIMEOUT_CLOSE_SEND = 24, + PENDING_TIMEOUT_HOLDING_AH = 25, + PENDING_TIMEOUT_UDP_IDLE = 26, + PENDING_TIMEOUT_CLIENT_CONN_IDLE = 27, + PENDING_TIMEOUT_LAGGING = 28, + PENDING_TIMEOUT_THREADPOOL = 29, + PENDING_TIMEOUT_THREADPOOL_TASK = 30, + PENDING_TIMEOUT_KILLED_BY_PROXY_CLIENT_CLOSE = 31, + + /****** add new things just above ---^ ******/ + + PENDING_TIMEOUT_USER_REASON_BASE = 1000 +}; + +/** + * lws_time_in_microseconds() - Returns the unix time in microseconds + */ +LWS_VISIBLE LWS_EXTERN uint64_t +lws_time_in_microseconds(void); + +#define LWS_TO_KILL_ASYNC -1 +/**< If LWS_TO_KILL_ASYNC is given as the timeout sec in a lws_set_timeout() + * call, then the connection is marked to be killed at the next timeout + * check. This is how you should force-close the wsi being serviced if + * you are doing it outside the callback (where you should close by nonzero + * return). + */ +#define LWS_TO_KILL_SYNC -2 +/**< If LWS_TO_KILL_SYNC is given as the timeout sec in a lws_set_timeout() + * call, then the connection is closed before returning (which may delete + * the wsi). This should only be used where the wsi being closed is not the + * wsi currently being serviced. + */ +/** + * lws_set_timeout() - marks the wsi as subject to a timeout + * + * You will not need this unless you are doing something special + * + * \param wsi: Websocket connection instance + * \param reason: timeout reason + * \param secs: how many seconds. You may set to LWS_TO_KILL_ASYNC to + * force the connection to timeout at the next opportunity, or + * LWS_TO_KILL_SYNC to close it synchronously if you know the + * wsi is not the one currently being serviced. + */ +LWS_VISIBLE LWS_EXTERN void +lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs); + +#define LWS_SET_TIMER_USEC_CANCEL ((lws_usec_t)-1ll) +#define LWS_USEC_PER_SEC (1000000ll) + +/** + * lws_set_timer_usecs() - schedules a callback on the wsi in the future + * + * \param wsi: Websocket connection instance + * \param usecs: LWS_SET_TIMER_USEC_CANCEL removes any existing scheduled + * callback, otherwise number of microseconds in the future + * the callback will occur at. + * + * NOTE: event loop support for this: + * + * default poll() loop: yes + * libuv event loop: yes + * libev: not implemented (patch welcome) + * libevent: not implemented (patch welcome) + * + * After the deadline expires, the wsi will get a callback of type + * LWS_CALLBACK_TIMER and the timer is exhausted. The deadline may be + * continuously deferred by further calls to lws_set_timer_usecs() with a later + * deadline, or cancelled by lws_set_timer_usecs(wsi, -1). + * + * If the timer should repeat, lws_set_timer_usecs() must be called again from + * LWS_CALLBACK_TIMER. + * + * Accuracy depends on the platform and the load on the event loop or system... + * all that's guaranteed is the callback will come after the requested wait + * period. + */ +LWS_VISIBLE LWS_EXTERN void +lws_set_timer_usecs(struct lws *wsi, lws_usec_t usecs); + +/* + * lws_timed_callback_vh_protocol() - calls back a protocol on a vhost after + * the specified delay + * + * \param vh: the vhost to call back + * \param protocol: the protocol to call back + * \param reason: callback reason + * \param secs: how many seconds in the future to do the callback. Set to + * -1 to cancel the timer callback. + * + * Callback the specified protocol with a fake wsi pointing to the specified + * vhost and protocol, with the specified reason, at the specified time in the + * future. + * + * Returns 0 if OK. + * + * In the multithreaded service case, the callback will occur in the same + * service thread context as the call to this api that requested it. If it is + * called from a non-service thread, tsi 0 will handle it. + */ +LWS_VISIBLE LWS_EXTERN int +lws_timed_callback_vh_protocol(struct lws_vhost *vh, + const struct lws_protocols *prot, + int reason, int secs); +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-tokenize.h b/thirdparty/libwebsockets/include/libwebsockets/lws-tokenize.h new file mode 100644 index 0000000000..26a57dfbaf --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-tokenize.h @@ -0,0 +1,136 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/* Do not treat - as a terminal character, so "my-token" is one token */ +#define LWS_TOKENIZE_F_MINUS_NONTERM (1 << 0) +/* Separately report aggregate colon-delimited tokens */ +#define LWS_TOKENIZE_F_AGG_COLON (1 << 1) +/* Enforce sequencing for a simple token , token , token ... list */ +#define LWS_TOKENIZE_F_COMMA_SEP_LIST (1 << 2) +/* Allow more characters in the tokens and less delimiters... default is + * only alphanumeric + underscore in tokens */ +#define LWS_TOKENIZE_F_RFC7230_DELIMS (1 << 3) +/* Do not treat . as a terminal character, so "warmcat.com" is one token */ +#define LWS_TOKENIZE_F_DOT_NONTERM (1 << 4) +/* If something starts looking like a float, like 1.2, force to be string token. + * This lets you receive dotted-quads like 192.168.0.1 as string tokens, and + * avoids illegal float format detection like 1.myserver.com */ +#define LWS_TOKENIZE_F_NO_FLOATS (1 << 5) + +typedef enum { + + LWS_TOKZE_ERRS = 5, /* the number of errors defined */ + + LWS_TOKZE_ERR_BROKEN_UTF8 = -5, /* malformed or partial utf8 */ + LWS_TOKZE_ERR_UNTERM_STRING = -4, /* ended while we were in "" */ + LWS_TOKZE_ERR_MALFORMED_FLOAT = -3, /* like 0..1 or 0.1.1 */ + LWS_TOKZE_ERR_NUM_ON_LHS = -2, /* like 123= or 0.1= */ + LWS_TOKZE_ERR_COMMA_LIST = -1, /* like ",tok", or, "tok,," */ + + LWS_TOKZE_ENDED = 0, /* no more content */ + + /* Note: results have ordinal 1+, EOT is 0 and errors are < 0 */ + + LWS_TOKZE_DELIMITER, /* a delimiter appeared */ + LWS_TOKZE_TOKEN, /* a token appeared */ + LWS_TOKZE_INTEGER, /* an integer appeared */ + LWS_TOKZE_FLOAT, /* a float appeared */ + LWS_TOKZE_TOKEN_NAME_EQUALS, /* token [whitespace] = */ + LWS_TOKZE_TOKEN_NAME_COLON, /* token [whitespace] : (only with + LWS_TOKENIZE_F_AGG_COLON flag) */ + LWS_TOKZE_QUOTED_STRING, /* "*", where * may have any char */ + +} lws_tokenize_elem; + +/* + * helper enums to allow caller to enforce legal delimiter sequencing, eg + * disallow "token,,token", "token,", and ",token" + */ + +enum lws_tokenize_delimiter_tracking { + LWSTZ_DT_NEED_FIRST_CONTENT, + LWSTZ_DT_NEED_DELIM, + LWSTZ_DT_NEED_NEXT_CONTENT, +}; + +struct lws_tokenize { + const char *start; /**< set to the start of the string to tokenize */ + const char *token; /**< the start of an identified token or delimiter */ + int len; /**< set to the length of the string to tokenize */ + int token_len; /**< the length of the identied token or delimiter */ + + int flags; /**< optional LWS_TOKENIZE_F_ flags, or 0 */ + int delim; +}; + +/** + * lws_tokenize() - breaks down a string into tokens and delimiters in-place + * + * \param ts: the lws_tokenize struct to init + * \param start: the string to tokenize + * \param flags: LWS_TOKENIZE_F_ option flags + * + * This initializes the tokenize struct to point to the given string, and + * sets the length to 2GiB - 1 (so there must be a terminating NUL)... you can + * override this requirement by setting ts.len yourself before using it. + * + * .delim is also initialized to LWSTZ_DT_NEED_FIRST_CONTENT. + */ + +LWS_VISIBLE LWS_EXTERN void +lws_tokenize_init(struct lws_tokenize *ts, const char *start, int flags); + +/** + * lws_tokenize() - breaks down a string into tokens and delimiters in-place + * + * \param ts: the lws_tokenize struct with information and state on what to do + * + * The \p ts struct should have its start, len and flags members initialized to + * reflect the string to be tokenized and any options. + * + * Then `lws_tokenize()` may be called repeatedly on the struct, returning one + * of `lws_tokenize_elem` each time, and with the struct's `token` and + * `token_len` members set to describe the content of the delimiter or token + * payload each time. + * + * There are no allocations during the process. + * + * returns lws_tokenize_elem that was identified (LWS_TOKZE_ENDED means reached + * the end of the string). + */ + +LWS_VISIBLE LWS_EXTERN lws_tokenize_elem +lws_tokenize(struct lws_tokenize *ts); + +/** + * lws_tokenize_cstr() - copy token string to NUL-terminated buffer + * + * \param ts: pointer to lws_tokenize struct to operate on + * \param str: destination buffer + * \pparam max: bytes in destination buffer + * + * returns 0 if OK or nonzero if the string + NUL won't fit. + */ + +LWS_VISIBLE LWS_EXTERN int +lws_tokenize_cstr(struct lws_tokenize *ts, char *str, int max); diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-vfs.h b/thirdparty/libwebsockets/include/libwebsockets/lws-vfs.h new file mode 100644 index 0000000000..00e2fda5d3 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-vfs.h @@ -0,0 +1,269 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup fops file operation wrapping + * + * ##File operation wrapping + * + * Use these helper functions if you want to access a file from the perspective + * of a specific wsi, which is usually the case. If you just want contextless + * file access, use the fops callbacks directly with NULL wsi instead of these + * helpers. + * + * If so, then it calls the platform handler or user overrides where present + * (as defined in info->fops) + * + * The advantage from all this is user code can be portable for file operations + * without having to deal with differences between platforms. + */ +//@{ + +/** struct lws_plat_file_ops - Platform-specific file operations + * + * These provide platform-agnostic ways to deal with filesystem access in the + * library and in the user code. + */ + +#if defined(LWS_WITH_ESP32) +/* sdk preprocessor defs? compiler issue? gets confused with member names */ +#define LWS_FOP_OPEN _open +#define LWS_FOP_CLOSE _close +#define LWS_FOP_SEEK_CUR _seek_cur +#define LWS_FOP_READ _read +#define LWS_FOP_WRITE _write +#else +#define LWS_FOP_OPEN open +#define LWS_FOP_CLOSE close +#define LWS_FOP_SEEK_CUR seek_cur +#define LWS_FOP_READ read +#define LWS_FOP_WRITE write +#endif + +#define LWS_FOP_FLAGS_MASK ((1 << 23) - 1) +#define LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP (1 << 24) +#define LWS_FOP_FLAG_COMPR_IS_GZIP (1 << 25) +#define LWS_FOP_FLAG_MOD_TIME_VALID (1 << 26) +#define LWS_FOP_FLAG_VIRTUAL (1 << 27) + +struct lws_plat_file_ops; + +struct lws_fop_fd { + lws_filefd_type fd; + /**< real file descriptor related to the file... */ + const struct lws_plat_file_ops *fops; + /**< fops that apply to this fop_fd */ + void *filesystem_priv; + /**< ignored by lws; owned by the fops handlers */ + lws_filepos_t pos; + /**< generic "position in file" */ + lws_filepos_t len; + /**< generic "length of file" */ + lws_fop_flags_t flags; + /**< copy of the returned flags */ + uint32_t mod_time; + /**< optional "modification time of file", only valid if .open() + * set the LWS_FOP_FLAG_MOD_TIME_VALID flag */ +}; +typedef struct lws_fop_fd *lws_fop_fd_t; + +struct lws_fops_index { + const char *sig; /* NULL or vfs signature, eg, ".zip/" */ + uint8_t len; /* length of above string */ +}; + +struct lws_plat_file_ops { + lws_fop_fd_t (*LWS_FOP_OPEN)(const struct lws_plat_file_ops *fops, + const char *filename, const char *vpath, + lws_fop_flags_t *flags); + /**< Open file (always binary access if plat supports it) + * vpath may be NULL, or if the fops understands it, the point at which + * the filename's virtual part starts. + * *flags & LWS_FOP_FLAGS_MASK should be set to O_RDONLY or O_RDWR. + * If the file may be gzip-compressed, + * LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP is set. If it actually is + * gzip-compressed, then the open handler should OR + * LWS_FOP_FLAG_COMPR_IS_GZIP on to *flags before returning. + */ + int (*LWS_FOP_CLOSE)(lws_fop_fd_t *fop_fd); + /**< close file AND set the pointer to NULL */ + lws_fileofs_t (*LWS_FOP_SEEK_CUR)(lws_fop_fd_t fop_fd, + lws_fileofs_t offset_from_cur_pos); + /**< seek from current position */ + int (*LWS_FOP_READ)(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len); + /**< Read from file, on exit *amount is set to amount actually read */ + int (*LWS_FOP_WRITE)(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len); + /**< Write to file, on exit *amount is set to amount actually written */ + + struct lws_fops_index fi[3]; + /**< vfs path signatures implying use of this fops */ + + const struct lws_plat_file_ops *next; + /**< NULL or next fops in list */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility */ +}; + +/** + * lws_get_fops() - get current file ops + * + * \param context: context + */ +LWS_VISIBLE LWS_EXTERN struct lws_plat_file_ops * LWS_WARN_UNUSED_RESULT +lws_get_fops(struct lws_context *context); +LWS_VISIBLE LWS_EXTERN void +lws_set_fops(struct lws_context *context, const struct lws_plat_file_ops *fops); +/** + * lws_vfs_tell() - get current file position + * + * \param fop_fd: fop_fd we are asking about + */ +LWS_VISIBLE LWS_EXTERN lws_filepos_t LWS_WARN_UNUSED_RESULT +lws_vfs_tell(lws_fop_fd_t fop_fd); +/** + * lws_vfs_get_length() - get current file total length in bytes + * + * \param fop_fd: fop_fd we are asking about + */ +LWS_VISIBLE LWS_EXTERN lws_filepos_t LWS_WARN_UNUSED_RESULT +lws_vfs_get_length(lws_fop_fd_t fop_fd); +/** + * lws_vfs_get_mod_time() - get time file last modified + * + * \param fop_fd: fop_fd we are asking about + */ +LWS_VISIBLE LWS_EXTERN uint32_t LWS_WARN_UNUSED_RESULT +lws_vfs_get_mod_time(lws_fop_fd_t fop_fd); +/** + * lws_vfs_file_seek_set() - seek relative to start of file + * + * \param fop_fd: fop_fd we are seeking in + * \param offset: offset from start of file + */ +LWS_VISIBLE LWS_EXTERN lws_fileofs_t +lws_vfs_file_seek_set(lws_fop_fd_t fop_fd, lws_fileofs_t offset); +/** + * lws_vfs_file_seek_end() - seek relative to end of file + * + * \param fop_fd: fop_fd we are seeking in + * \param offset: offset from start of file + */ +LWS_VISIBLE LWS_EXTERN lws_fileofs_t +lws_vfs_file_seek_end(lws_fop_fd_t fop_fd, lws_fileofs_t offset); + +extern struct lws_plat_file_ops fops_zip; + +/** + * lws_plat_file_open() - open vfs filepath + * + * \param fops: file ops struct that applies to this descriptor + * \param vfs_path: filename to open + * \param flags: pointer to open flags + * + * The vfs_path is scanned for known fops signatures, and the open directed + * to any matching fops open. + * + * User code should use this api to perform vfs opens. + * + * returns semi-opaque handle + */ +LWS_VISIBLE LWS_EXTERN lws_fop_fd_t LWS_WARN_UNUSED_RESULT +lws_vfs_file_open(const struct lws_plat_file_ops *fops, const char *vfs_path, + lws_fop_flags_t *flags); + +/** + * lws_plat_file_close() - close file + * + * \param fop_fd: file handle to close + */ +static LWS_INLINE int +lws_vfs_file_close(lws_fop_fd_t *fop_fd) +{ + return (*fop_fd)->fops->LWS_FOP_CLOSE(fop_fd); +} + +/** + * lws_plat_file_seek_cur() - close file + * + * + * \param fop_fd: file handle + * \param offset: position to seek to + */ +static LWS_INLINE lws_fileofs_t +lws_vfs_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset) +{ + return fop_fd->fops->LWS_FOP_SEEK_CUR(fop_fd, offset); +} +/** + * lws_plat_file_read() - read from file + * + * \param fop_fd: file handle + * \param amount: how much to read (rewritten by call) + * \param buf: buffer to write to + * \param len: max length + */ +static LWS_INLINE int LWS_WARN_UNUSED_RESULT +lws_vfs_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len) +{ + return fop_fd->fops->LWS_FOP_READ(fop_fd, amount, buf, len); +} +/** + * lws_plat_file_write() - write from file + * + * \param fop_fd: file handle + * \param amount: how much to write (rewritten by call) + * \param buf: buffer to read from + * \param len: max length + */ +static LWS_INLINE int LWS_WARN_UNUSED_RESULT +lws_vfs_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len) +{ + return fop_fd->fops->LWS_FOP_WRITE(fop_fd, amount, buf, len); +} + +/* these are the platform file operations implementations... they can + * be called directly and used in fops arrays + */ + +LWS_VISIBLE LWS_EXTERN lws_fop_fd_t +_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, + const char *vpath, lws_fop_flags_t *flags); +LWS_VISIBLE LWS_EXTERN int +_lws_plat_file_close(lws_fop_fd_t *fop_fd); +LWS_VISIBLE LWS_EXTERN lws_fileofs_t +_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset); +LWS_VISIBLE LWS_EXTERN int +_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len); +LWS_VISIBLE LWS_EXTERN int +_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len); + +LWS_VISIBLE LWS_EXTERN int +lws_alloc_vfs_file(struct lws_context *context, const char *filename, + uint8_t **buf, lws_filepos_t *amount); +//@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-write.h b/thirdparty/libwebsockets/include/libwebsockets/lws-write.h new file mode 100644 index 0000000000..b73e51c789 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-write.h @@ -0,0 +1,235 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup sending-data Sending data + + APIs related to writing data on a connection +*/ +//@{ +#if !defined(LWS_SIZEOFPTR) +#define LWS_SIZEOFPTR ((int)sizeof (void *)) +#endif + +#if defined(__x86_64__) +#define _LWS_PAD_SIZE 16 /* Intel recommended for best performance */ +#else +#define _LWS_PAD_SIZE LWS_SIZEOFPTR /* Size of a pointer on the target arch */ +#endif +#define _LWS_PAD(n) (((n) % _LWS_PAD_SIZE) ? \ + ((n) + (_LWS_PAD_SIZE - ((n) % _LWS_PAD_SIZE))) : (n)) +/* last 2 is for lws-meta */ +#define LWS_PRE _LWS_PAD(4 + 10 + 2) +/* used prior to 1.7 and retained for backward compatibility */ +#define LWS_SEND_BUFFER_PRE_PADDING LWS_PRE +#define LWS_SEND_BUFFER_POST_PADDING 0 + +#define LWS_WRITE_RAW LWS_WRITE_HTTP + +/* + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ +enum lws_write_protocol { + LWS_WRITE_TEXT = 0, + /**< Send a ws TEXT message,the pointer must have LWS_PRE valid + * memory behind it. + * + * The receiver expects only valid utf-8 in the payload */ + LWS_WRITE_BINARY = 1, + /**< Send a ws BINARY message, the pointer must have LWS_PRE valid + * memory behind it. + * + * Any sequence of bytes is valid */ + LWS_WRITE_CONTINUATION = 2, + /**< Continue a previous ws message, the pointer must have LWS_PRE valid + * memory behind it */ + LWS_WRITE_HTTP = 3, + /**< Send HTTP content */ + + /* LWS_WRITE_CLOSE is handled by lws_close_reason() */ + LWS_WRITE_PING = 5, + LWS_WRITE_PONG = 6, + + /* Same as write_http but we know this write ends the transaction */ + LWS_WRITE_HTTP_FINAL = 7, + + /* HTTP2 */ + + LWS_WRITE_HTTP_HEADERS = 8, + /**< Send http headers (http2 encodes this payload and LWS_WRITE_HTTP + * payload differently, http 1.x links also handle this correctly. so + * to be compatible with both in the future,header response part should + * be sent using this regardless of http version expected) + */ + LWS_WRITE_HTTP_HEADERS_CONTINUATION = 9, + /**< Continuation of http/2 headers + */ + + /****** add new things just above ---^ ******/ + + /* flags */ + + LWS_WRITE_BUFLIST = 0x20, + /**< Don't actually write it... stick it on the output buflist and + * write it as soon as possible. Useful if you learn you have to + * write something, have the data to write to hand but the timing is + * unrelated as to whether the connection is writable or not, and were + * otherwise going to have to allocate a temp buffer and write it + * later anyway */ + + LWS_WRITE_NO_FIN = 0x40, + /**< This part of the message is not the end of the message */ + + LWS_WRITE_H2_STREAM_END = 0x80, + /**< Flag indicates this packet should go out with STREAM_END if h2 + * STREAM_END is allowed on DATA or HEADERS. + */ + + LWS_WRITE_CLIENT_IGNORE_XOR_MASK = 0x80 + /**< client packet payload goes out on wire unmunged + * only useful for security tests since normal servers cannot + * decode the content if used */ +}; + +/* used with LWS_CALLBACK_CHILD_WRITE_VIA_PARENT */ + +struct lws_write_passthru { + struct lws *wsi; + unsigned char *buf; + size_t len; + enum lws_write_protocol wp; +}; + + +/** + * lws_write() - Apply protocol then write data to client + * \param wsi: Websocket instance (available from user callback) + * \param buf: The data to send. For data being sent on a websocket + * connection (ie, not default http), this buffer MUST have + * LWS_PRE bytes valid BEFORE the pointer. + * This is so the protocol header data can be added in-situ. + * \param len: Count of the data bytes in the payload starting from buf + * \param protocol: Use LWS_WRITE_HTTP to reply to an http connection, and one + * of LWS_WRITE_BINARY or LWS_WRITE_TEXT to send appropriate + * data on a websockets connection. Remember to allow the extra + * bytes before and after buf if LWS_WRITE_BINARY or LWS_WRITE_TEXT + * are used. + * + * This function provides the way to issue data back to the client + * for both http and websocket protocols. + * + * IMPORTANT NOTICE! + * + * When sending with websocket protocol + * + * LWS_WRITE_TEXT, + * LWS_WRITE_BINARY, + * LWS_WRITE_CONTINUATION, + * LWS_WRITE_PING, + * LWS_WRITE_PONG, + * + * or sending on http/2, + * + * the send buffer has to have LWS_PRE bytes valid BEFORE the buffer pointer you + * pass to lws_write(). Since you'll probably want to use http/2 before too + * long, it's wise to just always do this with lws_write buffers... LWS_PRE is + * typically 16 bytes it's not going to hurt usually. + * + * start of alloc ptr passed to lws_write end of allocation + * | | | + * v <-- LWS_PRE bytes --> v v + * [---------------- allocated memory ---------------] + * (for lws use) [====== user buffer ======] + * + * This allows us to add protocol info before and after the data, and send as + * one packet on the network without payload copying, for maximum efficiency. + * + * So for example you need this kind of code to use lws_write with a + * 128-byte payload + * + * char buf[LWS_PRE + 128]; + * + * // fill your part of the buffer... for example here it's all zeros + * memset(&buf[LWS_PRE], 0, 128); + * + * lws_write(wsi, &buf[LWS_PRE], 128, LWS_WRITE_TEXT); + * + * LWS_PRE is at least the frame nonce + 2 header + 8 length + * LWS_SEND_BUFFER_POST_PADDING is deprecated, it's now 0 and can be left off. + * The example apps no longer use it. + * + * Pad LWS_PRE to the CPU word size, so that word references + * to the address immediately after the padding won't cause an unaligned access + * error. Sometimes for performance reasons the recommended padding is even + * larger than sizeof(void *). + * + * In the case of sending using websocket protocol, be sure to allocate + * valid storage before and after buf as explained above. This scheme + * allows maximum efficiency of sending data and protocol in a single + * packet while not burdening the user code with any protocol knowledge. + * + * Return may be -1 for a fatal error needing connection close, or the + * number of bytes sent. + * + * Truncated Writes + * ================ + * + * The OS may not accept everything you asked to write on the connection. + * + * Posix defines POLLOUT indication from poll() to show that the connection + * will accept more write data, but it doesn't specifiy how much. It may just + * accept one byte of whatever you wanted to send. + * + * LWS will buffer the remainder automatically, and send it out autonomously. + * + * During that time, WRITABLE callbacks will be suppressed. + * + * This is to handle corner cases where unexpectedly the OS refuses what we + * usually expect it to accept. You should try to send in chunks that are + * almost always accepted in order to avoid the inefficiency of the buffering. + */ +LWS_VISIBLE LWS_EXTERN int +lws_write(struct lws *wsi, unsigned char *buf, size_t len, + enum lws_write_protocol protocol); + +/* helper for case where buffer may be const */ +#define lws_write_http(wsi, buf, len) \ + lws_write(wsi, (unsigned char *)(buf), len, LWS_WRITE_HTTP) + +/* helper for multi-frame ws message flags */ +static LWS_INLINE int +lws_write_ws_flags(int initial, int is_start, int is_end) +{ + int r; + + if (is_start) + r = initial; + else + r = LWS_WRITE_CONTINUATION; + + if (!is_end) + r |= LWS_WRITE_NO_FIN; + + return r; +} +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-writeable.h b/thirdparty/libwebsockets/include/libwebsockets/lws-writeable.h new file mode 100644 index 0000000000..dd5659c3f0 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-writeable.h @@ -0,0 +1,225 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup callback-when-writeable Callback when writeable + * + * ##Callback When Writeable + * + * lws can only write data on a connection when it is able to accept more + * data without blocking. + * + * So a basic requirement is we should only use the lws_write() apis when the + * connection we want to write on says that he can accept more data. + * + * When lws cannot complete your send at the time, it will buffer the data + * and send it in the background, suppressing any further WRITEABLE callbacks + * on that connection until it completes. So it is important to write new + * things in a new writeable callback. + * + * These apis reflect the various ways we can indicate we would like to be + * called back when one or more connections is writeable. + */ +///@{ + +/** + * lws_callback_on_writable() - Request a callback when this socket + * becomes able to be written to without + * blocking + * + * \param wsi: Websocket connection instance to get callback for + * + * - Which: only this wsi + * - When: when the individual connection becomes writeable + * - What: LWS_CALLBACK_*_WRITEABLE + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_on_writable(struct lws *wsi); + +/** + * lws_callback_on_writable_all_protocol() - Request a callback for all + * connections using the given protocol when it + * becomes possible to write to each socket without + * blocking in turn. + * + * \param context: lws_context + * \param protocol: Protocol whose connections will get callbacks + * + * - Which: connections using this protocol on ANY VHOST + * - When: when the individual connection becomes writeable + * - What: LWS_CALLBACK_*_WRITEABLE + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_on_writable_all_protocol(const struct lws_context *context, + const struct lws_protocols *protocol); + +/** + * lws_callback_on_writable_all_protocol_vhost() - Request a callback for + * all connections on same vhost using the given protocol + * when it becomes possible to write to each socket without + * blocking in turn. + * + * \param vhost: Only consider connections on this lws_vhost + * \param protocol: Protocol whose connections will get callbacks + * + * - Which: connections using this protocol on GIVEN VHOST ONLY + * - When: when the individual connection becomes writeable + * - What: LWS_CALLBACK_*_WRITEABLE + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_on_writable_all_protocol_vhost(const struct lws_vhost *vhost, + const struct lws_protocols *protocol); + +/** + * lws_callback_all_protocol() - Callback all connections using + * the given protocol with the given reason + * + * \param context: lws_context + * \param protocol: Protocol whose connections will get callbacks + * \param reason: Callback reason index + * + * - Which: connections using this protocol on ALL VHOSTS + * - When: before returning + * - What: reason + * + * This isn't normally what you want... normally any update of connection- + * specific information can wait until a network-related callback like rx, + * writable, or close. + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_all_protocol(struct lws_context *context, + const struct lws_protocols *protocol, int reason); + +/** + * lws_callback_all_protocol_vhost() - Callback all connections using + * the given protocol with the given reason. This is + * deprecated since v2.4: use lws_callback_all_protocol_vhost_args + * + * \param vh: Vhost whose connections will get callbacks + * \param protocol: Which protocol to match. NULL means all. + * \param reason: Callback reason index + * + * - Which: connections using this protocol on GIVEN VHOST ONLY + * - When: now + * - What: reason + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_all_protocol_vhost(struct lws_vhost *vh, + const struct lws_protocols *protocol, + int reason) +LWS_WARN_DEPRECATED; + +/** + * lws_callback_all_protocol_vhost_args() - Callback all connections using + * the given protocol with the given reason and args + * + * \param vh: Vhost whose connections will get callbacks + * \param protocol: Which protocol to match. NULL means all. + * \param reason: Callback reason index + * \param argp: Callback "in" parameter + * \param len: Callback "len" parameter + * + * - Which: connections using this protocol on GIVEN VHOST ONLY + * - When: now + * - What: reason + */ +LWS_VISIBLE int +lws_callback_all_protocol_vhost_args(struct lws_vhost *vh, + const struct lws_protocols *protocol, + int reason, void *argp, size_t len); + +/** + * lws_callback_vhost_protocols() - Callback all protocols enabled on a vhost + * with the given reason + * + * \param wsi: wsi whose vhost will get callbacks + * \param reason: Callback reason index + * \param in: in argument to callback + * \param len: len argument to callback + * + * - Which: connections using this protocol on same VHOST as wsi ONLY + * - When: now + * - What: reason + * + * This is deprecated since v2.5, use lws_callback_vhost_protocols_vhost() + * which takes the pointer to the vhost directly without using or needing the + * wsi. + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_vhost_protocols(struct lws *wsi, int reason, void *in, int len) +LWS_WARN_DEPRECATED; + +/** + * lws_callback_vhost_protocols_vhost() - Callback all protocols enabled on a vhost + * with the given reason + * + * \param vh: vhost that will get callbacks + * \param reason: Callback reason index + * \param in: in argument to callback + * \param len: len argument to callback + * + * - Which: connections using this protocol on same VHOST as wsi ONLY + * - When: now + * - What: reason + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_vhost_protocols_vhost(struct lws_vhost *vh, int reason, void *in, + size_t len); + +LWS_VISIBLE LWS_EXTERN int +lws_callback_http_dummy(struct lws *wsi, enum lws_callback_reasons reason, + void *user, void *in, size_t len); + +/** + * lws_get_socket_fd() - returns the socket file descriptor + * + * This is needed to use sendto() on UDP raw sockets + * + * \param wsi: Websocket connection instance + */ +LWS_VISIBLE LWS_EXTERN lws_sockfd_type +lws_get_socket_fd(struct lws *wsi); + +/** + * lws_get_peer_write_allowance() - get the amount of data writeable to peer + * if known + * + * \param wsi: Websocket connection instance + * + * if the protocol does not have any guidance, returns -1. Currently only + * http2 connections get send window information from this API. But your code + * should use it so it can work properly with any protocol. + * + * If nonzero return is the amount of payload data the peer or intermediary has + * reported it has buffer space for. That has NO relationship with the amount + * of buffer space your OS can accept on this connection for a write action. + * + * This number represents the maximum you could send to the peer or intermediary + * on this connection right now without the protocol complaining. + * + * lws manages accounting for send window updates and payload writes + * automatically, so this number reflects the situation at the peer or + * intermediary dynamically. + */ +LWS_VISIBLE LWS_EXTERN lws_fileofs_t +lws_get_peer_write_allowance(struct lws *wsi); +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-ws-close.h b/thirdparty/libwebsockets/include/libwebsockets/lws-ws-close.h new file mode 100644 index 0000000000..9721e29233 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-ws-close.h @@ -0,0 +1,124 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup wsclose Websocket Close + * + * ##Websocket close frame control + * + * When we close a ws connection, we can send a reason code and a short + * UTF-8 description back with the close packet. + */ +///@{ + +/* + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ +/** enum lws_close_status - RFC6455 close status codes */ +enum lws_close_status { + LWS_CLOSE_STATUS_NOSTATUS = 0, + LWS_CLOSE_STATUS_NORMAL = 1000, + /**< 1000 indicates a normal closure, meaning that the purpose for + which the connection was established has been fulfilled. */ + LWS_CLOSE_STATUS_GOINGAWAY = 1001, + /**< 1001 indicates that an endpoint is "going away", such as a server + going down or a browser having navigated away from a page. */ + LWS_CLOSE_STATUS_PROTOCOL_ERR = 1002, + /**< 1002 indicates that an endpoint is terminating the connection due + to a protocol error. */ + LWS_CLOSE_STATUS_UNACCEPTABLE_OPCODE = 1003, + /**< 1003 indicates that an endpoint is terminating the connection + because it has received a type of data it cannot accept (e.g., an + endpoint that understands only text data MAY send this if it + receives a binary message). */ + LWS_CLOSE_STATUS_RESERVED = 1004, + /**< Reserved. The specific meaning might be defined in the future. */ + LWS_CLOSE_STATUS_NO_STATUS = 1005, + /**< 1005 is a reserved value and MUST NOT be set as a status code in a + Close control frame by an endpoint. It is designated for use in + applications expecting a status code to indicate that no status + code was actually present. */ + LWS_CLOSE_STATUS_ABNORMAL_CLOSE = 1006, + /**< 1006 is a reserved value and MUST NOT be set as a status code in a + Close control frame by an endpoint. It is designated for use in + applications expecting a status code to indicate that the + connection was closed abnormally, e.g., without sending or + receiving a Close control frame. */ + LWS_CLOSE_STATUS_INVALID_PAYLOAD = 1007, + /**< 1007 indicates that an endpoint is terminating the connection + because it has received data within a message that was not + consistent with the type of the message (e.g., non-UTF-8 [RFC3629] + data within a text message). */ + LWS_CLOSE_STATUS_POLICY_VIOLATION = 1008, + /**< 1008 indicates that an endpoint is terminating the connection + because it has received a message that violates its policy. This + is a generic status code that can be returned when there is no + other more suitable status code (e.g., 1003 or 1009) or if there + is a need to hide specific details about the policy. */ + LWS_CLOSE_STATUS_MESSAGE_TOO_LARGE = 1009, + /**< 1009 indicates that an endpoint is terminating the connection + because it has received a message that is too big for it to + process. */ + LWS_CLOSE_STATUS_EXTENSION_REQUIRED = 1010, + /**< 1010 indicates that an endpoint (client) is terminating the + connection because it has expected the server to negotiate one or + more extension, but the server didn't return them in the response + message of the WebSocket handshake. The list of extensions that + are needed SHOULD appear in the /reason/ part of the Close frame. + Note that this status code is not used by the server, because it + can fail the WebSocket handshake instead */ + LWS_CLOSE_STATUS_UNEXPECTED_CONDITION = 1011, + /**< 1011 indicates that a server is terminating the connection because + it encountered an unexpected condition that prevented it from + fulfilling the request. */ + LWS_CLOSE_STATUS_TLS_FAILURE = 1015, + /**< 1015 is a reserved value and MUST NOT be set as a status code in a + Close control frame by an endpoint. It is designated for use in + applications expecting a status code to indicate that the + connection was closed due to a failure to perform a TLS handshake + (e.g., the server certificate can't be verified). */ + + LWS_CLOSE_STATUS_CLIENT_TRANSACTION_DONE = 2000, + + /****** add new things just above ---^ ******/ + + LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY = 9999, +}; + +/** + * lws_close_reason - Set reason and aux data to send with Close packet + * If you are going to return nonzero from the callback + * requesting the connection to close, you can optionally + * call this to set the reason the peer will be told if + * possible. + * + * \param wsi: The websocket connection to set the close reason on + * \param status: A valid close status from websocket standard + * \param buf: NULL or buffer containing up to 124 bytes of auxiliary data + * \param len: Length of data in \param buf to send + */ +LWS_VISIBLE LWS_EXTERN void +lws_close_reason(struct lws *wsi, enum lws_close_status status, + unsigned char *buf, size_t len); + +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-ws-ext.h b/thirdparty/libwebsockets/include/libwebsockets/lws-ws-ext.h new file mode 100644 index 0000000000..3face4f344 --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-ws-ext.h @@ -0,0 +1,197 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/*! \defgroup extensions Extension related functions + * ##Extension releated functions + * + * Ws defines optional extensions, lws provides the ability to implement these + * in user code if so desired. + * + * We provide one extensions permessage-deflate. + */ +///@{ + +/* + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ +enum lws_extension_callback_reasons { + LWS_EXT_CB_CONSTRUCT = 4, + LWS_EXT_CB_CLIENT_CONSTRUCT = 5, + LWS_EXT_CB_DESTROY = 8, + LWS_EXT_CB_PACKET_TX_PRESEND = 12, + LWS_EXT_CB_PAYLOAD_TX = 21, + LWS_EXT_CB_PAYLOAD_RX = 22, + LWS_EXT_CB_OPTION_DEFAULT = 23, + LWS_EXT_CB_OPTION_SET = 24, + LWS_EXT_CB_OPTION_CONFIRM = 25, + LWS_EXT_CB_NAMED_OPTION_SET = 26, + + /****** add new things just above ---^ ******/ +}; + +/** enum lws_ext_options_types */ +enum lws_ext_options_types { + EXTARG_NONE, /**< does not take an argument */ + EXTARG_DEC, /**< requires a decimal argument */ + EXTARG_OPT_DEC /**< may have an optional decimal argument */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility */ +}; + +/** struct lws_ext_options - Option arguments to the extension. These are + * used in the negotiation at ws upgrade time. + * The helper function lws_ext_parse_options() + * uses these to generate callbacks */ +struct lws_ext_options { + const char *name; /**< Option name, eg, "server_no_context_takeover" */ + enum lws_ext_options_types type; /**< What kind of args the option can take */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility */ +}; + +/** struct lws_ext_option_arg */ +struct lws_ext_option_arg { + const char *option_name; /**< may be NULL, option_index used then */ + int option_index; /**< argument ordinal to use if option_name missing */ + const char *start; /**< value */ + int len; /**< length of value */ +}; + +/** + * typedef lws_extension_callback_function() - Hooks to allow extensions to operate + * \param context: Websockets context + * \param ext: This extension + * \param wsi: Opaque websocket instance pointer + * \param reason: The reason for the call + * \param user: Pointer to ptr to per-session user data allocated by library + * \param in: Pointer used for some callback reasons + * \param len: Length set for some callback reasons + * + * Each extension that is active on a particular connection receives + * callbacks during the connection lifetime to allow the extension to + * operate on websocket data and manage itself. + * + * Libwebsockets takes care of allocating and freeing "user" memory for + * each active extension on each connection. That is what is pointed to + * by the user parameter. + * + * LWS_EXT_CB_CONSTRUCT: called when the server has decided to + * select this extension from the list provided by the client, + * just before the server will send back the handshake accepting + * the connection with this extension active. This gives the + * extension a chance to initialize its connection context found + * in user. + * + * LWS_EXT_CB_CLIENT_CONSTRUCT: same as LWS_EXT_CB_CONSTRUCT + * but called when client is instantiating this extension. Some + * extensions will work the same on client and server side and then + * you can just merge handlers for both CONSTRUCTS. + * + * LWS_EXT_CB_DESTROY: called when the connection the extension was + * being used on is about to be closed and deallocated. It's the + * last chance for the extension to deallocate anything it has + * allocated in the user data (pointed to by user) before the + * user data is deleted. This same callback is used whether you + * are in client or server instantiation context. + * + * LWS_EXT_CB_PACKET_TX_PRESEND: this works the same way as + * LWS_EXT_CB_PACKET_RX_PREPARSE above, except it gives the + * extension a chance to change websocket data just before it will + * be sent out. Using the same lws_token pointer scheme in in, + * the extension can change the buffer and the length to be + * transmitted how it likes. Again if it wants to grow the + * buffer safely, it should copy the data into its own buffer and + * set the lws_tokens token pointer to it. + * + * LWS_EXT_CB_ARGS_VALIDATE: + */ +typedef int +lws_extension_callback_function(struct lws_context *context, + const struct lws_extension *ext, struct lws *wsi, + enum lws_extension_callback_reasons reason, + void *user, void *in, size_t len); + +/** struct lws_extension - An extension we support */ +struct lws_extension { + const char *name; /**< Formal extension name, eg, "permessage-deflate" */ + lws_extension_callback_function *callback; /**< Service callback */ + const char *client_offer; /**< String containing exts and options client offers */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility */ +}; + +/** + * lws_set_extension_option(): set extension option if possible + * + * \param wsi: websocket connection + * \param ext_name: name of ext, like "permessage-deflate" + * \param opt_name: name of option, like "rx_buf_size" + * \param opt_val: value to set option to + */ +LWS_VISIBLE LWS_EXTERN int +lws_set_extension_option(struct lws *wsi, const char *ext_name, + const char *opt_name, const char *opt_val); + +/** + * lws_ext_parse_options() - deal with parsing negotiated extension options + * + * \param ext: related extension struct + * \param wsi: websocket connection + * \param ext_user: per-connection extension private data + * \param opts: list of supported options + * \param o: option string to parse + * \param len: length + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_ext_parse_options(const struct lws_extension *ext, struct lws *wsi, + void *ext_user, const struct lws_ext_options *opts, + const char *o, int len); + +/** lws_extension_callback_pm_deflate() - extension for RFC7692 + * + * \param context: lws context + * \param ext: related lws_extension struct + * \param wsi: websocket connection + * \param reason: incoming callback reason + * \param user: per-connection extension private data + * \param in: pointer parameter + * \param len: length parameter + * + * Built-in callback implementing RFC7692 permessage-deflate + */ +LWS_EXTERN int +lws_extension_callback_pm_deflate(struct lws_context *context, + const struct lws_extension *ext, + struct lws *wsi, + enum lws_extension_callback_reasons reason, + void *user, void *in, size_t len); + +/* + * The internal exts are part of the public abi + * If we add more extensions, publish the callback here ------v + */ +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-ws-state.h b/thirdparty/libwebsockets/include/libwebsockets/lws-ws-state.h new file mode 100644 index 0000000000..3f65724a7a --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-ws-state.h @@ -0,0 +1,92 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +/** \defgroup wsstatus Websocket status APIs + * ##Websocket connection status APIs + * + * These provide information about ws connection or message status + */ +///@{ +/** + * lws_send_pipe_choked() - tests if socket is writable or not + * \param wsi: lws connection + * + * Allows you to check if you can write more on the socket + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_send_pipe_choked(struct lws *wsi); + +/** + * lws_is_final_fragment() - tests if last part of ws message + * + * \param wsi: lws connection + */ +LWS_VISIBLE LWS_EXTERN int +lws_is_final_fragment(struct lws *wsi); + +/** + * lws_is_first_fragment() - tests if first part of ws message + * + * \param wsi: lws connection + */ +LWS_VISIBLE LWS_EXTERN int +lws_is_first_fragment(struct lws *wsi); + +/** + * lws_get_reserved_bits() - access reserved bits of ws frame + * \param wsi: lws connection + */ +LWS_VISIBLE LWS_EXTERN unsigned char +lws_get_reserved_bits(struct lws *wsi); + +/** + * lws_partial_buffered() - find out if lws buffered the last write + * \param wsi: websocket connection to check + * + * Returns 1 if you cannot use lws_write because the last + * write on this connection is still buffered, and can't be cleared without + * returning to the service loop and waiting for the connection to be + * writeable again. + * + * If you will try to do >1 lws_write call inside a single + * WRITEABLE callback, you must check this after every write and bail if + * set, ask for a new writeable callback and continue writing from there. + * + * This is never set at the start of a writeable callback, but any write + * may set it. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_partial_buffered(struct lws *wsi); + +/** + * lws_frame_is_binary(): true if the current frame was sent in binary mode + * + * \param wsi: the connection we are inquiring about + * + * This is intended to be called from the LWS_CALLBACK_RECEIVE callback if + * it's interested to see if the frame it's dealing with was sent in binary + * mode. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_frame_is_binary(struct lws *wsi); +///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-x509.h b/thirdparty/libwebsockets/include/libwebsockets/lws-x509.h new file mode 100644 index 0000000000..f8e5cb0fad --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-x509.h @@ -0,0 +1,177 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + +enum lws_tls_cert_info { + LWS_TLS_CERT_INFO_VALIDITY_FROM, + /**< fills .time with the time_t the cert validity started from */ + LWS_TLS_CERT_INFO_VALIDITY_TO, + /**< fills .time with the time_t the cert validity ends at */ + LWS_TLS_CERT_INFO_COMMON_NAME, + /**< fills up to len bytes of .ns.name with the cert common name */ + LWS_TLS_CERT_INFO_ISSUER_NAME, + /**< fills up to len bytes of .ns.name with the cert issuer name */ + LWS_TLS_CERT_INFO_USAGE, + /**< fills verified with a bitfield asserting the valid uses */ + LWS_TLS_CERT_INFO_VERIFIED, + /**< fills .verified with a bool representing peer cert validity, + * call returns -1 if no cert */ + LWS_TLS_CERT_INFO_OPAQUE_PUBLIC_KEY, + /**< the certificate's public key, as an opaque bytestream. These + * opaque bytestreams can only be compared with each other using the + * same tls backend, ie, OpenSSL or mbedTLS. The different backends + * produce different, incompatible representations for the same cert. + */ +}; + +union lws_tls_cert_info_results { + unsigned int verified; + time_t time; + unsigned int usage; + struct { + int len; + /* KEEP LAST... notice the [64] is only there because + * name[] is not allowed in a union. The actual length of + * name[] is arbitrary and is passed into the api using the + * len parameter. Eg + * + * char big[1024]; + * union lws_tls_cert_info_results *buf = + * (union lws_tls_cert_info_results *)big; + * + * lws_tls_peer_cert_info(wsi, type, buf, sizeof(big) - + * sizeof(*buf) + sizeof(buf->ns.name)); + */ + char name[64]; + } ns; +}; + +/** + * lws_tls_peer_cert_info() - get information from the peer's TLS cert + * + * \param wsi: the connection to query + * \param type: one of LWS_TLS_CERT_INFO_ + * \param buf: pointer to union to take result + * \param len: when result is a string, the true length of buf->ns.name[] + * + * lws_tls_peer_cert_info() lets you get hold of information from the peer + * certificate. + * + * Return 0 if there is a result in \p buf, or -1 indicating there was no cert + * or another problem. + * + * This function works the same no matter if the TLS backend is OpenSSL or + * mbedTLS. + */ +LWS_VISIBLE LWS_EXTERN int +lws_tls_peer_cert_info(struct lws *wsi, enum lws_tls_cert_info type, + union lws_tls_cert_info_results *buf, size_t len); + +/** + * lws_tls_vhost_cert_info() - get information from the vhost's own TLS cert + * + * \param vhost: the vhost to query + * \param type: one of LWS_TLS_CERT_INFO_ + * \param buf: pointer to union to take result + * \param len: when result is a string, the true length of buf->ns.name[] + * + * lws_tls_vhost_cert_info() lets you get hold of information from the vhost + * certificate. + * + * Return 0 if there is a result in \p buf, or -1 indicating there was no cert + * or another problem. + * + * This function works the same no matter if the TLS backend is OpenSSL or + * mbedTLS. + */ +LWS_VISIBLE LWS_EXTERN int +lws_tls_vhost_cert_info(struct lws_vhost *vhost, enum lws_tls_cert_info type, + union lws_tls_cert_info_results *buf, size_t len); + +/** + * lws_tls_acme_sni_cert_create() - creates a temp selfsigned cert + * and attaches to a vhost + * + * \param vhost: the vhost to acquire the selfsigned cert + * \param san_a: SAN written into the certificate + * \param san_b: second SAN written into the certificate + * + * + * Returns 0 if created and attached to the vhost. Returns -1 if problems and + * frees all allocations before returning. + * + * On success, any allocations are destroyed at vhost destruction automatically. + */ +LWS_VISIBLE LWS_EXTERN int +lws_tls_acme_sni_cert_create(struct lws_vhost *vhost, const char *san_a, + const char *san_b); + +/** + * lws_tls_acme_sni_csr_create() - creates a CSR and related private key PEM + * + * \param context: lws_context used for random + * \param elements: array of LWS_TLS_REQ_ELEMENT_COUNT const char * + * \param csr: buffer that will get the b64URL(ASN-1 CSR) + * \param csr_len: max length of the csr buffer + * \param privkey_pem: pointer to pointer allocated to hold the privkey_pem + * \param privkey_len: pointer to size_t set to the length of the privkey_pem + * + * Creates a CSR according to the information in \p elements, and a private + * RSA key used to sign the CSR. + * + * The outputs are the b64URL(ASN-1 CSR) into csr, and the PEM private key into + * privkey_pem. + * + * Notice that \p elements points to an array of const char *s pointing to the + * information listed in the enum above. If an entry is NULL or an empty + * string, the element is set to "none" in the CSR. + * + * Returns 0 on success or nonzero for failure. + */ +LWS_VISIBLE LWS_EXTERN int +lws_tls_acme_sni_csr_create(struct lws_context *context, const char *elements[], + uint8_t *csr, size_t csr_len, char **privkey_pem, + size_t *privkey_len); + +/** + * lws_tls_cert_updated() - update every vhost using the given cert path + * + * \param context: our lws_context + * \param certpath: the filepath to the certificate + * \param keypath: the filepath to the private key of the certificate + * \param mem_cert: copy of the cert in memory + * \param len_mem_cert: length of the copy of the cert in memory + * \param mem_privkey: copy of the private key in memory + * \param len_mem_privkey: length of the copy of the private key in memory + * + * Checks every vhost to see if it is the using certificate described by the + * the given filepaths. If so, it attempts to update the vhost ssl_ctx to use + * the new certificate. + * + * Returns 0 on success or nonzero for failure. + */ +LWS_VISIBLE LWS_EXTERN int +lws_tls_cert_updated(struct lws_context *context, const char *certpath, + const char *keypath, + const char *mem_cert, size_t len_mem_cert, + const char *mem_privkey, size_t len_mem_privkey); + diff --git a/thirdparty/libwebsockets/lws_config.h b/thirdparty/libwebsockets/include/lws_config.h index 86ce9ac38a..fdf02157cc 100644 --- a/thirdparty/libwebsockets/lws_config.h +++ b/thirdparty/libwebsockets/include/lws_config.h @@ -77,7 +77,10 @@ /* #undef LWS_WITH_LIBEVENT */ /* Build with support for ipv6 */ -/* #undef LWS_WITH_IPV6 */ +/* Everywhere, except in OpenBSD which does not support dual stacking */ +#if !defined(__OpenBSD__) +#define LWS_WITH_IPV6 +#endif /* Build with support for UNIX domain socket */ /* #undef LWS_WITH_UNIX_SOCK */ diff --git a/thirdparty/libwebsockets/ipv6_fixes.diff b/thirdparty/libwebsockets/ipv6_fixes.diff new file mode 100644 index 0000000000..5fa1e5c520 --- /dev/null +++ b/thirdparty/libwebsockets/ipv6_fixes.diff @@ -0,0 +1,32 @@ +diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c b/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c +index 693efd28e..192dddee6 100644 +--- a/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c ++++ b/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c +@@ -73,6 +73,11 @@ lws_plat_set_socket_options(struct lws_vhost *vhost, int fd, int unix_skt) + int optval = 1; + socklen_t optlen = sizeof(optval); + ++#ifdef LWS_WITH_IPV6 ++ optval = 0; ++ setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, (const void*)&optval, optlen); ++#endif ++ + #if defined(__APPLE__) || \ + defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || \ + defined(__NetBSD__) || \ +diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c b/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c +index bf0935057..62a0a4984 100644 +--- a/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c ++++ b/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c +@@ -56,6 +56,11 @@ lws_plat_set_socket_options(struct lws_vhost *vhost, lws_sockfd_type fd, + struct protoent *tcp_proto; + #endif + ++#ifdef LWS_WITH_IPV6 ++ optval = 0; ++ setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, (const void*)&optval, optlen); ++#endif ++ + if (vhost->ka_time) { + /* enable keepalive on this socket */ + optval = 1; diff --git a/thirdparty/libwebsockets/lib/core/adopt.c b/thirdparty/libwebsockets/lib/core/adopt.c new file mode 100644 index 0000000000..49ac5af161 --- /dev/null +++ b/thirdparty/libwebsockets/lib/core/adopt.c @@ -0,0 +1,414 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + + +static int +lws_get_idlest_tsi(struct lws_context *context) +{ + unsigned int lowest = ~0; + int n = 0, hit = -1; + + for (; n < context->count_threads; n++) { + if ((unsigned int)context->pt[n].fds_count != + context->fd_limit_per_thread - 1 && + (unsigned int)context->pt[n].fds_count < lowest) { + lowest = context->pt[n].fds_count; + hit = n; + } + } + + return hit; +} + +struct lws * +lws_create_new_server_wsi(struct lws_vhost *vhost, int fixed_tsi) +{ + struct lws *new_wsi; + int n = fixed_tsi; + + if (n < 0) + n = lws_get_idlest_tsi(vhost->context); + + if (n < 0) { + lwsl_err("no space for new conn\n"); + return NULL; + } + + new_wsi = lws_zalloc(sizeof(struct lws), "new server wsi"); + if (new_wsi == NULL) { + lwsl_err("Out of memory for new connection\n"); + return NULL; + } + + new_wsi->tsi = n; + lwsl_debug("new wsi %p joining vhost %s, tsi %d\n", new_wsi, + vhost->name, new_wsi->tsi); + + lws_vhost_bind_wsi(vhost, new_wsi); + new_wsi->context = vhost->context; + new_wsi->pending_timeout = NO_PENDING_TIMEOUT; + new_wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; + + /* initialize the instance struct */ + + lwsi_set_state(new_wsi, LRS_UNCONNECTED); + new_wsi->hdr_parsing_completed = 0; + +#ifdef LWS_WITH_TLS + new_wsi->tls.use_ssl = LWS_SSL_ENABLED(vhost); +#endif + + /* + * these can only be set once the protocol is known + * we set an un-established connection's protocol pointer + * to the start of the supported list, so it can look + * for matching ones during the handshake + */ + new_wsi->protocol = vhost->protocols; + new_wsi->user_space = NULL; + new_wsi->desc.sockfd = LWS_SOCK_INVALID; + new_wsi->position_in_fds_table = LWS_NO_FDS_POS; + + vhost->context->count_wsi_allocated++; + + /* + * outermost create notification for wsi + * no user_space because no protocol selection + */ + vhost->protocols[0].callback(new_wsi, LWS_CALLBACK_WSI_CREATE, NULL, + NULL, 0); + + return new_wsi; +} + + +/* if not a socket, it's a raw, non-ssl file descriptor */ + +LWS_VISIBLE struct lws * +lws_adopt_descriptor_vhost(struct lws_vhost *vh, lws_adoption_type type, + lws_sock_file_fd_type fd, const char *vh_prot_name, + struct lws *parent) +{ + struct lws_context *context = vh->context; + struct lws *new_wsi; + struct lws_context_per_thread *pt; + int n; + +#if defined(LWS_WITH_PEER_LIMITS) + struct lws_peer *peer = NULL; + + if (type & LWS_ADOPT_SOCKET) { + peer = lws_get_or_create_peer(vh, fd.sockfd); + + if (peer && context->ip_limit_wsi && + peer->count_wsi >= context->ip_limit_wsi) { + lwsl_notice("Peer reached wsi limit %d\n", + context->ip_limit_wsi); + lws_stats_atomic_bump(context, &context->pt[0], + LWSSTATS_C_PEER_LIMIT_WSI_DENIED, + 1); + return NULL; + } + } +#endif + + n = -1; + if (parent) + n = parent->tsi; + new_wsi = lws_create_new_server_wsi(vh, n); + if (!new_wsi) { + if (type & LWS_ADOPT_SOCKET) + compatible_close(fd.sockfd); + return NULL; + } +#if defined(LWS_WITH_PEER_LIMITS) + if (peer) + lws_peer_add_wsi(context, peer, new_wsi); +#endif + pt = &context->pt[(int)new_wsi->tsi]; + lws_stats_atomic_bump(context, pt, LWSSTATS_C_CONNECTIONS, 1); + + if (parent) { + new_wsi->parent = parent; + new_wsi->sibling_list = parent->child_list; + parent->child_list = new_wsi; + } + + new_wsi->desc = fd; + + if (vh_prot_name) { + new_wsi->protocol = lws_vhost_name_to_protocol(new_wsi->vhost, + vh_prot_name); + if (!new_wsi->protocol) { + lwsl_err("Protocol %s not enabled on vhost %s\n", + vh_prot_name, new_wsi->vhost->name); + goto bail; + } + if (lws_ensure_user_space(new_wsi)) { + lwsl_notice("OOM trying to get user_space\n"); + goto bail; + } + } + + if (!LWS_SSL_ENABLED(new_wsi->vhost) || !(type & LWS_ADOPT_SOCKET)) + type &= ~LWS_ADOPT_ALLOW_SSL; + + if (lws_role_call_adoption_bind(new_wsi, type, vh_prot_name)) { + lwsl_err("Unable to find a role that can adopt descriptor\n"); + goto bail; + } + + /* + * A new connection was accepted. Give the user a chance to + * set properties of the newly created wsi. There's no protocol + * selected yet so we issue this to the vhosts's default protocol, + * itself by default protocols[0] + */ + n = LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED; + if (!(type & LWS_ADOPT_HTTP)) { + if (!(type & LWS_ADOPT_SOCKET)) + n = LWS_CALLBACK_RAW_ADOPT_FILE; + else + n = LWS_CALLBACK_RAW_ADOPT; + } + + lwsl_debug("new wsi wsistate 0x%x\n", new_wsi->wsistate); + + if (context->event_loop_ops->accept) + if (context->event_loop_ops->accept(new_wsi)) + goto fail; + + if (!(type & LWS_ADOPT_ALLOW_SSL)) { + lws_pt_lock(pt, __func__); + if (__insert_wsi_socket_into_fds(context, new_wsi)) { + lws_pt_unlock(pt); + lwsl_err("%s: fail inserting socket\n", __func__); + goto fail; + } + lws_pt_unlock(pt); + } else + if (lws_server_socket_service_ssl(new_wsi, fd.sockfd)) { + lwsl_info("%s: fail ssl negotiation\n", __func__); + goto fail; + } + + /* + * by deferring callback to this point, after insertion to fds, + * lws_callback_on_writable() can work from the callback + */ + if ((new_wsi->protocol->callback)(new_wsi, n, new_wsi->user_space, + NULL, 0)) + goto fail; + + /* role may need to do something after all adoption completed */ + + lws_role_call_adoption_bind(new_wsi, type | _LWS_ADOPT_FINISH, + vh_prot_name); + + lws_cancel_service_pt(new_wsi); + + return new_wsi; + +fail: + if (type & LWS_ADOPT_SOCKET) + lws_close_free_wsi(new_wsi, LWS_CLOSE_STATUS_NOSTATUS, + "adopt skt fail"); + + return NULL; + +bail: + lwsl_notice("%s: exiting on bail\n", __func__); + if (parent) + parent->child_list = new_wsi->sibling_list; + if (new_wsi->user_space) + lws_free(new_wsi->user_space); + + vh->context->count_wsi_allocated--; + + lws_vhost_unbind_wsi(new_wsi); + lws_free(new_wsi); + + compatible_close(fd.sockfd); + + return NULL; +} + +LWS_VISIBLE struct lws * +lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd) +{ + lws_sock_file_fd_type fd; + + fd.sockfd = accept_fd; + return lws_adopt_descriptor_vhost(vh, LWS_ADOPT_SOCKET | + LWS_ADOPT_HTTP | LWS_ADOPT_ALLOW_SSL, fd, NULL, NULL); +} + +LWS_VISIBLE struct lws * +lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd) +{ + return lws_adopt_socket_vhost(context->vhost_list, accept_fd); +} + +/* Common read-buffer adoption for lws_adopt_*_readbuf */ +static struct lws* +adopt_socket_readbuf(struct lws *wsi, const char *readbuf, size_t len) +{ + struct lws_context_per_thread *pt; + struct lws_pollfd *pfd; + int n; + + if (!wsi) + return NULL; + + if (!readbuf || len == 0) + return wsi; + + if (wsi->position_in_fds_table == LWS_NO_FDS_POS) + return wsi; + + pt = &wsi->context->pt[(int)wsi->tsi]; + + n = lws_buflist_append_segment(&wsi->buflist, (const uint8_t *)readbuf, + len); + if (n < 0) + goto bail; + if (n) + lws_dll_lws_add_front(&wsi->dll_buflist, &pt->dll_head_buflist); + + /* + * we can't process the initial read data until we can attach an ah. + * + * if one is available, get it and place the data in his ah rxbuf... + * wsi with ah that have pending rxbuf get auto-POLLIN service. + * + * no autoservice because we didn't get a chance to attach the + * readbuf data to wsi or ah yet, and we will do it next if we get + * the ah. + */ + if (wsi->http.ah || !lws_header_table_attach(wsi, 0)) { + + lwsl_notice("%s: calling service on readbuf ah\n", __func__); + + /* + * unlike a normal connect, we have the headers already + * (or the first part of them anyway). + * libuv won't come back and service us without a network + * event, so we need to do the header service right here. + */ + pfd = &pt->fds[wsi->position_in_fds_table]; + pfd->revents |= LWS_POLLIN; + lwsl_err("%s: calling service\n", __func__); + if (lws_service_fd_tsi(wsi->context, pfd, wsi->tsi)) + /* service closed us */ + return NULL; + + return wsi; + } + lwsl_err("%s: deferring handling ah\n", __func__); + + return wsi; + +bail: + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "adopt skt readbuf fail"); + + return NULL; +} + +LWS_EXTERN struct lws * +lws_create_adopt_udp(struct lws_vhost *vhost, int port, int flags, + const char *protocol_name, struct lws *parent_wsi) +{ + lws_sock_file_fd_type sock; + struct addrinfo h, *r, *rp; + struct lws *wsi = NULL; + char buf[16]; + int n; + + memset(&h, 0, sizeof(h)); + h.ai_family = AF_UNSPEC; /* Allow IPv4 or IPv6 */ + h.ai_socktype = SOCK_DGRAM; + h.ai_protocol = IPPROTO_UDP; + h.ai_flags = AI_PASSIVE | AI_ADDRCONFIG; + + lws_snprintf(buf, sizeof(buf), "%u", port); + n = getaddrinfo(NULL, buf, &h, &r); + if (n) { + lwsl_info("%s: getaddrinfo error: %s\n", __func__, + gai_strerror(n)); + goto bail; + } + + for (rp = r; rp; rp = rp->ai_next) { + sock.sockfd = socket(rp->ai_family, rp->ai_socktype, + rp->ai_protocol); + if (sock.sockfd != LWS_SOCK_INVALID) + break; + } + if (!rp) { + lwsl_err("%s: unable to create INET socket\n", __func__); + goto bail1; + } + + if ((flags & LWS_CAUDP_BIND) && bind(sock.sockfd, rp->ai_addr, +#if defined(_WIN32) + (int)rp->ai_addrlen +#else + rp->ai_addrlen +#endif + ) == -1) { + lwsl_err("%s: bind failed\n", __func__); + goto bail2; + } + + wsi = lws_adopt_descriptor_vhost(vhost, LWS_ADOPT_RAW_SOCKET_UDP, sock, + protocol_name, parent_wsi); + if (!wsi) + lwsl_err("%s: udp adoption failed\n", __func__); + +bail2: + if (!wsi) + compatible_close((int)sock.sockfd); +bail1: + freeaddrinfo(r); + +bail: + return wsi; +} + +LWS_VISIBLE struct lws * +lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd, + const char *readbuf, size_t len) +{ + return adopt_socket_readbuf(lws_adopt_socket(context, accept_fd), + readbuf, len); +} + +LWS_VISIBLE struct lws * +lws_adopt_socket_vhost_readbuf(struct lws_vhost *vhost, + lws_sockfd_type accept_fd, + const char *readbuf, size_t len) +{ + return adopt_socket_readbuf(lws_adopt_socket_vhost(vhost, accept_fd), + readbuf, len); +} diff --git a/thirdparty/libwebsockets/core/alloc.c b/thirdparty/libwebsockets/lib/core/alloc.c index f169fc3767..f169fc3767 100644 --- a/thirdparty/libwebsockets/core/alloc.c +++ b/thirdparty/libwebsockets/lib/core/alloc.c diff --git a/thirdparty/libwebsockets/lib/core/connect.c b/thirdparty/libwebsockets/lib/core/connect.c new file mode 100644 index 0000000000..daffc193c8 --- /dev/null +++ b/thirdparty/libwebsockets/lib/core/connect.c @@ -0,0 +1,287 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +void +lws_client_stash_destroy(struct lws *wsi) +{ + if (!wsi || !wsi->stash) + return; + + lws_free_set_NULL(wsi->stash->address); + lws_free_set_NULL(wsi->stash->path); + lws_free_set_NULL(wsi->stash->host); + lws_free_set_NULL(wsi->stash->origin); + lws_free_set_NULL(wsi->stash->protocol); + lws_free_set_NULL(wsi->stash->method); + lws_free_set_NULL(wsi->stash->iface); + lws_free_set_NULL(wsi->stash->alpn); + + lws_free_set_NULL(wsi->stash); +} + +LWS_VISIBLE struct lws * +lws_client_connect_via_info(const struct lws_client_connect_info *i) +{ + struct lws *wsi, *safe = NULL; + const struct lws_protocols *p; + const char *local = i->protocol; +#if LWS_MAX_SMP > 1 + int n, tid; +#endif + + if (i->context->requested_kill) + return NULL; + + if (!i->context->protocol_init_done) + lws_protocol_init(i->context); + /* + * If we have .local_protocol_name, use it to select the local protocol + * handler to bind to. Otherwise use .protocol if http[s]. + */ + if (i->local_protocol_name) + local = i->local_protocol_name; + + /* PHASE 1: create a bare wsi */ + + wsi = lws_zalloc(sizeof(struct lws), "client wsi"); + if (wsi == NULL) + goto bail; + + wsi->context = i->context; + wsi->desc.sockfd = LWS_SOCK_INVALID; + + wsi->vhost = NULL; + if (!i->vhost) + lws_vhost_bind_wsi(i->context->vhost_list, wsi); + else + lws_vhost_bind_wsi(i->vhost, wsi); + + if (!wsi->vhost) { + lwsl_err("%s: No vhost in the context\n", __func__); + + goto bail; + } + + /* + * PHASE 2: if SMP, bind the client to whatever tsi the current thread + * represents + */ + +#if LWS_MAX_SMP > 1 + tid = wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_GET_THREAD_ID, + NULL, NULL, 0); + + lws_context_lock(i->context, "client find tsi"); + + for (n = 0; n < i->context->count_threads; n++) + if (i->context->pt[n].service_tid == tid) { + lwsl_info("%s: client binds to caller tsi %d\n", + __func__, n); + wsi->tsi = n; + break; + } + + /* + * this binding is sort of provisional, since when we try to insert + * into the pt fds, there may be no space and it will fail + */ + + lws_context_unlock(i->context); +#endif + + /* + * PHASE 3: Choose an initial role for the wsi and do role-specific init + * + * Note the initial role may not reflect the final role, eg, + * we may want ws, but first we have to go through h1 to get that + */ + + lws_role_call_client_bind(wsi, i); + + /* + * PHASE 4: fill up the wsi with stuff from the connect_info as far as + * it can go. It's uncertain because not only is our connection + * going to complete asynchronously, we might have bound to h1 and not + * even be able to get ahold of an ah immediately. + */ + + wsi->user_space = NULL; + wsi->pending_timeout = NO_PENDING_TIMEOUT; + wsi->position_in_fds_table = LWS_NO_FDS_POS; + wsi->c_port = i->port; + + wsi->protocol = &wsi->vhost->protocols[0]; + wsi->client_pipeline = !!(i->ssl_connection & LCCSCF_PIPELINE); + + /* + * PHASE 5: handle external user_space now, generic alloc is done in + * role finalization + */ + + if (!wsi->user_space && i->userdata) { + wsi->user_space_externally_allocated = 1; + wsi->user_space = i->userdata; + } + + if (local) { + lwsl_info("%s: protocol binding to %s\n", __func__, local); + p = lws_vhost_name_to_protocol(wsi->vhost, local); + if (p) + lws_bind_protocol(wsi, p, __func__); + } + + /* + * PHASE 5: handle external user_space now, generic alloc is done in + * role finalization + */ + + if (!wsi->user_space && i->userdata) { + wsi->user_space_externally_allocated = 1; + wsi->user_space = i->userdata; + } + +#if defined(LWS_WITH_TLS) + wsi->tls.use_ssl = i->ssl_connection; +#else + if (i->ssl_connection & LCCSCF_USE_SSL) { + lwsl_err("%s: lws not configured for tls\n", __func__); + goto bail; + } +#endif + + /* + * PHASE 6: stash the things from connect_info that we can't process + * right now, eg, if http binding, without an ah. If h1 and no ah, we + * will go on the ah waiting list and process those things later (after + * the connect_info and maybe the things pointed to have gone out of + * scope) + * + * However these things are stashed in a generic way at this point, + * with no relationship to http or ah + */ + + wsi->stash = lws_zalloc(sizeof(*wsi->stash), "client stash"); + if (!wsi->stash) { + lwsl_err("%s: OOM\n", __func__); + goto bail1; + } + + wsi->stash->address = lws_strdup(i->address); + wsi->stash->path = lws_strdup(i->path); + wsi->stash->host = lws_strdup(i->host); + + if (!wsi->stash->address || !wsi->stash->path || !wsi->stash->host) + goto bail1; + + if (i->origin) { + wsi->stash->origin = lws_strdup(i->origin); + if (!wsi->stash->origin) + goto bail1; + } + if (i->protocol) { + wsi->stash->protocol = lws_strdup(i->protocol); + if (!wsi->stash->protocol) + goto bail1; + } + if (i->method) { + wsi->stash->method = lws_strdup(i->method); + if (!wsi->stash->method) + goto bail1; + } + if (i->iface) { + wsi->stash->iface = lws_strdup(i->iface); + if (!wsi->stash->iface) + goto bail1; + } + if (i->alpn) { + wsi->stash->alpn = lws_strdup(i->alpn); + if (!wsi->stash->alpn) + goto bail1; + } + + /* + * at this point user callbacks like + * LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER will be interested to + * know the parent... eg for proxying we can grab extra headers from + * the parent's incoming ah and add them to the child client handshake + */ + + if (i->parent_wsi) { + lwsl_info("%s: created child %p of parent %p\n", __func__, + wsi, i->parent_wsi); + wsi->parent = i->parent_wsi; + safe = wsi->sibling_list = i->parent_wsi->child_list; + i->parent_wsi->child_list = wsi; + } + + /* + * PHASE 7: Do any role-specific finalization processing. We can still + * see important info things via wsi->stash + */ + + if (wsi->role_ops->client_bind) { + int n = wsi->role_ops->client_bind(wsi, NULL); + + if (n && i->parent_wsi) { + /* unpick from parent */ + + i->parent_wsi->child_list = safe; + } + + if (n < 0) + /* we didn't survive, wsi is freed */ + goto bail2; + + if (n) + /* something else failed, wsi needs freeing */ + goto bail; + } + + /* let the caller's optional wsi storage have the wsi we created */ + + if (i->pwsi) + *i->pwsi = wsi; + + +#if defined(LWS_WITH_HUBBUB) + if (i->uri_replace_to) + wsi->http.rw = lws_rewrite_create(wsi, html_parser_cb, + i->uri_replace_from, + i->uri_replace_to); +#endif + + return wsi; + +bail1: + lws_client_stash_destroy(wsi); + +bail: + lws_free(wsi); +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) +bail2: +#endif + if (i->pwsi) + *i->pwsi = NULL; + + return NULL; +} diff --git a/thirdparty/libwebsockets/core/context.c b/thirdparty/libwebsockets/lib/core/context.c index 7be004df33..94b2d86339 100644 --- a/thirdparty/libwebsockets/core/context.c +++ b/thirdparty/libwebsockets/lib/core/context.c @@ -35,6 +35,9 @@ const struct lws_role_ops *available_roles[] = { #if defined(LWS_ROLE_WS) &role_ops_ws, #endif +#if defined(LWS_ROLE_DBUS) + &role_ops_dbus, +#endif NULL }; @@ -86,6 +89,57 @@ lws_role_call_alpn_negotiated(struct lws *wsi, const char *alpn) return 0; } +#if !defined(LWS_WITHOUT_SERVER) +int +lws_role_call_adoption_bind(struct lws *wsi, int type, const char *prot) +{ + LWS_FOR_EVERY_AVAILABLE_ROLE_START(ar) + if (ar->adoption_bind) + if (ar->adoption_bind(wsi, type, prot)) + return 0; + LWS_FOR_EVERY_AVAILABLE_ROLE_END; + + /* fall back to raw socket role if, eg, h1 not configured */ + + if (role_ops_raw_skt.adoption_bind && + role_ops_raw_skt.adoption_bind(wsi, type, prot)) + return 0; + + /* fall back to raw file role if, eg, h1 not configured */ + + if (role_ops_raw_file.adoption_bind && + role_ops_raw_file.adoption_bind(wsi, type, prot)) + return 0; + + return 1; +} +#endif + +#if !defined(LWS_WITHOUT_CLIENT) +int +lws_role_call_client_bind(struct lws *wsi, + const struct lws_client_connect_info *i) +{ + LWS_FOR_EVERY_AVAILABLE_ROLE_START(ar) + if (ar->client_bind) { + int m = ar->client_bind(wsi, i); + if (m < 0) + return m; + if (m) + return 0; + } + LWS_FOR_EVERY_AVAILABLE_ROLE_END; + + /* fall back to raw socket role if, eg, h1 not configured */ + + if (role_ops_raw_skt.client_bind && + role_ops_raw_skt.client_bind(wsi, i)) + return 0; + + return 1; +} +#endif + static const char * const mount_protocols[] = { "http://", "https://", @@ -263,8 +317,10 @@ lws_protocol_init(struct lws_context *context) (void *)pvo, 0)) { lws_free(vh->protocol_vh_privs[n]); vh->protocol_vh_privs[n] = NULL; - lwsl_err("%s: protocol %s failed init\n", __func__, - vh->protocols[n].name); + lwsl_err("%s: protocol %s failed init\n", + __func__, vh->protocols[n].name); + + return 1; } } @@ -286,229 +342,6 @@ next: return 0; } -LWS_VISIBLE int -lws_callback_http_dummy(struct lws *wsi, enum lws_callback_reasons reason, - void *user, void *in, size_t len) -{ - struct lws_ssl_info *si; -#ifdef LWS_WITH_CGI - struct lws_cgi_args *args; -#endif -#if defined(LWS_WITH_CGI) || defined(LWS_WITH_HTTP_PROXY) - char buf[512]; - int n; -#endif - - switch (reason) { -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - case LWS_CALLBACK_HTTP: -#ifndef LWS_NO_SERVER - if (lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL)) - return -1; - - if (lws_http_transaction_completed(wsi)) -#endif - return -1; - break; -#if !defined(LWS_NO_SERVER) - case LWS_CALLBACK_HTTP_FILE_COMPLETION: - if (lws_http_transaction_completed(wsi)) - return -1; - break; -#endif - - case LWS_CALLBACK_HTTP_WRITEABLE: -#ifdef LWS_WITH_CGI - if (wsi->reason_bf & (LWS_CB_REASON_AUX_BF__CGI_HEADERS | - LWS_CB_REASON_AUX_BF__CGI)) { - n = lws_cgi_write_split_stdout_headers(wsi); - if (n < 0) { - lwsl_debug("AUX_BF__CGI forcing close\n"); - return -1; - } - if (!n) - lws_rx_flow_control( - wsi->http.cgi->stdwsi[LWS_STDOUT], 1); - - if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__CGI_HEADERS) - wsi->reason_bf &= - ~LWS_CB_REASON_AUX_BF__CGI_HEADERS; - else - wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__CGI; - break; - } - - if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__CGI_CHUNK_END) { - if (!wsi->http2_substream) { - memcpy(buf + LWS_PRE, "0\x0d\x0a\x0d\x0a", 5); - lwsl_debug("writing chunk term and exiting\n"); - n = lws_write(wsi, (unsigned char *)buf + - LWS_PRE, 5, LWS_WRITE_HTTP); - } else - n = lws_write(wsi, (unsigned char *)buf + - LWS_PRE, 0, - LWS_WRITE_HTTP_FINAL); - - /* always close after sending it */ - return -1; - } -#endif -#if defined(LWS_WITH_HTTP_PROXY) - if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__PROXY) { - char *px = buf + LWS_PRE; - int lenx = sizeof(buf) - LWS_PRE; - - /* - * our sink is writeable and our source has something - * to read. So read a lump of source material of - * suitable size to send or what's available, whichever - * is the smaller. - */ - wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__PROXY; - if (!lws_get_child(wsi)) - break; - if (lws_http_client_read(lws_get_child(wsi), &px, - &lenx) < 0) - return -1; - break; - } -#endif - break; - -#if defined(LWS_WITH_HTTP_PROXY) - case LWS_CALLBACK_RECEIVE_CLIENT_HTTP: - assert(lws_get_parent(wsi)); - if (!lws_get_parent(wsi)) - break; - lws_get_parent(wsi)->reason_bf |= LWS_CB_REASON_AUX_BF__PROXY; - lws_callback_on_writable(lws_get_parent(wsi)); - break; - - case LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ: - assert(lws_get_parent(wsi)); - n = lws_write(lws_get_parent(wsi), (unsigned char *)in, - len, LWS_WRITE_HTTP); - if (n < 0) - return -1; - break; - - case LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP: { - unsigned char *p, *end; - char ctype[64], ctlen = 0; - - p = (unsigned char *)buf + LWS_PRE; - end = p + sizeof(buf) - LWS_PRE; - - if (lws_add_http_header_status(lws_get_parent(wsi), - HTTP_STATUS_OK, &p, end)) - return 1; - if (lws_add_http_header_by_token(lws_get_parent(wsi), - WSI_TOKEN_HTTP_SERVER, - (unsigned char *)"libwebsockets", - 13, &p, end)) - return 1; - - ctlen = lws_hdr_copy(wsi, ctype, sizeof(ctype), - WSI_TOKEN_HTTP_CONTENT_TYPE); - if (ctlen > 0) { - if (lws_add_http_header_by_token(lws_get_parent(wsi), - WSI_TOKEN_HTTP_CONTENT_TYPE, - (unsigned char *)ctype, ctlen, &p, end)) - return 1; - } - - if (lws_finalize_http_header(lws_get_parent(wsi), &p, end)) - return 1; - - *p = '\0'; - n = lws_write(lws_get_parent(wsi), - (unsigned char *)buf + LWS_PRE, - p - ((unsigned char *)buf + LWS_PRE), - LWS_WRITE_HTTP_HEADERS); - if (n < 0) - return -1; - - break; } - -#endif - -#ifdef LWS_WITH_CGI - /* CGI IO events (POLLIN/OUT) appear here, our default policy is: - * - * - POST data goes on subprocess stdin - * - subprocess stdout goes on http via writeable callback - * - subprocess stderr goes to the logs - */ - case LWS_CALLBACK_CGI: - args = (struct lws_cgi_args *)in; - switch (args->ch) { /* which of stdin/out/err ? */ - case LWS_STDIN: - /* TBD stdin rx flow control */ - break; - case LWS_STDOUT: - /* quench POLLIN on STDOUT until MASTER got writeable */ - lws_rx_flow_control(args->stdwsi[LWS_STDOUT], 0); - wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI; - /* when writing to MASTER would not block */ - lws_callback_on_writable(wsi); - break; - case LWS_STDERR: - n = lws_get_socket_fd(args->stdwsi[LWS_STDERR]); - if (n < 0) - break; - n = read(n, buf, sizeof(buf) - 2); - if (n > 0) { - if (buf[n - 1] != '\n') - buf[n++] = '\n'; - buf[n] = '\0'; - lwsl_notice("CGI-stderr: %s\n", buf); - } - break; - } - break; - - case LWS_CALLBACK_CGI_TERMINATED: - lwsl_debug("LWS_CALLBACK_CGI_TERMINATED: %d %" PRIu64 "\n", - wsi->http.cgi->explicitly_chunked, - (uint64_t)wsi->http.cgi->content_length); - if (!wsi->http.cgi->explicitly_chunked && - !wsi->http.cgi->content_length) { - /* send terminating chunk */ - lwsl_debug("LWS_CALLBACK_CGI_TERMINATED: ending\n"); - wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI_CHUNK_END; - lws_callback_on_writable(wsi); - lws_set_timeout(wsi, PENDING_TIMEOUT_CGI, 3); - break; - } - return -1; - - case LWS_CALLBACK_CGI_STDIN_DATA: /* POST body for stdin */ - args = (struct lws_cgi_args *)in; - args->data[args->len] = '\0'; - n = lws_get_socket_fd(args->stdwsi[LWS_STDIN]); - if (n < 0) - return -1; - n = write(n, args->data, args->len); - if (n < args->len) - lwsl_notice("LWS_CALLBACK_CGI_STDIN_DATA: " - "sent %d only %d went", n, args->len); - return n; -#endif -#endif - case LWS_CALLBACK_SSL_INFO: - si = in; - - (void)si; - lwsl_notice("LWS_CALLBACK_SSL_INFO: where: 0x%x, ret: 0x%x\n", - si->where, si->ret); - break; - - default: - break; - } - - return 0; -} /* list of supported protocols and callbacks */ @@ -534,9 +367,6 @@ static const struct lws_protocols protocols_dummy[] = { #undef LWS_HAVE_GETENV #endif -static void -lws_vhost_destroy2(struct lws_vhost *vh); - LWS_VISIBLE struct lws_vhost * lws_create_vhost(struct lws_context *context, const struct lws_context_creation_info *info) @@ -595,6 +425,8 @@ lws_create_vhost(struct lws_context *context, vh->pvo = info->pvo; vh->headers = info->headers; vh->user = info->user; + vh->finalize = info->finalize; + vh->finalize_arg = info->finalize_arg; LWS_FOR_EVERY_AVAILABLE_ROLE_START(ar) if (ar->init_vhost) @@ -630,10 +462,12 @@ lws_create_vhost(struct lws_context *context, n += (int)strlen(info->ssl_private_key_filepath) + 1; if (n) { - vh->tls.key_path = vh->tls.alloc_cert_path = lws_malloc(n, "vh paths"); + vh->tls.key_path = vh->tls.alloc_cert_path = + lws_malloc(n, "vh paths"); if (info->ssl_cert_filepath) { n = (int)strlen(info->ssl_cert_filepath) + 1; - memcpy(vh->tls.alloc_cert_path, info->ssl_cert_filepath, n); + memcpy(vh->tls.alloc_cert_path, + info->ssl_cert_filepath, n); vh->tls.key_path += n; } if (info->ssl_private_key_filepath) @@ -648,7 +482,7 @@ lws_create_vhost(struct lws_context *context, */ lwsp = lws_zalloc(sizeof(struct lws_protocols) * (vh->count_protocols + context->plugin_protocol_count + 1), - "vhost-specific plugin table"); + "vhost-specific plugin table"); if (!lwsp) { lwsl_err("OOM\n"); return NULL; @@ -699,15 +533,15 @@ lws_create_vhost(struct lws_context *context, lws_free(lwsp); } - vh->same_vh_protocol_list = (struct lws **) - lws_zalloc(sizeof(struct lws *) * vh->count_protocols, - "same vh list"); + vh->same_vh_protocol_heads = (struct lws_dll_lws *) + lws_zalloc(sizeof(struct lws_dll_lws) * + vh->count_protocols, "same vh list"); #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) vh->http.mount_list = info->mounts; #endif #ifdef LWS_WITH_UNIX_SOCK - if (LWS_UNIX_SOCK_ENABLED(context)) { + if (LWS_UNIX_SOCK_ENABLED(vh)) { lwsl_notice("Creating Vhost '%s' path \"%s\", %d protocols\n", vh->name, vh->iface, vh->count_protocols); } else @@ -725,8 +559,8 @@ lws_create_vhost(struct lws_context *context, break; } lwsl_notice("Creating Vhost '%s' %s, %d protocols, IPv6 %s\n", - vh->name, buf, vh->count_protocols, - LWS_IPV6_ENABLED(vh) ? "on" : "off"); + vh->name, buf, vh->count_protocols, + LWS_IPV6_ENABLED(vh) ? "on" : "off"); } mounts = info->mounts; while (mounts) { @@ -833,7 +667,7 @@ lws_create_vhost(struct lws_context *context, lwsl_err("%s: lws_context_init_client_ssl failed\n", __func__); goto bail1; } - lws_context_lock(context); + lws_context_lock(context, "create_vhost"); n = _lws_vhost_init_server(info, vh); lws_context_unlock(context); if (n < 0) { @@ -841,7 +675,6 @@ lws_create_vhost(struct lws_context *context, goto bail1; } - while (1) { if (!(*vh1)) { *vh1 = vh; @@ -862,7 +695,6 @@ lws_create_vhost(struct lws_context *context, bail1: lws_vhost_destroy(vh); - lws_vhost_destroy2(vh); return NULL; @@ -927,7 +759,7 @@ lws_create_event_pipes(struct lws_context *context) wsi = lws_zalloc(sizeof(*wsi), "event pipe wsi"); if (!wsi) { - lwsl_err("Out of mem\n"); + lwsl_err("%s: Out of mem\n", __func__); return 1; } wsi->context = context; @@ -955,7 +787,8 @@ lws_create_event_pipes(struct lws_context *context) lwsl_debug("event pipe fd %d\n", wsi->desc.sockfd); if (context->event_loop_ops->accept) - context->event_loop_ops->accept(wsi); + if (context->event_loop_ops->accept(wsi)) + return 1; if (__insert_wsi_socket_into_fds(context, wsi)) return 1; @@ -973,6 +806,7 @@ lws_destroy_event_pipe(struct lws *wsi) if (wsi->context->event_loop_ops->wsi_logical_close) { wsi->context->event_loop_ops->wsi_logical_close(wsi); lws_plat_pipe_close(wsi); + wsi->context->count_wsi_allocated--; return; } @@ -996,13 +830,8 @@ lws_create_context(const struct lws_context_creation_info *info) struct rlimit rt; #endif - - lwsl_info("Initial logging level %d\n", log_level); lwsl_info("Libwebsockets version: %s\n", library_version); -#if defined(GCC_VER) - lwsl_info("Compiled with %s\n", GCC_VER); -#endif #ifdef LWS_WITH_IPV6 if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DISABLE_IPV6)) @@ -1053,7 +882,7 @@ lws_create_context(const struct lws_context_creation_info *info) #endif #if LWS_MAX_SMP > 1 - pthread_mutex_init(&context->lock, NULL); + lws_mutex_refcount_init(&context->mr); #endif #if defined(LWS_WITH_ESP32) @@ -1213,7 +1042,11 @@ lws_create_context(const struct lws_context_creation_info *info) if (info->max_http_header_pool) context->max_http_header_pool = info->max_http_header_pool; else - context->max_http_header_pool = context->max_fds; + if (info->max_http_header_pool2) + context->max_http_header_pool = + info->max_http_header_pool2; + else + context->max_http_header_pool = context->max_fds; if (info->fd_limit_per_thread) context->fd_limit_per_thread = info->fd_limit_per_thread; @@ -1251,16 +1084,17 @@ lws_create_context(const struct lws_context_creation_info *info) return NULL; } - #if defined(LWS_WITH_PEER_LIMITS) /* scale the peer hash table according to the max fds for the process, * so that the max list depth averages 16. Eg, 1024 fd -> 64, * 102400 fd -> 6400 */ + context->pl_hash_elements = (context->count_threads * context->fd_limit_per_thread) / 16; context->pl_hash_table = lws_zalloc(sizeof(struct lws_peer *) * context->pl_hash_elements, "peer limits hash table"); + context->ip_limit_ah = info->ip_limit_ah; context->ip_limit_wsi = info->ip_limit_wsi; #endif @@ -1404,7 +1238,6 @@ LWS_VISIBLE LWS_EXTERN void lws_context_deprecate(struct lws_context *context, lws_reload_func cb) { struct lws_vhost *vh = context->vhost_list, *vh1; - struct lws *wsi; /* * "deprecation" means disable the context from accepting any new @@ -1418,7 +1251,8 @@ lws_context_deprecate(struct lws_context *context, lws_reload_func cb) /* for each vhost, close his listen socket */ while (vh) { - wsi = vh->lserv_wsi; + struct lws *wsi = vh->lserv_wsi; + if (wsi) { wsi->socket_is_permanently_unusable = 1; lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "ctx deprecate"); @@ -1450,24 +1284,29 @@ lws_context_is_deprecated(struct lws_context *context) void lws_vhost_destroy1(struct lws_vhost *vh) { - const struct lws_protocols *protocol = NULL; - struct lws_context_per_thread *pt; - int n, m = vh->context->count_threads; struct lws_context *context = vh->context; - struct lws wsi; lwsl_info("%s\n", __func__); + lws_context_lock(context, "vhost destroy 1"); /* ---------- context { */ + if (vh->being_destroyed) - return; + goto out; + + lws_vhost_lock(vh); /* -------------- vh { */ vh->being_destroyed = 1; /* + * PHASE 1: take down or reassign any listen wsi + * * Are there other vhosts that are piggybacking on our listen socket? * If so we need to hand the listen socket off to one of the others - * so it will remain open. If not, leave it attached to the closing - * vhost and it will get closed. + * so it will remain open. + * + * If not, leave it attached to the closing vhost, the vh being marked + * being_destroyed will defeat any service and it will get closed in + * later phases. */ if (vh->lserv_wsi) @@ -1488,46 +1327,48 @@ lws_vhost_destroy1(struct lws_vhost *vh) */ assert(v->lserv_wsi == NULL); v->lserv_wsi = vh->lserv_wsi; - vh->lserv_wsi = NULL; - if (v->lserv_wsi) - v->lserv_wsi->vhost = v; lwsl_notice("%s: listen skt from %s to %s\n", __func__, vh->name, v->name); + + if (v->lserv_wsi) { + lws_vhost_unbind_wsi(vh->lserv_wsi); + lws_vhost_bind_wsi(v, v->lserv_wsi); + } + break; } } lws_end_foreach_ll(v, vhost_next); + lws_vhost_unlock(vh); /* } vh -------------- */ + /* - * Forcibly close every wsi assoicated with this vhost. That will - * include the listen socket if it is still associated with the closing - * vhost. + * lws_check_deferred_free() will notice there is a vhost that is + * marked for destruction during the next 1s, for all tsi. + * + * It will start closing all wsi on this vhost. When the last wsi + * is closed, it will trigger lws_vhost_destroy2() */ - while (m--) { - pt = &context->pt[m]; - - for (n = 0; (unsigned int)n < context->pt[m].fds_count; n++) { - struct lws *wsi = wsi_from_fd(context, pt->fds[n].fd); - if (!wsi) - continue; - if (wsi->vhost != vh) - continue; +out: + lws_context_unlock(context); /* --------------------------- context { */ +} - lws_close_free_wsi(wsi, - LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY, - "vh destroy" - /* no protocol close */); - n--; - } - } +void +__lws_vhost_destroy2(struct lws_vhost *vh) +{ + const struct lws_protocols *protocol = NULL; + struct lws_context *context = vh->context; + struct lws_deferred_free *df; + struct lws wsi; + int n; /* * destroy any pending timed events */ while (vh->timed_vh_protocol_list) - lws_timed_callback_remove(vh, vh->timed_vh_protocol_list); + __lws_timed_callback_remove(vh, vh->timed_vh_protocol_list); /* * let the protocols destroy the per-vhost protocol objects @@ -1535,7 +1376,7 @@ lws_vhost_destroy1(struct lws_vhost *vh) memset(&wsi, 0, sizeof(wsi)); wsi.context = vh->context; - wsi.vhost = vh; + wsi.vhost = vh; /* not a real bound wsi */ protocol = vh->protocols; if (protocol && vh->created_vhost_protocols) { n = 0; @@ -1563,15 +1404,6 @@ lws_vhost_destroy1(struct lws_vhost *vh) vh->vhost_next = vh->context->vhost_pending_destruction_list; vh->context->vhost_pending_destruction_list = vh; -} - -static void -lws_vhost_destroy2(struct lws_vhost *vh) -{ - const struct lws_protocols *protocol = NULL; - struct lws_context *context = vh->context; - struct lws_deferred_free *df; - int n; lwsl_info("%s: %p\n", __func__, vh); @@ -1617,7 +1449,7 @@ lws_vhost_destroy2(struct lws_vhost *vh) if (vh->protocol_vh_privs) lws_free(vh->protocol_vh_privs); lws_ssl_SSL_CTX_destroy(vh); - lws_free(vh->same_vh_protocol_list); + lws_free(vh->same_vh_protocol_heads); if (context->plugin_list || (context->options & LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) @@ -1642,7 +1474,7 @@ lws_vhost_destroy2(struct lws_vhost *vh) #endif #if defined(LWS_WITH_UNIX_SOCK) - if (LWS_UNIX_SOCK_ENABLED(context)) { + if (LWS_UNIX_SOCK_ENABLED(vh)) { n = unlink(vh->iface); if (n) lwsl_info("Closing unix socket %s: errno %d\n", @@ -1655,31 +1487,74 @@ lws_vhost_destroy2(struct lws_vhost *vh) * they do not refer to the vhost. So it's safe to free. */ + if (vh->finalize) + vh->finalize(vh, vh->finalize_arg); + lwsl_info(" %s: Freeing vhost %p\n", __func__, vh); memset(vh, 0, sizeof(*vh)); lws_free(vh); } +/* + * each service thread calls this once a second or so + */ + int -lws_check_deferred_free(struct lws_context *context, int force) +lws_check_deferred_free(struct lws_context *context, int tsi, int force) { - struct lws_deferred_free *df; - time_t now = lws_now_secs(); + struct lws_context_per_thread *pt; + int n; - lws_start_foreach_llp(struct lws_deferred_free **, pdf, - context->deferred_free_list) { - if (force || - lws_compare_time_t(context, now, (*pdf)->deadline) > 5) { - df = *pdf; - *pdf = df->next; - /* finalize vh destruction */ - lwsl_notice("deferred vh %p destroy\n", df->payload); - lws_vhost_destroy2(df->payload); - lws_free(df); - continue; /* after deletion we already point to next */ + /* + * If we see a vhost is being destroyed, forcibly close every wsi on + * this tsi associated with this vhost. That will include the listen + * socket if it is still associated with the closing vhost. + * + * For SMP, we do this once per tsi per destroyed vhost. The reference + * counting on the vhost as the bound wsi close will notice that there + * are no bound wsi left, that vhost destruction can complete, + * and perform it. It doesn't matter which service thread does that + * because there is nothing left using the vhost to conflict. + */ + + lws_context_lock(context, "check deferred free"); /* ------ context { */ + + lws_start_foreach_ll_safe(struct lws_vhost *, v, context->vhost_list, vhost_next) { + if (v->being_destroyed +#if LWS_MAX_SMP > 1 + && !v->close_flow_vs_tsi[tsi] +#endif + ) { + + pt = &context->pt[tsi]; + + lws_pt_lock(pt, "vhost removal"); /* -------------- pt { */ + +#if LWS_MAX_SMP > 1 + v->close_flow_vs_tsi[tsi] = 1; +#endif + + for (n = 0; (unsigned int)n < pt->fds_count; n++) { + struct lws *wsi = wsi_from_fd(context, pt->fds[n].fd); + if (!wsi) + continue; + if (wsi->vhost != v) + continue; + + __lws_close_free_wsi(wsi, + LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY, + "vh destroy" + /* no protocol close */); + n--; + } + + lws_pt_unlock(pt); /* } pt -------------- */ } - } lws_end_foreach_llp(pdf, next); + } lws_end_foreach_ll_safe(v); + + + lws_context_unlock(context); /* } context ------------------- */ return 0; } @@ -1688,18 +1563,38 @@ LWS_VISIBLE void lws_vhost_destroy(struct lws_vhost *vh) { struct lws_deferred_free *df = lws_malloc(sizeof(*df), "deferred free"); + struct lws_context *context = vh->context; if (!df) return; + lws_context_lock(context, __func__); /* ------ context { */ + lws_vhost_destroy1(vh); + if (!vh->count_bound_wsi) { + /* + * After listen handoff, there are already no wsi bound to this + * vhost by any pt: nothing can be servicing any wsi belonging + * to it any more. + * + * Finalize the vh destruction immediately + */ + __lws_vhost_destroy2(vh); + lws_free(df); + + goto out; + } + /* part 2 is deferred to allow all the handle closes to complete */ df->next = vh->context->deferred_free_list; df->deadline = lws_now_secs(); df->payload = vh; vh->context->deferred_free_list = df; + +out: + lws_context_unlock(context); /* } context ------------------- */ } /* @@ -1733,11 +1628,12 @@ static void lws_context_destroy3(struct lws_context *context) { struct lws_context **pcontext_finalize = context->pcontext_finalize; - struct lws_context_per_thread *pt; int n; for (n = 0; n < context->count_threads; n++) { - pt = &context->pt[n]; +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + struct lws_context_per_thread *pt = &context->pt[n]; +#endif if (context->event_loop_ops->destroy_pt) context->event_loop_ops->destroy_pt(context, n); @@ -1750,6 +1646,9 @@ lws_context_destroy3(struct lws_context *context) #endif } + if (context->pt[0].fds) + lws_free_set_NULL(context->pt[0].fds); + lws_free(context); lwsl_info("%s: ctx %p freed\n", __func__, context); @@ -1768,14 +1667,12 @@ lws_context_destroy2(struct lws_context *context) #if defined(LWS_WITH_PEER_LIMITS) uint32_t nu; #endif - int n; lwsl_info("%s: ctx %p\n", __func__, context); - context->being_destroyed2 = 1; + lws_context_lock(context, "context destroy 2"); /* ------ context { */ - if (context->pt[0].fds) - lws_free_set_NULL(context->pt[0].fds); + context->being_destroyed2 = 1; /* * free all the per-vhost allocations @@ -1784,7 +1681,7 @@ lws_context_destroy2(struct lws_context *context) vh = context->vhost_list; while (vh) { vh1 = vh->vhost_next; - lws_vhost_destroy2(vh); + __lws_vhost_destroy2(vh); vh = vh1; } @@ -1792,7 +1689,7 @@ lws_context_destroy2(struct lws_context *context) while (context->vhost_pending_destruction_list) /* removes itself from list */ - lws_vhost_destroy2(context->vhost_pending_destruction_list); + __lws_vhost_destroy2(context->vhost_pending_destruction_list); lws_stats_log_dump(context); @@ -1816,22 +1713,29 @@ lws_context_destroy2(struct lws_context *context) if (context->external_baggage_free_on_destroy) free(context->external_baggage_free_on_destroy); - lws_check_deferred_free(context, 1); + lws_check_deferred_free(context, 0, 1); #if LWS_MAX_SMP > 1 - pthread_mutex_destroy(&context->lock); + lws_mutex_refcount_destroy(&context->mr); #endif if (context->event_loop_ops->destroy_context2) if (context->event_loop_ops->destroy_context2(context)) { + lws_context_unlock(context); /* } context ----------- */ context->finalize_destroy_after_internal_loops_stopped = 1; return; } - if (!context->pt[0].event_loop_foreign) + if (!context->pt[0].event_loop_foreign) { + int n; for (n = 0; n < context->count_threads; n++) - if (context->pt[n].inside_service) + if (context->pt[n].inside_service) { + lws_context_unlock(context); /* } context --- */ return; + } + } + + lws_context_unlock(context); /* } context ------------------- */ lws_context_destroy3(context); } @@ -1845,7 +1749,6 @@ lws_context_destroy(struct lws_context *context) { volatile struct lws_foreign_thread_pollfd *ftp, *next; volatile struct lws_context_per_thread *vpt; - struct lws_context_per_thread *pt; struct lws_vhost *vh = NULL; struct lws wsi; int n, m; @@ -1891,7 +1794,7 @@ lws_context_destroy(struct lws_context *context) #endif while (m--) { - pt = &context->pt[m]; + struct lws_context_per_thread *pt = &context->pt[m]; vpt = (volatile struct lws_context_per_thread *)pt; ftp = vpt->foreign_pfd_list; diff --git a/thirdparty/libwebsockets/lib/core/dummy-callback.c b/thirdparty/libwebsockets/lib/core/dummy-callback.c new file mode 100644 index 0000000000..8fd18be9c5 --- /dev/null +++ b/thirdparty/libwebsockets/lib/core/dummy-callback.c @@ -0,0 +1,611 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +#if defined(LWS_WITH_HTTP_PROXY) +static int +proxy_header(struct lws *wsi, struct lws *par, unsigned char *temp, + int temp_len, int index, unsigned char **p, unsigned char *end) +{ + int n = lws_hdr_total_length(par, index); + + if (n < 1) { + lwsl_debug("%s: no index %d:\n", __func__, index); + return 0; + } + + if (lws_hdr_copy(par, (char *)temp, temp_len, index) < 0) + return -1; + + lwsl_debug("%s: index %d: %s\n", __func__, index, (char *)temp); + + if (lws_add_http_header_by_token(wsi, index, temp, n, p, end)) + return -1; + + return 0; +} + +static int +stream_close(struct lws *wsi) +{ + char buf[LWS_PRE + 6], *out = buf + LWS_PRE; + + if (wsi->http.did_stream_close) + return 0; + + wsi->http.did_stream_close = 1; + + if (wsi->http2_substream) { + if (lws_write(wsi, (unsigned char *)buf + LWS_PRE, 0, + LWS_WRITE_HTTP_FINAL) < 0) { + lwsl_info("%s: COMPL_CLIENT_HTTP: h2 fin wr failed\n", + __func__); + + return -1; + } + } else { + *out++ = '0'; + *out++ = '\x0d'; + *out++ = '\x0a'; + *out++ = '\x0d'; + *out++ = '\x0a'; + + if (lws_write(wsi, (unsigned char *)buf + LWS_PRE, 5, + LWS_WRITE_HTTP_FINAL) < 0) { + lwsl_err("%s: COMPL_CLIENT_HTTP: " + "h2 final write failed\n", __func__); + + return -1; + } + } + + return 0; +} + +#endif + +LWS_VISIBLE int +lws_callback_http_dummy(struct lws *wsi, enum lws_callback_reasons reason, + void *user, void *in, size_t len) +{ + struct lws_ssl_info *si; +#ifdef LWS_WITH_CGI + struct lws_cgi_args *args; +#endif +#if defined(LWS_WITH_CGI) || defined(LWS_WITH_HTTP_PROXY) + char buf[8192]; + int n; +#endif +#if defined(LWS_WITH_HTTP_PROXY) + unsigned char **p, *end; + struct lws *parent; +#endif + + switch (reason) { +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + case LWS_CALLBACK_HTTP: +#ifndef LWS_NO_SERVER + if (lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL)) + return -1; + + if (lws_http_transaction_completed(wsi)) +#endif + return -1; + break; +#if !defined(LWS_NO_SERVER) + case LWS_CALLBACK_HTTP_BODY_COMPLETION: + case LWS_CALLBACK_HTTP_FILE_COMPLETION: + if (lws_http_transaction_completed(wsi)) + return -1; + break; +#endif + + case LWS_CALLBACK_HTTP_WRITEABLE: +#ifdef LWS_WITH_CGI + if (wsi->reason_bf & (LWS_CB_REASON_AUX_BF__CGI_HEADERS | + LWS_CB_REASON_AUX_BF__CGI)) { + n = lws_cgi_write_split_stdout_headers(wsi); + if (n < 0) { + lwsl_debug("AUX_BF__CGI forcing close\n"); + return -1; + } + if (!n) + lws_rx_flow_control( + wsi->http.cgi->stdwsi[LWS_STDOUT], 1); + + if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__CGI_HEADERS) + wsi->reason_bf &= + ~LWS_CB_REASON_AUX_BF__CGI_HEADERS; + else + wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__CGI; + + if (wsi->http.cgi && wsi->http.cgi->cgi_transaction_over) + return -1; + break; + } + + if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__CGI_CHUNK_END) { + if (!wsi->http2_substream) { + memcpy(buf + LWS_PRE, "0\x0d\x0a\x0d\x0a", 5); + lwsl_debug("writing chunk term and exiting\n"); + n = lws_write(wsi, (unsigned char *)buf + + LWS_PRE, 5, LWS_WRITE_HTTP); + } else + n = lws_write(wsi, (unsigned char *)buf + + LWS_PRE, 0, + LWS_WRITE_HTTP_FINAL); + + /* always close after sending it */ + return -1; + } +#endif +#if defined(LWS_WITH_HTTP_PROXY) + + if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__PROXY_HEADERS) { + + wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__PROXY_HEADERS; + + lwsl_debug("%s: %p: issuing proxy headers\n", + __func__, wsi); + n = lws_write(wsi, wsi->http.pending_return_headers + + LWS_PRE, + wsi->http.pending_return_headers_len, + LWS_WRITE_HTTP_HEADERS); + + lws_free_set_NULL(wsi->http.pending_return_headers); + + if (n < 0) { + lwsl_err("%s: EST_CLIENT_HTTP: write failed\n", + __func__); + return -1; + } + lws_callback_on_writable(wsi); + break; + } + + if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__PROXY) { + char *px = buf + LWS_PRE; + int lenx = sizeof(buf) - LWS_PRE - 32; + + /* + * our sink is writeable and our source has something + * to read. So read a lump of source material of + * suitable size to send or what's available, whichever + * is the smaller. + */ + wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__PROXY; + if (!lws_get_child(wsi)) + break; + + /* this causes LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ */ + if (lws_http_client_read(lws_get_child(wsi), &px, + &lenx) < 0) { + lwsl_info("%s: LWS_CB_REASON_AUX_BF__PROXY: " + "client closed\n", __func__); + + stream_close(wsi); + + return -1; + } + break; + } + + if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__PROXY_TRANS_END) { + lwsl_info("%s: LWS_CB_REASON_AUX_BF__PROXY_TRANS_END\n", + __func__); + + wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__PROXY_TRANS_END; + + if (stream_close(wsi)) + return -1; + + if (lws_http_transaction_completed(wsi)) + return -1; + } +#endif + break; + +#if defined(LWS_WITH_HTTP_PROXY) + case LWS_CALLBACK_RECEIVE_CLIENT_HTTP: + assert(lws_get_parent(wsi)); + if (!lws_get_parent(wsi)) + break; + lws_get_parent(wsi)->reason_bf |= LWS_CB_REASON_AUX_BF__PROXY; + lws_callback_on_writable(lws_get_parent(wsi)); + break; + + case LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ: { + char *out = buf + LWS_PRE; + + assert(lws_get_parent(wsi)); + + if (wsi->http.proxy_parent_chunked) { + + if (len > sizeof(buf) - LWS_PRE - 16) { + lwsl_err("oversize buf %d %d\n", (int)len, + (int)sizeof(buf) - LWS_PRE - 16); + return -1; + } + + /* + * this only needs dealing with on http/1.1 to allow + * pipelining + */ + n = lws_snprintf(out, 14, "%X\x0d\x0a", (int)len); + out += n; + memcpy(out, in, len); + out += len; + *out++ = '\x0d'; + *out++ = '\x0a'; + + n = lws_write(lws_get_parent(wsi), + (unsigned char *)buf + LWS_PRE, + len + n + 2, LWS_WRITE_HTTP); + } else + n = lws_write(lws_get_parent(wsi), (unsigned char *)in, + len, LWS_WRITE_HTTP); + if (n < 0) + return -1; + break; } + + + /* this handles the proxy case... */ + case LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP: { + unsigned char *start, *p, *end; + + /* + * We want to proxy these headers, but we are being called + * at the point the onward client was established, which is + * unrelated to the state or writability of our proxy + * connection. + * + * Therefore produce the headers using the onward client ah + * while we have it, and stick them on the output buflist to be + * written on the proxy connection as soon as convenient. + */ + + parent = lws_get_parent(wsi); + + if (!parent) + return 0; + + start = p = (unsigned char *)buf + LWS_PRE; + end = p + sizeof(buf) - LWS_PRE - 256; + + if (lws_add_http_header_status(lws_get_parent(wsi), + lws_http_client_http_response(wsi), &p, end)) + return 1; + + /* + * copy these headers from the client connection to the parent + */ + + proxy_header(parent, wsi, end, 256, + WSI_TOKEN_HTTP_CONTENT_LENGTH, &p, end); + proxy_header(parent, wsi, end, 256, + WSI_TOKEN_HTTP_CONTENT_TYPE, &p, end); + proxy_header(parent, wsi, end, 256, + WSI_TOKEN_HTTP_ETAG, &p, end); + proxy_header(parent, wsi, end, 256, + WSI_TOKEN_HTTP_ACCEPT_LANGUAGE, &p, end); + proxy_header(parent, wsi, end, 256, + WSI_TOKEN_HTTP_CONTENT_ENCODING, &p, end); + proxy_header(parent, wsi, end, 256, + WSI_TOKEN_HTTP_CACHE_CONTROL, &p, end); + + if (!parent->http2_substream) + if (lws_add_http_header_by_token(parent, + WSI_TOKEN_CONNECTION, (unsigned char *)"close", + 5, &p, end)) + return -1; + + /* + * We proxy using h1 only atm, and strip any chunking so it + * can go back out on h2 just fine. + * + * However if we are actually going out on h1, we need to add + * our own chunking since we still don't know the size. + */ + + if (!parent->http2_substream && + !lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { + lwsl_debug("downstream parent chunked\n"); + if (lws_add_http_header_by_token(parent, + WSI_TOKEN_HTTP_TRANSFER_ENCODING, + (unsigned char *)"chunked", 7, &p, end)) + return -1; + + wsi->http.proxy_parent_chunked = 1; + } + + if (lws_finalize_http_header(parent, &p, end)) + return 1; + + parent->http.pending_return_headers_len = + lws_ptr_diff(p, start); + parent->http.pending_return_headers = + lws_malloc(parent->http.pending_return_headers_len + + LWS_PRE, "return proxy headers"); + if (!parent->http.pending_return_headers) + return -1; + + memcpy(parent->http.pending_return_headers + LWS_PRE, start, + parent->http.pending_return_headers_len); + + parent->reason_bf |= LWS_CB_REASON_AUX_BF__PROXY_HEADERS; + + lwsl_debug("%s: LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP: " + "prepared headers\n", __func__); + lws_callback_on_writable(parent); + + break; } + + case LWS_CALLBACK_COMPLETED_CLIENT_HTTP: + lwsl_info("%s: COMPLETED_CLIENT_HTTP: %p (parent %p)\n", + __func__, wsi, lws_get_parent(wsi)); + if (!lws_get_parent(wsi)) + break; + lws_get_parent(wsi)->reason_bf |= + LWS_CB_REASON_AUX_BF__PROXY_TRANS_END; + lws_callback_on_writable(lws_get_parent(wsi)); + break; + + case LWS_CALLBACK_CLOSED_CLIENT_HTTP: + if (!lws_get_parent(wsi)) + break; + lwsl_err("%s: LWS_CALLBACK_CLOSED_CLIENT_HTTP\n", __func__); + lws_set_timeout(lws_get_parent(wsi), LWS_TO_KILL_ASYNC, + PENDING_TIMEOUT_KILLED_BY_PROXY_CLIENT_CLOSE); + break; + + case LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER: + parent = lws_get_parent(wsi); + + if (!parent) + break; + + p = (unsigned char **)in; + end = (*p) + len; + + /* + * copy these headers from the parent request to the client + * connection's request + */ + + proxy_header(wsi, parent, (unsigned char *)buf, sizeof(buf), + WSI_TOKEN_HOST, p, end); + proxy_header(wsi, parent, (unsigned char *)buf, sizeof(buf), + WSI_TOKEN_HTTP_ETAG, p, end); + proxy_header(wsi, parent, (unsigned char *)buf, sizeof(buf), + WSI_TOKEN_HTTP_IF_MODIFIED_SINCE, p, end); + proxy_header(wsi, parent, (unsigned char *)buf, sizeof(buf), + WSI_TOKEN_HTTP_ACCEPT_LANGUAGE, p, end); + proxy_header(wsi, parent, (unsigned char *)buf, sizeof(buf), + WSI_TOKEN_HTTP_ACCEPT_ENCODING, p, end); + proxy_header(wsi, parent, (unsigned char *)buf, sizeof(buf), + WSI_TOKEN_HTTP_CACHE_CONTROL, p, end); + + buf[0] = '\0'; + lws_get_peer_simple(parent, buf, sizeof(buf)); + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_X_FORWARDED_FOR, + (unsigned char *)buf, (int)strlen(buf), p, end)) + return -1; + + break; + +#endif + +#ifdef LWS_WITH_CGI + /* CGI IO events (POLLIN/OUT) appear here, our default policy is: + * + * - POST data goes on subprocess stdin + * - subprocess stdout goes on http via writeable callback + * - subprocess stderr goes to the logs + */ + case LWS_CALLBACK_CGI: + args = (struct lws_cgi_args *)in; + switch (args->ch) { /* which of stdin/out/err ? */ + case LWS_STDIN: + /* TBD stdin rx flow control */ + break; + case LWS_STDOUT: + /* quench POLLIN on STDOUT until MASTER got writeable */ + lws_rx_flow_control(args->stdwsi[LWS_STDOUT], 0); + wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI; + /* when writing to MASTER would not block */ + lws_callback_on_writable(wsi); + break; + case LWS_STDERR: + n = lws_get_socket_fd(args->stdwsi[LWS_STDERR]); + if (n < 0) + break; + n = read(n, buf, sizeof(buf) - 2); + if (n > 0) { + if (buf[n - 1] != '\n') + buf[n++] = '\n'; + buf[n] = '\0'; + lwsl_notice("CGI-stderr: %s\n", buf); + } + break; + } + break; + + case LWS_CALLBACK_CGI_TERMINATED: + lwsl_debug("LWS_CALLBACK_CGI_TERMINATED: %d %" PRIu64 "\n", + wsi->http.cgi->explicitly_chunked, + (uint64_t)wsi->http.cgi->content_length); + if (!wsi->http.cgi->explicitly_chunked && + !wsi->http.cgi->content_length) { + /* send terminating chunk */ + lwsl_debug("LWS_CALLBACK_CGI_TERMINATED: ending\n"); + wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI_CHUNK_END; + lws_callback_on_writable(wsi); + lws_set_timeout(wsi, PENDING_TIMEOUT_CGI, 3); + break; + } + return -1; + + case LWS_CALLBACK_CGI_STDIN_DATA: /* POST body for stdin */ + args = (struct lws_cgi_args *)in; + args->data[args->len] = '\0'; + if (!args->stdwsi[LWS_STDIN]) + return -1; + n = lws_get_socket_fd(args->stdwsi[LWS_STDIN]); + if (n < 0) + return -1; + +#if defined(LWS_WITH_ZLIB) + if (wsi->http.cgi->gzip_inflate) { + /* gzip handling */ + + if (!wsi->http.cgi->gzip_init) { + lwsl_info("inflating gzip\n"); + + memset(&wsi->http.cgi->inflate, 0, + sizeof(wsi->http.cgi->inflate)); + + if (inflateInit2(&wsi->http.cgi->inflate, + 16 + 15) != Z_OK) { + lwsl_err("%s: iniflateInit failed\n", + __func__); + return -1; + } + + wsi->http.cgi->gzip_init = 1; + } + + wsi->http.cgi->inflate.next_in = args->data; + wsi->http.cgi->inflate.avail_in = args->len; + + do { + + wsi->http.cgi->inflate.next_out = + wsi->http.cgi->inflate_buf; + wsi->http.cgi->inflate.avail_out = + sizeof(wsi->http.cgi->inflate_buf); + + n = inflate(&wsi->http.cgi->inflate, + Z_SYNC_FLUSH); + + switch (n) { + case Z_NEED_DICT: + case Z_STREAM_ERROR: + case Z_DATA_ERROR: + case Z_MEM_ERROR: + inflateEnd(&wsi->http.cgi->inflate); + wsi->http.cgi->gzip_init = 0; + lwsl_err("zlib error inflate %d\n", n); + return -1; + } + + if (wsi->http.cgi->inflate.avail_out != + sizeof(wsi->http.cgi->inflate_buf)) { + int written; + + written = write(args->stdwsi[LWS_STDIN]->desc.filefd, + wsi->http.cgi->inflate_buf, + sizeof(wsi->http.cgi->inflate_buf) - + wsi->http.cgi->inflate.avail_out); + + if (written != (int)( + sizeof(wsi->http.cgi->inflate_buf) - + wsi->http.cgi->inflate.avail_out)) { + lwsl_notice("LWS_CALLBACK_CGI_STDIN_DATA: " + "sent %d only %d went", n, args->len); + } + + if (n == Z_STREAM_END) { + lwsl_err("gzip inflate end\n"); + inflateEnd(&wsi->http.cgi->inflate); + wsi->http.cgi->gzip_init = 0; + break; + } + + } else + break; + + if (wsi->http.cgi->inflate.avail_out) + break; + + } while (1); + + return args->len; + } +#endif /* WITH_ZLIB */ + + n = write(n, args->data, args->len); +// lwsl_hexdump_notice(args->data, args->len); + if (n < args->len) + lwsl_notice("LWS_CALLBACK_CGI_STDIN_DATA: " + "sent %d only %d went", n, args->len); + + if (wsi->http.cgi->post_in_expected && args->stdwsi[LWS_STDIN] && + args->stdwsi[LWS_STDIN]->desc.filefd > 0) { + wsi->http.cgi->post_in_expected -= n; + if (!wsi->http.cgi->post_in_expected) { + struct lws *siwsi = args->stdwsi[LWS_STDIN]; + + lwsl_debug("%s: expected POST in end: " + "closing stdin wsi %p, fd %d\n", + __func__, siwsi, siwsi->desc.sockfd); + + __remove_wsi_socket_from_fds(siwsi); + lwsi_set_state(siwsi, LRS_DEAD_SOCKET); + siwsi->socket_is_permanently_unusable = 1; + lws_remove_child_from_any_parent(siwsi); + if (wsi->context->event_loop_ops-> + close_handle_manually) { + wsi->context->event_loop_ops-> + close_handle_manually(siwsi); + siwsi->told_event_loop_closed = 1; + } else { + compatible_close(siwsi->desc.sockfd); + __lws_free_wsi(siwsi); + } + wsi->http.cgi->pipe_fds[LWS_STDIN][1] = -1; + + args->stdwsi[LWS_STDIN] = NULL; + } + } + + return n; +#endif /* WITH_CGI */ +#endif /* ROLE_ H1 / H2 */ + case LWS_CALLBACK_SSL_INFO: + si = in; + + (void)si; + lwsl_notice("LWS_CALLBACK_SSL_INFO: where: 0x%x, ret: 0x%x\n", + si->where, si->ret); + break; + +#if LWS_MAX_SMP > 1 + case LWS_CALLBACK_GET_THREAD_ID: + return (int)(unsigned long long)pthread_self(); +#endif + + default: + break; + } + + return 0; +} diff --git a/thirdparty/libwebsockets/core/libwebsockets.c b/thirdparty/libwebsockets/lib/core/libwebsockets.c index 58f00226f6..972422114a 100644 --- a/thirdparty/libwebsockets/core/libwebsockets.c +++ b/thirdparty/libwebsockets/lib/core/libwebsockets.c @@ -53,11 +53,42 @@ static const char * const log_level_names[] = { "CLIENT", "LATENCY", "USER", + "THREAD", "?", "?" }; #endif +#if defined (_DEBUG) +void lwsi_set_role(struct lws *wsi, lws_wsi_state_t role) +{ + wsi->wsistate = (wsi->wsistate & (~LWSI_ROLE_MASK)) | role; + + lwsl_debug("lwsi_set_role(%p, 0x%x)\n", wsi, wsi->wsistate); +} + +void lwsi_set_state(struct lws *wsi, lws_wsi_state_t lrs) +{ + wsi->wsistate = (wsi->wsistate & (~LRS_MASK)) | lrs; + + lwsl_debug("lwsi_set_state(%p, 0x%x)\n", wsi, wsi->wsistate); +} +#endif + +signed char char_to_hex(const char c) +{ + if (c >= '0' && c <= '9') + return c - '0'; + + if (c >= 'a' && c <= 'f') + return c - 'a' + 10; + + if (c >= 'A' && c <= 'F') + return c - 'A' + 10; + + return -1; +} + int lws_open(const char *__file, int __oflag, ...) { va_list ap; @@ -75,39 +106,56 @@ int lws_open(const char *__file, int __oflag, ...) n = open(__file, __oflag); va_end(ap); - lws_plat_apply_FD_CLOEXEC(n); + if (n != -1 && lws_plat_apply_FD_CLOEXEC(n)) { + close(n); + + return -1; + } return n; } -#if defined (_DEBUG) -void lwsi_set_role(struct lws *wsi, lws_wsi_state_t role) +void +lws_vhost_bind_wsi(struct lws_vhost *vh, struct lws *wsi) { - wsi->wsistate = (wsi->wsistate & (~LWSI_ROLE_MASK)) | role; - - lwsl_debug("lwsi_set_role(%p, 0x%x)\n", wsi, wsi->wsistate); + if (wsi->vhost == vh) + return; + lws_context_lock(vh->context, __func__); /* ---------- context { */ + wsi->vhost = vh; + vh->count_bound_wsi++; + lws_context_unlock(vh->context); /* } context ---------- */ + lwsl_info("%s: vh %s: count_bound_wsi %d\n", + __func__, vh->name, vh->count_bound_wsi); + assert(wsi->vhost->count_bound_wsi > 0); } -void lwsi_set_state(struct lws *wsi, lws_wsi_state_t lrs) +void +lws_vhost_unbind_wsi(struct lws *wsi) { - wsi->wsistate = (wsi->wsistate & (~LRS_MASK)) | lrs; - - lwsl_debug("lwsi_set_state(%p, 0x%x)\n", wsi, wsi->wsistate); -} -#endif + if (!wsi->vhost) + return; -signed char char_to_hex(const char c) -{ - if (c >= '0' && c <= '9') - return c - '0'; + lws_context_lock(wsi->context, __func__); /* ---------- context { */ - if (c >= 'a' && c <= 'f') - return c - 'a' + 10; + assert(wsi->vhost->count_bound_wsi > 0); + wsi->vhost->count_bound_wsi--; + lwsl_info("%s: vh %s: count_bound_wsi %d\n", __func__, + wsi->vhost->name, wsi->vhost->count_bound_wsi); - if (c >= 'A' && c <= 'F') - return c - 'A' + 10; + if (!wsi->vhost->count_bound_wsi && + wsi->vhost->being_destroyed) { + /* + * We have closed all wsi that were bound to this vhost + * by any pt: nothing can be servicing any wsi belonging + * to it any more. + * + * Finalize the vh destruction + */ + __lws_vhost_destroy2(wsi->vhost); + } + wsi->vhost = NULL; - return -1; + lws_context_unlock(wsi->context); /* } context ---------- */ } void @@ -125,13 +173,24 @@ __lws_free_wsi(struct lws *wsi) lws_free(wsi->user_space); lws_buflist_destroy_all_segments(&wsi->buflist); - lws_free_set_NULL(wsi->trunc_alloc); + lws_buflist_destroy_all_segments(&wsi->buflist_out); lws_free_set_NULL(wsi->udp); if (wsi->vhost && wsi->vhost->lserv_wsi == wsi) wsi->vhost->lserv_wsi = NULL; +#if !defined(LWS_NO_CLIENT) + lws_dll_lws_remove(&wsi->dll_active_client_conns); +#endif + wsi->context->count_wsi_allocated--; - // lws_peer_dump_from_wsi(wsi); +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + __lws_header_table_detach(wsi, 0); +#endif + __lws_same_vh_protocol_remove(wsi); +#if !defined(LWS_NO_CLIENT) + lws_client_stash_destroy(wsi); + lws_free_set_NULL(wsi->client_hostname_copy); +#endif if (wsi->role_ops->destroy_role) wsi->role_ops->destroy_role(wsi); @@ -151,7 +210,8 @@ __lws_free_wsi(struct lws *wsi) if (wsi->context->event_loop_ops->destroy_wsi) wsi->context->event_loop_ops->destroy_wsi(wsi); - wsi->context->count_wsi_allocated--; + lws_vhost_unbind_wsi(wsi); + lwsl_debug("%s: %p, remaining wsi %d\n", __func__, wsi, wsi->context->count_wsi_allocated); @@ -327,6 +387,15 @@ __lws_set_timer_usecs(struct lws *wsi, lws_usec_t usecs) // lws_dll_dump(&pt->dll_head_hrtimer, "after set_timer_usec"); } +LWS_VISIBLE lws_usec_t +lws_now_usecs(void) +{ + struct timeval now; + + gettimeofday(&now, NULL); + return (now.tv_sec * 1000000ll) + now.tv_usec; +} + LWS_VISIBLE void lws_set_timer_usecs(struct lws *wsi, lws_usec_t usecs) { @@ -370,7 +439,8 @@ __lws_hrtimer_service(struct lws_context_per_thread *pt) if (!pt->dll_head_hrtimer.next) return LWS_HRTIMER_NOWAIT; - wsi = lws_container_of(pt->dll_head_hrtimer.next, struct lws, dll_hrtimer); + wsi = lws_container_of(pt->dll_head_hrtimer.next, struct lws, + dll_hrtimer); gettimeofday(&now, NULL); t = (now.tv_sec * 1000000ll) + now.tv_usec; @@ -389,7 +459,7 @@ __lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs) time(&now); - lwsl_debug("%s: %p: %d secs\n", __func__, wsi, secs); + lwsl_debug("%s: %p: %d secs (reason %d)\n", __func__, wsi, secs, reason); wsi->pending_timeout_limit = secs; wsi->pending_timeout_set = now; wsi->pending_timeout = reason; @@ -408,7 +478,8 @@ lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs) if (secs == LWS_TO_KILL_SYNC) { lws_remove_from_timeout_list(wsi); lwsl_debug("synchronously killing %p\n", wsi); - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "to sync kill"); + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "to sync kill"); return; } @@ -420,8 +491,10 @@ lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs) lws_pt_unlock(pt); } +/* requires context + vh lock */ + int -lws_timed_callback_remove(struct lws_vhost *vh, struct lws_timed_vh_protocol *p) +__lws_timed_callback_remove(struct lws_vhost *vh, struct lws_timed_vh_protocol *p) { lws_start_foreach_llp(struct lws_timed_vh_protocol **, pt, vh->timed_vh_protocol_list) { @@ -436,9 +509,30 @@ lws_timed_callback_remove(struct lws_vhost *vh, struct lws_timed_vh_protocol *p) return 1; } +int +lws_pthread_self_to_tsi(struct lws_context *context) +{ +#if LWS_MAX_SMP > 1 + pthread_t ps = pthread_self(); + struct lws_context_per_thread *pt = &context->pt[0]; + int n; + + for (n = 0; n < context->count_threads; n++) { + if (pthread_equal(ps, pt->self)) + return n; + pt++; + } + + return -1; +#else + return 0; +#endif +} + LWS_VISIBLE LWS_EXTERN int -lws_timed_callback_vh_protocol(struct lws_vhost *vh, const struct lws_protocols *prot, - int reason, int secs) +lws_timed_callback_vh_protocol(struct lws_vhost *vh, + const struct lws_protocols *prot, int reason, + int secs) { struct lws_timed_vh_protocol *p = (struct lws_timed_vh_protocol *) lws_malloc(sizeof(*p), "timed_vh"); @@ -446,17 +540,27 @@ lws_timed_callback_vh_protocol(struct lws_vhost *vh, const struct lws_protocols if (!p) return 1; + p->tsi_req = lws_pthread_self_to_tsi(vh->context); + if (p->tsi_req < 0) /* not called from a service thread --> tsi 0 */ + p->tsi_req = 0; + + lws_context_lock(vh->context, __func__); /* context ----------------- */ + p->protocol = prot; p->reason = reason; p->time = lws_now_secs() + secs; - p->next = vh->timed_vh_protocol_list; + lws_vhost_lock(vh); /* vhost ---------------------------------------- */ + p->next = vh->timed_vh_protocol_list; vh->timed_vh_protocol_list = p; + lws_vhost_unlock(vh); /* -------------------------------------- vhost */ + + lws_context_unlock(vh->context); /* ------------------------- context */ return 0; } -static void +void lws_remove_child_from_any_parent(struct lws *wsi) { struct lws **pwsi; @@ -490,15 +594,17 @@ lws_remove_child_from_any_parent(struct lws *wsi) } int -lws_bind_protocol(struct lws *wsi, const struct lws_protocols *p) +lws_bind_protocol(struct lws *wsi, const struct lws_protocols *p, + const char *reason) { // if (wsi->protocol == p) // return 0; const struct lws_protocols *vp = wsi->vhost->protocols, *vpo; if (wsi->protocol && wsi->protocol_bind_balance) { - wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_DROP_PROTOCOL, - wsi->user_space, NULL, 0); + wsi->protocol->callback(wsi, + wsi->role_ops->protocol_unbind_cb[!!lwsi_role_server(wsi)], + wsi->user_space, (void *)reason, 0); wsi->protocol_bind_balance = 0; } if (!wsi->user_space_externally_allocated) @@ -534,7 +640,8 @@ lws_bind_protocol(struct lws *wsi, const struct lws_protocols *p) __func__, p, wsi->vhost->name); } - if (wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_BIND_PROTOCOL, + if (wsi->protocol->callback(wsi, wsi->role_ops->protocol_bind_cb[ + !!lwsi_role_server(wsi)], wsi->user_space, NULL, 0)) return 1; @@ -544,7 +651,8 @@ lws_bind_protocol(struct lws *wsi, const struct lws_protocols *p) } void -__lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char *caller) +__lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, + const char *caller) { struct lws_context_per_thread *pt; struct lws *wsi1, *wsi2; @@ -576,20 +684,21 @@ __lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char * if ((int)reason != -1) lws_vhost_lock(wsi->vhost); lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - wsi->dll_client_transaction_queue_head.next) { + wsi->dll_client_transaction_queue_head.next) { struct lws *w = lws_container_of(d, struct lws, - dll_client_transaction_queue); + dll_client_transaction_queue); __lws_close_free_wsi(w, -1, "trans q leader closing"); } lws_end_foreach_dll_safe(d, d1); /* - * !!! If we are closing, but we have pending pipelined transaction - * results we already sent headers for, that's going to destroy sync - * for HTTP/1 and leave H2 stream with no live swsi. + * !!! If we are closing, but we have pending pipelined + * transaction results we already sent headers for, that's going + * to destroy sync for HTTP/1 and leave H2 stream with no live + * swsi. * - * However this is normal if we are being closed because the transaction - * queue leader is closing. + * However this is normal if we are being closed because the + * transaction queue leader is closing. */ lws_dll_lws_remove(&wsi->dll_client_transaction_queue); if ((int)reason !=-1) @@ -605,7 +714,8 @@ __lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char * wsi2->parent = NULL; /* stop it doing shutdown processing */ wsi2->socket_is_permanently_unusable = 1; - __lws_close_free_wsi(wsi2, reason, "general child recurse"); + __lws_close_free_wsi(wsi2, reason, + "general child recurse"); wsi2 = wsi1; } wsi->child_list = NULL; @@ -630,7 +740,8 @@ __lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char * lws_cgi_remove_and_kill(wsi->parent); /* end the binding between us and master */ - wsi->parent->http.cgi->stdwsi[(int)wsi->cgi_channel] = NULL; + wsi->parent->http.cgi->stdwsi[(int)wsi->cgi_channel] = + NULL; } wsi->socket_is_permanently_unusable = 1; @@ -674,14 +785,24 @@ __lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char * goto just_kill_connection; case LRS_FLUSHING_BEFORE_CLOSE: - if (wsi->trunc_len) { + if (lws_has_buffered_out(wsi) +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + || wsi->http.comp_ctx.buflist_comp || + wsi->http.comp_ctx.may_have_more +#endif + ) { lws_callback_on_writable(wsi); return; } lwsl_info("%p: end LRS_FLUSHING_BEFORE_CLOSE\n", wsi); goto just_kill_connection; default: - if (wsi->trunc_len) { + if (lws_has_buffered_out(wsi) +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + || wsi->http.comp_ctx.buflist_comp || + wsi->http.comp_ctx.may_have_more +#endif + ) { lwsl_info("%p: LRS_FLUSHING_BEFORE_CLOSE\n", wsi); lwsi_set_state(wsi, LRS_FLUSHING_BEFORE_CLOSE); __lws_set_timeout(wsi, @@ -695,15 +816,13 @@ __lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char * lwsi_state(wsi) == LRS_H1C_ISSUE_HANDSHAKE) goto just_kill_connection; - if (!wsi->told_user_closed && lwsi_role_http(wsi) && - lwsi_role_server(wsi)) { - if (wsi->user_space && wsi->protocol && - wsi->protocol_bind_balance) { - wsi->protocol->callback(wsi, - LWS_CALLBACK_HTTP_DROP_PROTOCOL, - wsi->user_space, NULL, 0); - wsi->protocol_bind_balance = 0; - } + if (!wsi->told_user_closed && wsi->user_space && wsi->protocol && + wsi->protocol_bind_balance) { + wsi->protocol->callback(wsi, + wsi->role_ops->protocol_unbind_cb[ + !!lwsi_role_server(wsi)], + wsi->user_space, (void *)__func__, 0); + wsi->protocol_bind_balance = 0; } /* @@ -734,8 +853,10 @@ just_kill_connection: wsi->protocol_bind_balance) { lwsl_debug("%s: %p: DROP_PROTOCOL %s\n", __func__, wsi, wsi->protocol->name); - wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_DROP_PROTOCOL, - wsi->user_space, NULL, 0); + wsi->protocol->callback(wsi, + wsi->role_ops->protocol_unbind_cb[ + !!lwsi_role_server(wsi)], + wsi->user_space, (void *)__func__, 0); wsi->protocol_bind_balance = 0; } @@ -772,7 +893,7 @@ just_kill_connection: } else #endif { - lwsl_info("%s: shutdown conn: %p (sock %d, state 0x%x)\n", + lwsl_info("%s: shutdown conn: %p (sk %d, state 0x%x)\n", __func__, wsi, (int)(long)wsi->desc.sockfd, lwsi_state(wsi)); if (!wsi->socket_is_permanently_unusable && @@ -808,12 +929,16 @@ just_kill_connection: lwsl_debug("%s: real just_kill_connection: %p (sockfd %d)\n", __func__, wsi, wsi->desc.sockfd); -#ifdef LWS_WITH_HTTP_PROXY +#ifdef LWS_WITH_HUBBUB if (wsi->http.rw) { lws_rewrite_destroy(wsi->http.rw); wsi->http.rw = NULL; } #endif + + if (wsi->http.pending_return_headers) + lws_free_set_NULL(wsi->http.pending_return_headers); + /* * we won't be servicing or receiving anything further from this guy * delete socket from the internal poll list if still present @@ -830,7 +955,7 @@ just_kill_connection: if (wsi->desc.sockfd != LWS_SOCK_INVALID) __remove_wsi_socket_from_fds(wsi); else - lws_same_vh_protocol_remove(wsi); + __lws_same_vh_protocol_remove(wsi); lwsi_set_state(wsi, LRS_DEAD_SOCKET); lws_buflist_destroy_all_segments(&wsi->buflist); @@ -841,7 +966,9 @@ just_kill_connection: /* tell the user it's all over for this guy */ - if (lwsi_state_est_PRE_CLOSE(wsi) && !wsi->told_user_closed && + if ((lwsi_state_est_PRE_CLOSE(wsi) || + lwsi_state_PRE_CLOSE(wsi) == LRS_WAITING_SERVER_REPLY) && + !wsi->told_user_closed && wsi->role_ops->close_cb[lwsi_role_server(wsi)]) { const struct lws_protocols *pro = wsi->protocol; @@ -877,7 +1004,9 @@ __lws_close_free_wsi_final(struct lws *wsi) { int n; - if (lws_socket_is_valid(wsi->desc.sockfd) && !lws_ssl_close(wsi)) { + if (!wsi->shadow && + lws_socket_is_valid(wsi->desc.sockfd) && !lws_ssl_close(wsi)) { + lwsl_debug("%s: wsi %p: fd %d\n", __func__, wsi, wsi->desc.sockfd); n = compatible_close(wsi->desc.sockfd); if (n) lwsl_debug("closing: close ret %d\n", LWS_ERRNO); @@ -944,8 +1073,7 @@ lws_buflist_append_segment(struct lws_buflist **head, const uint8_t *buf, lwsl_info("%s: len %u first %d %p\n", __func__, (uint32_t)len, first, p); - nbuf = (struct lws_buflist *) - lws_malloc(sizeof(**head) + len, __func__); + nbuf = (struct lws_buflist *)lws_malloc(sizeof(**head) + len, __func__); if (!nbuf) { lwsl_err("%s: OOM\n", __func__); return -1; @@ -1179,9 +1307,6 @@ lws_get_peer_simple(struct lws *wsi, char *name, int namelen) wsi = lws_get_network_wsi(wsi); - if (wsi->parent_carries_io) - wsi = wsi->parent; - #ifdef LWS_WITH_IPV6 if (LWS_IPV6_ENABLED(wsi->vhost)) { len = sizeof(sin6); @@ -1298,7 +1423,11 @@ lws_get_network_wsi(struct lws *wsi) return NULL; #if defined(LWS_WITH_HTTP2) - if (!wsi->http2_substream && !wsi->client_h2_substream) + if (!wsi->http2_substream +#if !defined(LWS_NO_CLIENT) + && !wsi->client_h2_substream +#endif + ) return wsi; while (wsi->h2.parent_wsi) @@ -1396,7 +1525,7 @@ lws_callback_vhost_protocols_vhost(struct lws_vhost *vh, int reason, void *in, struct lws *wsi = lws_zalloc(sizeof(*wsi), "fake wsi"); wsi->context = vh->context; - wsi->vhost = vh; + lws_vhost_bind_wsi(vh, wsi); for (n = 0; n < wsi->vhost->count_protocols; n++) { wsi->protocol = &vh->protocols[n]; @@ -1486,8 +1615,8 @@ lws_vfs_select_fops(const struct lws_plat_file_ops *fops, const char *vfs_path, while (n < (int)LWS_ARRAY_SIZE(pf->fi) && pf->fi[n].sig) { if (p >= vfs_path + pf->fi[n].len) if (!strncmp(p - (pf->fi[n].len - 1), - pf->fi[n].sig, - pf->fi[n].len - 1)) { + pf->fi[n].sig, + pf->fi[n].len - 1)) { *vpath = p + 1; return pf; } @@ -1557,7 +1686,7 @@ lws_latency(struct lws_context *context, struct lws *wsi, const char *action, unsigned long long u; char buf[256]; - u = time_in_microseconds(); + u = lws_time_in_microseconds(); if (!action) { wsi->latency_start = u; @@ -1625,7 +1754,8 @@ lws_rx_flow_control(struct lws *wsi, int _enable) wsi->rxflow_change_to) goto skip; - wsi->rxflow_change_to = LWS_RXFLOW_PENDING_CHANGE | !wsi->rxflow_bitmap; + wsi->rxflow_change_to = LWS_RXFLOW_PENDING_CHANGE | + (!wsi->rxflow_bitmap); lwsl_info("%s: %p: bitmap 0x%x: en 0x%x, ch 0x%x\n", __func__, wsi, wsi->rxflow_bitmap, en, wsi->rxflow_change_to); @@ -1676,7 +1806,7 @@ lws_broadcast(struct lws_context *context, int reason, void *in, size_t len) while (v) { const struct lws_protocols *p = v->protocols; - wsi.vhost = v; + wsi.vhost = v; /* not a real bound wsi */ for (n = 0; n < v->count_protocols; n++) { wsi.protocol = p; @@ -1766,7 +1896,9 @@ lws_set_proxy(struct lws_vhost *vhost, const char *proxy) lwsl_info(" Proxy auth in use\n"); +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) proxy = p + 1; +#endif } else vhost->proxy_basic_auth_token[0] = '\0'; @@ -1913,7 +2045,9 @@ LWS_VISIBLE int lwsl_timestamp(int level, char *p, int len) { #ifndef LWS_PLAT_OPTEE +#ifndef _WIN32_WCE time_t o_now = time(NULL); +#endif unsigned long long now; struct tm *ptm = NULL; #ifndef WIN32 @@ -1933,7 +2067,7 @@ lwsl_timestamp(int level, char *p, int len) for (n = 0; n < LLL_COUNT; n++) { if (level != (1 << n)) continue; - now = time_in_microseconds() / 100; + now = lws_time_in_microseconds() / 100; if (ptm) n = lws_snprintf(p, len, "[%04d/%02d/%02d %02d:%02d:%02d:%04d] %s: ", @@ -1970,12 +2104,15 @@ static const char * const colours[] = { "[33m", /* LLL_CLIENT */ "[33;1m", /* LLL_LATENCY */ "[30;1m", /* LLL_USER */ + "[31m", /* LLL_THREAD */ }; -LWS_VISIBLE void lwsl_emit_stderr(int level, const char *line) +static char tty; + +LWS_VISIBLE void +lwsl_emit_stderr(int level, const char *line) { char buf[50]; - static char tty = 3; int n, m = LWS_ARRAY_SIZE(colours) - 1; if (!tty) @@ -1994,6 +2131,28 @@ LWS_VISIBLE void lwsl_emit_stderr(int level, const char *line) } else fprintf(stderr, "%s%s", buf, line); } + +LWS_VISIBLE void +lwsl_emit_stderr_notimestamp(int level, const char *line) +{ + int n, m = LWS_ARRAY_SIZE(colours) - 1; + + if (!tty) + tty = isatty(2) | 2; + + if (tty == 3) { + n = 1 << (LWS_ARRAY_SIZE(colours) - 1); + while (n) { + if (level & n) + break; + m--; + n >>= 1; + } + fprintf(stderr, "%c%s%s%c[0m", 27, colours[m], line, 27); + } else + fprintf(stderr, "%s", line); +} + #endif LWS_VISIBLE void _lws_logv(int filter, const char *format, va_list vl) @@ -2007,8 +2166,14 @@ LWS_VISIBLE void _lws_logv(int filter, const char *format, va_list vl) n = vsnprintf(buf, sizeof(buf) - 1, format, vl); (void)n; /* vnsprintf returns what it would have written, even if truncated */ - if (n > (int)sizeof(buf) - 1) - n = sizeof(buf) - 1; + if (n > (int)sizeof(buf) - 1) { + n = sizeof(buf) - 5; + buf[n++] = '.'; + buf[n++] = '.'; + buf[n++] = '.'; + buf[n++] = '\n'; + buf[n] = '\0'; + } if (n > 0) buf[n] = '\0'; @@ -2041,9 +2206,7 @@ LWS_VISIBLE void lwsl_hexdump_level(int hexdump_level, const void *vbuf, size_t len) { unsigned char *buf = (unsigned char *)vbuf; - unsigned int n, m, start; - char line[80]; - char *p; + unsigned int n; if (!lwsl_visible(hexdump_level)) return; @@ -2057,8 +2220,8 @@ lwsl_hexdump_level(int hexdump_level, const void *vbuf, size_t len) _lws_log(hexdump_level, "\n"); for (n = 0; n < len;) { - start = n; - p = line; + unsigned int start = n, m; + char line[80], *p = line; p += sprintf(p, "%04X: ", start); @@ -2117,7 +2280,7 @@ lws_get_ssl(struct lws *wsi) LWS_VISIBLE int lws_partial_buffered(struct lws *wsi) { - return !!wsi->trunc_len; + return lws_has_buffered_out(wsi); } LWS_VISIBLE lws_fileofs_t @@ -2130,7 +2293,7 @@ lws_get_peer_write_allowance(struct lws *wsi) LWS_VISIBLE void lws_role_transition(struct lws *wsi, enum lwsi_role role, enum lwsi_state state, - struct lws_role_ops *ops) + struct lws_role_ops *ops) { #if defined(_DEBUG) const char *name = "(unset)"; @@ -2192,12 +2355,6 @@ lws_get_child(const struct lws *wsi) return wsi->child_list; } -LWS_VISIBLE LWS_EXTERN void -lws_set_parent_carries_io(struct lws *wsi) -{ - wsi->parent_carries_io = 1; -} - LWS_VISIBLE LWS_EXTERN void * lws_get_opaque_parent_data(const struct lws *wsi) { @@ -2257,7 +2414,7 @@ __lws_rx_flow_control(struct lws *wsi) wsi->rxflow_change_to &= ~LWS_RXFLOW_PENDING_CHANGE; lwsl_info("rxflow: wsi %p change_to %d\n", wsi, - wsi->rxflow_change_to & LWS_RXFLOW_ALLOW); + wsi->rxflow_change_to & LWS_RXFLOW_ALLOW); /* adjust the pollfd for this wsi */ @@ -2273,36 +2430,60 @@ __lws_rx_flow_control(struct lws *wsi) return 0; } +static const unsigned char e0f4[] = { + 0xa0 | ((2 - 1) << 2) | 1, /* e0 */ + 0x80 | ((4 - 1) << 2) | 1, /* e1 */ + 0x80 | ((4 - 1) << 2) | 1, /* e2 */ + 0x80 | ((4 - 1) << 2) | 1, /* e3 */ + 0x80 | ((4 - 1) << 2) | 1, /* e4 */ + 0x80 | ((4 - 1) << 2) | 1, /* e5 */ + 0x80 | ((4 - 1) << 2) | 1, /* e6 */ + 0x80 | ((4 - 1) << 2) | 1, /* e7 */ + 0x80 | ((4 - 1) << 2) | 1, /* e8 */ + 0x80 | ((4 - 1) << 2) | 1, /* e9 */ + 0x80 | ((4 - 1) << 2) | 1, /* ea */ + 0x80 | ((4 - 1) << 2) | 1, /* eb */ + 0x80 | ((4 - 1) << 2) | 1, /* ec */ + 0x80 | ((2 - 1) << 2) | 1, /* ed */ + 0x80 | ((4 - 1) << 2) | 1, /* ee */ + 0x80 | ((4 - 1) << 2) | 1, /* ef */ + 0x90 | ((3 - 1) << 2) | 2, /* f0 */ + 0x80 | ((4 - 1) << 2) | 2, /* f1 */ + 0x80 | ((4 - 1) << 2) | 2, /* f2 */ + 0x80 | ((4 - 1) << 2) | 2, /* f3 */ + 0x80 | ((1 - 1) << 2) | 2, /* f4 */ + + 0, /* s0 */ + 0x80 | ((4 - 1) << 2) | 0, /* s2 */ + 0x80 | ((4 - 1) << 2) | 1, /* s3 */ +}; + +LWS_EXTERN int +lws_check_byte_utf8(unsigned char state, unsigned char c) +{ + unsigned char s = state; + + if (!s) { + if (c >= 0x80) { + if (c < 0xc2 || c > 0xf4) + return -1; + if (c < 0xe0) + return 0x80 | ((4 - 1) << 2); + else + return e0f4[c - 0xe0]; + } + + return s; + } + if (c < (s & 0xf0) || c >= (s & 0xf0) + 0x10 + ((s << 2) & 0x30)) + return -1; + + return e0f4[21 + (s & 3)]; +} + LWS_EXTERN int lws_check_utf8(unsigned char *state, unsigned char *buf, size_t len) { - static const unsigned char e0f4[] = { - 0xa0 | ((2 - 1) << 2) | 1, /* e0 */ - 0x80 | ((4 - 1) << 2) | 1, /* e1 */ - 0x80 | ((4 - 1) << 2) | 1, /* e2 */ - 0x80 | ((4 - 1) << 2) | 1, /* e3 */ - 0x80 | ((4 - 1) << 2) | 1, /* e4 */ - 0x80 | ((4 - 1) << 2) | 1, /* e5 */ - 0x80 | ((4 - 1) << 2) | 1, /* e6 */ - 0x80 | ((4 - 1) << 2) | 1, /* e7 */ - 0x80 | ((4 - 1) << 2) | 1, /* e8 */ - 0x80 | ((4 - 1) << 2) | 1, /* e9 */ - 0x80 | ((4 - 1) << 2) | 1, /* ea */ - 0x80 | ((4 - 1) << 2) | 1, /* eb */ - 0x80 | ((4 - 1) << 2) | 1, /* ec */ - 0x80 | ((2 - 1) << 2) | 1, /* ed */ - 0x80 | ((4 - 1) << 2) | 1, /* ee */ - 0x80 | ((4 - 1) << 2) | 1, /* ef */ - 0x90 | ((3 - 1) << 2) | 2, /* f0 */ - 0x80 | ((4 - 1) << 2) | 2, /* f1 */ - 0x80 | ((4 - 1) << 2) | 2, /* f2 */ - 0x80 | ((4 - 1) << 2) | 2, /* f3 */ - 0x80 | ((1 - 1) << 2) | 2, /* f4 */ - - 0, /* s0 */ - 0x80 | ((4 - 1) << 2) | 0, /* s2 */ - 0x80 | ((4 - 1) << 2) | 1, /* s3 */ - }; unsigned char s = *state; while (len--) { @@ -2335,7 +2516,7 @@ lws_parse_uri(char *p, const char **prot, const char **ads, int *port, const char **path) { const char *end; - static const char *slash = "/"; + char unix_skt = 0; /* cut up the location into address, port and path */ *prot = p; @@ -2349,32 +2530,32 @@ lws_parse_uri(char *p, const char **prot, const char **ads, int *port, *p = '\0'; p += 3; } + if (*p == '+') /* unix skt */ + unix_skt = 1; + *ads = p; if (!strcmp(*prot, "http") || !strcmp(*prot, "ws")) *port = 80; else if (!strcmp(*prot, "https") || !strcmp(*prot, "wss")) *port = 443; - if (*p == '[') - { - ++(*ads); - while (*p && *p != ']') - p++; - if (*p) - *p++ = '\0'; - } - else - { - while (*p && *p != ':' && *p != '/') - p++; - } + if (*p == '[') { + ++(*ads); + while (*p && *p != ']') + p++; + if (*p) + *p++ = '\0'; + } else + while (*p && *p != ':' && (unix_skt || *p != '/')) + p++; + if (*p == ':') { *p++ = '\0'; *port = atoi(p); while (*p && *p != '/') p++; } - *path = slash; + *path = "/"; if (*p) { *p++ = '\0'; if (*p) @@ -2384,6 +2565,17 @@ lws_parse_uri(char *p, const char **prot, const char **ads, int *port, return 0; } +char * +lws_strdup(const char *s) +{ + char *d = lws_malloc(strlen(s) + 1, "strdup"); + + if (d) + strcpy(d, s); + + return d; +} + #if defined(LWS_WITHOUT_EXTENSIONS) /* we need to provide dummy callbacks for internal exts @@ -2417,6 +2609,14 @@ lws_set_extension_option(struct lws *wsi, const char *ext_name, } #endif +/* note: this returns a random port, or one of these <= 0 return codes: + * + * LWS_ITOSA_USABLE: the interface is usable, returned if so and sockfd invalid + * LWS_ITOSA_NOT_EXIST: the requested iface does not even exist + * LWS_ITOSA_NOT_USABLE: the requested iface exists but is not usable (eg, no IP) + * LWS_ITOSA_BUSY: the port at the requested iface + port is already in use + */ + LWS_EXTERN int lws_socket_bind(struct lws_vhost *vhost, lws_sockfd_type sockfd, int port, const char *iface) @@ -2438,22 +2638,26 @@ lws_socket_bind(struct lws_vhost *vhost, lws_sockfd_type sockfd, int port, struct sockaddr_storage sin; struct sockaddr *v; -#ifdef LWS_WITH_UNIX_SOCK + memset(&sin, 0, sizeof(sin)); + +#if defined(LWS_WITH_UNIX_SOCK) if (LWS_UNIX_SOCK_ENABLED(vhost)) { v = (struct sockaddr *)&serv_unix; n = sizeof(struct sockaddr_un); bzero((char *) &serv_unix, sizeof(serv_unix)); serv_unix.sun_family = AF_UNIX; if (!iface) - return -1; + return LWS_ITOSA_NOT_EXIST; if (sizeof(serv_unix.sun_path) <= strlen(iface)) { lwsl_err("\"%s\" too long for UNIX domain socket\n", iface); - return -1; + return LWS_ITOSA_NOT_EXIST; } strcpy(serv_unix.sun_path, iface); if (serv_unix.sun_path[0] == '@') serv_unix.sun_path[0] = '\0'; + else + unlink(serv_unix.sun_path); } else #endif @@ -2488,8 +2692,8 @@ lws_socket_bind(struct lws_vhost *vhost, lws_sockfd_type sockfd, int port, bzero((char *) &serv_addr4, sizeof(serv_addr4)); serv_addr4.sin_addr.s_addr = INADDR_ANY; serv_addr4.sin_family = AF_INET; -#if !defined(LWS_WITH_ESP32) +#if !defined(LWS_WITH_ESP32) if (iface) { m = interface_to_sa(vhost, iface, (struct sockaddr_in *)v, n); @@ -2510,22 +2714,38 @@ lws_socket_bind(struct lws_vhost *vhost, lws_sockfd_type sockfd, int port, /* just checking for the interface extant */ if (sockfd == LWS_SOCK_INVALID) - return 0; + return LWS_ITOSA_USABLE; n = bind(sockfd, v, n); #ifdef LWS_WITH_UNIX_SOCK if (n < 0 && LWS_UNIX_SOCK_ENABLED(vhost)) { lwsl_err("ERROR on binding fd %d to \"%s\" (%d %d)\n", - sockfd, iface, n, LWS_ERRNO); - return -1; + sockfd, iface, n, LWS_ERRNO); + return LWS_ITOSA_NOT_EXIST; } else #endif if (n < 0) { lwsl_err("ERROR on binding fd %d to port %d (%d %d)\n", - sockfd, port, n, LWS_ERRNO); - return -1; + sockfd, port, n, LWS_ERRNO); + + /* if something already listening, tell caller to fail permanently */ + + if (LWS_ERRNO == LWS_EADDRINUSE) + return LWS_ITOSA_BUSY; + + /* otherwise ask caller to retry later */ + + return LWS_ITOSA_NOT_EXIST; } +#if defined(LWS_WITH_UNIX_SOCK) + if (LWS_UNIX_SOCK_ENABLED(vhost) && vhost->context->uid) + if (chown(serv_unix.sun_path, vhost->context->uid, + vhost->context->gid)) + lwsl_notice("%s: chown for unix skt %s failed\n", + __func__, serv_unix.sun_path); +#endif + #ifndef LWS_PLAT_OPTEE if (getsockname(sockfd, (struct sockaddr *)&sin, &len) == -1) lwsl_warn("getsockname: %s\n", strerror(LWS_ERRNO)); @@ -2600,7 +2820,7 @@ lws_get_addr_scope(const char *ipaddr) for (i = 0; i < 5; i++) { ret = GetAdaptersAddresses(AF_INET6, GAA_FLAG_INCLUDE_PREFIX, - NULL, addrs, &size); + NULL, addrs, &size); if ((ret == NO_ERROR) || (ret == ERROR_NO_DATA)) { break; } else if (ret == ERROR_BUFFER_OVERFLOW) @@ -2653,73 +2873,6 @@ lws_get_addr_scope(const char *ipaddr) } #endif -#if !defined(LWS_NO_SERVER) - -LWS_EXTERN struct lws * -lws_create_adopt_udp(struct lws_vhost *vhost, int port, int flags, - const char *protocol_name, struct lws *parent_wsi) -{ - lws_sock_file_fd_type sock; - struct addrinfo h, *r, *rp; - struct lws *wsi = NULL; - char buf[16]; - int n; - - memset(&h, 0, sizeof(h)); - h.ai_family = AF_UNSPEC; /* Allow IPv4 or IPv6 */ - h.ai_socktype = SOCK_DGRAM; - h.ai_protocol = IPPROTO_UDP; - h.ai_flags = AI_PASSIVE | AI_ADDRCONFIG; - - lws_snprintf(buf, sizeof(buf), "%u", port); - n = getaddrinfo(NULL, buf, &h, &r); - if (n) { - lwsl_info("%s: getaddrinfo error: %s\n", __func__, - gai_strerror(n)); - goto bail; - } - - for (rp = r; rp; rp = rp->ai_next) { - sock.sockfd = socket(rp->ai_family, rp->ai_socktype, - rp->ai_protocol); - if (sock.sockfd >= 0) - break; - } - if (!rp) { - lwsl_err("%s: unable to create INET socket\n", __func__); - goto bail1; - } - - if ((flags & LWS_CAUDP_BIND) && bind(sock.sockfd, rp->ai_addr, -#if defined(_WIN32) - (int)rp->ai_addrlen -#else - rp->ai_addrlen -#endif - ) == -1) { - lwsl_err("%s: bind failed\n", __func__); - goto bail2; - } - - wsi = lws_adopt_descriptor_vhost(vhost, LWS_ADOPT_RAW_SOCKET_UDP, sock, - protocol_name, parent_wsi); - if (!wsi) - lwsl_err("%s: udp adoption failed\n", __func__); - -bail2: - if (!wsi) - close((int)sock.sockfd); -bail1: - freeaddrinfo(r); - -bail: - return wsi; -} - -#endif - - - static const char *hex = "0123456789ABCDEF"; LWS_VISIBLE LWS_EXTERN const char * @@ -2754,6 +2907,27 @@ lws_json_purify(char *escaped, const char *string, int len) } while (*p && len-- > 6) { + if (*p == '\t') { + p++; + *q++ = '\\'; + *q++ = 't'; + continue; + } + + if (*p == '\n') { + p++; + *q++ = '\\'; + *q++ = 'n'; + continue; + } + + if (*p == '\r') { + p++; + *q++ = '\\'; + *q++ = 'r'; + continue; + } + if (*p == '\"' || *p == '\\' || *p < 0x20) { *q++ = '\\'; *q++ = 'u'; @@ -2890,6 +3064,13 @@ lws_finalize_startup(struct lws_context *context) return 0; } +LWS_VISIBLE LWS_EXTERN void +lws_get_effective_uid_gid(struct lws_context *context, int *uid, int *gid) +{ + *uid = context->uid; + *gid = context->gid; +} + int lws_snprintf(char *str, size_t size, const char *format, ...) { @@ -2919,6 +3100,316 @@ lws_strncpy(char *dest, const char *src, size_t size) } +typedef enum { + LWS_TOKZS_LEADING_WHITESPACE, + LWS_TOKZS_QUOTED_STRING, + LWS_TOKZS_TOKEN, + LWS_TOKZS_TOKEN_POST_TERMINAL +} lws_tokenize_state; + +int +lws_tokenize(struct lws_tokenize *ts) +{ + const char *rfc7230_delims = "(),/:;<=>?@[\\]{}"; + lws_tokenize_state state = LWS_TOKZS_LEADING_WHITESPACE; + char c, flo = 0, d_minus = '-', d_dot = '.', s_minus = '\0', + s_dot = '\0'; + signed char num = -1; + int utf8 = 0; + + /* for speed, compute the effect of the flags outside the loop */ + + if (ts->flags & LWS_TOKENIZE_F_MINUS_NONTERM) { + d_minus = '\0'; + s_minus = '-'; + } + if (ts->flags & LWS_TOKENIZE_F_DOT_NONTERM) { + d_dot = '\0'; + s_dot = '.'; + } + + ts->token = NULL; + ts->token_len = 0; + + while (ts->len) { + c = *ts->start++; + ts->len--; + + utf8 = lws_check_byte_utf8((unsigned char)utf8, c); + if (utf8 < 0) + return LWS_TOKZE_ERR_BROKEN_UTF8; + + if (!c) + break; + + /* whitespace */ + + if (c == ' ' || c == '\t' || c == '\n' || c == '\r' || + c == '\f') { + switch (state) { + case LWS_TOKZS_LEADING_WHITESPACE: + case LWS_TOKZS_TOKEN_POST_TERMINAL: + continue; + case LWS_TOKZS_QUOTED_STRING: + ts->token_len++; + continue; + case LWS_TOKZS_TOKEN: + /* we want to scan forward to look for = */ + + state = LWS_TOKZS_TOKEN_POST_TERMINAL; + continue; + } + } + + /* quoted string */ + + if (c == '\"') { + if (state == LWS_TOKZS_QUOTED_STRING) + return LWS_TOKZE_QUOTED_STRING; + + /* starting a quoted string */ + + if (ts->flags & LWS_TOKENIZE_F_COMMA_SEP_LIST) { + if (ts->delim == LWSTZ_DT_NEED_DELIM) + return LWS_TOKZE_ERR_COMMA_LIST; + ts->delim = LWSTZ_DT_NEED_DELIM; + } + + state = LWS_TOKZS_QUOTED_STRING; + ts->token = ts->start; + ts->token_len = 0; + + continue; + } + + /* token= aggregation */ + + if (c == '=' && (state == LWS_TOKZS_TOKEN_POST_TERMINAL || + state == LWS_TOKZS_TOKEN)) { + if (num == 1) + return LWS_TOKZE_ERR_NUM_ON_LHS; + /* swallow the = */ + return LWS_TOKZE_TOKEN_NAME_EQUALS; + } + + /* optional token: aggregation */ + + if ((ts->flags & LWS_TOKENIZE_F_AGG_COLON) && c == ':' && + (state == LWS_TOKZS_TOKEN_POST_TERMINAL || + state == LWS_TOKZS_TOKEN)) + /* swallow the : */ + return LWS_TOKZE_TOKEN_NAME_COLON; + + /* aggregate . in a number as a float */ + + if (c == '.' && !(ts->flags & LWS_TOKENIZE_F_NO_FLOATS) && + state == LWS_TOKZS_TOKEN && num == 1) { + if (flo) + return LWS_TOKZE_ERR_MALFORMED_FLOAT; + flo = 1; + ts->token_len++; + continue; + } + + /* + * Delimiter... by default anything that: + * + * - isn't matched earlier, or + * - is [A-Z, a-z, 0-9, _], and + * - is not a partial utf8 char + * + * is a "delimiter", it marks the end of a token and is itself + * reported as a single LWS_TOKZE_DELIMITER each time. + * + * However with LWS_TOKENIZE_F_RFC7230_DELIMS flag, tokens may + * contain any noncontrol character that isn't defined in + * rfc7230_delims, and only characters listed there are treated + * as delimiters. + */ + + if (!utf8 && + ((ts->flags & LWS_TOKENIZE_F_RFC7230_DELIMS && + strchr(rfc7230_delims, c) && c > 32) || + ((!(ts->flags & LWS_TOKENIZE_F_RFC7230_DELIMS) && + (c < '0' || c > '9') && (c < 'A' || c > 'Z') && + (c < 'a' || c > 'z') && c != '_') && + c != s_minus && c != s_dot) || + c == d_minus || c == d_dot + )) { + switch (state) { + case LWS_TOKZS_LEADING_WHITESPACE: + if (ts->flags & LWS_TOKENIZE_F_COMMA_SEP_LIST) { + if (c != ',' || + ts->delim != LWSTZ_DT_NEED_DELIM) + return LWS_TOKZE_ERR_COMMA_LIST; + ts->delim = LWSTZ_DT_NEED_NEXT_CONTENT; + } + + ts->token = ts->start - 1; + ts->token_len = 1; + return LWS_TOKZE_DELIMITER; + + case LWS_TOKZS_QUOTED_STRING: + ts->token_len++; + continue; + + case LWS_TOKZS_TOKEN_POST_TERMINAL: + case LWS_TOKZS_TOKEN: + /* report the delimiter next time */ + ts->start--; + ts->len++; + goto token_or_numeric; + } + } + + /* anything that's not whitespace or delimiter is payload */ + + switch (state) { + case LWS_TOKZS_LEADING_WHITESPACE: + + if (ts->flags & LWS_TOKENIZE_F_COMMA_SEP_LIST) { + if (ts->delim == LWSTZ_DT_NEED_DELIM) + return LWS_TOKZE_ERR_COMMA_LIST; + ts->delim = LWSTZ_DT_NEED_DELIM; + } + + state = LWS_TOKZS_TOKEN; + ts->token = ts->start - 1; + ts->token_len = 1; + if (c < '0' || c > '9') + num = 0; + else + if (num < 0) + num = 1; + continue; + case LWS_TOKZS_QUOTED_STRING: + case LWS_TOKZS_TOKEN: + if (c < '0' || c > '9') + num = 0; + else + if (num < 0) + num = 1; + ts->token_len++; + continue; + case LWS_TOKZS_TOKEN_POST_TERMINAL: + /* report the new token next time */ + ts->start--; + ts->len++; + goto token_or_numeric; + } + } + + /* we ran out of content */ + + if (utf8) /* ended partway through a multibyte char */ + return LWS_TOKZE_ERR_BROKEN_UTF8; + + if (state == LWS_TOKZS_QUOTED_STRING) + return LWS_TOKZE_ERR_UNTERM_STRING; + + if (state != LWS_TOKZS_TOKEN_POST_TERMINAL && + state != LWS_TOKZS_TOKEN) { + if ((ts->flags & LWS_TOKENIZE_F_COMMA_SEP_LIST) && + ts->delim == LWSTZ_DT_NEED_NEXT_CONTENT) + return LWS_TOKZE_ERR_COMMA_LIST; + + return LWS_TOKZE_ENDED; + } + + /* report the pending token */ + +token_or_numeric: + + if (num != 1) + return LWS_TOKZE_TOKEN; + if (flo) + return LWS_TOKZE_FLOAT; + + return LWS_TOKZE_INTEGER; +} + + +LWS_VISIBLE LWS_EXTERN int +lws_tokenize_cstr(struct lws_tokenize *ts, char *str, int max) +{ + if (ts->token_len + 1 >= max) + return 1; + + memcpy(str, ts->token, ts->token_len); + str[ts->token_len] = '\0'; + + return 0; +} + +LWS_VISIBLE LWS_EXTERN void +lws_tokenize_init(struct lws_tokenize *ts, const char *start, int flags) +{ + ts->start = start; + ts->len = 0x7fffffff; + ts->flags = flags; + ts->delim = LWSTZ_DT_NEED_FIRST_CONTENT; +} + +#if LWS_MAX_SMP > 1 + +void +lws_mutex_refcount_init(struct lws_mutex_refcount *mr) +{ + pthread_mutex_init(&mr->lock, NULL); + mr->last_lock_reason = NULL; + mr->lock_depth = 0; + mr->metadata = 0; + mr->lock_owner = 0; +} + +void +lws_mutex_refcount_destroy(struct lws_mutex_refcount *mr) +{ + pthread_mutex_destroy(&mr->lock); +} + +void +lws_mutex_refcount_lock(struct lws_mutex_refcount *mr, const char *reason) +{ + /* if true, this sequence is atomic because our thread has the lock + * + * - if true, only guy who can race to make it untrue is our thread, + * and we are here. + * + * - if false, only guy who could race to make it true is our thread, + * and we are here + * + * - it can be false and change to a different tid that is also false + */ + if (mr->lock_owner == pthread_self()) { + /* atomic because we only change it if we own the lock */ + mr->lock_depth++; + return; + } + + pthread_mutex_lock(&mr->lock); + /* atomic because only we can have the lock */ + mr->last_lock_reason = reason; + mr->lock_owner = pthread_self(); + mr->lock_depth = 1; + //lwsl_notice("tid %d: lock %s\n", mr->tid, reason); +} + +void +lws_mutex_refcount_unlock(struct lws_mutex_refcount *mr) +{ + if (--mr->lock_depth) + /* atomic because only thread that has the lock can unlock */ + return; + + mr->last_lock_reason = "free"; + mr->lock_owner = 0; + //lwsl_notice("tid %d: unlock %s\n", mr->tid, mr->last_lock_reason); + pthread_mutex_unlock(&mr->lock); +} + +#endif /* SMP */ + LWS_VISIBLE LWS_EXTERN int lws_is_cgi(struct lws *wsi) { #ifdef LWS_WITH_CGI @@ -2941,6 +3432,21 @@ lws_pvo_search(const struct lws_protocol_vhost_options *pvo, const char *name) return pvo; } +int +lws_pvo_get_str(void *in, const char *name, const char **result) +{ + const struct lws_protocol_vhost_options *pv = + lws_pvo_search((const struct lws_protocol_vhost_options *)in, + name); + + if (!pv) + return 1; + + *result = (const char *)pv->value; + + return 0; +} + void lws_sum_stats(const struct lws_context *ctx, struct lws_conn_stats *cs) { @@ -3255,9 +3761,10 @@ LWS_VISIBLE LWS_EXTERN void lws_stats_log_dump(struct lws_context *context) { struct lws_vhost *v = context->vhost_list; - int n, m; - - (void)m; + int n; +#if defined(LWS_WITH_PEER_LIMITS) + int m; +#endif if (!context->updated) return; diff --git a/thirdparty/libwebsockets/core/output.c b/thirdparty/libwebsockets/lib/core/output.c index 11965a06b9..49d289db40 100644 --- a/thirdparty/libwebsockets/core/output.c +++ b/thirdparty/libwebsockets/lib/core/output.c @@ -1,7 +1,7 @@ /* * libwebsockets - small server side websockets and web server implementation * - * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com> + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -29,49 +29,65 @@ int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len) struct lws_context *context = lws_get_context(wsi); struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; size_t real_len = len; - unsigned int n; + unsigned int n, m; - // lwsl_hexdump_err(buf, len); + // lwsl_notice("%s: len %d\n", __func__, (int)len); + // lwsl_hexdump_level(LLL_NOTICE, buf, len); /* * Detect if we got called twice without going through the - * event loop to handle pending. This would be caused by either - * back-to-back writes in one WRITABLE (illegal) or calling lws_write() - * from outside the WRITABLE callback (illegal). + * event loop to handle pending. Since that guarantees extending any + * existing buflist_out it's inefficient. */ - if (wsi->could_have_pending) { - lwsl_hexdump_level(LLL_ERR, buf, len); - lwsl_err("** %p: vh: %s, prot: %s, role %s: " - "Illegal back-to-back write of %lu detected...\n", + if (0 && buf && wsi->could_have_pending) { + lwsl_hexdump_level(LLL_INFO, buf, len); + lwsl_info("** %p: vh: %s, prot: %s, role %s: " + "Inefficient back-to-back write of %lu detected...\n", wsi, wsi->vhost->name, wsi->protocol->name, wsi->role_ops->name, (unsigned long)len); - // assert(0); - - return -1; } lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_API_WRITE, 1); - if (!len) - return 0; /* just ignore sends after we cleared the truncation buffer */ - if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE && !wsi->trunc_len) + if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE && + !lws_has_buffered_out(wsi) +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + && !wsi->http.comp_ctx.may_have_more +#endif + ) return (int)len; - if (wsi->trunc_len && (buf < wsi->trunc_alloc || - buf > (wsi->trunc_alloc + wsi->trunc_len + wsi->trunc_offset))) { - lwsl_hexdump_level(LLL_ERR, buf, len); - lwsl_err("** %p: vh: %s, prot: %s, Sending new %lu, pending truncated ...\n" - " It's illegal to do an lws_write outside of\n" - " the writable callback: fix your code\n", + if (buf && lws_has_buffered_out(wsi)) { + lwsl_info("** %p: vh: %s, prot: %s, incr buflist_out by %lu\n", wsi, wsi->vhost->name, wsi->protocol->name, (unsigned long)len); - assert(0); - return -1; + /* + * already buflist ahead of this, add it on the tail of the + * buflist, then ignore it for now and act like we're flushing + * the buflist... + */ + + lws_buflist_append_segment(&wsi->buflist_out, buf, len); + + buf = NULL; + len = 0; } + if (wsi->buflist_out) { + /* we have to drain the earliest buflist_out stuff first */ + + len = lws_buflist_next_segment_len(&wsi->buflist_out, &buf); + real_len = len; + + lwsl_debug("%s: draining %d\n", __func__, (int)len); + } + + if (!len || !buf) + return 0; + if (!wsi->http2_substream && !lws_socket_is_valid(wsi->desc.sockfd)) lwsl_warn("** error invalid sock but expected to send\n"); @@ -89,13 +105,15 @@ int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len) /* nope, send it on the socket directly */ lws_latency_pre(context, wsi); - n = lws_ssl_capable_write(wsi, buf, n); - lws_latency(context, wsi, "send lws_issue_raw", n, n == len); + m = lws_ssl_capable_write(wsi, buf, n); + lws_latency(context, wsi, "send lws_issue_raw", n, n == m); + + lwsl_info("%s: ssl_capable_write (%d) says %d\n", __func__, n, m); /* something got written, it can have been truncated now */ wsi->could_have_pending = 1; - switch (n) { + switch (m) { case LWS_SSL_CAPABLE_ERROR: /* we're going to close, let close know sends aren't possible */ wsi->socket_is_permanently_unusable = 1; @@ -106,24 +124,29 @@ int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len) * ie, implying treat it was a truncated send so it gets * retried */ - n = 0; + m = 0; break; } /* - * we were already handling a truncated send? + * we were sending this from buflist_out? Then not sending everything + * is a small matter of advancing ourselves only by the amount we did + * send in the buflist. */ - if (wsi->trunc_len) { - lwsl_info("%p partial adv %d (vs %ld)\n", wsi, n, (long)real_len); - wsi->trunc_offset += n; - wsi->trunc_len -= n; - - if (!wsi->trunc_len) { - lwsl_info("** %p partial send completed\n", wsi); - /* done with it, but don't free it */ - n = (int)real_len; + if (lws_has_buffered_out(wsi)) { + if (m) { + lwsl_info("%p partial adv %d (vs %ld)\n", wsi, m, + (long)real_len); + lws_buflist_use_segment(&wsi->buflist_out, m); + } + + if (!lws_has_buffered_out(wsi)) { + lwsl_info("%s: wsi %p: buflist_out flushed\n", + __func__, wsi); + + m = (int)real_len; if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE) { - lwsl_info("** %p signalling to close now\n", wsi); + lwsl_info("*%p signalling to close now\n", wsi); return -1; /* retry closing now */ } @@ -134,7 +157,8 @@ int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len) "deferred transaction completed\n", __func__); wsi->http.deferred_transaction_completed = 0; - return lws_http_transaction_completed(wsi); + return lws_http_transaction_completed(wsi) ? + -1 : (int)real_len; } #endif #endif @@ -142,43 +166,32 @@ int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len) /* always callback on writeable */ lws_callback_on_writable(wsi); - return n; + return m; } - if ((unsigned int)n == real_len) +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + if (wsi->http.comp_ctx.may_have_more) + lws_callback_on_writable(wsi); +#endif + + if (m == real_len) /* what we just sent went out cleanly */ - return n; + return m; /* - * Newly truncated send. Buffer the remainder (it will get - * first priority next time the socket is writable). + * We were not able to send everything... and we were not sending from + * an existing buflist_out. So we are starting a fresh buflist_out, by + * buffering the unsent remainder on it. + * (it will get first priority next time the socket is writable). */ - lwsl_debug("%p new partial sent %d from %lu total\n", wsi, n, + lwsl_debug("%p new partial sent %d from %lu total\n", wsi, m, (unsigned long)real_len); - lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITE_PARTIALS, 1); - lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_B_PARTIALS_ACCEPTED_PARTS, n); + lws_buflist_append_segment(&wsi->buflist_out, buf + m, real_len - m); - /* - * - if we still have a suitable malloc lying around, use it - * - or, if too small, reallocate it - * - or, if no buffer, create it - */ - if (!wsi->trunc_alloc || real_len - n > wsi->trunc_alloc_len) { - lws_free(wsi->trunc_alloc); - - wsi->trunc_alloc_len = (unsigned int)(real_len - n); - wsi->trunc_alloc = lws_malloc(real_len - n, - "truncated send alloc"); - if (!wsi->trunc_alloc) { - lwsl_err("truncated send: unable to malloc %lu\n", - (unsigned long)(real_len - n)); - return -1; - } - } - wsi->trunc_offset = 0; - wsi->trunc_len = (unsigned int)(real_len - n); - memcpy(wsi->trunc_alloc, buf + n, real_len - n); + lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITE_PARTIALS, 1); + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_B_PARTIALS_ACCEPTED_PARTS, m); #if !defined(LWS_WITH_ESP32) if (lws_wsi_is_udp(wsi)) { @@ -199,23 +212,6 @@ LWS_VISIBLE int lws_write(struct lws *wsi, unsigned char *buf, size_t len, { struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - if (wsi->parent_carries_io) { - struct lws_write_passthru pas; - - pas.buf = buf; - pas.len = len; - pas.wp = wp; - pas.wsi = wsi; - - if (wsi->parent->protocol->callback(wsi->parent, - LWS_CALLBACK_CHILD_WRITE_VIA_PARENT, - wsi->parent->user_space, - (void *)&pas, 0)) - return 1; - - return (int)len; - } - lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_API_LWS_WRITE, 1); if ((int)len < 0) { @@ -258,6 +254,10 @@ lws_ssl_capable_read_no_ssl(struct lws *wsi, unsigned char *buf, int len) n = recv(wsi->desc.sockfd, (char *)buf, len, 0); if (n >= 0) { + + if (!n && wsi->unix_skt) + return LWS_SSL_CAPABLE_ERROR; + if (wsi->vhost) wsi->vhost->conn_stats.rx += n; lws_stats_atomic_bump(context, pt, LWSSTATS_B_READ, n); @@ -270,7 +270,7 @@ lws_ssl_capable_read_no_ssl(struct lws *wsi, unsigned char *buf, int len) LWS_ERRNO == LWS_EINTR) return LWS_SSL_CAPABLE_MORE_SERVICE; - lwsl_notice("error on reading from skt : %d\n", LWS_ERRNO); + lwsl_info("error on reading from skt : %d\n", LWS_ERRNO); return LWS_SSL_CAPABLE_ERROR; } @@ -281,10 +281,13 @@ lws_ssl_capable_write_no_ssl(struct lws *wsi, unsigned char *buf, int len) if (lws_wsi_is_udp(wsi)) { #if !defined(LWS_WITH_ESP32) - if (wsi->trunc_len) - n = sendto(wsi->desc.sockfd, buf, len, 0, &wsi->udp->sa_pending, wsi->udp->salen_pending); + if (lws_has_buffered_out(wsi)) + n = sendto(wsi->desc.sockfd, (const char *)buf, + len, 0, &wsi->udp->sa_pending, + wsi->udp->salen_pending); else - n = sendto(wsi->desc.sockfd, buf, len, 0, &wsi->udp->sa, wsi->udp->salen); + n = sendto(wsi->desc.sockfd, (const char *)buf, + len, 0, &wsi->udp->sa, wsi->udp->salen); #endif } else n = send(wsi->desc.sockfd, (char *)buf, len, MSG_NOSIGNAL); @@ -303,7 +306,7 @@ lws_ssl_capable_write_no_ssl(struct lws *wsi, unsigned char *buf, int len) } lwsl_debug("ERROR writing len %d to skt fd %d err %d / errno %d\n", - len, wsi->desc.sockfd, n, LWS_ERRNO); + len, wsi->desc.sockfd, n, LWS_ERRNO); return LWS_SSL_CAPABLE_ERROR; } diff --git a/thirdparty/libwebsockets/core/pollfd.c b/thirdparty/libwebsockets/lib/core/pollfd.c index 2a632ce8ec..834298577a 100644 --- a/thirdparty/libwebsockets/core/pollfd.c +++ b/thirdparty/libwebsockets/lib/core/pollfd.c @@ -134,7 +134,8 @@ _lws_change_pollfd(struct lws *wsi, int _and, int _or, struct lws_pollargs *pa) pfd = &pt->fds[wsi->position_in_fds_table]; pa->fd = wsi->desc.sockfd; - lwsl_debug("%s: wsi %p: fd %d events %d -> %d\n", __func__, wsi, pa->fd, pfd->events, (pfd->events & ~_and) | _or); + lwsl_debug("%s: wsi %p: fd %d events %d -> %d\n", __func__, wsi, + pa->fd, pfd->events, (pfd->events & ~_and) | _or); pa->prev_events = pfd->events; pa->events = pfd->events = (pfd->events & ~_and) | _or; @@ -182,7 +183,7 @@ _lws_change_pollfd(struct lws *wsi, int _and, int _or, struct lws_pollargs *pa) ret = -1; goto bail; } - sampled_tid = context->service_tid; + sampled_tid = pt->service_tid; if (sampled_tid && wsi->vhost) { tid = wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_GET_THREAD_ID, NULL, NULL, 0); @@ -245,7 +246,8 @@ __insert_wsi_socket_into_fds(struct lws_context *context, struct lws *wsi) #if !defined(_WIN32) if (wsi->desc.sockfd - lws_plat_socket_offset() >= context->max_fds) { lwsl_err("Socket fd %d is too high (%d) offset %d\n", - wsi->desc.sockfd, context->max_fds, lws_plat_socket_offset()); + wsi->desc.sockfd, context->max_fds, + lws_plat_socket_offset()); return 1; } #endif @@ -298,11 +300,6 @@ __remove_wsi_socket_from_fds(struct lws *wsi) int v; int m, ret = 0; - if (wsi->parent_carries_io) { - lws_same_vh_protocol_remove(wsi); - return 0; - } - #if !defined(_WIN32) if (wsi->desc.sockfd - lws_plat_socket_offset() > context->max_fds) { lwsl_err("fd %d too high (%d)\n", wsi->desc.sockfd, @@ -330,7 +327,7 @@ __remove_wsi_socket_from_fds(struct lws *wsi) LWS_EV_STOP | LWS_EV_READ | LWS_EV_WRITE | LWS_EV_PREPARE_DELETION); - lwsl_debug("%s: wsi=%p, sock=%d, fds pos=%d, end guy pos=%d, endfd=%d\n", + lwsl_debug("%s: wsi=%p, skt=%d, fds pos=%d, end guy pos=%d, endfd=%d\n", __func__, wsi, wsi->desc.sockfd, wsi->position_in_fds_table, pt->fds_count, pt->fds[pt->fds_count].fd); @@ -340,11 +337,13 @@ __remove_wsi_socket_from_fds(struct lws *wsi) pt->fds[m] = pt->fds[pt->fds_count - 1]; /* this decrements pt->fds_count */ lws_plat_delete_socket_from_fds(context, wsi, m); + pt->count_conns--; v = (int) pt->fds[m].fd; - /* end guy's "position in fds table" is now the deletion guy's old one */ + /* end guy's "position in fds table" is now the deletion + * guy's old one */ end_wsi = wsi_from_fd(context, v); if (!end_wsi) { - lwsl_err("no wsi for fd %d at pos %d, pt->fds_count=%d\n", + lwsl_err("no wsi for fd %d pos %d, pt->fds_count=%d\n", (int)pt->fds[m].fd, m, pt->fds_count); assert(0); } else @@ -426,7 +425,6 @@ LWS_VISIBLE int lws_callback_on_writable(struct lws *wsi) { struct lws_context_per_thread *pt; - int n; if (lwsi_state(wsi) == LRS_SHUTDOWN) return 0; @@ -436,26 +434,10 @@ lws_callback_on_writable(struct lws *wsi) pt = &wsi->context->pt[(int)wsi->tsi]; - if (wsi->parent_carries_io) { -#if defined(LWS_WITH_STATS) - if (!wsi->active_writable_req_us) { - wsi->active_writable_req_us = time_in_microseconds(); - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_WRITEABLE_CB_EFF_REQ, 1); - } -#endif - n = lws_callback_on_writable(wsi->parent); - if (n < 0) - return n; - - wsi->parent_pending_cb_on_writable = 1; - return 1; - } - lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITEABLE_CB_REQ, 1); #if defined(LWS_WITH_STATS) if (!wsi->active_writable_req_us) { - wsi->active_writable_req_us = time_in_microseconds(); + wsi->active_writable_req_us = lws_time_in_microseconds(); lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITEABLE_CB_EFF_REQ, 1); } @@ -493,64 +475,33 @@ lws_callback_on_writable(struct lws *wsi) void lws_same_vh_protocol_insert(struct lws *wsi, int n) { - if (wsi->same_vh_protocol_prev || wsi->same_vh_protocol_next) { - lws_same_vh_protocol_remove(wsi); - lwsl_notice("Attempted to attach wsi twice to same vh prot\n"); - } - lws_vhost_lock(wsi->vhost); - wsi->same_vh_protocol_prev = &wsi->vhost->same_vh_protocol_list[n]; - /* old first guy is our next */ - wsi->same_vh_protocol_next = wsi->vhost->same_vh_protocol_list[n]; - /* we become the new first guy */ - wsi->vhost->same_vh_protocol_list[n] = wsi; + if (!lws_dll_is_null(&wsi->same_vh_protocol)) + lws_dll_lws_remove(&wsi->same_vh_protocol); - if (wsi->same_vh_protocol_next) - /* old first guy points back to us now */ - wsi->same_vh_protocol_next->same_vh_protocol_prev = - &wsi->same_vh_protocol_next; - - wsi->on_same_vh_list = 1; + lws_dll_lws_add_front(&wsi->same_vh_protocol, + &wsi->vhost->same_vh_protocol_heads[n]); lws_vhost_unlock(wsi->vhost); } void -lws_same_vh_protocol_remove(struct lws *wsi) +__lws_same_vh_protocol_remove(struct lws *wsi) { - /* - * detach ourselves from vh protocol list if we're on one - * A -> B -> C - * A -> C , or, B -> C, or A -> B - * - * OK to call on already-detached wsi - */ - lwsl_info("%s: removing same prot wsi %p\n", __func__, wsi); + if (!lws_dll_is_null(&wsi->same_vh_protocol)) + lws_dll_lws_remove(&wsi->same_vh_protocol); +} - if (!wsi->vhost || !wsi->on_same_vh_list) +void +lws_same_vh_protocol_remove(struct lws *wsi) +{ + if (!wsi->vhost) return; lws_vhost_lock(wsi->vhost); - if (wsi->same_vh_protocol_prev) { - assert (*(wsi->same_vh_protocol_prev) == wsi); - lwsl_info("have prev %p, setting him to our next %p\n", - wsi->same_vh_protocol_prev, - wsi->same_vh_protocol_next); - - /* guy who pointed to us should point to our next */ - *(wsi->same_vh_protocol_prev) = wsi->same_vh_protocol_next; - } - - /* our next should point back to our prev */ - if (wsi->same_vh_protocol_next) - wsi->same_vh_protocol_next->same_vh_protocol_prev = - wsi->same_vh_protocol_prev; - - wsi->same_vh_protocol_prev = NULL; - wsi->same_vh_protocol_next = NULL; - wsi->on_same_vh_list = 0; + __lws_same_vh_protocol_remove(wsi); lws_vhost_unlock(wsi->vhost); } @@ -558,9 +509,10 @@ lws_same_vh_protocol_remove(struct lws *wsi) LWS_VISIBLE int lws_callback_on_writable_all_protocol_vhost(const struct lws_vhost *vhost, - const struct lws_protocols *protocol) + const struct lws_protocols *protocol) { struct lws *wsi; + int n; if (protocol < vhost->protocols || protocol >= (vhost->protocols + vhost->count_protocols)) { @@ -571,18 +523,16 @@ lws_callback_on_writable_all_protocol_vhost(const struct lws_vhost *vhost, return -1; } - wsi = vhost->same_vh_protocol_list[protocol - vhost->protocols]; - while (wsi) { - assert(wsi->protocol == protocol); - assert(*wsi->same_vh_protocol_prev == wsi); - if (wsi->same_vh_protocol_next) - assert(wsi->same_vh_protocol_next-> - same_vh_protocol_prev == - &wsi->same_vh_protocol_next); + n = (int)(protocol - vhost->protocols); + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + vhost->same_vh_protocol_heads[n].next) { + wsi = lws_container_of(d, struct lws, same_vh_protocol); + + assert(wsi->protocol == protocol); lws_callback_on_writable(wsi); - wsi = wsi->same_vh_protocol_next; - } + + } lws_end_foreach_dll_safe(d, d1); return 0; } @@ -602,7 +552,7 @@ lws_callback_on_writable_all_protocol(const struct lws_context *context, while (vhost) { for (n = 0; n < vhost->count_protocols; n++) if (protocol->callback == - vhost->protocols[n].callback && + vhost->protocols[n].callback && !strcmp(protocol->name, vhost->protocols[n].name)) break; if (n != vhost->count_protocols) diff --git a/thirdparty/libwebsockets/core/private.h b/thirdparty/libwebsockets/lib/core/private.h index 73748b0498..c1a0a661b1 100644 --- a/thirdparty/libwebsockets/core/private.h +++ b/thirdparty/libwebsockets/lib/core/private.h @@ -36,10 +36,6 @@ typedef float _Float128x; #endif -#ifdef LWS_HAVE_SYS_TYPES_H - #include <sys/types.h> -#endif - #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -48,271 +44,17 @@ #include <limits.h> #include <stdarg.h> #include <inttypes.h> - -#if defined(LWS_WITH_ESP32) - #define MSG_NOSIGNAL 0 - #define SOMAXCONN 3 -#endif - -#define STORE_IN_ROM #include <assert.h> -#if LWS_MAX_SMP > 1 - #include <pthread.h> -#endif - -#ifdef LWS_HAVE_SYS_STAT_H - #include <sys/stat.h> -#endif - -#if defined(WIN32) || defined(_WIN32) - - #ifndef WIN32_LEAN_AND_MEAN - #define WIN32_LEAN_AND_MEAN - #endif - - #if (WINVER < 0x0501) - #undef WINVER - #undef _WIN32_WINNT - #define WINVER 0x0501 - #define _WIN32_WINNT WINVER - #endif - - #define LWS_NO_DAEMONIZE - #define LWS_ERRNO WSAGetLastError() - #define LWS_EAGAIN WSAEWOULDBLOCK - #define LWS_EALREADY WSAEALREADY - #define LWS_EINPROGRESS WSAEINPROGRESS - #define LWS_EINTR WSAEINTR - #define LWS_EISCONN WSAEISCONN - #define LWS_EWOULDBLOCK WSAEWOULDBLOCK - #define MSG_NOSIGNAL 0 - #define SHUT_RDWR SD_BOTH - #define SOL_TCP IPPROTO_TCP - #define SHUT_WR SD_SEND - - #define compatible_close(fd) closesocket(fd) - #define lws_set_blocking_send(wsi) wsi->sock_send_blocking = 1 - #define LWS_SOCK_INVALID (INVALID_SOCKET) - - #include <winsock2.h> - #include <ws2tcpip.h> - #include <windows.h> - #include <tchar.h> - #ifdef LWS_HAVE_IN6ADDR_H - #include <in6addr.h> - #endif - #include <mstcpip.h> - #include <io.h> - - #if !defined(LWS_HAVE_ATOLL) - #if defined(LWS_HAVE__ATOI64) - #define atoll _atoi64 - #else - #warning No atoll or _atoi64 available, using atoi - #define atoll atoi - #endif - #endif - - #ifndef __func__ - #define __func__ __FUNCTION__ - #endif - - #ifdef LWS_HAVE__VSNPRINTF - #define vsnprintf _vsnprintf - #endif - /* we don't have an implementation for this on windows... */ - int kill(int pid, int sig); - int fork(void); - #ifndef SIGINT - #define SIGINT 2 - #endif - -#else /* not windows --> */ - - #include <fcntl.h> - #include <strings.h> - #include <unistd.h> +#ifdef LWS_HAVE_SYS_TYPES_H #include <sys/types.h> - - #ifndef __cplusplus - #include <errno.h> - #endif - #include <netdb.h> - #include <signal.h> - #include <sys/socket.h> - - #if defined(LWS_BUILTIN_GETIFADDRS) - #include "./misc/getifaddrs.h" - #else - #if !defined(LWS_WITH_ESP32) - #if defined(__HAIKU__) - #define _BSD_SOURCE - #endif - #include <ifaddrs.h> - #endif - #endif - #if defined (__ANDROID__) - #include <syslog.h> - #include <sys/resource.h> - #elif defined (__sun) || defined(__HAIKU__) || defined(__QNX__) - #include <syslog.h> - #else - #if !defined(LWS_WITH_ESP32) - #include <sys/syslog.h> - #endif - #endif - #include <netdb.h> - #if !defined(LWS_WITH_ESP32) - #include <sys/mman.h> - #include <sys/un.h> - #include <netinet/in.h> - #include <netinet/tcp.h> - #include <arpa/inet.h> - #include <poll.h> - #endif - #ifndef LWS_NO_FORK - #ifdef LWS_HAVE_SYS_PRCTL_H - #include <sys/prctl.h> - #endif - #endif - - #include <sys/time.h> - - #define LWS_ERRNO errno - #define LWS_EAGAIN EAGAIN - #define LWS_EALREADY EALREADY - #define LWS_EINPROGRESS EINPROGRESS - #define LWS_EINTR EINTR - #define LWS_EISCONN EISCONN - #define LWS_EWOULDBLOCK EWOULDBLOCK - - #define lws_set_blocking_send(wsi) - - #define LWS_SOCK_INVALID (-1) -#endif /* not windows */ - -#ifndef LWS_HAVE_BZERO - #ifndef bzero - #define bzero(b, len) (memset((b), '\0', (len)), (void) 0) - #endif #endif - -#ifndef LWS_HAVE_STRERROR - #define strerror(x) "" -#endif - - -#define lws_socket_is_valid(x) (x != LWS_SOCK_INVALID) - -#include "libwebsockets.h" - -#include "tls/private.h" - -#if defined(WIN32) || defined(_WIN32) - #include <gettimeofday.h> - - #ifndef BIG_ENDIAN - #define BIG_ENDIAN 4321 /* to show byte order (taken from gcc) */ - #endif - #ifndef LITTLE_ENDIAN - #define LITTLE_ENDIAN 1234 - #endif - #ifndef BYTE_ORDER - #define BYTE_ORDER LITTLE_ENDIAN - #endif - - #undef __P - #ifndef __P - #if __STDC__ - #define __P(protos) protos - #else - #define __P(protos) () - #endif - #endif - -#else /* not windows */ - static LWS_INLINE int compatible_close(int fd) { return close(fd); } - +#ifdef LWS_HAVE_SYS_STAT_H #include <sys/stat.h> - #include <sys/time.h> - - #if defined(__APPLE__) - #include <machine/endian.h> - #elif defined(__FreeBSD__) - #include <sys/endian.h> - #elif defined(__linux__) - #include <endian.h> - #endif -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(__QNX__) - #include <gulliver.h> - #if defined(__LITTLEENDIAN__) - #define BYTE_ORDER __LITTLEENDIAN__ - #define LITTLE_ENDIAN __LITTLEENDIAN__ - #define BIG_ENDIAN 4321 /* to show byte order (taken from gcc); for suppres warning that BIG_ENDIAN is not defined. */ - #endif - #if defined(__BIGENDIAN__) - #define BYTE_ORDER __BIGENDIAN__ - #define LITTLE_ENDIAN 1234 /* to show byte order (taken from gcc); for suppres warning that LITTLE_ENDIAN is not defined. */ - #define BIG_ENDIAN __BIGENDIAN__ - #endif -#endif - -#if defined(__sun) && defined(__GNUC__) - - #include <arpa/nameser_compat.h> - - #if !defined (BYTE_ORDER) - #define BYTE_ORDER __BYTE_ORDER__ - #endif - - #if !defined(LITTLE_ENDIAN) - #define LITTLE_ENDIAN __ORDER_LITTLE_ENDIAN__ - #endif - - #if !defined(BIG_ENDIAN) - #define BIG_ENDIAN __ORDER_BIG_ENDIAN__ - #endif - -#endif /* sun + GNUC */ - -#if !defined(BYTE_ORDER) - #define BYTE_ORDER __BYTE_ORDER -#endif -#if !defined(LITTLE_ENDIAN) - #define LITTLE_ENDIAN __LITTLE_ENDIAN -#endif -#if !defined(BIG_ENDIAN) - #define BIG_ENDIAN __BIG_ENDIAN -#endif - - -/* - * Mac OSX as well as iOS do not define the MSG_NOSIGNAL flag, - * but happily have something equivalent in the SO_NOSIGPIPE flag. - */ -#ifdef __APPLE__ -#define MSG_NOSIGNAL SO_NOSIGPIPE -#endif - -/* - * Solaris 11.X only supports POSIX 2001, MSG_NOSIGNAL appears in - * POSIX 2008. - */ -#ifdef __sun - #define MSG_NOSIGNAL 0 #endif -#ifdef _WIN32 - #ifndef FD_HASHTABLE_MODULUS - #define FD_HASHTABLE_MODULUS 32 - #endif +#if LWS_MAX_SMP > 1 + #include <pthread.h> #endif #ifndef LWS_DEF_HEADER_LEN @@ -351,6 +93,49 @@ extern "C" { #define LWS_H2_RX_SCRATCH_SIZE 512 +#define lws_socket_is_valid(x) (x != LWS_SOCK_INVALID) + +#ifndef LWS_HAVE_STRERROR + #define strerror(x) "" +#endif + + /* + * + * ------ private platform defines ------ + * + */ + +#if defined(LWS_WITH_ESP32) + #include "plat/esp32/private.h" +#else + #if defined(WIN32) || defined(_WIN32) + #include "plat/windows/private.h" + #else + #if defined(LWS_PLAT_OPTEE) + #include "plat/optee/private.h" + #else + #include "plat/unix/private.h" + #endif + #endif +#endif + +#ifndef LWS_HAVE_BZERO + #ifndef bzero + #define bzero(b, len) (memset((b), '\0', (len)), (void) 0) + #endif +#endif + + /* + * + * ------ public api ------ + * + */ + +#include "libwebsockets.h" + + +#include "tls/private.h" + #if defined(WIN32) || defined(_WIN32) // Visual studio older than 2015 and WIN_CE has only _stricmp #if (defined(_MSC_VER) && _MSC_VER < 1900) || defined(_WIN32_WCE) @@ -361,6 +146,14 @@ extern "C" { #define getdtablesize() 30000 #endif +#ifndef LWS_ARRAY_SIZE +#define LWS_ARRAY_SIZE(x) (sizeof(x) / sizeof(x[0])) +#endif + +#ifdef __cplusplus +extern "C" { +#endif + /* * All lws_tls...() functions must return this type, converting the * native backend result and doing the extra work to determine which one @@ -371,11 +164,11 @@ extern "C" { * Non-SSL mode also uses these types. */ enum lws_ssl_capable_status { - LWS_SSL_CAPABLE_ERROR = -1, /* it failed */ - LWS_SSL_CAPABLE_DONE = 0, /* it succeeded */ - LWS_SSL_CAPABLE_MORE_SERVICE_READ = -2, /* retry WANT_READ */ - LWS_SSL_CAPABLE_MORE_SERVICE_WRITE = -3, /* retry WANT_WRITE */ - LWS_SSL_CAPABLE_MORE_SERVICE = -4, /* general retry */ + LWS_SSL_CAPABLE_ERROR = -1, /* it failed */ + LWS_SSL_CAPABLE_DONE = 0, /* it succeeded */ + LWS_SSL_CAPABLE_MORE_SERVICE_READ = -2, /* retry WANT_READ */ + LWS_SSL_CAPABLE_MORE_SERVICE_WRITE = -3, /* retry WANT_WRITE */ + LWS_SSL_CAPABLE_MORE_SERVICE = -4, /* general retry */ }; #if defined(__clang__) @@ -517,14 +310,6 @@ struct lws_signal_watcher { struct lws_context *context; }; -#ifdef _WIN32 -#define LWS_FD_HASH(fd) ((fd ^ (fd >> 8) ^ (fd >> 16)) % FD_HASHTABLE_MODULUS) -struct lws_fd_hashtable { - struct lws **wsi; - int length; -}; -#endif - struct lws_foreign_thread_pollfd { struct lws_foreign_thread_pollfd *next; int fd_index; @@ -532,6 +317,28 @@ struct lws_foreign_thread_pollfd { int _or; }; +#if LWS_MAX_SMP > 1 + +struct lws_mutex_refcount { + pthread_mutex_t lock; + pthread_t lock_owner; + const char *last_lock_reason; + char lock_depth; + char metadata; +}; + +void +lws_mutex_refcount_init(struct lws_mutex_refcount *mr); + +void +lws_mutex_refcount_destroy(struct lws_mutex_refcount *mr); + +void +lws_mutex_refcount_lock(struct lws_mutex_refcount *mr, const char *reason); + +void +lws_mutex_refcount_unlock(struct lws_mutex_refcount *mr); +#endif #define LWS_HRTIMER_NOWAIT (0x7fffffffffffffffll) @@ -542,10 +349,9 @@ struct lws_foreign_thread_pollfd { struct lws_context_per_thread { #if LWS_MAX_SMP > 1 - pthread_mutex_t lock; pthread_mutex_t lock_stats; - pthread_t lock_owner; - const char *last_lock_reason; + struct lws_mutex_refcount mr; + pthread_t self; #endif struct lws_context *context; @@ -568,7 +374,7 @@ struct lws_context_per_thread { struct lws_pollfd *fds; volatile struct lws_foreign_thread_pollfd * volatile foreign_pfd_list; #ifdef _WIN32 - WSAEVENT *events; + WSAEVENT events; #endif lws_sockfd_type dummy_pipe_fds[2]; struct lws *pipe_wsi; @@ -581,6 +387,9 @@ struct lws_context_per_thread { #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) struct lws_pt_role_http http; #endif +#if defined(LWS_ROLE_DBUS) + struct lws_pt_role_dbus dbus; +#endif /* --- event library based members --- */ @@ -594,7 +403,8 @@ struct lws_context_per_thread { struct lws_pt_eventlibs_libevent event; #endif -#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBUV) || defined(LWS_WITH_LIBEVENT) +#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBUV) || \ + defined(LWS_WITH_LIBEVENT) struct lws_signal_watcher w_sigint; #endif @@ -603,12 +413,20 @@ struct lws_context_per_thread { unsigned long count_conns; unsigned int fds_count; + /* + * set to the Thread ID that's doing the service loop just before entry + * to poll indicates service thread likely idling in poll() + * volatile because other threads may check it as part of processing + * for pollfd event change. + */ + volatile int service_tid; + int service_tid_detected; + volatile unsigned char inside_poll; volatile unsigned char foreign_spinlock; unsigned char tid; - unsigned char lock_depth; unsigned char inside_service:1; unsigned char event_loop_foreign:1; unsigned char event_loop_destroy_processing_done:1; @@ -626,8 +444,10 @@ lws_sum_stats(const struct lws_context *ctx, struct lws_conn_stats *cs); struct lws_timed_vh_protocol { struct lws_timed_vh_protocol *next; const struct lws_protocols *protocol; + struct lws_vhost *vhost; /* only used for pending processing */ time_t time; int reason; + int tsi_req; }; /* @@ -655,6 +475,7 @@ struct lws_vhost { #endif #if LWS_MAX_SMP > 1 pthread_mutex_t lock; + char close_flow_vs_tsi[LWS_MAX_SMP]; #endif #if defined(LWS_ROLE_H2) @@ -683,6 +504,9 @@ struct lws_vhost { const char *name; const char *iface; + void (*finalize)(struct lws_vhost *vh, void *arg); + void *finalize_arg; + #if !defined(LWS_WITH_ESP32) && !defined(OPTEE_TA) && !defined(WIN32) int bind_iface; #endif @@ -690,7 +514,7 @@ struct lws_vhost { void **protocol_vh_privs; const struct lws_protocol_vhost_options *pvo; const struct lws_protocol_vhost_options *headers; - struct lws **same_vh_protocol_list; + struct lws_dll_lws *same_vh_protocol_heads; struct lws_vhost *no_listener_vhost_list; #if !defined(LWS_NO_CLIENT) struct lws_dll_lws dll_active_client_conns; @@ -716,6 +540,8 @@ struct lws_vhost { int keepalive_timeout; int timeout_secs_ah_idle; + int count_bound_wsi; + #ifdef LWS_WITH_ACCESS_LOG int log_fd; #endif @@ -727,6 +553,13 @@ struct lws_vhost { unsigned char raw_protocol_index; }; +void +lws_vhost_bind_wsi(struct lws_vhost *vh, struct lws *wsi); +void +lws_vhost_unbind_wsi(struct lws *wsi); +void +__lws_vhost_destroy2(struct lws_vhost *vh); + struct lws_deferred_free { struct lws_deferred_free *next; @@ -791,8 +624,7 @@ struct lws_context { struct lws_context_per_thread pt[LWS_MAX_SMP]; struct lws_conn_stats conn_stats; #if LWS_MAX_SMP > 1 - pthread_mutex_t lock; - int lock_depth; + struct lws_mutex_refcount mr; #endif #ifdef _WIN32 /* different implementation between unix and windows */ @@ -805,6 +637,11 @@ struct lws_context { struct lws_vhost *vhost_pending_destruction_list; struct lws_plugin *plugin_list; struct lws_deferred_free *deferred_free_list; + +#if defined(LWS_WITH_THREADPOOL) + struct lws_threadpool *tp_list_head; +#endif + #if defined(LWS_WITH_PEER_LIMITS) struct lws_peer **pl_hash_table; struct lws_peer *peer_wait_list; @@ -889,14 +726,6 @@ struct lws_context { unsigned int doing_protocol_init:1; unsigned int done_protocol_destroy_cb:1; unsigned int finalize_destroy_after_internal_loops_stopped:1; - /* - * set to the Thread ID that's doing the service loop just before entry - * to poll indicates service thread likely idling in poll() - * volatile because other threads may check it as part of processing - * for pollfd event change. - */ - volatile int service_tid; - int service_tid_detected; short count_threads; short plugin_protocol_count; @@ -909,7 +738,7 @@ struct lws_context { }; int -lws_check_deferred_free(struct lws_context *context, int force); +lws_check_deferred_free(struct lws_context *context, int tsi, int force); #define lws_get_context_protocol(ctx, x) ctx->vhost_list->protocols[x] #define lws_get_vh_protocol(vh, x) vh->protocols[x] @@ -945,13 +774,13 @@ enum { LWS_EV_START = (1 << 2), LWS_EV_STOP = (1 << 3), - LWS_EV_PREPARE_DELETION = (1 << 31), + LWS_EV_PREPARE_DELETION = (1u << 31), }; #if defined(LWS_WITH_ESP32) LWS_EXTERN int -lws_find_string_in_file(const char *filename, const char *string, int stringlen); +lws_find_string_in_file(const char *filename, const char *str, int stringlen); #endif #ifdef LWS_WITH_IPV6 @@ -1026,6 +855,9 @@ struct lws { #if defined(LWS_ROLE_WS) struct _lws_websocket_related *ws; /* allocated if we upgrade to ws */ #endif +#if defined(LWS_ROLE_DBUS) + struct _lws_dbus_mode_related dbus; +#endif const struct lws_role_ops *role_ops; lws_wsi_state_t wsistate; @@ -1033,7 +865,8 @@ struct lws { /* lifetime members */ -#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBUV) || defined(LWS_WITH_LIBEVENT) +#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBUV) || \ + defined(LWS_WITH_LIBEVENT) struct lws_io_watcher w_read; #endif #if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBEVENT) @@ -1049,12 +882,16 @@ struct lws { struct lws *sibling_list; /* subsequent children at same level */ const struct lws_protocols *protocol; - struct lws **same_vh_protocol_prev, *same_vh_protocol_next; + struct lws_dll_lws same_vh_protocol; struct lws_dll_lws dll_timeout; struct lws_dll_lws dll_hrtimer; struct lws_dll_lws dll_buflist; /* guys with pending rxflow */ +#if defined(LWS_WITH_THREADPOOL) + struct lws_threadpool_task *tp_task; +#endif + #if defined(LWS_WITH_PEER_LIMITS) struct lws_peer *peer; #endif @@ -1070,10 +907,8 @@ struct lws { void *user_space; void *opaque_parent_data; - struct lws_buflist *buflist; - - /* truncated send handling */ - unsigned char *trunc_alloc; /* non-NULL means buffering in progress */ + struct lws_buflist *buflist; /* input-side buflist */ + struct lws_buflist *buflist_out; /* output-side buflist */ #if defined(LWS_WITH_TLS) struct lws_lws_tls tls; @@ -1098,9 +933,7 @@ struct lws { /* ints */ #define LWS_NO_FDS_POS (-1) int position_in_fds_table; - unsigned int trunc_alloc_len; /* size of malloc */ - unsigned int trunc_offset; /* where we are in terms of spilling */ - unsigned int trunc_len; /* how much is buffered */ + #ifndef LWS_NO_CLIENT int chunk_remaining; #endif @@ -1128,18 +961,18 @@ struct lws { unsigned int waiting_to_send_close_frame:1; unsigned int close_needs_ack:1; unsigned int ipv6:1; - unsigned int parent_carries_io:1; unsigned int parent_pending_cb_on_writable:1; unsigned int cgi_stdout_zero_length:1; unsigned int seen_zero_length_recv:1; unsigned int rxflow_will_be_applied:1; unsigned int event_pipe:1; - unsigned int on_same_vh_list:1; unsigned int handling_404:1; unsigned int protocol_bind_balance:1; + unsigned int unix_skt:1; unsigned int could_have_pending:1; /* detect back-to-back writes */ unsigned int outer_will_close:1; + unsigned int shadow:1; /* we do not control fd lifecycle at all */ #ifdef LWS_WITH_ACCESS_LOG unsigned int access_log_pending:1; @@ -1194,6 +1027,9 @@ struct lws { volatile char leave_pollout_active; }; +LWS_EXTERN char * +lws_strdup(const char *s); + #define lws_is_flowcontrolled(w) (!!(wsi->rxflow_bitmap)) void @@ -1243,6 +1079,9 @@ lws_latency(struct lws_context *context, struct lws *wsi, const char *action, int ret, int completion); #endif +static LWS_INLINE int +lws_has_buffered_out(struct lws *wsi) { return !!wsi->buflist_out; } + LWS_EXTERN int LWS_WARN_UNUSED_RESULT lws_ws_client_rx_sm(struct lws *wsi, unsigned char c); @@ -1262,22 +1101,7 @@ LWS_EXTERN int lws_service_flag_pending(struct lws_context *context, int tsi); LWS_EXTERN int -lws_timed_callback_remove(struct lws_vhost *vh, struct lws_timed_vh_protocol *p); - -#if defined(_WIN32) -LWS_EXTERN struct lws * -wsi_from_fd(const struct lws_context *context, lws_sockfd_type fd); - -LWS_EXTERN int -insert_wsi(struct lws_context *context, struct lws *wsi); - -LWS_EXTERN int -delete_from_fd(struct lws_context *context, lws_sockfd_type fd); -#else -#define wsi_from_fd(A,B) A->lws_lookup[B - lws_plat_socket_offset()] -#define insert_wsi(A,B) assert(A->lws_lookup[B->desc.sockfd - lws_plat_socket_offset()] == 0); A->lws_lookup[B->desc.sockfd - lws_plat_socket_offset()]=B -#define delete_from_fd(A,B) A->lws_lookup[B - lws_plat_socket_offset()]=0 -#endif +__lws_timed_callback_remove(struct lws_vhost *vh, struct lws_timed_vh_protocol *p); LWS_EXTERN int LWS_WARN_UNUSED_RESULT __insert_wsi_socket_into_fds(struct lws_context *context, struct lws *wsi); @@ -1305,7 +1129,7 @@ LWS_EXTERN int lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd); LWS_EXTERN struct lws * -lws_client_connect_via_info2(struct lws *wsi); +lws_http_client_connect_via_info2(struct lws *wsi); @@ -1343,10 +1167,8 @@ user_callback_handle_rxflow(lws_callback_function, struct lws *wsi, void *in, size_t len); LWS_EXTERN int -lws_plat_socket_offset(void); - -LWS_EXTERN int -lws_plat_set_socket_options(struct lws_vhost *vhost, lws_sockfd_type fd); +lws_plat_set_socket_options(struct lws_vhost *vhost, lws_sockfd_type fd, + int unix_skt); LWS_EXTERN int lws_plat_check_connection_error(struct lws *wsi); @@ -1429,7 +1251,7 @@ LWS_EXTERN void lwsl_emit_stderr(int level, const char *line); static LWS_INLINE void lws_pt_mutex_init(struct lws_context_per_thread *pt) { - pthread_mutex_init(&pt->lock, NULL); + lws_mutex_refcount_init(&pt->mr); pthread_mutex_init(&pt->lock_stats, NULL); } @@ -1437,34 +1259,11 @@ static LWS_INLINE void lws_pt_mutex_destroy(struct lws_context_per_thread *pt) { pthread_mutex_destroy(&pt->lock_stats); - pthread_mutex_destroy(&pt->lock); + lws_mutex_refcount_destroy(&pt->mr); } -static LWS_INLINE void -lws_pt_lock(struct lws_context_per_thread *pt, const char *reason) -{ - if (pt->lock_owner == pthread_self()) { - pt->lock_depth++; - return; - } - pthread_mutex_lock(&pt->lock); - pt->last_lock_reason = reason; - pt->lock_owner = pthread_self(); - //lwsl_notice("tid %d: lock %s\n", pt->tid, reason); -} - -static LWS_INLINE void -lws_pt_unlock(struct lws_context_per_thread *pt) -{ - if (pt->lock_depth) { - pt->lock_depth--; - return; - } - pt->last_lock_reason = "free"; - pt->lock_owner = 0; - //lwsl_notice("tid %d: unlock %s\n", pt->tid, pt->last_lock_reason); - pthread_mutex_unlock(&pt->lock); -} +#define lws_pt_lock(pt, reason) lws_mutex_refcount_lock(&pt->mr, reason) +#define lws_pt_unlock(pt) lws_mutex_refcount_unlock(&pt->mr) static LWS_INLINE void lws_pt_stats_lock(struct lws_context_per_thread *pt) @@ -1478,17 +1277,8 @@ lws_pt_stats_unlock(struct lws_context_per_thread *pt) pthread_mutex_unlock(&pt->lock_stats); } -static LWS_INLINE void -lws_context_lock(struct lws_context *context) -{ - pthread_mutex_lock(&context->lock); -} - -static LWS_INLINE void -lws_context_unlock(struct lws_context *context) -{ - pthread_mutex_unlock(&context->lock); -} +#define lws_context_lock(c, reason) lws_mutex_refcount_lock(&c->mr, reason) +#define lws_context_unlock(c) lws_mutex_refcount_unlock(&c->mr) static LWS_INLINE void lws_vhost_lock(struct lws_vhost *vhost) @@ -1508,7 +1298,7 @@ lws_vhost_unlock(struct lws_vhost *vhost) #define lws_pt_mutex_destroy(_a) (void)(_a) #define lws_pt_lock(_a, b) (void)(_a) #define lws_pt_unlock(_a) (void)(_a) -#define lws_context_lock(_a) (void)(_a) +#define lws_context_lock(_a, _b) (void)(_a) #define lws_context_unlock(_a) (void)(_a) #define lws_vhost_lock(_a) (void)(_a) #define lws_vhost_unlock(_a) (void)(_a) @@ -1566,7 +1356,7 @@ lws_handshake_server(struct lws *wsi, unsigned char **buf, size_t len); LWS_EXTERN int lws_access_log(struct lws *wsi); LWS_EXTERN void -lws_prepare_access_log_info(struct lws *wsi, char *uri_ptr, int meth); +lws_prepare_access_log_info(struct lws *wsi, char *uri_ptr, int len, int meth); #else #define lws_access_log(_a) #endif @@ -1581,7 +1371,8 @@ int lws_protocol_init(struct lws_context *context); int -lws_bind_protocol(struct lws *wsi, const struct lws_protocols *p); +lws_bind_protocol(struct lws *wsi, const struct lws_protocols *p, + const char *reason); const struct lws_http_mount * lws_find_mount(struct lws *wsi, const char *uri_ptr, int uri_len); @@ -1605,9 +1396,6 @@ void lws_free(void *p); #define lws_free_set_NULL(P) do { lws_realloc(P, 0, "free"); (P) = NULL; } while(0) #endif -char * -lws_strdup(const char *s); - int lws_plat_pipe_create(struct lws *wsi); int @@ -1617,8 +1405,8 @@ lws_plat_pipe_close(struct lws *wsi); int lws_create_event_pipes(struct lws_context *context); -int lws_open(const char *__file, int __oflag, ...); -void lws_plat_apply_FD_CLOEXEC(int n); +int +lws_plat_apply_FD_CLOEXEC(int n); const struct lws_plat_file_ops * lws_vfs_select_fops(const struct lws_plat_file_ops *fops, const char *vfs_path, @@ -1653,27 +1441,33 @@ LWS_EXTERN int lws_plat_service(struct lws_context *context, int timeout_ms); LWS_EXTERN LWS_VISIBLE int _lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi); + +LWS_EXTERN int +lws_pthread_self_to_tsi(struct lws_context *context); + LWS_EXTERN int lws_plat_init(struct lws_context *context, const struct lws_context_creation_info *info); LWS_EXTERN void lws_plat_drop_app_privileges(const struct lws_context_creation_info *info); -LWS_EXTERN unsigned long long -time_in_microseconds(void); LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt); LWS_EXTERN int LWS_WARN_UNUSED_RESULT lws_plat_inet_pton(int af, const char *src, void *dst); +LWS_EXTERN int +lws_check_byte_utf8(unsigned char state, unsigned char c); LWS_EXTERN int LWS_WARN_UNUSED_RESULT lws_check_utf8(unsigned char *state, unsigned char *buf, size_t len); -LWS_EXTERN int alloc_file(struct lws_context *context, const char *filename, uint8_t **buf, - lws_filepos_t *amount); +LWS_EXTERN int alloc_file(struct lws_context *context, const char *filename, + uint8_t **buf, lws_filepos_t *amount); LWS_EXTERN void lws_same_vh_protocol_remove(struct lws *wsi); LWS_EXTERN void +__lws_same_vh_protocol_remove(struct lws *wsi); +LWS_EXTERN void lws_same_vh_protocol_insert(struct lws *wsi, int n); LWS_EXTERN int @@ -1703,7 +1497,8 @@ void socks_generate_msg(struct lws *wsi, enum socks_msg_type type, void lws_peer_track_wsi_close(struct lws_context *context, struct lws_peer *peer); int -lws_peer_confirm_ah_attach_ok(struct lws_context *context, struct lws_peer *peer); +lws_peer_confirm_ah_attach_ok(struct lws_context *context, + struct lws_peer *peer); void lws_peer_track_ah_detach(struct lws_context *context, struct lws_peer *peer); void @@ -1717,11 +1512,13 @@ void lws_peer_dump_from_wsi(struct lws *wsi); #endif -#ifdef LWS_WITH_HTTP_PROXY +#ifdef LWS_WITH_HUBBUB hubbub_error html_parser_cb(const hubbub_token *token, void *pw); #endif +int +lws_threadpool_tsi_context(struct lws_context *context, int tsi); void __lws_remove_from_timeout_list(struct lws *wsi); @@ -1746,11 +1543,12 @@ lws_buflist_aware_consume(struct lws *wsi, struct lws_tokens *ebuf, int used, char * -lws_generate_client_ws_handshake(struct lws *wsi, char *p); +lws_generate_client_ws_handshake(struct lws *wsi, char *p, const char *conn1); int lws_client_ws_upgrade(struct lws *wsi, const char **cce); int -lws_create_client_ws_object(struct lws_client_connect_info *i, struct lws *wsi); +lws_create_client_ws_object(const struct lws_client_connect_info *i, + struct lws *wsi); int lws_alpn_comma_to_openssl(const char *comma, uint8_t *os, int len); int @@ -1764,6 +1562,11 @@ void lws_destroy_event_pipe(struct lws *wsi); void lws_context_destroy2(struct lws_context *context); +int +lws_role_call_client_bind(struct lws *wsi, + const struct lws_client_connect_info *i); +void +lws_remove_child_from_any_parent(struct lws *wsi); #ifdef __cplusplus }; diff --git a/thirdparty/libwebsockets/core/service.c b/thirdparty/libwebsockets/lib/core/service.c index 6523058814..ef251409cb 100644 --- a/thirdparty/libwebsockets/core/service.c +++ b/thirdparty/libwebsockets/lib/core/service.c @@ -30,7 +30,7 @@ lws_callback_as_writeable(struct lws *wsi) lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITEABLE_CB, 1); #if defined(LWS_WITH_STATS) if (wsi->active_writable_req_us) { - uint64_t ul = time_in_microseconds() - + uint64_t ul = lws_time_in_microseconds() - wsi->active_writable_req_us; lws_stats_atomic_bump(wsi->context, pt, @@ -74,12 +74,13 @@ lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd) * Priority 1: pending truncated sends are incomplete ws fragments * If anything else sent first the protocol would be * corrupted. + * + * These are post- any compression transform */ - if (wsi->trunc_len) { + if (lws_has_buffered_out(wsi)) { //lwsl_notice("%s: completing partial\n", __func__); - if (lws_issue_raw(wsi, wsi->trunc_alloc + wsi->trunc_offset, - wsi->trunc_len) < 0) { + if (lws_issue_raw(wsi, NULL, 0) < 0) { lwsl_info("%s signalling to close\n", __func__); goto bail_die; } @@ -91,6 +92,28 @@ lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd) goto bail_die; /* retry closing now */ } + /* Priority 2: pre- compression transform */ + +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + if (wsi->http.comp_ctx.buflist_comp || + wsi->http.comp_ctx.may_have_more) { + enum lws_write_protocol wp = LWS_WRITE_HTTP; + + lwsl_info("%s: completing comp partial (buflist_comp %p, may %d)\n", + __func__, wsi->http.comp_ctx.buflist_comp, + wsi->http.comp_ctx.may_have_more + ); + + if (wsi->role_ops->write_role_protocol(wsi, NULL, 0, &wp) < 0) { + lwsl_info("%s signalling to close\n", __func__); + goto bail_die; + } + lws_callback_on_writable(wsi); + + goto bail_ok; + } +#endif + #ifdef LWS_WITH_CGI /* * A cgi master's wire protocol remains h1 or h2. He is just getting @@ -126,13 +149,6 @@ lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd) /* one shot */ - if (wsi->parent_carries_io) { - vwsi->handling_pollout = 0; - vwsi->leave_pollout_active = 0; - - return lws_callback_as_writeable(wsi); - } - if (pollfd) { int eff = vwsi->leave_pollout_active; @@ -216,7 +232,9 @@ static int __lws_service_timeout_check(struct lws *wsi, time_t sec) { struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) int n = 0; +#endif (void)n; @@ -228,9 +246,11 @@ __lws_service_timeout_check(struct lws *wsi, time_t sec) lws_compare_time_t(wsi->context, sec, wsi->pending_timeout_set) > wsi->pending_timeout_limit) { +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) if (wsi->desc.sockfd != LWS_SOCK_INVALID && wsi->position_in_fds_table >= 0) n = pt->fds[wsi->position_in_fds_table].events; +#endif lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_TIMEOUTS, 1); @@ -318,9 +338,10 @@ lws_service_adjust_timeout(struct lws_context *context, int timeout_ms, int tsi) { struct lws_context_per_thread *pt = &context->pt[tsi]; - /* Figure out if we really want to wait in poll() - * We only need to wait if really nothing already to do and we have - * to wait for something from network + /* + * Figure out if we really want to wait in poll()... we only need to + * wait if really nothing already to do and we have to wait for + * something from network */ #if defined(LWS_ROLE_WS) && !defined(LWS_WITHOUT_EXTENSIONS) /* 1) if we know we are draining rx ext, do not wait in poll */ @@ -328,23 +349,31 @@ lws_service_adjust_timeout(struct lws_context *context, int timeout_ms, int tsi) return 0; #endif - /* 2) if we know we have non-network pending data, do not wait in poll */ + /* 2) if we know we have non-network pending data, + * do not wait in poll */ if (pt->context->tls_ops && - pt->context->tls_ops->fake_POLLIN_for_buffered) - if (pt->context->tls_ops->fake_POLLIN_for_buffered(pt)) + pt->context->tls_ops->fake_POLLIN_for_buffered && + pt->context->tls_ops->fake_POLLIN_for_buffered(pt)) return 0; - /* 3) If there is any wsi with rxflow buffered and in a state to process + /* + * 3) If there is any wsi with rxflow buffered and in a state to process * it, we should not wait in poll */ - lws_start_foreach_dll(struct lws_dll_lws *, d, pt->dll_head_buflist.next) { + lws_start_foreach_dll(struct lws_dll_lws *, d, + pt->dll_head_buflist.next) { struct lws *wsi = lws_container_of(d, struct lws, dll_buflist); if (lwsi_state(wsi) != LRS_DEFERRING_ACTION) return 0; + /* + * 4) If any guys with http compression to spill, we shouldn't wait in + * poll but hurry along and service them + */ + } lws_end_foreach_dll(d); return timeout_ms; @@ -431,8 +460,10 @@ lws_buflist_aware_consume(struct lws *wsi, struct lws_tokens *ebuf, int used, if (m < 0) return 1; /* OOM */ if (m) { - lwsl_debug("%s: added %p to rxflow list\n", __func__, wsi); - lws_dll_lws_add_front(&wsi->dll_buflist, &pt->dll_head_buflist); + lwsl_debug("%s: added %p to rxflow list\n", + __func__, wsi); + lws_dll_lws_add_front(&wsi->dll_buflist, + &pt->dll_head_buflist); } } @@ -487,10 +518,6 @@ int lws_service_flag_pending(struct lws_context *context, int tsi) { struct lws_context_per_thread *pt = &context->pt[tsi]; - -#if defined(LWS_WITH_TLS) - struct lws *wsi, *wsi_next; -#endif int forced = 0; lws_pt_lock(pt, __func__); @@ -520,9 +547,11 @@ lws_service_flag_pending(struct lws_context *context, int tsi) * service to use up the buffered incoming data, even though their * network socket may have nothing */ - wsi = pt->tls.pending_read_list; - while (wsi) { - wsi_next = wsi->tls.pending_read_list_next; + lws_start_foreach_dll_safe(struct lws_dll_lws *, p, p1, + pt->tls.pending_tls_head.next) { + struct lws *wsi = lws_container_of(p, struct lws, + tls.pending_tls_list); + pt->fds[wsi->position_in_fds_table].revents |= pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN; if (pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN) { @@ -536,8 +565,7 @@ lws_service_flag_pending(struct lws_context *context, int tsi) __lws_ssl_remove_wsi_from_buffered_list(wsi); } - wsi = wsi_next; - } + } lws_end_foreach_dll_safe(p, p1); #endif lws_pt_unlock(pt); @@ -550,18 +578,21 @@ lws_service_periodic_checks(struct lws_context *context, struct lws_pollfd *pollfd, int tsi) { struct lws_context_per_thread *pt = &context->pt[tsi]; + struct lws_timed_vh_protocol *tmr; lws_sockfd_type our_fd = 0, tmp_fd; struct lws *wsi; int timed_out = 0; time_t now; #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) struct allocated_headers *ah; - int m; + int n, m; #endif if (!context->protocol_init_done) - if (lws_protocol_init(context)) + if (lws_protocol_init(context)) { + lwsl_err("%s: lws_protocol_init failed\n", __func__); return -1; + } time(&now); @@ -609,7 +640,7 @@ lws_service_periodic_checks(struct lws_context *context, #endif lws_plat_service_periodic(context); - lws_check_deferred_free(context, 0); + lws_check_deferred_free(context, tsi, 0); #if defined(LWS_WITH_PEER_LIMITS) lws_peer_cull_peer_wait_list(context); @@ -631,7 +662,7 @@ lws_service_periodic_checks(struct lws_context *context, our_fd = pollfd->fd; /* - * Phase 1: check every wsi on the timeout check list + * Phase 1: check every wsi on our pt's timeout check list */ lws_pt_lock(pt, __func__); @@ -701,8 +732,7 @@ lws_service_periodic_checks(struct lws_context *context, continue; } - if (lws_hdr_copy(wsi, buf, - sizeof buf, m) > 0) { + if (lws_hdr_copy(wsi, buf, sizeof buf, m) > 0) { buf[sizeof(buf) - 1] = '\0'; lwsl_notice(" %s = %s\n", @@ -749,37 +779,126 @@ lws_service_periodic_checks(struct lws_context *context, * Phase 3: vhost / protocol timer callbacks */ - wsi = NULL; + /* 3a: lock, collect, and remove vh timers that are pending */ + + lws_context_lock(context, "expired vh timers"); /* context ---------- */ + + n = 0; + + /* + * first, under the context lock, get a count of the number of + * expired timers so we can allocate for them (or not, cleanly) + */ + lws_start_foreach_ll(struct lws_vhost *, v, context->vhost_list) { - struct lws_timed_vh_protocol *nx; + if (v->timed_vh_protocol_list) { - lws_start_foreach_ll(struct lws_timed_vh_protocol *, - q, v->timed_vh_protocol_list) { - if (now >= q->time) { - if (!wsi) - wsi = lws_zalloc(sizeof(*wsi), "cbwsi"); - wsi->context = context; - wsi->vhost = v; - wsi->protocol = q->protocol; - lwsl_debug("timed cb: vh %s, protocol %s, reason %d\n", v->name, q->protocol->name, q->reason); - q->protocol->callback(wsi, q->reason, NULL, NULL, 0); - nx = q->next; - lws_timed_callback_remove(v, q); - q = nx; - continue; /* we pointed ourselves to the next from the now-deleted guy */ - } - } lws_end_foreach_ll(q, next); + + lws_start_foreach_ll_safe(struct lws_timed_vh_protocol *, + q, v->timed_vh_protocol_list, next) { + if (now >= q->time && q->tsi_req == tsi) + n++; + } lws_end_foreach_ll_safe(q); } + } lws_end_foreach_ll(v, vhost_next); - if (wsi) + + /* if nothing to do, unlock and move on to the next vhost */ + + if (!n) { + lws_context_unlock(context); /* ----------- context */ + goto vh_timers_done; + } + + /* + * attempt to do the wsi and timer info allocation + * first en bloc. If it fails, we can just skip the rest and + * the timers will still be pending next time. + */ + + wsi = lws_zalloc(sizeof(*wsi), "cbwsi"); + if (!wsi) { + /* + * at this point, we haven't cleared any vhost + * timers. We can fail out and retry cleanly + * next periodic check + */ + lws_context_unlock(context); /* ----------- context */ + goto vh_timers_done; + } + wsi->context = context; + + tmr = lws_zalloc(sizeof(*tmr) * n, "cbtmr"); + if (!tmr) { + /* again OOM here can be handled cleanly */ lws_free(wsi); + lws_context_unlock(context); /* ----------- context */ + goto vh_timers_done; + } + + /* so we have the allocation for n pending timers... */ + + m = 0; + lws_start_foreach_ll(struct lws_vhost *, v, context->vhost_list) { + + if (v->timed_vh_protocol_list) { + + lws_vhost_lock(v); /* vhost ------------------------- */ + + lws_start_foreach_ll_safe(struct lws_timed_vh_protocol *, + q, v->timed_vh_protocol_list, next) { + + /* only do n */ + if (m == n) + break; + + if (now >= q->time && q->tsi_req == tsi) { + + /* + * tmr is an allocated array. + * Ignore the linked-list. + */ + tmr[m].vhost = v; + tmr[m].protocol = q->protocol; + tmr[m++].reason = q->reason; + + /* take the timer out now we took + * responsibility */ + __lws_timed_callback_remove(v, q); + } + + } lws_end_foreach_ll_safe(q); + + lws_vhost_unlock(v); /* ----------------------- vhost */ + } + + } lws_end_foreach_ll(v, vhost_next); + lws_context_unlock(context); /* ---------------------------- context */ + + /* 3b: call the vh timer callbacks outside any lock */ + + for (m = 0; m < n; m++) { + + wsi->vhost = tmr[m].vhost; /* not a real bound wsi */ + wsi->protocol = tmr[m].protocol; + + lwsl_debug("%s: timed cb: vh %s, protocol %s, reason %d\n", + __func__, tmr[m].vhost->name, tmr[m].protocol->name, + tmr[m].reason); + tmr[m].protocol->callback(wsi, tmr[m].reason, NULL, NULL, 0); + } + + lws_free(tmr); + lws_free(wsi); + +vh_timers_done: /* * Phase 4: check for unconfigured vhosts due to required * interface missing before */ - lws_context_lock(context); + lws_context_lock(context, "periodic checks"); lws_start_foreach_llp(struct lws_vhost **, pv, context->no_listener_vhost_list) { struct lws_vhost *v = *pv; @@ -812,7 +931,7 @@ lws_service_periodic_checks(struct lws_context *context, context->tls_ops->periodic_housekeeping) context->tls_ops->periodic_housekeeping(context, now); - return timed_out; + return 0; } LWS_VISIBLE int @@ -825,9 +944,11 @@ lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, if (!context || context->being_destroyed1) return -1; - /* the socket we came to service timed out, nothing to do */ - if (lws_service_periodic_checks(context, pollfd, tsi) || !pollfd) - return 0; + /* the case there's no pollfd to service, we just want to do periodic */ + if (!pollfd) { + lws_service_periodic_checks(context, pollfd, tsi); + return -2; + } /* no, here to service a socket descriptor */ wsi = wsi_from_fd(context, pollfd->fd); @@ -923,6 +1044,9 @@ handled: #endif pollfd->revents = 0; + /* check the timeout situation if we didn't in the last second */ + lws_service_periodic_checks(context, pollfd, tsi); + lws_pt_lock(pt, __func__); __lws_hrtimer_service(pt); lws_pt_unlock(pt); @@ -969,6 +1093,9 @@ lws_service_tsi(struct lws_context *context, int timeout_ms, int tsi) int n; pt->inside_service = 1; +#if LWS_MAX_SMP > 1 + pt->self = pthread_self(); +#endif if (context->event_loop_ops->run_pt) { /* we are configured for an event loop */ diff --git a/thirdparty/libwebsockets/event-libs/poll/poll.c b/thirdparty/libwebsockets/lib/event-libs/poll/poll.c index 09af5b15d8..09af5b15d8 100644 --- a/thirdparty/libwebsockets/event-libs/poll/poll.c +++ b/thirdparty/libwebsockets/lib/event-libs/poll/poll.c diff --git a/thirdparty/libwebsockets/event-libs/poll/private.h b/thirdparty/libwebsockets/lib/event-libs/poll/private.h index ca313ebfb0..ca313ebfb0 100644 --- a/thirdparty/libwebsockets/event-libs/poll/private.h +++ b/thirdparty/libwebsockets/lib/event-libs/poll/private.h diff --git a/thirdparty/libwebsockets/event-libs/private.h b/thirdparty/libwebsockets/lib/event-libs/private.h index c36d39c8c2..58bca946b5 100644 --- a/thirdparty/libwebsockets/event-libs/private.h +++ b/thirdparty/libwebsockets/lib/event-libs/private.h @@ -41,7 +41,7 @@ struct lws_event_loop_ops { /* close handle manually */ void (*close_handle_manually)(struct lws *wsi); /* event loop accept processing */ - void (*accept)(struct lws *wsi); + int (*accept)(struct lws *wsi); /* control wsi active events */ void (*io)(struct lws *wsi, int flags); /* run the event loop for a pt */ diff --git a/thirdparty/libwebsockets/lws_config_private.h b/thirdparty/libwebsockets/lib/lws_config_private.h index e531777624..e531777624 100644 --- a/thirdparty/libwebsockets/lws_config_private.h +++ b/thirdparty/libwebsockets/lib/lws_config_private.h diff --git a/thirdparty/libwebsockets/misc/base64-decode.c b/thirdparty/libwebsockets/lib/misc/base64-decode.c index 64b84d78fa..de2efc8fd1 100644 --- a/thirdparty/libwebsockets/misc/base64-decode.c +++ b/thirdparty/libwebsockets/lib/misc/base64-decode.c @@ -55,12 +55,11 @@ _lws_b64_encode_string(const char *encode, const char *in, int in_len, { unsigned char triple[3]; int i; - int len; int line = 0; int done = 0; while (in_len) { - len = 0; + int len = 0; for (i = 0; i < 3; i++) { if (in_len) { triple[i] = *in++; diff --git a/thirdparty/libwebsockets/misc/getifaddrs.c b/thirdparty/libwebsockets/lib/misc/getifaddrs.c index 735b899f48..735b899f48 100644 --- a/thirdparty/libwebsockets/misc/getifaddrs.c +++ b/thirdparty/libwebsockets/lib/misc/getifaddrs.c diff --git a/thirdparty/libwebsockets/misc/getifaddrs.h b/thirdparty/libwebsockets/lib/misc/getifaddrs.h index d26670c082..d26670c082 100644 --- a/thirdparty/libwebsockets/misc/getifaddrs.h +++ b/thirdparty/libwebsockets/lib/misc/getifaddrs.h diff --git a/thirdparty/libwebsockets/misc/lejp.c b/thirdparty/libwebsockets/lib/misc/lejp.c index 99142b9553..599a6d37ba 100644 --- a/thirdparty/libwebsockets/misc/lejp.c +++ b/thirdparty/libwebsockets/lib/misc/lejp.c @@ -126,7 +126,7 @@ lejp_check_path_match(struct lejp_ctx *ctx) q++; continue; } - ctx->wild[ctx->wildcount++] = p - ctx->path; + ctx->wild[ctx->wildcount++] = lws_ptr_diff(p, ctx->path); q++; /* * if * has something after it, match to . diff --git a/thirdparty/libwebsockets/misc/sha-1.c b/thirdparty/libwebsockets/lib/misc/sha-1.c index 2e4db52693..898f3f45b1 100644 --- a/thirdparty/libwebsockets/misc/sha-1.c +++ b/thirdparty/libwebsockets/lib/misc/sha-1.c @@ -236,18 +236,14 @@ sha1_pad(struct sha1_ctxt *ctxt) void sha1_loop(struct sha1_ctxt *ctxt, const unsigned char *input, size_t len) { - size_t gaplen; - size_t gapstart; size_t off; - size_t copysiz; off = 0; while (off < len) { - gapstart = COUNT % 64; - gaplen = 64 - gapstart; + size_t gapstart = COUNT % 64, gaplen = 64 - gapstart, + copysiz = (gaplen < len - off) ? gaplen : len - off; - copysiz = (gaplen < len - off) ? gaplen : len - off; memcpy(&ctxt->m.b8[gapstart], &input[off], copysiz); COUNT += (unsigned char)copysiz; COUNT %= 64; diff --git a/thirdparty/libwebsockets/lib/plat/unix/private.h b/thirdparty/libwebsockets/lib/plat/unix/private.h new file mode 100644 index 0000000000..8583ee7bc8 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/unix/private.h @@ -0,0 +1,169 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * Included from lib/core/private.h if no explicit platform + */ + +#include <fcntl.h> +#include <strings.h> +#include <unistd.h> + +#include <netinet/in.h> +#include <netinet/tcp.h> +#include <arpa/inet.h> +#include <poll.h> +#include <netdb.h> + +#ifndef __cplusplus +#include <errno.h> +#endif +#include <netdb.h> +#include <signal.h> + +#include <sys/socket.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <sys/time.h> +#include <sys/mman.h> +#include <sys/un.h> + +#if defined(__APPLE__) +#include <machine/endian.h> +#endif +#if defined(__FreeBSD__) +#include <sys/endian.h> +#endif +#if defined(__linux__) +#include <endian.h> +#endif +#if defined(__QNX__) + #include <gulliver.h> + #if defined(__LITTLEENDIAN__) + #define BYTE_ORDER __LITTLEENDIAN__ + #define LITTLE_ENDIAN __LITTLEENDIAN__ + #define BIG_ENDIAN 4321 /* to show byte order (taken from gcc); for suppres warning that BIG_ENDIAN is not defined. */ + #endif + #if defined(__BIGENDIAN__) + #define BYTE_ORDER __BIGENDIAN__ + #define LITTLE_ENDIAN 1234 /* to show byte order (taken from gcc); for suppres warning that LITTLE_ENDIAN is not defined. */ + #define BIG_ENDIAN __BIGENDIAN__ + #endif +#endif + +#if defined(__sun) && defined(__GNUC__) + +#include <arpa/nameser_compat.h> + +#if !defined (BYTE_ORDER) +#define BYTE_ORDER __BYTE_ORDER__ +#endif + +#if !defined(LITTLE_ENDIAN) +#define LITTLE_ENDIAN __ORDER_LITTLE_ENDIAN__ +#endif + +#if !defined(BIG_ENDIAN) +#define BIG_ENDIAN __ORDER_BIG_ENDIAN__ +#endif + +#endif /* sun + GNUC */ + +#if !defined(BYTE_ORDER) +#define BYTE_ORDER __BYTE_ORDER +#endif +#if !defined(LITTLE_ENDIAN) +#define LITTLE_ENDIAN __LITTLE_ENDIAN +#endif +#if !defined(BIG_ENDIAN) +#define BIG_ENDIAN __BIG_ENDIAN +#endif + +#if defined(LWS_BUILTIN_GETIFADDRS) +#include "./misc/getifaddrs.h" +#else + +#if defined(__HAIKU__) +#define _BSD_SOURCE +#endif +#include <ifaddrs.h> + +#endif + +#if defined (__sun) || defined(__HAIKU__) || defined(__QNX__) +#include <syslog.h> +#else +#include <sys/syslog.h> +#endif + +#ifdef __QNX__ +# include "netinet/tcp_var.h" +# define TCP_KEEPINTVL TCPCTL_KEEPINTVL +# define TCP_KEEPIDLE TCPCTL_KEEPIDLE +# define TCP_KEEPCNT TCPCTL_KEEPCNT +#endif + +#define LWS_ERRNO errno +#define LWS_EAGAIN EAGAIN +#define LWS_EALREADY EALREADY +#define LWS_EINPROGRESS EINPROGRESS +#define LWS_EINTR EINTR +#define LWS_EISCONN EISCONN +#define LWS_ENOTCONN ENOTCONN +#define LWS_EWOULDBLOCK EWOULDBLOCK +#define LWS_EADDRINUSE EADDRINUSE +#define lws_set_blocking_send(wsi) +#define LWS_SOCK_INVALID (-1) + +#define wsi_from_fd(A,B) A->lws_lookup[B - lws_plat_socket_offset()] +#define insert_wsi(A,B) assert(A->lws_lookup[B->desc.sockfd - \ + lws_plat_socket_offset()] == 0); \ + A->lws_lookup[B->desc.sockfd - \ + lws_plat_socket_offset()] = B +#define delete_from_fd(A,B) A->lws_lookup[B - lws_plat_socket_offset()] = 0 + +#ifndef LWS_NO_FORK +#ifdef LWS_HAVE_SYS_PRCTL_H +#include <sys/prctl.h> +#endif +#endif + +#if defined (__ANDROID__) + #include <syslog.h> + #include <sys/resource.h> +#endif + +#define compatible_close(x) close(x) +#define lws_plat_socket_offset() (0) + +/* + * Mac OSX as well as iOS do not define the MSG_NOSIGNAL flag, + * but happily have something equivalent in the SO_NOSIGPIPE flag. + */ +#ifdef __APPLE__ +#define MSG_NOSIGNAL SO_NOSIGPIPE +#endif + +/* + * Solaris 11.X only supports POSIX 2001, MSG_NOSIGNAL appears in + * POSIX 2008. + */ +#ifdef __sun + #define MSG_NOSIGNAL 0 +#endif diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-caps.c b/thirdparty/libwebsockets/lib/plat/unix/unix-caps.c new file mode 100644 index 0000000000..64aea61816 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/unix/unix-caps.c @@ -0,0 +1,85 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#define _GNU_SOURCE +#include "core/private.h" + +#include <pwd.h> +#include <grp.h> + +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) +static void +_lws_plat_apply_caps(int mode, const cap_value_t *cv, int count) +{ + cap_t caps; + + if (!count) + return; + + caps = cap_get_proc(); + + cap_set_flag(caps, mode, count, cv, CAP_SET); + cap_set_proc(caps); + prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0); + cap_free(caps); +} +#endif + +void +lws_plat_drop_app_privileges(const struct lws_context_creation_info *info) +{ + if (info->gid && info->gid != -1) + if (setgid(info->gid)) + lwsl_warn("setgid: %s\n", strerror(LWS_ERRNO)); + + if (info->uid && info->uid != -1) { + struct passwd *p = getpwuid(info->uid); + + if (p) { + +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) + _lws_plat_apply_caps(CAP_PERMITTED, info->caps, + info->count_caps); +#endif + + initgroups(p->pw_name, info->gid); + if (setuid(info->uid)) + lwsl_warn("setuid: %s\n", strerror(LWS_ERRNO)); + else + lwsl_notice("Set privs to user '%s'\n", + p->pw_name); + +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) + _lws_plat_apply_caps(CAP_EFFECTIVE, info->caps, + info->count_caps); + + if (info->count_caps) { + int n; + for (n = 0; n < info->count_caps; n++) + lwsl_notice(" RETAINING CAP %d\n", + (int)info->caps[n]); + } +#endif + + } else + lwsl_warn("getpwuid: unable to find uid %d", info->uid); + } +} diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-fds.c b/thirdparty/libwebsockets/lib/plat/unix/unix-fds.c new file mode 100644 index 0000000000..8a00bcff3f --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/unix/unix-fds.c @@ -0,0 +1,54 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#define _GNU_SOURCE +#include "core/private.h" + +void +lws_plat_insert_socket_into_fds(struct lws_context *context, struct lws *wsi) +{ + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + + if (context->event_loop_ops->io) + context->event_loop_ops->io(wsi, LWS_EV_START | LWS_EV_READ); + + pt->fds[pt->fds_count++].revents = 0; +} + +void +lws_plat_delete_socket_from_fds(struct lws_context *context, + struct lws *wsi, int m) +{ + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + + if (context->event_loop_ops->io) + context->event_loop_ops->io(wsi, + LWS_EV_STOP | LWS_EV_READ | LWS_EV_WRITE); + + pt->fds_count--; +} + +int +lws_plat_change_pollfd(struct lws_context *context, + struct lws *wsi, struct lws_pollfd *pfd) +{ + return 0; +} diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-file.c b/thirdparty/libwebsockets/lib/plat/unix/unix-file.c new file mode 100644 index 0000000000..bcdc213a89 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/unix/unix-file.c @@ -0,0 +1,172 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#define _GNU_SOURCE +#include "core/private.h" + +#include <pwd.h> +#include <grp.h> + +#ifdef LWS_WITH_PLUGINS +#include <dlfcn.h> +#endif +#include <dirent.h> + +int lws_plat_apply_FD_CLOEXEC(int n) +{ + if (n == -1) + return 0; + + return fcntl(n, F_SETFD, FD_CLOEXEC); +} + +int +lws_plat_write_file(const char *filename, void *buf, int len) +{ + int m, fd; + + fd = lws_open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); + + if (fd == -1) + return 1; + + m = write(fd, buf, len); + close(fd); + + return m != len; +} + +int +lws_plat_read_file(const char *filename, void *buf, int len) +{ + int n, fd = lws_open(filename, O_RDONLY); + if (fd == -1) + return -1; + + n = read(fd, buf, len); + close(fd); + + return n; +} + +lws_fop_fd_t +_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, + const char *vpath, lws_fop_flags_t *flags) +{ + struct stat stat_buf; + int ret = lws_open(filename, (*flags) & LWS_FOP_FLAGS_MASK, 0664); + lws_fop_fd_t fop_fd; + + if (ret < 0) + return NULL; + + if (fstat(ret, &stat_buf) < 0) + goto bail; + + fop_fd = malloc(sizeof(*fop_fd)); + if (!fop_fd) + goto bail; + + fop_fd->fops = fops; + fop_fd->flags = *flags; + fop_fd->fd = ret; + fop_fd->filesystem_priv = NULL; /* we don't use it */ + fop_fd->len = stat_buf.st_size; + fop_fd->pos = 0; + + return fop_fd; + +bail: + close(ret); + return NULL; +} + +int +_lws_plat_file_close(lws_fop_fd_t *fop_fd) +{ + int fd = (*fop_fd)->fd; + + free(*fop_fd); + *fop_fd = NULL; + + return close(fd); +} + +lws_fileofs_t +_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset) +{ + lws_fileofs_t r; + + if (offset > 0 && + offset > (lws_fileofs_t)fop_fd->len - (lws_fileofs_t)fop_fd->pos) + offset = fop_fd->len - fop_fd->pos; + + if ((lws_fileofs_t)fop_fd->pos + offset < 0) + offset = -fop_fd->pos; + + r = lseek(fop_fd->fd, offset, SEEK_CUR); + + if (r >= 0) + fop_fd->pos = r; + else + lwsl_err("error seeking from cur %ld, offset %ld\n", + (long)fop_fd->pos, (long)offset); + + return r; +} + +int +_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len) +{ + long n; + + n = read((int)fop_fd->fd, buf, len); + if (n == -1) { + *amount = 0; + return -1; + } + fop_fd->pos += n; + lwsl_debug("%s: read %ld of req %ld, pos %ld, len %ld\n", __func__, n, + (long)len, (long)fop_fd->pos, (long)fop_fd->len); + *amount = n; + + return 0; +} + +int +_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len) +{ + long n; + + n = write((int)fop_fd->fd, buf, len); + if (n == -1) { + *amount = 0; + return -1; + } + + fop_fd->pos += n; + *amount = n; + + return 0; +} + diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-init.c b/thirdparty/libwebsockets/lib/plat/unix/unix-init.c new file mode 100644 index 0000000000..fa9a30e8d2 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/unix/unix-init.c @@ -0,0 +1,97 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#define _GNU_SOURCE +#include "core/private.h" + +#include <pwd.h> +#include <grp.h> + +#ifdef LWS_WITH_PLUGINS +#include <dlfcn.h> +#endif +#include <dirent.h> + +int +lws_plat_init(struct lws_context *context, + const struct lws_context_creation_info *info) +{ + int fd; + + /* master context has the global fd lookup array */ + context->lws_lookup = lws_zalloc(sizeof(struct lws *) * + context->max_fds, "lws_lookup"); + if (context->lws_lookup == NULL) { + lwsl_err("OOM on lws_lookup array for %d connections\n", + context->max_fds); + return 1; + } + + lwsl_info(" mem: platform fd map: %5lu bytes\n", + (unsigned long)(sizeof(struct lws *) * context->max_fds)); + fd = lws_open(SYSTEM_RANDOM_FILEPATH, O_RDONLY); + + context->fd_random = fd; + if (context->fd_random < 0) { + lwsl_err("Unable to open random device %s %d\n", + SYSTEM_RANDOM_FILEPATH, context->fd_random); + return 1; + } + +#ifdef LWS_WITH_PLUGINS + if (info->plugin_dirs && (context->options & LWS_SERVER_OPTION_LIBUV)) + lws_plat_plugins_init(context, info->plugin_dirs); +#endif + + return 0; +} + +int +lws_plat_context_early_init(void) +{ +#if !defined(LWS_AVOID_SIGPIPE_IGN) + signal(SIGPIPE, SIG_IGN); +#endif + + return 0; +} + +void +lws_plat_context_early_destroy(struct lws_context *context) +{ +} + +void +lws_plat_context_late_destroy(struct lws_context *context) +{ +#ifdef LWS_WITH_PLUGINS + if (context->plugin_list) + lws_plat_plugins_destroy(context); +#endif + + if (context->lws_lookup) + lws_free(context->lws_lookup); + + if (!context->fd_random) + lwsl_err("ZERO RANDOM FD\n"); + if (context->fd_random != LWS_INVALID_FILE) + close(context->fd_random); +} diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-misc.c b/thirdparty/libwebsockets/lib/plat/unix/unix-misc.c new file mode 100644 index 0000000000..d4b0f76658 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/unix/unix-misc.c @@ -0,0 +1,83 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#define _GNU_SOURCE +#include "core/private.h" + + +uint64_t +lws_time_in_microseconds(void) +{ + struct timeval tv; + + gettimeofday(&tv, NULL); + return ((unsigned long long)tv.tv_sec * 1000000LL) + tv.tv_usec; +} + +LWS_VISIBLE int +lws_get_random(struct lws_context *context, void *buf, int len) +{ + return read(context->fd_random, (char *)buf, len); +} + +LWS_VISIBLE void lwsl_emit_syslog(int level, const char *line) +{ + int syslog_level = LOG_DEBUG; + + switch (level) { + case LLL_ERR: + syslog_level = LOG_ERR; + break; + case LLL_WARN: + syslog_level = LOG_WARNING; + break; + case LLL_NOTICE: + syslog_level = LOG_NOTICE; + break; + case LLL_INFO: + syslog_level = LOG_INFO; + break; + } + syslog(syslog_level, "%s", line); +} + + +int +lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, + int len) +{ + int n; + + n = write(fd, buf, len); + + fsync(fd); + if (lseek(fd, 0, SEEK_SET) < 0) + return 1; + + return n != len; +} + + +int +lws_plat_recommended_rsa_bits(void) +{ + return 4096; +} diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-pipe.c b/thirdparty/libwebsockets/lib/plat/unix/unix-pipe.c new file mode 100644 index 0000000000..64ce253be6 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/unix/unix-pipe.c @@ -0,0 +1,62 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#define _GNU_SOURCE +#include "core/private.h" + + +int +lws_plat_pipe_create(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + +#if defined(LWS_HAVE_PIPE2) + return pipe2(pt->dummy_pipe_fds, O_NONBLOCK); +#else + return pipe(pt->dummy_pipe_fds); +#endif +} + +int +lws_plat_pipe_signal(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + char buf = 0; + int n; + + n = write(pt->dummy_pipe_fds[1], &buf, 1); + + return n != 1; +} + +void +lws_plat_pipe_close(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + + if (pt->dummy_pipe_fds[0] && pt->dummy_pipe_fds[0] != -1) + close(pt->dummy_pipe_fds[0]); + if (pt->dummy_pipe_fds[1] && pt->dummy_pipe_fds[1] != -1) + close(pt->dummy_pipe_fds[1]); + + pt->dummy_pipe_fds[0] = pt->dummy_pipe_fds[1] = -1; +} + diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-service.c b/thirdparty/libwebsockets/lib/plat/unix/unix-service.c new file mode 100644 index 0000000000..e61ef59959 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/unix/unix-service.c @@ -0,0 +1,204 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#define _GNU_SOURCE +#include "core/private.h" + +int +lws_poll_listen_fd(struct lws_pollfd *fd) +{ + return poll(fd, 1, 0); +} + +LWS_EXTERN int +_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi) +{ + volatile struct lws_foreign_thread_pollfd *ftp, *next; + volatile struct lws_context_per_thread *vpt; + struct lws_context_per_thread *pt; + int n = -1, m, c; + + /* stay dead once we are dead */ + + if (!context || !context->vhost_list) + return 1; + + pt = &context->pt[tsi]; + vpt = (volatile struct lws_context_per_thread *)pt; + + lws_stats_atomic_bump(context, pt, LWSSTATS_C_SERVICE_ENTRY, 1); + + if (timeout_ms < 0) + goto faked_service; + + if (context->event_loop_ops->run_pt) + context->event_loop_ops->run_pt(context, tsi); + + if (!pt->service_tid_detected) { + struct lws _lws; + + memset(&_lws, 0, sizeof(_lws)); + _lws.context = context; + + pt->service_tid = + context->vhost_list->protocols[0].callback( + &_lws, LWS_CALLBACK_GET_THREAD_ID, NULL, NULL, 0); + pt->service_tid_detected = 1; + } + + /* + * is there anybody with pending stuff that needs service forcing? + */ + if (!lws_service_adjust_timeout(context, 1, tsi)) { + /* -1 timeout means just do forced service */ + _lws_plat_service_tsi(context, -1, pt->tid); + /* still somebody left who wants forced service? */ + if (!lws_service_adjust_timeout(context, 1, pt->tid)) + /* yes... come back again quickly */ + timeout_ms = 0; + } + + if (timeout_ms) { + lws_pt_lock(pt, __func__); + /* don't stay in poll wait longer than next hr timeout */ + lws_usec_t t = __lws_hrtimer_service(pt); + if ((lws_usec_t)timeout_ms * 1000 > t) + timeout_ms = t / 1000; + lws_pt_unlock(pt); + } + + vpt->inside_poll = 1; + lws_memory_barrier(); + n = poll(pt->fds, pt->fds_count, timeout_ms); + vpt->inside_poll = 0; + lws_memory_barrier(); + + /* Collision will be rare and brief. Just spin until it completes */ + while (vpt->foreign_spinlock) + ; + + /* + * At this point we are not inside a foreign thread pollfd change, + * and we have marked ourselves as outside the poll() wait. So we + * are the only guys that can modify the lws_foreign_thread_pollfd + * list on the pt. Drain the list and apply the changes to the + * affected pollfds in the correct order. + */ + + lws_pt_lock(pt, __func__); + + ftp = vpt->foreign_pfd_list; + //lwsl_notice("cleared list %p\n", ftp); + while (ftp) { + struct lws *wsi; + struct lws_pollfd *pfd; + + next = ftp->next; + pfd = &vpt->fds[ftp->fd_index]; + if (lws_socket_is_valid(pfd->fd)) { + wsi = wsi_from_fd(context, pfd->fd); + if (wsi) + __lws_change_pollfd(wsi, ftp->_and, ftp->_or); + } + lws_free((void *)ftp); + ftp = next; + } + vpt->foreign_pfd_list = NULL; + lws_memory_barrier(); + + /* we have come out of a poll wait... check the hrtimer list */ + + __lws_hrtimer_service(pt); + + lws_pt_unlock(pt); + + m = 0; +#if defined(LWS_ROLE_WS) && !defined(LWS_WITHOUT_EXTENSIONS) + m |= !!pt->ws.rx_draining_ext_list; +#endif + + if (pt->context->tls_ops && + pt->context->tls_ops->fake_POLLIN_for_buffered) + m |= pt->context->tls_ops->fake_POLLIN_for_buffered(pt); + + if (!m && !n) { /* nothing to do */ + lws_service_fd_tsi(context, NULL, tsi); + lws_service_do_ripe_rxflow(pt); + + return 0; + } + +faked_service: + m = lws_service_flag_pending(context, tsi); + if (m) + c = -1; /* unknown limit */ + else + if (n < 0) { + if (LWS_ERRNO != LWS_EINTR) + return -1; + return 0; + } else + c = n; + + /* any socket with events to service? */ + for (n = 0; n < (int)pt->fds_count && c; n++) { + if (!pt->fds[n].revents) + continue; + + c--; + + m = lws_service_fd_tsi(context, &pt->fds[n], tsi); + if (m < 0) { + lwsl_err("%s: lws_service_fd_tsi returned %d\n", + __func__, m); + return -1; + } + /* if something closed, retry this slot */ + if (m) + n--; + } + + lws_service_do_ripe_rxflow(pt); + + return 0; +} + +int +lws_plat_check_connection_error(struct lws *wsi) +{ + return 0; +} + +int +lws_plat_service(struct lws_context *context, int timeout_ms) +{ + return _lws_plat_service_tsi(context, timeout_ms, 0); +} + + +void +lws_plat_service_periodic(struct lws_context *context) +{ + /* if our parent went down, don't linger around */ + if (context->started_with_parent && + kill(context->started_with_parent, 0) < 0) + kill(getpid(), SIGTERM); +} diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c b/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c new file mode 100644 index 0000000000..192dddee63 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c @@ -0,0 +1,263 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#define _GNU_SOURCE +#include "core/private.h" + +#include <pwd.h> +#include <grp.h> + + + +int +lws_send_pipe_choked(struct lws *wsi) +{ + struct lws_pollfd fds; + struct lws *wsi_eff; + +#if defined(LWS_WITH_HTTP2) + wsi_eff = lws_get_network_wsi(wsi); +#else + wsi_eff = wsi; +#endif + + /* the fact we checked implies we avoided back-to-back writes */ + wsi_eff->could_have_pending = 0; + + /* treat the fact we got a truncated send pending as if we're choked */ + if (lws_has_buffered_out(wsi_eff) +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + ||wsi->http.comp_ctx.buflist_comp || + wsi->http.comp_ctx.may_have_more +#endif + ) + return 1; + + fds.fd = wsi_eff->desc.sockfd; + fds.events = POLLOUT; + fds.revents = 0; + + if (poll(&fds, 1, 0) != 1) + return 1; + + if ((fds.revents & POLLOUT) == 0) + return 1; + + /* okay to send another packet without blocking */ + + return 0; +} + + +int +lws_plat_set_socket_options(struct lws_vhost *vhost, int fd, int unix_skt) +{ + int optval = 1; + socklen_t optlen = sizeof(optval); + +#ifdef LWS_WITH_IPV6 + optval = 0; + setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, (const void*)&optval, optlen); +#endif + +#if defined(__APPLE__) || \ + defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || \ + defined(__NetBSD__) || \ + defined(__OpenBSD__) || \ + defined(__HAIKU__) + struct protoent *tcp_proto; +#endif + + (void)fcntl(fd, F_SETFD, FD_CLOEXEC); + + if (!unix_skt && vhost->ka_time) { + /* enable keepalive on this socket */ + optval = 1; + if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, + (const void *)&optval, optlen) < 0) + return 1; + +#if defined(__APPLE__) || \ + defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || \ + defined(__NetBSD__) || \ + defined(__CYGWIN__) || defined(__OpenBSD__) || defined (__sun) || \ + defined(__HAIKU__) + + /* + * didn't find a way to set these per-socket, need to + * tune kernel systemwide values + */ +#else + /* set the keepalive conditions we want on it too */ + +#if defined(LWS_HAVE_TCP_USER_TIMEOUT) + optval = 1000 * (vhost->ka_time + + (vhost->ka_interval * vhost->ka_probes)); + if (setsockopt(fd, IPPROTO_TCP, TCP_USER_TIMEOUT, + (const void *)&optval, optlen) < 0) + return 1; +#endif + optval = vhost->ka_time; + if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPIDLE, + (const void *)&optval, optlen) < 0) + return 1; + + optval = vhost->ka_interval; + if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPINTVL, + (const void *)&optval, optlen) < 0) + return 1; + + optval = vhost->ka_probes; + if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPCNT, + (const void *)&optval, optlen) < 0) + return 1; +#endif + } + +#if defined(SO_BINDTODEVICE) + if (!unix_skt && vhost->bind_iface && vhost->iface) { + lwsl_info("binding listen skt to %s using SO_BINDTODEVICE\n", vhost->iface); + if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, vhost->iface, + strlen(vhost->iface)) < 0) { + lwsl_warn("Failed to bind to device %s\n", vhost->iface); + return 1; + } + } +#endif + + /* Disable Nagle */ + optval = 1; +#if defined (__sun) || defined(__QNX__) + if (!unix_skt && setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (const void *)&optval, optlen) < 0) + return 1; +#elif !defined(__APPLE__) && \ + !defined(__FreeBSD__) && !defined(__FreeBSD_kernel__) && \ + !defined(__NetBSD__) && \ + !defined(__OpenBSD__) && \ + !defined(__HAIKU__) + if (!unix_skt && setsockopt(fd, SOL_TCP, TCP_NODELAY, (const void *)&optval, optlen) < 0) + return 1; +#else + tcp_proto = getprotobyname("TCP"); + if (!unix_skt && setsockopt(fd, tcp_proto->p_proto, TCP_NODELAY, &optval, optlen) < 0) + return 1; +#endif + + /* We are nonblocking... */ + if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) + return 1; + + return 0; +} + + +/* cast a struct sockaddr_in6 * into addr for ipv6 */ + +int +lws_interface_to_sa(int ipv6, const char *ifname, struct sockaddr_in *addr, + size_t addrlen) +{ + int rc = LWS_ITOSA_NOT_EXIST; + + struct ifaddrs *ifr; + struct ifaddrs *ifc; +#ifdef LWS_WITH_IPV6 + struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr; +#endif + + getifaddrs(&ifr); + for (ifc = ifr; ifc != NULL && rc; ifc = ifc->ifa_next) { + if (!ifc->ifa_addr) + continue; + + lwsl_debug(" interface %s vs %s (fam %d) ipv6 %d\n", + ifc->ifa_name, ifname, + ifc->ifa_addr->sa_family, ipv6); + + if (strcmp(ifc->ifa_name, ifname)) + continue; + + switch (ifc->ifa_addr->sa_family) { +#if defined(AF_PACKET) + case AF_PACKET: + /* interface exists but is not usable */ + rc = LWS_ITOSA_NOT_USABLE; + continue; +#endif + + case AF_INET: +#ifdef LWS_WITH_IPV6 + if (ipv6) { + /* map IPv4 to IPv6 */ + bzero((char *)&addr6->sin6_addr, + sizeof(struct in6_addr)); + addr6->sin6_addr.s6_addr[10] = 0xff; + addr6->sin6_addr.s6_addr[11] = 0xff; + memcpy(&addr6->sin6_addr.s6_addr[12], + &((struct sockaddr_in *)ifc->ifa_addr)->sin_addr, + sizeof(struct in_addr)); + } else +#endif + memcpy(addr, + (struct sockaddr_in *)ifc->ifa_addr, + sizeof(struct sockaddr_in)); + break; +#ifdef LWS_WITH_IPV6 + case AF_INET6: + memcpy(&addr6->sin6_addr, + &((struct sockaddr_in6 *)ifc->ifa_addr)->sin6_addr, + sizeof(struct in6_addr)); + break; +#endif + default: + continue; + } + rc = LWS_ITOSA_USABLE; + } + + freeifaddrs(ifr); + + if (rc) { + /* check if bind to IP address */ +#ifdef LWS_WITH_IPV6 + if (inet_pton(AF_INET6, ifname, &addr6->sin6_addr) == 1) + rc = LWS_ITOSA_USABLE; + else +#endif + if (inet_pton(AF_INET, ifname, &addr->sin_addr) == 1) + rc = LWS_ITOSA_USABLE; + } + + return rc; +} + + +const char * +lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt) +{ + return inet_ntop(af, src, dst, cnt); +} + +int +lws_plat_inet_pton(int af, const char *src, void *dst) +{ + return inet_pton(af, src, dst); +} diff --git a/thirdparty/libwebsockets/lib/plat/windows/private.h b/thirdparty/libwebsockets/lib/plat/windows/private.h new file mode 100644 index 0000000000..980028ce42 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/windows/private.h @@ -0,0 +1,148 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * Included from lib/core/private.h if defined(WIN32) || defined(_WIN32) + */ + + #ifndef WIN32_LEAN_AND_MEAN + #define WIN32_LEAN_AND_MEAN + #endif + + #if (WINVER < 0x0501) + #undef WINVER + #undef _WIN32_WINNT + #define WINVER 0x0501 + #define _WIN32_WINNT WINVER + #endif + + #define LWS_NO_DAEMONIZE + #define LWS_ERRNO WSAGetLastError() + #define LWS_EAGAIN WSAEWOULDBLOCK + #define LWS_EALREADY WSAEALREADY + #define LWS_EINPROGRESS WSAEINPROGRESS + #define LWS_EINTR WSAEINTR + #define LWS_EISCONN WSAEISCONN + #define LWS_ENOTCONN WSAENOTCONN + #define LWS_EWOULDBLOCK WSAEWOULDBLOCK + #define LWS_EADDRINUSE WSAEADDRINUSE + #define MSG_NOSIGNAL 0 + #define SHUT_RDWR SD_BOTH + #define SOL_TCP IPPROTO_TCP + #define SHUT_WR SD_SEND + + #define compatible_close(fd) closesocket(fd) + #define lws_set_blocking_send(wsi) wsi->sock_send_blocking = 1 + #define LWS_SOCK_INVALID (INVALID_SOCKET) + + #include <winsock2.h> + #include <ws2tcpip.h> + #include <windows.h> + #include <tchar.h> + #ifdef LWS_HAVE_IN6ADDR_H + #include <in6addr.h> + #endif + #include <mstcpip.h> + #include <io.h> + + #if !defined(LWS_HAVE_ATOLL) + #if defined(LWS_HAVE__ATOI64) + #define atoll _atoi64 + #else + #warning No atoll or _atoi64 available, using atoi + #define atoll atoi + #endif + #endif + + #ifndef __func__ + #define __func__ __FUNCTION__ + #endif + + #ifdef LWS_HAVE__VSNPRINTF + #define vsnprintf _vsnprintf + #endif + +/* we don't have an implementation for this on windows... */ +int kill(int pid, int sig); +int fork(void); +#ifndef SIGINT +#define SIGINT 2 +#endif + +#include <gettimeofday.h> + +#ifndef BIG_ENDIAN + #define BIG_ENDIAN 4321 /* to show byte order (taken from gcc) */ +#endif +#ifndef LITTLE_ENDIAN + #define LITTLE_ENDIAN 1234 +#endif +#ifndef BYTE_ORDER + #define BYTE_ORDER LITTLE_ENDIAN +#endif + +#undef __P +#ifndef __P + #if __STDC__ + #define __P(protos) protos + #else + #define __P(protos) () + #endif +#endif + +#ifdef _WIN32 + #ifndef FD_HASHTABLE_MODULUS + #define FD_HASHTABLE_MODULUS 32 + #endif +#endif + +#define lws_plat_socket_offset() (0) + +struct lws; +struct lws_context; + +#define LWS_FD_HASH(fd) ((fd ^ (fd >> 8) ^ (fd >> 16)) % FD_HASHTABLE_MODULUS) +struct lws_fd_hashtable { + struct lws **wsi; + int length; +}; + + +#ifdef LWS_DLL +#ifdef LWS_INTERNAL +#define LWS_EXTERN extern __declspec(dllexport) +#else +#define LWS_EXTERN extern __declspec(dllimport) +#endif +#else +#define LWS_EXTERN +#endif + +typedef SOCKET lws_sockfd_type; +typedef HANDLE lws_filefd_type; +#define LWS_WIN32_HANDLE_TYPES + +LWS_EXTERN struct lws * +wsi_from_fd(const struct lws_context *context, lws_sockfd_type fd); + +LWS_EXTERN int +insert_wsi(struct lws_context *context, struct lws *wsi); + +LWS_EXTERN int +delete_from_fd(struct lws_context *context, lws_sockfd_type fd); diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-fds.c b/thirdparty/libwebsockets/lib/plat/windows/windows-fds.c new file mode 100644 index 0000000000..0d324e8f3a --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/windows/windows-fds.c @@ -0,0 +1,76 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS +#define _WINSOCK_DEPRECATED_NO_WARNINGS +#endif +#include "core/private.h" + +struct lws * +wsi_from_fd(const struct lws_context *context, lws_sockfd_type fd) +{ + int h = LWS_FD_HASH(fd); + int n = 0; + + for (n = 0; n < context->fd_hashtable[h].length; n++) + if (context->fd_hashtable[h].wsi[n]->desc.sockfd == fd) + return context->fd_hashtable[h].wsi[n]; + + return NULL; +} + +int +insert_wsi(struct lws_context *context, struct lws *wsi) +{ + int h = LWS_FD_HASH(wsi->desc.sockfd); + + if (context->fd_hashtable[h].length == (getdtablesize() - 1)) { + lwsl_err("hash table overflow\n"); + return 1; + } + + context->fd_hashtable[h].wsi[context->fd_hashtable[h].length++] = wsi; + + return 0; +} + +int +delete_from_fd(struct lws_context *context, lws_sockfd_type fd) +{ + int h = LWS_FD_HASH(fd); + int n = 0; + + for (n = 0; n < context->fd_hashtable[h].length; n++) + if (context->fd_hashtable[h].wsi[n]->desc.sockfd == fd) { + while (n < context->fd_hashtable[h].length) { + context->fd_hashtable[h].wsi[n] = + context->fd_hashtable[h].wsi[n + 1]; + n++; + } + context->fd_hashtable[h].length--; + + return 0; + } + + lwsl_err("Failed to find fd %d requested for " + "delete in hashtable\n", fd); + return 1; +} diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-file.c b/thirdparty/libwebsockets/lib/plat/windows/windows-file.c new file mode 100644 index 0000000000..eb73aab7f6 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/windows/windows-file.c @@ -0,0 +1,185 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS +#define _WINSOCK_DEPRECATED_NO_WARNINGS +#endif +#include "core/private.h" + +int lws_plat_apply_FD_CLOEXEC(int n) +{ + return 0; +} + +lws_fop_fd_t +_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, + const char *vpath, lws_fop_flags_t *flags) +{ + HANDLE ret; + WCHAR buf[MAX_PATH]; + lws_fop_fd_t fop_fd; + FILE_STANDARD_INFO fInfo = {0}; + + MultiByteToWideChar(CP_UTF8, 0, filename, -1, buf, LWS_ARRAY_SIZE(buf)); + +#if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x0602 // Windows 8 (minimum when UWP_ENABLED, but can be used in Windows builds) + CREATEFILE2_EXTENDED_PARAMETERS extParams = {0}; + extParams.dwFileAttributes = FILE_ATTRIBUTE_NORMAL; + + if (((*flags) & 7) == _O_RDONLY) { + ret = CreateFile2(buf, GENERIC_READ, FILE_SHARE_READ, OPEN_EXISTING, &extParams); + } else { + ret = CreateFile2(buf, GENERIC_WRITE, 0, CREATE_ALWAYS, &extParams); + } +#else + if (((*flags) & 7) == _O_RDONLY) { + ret = CreateFileW(buf, GENERIC_READ, FILE_SHARE_READ, + NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); + } else { + ret = CreateFileW(buf, GENERIC_WRITE, 0, NULL, + CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); + } +#endif + + if (ret == LWS_INVALID_FILE) + goto bail; + + fop_fd = malloc(sizeof(*fop_fd)); + if (!fop_fd) + goto bail; + + fop_fd->fops = fops; + fop_fd->fd = ret; + fop_fd->filesystem_priv = NULL; /* we don't use it */ + fop_fd->flags = *flags; + fop_fd->len = 0; + if(GetFileInformationByHandleEx(ret, FileStandardInfo, &fInfo, sizeof(fInfo))) + fop_fd->len = fInfo.EndOfFile.QuadPart; + + fop_fd->pos = 0; + + return fop_fd; + +bail: + return NULL; +} + +int +_lws_plat_file_close(lws_fop_fd_t *fop_fd) +{ + HANDLE fd = (*fop_fd)->fd; + + free(*fop_fd); + *fop_fd = NULL; + + CloseHandle((HANDLE)fd); + + return 0; +} + +lws_fileofs_t +_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset) +{ + LARGE_INTEGER l; + + l.QuadPart = offset; + return SetFilePointerEx((HANDLE)fop_fd->fd, l, NULL, FILE_CURRENT); +} + +int +_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len) +{ + DWORD _amount; + + if (!ReadFile((HANDLE)fop_fd->fd, buf, (DWORD)len, &_amount, NULL)) { + *amount = 0; + + return 1; + } + + fop_fd->pos += _amount; + *amount = (unsigned long)_amount; + + return 0; +} + +int +_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t* buf, lws_filepos_t len) +{ + DWORD _amount; + + if (!WriteFile((HANDLE)fop_fd->fd, buf, (DWORD)len, &_amount, NULL)) { + *amount = 0; + + return 1; + } + + fop_fd->pos += _amount; + *amount = (unsigned long)_amount; + + return 0; +} + + +int +lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, + int len) +{ + int n; + + n = write(fd, buf, len); + + lseek(fd, 0, SEEK_SET); + + return n != len; +} + +int +lws_plat_write_file(const char *filename, void *buf, int len) +{ + int m, fd; + + fd = lws_open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); + + if (fd == -1) + return -1; + + m = write(fd, buf, len); + close(fd); + + return m != len; +} + +int +lws_plat_read_file(const char *filename, void *buf, int len) +{ + int n, fd = lws_open(filename, O_RDONLY); + if (fd == -1) + return -1; + + n = read(fd, buf, len); + close(fd); + + return n; +} + diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-init.c b/thirdparty/libwebsockets/lib/plat/windows/windows-init.c new file mode 100644 index 0000000000..8c4d9373f6 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/windows/windows-init.c @@ -0,0 +1,110 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS +#define _WINSOCK_DEPRECATED_NO_WARNINGS +#endif +#include "core/private.h" + +void +lws_plat_drop_app_privileges(const struct lws_context_creation_info *info) +{ +} + +int +lws_plat_context_early_init(void) +{ + WORD wVersionRequested; + WSADATA wsaData; + int err; + + /* Use the MAKEWORD(lowbyte, highbyte) macro from Windef.h */ + wVersionRequested = MAKEWORD(2, 2); + + err = WSAStartup(wVersionRequested, &wsaData); + if (!err) + return 0; + /* + * Tell the user that we could not find a usable + * Winsock DLL + */ + lwsl_err("WSAStartup failed with error: %d\n", err); + + return 1; +} + +int +lws_plat_init(struct lws_context *context, + const struct lws_context_creation_info *info) +{ + struct lws_context_per_thread *pt = &context->pt[0]; + int i, n = context->count_threads; + + for (i = 0; i < FD_HASHTABLE_MODULUS; i++) { + context->fd_hashtable[i].wsi = + lws_zalloc(sizeof(struct lws*) * context->max_fds, + "win hashtable"); + + if (!context->fd_hashtable[i].wsi) + return -1; + } + + while (n--) { + pt->fds_count = 0; + pt->events = WSACreateEvent(); /* the cancel event */ + + pt++; + } + + context->fd_random = 0; + +#ifdef LWS_WITH_PLUGINS + if (info->plugin_dirs) + lws_plat_plugins_init(context, info->plugin_dirs); +#endif + + return 0; +} + +void +lws_plat_context_early_destroy(struct lws_context *context) +{ + struct lws_context_per_thread *pt = &context->pt[0]; + int n = context->count_threads; + + while (n--) { + WSACloseEvent(pt->events); + pt++; + } +} + +void +lws_plat_context_late_destroy(struct lws_context *context) +{ + int n; + + for (n = 0; n < FD_HASHTABLE_MODULUS; n++) { + if (context->fd_hashtable[n].wsi) + lws_free(context->fd_hashtable[n].wsi); + } + + WSACleanup(); +} diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-misc.c b/thirdparty/libwebsockets/lib/plat/windows/windows-misc.c new file mode 100644 index 0000000000..53cc19b6b9 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/windows/windows-misc.c @@ -0,0 +1,108 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS +#define _WINSOCK_DEPRECATED_NO_WARNINGS +#endif +#include "core/private.h" + + +uint64_t +lws_time_in_microseconds() +{ +#ifndef DELTA_EPOCH_IN_MICROSECS +#define DELTA_EPOCH_IN_MICROSECS 11644473600000000ULL +#endif + FILETIME filetime; + ULARGE_INTEGER datetime; + +#ifdef _WIN32_WCE + GetCurrentFT(&filetime); +#else + GetSystemTimeAsFileTime(&filetime); +#endif + + /* + * As per Windows documentation for FILETIME, copy the resulting + * FILETIME structure to a ULARGE_INTEGER structure using memcpy + * (using memcpy instead of direct assignment can prevent alignment + * faults on 64-bit Windows). + */ + memcpy(&datetime, &filetime, sizeof(datetime)); + + /* Windows file times are in 100s of nanoseconds. */ + return (datetime.QuadPart / 10) - DELTA_EPOCH_IN_MICROSECS; +} + + +#ifdef _WIN32_WCE +time_t time(time_t *t) +{ + time_t ret = lws_time_in_microseconds() / 1000000; + + if(t != NULL) + *t = ret; + + return ret; +} +#endif + +LWS_VISIBLE int +lws_get_random(struct lws_context *context, void *buf, int len) +{ + int n; + char *p = (char *)buf; + + for (n = 0; n < len; n++) + p[n] = (unsigned char)rand(); + + return n; +} + + +LWS_VISIBLE void +lwsl_emit_syslog(int level, const char *line) +{ + lwsl_emit_stderr(level, line); +} + + +int kill(int pid, int sig) +{ + lwsl_err("Sorry Windows doesn't support kill()."); + exit(0); +} + +int fork(void) +{ + lwsl_err("Sorry Windows doesn't support fork()."); + exit(0); +} + + +int +lws_plat_recommended_rsa_bits(void) +{ + return 4096; +} + + + diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-pipe.c b/thirdparty/libwebsockets/lib/plat/windows/windows-pipe.c new file mode 100644 index 0000000000..af2af1fa83 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/windows/windows-pipe.c @@ -0,0 +1,46 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS +#define _WINSOCK_DEPRECATED_NO_WARNINGS +#endif +#include "core/private.h" + +int +lws_plat_pipe_create(struct lws *wsi) +{ + return 1; +} + +int +lws_plat_pipe_signal(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + + WSASetEvent(pt->events); /* trigger the cancel event */ + + return 0; +} + +void +lws_plat_pipe_close(struct lws *wsi) +{ +} diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-service.c b/thirdparty/libwebsockets/lib/plat/windows/windows-service.c new file mode 100644 index 0000000000..a6adefbd3b --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/windows/windows-service.c @@ -0,0 +1,194 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS +#define _WINSOCK_DEPRECATED_NO_WARNINGS +#endif +#include "core/private.h" + + +LWS_EXTERN int +_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi) +{ + struct lws_context_per_thread *pt; + WSANETWORKEVENTS networkevents; + struct lws_pollfd *pfd; + struct lws *wsi; + unsigned int i; + DWORD ev; + int n; + + /* stay dead once we are dead */ + if (context == NULL || !context->vhost_list) + return 1; + + pt = &context->pt[tsi]; + + if (!pt->service_tid_detected) { + struct lws _lws; + + memset(&_lws, 0, sizeof(_lws)); + _lws.context = context; + + pt->service_tid = context->vhost_list-> + protocols[0].callback(&_lws, LWS_CALLBACK_GET_THREAD_ID, + NULL, NULL, 0); + pt->service_tid_detected = 1; + } + + if (timeout_ms < 0) { + if (lws_service_flag_pending(context, tsi)) { + /* any socket with events to service? */ + for (n = 0; n < (int)pt->fds_count; n++) { + int m; + if (!pt->fds[n].revents) + continue; + + m = lws_service_fd_tsi(context, &pt->fds[n], tsi); + if (m < 0) + return -1; + /* if something closed, retry this slot */ + if (m) + n--; + } + } + return 0; + } + + if (context->event_loop_ops->run_pt) + context->event_loop_ops->run_pt(context, tsi); + + for (i = 0; i < pt->fds_count; ++i) { + pfd = &pt->fds[i]; + + if (!(pfd->events & LWS_POLLOUT)) + continue; + + wsi = wsi_from_fd(context, pfd->fd); + if (!wsi || wsi->listener) + continue; + if (wsi->sock_send_blocking) + continue; + pfd->revents = LWS_POLLOUT; + n = lws_service_fd(context, pfd); + if (n < 0) + return -1; + + /* Force WSAWaitForMultipleEvents() to check events and then return immediately. */ + timeout_ms = 0; + + /* if something closed, retry this slot */ + if (n) + i--; + } + + /* + * is there anybody with pending stuff that needs service forcing? + */ + if (!lws_service_adjust_timeout(context, 1, tsi)) { + /* -1 timeout means just do forced service */ + _lws_plat_service_tsi(context, -1, pt->tid); + /* still somebody left who wants forced service? */ + if (!lws_service_adjust_timeout(context, 1, pt->tid)) + /* yes... come back again quickly */ + timeout_ms = 0; + } + + if (timeout_ms) { + lws_usec_t t; + + lws_pt_lock(pt, __func__); + /* don't stay in poll wait longer than next hr timeout */ + t = __lws_hrtimer_service(pt); + + if ((lws_usec_t)timeout_ms * 1000 > t) + timeout_ms = (int)(t / 1000); + lws_pt_unlock(pt); + } + + ev = WSAWaitForMultipleEvents(1, &pt->events, FALSE, timeout_ms, FALSE); + if (ev == WSA_WAIT_EVENT_0) { + unsigned int eIdx; + + WSAResetEvent(pt->events); + + if (pt->context->tls_ops && + pt->context->tls_ops->fake_POLLIN_for_buffered) + pt->context->tls_ops->fake_POLLIN_for_buffered(pt); + + for (eIdx = 0; eIdx < pt->fds_count; ++eIdx) { + unsigned int err; + + if (WSAEnumNetworkEvents(pt->fds[eIdx].fd, 0, + &networkevents) == SOCKET_ERROR) { + lwsl_err("WSAEnumNetworkEvents() failed " + "with error %d\n", LWS_ERRNO); + return -1; + } + + pfd = &pt->fds[eIdx]; + pfd->revents = (short)networkevents.lNetworkEvents; + + err = networkevents.iErrorCode[FD_CONNECT_BIT]; + + if ((networkevents.lNetworkEvents & FD_CONNECT) && + err && err != LWS_EALREADY && + err != LWS_EINPROGRESS && err != LWS_EWOULDBLOCK && + err != WSAEINVAL) { + lwsl_debug("Unable to connect errno=%d\n", err); + pfd->revents |= LWS_POLLHUP; + } + + if (pfd->revents & LWS_POLLOUT) { + wsi = wsi_from_fd(context, pfd->fd); + if (wsi) + wsi->sock_send_blocking = 0; + } + /* if something closed, retry this slot */ + if (pfd->revents & LWS_POLLHUP) + --eIdx; + + if (pfd->revents) { + recv(pfd->fd, NULL, 0, 0); + lws_service_fd_tsi(context, pfd, tsi); + } + } + } + + if (ev == WSA_WAIT_TIMEOUT) + lws_service_fd(context, NULL); + + return 0; +} + +int +lws_plat_service(struct lws_context *context, int timeout_ms) +{ + return _lws_plat_service_tsi(context, timeout_ms, 0); +} + + + +void +lws_plat_service_periodic(struct lws_context *context) +{ +} + diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c b/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c new file mode 100644 index 0000000000..62a0a49846 --- /dev/null +++ b/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c @@ -0,0 +1,288 @@ +#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS +#define _WINSOCK_DEPRECATED_NO_WARNINGS +#endif +#include "core/private.h" + + +LWS_VISIBLE int +lws_send_pipe_choked(struct lws *wsi) +{ struct lws *wsi_eff; + +#if defined(LWS_WITH_HTTP2) + wsi_eff = lws_get_network_wsi(wsi); +#else + wsi_eff = wsi; +#endif + /* the fact we checked implies we avoided back-to-back writes */ + wsi_eff->could_have_pending = 0; + + /* treat the fact we got a truncated send pending as if we're choked */ + if (lws_has_buffered_out(wsi_eff) +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + ||wsi->http.comp_ctx.buflist_comp || + wsi->http.comp_ctx.may_have_more +#endif + ) + return 1; + + return (int)wsi_eff->sock_send_blocking; +} + +int +lws_poll_listen_fd(struct lws_pollfd *fd) +{ + fd_set readfds; + struct timeval tv = { 0, 0 }; + + assert((fd->events & LWS_POLLIN) == LWS_POLLIN); + + FD_ZERO(&readfds); + FD_SET(fd->fd, &readfds); + + return select(((int)fd->fd) + 1, &readfds, NULL, NULL, &tv); +} + +int +lws_plat_set_socket_options(struct lws_vhost *vhost, lws_sockfd_type fd, + int unix_skt) +{ + int optval = 1; + int optlen = sizeof(optval); + u_long optl = 1; + DWORD dwBytesRet; + struct tcp_keepalive alive; + int protonbr; +#ifndef _WIN32_WCE + struct protoent *tcp_proto; +#endif + +#ifdef LWS_WITH_IPV6 + optval = 0; + setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, (const void*)&optval, optlen); +#endif + + if (vhost->ka_time) { + /* enable keepalive on this socket */ + optval = 1; + if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, + (const char *)&optval, optlen) < 0) + return 1; + + alive.onoff = TRUE; + alive.keepalivetime = vhost->ka_time; + alive.keepaliveinterval = vhost->ka_interval; + + if (WSAIoctl(fd, SIO_KEEPALIVE_VALS, &alive, sizeof(alive), + NULL, 0, &dwBytesRet, NULL, NULL)) + return 1; + } + + /* Disable Nagle */ + optval = 1; +#ifndef _WIN32_WCE + tcp_proto = getprotobyname("TCP"); + if (!tcp_proto) { + lwsl_err("getprotobyname() failed with error %d\n", LWS_ERRNO); + return 1; + } + protonbr = tcp_proto->p_proto; +#else + protonbr = 6; +#endif + + setsockopt(fd, protonbr, TCP_NODELAY, (const char *)&optval, optlen); + + /* We are nonblocking... */ + ioctlsocket(fd, FIONBIO, &optl); + + return 0; +} + + +LWS_EXTERN int +lws_interface_to_sa(int ipv6, + const char *ifname, struct sockaddr_in *addr, size_t addrlen) +{ +#ifdef LWS_WITH_IPV6 + struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr; + + if (ipv6) { + if (lws_plat_inet_pton(AF_INET6, ifname, &addr6->sin6_addr) == 1) { + return LWS_ITOSA_USABLE; + } + } +#endif + + long long address = inet_addr(ifname); + + if (address == INADDR_NONE) { + struct hostent *entry = gethostbyname(ifname); + if (entry) + address = ((struct in_addr *)entry->h_addr_list[0])->s_addr; + } + + if (address == INADDR_NONE) + return LWS_ITOSA_NOT_EXIST; + + addr->sin_addr.s_addr = (unsigned long)(lws_intptr_t)address; + + return LWS_ITOSA_USABLE; +} + +void +lws_plat_insert_socket_into_fds(struct lws_context *context, struct lws *wsi) +{ + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + + pt->fds[pt->fds_count++].revents = 0; + WSAEventSelect(wsi->desc.sockfd, pt->events, + LWS_POLLIN | LWS_POLLHUP | FD_CONNECT); +} + +void +lws_plat_delete_socket_from_fds(struct lws_context *context, + struct lws *wsi, int m) +{ + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + + pt->fds_count--; +} + + +int +lws_plat_check_connection_error(struct lws *wsi) +{ + int optVal; + int optLen = sizeof(int); + + if (getsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_ERROR, + (char*)&optVal, &optLen) != SOCKET_ERROR && optVal && + optVal != LWS_EALREADY && optVal != LWS_EINPROGRESS && + optVal != LWS_EWOULDBLOCK && optVal != WSAEINVAL) { + lwsl_debug("Connect failed SO_ERROR=%d\n", optVal); + return 1; + } + + return 0; +} + +int +lws_plat_change_pollfd(struct lws_context *context, + struct lws *wsi, struct lws_pollfd *pfd) +{ + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + long networkevents = LWS_POLLHUP | FD_CONNECT; + + if ((pfd->events & LWS_POLLIN)) + networkevents |= LWS_POLLIN; + + if ((pfd->events & LWS_POLLOUT)) + networkevents |= LWS_POLLOUT; + + if (WSAEventSelect(wsi->desc.sockfd, pt->events, + networkevents) != SOCKET_ERROR) + return 0; + + lwsl_err("WSAEventSelect() failed with error %d\n", LWS_ERRNO); + + return 1; +} + +const char * +lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt) +{ + WCHAR *buffer; + DWORD bufferlen = cnt; + BOOL ok = FALSE; + + buffer = lws_malloc(bufferlen * 2, "inet_ntop"); + if (!buffer) { + lwsl_err("Out of memory\n"); + return NULL; + } + + if (af == AF_INET) { + struct sockaddr_in srcaddr; + bzero(&srcaddr, sizeof(srcaddr)); + srcaddr.sin_family = AF_INET; + memcpy(&(srcaddr.sin_addr), src, sizeof(srcaddr.sin_addr)); + + if (!WSAAddressToStringW((struct sockaddr*)&srcaddr, sizeof(srcaddr), 0, buffer, &bufferlen)) + ok = TRUE; +#ifdef LWS_WITH_IPV6 + } else if (af == AF_INET6) { + struct sockaddr_in6 srcaddr; + bzero(&srcaddr, sizeof(srcaddr)); + srcaddr.sin6_family = AF_INET6; + memcpy(&(srcaddr.sin6_addr), src, sizeof(srcaddr.sin6_addr)); + + if (!WSAAddressToStringW((struct sockaddr*)&srcaddr, sizeof(srcaddr), 0, buffer, &bufferlen)) + ok = TRUE; +#endif + } else + lwsl_err("Unsupported type\n"); + + if (!ok) { + int rv = WSAGetLastError(); + lwsl_err("WSAAddressToString() : %d\n", rv); + } else { + if (WideCharToMultiByte(CP_ACP, 0, buffer, bufferlen, dst, cnt, 0, NULL) <= 0) + ok = FALSE; + } + + lws_free(buffer); + return ok ? dst : NULL; +} + +int +lws_plat_inet_pton(int af, const char *src, void *dst) +{ + WCHAR *buffer; + DWORD bufferlen = (int)strlen(src) + 1; + BOOL ok = FALSE; + + buffer = lws_malloc(bufferlen * 2, "inet_pton"); + if (!buffer) { + lwsl_err("Out of memory\n"); + return -1; + } + + if (MultiByteToWideChar(CP_ACP, 0, src, bufferlen, buffer, bufferlen) <= 0) { + lwsl_err("Failed to convert multi byte to wide char\n"); + lws_free(buffer); + return -1; + } + + if (af == AF_INET) { + struct sockaddr_in dstaddr; + int dstaddrlen = sizeof(dstaddr); + bzero(&dstaddr, sizeof(dstaddr)); + dstaddr.sin_family = AF_INET; + + if (!WSAStringToAddressW(buffer, af, 0, (struct sockaddr *) &dstaddr, &dstaddrlen)) { + ok = TRUE; + memcpy(dst, &dstaddr.sin_addr, sizeof(dstaddr.sin_addr)); + } +#ifdef LWS_WITH_IPV6 + } else if (af == AF_INET6) { + struct sockaddr_in6 dstaddr; + int dstaddrlen = sizeof(dstaddr); + bzero(&dstaddr, sizeof(dstaddr)); + dstaddr.sin6_family = AF_INET6; + + if (!WSAStringToAddressW(buffer, af, 0, (struct sockaddr *) &dstaddr, &dstaddrlen)) { + ok = TRUE; + memcpy(dst, &dstaddr.sin6_addr, sizeof(dstaddr.sin6_addr)); + } +#endif + } else + lwsl_err("Unsupported type\n"); + + if (!ok) { + int rv = WSAGetLastError(); + lwsl_err("WSAAddressToString() : %d\n", rv); + } + + lws_free(buffer); + return ok ? 1 : -1; +} diff --git a/thirdparty/libwebsockets/roles/h1/ops-h1.c b/thirdparty/libwebsockets/lib/roles/h1/ops-h1.c index 9001c864ea..2fa0fe16e4 100644 --- a/thirdparty/libwebsockets/roles/h1/ops-h1.c +++ b/thirdparty/libwebsockets/lib/roles/h1/ops-h1.c @@ -42,7 +42,7 @@ lws_read_h1(struct lws *wsi, unsigned char *buf, lws_filepos_t len) lws_filepos_t body_chunk_len; size_t n; - // lwsl_notice("%s: h1 path: wsi state 0x%x\n", __func__, lwsi_state(wsi)); + lwsl_debug("%s: h1 path: wsi state 0x%x\n", __func__, lwsi_state(wsi)); switch (lwsi_state(wsi)) { @@ -90,7 +90,6 @@ lws_read_h1(struct lws *wsi, unsigned char *buf, lws_filepos_t len) * appropriately: */ len -= (buf - last_char); -// lwsl_debug("%s: thinks we have used %ld\n", __func__, (long)len); if (!wsi->hdr_parsing_completed) /* More header content on the way */ @@ -119,6 +118,10 @@ lws_read_h1(struct lws *wsi, unsigned char *buf, lws_filepos_t len) http_postbody: lwsl_debug("%s: http post body: remain %d\n", __func__, (int)wsi->http.rx_content_remain); + + if (!wsi->http.rx_content_remain) + goto postbody_completion; + while (len && wsi->http.rx_content_remain) { /* Copy as much as possible, up to the limit of: * what we have in the read buffer (len) @@ -158,7 +161,8 @@ http_postbody: buf += n; if (wsi->http.rx_content_remain) { - lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT, + lws_set_timeout(wsi, + PENDING_TIMEOUT_HTTP_CONTENT, wsi->context->timeout_secs); break; } @@ -221,7 +225,7 @@ ws_mode: break; case LRS_DEFERRING_ACTION: - lwsl_debug("%s: LRS_DEFERRING_ACTION\n", __func__); + lwsl_notice("%s: LRS_DEFERRING_ACTION\n", __func__); break; case LRS_SSL_ACK_PENDING: @@ -311,7 +315,8 @@ lws_h1_server_socket_service(struct lws *wsi, struct lws_pollfd *pollfd) lwsi_state(wsi) == LRS_BODY)) { if (!wsi->http.ah && lws_header_table_attach(wsi, 0)) { - lwsl_info("%s: wsi %p: ah not available\n", __func__, wsi); + lwsl_info("%s: wsi %p: ah not available\n", __func__, + wsi); goto try_pollout; } @@ -337,7 +342,8 @@ lws_h1_server_socket_service(struct lws *wsi, struct lws_pollfd *pollfd) * and draining the extensions */ if (wsi->ws && - (wsi->ws->rx_draining_ext || wsi->ws->tx_draining_ext)) + (wsi->ws->rx_draining_ext || + wsi->ws->tx_draining_ext)) goto try_pollout; #endif /* @@ -445,10 +451,9 @@ try_pollout: if (lwsi_state(wsi) != LRS_ISSUING_FILE) { - if (wsi->trunc_len) { + if (lws_has_buffered_out(wsi)) { //lwsl_notice("%s: completing partial\n", __func__); - if (lws_issue_raw(wsi, wsi->trunc_alloc + wsi->trunc_offset, - wsi->trunc_len) < 0) { + if (lws_issue_raw(wsi, NULL, 0) < 0) { lwsl_info("%s signalling to close\n", __func__); goto fail; } @@ -459,7 +464,7 @@ try_pollout: LWSSTATS_C_WRITEABLE_CB, 1); #if defined(LWS_WITH_STATS) if (wsi->active_writable_req_us) { - uint64_t ul = time_in_microseconds() - + uint64_t ul = lws_time_in_microseconds() - wsi->active_writable_req_us; lws_stats_atomic_bump(wsi->context, pt, @@ -519,6 +524,58 @@ rops_handle_POLLIN_h1(struct lws_context_per_thread *pt, struct lws *wsi, } #endif +#if 0 + + /* + * !!! lws_serve_http_file_fragment() seems to duplicate most of + * lws_handle_POLLOUT_event() in its own loop... + */ + lwsl_debug("%s: %d %d\n", __func__, (pollfd->revents & LWS_POLLOUT), + lwsi_state_can_handle_POLLOUT(wsi)); + + if ((pollfd->revents & LWS_POLLOUT) && + lwsi_state_can_handle_POLLOUT(wsi) && + lws_handle_POLLOUT_event(wsi, pollfd)) { + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) + lwsi_set_state(wsi, LRS_FLUSHING_BEFORE_CLOSE); + /* the write failed... it's had it */ + wsi->socket_is_permanently_unusable = 1; + + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } +#endif + + + /* Priority 2: pre- compression transform */ + +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + if (wsi->http.comp_ctx.buflist_comp || + wsi->http.comp_ctx.may_have_more) { + enum lws_write_protocol wp = LWS_WRITE_HTTP; + + lwsl_info("%s: completing comp partial (buflist_comp %p, may %d)\n", + __func__, wsi->http.comp_ctx.buflist_comp, + wsi->http.comp_ctx.may_have_more + ); + + if (wsi->role_ops->write_role_protocol(wsi, NULL, 0, &wp) < 0) { + lwsl_info("%s signalling to close\n", __func__); + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + lws_callback_on_writable(wsi); + + if (!wsi->http.comp_ctx.buflist_comp && + !wsi->http.comp_ctx.may_have_more && + wsi->http.deferred_transaction_completed) { + wsi->http.deferred_transaction_completed = 0; + if (lws_http_transaction_completed(wsi)) + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + + return LWS_HPI_RET_HANDLED; + } +#endif + if (lws_is_flowcontrolled(wsi)) /* We cannot deal with any kind of new RX because we are * RX-flowcontrolled. @@ -529,12 +586,14 @@ rops_handle_POLLIN_h1(struct lws_context_per_thread *pt, struct lws *wsi, if (!lwsi_role_client(wsi)) { int n; - lwsl_debug("%s: %p: wsistate 0x%x\n", __func__, wsi, wsi->wsistate); + lwsl_debug("%s: %p: wsistate 0x%x\n", __func__, wsi, + wsi->wsistate); n = lws_h1_server_socket_service(wsi, pollfd); if (n != LWS_HPI_RET_HANDLED) return n; if (lwsi_state(wsi) != LRS_SSL_INIT) - if (lws_server_socket_service_ssl(wsi, LWS_SOCK_INVALID)) + if (lws_server_socket_service_ssl(wsi, + LWS_SOCK_INVALID)) return LWS_HPI_RET_PLEASE_CLOSE_ME; return LWS_HPI_RET_HANDLED; @@ -564,10 +623,9 @@ rops_handle_POLLIN_h1(struct lws_context_per_thread *pt, struct lws *wsi, /* let user code know, he'll usually ask for writeable * callback and drain / re-enable it there */ - if (user_callback_handle_rxflow( - wsi->protocol->callback, - wsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP, - wsi->user_space, NULL, 0)) { + if (user_callback_handle_rxflow(wsi->protocol->callback, wsi, + LWS_CALLBACK_RECEIVE_CLIENT_HTTP, + wsi->user_space, NULL, 0)) { lwsl_info("RECEIVE_CLIENT_HTTP closed it\n"); return LWS_HPI_RET_PLEASE_CLOSE_ME; } @@ -608,19 +666,68 @@ static int rops_write_role_protocol_h1(struct lws *wsi, unsigned char *buf, size_t len, enum lws_write_protocol *wp) { -#if 0 - /* if not in a state to send stuff, then just send nothing */ + size_t olen = len; + int n; + +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + if (wsi->http.lcs && (((*wp) & 0x1f) == LWS_WRITE_HTTP_FINAL || + ((*wp) & 0x1f) == LWS_WRITE_HTTP)) { + unsigned char mtubuf[1400 + LWS_PRE + + LWS_HTTP_CHUNK_HDR_MAX_SIZE + + LWS_HTTP_CHUNK_TRL_MAX_SIZE], + *out = mtubuf + LWS_PRE + + LWS_HTTP_CHUNK_HDR_MAX_SIZE; + size_t o = sizeof(mtubuf) - LWS_PRE - + LWS_HTTP_CHUNK_HDR_MAX_SIZE - + LWS_HTTP_CHUNK_TRL_MAX_SIZE; + + n = lws_http_compression_transform(wsi, buf, len, wp, &out, &o); + if (n) + return n; - if ((lwsi_state(wsi) != LRS_RETURNED_CLOSE && - lwsi_state(wsi) != LRS_WAITING_TO_SEND_CLOSE && - lwsi_state(wsi) != LRS_AWAITING_CLOSE_ACK)) { - //assert(0); - lwsl_debug("binning %d %d\n", lwsi_state(wsi), *wp); - return 0; + lwsl_info("%s: %p: transformed %d bytes to %d " + "(wp 0x%x, more %d)\n", __func__, wsi, (int)len, + (int)o, (int)*wp, wsi->http.comp_ctx.may_have_more); + + if (!o) + return olen; + + if (wsi->http.comp_ctx.chunking) { + char c[LWS_HTTP_CHUNK_HDR_MAX_SIZE + 2]; + /* + * this only needs dealing with on http/1.1 to allow + * pipelining + */ + n = lws_snprintf(c, sizeof(c), "%X\x0d\x0a", (int)o); + lwsl_info("%s: chunk (%d) %s", __func__, (int)o, c); + out -= n; + o += n; + memcpy(out, c, n); + out[o++] = '\x0d'; + out[o++] = '\x0a'; + + if (((*wp) & 0x1f) == LWS_WRITE_HTTP_FINAL) { + lwsl_info("%s: final chunk\n", __func__); + out[o++] = '0'; + out[o++] = '\x0d'; + out[o++] = '\x0a'; + out[o++] = '\x0d'; + out[o++] = '\x0a'; + } + } + + buf = out; + len = o; } #endif - return lws_issue_raw(wsi, (unsigned char *)buf, len); + n = lws_issue_raw(wsi, (unsigned char *)buf, len); + if (n < 0) + return n; + + /* hide there may have been compression */ + + return (int)olen; } static int @@ -666,12 +773,230 @@ rops_destroy_role_h1(struct lws *wsi) ah = ah->next; } +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + lws_http_compression_destroy(wsi); +#endif + #ifdef LWS_ROLE_WS lws_free_set_NULL(wsi->ws); #endif return 0; } +#if !defined(LWS_NO_SERVER) + +static int +rops_adoption_bind_h1(struct lws *wsi, int type, const char *vh_prot_name) +{ + if (!(type & LWS_ADOPT_HTTP)) + return 0; /* no match */ + + + if (type & _LWS_ADOPT_FINISH) { + if (!lws_header_table_attach(wsi, 0)) + lwsl_debug("Attached ah immediately\n"); + else + lwsl_info("%s: waiting for ah\n", __func__); + + return 1; + } + + lws_role_transition(wsi, LWSIFR_SERVER, (type & LWS_ADOPT_ALLOW_SSL) ? + LRS_SSL_INIT : LRS_HEADERS, &role_ops_h1); + + if (!vh_prot_name) + wsi->protocol = &wsi->vhost->protocols[ + wsi->vhost->default_protocol_index]; + + /* the transport is accepted... give him time to negotiate */ + lws_set_timeout(wsi, PENDING_TIMEOUT_ESTABLISH_WITH_SERVER, + wsi->context->timeout_secs); + + return 1; /* bound */ +} + +#endif + +#if !defined(LWS_NO_CLIENT) + +static const char * const http_methods[] = { + "GET", "POST", "OPTIONS", "PUT", "PATCH", "DELETE", "CONNECT" +}; + +static int +rops_client_bind_h1(struct lws *wsi, const struct lws_client_connect_info *i) +{ + int n; + + if (!i) { + /* we are finalizing an already-selected role */ + + /* + * If we stay in http, assuming there wasn't already-set + * external user_space, since we know our initial protocol + * we can assign the user space now, otherwise do it after the + * ws subprotocol negotiated + */ + if (!wsi->user_space && wsi->stash->method) + if (lws_ensure_user_space(wsi)) + return 1; + + /* + * For ws, default to http/1.1 only. If i->alpn had been set + * though, defer to whatever he has set in there (eg, "h2"). + * + * The problem is he has to commit to h2 before he can find + * out if the server has the SETTINGS for ws-over-h2 enabled; + * if not then ws is not possible on that connection. So we + * only try h2 if he assertively said to use h2 alpn, otherwise + * ws implies alpn restriction to h1. + */ + if (!wsi->stash->method && !wsi->stash->alpn) { + wsi->stash->alpn = lws_strdup("http/1.1"); + if (!wsi->stash->alpn) + return 1; + } + + /* if we went on the ah waiting list, it's ok, we can wait. + * + * When we do get the ah, now or later, he will end up at + * lws_http_client_connect_via_info2(). + */ + if (lws_header_table_attach(wsi, 0) < 0) + /* + * if we failed here, the connection is already closed + * and freed. + */ + return -1; + + return 0; + } + + /* + * Clients that want to be h1, h2, or ws all start out as h1 + * (we don't yet know if the server supports h2 or ws) + */ + + if (!i->method) { /* websockets */ +#if defined(LWS_ROLE_WS) + if (lws_create_client_ws_object(i, wsi)) + goto fail_wsi; +#else + lwsl_err("%s: ws role not configured\n", __func__); + + goto fail_wsi; +#endif + goto bind_h1; + } + + /* if a recognized http method, bind to it */ + + for (n = 0; n < (int)LWS_ARRAY_SIZE(http_methods); n++) + if (!strcmp(i->method, http_methods[n])) + goto bind_h1; + + /* other roles may bind to it */ + + return 0; /* no match */ + +bind_h1: + /* assert the mode and union status (hdr) clearly */ + lws_role_transition(wsi, LWSIFR_CLIENT, LRS_UNCONNECTED, &role_ops_h1); + + return 1; /* matched */ + +fail_wsi: + return -1; +} +#endif + +#if 0 +static int +rops_perform_user_POLLOUT_h1(struct lws *wsi) +{ + volatile struct lws *vwsi = (volatile struct lws *)wsi; + int n; + + /* priority 1: post compression-transform buffered output */ + + if (lws_has_buffered_out(wsi)) { + lwsl_debug("%s: completing partial\n", __func__); + if (lws_issue_raw(wsi, NULL, 0) < 0) { + lwsl_info("%s signalling to close\n", __func__); + return -1; + } + n = 0; + vwsi->leave_pollout_active = 1; + goto cleanup; + } + + /* priority 2: pre compression-transform buffered output */ + +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + if (wsi->http.comp_ctx.buflist_comp || + wsi->http.comp_ctx.may_have_more) { + enum lws_write_protocol wp = LWS_WRITE_HTTP; + + lwsl_info("%s: completing comp partial" + "(buflist_comp %p, may %d)\n", + __func__, wsi->http.comp_ctx.buflist_comp, + wsi->http.comp_ctx.may_have_more); + + if (rops_write_role_protocol_h1(wsi, NULL, 0, &wp) < 0) { + lwsl_info("%s signalling to close\n", __func__); + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "comp write fail"); + } + n = 0; + vwsi->leave_pollout_active = 1; + goto cleanup; + } +#endif + + /* priority 3: if no buffered out and waiting for that... */ + + if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE) { + wsi->socket_is_permanently_unusable = 1; + return -1; + } + + /* priority 4: user writeable callback */ + + vwsi = (volatile struct lws *)wsi; + vwsi->leave_pollout_active = 0; + + n = lws_callback_as_writeable(wsi); + +cleanup: + vwsi->handling_pollout = 0; + + if (vwsi->leave_pollout_active) + lws_change_pollfd(wsi, 0, LWS_POLLOUT); + + return n; +} +#endif + +static int +rops_close_kill_connection_h1(struct lws *wsi, enum lws_close_status reason) +{ +#if defined(LWS_WITH_HTTP_PROXY) + struct lws *wsi_eff = lws_client_wsi_effective(wsi); + + if (!wsi_eff->http.proxy_clientside) + return 0; + + wsi_eff->http.proxy_clientside = 0; + + if (user_callback_handle_rxflow(wsi_eff->protocol->callback, wsi_eff, + LWS_CALLBACK_COMPLETED_CLIENT_HTTP, + wsi_eff->user_space, NULL, 0)) + return 0; +#endif + return 0; +} + + struct lws_role_ops role_ops_h1 = { /* role name */ "h1", /* alpn id */ "http/1.1", @@ -691,11 +1016,25 @@ struct lws_role_ops role_ops_h1 = { /* alpn_negotiated */ rops_alpn_negotiated_h1, /* close_via_role_protocol */ NULL, /* close_role */ NULL, - /* close_kill_connection */ NULL, + /* close_kill_connection */ rops_close_kill_connection_h1, /* destroy_role */ rops_destroy_role_h1, +#if !defined(LWS_NO_SERVER) + /* adoption_bind */ rops_adoption_bind_h1, +#else + NULL, +#endif +#if !defined(LWS_NO_CLIENT) + /* client_bind */ rops_client_bind_h1, +#else + NULL, +#endif /* writeable cb clnt, srv */ { LWS_CALLBACK_CLIENT_HTTP_WRITEABLE, LWS_CALLBACK_HTTP_WRITEABLE }, /* close cb clnt, srv */ { LWS_CALLBACK_CLOSED_CLIENT_HTTP, LWS_CALLBACK_CLOSED_HTTP }, + /* protocol_bind cb c, srv */ { LWS_CALLBACK_CLIENT_HTTP_BIND_PROTOCOL, + LWS_CALLBACK_HTTP_BIND_PROTOCOL }, + /* protocol_unbind cb c, srv */ { LWS_CALLBACK_CLIENT_HTTP_DROP_PROTOCOL, + LWS_CALLBACK_HTTP_DROP_PROTOCOL }, /* file_handle */ 0, }; diff --git a/thirdparty/libwebsockets/roles/h1/private.h b/thirdparty/libwebsockets/lib/roles/h1/private.h index 3f53954d33..3f53954d33 100644 --- a/thirdparty/libwebsockets/roles/h1/private.h +++ b/thirdparty/libwebsockets/lib/roles/h1/private.h diff --git a/thirdparty/libwebsockets/roles/http/client/client-handshake.c b/thirdparty/libwebsockets/lib/roles/http/client/client-handshake.c index 0095c79a69..6b4e98f346 100644 --- a/thirdparty/libwebsockets/roles/http/client/client-handshake.c +++ b/thirdparty/libwebsockets/lib/roles/http/client/client-handshake.c @@ -37,9 +37,14 @@ lws_client_connect_2(struct lws *wsi) ssize_t plen = 0; #endif struct addrinfo *result; +#if defined(LWS_WITH_UNIX_SOCK) + struct sockaddr_un sau; + char unix_skt = 0; +#endif const char *ads; sockaddr46 sa46; - int n, port; + const struct sockaddr *psa; + int n, port = 0; const char *cce = "", *iface; const char *meth = NULL; #ifdef LWS_WITH_IPV6 @@ -126,7 +131,7 @@ lws_client_connect_2(struct lws *wsi) } #endif - lwsl_info("applying %p to txn queue on %p (wsistate 0x%x)\n", + lwsl_info("applying %p to txn queue on %p state 0x%x\n", wsi, w, w->wsistate); /* * ...let's add ourselves to his transaction queue... @@ -177,12 +182,36 @@ create_new_conn: lws_dll_is_null(&wsi->dll_client_transaction_queue) && lws_dll_is_null(&wsi->dll_active_client_conns)) { lws_vhost_lock(wsi->vhost); + /* caution... we will have to unpick this on oom4 path */ lws_dll_lws_add_front(&wsi->dll_active_client_conns, &wsi->vhost->dll_active_client_conns); lws_vhost_unlock(wsi->vhost); } /* + * unix socket destination? + */ + + ads = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); +#if defined(LWS_WITH_UNIX_SOCK) + if (*ads == '+') { + ads++; + memset(&sau, 0, sizeof(sau)); + sau.sun_family = AF_UNIX; + strncpy(sau.sun_path, ads, sizeof(sau.sun_path)); + sau.sun_path[sizeof(sau.sun_path) - 1] = '\0'; + + lwsl_info("%s: Unix skt: %s\n", __func__, ads); + + if (sau.sun_path[0] == '@') + sau.sun_path[0] = '\0'; + + unix_skt = 1; + goto ads_known; + } +#endif + + /* * start off allowing ipv6 on connection if vhost allows it */ wsi->ipv6 = LWS_IPV6_ENABLED(wsi->vhost); @@ -241,10 +270,9 @@ create_new_conn: #ifdef LWS_WITH_IPV6 if (wsi->ipv6) { - struct sockaddr_in6 *sa6 = - ((struct sockaddr_in6 *)result->ai_addr); + struct sockaddr_in6 *sa6; - if (n) { + if (n || !result) { /* lws_getaddrinfo46 failed, there is no usable result */ lwsl_notice("%s: lws_getaddrinfo46 failed %d\n", __func__, n); @@ -252,6 +280,8 @@ create_new_conn: goto oom4; } + sa6 = ((struct sockaddr_in6 *)result->ai_addr); + memset(&sa46, 0, sizeof(sa46)); sa46.sa6.sin6_family = AF_INET6; @@ -307,7 +337,7 @@ create_new_conn: } else if (n == EAI_SYSTEM) { struct hostent *host; - lwsl_info("getaddrinfo (ipv4) failed, trying gethostbyname\n"); + lwsl_info("ipv4 getaddrinfo err, try gethostbyname\n"); host = gethostbyname(ads); if (host) { p = host->h_addr; @@ -318,7 +348,7 @@ create_new_conn: } #endif } else { - lwsl_err("getaddrinfo failed\n"); + lwsl_err("getaddrinfo failed: %d\n", n); cce = "getaddrinfo failed"; goto oom4; } @@ -339,6 +369,10 @@ create_new_conn: if (result) freeaddrinfo(result); +#if defined(LWS_WITH_UNIX_SOCK) +ads_known: +#endif + /* now we decided on ipv4 or ipv6, set the port */ if (!lws_socket_is_valid(wsi->desc.sockfd)) { @@ -349,12 +383,21 @@ create_new_conn: goto oom4; } +#if defined(LWS_WITH_UNIX_SOCK) + if (unix_skt) { + wsi->unix_skt = 1; + wsi->desc.sockfd = socket(AF_UNIX, SOCK_STREAM, 0); + } else +#endif + { + #ifdef LWS_WITH_IPV6 if (wsi->ipv6) wsi->desc.sockfd = socket(AF_INET6, SOCK_STREAM, 0); else #endif wsi->desc.sockfd = socket(AF_INET, SOCK_STREAM, 0); + } if (!lws_socket_is_valid(wsi->desc.sockfd)) { lwsl_warn("Unable to open socket\n"); @@ -362,7 +405,12 @@ create_new_conn: goto oom4; } - if (lws_plat_set_socket_options(wsi->vhost, wsi->desc.sockfd)) { + if (lws_plat_set_socket_options(wsi->vhost, wsi->desc.sockfd, +#if defined(LWS_WITH_UNIX_SOCK) + unix_skt)) { +#else + 0)) { +#endif lwsl_err("Failed to set wsi socket options\n"); compatible_close(wsi->desc.sockfd); cce = "set socket opts failed"; @@ -372,7 +420,11 @@ create_new_conn: lwsi_set_state(wsi, LRS_WAITING_CONNECT); if (wsi->context->event_loop_ops->accept) - wsi->context->event_loop_ops->accept(wsi); + if (wsi->context->event_loop_ops->accept(wsi)) { + compatible_close(wsi->desc.sockfd); + cce = "event loop accept failed"; + goto oom4; + } if (__insert_wsi_socket_into_fds(wsi->context, wsi)) { compatible_close(wsi->desc.sockfd); @@ -399,7 +451,8 @@ create_new_conn: iface = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_IFACE); if (iface) { - n = lws_socket_bind(wsi->vhost, wsi->desc.sockfd, 0, iface); + n = lws_socket_bind(wsi->vhost, wsi->desc.sockfd, 0, + iface); if (n < 0) { cce = "unable to bind socket"; goto failed; @@ -407,18 +460,29 @@ create_new_conn: } } -#ifdef LWS_WITH_IPV6 - if (wsi->ipv6) { - sa46.sa6.sin6_port = htons(port); - n = sizeof(struct sockaddr_in6); +#if defined(LWS_WITH_UNIX_SOCK) + if (unix_skt) { + psa = (const struct sockaddr *)&sau; + n = sizeof(sau); } else #endif + { - sa46.sa4.sin_port = htons(port); - n = sizeof(struct sockaddr); +#ifdef LWS_WITH_IPV6 + if (wsi->ipv6) { + sa46.sa6.sin6_port = htons(port); + n = sizeof(struct sockaddr_in6); + psa = (const struct sockaddr *)&sa46; + } else +#endif + { + sa46.sa4.sin_port = htons(port); + n = sizeof(struct sockaddr); + psa = (const struct sockaddr *)&sa46; + } } - if (connect(wsi->desc.sockfd, (const struct sockaddr *)&sa46, n) == -1 || + if (connect(wsi->desc.sockfd, (const struct sockaddr *)psa, n) == -1 || LWS_ERRNO == LWS_EISCONN) { if (LWS_ERRNO == LWS_EALREADY || LWS_ERRNO == LWS_EINPROGRESS || @@ -500,7 +564,8 @@ create_new_conn: goto failed; } - lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SOCKS_GREETING_REPLY, + lws_set_timeout(wsi, + PENDING_TIMEOUT_AWAITING_SOCKS_GREETING_REPLY, AWAITING_TIMEOUT); lwsi_set_state(wsi, LRS_WAITING_SOCKS_GREETING_REPLY); @@ -531,7 +596,7 @@ send_hs: * wait in the queue until it's possible to send them. */ lws_callback_on_writable(wsi_piggyback); - lwsl_info("%s: wsi %p: waiting to send headers (parent state %x)\n", + lwsl_info("%s: wsi %p: waiting to send hdrs (par state 0x%x)\n", __func__, wsi, lwsi_state(wsi_piggyback)); } else { lwsl_info("%s: wsi %p: client creating own connection\n", @@ -570,7 +635,7 @@ send_hs: return wsi; oom4: - if (lwsi_role_client(wsi) && lwsi_state_est(wsi)) { + if (lwsi_role_client(wsi) /* && lwsi_state_est(wsi) */) { wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_CONNECTION_ERROR, wsi->user_space, (void *)cce, strlen(cce)); @@ -579,13 +644,21 @@ oom4: /* take care that we might be inserted in fds already */ if (wsi->position_in_fds_table != LWS_NO_FDS_POS) goto failed1; - lws_remove_from_timeout_list(wsi); -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - lws_header_table_detach(wsi, 0); -#endif - lws_client_stash_destroy(wsi); - lws_free_set_NULL(wsi->client_hostname_copy); - lws_free(wsi); + + /* + * We can't be an active client connection any more, if we thought + * that was what we were going to be doing. It should be if we are + * failing by oom4 path, we are still called by + * lws_client_connect_via_info() and will be returning NULL to that, + * so nobody else should have had a chance to queue on us. + */ + { + struct lws_vhost *vhost = wsi->vhost; + + lws_vhost_lock(vhost); + __lws_free_wsi(wsi); + lws_vhost_unlock(vhost); + } return NULL; @@ -603,7 +676,8 @@ failed1: #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) /** - * lws_client_reset() - retarget a connected wsi to start over with a new connection (ie, redirect) + * lws_client_reset() - retarget a connected wsi to start over with a new + * connection (ie, redirect) * this only works if still in HTTP, ie, not upgraded yet * wsi: connection to reset * address: network address of the new server @@ -716,7 +790,7 @@ lws_client_reset(struct lws **pwsi, int ssl, const char *address, int port, return *pwsi; } -#ifdef LWS_WITH_HTTP_PROXY +#if defined(LWS_WITH_HTTP_PROXY) && defined(LWS_WITH_HUBBUB) hubbub_error html_parser_cb(const hubbub_token *token, void *pw) { @@ -846,252 +920,8 @@ html_parser_cb(const hubbub_token *token, void *pw) #endif -char * -lws_strdup(const char *s) -{ - char *d = lws_malloc(strlen(s) + 1, "strdup"); - - if (d) - strcpy(d, s); - - return d; -} - -void -lws_client_stash_destroy(struct lws *wsi) -{ - if (!wsi || !wsi->stash) - return; - - lws_free_set_NULL(wsi->stash->address); - lws_free_set_NULL(wsi->stash->path); - lws_free_set_NULL(wsi->stash->host); - lws_free_set_NULL(wsi->stash->origin); - lws_free_set_NULL(wsi->stash->protocol); - lws_free_set_NULL(wsi->stash->method); - lws_free_set_NULL(wsi->stash->iface); - lws_free_set_NULL(wsi->stash->alpn); - - lws_free_set_NULL(wsi->stash); -} - -LWS_VISIBLE struct lws * -lws_client_connect_via_info(struct lws_client_connect_info *i) -{ - struct lws *wsi; - const struct lws_protocols *p; - const char *local = i->protocol; - - if (i->context->requested_kill) - return NULL; - - if (!i->context->protocol_init_done) - lws_protocol_init(i->context); - /* - * If we have .local_protocol_name, use it to select the - * local protocol handler to bind to. Otherwise use .protocol if - * http[s]. - */ - if (i->local_protocol_name) - local = i->local_protocol_name; - - wsi = lws_zalloc(sizeof(struct lws), "client wsi"); - if (wsi == NULL) - goto bail; - - wsi->context = i->context; -#if defined(LWS_ROLE_H1) - /* assert the mode and union status (hdr) clearly */ - lws_role_transition(wsi, LWSIFR_CLIENT, LRS_UNCONNECTED, &role_ops_h1); -#else - lws_role_transition(wsi, LWSIFR_CLIENT, LRS_UNCONNECTED, &role_ops_raw_skt); -#endif - wsi->desc.sockfd = LWS_SOCK_INVALID; - - /* 1) fill up the wsi with stuff from the connect_info as far as it - * can go. It's because not only is our connection async, we might - * not even be able to get ahold of an ah at this point. - */ - - if (!i->method) /* ie, ws */ -#if defined(LWS_ROLE_WS) - if (lws_create_client_ws_object(i, wsi)) - return NULL; -#else - return NULL; -#endif - - wsi->user_space = NULL; - wsi->pending_timeout = NO_PENDING_TIMEOUT; - wsi->position_in_fds_table = LWS_NO_FDS_POS; - wsi->c_port = i->port; - wsi->vhost = i->vhost; - if (!wsi->vhost) - wsi->vhost = i->context->vhost_list; - - if (!wsi->vhost) { - lwsl_err("At least one vhost in the context is required\n"); - - goto bail; - } - - wsi->protocol = &wsi->vhost->protocols[0]; - wsi->client_pipeline = !!(i->ssl_connection & LCCSCF_PIPELINE); - - /* reasonable place to start */ - lws_role_transition(wsi, LWSIFR_CLIENT, LRS_UNCONNECTED, -#if defined(LWS_ROLE_H1) - &role_ops_h1); -#else - &role_ops_raw_skt); -#endif - - /* - * 1) for http[s] connection, allow protocol selection by name - * 2) for ws[s], if local_protocol_name given also use it for - * local protocol binding... this defeats the server - * protocol negotiation if so - * - * Otherwise leave at protocols[0]... the server will tell us - * which protocol we are associated with since we can give it a - * list. - */ - if (/*(i->method || i->local_protocol_name) && */local) { - lwsl_info("binding to %s\n", local); - p = lws_vhost_name_to_protocol(wsi->vhost, local); - if (p) - wsi->protocol = p; - } - - if (wsi && !wsi->user_space && i->userdata) { - wsi->user_space_externally_allocated = 1; - wsi->user_space = i->userdata; - } else - /* if we stay in http, we can assign the user space now, - * otherwise do it after the protocol negotiated - */ - if (i->method) - if (lws_ensure_user_space(wsi)) - goto bail; - -#if defined(LWS_WITH_TLS) - wsi->tls.use_ssl = i->ssl_connection; -#else - if (i->ssl_connection & LCCSCF_USE_SSL) { - lwsl_err("libwebsockets not configured for ssl\n"); - goto bail; - } -#endif - - /* 2) stash the things from connect_info that we can't process without - * an ah. Because if no ah, we will go on the ah waiting list and - * process those things later (after the connect_info and maybe the - * things pointed to have gone out of scope. - */ - - wsi->stash = lws_zalloc(sizeof(*wsi->stash), "client stash"); - if (!wsi->stash) { - lwsl_err("%s: OOM\n", __func__); - goto bail1; - } - - wsi->stash->address = lws_strdup(i->address); - wsi->stash->path = lws_strdup(i->path); - wsi->stash->host = lws_strdup(i->host); - - if (!wsi->stash->address || !wsi->stash->path || !wsi->stash->host) - goto bail1; - - if (i->origin) { - wsi->stash->origin = lws_strdup(i->origin); - if (!wsi->stash->origin) - goto bail1; - } - if (i->protocol) { - wsi->stash->protocol = lws_strdup(i->protocol); - if (!wsi->stash->protocol) - goto bail1; - } - if (i->method) { - wsi->stash->method = lws_strdup(i->method); - if (!wsi->stash->method) - goto bail1; - } - if (i->iface) { - wsi->stash->iface = lws_strdup(i->iface); - if (!wsi->stash->iface) - goto bail1; - } - /* - * For ws, default to http/1.1 only. If i->alpn is set, defer to - * whatever he has set in there (eg, "h2"). - * - * The problem is he has to commit to h2 before he can find out if the - * server has the SETTINGS for ws-over-h2 enabled; if not then ws is - * not possible on that connection. So we only try it if he - * assertively said to use h2 alpn. - */ - if (!i->method && !i->alpn) { - wsi->stash->alpn = lws_strdup("http/1.1"); - if (!wsi->stash->alpn) - goto bail1; - } else - if (i->alpn) { - wsi->stash->alpn = lws_strdup(i->alpn); - if (!wsi->stash->alpn) - goto bail1; - } - - if (i->pwsi) - *i->pwsi = wsi; - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - /* if we went on the waiting list, no probs just return the wsi - * when we get the ah, now or later, he will call - * lws_client_connect_via_info2() below. - */ - if (lws_header_table_attach(wsi, 0) < 0) { - /* - * if we failed here, the connection is already closed - * and freed. - */ - goto bail2; - } - -#endif - - if (i->parent_wsi) { - lwsl_info("%s: created child %p of parent %p\n", __func__, - wsi, i->parent_wsi); - wsi->parent = i->parent_wsi; - wsi->sibling_list = i->parent_wsi->child_list; - i->parent_wsi->child_list = wsi; - } -#ifdef LWS_WITH_HTTP_PROXY - if (i->uri_replace_to) - wsi->http.rw = lws_rewrite_create(wsi, html_parser_cb, - i->uri_replace_from, - i->uri_replace_to); -#endif - - return wsi; - -bail1: - lws_client_stash_destroy(wsi); - -bail: - lws_free(wsi); -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) -bail2: -#endif - if (i->pwsi) - *i->pwsi = NULL; - - return NULL; -} - struct lws * -lws_client_connect_via_info2(struct lws *wsi) +lws_http_client_connect_via_info2(struct lws *wsi) { struct client_info_stash *stash = wsi->stash; @@ -1156,55 +986,6 @@ bail1: return NULL; } -LWS_VISIBLE struct lws * -lws_client_connect_extended(struct lws_context *context, const char *address, - int port, int ssl_connection, const char *path, - const char *host, const char *origin, - const char *protocol, int ietf_version_or_minus_one, - void *userdata) -{ - struct lws_client_connect_info i; - - memset(&i, 0, sizeof(i)); - - i.context = context; - i.address = address; - i.port = port; - i.ssl_connection = ssl_connection; - i.path = path; - i.host = host; - i.origin = origin; - i.protocol = protocol; - i.ietf_version_or_minus_one = ietf_version_or_minus_one; - i.userdata = userdata; - - return lws_client_connect_via_info(&i); -} - -LWS_VISIBLE struct lws * -lws_client_connect(struct lws_context *context, const char *address, - int port, int ssl_connection, const char *path, - const char *host, const char *origin, - const char *protocol, int ietf_version_or_minus_one) -{ - struct lws_client_connect_info i; - - memset(&i, 0, sizeof(i)); - - i.context = context; - i.address = address; - i.port = port; - i.ssl_connection = ssl_connection; - i.path = path; - i.host = host; - i.origin = origin; - i.protocol = protocol; - i.ietf_version_or_minus_one = ietf_version_or_minus_one; - i.userdata = NULL; - - return lws_client_connect_via_info(&i); -} - #if defined(LWS_WITH_SOCKS5) void socks_generate_msg(struct lws *wsi, enum socks_msg_type type, ssize_t *msg_len) @@ -1242,8 +1023,9 @@ void socks_generate_msg(struct lws *wsi, enum socks_msg_type type, /* length of the password */ pt->serv_buf[len++] = passwd_len; /* password */ - lws_strncpy((char *)&pt->serv_buf[len], wsi->vhost->socks_password, - context->pt_serv_buf_size - len + 1); + lws_strncpy((char *)&pt->serv_buf[len], + wsi->vhost->socks_password, + context->pt_serv_buf_size - len + 1); len += passwd_len; break; diff --git a/thirdparty/libwebsockets/roles/http/client/client.c b/thirdparty/libwebsockets/lib/roles/http/client/client.c index 5645fa2b7a..1d6f13dcf8 100644 --- a/thirdparty/libwebsockets/roles/http/client/client.c +++ b/thirdparty/libwebsockets/lib/roles/http/client/client.c @@ -1,7 +1,7 @@ /* * libwebsockets - lib/client/client.c * - * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com> + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -48,7 +48,7 @@ lws_client_wsi_effective(struct lws *wsi) } lws_end_foreach_dll_safe(d, d1); return lws_container_of(tail, struct lws, - dll_client_transaction_queue); + dll_client_transaction_queue); } /* @@ -66,7 +66,7 @@ _lws_client_wsi_master(struct lws *wsi) d = wsi->dll_client_transaction_queue.prev; while (d) { wsi_eff = lws_container_of(d, struct lws, - dll_client_transaction_queue_head); + dll_client_transaction_queue_head); d = d->prev; } @@ -111,11 +111,12 @@ lws_client_socket_service(struct lws *wsi, struct lws_pollfd *pollfd, */ lws_vhost_lock(wsi->vhost); lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - wsi->dll_client_transaction_queue_head.next) { + wsi->dll_client_transaction_queue_head.next) { struct lws *w = lws_container_of(d, struct lws, dll_client_transaction_queue); - lwsl_debug("%s: %p states 0x%x\n", __func__, w, w->wsistate); + lwsl_debug("%s: %p states 0x%x\n", __func__, w, + w->wsistate); if (lwsi_state(w) == LRS_H1C_ISSUE_HANDSHAKE2) wfound = w; } lws_end_foreach_dll_safe(d, d1); @@ -208,7 +209,8 @@ lws_client_socket_service(struct lws *wsi, struct lws_pollfd *pollfd, case LRS_WAITING_SOCKS_AUTH_REPLY: if (pt->serv_buf[0] != SOCKS_SUBNEGOTIATION_VERSION_1 || - pt->serv_buf[1] != SOCKS_SUBNEGOTIATION_STATUS_SUCCESS) + pt->serv_buf[1] != + SOCKS_SUBNEGOTIATION_STATUS_SUCCESS) goto socks_reply_fail; lwsl_client("SOCKS password OK, sending connect\n"); @@ -243,8 +245,8 @@ socks_reply_fail: /* free stash since we are done with it */ lws_client_stash_destroy(wsi); if (lws_hdr_simple_create(wsi, - _WSI_TOKEN_CLIENT_PEER_ADDRESS, - wsi->vhost->socks_proxy_address)) + _WSI_TOKEN_CLIENT_PEER_ADDRESS, + wsi->vhost->socks_proxy_address)) goto bail3; wsi->c_port = wsi->vhost->socks_proxy_port; @@ -352,7 +354,9 @@ start_ws_handshake: * So this is it, we are an h2 master client connection * now, not an h1 client connection. */ +#if defined (LWS_WITH_TLS) lws_tls_server_conn_alpn(wsi); +#endif /* send the H2 preface to legitimize the connection */ if (lws_h2_issue_preface(wsi)) { @@ -377,7 +381,8 @@ start_ws_handshake: return 0; lwsl_err("Failed to generate handshake for client\n"); - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "chs"); + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "chs"); return 0; } @@ -385,8 +390,9 @@ start_ws_handshake: lws_latency_pre(context, wsi); w = _lws_client_wsi_master(wsi); - lwsl_info("%s: HANDSHAKE2: %p: sending headers on %p (wsistate 0x%x 0x%x)\n", - __func__, wsi, w, wsi->wsistate, w->wsistate); + lwsl_info("%s: HANDSHAKE2: %p: sending headers on %p " + "(wsistate 0x%x 0x%x)\n", __func__, wsi, w, + wsi->wsistate, w->wsistate); n = lws_ssl_capable_write(w, (unsigned char *)sb, (int)(p - sb)); lws_latency(context, wsi, "send lws_issue_raw", n, @@ -394,7 +400,8 @@ start_ws_handshake: switch (n) { case LWS_SSL_CAPABLE_ERROR: lwsl_debug("ERROR writing to client socket\n"); - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "cws"); + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "cws"); return 0; case LWS_SSL_CAPABLE_MORE_SERVICE: lws_callback_on_writable(wsi); @@ -419,7 +426,7 @@ start_ws_handshake: #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) w->http.ah->parser_state = WSI_TOKEN_NAME_PART; w->http.ah->lextable_pos = 0; - /* If we're (re)starting on headers, need other implied init */ + /* If we're (re)starting on hdr, need other implied init */ wsi->http.ah->ues = URIES_IDLE; #endif } @@ -549,11 +556,12 @@ lws_http_transaction_completed_client(struct lws *wsi) { struct lws *wsi_eff = lws_client_wsi_effective(wsi); - lwsl_info("%s: wsi: %p, wsi_eff: %p\n", __func__, wsi, wsi_eff); + lwsl_info("%s: wsi: %p, wsi_eff: %p (%s)\n", __func__, wsi, wsi_eff, + wsi_eff->protocol->name); - if (user_callback_handle_rxflow(wsi_eff->protocol->callback, - wsi_eff, LWS_CALLBACK_COMPLETED_CLIENT_HTTP, - wsi_eff->user_space, NULL, 0)) { + if (user_callback_handle_rxflow(wsi_eff->protocol->callback, wsi_eff, + LWS_CALLBACK_COMPLETED_CLIENT_HTTP, + wsi_eff->user_space, NULL, 0)) { lwsl_debug("%s: Completed call returned nonzero (role 0x%x)\n", __func__, lwsi_role(wsi_eff)); return -1; @@ -626,7 +634,8 @@ lws_http_transaction_completed_client(struct lws *wsi) /* If we're (re)starting on headers, need other implied init */ wsi->http.ah->ues = URIES_IDLE; - lwsl_info("%s: %p: new queued transaction as %p\n", __func__, wsi, wsi_eff); + lwsl_info("%s: %p: new queued transaction as %p\n", __func__, wsi, + wsi_eff); lws_callback_on_writable(wsi); return 0; @@ -672,7 +681,7 @@ lws_client_interpret_server_handshake(struct lws *wsi) int n, port = 0, ssl = 0; int close_reason = LWS_CLOSE_STATUS_PROTOCOL_ERR; const char *prot, *ads = NULL, *path, *cce = NULL; - struct allocated_headers *ah = NULL; + struct allocated_headers *ah; struct lws *w = lws_client_wsi_effective(wsi); char *p, *q; char new_path[300]; @@ -685,7 +694,8 @@ lws_client_interpret_server_handshake(struct lws *wsi) */ #if defined(LWS_ROLE_H2) if (wsi->client_h2_alpn || wsi->client_h2_substream) { - lwsl_debug("%s: %p: transitioning to h2 client\n", __func__, wsi); + lwsl_debug("%s: %p: transitioning to h2 client\n", + __func__, wsi); lws_role_transition(wsi, LWSIFR_CLIENT, LRS_ESTABLISHED, &role_ops_h2); } else @@ -693,7 +703,8 @@ lws_client_interpret_server_handshake(struct lws *wsi) { #if defined(LWS_ROLE_H1) { - lwsl_debug("%s: %p: transitioning to h1 client\n", __func__, wsi); + lwsl_debug("%s: %p: transitioning to h1 client\n", + __func__, wsi); lws_role_transition(wsi, LWSIFR_CLIENT, LRS_ESTABLISHED, &role_ops_h1); } @@ -719,7 +730,7 @@ lws_client_interpret_server_handshake(struct lws *wsi) * set-cookie:.test=LWS_1456736240_336776_COOKIE;Max-Age=360000 */ - wsi->http.connection_type = HTTP_CONNECTION_KEEP_ALIVE; + wsi->http.conn_type = HTTP_CONNECTION_KEEP_ALIVE; if (!wsi->client_h2_substream) { p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP); if (wsi->do_ws && !p) { @@ -729,7 +740,7 @@ lws_client_interpret_server_handshake(struct lws *wsi) } if (!p) { p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP1_0); - wsi->http.connection_type = HTTP_CONNECTION_CLOSE; + wsi->http.conn_type = HTTP_CONNECTION_CLOSE; } if (!p) { cce = "HS: URI missing"; @@ -826,8 +837,9 @@ lws_client_interpret_server_handshake(struct lws *wsi) /* if h1 KA is allowed, enable the queued pipeline guys */ - if (!wsi->client_h2_alpn && !wsi->client_h2_substream && w == wsi) { /* ie, coming to this for the first time */ - if (wsi->http.connection_type == HTTP_CONNECTION_KEEP_ALIVE) + if (!wsi->client_h2_alpn && !wsi->client_h2_substream && + w == wsi) { /* ie, coming to this for the first time */ + if (wsi->http.conn_type == HTTP_CONNECTION_KEEP_ALIVE) wsi->keepalive_active = 1; else { /* @@ -847,13 +859,16 @@ lws_client_interpret_server_handshake(struct lws *wsi) wsi->keepalive_rejected = 1; lws_vhost_lock(wsi->vhost); - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - wsi->dll_client_transaction_queue_head.next) { - struct lws *ww = lws_container_of(d, struct lws, - dll_client_transaction_queue); + lws_start_foreach_dll_safe(struct lws_dll_lws *, + d, d1, + wsi->dll_client_transaction_queue_head.next) { + struct lws *ww = lws_container_of(d, + struct lws, + dll_client_transaction_queue); /* remove him from our queue */ - lws_dll_lws_remove(&ww->dll_client_transaction_queue); + lws_dll_lws_remove( + &ww->dll_client_transaction_queue); /* give up on pipelining */ ww->client_pipeline = 0; @@ -881,7 +896,7 @@ lws_client_interpret_server_handshake(struct lws *wsi) if (!strncmp(lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE), "text/html", 9)) - wsi->http.perform_rewrite = 1; + wsi->http.perform_rewrite = 0; } #endif @@ -915,8 +930,7 @@ lws_client_interpret_server_handshake(struct lws *wsi) wsi->http.rx_content_length; } else /* can't do 1.1 without a content length or chunked */ if (!wsi->chunked) - wsi->http.connection_type = - HTTP_CONNECTION_CLOSE; + wsi->http.conn_type = HTTP_CONNECTION_CLOSE; /* * we seem to be good to go, give client last chance to check @@ -954,6 +968,15 @@ lws_client_interpret_server_handshake(struct lws *wsi) lwsl_info("%s: client connection up\n", __func__); + /* + * Did we get a response from the server with an explicit + * content-length of zero? If so, this transaction is already + * completed at the end of the header processing... + */ + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH) && + !wsi->http.rx_content_length) + return !!lws_http_transaction_completed_client(wsi); + return 0; } @@ -983,7 +1006,9 @@ bail2: } wsi->already_did_cce = 1; - lwsl_info("closing connection due to bail2 connection error\n"); + lwsl_info("closing connection (prot %s) " + "due to bail2 connection error: %s\n", wsi->protocol ? + wsi->protocol->name : "unknown", cce); /* closing will free up his parsing allocations */ lws_close_free_wsi(wsi, close_reason, "c hs interp"); @@ -1023,7 +1048,7 @@ lws_generate_client_handshake(struct lws *wsi, char *pkt) return NULL; } - lws_bind_protocol(wsi, pr); + lws_bind_protocol(wsi, pr, __func__); } if ((wsi->protocol->callback)(wsi, LWS_CALLBACK_RAW_ADOPT, @@ -1070,16 +1095,22 @@ lws_generate_client_handshake(struct lws *wsi, char *pkt) _WSI_TOKEN_CLIENT_ORIGIN)); } #if defined(LWS_ROLE_WS) - if (wsi->do_ws) - p = lws_generate_client_ws_handshake(wsi, p); + if (wsi->do_ws) { + const char *conn1 = ""; + if (!wsi->client_pipeline) + conn1 = "close, "; + p = lws_generate_client_ws_handshake(wsi, p, conn1); + } else #endif + if (!wsi->client_pipeline) + p += sprintf(p, "connection: close\x0d\x0a"); /* give userland a chance to append, eg, cookies */ if (wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER, - wsi->user_space, &p, - (pkt + wsi->context->pt_serv_buf_size) - p - 12)) + LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER, + wsi->user_space, &p, + (pkt + wsi->context->pt_serv_buf_size) - p - 12)) return NULL; p += sprintf(p, "\x0d\x0a"); @@ -1103,14 +1134,11 @@ lws_http_client_read(struct lws *wsi, char **buf, int *len) lws_change_pollfd(wsi, 0, LWS_POLLIN); if (rlen == LWS_SSL_CAPABLE_ERROR) { - lwsl_notice("%s: SSL capable error\n", __func__); + lwsl_debug("%s: SSL capable error\n", __func__); return -1; } - if (rlen == 0) - return -1; - - if (rlen < 0) + if (rlen <= 0) return 0; *len = rlen; @@ -1130,7 +1158,7 @@ spin_chunks: } n = char_to_hex((*buf)[0]); if (n < 0) { - lwsl_debug("chunking failure\n"); + lwsl_info("%s: chunking failure\n", __func__); return -1; } wsi->chunk_remaining <<= 4; @@ -1138,7 +1166,7 @@ spin_chunks: break; case ELCP_CR: if ((*buf)[0] != '\x0a') { - lwsl_debug("chunking failure\n"); + lwsl_info("%s: chunking failure\n", __func__); return -1; } wsi->chunk_parser = ELCP_CONTENT; @@ -1153,7 +1181,7 @@ spin_chunks: case ELCP_POST_CR: if ((*buf)[0] != '\x0d') { - lwsl_debug("chunking failure\n"); + lwsl_info("%s: chunking failure\n", __func__); return -1; } @@ -1162,8 +1190,11 @@ spin_chunks: break; case ELCP_POST_LF: - if ((*buf)[0] != '\x0a') + if ((*buf)[0] != '\x0a') { + lwsl_info("%s: chunking failure\n", __func__); + return -1; + } wsi->chunk_parser = ELCP_HEX; wsi->chunk_remaining = 0; @@ -1186,7 +1217,7 @@ spin_chunks: wsi->chunk_remaining < n) n = wsi->chunk_remaining; -#ifdef LWS_WITH_HTTP_PROXY +#if defined(LWS_WITH_HTTP_PROXY) && defined(LWS_WITH_HUBBUB) /* hubbub */ if (wsi->http.perform_rewrite) lws_rewrite_parse(wsi->http.rw, (unsigned char *)*buf, n); @@ -1198,7 +1229,7 @@ spin_chunks: if (user_callback_handle_rxflow(wsi_eff->protocol->callback, wsi_eff, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ, wsi_eff->user_space, *buf, n)) { - lwsl_debug("%s: RECEIVE_CLIENT_HTTP_READ returned -1\n", + lwsl_info("%s: RECEIVE_CLIENT_HTTP_READ returned -1\n", __func__); return -1; diff --git a/thirdparty/libwebsockets/roles/http/header.c b/thirdparty/libwebsockets/lib/roles/http/header.c index dbcf27cbd1..448c5a8b5c 100644 --- a/thirdparty/libwebsockets/roles/http/header.c +++ b/thirdparty/libwebsockets/lib/roles/http/header.c @@ -1,7 +1,7 @@ /* * libwebsockets - small server side websockets and web server implementation * - * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com> + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -116,9 +116,10 @@ lws_add_http_header_by_token(struct lws *wsi, enum lws_token_indexes token, return lws_add_http_header_by_name(wsi, name, value, length, p, end); } -int lws_add_http_header_content_length(struct lws *wsi, - lws_filepos_t content_length, - unsigned char **p, unsigned char *end) +int +lws_add_http_header_content_length(struct lws *wsi, + lws_filepos_t content_length, + unsigned char **p, unsigned char *end) { char b[24]; int n; @@ -141,6 +142,10 @@ lws_add_http_common_headers(struct lws *wsi, unsigned int code, const char *content_type, lws_filepos_t content_len, unsigned char **p, unsigned char *end) { + const char *ka[] = { "close", "keep-alive" }; + int types[] = { HTTP_CONNECTION_CLOSE, HTTP_CONNECTION_KEEP_ALIVE }, + t = 0; + if (lws_add_http_header_status(wsi, code, p, end)) return 1; @@ -149,22 +154,67 @@ lws_add_http_common_headers(struct lws *wsi, unsigned int code, (int)strlen(content_type), p, end)) return 1; - if (content_len != LWS_ILLEGAL_HTTP_CONTENT_LEN) { - if (lws_add_http_header_content_length(wsi, content_len, p, end)) +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + if (!wsi->http.lcs && + (!strncmp(content_type, "text/", 5) || + !strcmp(content_type, "application/javascript") || + !strcmp(content_type, "image/svg+xml"))) + lws_http_compression_apply(wsi, NULL, p, end, 0); +#endif + + /* + * if we decided to compress it, we don't know the content length... + * the compressed data will go out chunked on h1 + */ + if ( +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + !wsi->http.lcs && +#endif + content_len != LWS_ILLEGAL_HTTP_CONTENT_LEN) { + if (lws_add_http_header_content_length(wsi, content_len, + p, end)) return 1; } else { - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_CONNECTION, - (unsigned char *)"close", 5, - p, end)) - return 1; - - wsi->http.connection_type = HTTP_CONNECTION_CLOSE; + /* there was no length... it normally means CONNECTION_CLOSE */ +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + + if (!wsi->http2_substream && wsi->http.lcs) { + /* so... + * - h1 connection + * - http compression transform active + * - did not send content length + * + * then mark as chunked... + */ + wsi->http.comp_ctx.chunking = 1; + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_TRANSFER_ENCODING, + (unsigned char *)"chunked", 7, p, end)) + return -1; + + /* ... but h1 compression is chunked, if active we can + * still pipeline + */ + if (wsi->http.lcs && + wsi->http.conn_type == HTTP_CONNECTION_KEEP_ALIVE) + t = 1; + } +#endif + if (!wsi->http2_substream) { + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_CONNECTION, + (unsigned char *)ka[t], + (int)strlen(ka[t]), p, end)) + return 1; + + wsi->http.conn_type = types[t]; + } } return 0; } -STORE_IN_ROM static const char * const err400[] = { +static const char * const err400[] = { "Bad Request", "Unauthorized", "Payment Required", @@ -185,7 +235,7 @@ STORE_IN_ROM static const char * const err400[] = { "Expectation Failed" }; -STORE_IN_ROM static const char * const err500[] = { +static const char * const err500[] = { "Internal Server Error", "Not Implemented", "Bad Gateway", @@ -194,11 +244,31 @@ STORE_IN_ROM static const char * const err500[] = { "HTTP Version Not Supported" }; +/* security best practices from Mozilla Observatory */ + +static const +struct lws_protocol_vhost_options pvo_hsbph[] = {{ + NULL, NULL, "referrer-policy:", "no-referrer" +}, { + &pvo_hsbph[0], NULL, "x-frame-options:", "deny" +}, { + &pvo_hsbph[1], NULL, "x-xss-protection:", "1; mode=block" +}, { + &pvo_hsbph[2], NULL, "x-content-type-options:", "nosniff" +}, { + &pvo_hsbph[3], NULL, "content-security-policy:", + "default-src 'none'; img-src 'self' data: ; " + "script-src 'self'; font-src 'self'; " + "style-src 'self'; connect-src 'self'; " + "frame-ancestors 'none'; base-uri 'none';" + "form-action 'self';" +}}; + int lws_add_http_header_status(struct lws *wsi, unsigned int _code, unsigned char **p, unsigned char *end) { - STORE_IN_ROM static const char * const hver[] = { + static const char * const hver[] = { "HTTP/1.0", "HTTP/1.1", "HTTP/2" }; const struct lws_protocol_vhost_options *headers; @@ -246,6 +316,7 @@ lws_add_http_header_status(struct lws *wsi, unsigned int _code, end)) return 1; } + headers = wsi->vhost->headers; while (headers) { if (lws_add_http_header_by_name(wsi, @@ -257,6 +328,20 @@ lws_add_http_header_status(struct lws *wsi, unsigned int _code, headers = headers->next; } + if (wsi->vhost->options & + LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE) { + headers = &pvo_hsbph[LWS_ARRAY_SIZE(pvo_hsbph) - 1]; + while (headers) { + if (lws_add_http_header_by_name(wsi, + (const unsigned char *)headers->name, + (unsigned char *)headers->value, + (int)strlen(headers->value), p, end)) + return 1; + + headers = headers->next; + } + } + if (wsi->context->server_string && !(_code & LWSAHH_FLAG_NO_SERVER_NAME)) if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_SERVER, @@ -271,6 +356,12 @@ lws_add_http_header_status(struct lws *wsi, unsigned int _code, "includeSubDomains", 36, p, end)) return 1; + if (*p >= (end - 2)) { + lwsl_err("%s: reached end of buffer\n", __func__); + + return 1; + } + return 0; } @@ -283,6 +374,7 @@ lws_return_http_status(struct lws *wsi, unsigned int code, unsigned char *p = pt->serv_buf + LWS_PRE; unsigned char *start = p; unsigned char *end = p + context->pt_serv_buf_size - LWS_PRE; + char *body = (char *)start + context->pt_serv_buf_size - 512; int n = 0, m = 0, len; char slen[20]; @@ -297,9 +389,9 @@ lws_return_http_status(struct lws *wsi, unsigned int code, code == HTTP_STATUS_NOT_FOUND) /* we should do a redirect, and do the 404 there */ if (lws_http_redirect(wsi, HTTP_STATUS_FOUND, - (uint8_t *)wsi->vhost->http.error_document_404, - (int)strlen(wsi->vhost->http.error_document_404), - &p, end) > 0) + (uint8_t *)wsi->vhost->http.error_document_404, + (int)strlen(wsi->vhost->http.error_document_404), + &p, end) > 0) return 0; #endif @@ -317,9 +409,15 @@ lws_return_http_status(struct lws *wsi, unsigned int code, &p, end)) return 1; - len = 35 + (int)strlen(html_body) + sprintf(slen, "%d", code); - n = sprintf(slen, "%d", len); + len = lws_snprintf(body, 510, "<html><head>" + "<meta charset=utf-8 http-equiv=\"Content-Language\" " + "content=\"en\"/>" + "<link rel=\"stylesheet\" type=\"text/css\" " + "href=\"/error.css\"/>" + "</head><body><h1>%u</h1>%s</body></html>", code, html_body); + + n = sprintf(slen, "%d", len); if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH, (unsigned char *)slen, n, &p, end)) return 1; @@ -329,7 +427,6 @@ lws_return_http_status(struct lws *wsi, unsigned int code, #if defined(LWS_WITH_HTTP2) if (wsi->http2_substream) { - unsigned char *body = p + 512; /* * for HTTP/2, the headers must be sent separately, since they @@ -343,7 +440,8 @@ lws_return_http_status(struct lws *wsi, unsigned int code, * * Solve it by writing the headers now... */ - m = lws_write(wsi, start, p - start, LWS_WRITE_HTTP_HEADERS); + m = lws_write(wsi, start, lws_ptr_diff(p, start), + LWS_WRITE_HTTP_HEADERS); if (m != lws_ptr_diff(p, start)) return 1; @@ -351,10 +449,6 @@ lws_return_http_status(struct lws *wsi, unsigned int code, * ... but stash the body and send it as a priority next * handle_POLLOUT */ - - len = sprintf((char *)body, - "<html><body><h1>%u</h1>%s</body></html>", - code, html_body); wsi->http.tx_content_length = len; wsi->http.tx_content_remain = len; @@ -363,8 +457,7 @@ lws_return_http_status(struct lws *wsi, unsigned int code, if (!wsi->h2.pending_status_body) return -1; - strcpy(wsi->h2.pending_status_body + LWS_PRE, - (const char *)body); + strcpy(wsi->h2.pending_status_body + LWS_PRE, body); lws_callback_on_writable(wsi); return 0; @@ -375,11 +468,9 @@ lws_return_http_status(struct lws *wsi, unsigned int code, * for http/1, we can just append the body after the finalized * headers and send it all in one go. */ - p += lws_snprintf((char *)p, end - p - 1, - "<html><body><h1>%u</h1>%s</body></html>", - code, html_body); - n = lws_ptr_diff(p, start); + n = lws_ptr_diff(p, start) + len; + memcpy(p, body, len); m = lws_write(wsi, start, n, LWS_WRITE_HTTP); if (m != n) return 1; @@ -419,3 +510,20 @@ lws_http_redirect(struct lws *wsi, int code, const unsigned char *loc, int len, return lws_write(wsi, start, *p - start, LWS_WRITE_HTTP_HEADERS | LWS_WRITE_H2_STREAM_END); } + +#if !defined(LWS_WITH_HTTP_STREAM_COMPRESSION) +LWS_VISIBLE int +lws_http_compression_apply(struct lws *wsi, const char *name, + unsigned char **p, unsigned char *end, char decomp) +{ + (void)wsi; + (void)name; + (void)p; + (void)end; + (void)decomp; + + return 0; +} +#endif + + diff --git a/thirdparty/libwebsockets/roles/http/lextable-strings.h b/thirdparty/libwebsockets/lib/roles/http/lextable-strings.h index 631f5cb600..1e4fee855f 100644 --- a/thirdparty/libwebsockets/roles/http/lextable-strings.h +++ b/thirdparty/libwebsockets/lib/roles/http/lextable-strings.h @@ -1,10 +1,6 @@ /* set of parsable strings -- ALL LOWER CASE */ -#if !defined(STORE_IN_ROM) -#define STORE_IN_ROM -#endif - -STORE_IN_ROM static const char * const set[] = { +static const char * const set[] = { "get ", "post ", "options ", diff --git a/thirdparty/libwebsockets/roles/http/lextable.h b/thirdparty/libwebsockets/lib/roles/http/lextable.h index 9a8063b157..9a8063b157 100644 --- a/thirdparty/libwebsockets/roles/http/lextable.h +++ b/thirdparty/libwebsockets/lib/roles/http/lextable.h diff --git a/thirdparty/libwebsockets/roles/http/private.h b/thirdparty/libwebsockets/lib/roles/http/private.h index 5699914742..ff8b0581cc 100644 --- a/thirdparty/libwebsockets/roles/http/private.h +++ b/thirdparty/libwebsockets/lib/roles/http/private.h @@ -22,11 +22,15 @@ * enabled */ -#if defined(LWS_WITH_HTTP_PROXY) +#if defined(LWS_WITH_HUBBUB) #include <hubbub/hubbub.h> #include <hubbub/parser.h> #endif +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) +#include "roles/http/compression/private.h" +#endif + #define lwsi_role_http(wsi) (lwsi_role_h1(wsi) || lwsi_role_h2(wsi)) enum http_version { @@ -35,7 +39,7 @@ enum http_version { HTTP_VERSION_2 }; -enum http_connection_type { +enum http_conn_type { HTTP_CONNECTION_CLOSE, HTTP_CONNECTION_KEEP_ALIVE }; @@ -133,7 +137,7 @@ struct allocated_headers { -#if defined(LWS_WITH_HTTP_PROXY) +#if defined(LWS_WITH_HUBBUB) struct lws_rewrite { hubbub_parser *parser; hubbub_parser_optparams params; @@ -192,9 +196,15 @@ struct lws_access_log { }; #endif +#define LWS_HTTP_CHUNK_HDR_MAX_SIZE (6 + 2) /* 6 hex digits and then CRLF */ +#define LWS_HTTP_CHUNK_TRL_MAX_SIZE (2 + 5) /* CRLF, then maybe 0 CRLF CRLF */ + struct _lws_http_mode_related { struct lws *new_wsi_list; + unsigned char *pending_return_headers; + size_t pending_return_headers_len; + #if defined(LWS_WITH_HTTP_PROXY) struct lws_rewrite *rw; #endif @@ -216,9 +226,14 @@ struct _lws_http_mode_related { #ifdef LWS_WITH_CGI struct lws_cgi *cgi; /* wsi being cgi master have one of these */ #endif +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + struct lws_compression_support *lcs; + lws_comp_ctx_t comp_ctx; + unsigned char comp_accept_mask; +#endif enum http_version request_version; - enum http_connection_type connection_type; + enum http_conn_type conn_type; lws_filepos_t tx_content_length; lws_filepos_t tx_content_remain; lws_filepos_t rx_content_length; @@ -226,8 +241,12 @@ struct _lws_http_mode_related { #if defined(LWS_WITH_HTTP_PROXY) unsigned int perform_rewrite:1; + unsigned int proxy_clientside:1; + unsigned int proxy_parent_chunked:1; #endif unsigned int deferred_transaction_completed:1; + unsigned int content_length_explicitly_zero:1; + unsigned int did_stream_close:1; }; diff --git a/thirdparty/libwebsockets/roles/http/server/fops-zip.c b/thirdparty/libwebsockets/lib/roles/http/server/fops-zip.c index 4db83ce621..4db83ce621 100644 --- a/thirdparty/libwebsockets/roles/http/server/fops-zip.c +++ b/thirdparty/libwebsockets/lib/roles/http/server/fops-zip.c diff --git a/thirdparty/libwebsockets/roles/http/server/lejp-conf.c b/thirdparty/libwebsockets/lib/roles/http/server/lejp-conf.c index fbf10c288e..0dd701d835 100644 --- a/thirdparty/libwebsockets/roles/http/server/lejp-conf.c +++ b/thirdparty/libwebsockets/lib/roles/http/server/lejp-conf.c @@ -1,7 +1,7 @@ /* * libwebsockets web server application * - * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com> + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -105,6 +105,11 @@ static const char * const paths_vhosts[] = { "vhosts[].ignore-missing-cert", "vhosts[].error-document-404", "vhosts[].alpn", + "vhosts[].ssl-client-option-set", + "vhosts[].ssl-client-option-clear", + "vhosts[].tls13-ciphers", + "vhosts[].client-tls13-ciphers", + "vhosts[].strict-host-check", }; enum lejp_vhost_paths { @@ -156,6 +161,11 @@ enum lejp_vhost_paths { LEJPVP_IGNORE_MISSING_CERT, LEJPVP_ERROR_DOCUMENT_404, LEJPVP_ALPN, + LEJPVP_SSL_CLIENT_OPTION_SET, + LEJPVP_SSL_CLIENT_OPTION_CLEAR, + LEJPVP_TLS13_CIPHERS, + LEJPVP_CLIENT_TLS13_CIPHERS, + LEJPVP_FLAG_STRICT_HOST_CHECK, }; static const char * const parser_errs[] = { @@ -252,7 +262,7 @@ lejp_globals_cb(struct lejp_ctx *ctx, char reason) rej = lwsws_align(a); a->p += sizeof(*rej); - n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + n = lejp_get_wildcard(ctx, 0, a->p, lws_ptr_diff(a->end, a->p)); rej->next = a->info->reject_service_keywords; a->info->reject_service_keywords = rej; rej->name = a->p; @@ -403,7 +413,7 @@ lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) a->pvo = lwsws_align(a); a->p += sizeof(*a->pvo); - n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + n = lejp_get_wildcard(ctx, 0, a->p, lws_ptr_diff(a->end, a->p)); /* ie, enable this protocol, no options yet */ a->pvo->next = a->info->pvo; a->info->pvo = a->pvo; @@ -418,6 +428,7 @@ lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) /* this catches, eg, vhosts[].headers[].xxx */ if ((reason == LEJPCB_VAL_STR_END || reason == LEJPCB_VAL_STR_CHUNK) && ctx->path_match == LEJPVP_HEADERS_NAME + 1) { + if (!a->chunk) { headers = lwsws_align(a); a->p += sizeof(*headers); @@ -450,8 +461,9 @@ lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) struct lws_vhost *vhost; //lwsl_notice("%s\n", ctx->path); - if (!a->info->port) { - lwsl_err("Port required (eg, 443)"); + if (!a->info->port && + !(a->info->options & LWS_SERVER_OPTION_UNIX_SOCK)) { + lwsl_err("Port required (eg, 443)\n"); return 1; } a->valid = 0; @@ -467,13 +479,19 @@ lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) #if defined(LWS_WITH_TLS) if (a->enable_client_ssl) { - const char *cert_filepath = a->info->client_ssl_cert_filepath; - const char *private_key_filepath = a->info->client_ssl_private_key_filepath; - const char *ca_filepath = a->info->client_ssl_ca_filepath; - const char *cipher_list = a->info->client_ssl_cipher_list; + const char *cert_filepath = + a->info->client_ssl_cert_filepath; + const char *private_key_filepath = + a->info->client_ssl_private_key_filepath; + const char *ca_filepath = + a->info->client_ssl_ca_filepath; + const char *cipher_list = + a->info->client_ssl_cipher_list; + memset(a->info, 0, sizeof(*a->info)); a->info->client_ssl_cert_filepath = cert_filepath; - a->info->client_ssl_private_key_filepath = private_key_filepath; + a->info->client_ssl_private_key_filepath = + private_key_filepath; a->info->client_ssl_ca_filepath = ca_filepath; a->info->client_ssl_cipher_list = cipher_list; a->info->options = LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT; @@ -617,6 +635,13 @@ lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) case LEJPVP_CIPHERS: a->info->ssl_cipher_list = a->p; break; + case LEJPVP_TLS13_CIPHERS: + a->info->tls1_3_plus_cipher_list = a->p; + break; + case LEJPVP_CLIENT_TLS13_CIPHERS: + a->info->client_tls_1_3_plus_cipher_list = a->p; + break; + case LEJPVP_ECDH_CURVE: a->info->ecdh_curve = a->p; break; @@ -628,13 +653,13 @@ lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) mp_cgienv->next = a->m.cgienv; a->m.cgienv = mp_cgienv; - n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + n = lejp_get_wildcard(ctx, 0, a->p, lws_ptr_diff(a->end, a->p)); mp_cgienv->name = a->p; a->p += n; mp_cgienv->value = a->p; mp_cgienv->options = NULL; - //lwsl_notice(" adding pmo / cgi-env '%s' = '%s'\n", mp_cgienv->name, - // mp_cgienv->value); + //lwsl_notice(" adding pmo / cgi-env '%s' = '%s'\n", + // mp_cgienv->name, mp_cgienv->value); goto dostring; case LEJPVP_PROTOCOL_NAME_OPT: @@ -645,7 +670,7 @@ lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) pvo = lwsws_align(a); a->p += sizeof(*a->pvo); - n = lejp_get_wildcard(ctx, 1, a->p, a->end - a->p); + n = lejp_get_wildcard(ctx, 1, a->p, lws_ptr_diff(a->end, a->p)); /* ie, enable this protocol, no options yet */ pvo->next = a->pvo->options; a->pvo->options = pvo; @@ -659,12 +684,12 @@ lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) a->pvo_em = lwsws_align(a); a->p += sizeof(*a->pvo_em); - n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + n = lejp_get_wildcard(ctx, 0, a->p, lws_ptr_diff(a->end, a->p)); /* ie, enable this protocol, no options yet */ a->pvo_em->next = a->m.extra_mimetypes; a->m.extra_mimetypes = a->pvo_em; a->pvo_em->name = a->p; - lwsl_notice(" adding extra-mimetypes %s -> %s\n", a->p, ctx->buf); + lwsl_notice(" + extra-mimetypes %s -> %s\n", a->p, ctx->buf); a->p += n; a->pvo_em->value = a->p; a->pvo_em->options = NULL; @@ -674,7 +699,7 @@ lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) a->pvo_int = lwsws_align(a); a->p += sizeof(*a->pvo_int); - n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + n = lejp_get_wildcard(ctx, 0, a->p, lws_ptr_diff(a->end, a->p)); /* ie, enable this protocol, no options yet */ a->pvo_int->next = a->m.interpret; a->m.interpret = a->pvo_int; @@ -737,6 +762,15 @@ lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) return 0; + case LEJPVP_FLAG_STRICT_HOST_CHECK: + if (arg_to_bool(ctx->buf)) + a->info->options |= + LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK; + else + a->info->options &= + ~(LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK); + return 0; + case LEJPVP_ERROR_DOCUMENT_404: a->info->error_document_404 = a->p; break; @@ -748,6 +782,13 @@ lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) a->info->ssl_options_clear |= atol(ctx->buf); return 0; + case LEJPVP_SSL_CLIENT_OPTION_SET: + a->info->ssl_client_options_set |= atol(ctx->buf); + return 0; + case LEJPVP_SSL_CLIENT_OPTION_CLEAR: + a->info->ssl_client_options_clear |= atol(ctx->buf); + return 0; + case LEJPVP_ALPN: a->info->alpn = a->p; break; @@ -761,12 +802,13 @@ dostring: p[LEJP_STRING_CHUNK] = '\0'; p1 = strstr(p, ESC_INSTALL_DATADIR); if (p1) { - n = p1 - p; + n = lws_ptr_diff(p1, p); if (n > a->end - a->p) - n = a->end - a->p; + n = lws_ptr_diff(a->end, a->p); lws_strncpy(a->p, p, n + 1); a->p += n; - a->p += lws_snprintf(a->p, a->end - a->p, "%s", LWS_INSTALL_DATADIR); + a->p += lws_snprintf(a->p, a->end - a->p, "%s", + LWS_INSTALL_DATADIR); p += n + strlen(ESC_INSTALL_DATADIR); } @@ -871,7 +913,7 @@ static int lwsws_get_config_d(void *user, const char *d, const char * const *paths, int count_paths, lejp_callback cb) { -#ifndef _WIN32 +#if !defined(_WIN32) && !defined(LWS_WITH_ESP32) struct dirent **namelist; char path[256]; int n, i, ret = 0; @@ -941,13 +983,14 @@ lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d, return 1; lws_snprintf(dd, sizeof(dd) - 1, "%s/conf.d", d); if (lwsws_get_config_d(&a, dd, paths_global, - LWS_ARRAY_SIZE(paths_global), lejp_globals_cb) > 1) + LWS_ARRAY_SIZE(paths_global), + lejp_globals_cb) > 1) return 1; a.plugin_dirs[a.count_plugin_dirs] = NULL; *cs = a.p; - *len = a.end - a.p; + *len = lws_ptr_diff(a.end, a.p); return 0; } @@ -980,7 +1023,7 @@ lwsws_get_config_vhosts(struct lws_context *context, return 1; *cs = a.p; - *len = a.end - a.p; + *len = lws_ptr_diff(a.end, a.p); if (!a.any_vhosts) { lwsl_err("Need at least one vhost\n"); diff --git a/thirdparty/libwebsockets/roles/http/server/parsers.c b/thirdparty/libwebsockets/lib/roles/http/server/parsers.c index 482bdc676a..641e9b8dac 100644 --- a/thirdparty/libwebsockets/roles/http/server/parsers.c +++ b/thirdparty/libwebsockets/lib/roles/http/server/parsers.c @@ -240,8 +240,9 @@ lws_header_table_attach(struct lws *wsi, int autoservice) wsi->http.ah->wsi = wsi; /* mark our owner */ pt->http.ah_count_in_use++; -#if defined(LWS_WITH_PEER_LIMITS) && (defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2)) - lws_context_lock(context); /* <====================================== */ +#if defined(LWS_WITH_PEER_LIMITS) && (defined(LWS_ROLE_H1) || \ + defined(LWS_ROLE_H2)) + lws_context_lock(context, "ah attach"); /* <========================= */ if (wsi->peer) wsi->peer->http.count_ah++; lws_context_unlock(context); /* ====================================> */ @@ -259,7 +260,7 @@ reset: #ifndef LWS_NO_CLIENT if (lwsi_role_client(wsi) && lwsi_state(wsi) == LRS_UNCONNECTED) - if (!lws_client_connect_via_info2(wsi)) + if (!lws_http_client_connect_via_info2(wsi)) /* our client connect has failed, the wsi * has been closed */ @@ -353,14 +354,16 @@ int __lws_header_table_detach(struct lws *wsi, int autoservice) if (!wsi) /* everybody waiting already has too many ah... */ goto nobody_usable_waiting; - lwsl_info("%s: transferring ah to last eligible wsi in wait list %p (wsistate 0x%x)\n", __func__, wsi, wsi->wsistate); + lwsl_info("%s: transferring ah to last eligible wsi in wait list " + "%p (wsistate 0x%x)\n", __func__, wsi, wsi->wsistate); wsi->http.ah = ah; ah->wsi = wsi; /* new owner */ __lws_header_table_reset(wsi, autoservice); -#if defined(LWS_WITH_PEER_LIMITS) && (defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2)) - lws_context_lock(context); /* <====================================== */ +#if defined(LWS_WITH_PEER_LIMITS) && (defined(LWS_ROLE_H1) || \ + defined(LWS_ROLE_H2)) + lws_context_lock(context, "ah detach"); /* <========================= */ if (wsi->peer) wsi->peer->http.count_ah++; lws_context_unlock(context); /* ====================================> */ @@ -386,7 +389,7 @@ int __lws_header_table_detach(struct lws *wsi, int autoservice) if (lwsi_role_client(wsi) && lwsi_state(wsi) == LRS_UNCONNECTED) { lws_pt_unlock(pt); - if (!lws_client_connect_via_info2(wsi)) { + if (!lws_http_client_connect_via_info2(wsi)) { /* our client connect has failed, the wsi * has been closed */ @@ -397,7 +400,8 @@ int __lws_header_table_detach(struct lws *wsi, int autoservice) } #endif - assert(!!pt->http.ah_wait_list_length == !!(lws_intptr_t)pt->http.ah_wait_list); + assert(!!pt->http.ah_wait_list_length == + !!(lws_intptr_t)pt->http.ah_wait_list); bail: lwsl_info("%s: wsi %p: ah %p (tsi=%d, count = %d)\n", __func__, (void *)wsi, (void *)ah, pt->tid, pt->http.ah_count_in_use); @@ -459,6 +463,10 @@ LWS_VISIBLE int lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h) do { len += wsi->http.ah->frags[n].len; n = wsi->http.ah->frags[n].nfrag; + + if (n && h != WSI_TOKEN_HTTP_COOKIE) + ++len; + } while (n); return len; @@ -500,6 +508,11 @@ LWS_VISIBLE int lws_hdr_copy(struct lws *wsi, char *dst, int len, { int toklen = lws_hdr_total_length(wsi, h); int n; + int comma; + + *dst = '\0'; + if (!toklen) + return 0; if (toklen >= len) return -1; @@ -512,13 +525,20 @@ LWS_VISIBLE int lws_hdr_copy(struct lws *wsi, char *dst, int len, return 0; do { - if (wsi->http.ah->frags[n].len >= len) + comma = (wsi->http.ah->frags[n].nfrag && + h != WSI_TOKEN_HTTP_COOKIE) ? 1 : 0; + + if (wsi->http.ah->frags[n].len + comma >= len) return -1; strncpy(dst, &wsi->http.ah->data[wsi->http.ah->frags[n].offset], wsi->http.ah->frags[n].len); dst += wsi->http.ah->frags[n].len; len -= wsi->http.ah->frags[n].len; n = wsi->http.ah->frags[n].nfrag; + + if (comma) + *dst++ = ','; + } while (n); *dst = '\0'; @@ -529,6 +549,9 @@ char *lws_hdr_simple_ptr(struct lws *wsi, enum lws_token_indexes h) { int n; + if (!wsi->http.ah) + return NULL; + n = wsi->http.ah->frag_index[h]; if (!n) return NULL; @@ -539,6 +562,9 @@ char *lws_hdr_simple_ptr(struct lws *wsi, enum lws_token_indexes h) static int LWS_WARN_UNUSED_RESULT lws_pos_in_bounds(struct lws *wsi) { + if (!wsi->http.ah) + return -1; + if (wsi->http.ah->pos < (unsigned int)wsi->context->max_http_header_data) return 0; @@ -599,7 +625,8 @@ issue_char(struct lws *wsi, unsigned char c) * If we haven't hit the token limit, just copy the character into * the header */ - if (frag_len < wsi->http.ah->current_token_limit) { + if (!wsi->http.ah->current_token_limit || + frag_len < wsi->http.ah->current_token_limit) { wsi->http.ah->data[wsi->http.ah->pos++] = c; if (c) wsi->http.ah->frags[wsi->http.ah->nfrag].len++; @@ -868,8 +895,9 @@ lws_parse(struct lws *wsi, unsigned char *buf, int *len) if (ah->ups == URIPS_SEEN_SLASH_DOT_DOT) { /* * back up one dir level if possible - * safe against header fragmentation because - * the method URI can only be in 1 fragment + * safe against header fragmentation + * because the method URI can only be + * in 1 fragment */ if (ah->frags[ah->nfrag].len > 2) { ah->pos--; @@ -939,7 +967,8 @@ swallow: pos = ah->lextable_pos; while (1) { - if (lextable[pos] & (1 << 7)) { /* 1-byte, fail on mismatch */ + if (lextable[pos] & (1 << 7)) { + /* 1-byte, fail on mismatch */ if ((lextable[pos] & 0x7f) != c) { nope: ah->lextable_pos = -1; @@ -958,14 +987,15 @@ nope: goto nope; /* b7 = 0, end or 3-byte */ - if (lextable[pos] < FAIL_CHAR) { /* terminal marker */ + if (lextable[pos] < FAIL_CHAR) { /* term mark */ ah->lextable_pos = pos; break; } if (lextable[pos] == c) { /* goto */ - ah->lextable_pos = pos + (lextable[pos + 1]) + - (lextable[pos + 2] << 8); + ah->lextable_pos = pos + + (lextable[pos + 1]) + + (lextable[pos + 2] << 8); break; } @@ -1038,13 +1068,13 @@ nope: n = WSI_TOKEN_ORIGIN; ah->parser_state = (enum lws_token_indexes) - (WSI_TOKEN_GET_URI + n); + (WSI_TOKEN_GET_URI + n); ah->ups = URIPS_IDLE; if (context->token_limits) ah->current_token_limit = context-> - token_limits->token_limit[ - ah->parser_state]; + token_limits->token_limit[ + ah->parser_state]; else ah->current_token_limit = wsi->context->max_http_header_data; @@ -1116,6 +1146,7 @@ excessive: set_parsing_complete: if (ah->ues != URIES_IDLE) goto forbid; + if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) { if (lws_hdr_total_length(wsi, WSI_TOKEN_VERSION)) wsi->rx_frame_type = /* temp for ws version index */ diff --git a/thirdparty/libwebsockets/roles/http/server/server.c b/thirdparty/libwebsockets/lib/roles/http/server/server.c index abd86dc9b5..729315602c 100644 --- a/thirdparty/libwebsockets/roles/http/server/server.c +++ b/thirdparty/libwebsockets/lib/roles/http/server/server.c @@ -28,6 +28,8 @@ const char * const method_names[] = { #endif }; +static const char * const intermediates[] = { "private", "public" }; + /* * return 0: all done * 1: nonfatal error @@ -38,7 +40,7 @@ const char * const method_names[] = { int _lws_vhost_init_server(const struct lws_context_creation_info *info, - struct lws_vhost *vhost) + struct lws_vhost *vhost) { int n, opt = 1, limit = 1; lws_sockfd_type sockfd; @@ -81,15 +83,22 @@ _lws_vhost_init_server(const struct lws_context_creation_info *info, * let's check before we do anything else about the disposition * of the interface he wants to bind to... */ - is = lws_socket_bind(vhost, LWS_SOCK_INVALID, vhost->listen_port, vhost->iface); + is = lws_socket_bind(vhost, LWS_SOCK_INVALID, vhost->listen_port, + vhost->iface); lwsl_debug("initial if check says %d\n", is); + + if (is == LWS_ITOSA_BUSY) + /* treat as fatal */ + return -1; + deal: lws_start_foreach_llp(struct lws_vhost **, pv, vhost->context->no_listener_vhost_list) { if (is >= LWS_ITOSA_USABLE && *pv == vhost) { /* on the list and shouldn't be: remove it */ - lwsl_debug("deferred iface: removing vh %s\n", (*pv)->name); + lwsl_debug("deferred iface: removing vh %s\n", + (*pv)->name); *pv = vhost->no_listener_vhost_list; vhost->no_listener_vhost_list = NULL; goto done_list; @@ -105,7 +114,8 @@ deal: /* ... but needs to be: so add it */ lwsl_debug("deferred iface: adding vh %s\n", vhost->name); - vhost->no_listener_vhost_list = vhost->context->no_listener_vhost_list; + vhost->no_listener_vhost_list = + vhost->context->no_listener_vhost_list; vhost->context->no_listener_vhost_list = vhost; } @@ -221,9 +231,16 @@ done_list: } #endif #endif - lws_plat_set_socket_options(vhost, sockfd); + lws_plat_set_socket_options(vhost, sockfd, 0); is = lws_socket_bind(vhost, sockfd, vhost->listen_port, vhost->iface); + if (is == LWS_ITOSA_BUSY) { + /* treat as fatal */ + compatible_close(sockfd); + + return -1; + } + /* * There is a race where the network device may come up and then * go away and fail here. So correctly handle unexpected failure @@ -234,21 +251,29 @@ done_list: compatible_close(sockfd); goto deal; } - vhost->listen_port = is; - - lwsl_debug("%s: lws_socket_bind says %d\n", __func__, is); wsi = lws_zalloc(sizeof(struct lws), "listen wsi"); if (wsi == NULL) { lwsl_err("Out of mem\n"); goto bail; } + +#ifdef LWS_WITH_UNIX_SOCK + if (!LWS_UNIX_SOCK_ENABLED(vhost)) +#endif + { + wsi->unix_skt = 1; + vhost->listen_port = is; + + lwsl_debug("%s: lws_socket_bind says %d\n", __func__, is); + } + wsi->context = vhost->context; wsi->desc.sockfd = sockfd; lws_role_transition(wsi, 0, LRS_UNCONNECTED, &role_ops_listen); wsi->protocol = vhost->protocols; wsi->tsi = m; - wsi->vhost = vhost; + lws_vhost_bind_wsi(vhost, wsi); wsi->listener = 1; if (wsi->context->event_loop_ops->init_vhost_listen_wsi) @@ -296,7 +321,7 @@ lws_select_vhost(struct lws_context *context, int port, const char *servername) { struct lws_vhost *vhost = context->vhost_list; const char *p; - int n, m, colon; + int n, colon; n = (int)strlen(servername); colon = n; @@ -324,8 +349,8 @@ lws_select_vhost(struct lws_context *context, int port, const char *servername) */ vhost = context->vhost_list; while (vhost) { - m = (int)strlen(vhost->name); - if (port == vhost->listen_port && + int m = (int)strlen(vhost->name); + if (port && port == vhost->listen_port && m <= (colon - 2) && servername[colon - m - 1] == '.' && !strncmp(vhost->name, servername + colon - m, m)) { @@ -340,7 +365,7 @@ lws_select_vhost(struct lws_context *context, int port, const char *servername) vhost = context->vhost_list; while (vhost) { - if (port == vhost->listen_port) { + if (port && port == vhost->listen_port) { lwsl_info("%s: vhost match to %s based on port %d\n", __func__, vhost->name, port); return vhost; @@ -356,8 +381,8 @@ lws_select_vhost(struct lws_context *context, int port, const char *servername) LWS_VISIBLE LWS_EXTERN const char * lws_get_mimetype(const char *file, const struct lws_http_mount *m) { - int n = (int)strlen(file); const struct lws_protocol_vhost_options *pvo = NULL; + int n = (int)strlen(file); if (m) pvo = m->extra_mimetypes; @@ -457,7 +482,7 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin, #endif int spin = 0; #endif - char path[256], sym[512]; + char path[256], sym[2048]; unsigned char *p = (unsigned char *)sym + 32 + LWS_PRE, *start = p; unsigned char *end = p + sizeof(sym) - 32 - LWS_PRE; #if !defined(WIN32) && !defined(LWS_WITH_ESP32) @@ -494,7 +519,7 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin, lwsl_info("%s: Unable to open '%s': errno %d\n", __func__, path, errno); - return -1; + return 1; } /* if it can't be statted, don't try */ @@ -506,18 +531,18 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin, #if !defined(WIN32) if (fstat(wsi->http.fop_fd->fd, &st)) { lwsl_info("unable to stat %s\n", path); - goto bail; + goto notfound; } #else #if defined(LWS_HAVE__STAT32I64) if (_stat32i64(path, &st)) { lwsl_info("unable to stat %s\n", path); - goto bail; + goto notfound; } #else if (stat(path, &st)) { lwsl_info("unable to stat %s\n", path); - goto bail; + goto notfound; } #endif #endif @@ -530,7 +555,7 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin, len = readlink(path, sym, sizeof(sym) - 1); if (len) { lwsl_err("Failed to read link %s\n", path); - goto bail; + goto notfound; } sym[len] = '\0'; lwsl_debug("symlink %s -> %s\n", path, sym); @@ -567,19 +592,48 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin, if (!strcmp(sym, lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_IF_NONE_MATCH))) { + char cache_control[50], *cc = "no-store"; + int cclen = 8; + lwsl_debug("%s: ETAG match %s %s\n", __func__, uri, origin); /* we don't need to send the payload */ if (lws_add_http_header_status(wsi, - HTTP_STATUS_NOT_MODIFIED, &p, end)) + HTTP_STATUS_NOT_MODIFIED, &p, end)) { + lwsl_err("%s: failed adding not modified\n", + __func__); return -1; + } if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_ETAG, (unsigned char *)sym, n, &p, end)) return -1; + /* but we still need to send cache control... */ + + if (m->cache_max_age && m->cache_reusable) { + if (!m->cache_revalidate) { + cc = cache_control; + cclen = sprintf(cache_control, + "%s, max-age=%u", + intermediates[wsi->cache_intermediaries], + m->cache_max_age); + } else { + cc = cache_control; + cclen = sprintf(cache_control, + "must-revalidate, %s, max-age=%u", + intermediates[wsi->cache_intermediaries], + m->cache_max_age); + } + } + + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_CACHE_CONTROL, + (unsigned char *)cc, cclen, &p, end)) + return -1; + if (lws_finalize_http_header(wsi, &p, end)) return -1; @@ -594,7 +648,10 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin, lws_vfs_file_close(&wsi->http.fop_fd); - return lws_http_transaction_completed(wsi); + if (lws_http_transaction_completed(wsi)) + return -1; + + return 0; } } @@ -605,8 +662,13 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin, mimetype = lws_get_mimetype(path, m); if (!mimetype) { - lwsl_err("unknown mimetype for %s\n", path); - goto bail; + lwsl_info("unknown mimetype for %s\n", path); + if (lws_return_http_status(wsi, + HTTP_STATUS_UNSUPPORTED_MEDIA_TYPE, NULL) || + lws_http_transaction_completed(wsi)) + return -1; + + return 0; } if (!mimetype[0]) lwsl_debug("sending no mimetype for %s\n", path); @@ -642,8 +704,8 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin, const struct lws_protocols *pp = lws_vhost_name_to_protocol( wsi->vhost, m->protocol); - if (lws_bind_protocol(wsi, pp)) - return 1; + if (lws_bind_protocol(wsi, pp, __func__)) + return -1; args.p = (char *)p; args.max_len = lws_ptr_diff(end, p); if (pp->callback(wsi, LWS_CALLBACK_ADD_HEADERS, @@ -652,6 +714,7 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin, p = (unsigned char *)args.p; } + *p = '\0'; n = lws_serve_http_file(wsi, path, mimetype, (char *)start, lws_ptr_diff(p, start)); @@ -659,9 +722,10 @@ lws_http_serve(struct lws *wsi, char *uri, const char *origin, return -1; /* error or can't reuse connection: close the socket */ return 0; -bail: - return -1; +notfound: + + return 1; } #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) @@ -749,7 +813,7 @@ lws_unauthorised_basic_auth(struct lws *wsi) { struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; unsigned char *start = pt->serv_buf + LWS_PRE, - *p = start, *end = p + 512; + *p = start, *end = p + 2048; char buf[64]; int n; @@ -848,24 +912,25 @@ lws_http_get_uri_and_method(struct lws *wsi, char **puri_ptr, int *puri_len) return -1; } +static const char * const oprot[] = { + "http://", "https://" +}; + int lws_http_action(struct lws *wsi) { struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - enum http_connection_type connection_type; + const struct lws_http_mount *hit = NULL; enum http_version request_version; - char content_length_str[32]; struct lws_process_html_args args; - const struct lws_http_mount *hit = NULL; - unsigned int n; - char http_version_str[10]; - char http_conn_str[20]; - int http_version_len; + enum http_conn_type conn_type; + char content_length_str[32]; + char http_version_str[12]; char *uri_ptr = NULL, *s; - int uri_len = 0, meth; - static const char * const oprot[] = { - "http://", "https://" - }; + int uri_len = 0, meth, m; + char http_conn_str[25]; + int http_version_len; + unsigned int n; meth = lws_http_get_uri_and_method(wsi, &uri_ptr, &uri_len); if (meth < 0 || meth >= (int)LWS_ARRAY_SIZE(method_names)) @@ -898,16 +963,21 @@ lws_http_action(struct lws *wsi) /* HTTP header had a content length? */ wsi->http.rx_content_length = 0; + wsi->http.content_length_explicitly_zero = 0; if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI) || - lws_hdr_total_length(wsi, WSI_TOKEN_PATCH_URI) || - lws_hdr_total_length(wsi, WSI_TOKEN_PUT_URI)) + lws_hdr_total_length(wsi, WSI_TOKEN_PATCH_URI) || + lws_hdr_total_length(wsi, WSI_TOKEN_PUT_URI)) wsi->http.rx_content_length = 100 * 1024 * 1024; - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { - lws_hdr_copy(wsi, content_length_str, - sizeof(content_length_str) - 1, - WSI_TOKEN_HTTP_CONTENT_LENGTH); + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH) && + lws_hdr_copy(wsi, content_length_str, + sizeof(content_length_str) - 1, + WSI_TOKEN_HTTP_CONTENT_LENGTH) > 0) { wsi->http.rx_content_length = atoll(content_length_str); + if (!wsi->http.rx_content_length) { + wsi->http.content_length_explicitly_zero = 1; + lwsl_debug("%s: explicit 0 content-length\n", __func__); + } } if (wsi->http2_substream) { @@ -918,35 +988,33 @@ lws_http_action(struct lws *wsi) /* Works for single digit HTTP versions. : */ http_version_len = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP); - if (http_version_len > 7) { - lws_hdr_copy(wsi, http_version_str, - sizeof(http_version_str) - 1, - WSI_TOKEN_HTTP); - if (http_version_str[5] == '1' && - http_version_str[7] == '1') - request_version = HTTP_VERSION_1_1; - } + if (http_version_len > 7 && + lws_hdr_copy(wsi, http_version_str, + sizeof(http_version_str) - 1, + WSI_TOKEN_HTTP) > 0 && + http_version_str[5] == '1' && http_version_str[7] == '1') + request_version = HTTP_VERSION_1_1; + wsi->http.request_version = request_version; /* HTTP/1.1 defaults to "keep-alive", 1.0 to "close" */ if (request_version == HTTP_VERSION_1_1) - connection_type = HTTP_CONNECTION_KEEP_ALIVE; + conn_type = HTTP_CONNECTION_KEEP_ALIVE; else - connection_type = HTTP_CONNECTION_CLOSE; + conn_type = HTTP_CONNECTION_CLOSE; /* Override default if http "Connection:" header: */ - if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECTION)) { - lws_hdr_copy(wsi, http_conn_str, - sizeof(http_conn_str) - 1, - WSI_TOKEN_CONNECTION); + if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECTION) && + lws_hdr_copy(wsi, http_conn_str, sizeof(http_conn_str) - 1, + WSI_TOKEN_CONNECTION) > 0) { http_conn_str[sizeof(http_conn_str) - 1] = '\0'; if (!strcasecmp(http_conn_str, "keep-alive")) - connection_type = HTTP_CONNECTION_KEEP_ALIVE; + conn_type = HTTP_CONNECTION_KEEP_ALIVE; else if (!strcasecmp(http_conn_str, "close")) - connection_type = HTTP_CONNECTION_CLOSE; + conn_type = HTTP_CONNECTION_CLOSE; } - wsi->http.connection_type = connection_type; + wsi->http.conn_type = conn_type; } n = wsi->protocol->callback(wsi, LWS_CALLBACK_FILTER_HTTP_CONNECTION, @@ -970,7 +1038,7 @@ lws_http_action(struct lws *wsi) * URI from the host: header and ignore the path part */ unsigned char *start = pt->serv_buf + LWS_PRE, *p = start, - *end = p + 512; + *end = p + wsi->context->pt_serv_buf_size - LWS_PRE; if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) goto bail_nuke_ah; @@ -988,7 +1056,7 @@ lws_http_action(struct lws *wsi) #endif #ifdef LWS_WITH_ACCESS_LOG - lws_prepare_access_log_info(wsi, uri_ptr, meth); + lws_prepare_access_log_info(wsi, uri_ptr, uri_len, meth); #endif /* can we serve it from the mount list? */ @@ -999,12 +1067,13 @@ lws_http_action(struct lws *wsi) lwsl_info("no hit\n"); - if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0])) + if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0], + "no mount hit")) return 1; lwsi_set_state(wsi, LRS_DOING_TRANSACTION); - n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, + m = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, wsi->user_space, uri_ptr, uri_len); goto after; @@ -1035,10 +1104,11 @@ lws_http_action(struct lws *wsi) hit->origin_protocol == LWSMPRO_REDIR_HTTPS)) && (hit->origin_protocol != LWSMPRO_CGI && hit->origin_protocol != LWSMPRO_CALLBACK)) { - unsigned char *start = pt->serv_buf + LWS_PRE, - *p = start, *end = p + 512; + unsigned char *start = pt->serv_buf + LWS_PRE, *p = start, + *end = p + wsi->context->pt_serv_buf_size - + LWS_PRE - 512; - lwsl_debug("Doing 301 '%s' org %s\n", s, hit->origin); + lwsl_info("Doing 301 '%s' org %s\n", s, hit->origin); /* > at start indicates deal with by redirect */ if (hit->origin_protocol == LWSMPRO_REDIR_HTTP || @@ -1075,12 +1145,21 @@ lws_http_action(struct lws *wsi) /* basic auth? */ if (hit->basic_auth_login_file) { - char b64[160], plain[(sizeof(b64) * 3) / 4]; - int m; + char b64[160], plain[(sizeof(b64) * 3) / 4], *pcolon; + int m, ml, fi; /* Did he send auth? */ - if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_AUTHORIZATION)) + ml = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_AUTHORIZATION); + if (!ml) + return lws_unauthorised_basic_auth(wsi); + + /* Disallow fragmentation monkey business */ + + fi = wsi->http.ah->frag_index[WSI_TOKEN_HTTP_AUTHORIZATION]; + if (wsi->http.ah->frags[fi].nfrag) { + lwsl_err("fragmented basic auth header not allowed\n"); return lws_unauthorised_basic_auth(wsi); + } n = HTTP_STATUS_FORBIDDEN; @@ -1099,21 +1178,36 @@ lws_http_action(struct lws *wsi) /* It'll be like Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l */ - m = lws_b64_decode_string(b64 + 6, plain, sizeof(plain)); + m = lws_b64_decode_string(b64 + 6, plain, sizeof(plain) - 1); if (m < 0) { lwsl_err("plain auth too long\n"); goto transaction_result_n; } + plain[m] = '\0'; + pcolon = strchr(plain, ':'); + if (!pcolon) { + lwsl_err("basic auth format broken\n"); + return lws_unauthorised_basic_auth(wsi); + } if (!lws_find_string_in_file(hit->basic_auth_login_file, plain, m)) { lwsl_err("basic auth lookup failed\n"); return lws_unauthorised_basic_auth(wsi); } - lwsl_info("basic auth accepted\n"); + /* + * Rewrite WSI_TOKEN_HTTP_AUTHORIZATION so it is just the + * authorized username + */ - /* accept the auth */ + *pcolon = '\0'; + wsi->http.ah->frags[fi].len = lws_ptr_diff(pcolon, plain); + pcolon = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_AUTHORIZATION); + strncpy(pcolon, plain, ml - 1); + pcolon[ml - 1] = '\0'; + lwsl_info("%s: basic auth accepted for %s\n", __func__, + lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_AUTHORIZATION)); } #if defined(LWS_WITH_HTTP_PROXY) @@ -1121,15 +1215,21 @@ lws_http_action(struct lws *wsi) * The mount is a reverse proxy? */ + // lwsl_notice("%s: origin_protocol: %d\n", __func__, hit->origin_protocol); + if (hit->origin_protocol == LWSMPRO_HTTPS || hit->origin_protocol == LWSMPRO_HTTP) { + char ads[96], rpath[256], *pcolon, *pslash, unix_skt = 0; struct lws_client_connect_info i; - char ads[96], rpath[256], *pcolon, *pslash, *p; + struct lws *cwsi; int n, na; memset(&i, 0, sizeof(i)); i.context = lws_get_context(wsi); + if (hit->origin[0] == '+') + unix_skt = 1; + pcolon = strchr(hit->origin, ':'); pslash = strchr(hit->origin, '/'); if (!pslash) { @@ -1137,16 +1237,28 @@ lws_http_action(struct lws *wsi) hit->origin); return -1; } - if (pcolon > pslash) - pcolon = NULL; - if (pcolon) - n = pcolon - hit->origin; - else - n = pslash - hit->origin; + if (unix_skt) { + if (!pcolon) { + lwsl_err("Proxy mount origin for unix skt must " + "have address delimited by :\n"); + + return -1; + } + n = lws_ptr_diff(pcolon, hit->origin); + pslash = pcolon; + } else { + if (pcolon > pslash) + pcolon = NULL; + + if (pcolon) + n = (int)(pcolon - hit->origin); + else + n = (int)(pslash - hit->origin); - if (n >= (int)sizeof(ads) - 2) - n = sizeof(ads) - 2; + if (n >= (int)sizeof(ads) - 2) + n = sizeof(ads) - 2; + } memcpy(ads, hit->origin, n); ads[n] = '\0'; @@ -1160,41 +1272,75 @@ lws_http_action(struct lws *wsi) if (pcolon) i.port = atoi(pcolon + 1); - lws_snprintf(rpath, sizeof(rpath) - 1, "/%s/%s", pslash + 1, - uri_ptr + hit->mountpoint_len); + n = lws_snprintf(rpath, sizeof(rpath) - 1, "/%s/%s", + pslash + 1, uri_ptr + hit->mountpoint_len) - 2; lws_clean_url(rpath); na = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_URI_ARGS); if (na) { - p = rpath + strlen(rpath); - *p++ = '?'; - lws_hdr_copy(wsi, p, &rpath[sizeof(rpath) - 1] - p, - WSI_TOKEN_HTTP_URI_ARGS); - while (--na) { - if (*p == '\0') - *p = '&'; - p++; + char *p = rpath + n; + + if (na >= (int)sizeof(rpath) - n - 2) { + lwsl_info("%s: query string %d longer " + "than we can handle\n", __func__, + na); + + return -1; } - } + *p++ = '?'; + if (lws_hdr_copy(wsi, p, + (int)(&rpath[sizeof(rpath) - 1] - p), + WSI_TOKEN_HTTP_URI_ARGS) > 0) + while (na--) { + if (*p == '\0') + *p = '&'; + p++; + } + *p = '\0'; + } i.path = rpath; - i.host = i.address; + if (i.address[0] != '+' || + !lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST)) + i.host = i.address; + else + i.host = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST); i.origin = NULL; i.method = "GET"; + i.alpn = "http/1.1"; i.parent_wsi = wsi; - i.uri_replace_from = hit->origin; - i.uri_replace_to = hit->mountpoint; + i.pwsi = &cwsi; + + // i.uri_replace_from = hit->origin; + // i.uri_replace_to = hit->mountpoint; - lwsl_notice("proxying to %s port %d url %s, ssl %d, " + lwsl_info("proxying to %s port %d url %s, ssl %d, " "from %s, to %s\n", i.address, i.port, i.path, i.ssl_connection, i.uri_replace_from, i.uri_replace_to); if (!lws_client_connect_via_info(&i)) { lwsl_err("proxy connect fail\n"); + + /* + * ... we can't do the proxy action, but we can + * cleanly return him a 503 and a description + */ + + lws_return_http_status(wsi, + HTTP_STATUS_SERVICE_UNAVAILABLE, + "<h1>Service Temporarily Unavailable</h1>" + "The server is temporarily unable to service " + "your request due to maintenance downtime or " + "capacity problems. Please try again later."); + return 1; } + lwsl_info("%s: setting proxy clientside on %p (parent %p)\n", + __func__, cwsi, lws_get_parent(cwsi)); + cwsi->http.proxy_clientside = 1; + return 0; } #endif @@ -1219,7 +1365,7 @@ lws_http_action(struct lws *wsi) return 1; } - if (lws_bind_protocol(wsi, pp)) + if (lws_bind_protocol(wsi, pp, "http action CALLBACK bind")) return 1; args.p = uri_ptr; @@ -1245,7 +1391,7 @@ lws_http_action(struct lws *wsi) return 1; if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI)) { - n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, + m = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, wsi->user_space, uri_ptr + hit->mountpoint_len, uri_len - hit->mountpoint_len); @@ -1279,7 +1425,7 @@ lws_http_action(struct lws *wsi) } #endif - n = (int)strlen(s); + n = uri_len - lws_ptr_diff(s, uri_ptr); // (int)strlen(s); if (s[0] == '\0' || (n == 1 && s[n - 1] == '/')) s = (char *)hit->def; if (!s) @@ -1290,10 +1436,11 @@ lws_http_action(struct lws *wsi) wsi->cache_revalidate = hit->cache_revalidate; wsi->cache_intermediaries = hit->cache_intermediaries; - n = 1; + m = 1; if (hit->origin_protocol == LWSMPRO_FILE) - n = lws_http_serve(wsi, s, hit->origin, hit); - if (n) { + m = lws_http_serve(wsi, s, hit->origin, hit); + + if (m > 0) { /* * lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL); */ @@ -1302,20 +1449,22 @@ lws_http_action(struct lws *wsi) lws_vhost_name_to_protocol( wsi->vhost, hit->protocol); - if (lws_bind_protocol(wsi, pp)) + lwsi_set_state(wsi, LRS_DOING_TRANSACTION); + + if (lws_bind_protocol(wsi, pp, "http_action HTTP")) return 1; - n = pp->callback(wsi, LWS_CALLBACK_HTTP, + m = pp->callback(wsi, LWS_CALLBACK_HTTP, wsi->user_space, uri_ptr + hit->mountpoint_len, uri_len - hit->mountpoint_len); } else - n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, + m = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, wsi->user_space, uri_ptr, uri_len); } after: - if (n) { + if (m) { lwsl_info("LWS_CALLBACK_HTTP closing\n"); return 1; @@ -1337,9 +1486,35 @@ deal_body: lwsl_debug("wsi->http.rx_content_length %lld %d %d\n", (long long)wsi->http.rx_content_length, wsi->upgraded_to_http2, wsi->http2_substream); + + if (wsi->http.content_length_explicitly_zero && + lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI)) { + + /* + * POST with an explicit content-length of zero + * + * If we don't give the user code the empty HTTP_BODY + * callback, he may become confused to hear the + * HTTP_BODY_COMPLETION (due to, eg, instantiation of + * lws_spa never happened). + * + * HTTP_BODY_COMPLETION is responsible for sending the + * result status code and result body if any, and + * do the transaction complete processing. + */ + if (wsi->protocol->callback(wsi, + LWS_CALLBACK_HTTP_BODY, + wsi->user_space, NULL, 0)) + return 1; + if (wsi->protocol->callback(wsi, + LWS_CALLBACK_HTTP_BODY_COMPLETION, + wsi->user_space, NULL, 0)) + return 1; + + return 0; + } + if (wsi->http.rx_content_length > 0) { - struct lws_tokens ebuf; - int m; lwsi_set_state(wsi, LRS_BODY); lwsl_info("%s: %p: LRS_BODY state set (0x%x)\n", @@ -1355,12 +1530,18 @@ deal_body: */ while (1) { + struct lws_tokens ebuf; + int m; + ebuf.len = (int)lws_buflist_next_segment_len( - &wsi->buflist, (uint8_t **)&ebuf.token); + &wsi->buflist, + (uint8_t **)&ebuf.token); if (!ebuf.len) break; - lwsl_notice("%s: consuming %d\n", __func__, (int)ebuf.len); - m = lws_read_h1(wsi, (uint8_t *)ebuf.token, ebuf.len); + lwsl_notice("%s: consuming %d\n", __func__, + (int)ebuf.len); + m = lws_read_h1(wsi, (uint8_t *)ebuf.token, + ebuf.len); if (m < 0) return -1; @@ -1384,6 +1565,75 @@ transaction_result_n: } int +lws_confirm_host_header(struct lws *wsi) +{ + struct lws_tokenize ts; + lws_tokenize_elem e; + char buf[128]; + int port = 80; + + /* + * this vhost wants us to validate what the + * client sent against our vhost name + */ + + if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { + lwsl_info("%s: missing host on upgrade\n", __func__); + + return 1; + } + +#if defined(LWS_WITH_TLS) + if (wsi->tls.ssl) + port = 443; +#endif + + lws_tokenize_init(&ts, buf, LWS_TOKENIZE_F_DOT_NONTERM /* server.com */| + LWS_TOKENIZE_F_NO_FLOATS /* 1.server.com */| + LWS_TOKENIZE_F_MINUS_NONTERM /* a-b.com */); + ts.len = lws_hdr_copy(wsi, buf, sizeof(buf) - 1, WSI_TOKEN_HOST); + if (ts.len <= 0) { + lwsl_info("%s: missing or oversize host header\n", __func__); + return 1; + } + + if (lws_tokenize(&ts) != LWS_TOKZE_TOKEN) + goto bad_format; + + if (strncmp(ts.token, wsi->vhost->name, ts.token_len)) { + buf[(ts.token - buf) + ts.token_len] = '\0'; + lwsl_info("%s: '%s' in host hdr but vhost name %s\n", + __func__, ts.token, wsi->vhost->name); + return 1; + } + + e = lws_tokenize(&ts); + if (e == LWS_TOKZE_DELIMITER && ts.token[0] == ':') { + if (lws_tokenize(&ts) != LWS_TOKZE_INTEGER) + goto bad_format; + else + port = atoi(ts.token); + } else + if (e != LWS_TOKZE_ENDED) + goto bad_format; + + if (wsi->vhost->listen_port != port) { + lwsl_info("%s: host port %d mismatches vhost port %d\n", + __func__, port, wsi->vhost->listen_port); + return 1; + } + + lwsl_debug("%s: host header OK\n", __func__); + + return 0; + +bad_format: + lwsl_info("%s: bad host header format\n", __func__); + + return 1; +} + +int lws_handshake_server(struct lws *wsi, unsigned char **buf, size_t len) { struct lws_context *context = lws_get_context(wsi); @@ -1427,7 +1677,8 @@ raw_transition: lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); lws_bind_protocol(wsi, &wsi->vhost->protocols[ wsi->vhost-> - raw_protocol_index]); + raw_protocol_index], + __func__); lwsl_info("transition to raw vh %s prot %d\n", wsi->vhost->name, wsi->vhost->raw_protocol_index); @@ -1440,7 +1691,7 @@ raw_transition: &role_ops_raw_skt); lws_header_table_detach(wsi, 1); - if (m == 2 && (wsi->protocol->callback)(wsi, + if (wsi->protocol->callback(wsi, LWS_CALLBACK_RAW_RX, wsi->user_space, obuf, olen)) return 1; @@ -1458,13 +1709,14 @@ raw_transition: /* select vhost */ - if (lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { + if (wsi->vhost->listen_port && + lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { struct lws_vhost *vhost = lws_select_vhost( context, wsi->vhost->listen_port, lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST)); if (vhost) - wsi->vhost = vhost; + lws_vhost_bind_wsi(vhost, wsi); } else lwsl_info("no host\n"); @@ -1506,7 +1758,7 @@ raw_transition: &uri_ptr, &uri_len); if (meth >= 0) lws_prepare_access_log_info(wsi, - uri_ptr, meth); + uri_ptr, uri_len, meth); /* wsi close will do the log */ #endif @@ -1532,12 +1784,49 @@ raw_transition: lwsi_set_state(wsi, LRS_PRE_WS_SERVING_ACCEPT); lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - /* is this websocket protocol or normal http 1.0? */ - if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) { - if (!strcasecmp(lws_hdr_simple_ptr(wsi, - WSI_TOKEN_UPGRADE), - "websocket")) { + + const char *up = lws_hdr_simple_ptr(wsi, + WSI_TOKEN_UPGRADE); + + if (strcasecmp(up, "websocket") && + strcasecmp(up, "h2c")) { + lwsl_info("Unknown upgrade '%s'\n", up); + + if (lws_return_http_status(wsi, + HTTP_STATUS_FORBIDDEN, NULL) || + lws_http_transaction_completed(wsi)) + goto bail_nuke_ah; + } + + n = user_callback_handle_rxflow(wsi->protocol->callback, + wsi, LWS_CALLBACK_HTTP_CONFIRM_UPGRADE, + wsi->user_space, (char *)up, 0); + + /* just hang up? */ + + if (n < 0) + goto bail_nuke_ah; + + /* callback returned headers already, do t_c? */ + + if (n > 0) { + if (lws_http_transaction_completed(wsi)) + goto bail_nuke_ah; + + /* continue on */ + + return 0; + } + + /* callback said 0, it was allowed */ + + if (wsi->vhost->options & + LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK && + lws_confirm_host_header(wsi)) + goto bail_nuke_ah; + + if (!strcasecmp(up, "websocket")) { #if defined(LWS_ROLE_WS) wsi->vhost->conn_stats.ws_upg++; lwsl_info("Upgrade to ws\n"); @@ -1545,17 +1834,12 @@ raw_transition: #endif } #if defined(LWS_WITH_HTTP2) - if (!strcasecmp(lws_hdr_simple_ptr(wsi, - WSI_TOKEN_UPGRADE), - "h2c")) { + if (!strcasecmp(up, "h2c")) { wsi->vhost->conn_stats.h2_upg++; lwsl_info("Upgrade to h2c\n"); goto upgrade_h2c; } #endif - lwsl_info("Unknown upgrade\n"); - /* dunno what he wanted to upgrade to */ - goto bail_nuke_ah; } /* no upgrade ack... he remained as HTTP */ @@ -1565,6 +1849,10 @@ raw_transition: lwsi_set_state(wsi, LRS_ESTABLISHED); wsi->http.fop_fd = NULL; +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + lws_http_compression_validate(wsi); +#endif + lwsl_debug("%s: wsi %p: ah %p\n", __func__, (void *)wsi, (void *)wsi->http.ah); @@ -1641,91 +1929,17 @@ bail_nuke_ah: } -static int -lws_get_idlest_tsi(struct lws_context *context) -{ - unsigned int lowest = ~0; - int n = 0, hit = -1; - - for (; n < context->count_threads; n++) { - if ((unsigned int)context->pt[n].fds_count != - context->fd_limit_per_thread - 1 && - (unsigned int)context->pt[n].fds_count < lowest) { - lowest = context->pt[n].fds_count; - hit = n; - } - } - - return hit; -} - -struct lws * -lws_create_new_server_wsi(struct lws_vhost *vhost, int fixed_tsi) -{ - struct lws *new_wsi; - int n = fixed_tsi; - - if (n < 0) - n = lws_get_idlest_tsi(vhost->context); - - if (n < 0) { - lwsl_err("no space for new conn\n"); - return NULL; - } - - new_wsi = lws_zalloc(sizeof(struct lws), "new server wsi"); - if (new_wsi == NULL) { - lwsl_err("Out of memory for new connection\n"); - return NULL; - } - - new_wsi->tsi = n; - lwsl_debug("new wsi %p joining vhost %s, tsi %d\n", new_wsi, - vhost->name, new_wsi->tsi); - - new_wsi->vhost = vhost; - new_wsi->context = vhost->context; - new_wsi->pending_timeout = NO_PENDING_TIMEOUT; - new_wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; - - /* initialize the instance struct */ - - lwsi_set_state(new_wsi, LRS_UNCONNECTED); - new_wsi->hdr_parsing_completed = 0; - -#ifdef LWS_WITH_TLS - new_wsi->tls.use_ssl = LWS_SSL_ENABLED(vhost); -#endif - - /* - * these can only be set once the protocol is known - * we set an un-established connection's protocol pointer - * to the start of the supported list, so it can look - * for matching ones during the handshake - */ - new_wsi->protocol = vhost->protocols; - new_wsi->user_space = NULL; - new_wsi->desc.sockfd = LWS_SOCK_INVALID; - new_wsi->position_in_fds_table = LWS_NO_FDS_POS; - - vhost->context->count_wsi_allocated++; - - /* - * outermost create notification for wsi - * no user_space because no protocol selection - */ - vhost->protocols[0].callback(new_wsi, LWS_CALLBACK_WSI_CREATE, - NULL, NULL, 0); - - return new_wsi; -} - LWS_VISIBLE int LWS_WARN_UNUSED_RESULT lws_http_transaction_completed(struct lws *wsi) { int n = NO_PENDING_TIMEOUT; - if (wsi->trunc_len) { + if (lws_has_buffered_out(wsi) +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + || wsi->http.comp_ctx.buflist_comp || + wsi->http.comp_ctx.may_have_more +#endif + ) { /* * ...so he tried to send something large as the http reply, * it went as a partial, but he immediately said the @@ -1734,14 +1948,18 @@ lws_http_transaction_completed(struct lws *wsi) * Defer the transaction completed until the last part of the * partial is sent. */ - lwsl_notice("%s: deferring due to partial\n", __func__); + lwsl_debug("%s: %p: deferring due to partial\n", __func__, wsi); wsi->http.deferred_transaction_completed = 1; + lws_callback_on_writable(wsi); return 0; } lwsl_info("%s: wsi %p\n", __func__, wsi); +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + lws_http_compression_destroy(wsi); +#endif lws_access_log(wsi); if (!wsi->hdr_parsing_completed) { @@ -1755,17 +1973,17 @@ lws_http_transaction_completed(struct lws *wsi) /* if we can't go back to accept new headers, drop the connection */ if (wsi->http2_substream) - return 0; + return 1; if (wsi->seen_zero_length_recv) return 1; - if (wsi->http.connection_type != HTTP_CONNECTION_KEEP_ALIVE) { - lwsl_notice("%s: %p: close connection\n", __func__, wsi); + if (wsi->http.conn_type != HTTP_CONNECTION_KEEP_ALIVE) { + lwsl_info("%s: %p: close connection\n", __func__, wsi); return 1; } - if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0])) + if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0], __func__)) return 1; /* @@ -1780,6 +1998,7 @@ lws_http_transaction_completed(struct lws *wsi) wsi->http.tx_content_length = 0; wsi->http.tx_content_remain = 0; wsi->hdr_parsing_completed = 0; + wsi->sending_chunked = 0; #ifdef LWS_WITH_ACCESS_LOG wsi->http.access_log.sent = 0; #endif @@ -1803,7 +2022,7 @@ lws_http_transaction_completed(struct lws *wsi) if (wsi->http.ah) { // lws_buflist_describe(&wsi->buflist, wsi); if (!lws_buflist_next_segment_len(&wsi->buflist, NULL)) { - lwsl_info("%s: %p: nothing in buflist so detaching ah\n", + lwsl_debug("%s: %p: nothing in buflist, detaching ah\n", __func__, wsi); lws_header_table_detach(wsi, 1); #ifdef LWS_WITH_TLS @@ -1823,7 +2042,7 @@ lws_http_transaction_completed(struct lws *wsi) } #endif } else { - lwsl_info("%s: %p: resetting and keeping ah as pipeline\n", + lwsl_info("%s: %p: resetting/keeping ah as pipeline\n", __func__, wsi); lws_header_table_reset(wsi, 0); /* @@ -1839,360 +2058,41 @@ lws_http_transaction_completed(struct lws *wsi) if (wsi->http.ah) wsi->http.ah->ues = URIES_IDLE; - //lwsi_set_state(wsi, LRS_ESTABLISHED); + //lwsi_set_state(wsi, LRS_ESTABLISHED); // !!! } else if (lws_buflist_next_segment_len(&wsi->buflist, NULL)) if (lws_header_table_attach(wsi, 0)) lwsl_debug("acquired ah\n"); - lwsl_info("%s: %p: keep-alive await new transaction\n", __func__, wsi); + lwsl_debug("%s: %p: keep-alive await new transaction (state 0x%x)\n", + __func__, wsi, wsi->wsistate); lws_callback_on_writable(wsi); return 0; } -/* if not a socket, it's a raw, non-ssl file descriptor */ - -LWS_VISIBLE struct lws * -lws_adopt_descriptor_vhost(struct lws_vhost *vh, lws_adoption_type type, - lws_sock_file_fd_type fd, const char *vh_prot_name, - struct lws *parent) -{ - struct lws_context *context = vh->context; - struct lws *new_wsi; - struct lws_context_per_thread *pt; - int n, ssl = 0; - -#if defined(LWS_WITH_PEER_LIMITS) - struct lws_peer *peer = NULL; - - if (type & LWS_ADOPT_SOCKET && !(type & LWS_ADOPT_WS_PARENTIO)) { - peer = lws_get_or_create_peer(vh, fd.sockfd); - - if (peer && context->ip_limit_wsi && - peer->count_wsi >= context->ip_limit_wsi) { - lwsl_notice("Peer reached wsi limit %d\n", - context->ip_limit_wsi); - lws_stats_atomic_bump(context, &context->pt[0], - LWSSTATS_C_PEER_LIMIT_WSI_DENIED, 1); - return NULL; - } - } -#endif - - n = -1; - if (parent) - n = parent->tsi; - new_wsi = lws_create_new_server_wsi(vh, n); - if (!new_wsi) { - if (type & LWS_ADOPT_SOCKET && !(type & LWS_ADOPT_WS_PARENTIO)) - compatible_close(fd.sockfd); - return NULL; - } -#if defined(LWS_WITH_PEER_LIMITS) - if (peer) - lws_peer_add_wsi(context, peer, new_wsi); -#endif - pt = &context->pt[(int)new_wsi->tsi]; - lws_stats_atomic_bump(context, pt, LWSSTATS_C_CONNECTIONS, 1); - - if (parent) { - new_wsi->parent = parent; - new_wsi->sibling_list = parent->child_list; - parent->child_list = new_wsi; - - if (type & LWS_ADOPT_WS_PARENTIO) - new_wsi->parent_carries_io = 1; - } - - new_wsi->desc = fd; - - if (vh_prot_name) { - new_wsi->protocol = lws_vhost_name_to_protocol(new_wsi->vhost, - vh_prot_name); - if (!new_wsi->protocol) { - lwsl_err("Protocol %s not enabled on vhost %s\n", - vh_prot_name, new_wsi->vhost->name); - goto bail; - } - if (lws_ensure_user_space(new_wsi)) { - lwsl_notice("OOM trying to get user_space\n"); - goto bail; - } -#if defined(LWS_ROLE_WS) - if (type & LWS_ADOPT_WS_PARENTIO) { - new_wsi->desc.sockfd = LWS_SOCK_INVALID; - lwsl_debug("binding to %s\n", new_wsi->protocol->name); - lws_bind_protocol(new_wsi, new_wsi->protocol); - lws_role_transition(new_wsi, LWSIFR_SERVER, - LRS_ESTABLISHED, &role_ops_ws); - /* allocate the ws struct for the wsi */ - new_wsi->ws = lws_zalloc(sizeof(*new_wsi->ws), "ws struct"); - if (!new_wsi->ws) { - lwsl_notice("OOM\n"); - goto bail; - } - lws_server_init_wsi_for_ws(new_wsi); - - return new_wsi; - } -#endif - } else -#if defined(LWS_ROLE_H1) - if (type & LWS_ADOPT_HTTP) {/* he will transition later */ - new_wsi->protocol = - &vh->protocols[vh->default_protocol_index]; - new_wsi->role_ops = &role_ops_h1; - } - else -#endif - { /* this is the only time he will transition */ - lws_bind_protocol(new_wsi, - &vh->protocols[vh->raw_protocol_index]); - lws_role_transition(new_wsi, 0, LRS_ESTABLISHED, - &role_ops_raw_skt); - } - - if (type & LWS_ADOPT_SOCKET) { /* socket desc */ - lwsl_debug("%s: new wsi %p, sockfd %d\n", __func__, new_wsi, - (int)(lws_intptr_t)fd.sockfd); -#if !defined(LWS_WITH_ESP32) - if (type & LWS_ADOPT_FLAG_UDP) - /* - * these can be >128 bytes, so just alloc for UDP - */ - new_wsi->udp = lws_malloc(sizeof(*new_wsi->udp), - "udp struct"); -#endif - - if (type & LWS_ADOPT_HTTP) - /* the transport is accepted... - * give him time to negotiate */ - lws_set_timeout(new_wsi, - PENDING_TIMEOUT_ESTABLISH_WITH_SERVER, - context->timeout_secs); - - } else /* file desc */ - lwsl_debug("%s: new wsi %p, filefd %d\n", __func__, new_wsi, - (int)(lws_intptr_t)fd.filefd); - - /* - * A new connection was accepted. Give the user a chance to - * set properties of the newly created wsi. There's no protocol - * selected yet so we issue this to the vhosts's default protocol, - * itself by default protocols[0] - */ - n = LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED; - if (!(type & LWS_ADOPT_HTTP)) { - if (!(type & LWS_ADOPT_SOCKET)) - n = LWS_CALLBACK_RAW_ADOPT_FILE; - else - n = LWS_CALLBACK_RAW_ADOPT; - } - - if (!LWS_SSL_ENABLED(new_wsi->vhost) || !(type & LWS_ADOPT_ALLOW_SSL) || - !(type & LWS_ADOPT_SOCKET)) { - /* non-SSL */ - if (!(type & LWS_ADOPT_HTTP)) { - if (!(type & LWS_ADOPT_SOCKET)) - lws_role_transition(new_wsi, 0, LRS_ESTABLISHED, - &role_ops_raw_file); - else - lws_role_transition(new_wsi, 0, LRS_ESTABLISHED, - &role_ops_raw_skt); - } -#if defined(LWS_ROLE_H1) - else - lws_role_transition(new_wsi, LWSIFR_SERVER, - LRS_HEADERS, &role_ops_h1); -#endif - } else { - /* SSL */ - if (!(type & LWS_ADOPT_HTTP)) - lws_role_transition(new_wsi, 0, LRS_SSL_INIT, - &role_ops_raw_skt); -#if defined(LWS_ROLE_H1) - else - lws_role_transition(new_wsi, LWSIFR_SERVER, - LRS_SSL_INIT, &role_ops_h1); -#endif - ssl = 1; - } - - lwsl_debug("new wsi wsistate 0x%x\n", new_wsi->wsistate); - - if (context->event_loop_ops->accept) - context->event_loop_ops->accept(new_wsi); - - if (!ssl) { - lws_pt_lock(pt, __func__); - if (__insert_wsi_socket_into_fds(context, new_wsi)) { - lws_pt_unlock(pt); - lwsl_err("%s: fail inserting socket\n", __func__); - goto fail; - } - lws_pt_unlock(pt); - } else - if (lws_server_socket_service_ssl(new_wsi, fd.sockfd)) { - lwsl_info("%s: fail ssl negotiation\n", __func__); - goto fail; - } - - /* - * by deferring callback to this point, after insertion to fds, - * lws_callback_on_writable() can work from the callback - */ - if ((new_wsi->protocol->callback)( - new_wsi, n, new_wsi->user_space, NULL, 0)) - goto fail; - - if (type & LWS_ADOPT_HTTP) { - if (!lws_header_table_attach(new_wsi, 0)) - lwsl_debug("Attached ah immediately\n"); - else - lwsl_info("%s: waiting for ah\n", __func__); - } - - lws_cancel_service_pt(new_wsi); - - return new_wsi; - -fail: - if (type & LWS_ADOPT_SOCKET) - lws_close_free_wsi(new_wsi, LWS_CLOSE_STATUS_NOSTATUS, "adopt skt fail"); - - return NULL; - -bail: - lwsl_notice("%s: exiting on bail\n", __func__); - if (parent) - parent->child_list = new_wsi->sibling_list; - if (new_wsi->user_space) - lws_free(new_wsi->user_space); - lws_free(new_wsi); - compatible_close(fd.sockfd); - - return NULL; -} - -LWS_VISIBLE struct lws * -lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd) -{ - lws_sock_file_fd_type fd; - - fd.sockfd = accept_fd; - return lws_adopt_descriptor_vhost(vh, LWS_ADOPT_SOCKET | - LWS_ADOPT_HTTP | LWS_ADOPT_ALLOW_SSL, fd, NULL, NULL); -} - -LWS_VISIBLE struct lws * -lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd) -{ - return lws_adopt_socket_vhost(context->vhost_list, accept_fd); -} - -/* Common read-buffer adoption for lws_adopt_*_readbuf */ -static struct lws* -adopt_socket_readbuf(struct lws *wsi, const char *readbuf, size_t len) -{ - struct lws_context_per_thread *pt; - struct lws_pollfd *pfd; - int n; - - if (!wsi) - return NULL; - - if (!readbuf || len == 0) - return wsi; - - if (wsi->position_in_fds_table == LWS_NO_FDS_POS) - return wsi; - - pt = &wsi->context->pt[(int)wsi->tsi]; - - n = lws_buflist_append_segment(&wsi->buflist, (const uint8_t *)readbuf, len); - if (n < 0) - goto bail; - if (n) - lws_dll_lws_add_front(&wsi->dll_buflist, &pt->dll_head_buflist); - - /* - * we can't process the initial read data until we can attach an ah. - * - * if one is available, get it and place the data in his ah rxbuf... - * wsi with ah that have pending rxbuf get auto-POLLIN service. - * - * no autoservice because we didn't get a chance to attach the - * readbuf data to wsi or ah yet, and we will do it next if we get - * the ah. - */ - if (wsi->http.ah || !lws_header_table_attach(wsi, 0)) { - - lwsl_notice("%s: calling service on readbuf ah\n", __func__); - - /* unlike a normal connect, we have the headers already - * (or the first part of them anyway). - * libuv won't come back and service us without a network - * event, so we need to do the header service right here. - */ - pfd = &pt->fds[wsi->position_in_fds_table]; - pfd->revents |= LWS_POLLIN; - lwsl_err("%s: calling service\n", __func__); - if (lws_service_fd_tsi(wsi->context, pfd, wsi->tsi)) - /* service closed us */ - return NULL; - - return wsi; - } - lwsl_err("%s: deferring handling ah\n", __func__); - - return wsi; - -bail: - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "adopt skt readbuf fail"); - - return NULL; -} - -LWS_VISIBLE struct lws * -lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd, - const char *readbuf, size_t len) -{ - return adopt_socket_readbuf(lws_adopt_socket(context, accept_fd), - readbuf, len); -} - -LWS_VISIBLE struct lws * -lws_adopt_socket_vhost_readbuf(struct lws_vhost *vhost, - lws_sockfd_type accept_fd, - const char *readbuf, size_t len) -{ - return adopt_socket_readbuf(lws_adopt_socket_vhost(vhost, accept_fd), - readbuf, len); -} LWS_VISIBLE int lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type, const char *other_headers, int other_headers_len) { - static const char * const intermediates[] = { "private", "public" }; struct lws_context *context = lws_get_context(wsi); struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + unsigned char *response = pt->serv_buf + LWS_PRE; #if defined(LWS_WITH_RANGES) struct lws_range_parsing *rp = &wsi->http.range; #endif + int ret = 0, cclen = 8, n = HTTP_STATUS_OK; char cache_control[50], *cc = "no-store"; - unsigned char *response = pt->serv_buf + LWS_PRE; + lws_fop_flags_t fflags = LWS_O_RDONLY; + const struct lws_plat_file_ops *fops; + lws_filepos_t total_content_length; unsigned char *p = response; unsigned char *end = p + context->pt_serv_buf_size - LWS_PRE; - lws_filepos_t total_content_length; - int ret = 0, cclen = 8, n = HTTP_STATUS_OK; - lws_fop_flags_t fflags = LWS_O_RDONLY; + const char *vpath; #if defined(LWS_WITH_RANGES) int ranges; #endif - const struct lws_plat_file_ops *fops; - const char *vpath; if (wsi->handling_404) n = HTTP_STATUS_NOT_FOUND; @@ -2212,7 +2112,8 @@ lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type, if (!wsi->http.fop_fd) { lwsl_info("%s: Unable to open: '%s': errno %d\n", __func__, file, errno); - if (lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL)) + if (lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, + NULL)) return -1; return !wsi->http2_substream; } @@ -2233,14 +2134,14 @@ lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type, */ if (ranges < 0) { /* it means he expressed a range in Range:, but it was illegal */ - lws_return_http_status(wsi, HTTP_STATUS_REQ_RANGE_NOT_SATISFIABLE, - NULL); + lws_return_http_status(wsi, + HTTP_STATUS_REQ_RANGE_NOT_SATISFIABLE, NULL); if (lws_http_transaction_completed(wsi)) return -1; /* <0 means just hang up */ lws_vfs_file_close(&wsi->http.fop_fd); - return 0; /* == 0 means we dealt with the transaction complete */ + return 0; /* == 0 means we did the transaction complete */ } if (ranges) n = HTTP_STATUS_PARTIAL_CONTENT; @@ -2258,6 +2159,20 @@ lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type, return -1; lwsl_info("file is being provided in gzip\n"); } +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + else { + /* + * if we know its very compressible, and we can use + * compression, then use the most preferred compression + * method that the client said he will accept + */ + + if (!strncmp(content_type, "text/", 5) || + !strcmp(content_type, "application/javascript") || + !strcmp(content_type, "image/svg+xml")) + lws_http_compression_apply(wsi, NULL, &p, end, 0); + } +#endif if ( #if defined(LWS_WITH_RANGES) @@ -2339,40 +2254,78 @@ lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type, #endif if (!wsi->http2_substream) { - if (!wsi->sending_chunked) { + /* for http/1.1 ... */ + if (!wsi->sending_chunked +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + && !wsi->http.lcs +#endif + ) { + /* ... if not already using chunked and not using an + * http compression translation, then send the naive + * content length + */ if (lws_add_http_header_content_length(wsi, - total_content_length, - &p, end)) + total_content_length, &p, end)) return -1; } else { - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_TRANSFER_ENCODING, - (unsigned char *)"chunked", - 7, &p, end)) - return -1; + +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + if (wsi->http.lcs) { + + /* ...otherwise, for http 1 it must go chunked. + * For the compression case, the reason is we + * compress on the fly and do not know the + * compressed content-length until it has all + * been sent. Http/1.1 pipelining must be able + * to know where the transaction boundaries are + * ... so chunking... + */ + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_TRANSFER_ENCODING, + (unsigned char *)"chunked", 7, + &p, end)) + return -1; + + /* + * ...this is fun, isn't it :-) For h1 that is + * using an http compression translation, the + * compressor must chunk its output privately. + * + * h2 doesn't need (or support) any of this + * crap. + */ + lwsl_debug("setting chunking\n"); + wsi->http.comp_ctx.chunking = 1; + } +#endif } } if (wsi->cache_secs && wsi->cache_reuse) { - if (wsi->cache_revalidate) { + if (!wsi->cache_revalidate) { cc = cache_control; - cclen = sprintf(cache_control, "%s max-age: %u", + cclen = sprintf(cache_control, "%s, max-age=%u", intermediates[wsi->cache_intermediaries], wsi->cache_secs); } else { - cc = "no-cache"; - cclen = 8; + cc = cache_control; + cclen = sprintf(cache_control, + "must-revalidate, %s, max-age=%u", + intermediates[wsi->cache_intermediaries], + wsi->cache_secs); + } } - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CACHE_CONTROL, - (unsigned char *)cc, cclen, &p, end)) - return -1; - - if (wsi->http.connection_type == HTTP_CONNECTION_KEEP_ALIVE) - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_CONNECTION, - (unsigned char *)"keep-alive", 10, &p, end)) + /* Only add cache control if its not specified by any other_headers. */ + if (!other_headers || + (!strstr(other_headers, "cache-control") && + !strstr(other_headers, "Cache-Control"))) { + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_CACHE_CONTROL, + (unsigned char *)cc, cclen, &p, end)) return -1; + } if (other_headers) { if ((end - p) < other_headers_len) @@ -2415,16 +2368,37 @@ LWS_VISIBLE int lws_serve_http_file_fragment(struct lws *wsi) do { - if (wsi->trunc_len) { - if (lws_issue_raw(wsi, wsi->trunc_alloc + - wsi->trunc_offset, - wsi->trunc_len) < 0) { + /* priority 1: buffered output */ + + if (lws_has_buffered_out(wsi)) { + if (lws_issue_raw(wsi, NULL, 0) < 0) { lwsl_info("%s: closing\n", __func__); goto file_had_it; } break; } + /* priority 2: buffered pre-compression-transform */ + +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + if (wsi->http.comp_ctx.buflist_comp || + wsi->http.comp_ctx.may_have_more) { + enum lws_write_protocol wp = LWS_WRITE_HTTP; + + lwsl_info("%s: completing comp partial (buflist %p, may %d)\n", + __func__, wsi->http.comp_ctx.buflist_comp, + wsi->http.comp_ctx.may_have_more); + + if (wsi->role_ops->write_role_protocol(wsi, NULL, 0, &wp) < 0) { + lwsl_info("%s signalling to close\n", __func__); + goto file_had_it; + } + lws_callback_on_writable(wsi); + + break; + } +#endif + if (wsi->http.filepos == wsi->http.filelen) goto all_sent; @@ -2453,7 +2427,8 @@ LWS_VISIBLE int lws_serve_http_file_fragment(struct lws *wsi) LWS_H2_FRAME_HEADER_LENGTH, "_lws\x0d\x0a" "Content-Type: %s\x0d\x0a" - "Content-Range: bytes %llu-%llu/%llu\x0d\x0a" + "Content-Range: bytes " + "%llu-%llu/%llu\x0d\x0a" "\x0d\x0a", wsi->http.multipart_content_type, wsi->http.range.start, @@ -2468,7 +2443,8 @@ LWS_VISIBLE int lws_serve_http_file_fragment(struct lws *wsi) } #endif - poss = context->pt_serv_buf_size - n - LWS_H2_FRAME_HEADER_LENGTH; + poss = context->pt_serv_buf_size - n - + LWS_H2_FRAME_HEADER_LENGTH; if (wsi->http.tx_content_length) if (poss > wsi->http.tx_content_remain) @@ -2556,11 +2532,9 @@ LWS_VISIBLE int lws_serve_http_file_fragment(struct lws *wsi) lwsl_debug("added trailing boundary\n"); } #endif - m = lws_write(wsi, p, n, - wsi->http.filepos + amount == wsi->http.filelen ? - LWS_WRITE_HTTP_FINAL : - LWS_WRITE_HTTP - ); + m = lws_write(wsi, p, n, wsi->http.filepos + amount == + wsi->http.filelen ? + LWS_WRITE_HTTP_FINAL : LWS_WRITE_HTTP); if (m < 0) goto file_had_it; @@ -2592,12 +2566,18 @@ LWS_VISIBLE int lws_serve_http_file_fragment(struct lws *wsi) } all_sent: - if ((!wsi->trunc_len && wsi->http.filepos >= wsi->http.filelen) + if ((!lws_has_buffered_out(wsi) +#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) + && !wsi->http.comp_ctx.buflist_comp && + !wsi->http.comp_ctx.may_have_more +#endif + ) && (wsi->http.filepos >= wsi->http.filelen #if defined(LWS_WITH_RANGES) || finished) #else ) #endif + ) { lwsi_set_state(wsi, LRS_ESTABLISHED); /* we might be in keepalive, so close it off here */ @@ -2607,9 +2587,8 @@ all_sent: if (wsi->protocol->callback && user_callback_handle_rxflow(wsi->protocol->callback, - wsi, LWS_CALLBACK_HTTP_FILE_COMPLETION, - wsi->user_space, NULL, - 0) < 0) { + wsi, LWS_CALLBACK_HTTP_FILE_COMPLETION, + wsi->user_space, NULL, 0) < 0) { /* * For http/1.x, the choices from * transaction_completed are either @@ -2632,7 +2611,7 @@ all_sent: return 1; /* >0 indicates completed */ } - } while (0); // while (!lws_send_pipe_choked(wsi)) + } while (1); //(!lws_send_pipe_choked(wsi)); lws_callback_on_writable(wsi); @@ -2713,8 +2692,7 @@ skip: n = (int)strlen(pc); s->swallow[s->pos] = '\0'; if (n != s->pos) { - memmove(s->start + n, - s->start + s->pos, + memmove(s->start + n, s->start + s->pos, old_len - (sp - args->p)); old_len += (n - s->pos) + 1; } diff --git a/thirdparty/libwebsockets/roles/listen/ops-listen.c b/thirdparty/libwebsockets/lib/roles/listen/ops-listen.c index dbeb9753a2..977c4b0377 100644 --- a/thirdparty/libwebsockets/roles/listen/ops-listen.c +++ b/thirdparty/libwebsockets/lib/roles/listen/ops-listen.c @@ -32,6 +32,11 @@ rops_handle_POLLIN_listen(struct lws_context_per_thread *pt, struct lws *wsi, struct sockaddr_storage cli_addr; socklen_t clilen; + /* if our vhost is going down, ignore it */ + + if (wsi->vhost->being_destroyed) + return LWS_HPI_RET_HANDLED; + /* pollin means a client has connected to us then * * pollout is a hack on esp32 for background accepts signalling @@ -74,8 +79,8 @@ rops_handle_POLLIN_listen(struct lws_context_per_thread *pt, struct lws *wsi, * block the connect queue for other legit peers. */ - accept_fd = accept((int)pollfd->fd, - (struct sockaddr *)&cli_addr, &clilen); + accept_fd = accept((int)pollfd->fd, + (struct sockaddr *)&cli_addr, &clilen); lws_latency(context, wsi, "listener accept", (int)accept_fd, accept_fd != LWS_SOCK_INVALID); if (accept_fd == LWS_SOCK_INVALID) { @@ -83,12 +88,11 @@ rops_handle_POLLIN_listen(struct lws_context_per_thread *pt, struct lws *wsi, LWS_ERRNO == LWS_EWOULDBLOCK) { break; } - lwsl_err("ERROR on accept: %s\n", - strerror(LWS_ERRNO)); - break; + lwsl_err("accept: %s\n", strerror(LWS_ERRNO)); + return LWS_HPI_RET_HANDLED; } - lws_plat_set_socket_options(wsi->vhost, accept_fd); + lws_plat_set_socket_options(wsi->vhost, accept_fd, 0); #if defined(LWS_WITH_IPV6) lwsl_debug("accepted new conn port %u on fd=%d\n", @@ -125,9 +129,12 @@ rops_handle_POLLIN_listen(struct lws_context_per_thread *pt, struct lws *wsi, fd.sockfd = accept_fd; cwsi = lws_adopt_descriptor_vhost(wsi->vhost, opts, fd, NULL, NULL); - if (!cwsi) + if (!cwsi) { + lwsl_err("%s: lws_adopt_descriptor_vhost failed\n", + __func__); /* already closed cleanly as necessary */ return LWS_HPI_RET_WSI_ALREADY_DIED; + } if (lws_server_socket_service_ssl(cwsi, accept_fd)) { lws_close_free_wsi(cwsi, LWS_CLOSE_STATUS_NOSTATUS, @@ -171,7 +178,11 @@ struct lws_role_ops role_ops_listen = { /* close_role */ NULL, /* close_kill_connection */ NULL, /* destroy_role */ NULL, + /* adoption_bind */ NULL, + /* client_bind */ NULL, /* writeable cb clnt, srv */ { 0, 0 }, /* close cb clnt, srv */ { 0, 0 }, + /* protocol_bind_cb c,s */ { 0, 0 }, + /* protocol_unbind_cb c,s */ { 0, 0 }, /* file_handle */ 0, }; diff --git a/thirdparty/libwebsockets/roles/pipe/ops-pipe.c b/thirdparty/libwebsockets/lib/roles/pipe/ops-pipe.c index b9348d58d7..659c9bd935 100644 --- a/thirdparty/libwebsockets/roles/pipe/ops-pipe.c +++ b/thirdparty/libwebsockets/lib/roles/pipe/ops-pipe.c @@ -39,6 +39,18 @@ rops_handle_POLLIN_pipe(struct lws_context_per_thread *pt, struct lws *wsi, if (n < 0) return LWS_HPI_RET_PLEASE_CLOSE_ME; #endif + +#if defined(LWS_WITH_THREADPOOL) + /* + * threadpools that need to call for on_writable callbacks do it by + * marking the task as needing one for its wsi, then cancelling service. + * + * Each tsi will call this to perform the actual callback_on_writable + * from the correct service thread context + */ + lws_threadpool_tsi_context(pt->context, pt->tid); +#endif + /* * the poll() wait, or the event loop for libuv etc is a * process-wide resource that we interrupted. So let every @@ -75,7 +87,11 @@ struct lws_role_ops role_ops_pipe = { /* close_role */ NULL, /* close_kill_connection */ NULL, /* destroy_role */ NULL, + /* adoption_bind */ NULL, + /* client_bind */ NULL, /* writeable cb clnt, srv */ { 0, 0 }, /* close cb clnt, srv */ { 0, 0 }, + /* protocol_bind_cb c,s */ { 0, 0 }, + /* protocol_unbind_cb c,s */ { 0, 0 }, /* file_handle */ 1, }; diff --git a/thirdparty/libwebsockets/roles/private.h b/thirdparty/libwebsockets/lib/roles/private.h index ae4278b5d3..5f93b86e8f 100644 --- a/thirdparty/libwebsockets/roles/private.h +++ b/thirdparty/libwebsockets/lib/roles/private.h @@ -148,9 +148,11 @@ enum lwsi_state { }; #define lwsi_state(wsi) ((enum lwsi_state)(wsi->wsistate & LRS_MASK)) -#define lwsi_state_PRE_CLOSE(wsi) ((enum lwsi_state)(wsi->wsistate_pre_close & LRS_MASK)) +#define lwsi_state_PRE_CLOSE(wsi) \ + ((enum lwsi_state)(wsi->wsistate_pre_close & LRS_MASK)) #define lwsi_state_est(wsi) (!(wsi->wsistate & LWSIFS_NOT_EST)) -#define lwsi_state_est_PRE_CLOSE(wsi) (!(wsi->wsistate_pre_close & LWSIFS_NOT_EST)) +#define lwsi_state_est_PRE_CLOSE(wsi) \ + (!(wsi->wsistate_pre_close & LWSIFS_NOT_EST)) #define lwsi_state_can_handle_POLLOUT(wsi) (wsi->wsistate & LWSIFS_POCB) #if !defined (_DEBUG) #define lwsi_set_state(wsi, lrs) wsi->wsistate = \ @@ -159,6 +161,8 @@ enum lwsi_state { void lwsi_set_state(struct lws *wsi, lws_wsi_state_t lrs); #endif +#define _LWS_ADOPT_FINISH (1 << 24) + /* * internal role-specific ops */ @@ -217,6 +221,16 @@ struct lws_role_ops { /* role-specific destructor */ int (*destroy_role)(struct lws *wsi); + /* role-specific socket-adopt */ + int (*adoption_bind)(struct lws *wsi, int type, const char *prot); + /* role-specific client-bind: + * ret 1 = bound, 0 = not bound, -1 = fail out + * i may be NULL, indicating client_bind is being called after + * a successful bind earlier, to finalize the binding. In that + * case ret 0 = OK, 1 = fail, wsi needs freeing, -1 = fail, wsi freed */ + int (*client_bind)(struct lws *wsi, + const struct lws_client_connect_info *i); + /* * the callback reasons for WRITEABLE for client, server * (just client applies if no concept of client or server) @@ -227,6 +241,16 @@ struct lws_role_ops { * (just client applies if no concept of client or server) */ uint16_t close_cb[2]; + /* + * the callback reasons for protocol bind for client, server + * (just client applies if no concept of client or server) + */ + uint16_t protocol_bind_cb[2]; + /* + * the callback reasons for protocol unbind for client, server + * (just client applies if no concept of client or server) + */ + uint16_t protocol_unbind_cb[2]; unsigned int file_handle:1; /* role operates on files not sockets */ }; @@ -267,6 +291,12 @@ extern struct lws_role_ops role_ops_raw_skt, role_ops_raw_file, role_ops_listen, #define lwsi_role_cgi(wsi) (0) #endif +#if defined(LWS_ROLE_DBUS) + #include "roles/dbus/private.h" +#else + #define lwsi_role_dbus(wsi) (0) +#endif + enum { LWS_HP_RET_BAIL_OK, LWS_HP_RET_BAIL_DIE, @@ -280,3 +310,6 @@ enum { LWS_UPG_RET_CONTINUE, LWS_UPG_RET_BAIL }; + +int +lws_role_call_adoption_bind(struct lws *wsi, int type, const char *prot); diff --git a/thirdparty/libwebsockets/lib/roles/raw-file/ops-raw-file.c b/thirdparty/libwebsockets/lib/roles/raw-file/ops-raw-file.c new file mode 100644 index 0000000000..075a2ee8b1 --- /dev/null +++ b/thirdparty/libwebsockets/lib/roles/raw-file/ops-raw-file.c @@ -0,0 +1,108 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include <core/private.h> + +static int +rops_handle_POLLIN_raw_file(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ + int n; + + if (pollfd->revents & LWS_POLLOUT) { + n = lws_callback_as_writeable(wsi); + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_info("failed at set pollfd\n"); + return LWS_HPI_RET_WSI_ALREADY_DIED; + } + if (n) + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + + if (pollfd->revents & LWS_POLLIN) { + if (user_callback_handle_rxflow(wsi->protocol->callback, + wsi, LWS_CALLBACK_RAW_RX_FILE, + wsi->user_space, NULL, 0)) { + lwsl_debug("raw rx callback closed it\n"); + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + } + + if (pollfd->revents & LWS_POLLHUP) + return LWS_HPI_RET_PLEASE_CLOSE_ME; + + return LWS_HPI_RET_HANDLED; +} + +#if !defined(LWS_NO_SERVER) +static int +rops_adoption_bind_raw_file(struct lws *wsi, int type, const char *vh_prot_name) +{ + /* no socket or http: it can only be a raw file */ + if ((type & LWS_ADOPT_HTTP) || (type & LWS_ADOPT_SOCKET) || + (type & _LWS_ADOPT_FINISH)) + return 0; /* no match */ + + lws_role_transition(wsi, 0, LRS_ESTABLISHED, &role_ops_raw_file); + + if (!vh_prot_name) + wsi->protocol = &wsi->vhost->protocols[ + wsi->vhost->default_protocol_index]; + + return 1; /* bound */ +} +#endif + +struct lws_role_ops role_ops_raw_file = { + /* role name */ "raw-file", + /* alpn id */ NULL, + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ NULL, + /* destroy_vhost */ NULL, + /* periodic_checks */ NULL, + /* service_flag_pending */ NULL, + /* handle_POLLIN */ rops_handle_POLLIN_raw_file, + /* handle_POLLOUT */ NULL, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ NULL, + /* tx_credit */ NULL, + /* write_role_protocol */ NULL, + /* encapsulation_parent */ NULL, + /* alpn_negotiated */ NULL, + /* close_via_role_protocol */ NULL, + /* close_role */ NULL, + /* close_kill_connection */ NULL, + /* destroy_role */ NULL, +#if !defined(LWS_NO_SERVER) + /* adoption_bind */ rops_adoption_bind_raw_file, +#else + NULL, +#endif + /* client_bind */ NULL, + /* writeable cb clnt, srv */ { LWS_CALLBACK_RAW_WRITEABLE_FILE, 0 }, + /* close cb clnt, srv */ { LWS_CALLBACK_RAW_CLOSE_FILE, 0 }, + /* protocol_bind cb c, srv */ { LWS_CALLBACK_RAW_FILE_BIND_PROTOCOL, + LWS_CALLBACK_RAW_FILE_BIND_PROTOCOL }, + /* protocol_unbind cb c, srv */ { LWS_CALLBACK_RAW_FILE_DROP_PROTOCOL, + LWS_CALLBACK_RAW_FILE_DROP_PROTOCOL }, + /* file_handle */ 1, +}; diff --git a/thirdparty/libwebsockets/roles/raw/ops-raw.c b/thirdparty/libwebsockets/lib/roles/raw-skt/ops-raw-skt.c index 68b52bded6..8b94de4bed 100644 --- a/thirdparty/libwebsockets/roles/raw/ops-raw.c +++ b/thirdparty/libwebsockets/lib/roles/raw-skt/ops-raw-skt.c @@ -30,12 +30,12 @@ rops_handle_POLLIN_raw_skt(struct lws_context_per_thread *pt, struct lws *wsi, /* pending truncated sends have uber priority */ - if (wsi->trunc_len) { + if (lws_has_buffered_out(wsi)) { if (!(pollfd->revents & LWS_POLLOUT)) return LWS_HPI_RET_HANDLED; - if (lws_issue_raw(wsi, wsi->trunc_alloc + wsi->trunc_offset, - wsi->trunc_len) < 0) + /* drain the output buflist */ + if (lws_issue_raw(wsi, NULL, 0) < 0) goto fail; /* * we can't afford to allow input processing to send @@ -109,7 +109,7 @@ try_pollout: LWSSTATS_C_WRITEABLE_CB, 1); #if defined(LWS_WITH_STATS) if (wsi->active_writable_req_us) { - uint64_t ul = time_in_microseconds() - + uint64_t ul = lws_time_in_microseconds() - wsi->active_writable_req_us; lws_stats_atomic_bump(wsi->context, pt, @@ -135,38 +135,62 @@ fail: return LWS_HPI_RET_WSI_ALREADY_DIED; } +#if !defined(LWS_NO_SERVER) +static int +rops_adoption_bind_raw_skt(struct lws *wsi, int type, const char *vh_prot_name) +{ + /* no http but socket... must be raw skt */ + if ((type & LWS_ADOPT_HTTP) || !(type & LWS_ADOPT_SOCKET) || + (type & _LWS_ADOPT_FINISH)) + return 0; /* no match */ + +#if !defined(LWS_WITH_ESP32) + if (type & LWS_ADOPT_FLAG_UDP) + /* + * these can be >128 bytes, so just alloc for UDP + */ + wsi->udp = lws_malloc(sizeof(*wsi->udp), "udp struct"); +#endif + lws_role_transition(wsi, 0, (type & LWS_ADOPT_ALLOW_SSL) ? LRS_SSL_INIT : + LRS_ESTABLISHED, &role_ops_raw_skt); + + if (vh_prot_name) + lws_bind_protocol(wsi, wsi->protocol, __func__); + else + /* this is the only time he will transition */ + lws_bind_protocol(wsi, + &wsi->vhost->protocols[wsi->vhost->raw_protocol_index], + __func__); + + return 1; /* bound */ +} +#endif + +#if !defined(LWS_NO_CLIENT) static int -rops_handle_POLLIN_raw_file(struct lws_context_per_thread *pt, struct lws *wsi, - struct lws_pollfd *pollfd) +rops_client_bind_raw_skt(struct lws *wsi, + const struct lws_client_connect_info *i) { - int n; + if (!i) { - if (pollfd->revents & LWS_POLLOUT) { - n = lws_callback_as_writeable(wsi); - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { - lwsl_info("failed at set pollfd\n"); - return LWS_HPI_RET_WSI_ALREADY_DIED; - } - if (n) - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } + /* finalize */ - if (pollfd->revents & LWS_POLLIN) { - if (user_callback_handle_rxflow(wsi->protocol->callback, - wsi, LWS_CALLBACK_RAW_RX_FILE, - wsi->user_space, NULL, 0)) { - lwsl_debug("raw rx callback closed it\n"); - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } + if (!wsi->user_space && wsi->stash->method) + if (lws_ensure_user_space(wsi)) + return 1; + + return 0; } - if (pollfd->revents & LWS_POLLHUP) - return LWS_HPI_RET_PLEASE_CLOSE_ME; + /* we are a fallback if nothing else matched */ - return LWS_HPI_RET_HANDLED; -} + lws_role_transition(wsi, LWSIFR_CLIENT, LRS_UNCONNECTED, + &role_ops_raw_skt); + return 1; /* matched */ +} +#endif struct lws_role_ops role_ops_raw_skt = { /* role name */ "raw-skt", @@ -189,35 +213,21 @@ struct lws_role_ops role_ops_raw_skt = { /* close_role */ NULL, /* close_kill_connection */ NULL, /* destroy_role */ NULL, +#if !defined(LWS_NO_SERVER) + /* adoption_bind */ rops_adoption_bind_raw_skt, +#else + NULL, +#endif +#if !defined(LWS_NO_CLIENT) + /* client_bind */ rops_client_bind_raw_skt, +#else + NULL, +#endif /* writeable cb clnt, srv */ { LWS_CALLBACK_RAW_WRITEABLE, 0 }, /* close cb clnt, srv */ { LWS_CALLBACK_RAW_CLOSE, 0 }, + /* protocol_bind cb c, srv */ { LWS_CALLBACK_RAW_SKT_BIND_PROTOCOL, + LWS_CALLBACK_RAW_SKT_BIND_PROTOCOL }, + /* protocol_unbind cb c, srv */ { LWS_CALLBACK_RAW_SKT_DROP_PROTOCOL, + LWS_CALLBACK_RAW_SKT_DROP_PROTOCOL }, /* file_handle */ 0, }; - - - -struct lws_role_ops role_ops_raw_file = { - /* role name */ "raw-file", - /* alpn id */ NULL, - /* check_upgrades */ NULL, - /* init_context */ NULL, - /* init_vhost */ NULL, - /* destroy_vhost */ NULL, - /* periodic_checks */ NULL, - /* service_flag_pending */ NULL, - /* handle_POLLIN */ rops_handle_POLLIN_raw_file, - /* handle_POLLOUT */ NULL, - /* perform_user_POLLOUT */ NULL, - /* callback_on_writable */ NULL, - /* tx_credit */ NULL, - /* write_role_protocol */ NULL, - /* encapsulation_parent */ NULL, - /* alpn_negotiated */ NULL, - /* close_via_role_protocol */ NULL, - /* close_role */ NULL, - /* close_kill_connection */ NULL, - /* destroy_role */ NULL, - /* writeable cb clnt, srv */ { LWS_CALLBACK_RAW_WRITEABLE_FILE, 0 }, - /* close cb clnt, srv */ { LWS_CALLBACK_RAW_CLOSE_FILE, 0 }, - /* file_handle */ 1, -}; diff --git a/thirdparty/libwebsockets/roles/ws/client-parser-ws.c b/thirdparty/libwebsockets/lib/roles/ws/client-parser-ws.c index 7287fb1590..f5aaa6dbb5 100644 --- a/thirdparty/libwebsockets/roles/ws/client-parser-ws.c +++ b/thirdparty/libwebsockets/lib/roles/ws/client-parser-ws.c @@ -1,7 +1,7 @@ /* * libwebsockets - small server side websockets and web server implementation * - * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com> + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -399,9 +399,11 @@ spill: memcpy(wsi->ws->ping_payload_buf + LWS_PRE, pp, wsi->ws->rx_ubuf_head); - wsi->ws->close_in_ping_buffer_len = wsi->ws->rx_ubuf_head; + wsi->ws->close_in_ping_buffer_len = + wsi->ws->rx_ubuf_head; - lwsl_info("%s: scheduling return close as ack\n", __func__); + lwsl_info("%s: scheduling return close as ack\n", + __func__); __lws_change_pollfd(wsi, LWS_POLLIN, 0); lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_SEND, 3); wsi->waiting_to_send_close_frame = 1; @@ -437,7 +439,7 @@ spill: /* stash the pong payload */ memcpy(wsi->ws->ping_payload_buf + LWS_PRE, &wsi->ws->rx_ubuf[LWS_PRE], - wsi->ws->rx_ubuf_head); + wsi->ws->rx_ubuf_head); wsi->ws->ping_payload_len = wsi->ws->rx_ubuf_head; wsi->ws->ping_pending_flag = 1; diff --git a/thirdparty/libwebsockets/roles/ws/client-ws.c b/thirdparty/libwebsockets/lib/roles/ws/client-ws.c index fd6cf42551..d88833f381 100644 --- a/thirdparty/libwebsockets/roles/ws/client-ws.c +++ b/thirdparty/libwebsockets/lib/roles/ws/client-ws.c @@ -40,7 +40,8 @@ strtolower(char *s) } int -lws_create_client_ws_object(struct lws_client_connect_info *i, struct lws *wsi) +lws_create_client_ws_object(const struct lws_client_connect_info *i, + struct lws *wsi) { int v = SPEC_LATEST_SUPPORTED; @@ -113,7 +114,7 @@ lws_ws_handshake_client(struct lws *wsi, unsigned char **buf, size_t len) #endif char * -lws_generate_client_ws_handshake(struct lws *wsi, char *p) +lws_generate_client_ws_handshake(struct lws *wsi, char *p, const char *conn1) { char buf[128], hash[20], key_b64[40]; int n; @@ -135,8 +136,8 @@ lws_generate_client_ws_handshake(struct lws *wsi, char *p) lws_b64_encode_string(hash, 16, key_b64, sizeof(key_b64)); p += sprintf(p, "Upgrade: websocket\x0d\x0a" - "Connection: Upgrade\x0d\x0a" - "Sec-WebSocket-Key: "); + "Connection: %sUpgrade\x0d\x0a" + "Sec-WebSocket-Key: ", conn1); strcpy(p, key_b64); p += strlen(key_b64); p += sprintf(p, "\x0d\x0a"); @@ -203,10 +204,12 @@ lws_generate_client_ws_handshake(struct lws *wsi, char *p) int lws_client_ws_upgrade(struct lws *wsi, const char **cce) { - int n, len, okay = 0; struct lws_context *context = wsi->context; + struct lws_tokenize ts; + int n, len, okay = 0; + lws_tokenize_elem e; + char *p, buf[64]; const char *pc; - char *p; #if !defined(LWS_WITHOUT_EXTENSIONS) struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; char *sb = (char *)&pt->serv_buf[0]; @@ -214,8 +217,8 @@ lws_client_ws_upgrade(struct lws *wsi, const char **cce) const struct lws_extension *ext; char ext_name[128]; const char *c, *a; - char ignore; int more = 1; + char ignore; #endif if (wsi->client_h2_substream) {/* !!! client ws-over-h2 not there yet */ @@ -261,18 +264,31 @@ lws_client_ws_upgrade(struct lws *wsi, const char **cce) goto bail3; } - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_CONNECTION); - if (!p) { - lwsl_info("no Connection hdr\n"); - *cce = "HS: CONNECTION missing"; - goto bail3; - } - strtolower(p); - if (strcmp(p, "upgrade")) { - lwsl_warn("lws_client_int_s_hs: bad header %s\n", p); - *cce = "HS: UPGRADE malformed"; - goto bail3; - } + /* connection: must have "upgrade" */ + + lws_tokenize_init(&ts, buf, LWS_TOKENIZE_F_COMMA_SEP_LIST | + LWS_TOKENIZE_F_MINUS_NONTERM); + ts.len = lws_hdr_copy(wsi, buf, sizeof(buf) - 1, WSI_TOKEN_CONNECTION); + if (ts.len <= 0) /* won't fit, or absent */ + goto bad_conn_format; + + do { + e = lws_tokenize(&ts); + switch (e) { + case LWS_TOKZE_TOKEN: + if (!strcasecmp(ts.token, "upgrade")) + e = LWS_TOKZE_ENDED; + break; + + case LWS_TOKZE_DELIMITER: + break; + + default: /* includes ENDED */ +bad_conn_format: + *cce = "HS: UPGRADE malformed"; + goto bail3; + } + } while (e > 0); pc = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); if (!pc) { @@ -308,7 +324,7 @@ lws_client_ws_upgrade(struct lws *wsi, const char **cce) } while (*pc && *pc++ != ',') ; - while (*pc && *pc == ' ') + while (*pc == ' ') pc++; } @@ -376,22 +392,7 @@ check_extensions: * X <-> pAn <-> pB */ - lws_vhost_lock(wsi->vhost); - - wsi->same_vh_protocol_prev = /* guy who points to us */ - &wsi->vhost->same_vh_protocol_list[n]; - wsi->same_vh_protocol_next = /* old first guy is our next */ - wsi->vhost->same_vh_protocol_list[n]; - /* we become the new first guy */ - wsi->vhost->same_vh_protocol_list[n] = wsi; - - if (wsi->same_vh_protocol_next) - /* old first guy points back to us now */ - wsi->same_vh_protocol_next->same_vh_protocol_prev = - &wsi->same_vh_protocol_next; - wsi->on_same_vh_list = 1; - - lws_vhost_unlock(wsi->vhost); + lws_same_vh_protocol_insert(wsi, n); #if !defined(LWS_WITHOUT_EXTENSIONS) /* instantiate the accepted extensions */ @@ -468,7 +469,8 @@ check_extensions: if (ext->callback(lws_get_context(wsi), ext, wsi, LWS_EXT_CB_CLIENT_CONSTRUCT, - (void *)&wsi->ws->act_ext_user[wsi->ws->count_act_ext], + (void *)&wsi->ws->act_ext_user[ + wsi->ws->count_act_ext], (void *)&opts, 0)) { lwsl_info(" ext %s failed construction\n", ext_name); @@ -490,8 +492,10 @@ check_extensions: } if (ext_name[0] && - lws_ext_parse_options(ext, wsi, wsi->ws->act_ext_user[ - wsi->ws->count_act_ext], opts, ext_name, + lws_ext_parse_options(ext, wsi, + wsi->ws->act_ext_user[ + wsi->ws->count_act_ext], + opts, ext_name, (int)strlen(ext_name))) { lwsl_err("%s: unable to parse user defaults '%s'", __func__, ext_name); @@ -503,7 +507,8 @@ check_extensions: * give the extension the server options */ if (a && lws_ext_parse_options(ext, wsi, - wsi->ws->act_ext_user[wsi->ws->count_act_ext], + wsi->ws->act_ext_user[ + wsi->ws->count_act_ext], opts, a, lws_ptr_diff(c, a))) { lwsl_err("%s: unable to parse remote def '%s'", __func__, a); diff --git a/thirdparty/libwebsockets/roles/ws/ops-ws.c b/thirdparty/libwebsockets/lib/roles/ws/ops-ws.c index 665b2c9b74..1cbc6ac6a6 100644 --- a/thirdparty/libwebsockets/roles/ws/ops-ws.c +++ b/thirdparty/libwebsockets/lib/roles/ws/ops-ws.c @@ -155,7 +155,9 @@ handle_first: if (wsi->ws->opcode == LWSWSOPC_BINARY_FRAME) wsi->ws->check_utf8 = 0; if (wsi->ws->continuation_possible) { - lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, (uint8_t *)"bad cont", 8); + lws_close_reason(wsi, + LWS_CLOSE_STATUS_PROTOCOL_ERR, + (uint8_t *)"bad cont", 8); return -1; } wsi->ws->rsv_first_msg = (c & 0x70); @@ -166,7 +168,9 @@ handle_first: break; case LWSWSOPC_CONTINUATION: if (!wsi->ws->continuation_possible) { - lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, (uint8_t *)"bad cont", 8); + lws_close_reason(wsi, + LWS_CLOSE_STATUS_PROTOCOL_ERR, + (uint8_t *)"bad cont", 8); return -1; } break; @@ -184,7 +188,8 @@ handle_first: case 0xd: case 0xe: case 0xf: - lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, (uint8_t *)"bad opc", 7); + lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, + (uint8_t *)"bad opc", 7); lwsl_info("illegal opcode\n"); return -1; } @@ -193,7 +198,8 @@ handle_first: (wsi->ws->opcode == LWSWSOPC_TEXT_FRAME || wsi->ws->opcode == LWSWSOPC_BINARY_FRAME)) { lwsl_info("hey you owed us a FIN\n"); - lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, (uint8_t *)"bad fin", 7); + lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, + (uint8_t *)"bad fin", 7); return -1; } if ((!(wsi->ws->opcode & 8)) && wsi->ws->final) { @@ -373,17 +379,19 @@ handle_first: } if (!(already_processed & ALREADY_PROCESSED_IGNORE_CHAR)) { if (wsi->ws->all_zero_nonce) - wsi->ws->rx_ubuf[LWS_PRE + (wsi->ws->rx_ubuf_head++)] = - c; + wsi->ws->rx_ubuf[LWS_PRE + + (wsi->ws->rx_ubuf_head++)] = c; else - wsi->ws->rx_ubuf[LWS_PRE + (wsi->ws->rx_ubuf_head++)] = + wsi->ws->rx_ubuf[LWS_PRE + + (wsi->ws->rx_ubuf_head++)] = c ^ wsi->ws->mask[(wsi->ws->mask_idx++) & 3]; --wsi->ws->rx_packet_length; } if (!wsi->ws->rx_packet_length) { - lwsl_debug("%s: ws fragment length exhausted\n", __func__); + lwsl_debug("%s: ws fragment length exhausted\n", + __func__); /* spill because we have the whole frame */ wsi->lws_rx_parse_state = LWS_RXPS_NEW; goto spill; @@ -451,7 +459,8 @@ spill: * have to just close our end. */ wsi->socket_is_permanently_unusable = 1; - lwsl_parser("Closing on peer close due to Pending tx\n"); + lwsl_parser("Closing on peer close " + "due to pending tx\n"); return -1; } @@ -570,7 +579,8 @@ drain_extension: //if (lin) // lwsl_hexdump_notice(ebuf.token, ebuf.len); n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, &ebuf, 0); - lwsl_debug("%s: ext says %d / ebuf.len %d\n", __func__, n, ebuf.len); + lwsl_debug("%s: ext says %d / ebuf.len %d\n", __func__, + n, ebuf.len); if (wsi->ws->rx_draining_ext) already_processed &= ~ALREADY_PROCESSED_NO_CB; #endif @@ -781,8 +791,7 @@ lws_server_init_wsi_for_ws(struct lws *wsi) lwsl_debug("Allocating RX buffer %d\n", n); #if !defined(LWS_WITH_ESP32) - if (!wsi->parent_carries_io && - !wsi->h2_stream_carries_ws) + if (!wsi->h2_stream_carries_ws) if (setsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_SNDBUF, (const char *)&n, sizeof n)) { lwsl_warn("Failed to set SNDBUF to %d", n); @@ -814,9 +823,9 @@ LWS_VISIBLE int lws_is_final_fragment(struct lws *wsi) { #if !defined(LWS_WITHOUT_EXTENSIONS) - lwsl_debug("%s: final %d, rx pk length %ld, draining %ld\n", __func__, - wsi->ws->final, (long)wsi->ws->rx_packet_length, - (long)wsi->ws->rx_draining_ext); + lwsl_debug("%s: final %d, rx pk length %ld, draining %ld\n", __func__, + wsi->ws->final, (long)wsi->ws->rx_packet_length, + (long)wsi->ws->rx_draining_ext); return wsi->ws->final && !wsi->ws->rx_packet_length && !wsi->ws->rx_draining_ext; #else @@ -883,8 +892,8 @@ static int rops_handle_POLLIN_ws(struct lws_context_per_thread *pt, struct lws *wsi, struct lws_pollfd *pollfd) { - struct lws_tokens ebuf; unsigned int pending = 0; + struct lws_tokens ebuf; char buffered = 0; int n = 0, m; #if defined(LWS_WITH_HTTP2) @@ -928,7 +937,9 @@ rops_handle_POLLIN_ws(struct lws_context_per_thread *pt, struct lws *wsi, return LWS_HPI_RET_HANDLED; } - //lwsl_notice("%s: wsi->ws->tx_draining_ext %d revents 0x%x 0x%x %d\n", __func__, wsi->ws->tx_draining_ext, pollfd->revents, wsi->wsistate, lwsi_state_can_handle_POLLOUT(wsi)); + //lwsl_notice("%s: wsi->ws->tx_draining_ext %d revents 0x%x 0x%x %d\n", + //__func__, wsi->ws->tx_draining_ext, pollfd->revents, wsi->wsistate, + //lwsi_state_can_handle_POLLOUT(wsi)); /* 1: something requested a callback when it was OK to write */ @@ -977,7 +988,7 @@ rops_handle_POLLIN_ws(struct lws_context_per_thread *pt, struct lws *wsi, #if defined(LWS_WITH_HTTP2) if (wsi->http2_substream || wsi->upgraded_to_http2) { wsi1 = lws_get_network_wsi(wsi); - if (wsi1 && wsi1->trunc_len) + if (wsi1 && lws_has_buffered_out(wsi1)) /* We cannot deal with any kind of new RX * because we are dealing with a partial send * (new RX may trigger new http_action() that @@ -1200,8 +1211,9 @@ int rops_handle_POLLOUT_ws(struct lws *wsi) if (n >= 0) { if (wsi->close_needs_ack) { lwsi_set_state(wsi, LRS_AWAITING_CLOSE_ACK); - lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_ACK, 5); - lwsl_debug("sent close indication, awaiting ack\n"); + lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_ACK, + 5); + lwsl_debug("sent close, await ack\n"); return LWS_HP_RET_BAIL_OK; } @@ -1226,7 +1238,8 @@ int rops_handle_POLLOUT_ws(struct lws *wsi) wsi->ws->ping_pending_flag = 0; return LWS_HP_RET_BAIL_OK; } - lwsl_info("issuing pong %d on wsi %p\n", wsi->ws->ping_payload_len, wsi); + lwsl_info("issuing pong %d on wsi %p\n", + wsi->ws->ping_payload_len, wsi); } n = lws_write(wsi, &wsi->ws->ping_payload_buf[LWS_PRE], @@ -1402,9 +1415,12 @@ rops_periodic_checks_ws(struct lws_context *context, int tsi, time_t now) lws_vhost_lock(vh); for (n = 0; n < vh->count_protocols; n++) { - struct lws *wsi = vh->same_vh_protocol_list[n]; - while (wsi) { + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + vh->same_vh_protocol_heads[n].next) { + struct lws *wsi = lws_container_of(d, + struct lws, same_vh_protocol); + if (lwsi_role_ws(wsi) && !wsi->socket_is_permanently_unusable && !wsi->ws->send_check_ping && @@ -1421,8 +1437,8 @@ rops_periodic_checks_ws(struct lws_context *context, int tsi, time_t now) lws_callback_on_writable(wsi); wsi->ws->time_next_ping_check = now; } - wsi = wsi->same_vh_protocol_next; - } + + } lws_end_foreach_dll_safe(d, d1); } lws_vhost_unlock(vh); @@ -1496,7 +1512,11 @@ rops_close_via_role_protocol_ws(struct lws *wsi, enum lws_close_status reason) static int rops_close_role_ws(struct lws_context_per_thread *pt, struct lws *wsi) { + if (!wsi->ws) + return 0; + #if !defined(LWS_WITHOUT_EXTENSIONS) + if (wsi->ws->rx_draining_ext) { struct lws **w = &pt->ws.rx_draining_ext_list; @@ -1529,10 +1549,6 @@ rops_close_role_ws(struct lws_context_per_thread *pt, struct lws *wsi) #endif lws_free_set_NULL(wsi->ws->rx_ubuf); - if (wsi->trunc_alloc) - /* not going to be completed... nuke it */ - lws_free_set_NULL(wsi->trunc_alloc); - wsi->ws->ping_payload_len = 0; wsi->ws->ping_pending_flag = 0; @@ -1590,8 +1606,9 @@ rops_write_role_protocol_ws(struct lws *wsi, unsigned char *buf, size_t len, if (!(wpt & LWS_WRITE_NO_FIN) && len) *wp &= ~LWS_WRITE_NO_FIN; - lwsl_ext("FORCED draining wp to 0x%02X (stashed 0x%02X, incoming 0x%02X)\n", *wp, - wsi->ws->tx_draining_stashed_wp, wpt); + lwsl_ext("FORCED draining wp to 0x%02X " + "(stashed 0x%02X, incoming 0x%02X)\n", *wp, + wsi->ws->tx_draining_stashed_wp, wpt); // assert(0); } #endif @@ -1643,13 +1660,16 @@ rops_write_role_protocol_ws(struct lws *wsi, unsigned char *buf, size_t len, n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_TX, &ebuf, *wp); if (n < 0) return -1; - // lwsl_notice("ext processed %d plaintext into %d compressed (wp 0x%x)\n", m, (int)ebuf.len, *wp); + // lwsl_notice("ext processed %d plaintext into %d compressed" + // " (wp 0x%x)\n", m, (int)ebuf.len, *wp); if (n && ebuf.len) { - lwsl_ext("write drain len %d (wp 0x%x) SETTING tx_draining_ext\n", (int)ebuf.len, *wp); + lwsl_ext("write drain len %d (wp 0x%x) SETTING " + "tx_draining_ext\n", (int)ebuf.len, *wp); /* extension requires further draining */ wsi->ws->tx_draining_ext = 1; - wsi->ws->tx_draining_ext_list = pt->ws.tx_draining_ext_list; + wsi->ws->tx_draining_ext_list = + pt->ws.tx_draining_ext_list; pt->ws.tx_draining_ext_list = wsi; /* we must come back to do more */ lws_callback_on_writable(wsi); @@ -1686,7 +1706,8 @@ rops_write_role_protocol_ws(struct lws *wsi, unsigned char *buf, size_t len, */ if (len && !ebuf.len) { if (!wsi->ws->stashed_write_pending) - wsi->ws->stashed_write_type = (char)(*wp) & 0x3f; + wsi->ws->stashed_write_type = + (char)(*wp) & 0x3f; wsi->ws->stashed_write_pending = 1; return (int)len; } @@ -1808,7 +1829,7 @@ do_more_inside_frame: assert(encap != wsi); return encap->role_ops->write_role_protocol(wsi, buf - pre, - len + pre, wp); + len + pre, wp); } switch ((*wp) & 0x1f) { @@ -1986,9 +2007,15 @@ struct lws_role_ops role_ops_ws = { /* close_role */ rops_close_role_ws, /* close_kill_connection */ rops_close_kill_connection_ws, /* destroy_role */ rops_destroy_role_ws, + /* adoption_bind */ NULL, + /* client_bind */ NULL, /* writeable cb clnt, srv */ { LWS_CALLBACK_CLIENT_WRITEABLE, LWS_CALLBACK_SERVER_WRITEABLE }, /* close cb clnt, srv */ { LWS_CALLBACK_CLIENT_CLOSED, LWS_CALLBACK_CLOSED }, + /* protocol_bind cb c, srv */ { LWS_CALLBACK_WS_CLIENT_BIND_PROTOCOL, + LWS_CALLBACK_WS_SERVER_BIND_PROTOCOL }, + /* protocol_unbind cb c, srv */ { LWS_CALLBACK_WS_CLIENT_DROP_PROTOCOL, + LWS_CALLBACK_WS_SERVER_DROP_PROTOCOL }, /* file handles */ 0 }; diff --git a/thirdparty/libwebsockets/roles/ws/private.h b/thirdparty/libwebsockets/lib/roles/ws/private.h index 71ffcaea96..71ffcaea96 100644 --- a/thirdparty/libwebsockets/roles/ws/private.h +++ b/thirdparty/libwebsockets/lib/roles/ws/private.h diff --git a/thirdparty/libwebsockets/roles/ws/server-ws.c b/thirdparty/libwebsockets/lib/roles/ws/server-ws.c index 62bcd8524f..bdc45367d4 100644 --- a/thirdparty/libwebsockets/roles/ws/server-ws.c +++ b/thirdparty/libwebsockets/lib/roles/ws/server-ws.c @@ -104,7 +104,7 @@ lws_extension_server_handshake(struct lws *wsi, char **p, int budget) continue; } - while (args && *args && *args == ' ') + while (args && *args == ' ') args++; /* check a client's extension against our support */ @@ -124,7 +124,7 @@ lws_extension_server_handshake(struct lws *wsi, char **p, int budget) */ for (m = 0; m < wsi->ws->count_act_ext; m++) if (wsi->ws->active_extensions[m] == ext) { - lwsl_info("extension mentioned twice\n"); + lwsl_info("ext mentioned twice\n"); return 1; /* shenanigans */ } @@ -209,16 +209,17 @@ lws_extension_server_handshake(struct lws *wsi, char **p, int budget) oa.len = 0; lwsl_info("setting '%s'\n", po->name); if (!ext->callback(lws_get_context(wsi), - ext, wsi, - LWS_EXT_CB_OPTION_SET, - wsi->ws->act_ext_user[ - wsi->ws->count_act_ext], + ext, wsi, + LWS_EXT_CB_OPTION_SET, + wsi->ws->act_ext_user[ + wsi->ws->count_act_ext], &oa, (end - *p))) { - *p += lws_snprintf(*p, (end - *p), - "; %s", po->name); + *p += lws_snprintf(*p, + (end - *p), + "; %s", po->name); lwsl_debug("adding option %s\n", - po->name); + po->name); } po++; } @@ -230,7 +231,8 @@ lws_extension_server_handshake(struct lws *wsi, char **p, int budget) } wsi->ws->count_act_ext++; - lwsl_parser("cnt_act_ext <- %d\n", wsi->ws->count_act_ext); + lwsl_parser("cnt_act_ext <- %d\n", + wsi->ws->count_act_ext); if (args && *args == ',') more = 0; @@ -246,96 +248,149 @@ lws_extension_server_handshake(struct lws *wsi, char **p, int budget) } #endif - - int lws_process_ws_upgrade(struct lws *wsi) { struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - char protocol_list[128], protocol_name[64], *p; - int protocol_len, hit, n = 0, non_space_char_found = 0; + const struct lws_protocols *pcol = NULL; + char buf[128], name[64]; + struct lws_tokenize ts; + lws_tokenize_elem e; if (!wsi->protocol) lwsl_err("NULL protocol at lws_read\n"); /* + * We are upgrading to ws, so http/1.1 + h2 and keepalive + pipelined + * header considerations about keeping the ah around no longer apply. + * + * However it's common for the first ws protocol data to have been + * coalesced with the browser upgrade request and to already be in the + * ah rx buffer. + */ + + lws_pt_lock(pt, __func__); + + if (!wsi->h2_stream_carries_ws) + lws_role_transition(wsi, LWSIFR_SERVER, LRS_ESTABLISHED, + &role_ops_ws); + + lws_pt_unlock(pt); + + /* * It's either websocket or h2->websocket * + * If we are on h1, confirm we got the required "connection: upgrade" + * header. h2 / ws-over-h2 does not have this. + */ + +#if defined(LWS_WITH_HTTP2) + if (wsi->http2_substream) + goto check_protocol; +#endif + + lws_tokenize_init(&ts, buf, LWS_TOKENIZE_F_COMMA_SEP_LIST | + LWS_TOKENIZE_F_MINUS_NONTERM); + ts.len = lws_hdr_copy(wsi, buf, sizeof(buf) - 1, WSI_TOKEN_CONNECTION); + if (ts.len <= 0) + goto bad_conn_format; + + do { + e = lws_tokenize(&ts); + switch (e) { + case LWS_TOKZE_TOKEN: + if (!strcasecmp(ts.token, "upgrade")) + e = LWS_TOKZE_ENDED; + break; + + case LWS_TOKZE_DELIMITER: + break; + + default: /* includes ENDED */ +bad_conn_format: + lwsl_err("%s: malformed or absent connection hdr\n", + __func__); + + return 1; + } + } while (e > 0); + +#if defined(LWS_WITH_HTTP2) +check_protocol: +#endif + + /* * Select the first protocol we support from the list * the client sent us. - * - * Copy it to remove header fragmentation */ - if (lws_hdr_copy(wsi, protocol_list, sizeof(protocol_list) - 1, - WSI_TOKEN_PROTOCOL) < 0) { - lwsl_err("protocol list too long"); + lws_tokenize_init(&ts, buf, LWS_TOKENIZE_F_COMMA_SEP_LIST | + LWS_TOKENIZE_F_MINUS_NONTERM | + LWS_TOKENIZE_F_RFC7230_DELIMS); + ts.len = lws_hdr_copy(wsi, buf, sizeof(buf) - 1, WSI_TOKEN_PROTOCOL); + if (ts.len < 0) { + lwsl_err("%s: protocol list too long\n", __func__); return 1; } + if (!ts.len) { + int n = wsi->vhost->default_protocol_index; + /* + * some clients only have one protocol and do not send the + * protocol list header... allow it and match to the vhost's + * default protocol (which itself defaults to zero) + */ + lwsl_info("%s: defaulting to prot handler %d\n", __func__, n); - protocol_len = lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL); - protocol_list[protocol_len] = '\0'; - p = protocol_list; - hit = 0; + lws_bind_protocol(wsi, &wsi->vhost->protocols[n], + "ws upgrade default pcol"); - while (*p && !hit) { - n = 0; - non_space_char_found = 0; - while (n < (int)sizeof(protocol_name) - 1 && - *p && *p != ',') { - /* ignore leading spaces */ - if (!non_space_char_found && *p == ' ') { - n++; - continue; - } - non_space_char_found = 1; - protocol_name[n++] = *p++; - } - protocol_name[n] = '\0'; - if (*p) - p++; + goto alloc_ws; + } - lwsl_debug("checking %s\n", protocol_name); + /* otherwise go through the user-provided protocol list */ - n = 0; - while (wsi->vhost->protocols[n].callback) { - lwsl_debug("try %s\n", - wsi->vhost->protocols[n].name); - - if (wsi->vhost->protocols[n].name && - !strcmp(wsi->vhost->protocols[n].name, - protocol_name)) { - wsi->protocol = &wsi->vhost->protocols[n]; - hit = 1; - break; + do { + e = lws_tokenize(&ts); + switch (e) { + case LWS_TOKZE_TOKEN: + + if (lws_tokenize_cstr(&ts, name, sizeof(name))) { + lwsl_err("%s: pcol name too long\n", __func__); + + return 1; + } + lwsl_debug("checking %s\n", name); + pcol = lws_vhost_name_to_protocol(wsi->vhost, name); + if (pcol) { + /* if we know it, bind to it and stop looking */ + lws_bind_protocol(wsi, pcol, "ws upg pcol"); + e = LWS_TOKZE_ENDED; } + break; - n++; - } - } + case LWS_TOKZE_DELIMITER: + case LWS_TOKZE_ENDED: + break; - /* we didn't find a protocol he wanted? */ + default: + lwsl_err("%s: malformatted protocol list", __func__); - if (!hit) { - if (lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL)) { - lwsl_notice("No protocol from \"%s\" supported\n", - protocol_list); return 1; } - /* - * some clients only have one protocol and - * do not send the protocol list header... - * allow it and match to the vhost's default - * protocol (which itself defaults to zero) - */ - lwsl_info("defaulting to prot handler %d\n", - wsi->vhost->default_protocol_index); - n = wsi->vhost->default_protocol_index; - wsi->protocol = &wsi->vhost->protocols[ - (int)wsi->vhost->default_protocol_index]; + } while (e > 0); + + /* we didn't find a protocol he wanted? */ + + if (!pcol) { + lwsl_notice("No supported protocol \"%s\"\n", buf); + + return 1; } +alloc_ws: + /* allocate the ws struct for the wsi */ + wsi->ws = lws_zalloc(sizeof(*wsi->ws), "ws struct"); if (!wsi->ws) { lwsl_notice("OOM\n"); @@ -383,6 +438,9 @@ lws_process_ws_upgrade(struct lws *wsi) lwsl_notice("h2 ws handshake failed\n"); return 1; } + lws_role_transition(wsi, + LWSIFR_SERVER | LWSIFR_P_ENCAP_H2, + LRS_ESTABLISHED, &role_ops_ws); } else #endif { @@ -395,28 +453,6 @@ lws_process_ws_upgrade(struct lws *wsi) break; } - lws_same_vh_protocol_insert(wsi, n); - - /* - * We are upgrading to ws, so http/1.1 + h2 and keepalive + pipelined - * header considerations about keeping the ah around no longer apply. - * - * However it's common for the first ws protocol data to have been - * coalesced with the browser upgrade request and to already be in the - * ah rx buffer. - */ - - lws_pt_lock(pt, __func__); - - if (wsi->h2_stream_carries_ws) - lws_role_transition(wsi, LWSIFR_SERVER | LWSIFR_P_ENCAP_H2, - LRS_ESTABLISHED, &role_ops_ws); - else - lws_role_transition(wsi, LWSIFR_SERVER, LRS_ESTABLISHED, - &role_ops_ws); - - lws_pt_unlock(pt); - lws_server_init_wsi_for_ws(wsi); lwsl_parser("accepted v%02d connection\n", wsi->ws->ietf_spec_revision); @@ -443,7 +479,8 @@ handshake_0405(struct lws_context *context, struct lws *wsi) goto bail; } - if (lws_hdr_total_length(wsi, WSI_TOKEN_KEY) >= MAX_WEBSOCKET_04_KEY_LEN) { + if (lws_hdr_total_length(wsi, WSI_TOKEN_KEY) >= + MAX_WEBSOCKET_04_KEY_LEN) { lwsl_warn("Client key too long %d\n", MAX_WEBSOCKET_04_KEY_LEN); goto bail; } @@ -473,7 +510,8 @@ handshake_0405(struct lws_context *context, struct lws *wsi) /* make a buffer big enough for everything */ - response = (char *)pt->serv_buf + MAX_WEBSOCKET_04_KEY_LEN + 256 + LWS_PRE; + response = (char *)pt->serv_buf + MAX_WEBSOCKET_04_KEY_LEN + + 256 + LWS_PRE; p = response; LWS_CPYAPP(p, "HTTP/1.1 101 Switching Protocols\x0d\x0a" "Upgrade: WebSocket\x0d\x0a" @@ -566,9 +604,9 @@ bail: static int lws_ws_frame_rest_is_payload(struct lws *wsi, uint8_t **buf, size_t len) { + unsigned int avail = (unsigned int)len; uint8_t *buffer = *buf, mask[4]; struct lws_tokens ebuf; - unsigned int avail = (unsigned int)len; #if !defined(LWS_WITHOUT_EXTENSIONS) unsigned int old_packet_length = (int)wsi->ws->rx_packet_length; #endif @@ -600,7 +638,7 @@ lws_ws_frame_rest_is_payload(struct lws *wsi, uint8_t **buf, size_t len) if (avail > len) avail = (unsigned int)len; - if (avail <= 0) + if (!avail) return 0; ebuf.token = (char *)buffer; diff --git a/thirdparty/libwebsockets/tls/mbedtls/lws-genhash.c b/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genhash.c index ce4ee6e382..ce4ee6e382 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/lws-genhash.c +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genhash.c diff --git a/thirdparty/libwebsockets/tls/mbedtls/lws-genrsa.c b/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genrsa.c index 70a9fcf42c..99b2e75653 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/lws-genrsa.c +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genrsa.c @@ -36,8 +36,6 @@ lws_jwk_destroy_genrsa_elements(struct lws_genrsa_elements *el) LWS_VISIBLE int lws_genrsa_create(struct lws_genrsa_ctx *ctx, struct lws_genrsa_elements *el) { - int n; - memset(ctx, 0, sizeof(*ctx)); ctx->ctx = lws_zalloc(sizeof(*ctx->ctx), "genrsa"); if (!ctx->ctx) @@ -46,6 +44,8 @@ lws_genrsa_create(struct lws_genrsa_ctx *ctx, struct lws_genrsa_elements *el) mbedtls_rsa_init(ctx->ctx, MBEDTLS_RSA_PKCS_V15, 0); { + int n; + mbedtls_mpi *mpi[LWS_COUNT_RSA_ELEMENTS] = { &ctx->ctx->E, &ctx->ctx->N, &ctx->ctx->D, &ctx->ctx->P, &ctx->ctx->Q, &ctx->ctx->DP, &ctx->ctx->DQ, @@ -129,7 +129,7 @@ cleanup_1: LWS_VISIBLE int lws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, - size_t in_len, uint8_t *out, size_t out_max) + size_t in_len, uint8_t *out, size_t out_max) { size_t olen = 0; int n; @@ -149,7 +149,7 @@ lws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, LWS_VISIBLE int lws_genrsa_public_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, - size_t in_len, uint8_t *out) + size_t in_len, uint8_t *out) { int n; @@ -213,8 +213,8 @@ lws_genrsa_public_verify(struct lws_genrsa_ctx *ctx, const uint8_t *in, LWS_VISIBLE int lws_genrsa_public_sign(struct lws_genrsa_ctx *ctx, const uint8_t *in, - enum lws_genhash_types hash_type, uint8_t *sig, - size_t sig_len) + enum lws_genhash_types hash_type, uint8_t *sig, + size_t sig_len) { int n, h = lws_genrsa_genrsa_hash_to_mbed_hash(hash_type); diff --git a/thirdparty/libwebsockets/tls/mbedtls/mbedtls-client.c b/thirdparty/libwebsockets/lib/tls/mbedtls/mbedtls-client.c index a7864ab790..84270c15bc 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/mbedtls-client.c +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/mbedtls-client.c @@ -30,7 +30,6 @@ OpenSSL_client_verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) int lws_ssl_client_bio_create(struct lws *wsi) { - X509_VERIFY_PARAM *param; char hostname[128], *p; const char *alpn_comma = wsi->context->tls.alpn_default; struct alpn_ctx protos; @@ -63,7 +62,7 @@ lws_ssl_client_bio_create(struct lws *wsi) SSL_set_info_callback(wsi->tls.ssl, lws_ssl_info_callback); if (!(wsi->tls.use_ssl & LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK)) { - param = SSL_get0_param(wsi->tls.ssl); + X509_VERIFY_PARAM *param = SSL_get0_param(wsi->tls.ssl); /* Enable automatic hostname checks */ // X509_VERIFY_PARAM_set_hostflags(param, // X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); @@ -188,6 +187,8 @@ lws_tls_client_create_vhost_context(struct lws_vhost *vh, const struct lws_context_creation_info *info, const char *cipher_list, const char *ca_filepath, + const void *ca_mem, + unsigned int ca_mem_len, const char *cert_filepath, const char *private_key_filepath) { @@ -214,16 +215,20 @@ lws_tls_client_create_vhost_context(struct lws_vhost *vh, return 1; } - if (!ca_filepath) + if (!ca_filepath && (!ca_mem || !ca_mem_len)) return 0; - if (alloc_file(vh->context, ca_filepath, &buf, &len)) { - lwsl_err("Load CA cert file %s failed\n", ca_filepath); - return 1; + if (ca_filepath) { + if (alloc_file(vh->context, ca_filepath, &buf, &len)) { + lwsl_err("Load CA cert file %s failed\n", ca_filepath); + return 1; + } + vh->tls.x509_client_CA = d2i_X509(NULL, buf, len); + free(buf); + } else { + vh->tls.x509_client_CA = d2i_X509(NULL, (uint8_t*)ca_mem, ca_mem_len); } - vh->tls.x509_client_CA = d2i_X509(NULL, buf, len); - free(buf); if (!vh->tls.x509_client_CA) { lwsl_err("client CA: x509 parse failed\n"); return 1; diff --git a/thirdparty/libwebsockets/tls/mbedtls/mbedtls-server.c b/thirdparty/libwebsockets/lib/tls/mbedtls/mbedtls-server.c index f17c7e5494..df6ddf2c61 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/mbedtls-server.c +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/mbedtls-server.c @@ -294,18 +294,20 @@ lws_tls_server_accept(struct lws *wsi) if (n == 1) { if (strstr(wsi->vhost->name, ".invalid")) { - lwsl_notice("%s: vhost has .invalid, rejecting accept\n", __func__); + lwsl_notice("%s: vhost has .invalid, " + "rejecting accept\n", __func__); return LWS_SSL_CAPABLE_ERROR; } - n = lws_tls_peer_cert_info(wsi, LWS_TLS_CERT_INFO_COMMON_NAME, &ir, - sizeof(ir.ns.name)); + n = lws_tls_peer_cert_info(wsi, LWS_TLS_CERT_INFO_COMMON_NAME, + &ir, sizeof(ir.ns.name)); if (!n) lwsl_notice("%s: client cert CN '%s'\n", __func__, ir.ns.name); else - lwsl_info("%s: couldn't get client cert CN\n", __func__); + lwsl_info("%s: couldn't get client cert CN\n", + __func__); return LWS_SSL_CAPABLE_DONE; } @@ -322,7 +324,8 @@ lws_tls_server_accept(struct lws *wsi) if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) { if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) { - lwsl_info("%s: WANT_READ change_pollfd failed\n", __func__); + lwsl_info("%s: WANT_READ change_pollfd failed\n", + __func__); return LWS_SSL_CAPABLE_ERROR; } @@ -333,7 +336,8 @@ lws_tls_server_accept(struct lws *wsi) lwsl_debug("%s: WANT_WRITE\n", __func__); if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) { - lwsl_info("%s: WANT_WRITE change_pollfd failed\n", __func__); + lwsl_info("%s: WANT_WRITE change_pollfd failed\n", + __func__); return LWS_SSL_CAPABLE_ERROR; } return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE; @@ -554,7 +558,8 @@ lws_tls_acme_sni_cert_create(struct lws_vhost *vhost, const char *san_a, //lwsl_hexdump_level(LLL_DEBUG, pkey_asn1, n); /* and to use our generated private key */ - n = SSL_CTX_use_PrivateKey_ASN1(0, vhost->tls.ssl_ctx, pkey_asn1, m); + n = SSL_CTX_use_PrivateKey_ASN1(0, vhost->tls.ssl_ctx, + pkey_asn1, m); lws_free(pkey_asn1); if (n != 1) { lwsl_err("%s: SSL_CTX_use_PrivateKey_ASN1 failed\n", diff --git a/thirdparty/libwebsockets/tls/mbedtls/ssl.c b/thirdparty/libwebsockets/lib/tls/mbedtls/ssl.c index f311ef50e3..b81f88862b 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/ssl.c +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/ssl.c @@ -33,7 +33,8 @@ lws_context_init_ssl_library(const struct lws_context_creation_info *info) lwsl_info(" Compiled with MbedTLS support\n"); if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) - lwsl_info(" SSL disabled: no LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT\n"); + lwsl_info(" SSL disabled: no " + "LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT\n"); return 0; } @@ -69,16 +70,17 @@ lws_ssl_capable_read(struct lws *wsi, unsigned char *buf, int len) errno = 0; n = SSL_read(wsi->tls.ssl, buf, len); #if defined(LWS_WITH_ESP32) - if (!n && errno == ENOTCONN) { + if (!n && errno == LWS_ENOTCONN) { lwsl_debug("%p: SSL_read ENOTCONN\n", wsi); return LWS_SSL_CAPABLE_ERROR; } #endif #if defined(LWS_WITH_STATS) - if (!wsi->seen_rx) { + if (!wsi->seen_rx && wsi->accept_start_us) { lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_MS_SSL_RX_DELAY, - time_in_microseconds() - wsi->accept_start_us); + lws_time_in_microseconds() - + wsi->accept_start_us); lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_SSL_CONNS_HAD_RX, 1); wsi->seen_rx = 1; @@ -133,23 +135,12 @@ lws_ssl_capable_read(struct lws *wsi, unsigned char *buf, int len) if (!wsi->tls.ssl) goto bail; - if (!SSL_pending(wsi->tls.ssl)) - goto bail; + if (SSL_pending(wsi->tls.ssl) && + lws_dll_is_null(&wsi->tls.pending_tls_list)) { - if (wsi->tls.pending_read_list_next) - return n; - if (wsi->tls.pending_read_list_prev) - return n; - if (pt->tls.pending_read_list == wsi) - return n; - - /* add us to the linked list of guys with pending ssl */ - if (pt->tls.pending_read_list) - pt->tls.pending_read_list->tls.pending_read_list_prev = wsi; - - wsi->tls.pending_read_list_next = pt->tls.pending_read_list; - wsi->tls.pending_read_list_prev = NULL; - pt->tls.pending_read_list = wsi; + lws_dll_lws_add_front(&wsi->tls.pending_tls_list, + &pt->tls.pending_tls_head); + } return n; bail: @@ -189,7 +180,7 @@ lws_ssl_capable_write(struct lws *wsi, unsigned char *buf, int len) if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) { lws_set_blocking_send(wsi); - lwsl_notice("%s: want write\n", __func__); + lwsl_debug("%s: want write\n", __func__); return LWS_SSL_CAPABLE_MORE_SERVICE; } diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl3.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl3.h index 007b392f3e..007b392f3e 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl3.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl3.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_cert.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_cert.h index 86cf31ad51..86cf31ad51 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_cert.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_cert.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_code.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_code.h index 80fdbb20f3..80fdbb20f3 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_code.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_code.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_dbg.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_dbg.h index ad32cb92ff..ad32cb92ff 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_dbg.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_dbg.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_lib.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_lib.h index 42b2de7501..42b2de7501 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_lib.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_lib.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_methods.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_methods.h index cd2f8c0533..cd2f8c0533 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_methods.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_methods.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_pkey.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_pkey.h index e790fcc995..e790fcc995 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_pkey.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_pkey.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_stack.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_stack.h index 7a7051a026..7a7051a026 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_stack.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_stack.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_types.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_types.h index 68ac748a28..68ac748a28 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_types.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_types.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_x509.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_x509.h index 7594d064b4..7594d064b4 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_x509.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_x509.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/tls1.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/tls1.h index 7af1b0157d..7af1b0157d 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/tls1.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/tls1.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/x509_vfy.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/x509_vfy.h index 26bf6c88a8..26bf6c88a8 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/x509_vfy.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/x509_vfy.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/openssl/ssl.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/openssl/ssl.h index e2b74fc6af..e2b74fc6af 100755 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/openssl/ssl.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/openssl/ssl.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/platform/ssl_pm.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/platform/ssl_pm.h index cbbe3aa3a2..cbbe3aa3a2 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/platform/ssl_pm.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/platform/ssl_pm.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/platform/ssl_port.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/platform/ssl_port.h index 74c7634355..74c7634355 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/platform/ssl_port.h +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/platform/ssl_port.h diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_cert.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_cert.c index 5c608125ac..5c608125ac 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_cert.c +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_cert.c diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_lib.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_lib.c index 2f688ca9ef..2f688ca9ef 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_lib.c +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_lib.c diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_methods.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_methods.c index 0002360846..0002360846 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_methods.c +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_methods.c diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_pkey.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_pkey.c index 567a33e2c2..567a33e2c2 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_pkey.c +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_pkey.c diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_stack.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_stack.c index da836daf9c..da836daf9c 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_stack.c +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_stack.c diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_x509.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_x509.c index ed79150831..ed79150831 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_x509.c +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_x509.c diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/platform/ssl_pm.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/platform/ssl_pm.c index 4716c1ff56..4716c1ff56 100755 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/platform/ssl_pm.c +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/platform/ssl_pm.c diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/platform/ssl_port.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/platform/ssl_port.c index 8c7a31338b..8c7a31338b 100644 --- a/thirdparty/libwebsockets/tls/mbedtls/wrapper/platform/ssl_port.c +++ b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/platform/ssl_port.c diff --git a/thirdparty/libwebsockets/tls/private.h b/thirdparty/libwebsockets/lib/tls/private.h index 606e2574dc..ad01bfd4fb 100644 --- a/thirdparty/libwebsockets/tls/private.h +++ b/thirdparty/libwebsockets/lib/tls/private.h @@ -64,6 +64,8 @@ #include <openssl/err.h> #include <openssl/md5.h> #include <openssl/sha.h> + #include <openssl/rsa.h> + #include <openssl/bn.h> #ifdef LWS_HAVE_OPENSSL_ECDH_H #include <openssl/ecdh.h> #endif @@ -71,8 +73,9 @@ #endif /* not mbedtls */ #if defined(OPENSSL_VERSION_NUMBER) #if (OPENSSL_VERSION_NUMBER < 0x0009080afL) -/* later openssl defines this to negate the presence of tlsext... but it was only - * introduced at 0.9.8j. Earlier versions don't know it exists so don't +/* + * later openssl defines this to negate the presence of tlsext... but it was + * only introduced at 0.9.8j. Earlier versions don't know it exists so don't * define it... making it look like the feature exists... */ #define OPENSSL_NO_TLSEXT @@ -115,7 +118,7 @@ struct lws_context_tls { }; struct lws_pt_tls { - struct lws *pending_read_list; /* linked list */ + struct lws_dll_lws pending_tls_head; }; struct lws_tls_ss_pieces; @@ -149,7 +152,7 @@ struct lws_vhost_tls { struct lws_lws_tls { lws_tls_conn *ssl; lws_tls_bio *client_bio; - struct lws *pending_read_list_prev, *pending_read_list_next; + struct lws_dll_lws pending_tls_list; unsigned int use_ssl; unsigned int redirect_to_https:1; }; @@ -211,8 +214,8 @@ lws_tls_generic_cert_checks(struct lws_vhost *vhost, const char *cert, const char *private_key); LWS_EXTERN int lws_tls_alloc_pem_to_der_file(struct lws_context *context, const char *filename, - const char *inbuf, lws_filepos_t inlen, - uint8_t **buf, lws_filepos_t *amount); + const char *inbuf, lws_filepos_t inlen, + uint8_t **buf, lws_filepos_t *amount); #if !defined(LWS_NO_SERVER) LWS_EXTERN int @@ -260,6 +263,8 @@ lws_tls_client_create_vhost_context(struct lws_vhost *vh, const struct lws_context_creation_info *info, const char *cipher_list, const char *ca_filepath, + const void *ca_mem, + unsigned int ca_mem_len, const char *cert_filepath, const char *private_key_filepath); @@ -278,4 +283,4 @@ lws_ssl_info_callback(const lws_tls_conn *ssl, int where, int ret); int lws_tls_fake_POLLIN_for_buffered(struct lws_context_per_thread *pt); -#endif
\ No newline at end of file +#endif diff --git a/thirdparty/libwebsockets/tls/tls-client.c b/thirdparty/libwebsockets/lib/tls/tls-client.c index 70eb6f6078..f69c685fa7 100644 --- a/thirdparty/libwebsockets/tls/tls-client.c +++ b/thirdparty/libwebsockets/lib/tls/tls-client.c @@ -1,7 +1,7 @@ /* * libwebsockets - client-related ssl code independent of backend * - * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com> + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -89,10 +89,10 @@ lws_ssl_client_connect2(struct lws *wsi, char *errbuf, int len) int lws_context_init_client_ssl(const struct lws_context_creation_info *info, struct lws_vhost *vhost) { - const char *ca_filepath = info->ssl_ca_filepath; - const char *cipher_list = info->ssl_cipher_list; const char *private_key_filepath = info->ssl_private_key_filepath; const char *cert_filepath = info->ssl_cert_filepath; + const char *ca_filepath = info->ssl_ca_filepath; + const char *cipher_list = info->ssl_cipher_list; struct lws wsi; if (vhost->options & LWS_SERVER_OPTION_ONLY_RAW) @@ -128,7 +128,10 @@ int lws_context_init_client_ssl(const struct lws_context_creation_info *info, } if (lws_tls_client_create_vhost_context(vhost, info, cipher_list, - ca_filepath, cert_filepath, + ca_filepath, + info->client_ssl_ca_mem, + info->client_ssl_ca_mem_len, + cert_filepath, private_key_filepath)) return 1; @@ -139,12 +142,12 @@ int lws_context_init_client_ssl(const struct lws_context_creation_info *info, * lws_get_context() in the callback */ memset(&wsi, 0, sizeof(wsi)); - wsi.vhost = vhost; + wsi.vhost = vhost; /* not a real bound wsi */ wsi.context = vhost->context; vhost->protocols[0].callback(&wsi, LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS, - vhost->tls.ssl_client_ctx, NULL, 0); + vhost->tls.ssl_client_ctx, NULL, 0); return 0; } diff --git a/thirdparty/libwebsockets/tls/tls-server.c b/thirdparty/libwebsockets/lib/tls/tls-server.c index 440e790660..9d3f70dbea 100644 --- a/thirdparty/libwebsockets/tls/tls-server.c +++ b/thirdparty/libwebsockets/lib/tls/tls-server.c @@ -56,7 +56,8 @@ lws_context_init_alpn(struct lws_vhost *vhost) vhost->tls.alpn_ctx.data, sizeof(vhost->tls.alpn_ctx.data) - 1); - SSL_CTX_set_alpn_select_cb(vhost->tls.ssl_ctx, alpn_cb, &vhost->tls.alpn_ctx); + SSL_CTX_set_alpn_select_cb(vhost->tls.ssl_ctx, alpn_cb, + &vhost->tls.alpn_ctx); #else lwsl_err( " HTTP2 / ALPN configured but not supported by OpenSSL 0x%lx\n", @@ -139,7 +140,7 @@ lws_context_init_server_ssl(const struct lws_context_creation_info *info, * lws_get_context() in the callback */ memset(&wsi, 0, sizeof(wsi)); - wsi.vhost = vhost; + wsi.vhost = vhost; /* not a real bound wsi */ wsi.context = context; /* @@ -177,10 +178,10 @@ LWS_VISIBLE int lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd) { struct lws_context *context = wsi->context; - struct lws_vhost *vh; struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - int n; + struct lws_vhost *vh; char buf[256]; + int n; (void)buf; @@ -312,12 +313,14 @@ lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd) /* normal SSL connection processing path */ #if defined(LWS_WITH_STATS) + /* only set this the first time around */ if (!wsi->accept_start_us) - wsi->accept_start_us = time_in_microseconds(); + wsi->accept_start_us = lws_time_in_microseconds(); #endif errno = 0; lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN, 1); + LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN, + 1); n = lws_tls_server_accept(wsi); lws_latency(context, wsi, "SSL_accept LRS_SSL_ACK_PENDING\n", n, n == 1); @@ -327,7 +330,8 @@ lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd) break; case LWS_SSL_CAPABLE_ERROR: lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_SSL_CONNECTIONS_FAILED, 1); + LWSSTATS_C_SSL_CONNECTIONS_FAILED, + 1); lwsl_info("SSL_accept failed socket %u: %d\n", wsi->desc.sockfd, n); wsi->socket_is_permanently_unusable = 1; @@ -340,10 +344,12 @@ lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd) lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED, 1); #if defined(LWS_WITH_STATS) - lws_stats_atomic_bump(wsi->context, pt, + if (wsi->accept_start_us) + lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY, - time_in_microseconds() - wsi->accept_start_us); - wsi->accept_start_us = time_in_microseconds(); + lws_time_in_microseconds() - + wsi->accept_start_us); + wsi->accept_start_us = lws_time_in_microseconds(); #endif accepted: @@ -354,7 +360,7 @@ accepted: if (!vh->being_destroyed && wsi->tls.ssl && vh->tls.ssl_ctx == lws_tls_ctx_from_wsi(wsi)) { lwsl_info("setting wsi to vh %s\n", vh->name); - wsi->vhost = vh; + lws_vhost_bind_wsi(vh, wsi); break; } vh = vh->vhost_next; diff --git a/thirdparty/libwebsockets/tls/tls.c b/thirdparty/libwebsockets/lib/tls/tls.c index 92b7c5593c..a32951689f 100644 --- a/thirdparty/libwebsockets/tls/tls.c +++ b/thirdparty/libwebsockets/lib/tls/tls.c @@ -30,18 +30,18 @@ int lws_tls_fake_POLLIN_for_buffered(struct lws_context_per_thread *pt) { - struct lws *wsi, *wsi_next; int ret = 0; - wsi = pt->tls.pending_read_list; - while (wsi && wsi->position_in_fds_table != LWS_NO_FDS_POS) { - wsi_next = wsi->tls.pending_read_list_next; + lws_start_foreach_dll_safe(struct lws_dll_lws *, p, p1, + pt->tls.pending_tls_head.next) { + struct lws *wsi = lws_container_of(p, struct lws, + tls.pending_tls_list); + pt->fds[wsi->position_in_fds_table].revents |= pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN; ret |= pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN; - wsi = wsi_next; - } + } lws_end_foreach_dll_safe(p, p1); return !!ret; } @@ -49,29 +49,10 @@ lws_tls_fake_POLLIN_for_buffered(struct lws_context_per_thread *pt) void __lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi) { - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - - if (!wsi->tls.pending_read_list_prev && - !wsi->tls.pending_read_list_next && - pt->tls.pending_read_list != wsi) - /* we are not on the list */ + if (lws_dll_is_null(&wsi->tls.pending_tls_list)) return; - /* point previous guy's next to our next */ - if (!wsi->tls.pending_read_list_prev) - pt->tls.pending_read_list = wsi->tls.pending_read_list_next; - else - wsi->tls.pending_read_list_prev->tls.pending_read_list_next = - wsi->tls.pending_read_list_next; - - /* point next guy's previous to our previous */ - if (wsi->tls.pending_read_list_next) - wsi->tls.pending_read_list_next->tls.pending_read_list_prev = - wsi->tls.pending_read_list_prev; - - wsi->tls.pending_read_list_prev = NULL; - wsi->tls.pending_read_list_next = NULL; + lws_dll_lws_remove(&wsi->tls.pending_tls_list); } void @@ -173,12 +154,12 @@ bail: int lws_tls_alloc_pem_to_der_file(struct lws_context *context, const char *filename, - const char *inbuf, lws_filepos_t inlen, - uint8_t **buf, lws_filepos_t *amount) + const char *inbuf, lws_filepos_t inlen, + uint8_t **buf, lws_filepos_t *amount) { const uint8_t *pem, *p, *end; - uint8_t *q; lws_filepos_t len; + uint8_t *q; int n; if (filename) { @@ -238,23 +219,25 @@ bail: int lws_tls_check_cert_lifetime(struct lws_vhost *v) { - union lws_tls_cert_info_results ir; time_t now = (time_t)lws_now_secs(), life = 0; struct lws_acme_cert_aging_args caa; + union lws_tls_cert_info_results ir; int n; if (v->tls.ssl_ctx && !v->tls.skipped_certs) { - if (now < 1464083026) /* May 2016 */ + if (now < 1542933698) /* Nov 23 2018 00:42 UTC */ /* our clock is wrong and we can't judge the certs */ return -1; - n = lws_tls_vhost_cert_info(v, LWS_TLS_CERT_INFO_VALIDITY_TO, &ir, 0); + n = lws_tls_vhost_cert_info(v, LWS_TLS_CERT_INFO_VALIDITY_TO, + &ir, 0); if (n) return 1; life = (ir.time - now) / (24 * 3600); - lwsl_notice(" vhost %s: cert expiry: %dd\n", v->name, (int)life); + lwsl_notice(" vhost %s: cert expiry: %dd\n", v->name, + (int)life); } else lwsl_notice(" vhost %s: no cert\n", v->name); @@ -446,7 +429,7 @@ lws_tls_cert_updated(struct lws_context *context, const char *certpath, wsi.context = context; lws_start_foreach_ll(struct lws_vhost *, v, context->vhost_list) { - wsi.vhost = v; + wsi.vhost = v; /* not a real bound wsi */ if (v->tls.alloc_cert_path && v->tls.key_path && !strcmp(v->tls.alloc_cert_path, certpath) && !strcmp(v->tls.key_path, keypath)) { diff --git a/thirdparty/libwebsockets/libwebsockets.h b/thirdparty/libwebsockets/libwebsockets.h deleted file mode 100644 index 2c01696404..0000000000 --- a/thirdparty/libwebsockets/libwebsockets.h +++ /dev/null @@ -1,7346 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -/** @file */ - -#ifndef LIBWEBSOCKET_H_3060898B846849FF9F88F5DB59B5950C -#define LIBWEBSOCKET_H_3060898B846849FF9F88F5DB59B5950C - -#ifdef __cplusplus -#include <cstddef> -#include <cstdarg> - -extern "C" { -#else -#include <stdarg.h> -#endif - -#include <string.h> -#include <stdlib.h> - -#include "lws_config.h" - -/* - * CARE: everything using cmake defines needs to be below here - */ - -#if defined(LWS_HAS_INTPTR_T) -#include <stdint.h> -#define lws_intptr_t intptr_t -#else -typedef unsigned long long lws_intptr_t; -#endif - -#if defined(WIN32) || defined(_WIN32) -#ifndef WIN32_LEAN_AND_MEAN -#define WIN32_LEAN_AND_MEAN -#endif - -#include <winsock2.h> -#include <ws2tcpip.h> -#include <stddef.h> -#include <basetsd.h> -#include <io.h> -#ifndef _WIN32_WCE -#include <fcntl.h> -#else -#define _O_RDONLY 0x0000 -#define O_RDONLY _O_RDONLY -#endif - -#define LWS_INLINE __inline -#define LWS_VISIBLE -#define LWS_WARN_UNUSED_RESULT -#define LWS_WARN_DEPRECATED -#define LWS_FORMAT(string_index) - -#ifdef LWS_DLL -#ifdef LWS_INTERNAL -#define LWS_EXTERN extern __declspec(dllexport) -#else -#define LWS_EXTERN extern __declspec(dllimport) -#endif -#else -#define LWS_EXTERN -#endif - -#define LWS_INVALID_FILE INVALID_HANDLE_VALUE -#define LWS_O_RDONLY _O_RDONLY -#define LWS_O_WRONLY _O_WRONLY -#define LWS_O_CREAT _O_CREAT -#define LWS_O_TRUNC _O_TRUNC - -#ifndef __func__ -#define __func__ __FUNCTION__ -#endif - -#else /* NOT WIN32 */ -#include <unistd.h> -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) -#include <sys/capability.h> -#endif - -#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__QNX__) || defined(__OpenBSD__) -#include <sys/socket.h> -#include <netinet/in.h> -#endif - -#define LWS_INLINE inline -#define LWS_O_RDONLY O_RDONLY -#define LWS_O_WRONLY O_WRONLY -#define LWS_O_CREAT O_CREAT -#define LWS_O_TRUNC O_TRUNC - -#if !defined(LWS_PLAT_OPTEE) && !defined(OPTEE_TA) && !defined(LWS_WITH_ESP32) -#include <poll.h> -#include <netdb.h> -#define LWS_INVALID_FILE -1 -#else -#define getdtablesize() (30) -#if defined(LWS_WITH_ESP32) -#define LWS_INVALID_FILE NULL -#else -#define LWS_INVALID_FILE NULL -#endif -#endif - -#if defined(__GNUC__) - -/* warn_unused_result attribute only supported by GCC 3.4 or later */ -#if __GNUC__ >= 4 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4) -#define LWS_WARN_UNUSED_RESULT __attribute__((warn_unused_result)) -#else -#define LWS_WARN_UNUSED_RESULT -#endif - -#define LWS_VISIBLE __attribute__((visibility("default"))) -#define LWS_WARN_DEPRECATED __attribute__ ((deprecated)) -#define LWS_FORMAT(string_index) __attribute__ ((format(printf, string_index, string_index+1))) -#else -#define LWS_VISIBLE -#define LWS_WARN_UNUSED_RESULT -#define LWS_WARN_DEPRECATED -#define LWS_FORMAT(string_index) -#endif - -#if defined(__ANDROID__) -#include <netinet/in.h> -#include <unistd.h> -#define getdtablesize() sysconf(_SC_OPEN_MAX) -#endif - -#endif - -#if defined(LWS_WITH_LIBEV) -#include <ev.h> -#endif /* LWS_WITH_LIBEV */ -#ifdef LWS_WITH_LIBUV -#include <uv.h> -#ifdef LWS_HAVE_UV_VERSION_H -#include <uv-version.h> -#endif -#ifdef LWS_HAVE_NEW_UV_VERSION_H -#include <uv/version.h> -#endif -#endif /* LWS_WITH_LIBUV */ -#if defined(LWS_WITH_LIBEVENT) -#include <event2/event.h> -#endif /* LWS_WITH_LIBEVENT */ - -#ifndef LWS_EXTERN -#define LWS_EXTERN extern -#endif - -#ifdef _WIN32 -#define random rand -#else -#if !defined(OPTEE_TA) -#include <sys/time.h> -#include <unistd.h> -#endif -#endif - -#if defined(LWS_WITH_TLS) - -#ifdef USE_WOLFSSL -#ifdef USE_OLD_CYASSL -#ifdef _WIN32 -/* - * Include user-controlled settings for windows from - * <wolfssl-root>/IDE/WIN/user_settings.h - */ -#include <IDE/WIN/user_settings.h> -#include <cyassl/ctaocrypt/settings.h> -#else -#include <cyassl/options.h> -#endif -#include <cyassl/openssl/ssl.h> -#include <cyassl/error-ssl.h> - -#else -#ifdef _WIN32 -/* - * Include user-controlled settings for windows from - * <wolfssl-root>/IDE/WIN/user_settings.h - */ -#include <IDE/WIN/user_settings.h> -#include <wolfssl/wolfcrypt/settings.h> -#else -#include <wolfssl/options.h> -#endif -#include <wolfssl/openssl/ssl.h> -#include <wolfssl/error-ssl.h> -#endif /* not USE_OLD_CYASSL */ -#else -#if defined(LWS_WITH_MBEDTLS) -#if defined(LWS_WITH_ESP32) -/* this filepath is passed to us but without quotes or <> */ -#undef MBEDTLS_CONFIG_FILE -#define MBEDTLS_CONFIG_FILE <mbedtls/esp_config.h> -#endif -#include <mbedtls/ssl.h> -#else -#include <openssl/ssl.h> -#if !defined(LWS_WITH_MBEDTLS) -#include <openssl/err.h> -#endif -#endif -#endif /* not USE_WOLFSSL */ -#endif - -/* - * Helpers for pthread mutex in user code... if lws is built for - * multiple service threads, these resolve to pthread mutex - * operations. In the case LWS_MAX_SMP is 1 (the default), they - * are all NOPs and no pthread type or api is referenced. - */ - -#if LWS_MAX_SMP > 1 - -#include <pthread.h> - -#define lws_pthread_mutex(name) pthread_mutex_t name; - -static LWS_INLINE void -lws_pthread_mutex_init(pthread_mutex_t *lock) -{ - pthread_mutex_init(lock, NULL); -} - -static LWS_INLINE void -lws_pthread_mutex_destroy(pthread_mutex_t *lock) -{ - pthread_mutex_destroy(lock); -} - -static LWS_INLINE void -lws_pthread_mutex_lock(pthread_mutex_t *lock) -{ - pthread_mutex_lock(lock); -} - -static LWS_INLINE void -lws_pthread_mutex_unlock(pthread_mutex_t *lock) -{ - pthread_mutex_unlock(lock); -} - -#else -#define lws_pthread_mutex(name) -#define lws_pthread_mutex_init(_a) -#define lws_pthread_mutex_destroy(_a) -#define lws_pthread_mutex_lock(_a) -#define lws_pthread_mutex_unlock(_a) -#endif - - -#define CONTEXT_PORT_NO_LISTEN -1 -#define CONTEXT_PORT_NO_LISTEN_SERVER -2 - -/** \defgroup log Logging - * - * ##Logging - * - * Lws provides flexible and filterable logging facilities, which can be - * used inside lws and in user code. - * - * Log categories may be individually filtered bitwise, and directed to built-in - * sinks for syslog-compatible logging, or a user-defined function. - */ -///@{ - -enum lws_log_levels { - LLL_ERR = 1 << 0, - LLL_WARN = 1 << 1, - LLL_NOTICE = 1 << 2, - LLL_INFO = 1 << 3, - LLL_DEBUG = 1 << 4, - LLL_PARSER = 1 << 5, - LLL_HEADER = 1 << 6, - LLL_EXT = 1 << 7, - LLL_CLIENT = 1 << 8, - LLL_LATENCY = 1 << 9, - LLL_USER = 1 << 10, - - LLL_COUNT = 11 /* set to count of valid flags */ -}; - -LWS_VISIBLE LWS_EXTERN void _lws_log(int filter, const char *format, ...) LWS_FORMAT(2); -LWS_VISIBLE LWS_EXTERN void _lws_logv(int filter, const char *format, va_list vl); -/** - * lwsl_timestamp: generate logging timestamp string - * - * \param level: logging level - * \param p: char * buffer to take timestamp - * \param len: length of p - * - * returns length written in p - */ -LWS_VISIBLE LWS_EXTERN int -lwsl_timestamp(int level, char *p, int len); - -/* these guys are unconditionally included */ - -#define lwsl_err(...) _lws_log(LLL_ERR, __VA_ARGS__) -#define lwsl_user(...) _lws_log(LLL_USER, __VA_ARGS__) - -#if !defined(LWS_WITH_NO_LOGS) -/* notice and warn are usually included by being compiled in */ -#define lwsl_warn(...) _lws_log(LLL_WARN, __VA_ARGS__) -#define lwsl_notice(...) _lws_log(LLL_NOTICE, __VA_ARGS__) -#endif -/* - * weaker logging can be deselected by telling CMake to build in RELEASE mode - * that gets rid of the overhead of checking while keeping _warn and _err - * active - */ - -#ifdef _DEBUG -#if defined(LWS_WITH_NO_LOGS) -/* notice, warn and log are always compiled in */ -#define lwsl_warn(...) _lws_log(LLL_WARN, __VA_ARGS__) -#define lwsl_notice(...) _lws_log(LLL_NOTICE, __VA_ARGS__) -#endif -#define lwsl_info(...) _lws_log(LLL_INFO, __VA_ARGS__) -#define lwsl_debug(...) _lws_log(LLL_DEBUG, __VA_ARGS__) -#define lwsl_parser(...) _lws_log(LLL_PARSER, __VA_ARGS__) -#define lwsl_header(...) _lws_log(LLL_HEADER, __VA_ARGS__) -#define lwsl_ext(...) _lws_log(LLL_EXT, __VA_ARGS__) -#define lwsl_client(...) _lws_log(LLL_CLIENT, __VA_ARGS__) -#define lwsl_latency(...) _lws_log(LLL_LATENCY, __VA_ARGS__) - -#else /* no debug */ -#if defined(LWS_WITH_NO_LOGS) -#define lwsl_warn(...) do {} while(0) -#define lwsl_notice(...) do {} while(0) -#endif -#define lwsl_info(...) do {} while(0) -#define lwsl_debug(...) do {} while(0) -#define lwsl_parser(...) do {} while(0) -#define lwsl_header(...) do {} while(0) -#define lwsl_ext(...) do {} while(0) -#define lwsl_client(...) do {} while(0) -#define lwsl_latency(...) do {} while(0) - -#endif - -#define lwsl_hexdump_err(...) lwsl_hexdump_level(LLL_ERR, __VA_ARGS__) -#define lwsl_hexdump_warn(...) lwsl_hexdump_level(LLL_WARN, __VA_ARGS__) -#define lwsl_hexdump_notice(...) lwsl_hexdump_level(LLL_NOTICE, __VA_ARGS__) -#define lwsl_hexdump_info(...) lwsl_hexdump_level(LLL_INFO, __VA_ARGS__) -#define lwsl_hexdump_debug(...) lwsl_hexdump_level(LLL_DEBUG, __VA_ARGS__) - -/** - * lwsl_hexdump_level() - helper to hexdump a buffer at a selected debug level - * - * \param level: one of LLL_ constants - * \param vbuf: buffer start to dump - * \param len: length of buffer to dump - * - * If \p level is visible, does a nice hexdump -C style dump of \p vbuf for - * \p len bytes. This can be extremely convenient while debugging. - */ -LWS_VISIBLE LWS_EXTERN void -lwsl_hexdump_level(int level, const void *vbuf, size_t len); - -/** - * lwsl_hexdump() - helper to hexdump a buffer (DEBUG builds only) - * - * \param buf: buffer start to dump - * \param len: length of buffer to dump - * - * Calls through to lwsl_hexdump_level(LLL_DEBUG, ... for compatability. - * It's better to use lwsl_hexdump_level(level, ... directly so you can control - * the visibility. - */ -LWS_VISIBLE LWS_EXTERN void -lwsl_hexdump(const void *buf, size_t len); - -/** - * lws_is_be() - returns nonzero if the platform is Big Endian - */ -static LWS_INLINE int lws_is_be(void) { - const int probe = ~0xff; - - return *(const char *)&probe; -} - -/** - * lws_set_log_level() - Set the logging bitfield - * \param level: OR together the LLL_ debug contexts you want output from - * \param log_emit_function: NULL to leave it as it is, or a user-supplied - * function to perform log string emission instead of - * the default stderr one. - * - * log level defaults to "err", "warn" and "notice" contexts enabled and - * emission on stderr. If stderr is a tty (according to isatty()) then - * the output is coloured according to the log level using ANSI escapes. - */ -LWS_VISIBLE LWS_EXTERN void -lws_set_log_level(int level, - void (*log_emit_function)(int level, const char *line)); - -/** - * lwsl_emit_syslog() - helper log emit function writes to system log - * - * \param level: one of LLL_ log level indexes - * \param line: log string - * - * You use this by passing the function pointer to lws_set_log_level(), to set - * it as the log emit function, it is not called directly. - */ -LWS_VISIBLE LWS_EXTERN void -lwsl_emit_syslog(int level, const char *line); - -/** - * lwsl_visible() - returns true if the log level should be printed - * - * \param level: one of LLL_ log level indexes - * - * This is useful if you have to do work to generate the log content, you - * can skip the work if the log level used to print it is not actually - * enabled at runtime. - */ -LWS_VISIBLE LWS_EXTERN int -lwsl_visible(int level); - -///@} - - -#include <stddef.h> - -#ifndef lws_container_of -#define lws_container_of(P,T,M) ((T *)((char *)(P) - offsetof(T, M))) -#endif - -struct lws; - -typedef int64_t lws_usec_t; - -/* api change list for user code to test against */ - -#define LWS_FEATURE_SERVE_HTTP_FILE_HAS_OTHER_HEADERS_ARG - -/* the struct lws_protocols has the id field present */ -#define LWS_FEATURE_PROTOCOLS_HAS_ID_FIELD - -/* you can call lws_get_peer_write_allowance */ -#define LWS_FEATURE_PROTOCOLS_HAS_PEER_WRITE_ALLOWANCE - -/* extra parameter introduced in 917f43ab821 */ -#define LWS_FEATURE_SERVE_HTTP_FILE_HAS_OTHER_HEADERS_LEN - -/* File operations stuff exists */ -#define LWS_FEATURE_FOPS - - -#if defined(_WIN32) -typedef SOCKET lws_sockfd_type; -typedef HANDLE lws_filefd_type; - -struct lws_pollfd { - lws_sockfd_type fd; /**< file descriptor */ - SHORT events; /**< which events to respond to */ - SHORT revents; /**< which events happened */ -}; -#define LWS_POLLHUP (FD_CLOSE) -#define LWS_POLLIN (FD_READ | FD_ACCEPT) -#define LWS_POLLOUT (FD_WRITE) -#else - - -#if defined(LWS_WITH_ESP32) - -typedef int lws_sockfd_type; -typedef int lws_filefd_type; - -struct pollfd { - lws_sockfd_type fd; /**< fd related to */ - short events; /**< which POLL... events to respond to */ - short revents; /**< which POLL... events occurred */ -}; -#define POLLIN 0x0001 -#define POLLPRI 0x0002 -#define POLLOUT 0x0004 -#define POLLERR 0x0008 -#define POLLHUP 0x0010 -#define POLLNVAL 0x0020 - -#include <freertos/FreeRTOS.h> -#include <freertos/event_groups.h> -#include <string.h> -#include "esp_wifi.h" -#include "esp_system.h" -#include "esp_event.h" -#include "esp_event_loop.h" -#include "nvs.h" -#include "driver/gpio.h" -#include "esp_spi_flash.h" -#include "freertos/timers.h" - -#if !defined(CONFIG_FREERTOS_HZ) -#define CONFIG_FREERTOS_HZ 100 -#endif - -typedef TimerHandle_t uv_timer_t; -typedef void uv_cb_t(uv_timer_t *); -typedef void * uv_handle_t; - -struct timer_mapping { - uv_cb_t *cb; - uv_timer_t *t; -}; - -#define UV_VERSION_MAJOR 1 - -#define lws_uv_getloop(a, b) (NULL) - -static LWS_INLINE void uv_timer_init(void *l, uv_timer_t *t) -{ - (void)l; - *t = NULL; -} - -extern void esp32_uvtimer_cb(TimerHandle_t t); - -static LWS_INLINE void uv_timer_start(uv_timer_t *t, uv_cb_t *cb, int first, int rep) -{ - struct timer_mapping *tm = (struct timer_mapping *)malloc(sizeof(*tm)); - - if (!tm) - return; - - tm->t = t; - tm->cb = cb; - - *t = xTimerCreate("x", pdMS_TO_TICKS(first), !!rep, tm, - (TimerCallbackFunction_t)esp32_uvtimer_cb); - xTimerStart(*t, 0); -} - -static LWS_INLINE void uv_timer_stop(uv_timer_t *t) -{ - xTimerStop(*t, 0); -} - -static LWS_INLINE void uv_close(uv_handle_t *h, void *v) -{ - free(pvTimerGetTimerID((uv_timer_t)h)); - xTimerDelete(*(uv_timer_t *)h, 0); -} - -/* ESP32 helper declarations */ - -#include <mdns.h> -#include <esp_partition.h> - -#define LWS_PLUGIN_STATIC -#define LWS_MAGIC_REBOOT_TYPE_ADS 0x50001ffc -#define LWS_MAGIC_REBOOT_TYPE_REQ_FACTORY 0xb00bcafe -#define LWS_MAGIC_REBOOT_TYPE_FORCED_FACTORY 0xfaceb00b -#define LWS_MAGIC_REBOOT_TYPE_FORCED_FACTORY_BUTTON 0xf0cedfac - - -/* user code provides these */ - -extern void -lws_esp32_identify_physical_device(void); - -/* lws-plat-esp32 provides these */ - -typedef void (*lws_cb_scan_done)(uint16_t count, wifi_ap_record_t *recs, void *arg); - -enum genled_state { - LWSESP32_GENLED__INIT, - LWSESP32_GENLED__LOST_NETWORK, - LWSESP32_GENLED__NO_NETWORK, - LWSESP32_GENLED__CONN_AP, - LWSESP32_GENLED__GOT_IP, - LWSESP32_GENLED__OK, -}; - -struct lws_group_member { - struct lws_group_member *next; - uint64_t last_seen; - char model[16]; - char role[16]; - char host[32]; - char mac[20]; - int width, height; - struct ip4_addr addr; - struct ip6_addr addrv6; - uint8_t flags; -}; - -#define LWS_SYSTEM_GROUP_MEMBER_ADD 1 -#define LWS_SYSTEM_GROUP_MEMBER_CHANGE 2 -#define LWS_SYSTEM_GROUP_MEMBER_REMOVE 3 - -#define LWS_GROUP_FLAG_SELF 1 - -struct lws_esp32 { - char sta_ip[16]; - char sta_mask[16]; - char sta_gw[16]; - char serial[16]; - char opts[16]; - char model[16]; - char group[16]; - char role[16]; - char ssid[4][64]; - char password[4][64]; - char active_ssid[64]; - char access_pw[16]; - char hostname[32]; - char mac[20]; - char le_dns[64]; - char le_email[64]; - char region; - char inet; - char conn_ap; - - enum genled_state genled; - uint64_t genled_t; - - lws_cb_scan_done scan_consumer; - void *scan_consumer_arg; - struct lws_group_member *first; - int extant_group_members; - - char acme; - char upload; - - volatile char button_is_down; -}; - -struct lws_esp32_image { - uint32_t romfs; - uint32_t romfs_len; - uint32_t json; - uint32_t json_len; -}; - -extern struct lws_esp32 lws_esp32; -struct lws_vhost; - -extern esp_err_t -lws_esp32_event_passthru(void *ctx, system_event_t *event); -extern void -lws_esp32_wlan_config(void); -extern void -lws_esp32_wlan_start_ap(void); -extern void -lws_esp32_wlan_start_station(void); -struct lws_context_creation_info; -extern void -lws_esp32_set_creation_defaults(struct lws_context_creation_info *info); -extern struct lws_context * -lws_esp32_init(struct lws_context_creation_info *, struct lws_vhost **pvh); -extern int -lws_esp32_wlan_nvs_get(int retry); -extern esp_err_t -lws_nvs_set_str(nvs_handle handle, const char* key, const char* value); -extern void -lws_esp32_restart_guided(uint32_t type); -extern const esp_partition_t * -lws_esp_ota_get_boot_partition(void); -extern int -lws_esp32_get_image_info(const esp_partition_t *part, struct lws_esp32_image *i, char *json, int json_len); -extern int -lws_esp32_leds_network_indication(void); - -extern uint32_t lws_esp32_get_reboot_type(void); -extern uint16_t lws_esp32_sine_interp(int n); - -/* required in external code by esp32 plat (may just return if no leds) */ -extern void lws_esp32_leds_timer_cb(TimerHandle_t th); -#else -typedef int lws_sockfd_type; -typedef int lws_filefd_type; -#endif - -#define lws_pollfd pollfd -#define LWS_POLLHUP (POLLHUP|POLLERR) -#define LWS_POLLIN (POLLIN) -#define LWS_POLLOUT (POLLOUT) -#endif - - -#if (defined(WIN32) || defined(_WIN32)) && !defined(__MINGW32__) -/* ... */ -#define ssize_t SSIZE_T -#endif - -#if defined(WIN32) && defined(LWS_HAVE__STAT32I64) -#include <sys/types.h> -#include <sys/stat.h> -#endif - -#if defined(LWS_HAVE_STDINT_H) -#include <stdint.h> -#else -#if defined(WIN32) || defined(_WIN32) -/* !!! >:-[ */ -typedef unsigned __int32 uint32_t; -typedef unsigned __int16 uint16_t; -typedef unsigned __int8 uint8_t; -#else -typedef unsigned int uint32_t; -typedef unsigned short uint16_t; -typedef unsigned char uint8_t; -#endif -#endif - -typedef unsigned long long lws_filepos_t; -typedef long long lws_fileofs_t; -typedef uint32_t lws_fop_flags_t; - -/** struct lws_pollargs - argument structure for all external poll related calls - * passed in via 'in' */ -struct lws_pollargs { - lws_sockfd_type fd; /**< applicable socket descriptor */ - int events; /**< the new event mask */ - int prev_events; /**< the previous event mask */ -}; - -struct lws_tokens; -struct lws_token_limits; - -/*! \defgroup wsclose Websocket Close - * - * ##Websocket close frame control - * - * When we close a ws connection, we can send a reason code and a short - * UTF-8 description back with the close packet. - */ -///@{ - -/* - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ -/** enum lws_close_status - RFC6455 close status codes */ -enum lws_close_status { - LWS_CLOSE_STATUS_NOSTATUS = 0, - LWS_CLOSE_STATUS_NORMAL = 1000, - /**< 1000 indicates a normal closure, meaning that the purpose for - which the connection was established has been fulfilled. */ - LWS_CLOSE_STATUS_GOINGAWAY = 1001, - /**< 1001 indicates that an endpoint is "going away", such as a server - going down or a browser having navigated away from a page. */ - LWS_CLOSE_STATUS_PROTOCOL_ERR = 1002, - /**< 1002 indicates that an endpoint is terminating the connection due - to a protocol error. */ - LWS_CLOSE_STATUS_UNACCEPTABLE_OPCODE = 1003, - /**< 1003 indicates that an endpoint is terminating the connection - because it has received a type of data it cannot accept (e.g., an - endpoint that understands only text data MAY send this if it - receives a binary message). */ - LWS_CLOSE_STATUS_RESERVED = 1004, - /**< Reserved. The specific meaning might be defined in the future. */ - LWS_CLOSE_STATUS_NO_STATUS = 1005, - /**< 1005 is a reserved value and MUST NOT be set as a status code in a - Close control frame by an endpoint. It is designated for use in - applications expecting a status code to indicate that no status - code was actually present. */ - LWS_CLOSE_STATUS_ABNORMAL_CLOSE = 1006, - /**< 1006 is a reserved value and MUST NOT be set as a status code in a - Close control frame by an endpoint. It is designated for use in - applications expecting a status code to indicate that the - connection was closed abnormally, e.g., without sending or - receiving a Close control frame. */ - LWS_CLOSE_STATUS_INVALID_PAYLOAD = 1007, - /**< 1007 indicates that an endpoint is terminating the connection - because it has received data within a message that was not - consistent with the type of the message (e.g., non-UTF-8 [RFC3629] - data within a text message). */ - LWS_CLOSE_STATUS_POLICY_VIOLATION = 1008, - /**< 1008 indicates that an endpoint is terminating the connection - because it has received a message that violates its policy. This - is a generic status code that can be returned when there is no - other more suitable status code (e.g., 1003 or 1009) or if there - is a need to hide specific details about the policy. */ - LWS_CLOSE_STATUS_MESSAGE_TOO_LARGE = 1009, - /**< 1009 indicates that an endpoint is terminating the connection - because it has received a message that is too big for it to - process. */ - LWS_CLOSE_STATUS_EXTENSION_REQUIRED = 1010, - /**< 1010 indicates that an endpoint (client) is terminating the - connection because it has expected the server to negotiate one or - more extension, but the server didn't return them in the response - message of the WebSocket handshake. The list of extensions that - are needed SHOULD appear in the /reason/ part of the Close frame. - Note that this status code is not used by the server, because it - can fail the WebSocket handshake instead */ - LWS_CLOSE_STATUS_UNEXPECTED_CONDITION = 1011, - /**< 1011 indicates that a server is terminating the connection because - it encountered an unexpected condition that prevented it from - fulfilling the request. */ - LWS_CLOSE_STATUS_TLS_FAILURE = 1015, - /**< 1015 is a reserved value and MUST NOT be set as a status code in a - Close control frame by an endpoint. It is designated for use in - applications expecting a status code to indicate that the - connection was closed due to a failure to perform a TLS handshake - (e.g., the server certificate can't be verified). */ - - LWS_CLOSE_STATUS_CLIENT_TRANSACTION_DONE = 2000, - - /****** add new things just above ---^ ******/ - - LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY = 9999, -}; - -/** - * lws_close_reason - Set reason and aux data to send with Close packet - * If you are going to return nonzero from the callback - * requesting the connection to close, you can optionally - * call this to set the reason the peer will be told if - * possible. - * - * \param wsi: The websocket connection to set the close reason on - * \param status: A valid close status from websocket standard - * \param buf: NULL or buffer containing up to 124 bytes of auxiliary data - * \param len: Length of data in \param buf to send - */ -LWS_VISIBLE LWS_EXTERN void -lws_close_reason(struct lws *wsi, enum lws_close_status status, - unsigned char *buf, size_t len); - -///@} - -struct lws; -struct lws_context; -/* needed even with extensions disabled for create context */ -struct lws_extension; - - -/*! \defgroup usercb User Callback - * - * ##User protocol callback - * - * The protocol callback is the primary way lws interacts with - * user code. For one of a list of a few dozen reasons the callback gets - * called at some event to be handled. - * - * All of the events can be ignored, returning 0 is taken as "OK" and returning - * nonzero in most cases indicates that the connection should be closed. - */ -///@{ - -struct lws_ssl_info { - int where; - int ret; -}; - -enum lws_cert_update_state { - LWS_CUS_IDLE, - LWS_CUS_STARTING, - LWS_CUS_SUCCESS, - LWS_CUS_FAILED, - - LWS_CUS_CREATE_KEYS, - LWS_CUS_REG, - LWS_CUS_AUTH, - LWS_CUS_CHALLENGE, - LWS_CUS_CREATE_REQ, - LWS_CUS_REQ, - LWS_CUS_CONFIRM, - LWS_CUS_ISSUE, -}; - -enum { - LWS_TLS_REQ_ELEMENT_COUNTRY, - LWS_TLS_REQ_ELEMENT_STATE, - LWS_TLS_REQ_ELEMENT_LOCALITY, - LWS_TLS_REQ_ELEMENT_ORGANIZATION, - LWS_TLS_REQ_ELEMENT_COMMON_NAME, - LWS_TLS_REQ_ELEMENT_EMAIL, - - LWS_TLS_REQ_ELEMENT_COUNT, - - LWS_TLS_SET_DIR_URL = LWS_TLS_REQ_ELEMENT_COUNT, - LWS_TLS_SET_AUTH_PATH, - LWS_TLS_SET_CERT_PATH, - LWS_TLS_SET_KEY_PATH, - - LWS_TLS_TOTAL_COUNT -}; - -struct lws_acme_cert_aging_args { - struct lws_vhost *vh; - const char *element_overrides[LWS_TLS_TOTAL_COUNT]; /* NULL = use pvo */ -}; - -/* - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ -/** enum lws_callback_reasons - reason you're getting a protocol callback */ -enum lws_callback_reasons { - - /* --------------------------------------------------------------------- - * ----- Callbacks related to wsi and protocol binding lifecycle ----- - */ - - LWS_CALLBACK_PROTOCOL_INIT = 27, - /**< One-time call per protocol, per-vhost using it, so it can - * do initial setup / allocations etc */ - - LWS_CALLBACK_PROTOCOL_DESTROY = 28, - /**< One-time call per protocol, per-vhost using it, indicating - * this protocol won't get used at all after this callback, the - * vhost is getting destroyed. Take the opportunity to - * deallocate everything that was allocated by the protocol. */ - - LWS_CALLBACK_WSI_CREATE = 29, - /**< outermost (earliest) wsi create notification to protocols[0] */ - - LWS_CALLBACK_WSI_DESTROY = 30, - /**< outermost (latest) wsi destroy notification to protocols[0] */ - - LWS_CALLBACK_HTTP_BIND_PROTOCOL = 49, - /**< By default, all HTTP handling is done in protocols[0]. - * However you can bind different protocols (by name) to - * different parts of the URL space using callback mounts. This - * callback occurs in the new protocol when a wsi is bound - * to that protocol. Any protocol allocation related to the - * http transaction processing should be created then. - * These specific callbacks are necessary because with HTTP/1.1, - * a single connection may perform at series of different - * transactions at different URLs, thus the lifetime of the - * protocol bind is just for one transaction, not connection. */ - - LWS_CALLBACK_HTTP_DROP_PROTOCOL = 50, - /**< This is called when a transaction is unbound from a protocol. - * It indicates the connection completed its transaction and may - * do something different now. Any protocol allocation related - * to the http transaction processing should be destroyed. */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to Server TLS ----- - */ - - LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS = 21, - /**< if configured for - * including OpenSSL support, this callback allows your user code - * to perform extra SSL_CTX_load_verify_locations() or similar - * calls to direct OpenSSL where to find certificates the client - * can use to confirm the remote server identity. user is the - * OpenSSL SSL_CTX* */ - - LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS = 22, - /**< if configured for - * including OpenSSL support, this callback allows your user code - * to load extra certificates into the server which allow it to - * verify the validity of certificates returned by clients. user - * is the server's OpenSSL SSL_CTX* and in is the lws_vhost */ - - LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION = 23, - /**< if the libwebsockets vhost was created with the option - * LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT, then this - * callback is generated during OpenSSL verification of the cert - * sent from the client. It is sent to protocol[0] callback as - * no protocol has been negotiated on the connection yet. - * Notice that the libwebsockets context and wsi are both NULL - * during this callback. See - * http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html - * to understand more detail about the OpenSSL callback that - * generates this libwebsockets callback and the meanings of the - * arguments passed. In this callback, user is the x509_ctx, - * in is the ssl pointer and len is preverify_ok - * Notice that this callback maintains libwebsocket return - * conventions, return 0 to mean the cert is OK or 1 to fail it. - * This also means that if you don't handle this callback then - * the default callback action of returning 0 allows the client - * certificates. */ - - LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY = 37, - /**< if configured for including OpenSSL support but no private key - * file has been specified (ssl_private_key_filepath is NULL), this is - * called to allow the user to set the private key directly via - * libopenssl and perform further operations if required; this might be - * useful in situations where the private key is not directly accessible - * by the OS, for example if it is stored on a smartcard. - * user is the server's OpenSSL SSL_CTX* */ - - LWS_CALLBACK_SSL_INFO = 67, - /**< SSL connections only. An event you registered an - * interest in at the vhost has occurred on a connection - * using the vhost. in is a pointer to a - * struct lws_ssl_info containing information about the - * event*/ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to Client TLS ----- - */ - - LWS_CALLBACK_OPENSSL_PERFORM_SERVER_CERT_VERIFICATION = 58, - /**< Similar to LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION - * this callback is called during OpenSSL verification of the cert - * sent from the server to the client. It is sent to protocol[0] - * callback as no protocol has been negotiated on the connection yet. - * Notice that the wsi is set because lws_client_connect_via_info was - * successful. - * - * See http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html - * to understand more detail about the OpenSSL callback that - * generates this libwebsockets callback and the meanings of the - * arguments passed. In this callback, user is the x509_ctx, - * in is the ssl pointer and len is preverify_ok. - * - * THIS IS NOT RECOMMENDED BUT if a cert validation error shall be - * overruled and cert shall be accepted as ok, - * X509_STORE_CTX_set_error((X509_STORE_CTX*)user, X509_V_OK); must be - * called and return value must be 0 to mean the cert is OK; - * returning 1 will fail the cert in any case. - * - * This also means that if you don't handle this callback then - * the default callback action of returning 0 will not accept the - * certificate in case of a validation error decided by the SSL lib. - * - * This is expected and secure behaviour when validating certificates. - * - * Note: LCCSCF_ALLOW_SELFSIGNED and - * LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK still work without this - * callback being implemented. - */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to HTTP Server ----- - */ - - LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED = 19, - /**< A new client has been accepted by the ws server. This - * callback allows setting any relevant property to it. Because this - * happens immediately after the instantiation of a new client, - * there's no websocket protocol selected yet so this callback is - * issued only to protocol 0. Only wsi is defined, pointing to the - * new client, and the return value is ignored. */ - - LWS_CALLBACK_HTTP = 12, - /**< an http request has come from a client that is not - * asking to upgrade the connection to a websocket - * one. This is a chance to serve http content, - * for example, to send a script to the client - * which will then open the websockets connection. - * in points to the URI path requested and - * lws_serve_http_file() makes it very - * simple to send back a file to the client. - * Normally after sending the file you are done - * with the http connection, since the rest of the - * activity will come by websockets from the script - * that was delivered by http, so you will want to - * return 1; to close and free up the connection. */ - - LWS_CALLBACK_HTTP_BODY = 13, - /**< the next len bytes data from the http - * request body HTTP connection is now available in in. */ - - LWS_CALLBACK_HTTP_BODY_COMPLETION = 14, - /**< the expected amount of http request body has been delivered */ - - LWS_CALLBACK_HTTP_FILE_COMPLETION = 15, - /**< a file requested to be sent down http link has completed. */ - - LWS_CALLBACK_HTTP_WRITEABLE = 16, - /**< you can write more down the http protocol link now. */ - - LWS_CALLBACK_CLOSED_HTTP = 5, - /**< when a HTTP (non-websocket) session ends */ - - LWS_CALLBACK_FILTER_HTTP_CONNECTION = 18, - /**< called when the request has - * been received and parsed from the client, but the response is - * not sent yet. Return non-zero to disallow the connection. - * user is a pointer to the connection user space allocation, - * in is the URI, eg, "/" - * In your handler you can use the public APIs - * lws_hdr_total_length() / lws_hdr_copy() to access all of the - * headers using the header enums lws_token_indexes from - * libwebsockets.h to check for and read the supported header - * presence and content before deciding to allow the http - * connection to proceed or to kill the connection. */ - - LWS_CALLBACK_ADD_HEADERS = 53, - /**< This gives your user code a chance to add headers to a server - * transaction bound to your protocol. `in` points to a - * `struct lws_process_html_args` describing a buffer and length - * you can add headers into using the normal lws apis. - * - * (see LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER to add headers to - * a client transaction) - * - * Only `args->p` and `args->len` are valid, and `args->p` should - * be moved on by the amount of bytes written, if any. Eg - * - * case LWS_CALLBACK_ADD_HEADERS: - * - * struct lws_process_html_args *args = - * (struct lws_process_html_args *)in; - * - * if (lws_add_http_header_by_name(wsi, - * (unsigned char *)"set-cookie:", - * (unsigned char *)cookie, cookie_len, - * (unsigned char **)&args->p, - * (unsigned char *)args->p + args->max_len)) - * return 1; - * - * break; - */ - - LWS_CALLBACK_CHECK_ACCESS_RIGHTS = 51, - /**< This gives the user code a chance to forbid an http access. - * `in` points to a `struct lws_process_html_args`, which - * describes the URL, and a bit mask describing the type of - * authentication required. If the callback returns nonzero, - * the transaction ends with HTTP_STATUS_UNAUTHORIZED. */ - - LWS_CALLBACK_PROCESS_HTML = 52, - /**< This gives your user code a chance to mangle outgoing - * HTML. `in` points to a `struct lws_process_html_args` - * which describes the buffer containing outgoing HTML. - * The buffer may grow up to `.max_len` (currently +128 - * bytes per buffer). - */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to HTTP Client ----- - */ - - LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP = 44, - /**< The HTTP client connection has succeeded, and is now - * connected to the server */ - - LWS_CALLBACK_CLOSED_CLIENT_HTTP = 45, - /**< The HTTP client connection is closing */ - - LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ = 48, - /**< This is generated by lws_http_client_read() used to drain - * incoming data. In the case the incoming data was chunked, it will - * be split into multiple smaller callbacks for each chunk block, - * removing the chunk headers. If not chunked, it will appear all in - * one callback. */ - - LWS_CALLBACK_RECEIVE_CLIENT_HTTP = 46, - /**< This simply indicates data was received on the HTTP client - * connection. It does NOT drain or provide the data. - * This exists to neatly allow a proxying type situation, - * where this incoming data will go out on another connection. - * If the outgoing connection stalls, we should stall processing - * the incoming data. So a handler for this in that case should - * simply set a flag to indicate there is incoming data ready - * and ask for a writeable callback on the outgoing connection. - * In the writable callback he can check the flag and then get - * and drain the waiting incoming data using lws_http_client_read(). - * This will use callbacks to LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ - * to get and drain the incoming data, where it should be sent - * back out on the outgoing connection. */ - LWS_CALLBACK_COMPLETED_CLIENT_HTTP = 47, - /**< The client transaction completed... at the moment this - * is the same as closing since transaction pipelining on - * client side is not yet supported. */ - - LWS_CALLBACK_CLIENT_HTTP_WRITEABLE = 57, - /**< when doing an HTTP type client connection, you can call - * lws_client_http_body_pending(wsi, 1) from - * LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER to get these callbacks - * sending the HTTP headers. - * - * From this callback, when you have sent everything, you should let - * lws know by calling lws_client_http_body_pending(wsi, 0) - */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to Websocket Server ----- - */ - - LWS_CALLBACK_ESTABLISHED = 0, - /**< (VH) after the server completes a handshake with an incoming - * client. If you built the library with ssl support, in is a - * pointer to the ssl struct associated with the connection or NULL. - * - * b0 of len is set if the connection was made using ws-over-h2 - */ - - LWS_CALLBACK_CLOSED = 4, - /**< when the websocket session ends */ - - LWS_CALLBACK_SERVER_WRITEABLE = 11, - /**< See LWS_CALLBACK_CLIENT_WRITEABLE */ - - LWS_CALLBACK_RECEIVE = 6, - /**< data has appeared for this server endpoint from a - * remote client, it can be found at *in and is - * len bytes long */ - - LWS_CALLBACK_RECEIVE_PONG = 7, - /**< servers receive PONG packets with this callback reason */ - - LWS_CALLBACK_WS_PEER_INITIATED_CLOSE = 38, - /**< The peer has sent an unsolicited Close WS packet. in and - * len are the optional close code (first 2 bytes, network - * order) and the optional additional information which is not - * defined in the standard, and may be a string or non human-readable - * data. - * If you return 0 lws will echo the close and then close the - * connection. If you return nonzero lws will just close the - * connection. */ - - LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION = 20, - /**< called when the handshake has - * been received and parsed from the client, but the response is - * not sent yet. Return non-zero to disallow the connection. - * user is a pointer to the connection user space allocation, - * in is the requested protocol name - * In your handler you can use the public APIs - * lws_hdr_total_length() / lws_hdr_copy() to access all of the - * headers using the header enums lws_token_indexes from - * libwebsockets.h to check for and read the supported header - * presence and content before deciding to allow the handshake - * to proceed or to kill the connection. */ - - LWS_CALLBACK_CONFIRM_EXTENSION_OKAY = 25, - /**< When the server handshake code - * sees that it does support a requested extension, before - * accepting the extension by additing to the list sent back to - * the client it gives this callback just to check that it's okay - * to use that extension. It calls back to the requested protocol - * and with in being the extension name, len is 0 and user is - * valid. Note though at this time the ESTABLISHED callback hasn't - * happened yet so if you initialize user content there, user - * content during this callback might not be useful for anything. */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to Websocket Client ----- - */ - - LWS_CALLBACK_CLIENT_CONNECTION_ERROR = 1, - /**< the request client connection has been unable to complete a - * handshake with the remote server. If in is non-NULL, you can - * find an error string of length len where it points to - * - * Diagnostic strings that may be returned include - * - * "getaddrinfo (ipv6) failed" - * "unknown address family" - * "getaddrinfo (ipv4) failed" - * "set socket opts failed" - * "insert wsi failed" - * "lws_ssl_client_connect1 failed" - * "lws_ssl_client_connect2 failed" - * "Peer hung up" - * "read failed" - * "HS: URI missing" - * "HS: Redirect code but no Location" - * "HS: URI did not parse" - * "HS: Redirect failed" - * "HS: Server did not return 200" - * "HS: OOM" - * "HS: disallowed by client filter" - * "HS: disallowed at ESTABLISHED" - * "HS: ACCEPT missing" - * "HS: ws upgrade response not 101" - * "HS: UPGRADE missing" - * "HS: Upgrade to something other than websocket" - * "HS: CONNECTION missing" - * "HS: UPGRADE malformed" - * "HS: PROTOCOL malformed" - * "HS: Cannot match protocol" - * "HS: EXT: list too big" - * "HS: EXT: failed setting defaults" - * "HS: EXT: failed parsing defaults" - * "HS: EXT: failed parsing options" - * "HS: EXT: Rejects server options" - * "HS: EXT: unknown ext" - * "HS: Accept hash wrong" - * "HS: Rejected by filter cb" - * "HS: OOM" - * "HS: SO_SNDBUF failed" - * "HS: Rejected at CLIENT_ESTABLISHED" - */ - - LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH = 2, - /**< this is the last chance for the client user code to examine the - * http headers and decide to reject the connection. If the - * content in the headers is interesting to the - * client (url, etc) it needs to copy it out at - * this point since it will be destroyed before - * the CLIENT_ESTABLISHED call */ - - LWS_CALLBACK_CLIENT_ESTABLISHED = 3, - /**< after your client connection completed the websocket upgrade - * handshake with the remote server */ - - LWS_CALLBACK_CLIENT_CLOSED = 75, - /**< when a client websocket session ends */ - - LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER = 24, - /**< this callback happens - * when a client handshake is being compiled. user is NULL, - * in is a char **, it's pointing to a char * which holds the - * next location in the header buffer where you can add - * headers, and len is the remaining space in the header buffer, - * which is typically some hundreds of bytes. So, to add a canned - * cookie, your handler code might look similar to: - * - * char **p = (char **)in; - * - * if (len < 100) - * return 1; - * - * *p += sprintf(*p, "Cookie: a=b\x0d\x0a"); - * - * return 0; - * - * Notice if you add anything, you just have to take care about - * the CRLF on the line you added. Obviously this callback is - * optional, if you don't handle it everything is fine. - * - * Notice the callback is coming to protocols[0] all the time, - * because there is no specific protocol negotiated yet. - * - * See LWS_CALLBACK_ADD_HEADERS for adding headers to server - * transactions. - */ - - LWS_CALLBACK_CLIENT_RECEIVE = 8, - /**< data has appeared from the server for the client connection, it - * can be found at *in and is len bytes long */ - - LWS_CALLBACK_CLIENT_RECEIVE_PONG = 9, - /**< clients receive PONG packets with this callback reason */ - - LWS_CALLBACK_CLIENT_WRITEABLE = 10, - /**< If you call lws_callback_on_writable() on a connection, you will - * get one of these callbacks coming when the connection socket - * is able to accept another write packet without blocking. - * If it already was able to take another packet without blocking, - * you'll get this callback at the next call to the service loop - * function. Notice that CLIENTs get LWS_CALLBACK_CLIENT_WRITEABLE - * and servers get LWS_CALLBACK_SERVER_WRITEABLE. */ - - LWS_CALLBACK_CLIENT_CONFIRM_EXTENSION_SUPPORTED = 26, - /**< When a ws client - * connection is being prepared to start a handshake to a server, - * each supported extension is checked with protocols[0] callback - * with this reason, giving the user code a chance to suppress the - * claim to support that extension by returning non-zero. If - * unhandled, by default 0 will be returned and the extension - * support included in the header to the server. Notice this - * callback comes to protocols[0]. */ - - LWS_CALLBACK_WS_EXT_DEFAULTS = 39, - /**< Gives client connections an opportunity to adjust negotiated - * extension defaults. `user` is the extension name that was - * negotiated (eg, "permessage-deflate"). `in` points to a - * buffer and `len` is the buffer size. The user callback can - * set the buffer to a string describing options the extension - * should parse. Or just ignore for defaults. */ - - - LWS_CALLBACK_FILTER_NETWORK_CONNECTION = 17, - /**< called when a client connects to - * the server at network level; the connection is accepted but then - * passed to this callback to decide whether to hang up immediately - * or not, based on the client IP. in contains the connection - * socket's descriptor. Since the client connection information is - * not available yet, wsi still pointing to the main server socket. - * Return non-zero to terminate the connection before sending or - * receiving anything. Because this happens immediately after the - * network connection from the client, there's no websocket protocol - * selected yet so this callback is issued only to protocol 0. */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to external poll loop integration ----- - */ - - LWS_CALLBACK_GET_THREAD_ID = 31, - /**< lws can accept callback when writable requests from other - * threads, if you implement this callback and return an opaque - * current thread ID integer. */ - - /* external poll() management support */ - LWS_CALLBACK_ADD_POLL_FD = 32, - /**< lws normally deals with its poll() or other event loop - * internally, but in the case you are integrating with another - * server you will need to have lws sockets share a - * polling array with the other server. This and the other - * POLL_FD related callbacks let you put your specialized - * poll array interface code in the callback for protocol 0, the - * first protocol you support, usually the HTTP protocol in the - * serving case. - * This callback happens when a socket needs to be - * added to the polling loop: in points to a struct - * lws_pollargs; the fd member of the struct is the file - * descriptor, and events contains the active events - * - * If you are using the internal lws polling / event loop - * you can just ignore these callbacks. */ - - LWS_CALLBACK_DEL_POLL_FD = 33, - /**< This callback happens when a socket descriptor - * needs to be removed from an external polling array. in is - * again the struct lws_pollargs containing the fd member - * to be removed. If you are using the internal polling - * loop, you can just ignore it. */ - - LWS_CALLBACK_CHANGE_MODE_POLL_FD = 34, - /**< This callback happens when lws wants to modify the events for - * a connection. - * in is the struct lws_pollargs with the fd to change. - * The new event mask is in events member and the old mask is in - * the prev_events member. - * If you are using the internal polling loop, you can just ignore - * it. */ - - LWS_CALLBACK_LOCK_POLL = 35, - /**< These allow the external poll changes driven - * by lws to participate in an external thread locking - * scheme around the changes, so the whole thing is threadsafe. - * These are called around three activities in the library, - * - inserting a new wsi in the wsi / fd table (len=1) - * - deleting a wsi from the wsi / fd table (len=1) - * - changing a wsi's POLLIN/OUT state (len=0) - * Locking and unlocking external synchronization objects when - * len == 1 allows external threads to be synchronized against - * wsi lifecycle changes if it acquires the same lock for the - * duration of wsi dereference from the other thread context. */ - - LWS_CALLBACK_UNLOCK_POLL = 36, - /**< See LWS_CALLBACK_LOCK_POLL, ignore if using lws internal poll */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to CGI serving ----- - */ - - LWS_CALLBACK_CGI = 40, - /**< CGI: CGI IO events on stdin / out / err are sent here on - * protocols[0]. The provided `lws_callback_http_dummy()` - * handles this and the callback should be directed there if - * you use CGI. */ - - LWS_CALLBACK_CGI_TERMINATED = 41, - /**< CGI: The related CGI process ended, this is called before - * the wsi is closed. Used to, eg, terminate chunking. - * The provided `lws_callback_http_dummy()` - * handles this and the callback should be directed there if - * you use CGI. The child PID that terminated is in len. */ - - LWS_CALLBACK_CGI_STDIN_DATA = 42, - /**< CGI: Data is, to be sent to the CGI process stdin, eg from - * a POST body. The provided `lws_callback_http_dummy()` - * handles this and the callback should be directed there if - * you use CGI. */ - - LWS_CALLBACK_CGI_STDIN_COMPLETED = 43, - /**< CGI: no more stdin is coming. The provided - * `lws_callback_http_dummy()` handles this and the callback - * should be directed there if you use CGI. */ - - LWS_CALLBACK_CGI_PROCESS_ATTACH = 70, - /**< CGI: Sent when the CGI process is spawned for the wsi. The - * len parameter is the PID of the child process */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to Generic Sessions ----- - */ - - LWS_CALLBACK_SESSION_INFO = 54, - /**< This is only generated by user code using generic sessions. - * It's used to get a `struct lws_session_info` filled in by - * generic sessions with information about the logged-in user. - * See the messageboard sample for an example of how to use. */ - - LWS_CALLBACK_GS_EVENT = 55, - /**< Indicates an event happened to the Generic Sessions session. - * `in` contains a `struct lws_gs_event_args` describing the event. */ - - LWS_CALLBACK_HTTP_PMO = 56, - /**< per-mount options for this connection, called before - * the normal LWS_CALLBACK_HTTP when the mount has per-mount - * options. - */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to RAW sockets ----- - */ - - LWS_CALLBACK_RAW_RX = 59, - /**< RAW mode connection RX */ - - LWS_CALLBACK_RAW_CLOSE = 60, - /**< RAW mode connection is closing */ - - LWS_CALLBACK_RAW_WRITEABLE = 61, - /**< RAW mode connection may be written */ - - LWS_CALLBACK_RAW_ADOPT = 62, - /**< RAW mode connection was adopted (equivalent to 'wsi created') */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to RAW file handles ----- - */ - - LWS_CALLBACK_RAW_ADOPT_FILE = 63, - /**< RAW mode file was adopted (equivalent to 'wsi created') */ - - LWS_CALLBACK_RAW_RX_FILE = 64, - /**< This is the indication the RAW mode file has something to read. - * This doesn't actually do the read of the file and len is always - * 0... your code should do the read having been informed there is - * something to read now. */ - - LWS_CALLBACK_RAW_WRITEABLE_FILE = 65, - /**< RAW mode file is writeable */ - - LWS_CALLBACK_RAW_CLOSE_FILE = 66, - /**< RAW mode wsi that adopted a file is closing */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to generic wsi events ----- - */ - - LWS_CALLBACK_TIMER = 73, - /**< When the time elapsed after a call to - * lws_set_timer_usecs(wsi, usecs) is up, the wsi will get one of - * these callbacks. The deadline can be continuously extended into the - * future by later calls to lws_set_timer_usecs() before the deadline - * expires, or cancelled by lws_set_timer_usecs(wsi, -1); - * See the note on lws_set_timer_usecs() about which event loops are - * supported. */ - - LWS_CALLBACK_EVENT_WAIT_CANCELLED = 71, - /**< This is sent to every protocol of every vhost in response - * to lws_cancel_service() or lws_cancel_service_pt(). This - * callback is serialized in the lws event loop normally, even - * if the lws_cancel_service[_pt]() call was from a different - * thread. */ - - LWS_CALLBACK_CHILD_CLOSING = 69, - /**< Sent to parent to notify them a child is closing / being - * destroyed. in is the child wsi. - */ - - LWS_CALLBACK_CHILD_WRITE_VIA_PARENT = 68, - /**< Child has been marked with parent_carries_io attribute, so - * lws_write directs the to this callback at the parent, - * in is a struct lws_write_passthru containing the args - * the lws_write() was called with. - */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to TLS certificate management ----- - */ - - LWS_CALLBACK_VHOST_CERT_AGING = 72, - /**< When a vhost TLS cert has its expiry checked, this callback - * is broadcast to every protocol of every vhost in case the - * protocol wants to take some action with this information. - * \p in is a pointer to a struct lws_acme_cert_aging_args, - * and \p len is the number of days left before it expires, as - * a (ssize_t). In the struct lws_acme_cert_aging_args, vh - * points to the vhost the cert aging information applies to, - * and element_overrides[] is an optional way to update information - * from the pvos... NULL in an index means use the information from - * from the pvo for the cert renewal, non-NULL in the array index - * means use that pointer instead for the index. */ - - LWS_CALLBACK_VHOST_CERT_UPDATE = 74, - /**< When a vhost TLS cert is being updated, progress is - * reported to the vhost in question here, including completion - * and failure. in points to optional JSON, and len represents the - * connection state using enum lws_cert_update_state */ - - - /****** add new things just above ---^ ******/ - - LWS_CALLBACK_USER = 1000, - /**< user code can use any including above without fear of clashes */ -}; - - - -/** - * typedef lws_callback_function() - User server actions - * \param wsi: Opaque websocket instance pointer - * \param reason: The reason for the call - * \param user: Pointer to per-session user data allocated by library - * \param in: Pointer used for some callback reasons - * \param len: Length set for some callback reasons - * - * This callback is the way the user controls what is served. All the - * protocol detail is hidden and handled by the library. - * - * For each connection / session there is user data allocated that is - * pointed to by "user". You set the size of this user data area when - * the library is initialized with lws_create_server. - */ -typedef int -lws_callback_function(struct lws *wsi, enum lws_callback_reasons reason, - void *user, void *in, size_t len); - -#define LWS_CB_REASON_AUX_BF__CGI 1 -#define LWS_CB_REASON_AUX_BF__PROXY 2 -#define LWS_CB_REASON_AUX_BF__CGI_CHUNK_END 4 -#define LWS_CB_REASON_AUX_BF__CGI_HEADERS 8 -///@} - -struct lws_vhost; - -/*! \defgroup generic hash - * ## Generic Hash related functions - * - * Lws provides generic hash / digest accessors that abstract the ones - * provided by whatever OpenSSL library you are linking against. - * - * It lets you use the same code if you build against mbedtls or OpenSSL - * for example. - */ -///@{ - -#if defined(LWS_WITH_TLS) - -#if defined(LWS_WITH_MBEDTLS) -#include <mbedtls/sha1.h> -#include <mbedtls/sha256.h> -#include <mbedtls/sha512.h> -#endif - -enum lws_genhash_types { - LWS_GENHASH_TYPE_SHA1, - LWS_GENHASH_TYPE_SHA256, - LWS_GENHASH_TYPE_SHA384, - LWS_GENHASH_TYPE_SHA512, -}; - -enum lws_genhmac_types { - LWS_GENHMAC_TYPE_SHA256, - LWS_GENHMAC_TYPE_SHA384, - LWS_GENHMAC_TYPE_SHA512, -}; - -#define LWS_GENHASH_LARGEST 64 - -struct lws_genhash_ctx { - uint8_t type; -#if defined(LWS_WITH_MBEDTLS) - union { - mbedtls_sha1_context sha1; - mbedtls_sha256_context sha256; - mbedtls_sha512_context sha512; /* 384 also uses this */ - const mbedtls_md_info_t *hmac; - } u; -#else - const EVP_MD *evp_type; - EVP_MD_CTX *mdctx; -#endif -}; - -struct lws_genhmac_ctx { - uint8_t type; -#if defined(LWS_WITH_MBEDTLS) - const mbedtls_md_info_t *hmac; - mbedtls_md_context_t ctx; -#else - const EVP_MD *evp_type; - EVP_MD_CTX *ctx; -#endif -}; - -/** lws_genhash_size() - get hash size in bytes - * - * \param type: one of LWS_GENHASH_TYPE_... - * - * Returns number of bytes in this type of hash - */ -LWS_VISIBLE LWS_EXTERN size_t LWS_WARN_UNUSED_RESULT -lws_genhash_size(enum lws_genhash_types type); - -/** lws_genhmac_size() - get hash size in bytes - * - * \param type: one of LWS_GENHASH_TYPE_... - * - * Returns number of bytes in this type of hmac - */ -LWS_VISIBLE LWS_EXTERN size_t LWS_WARN_UNUSED_RESULT -lws_genhmac_size(enum lws_genhmac_types type); - -/** lws_genhash_init() - prepare your struct lws_genhash_ctx for use - * - * \param ctx: your struct lws_genhash_ctx - * \param type: one of LWS_GENHASH_TYPE_... - * - * Initializes the hash context for the type you requested - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_genhash_init(struct lws_genhash_ctx *ctx, enum lws_genhash_types type); - -/** lws_genhash_update() - digest len bytes of the buffer starting at in - * - * \param ctx: your struct lws_genhash_ctx - * \param in: start of the bytes to digest - * \param len: count of bytes to digest - * - * Updates the state of your hash context to reflect digesting len bytes from in - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_genhash_update(struct lws_genhash_ctx *ctx, const void *in, size_t len); - -/** lws_genhash_destroy() - copy out the result digest and destroy the ctx - * - * \param ctx: your struct lws_genhash_ctx - * \param result: NULL, or where to copy the result hash - * - * Finalizes the hash and copies out the digest. Destroys any allocations such - * that ctx can safely go out of scope after calling this. - * - * NULL result is supported so that you can destroy the ctx cleanly on error - * conditions, where there is no valid result. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genhash_destroy(struct lws_genhash_ctx *ctx, void *result); - -/** lws_genhmac_init() - prepare your struct lws_genhmac_ctx for use - * - * \param ctx: your struct lws_genhmac_ctx - * \param type: one of LWS_GENHMAC_TYPE_... - * \param key: pointer to the start of the HMAC key - * \param key_len: length of the HMAC key - * - * Initializes the hash context for the type you requested - * - * If the return is nonzero, it failed and there is nothing needing to be - * destroyed. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_genhmac_init(struct lws_genhmac_ctx *ctx, enum lws_genhmac_types type, - const uint8_t *key, size_t key_len); - -/** lws_genhmac_update() - digest len bytes of the buffer starting at in - * - * \param ctx: your struct lws_genhmac_ctx - * \param in: start of the bytes to digest - * \param len: count of bytes to digest - * - * Updates the state of your hash context to reflect digesting len bytes from in - * - * If the return is nonzero, it failed and needs destroying. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_genhmac_update(struct lws_genhmac_ctx *ctx, const void *in, size_t len); - -/** lws_genhmac_destroy() - copy out the result digest and destroy the ctx - * - * \param ctx: your struct lws_genhmac_ctx - * \param result: NULL, or where to copy the result hash - * - * Finalizes the hash and copies out the digest. Destroys any allocations such - * that ctx can safely go out of scope after calling this. - * - * NULL result is supported so that you can destroy the ctx cleanly on error - * conditions, where there is no valid result. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genhmac_destroy(struct lws_genhmac_ctx *ctx, void *result); -///@} - -/*! \defgroup generic RSA - * ## Generic RSA related functions - * - * Lws provides generic RSA functions that abstract the ones - * provided by whatever OpenSSL library you are linking against. - * - * It lets you use the same code if you build against mbedtls or OpenSSL - * for example. - */ -///@{ - -enum enum_jwk_tok { - JWK_KEY_E, - JWK_KEY_N, - JWK_KEY_D, - JWK_KEY_P, - JWK_KEY_Q, - JWK_KEY_DP, - JWK_KEY_DQ, - JWK_KEY_QI, - JWK_KTY, /* also serves as count of real elements */ - JWK_KEY, -}; - -#define LWS_COUNT_RSA_ELEMENTS JWK_KTY - -struct lws_genrsa_ctx { -#if defined(LWS_WITH_MBEDTLS) - mbedtls_rsa_context *ctx; -#else - BIGNUM *bn[LWS_COUNT_RSA_ELEMENTS]; - RSA *rsa; -#endif -}; - -struct lws_genrsa_element { - uint8_t *buf; - uint16_t len; -}; - -struct lws_genrsa_elements { - struct lws_genrsa_element e[LWS_COUNT_RSA_ELEMENTS]; -}; - -/** lws_jwk_destroy_genrsa_elements() - Free allocations in genrsa_elements - * - * \param el: your struct lws_genrsa_elements - * - * This is a helper for user code making use of struct lws_genrsa_elements - * where the elements are allocated on the heap, it frees any non-NULL - * buf element and sets the buf to NULL. - * - * NB: lws_genrsa_public_... apis do not need this as they take care of the key - * creation and destruction themselves. - */ -LWS_VISIBLE LWS_EXTERN void -lws_jwk_destroy_genrsa_elements(struct lws_genrsa_elements *el); - -/** lws_genrsa_public_decrypt_create() - Create RSA public decrypt context - * - * \param ctx: your struct lws_genrsa_ctx - * \param el: struct prepared with key element data - * - * Creates an RSA context with a public key associated with it, formed from - * the key elements in \p el. - * - * Returns 0 for OK or nonzero for error. - * - * This and related APIs operate identically with OpenSSL or mbedTLS backends. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genrsa_create(struct lws_genrsa_ctx *ctx, struct lws_genrsa_elements *el); - -/** lws_genrsa_new_keypair() - Create new RSA keypair - * - * \param context: your struct lws_context (may be used for RNG) - * \param ctx: your struct lws_genrsa_ctx - * \param el: struct to get the new key element data allocated into it - * \param bits: key size, eg, 4096 - * - * Creates a new RSA context and generates a new keypair into it, with \p bits - * bits. - * - * Returns 0 for OK or nonzero for error. - * - * This and related APIs operate identically with OpenSSL or mbedTLS backends. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genrsa_new_keypair(struct lws_context *context, struct lws_genrsa_ctx *ctx, - struct lws_genrsa_elements *el, int bits); - -/** lws_genrsa_public_decrypt() - Perform RSA public decryption - * - * \param ctx: your struct lws_genrsa_ctx - * \param in: encrypted input - * \param in_len: length of encrypted input - * \param out: decrypted output - * \param out_max: size of output buffer - * - * Performs the decryption. - * - * Returns <0 for error, or length of decrypted data. - * - * This and related APIs operate identically with OpenSSL or mbedTLS backends. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, - size_t in_len, uint8_t *out, size_t out_max); - -/** lws_genrsa_public_verify() - Perform RSA public verification - * - * \param ctx: your struct lws_genrsa_ctx - * \param in: unencrypted payload (usually a recomputed hash) - * \param hash_type: one of LWS_GENHASH_TYPE_ - * \param sig: pointer to the signature we received with the payload - * \param sig_len: length of the signature we are checking in bytes - * - * Returns <0 for error, or 0 if signature matches the payload + key. - * - * This and related APIs operate identically with OpenSSL or mbedTLS backends. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genrsa_public_verify(struct lws_genrsa_ctx *ctx, const uint8_t *in, - enum lws_genhash_types hash_type, - const uint8_t *sig, size_t sig_len); - -/** lws_genrsa_public_sign() - Create RSA signature - * - * \param ctx: your struct lws_genrsa_ctx - * \param in: precomputed hash - * \param hash_type: one of LWS_GENHASH_TYPE_ - * \param sig: pointer to buffer to take signature - * \param sig_len: length of the buffer (must be >= length of key N) - * - * Returns <0 for error, or 0 for success. - * - * This and related APIs operate identically with OpenSSL or mbedTLS backends. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genrsa_public_sign(struct lws_genrsa_ctx *ctx, const uint8_t *in, - enum lws_genhash_types hash_type, uint8_t *sig, - size_t sig_len); - -/** lws_genrsa_public_decrypt_destroy() - Destroy RSA public decrypt context - * - * \param ctx: your struct lws_genrsa_ctx - * - * Destroys any allocations related to \p ctx. - * - * This and related APIs operate identically with OpenSSL or mbedTLS backends. - */ -LWS_VISIBLE LWS_EXTERN void -lws_genrsa_destroy(struct lws_genrsa_ctx *ctx); - -/** lws_genrsa_render_pkey_asn1() - Exports public or private key to ASN1/DER - * - * \param ctx: your struct lws_genrsa_ctx - * \param _private: 0 = public part only, 1 = all parts of the key - * \param pkey_asn1: pointer to buffer to take the ASN1 - * \param pkey_asn1_len: max size of the pkey_asn1_len - * - * Returns length of pkey_asn1 written, or -1 for error. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genrsa_render_pkey_asn1(struct lws_genrsa_ctx *ctx, int _private, - uint8_t *pkey_asn1, size_t pkey_asn1_len); -///@} - -/*! \defgroup jwk JSON Web Keys - * ## JSON Web Keys API - * - * Lws provides an API to parse JSON Web Keys into a struct lws_genrsa_elements. - * - * "oct" and "RSA" type keys are supported. For "oct" keys, they are held in - * the "e" member of the struct lws_genrsa_elements. - * - * Keys elements are allocated on the heap. You must destroy the allocations - * in the struct lws_genrsa_elements by calling - * lws_jwk_destroy_genrsa_elements() when you are finished with it. - */ -///@{ - -struct lws_jwk { - char keytype[5]; /**< "oct" or "RSA" */ - struct lws_genrsa_elements el; /**< OCTet key is in el.e */ -}; - -/** lws_jwk_import() - Create a JSON Web key from the textual representation - * - * \param s: the JWK object to create - * \param in: a single JWK JSON stanza in utf-8 - * \param len: the length of the JWK JSON stanza in bytes - * - * Creates an lws_jwk struct filled with data from the JSON representation. - * "oct" and "rsa" key types are supported. - * - * For "oct" type keys, it is loaded into el.e. - */ -LWS_VISIBLE LWS_EXTERN int -lws_jwk_import(struct lws_jwk *s, const char *in, size_t len); - -/** lws_jwk_destroy() - Destroy a JSON Web key - * - * \param s: the JWK object to destroy - * - * All allocations in the lws_jwk are destroyed - */ -LWS_VISIBLE LWS_EXTERN void -lws_jwk_destroy(struct lws_jwk *s); - -/** lws_jwk_export() - Export a JSON Web key to a textual representation - * - * \param s: the JWK object to export - * \param _private: 0 = just export public parts, 1 = export everything - * \param p: the buffer to write the exported JWK to - * \param len: the length of the buffer \p p in bytes - * - * Returns length of the used part of the buffer if OK, or -1 for error. - * - * Serializes the content of the JWK into a char buffer. - */ -LWS_VISIBLE LWS_EXTERN int -lws_jwk_export(struct lws_jwk *s, int _private, char *p, size_t len); - -/** lws_jwk_load() - Import a JSON Web key from a file - * - * \param s: the JWK object to load into - * \param filename: filename to load from - * - * Returns 0 for OK or -1 for failure - */ -LWS_VISIBLE int -lws_jwk_load(struct lws_jwk *s, const char *filename); - -/** lws_jwk_save() - Export a JSON Web key to a file - * - * \param s: the JWK object to save from - * \param filename: filename to save to - * - * Returns 0 for OK or -1 for failure - */ -LWS_VISIBLE int -lws_jwk_save(struct lws_jwk *s, const char *filename); - -/** lws_jwk_rfc7638_fingerprint() - jwk to RFC7638 compliant fingerprint - * - * \param s: the JWK object to fingerprint - * \param digest32: buffer to take 32-byte digest - * - * Returns 0 for OK or -1 for failure - */ -LWS_VISIBLE int -lws_jwk_rfc7638_fingerprint(struct lws_jwk *s, char *digest32); -///@} - - -/*! \defgroup jws JSON Web Signature - * ## JSON Web Signature API - * - * Lws provides an API to check and create RFC7515 JSON Web Signatures - * - * SHA256/384/512 HMAC, and RSA 256/384/512 are supported. - * - * The API uses your TLS library crypto, but works exactly the same no matter - * what you TLS backend is. - */ -///@{ - -LWS_VISIBLE LWS_EXTERN int -lws_jws_confirm_sig(const char *in, size_t len, struct lws_jwk *jwk); - -/** - * lws_jws_sign_from_b64() - add b64 sig to b64 hdr + payload - * - * \param b64_hdr: protected header encoded in b64, may be NULL - * \param hdr_len: bytes in b64 coding of protected header - * \param b64_pay: payload encoded in b64 - * \param pay_len: bytes in b64 coding of payload - * \param b64_sig: buffer to write the b64 encoded signature into - * \param sig_len: max bytes we can write at b64_sig - * \param hash_type: one of LWS_GENHASH_TYPE_SHA[256|384|512] - * \param jwk: the struct lws_jwk containing the signing key - * - * This adds a b64-coded JWS signature of the b64-encoded protected header - * and b64-encoded payload, at \p b64_sig. The signature will be as large - * as the N element of the RSA key when the RSA key is used, eg, 512 bytes for - * a 4096-bit key, and then b64-encoding on top. - * - * In some special cases, there is only payload to sign and no header, in that - * case \p b64_hdr may be NULL, and only the payload will be hashed before - * signing. - * - * Returns the length of the encoded signature written to \p b64_sig, or -1. - */ -LWS_VISIBLE LWS_EXTERN int -lws_jws_sign_from_b64(const char *b64_hdr, size_t hdr_len, const char *b64_pay, - size_t pay_len, char *b64_sig, size_t sig_len, - enum lws_genhash_types hash_type, struct lws_jwk *jwk); - -/** - * lws_jws_create_packet() - add b64 sig to b64 hdr + payload - * - * \param jwk: the struct lws_jwk containing the signing key - * \param payload: unencoded payload JSON - * \param len: length of unencoded payload JSON - * \param nonce: Nonse string to include in protected header - * \param out: buffer to take signed packet - * \param out_len: size of \p out buffer - * - * This creates a "flattened" JWS packet from the jwk and the plaintext - * payload, and signs it. The packet is written into \p out. - * - * This does the whole packet assembly and signing, calling through to - * lws_jws_sign_from_b64() as part of the process. - * - * Returns the length written to \p out, or -1. - */ -LWS_VISIBLE LWS_EXTERN int -lws_jws_create_packet(struct lws_jwk *jwk, const char *payload, size_t len, - const char *nonce, char *out, size_t out_len); - -/** - * lws_jws_base64_enc() - encode input data into b64url data - * - * \param in: the incoming plaintext - * \param in_len: the length of the incoming plaintext in bytes - * \param out: the buffer to store the b64url encoded data to - * \param out_max: the length of \p out in bytes - * - * Returns either -1 if problems, or the number of bytes written to \p out. - */ -LWS_VISIBLE LWS_EXTERN int -lws_jws_base64_enc(const char *in, size_t in_len, char *out, size_t out_max); -///@} -#endif - -/*! \defgroup extensions Extension related functions - * ##Extension releated functions - * - * Ws defines optional extensions, lws provides the ability to implement these - * in user code if so desired. - * - * We provide one extensions permessage-deflate. - */ -///@{ - -/* - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ -enum lws_extension_callback_reasons { - LWS_EXT_CB_CONSTRUCT = 4, - LWS_EXT_CB_CLIENT_CONSTRUCT = 5, - LWS_EXT_CB_DESTROY = 8, - LWS_EXT_CB_PACKET_TX_PRESEND = 12, - LWS_EXT_CB_PAYLOAD_TX = 21, - LWS_EXT_CB_PAYLOAD_RX = 22, - LWS_EXT_CB_OPTION_DEFAULT = 23, - LWS_EXT_CB_OPTION_SET = 24, - LWS_EXT_CB_OPTION_CONFIRM = 25, - LWS_EXT_CB_NAMED_OPTION_SET = 26, - - /****** add new things just above ---^ ******/ -}; - -/** enum lws_ext_options_types */ -enum lws_ext_options_types { - EXTARG_NONE, /**< does not take an argument */ - EXTARG_DEC, /**< requires a decimal argument */ - EXTARG_OPT_DEC /**< may have an optional decimal argument */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility */ -}; - -/** struct lws_ext_options - Option arguments to the extension. These are - * used in the negotiation at ws upgrade time. - * The helper function lws_ext_parse_options() - * uses these to generate callbacks */ -struct lws_ext_options { - const char *name; /**< Option name, eg, "server_no_context_takeover" */ - enum lws_ext_options_types type; /**< What kind of args the option can take */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility */ -}; - -/** struct lws_ext_option_arg */ -struct lws_ext_option_arg { - const char *option_name; /**< may be NULL, option_index used then */ - int option_index; /**< argument ordinal to use if option_name missing */ - const char *start; /**< value */ - int len; /**< length of value */ -}; - -/** - * typedef lws_extension_callback_function() - Hooks to allow extensions to operate - * \param context: Websockets context - * \param ext: This extension - * \param wsi: Opaque websocket instance pointer - * \param reason: The reason for the call - * \param user: Pointer to ptr to per-session user data allocated by library - * \param in: Pointer used for some callback reasons - * \param len: Length set for some callback reasons - * - * Each extension that is active on a particular connection receives - * callbacks during the connection lifetime to allow the extension to - * operate on websocket data and manage itself. - * - * Libwebsockets takes care of allocating and freeing "user" memory for - * each active extension on each connection. That is what is pointed to - * by the user parameter. - * - * LWS_EXT_CB_CONSTRUCT: called when the server has decided to - * select this extension from the list provided by the client, - * just before the server will send back the handshake accepting - * the connection with this extension active. This gives the - * extension a chance to initialize its connection context found - * in user. - * - * LWS_EXT_CB_CLIENT_CONSTRUCT: same as LWS_EXT_CB_CONSTRUCT - * but called when client is instantiating this extension. Some - * extensions will work the same on client and server side and then - * you can just merge handlers for both CONSTRUCTS. - * - * LWS_EXT_CB_DESTROY: called when the connection the extension was - * being used on is about to be closed and deallocated. It's the - * last chance for the extension to deallocate anything it has - * allocated in the user data (pointed to by user) before the - * user data is deleted. This same callback is used whether you - * are in client or server instantiation context. - * - * LWS_EXT_CB_PACKET_TX_PRESEND: this works the same way as - * LWS_EXT_CB_PACKET_RX_PREPARSE above, except it gives the - * extension a chance to change websocket data just before it will - * be sent out. Using the same lws_token pointer scheme in in, - * the extension can change the buffer and the length to be - * transmitted how it likes. Again if it wants to grow the - * buffer safely, it should copy the data into its own buffer and - * set the lws_tokens token pointer to it. - * - * LWS_EXT_CB_ARGS_VALIDATE: - */ -typedef int -lws_extension_callback_function(struct lws_context *context, - const struct lws_extension *ext, struct lws *wsi, - enum lws_extension_callback_reasons reason, - void *user, void *in, size_t len); - -/** struct lws_extension - An extension we support */ -struct lws_extension { - const char *name; /**< Formal extension name, eg, "permessage-deflate" */ - lws_extension_callback_function *callback; /**< Service callback */ - const char *client_offer; /**< String containing exts and options client offers */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility */ -}; - -/** - * lws_set_extension_option(): set extension option if possible - * - * \param wsi: websocket connection - * \param ext_name: name of ext, like "permessage-deflate" - * \param opt_name: name of option, like "rx_buf_size" - * \param opt_val: value to set option to - */ -LWS_VISIBLE LWS_EXTERN int -lws_set_extension_option(struct lws *wsi, const char *ext_name, - const char *opt_name, const char *opt_val); - -/** - * lws_ext_parse_options() - deal with parsing negotiated extension options - * - * \param ext: related extension struct - * \param wsi: websocket connection - * \param ext_user: per-connection extension private data - * \param opts: list of supported options - * \param o: option string to parse - * \param len: length - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_ext_parse_options(const struct lws_extension *ext, struct lws *wsi, - void *ext_user, const struct lws_ext_options *opts, - const char *o, int len); - -/** lws_extension_callback_pm_deflate() - extension for RFC7692 - * - * \param context: lws context - * \param ext: related lws_extension struct - * \param wsi: websocket connection - * \param reason: incoming callback reason - * \param user: per-connection extension private data - * \param in: pointer parameter - * \param len: length parameter - * - * Built-in callback implementing RFC7692 permessage-deflate - */ -LWS_EXTERN -int lws_extension_callback_pm_deflate( - struct lws_context *context, const struct lws_extension *ext, - struct lws *wsi, enum lws_extension_callback_reasons reason, - void *user, void *in, size_t len); - -/* - * The internal exts are part of the public abi - * If we add more extensions, publish the callback here ------v - */ -///@} - -/*! \defgroup Protocols-and-Plugins Protocols and Plugins - * \ingroup lwsapi - * - * ##Protocol and protocol plugin -related apis - * - * Protocols bind ws protocol names to a custom callback specific to that - * protocol implementaion. - * - * A list of protocols can be passed in at context creation time, but it is - * also legal to leave that NULL and add the protocols and their callback code - * using plugins. - * - * Plugins are much preferable compared to cut and pasting code into an - * application each time, since they can be used standalone. - */ -///@{ -/** struct lws_protocols - List of protocols and handlers client or server - * supports. */ - -struct lws_protocols { - const char *name; - /**< Protocol name that must match the one given in the client - * Javascript new WebSocket(url, 'protocol') name. */ - lws_callback_function *callback; - /**< The service callback used for this protocol. It allows the - * service action for an entire protocol to be encapsulated in - * the protocol-specific callback */ - size_t per_session_data_size; - /**< Each new connection using this protocol gets - * this much memory allocated on connection establishment and - * freed on connection takedown. A pointer to this per-connection - * allocation is passed into the callback in the 'user' parameter */ - size_t rx_buffer_size; - /**< lws allocates this much space for rx data and informs callback - * when something came. Due to rx flow control, the callback may not - * be able to consume it all without having to return to the event - * loop. That is supported in lws. - * - * If .tx_packet_size is 0, this also controls how much may be sent at - * once for backwards compatibility. - */ - unsigned int id; - /**< ignored by lws, but useful to contain user information bound - * to the selected protocol. For example if this protocol was - * called "myprotocol-v2", you might set id to 2, and the user - * code that acts differently according to the version can do so by - * switch (wsi->protocol->id), user code might use some bits as - * capability flags based on selected protocol version, etc. */ - void *user; /**< ignored by lws, but user code can pass a pointer - here it can later access from the protocol callback */ - size_t tx_packet_size; - /**< 0 indicates restrict send() size to .rx_buffer_size for backwards- - * compatibility. - * If greater than zero, a single send() is restricted to this amount - * and any remainder is buffered by lws and sent afterwards also in - * these size chunks. Since that is expensive, it's preferable - * to restrict one fragment you are trying to send to match this - * size. - */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility */ -}; - -/** - * lws_vhost_name_to_protocol() - get vhost's protocol object from its name - * - * \param vh: vhost to search - * \param name: protocol name - * - * Returns NULL or a pointer to the vhost's protocol of the requested name - */ -LWS_VISIBLE LWS_EXTERN const struct lws_protocols * -lws_vhost_name_to_protocol(struct lws_vhost *vh, const char *name); - -/** - * lws_get_protocol() - Returns a protocol pointer from a websocket - * connection. - * \param wsi: pointer to struct websocket you want to know the protocol of - * - * - * Some apis can act on all live connections of a given protocol, - * this is how you can get a pointer to the active protocol if needed. - */ -LWS_VISIBLE LWS_EXTERN const struct lws_protocols * -lws_get_protocol(struct lws *wsi); - -/** lws_protocol_get() - deprecated: use lws_get_protocol */ -LWS_VISIBLE LWS_EXTERN const struct lws_protocols * -lws_protocol_get(struct lws *wsi) LWS_WARN_DEPRECATED; - -/** - * lws_protocol_vh_priv_zalloc() - Allocate and zero down a protocol's per-vhost - * storage - * \param vhost: vhost the instance is related to - * \param prot: protocol the instance is related to - * \param size: bytes to allocate - * - * Protocols often find it useful to allocate a per-vhost struct, this is a - * helper to be called in the per-vhost init LWS_CALLBACK_PROTOCOL_INIT - */ -LWS_VISIBLE LWS_EXTERN void * -lws_protocol_vh_priv_zalloc(struct lws_vhost *vhost, const struct lws_protocols *prot, - int size); - -/** - * lws_protocol_vh_priv_get() - retreive a protocol's per-vhost storage - * - * \param vhost: vhost the instance is related to - * \param prot: protocol the instance is related to - * - * Recover a pointer to the allocated per-vhost storage for the protocol created - * by lws_protocol_vh_priv_zalloc() earlier - */ -LWS_VISIBLE LWS_EXTERN void * -lws_protocol_vh_priv_get(struct lws_vhost *vhost, const struct lws_protocols *prot); - -/** - * lws_adjust_protocol_psds - change a vhost protocol's per session data size - * - * \param wsi: a connection with the protocol to change - * \param new_size: the new size of the per session data size for the protocol - * - * Returns user_space for the wsi, after allocating - * - * This should not be used except to initalize a vhost protocol's per session - * data size one time, before any connections are accepted. - * - * Sometimes the protocol wraps another protocol and needs to discover and set - * its per session data size at runtime. - */ -LWS_VISIBLE LWS_EXTERN void * -lws_adjust_protocol_psds(struct lws *wsi, size_t new_size); - -/** - * lws_finalize_startup() - drop initial process privileges - * - * \param context: lws context - * - * This is called after the end of the vhost protocol initializations, but - * you may choose to call it earlier - */ -LWS_VISIBLE LWS_EXTERN int -lws_finalize_startup(struct lws_context *context); - -/** - * lws_pvo_search() - helper to find a named pvo in a linked-list - * - * \param pvo: the first pvo in the linked-list - * \param name: the name of the pvo to return if found - * - * Returns NULL, or a pointer to the name pvo in the linked-list - */ -LWS_VISIBLE LWS_EXTERN const struct lws_protocol_vhost_options * -lws_pvo_search(const struct lws_protocol_vhost_options *pvo, const char *name); - -LWS_VISIBLE LWS_EXTERN int -lws_protocol_init(struct lws_context *context); - -#ifdef LWS_WITH_PLUGINS - -/* PLUGINS implies LIBUV */ - -#define LWS_PLUGIN_API_MAGIC 180 - -/** struct lws_plugin_capability - how a plugin introduces itself to lws */ -struct lws_plugin_capability { - unsigned int api_magic; /**< caller fills this in, plugin fills rest */ - const struct lws_protocols *protocols; /**< array of supported protocols provided by plugin */ - int count_protocols; /**< how many protocols */ - const struct lws_extension *extensions; /**< array of extensions provided by plugin */ - int count_extensions; /**< how many extensions */ -}; - -typedef int (*lws_plugin_init_func)(struct lws_context *, - struct lws_plugin_capability *); -typedef int (*lws_plugin_destroy_func)(struct lws_context *); - -/** struct lws_plugin */ -struct lws_plugin { - struct lws_plugin *list; /**< linked list */ -#if (UV_VERSION_MAJOR > 0) - uv_lib_t lib; /**< shared library pointer */ -#else - void *l; /**< so we can compile on ancient libuv */ -#endif - char name[64]; /**< name of the plugin */ - struct lws_plugin_capability caps; /**< plugin capabilities */ -}; - -#endif - -///@} - - -/*! \defgroup generic-sessions plugin: generic-sessions - * \ingroup Protocols-and-Plugins - * - * ##Plugin Generic-sessions related - * - * generic-sessions plugin provides a reusable, generic session and login / - * register / forgot password framework including email verification. - */ -///@{ - -#define LWSGS_EMAIL_CONTENT_SIZE 16384 -/**< Maximum size of email we might send */ - -/* SHA-1 binary and hexified versions */ -/** typedef struct lwsgw_hash_bin */ -typedef struct { unsigned char bin[20]; /**< binary representation of hash */} lwsgw_hash_bin; -/** typedef struct lwsgw_hash */ -typedef struct { char id[41]; /**< ascii hex representation of hash */ } lwsgw_hash; - -/** enum lwsgs_auth_bits */ -enum lwsgs_auth_bits { - LWSGS_AUTH_LOGGED_IN = 1, /**< user is logged in as somebody */ - LWSGS_AUTH_ADMIN = 2, /**< logged in as the admin user */ - LWSGS_AUTH_VERIFIED = 4, /**< user has verified his email */ - LWSGS_AUTH_FORGOT_FLOW = 8, /**< he just completed "forgot password" flow */ -}; - -/** struct lws_session_info - information about user session status */ -struct lws_session_info { - char username[32]; /**< username logged in as, or empty string */ - char email[100]; /**< email address associated with login, or empty string */ - char ip[72]; /**< ip address session was started from */ - unsigned int mask; /**< access rights mask associated with session - * see enum lwsgs_auth_bits */ - char session[42]; /**< session id string, usable as opaque uid when not logged in */ -}; - -/** enum lws_gs_event */ -enum lws_gs_event { - LWSGSE_CREATED, /**< a new user was created */ - LWSGSE_DELETED /**< an existing user was deleted */ -}; - -/** struct lws_gs_event_args */ -struct lws_gs_event_args { - enum lws_gs_event event; /**< which event happened */ - const char *username; /**< which username the event happened to */ - const char *email; /**< the email address of that user */ -}; - -///@} - - -/*! \defgroup context-and-vhost context and vhost related functions - * ##Context and Vhost releated functions - * \ingroup lwsapi - * - * - * LWS requires that there is one context, in which you may define multiple - * vhosts. Each vhost is a virtual host, with either its own listen port - * or sharing an existing one. Each vhost has its own SSL context that can - * be set up individually or left disabled. - * - * If you don't care about multiple "site" support, you can ignore it and - * lws will create a single default vhost at context creation time. - */ -///@{ - -/* - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ - -/** enum lws_context_options - context and vhost options */ -enum lws_context_options { - LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT = (1 << 1) | - (1 << 12), - /**< (VH) Don't allow the connection unless the client has a - * client cert that we recognize; provides - * LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT */ - LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME = (1 << 2), - /**< (CTX) Don't try to get the server's hostname */ - LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT = (1 << 3) | - (1 << 12), - /**< (VH) Allow non-SSL (plaintext) connections on the same - * port as SSL is listening... undermines the security of SSL; - * provides LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT */ - LWS_SERVER_OPTION_LIBEV = (1 << 4), - /**< (CTX) Use libev event loop */ - LWS_SERVER_OPTION_DISABLE_IPV6 = (1 << 5), - /**< (VH) Disable IPV6 support */ - LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS = (1 << 6), - /**< (VH) Don't load OS CA certs, you will need to load your - * own CA cert(s) */ - LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED = (1 << 7), - /**< (VH) Accept connections with no valid Cert (eg, selfsigned) */ - LWS_SERVER_OPTION_VALIDATE_UTF8 = (1 << 8), - /**< (VH) Check UT-8 correctness */ - LWS_SERVER_OPTION_SSL_ECDH = (1 << 9) | - (1 << 12), - /**< (VH) initialize ECDH ciphers */ - LWS_SERVER_OPTION_LIBUV = (1 << 10), - /**< (CTX) Use libuv event loop */ - LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS = (1 << 11) | - (1 << 12), - /**< (VH) Use http redirect to force http to https - * (deprecated: use mount redirection) */ - LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT = (1 << 12), - /**< (CTX) Initialize the SSL library at all */ - LWS_SERVER_OPTION_EXPLICIT_VHOSTS = (1 << 13), - /**< (CTX) Only create the context when calling context - * create api, implies user code will create its own vhosts */ - LWS_SERVER_OPTION_UNIX_SOCK = (1 << 14), - /**< (VH) Use Unix socket */ - LWS_SERVER_OPTION_STS = (1 << 15), - /**< (VH) Send Strict Transport Security header, making - * clients subsequently go to https even if user asked for http */ - LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY = (1 << 16), - /**< (VH) Enable LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE to take effect */ - LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE = (1 << 17), - /**< (VH) if set, only ipv6 allowed on the vhost */ - LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN = (1 << 18), - /**< (CTX) Libuv only: Do not spin on SIGSEGV / SIGFPE. A segfault - * normally makes the lib spin so you can attach a debugger to it - * even if it happened without a debugger in place. You can disable - * that by giving this option. - */ - LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN = (1 << 19), - /**< For backwards-compatibility reasons, by default - * lws prepends "http://" to the origin you give in the client - * connection info struct. If you give this flag when you create - * the context, only the string you give in the client connect - * info for .origin (if any) will be used directly. - */ - LWS_SERVER_OPTION_FALLBACK_TO_RAW = (1 << 20), - /**< (VH) if invalid http is coming in the first line, */ - LWS_SERVER_OPTION_LIBEVENT = (1 << 21), - /**< (CTX) Use libevent event loop */ - LWS_SERVER_OPTION_ONLY_RAW = (1 << 22), - /**< (VH) All connections to this vhost / port are RAW as soon as - * the connection is accepted, no HTTP is going to be coming. - */ - LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE = (1 << 23), - /**< (VH) Set to allow multiple listen sockets on one interface + - * address + port. The default is to strictly allow only one - * listen socket at a time. This is automatically selected if you - * have multiple service threads. - */ - LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX = (1 << 24), - /**< (VH) Force setting up the vhost SSL_CTX, even though the user - * code doesn't explicitly provide a cert in the info struct. It - * implies the user code is going to provide a cert at the - * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS callback, which - * provides the vhost SSL_CTX * in the user parameter. - */ - LWS_SERVER_OPTION_SKIP_PROTOCOL_INIT = (1 << 25), - /**< (VH) You probably don't want this. It forces this vhost to not - * call LWS_CALLBACK_PROTOCOL_INIT on its protocols. It's used in the - * special case of a temporary vhost bound to a single protocol. - */ - LWS_SERVER_OPTION_IGNORE_MISSING_CERT = (1 << 26), - /**< (VH) Don't fail if the vhost TLS cert or key are missing, just - * continue. The vhost won't be able to serve anything, but if for - * example the ACME plugin was configured to fetch a cert, this lets - * you bootstrap your vhost from having no cert to start with. - */ - - /****** add new things just above ---^ ******/ -}; - -#define lws_check_opt(c, f) (((c) & (f)) == (f)) - -struct lws_plat_file_ops; - -/** struct lws_context_creation_info - parameters to create context and /or vhost with - * - * This is also used to create vhosts.... if LWS_SERVER_OPTION_EXPLICIT_VHOSTS - * is not given, then for backwards compatibility one vhost is created at - * context-creation time using the info from this struct. - * - * If LWS_SERVER_OPTION_EXPLICIT_VHOSTS is given, then no vhosts are created - * at the same time as the context, they are expected to be created afterwards. - */ -struct lws_context_creation_info { - int port; - /**< VHOST: Port to listen on. Use CONTEXT_PORT_NO_LISTEN to suppress - * listening for a client. Use CONTEXT_PORT_NO_LISTEN_SERVER if you are - * writing a server but you are using \ref sock-adopt instead of the - * built-in listener. - * - * You can also set port to 0, in which case the kernel will pick - * a random port that is not already in use. You can find out what - * port the vhost is listening on using lws_get_vhost_listen_port() */ - const char *iface; - /**< VHOST: NULL to bind the listen socket to all interfaces, or the - * interface name, eg, "eth2" - * If options specifies LWS_SERVER_OPTION_UNIX_SOCK, this member is - * the pathname of a UNIX domain socket. you can use the UNIX domain - * sockets in abstract namespace, by prepending an at symbol to the - * socket name. */ - const struct lws_protocols *protocols; - /**< VHOST: Array of structures listing supported protocols and a protocol- - * specific callback for each one. The list is ended with an - * entry that has a NULL callback pointer. */ - const struct lws_extension *extensions; - /**< VHOST: NULL or array of lws_extension structs listing the - * extensions this context supports. */ - const struct lws_token_limits *token_limits; - /**< CONTEXT: NULL or struct lws_token_limits pointer which is initialized - * with a token length limit for each possible WSI_TOKEN_ */ - const char *ssl_private_key_password; - /**< VHOST: NULL or the passphrase needed for the private key. (For - * backwards compatibility, this can also be used to pass the client - * cert passphrase when setting up a vhost client SSL context, but it is - * preferred to use .client_ssl_private_key_password for that.) */ - const char *ssl_cert_filepath; - /**< VHOST: If libwebsockets was compiled to use ssl, and you want - * to listen using SSL, set to the filepath to fetch the - * server cert from, otherwise NULL for unencrypted. (For backwards - * compatibility, this can also be used to pass the client certificate - * when setting up a vhost client SSL context, but it is preferred to - * use .client_ssl_cert_filepath for that.) */ - const char *ssl_private_key_filepath; - /**< VHOST: filepath to private key if wanting SSL mode; - * if this is set to NULL but ssl_cert_filepath is set, the - * OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY callback is called - * to allow setting of the private key directly via openSSL - * library calls. (For backwards compatibility, this can also be used - * to pass the client cert private key filepath when setting up a - * vhost client SSL context, but it is preferred to use - * .client_ssl_private_key_filepath for that.) */ - const char *ssl_ca_filepath; - /**< VHOST: CA certificate filepath or NULL. (For backwards - * compatibility, this can also be used to pass the client CA - * filepath when setting up a vhost client SSL context, - * but it is preferred to use .client_ssl_ca_filepath for that.) */ - const char *ssl_cipher_list; - /**< VHOST: List of valid ciphers to use (eg, - * "RC4-MD5:RC4-SHA:AES128-SHA:AES256-SHA:HIGH:!DSS:!aNULL" - * or you can leave it as NULL to get "DEFAULT" (For backwards - * compatibility, this can also be used to pass the client cipher - * list when setting up a vhost client SSL context, - * but it is preferred to use .client_ssl_cipher_list for that.)*/ - const char *http_proxy_address; - /**< VHOST: If non-NULL, attempts to proxy via the given address. - * If proxy auth is required, use format "username:password\@server:port" */ - unsigned int http_proxy_port; - /**< VHOST: If http_proxy_address was non-NULL, uses this port */ - int gid; - /**< CONTEXT: group id to change to after setting listen socket, or -1. */ - int uid; - /**< CONTEXT: user id to change to after setting listen socket, or -1. */ - unsigned int options; - /**< VHOST + CONTEXT: 0, or LWS_SERVER_OPTION_... bitfields */ - void *user; - /**< VHOST + CONTEXT: optional user pointer that will be associated - * with the context when creating the context (and can be retrieved by - * lws_context_user(context), or with the vhost when creating the vhost - * (and can be retrieved by lws_vhost_user(vhost)). You will need to - * use LWS_SERVER_OPTION_EXPLICIT_VHOSTS and create the vhost separately - * if you care about giving the context and vhost different user pointer - * values. - */ - int ka_time; - /**< CONTEXT: 0 for no TCP keepalive, otherwise apply this keepalive - * timeout to all libwebsocket sockets, client or server */ - int ka_probes; - /**< CONTEXT: if ka_time was nonzero, after the timeout expires how many - * times to try to get a response from the peer before giving up - * and killing the connection */ - int ka_interval; - /**< CONTEXT: if ka_time was nonzero, how long to wait before each ka_probes - * attempt */ -#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) - SSL_CTX *provided_client_ssl_ctx; - /**< CONTEXT: If non-null, swap out libwebsockets ssl - * implementation for the one provided by provided_ssl_ctx. - * Libwebsockets no longer is responsible for freeing the context - * if this option is selected. */ -#else /* maintain structure layout either way */ - void *provided_client_ssl_ctx; /**< dummy if ssl disabled */ -#endif - - short max_http_header_data; - /**< CONTEXT: The max amount of header payload that can be handled - * in an http request (unrecognized header payload is dropped) */ - short max_http_header_pool; - /**< CONTEXT: The max number of connections with http headers that - * can be processed simultaneously (the corresponding memory is - * allocated and deallocated dynamically as needed). If the pool is - * fully busy new incoming connections must wait for accept until one - * becomes free. 0 = allow as many ah as number of availble fds for - * the process */ - - unsigned int count_threads; - /**< CONTEXT: how many contexts to create in an array, 0 = 1 */ - unsigned int fd_limit_per_thread; - /**< CONTEXT: nonzero means restrict each service thread to this - * many fds, 0 means the default which is divide the process fd - * limit by the number of threads. */ - unsigned int timeout_secs; - /**< VHOST: various processes involving network roundtrips in the - * library are protected from hanging forever by timeouts. If - * nonzero, this member lets you set the timeout used in seconds. - * Otherwise a default timeout is used. */ - const char *ecdh_curve; - /**< VHOST: if NULL, defaults to initializing server with "prime256v1" */ - const char *vhost_name; - /**< VHOST: name of vhost, must match external DNS name used to - * access the site, like "warmcat.com" as it's used to match - * Host: header and / or SNI name for SSL. */ - const char * const *plugin_dirs; - /**< CONTEXT: NULL, or NULL-terminated array of directories to - * scan for lws protocol plugins at context creation time */ - const struct lws_protocol_vhost_options *pvo; - /**< VHOST: pointer to optional linked list of per-vhost - * options made accessible to protocols */ - int keepalive_timeout; - /**< VHOST: (default = 0 = 5s) seconds to allow remote - * client to hold on to an idle HTTP/1.1 connection */ - const char *log_filepath; - /**< VHOST: filepath to append logs to... this is opened before - * any dropping of initial privileges */ - const struct lws_http_mount *mounts; - /**< VHOST: optional linked list of mounts for this vhost */ - const char *server_string; - /**< CONTEXT: string used in HTTP headers to identify server - * software, if NULL, "libwebsockets". */ - unsigned int pt_serv_buf_size; - /**< CONTEXT: 0 = default of 4096. This buffer is used by - * various service related features including file serving, it - * defines the max chunk of file that can be sent at once. - * At the risk of lws having to buffer failed large sends, it - * can be increased to, eg, 128KiB to improve throughput. */ - unsigned int max_http_header_data2; - /**< CONTEXT: if max_http_header_data is 0 and this - * is nonzero, this will be used in place of the default. It's - * like this for compatibility with the original short version, - * this is unsigned int length. */ - long ssl_options_set; - /**< VHOST: Any bits set here will be set as SSL options */ - long ssl_options_clear; - /**< VHOST: Any bits set here will be cleared as SSL options */ - unsigned short ws_ping_pong_interval; - /**< CONTEXT: 0 for none, else interval in seconds between sending - * PINGs on idle websocket connections. When the PING is sent, - * the PONG must come within the normal timeout_secs timeout period - * or the connection will be dropped. - * Any RX or TX traffic on the connection restarts the interval timer, - * so a connection which always sends or receives something at intervals - * less than the interval given here will never send PINGs / expect - * PONGs. Conversely as soon as the ws connection is established, an - * idle connection will do the PING / PONG roundtrip as soon as - * ws_ping_pong_interval seconds has passed without traffic - */ - const struct lws_protocol_vhost_options *headers; - /**< VHOST: pointer to optional linked list of per-vhost - * canned headers that are added to server responses */ - - const struct lws_protocol_vhost_options *reject_service_keywords; - /**< CONTEXT: Optional list of keywords and rejection codes + text. - * - * The keywords are checked for existing in the user agent string. - * - * Eg, "badrobot" "404 Not Found" - */ - void *external_baggage_free_on_destroy; - /**< CONTEXT: NULL, or pointer to something externally malloc'd, that - * should be freed when the context is destroyed. This allows you to - * automatically sync the freeing action to the context destruction - * action, so there is no need for an external free() if the context - * succeeded to create. - */ - - const char *client_ssl_private_key_password; - /**< VHOST: Client SSL context init: NULL or the passphrase needed - * for the private key */ - const char *client_ssl_cert_filepath; - /**< VHOST: Client SSL context init:T he certificate the client - * should present to the peer on connection */ - const char *client_ssl_private_key_filepath; - /**< VHOST: Client SSL context init: filepath to client private key - * if this is set to NULL but client_ssl_cert_filepath is set, you - * can handle the LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS - * callback of protocols[0] to allow setting of the private key directly - * via openSSL library calls */ - const char *client_ssl_ca_filepath; - /**< VHOST: Client SSL context init: CA certificate filepath or NULL */ - const char *client_ssl_cipher_list; - /**< VHOST: Client SSL context init: List of valid ciphers to use (eg, - * "RC4-MD5:RC4-SHA:AES128-SHA:AES256-SHA:HIGH:!DSS:!aNULL" - * or you can leave it as NULL to get "DEFAULT" */ - - const struct lws_plat_file_ops *fops; - /**< CONTEXT: NULL, or pointer to an array of fops structs, terminated - * by a sentinel with NULL .open. - * - * If NULL, lws provides just the platform file operations struct for - * backwards compatibility. - */ - int simultaneous_ssl_restriction; - /**< CONTEXT: 0 (no limit) or limit of simultaneous SSL sessions possible.*/ - const char *socks_proxy_address; - /**< VHOST: If non-NULL, attempts to proxy via the given address. - * If proxy auth is required, use format "username:password\@server:port" */ - unsigned int socks_proxy_port; - /**< VHOST: If socks_proxy_address was non-NULL, uses this port */ -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) - cap_value_t caps[4]; - /**< CONTEXT: array holding Linux capabilities you want to - * continue to be available to the server after it transitions - * to a noprivileged user. Usually none are needed but for, eg, - * .bind_iface, CAP_NET_RAW is required. This gives you a way - * to still have the capability but drop root. - */ - char count_caps; - /**< CONTEXT: count of Linux capabilities in .caps[]. 0 means - * no capabilities will be inherited from root (the default) */ -#endif - int bind_iface; - /**< VHOST: nonzero to strictly bind sockets to the interface name in - * .iface (eg, "eth2"), using SO_BIND_TO_DEVICE. - * - * Requires SO_BINDTODEVICE support from your OS and CAP_NET_RAW - * capability. - * - * Notice that common things like access network interface IP from - * your local machine use your lo / loopback interface and will be - * disallowed by this. - */ - int ssl_info_event_mask; - /**< VHOST: mask of ssl events to be reported on LWS_CALLBACK_SSL_INFO - * callback for connections on this vhost. The mask values are of - * the form SSL_CB_ALERT, defined in openssl/ssl.h. The default of - * 0 means no info events will be reported. - */ - unsigned int timeout_secs_ah_idle; - /**< VHOST: seconds to allow a client to hold an ah without using it. - * 0 defaults to 10s. */ - unsigned short ip_limit_ah; - /**< CONTEXT: max number of ah a single IP may use simultaneously - * 0 is no limit. This is a soft limit: if the limit is - * reached, connections from that IP will wait in the ah - * waiting list and not be able to acquire an ah until - * a connection belonging to the IP relinquishes one it - * already has. - */ - unsigned short ip_limit_wsi; - /**< CONTEXT: max number of wsi a single IP may use simultaneously. - * 0 is no limit. This is a hard limit, connections from - * the same IP will simply be dropped once it acquires the - * amount of simultaneous wsi / accepted connections - * given here. - */ - uint32_t http2_settings[7]; - /**< VHOST: if http2_settings[0] is nonzero, the values given in - * http2_settings[1]..[6] are used instead of the lws - * platform default values. - * Just leave all at 0 if you don't care. - */ - const char *error_document_404; - /**< VHOST: If non-NULL, when asked to serve a non-existent file, - * lws attempts to server this url path instead. Eg, - * "/404.html" */ - const char *alpn; - /**< CONTEXT: If non-NULL, default list of advertised alpn, comma- - * separated - * - * VHOST: If non-NULL, per-vhost list of advertised alpn, comma- - * separated - */ - void **foreign_loops; - /**< CONTEXT: This is ignored if the context is not being started with - * an event loop, ie, .options has a flag like - * LWS_SERVER_OPTION_LIBUV. - * - * NULL indicates lws should start its own even loop for - * each service thread, and deal with closing the loops - * when the context is destroyed. - * - * Non-NULL means it points to an array of external - * ("foreign") event loops that are to be used in turn for - * each service thread. In the default case of 1 service - * thread, it can just point to one foreign event loop. - */ - void (*signal_cb)(void *event_lib_handle, int signum); - /**< CONTEXT: NULL: default signal handling. Otherwise this receives - * the signal handler callback. event_lib_handle is the - * native event library signal handle, eg uv_signal_t * - * for libuv. - */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility - * - * The below is to ensure later library versions with new - * members added above will see 0 (default) even if the app - * was not built against the newer headers. - */ - struct lws_context **pcontext; - /**< CONTEXT: if non-NULL, at the end of context destroy processing, - * the pointer pointed to by pcontext is written with NULL. You can - * use this to let foreign event loops know that lws context destruction - * is fully completed. - */ - - void *_unused[4]; /**< dummy */ -}; - -/** - * lws_create_context() - Create the websocket handler - * \param info: pointer to struct with parameters - * - * This function creates the listening socket (if serving) and takes care - * of all initialization in one step. - * - * If option LWS_SERVER_OPTION_EXPLICIT_VHOSTS is given, no vhost is - * created; you're expected to create your own vhosts afterwards using - * lws_create_vhost(). Otherwise a vhost named "default" is also created - * using the information in the vhost-related members, for compatibility. - * - * After initialization, it returns a struct lws_context * that - * represents this server. After calling, user code needs to take care - * of calling lws_service() with the context pointer to get the - * server's sockets serviced. This must be done in the same process - * context as the initialization call. - * - * The protocol callback functions are called for a handful of events - * including http requests coming in, websocket connections becoming - * established, and data arriving; it's also called periodically to allow - * async transmission. - * - * HTTP requests are sent always to the FIRST protocol in protocol, since - * at that time websocket protocol has not been negotiated. Other - * protocols after the first one never see any HTTP callback activity. - * - * The server created is a simple http server by default; part of the - * websocket standard is upgrading this http connection to a websocket one. - * - * This allows the same server to provide files like scripts and favicon / - * images or whatever over http and dynamic data over websockets all in - * one place; they're all handled in the user callback. - */ -LWS_VISIBLE LWS_EXTERN struct lws_context * -lws_create_context(const struct lws_context_creation_info *info); - - -/** - * lws_context_destroy() - Destroy the websocket context - * \param context: Websocket context - * - * This function closes any active connections and then frees the - * context. After calling this, any further use of the context is - * undefined. - */ -LWS_VISIBLE LWS_EXTERN void -lws_context_destroy(struct lws_context *context); - -typedef int (*lws_reload_func)(void); - -/** - * lws_context_deprecate() - Deprecate the websocket context - * - * \param context: Websocket context - * \param cb: Callback notified when old context listen sockets are closed - * - * This function is used on an existing context before superceding it - * with a new context. - * - * It closes any listen sockets in the context, so new connections are - * not possible. - * - * And it marks the context to be deleted when the number of active - * connections into it falls to zero. - * - * Otherwise if you attach the deprecated context to the replacement - * context when it has been created using lws_context_attach_deprecated() - * both any deprecated and the new context will service their connections. - * - * This is aimed at allowing seamless configuration reloads. - * - * The callback cb will be called after the listen sockets are actually - * closed and may be reopened. In the callback the new context should be - * configured and created. (With libuv, socket close happens async after - * more loop events). - */ -LWS_VISIBLE LWS_EXTERN void -lws_context_deprecate(struct lws_context *context, lws_reload_func cb); - -LWS_VISIBLE LWS_EXTERN int -lws_context_is_deprecated(struct lws_context *context); - -/** - * lws_set_proxy() - Setups proxy to lws_context. - * \param vhost: pointer to struct lws_vhost you want set proxy for - * \param proxy: pointer to c string containing proxy in format address:port - * - * Returns 0 if proxy string was parsed and proxy was setup. - * Returns -1 if proxy is NULL or has incorrect format. - * - * This is only required if your OS does not provide the http_proxy - * environment variable (eg, OSX) - * - * IMPORTANT! You should call this function right after creation of the - * lws_context and before call to connect. If you call this - * function after connect behavior is undefined. - * This function will override proxy settings made on lws_context - * creation with genenv() call. - */ -LWS_VISIBLE LWS_EXTERN int -lws_set_proxy(struct lws_vhost *vhost, const char *proxy); - -/** - * lws_set_socks() - Setup socks to lws_context. - * \param vhost: pointer to struct lws_vhost you want set socks for - * \param socks: pointer to c string containing socks in format address:port - * - * Returns 0 if socks string was parsed and socks was setup. - * Returns -1 if socks is NULL or has incorrect format. - * - * This is only required if your OS does not provide the socks_proxy - * environment variable (eg, OSX) - * - * IMPORTANT! You should call this function right after creation of the - * lws_context and before call to connect. If you call this - * function after connect behavior is undefined. - * This function will override proxy settings made on lws_context - * creation with genenv() call. - */ -LWS_VISIBLE LWS_EXTERN int -lws_set_socks(struct lws_vhost *vhost, const char *socks); - -struct lws_vhost; - -/** - * lws_create_vhost() - Create a vhost (virtual server context) - * \param context: pointer to result of lws_create_context() - * \param info: pointer to struct with parameters - * - * This function creates a virtual server (vhost) using the vhost-related - * members of the info struct. You can create many vhosts inside one context - * if you created the context with the option LWS_SERVER_OPTION_EXPLICIT_VHOSTS - */ -LWS_VISIBLE LWS_EXTERN struct lws_vhost * -lws_create_vhost(struct lws_context *context, - const struct lws_context_creation_info *info); - -/** - * lws_vhost_destroy() - Destroy a vhost (virtual server context) - * - * \param vh: pointer to result of lws_create_vhost() - * - * This function destroys a vhost. Normally, if you just want to exit, - * then lws_destroy_context() will take care of everything. If you want - * to destroy an individual vhost and all connections and allocations, you - * can do it with this. - * - * If the vhost has a listen sockets shared by other vhosts, it will be given - * to one of the vhosts sharing it rather than closed. - */ -LWS_VISIBLE LWS_EXTERN void -lws_vhost_destroy(struct lws_vhost *vh); - -/** - * lwsws_get_config_globals() - Parse a JSON server config file - * \param info: pointer to struct with parameters - * \param d: filepath of the config file - * \param config_strings: storage for the config strings extracted from JSON, - * the pointer is incremented as strings are stored - * \param len: pointer to the remaining length left in config_strings - * the value is decremented as strings are stored - * - * This function prepares a n lws_context_creation_info struct with global - * settings from a file d. - * - * Requires CMake option LWS_WITH_LEJP_CONF to have been enabled - */ -LWS_VISIBLE LWS_EXTERN int -lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d, - char **config_strings, int *len); - -/** - * lwsws_get_config_vhosts() - Create vhosts from a JSON server config file - * \param context: pointer to result of lws_create_context() - * \param info: pointer to struct with parameters - * \param d: filepath of the config file - * \param config_strings: storage for the config strings extracted from JSON, - * the pointer is incremented as strings are stored - * \param len: pointer to the remaining length left in config_strings - * the value is decremented as strings are stored - * - * This function creates vhosts into a context according to the settings in - *JSON files found in directory d. - * - * Requires CMake option LWS_WITH_LEJP_CONF to have been enabled - */ -LWS_VISIBLE LWS_EXTERN int -lwsws_get_config_vhosts(struct lws_context *context, - struct lws_context_creation_info *info, const char *d, - char **config_strings, int *len); - -/** lws_vhost_get() - \deprecated deprecated: use lws_get_vhost() */ -LWS_VISIBLE LWS_EXTERN struct lws_vhost * -lws_vhost_get(struct lws *wsi) LWS_WARN_DEPRECATED; - -/** - * lws_get_vhost() - return the vhost a wsi belongs to - * - * \param wsi: which connection - */ -LWS_VISIBLE LWS_EXTERN struct lws_vhost * -lws_get_vhost(struct lws *wsi); - -/** - * lws_get_vhost_name() - returns the name of a vhost - * - * \param vhost: which vhost - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_get_vhost_name(struct lws_vhost *vhost); - -/** - * lws_get_vhost_port() - returns the port a vhost listens on, or -1 - * - * \param vhost: which vhost - */ -LWS_VISIBLE LWS_EXTERN int -lws_get_vhost_port(struct lws_vhost *vhost); - -/** - * lws_get_vhost_user() - returns the user pointer for the vhost - * - * \param vhost: which vhost - */ -LWS_VISIBLE LWS_EXTERN void * -lws_get_vhost_user(struct lws_vhost *vhost); - -/** - * lws_get_vhost_iface() - returns the binding for the vhost listen socket - * - * \param vhost: which vhost - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_get_vhost_iface(struct lws_vhost *vhost); - -/** - * lws_json_dump_vhost() - describe vhost state and stats in JSON - * - * \param vh: the vhost - * \param buf: buffer to fill with JSON - * \param len: max length of buf - */ -LWS_VISIBLE LWS_EXTERN int -lws_json_dump_vhost(const struct lws_vhost *vh, char *buf, int len); - -/** - * lws_json_dump_context() - describe context state and stats in JSON - * - * \param context: the context - * \param buf: buffer to fill with JSON - * \param len: max length of buf - * \param hide_vhosts: nonzero to not provide per-vhost mount etc information - * - * Generates a JSON description of vhost state into buf - */ -LWS_VISIBLE LWS_EXTERN int -lws_json_dump_context(const struct lws_context *context, char *buf, int len, - int hide_vhosts); - -/** - * lws_vhost_user() - get the user data associated with the vhost - * \param vhost: Websocket vhost - * - * This returns the optional user pointer that can be attached to - * a vhost when it was created. Lws never dereferences this pointer, it only - * sets it when the vhost is created, and returns it using this api. - */ -LWS_VISIBLE LWS_EXTERN void * -lws_vhost_user(struct lws_vhost *vhost); - -/** - * lws_context_user() - get the user data associated with the context - * \param context: Websocket context - * - * This returns the optional user allocation that can be attached to - * the context the sockets live in at context_create time. It's a way - * to let all sockets serviced in the same context share data without - * using globals statics in the user code. - */ -LWS_VISIBLE LWS_EXTERN void * -lws_context_user(struct lws_context *context); - -/*! \defgroup vhost-mounts Vhost mounts and options - * \ingroup context-and-vhost-creation - * - * ##Vhost mounts and options - */ -///@{ -/** struct lws_protocol_vhost_options - linked list of per-vhost protocol - * name=value options - * - * This provides a general way to attach a linked-list of name=value pairs, - * which can also have an optional child link-list using the options member. - */ -struct lws_protocol_vhost_options { - const struct lws_protocol_vhost_options *next; /**< linked list */ - const struct lws_protocol_vhost_options *options; /**< child linked-list of more options for this node */ - const char *name; /**< name of name=value pair */ - const char *value; /**< value of name=value pair */ -}; - -/** enum lws_mount_protocols - * This specifies the mount protocol for a mountpoint, whether it is to be - * served from a filesystem, or it is a cgi etc. - */ -enum lws_mount_protocols { - LWSMPRO_HTTP = 0, /**< http reverse proxy */ - LWSMPRO_HTTPS = 1, /**< https reverse proxy */ - LWSMPRO_FILE = 2, /**< serve from filesystem directory */ - LWSMPRO_CGI = 3, /**< pass to CGI to handle */ - LWSMPRO_REDIR_HTTP = 4, /**< redirect to http:// url */ - LWSMPRO_REDIR_HTTPS = 5, /**< redirect to https:// url */ - LWSMPRO_CALLBACK = 6, /**< hand by named protocol's callback */ -}; - -/** struct lws_http_mount - * - * arguments for mounting something in a vhost's url namespace - */ -struct lws_http_mount { - const struct lws_http_mount *mount_next; - /**< pointer to next struct lws_http_mount */ - const char *mountpoint; - /**< mountpoint in http pathspace, eg, "/" */ - const char *origin; - /**< path to be mounted, eg, "/var/www/warmcat.com" */ - const char *def; - /**< default target, eg, "index.html" */ - const char *protocol; - /**<"protocol-name" to handle mount */ - - const struct lws_protocol_vhost_options *cgienv; - /**< optional linked-list of cgi options. These are created - * as environment variables for the cgi process - */ - const struct lws_protocol_vhost_options *extra_mimetypes; - /**< optional linked-list of mimetype mappings */ - const struct lws_protocol_vhost_options *interpret; - /**< optional linked-list of files to be interpreted */ - - int cgi_timeout; - /**< seconds cgi is allowed to live, if cgi://mount type */ - int cache_max_age; - /**< max-age for reuse of client cache of files, seconds */ - unsigned int auth_mask; - /**< bits set here must be set for authorized client session */ - - unsigned int cache_reusable:1; /**< set if client cache may reuse this */ - unsigned int cache_revalidate:1; /**< set if client cache should revalidate on use */ - unsigned int cache_intermediaries:1; /**< set if intermediaries are allowed to cache */ - - unsigned char origin_protocol; /**< one of enum lws_mount_protocols */ - unsigned char mountpoint_len; /**< length of mountpoint string */ - - const char *basic_auth_login_file; - /**<NULL, or filepath to use to check basic auth logins against */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility - * - * The below is to ensure later library versions with new - * members added above will see 0 (default) even if the app - * was not built against the newer headers. - */ - - void *_unused[2]; /**< dummy */ -}; -///@} -///@} - -/*! \defgroup client Client related functions - * ##Client releated functions - * \ingroup lwsapi - * - * */ -///@{ - -/** enum lws_client_connect_ssl_connection_flags - flags that may be used - * with struct lws_client_connect_info ssl_connection member to control if - * and how SSL checks apply to the client connection being created - */ - -enum lws_client_connect_ssl_connection_flags { - LCCSCF_USE_SSL = (1 << 0), - LCCSCF_ALLOW_SELFSIGNED = (1 << 1), - LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK = (1 << 2), - LCCSCF_ALLOW_EXPIRED = (1 << 3), - - LCCSCF_PIPELINE = (1 << 16), - /**< Serialize / pipeline multiple client connections - * on a single connection where possible. - * - * HTTP/1.0: possible if Keep-Alive: yes sent by server - * HTTP/1.1: always possible... uses pipelining - * HTTP/2: always possible... uses parallel streams - * */ -}; - -/** struct lws_client_connect_info - parameters to connect with when using - * lws_client_connect_via_info() */ - -struct lws_client_connect_info { - struct lws_context *context; - /**< lws context to create connection in */ - const char *address; - /**< remote address to connect to */ - int port; - /**< remote port to connect to */ - int ssl_connection; - /**< 0, or a combination of LCCSCF_ flags */ - const char *path; - /**< uri path */ - const char *host; - /**< content of host header */ - const char *origin; - /**< content of origin header */ - const char *protocol; - /**< list of ws protocols we could accept */ - int ietf_version_or_minus_one; - /**< deprecated: currently leave at 0 or -1 */ - void *userdata; - /**< if non-NULL, use this as wsi user_data instead of malloc it */ - const void *client_exts; - /**< UNUSED... provide in info.extensions at context creation time */ - const char *method; - /**< if non-NULL, do this http method instead of ws[s] upgrade. - * use "GET" to be a simple http client connection. "RAW" gets - * you a connected socket that lws itself will leave alone once - * connected. */ - struct lws *parent_wsi; - /**< if another wsi is responsible for this connection, give it here. - * this is used to make sure if the parent closes so do any - * child connections first. */ - const char *uri_replace_from; - /**< if non-NULL, when this string is found in URIs in - * text/html content-encoding, it's replaced with uri_replace_to */ - const char *uri_replace_to; - /**< see uri_replace_from */ - struct lws_vhost *vhost; - /**< vhost to bind to (used to determine related SSL_CTX) */ - struct lws **pwsi; - /**< if not NULL, store the new wsi here early in the connection - * process. Although we return the new wsi, the call to create the - * client connection does progress the connection somewhat and may - * meet an error that will result in the connection being scrubbed and - * NULL returned. While the wsi exists though, he may process a - * callback like CLIENT_CONNECTION_ERROR with his wsi: this gives the - * user callback a way to identify which wsi it is that faced the error - * even before the new wsi is returned and even if ultimately no wsi - * is returned. - */ - const char *iface; - /**< NULL to allow routing on any interface, or interface name or IP - * to bind the socket to */ - const char *local_protocol_name; - /**< NULL: .protocol is used both to select the local protocol handler - * to bind to and as the list of remote ws protocols we could - * accept. - * non-NULL: this protocol name is used to bind the connection to - * the local protocol handler. .protocol is used for the - * list of remote ws protocols we could accept */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility - * - * The below is to ensure later library versions with new - * members added above will see 0 (default) even if the app - * was not built against the newer headers. - */ - const char *alpn; - /* NULL: allow lws default ALPN list, from vhost if present or from - * list of roles built into lws - * non-NULL: require one from provided comma-separated list of alpn - * tokens - */ - - void *_unused[4]; /**< dummy */ -}; - -/** - * lws_client_connect_via_info() - Connect to another websocket server - * \param ccinfo: pointer to lws_client_connect_info struct - * - * This function creates a connection to a remote server using the - * information provided in ccinfo. - */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_client_connect_via_info(struct lws_client_connect_info * ccinfo); - -/** - * lws_client_connect() - Connect to another websocket server - * \deprecated DEPRECATED use lws_client_connect_via_info - * \param clients: Websocket context - * \param address: Remote server address, eg, "myserver.com" - * \param port: Port to connect to on the remote server, eg, 80 - * \param ssl_connection: 0 = ws://, 1 = wss:// encrypted, 2 = wss:// allow self - * signed certs - * \param path: Websocket path on server - * \param host: Hostname on server - * \param origin: Socket origin name - * \param protocol: Comma-separated list of protocols being asked for from - * the server, or just one. The server will pick the one it - * likes best. If you don't want to specify a protocol, which is - * legal, use NULL here. - * \param ietf_version_or_minus_one: -1 to ask to connect using the default, latest - * protocol supported, or the specific protocol ordinal - * - * This function creates a connection to a remote server - */ -/* deprecated, use lws_client_connect_via_info() */ -LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT -lws_client_connect(struct lws_context *clients, const char *address, - int port, int ssl_connection, const char *path, - const char *host, const char *origin, const char *protocol, - int ietf_version_or_minus_one) LWS_WARN_DEPRECATED; -/* deprecated, use lws_client_connect_via_info() */ -/** - * lws_client_connect_extended() - Connect to another websocket server - * \deprecated DEPRECATED use lws_client_connect_via_info - * \param clients: Websocket context - * \param address: Remote server address, eg, "myserver.com" - * \param port: Port to connect to on the remote server, eg, 80 - * \param ssl_connection: 0 = ws://, 1 = wss:// encrypted, 2 = wss:// allow self - * signed certs - * \param path: Websocket path on server - * \param host: Hostname on server - * \param origin: Socket origin name - * \param protocol: Comma-separated list of protocols being asked for from - * the server, or just one. The server will pick the one it - * likes best. - * \param ietf_version_or_minus_one: -1 to ask to connect using the default, latest - * protocol supported, or the specific protocol ordinal - * \param userdata: Pre-allocated user data - * - * This function creates a connection to a remote server - */ -LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT -lws_client_connect_extended(struct lws_context *clients, const char *address, - int port, int ssl_connection, const char *path, - const char *host, const char *origin, - const char *protocol, int ietf_version_or_minus_one, - void *userdata) LWS_WARN_DEPRECATED; - -/** - * lws_init_vhost_client_ssl() - also enable client SSL on an existing vhost - * - * \param info: client ssl related info - * \param vhost: which vhost to initialize client ssl operations on - * - * You only need to call this if you plan on using SSL client connections on - * the vhost. For non-SSL client connections, it's not necessary to call this. - * - * The following members of info are used during the call - * - * - options must have LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT set, - * otherwise the call does nothing - * - provided_client_ssl_ctx must be NULL to get a generated client - * ssl context, otherwise you can pass a prepared one in by setting it - * - ssl_cipher_list may be NULL or set to the client valid cipher list - * - ssl_ca_filepath may be NULL or client cert filepath - * - ssl_cert_filepath may be NULL or client cert filepath - * - ssl_private_key_filepath may be NULL or client cert private key - * - * You must create your vhost explicitly if you want to use this, so you have - * a pointer to the vhost. Create the context first with the option flag - * LWS_SERVER_OPTION_EXPLICIT_VHOSTS and then call lws_create_vhost() with - * the same info struct. - */ -LWS_VISIBLE LWS_EXTERN int -lws_init_vhost_client_ssl(const struct lws_context_creation_info *info, - struct lws_vhost *vhost); -/** - * lws_http_client_read() - consume waiting received http client data - * - * \param wsi: client connection - * \param buf: pointer to buffer pointer - fill with pointer to your buffer - * \param len: pointer to chunk length - fill with max length of buffer - * - * This is called when the user code is notified client http data has arrived. - * The user code may choose to delay calling it to consume the data, for example - * waiting until an onward connection is writeable. - * - * For non-chunked connections, up to len bytes of buf are filled with the - * received content. len is set to the actual amount filled before return. - * - * For chunked connections, the linear buffer content contains the chunking - * headers and it cannot be passed in one lump. Instead, this function will - * call back LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ with in pointing to the - * chunk start and len set to the chunk length. There will be as many calls - * as there are chunks or partial chunks in the buffer. - */ -LWS_VISIBLE LWS_EXTERN int -lws_http_client_read(struct lws *wsi, char **buf, int *len); - -/** - * lws_http_client_http_response() - get last HTTP response code - * - * \param wsi: client connection - * - * Returns the last server response code, eg, 200 for client http connections. - * - * You should capture this during the LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP - * callback, because after that the memory reserved for storing the related - * headers is freed and this value is lost. - */ -LWS_VISIBLE LWS_EXTERN unsigned int -lws_http_client_http_response(struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN void -lws_client_http_body_pending(struct lws *wsi, int something_left_to_send); - -/** - * lws_client_http_body_pending() - control if client connection neeeds to send body - * - * \param wsi: client connection - * \param something_left_to_send: nonzero if need to send more body, 0 (default) - * if nothing more to send - * - * If you will send payload data with your HTTP client connection, eg, for POST, - * when you set the related http headers in - * LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER callback you should also call - * this API with something_left_to_send nonzero, and call - * lws_callback_on_writable(wsi); - * - * After sending the headers, lws will call your callback with - * LWS_CALLBACK_CLIENT_HTTP_WRITEABLE reason when writable. You can send the - * next part of the http body payload, calling lws_callback_on_writable(wsi); - * if there is more to come, or lws_client_http_body_pending(wsi, 0); to - * let lws know the last part is sent and the connection can move on. - */ - -///@} - -/** \defgroup service Built-in service loop entry - * - * ##Built-in service loop entry - * - * If you're not using libev / libuv, these apis are needed to enter the poll() - * wait in lws and service any connections with pending events. - */ -///@{ - -/** - * lws_service() - Service any pending websocket activity - * \param context: Websocket context - * \param timeout_ms: Timeout for poll; 0 means return immediately if nothing needed - * service otherwise block and service immediately, returning - * after the timeout if nothing needed service. - * - * This function deals with any pending websocket traffic, for three - * kinds of event. It handles these events on both server and client - * types of connection the same. - * - * 1) Accept new connections to our context's server - * - * 2) Call the receive callback for incoming frame data received by - * server or client connections. - * - * You need to call this service function periodically to all the above - * functions to happen; if your application is single-threaded you can - * just call it in your main event loop. - * - * Alternatively you can fork a new process that asynchronously handles - * calling this service in a loop. In that case you are happy if this - * call blocks your thread until it needs to take care of something and - * would call it with a large nonzero timeout. Your loop then takes no - * CPU while there is nothing happening. - * - * If you are calling it in a single-threaded app, you don't want it to - * wait around blocking other things in your loop from happening, so you - * would call it with a timeout_ms of 0, so it returns immediately if - * nothing is pending, or as soon as it services whatever was pending. - */ -LWS_VISIBLE LWS_EXTERN int -lws_service(struct lws_context *context, int timeout_ms); - -/** - * lws_service_tsi() - Service any pending websocket activity - * - * \param context: Websocket context - * \param timeout_ms: Timeout for poll; 0 means return immediately if nothing needed - * service otherwise block and service immediately, returning - * after the timeout if nothing needed service. - * \param tsi: Thread service index, starting at 0 - * - * Same as lws_service(), but for a specific thread service index. Only needed - * if you are spawning multiple service threads. - */ -LWS_VISIBLE LWS_EXTERN int -lws_service_tsi(struct lws_context *context, int timeout_ms, int tsi); - -/** - * lws_cancel_service_pt() - Cancel servicing of pending socket activity - * on one thread - * \param wsi: Cancel service on the thread this wsi is serviced by - * - * Same as lws_cancel_service(), but targets a single service thread, the one - * the wsi belongs to. You probably want to use lws_cancel_service() instead. - */ -LWS_VISIBLE LWS_EXTERN void -lws_cancel_service_pt(struct lws *wsi); - -/** - * lws_cancel_service() - Cancel wait for new pending socket activity - * \param context: Websocket context - * - * This function creates an immediate "synchronous interrupt" to the lws poll() - * wait or event loop. As soon as possible in the serialzed service sequencing, - * a LWS_CALLBACK_EVENT_WAIT_CANCELLED callback is sent to every protocol on - * every vhost. - * - * lws_cancel_service() may be called from another thread while the context - * exists, and its effect will be immediately serialized. - */ -LWS_VISIBLE LWS_EXTERN void -lws_cancel_service(struct lws_context *context); - -/** - * lws_service_fd() - Service polled socket with something waiting - * \param context: Websocket context - * \param pollfd: The pollfd entry describing the socket fd and which events - * happened, or NULL to tell lws to do only timeout servicing. - * - * This function takes a pollfd that has POLLIN or POLLOUT activity and - * services it according to the state of the associated - * struct lws. - * - * The one call deals with all "service" that might happen on a socket - * including listen accepts, http files as well as websocket protocol. - * - * If a pollfd says it has something, you can just pass it to - * lws_service_fd() whether it is a socket handled by lws or not. - * If it sees it is a lws socket, the traffic will be handled and - * pollfd->revents will be zeroed now. - * - * If the socket is foreign to lws, it leaves revents alone. So you can - * see if you should service yourself by checking the pollfd revents - * after letting lws try to service it. - * - * You should also call this with pollfd = NULL to just allow the - * once-per-second global timeout checks; if less than a second since the last - * check it returns immediately then. - */ -LWS_VISIBLE LWS_EXTERN int -lws_service_fd(struct lws_context *context, struct lws_pollfd *pollfd); - -/** - * lws_service_fd_tsi() - Service polled socket in specific service thread - * \param context: Websocket context - * \param pollfd: The pollfd entry describing the socket fd and which events - * happened. - * \param tsi: thread service index - * - * Same as lws_service_fd() but used with multiple service threads - */ -LWS_VISIBLE LWS_EXTERN int -lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, - int tsi); - -/** - * lws_service_adjust_timeout() - Check for any connection needing forced service - * \param context: Websocket context - * \param timeout_ms: The original poll timeout value. You can just set this - * to 1 if you don't really have a poll timeout. - * \param tsi: thread service index - * - * Under some conditions connections may need service even though there is no - * pending network action on them, this is "forced service". For default - * poll() and libuv / libev, the library takes care of calling this and - * dealing with it for you. But for external poll() integration, you need - * access to the apis. - * - * If anybody needs "forced service", returned timeout is zero. In that case, - * you can call lws_service_tsi() with a timeout of -1 to only service - * guys who need forced service. - */ -LWS_VISIBLE LWS_EXTERN int -lws_service_adjust_timeout(struct lws_context *context, int timeout_ms, int tsi); - -/* Backwards compatibility */ -#define lws_plat_service_tsi lws_service_tsi - -LWS_VISIBLE LWS_EXTERN int -lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd); - -///@} - -/*! \defgroup http HTTP - - Modules related to handling HTTP -*/ -//@{ - -/*! \defgroup httpft HTTP File transfer - * \ingroup http - - APIs for sending local files in response to HTTP requests -*/ -//@{ - -/** - * lws_get_mimetype() - Determine mimetype to use from filename - * - * \param file: filename - * \param m: NULL, or mount context - * - * This uses a canned list of known filetypes first, if no match and m is - * non-NULL, then tries a list of per-mount file suffix to mimtype mappings. - * - * Returns either NULL or a pointer to the mimetype matching the file. - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_get_mimetype(const char *file, const struct lws_http_mount *m); - -/** - * lws_serve_http_file() - Send a file back to the client using http - * \param wsi: Websocket instance (available from user callback) - * \param file: The file to issue over http - * \param content_type: The http content type, eg, text/html - * \param other_headers: NULL or pointer to header string - * \param other_headers_len: length of the other headers if non-NULL - * - * This function is intended to be called from the callback in response - * to http requests from the client. It allows the callback to issue - * local files down the http link in a single step. - * - * Returning <0 indicates error and the wsi should be closed. Returning - * >0 indicates the file was completely sent and - * lws_http_transaction_completed() called on the wsi (and close if != 0) - * ==0 indicates the file transfer is started and needs more service later, - * the wsi should be left alone. - */ -LWS_VISIBLE LWS_EXTERN int -lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type, - const char *other_headers, int other_headers_len); - -LWS_VISIBLE LWS_EXTERN int -lws_serve_http_file_fragment(struct lws *wsi); -//@} - - -enum http_status { - HTTP_STATUS_CONTINUE = 100, - - HTTP_STATUS_OK = 200, - HTTP_STATUS_NO_CONTENT = 204, - HTTP_STATUS_PARTIAL_CONTENT = 206, - - HTTP_STATUS_MOVED_PERMANENTLY = 301, - HTTP_STATUS_FOUND = 302, - HTTP_STATUS_SEE_OTHER = 303, - HTTP_STATUS_NOT_MODIFIED = 304, - - HTTP_STATUS_BAD_REQUEST = 400, - HTTP_STATUS_UNAUTHORIZED, - HTTP_STATUS_PAYMENT_REQUIRED, - HTTP_STATUS_FORBIDDEN, - HTTP_STATUS_NOT_FOUND, - HTTP_STATUS_METHOD_NOT_ALLOWED, - HTTP_STATUS_NOT_ACCEPTABLE, - HTTP_STATUS_PROXY_AUTH_REQUIRED, - HTTP_STATUS_REQUEST_TIMEOUT, - HTTP_STATUS_CONFLICT, - HTTP_STATUS_GONE, - HTTP_STATUS_LENGTH_REQUIRED, - HTTP_STATUS_PRECONDITION_FAILED, - HTTP_STATUS_REQ_ENTITY_TOO_LARGE, - HTTP_STATUS_REQ_URI_TOO_LONG, - HTTP_STATUS_UNSUPPORTED_MEDIA_TYPE, - HTTP_STATUS_REQ_RANGE_NOT_SATISFIABLE, - HTTP_STATUS_EXPECTATION_FAILED, - - HTTP_STATUS_INTERNAL_SERVER_ERROR = 500, - HTTP_STATUS_NOT_IMPLEMENTED, - HTTP_STATUS_BAD_GATEWAY, - HTTP_STATUS_SERVICE_UNAVAILABLE, - HTTP_STATUS_GATEWAY_TIMEOUT, - HTTP_STATUS_HTTP_VERSION_NOT_SUPPORTED, -}; -/*! \defgroup html-chunked-substitution HTML Chunked Substitution - * \ingroup http - * - * ##HTML chunked Substitution - * - * APIs for receiving chunks of text, replacing a set of variable names via - * a callback, and then prepending and appending HTML chunked encoding - * headers. - */ -//@{ - -struct lws_process_html_args { - char *p; /**< pointer to the buffer containing the data */ - int len; /**< length of the original data at p */ - int max_len; /**< maximum length we can grow the data to */ - int final; /**< set if this is the last chunk of the file */ - int chunked; /**< 0 == unchunked, 1 == produce chunk headers (incompatible with HTTP/2) */ -}; - -typedef const char *(*lws_process_html_state_cb)(void *data, int index); - -struct lws_process_html_state { - char *start; /**< pointer to start of match */ - char swallow[16]; /**< matched character buffer */ - int pos; /**< position in match */ - void *data; /**< opaque pointer */ - const char * const *vars; /**< list of variable names */ - int count_vars; /**< count of variable names */ - - lws_process_html_state_cb replace; /**< called on match to perform substitution */ -}; - -/*! lws_chunked_html_process() - generic chunked substitution - * \param args: buffer to process using chunked encoding - * \param s: current processing state - */ -LWS_VISIBLE LWS_EXTERN int -lws_chunked_html_process(struct lws_process_html_args *args, - struct lws_process_html_state *s); -//@} - -/** \defgroup HTTP-headers-read HTTP headers: read - * \ingroup http - * - * ##HTTP header releated functions - * - * In lws the client http headers are temporarily stored in a pool, only for the - * duration of the http part of the handshake. It's because in most cases, - * the header content is ignored for the whole rest of the connection lifetime - * and would then just be taking up space needlessly. - * - * During LWS_CALLBACK_HTTP when the URI path is delivered is the last time - * the http headers are still allocated, you can use these apis then to - * look at and copy out interesting header content (cookies, etc) - * - * Notice that the header total length reported does not include a terminating - * '\0', however you must allocate for it when using the _copy apis. So the - * length reported for a header containing "123" is 3, but you must provide - * a buffer of length 4 so that "123\0" may be copied into it, or the copy - * will fail with a nonzero return code. - * - * In the special case of URL arguments, like ?x=1&y=2, the arguments are - * stored in a token named for the method, eg, WSI_TOKEN_GET_URI if it - * was a GET or WSI_TOKEN_POST_URI if POST. You can check the total - * length to confirm the method. - * - * For URL arguments, each argument is stored urldecoded in a "fragment", so - * you can use the fragment-aware api lws_hdr_copy_fragment() to access each - * argument in turn: the fragments contain urldecoded strings like x=1 or y=2. - * - * As a convenience, lws has an api that will find the fragment with a - * given name= part, lws_get_urlarg_by_name(). - */ -///@{ - -/** struct lws_tokens - * you need these to look at headers that have been parsed if using the - * LWS_CALLBACK_FILTER_CONNECTION callback. If a header from the enum - * list below is absent, .token = NULL and len = 0. Otherwise .token - * points to .len chars containing that header content. - */ -struct lws_tokens { - char *token; /**< pointer to start of the token */ - int len; /**< length of the token's value */ -}; - -/* enum lws_token_indexes - * these have to be kept in sync with lextable.h / minilex.c - * - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ -enum lws_token_indexes { - WSI_TOKEN_GET_URI = 0, - WSI_TOKEN_POST_URI = 1, - WSI_TOKEN_OPTIONS_URI = 2, - WSI_TOKEN_HOST = 3, - WSI_TOKEN_CONNECTION = 4, - WSI_TOKEN_UPGRADE = 5, - WSI_TOKEN_ORIGIN = 6, - WSI_TOKEN_DRAFT = 7, - WSI_TOKEN_CHALLENGE = 8, - WSI_TOKEN_EXTENSIONS = 9, - WSI_TOKEN_KEY1 = 10, - WSI_TOKEN_KEY2 = 11, - WSI_TOKEN_PROTOCOL = 12, - WSI_TOKEN_ACCEPT = 13, - WSI_TOKEN_NONCE = 14, - WSI_TOKEN_HTTP = 15, - WSI_TOKEN_HTTP2_SETTINGS = 16, - WSI_TOKEN_HTTP_ACCEPT = 17, - WSI_TOKEN_HTTP_AC_REQUEST_HEADERS = 18, - WSI_TOKEN_HTTP_IF_MODIFIED_SINCE = 19, - WSI_TOKEN_HTTP_IF_NONE_MATCH = 20, - WSI_TOKEN_HTTP_ACCEPT_ENCODING = 21, - WSI_TOKEN_HTTP_ACCEPT_LANGUAGE = 22, - WSI_TOKEN_HTTP_PRAGMA = 23, - WSI_TOKEN_HTTP_CACHE_CONTROL = 24, - WSI_TOKEN_HTTP_AUTHORIZATION = 25, - WSI_TOKEN_HTTP_COOKIE = 26, - WSI_TOKEN_HTTP_CONTENT_LENGTH = 27, - WSI_TOKEN_HTTP_CONTENT_TYPE = 28, - WSI_TOKEN_HTTP_DATE = 29, - WSI_TOKEN_HTTP_RANGE = 30, - WSI_TOKEN_HTTP_REFERER = 31, - WSI_TOKEN_KEY = 32, - WSI_TOKEN_VERSION = 33, - WSI_TOKEN_SWORIGIN = 34, - - WSI_TOKEN_HTTP_COLON_AUTHORITY = 35, - WSI_TOKEN_HTTP_COLON_METHOD = 36, - WSI_TOKEN_HTTP_COLON_PATH = 37, - WSI_TOKEN_HTTP_COLON_SCHEME = 38, - WSI_TOKEN_HTTP_COLON_STATUS = 39, - - WSI_TOKEN_HTTP_ACCEPT_CHARSET = 40, - WSI_TOKEN_HTTP_ACCEPT_RANGES = 41, - WSI_TOKEN_HTTP_ACCESS_CONTROL_ALLOW_ORIGIN = 42, - WSI_TOKEN_HTTP_AGE = 43, - WSI_TOKEN_HTTP_ALLOW = 44, - WSI_TOKEN_HTTP_CONTENT_DISPOSITION = 45, - WSI_TOKEN_HTTP_CONTENT_ENCODING = 46, - WSI_TOKEN_HTTP_CONTENT_LANGUAGE = 47, - WSI_TOKEN_HTTP_CONTENT_LOCATION = 48, - WSI_TOKEN_HTTP_CONTENT_RANGE = 49, - WSI_TOKEN_HTTP_ETAG = 50, - WSI_TOKEN_HTTP_EXPECT = 51, - WSI_TOKEN_HTTP_EXPIRES = 52, - WSI_TOKEN_HTTP_FROM = 53, - WSI_TOKEN_HTTP_IF_MATCH = 54, - WSI_TOKEN_HTTP_IF_RANGE = 55, - WSI_TOKEN_HTTP_IF_UNMODIFIED_SINCE = 56, - WSI_TOKEN_HTTP_LAST_MODIFIED = 57, - WSI_TOKEN_HTTP_LINK = 58, - WSI_TOKEN_HTTP_LOCATION = 59, - WSI_TOKEN_HTTP_MAX_FORWARDS = 60, - WSI_TOKEN_HTTP_PROXY_AUTHENTICATE = 61, - WSI_TOKEN_HTTP_PROXY_AUTHORIZATION = 62, - WSI_TOKEN_HTTP_REFRESH = 63, - WSI_TOKEN_HTTP_RETRY_AFTER = 64, - WSI_TOKEN_HTTP_SERVER = 65, - WSI_TOKEN_HTTP_SET_COOKIE = 66, - WSI_TOKEN_HTTP_STRICT_TRANSPORT_SECURITY = 67, - WSI_TOKEN_HTTP_TRANSFER_ENCODING = 68, - WSI_TOKEN_HTTP_USER_AGENT = 69, - WSI_TOKEN_HTTP_VARY = 70, - WSI_TOKEN_HTTP_VIA = 71, - WSI_TOKEN_HTTP_WWW_AUTHENTICATE = 72, - - WSI_TOKEN_PATCH_URI = 73, - WSI_TOKEN_PUT_URI = 74, - WSI_TOKEN_DELETE_URI = 75, - - WSI_TOKEN_HTTP_URI_ARGS = 76, - WSI_TOKEN_PROXY = 77, - WSI_TOKEN_HTTP_X_REAL_IP = 78, - WSI_TOKEN_HTTP1_0 = 79, - WSI_TOKEN_X_FORWARDED_FOR = 80, - WSI_TOKEN_CONNECT = 81, - WSI_TOKEN_HEAD_URI = 82, - WSI_TOKEN_TE = 83, - WSI_TOKEN_REPLAY_NONCE = 84, - WSI_TOKEN_COLON_PROTOCOL = 85, - WSI_TOKEN_X_AUTH_TOKEN = 86, - - /****** add new things just above ---^ ******/ - - /* use token storage to stash these internally, not for - * user use */ - - _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, - _WSI_TOKEN_CLIENT_PEER_ADDRESS, - _WSI_TOKEN_CLIENT_URI, - _WSI_TOKEN_CLIENT_HOST, - _WSI_TOKEN_CLIENT_ORIGIN, - _WSI_TOKEN_CLIENT_METHOD, - _WSI_TOKEN_CLIENT_IFACE, - _WSI_TOKEN_CLIENT_ALPN, - - /* always last real token index*/ - WSI_TOKEN_COUNT, - - /* parser state additions, no storage associated */ - WSI_TOKEN_NAME_PART, - WSI_TOKEN_SKIPPING, - WSI_TOKEN_SKIPPING_SAW_CR, - WSI_PARSING_COMPLETE, - WSI_INIT_TOKEN_MUXURL, -}; - -struct lws_token_limits { - unsigned short token_limit[WSI_TOKEN_COUNT]; /**< max chars for this token */ -}; - -/** - * lws_token_to_string() - returns a textual representation of a hdr token index - * - * \param token: token index - */ -LWS_VISIBLE LWS_EXTERN const unsigned char * -lws_token_to_string(enum lws_token_indexes token); - -/** - * lws_hdr_total_length: report length of all fragments of a header totalled up - * The returned length does not include the space for a - * terminating '\0' - * - * \param wsi: websocket connection - * \param h: which header index we are interested in - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h); - -/** - * lws_hdr_fragment_length: report length of a single fragment of a header - * The returned length does not include the space for a - * terminating '\0' - * - * \param wsi: websocket connection - * \param h: which header index we are interested in - * \param frag_idx: which fragment of h we want to get the length of - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_hdr_fragment_length(struct lws *wsi, enum lws_token_indexes h, int frag_idx); - -/** - * lws_hdr_copy() - copy a single fragment of the given header to a buffer - * The buffer length len must include space for an additional - * terminating '\0', or it will fail returning -1. - * - * \param wsi: websocket connection - * \param dest: destination buffer - * \param len: length of destination buffer - * \param h: which header index we are interested in - * - * copies the whole, aggregated header, even if it was delivered in - * several actual headers piece by piece - */ -LWS_VISIBLE LWS_EXTERN int -lws_hdr_copy(struct lws *wsi, char *dest, int len, enum lws_token_indexes h); - -/** - * lws_hdr_copy_fragment() - copy a single fragment of the given header to a buffer - * The buffer length len must include space for an additional - * terminating '\0', or it will fail returning -1. - * If the requested fragment index is not present, it fails - * returning -1. - * - * \param wsi: websocket connection - * \param dest: destination buffer - * \param len: length of destination buffer - * \param h: which header index we are interested in - * \param frag_idx: which fragment of h we want to copy - * - * Normally this is only useful - * to parse URI arguments like ?x=1&y=2, token index WSI_TOKEN_HTTP_URI_ARGS - * fragment 0 will contain "x=1" and fragment 1 "y=2" - */ -LWS_VISIBLE LWS_EXTERN int -lws_hdr_copy_fragment(struct lws *wsi, char *dest, int len, - enum lws_token_indexes h, int frag_idx); - -/** - * lws_get_urlarg_by_name() - return pointer to arg value if present - * \param wsi: the connection to check - * \param name: the arg name, like "token=" - * \param buf: the buffer to receive the urlarg (including the name= part) - * \param len: the length of the buffer to receive the urlarg - * - * Returns NULL if not found or a pointer inside buf to just after the - * name= part. - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_get_urlarg_by_name(struct lws *wsi, const char *name, char *buf, int len); -///@} - -/*! \defgroup HTTP-headers-create HTTP headers: create - * - * ## HTTP headers: Create - * - * These apis allow you to create HTTP response headers in a way compatible with - * both HTTP/1.x and HTTP/2. - * - * They each append to a buffer taking care about the buffer end, which is - * passed in as a pointer. When data is written to the buffer, the current - * position p is updated accordingly. - * - * All of these apis are LWS_WARN_UNUSED_RESULT as they can run out of space - * and fail with nonzero return. - */ -///@{ - -#define LWSAHH_CODE_MASK ((1 << 16) - 1) -#define LWSAHH_FLAG_NO_SERVER_NAME (1 << 30) - -/** - * lws_add_http_header_status() - add the HTTP response status code - * - * \param wsi: the connection to check - * \param code: an HTTP code like 200, 404 etc (see enum http_status) - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Adds the initial response code, so should be called first. - * - * Code may additionally take OR'd flags: - * - * LWSAHH_FLAG_NO_SERVER_NAME: don't apply server name header this time - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_add_http_header_status(struct lws *wsi, - unsigned int code, unsigned char **p, - unsigned char *end); -/** - * lws_add_http_header_by_name() - append named header and value - * - * \param wsi: the connection to check - * \param name: the hdr name, like "my-header" - * \param value: the value after the = for this header - * \param length: the length of the value - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Appends name: value to the headers - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_add_http_header_by_name(struct lws *wsi, const unsigned char *name, - const unsigned char *value, int length, - unsigned char **p, unsigned char *end); -/** - * lws_add_http_header_by_token() - append given header and value - * - * \param wsi: the connection to check - * \param token: the token index for the hdr - * \param value: the value after the = for this header - * \param length: the length of the value - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Appends name=value to the headers, but is able to take advantage of better - * HTTP/2 coding mechanisms where possible. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_add_http_header_by_token(struct lws *wsi, enum lws_token_indexes token, - const unsigned char *value, int length, - unsigned char **p, unsigned char *end); -/** - * lws_add_http_header_content_length() - append content-length helper - * - * \param wsi: the connection to check - * \param content_length: the content length to use - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Appends content-length: content_length to the headers - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_add_http_header_content_length(struct lws *wsi, - lws_filepos_t content_length, - unsigned char **p, unsigned char *end); -/** - * lws_finalize_http_header() - terminate header block - * - * \param wsi: the connection to check - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Indicates no more headers will be added - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_finalize_http_header(struct lws *wsi, unsigned char **p, - unsigned char *end); - -/** - * lws_finalize_write_http_header() - Helper finializing and writing http headers - * - * \param wsi: the connection to check - * \param start: pointer to the start of headers in the buffer, eg &buf[LWS_PRE] - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Terminates the headers correctly accoring to the protocol in use (h1 / h2) - * and writes the headers. Returns nonzero for error. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_finalize_write_http_header(struct lws *wsi, unsigned char *start, - unsigned char **p, unsigned char *end); - -#define LWS_ILLEGAL_HTTP_CONTENT_LEN ((lws_filepos_t)-1ll) - -/** - * lws_add_http_common_headers() - Helper preparing common http headers - * - * \param wsi: the connection to check - * \param code: an HTTP code like 200, 404 etc (see enum http_status) - * \param content_type: the content type, like "text/html" - * \param content_len: the content length, in bytes - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Adds the initial response code, so should be called first. - * - * Code may additionally take OR'd flags: - * - * LWSAHH_FLAG_NO_SERVER_NAME: don't apply server name header this time - * - * This helper just calls public apis to simplify adding headers that are - * commonly needed. If it doesn't fit your case, or you want to add additional - * headers just call the public apis directly yourself for what you want. - * - * You can miss out the content length header by providing the constant - * LWS_ILLEGAL_HTTP_CONTENT_LEN for the content_len. - * - * It does not call lws_finalize_http_header(), to allow you to add further - * headers after calling this. You will need to call that yourself at the end. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_add_http_common_headers(struct lws *wsi, unsigned int code, - const char *content_type, lws_filepos_t content_len, - unsigned char **p, unsigned char *end); -///@} - -/** \defgroup form-parsing Form Parsing - * \ingroup http - * ##POSTed form parsing functions - * - * These lws_spa (stateful post arguments) apis let you parse and urldecode - * POSTed form arguments, both using simple urlencoded and multipart transfer - * encoding. - * - * It's capable of handling file uploads as well a named input parsing, - * and the apis are the same for both form upload styles. - * - * You feed it a list of parameter names and it creates pointers to the - * urldecoded arguments: file upload parameters pass the file data in chunks to - * a user-supplied callback as they come. - * - * Since it's stateful, it handles the incoming data needing more than one - * POST_BODY callback and has no limit on uploaded file size. - */ -///@{ - -/** enum lws_spa_fileupload_states */ -enum lws_spa_fileupload_states { - LWS_UFS_CONTENT, - /**< a chunk of file content has arrived */ - LWS_UFS_FINAL_CONTENT, - /**< the last chunk (possibly zero length) of file content has arrived */ - LWS_UFS_OPEN - /**< a new file is starting to arrive */ -}; - -/** - * lws_spa_fileupload_cb() - callback to receive file upload data - * - * \param data: opt_data pointer set in lws_spa_create - * \param name: name of the form field being uploaded - * \param filename: original filename from client - * \param buf: start of data to receive - * \param len: length of data to receive - * \param state: information about how this call relates to file - * - * Notice name and filename shouldn't be trusted, as they are passed from - * HTTP provided by the client. - */ -typedef int (*lws_spa_fileupload_cb)(void *data, const char *name, - const char *filename, char *buf, int len, - enum lws_spa_fileupload_states state); - -/** struct lws_spa - opaque urldecode parser capable of handling multipart - * and file uploads */ -struct lws_spa; - -/** - * lws_spa_create() - create urldecode parser - * - * \param wsi: lws connection (used to find Content Type) - * \param param_names: array of form parameter names, like "username" - * \param count_params: count of param_names - * \param max_storage: total amount of form parameter values we can store - * \param opt_cb: NULL, or callback to receive file upload data. - * \param opt_data: NULL, or user pointer provided to opt_cb. - * - * Creates a urldecode parser and initializes it. - * - * opt_cb can be NULL if you just want normal name=value parsing, however - * if one or more entries in your form are bulk data (file transfer), you - * can provide this callback and filter on the name callback parameter to - * treat that urldecoded data separately. The callback should return -1 - * in case of fatal error, and 0 if OK. - */ -LWS_VISIBLE LWS_EXTERN struct lws_spa * -lws_spa_create(struct lws *wsi, const char * const *param_names, - int count_params, int max_storage, lws_spa_fileupload_cb opt_cb, - void *opt_data); - -/** - * lws_spa_process() - parses a chunk of input data - * - * \param spa: the parser object previously created - * \param in: incoming, urlencoded data - * \param len: count of bytes valid at \param in - */ -LWS_VISIBLE LWS_EXTERN int -lws_spa_process(struct lws_spa *spa, const char *in, int len); - -/** - * lws_spa_finalize() - indicate incoming data completed - * - * \param spa: the parser object previously created - */ -LWS_VISIBLE LWS_EXTERN int -lws_spa_finalize(struct lws_spa *spa); - -/** - * lws_spa_get_length() - return length of parameter value - * - * \param spa: the parser object previously created - * \param n: parameter ordinal to return length of value for - */ -LWS_VISIBLE LWS_EXTERN int -lws_spa_get_length(struct lws_spa *spa, int n); - -/** - * lws_spa_get_string() - return pointer to parameter value - * \param spa: the parser object previously created - * \param n: parameter ordinal to return pointer to value for - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_spa_get_string(struct lws_spa *spa, int n); - -/** - * lws_spa_destroy() - destroy parser object - * - * \param spa: the parser object previously created - */ -LWS_VISIBLE LWS_EXTERN int -lws_spa_destroy(struct lws_spa *spa); -///@} - -/*! \defgroup urlendec Urlencode and Urldecode - * \ingroup http - * - * ##HTML chunked Substitution - * - * APIs for receiving chunks of text, replacing a set of variable names via - * a callback, and then prepending and appending HTML chunked encoding - * headers. - */ -//@{ - -/** - * lws_urlencode() - like strncpy but with urlencoding - * - * \param escaped: output buffer - * \param string: input buffer ('/0' terminated) - * \param len: output buffer max length - * - * Because urlencoding expands the output string, it's not - * possible to do it in-place, ie, with escaped == string - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_urlencode(char *escaped, const char *string, int len); - -/* - * URLDECODE 1 / 2 - * - * This simple urldecode only operates until the first '\0' and requires the - * data to exist all at once - */ -/** - * lws_urldecode() - like strncpy but with urldecoding - * - * \param string: output buffer - * \param escaped: input buffer ('\0' terminated) - * \param len: output buffer max length - * - * This is only useful for '\0' terminated strings - * - * Since urldecoding only shrinks the output string, it is possible to - * do it in-place, ie, string == escaped - * - * Returns 0 if completed OK or nonzero for urldecode violation (non-hex chars - * where hex required, etc) - */ -LWS_VISIBLE LWS_EXTERN int -lws_urldecode(char *string, const char *escaped, int len); -///@} -/** - * lws_return_http_status() - Return simple http status - * \param wsi: Websocket instance (available from user callback) - * \param code: Status index, eg, 404 - * \param html_body: User-readable HTML description < 1KB, or NULL - * - * Helper to report HTTP errors back to the client cleanly and - * consistently - */ -LWS_VISIBLE LWS_EXTERN int -lws_return_http_status(struct lws *wsi, unsigned int code, - const char *html_body); - -/** - * lws_http_redirect() - write http redirect out on wsi - * - * \param wsi: websocket connection - * \param code: HTTP response code (eg, 301) - * \param loc: where to redirect to - * \param len: length of loc - * \param p: pointer current position in buffer (updated as we write) - * \param end: pointer to end of buffer - * - * Returns amount written, or < 0 indicating fatal write failure. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_http_redirect(struct lws *wsi, int code, const unsigned char *loc, int len, - unsigned char **p, unsigned char *end); - -/** - * lws_http_transaction_completed() - wait for new http transaction or close - * \param wsi: websocket connection - * - * Returns 1 if the HTTP connection must close now - * Returns 0 and resets connection to wait for new HTTP header / - * transaction if possible - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_http_transaction_completed(struct lws *wsi); -///@} - -/*! \defgroup pur Sanitize / purify SQL and JSON helpers - * - * ##Sanitize / purify SQL and JSON helpers - * - * APIs for escaping untrusted JSON and SQL safely before use - */ -//@{ - -/** - * lws_sql_purify() - like strncpy but with escaping for sql quotes - * - * \param escaped: output buffer - * \param string: input buffer ('/0' terminated) - * \param len: output buffer max length - * - * Because escaping expands the output string, it's not - * possible to do it in-place, ie, with escaped == string - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_sql_purify(char *escaped, const char *string, int len); - -/** - * lws_json_purify() - like strncpy but with escaping for json chars - * - * \param escaped: output buffer - * \param string: input buffer ('/0' terminated) - * \param len: output buffer max length - * - * Because escaping expands the output string, it's not - * possible to do it in-place, ie, with escaped == string - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_json_purify(char *escaped, const char *string, int len); - -/** - * lws_filename_purify_inplace() - replace scary filename chars with underscore - * - * \param filename: filename to be purified - * - * Replace scary characters in the filename (it should not be a path) - * with underscore, so it's safe to use. - */ -LWS_VISIBLE LWS_EXTERN void -lws_filename_purify_inplace(char *filename); - -LWS_VISIBLE LWS_EXTERN int -lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, - int len); -LWS_VISIBLE LWS_EXTERN int -lws_plat_write_file(const char *filename, void *buf, int len); - -LWS_VISIBLE LWS_EXTERN int -lws_plat_read_file(const char *filename, void *buf, int len); - -LWS_VISIBLE LWS_EXTERN int -lws_plat_recommended_rsa_bits(void); -///@} - -/*! \defgroup uv libuv helpers - * - * ##libuv helpers - * - * APIs specific to libuv event loop itegration - */ -///@{ -#ifdef LWS_WITH_LIBUV -/* - * Any direct libuv allocations in lws protocol handlers must participate in the - * lws reference counting scheme. Two apis are provided: - * - * - lws_libuv_static_refcount_add(handle, context) to mark the handle with - * a pointer to the context and increment the global uv object counter - * - * - lws_libuv_static_refcount_del() which should be used as the close callback - * for your own libuv objects declared in the protocol scope. - * - * Using the apis allows lws to detach itself from a libuv loop completely - * cleanly and at the moment all of its libuv objects have completed close. - */ - -LWS_VISIBLE LWS_EXTERN uv_loop_t * -lws_uv_getloop(struct lws_context *context, int tsi); - -LWS_VISIBLE LWS_EXTERN void -lws_libuv_static_refcount_add(uv_handle_t *, struct lws_context *context); - -LWS_VISIBLE LWS_EXTERN void -lws_libuv_static_refcount_del(uv_handle_t *); - -#endif /* LWS_WITH_LIBUV */ - -#if defined(LWS_WITH_ESP32) -#define lws_libuv_static_refcount_add(_a, _b) -#define lws_libuv_static_refcount_del NULL -#endif -///@} - - -/*! \defgroup timeout Connection timeouts - - APIs related to setting connection timeouts -*/ -//@{ - -/* - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ -enum pending_timeout { - NO_PENDING_TIMEOUT = 0, - PENDING_TIMEOUT_AWAITING_PROXY_RESPONSE = 1, - PENDING_TIMEOUT_AWAITING_CONNECT_RESPONSE = 2, - PENDING_TIMEOUT_ESTABLISH_WITH_SERVER = 3, - PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE = 4, - PENDING_TIMEOUT_AWAITING_PING = 5, - PENDING_TIMEOUT_CLOSE_ACK = 6, - PENDING_TIMEOUT_UNUSED1 = 7, - PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE = 8, - PENDING_TIMEOUT_SSL_ACCEPT = 9, - PENDING_TIMEOUT_HTTP_CONTENT = 10, - PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND = 11, - PENDING_FLUSH_STORED_SEND_BEFORE_CLOSE = 12, - PENDING_TIMEOUT_SHUTDOWN_FLUSH = 13, - PENDING_TIMEOUT_CGI = 14, - PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE = 15, - PENDING_TIMEOUT_WS_PONG_CHECK_SEND_PING = 16, - PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG = 17, - PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD = 18, - PENDING_TIMEOUT_AWAITING_SOCKS_GREETING_REPLY = 19, - PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY = 20, - PENDING_TIMEOUT_AWAITING_SOCKS_AUTH_REPLY = 21, - PENDING_TIMEOUT_KILLED_BY_SSL_INFO = 22, - PENDING_TIMEOUT_KILLED_BY_PARENT = 23, - PENDING_TIMEOUT_CLOSE_SEND = 24, - PENDING_TIMEOUT_HOLDING_AH = 25, - PENDING_TIMEOUT_UDP_IDLE = 26, - PENDING_TIMEOUT_CLIENT_CONN_IDLE = 27, - PENDING_TIMEOUT_LAGGING = 28, - - /****** add new things just above ---^ ******/ - - PENDING_TIMEOUT_USER_REASON_BASE = 1000 -}; - -#define LWS_TO_KILL_ASYNC -1 -/**< If LWS_TO_KILL_ASYNC is given as the timeout sec in a lws_set_timeout() - * call, then the connection is marked to be killed at the next timeout - * check. This is how you should force-close the wsi being serviced if - * you are doing it outside the callback (where you should close by nonzero - * return). - */ -#define LWS_TO_KILL_SYNC -2 -/**< If LWS_TO_KILL_SYNC is given as the timeout sec in a lws_set_timeout() - * call, then the connection is closed before returning (which may delete - * the wsi). This should only be used where the wsi being closed is not the - * wsi currently being serviced. - */ -/** - * lws_set_timeout() - marks the wsi as subject to a timeout - * - * You will not need this unless you are doing something special - * - * \param wsi: Websocket connection instance - * \param reason: timeout reason - * \param secs: how many seconds. You may set to LWS_TO_KILL_ASYNC to - * force the connection to timeout at the next opportunity, or - * LWS_TO_KILL_SYNC to close it synchronously if you know the - * wsi is not the one currently being serviced. - */ -LWS_VISIBLE LWS_EXTERN void -lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs); - -#define LWS_SET_TIMER_USEC_CANCEL ((lws_usec_t)-1ll) -#define LWS_USEC_PER_SEC (1000000ll) - -/** - * lws_set_timer_usecs() - schedules a callback on the wsi in the future - * - * \param wsi: Websocket connection instance - * \param usecs: LWS_SET_TIMER_USEC_CANCEL removes any existing scheduled - * callback, otherwise number of microseconds in the future - * the callback will occur at. - * - * NOTE: event loop support for this: - * - * default poll() loop: yes - * libuv event loop: yes - * libev: not implemented (patch welcome) - * libevent: not implemented (patch welcome) - * - * After the deadline expires, the wsi will get a callback of type - * LWS_CALLBACK_TIMER and the timer is exhausted. The deadline may be - * continuously deferred by further calls to lws_set_timer_usecs() with a later - * deadline, or cancelled by lws_set_timer_usecs(wsi, -1). - * - * If the timer should repeat, lws_set_timer_usecs() must be called again from - * LWS_CALLBACK_TIMER. - * - * Accuracy depends on the platform and the load on the event loop or system... - * all that's guaranteed is the callback will come after the requested wait - * period. - */ -LWS_VISIBLE LWS_EXTERN void -lws_set_timer_usecs(struct lws *wsi, lws_usec_t usecs); - -/* - * lws_timed_callback_vh_protocol() - calls back a protocol on a vhost after - * the specified delay - * - * \param vh: the vhost to call back - * \param protocol: the protocol to call back - * \param reason: callback reason - * \param secs: how many seconds in the future to do the callback. Set to - * -1 to cancel the timer callback. - * - * Callback the specified protocol with a fake wsi pointing to the specified - * vhost and protocol, with the specified reason, at the specified time in the - * future. - * - * Returns 0 if OK. - */ -LWS_VISIBLE LWS_EXTERN int -lws_timed_callback_vh_protocol(struct lws_vhost *vh, - const struct lws_protocols *prot, - int reason, int secs); -///@} - -/*! \defgroup sending-data Sending data - - APIs related to writing data on a connection -*/ -//@{ -#if !defined(LWS_SIZEOFPTR) -#define LWS_SIZEOFPTR ((int)sizeof (void *)) -#endif - -#if defined(__x86_64__) -#define _LWS_PAD_SIZE 16 /* Intel recommended for best performance */ -#else -#define _LWS_PAD_SIZE LWS_SIZEOFPTR /* Size of a pointer on the target arch */ -#endif -#define _LWS_PAD(n) (((n) % _LWS_PAD_SIZE) ? \ - ((n) + (_LWS_PAD_SIZE - ((n) % _LWS_PAD_SIZE))) : (n)) -/* last 2 is for lws-meta */ -#define LWS_PRE _LWS_PAD(4 + 10 + 2) -/* used prior to 1.7 and retained for backward compatibility */ -#define LWS_SEND_BUFFER_PRE_PADDING LWS_PRE -#define LWS_SEND_BUFFER_POST_PADDING 0 - -#define LWS_WRITE_RAW LWS_WRITE_HTTP - -/* - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ -enum lws_write_protocol { - LWS_WRITE_TEXT = 0, - /**< Send a ws TEXT message,the pointer must have LWS_PRE valid - * memory behind it. The receiver expects only valid utf-8 in the - * payload */ - LWS_WRITE_BINARY = 1, - /**< Send a ws BINARY message, the pointer must have LWS_PRE valid - * memory behind it. Any sequence of bytes is valid */ - LWS_WRITE_CONTINUATION = 2, - /**< Continue a previous ws message, the pointer must have LWS_PRE valid - * memory behind it */ - LWS_WRITE_HTTP = 3, - /**< Send HTTP content */ - - /* LWS_WRITE_CLOSE is handled by lws_close_reason() */ - LWS_WRITE_PING = 5, - LWS_WRITE_PONG = 6, - - /* Same as write_http but we know this write ends the transaction */ - LWS_WRITE_HTTP_FINAL = 7, - - /* HTTP2 */ - - LWS_WRITE_HTTP_HEADERS = 8, - /**< Send http headers (http2 encodes this payload and LWS_WRITE_HTTP - * payload differently, http 1.x links also handle this correctly. so - * to be compatible with both in the future,header response part should - * be sent using this regardless of http version expected) - */ - LWS_WRITE_HTTP_HEADERS_CONTINUATION = 9, - /**< Continuation of http/2 headers - */ - - /****** add new things just above ---^ ******/ - - /* flags */ - - LWS_WRITE_NO_FIN = 0x40, - /**< This part of the message is not the end of the message */ - - LWS_WRITE_H2_STREAM_END = 0x80, - /**< Flag indicates this packet should go out with STREAM_END if h2 - * STREAM_END is allowed on DATA or HEADERS. - */ - - LWS_WRITE_CLIENT_IGNORE_XOR_MASK = 0x80 - /**< client packet payload goes out on wire unmunged - * only useful for security tests since normal servers cannot - * decode the content if used */ -}; - -/* used with LWS_CALLBACK_CHILD_WRITE_VIA_PARENT */ - -struct lws_write_passthru { - struct lws *wsi; - unsigned char *buf; - size_t len; - enum lws_write_protocol wp; -}; - - -/** - * lws_write() - Apply protocol then write data to client - * \param wsi: Websocket instance (available from user callback) - * \param buf: The data to send. For data being sent on a websocket - * connection (ie, not default http), this buffer MUST have - * LWS_PRE bytes valid BEFORE the pointer. - * This is so the protocol header data can be added in-situ. - * \param len: Count of the data bytes in the payload starting from buf - * \param protocol: Use LWS_WRITE_HTTP to reply to an http connection, and one - * of LWS_WRITE_BINARY or LWS_WRITE_TEXT to send appropriate - * data on a websockets connection. Remember to allow the extra - * bytes before and after buf if LWS_WRITE_BINARY or LWS_WRITE_TEXT - * are used. - * - * This function provides the way to issue data back to the client - * for both http and websocket protocols. - * - * IMPORTANT NOTICE! - * - * When sending with websocket protocol - * - * LWS_WRITE_TEXT, - * LWS_WRITE_BINARY, - * LWS_WRITE_CONTINUATION, - * LWS_WRITE_PING, - * LWS_WRITE_PONG - * - * the send buffer has to have LWS_PRE bytes valid BEFORE - * the buffer pointer you pass to lws_write(). - * - * This allows us to add protocol info before and after the data, and send as - * one packet on the network without payload copying, for maximum efficiency. - * - * So for example you need this kind of code to use lws_write with a - * 128-byte payload - * - * char buf[LWS_PRE + 128]; - * - * // fill your part of the buffer... for example here it's all zeros - * memset(&buf[LWS_PRE], 0, 128); - * - * lws_write(wsi, &buf[LWS_PRE], 128, LWS_WRITE_TEXT); - * - * When sending HTTP, with - * - * LWS_WRITE_HTTP, - * LWS_WRITE_HTTP_HEADERS - * LWS_WRITE_HTTP_FINAL - * - * there is no protocol data prepended, and don't need to take care about the - * LWS_PRE bytes valid before the buffer pointer. - * - * LWS_PRE is at least the frame nonce + 2 header + 8 length - * LWS_SEND_BUFFER_POST_PADDING is deprecated, it's now 0 and can be left off. - * The example apps no longer use it. - * - * Pad LWS_PRE to the CPU word size, so that word references - * to the address immediately after the padding won't cause an unaligned access - * error. Sometimes for performance reasons the recommended padding is even - * larger than sizeof(void *). - * - * In the case of sending using websocket protocol, be sure to allocate - * valid storage before and after buf as explained above. This scheme - * allows maximum efficiency of sending data and protocol in a single - * packet while not burdening the user code with any protocol knowledge. - * - * Return may be -1 for a fatal error needing connection close, or the - * number of bytes sent. - * - * Truncated Writes - * ================ - * - * The OS may not accept everything you asked to write on the connection. - * - * Posix defines POLLOUT indication from poll() to show that the connection - * will accept more write data, but it doesn't specifiy how much. It may just - * accept one byte of whatever you wanted to send. - * - * LWS will buffer the remainder automatically, and send it out autonomously. - * - * During that time, WRITABLE callbacks will be suppressed. - * - * This is to handle corner cases where unexpectedly the OS refuses what we - * usually expect it to accept. You should try to send in chunks that are - * almost always accepted in order to avoid the inefficiency of the buffering. - */ -LWS_VISIBLE LWS_EXTERN int -lws_write(struct lws *wsi, unsigned char *buf, size_t len, - enum lws_write_protocol protocol); - -/* helper for case where buffer may be const */ -#define lws_write_http(wsi, buf, len) \ - lws_write(wsi, (unsigned char *)(buf), len, LWS_WRITE_HTTP) - -/* helper for multi-frame ws message flags */ -static LWS_INLINE int -lws_write_ws_flags(int initial, int is_start, int is_end) -{ - int r; - - if (is_start) - r = initial; - else - r = LWS_WRITE_CONTINUATION; - - if (!is_end) - r |= LWS_WRITE_NO_FIN; - - return r; -} -///@} - -/** \defgroup callback-when-writeable Callback when writeable - * - * ##Callback When Writeable - * - * lws can only write data on a connection when it is able to accept more - * data without blocking. - * - * So a basic requirement is we should only use the lws_write() apis when the - * connection we want to write on says that he can accept more data. - * - * When lws cannot complete your send at the time, it will buffer the data - * and send it in the background, suppressing any further WRITEABLE callbacks - * on that connection until it completes. So it is important to write new - * things in a new writeable callback. - * - * These apis reflect the various ways we can indicate we would like to be - * called back when one or more connections is writeable. - */ -///@{ - -/** - * lws_callback_on_writable() - Request a callback when this socket - * becomes able to be written to without - * blocking - * - * \param wsi: Websocket connection instance to get callback for - * - * - Which: only this wsi - * - When: when the individual connection becomes writeable - * - What: LWS_CALLBACK_*_WRITEABLE - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_on_writable(struct lws *wsi); - -/** - * lws_callback_on_writable_all_protocol() - Request a callback for all - * connections using the given protocol when it - * becomes possible to write to each socket without - * blocking in turn. - * - * \param context: lws_context - * \param protocol: Protocol whose connections will get callbacks - * - * - Which: connections using this protocol on ANY VHOST - * - When: when the individual connection becomes writeable - * - What: LWS_CALLBACK_*_WRITEABLE - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_on_writable_all_protocol(const struct lws_context *context, - const struct lws_protocols *protocol); - -/** - * lws_callback_on_writable_all_protocol_vhost() - Request a callback for - * all connections on same vhost using the given protocol - * when it becomes possible to write to each socket without - * blocking in turn. - * - * \param vhost: Only consider connections on this lws_vhost - * \param protocol: Protocol whose connections will get callbacks - * - * - Which: connections using this protocol on GIVEN VHOST ONLY - * - When: when the individual connection becomes writeable - * - What: LWS_CALLBACK_*_WRITEABLE - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_on_writable_all_protocol_vhost(const struct lws_vhost *vhost, - const struct lws_protocols *protocol); - -/** - * lws_callback_all_protocol() - Callback all connections using - * the given protocol with the given reason - * - * \param context: lws_context - * \param protocol: Protocol whose connections will get callbacks - * \param reason: Callback reason index - * - * - Which: connections using this protocol on ALL VHOSTS - * - When: before returning - * - What: reason - * - * This isn't normally what you want... normally any update of connection- - * specific information can wait until a network-related callback like rx, - * writable, or close. - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_all_protocol(struct lws_context *context, - const struct lws_protocols *protocol, int reason); - -/** - * lws_callback_all_protocol_vhost() - Callback all connections using - * the given protocol with the given reason. This is - * deprecated since v2.4: use lws_callback_all_protocol_vhost_args - * - * \param vh: Vhost whose connections will get callbacks - * \param protocol: Which protocol to match. NULL means all. - * \param reason: Callback reason index - * - * - Which: connections using this protocol on GIVEN VHOST ONLY - * - When: now - * - What: reason - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_all_protocol_vhost(struct lws_vhost *vh, - const struct lws_protocols *protocol, int reason) -LWS_WARN_DEPRECATED; - -/** - * lws_callback_all_protocol_vhost_args() - Callback all connections using - * the given protocol with the given reason and args - * - * \param vh: Vhost whose connections will get callbacks - * \param protocol: Which protocol to match. NULL means all. - * \param reason: Callback reason index - * \param argp: Callback "in" parameter - * \param len: Callback "len" parameter - * - * - Which: connections using this protocol on GIVEN VHOST ONLY - * - When: now - * - What: reason - */ -LWS_VISIBLE int -lws_callback_all_protocol_vhost_args(struct lws_vhost *vh, - const struct lws_protocols *protocol, int reason, - void *argp, size_t len); - -/** - * lws_callback_vhost_protocols() - Callback all protocols enabled on a vhost - * with the given reason - * - * \param wsi: wsi whose vhost will get callbacks - * \param reason: Callback reason index - * \param in: in argument to callback - * \param len: len argument to callback - * - * - Which: connections using this protocol on same VHOST as wsi ONLY - * - When: now - * - What: reason - * - * This is deprecated since v2.5, use lws_callback_vhost_protocols_vhost() - * which takes the pointer to the vhost directly without using or needing the - * wsi. - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_vhost_protocols(struct lws *wsi, int reason, void *in, int len) -LWS_WARN_DEPRECATED; - -/** - * lws_callback_vhost_protocols_vhost() - Callback all protocols enabled on a vhost - * with the given reason - * - * \param vh: vhost that will get callbacks - * \param reason: Callback reason index - * \param in: in argument to callback - * \param len: len argument to callback - * - * - Which: connections using this protocol on same VHOST as wsi ONLY - * - When: now - * - What: reason - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_vhost_protocols_vhost(struct lws_vhost *vh, int reason, void *in, - size_t len); - -LWS_VISIBLE LWS_EXTERN int -lws_callback_http_dummy(struct lws *wsi, enum lws_callback_reasons reason, - void *user, void *in, size_t len); - -/** - * lws_get_socket_fd() - returns the socket file descriptor - * - * This is needed to use sendto() on UDP raw sockets - * - * \param wsi: Websocket connection instance - */ -LWS_VISIBLE LWS_EXTERN lws_sockfd_type -lws_get_socket_fd(struct lws *wsi); - -/** - * lws_get_peer_write_allowance() - get the amount of data writeable to peer - * if known - * - * \param wsi: Websocket connection instance - * - * if the protocol does not have any guidance, returns -1. Currently only - * http2 connections get send window information from this API. But your code - * should use it so it can work properly with any protocol. - * - * If nonzero return is the amount of payload data the peer or intermediary has - * reported it has buffer space for. That has NO relationship with the amount - * of buffer space your OS can accept on this connection for a write action. - * - * This number represents the maximum you could send to the peer or intermediary - * on this connection right now without the protocol complaining. - * - * lws manages accounting for send window updates and payload writes - * automatically, so this number reflects the situation at the peer or - * intermediary dynamically. - */ -LWS_VISIBLE LWS_EXTERN lws_fileofs_t -lws_get_peer_write_allowance(struct lws *wsi); -///@} - -enum { - /* - * Flags for enable and disable rxflow with reason bitmap and with - * backwards-compatible single bool - */ - LWS_RXFLOW_REASON_USER_BOOL = (1 << 0), - LWS_RXFLOW_REASON_HTTP_RXBUFFER = (1 << 6), - LWS_RXFLOW_REASON_H2_PPS_PENDING = (1 << 7), - - LWS_RXFLOW_REASON_APPLIES = (1 << 14), - LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT = (1 << 13), - LWS_RXFLOW_REASON_APPLIES_ENABLE = LWS_RXFLOW_REASON_APPLIES | - LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT, - LWS_RXFLOW_REASON_APPLIES_DISABLE = LWS_RXFLOW_REASON_APPLIES, - LWS_RXFLOW_REASON_FLAG_PROCESS_NOW = (1 << 12), - -}; - -/** - * lws_rx_flow_control() - Enable and disable socket servicing for - * received packets. - * - * If the output side of a server process becomes choked, this allows flow - * control for the input side. - * - * \param wsi: Websocket connection instance to get callback for - * \param enable: 0 = disable read servicing for this connection, 1 = enable - * - * If you need more than one additive reason for rxflow control, you can give - * iLWS_RXFLOW_REASON_APPLIES_ENABLE or _DISABLE together with one or more of - * b5..b0 set to idicate which bits to enable or disable. If any bits are - * enabled, rx on the connection is suppressed. - * - * LWS_RXFLOW_REASON_FLAG_PROCESS_NOW flag may also be given to force any change - * in rxflowbstatus to benapplied immediately, this should be used when you are - * changing a wsi flow control state from outside a callback on that wsi. - */ -LWS_VISIBLE LWS_EXTERN int -lws_rx_flow_control(struct lws *wsi, int enable); - -/** - * lws_rx_flow_allow_all_protocol() - Allow all connections with this protocol to receive - * - * When the user server code realizes it can accept more input, it can - * call this to have the RX flow restriction removed from all connections using - * the given protocol. - * \param context: lws_context - * \param protocol: all connections using this protocol will be allowed to receive - */ -LWS_VISIBLE LWS_EXTERN void -lws_rx_flow_allow_all_protocol(const struct lws_context *context, - const struct lws_protocols *protocol); - -/** - * lws_remaining_packet_payload() - Bytes to come before "overall" - * rx fragment is complete - * \param wsi: Websocket instance (available from user callback) - * - * This tracks how many bytes are left in the current ws fragment, according - * to the ws length given in the fragment header. - * - * If the message was in a single fragment, and there is no compression, this - * is the same as "how much data is left to read for this message". - * - * However, if the message is being sent in multiple fragments, this will - * reflect the unread amount of the current **fragment**, not the message. With - * ws, it is legal to not know the length of the message before it completes. - * - * Additionally if the message is sent via the negotiated permessage-deflate - * extension, this number only tells the amount of **compressed** data left to - * be read, since that is the only information available at the ws layer. - */ -LWS_VISIBLE LWS_EXTERN size_t -lws_remaining_packet_payload(struct lws *wsi); - - -/** \defgroup sock-adopt Socket adoption helpers - * ##Socket adoption helpers - * - * When integrating with an external app with its own event loop, these can - * be used to accept connections from someone else's listening socket. - * - * When using lws own event loop, these are not needed. - */ -///@{ - -/** - * lws_adopt_socket() - adopt foreign socket as if listen socket accepted it - * for the default vhost of context. - * - * \param context: lws context - * \param accept_fd: fd of already-accepted socket to adopt - * - * Either returns new wsi bound to accept_fd, or closes accept_fd and - * returns NULL, having cleaned up any new wsi pieces. - * - * LWS adopts the socket in http serving mode, it's ready to accept an upgrade - * to ws or just serve http. - */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd); -/** - * lws_adopt_socket_vhost() - adopt foreign socket as if listen socket accepted it - * for vhost - * - * \param vh: lws vhost - * \param accept_fd: fd of already-accepted socket to adopt - * - * Either returns new wsi bound to accept_fd, or closes accept_fd and - * returns NULL, having cleaned up any new wsi pieces. - * - * LWS adopts the socket in http serving mode, it's ready to accept an upgrade - * to ws or just serve http. - */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd); - -typedef enum { - LWS_ADOPT_RAW_FILE_DESC = 0, /* convenience constant */ - LWS_ADOPT_HTTP = 1, /* flag: absent implies RAW */ - LWS_ADOPT_SOCKET = 2, /* flag: absent implies file descr */ - LWS_ADOPT_ALLOW_SSL = 4, /* flag: if set requires LWS_ADOPT_SOCKET */ - LWS_ADOPT_WS_PARENTIO = 8, /* flag: ws mode parent handles IO - * if given must be only flag - * wsi put directly into ws mode */ - LWS_ADOPT_FLAG_UDP = 16, /* flag: socket is UDP */ - - LWS_ADOPT_RAW_SOCKET_UDP = LWS_ADOPT_SOCKET | LWS_ADOPT_FLAG_UDP, -} lws_adoption_type; - -typedef union { - lws_sockfd_type sockfd; - lws_filefd_type filefd; -} lws_sock_file_fd_type; - -#if !defined(LWS_WITH_ESP32) -struct lws_udp { - struct sockaddr sa; - socklen_t salen; - - struct sockaddr sa_pending; - socklen_t salen_pending; -}; -#endif - -/* -* lws_adopt_descriptor_vhost() - adopt foreign socket or file descriptor -* if socket descriptor, should already have been accepted from listen socket -* -* \param vhost: lws vhost -* \param type: OR-ed combinations of lws_adoption_type flags -* \param fd: union with either .sockfd or .filefd set -* \param vh_prot_name: NULL or vh protocol name to bind raw connection to -* \param parent: NULL or struct lws to attach new_wsi to as a child -* -* Either returns new wsi bound to accept_fd, or closes accept_fd and -* returns NULL, having cleaned up any new wsi pieces. -* -* If LWS_ADOPT_SOCKET is set, LWS adopts the socket in http serving mode, it's -* ready to accept an upgrade to ws or just serve http. -* -* parent may be NULL, if given it should be an existing wsi that will become the -* parent of the new wsi created by this call. -*/ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_adopt_descriptor_vhost(struct lws_vhost *vh, lws_adoption_type type, - lws_sock_file_fd_type fd, const char *vh_prot_name, - struct lws *parent); - -/** - * lws_adopt_socket_readbuf() - adopt foreign socket and first rx as if listen socket accepted it - * for the default vhost of context. - * \param context: lws context - * \param accept_fd: fd of already-accepted socket to adopt - * \param readbuf: NULL or pointer to data that must be drained before reading from - * accept_fd - * \param len: The length of the data held at \param readbuf - * - * Either returns new wsi bound to accept_fd, or closes accept_fd and - * returns NULL, having cleaned up any new wsi pieces. - * - * LWS adopts the socket in http serving mode, it's ready to accept an upgrade - * to ws or just serve http. - * - * If your external code did not already read from the socket, you can use - * lws_adopt_socket() instead. - * - * This api is guaranteed to use the data at \param readbuf first, before reading from - * the socket. - * - * readbuf is limited to the size of the ah rx buf, currently 2048 bytes. - */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd, - const char *readbuf, size_t len); -/** - * lws_adopt_socket_vhost_readbuf() - adopt foreign socket and first rx as if listen socket - * accepted it for vhost. - * \param vhost: lws vhost - * \param accept_fd: fd of already-accepted socket to adopt - * \param readbuf: NULL or pointer to data that must be drained before reading from - * accept_fd - * \param len: The length of the data held at \param readbuf - * - * Either returns new wsi bound to accept_fd, or closes accept_fd and - * returns NULL, having cleaned up any new wsi pieces. - * - * LWS adopts the socket in http serving mode, it's ready to accept an upgrade - * to ws or just serve http. - * - * If your external code did not already read from the socket, you can use - * lws_adopt_socket() instead. - * - * This api is guaranteed to use the data at \param readbuf first, before reading from - * the socket. - * - * readbuf is limited to the size of the ah rx buf, currently 2048 bytes. - */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_adopt_socket_vhost_readbuf(struct lws_vhost *vhost, lws_sockfd_type accept_fd, - const char *readbuf, size_t len); - -#define LWS_CAUDP_BIND 1 - -/** - * lws_create_adopt_udp() - create, bind and adopt a UDP socket - * - * \param vhost: lws vhost - * \param port: UDP port to bind to, -1 means unbound - * \param flags: 0 or LWS_CAUDP_NO_BIND - * \param protocol_name: Name of protocol on vhost to bind wsi to - * \param parent_wsi: NULL or parent wsi new wsi will be a child of - * - * Either returns new wsi bound to accept_fd, or closes accept_fd and - * returns NULL, having cleaned up any new wsi pieces. - * */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_create_adopt_udp(struct lws_vhost *vhost, int port, int flags, - const char *protocol_name, struct lws *parent_wsi); -///@} - -/** \defgroup net Network related helper APIs - * ##Network related helper APIs - * - * These wrap miscellaneous useful network-related functions - */ -///@{ - -/** - * lws_canonical_hostname() - returns this host's hostname - * - * This is typically used by client code to fill in the host parameter - * when making a client connection. You can only call it after the context - * has been created. - * - * \param context: Websocket context - */ -LWS_VISIBLE LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT -lws_canonical_hostname(struct lws_context *context); - -/** - * lws_get_peer_addresses() - Get client address information - * \param wsi: Local struct lws associated with - * \param fd: Connection socket descriptor - * \param name: Buffer to take client address name - * \param name_len: Length of client address name buffer - * \param rip: Buffer to take client address IP dotted quad - * \param rip_len: Length of client address IP buffer - * - * This function fills in name and rip with the name and IP of - * the client connected with socket descriptor fd. Names may be - * truncated if there is not enough room. If either cannot be - * determined, they will be returned as valid zero-length strings. - */ -LWS_VISIBLE LWS_EXTERN void -lws_get_peer_addresses(struct lws *wsi, lws_sockfd_type fd, char *name, - int name_len, char *rip, int rip_len); - -/** - * lws_get_peer_simple() - Get client address information without RDNS - * - * \param wsi: Local struct lws associated with - * \param name: Buffer to take client address name - * \param namelen: Length of client address name buffer - * - * This provides a 123.123.123.123 type IP address in name from the - * peer that has connected to wsi - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_get_peer_simple(struct lws *wsi, char *name, int namelen); - - -#define LWS_ITOSA_NOT_EXIST -1 -#define LWS_ITOSA_NOT_USABLE -2 -#define LWS_ITOSA_USABLE 0 -#if !defined(LWS_WITH_ESP32) -/** - * lws_interface_to_sa() - Convert interface name or IP to sockaddr struct - * - * \param ipv6: Allow IPV6 addresses - * \param ifname: Interface name or IP - * \param addr: struct sockaddr_in * to be written - * \param addrlen: Length of addr - * - * This converts a textual network interface name to a sockaddr usable by - * other network functions. - * - * If the network interface doesn't exist, it will return LWS_ITOSA_NOT_EXIST. - * - * If the network interface is not usable, eg ethernet cable is removed, it - * may logically exist but not have any IP address. As such it will return - * LWS_ITOSA_NOT_USABLE. - * - * If the network interface exists and is usable, it will return - * LWS_ITOSA_USABLE. - */ -LWS_VISIBLE LWS_EXTERN int -lws_interface_to_sa(int ipv6, const char *ifname, struct sockaddr_in *addr, - size_t addrlen); -///@} -#endif - -/** \defgroup misc Miscellaneous APIs -* ##Miscellaneous APIs -* -* Various APIs outside of other categories -*/ -///@{ - -/** - * lws_start_foreach_ll(): linkedlist iterator helper start - * - * \param type: type of iteration, eg, struct xyz * - * \param it: iterator var name to create - * \param start: start of list - * - * This helper creates an iterator and starts a while (it) { - * loop. The iterator runs through the linked list starting at start and - * ends when it gets a NULL. - * The while loop should be terminated using lws_start_foreach_ll(). - */ -#define lws_start_foreach_ll(type, it, start)\ -{ \ - type it = start; \ - while (it) { - -/** - * lws_end_foreach_ll(): linkedlist iterator helper end - * - * \param it: same iterator var name given when starting - * \param nxt: member name in the iterator pointing to next list element - * - * This helper is the partner for lws_start_foreach_ll() that ends the - * while loop. - */ - -#define lws_end_foreach_ll(it, nxt) \ - it = it->nxt; \ - } \ -} - -/** - * lws_start_foreach_llp(): linkedlist pointer iterator helper start - * - * \param type: type of iteration, eg, struct xyz ** - * \param it: iterator var name to create - * \param start: start of list - * - * This helper creates an iterator and starts a while (it) { - * loop. The iterator runs through the linked list starting at the - * address of start and ends when it gets a NULL. - * The while loop should be terminated using lws_start_foreach_llp(). - * - * This helper variant iterates using a pointer to the previous linked-list - * element. That allows you to easily delete list members by rewriting the - * previous pointer to the element's next pointer. - */ -#define lws_start_foreach_llp(type, it, start)\ -{ \ - type it = &(start); \ - while (*(it)) { - -#define lws_start_foreach_llp_safe(type, it, start, nxt)\ -{ \ - type it = &(start); \ - type next; \ - while (*(it)) { \ - next = &((*(it))->nxt); \ - -/** - * lws_end_foreach_llp(): linkedlist pointer iterator helper end - * - * \param it: same iterator var name given when starting - * \param nxt: member name in the iterator pointing to next list element - * - * This helper is the partner for lws_start_foreach_llp() that ends the - * while loop. - */ - -#define lws_end_foreach_llp(it, nxt) \ - it = &(*(it))->nxt; \ - } \ -} - -#define lws_end_foreach_llp_safe(it) \ - it = next; \ - } \ -} - -#define lws_ll_fwd_insert(\ - ___new_object, /* pointer to new object */ \ - ___m_list, /* member for next list object ptr */ \ - ___list_head /* list head */ \ - ) {\ - ___new_object->___m_list = ___list_head; \ - ___list_head = ___new_object; \ - } - -#define lws_ll_fwd_remove(\ - ___type, /* type of listed object */ \ - ___m_list, /* member for next list object ptr */ \ - ___target, /* object to remove from list */ \ - ___list_head /* list head */ \ - ) { \ - lws_start_foreach_llp(___type **, ___ppss, ___list_head) { \ - if (*___ppss == ___target) { \ - *___ppss = ___target->___m_list; \ - break; \ - } \ - } lws_end_foreach_llp(___ppss, ___m_list); \ - } - -/* - * doubly linked-list - */ - -struct lws_dll { /* abstract */ - struct lws_dll *prev; - struct lws_dll *next; -}; - -/* - * these all point to the composed list objects... you have to use the - * lws_container_of() helper to recover the start of the containing struct - */ - -LWS_VISIBLE LWS_EXTERN void -lws_dll_add_front(struct lws_dll *d, struct lws_dll *phead); - -LWS_VISIBLE LWS_EXTERN void -lws_dll_remove(struct lws_dll *d); - -struct lws_dll_lws { /* typed as struct lws * */ - struct lws_dll_lws *prev; - struct lws_dll_lws *next; -}; - -#define lws_dll_is_null(___dll) (!(___dll)->prev && !(___dll)->next) - -static LWS_INLINE void -lws_dll_lws_add_front(struct lws_dll_lws *_a, struct lws_dll_lws *_head) -{ - lws_dll_add_front((struct lws_dll *)_a, (struct lws_dll *)_head); -} - -static LWS_INLINE void -lws_dll_lws_remove(struct lws_dll_lws *_a) -{ - lws_dll_remove((struct lws_dll *)_a); -} - -/* - * these are safe against the current container object getting deleted, - * since the hold his next in a temp and go to that next. ___tmp is - * the temp. - */ - -#define lws_start_foreach_dll_safe(___type, ___it, ___tmp, ___start) \ -{ \ - ___type ___it = ___start; \ - while (___it) { \ - ___type ___tmp = (___it)->next; - -#define lws_end_foreach_dll_safe(___it, ___tmp) \ - ___it = ___tmp; \ - } \ -} - -#define lws_start_foreach_dll(___type, ___it, ___start) \ -{ \ - ___type ___it = ___start; \ - while (___it) { - -#define lws_end_foreach_dll(___it) \ - ___it = (___it)->next; \ - } \ -} - -struct lws_buflist; - -/** - * lws_buflist_append_segment(): add buffer to buflist at head - * - * \param head: list head - * \param buf: buffer to stash - * \param len: length of buffer to stash - * - * Returns -1 on OOM, 1 if this was the first segment on the list, and 0 if - * it was a subsequent segment. - */ -LWS_VISIBLE LWS_EXTERN int -lws_buflist_append_segment(struct lws_buflist **head, const uint8_t *buf, - size_t len); -/** - * lws_buflist_next_segment_len(): number of bytes left in current segment - * - * \param head: list head - * \param buf: if non-NULL, *buf is written with the address of the start of - * the remaining data in the segment - * - * Returns the number of bytes left in the current segment. 0 indicates - * that the buflist is empty (there are no segments on the buflist). - */ -LWS_VISIBLE LWS_EXTERN size_t -lws_buflist_next_segment_len(struct lws_buflist **head, uint8_t **buf); -/** - * lws_buflist_use_segment(): remove len bytes from the current segment - * - * \param head: list head - * \param len: number of bytes to mark as used - * - * If len is less than the remaining length of the current segment, the position - * in the current segment is simply advanced and it returns. - * - * If len uses up the remaining length of the current segment, then the segment - * is deleted and the list head moves to the next segment if any. - * - * Returns the number of bytes left in the current segment. 0 indicates - * that the buflist is empty (there are no segments on the buflist). - */ -LWS_VISIBLE LWS_EXTERN int -lws_buflist_use_segment(struct lws_buflist **head, size_t len); -/** - * lws_buflist_destroy_all_segments(): free all segments on the list - * - * \param head: list head - * - * This frees everything on the list unconditionally. *head is always - * NULL after this. - */ -LWS_VISIBLE LWS_EXTERN void -lws_buflist_destroy_all_segments(struct lws_buflist **head); - -void -lws_buflist_describe(struct lws_buflist **head, void *id); - -/** - * lws_ptr_diff(): helper to report distance between pointers as an int - * - * \param head: the pointer with the larger address - * \param tail: the pointer with the smaller address - * - * This helper gives you an int representing the number of bytes further - * forward the first pointer is compared to the second pointer. - */ -#define lws_ptr_diff(head, tail) \ - ((int)((char *)(head) - (char *)(tail))) - -/** - * lws_snprintf(): snprintf that truncates the returned length too - * - * \param str: destination buffer - * \param size: bytes left in destination buffer - * \param format: format string - * \param ...: args for format - * - * This lets you correctly truncate buffers by concatenating lengths, if you - * reach the limit the reported length doesn't exceed the limit. - */ -LWS_VISIBLE LWS_EXTERN int -lws_snprintf(char *str, size_t size, const char *format, ...) LWS_FORMAT(3); - -/** - * lws_strncpy(): strncpy that guarantees NUL on truncated copy - * - * \param dest: destination buffer - * \param src: source buffer - * \param size: bytes left in destination buffer - * - * This lets you correctly truncate buffers by concatenating lengths, if you - * reach the limit the reported length doesn't exceed the limit. - */ -LWS_VISIBLE LWS_EXTERN char * -lws_strncpy(char *dest, const char *src, size_t size); - -/** - * lws_get_random(): fill a buffer with platform random data - * - * \param context: the lws context - * \param buf: buffer to fill - * \param len: how much to fill - * - * This is intended to be called from the LWS_CALLBACK_RECEIVE callback if - * it's interested to see if the frame it's dealing with was sent in binary - * mode. - */ -LWS_VISIBLE LWS_EXTERN int -lws_get_random(struct lws_context *context, void *buf, int len); -/** - * lws_daemonize(): make current process run in the background - * - * \param _lock_path: the filepath to write the lock file - * - * Spawn lws as a background process, taking care of various things - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_daemonize(const char *_lock_path); -/** - * lws_get_library_version(): return string describing the version of lws - * - * On unix, also includes the git describe - */ -LWS_VISIBLE LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT -lws_get_library_version(void); - -/** - * lws_wsi_user() - get the user data associated with the connection - * \param wsi: lws connection - * - * Not normally needed since it's passed into the callback - */ -LWS_VISIBLE LWS_EXTERN void * -lws_wsi_user(struct lws *wsi); - -/** - * lws_wsi_set_user() - set the user data associated with the client connection - * \param wsi: lws connection - * \param user: user data - * - * By default lws allocates this and it's not legal to externally set it - * yourself. However client connections may have it set externally when the - * connection is created... if so, this api can be used to modify it at - * runtime additionally. - */ -LWS_VISIBLE LWS_EXTERN void -lws_set_wsi_user(struct lws *wsi, void *user); - -/** - * lws_parse_uri: cut up prot:/ads:port/path into pieces - * Notice it does so by dropping '\0' into input string - * and the leading / on the path is consequently lost - * - * \param p: incoming uri string.. will get written to - * \param prot: result pointer for protocol part (https://) - * \param ads: result pointer for address part - * \param port: result pointer for port part - * \param path: result pointer for path part - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_parse_uri(char *p, const char **prot, const char **ads, int *port, - const char **path); -/** - * lws_cmdline_option(): simple commandline parser - * - * \param argc: count of argument strings - * \param argv: argument strings - * \param val: string to find - * - * Returns NULL if the string \p val is not found in the arguments. - * - * If it is found, then it returns a pointer to the next character after \p val. - * So if \p val is "-d", then for the commandlines "myapp -d15" and - * "myapp -d 15", in both cases the return will point to the "15". - * - * In the case there is no argument, like "myapp -d", the return will - * either point to the '\\0' at the end of -d, or to the start of the - * next argument, ie, will be non-NULL. - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_cmdline_option(int argc, const char **argv, const char *val); - -/** - * lws_now_secs(): return seconds since 1970-1-1 - */ -LWS_VISIBLE LWS_EXTERN unsigned long -lws_now_secs(void); - -/** - * lws_compare_time_t(): return relationship between two time_t - * - * \param context: struct lws_context - * \param t1: time_t 1 - * \param t2: time_t 2 - * - * returns <0 if t2 > t1; >0 if t1 > t2; or == 0 if t1 == t2. - * - * This is aware of clock discontiguities that may have affected either t1 or - * t2 and adapts the comparison for them. - * - * For the discontiguity detection to work, you must avoid any arithmetic on - * the times being compared. For example to have a timeout that triggers - * 15s from when it was set, store the time it was set and compare like - * `if (lws_compare_time_t(context, now, set_time) > 15)` - */ -LWS_VISIBLE LWS_EXTERN int -lws_compare_time_t(struct lws_context *context, time_t t1, time_t t2); - -/** - * lws_get_context - Allow getting lws_context from a Websocket connection - * instance - * - * With this function, users can access context in the callback function. - * Otherwise users may have to declare context as a global variable. - * - * \param wsi: Websocket connection instance - */ -LWS_VISIBLE LWS_EXTERN struct lws_context * LWS_WARN_UNUSED_RESULT -lws_get_context(const struct lws *wsi); - -/** - * lws_get_vhost_listen_port - Find out the port number a vhost is listening on - * - * In the case you passed 0 for the port number at context creation time, you - * can discover the port number that was actually chosen for the vhost using - * this api. - * - * \param vhost: Vhost to get listen port from - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_get_vhost_listen_port(struct lws_vhost *vhost); - -/** - * lws_get_count_threads(): how many service threads the context uses - * - * \param context: the lws context - * - * By default this is always 1, if you asked for more than lws can handle it - * will clip the number of threads. So you can use this to find out how many - * threads are actually in use. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_get_count_threads(struct lws_context *context); - -/** - * lws_get_parent() - get parent wsi or NULL - * \param wsi: lws connection - * - * Specialized wsi like cgi stdin/out/err are associated to a parent wsi, - * this allows you to get their parent. - */ -LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT -lws_get_parent(const struct lws *wsi); - -/** - * lws_get_child() - get child wsi or NULL - * \param wsi: lws connection - * - * Allows you to find a related wsi from the parent wsi. - */ -LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT -lws_get_child(const struct lws *wsi); - -/** - * lws_get_udp() - get wsi's udp struct - * - * \param wsi: lws connection - * - * Returns NULL or pointer to the wsi's UDP-specific information - */ -LWS_VISIBLE LWS_EXTERN const struct lws_udp * LWS_WARN_UNUSED_RESULT -lws_get_udp(const struct lws *wsi); - -/** - * lws_parent_carries_io() - mark wsi as needing to send messages via parent - * - * \param wsi: child lws connection - */ - -LWS_VISIBLE LWS_EXTERN void -lws_set_parent_carries_io(struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN void * -lws_get_opaque_parent_data(const struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN void -lws_set_opaque_parent_data(struct lws *wsi, void *data); - -LWS_VISIBLE LWS_EXTERN int -lws_get_child_pending_on_writable(const struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN void -lws_clear_child_pending_on_writable(struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN int -lws_get_close_length(struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN unsigned char * -lws_get_close_payload(struct lws *wsi); - -/** - * lws_get_network_wsi() - Returns wsi that has the tcp connection for this wsi - * - * \param wsi: wsi you have - * - * Returns wsi that has the tcp connection (which may be the incoming wsi) - * - * HTTP/1 connections will always return the incoming wsi - * HTTP/2 connections may return a different wsi that has the tcp connection - */ -LWS_VISIBLE LWS_EXTERN -struct lws *lws_get_network_wsi(struct lws *wsi); - -/** - * lws_set_allocator() - custom allocator support - * - * \param realloc - * - * Allows you to replace the allocator (and deallocator) used by lws - */ -LWS_VISIBLE LWS_EXTERN void -lws_set_allocator(void *(*realloc)(void *ptr, size_t size, const char *reason)); -///@} - -/** \defgroup wsstatus Websocket status APIs - * ##Websocket connection status APIs - * - * These provide information about ws connection or message status - */ -///@{ -/** - * lws_send_pipe_choked() - tests if socket is writable or not - * \param wsi: lws connection - * - * Allows you to check if you can write more on the socket - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_send_pipe_choked(struct lws *wsi); - -/** - * lws_is_final_fragment() - tests if last part of ws message - * - * \param wsi: lws connection - */ -LWS_VISIBLE LWS_EXTERN int -lws_is_final_fragment(struct lws *wsi); - -/** - * lws_is_first_fragment() - tests if first part of ws message - * - * \param wsi: lws connection - */ -LWS_VISIBLE LWS_EXTERN int -lws_is_first_fragment(struct lws *wsi); - -/** - * lws_get_reserved_bits() - access reserved bits of ws frame - * \param wsi: lws connection - */ -LWS_VISIBLE LWS_EXTERN unsigned char -lws_get_reserved_bits(struct lws *wsi); - -/** - * lws_partial_buffered() - find out if lws buffered the last write - * \param wsi: websocket connection to check - * - * Returns 1 if you cannot use lws_write because the last - * write on this connection is still buffered, and can't be cleared without - * returning to the service loop and waiting for the connection to be - * writeable again. - * - * If you will try to do >1 lws_write call inside a single - * WRITEABLE callback, you must check this after every write and bail if - * set, ask for a new writeable callback and continue writing from there. - * - * This is never set at the start of a writeable callback, but any write - * may set it. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_partial_buffered(struct lws *wsi); - -/** - * lws_frame_is_binary(): true if the current frame was sent in binary mode - * - * \param wsi: the connection we are inquiring about - * - * This is intended to be called from the LWS_CALLBACK_RECEIVE callback if - * it's interested to see if the frame it's dealing with was sent in binary - * mode. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_frame_is_binary(struct lws *wsi); - -/** - * lws_is_ssl() - Find out if connection is using SSL - * \param wsi: websocket connection to check - * - * Returns 0 if the connection is not using SSL, 1 if using SSL and - * using verified cert, and 2 if using SSL but the cert was not - * checked (appears for client wsi told to skip check on connection) - */ -LWS_VISIBLE LWS_EXTERN int -lws_is_ssl(struct lws *wsi); -/** - * lws_is_cgi() - find out if this wsi is running a cgi process - * \param wsi: lws connection - */ -LWS_VISIBLE LWS_EXTERN int -lws_is_cgi(struct lws *wsi); - - -struct lws_wifi_scan { /* generic wlan scan item */ - struct lws_wifi_scan *next; - char ssid[32]; - int32_t rssi; /* divide by .count to get db */ - uint8_t bssid[6]; - uint8_t count; - uint8_t channel; - uint8_t authmode; -}; - -#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) -/** - * lws_get_ssl() - Return wsi's SSL context structure - * \param wsi: websocket connection - * - * Returns pointer to the SSL library's context structure - */ -LWS_VISIBLE LWS_EXTERN SSL* -lws_get_ssl(struct lws *wsi); -#endif - -enum lws_tls_cert_info { - LWS_TLS_CERT_INFO_VALIDITY_FROM, - /**< fills .time with the time_t the cert validity started from */ - LWS_TLS_CERT_INFO_VALIDITY_TO, - /**< fills .time with the time_t the cert validity ends at */ - LWS_TLS_CERT_INFO_COMMON_NAME, - /**< fills up to len bytes of .ns.name with the cert common name */ - LWS_TLS_CERT_INFO_ISSUER_NAME, - /**< fills up to len bytes of .ns.name with the cert issuer name */ - LWS_TLS_CERT_INFO_USAGE, - /**< fills verified with a bitfield asserting the valid uses */ - LWS_TLS_CERT_INFO_VERIFIED, - /**< fills .verified with a bool representing peer cert validity, - * call returns -1 if no cert */ - LWS_TLS_CERT_INFO_OPAQUE_PUBLIC_KEY, - /**< the certificate's public key, as an opaque bytestream. These - * opaque bytestreams can only be compared with each other using the - * same tls backend, ie, OpenSSL or mbedTLS. The different backends - * produce different, incompatible representations for the same cert. - */ -}; - -union lws_tls_cert_info_results { - unsigned int verified; - time_t time; - unsigned int usage; - struct { - int len; - /* KEEP LAST... notice the [64] is only there because - * name[] is not allowed in a union. The actual length of - * name[] is arbitrary and is passed into the api using the - * len parameter. Eg - * - * char big[1024]; - * union lws_tls_cert_info_results *buf = - * (union lws_tls_cert_info_results *)big; - * - * lws_tls_peer_cert_info(wsi, type, buf, sizeof(big) - - * sizeof(*buf) + sizeof(buf->ns.name)); - */ - char name[64]; - } ns; -}; - -/** - * lws_tls_peer_cert_info() - get information from the peer's TLS cert - * - * \param wsi: the connection to query - * \param type: one of LWS_TLS_CERT_INFO_ - * \param buf: pointer to union to take result - * \param len: when result is a string, the true length of buf->ns.name[] - * - * lws_tls_peer_cert_info() lets you get hold of information from the peer - * certificate. - * - * Return 0 if there is a result in \p buf, or -1 indicating there was no cert - * or another problem. - * - * This function works the same no matter if the TLS backend is OpenSSL or - * mbedTLS. - */ -LWS_VISIBLE LWS_EXTERN int -lws_tls_peer_cert_info(struct lws *wsi, enum lws_tls_cert_info type, - union lws_tls_cert_info_results *buf, size_t len); - -/** - * lws_tls_vhost_cert_info() - get information from the vhost's own TLS cert - * - * \param vhost: the vhost to query - * \param type: one of LWS_TLS_CERT_INFO_ - * \param buf: pointer to union to take result - * \param len: when result is a string, the true length of buf->ns.name[] - * - * lws_tls_vhost_cert_info() lets you get hold of information from the vhost - * certificate. - * - * Return 0 if there is a result in \p buf, or -1 indicating there was no cert - * or another problem. - * - * This function works the same no matter if the TLS backend is OpenSSL or - * mbedTLS. - */ -LWS_VISIBLE LWS_EXTERN int -lws_tls_vhost_cert_info(struct lws_vhost *vhost, enum lws_tls_cert_info type, - union lws_tls_cert_info_results *buf, size_t len); - -/** - * lws_tls_acme_sni_cert_create() - creates a temp selfsigned cert - * and attaches to a vhost - * - * \param vhost: the vhost to acquire the selfsigned cert - * \param san_a: SAN written into the certificate - * \param san_b: second SAN written into the certificate - * - * - * Returns 0 if created and attached to the vhost. Returns -1 if problems and - * frees all allocations before returning. - * - * On success, any allocations are destroyed at vhost destruction automatically. - */ -LWS_VISIBLE LWS_EXTERN int -lws_tls_acme_sni_cert_create(struct lws_vhost *vhost, const char *san_a, - const char *san_b); - -/** - * lws_tls_acme_sni_csr_create() - creates a CSR and related private key PEM - * - * \param context: lws_context used for random - * \param elements: array of LWS_TLS_REQ_ELEMENT_COUNT const char * - * \param csr: buffer that will get the b64URL(ASN-1 CSR) - * \param csr_len: max length of the csr buffer - * \param privkey_pem: pointer to pointer allocated to hold the privkey_pem - * \param privkey_len: pointer to size_t set to the length of the privkey_pem - * - * Creates a CSR according to the information in \p elements, and a private - * RSA key used to sign the CSR. - * - * The outputs are the b64URL(ASN-1 CSR) into csr, and the PEM private key into - * privkey_pem. - * - * Notice that \p elements points to an array of const char *s pointing to the - * information listed in the enum above. If an entry is NULL or an empty - * string, the element is set to "none" in the CSR. - * - * Returns 0 on success or nonzero for failure. - */ -LWS_VISIBLE LWS_EXTERN int -lws_tls_acme_sni_csr_create(struct lws_context *context, const char *elements[], - uint8_t *csr, size_t csr_len, char **privkey_pem, - size_t *privkey_len); - -/** - * lws_tls_cert_updated() - update every vhost using the given cert path - * - * \param context: our lws_context - * \param certpath: the filepath to the certificate - * \param keypath: the filepath to the private key of the certificate - * \param mem_cert: copy of the cert in memory - * \param len_mem_cert: length of the copy of the cert in memory - * \param mem_privkey: copy of the private key in memory - * \param len_mem_privkey: length of the copy of the private key in memory - * - * Checks every vhost to see if it is the using certificate described by the - * the given filepaths. If so, it attempts to update the vhost ssl_ctx to use - * the new certificate. - * - * Returns 0 on success or nonzero for failure. - */ -LWS_VISIBLE LWS_EXTERN int -lws_tls_cert_updated(struct lws_context *context, const char *certpath, - const char *keypath, - const char *mem_cert, size_t len_mem_cert, - const char *mem_privkey, size_t len_mem_privkey); -///@} - -/** \defgroup lws_ring LWS Ringbuffer APIs - * ##lws_ring: generic ringbuffer struct - * - * Provides an abstract ringbuffer api supporting one head and one or an - * unlimited number of tails. - * - * All of the members are opaque and manipulated by lws_ring_...() apis. - * - * The lws_ring and its buffer is allocated at runtime on the heap, using - * - * - lws_ring_create() - * - lws_ring_destroy() - * - * It may contain any type, the size of the "element" stored in the ring - * buffer and the number of elements is given at creation time. - * - * When you create the ringbuffer, you can optionally provide an element - * destroy callback that frees any allocations inside the element. This is then - * automatically called for elements with no tail behind them, ie, elements - * which don't have any pending consumer are auto-freed. - * - * Whole elements may be inserted into the ringbuffer and removed from it, using - * - * - lws_ring_insert() - * - lws_ring_consume() - * - * You can find out how many whole elements are free or waiting using - * - * - lws_ring_get_count_free_elements() - * - lws_ring_get_count_waiting_elements() - * - * In addition there are special purpose optional byte-centric apis - * - * - lws_ring_next_linear_insert_range() - * - lws_ring_bump_head() - * - * which let you, eg, read() directly into the ringbuffer without needing - * an intermediate bounce buffer. - * - * The accessors understand that the ring wraps, and optimizes insertion and - * consumption into one or two memcpy()s depending on if the head or tail - * wraps. - * - * lws_ring only supports a single head, but optionally multiple tails with - * an API to inform it when the "oldest" tail has moved on. You can give - * NULL where-ever an api asks for a tail pointer, and it will use an internal - * single tail pointer for convenience. - * - * The "oldest tail", which is the only tail if you give it NULL instead of - * some other tail, is used to track which elements in the ringbuffer are - * still unread by anyone. - * - * - lws_ring_update_oldest_tail() - */ -///@{ -struct lws_ring; - -/** - * lws_ring_create(): create a new ringbuffer - * - * \param element_len: the size in bytes of one element in the ringbuffer - * \param count: the number of elements the ringbuffer can contain - * \param destroy_element: NULL, or callback to be called for each element - * that is removed from the ringbuffer due to the - * oldest tail moving beyond it - * - * Creates the ringbuffer and allocates the storage. Returns the new - * lws_ring *, or NULL if the allocation failed. - * - * If non-NULL, destroy_element will get called back for every element that is - * retired from the ringbuffer after the oldest tail has gone past it, and for - * any element still left in the ringbuffer when it is destroyed. It replaces - * all other element destruction code in your user code. - */ -LWS_VISIBLE LWS_EXTERN struct lws_ring * -lws_ring_create(size_t element_len, size_t count, - void (*destroy_element)(void *element)); - -/** - * lws_ring_destroy(): destroy a previously created ringbuffer - * - * \param ring: the struct lws_ring to destroy - * - * Destroys the ringbuffer allocation and the struct lws_ring itself. - */ -LWS_VISIBLE LWS_EXTERN void -lws_ring_destroy(struct lws_ring *ring); - -/** - * lws_ring_get_count_free_elements(): return how many elements can fit - * in the free space - * - * \param ring: the struct lws_ring to report on - * - * Returns how much room is left in the ringbuffer for whole element insertion. - */ -LWS_VISIBLE LWS_EXTERN size_t -lws_ring_get_count_free_elements(struct lws_ring *ring); - -/** - * lws_ring_get_count_waiting_elements(): return how many elements can be consumed - * - * \param ring: the struct lws_ring to report on - * \param tail: a pointer to the tail struct to use, or NULL for single tail - * - * Returns how many elements are waiting to be consumed from the perspective - * of the tail pointer given. - */ -LWS_VISIBLE LWS_EXTERN size_t -lws_ring_get_count_waiting_elements(struct lws_ring *ring, uint32_t *tail); - -/** - * lws_ring_insert(): attempt to insert up to max_count elements from src - * - * \param ring: the struct lws_ring to report on - * \param src: the array of elements to be inserted - * \param max_count: the number of available elements at src - * - * Attempts to insert as many of the elements at src as possible, up to the - * maximum max_count. Returns the number of elements actually inserted. - */ -LWS_VISIBLE LWS_EXTERN size_t -lws_ring_insert(struct lws_ring *ring, const void *src, size_t max_count); - -/** - * lws_ring_consume(): attempt to copy out and remove up to max_count elements - * to src - * - * \param ring: the struct lws_ring to report on - * \param tail: a pointer to the tail struct to use, or NULL for single tail - * \param dest: the array of elements to be inserted. or NULL for no copy - * \param max_count: the number of available elements at src - * - * Attempts to copy out as many waiting elements as possible into dest, from - * the perspective of the given tail, up to max_count. If dest is NULL, the - * copying out is not done but the elements are logically consumed as usual. - * NULL dest is useful in combination with lws_ring_get_element(), where you - * can use the element direct from the ringbuffer and then call this with NULL - * dest to logically consume it. - * - * Increments the tail position according to how many elements could be - * consumed. - * - * Returns the number of elements consumed. - */ -LWS_VISIBLE LWS_EXTERN size_t -lws_ring_consume(struct lws_ring *ring, uint32_t *tail, void *dest, - size_t max_count); - -/** - * lws_ring_get_element(): get a pointer to the next waiting element for tail - * - * \param ring: the struct lws_ring to report on - * \param tail: a pointer to the tail struct to use, or NULL for single tail - * - * Points to the next element that tail would consume, directly in the - * ringbuffer. This lets you write() or otherwise use the element without - * having to copy it out somewhere first. - * - * After calling this, you must call lws_ring_consume(ring, &tail, NULL, 1) - * which will logically consume the element you used up and increment your - * tail (tail may also be NULL there if you use a single tail). - * - * Returns NULL if no waiting element, or a const void * pointing to it. - */ -LWS_VISIBLE LWS_EXTERN const void * -lws_ring_get_element(struct lws_ring *ring, uint32_t *tail); - -/** - * lws_ring_update_oldest_tail(): free up elements older than tail for reuse - * - * \param ring: the struct lws_ring to report on - * \param tail: a pointer to the tail struct to use, or NULL for single tail - * - * If you are using multiple tails, you must use this API to inform the - * lws_ring when none of the tails still need elements in the fifo any more, - * by updating it when the "oldest" tail has moved on. - */ -LWS_VISIBLE LWS_EXTERN void -lws_ring_update_oldest_tail(struct lws_ring *ring, uint32_t tail); - -/** - * lws_ring_get_oldest_tail(): get current oldest available data index - * - * \param ring: the struct lws_ring to report on - * - * If you are initializing a new ringbuffer consumer, you can set its tail to - * this to start it from the oldest ringbuffer entry still available. - */ -LWS_VISIBLE LWS_EXTERN uint32_t -lws_ring_get_oldest_tail(struct lws_ring *ring); - -/** - * lws_ring_next_linear_insert_range(): used to write directly into the ring - * - * \param ring: the struct lws_ring to report on - * \param start: pointer to a void * set to the start of the next ringbuffer area - * \param bytes: pointer to a size_t set to the max length you may use from *start - * - * This provides a low-level, bytewise access directly into the ringbuffer - * allowing direct insertion of data without having to use a bounce buffer. - * - * The api reports the position and length of the next linear range that can - * be written in the ringbuffer, ie, up to the point it would wrap, and sets - * *start and *bytes accordingly. You can then, eg, directly read() into - * *start for up to *bytes, and use lws_ring_bump_head() to update the lws_ring - * with what you have done. - * - * Returns nonzero if no insertion is currently possible. - */ -LWS_VISIBLE LWS_EXTERN int -lws_ring_next_linear_insert_range(struct lws_ring *ring, void **start, - size_t *bytes); - -/** - * lws_ring_bump_head(): used to write directly into the ring - * - * \param ring: the struct lws_ring to operate on - * \param bytes: the number of bytes you inserted at the current head - */ -LWS_VISIBLE LWS_EXTERN void -lws_ring_bump_head(struct lws_ring *ring, size_t bytes); - -LWS_VISIBLE LWS_EXTERN void -lws_ring_dump(struct lws_ring *ring, uint32_t *tail); - -/* - * This is a helper that combines the common pattern of needing to consume - * some ringbuffer elements, move the consumer tail on, and check if that - * has moved any ringbuffer elements out of scope, because it was the last - * consumer that had not already consumed them. - * - * Elements that go out of scope because the oldest tail is now after them - * get garbage-collected by calling the destroy_element callback on them - * defined when the ringbuffer was created. - */ - -#define lws_ring_consume_and_update_oldest_tail(\ - ___ring, /* the lws_ring object */ \ - ___type, /* type of objects with tails */ \ - ___ptail, /* ptr to tail of obj with tail doing consuming */ \ - ___count, /* count of payload objects being consumed */ \ - ___list_head, /* head of list of objects with tails */ \ - ___mtail, /* member name of tail in ___type */ \ - ___mlist /* member name of next list member ptr in ___type */ \ - ) { \ - int ___n, ___m; \ - \ - ___n = lws_ring_get_oldest_tail(___ring) == *(___ptail); \ - lws_ring_consume(___ring, ___ptail, NULL, ___count); \ - if (___n) { \ - uint32_t ___oldest; \ - ___n = 0; \ - ___oldest = *(___ptail); \ - lws_start_foreach_llp(___type **, ___ppss, ___list_head) { \ - ___m = lws_ring_get_count_waiting_elements( \ - ___ring, &(*___ppss)->tail); \ - if (___m >= ___n) { \ - ___n = ___m; \ - ___oldest = (*___ppss)->tail; \ - } \ - } lws_end_foreach_llp(___ppss, ___mlist); \ - \ - lws_ring_update_oldest_tail(___ring, ___oldest); \ - } \ -} - -/* - * This does the same as the lws_ring_consume_and_update_oldest_tail() - * helper, but for the simpler case there is only one consumer, so one - * tail, and that tail is always the oldest tail. - */ - -#define lws_ring_consume_single_tail(\ - ___ring, /* the lws_ring object */ \ - ___ptail, /* ptr to tail of obj with tail doing consuming */ \ - ___count /* count of payload objects being consumed */ \ - ) { \ - lws_ring_consume(___ring, ___ptail, NULL, ___count); \ - lws_ring_update_oldest_tail(___ring, *(___ptail)); \ -} -///@} - -/** \defgroup sha SHA and B64 helpers - * ##SHA and B64 helpers - * - * These provide SHA-1 and B64 helper apis - */ -///@{ -#ifdef LWS_SHA1_USE_OPENSSL_NAME -#define lws_SHA1 SHA1 -#else -/** - * lws_SHA1(): make a SHA-1 digest of a buffer - * - * \param d: incoming buffer - * \param n: length of incoming buffer - * \param md: buffer for message digest (must be >= 20 bytes) - * - * Reduces any size buffer into a 20-byte SHA-1 hash. - */ -LWS_VISIBLE LWS_EXTERN unsigned char * -lws_SHA1(const unsigned char *d, size_t n, unsigned char *md); -#endif -/** - * lws_b64_encode_string(): encode a string into base 64 - * - * \param in: incoming buffer - * \param in_len: length of incoming buffer - * \param out: result buffer - * \param out_size: length of result buffer - * - * Encodes a string using b64 - */ -LWS_VISIBLE LWS_EXTERN int -lws_b64_encode_string(const char *in, int in_len, char *out, int out_size); -/** - * lws_b64_encode_string_url(): encode a string into base 64 - * - * \param in: incoming buffer - * \param in_len: length of incoming buffer - * \param out: result buffer - * \param out_size: length of result buffer - * - * Encodes a string using b64 with the "URL" variant (+ -> -, and / -> _) - */ -LWS_VISIBLE LWS_EXTERN int -lws_b64_encode_string_url(const char *in, int in_len, char *out, int out_size); -/** - * lws_b64_decode_string(): decode a string from base 64 - * - * \param in: incoming buffer - * \param out: result buffer - * \param out_size: length of result buffer - * - * Decodes a NUL-terminated string using b64 - */ -LWS_VISIBLE LWS_EXTERN int -lws_b64_decode_string(const char *in, char *out, int out_size); -/** - * lws_b64_decode_string_len(): decode a string from base 64 - * - * \param in: incoming buffer - * \param in_len: length of incoming buffer - * \param out: result buffer - * \param out_size: length of result buffer - * - * Decodes a range of chars using b64 - */ -LWS_VISIBLE LWS_EXTERN int -lws_b64_decode_string_len(const char *in, int in_len, char *out, int out_size); -///@} - - -/*! \defgroup cgi cgi handling - * - * ##CGI handling - * - * These functions allow low-level control over stdin/out/err of the cgi. - * - * However for most cases, binding the cgi to http in and out, the default - * lws implementation already does the right thing. - */ - -enum lws_enum_stdinouterr { - LWS_STDIN = 0, - LWS_STDOUT = 1, - LWS_STDERR = 2, -}; - -enum lws_cgi_hdr_state { - LCHS_HEADER, - LCHS_CR1, - LCHS_LF1, - LCHS_CR2, - LCHS_LF2, - LHCS_RESPONSE, - LHCS_DUMP_HEADERS, - LHCS_PAYLOAD, - LCHS_SINGLE_0A, -}; - -struct lws_cgi_args { - struct lws **stdwsi; /**< get fd with lws_get_socket_fd() */ - enum lws_enum_stdinouterr ch; /**< channel index */ - unsigned char *data; /**< for messages with payload */ - enum lws_cgi_hdr_state hdr_state; /**< track where we are in cgi headers */ - int len; /**< length */ -}; - -#ifdef LWS_WITH_CGI -/** - * lws_cgi: spawn network-connected cgi process - * - * \param wsi: connection to own the process - * \param exec_array: array of "exec-name" "arg1" ... "argn" NULL - * \param script_uri_path_len: how many chars on the left of the uri are the - * path to the cgi, or -1 to spawn without URL-related env vars - * \param timeout_secs: seconds script should be allowed to run - * \param mp_cgienv: pvo list with per-vhost cgi options to put in env - */ -LWS_VISIBLE LWS_EXTERN int -lws_cgi(struct lws *wsi, const char * const *exec_array, - int script_uri_path_len, int timeout_secs, - const struct lws_protocol_vhost_options *mp_cgienv); - -/** - * lws_cgi_write_split_stdout_headers: write cgi output accounting for header part - * - * \param wsi: connection to own the process - */ -LWS_VISIBLE LWS_EXTERN int -lws_cgi_write_split_stdout_headers(struct lws *wsi); - -/** - * lws_cgi_kill: terminate cgi process associated with wsi - * - * \param wsi: connection to own the process - */ -LWS_VISIBLE LWS_EXTERN int -lws_cgi_kill(struct lws *wsi); - -/** - * lws_cgi_get_stdwsi: get wsi for stdin, stdout, or stderr - * - * \param wsi: parent wsi that has cgi - * \param ch: which of LWS_STDIN, LWS_STDOUT or LWS_STDERR - */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_cgi_get_stdwsi(struct lws *wsi, enum lws_enum_stdinouterr ch); - -#endif -///@} - - -/*! \defgroup fops file operation wrapping - * - * ##File operation wrapping - * - * Use these helper functions if you want to access a file from the perspective - * of a specific wsi, which is usually the case. If you just want contextless - * file access, use the fops callbacks directly with NULL wsi instead of these - * helpers. - * - * If so, then it calls the platform handler or user overrides where present - * (as defined in info->fops) - * - * The advantage from all this is user code can be portable for file operations - * without having to deal with differences between platforms. - */ -//@{ - -/** struct lws_plat_file_ops - Platform-specific file operations - * - * These provide platform-agnostic ways to deal with filesystem access in the - * library and in the user code. - */ - -#if defined(LWS_WITH_ESP32) -/* sdk preprocessor defs? compiler issue? gets confused with member names */ -#define LWS_FOP_OPEN _open -#define LWS_FOP_CLOSE _close -#define LWS_FOP_SEEK_CUR _seek_cur -#define LWS_FOP_READ _read -#define LWS_FOP_WRITE _write -#else -#define LWS_FOP_OPEN open -#define LWS_FOP_CLOSE close -#define LWS_FOP_SEEK_CUR seek_cur -#define LWS_FOP_READ read -#define LWS_FOP_WRITE write -#endif - -#define LWS_FOP_FLAGS_MASK ((1 << 23) - 1) -#define LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP (1 << 24) -#define LWS_FOP_FLAG_COMPR_IS_GZIP (1 << 25) -#define LWS_FOP_FLAG_MOD_TIME_VALID (1 << 26) -#define LWS_FOP_FLAG_VIRTUAL (1 << 27) - -struct lws_plat_file_ops; - -struct lws_fop_fd { - lws_filefd_type fd; - /**< real file descriptor related to the file... */ - const struct lws_plat_file_ops *fops; - /**< fops that apply to this fop_fd */ - void *filesystem_priv; - /**< ignored by lws; owned by the fops handlers */ - lws_filepos_t pos; - /**< generic "position in file" */ - lws_filepos_t len; - /**< generic "length of file" */ - lws_fop_flags_t flags; - /**< copy of the returned flags */ - uint32_t mod_time; - /**< optional "modification time of file", only valid if .open() - * set the LWS_FOP_FLAG_MOD_TIME_VALID flag */ -}; -typedef struct lws_fop_fd *lws_fop_fd_t; - -struct lws_fops_index { - const char *sig; /* NULL or vfs signature, eg, ".zip/" */ - uint8_t len; /* length of above string */ -}; - -struct lws_plat_file_ops { - lws_fop_fd_t (*LWS_FOP_OPEN)(const struct lws_plat_file_ops *fops, - const char *filename, const char *vpath, - lws_fop_flags_t *flags); - /**< Open file (always binary access if plat supports it) - * vpath may be NULL, or if the fops understands it, the point at which - * the filename's virtual part starts. - * *flags & LWS_FOP_FLAGS_MASK should be set to O_RDONLY or O_RDWR. - * If the file may be gzip-compressed, - * LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP is set. If it actually is - * gzip-compressed, then the open handler should OR - * LWS_FOP_FLAG_COMPR_IS_GZIP on to *flags before returning. - */ - int (*LWS_FOP_CLOSE)(lws_fop_fd_t *fop_fd); - /**< close file AND set the pointer to NULL */ - lws_fileofs_t (*LWS_FOP_SEEK_CUR)(lws_fop_fd_t fop_fd, - lws_fileofs_t offset_from_cur_pos); - /**< seek from current position */ - int (*LWS_FOP_READ)(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len); - /**< Read from file, on exit *amount is set to amount actually read */ - int (*LWS_FOP_WRITE)(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len); - /**< Write to file, on exit *amount is set to amount actually written */ - - struct lws_fops_index fi[3]; - /**< vfs path signatures implying use of this fops */ - - const struct lws_plat_file_ops *next; - /**< NULL or next fops in list */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility */ -}; - -/** - * lws_get_fops() - get current file ops - * - * \param context: context - */ -LWS_VISIBLE LWS_EXTERN struct lws_plat_file_ops * LWS_WARN_UNUSED_RESULT -lws_get_fops(struct lws_context *context); -LWS_VISIBLE LWS_EXTERN void -lws_set_fops(struct lws_context *context, const struct lws_plat_file_ops *fops); -/** - * lws_vfs_tell() - get current file position - * - * \param fop_fd: fop_fd we are asking about - */ -LWS_VISIBLE LWS_EXTERN lws_filepos_t LWS_WARN_UNUSED_RESULT -lws_vfs_tell(lws_fop_fd_t fop_fd); -/** - * lws_vfs_get_length() - get current file total length in bytes - * - * \param fop_fd: fop_fd we are asking about - */ -LWS_VISIBLE LWS_EXTERN lws_filepos_t LWS_WARN_UNUSED_RESULT -lws_vfs_get_length(lws_fop_fd_t fop_fd); -/** - * lws_vfs_get_mod_time() - get time file last modified - * - * \param fop_fd: fop_fd we are asking about - */ -LWS_VISIBLE LWS_EXTERN uint32_t LWS_WARN_UNUSED_RESULT -lws_vfs_get_mod_time(lws_fop_fd_t fop_fd); -/** - * lws_vfs_file_seek_set() - seek relative to start of file - * - * \param fop_fd: fop_fd we are seeking in - * \param offset: offset from start of file - */ -LWS_VISIBLE LWS_EXTERN lws_fileofs_t -lws_vfs_file_seek_set(lws_fop_fd_t fop_fd, lws_fileofs_t offset); -/** - * lws_vfs_file_seek_end() - seek relative to end of file - * - * \param fop_fd: fop_fd we are seeking in - * \param offset: offset from start of file - */ -LWS_VISIBLE LWS_EXTERN lws_fileofs_t -lws_vfs_file_seek_end(lws_fop_fd_t fop_fd, lws_fileofs_t offset); - -extern struct lws_plat_file_ops fops_zip; - -/** - * lws_plat_file_open() - open vfs filepath - * - * \param fops: file ops struct that applies to this descriptor - * \param vfs_path: filename to open - * \param flags: pointer to open flags - * - * The vfs_path is scanned for known fops signatures, and the open directed - * to any matching fops open. - * - * User code should use this api to perform vfs opens. - * - * returns semi-opaque handle - */ -LWS_VISIBLE LWS_EXTERN lws_fop_fd_t LWS_WARN_UNUSED_RESULT -lws_vfs_file_open(const struct lws_plat_file_ops *fops, const char *vfs_path, - lws_fop_flags_t *flags); - -/** - * lws_plat_file_close() - close file - * - * \param fop_fd: file handle to close - */ -static LWS_INLINE int -lws_vfs_file_close(lws_fop_fd_t *fop_fd) -{ - return (*fop_fd)->fops->LWS_FOP_CLOSE(fop_fd); -} - -/** - * lws_plat_file_seek_cur() - close file - * - * - * \param fop_fd: file handle - * \param offset: position to seek to - */ -static LWS_INLINE lws_fileofs_t -lws_vfs_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset) -{ - return fop_fd->fops->LWS_FOP_SEEK_CUR(fop_fd, offset); -} -/** - * lws_plat_file_read() - read from file - * - * \param fop_fd: file handle - * \param amount: how much to read (rewritten by call) - * \param buf: buffer to write to - * \param len: max length - */ -static LWS_INLINE int LWS_WARN_UNUSED_RESULT -lws_vfs_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len) -{ - return fop_fd->fops->LWS_FOP_READ(fop_fd, amount, buf, len); -} -/** - * lws_plat_file_write() - write from file - * - * \param fop_fd: file handle - * \param amount: how much to write (rewritten by call) - * \param buf: buffer to read from - * \param len: max length - */ -static LWS_INLINE int LWS_WARN_UNUSED_RESULT -lws_vfs_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len) -{ - return fop_fd->fops->LWS_FOP_WRITE(fop_fd, amount, buf, len); -} - -/* these are the platform file operations implementations... they can - * be called directly and used in fops arrays - */ - -LWS_VISIBLE LWS_EXTERN lws_fop_fd_t -_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, - const char *vpath, lws_fop_flags_t *flags); -LWS_VISIBLE LWS_EXTERN int -_lws_plat_file_close(lws_fop_fd_t *fop_fd); -LWS_VISIBLE LWS_EXTERN lws_fileofs_t -_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset); -LWS_VISIBLE LWS_EXTERN int -_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len); -LWS_VISIBLE LWS_EXTERN int -_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len); - -LWS_VISIBLE LWS_EXTERN int -lws_alloc_vfs_file(struct lws_context *context, const char *filename, - uint8_t **buf, lws_filepos_t *amount); -//@} - -/** \defgroup smtp SMTP related functions - * ##SMTP related functions - * \ingroup lwsapi - * - * These apis let you communicate with a local SMTP server to send email from - * lws. It handles all the SMTP sequencing and protocol actions. - * - * Your system should have postfix, sendmail or another MTA listening on port - * 25 and able to send email using the "mail" commandline app. Usually distro - * MTAs are configured for this by default. - * - * It runs via its own libuv events if initialized (which requires giving it - * a libuv loop to attach to). - * - * It operates using three callbacks, on_next() queries if there is a new email - * to send, on_get_body() asks for the body of the email, and on_sent() is - * called after the email is successfully sent. - * - * To use it - * - * - create an lws_email struct - * - * - initialize data, loop, the email_* strings, max_content_size and - * the callbacks - * - * - call lws_email_init() - * - * When you have at least one email to send, call lws_email_check() to - * schedule starting to send it. - */ -//@{ -#ifdef LWS_WITH_SMTP - -/** enum lwsgs_smtp_states - where we are in SMTP protocol sequence */ -enum lwsgs_smtp_states { - LGSSMTP_IDLE, /**< awaiting new email */ - LGSSMTP_CONNECTING, /**< opening tcp connection to MTA */ - LGSSMTP_CONNECTED, /**< tcp connection to MTA is connected */ - LGSSMTP_SENT_HELO, /**< sent the HELO */ - LGSSMTP_SENT_FROM, /**< sent FROM */ - LGSSMTP_SENT_TO, /**< sent TO */ - LGSSMTP_SENT_DATA, /**< sent DATA request */ - LGSSMTP_SENT_BODY, /**< sent the email body */ - LGSSMTP_SENT_QUIT, /**< sent the session quit */ -}; - -/** struct lws_email - abstract context for performing SMTP operations */ -struct lws_email { - void *data; - /**< opaque pointer set by user code and available to the callbacks */ - uv_loop_t *loop; - /**< the libuv loop we will work on */ - - char email_smtp_ip[32]; /**< Fill before init, eg, "127.0.0.1" */ - char email_helo[32]; /**< Fill before init, eg, "myserver.com" */ - char email_from[100]; /**< Fill before init or on_next */ - char email_to[100]; /**< Fill before init or on_next */ - - unsigned int max_content_size; - /**< largest possible email body size */ - - /* Fill all the callbacks before init */ - - int (*on_next)(struct lws_email *email); - /**< (Fill in before calling lws_email_init) - * called when idle, 0 = another email to send, nonzero is idle. - * If you return 0, all of the email_* char arrays must be set - * to something useful. */ - int (*on_sent)(struct lws_email *email); - /**< (Fill in before calling lws_email_init) - * called when transfer of the email to the SMTP server was - * successful, your callback would remove the current email - * from its queue */ - int (*on_get_body)(struct lws_email *email, char *buf, int len); - /**< (Fill in before calling lws_email_init) - * called when the body part of the queued email is about to be - * sent to the SMTP server. */ - - - /* private things */ - uv_timer_t timeout_email; /**< private */ - enum lwsgs_smtp_states estate; /**< private */ - uv_connect_t email_connect_req; /**< private */ - uv_tcp_t email_client; /**< private */ - time_t email_connect_started; /**< private */ - char email_buf[256]; /**< private */ - char *content; /**< private */ -}; - -/** - * lws_email_init() - Initialize a struct lws_email - * - * \param email: struct lws_email to init - * \param loop: libuv loop to use - * \param max_content: max email content size - * - * Prepares a struct lws_email for use ending SMTP - */ -LWS_VISIBLE LWS_EXTERN int -lws_email_init(struct lws_email *email, uv_loop_t *loop, int max_content); - -/** - * lws_email_check() - Request check for new email - * - * \param email: struct lws_email context to check - * - * Schedules a check for new emails in 1s... call this when you have queued an - * email for send. - */ -LWS_VISIBLE LWS_EXTERN void -lws_email_check(struct lws_email *email); -/** - * lws_email_destroy() - stop using the struct lws_email - * - * \param email: the struct lws_email context - * - * Stop sending email using email and free allocations - */ -LWS_VISIBLE LWS_EXTERN void -lws_email_destroy(struct lws_email *email); - -#endif -//@} - - -/** \defgroup lejp JSON parser - * ##JSON parsing related functions - * \ingroup lwsapi - * - * LEJP is an extremely lightweight JSON stream parser included in lws. - */ -//@{ -struct lejp_ctx; - -#define LWS_ARRAY_SIZE(_x) (sizeof(_x) / sizeof(_x[0])) -#define LEJP_FLAG_WS_KEEP 64 -#define LEJP_FLAG_WS_COMMENTLINE 32 - -enum lejp_states { - LEJP_IDLE = 0, - LEJP_MEMBERS = 1, - LEJP_M_P = 2, - LEJP_MP_STRING = LEJP_FLAG_WS_KEEP | 3, - LEJP_MP_STRING_ESC = LEJP_FLAG_WS_KEEP | 4, - LEJP_MP_STRING_ESC_U1 = LEJP_FLAG_WS_KEEP | 5, - LEJP_MP_STRING_ESC_U2 = LEJP_FLAG_WS_KEEP | 6, - LEJP_MP_STRING_ESC_U3 = LEJP_FLAG_WS_KEEP | 7, - LEJP_MP_STRING_ESC_U4 = LEJP_FLAG_WS_KEEP | 8, - LEJP_MP_DELIM = 9, - LEJP_MP_VALUE = 10, - LEJP_MP_VALUE_NUM_INT = LEJP_FLAG_WS_KEEP | 11, - LEJP_MP_VALUE_NUM_EXP = LEJP_FLAG_WS_KEEP | 12, - LEJP_MP_VALUE_TOK = LEJP_FLAG_WS_KEEP | 13, - LEJP_MP_COMMA_OR_END = 14, - LEJP_MP_ARRAY_END = 15, -}; - -enum lejp_reasons { - LEJP_CONTINUE = -1, - LEJP_REJECT_IDLE_NO_BRACE = -2, - LEJP_REJECT_MEMBERS_NO_CLOSE = -3, - LEJP_REJECT_MP_NO_OPEN_QUOTE = -4, - LEJP_REJECT_MP_STRING_UNDERRUN = -5, - LEJP_REJECT_MP_ILLEGAL_CTRL = -6, - LEJP_REJECT_MP_STRING_ESC_ILLEGAL_ESC = -7, - LEJP_REJECT_ILLEGAL_HEX = -8, - LEJP_REJECT_MP_DELIM_MISSING_COLON = -9, - LEJP_REJECT_MP_DELIM_BAD_VALUE_START = -10, - LEJP_REJECT_MP_VAL_NUM_INT_NO_FRAC = -11, - LEJP_REJECT_MP_VAL_NUM_FORMAT = -12, - LEJP_REJECT_MP_VAL_NUM_EXP_BAD_EXP = -13, - LEJP_REJECT_MP_VAL_TOK_UNKNOWN = -14, - LEJP_REJECT_MP_C_OR_E_UNDERF = -15, - LEJP_REJECT_MP_C_OR_E_NOTARRAY = -16, - LEJP_REJECT_MP_ARRAY_END_MISSING = -17, - LEJP_REJECT_STACK_OVERFLOW = -18, - LEJP_REJECT_MP_DELIM_ISTACK = -19, - LEJP_REJECT_NUM_TOO_LONG = -20, - LEJP_REJECT_MP_C_OR_E_NEITHER = -21, - LEJP_REJECT_UNKNOWN = -22, - LEJP_REJECT_CALLBACK = -23 -}; - -#define LEJP_FLAG_CB_IS_VALUE 64 - -enum lejp_callbacks { - LEJPCB_CONSTRUCTED = 0, - LEJPCB_DESTRUCTED = 1, - - LEJPCB_START = 2, - LEJPCB_COMPLETE = 3, - LEJPCB_FAILED = 4, - - LEJPCB_PAIR_NAME = 5, - - LEJPCB_VAL_TRUE = LEJP_FLAG_CB_IS_VALUE | 6, - LEJPCB_VAL_FALSE = LEJP_FLAG_CB_IS_VALUE | 7, - LEJPCB_VAL_NULL = LEJP_FLAG_CB_IS_VALUE | 8, - LEJPCB_VAL_NUM_INT = LEJP_FLAG_CB_IS_VALUE | 9, - LEJPCB_VAL_NUM_FLOAT = LEJP_FLAG_CB_IS_VALUE | 10, - LEJPCB_VAL_STR_START = 11, /* notice handle separately */ - LEJPCB_VAL_STR_CHUNK = LEJP_FLAG_CB_IS_VALUE | 12, - LEJPCB_VAL_STR_END = LEJP_FLAG_CB_IS_VALUE | 13, - - LEJPCB_ARRAY_START = 14, - LEJPCB_ARRAY_END = 15, - - LEJPCB_OBJECT_START = 16, - LEJPCB_OBJECT_END = 17 -}; - -/** - * _lejp_callback() - User parser actions - * \param ctx: LEJP context - * \param reason: Callback reason - * - * Your user callback is associated with the context at construction time, - * and receives calls as the parsing progresses. - * - * All of the callbacks may be ignored and just return 0. - * - * The reasons it might get called, found in @reason, are: - * - * LEJPCB_CONSTRUCTED: The context was just constructed... you might want to - * perform one-time allocation for the life of the context. - * - * LEJPCB_DESTRUCTED: The context is being destructed... if you made any - * allocations at construction-time, you can free them now - * - * LEJPCB_START: Parsing is beginning at the first byte of input - * - * LEJPCB_COMPLETE: Parsing has completed successfully. You'll get a 0 or - * positive return code from lejp_parse indicating the - * amount of unused bytes left in the input buffer - * - * LEJPCB_FAILED: Parsing failed. You'll get a negative error code - * returned from lejp_parse - * - * LEJPCB_PAIR_NAME: When a "name":"value" pair has had the name parsed, - * this callback occurs. You can find the new name at - * the end of ctx->path[] - * - * LEJPCB_VAL_TRUE: The "true" value appeared - * - * LEJPCB_VAL_FALSE: The "false" value appeared - * - * LEJPCB_VAL_NULL: The "null" value appeared - * - * LEJPCB_VAL_NUM_INT: A string representing an integer is in ctx->buf - * - * LEJPCB_VAL_NUM_FLOAT: A string representing a float is in ctx->buf - * - * LEJPCB_VAL_STR_START: We are starting to parse a string, no data yet - * - * LEJPCB_VAL_STR_CHUNK: We parsed LEJP_STRING_CHUNK -1 bytes of string data in - * ctx->buf, which is as much as we can buffer, so we are - * spilling it. If all your strings are less than - * LEJP_STRING_CHUNK - 1 bytes, you will never see this - * callback. - * - * LEJPCB_VAL_STR_END: String parsing has completed, the last chunk of the - * string is in ctx->buf. - * - * LEJPCB_ARRAY_START: An array started - * - * LEJPCB_ARRAY_END: An array ended - * - * LEJPCB_OBJECT_START: An object started - * - * LEJPCB_OBJECT_END: An object ended - */ -LWS_EXTERN signed char _lejp_callback(struct lejp_ctx *ctx, char reason); - -typedef signed char (*lejp_callback)(struct lejp_ctx *ctx, char reason); - -#ifndef LEJP_MAX_DEPTH -#define LEJP_MAX_DEPTH 12 -#endif -#ifndef LEJP_MAX_INDEX_DEPTH -#define LEJP_MAX_INDEX_DEPTH 5 -#endif -#ifndef LEJP_MAX_PATH -#define LEJP_MAX_PATH 128 -#endif -#ifndef LEJP_STRING_CHUNK -/* must be >= 30 to assemble floats */ -#define LEJP_STRING_CHUNK 254 -#endif - -enum num_flags { - LEJP_SEEN_MINUS = (1 << 0), - LEJP_SEEN_POINT = (1 << 1), - LEJP_SEEN_POST_POINT = (1 << 2), - LEJP_SEEN_EXP = (1 << 3) -}; - -struct _lejp_stack { - char s; /* lejp_state stack*/ - char p; /* path length */ - char i; /* index array length */ - char b; /* user bitfield */ -}; - -struct lejp_ctx { - - /* sorted by type for most compact alignment - * - * pointers - */ - - signed char (*callback)(struct lejp_ctx *ctx, char reason); - void *user; - const char * const *paths; - - /* arrays */ - - struct _lejp_stack st[LEJP_MAX_DEPTH]; - uint16_t i[LEJP_MAX_INDEX_DEPTH]; /* index array */ - uint16_t wild[LEJP_MAX_INDEX_DEPTH]; /* index array */ - char path[LEJP_MAX_PATH]; - char buf[LEJP_STRING_CHUNK + 1]; - - /* int */ - - uint32_t line; - - /* short */ - - uint16_t uni; - - /* char */ - - uint8_t npos; - uint8_t dcount; - uint8_t f; - uint8_t sp; /* stack head */ - uint8_t ipos; /* index stack depth */ - uint8_t ppos; - uint8_t count_paths; - uint8_t path_match; - uint8_t path_match_len; - uint8_t wildcount; -}; - -LWS_VISIBLE LWS_EXTERN void -lejp_construct(struct lejp_ctx *ctx, - signed char (*callback)(struct lejp_ctx *ctx, char reason), - void *user, const char * const *paths, unsigned char paths_count); - -LWS_VISIBLE LWS_EXTERN void -lejp_destruct(struct lejp_ctx *ctx); - -LWS_VISIBLE LWS_EXTERN int -lejp_parse(struct lejp_ctx *ctx, const unsigned char *json, int len); - -LWS_VISIBLE LWS_EXTERN void -lejp_change_callback(struct lejp_ctx *ctx, - signed char (*callback)(struct lejp_ctx *ctx, char reason)); - -LWS_VISIBLE LWS_EXTERN int -lejp_get_wildcard(struct lejp_ctx *ctx, int wildcard, char *dest, int len); -//@} - -/* - * Stats are all uint64_t numbers that start at 0. - * Index names here have the convention - * - * _C_ counter - * _B_ byte count - * _MS_ millisecond count - */ - -enum { - LWSSTATS_C_CONNECTIONS, /**< count incoming connections */ - LWSSTATS_C_API_CLOSE, /**< count calls to close api */ - LWSSTATS_C_API_READ, /**< count calls to read from socket api */ - LWSSTATS_C_API_LWS_WRITE, /**< count calls to lws_write API */ - LWSSTATS_C_API_WRITE, /**< count calls to write API */ - LWSSTATS_C_WRITE_PARTIALS, /**< count of partial writes */ - LWSSTATS_C_WRITEABLE_CB_REQ, /**< count of writable callback requests */ - LWSSTATS_C_WRITEABLE_CB_EFF_REQ, /**< count of effective writable callback requests */ - LWSSTATS_C_WRITEABLE_CB, /**< count of writable callbacks */ - LWSSTATS_C_SSL_CONNECTIONS_FAILED, /**< count of failed SSL connections */ - LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED, /**< count of accepted SSL connections */ - LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN, /**< count of SSL_accept() attempts */ - LWSSTATS_C_SSL_CONNS_HAD_RX, /**< count of accepted SSL conns that have had some RX */ - LWSSTATS_C_TIMEOUTS, /**< count of timed-out connections */ - LWSSTATS_C_SERVICE_ENTRY, /**< count of entries to lws service loop */ - LWSSTATS_B_READ, /**< aggregate bytes read */ - LWSSTATS_B_WRITE, /**< aggregate bytes written */ - LWSSTATS_B_PARTIALS_ACCEPTED_PARTS, /**< aggreate of size of accepted write data from new partials */ - LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY, /**< aggregate delay in accepting connection */ - LWSSTATS_MS_WRITABLE_DELAY, /**< aggregate delay between asking for writable and getting cb */ - LWSSTATS_MS_WORST_WRITABLE_DELAY, /**< single worst delay between asking for writable and getting cb */ - LWSSTATS_MS_SSL_RX_DELAY, /**< aggregate delay between ssl accept complete and first RX */ - LWSSTATS_C_PEER_LIMIT_AH_DENIED, /**< number of times we would have given an ah but for the peer limit */ - LWSSTATS_C_PEER_LIMIT_WSI_DENIED, /**< number of times we would have given a wsi but for the peer limit */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility */ - LWSSTATS_SIZE -}; - -#if defined(LWS_WITH_STATS) - -LWS_VISIBLE LWS_EXTERN uint64_t -lws_stats_get(struct lws_context *context, int index); -LWS_VISIBLE LWS_EXTERN void -lws_stats_log_dump(struct lws_context *context); -#else -static LWS_INLINE uint64_t -lws_stats_get(struct lws_context *context, int index) { (void)context; (void)index; return 0; } -static LWS_INLINE void -lws_stats_log_dump(struct lws_context *context) { (void)context; } -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/plat/lws-plat-unix.c b/thirdparty/libwebsockets/plat/lws-plat-unix.c deleted file mode 100644 index 7dba3bd82f..0000000000 --- a/thirdparty/libwebsockets/plat/lws-plat-unix.c +++ /dev/null @@ -1,977 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com> - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#define _GNU_SOURCE -#include "core/private.h" - -#include <pwd.h> -#include <grp.h> - -#ifdef LWS_WITH_PLUGINS -#include <dlfcn.h> -#endif -#include <dirent.h> - -void lws_plat_apply_FD_CLOEXEC(int n) -{ - if (n != -1) - fcntl(n, F_SETFD, FD_CLOEXEC ); -} - -int -lws_plat_socket_offset(void) -{ - return 0; -} - -int -lws_plat_pipe_create(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - -#if defined(LWS_HAVE_PIPE2) - return pipe2(pt->dummy_pipe_fds, O_NONBLOCK); -#else - return pipe(pt->dummy_pipe_fds); -#endif -} - -int -lws_plat_pipe_signal(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - char buf = 0; - int n; - - n = write(pt->dummy_pipe_fds[1], &buf, 1); - - return n != 1; -} - -void -lws_plat_pipe_close(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - - if (pt->dummy_pipe_fds[0] && pt->dummy_pipe_fds[0] != -1) - close(pt->dummy_pipe_fds[0]); - if (pt->dummy_pipe_fds[1] && pt->dummy_pipe_fds[1] != -1) - close(pt->dummy_pipe_fds[1]); - - pt->dummy_pipe_fds[0] = pt->dummy_pipe_fds[1] = -1; -} - -#ifdef __QNX__ -# include "netinet/tcp_var.h" -# define TCP_KEEPINTVL TCPCTL_KEEPINTVL -# define TCP_KEEPIDLE TCPCTL_KEEPIDLE -# define TCP_KEEPCNT TCPCTL_KEEPCNT -#endif - -unsigned long long time_in_microseconds(void) -{ - struct timeval tv; - - gettimeofday(&tv, NULL); - return ((unsigned long long)tv.tv_sec * 1000000LL) + tv.tv_usec; -} - -LWS_VISIBLE int -lws_get_random(struct lws_context *context, void *buf, int len) -{ - return read(context->fd_random, (char *)buf, len); -} - -LWS_VISIBLE int -lws_send_pipe_choked(struct lws *wsi) -{ - struct lws_pollfd fds; - struct lws *wsi_eff = wsi; - -#if defined(LWS_WITH_HTTP2) - wsi_eff = lws_get_network_wsi(wsi); -#endif - - /* the fact we checked implies we avoided back-to-back writes */ - wsi_eff->could_have_pending = 0; - - /* treat the fact we got a truncated send pending as if we're choked */ - if (wsi_eff->trunc_len) - return 1; - - fds.fd = wsi_eff->desc.sockfd; - fds.events = POLLOUT; - fds.revents = 0; - - if (poll(&fds, 1, 0) != 1) - return 1; - - if ((fds.revents & POLLOUT) == 0) - return 1; - - /* okay to send another packet without blocking */ - - return 0; -} - -LWS_VISIBLE int -lws_poll_listen_fd(struct lws_pollfd *fd) -{ - return poll(fd, 1, 0); -} - -LWS_VISIBLE void lwsl_emit_syslog(int level, const char *line) -{ - int syslog_level = LOG_DEBUG; - - switch (level) { - case LLL_ERR: - syslog_level = LOG_ERR; - break; - case LLL_WARN: - syslog_level = LOG_WARNING; - break; - case LLL_NOTICE: - syslog_level = LOG_NOTICE; - break; - case LLL_INFO: - syslog_level = LOG_INFO; - break; - } - syslog(syslog_level, "%s", line); -} - -LWS_VISIBLE LWS_EXTERN int -_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi) -{ - volatile struct lws_foreign_thread_pollfd *ftp, *next; - volatile struct lws_context_per_thread *vpt; - struct lws_context_per_thread *pt; - int n = -1, m, c; - - /* stay dead once we are dead */ - - if (!context || !context->vhost_list) - return 1; - - pt = &context->pt[tsi]; - vpt = (volatile struct lws_context_per_thread *)pt; - - lws_stats_atomic_bump(context, pt, LWSSTATS_C_SERVICE_ENTRY, 1); - - if (timeout_ms < 0) - goto faked_service; - - if (context->event_loop_ops->run_pt) - context->event_loop_ops->run_pt(context, tsi); - - if (!context->service_tid_detected) { - struct lws _lws; - - memset(&_lws, 0, sizeof(_lws)); - _lws.context = context; - - context->service_tid_detected = - context->vhost_list->protocols[0].callback( - &_lws, LWS_CALLBACK_GET_THREAD_ID, NULL, NULL, 0); - context->service_tid = context->service_tid_detected; - context->service_tid_detected = 1; - } - - /* - * is there anybody with pending stuff that needs service forcing? - */ - if (!lws_service_adjust_timeout(context, 1, tsi)) { - /* -1 timeout means just do forced service */ - _lws_plat_service_tsi(context, -1, pt->tid); - /* still somebody left who wants forced service? */ - if (!lws_service_adjust_timeout(context, 1, pt->tid)) - /* yes... come back again quickly */ - timeout_ms = 0; - } - - if (timeout_ms) { - lws_pt_lock(pt, __func__); - /* don't stay in poll wait longer than next hr timeout */ - lws_usec_t t = __lws_hrtimer_service(pt); - if ((lws_usec_t)timeout_ms * 1000 > t) - timeout_ms = t / 1000; - lws_pt_unlock(pt); - } - - vpt->inside_poll = 1; - lws_memory_barrier(); - n = poll(pt->fds, pt->fds_count, timeout_ms); - vpt->inside_poll = 0; - lws_memory_barrier(); - - /* Collision will be rare and brief. Just spin until it completes */ - while (vpt->foreign_spinlock) - ; - - /* - * At this point we are not inside a foreign thread pollfd change, - * and we have marked ourselves as outside the poll() wait. So we - * are the only guys that can modify the lws_foreign_thread_pollfd - * list on the pt. Drain the list and apply the changes to the - * affected pollfds in the correct order. - */ - - lws_pt_lock(pt, __func__); - - ftp = vpt->foreign_pfd_list; - //lwsl_notice("cleared list %p\n", ftp); - while (ftp) { - struct lws *wsi; - struct lws_pollfd *pfd; - - next = ftp->next; - pfd = &vpt->fds[ftp->fd_index]; - if (lws_socket_is_valid(pfd->fd)) { - wsi = wsi_from_fd(context, pfd->fd); - if (wsi) - __lws_change_pollfd(wsi, ftp->_and, ftp->_or); - } - lws_free((void *)ftp); - ftp = next; - } - vpt->foreign_pfd_list = NULL; - lws_memory_barrier(); - - /* we have come out of a poll wait... check the hrtimer list */ - - __lws_hrtimer_service(pt); - - lws_pt_unlock(pt); - - m = 0; -#if defined(LWS_ROLE_WS) && !defined(LWS_WITHOUT_EXTENSIONS) - m |= !!pt->ws.rx_draining_ext_list; -#endif - - if (pt->context->tls_ops && - pt->context->tls_ops->fake_POLLIN_for_buffered) - m |= pt->context->tls_ops->fake_POLLIN_for_buffered(pt); - - if (!m && !n) { /* nothing to do */ - lws_service_fd_tsi(context, NULL, tsi); - lws_service_do_ripe_rxflow(pt); - - return 0; - } - -faked_service: - m = lws_service_flag_pending(context, tsi); - if (m) - c = -1; /* unknown limit */ - else - if (n < 0) { - if (LWS_ERRNO != LWS_EINTR) - return -1; - return 0; - } else - c = n; - - /* any socket with events to service? */ - for (n = 0; n < (int)pt->fds_count && c; n++) { - if (!pt->fds[n].revents) - continue; - - c--; - - m = lws_service_fd_tsi(context, &pt->fds[n], tsi); - if (m < 0) - return -1; - /* if something closed, retry this slot */ - if (m) - n--; - } - - lws_service_do_ripe_rxflow(pt); - - return 0; -} - -LWS_VISIBLE int -lws_plat_check_connection_error(struct lws *wsi) -{ - return 0; -} - -LWS_VISIBLE int -lws_plat_service(struct lws_context *context, int timeout_ms) -{ - return _lws_plat_service_tsi(context, timeout_ms, 0); -} - -LWS_VISIBLE int -lws_plat_set_socket_options(struct lws_vhost *vhost, int fd) -{ - int optval = 1; - socklen_t optlen = sizeof(optval); - -#if defined(__APPLE__) || \ - defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || \ - defined(__NetBSD__) || \ - defined(__OpenBSD__) || \ - defined(__HAIKU__) - struct protoent *tcp_proto; -#endif - - fcntl(fd, F_SETFD, FD_CLOEXEC); - - if (vhost->ka_time) { - /* enable keepalive on this socket */ - optval = 1; - if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, - (const void *)&optval, optlen) < 0) - return 1; - -#if defined(__APPLE__) || \ - defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || \ - defined(__NetBSD__) || \ - defined(__CYGWIN__) || defined(__OpenBSD__) || defined (__sun) || \ - defined(__HAIKU__) - - /* - * didn't find a way to set these per-socket, need to - * tune kernel systemwide values - */ -#else - /* set the keepalive conditions we want on it too */ - -#if defined(LWS_HAVE_TCP_USER_TIMEOUT) - optval = 1000 * (vhost->ka_time + - (vhost->ka_interval * vhost->ka_probes)); - if (setsockopt(fd, IPPROTO_TCP, TCP_USER_TIMEOUT, - (const void *)&optval, optlen) < 0) - return 1; -#endif - optval = vhost->ka_time; - if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPIDLE, - (const void *)&optval, optlen) < 0) - return 1; - - optval = vhost->ka_interval; - if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPINTVL, - (const void *)&optval, optlen) < 0) - return 1; - - optval = vhost->ka_probes; - if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPCNT, - (const void *)&optval, optlen) < 0) - return 1; -#endif - } - -#if defined(SO_BINDTODEVICE) - if (vhost->bind_iface && vhost->iface) { - lwsl_info("binding listen skt to %s using SO_BINDTODEVICE\n", vhost->iface); - if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, vhost->iface, - strlen(vhost->iface)) < 0) { - lwsl_warn("Failed to bind to device %s\n", vhost->iface); - return 1; - } - } -#endif - - /* Disable Nagle */ - optval = 1; -#if defined (__sun) || defined(__QNX__) - if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (const void *)&optval, optlen) < 0) - return 1; -#elif !defined(__APPLE__) && \ - !defined(__FreeBSD__) && !defined(__FreeBSD_kernel__) && \ - !defined(__NetBSD__) && \ - !defined(__OpenBSD__) && \ - !defined(__HAIKU__) - if (setsockopt(fd, SOL_TCP, TCP_NODELAY, (const void *)&optval, optlen) < 0) - return 1; -#else - tcp_proto = getprotobyname("TCP"); - if (setsockopt(fd, tcp_proto->p_proto, TCP_NODELAY, &optval, optlen) < 0) - return 1; -#endif - - /* We are nonblocking... */ - if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) - return 1; - - return 0; -} - -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) -static void -_lws_plat_apply_caps(int mode, const cap_value_t *cv, int count) -{ - cap_t caps; - - if (!count) - return; - - caps = cap_get_proc(); - - cap_set_flag(caps, mode, count, cv, CAP_SET); - cap_set_proc(caps); - prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0); - cap_free(caps); -} -#endif - -LWS_VISIBLE void -lws_plat_drop_app_privileges(const struct lws_context_creation_info *info) -{ -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) - int n; -#endif - - if (info->gid && info->gid != -1) - if (setgid(info->gid)) - lwsl_warn("setgid: %s\n", strerror(LWS_ERRNO)); - - if (info->uid && info->uid != -1) { - struct passwd *p = getpwuid(info->uid); - - if (p) { - -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) - _lws_plat_apply_caps(CAP_PERMITTED, info->caps, info->count_caps); -#endif - - initgroups(p->pw_name, info->gid); - if (setuid(info->uid)) - lwsl_warn("setuid: %s\n", strerror(LWS_ERRNO)); - else - lwsl_notice("Set privs to user '%s'\n", p->pw_name); - -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) - _lws_plat_apply_caps(CAP_EFFECTIVE, info->caps, info->count_caps); - - if (info->count_caps) - for (n = 0; n < info->count_caps; n++) - lwsl_notice(" RETAINING CAPABILITY %d\n", (int)info->caps[n]); -#endif - - } else - lwsl_warn("getpwuid: unable to find uid %d", info->uid); - } -} - -#ifdef LWS_WITH_PLUGINS - -#if defined(LWS_WITH_LIBUV) && UV_VERSION_MAJOR > 0 - -/* libuv.c implements these in a cross-platform way */ - -#else - -static int filter(const struct dirent *ent) -{ - if (!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, "..")) - return 0; - - return 1; -} - -LWS_VISIBLE int -lws_plat_plugins_init(struct lws_context * context, const char * const *d) -{ - struct lws_plugin_capability lcaps; - struct lws_plugin *plugin; - lws_plugin_init_func initfunc; - struct dirent **namelist; - int n, i, m, ret = 0; - char path[256]; - void *l; - - lwsl_notice(" Plugins:\n"); - - while (d && *d) { - n = scandir(*d, &namelist, filter, alphasort); - if (n < 0) { - lwsl_err("Scandir on %s failed\n", *d); - return 1; - } - - for (i = 0; i < n; i++) { - if (strlen(namelist[i]->d_name) < 7) - goto inval; - - lwsl_notice(" %s\n", namelist[i]->d_name); - - lws_snprintf(path, sizeof(path) - 1, "%s/%s", *d, - namelist[i]->d_name); - l = dlopen(path, RTLD_NOW); - if (!l) { - lwsl_err("Error loading DSO: %s\n", dlerror()); - while (i++ < n) - free(namelist[i]); - goto bail; - } - /* we could open it, can we get his init function? */ - m = lws_snprintf(path, sizeof(path) - 1, "init_%s", - namelist[i]->d_name + 3 /* snip lib... */); - path[m - 3] = '\0'; /* snip the .so */ - initfunc = dlsym(l, path); - if (!initfunc) { - lwsl_err("Failed to get init on %s: %s", - namelist[i]->d_name, dlerror()); - dlclose(l); - } - lcaps.api_magic = LWS_PLUGIN_API_MAGIC; - m = initfunc(context, &lcaps); - if (m) { - lwsl_err("Initializing %s failed %d\n", - namelist[i]->d_name, m); - dlclose(l); - goto skip; - } - - plugin = lws_malloc(sizeof(*plugin), "plugin"); - if (!plugin) { - lwsl_err("OOM\n"); - goto bail; - } - plugin->list = context->plugin_list; - context->plugin_list = plugin; - lws_strncpy(plugin->name, namelist[i]->d_name, - sizeof(plugin->name)); - plugin->l = l; - plugin->caps = lcaps; - context->plugin_protocol_count += lcaps.count_protocols; - context->plugin_extension_count += lcaps.count_extensions; - - free(namelist[i]); - continue; - - skip: - dlclose(l); - inval: - free(namelist[i]); - } - free(namelist); - d++; - } - -bail: - free(namelist); - - return ret; -} - -LWS_VISIBLE int -lws_plat_plugins_destroy(struct lws_context * context) -{ - struct lws_plugin *plugin = context->plugin_list, *p; - lws_plugin_destroy_func func; - char path[256]; - int m; - - if (!plugin) - return 0; - - lwsl_notice("%s\n", __func__); - - while (plugin) { - p = plugin; - m = lws_snprintf(path, sizeof(path) - 1, "destroy_%s", plugin->name + 3); - path[m - 3] = '\0'; - func = dlsym(plugin->l, path); - if (!func) { - lwsl_err("Failed to get destroy on %s: %s", - plugin->name, dlerror()); - goto next; - } - m = func(context); - if (m) - lwsl_err("Initializing %s failed %d\n", - plugin->name, m); -next: - dlclose(p->l); - plugin = p->list; - p->list = NULL; - free(p); - } - - context->plugin_list = NULL; - - return 0; -} - -#endif -#endif - - -#if 0 -static void -sigabrt_handler(int x) -{ - printf("%s\n", __func__); -} -#endif - -LWS_VISIBLE int -lws_plat_context_early_init(void) -{ -#if !defined(LWS_AVOID_SIGPIPE_IGN) - signal(SIGPIPE, SIG_IGN); -#endif - - return 0; -} - -LWS_VISIBLE void -lws_plat_context_early_destroy(struct lws_context *context) -{ -} - -LWS_VISIBLE void -lws_plat_context_late_destroy(struct lws_context *context) -{ -#ifdef LWS_WITH_PLUGINS - if (context->plugin_list) - lws_plat_plugins_destroy(context); -#endif - - if (context->lws_lookup) - lws_free(context->lws_lookup); - - if (!context->fd_random) - lwsl_err("ZERO RANDOM FD\n"); - if (context->fd_random != LWS_INVALID_FILE) - close(context->fd_random); -} - -/* cast a struct sockaddr_in6 * into addr for ipv6 */ - -LWS_VISIBLE int -lws_interface_to_sa(int ipv6, const char *ifname, struct sockaddr_in *addr, - size_t addrlen) -{ - int rc = LWS_ITOSA_NOT_EXIST; - - struct ifaddrs *ifr; - struct ifaddrs *ifc; -#ifdef LWS_WITH_IPV6 - struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr; -#endif - - getifaddrs(&ifr); - for (ifc = ifr; ifc != NULL && rc; ifc = ifc->ifa_next) { - if (!ifc->ifa_addr) - continue; - - lwsl_debug(" interface %s vs %s (fam %d) ipv6 %d\n", ifc->ifa_name, ifname, ifc->ifa_addr->sa_family, ipv6); - - if (strcmp(ifc->ifa_name, ifname)) - continue; - - switch (ifc->ifa_addr->sa_family) { -#if defined(AF_PACKET) - case AF_PACKET: - /* interface exists but is not usable */ - rc = LWS_ITOSA_NOT_USABLE; - continue; -#endif - - case AF_INET: -#ifdef LWS_WITH_IPV6 - if (ipv6) { - /* map IPv4 to IPv6 */ - bzero((char *)&addr6->sin6_addr, - sizeof(struct in6_addr)); - addr6->sin6_addr.s6_addr[10] = 0xff; - addr6->sin6_addr.s6_addr[11] = 0xff; - memcpy(&addr6->sin6_addr.s6_addr[12], - &((struct sockaddr_in *)ifc->ifa_addr)->sin_addr, - sizeof(struct in_addr)); - } else -#endif - memcpy(addr, - (struct sockaddr_in *)ifc->ifa_addr, - sizeof(struct sockaddr_in)); - break; -#ifdef LWS_WITH_IPV6 - case AF_INET6: - memcpy(&addr6->sin6_addr, - &((struct sockaddr_in6 *)ifc->ifa_addr)->sin6_addr, - sizeof(struct in6_addr)); - break; -#endif - default: - continue; - } - rc = LWS_ITOSA_USABLE; - } - - freeifaddrs(ifr); - - if (rc) { - /* check if bind to IP address */ -#ifdef LWS_WITH_IPV6 - if (inet_pton(AF_INET6, ifname, &addr6->sin6_addr) == 1) - rc = LWS_ITOSA_USABLE; - else -#endif - if (inet_pton(AF_INET, ifname, &addr->sin_addr) == 1) - rc = LWS_ITOSA_USABLE; - } - - return rc; -} - -LWS_VISIBLE void -lws_plat_insert_socket_into_fds(struct lws_context *context, struct lws *wsi) -{ - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - - if (context->event_loop_ops->io) - context->event_loop_ops->io(wsi, LWS_EV_START | LWS_EV_READ); - - pt->fds[pt->fds_count++].revents = 0; -} - -LWS_VISIBLE void -lws_plat_delete_socket_from_fds(struct lws_context *context, - struct lws *wsi, int m) -{ - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - - if (context->event_loop_ops->io) - context->event_loop_ops->io(wsi, - LWS_EV_STOP | LWS_EV_READ | LWS_EV_WRITE); - - pt->fds_count--; -} - -LWS_VISIBLE void -lws_plat_service_periodic(struct lws_context *context) -{ - /* if our parent went down, don't linger around */ - if (context->started_with_parent && - kill(context->started_with_parent, 0) < 0) - kill(getpid(), SIGTERM); -} - -LWS_VISIBLE int -lws_plat_change_pollfd(struct lws_context *context, - struct lws *wsi, struct lws_pollfd *pfd) -{ - return 0; -} - -LWS_VISIBLE const char * -lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt) -{ - return inet_ntop(af, src, dst, cnt); -} - -LWS_VISIBLE int -lws_plat_inet_pton(int af, const char *src, void *dst) -{ - return inet_pton(af, src, dst); -} - -LWS_VISIBLE lws_fop_fd_t -_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, - const char *vpath, lws_fop_flags_t *flags) -{ - struct stat stat_buf; - int ret = open(filename, (*flags) & LWS_FOP_FLAGS_MASK, 0664); - lws_fop_fd_t fop_fd; - - if (ret < 0) - return NULL; - - if (fstat(ret, &stat_buf) < 0) - goto bail; - - fop_fd = malloc(sizeof(*fop_fd)); - if (!fop_fd) - goto bail; - - fop_fd->fops = fops; - fop_fd->flags = *flags; - fop_fd->fd = ret; - fop_fd->filesystem_priv = NULL; /* we don't use it */ - fop_fd->len = stat_buf.st_size; - fop_fd->pos = 0; - - return fop_fd; - -bail: - close(ret); - return NULL; -} - -LWS_VISIBLE int -_lws_plat_file_close(lws_fop_fd_t *fop_fd) -{ - int fd = (*fop_fd)->fd; - - free(*fop_fd); - *fop_fd = NULL; - - return close(fd); -} - -LWS_VISIBLE lws_fileofs_t -_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset) -{ - lws_fileofs_t r; - - if (offset > 0 && - offset > (lws_fileofs_t)fop_fd->len - (lws_fileofs_t)fop_fd->pos) - offset = fop_fd->len - fop_fd->pos; - - if ((lws_fileofs_t)fop_fd->pos + offset < 0) - offset = -fop_fd->pos; - - r = lseek(fop_fd->fd, offset, SEEK_CUR); - - if (r >= 0) - fop_fd->pos = r; - else - lwsl_err("error seeking from cur %ld, offset %ld\n", - (long)fop_fd->pos, (long)offset); - - return r; -} - -LWS_VISIBLE int -_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len) -{ - long n; - - n = read((int)fop_fd->fd, buf, len); - if (n == -1) { - *amount = 0; - return -1; - } - fop_fd->pos += n; - lwsl_debug("%s: read %ld of req %ld, pos %ld, len %ld\n", __func__, n, - (long)len, (long)fop_fd->pos, (long)fop_fd->len); - *amount = n; - - return 0; -} - -LWS_VISIBLE int -_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len) -{ - long n; - - n = write((int)fop_fd->fd, buf, len); - if (n == -1) { - *amount = 0; - return -1; - } - - fop_fd->pos += n; - *amount = n; - - return 0; -} - -LWS_VISIBLE int -lws_plat_init(struct lws_context *context, - const struct lws_context_creation_info *info) -{ - int fd; - - /* master context has the global fd lookup array */ - context->lws_lookup = lws_zalloc(sizeof(struct lws *) * - context->max_fds, "lws_lookup"); - if (context->lws_lookup == NULL) { - lwsl_err("OOM on lws_lookup array for %d connections\n", - context->max_fds); - return 1; - } - - lwsl_info(" mem: platform fd map: %5lu bytes\n", - (unsigned long)(sizeof(struct lws *) * context->max_fds)); - fd = open(SYSTEM_RANDOM_FILEPATH, O_RDONLY); - - context->fd_random = fd; - if (context->fd_random < 0) { - lwsl_err("Unable to open random device %s %d\n", - SYSTEM_RANDOM_FILEPATH, context->fd_random); - return 1; - } - -#ifdef LWS_WITH_PLUGINS - if (info->plugin_dirs) - lws_plat_plugins_init(context, info->plugin_dirs); -#endif - - return 0; -} - -LWS_VISIBLE int -lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, - int len) -{ - int n; - - n = write(fd, buf, len); - - fsync(fd); - lseek(fd, 0, SEEK_SET); - - return n != len; -} - -LWS_VISIBLE int -lws_plat_write_file(const char *filename, void *buf, int len) -{ - int m, fd; - - fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); - - if (fd == -1) - return 1; - - m = write(fd, buf, len); - close(fd); - - return m != len; -} - -LWS_VISIBLE int -lws_plat_read_file(const char *filename, void *buf, int len) -{ - int n, fd = lws_open(filename, O_RDONLY); - if (fd == -1) - return -1; - - n = read(fd, buf, len); - close(fd); - - return n; -} - -LWS_VISIBLE int -lws_plat_recommended_rsa_bits(void) -{ - return 4096; -} diff --git a/thirdparty/libwebsockets/plat/lws-plat-win.c b/thirdparty/libwebsockets/plat/lws-plat-win.c deleted file mode 100644 index 1850b64250..0000000000 --- a/thirdparty/libwebsockets/plat/lws-plat-win.c +++ /dev/null @@ -1,847 +0,0 @@ -#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS -#define _WINSOCK_DEPRECATED_NO_WARNINGS -#endif -#include "core/private.h" - -void lws_plat_apply_FD_CLOEXEC(int n) -{ -} - -int -lws_plat_socket_offset(void) -{ - return 0; -} - -int -lws_plat_pipe_create(struct lws *wsi) -{ - return 1; -} - -int -lws_plat_pipe_signal(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - - WSASetEvent(pt->events[0]); /* trigger the cancel event */ - - return 0; -} - -void -lws_plat_pipe_close(struct lws *wsi) -{ -} - -unsigned long long -time_in_microseconds() -{ -#ifndef DELTA_EPOCH_IN_MICROSECS -#define DELTA_EPOCH_IN_MICROSECS 11644473600000000ULL -#endif - FILETIME filetime; - ULARGE_INTEGER datetime; - -#ifdef _WIN32_WCE - GetCurrentFT(&filetime); -#else - GetSystemTimeAsFileTime(&filetime); -#endif - - /* - * As per Windows documentation for FILETIME, copy the resulting - * FILETIME structure to a ULARGE_INTEGER structure using memcpy - * (using memcpy instead of direct assignment can prevent alignment - * faults on 64-bit Windows). - */ - memcpy(&datetime, &filetime, sizeof(datetime)); - - /* Windows file times are in 100s of nanoseconds. */ - return (datetime.QuadPart / 10) - DELTA_EPOCH_IN_MICROSECS; -} - -#ifdef _WIN32_WCE -time_t time(time_t *t) -{ - time_t ret = time_in_microseconds() / 1000000; - - if(t != NULL) - *t = ret; - - return ret; -} -#endif - -/* file descriptor hash management */ - -struct lws * -wsi_from_fd(const struct lws_context *context, lws_sockfd_type fd) -{ - int h = LWS_FD_HASH(fd); - int n = 0; - - for (n = 0; n < context->fd_hashtable[h].length; n++) - if (context->fd_hashtable[h].wsi[n]->desc.sockfd == fd) - return context->fd_hashtable[h].wsi[n]; - - return NULL; -} - -int -insert_wsi(struct lws_context *context, struct lws *wsi) -{ - int h = LWS_FD_HASH(wsi->desc.sockfd); - - if (context->fd_hashtable[h].length == (getdtablesize() - 1)) { - lwsl_err("hash table overflow\n"); - return 1; - } - - context->fd_hashtable[h].wsi[context->fd_hashtable[h].length++] = wsi; - - return 0; -} - -int -delete_from_fd(struct lws_context *context, lws_sockfd_type fd) -{ - int h = LWS_FD_HASH(fd); - int n = 0; - - for (n = 0; n < context->fd_hashtable[h].length; n++) - if (context->fd_hashtable[h].wsi[n]->desc.sockfd == fd) { - while (n < context->fd_hashtable[h].length) { - context->fd_hashtable[h].wsi[n] = - context->fd_hashtable[h].wsi[n + 1]; - n++; - } - context->fd_hashtable[h].length--; - - return 0; - } - - lwsl_err("Failed to find fd %d requested for " - "delete in hashtable\n", fd); - return 1; -} - -LWS_VISIBLE int -lws_get_random(struct lws_context *context, void *buf, int len) -{ - int n; - char *p = (char *)buf; - - for (n = 0; n < len; n++) - p[n] = (unsigned char)rand(); - - return n; -} - -LWS_VISIBLE int -lws_send_pipe_choked(struct lws *wsi) -{ struct lws *wsi_eff = wsi; - -#if defined(LWS_WITH_HTTP2) - wsi_eff = lws_get_network_wsi(wsi); -#endif - /* the fact we checked implies we avoided back-to-back writes */ - wsi_eff->could_have_pending = 0; - - /* treat the fact we got a truncated send pending as if we're choked */ - if (wsi_eff->trunc_len) - return 1; - - return (int)wsi_eff->sock_send_blocking; -} - -LWS_VISIBLE int -lws_poll_listen_fd(struct lws_pollfd *fd) -{ - fd_set readfds; - struct timeval tv = { 0, 0 }; - - assert((fd->events & LWS_POLLIN) == LWS_POLLIN); - - FD_ZERO(&readfds); - FD_SET(fd->fd, &readfds); - - return select(((int)fd->fd) + 1, &readfds, NULL, NULL, &tv); -} - -LWS_VISIBLE void -lwsl_emit_syslog(int level, const char *line) -{ - lwsl_emit_stderr(level, line); -} - -LWS_VISIBLE LWS_EXTERN int -_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi) -{ - struct lws_context_per_thread *pt; - WSANETWORKEVENTS networkevents; - struct lws_pollfd *pfd; - struct lws *wsi; - unsigned int i; - DWORD ev; - int n, m; - - /* stay dead once we are dead */ - if (context == NULL || !context->vhost_list) - return 1; - - pt = &context->pt[tsi]; - - if (!context->service_tid_detected) { - struct lws _lws; - - memset(&_lws, 0, sizeof(_lws)); - _lws.context = context; - - context->service_tid_detected = context->vhost_list-> - protocols[0].callback(&_lws, LWS_CALLBACK_GET_THREAD_ID, - NULL, NULL, 0); - context->service_tid = context->service_tid_detected; - context->service_tid_detected = 1; - } - - if (timeout_ms < 0) { - if (lws_service_flag_pending(context, tsi)) { - /* any socket with events to service? */ - for (n = 0; n < (int)pt->fds_count; n++) { - if (!pt->fds[n].revents) - continue; - - m = lws_service_fd_tsi(context, &pt->fds[n], tsi); - if (m < 0) - return -1; - /* if something closed, retry this slot */ - if (m) - n--; - } - } - return 0; - } - - if (context->event_loop_ops->run_pt) - context->event_loop_ops->run_pt(context, tsi); - - for (i = 0; i < pt->fds_count; ++i) { - pfd = &pt->fds[i]; - - if (!(pfd->events & LWS_POLLOUT)) - continue; - - wsi = wsi_from_fd(context, pfd->fd); - if (!wsi || wsi->listener) - continue; - if (wsi->sock_send_blocking) - continue; - pfd->revents = LWS_POLLOUT; - n = lws_service_fd(context, pfd); - if (n < 0) - return -1; - - /* Force WSAWaitForMultipleEvents() to check events and then return immediately. */ - timeout_ms = 0; - - /* if something closed, retry this slot */ - if (n) - i--; - } - - /* - * is there anybody with pending stuff that needs service forcing? - */ - if (!lws_service_adjust_timeout(context, 1, tsi)) { - /* -1 timeout means just do forced service */ - _lws_plat_service_tsi(context, -1, pt->tid); - /* still somebody left who wants forced service? */ - if (!lws_service_adjust_timeout(context, 1, pt->tid)) - /* yes... come back again quickly */ - timeout_ms = 0; - } - - if (timeout_ms) { - lws_usec_t t; - - lws_pt_lock(pt, __func__); - /* don't stay in poll wait longer than next hr timeout */ - t = __lws_hrtimer_service(pt); - - if ((lws_usec_t)timeout_ms * 1000 > t) - timeout_ms = (int)(t / 1000); - lws_pt_unlock(pt); - } - - ev = WSAWaitForMultipleEvents(1, pt->events, FALSE, timeout_ms, FALSE); - if (ev == WSA_WAIT_EVENT_0) { - unsigned int eIdx, err; - - WSAResetEvent(pt->events[0]); - - if (pt->context->tls_ops && - pt->context->tls_ops->fake_POLLIN_for_buffered) - pt->context->tls_ops->fake_POLLIN_for_buffered(pt); - - for (eIdx = 0; eIdx < pt->fds_count; ++eIdx) { - if (WSAEnumNetworkEvents(pt->fds[eIdx].fd, 0, - &networkevents) == SOCKET_ERROR) { - lwsl_err("WSAEnumNetworkEvents() failed " - "with error %d\n", LWS_ERRNO); - return -1; - } - - pfd = &pt->fds[eIdx]; - pfd->revents = (short)networkevents.lNetworkEvents; - - err = networkevents.iErrorCode[FD_CONNECT_BIT]; - - if ((networkevents.lNetworkEvents & FD_CONNECT) && - err && err != LWS_EALREADY && - err != LWS_EINPROGRESS && err != LWS_EWOULDBLOCK && - err != WSAEINVAL) { - lwsl_debug("Unable to connect errno=%d\n", err); - pfd->revents |= LWS_POLLHUP; - } - - if (pfd->revents & LWS_POLLOUT) { - wsi = wsi_from_fd(context, pfd->fd); - if (wsi) - wsi->sock_send_blocking = 0; - } - /* if something closed, retry this slot */ - if (pfd->revents & LWS_POLLHUP) - --eIdx; - - if (pfd->revents) { - recv(pfd->fd, NULL, 0, 0); - lws_service_fd_tsi(context, pfd, tsi); - } - } - } - - context->service_tid = 0; - - if (ev == WSA_WAIT_TIMEOUT) - lws_service_fd(context, NULL); - - return 0; -} - -LWS_VISIBLE int -lws_plat_service(struct lws_context *context, int timeout_ms) -{ - return _lws_plat_service_tsi(context, timeout_ms, 0); -} - -LWS_VISIBLE int -lws_plat_set_socket_options(struct lws_vhost *vhost, lws_sockfd_type fd) -{ - int optval = 1; - int optlen = sizeof(optval); - u_long optl = 1; - DWORD dwBytesRet; - struct tcp_keepalive alive; - int protonbr; -#ifndef _WIN32_WCE - struct protoent *tcp_proto; -#endif - - if (vhost->ka_time) { - /* enable keepalive on this socket */ - optval = 1; - if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, - (const char *)&optval, optlen) < 0) - return 1; - - alive.onoff = TRUE; - alive.keepalivetime = vhost->ka_time; - alive.keepaliveinterval = vhost->ka_interval; - - if (WSAIoctl(fd, SIO_KEEPALIVE_VALS, &alive, sizeof(alive), - NULL, 0, &dwBytesRet, NULL, NULL)) - return 1; - } - - /* Disable Nagle */ - optval = 1; -#ifndef _WIN32_WCE - tcp_proto = getprotobyname("TCP"); - if (!tcp_proto) { - lwsl_err("getprotobyname() failed with error %d\n", LWS_ERRNO); - return 1; - } - protonbr = tcp_proto->p_proto; -#else - protonbr = 6; -#endif - - setsockopt(fd, protonbr, TCP_NODELAY, (const char *)&optval, optlen); - - /* We are nonblocking... */ - ioctlsocket(fd, FIONBIO, &optl); - - return 0; -} - -LWS_VISIBLE void -lws_plat_drop_app_privileges(const struct lws_context_creation_info *info) -{ -} - -LWS_VISIBLE int -lws_plat_context_early_init(void) -{ - WORD wVersionRequested; - WSADATA wsaData; - int err; - - /* Use the MAKEWORD(lowbyte, highbyte) macro from Windef.h */ - wVersionRequested = MAKEWORD(2, 2); - - err = WSAStartup(wVersionRequested, &wsaData); - if (!err) - return 0; - /* - * Tell the user that we could not find a usable - * Winsock DLL - */ - lwsl_err("WSAStartup failed with error: %d\n", err); - - return 1; -} - -LWS_VISIBLE void -lws_plat_context_early_destroy(struct lws_context *context) -{ - struct lws_context_per_thread *pt = &context->pt[0]; - int n = context->count_threads; - - while (n--) { - if (pt->events) { - WSACloseEvent(pt->events[0]); - lws_free(pt->events); - } - pt++; - } -} - -LWS_VISIBLE void -lws_plat_context_late_destroy(struct lws_context *context) -{ - int n; - - for (n = 0; n < FD_HASHTABLE_MODULUS; n++) { - if (context->fd_hashtable[n].wsi) - lws_free(context->fd_hashtable[n].wsi); - } - - WSACleanup(); -} - -LWS_VISIBLE LWS_EXTERN int -lws_interface_to_sa(int ipv6, - const char *ifname, struct sockaddr_in *addr, size_t addrlen) -{ -#ifdef LWS_WITH_IPV6 - struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr; - - if (ipv6) { - if (lws_plat_inet_pton(AF_INET6, ifname, &addr6->sin6_addr) == 1) { - return LWS_ITOSA_USABLE; - } - } -#endif - - long long address = inet_addr(ifname); - - if (address == INADDR_NONE) { - struct hostent *entry = gethostbyname(ifname); - if (entry) - address = ((struct in_addr *)entry->h_addr_list[0])->s_addr; - } - - if (address == INADDR_NONE) - return LWS_ITOSA_NOT_EXIST; - - addr->sin_addr.s_addr = (unsigned long)(lws_intptr_t)address; - - return LWS_ITOSA_USABLE; -} - -LWS_VISIBLE void -lws_plat_insert_socket_into_fds(struct lws_context *context, struct lws *wsi) -{ - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - - pt->fds[pt->fds_count++].revents = 0; - pt->events[pt->fds_count] = pt->events[0]; - WSAEventSelect(wsi->desc.sockfd, pt->events[0], - LWS_POLLIN | LWS_POLLHUP | FD_CONNECT); -} - -LWS_VISIBLE void -lws_plat_delete_socket_from_fds(struct lws_context *context, - struct lws *wsi, int m) -{ - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - - pt->events[m + 1] = pt->events[pt->fds_count--]; -} - -LWS_VISIBLE void -lws_plat_service_periodic(struct lws_context *context) -{ -} - -LWS_VISIBLE int -lws_plat_check_connection_error(struct lws *wsi) -{ - int optVal; - int optLen = sizeof(int); - - if (getsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_ERROR, - (char*)&optVal, &optLen) != SOCKET_ERROR && optVal && - optVal != LWS_EALREADY && optVal != LWS_EINPROGRESS && - optVal != LWS_EWOULDBLOCK && optVal != WSAEINVAL) { - lwsl_debug("Connect failed SO_ERROR=%d\n", optVal); - return 1; - } - - return 0; -} - -LWS_VISIBLE int -lws_plat_change_pollfd(struct lws_context *context, - struct lws *wsi, struct lws_pollfd *pfd) -{ - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - long networkevents = LWS_POLLHUP | FD_CONNECT; - - if ((pfd->events & LWS_POLLIN)) - networkevents |= LWS_POLLIN; - - if ((pfd->events & LWS_POLLOUT)) - networkevents |= LWS_POLLOUT; - - if (WSAEventSelect(wsi->desc.sockfd, - pt->events[0], - networkevents) != SOCKET_ERROR) - return 0; - - lwsl_err("WSAEventSelect() failed with error %d\n", LWS_ERRNO); - - return 1; -} - -LWS_VISIBLE const char * -lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt) -{ - WCHAR *buffer; - DWORD bufferlen = cnt; - BOOL ok = FALSE; - - buffer = lws_malloc(bufferlen * 2, "inet_ntop"); - if (!buffer) { - lwsl_err("Out of memory\n"); - return NULL; - } - - if (af == AF_INET) { - struct sockaddr_in srcaddr; - bzero(&srcaddr, sizeof(srcaddr)); - srcaddr.sin_family = AF_INET; - memcpy(&(srcaddr.sin_addr), src, sizeof(srcaddr.sin_addr)); - - if (!WSAAddressToStringW((struct sockaddr*)&srcaddr, sizeof(srcaddr), 0, buffer, &bufferlen)) - ok = TRUE; -#ifdef LWS_WITH_IPV6 - } else if (af == AF_INET6) { - struct sockaddr_in6 srcaddr; - bzero(&srcaddr, sizeof(srcaddr)); - srcaddr.sin6_family = AF_INET6; - memcpy(&(srcaddr.sin6_addr), src, sizeof(srcaddr.sin6_addr)); - - if (!WSAAddressToStringW((struct sockaddr*)&srcaddr, sizeof(srcaddr), 0, buffer, &bufferlen)) - ok = TRUE; -#endif - } else - lwsl_err("Unsupported type\n"); - - if (!ok) { - int rv = WSAGetLastError(); - lwsl_err("WSAAddressToString() : %d\n", rv); - } else { - if (WideCharToMultiByte(CP_ACP, 0, buffer, bufferlen, dst, cnt, 0, NULL) <= 0) - ok = FALSE; - } - - lws_free(buffer); - return ok ? dst : NULL; -} - -LWS_VISIBLE int -lws_plat_inet_pton(int af, const char *src, void *dst) -{ - WCHAR *buffer; - DWORD bufferlen = (int)strlen(src) + 1; - BOOL ok = FALSE; - - buffer = lws_malloc(bufferlen * 2, "inet_pton"); - if (!buffer) { - lwsl_err("Out of memory\n"); - return -1; - } - - if (MultiByteToWideChar(CP_ACP, 0, src, bufferlen, buffer, bufferlen) <= 0) { - lwsl_err("Failed to convert multi byte to wide char\n"); - lws_free(buffer); - return -1; - } - - if (af == AF_INET) { - struct sockaddr_in dstaddr; - int dstaddrlen = sizeof(dstaddr); - bzero(&dstaddr, sizeof(dstaddr)); - dstaddr.sin_family = AF_INET; - - if (!WSAStringToAddressW(buffer, af, 0, (struct sockaddr *) &dstaddr, &dstaddrlen)) { - ok = TRUE; - memcpy(dst, &dstaddr.sin_addr, sizeof(dstaddr.sin_addr)); - } -#ifdef LWS_WITH_IPV6 - } else if (af == AF_INET6) { - struct sockaddr_in6 dstaddr; - int dstaddrlen = sizeof(dstaddr); - bzero(&dstaddr, sizeof(dstaddr)); - dstaddr.sin6_family = AF_INET6; - - if (!WSAStringToAddressW(buffer, af, 0, (struct sockaddr *) &dstaddr, &dstaddrlen)) { - ok = TRUE; - memcpy(dst, &dstaddr.sin6_addr, sizeof(dstaddr.sin6_addr)); - } -#endif - } else - lwsl_err("Unsupported type\n"); - - if (!ok) { - int rv = WSAGetLastError(); - lwsl_err("WSAAddressToString() : %d\n", rv); - } - - lws_free(buffer); - return ok ? 1 : -1; -} - -LWS_VISIBLE lws_fop_fd_t -_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, - const char *vpath, lws_fop_flags_t *flags) -{ - HANDLE ret; - WCHAR buf[MAX_PATH]; - lws_fop_fd_t fop_fd; - FILE_STANDARD_INFO fInfo = {0}; - - MultiByteToWideChar(CP_UTF8, 0, filename, -1, buf, LWS_ARRAY_SIZE(buf)); - -#if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x0602 // Windows 8 (minimum when UWP_ENABLED, but can be used in Windows builds) - CREATEFILE2_EXTENDED_PARAMETERS extParams = {0}; - extParams.dwFileAttributes = FILE_ATTRIBUTE_NORMAL; - - if (((*flags) & 7) == _O_RDONLY) { - ret = CreateFile2(buf, GENERIC_READ, FILE_SHARE_READ, OPEN_EXISTING, &extParams); - } else { - ret = CreateFile2(buf, GENERIC_WRITE, 0, CREATE_ALWAYS, &extParams); - } -#else - if (((*flags) & 7) == _O_RDONLY) { - ret = CreateFileW(buf, GENERIC_READ, FILE_SHARE_READ, - NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); - } else { - ret = CreateFileW(buf, GENERIC_WRITE, 0, NULL, - CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); - } -#endif - - if (ret == LWS_INVALID_FILE) - goto bail; - - fop_fd = malloc(sizeof(*fop_fd)); - if (!fop_fd) - goto bail; - - fop_fd->fops = fops; - fop_fd->fd = ret; - fop_fd->filesystem_priv = NULL; /* we don't use it */ - fop_fd->flags = *flags; - fop_fd->len = 0; - if(GetFileInformationByHandleEx(ret, FileStandardInfo, &fInfo, sizeof(fInfo))) - fop_fd->len = fInfo.EndOfFile.QuadPart; - - fop_fd->pos = 0; - - return fop_fd; - -bail: - return NULL; -} - -LWS_VISIBLE int -_lws_plat_file_close(lws_fop_fd_t *fop_fd) -{ - HANDLE fd = (*fop_fd)->fd; - - free(*fop_fd); - *fop_fd = NULL; - - CloseHandle((HANDLE)fd); - - return 0; -} - -LWS_VISIBLE lws_fileofs_t -_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset) -{ - LARGE_INTEGER l; - - l.QuadPart = offset; - return SetFilePointerEx((HANDLE)fop_fd->fd, l, NULL, FILE_CURRENT); -} - -LWS_VISIBLE int -_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len) -{ - DWORD _amount; - - if (!ReadFile((HANDLE)fop_fd->fd, buf, (DWORD)len, &_amount, NULL)) { - *amount = 0; - - return 1; - } - - fop_fd->pos += _amount; - *amount = (unsigned long)_amount; - - return 0; -} - -LWS_VISIBLE int -_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t* buf, lws_filepos_t len) -{ - DWORD _amount; - - if (!WriteFile((HANDLE)fop_fd->fd, buf, (DWORD)len, &_amount, NULL)) { - *amount = 0; - - return 1; - } - - fop_fd->pos += _amount; - *amount = (unsigned long)_amount; - - return 0; -} - -LWS_VISIBLE int -lws_plat_init(struct lws_context *context, - const struct lws_context_creation_info *info) -{ - struct lws_context_per_thread *pt = &context->pt[0]; - int i, n = context->count_threads; - - for (i = 0; i < FD_HASHTABLE_MODULUS; i++) { - context->fd_hashtable[i].wsi = - lws_zalloc(sizeof(struct lws*) * context->max_fds, "win hashtable"); - - if (!context->fd_hashtable[i].wsi) - return -1; - } - - while (n--) { - pt->events = lws_malloc(sizeof(WSAEVENT) * - (context->fd_limit_per_thread + 1), "event table"); - if (pt->events == NULL) { - lwsl_err("Unable to allocate events array for %d connections\n", - context->fd_limit_per_thread + 1); - return 1; - } - - pt->fds_count = 0; - pt->events[0] = WSACreateEvent(); /* the cancel event */ - - pt++; - } - - context->fd_random = 0; - -#ifdef LWS_WITH_PLUGINS - if (info->plugin_dirs) - lws_plat_plugins_init(context, info->plugin_dirs); -#endif - - return 0; -} - - -int kill(int pid, int sig) -{ - lwsl_err("Sorry Windows doesn't support kill()."); - exit(0); -} - -int fork(void) -{ - lwsl_err("Sorry Windows doesn't support fork()."); - exit(0); -} - -LWS_VISIBLE int -lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, - int len) -{ - int n; - - n = write(fd, buf, len); - - lseek(fd, 0, SEEK_SET); - - return n != len; -} - -LWS_VISIBLE int -lws_plat_write_file(const char *filename, void *buf, int len) -{ - int m, fd; - - fd = lws_open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); - - if (fd == -1) - return -1; - - m = write(fd, buf, len); - close(fd); - - return m != len; -} - -LWS_VISIBLE int -lws_plat_read_file(const char *filename, void *buf, int len) -{ - int n, fd = lws_open(filename, O_RDONLY); - if (fd == -1) - return -1; - - n = read(fd, buf, len); - close(fd); - - return n; -} - -LWS_VISIBLE int -lws_plat_recommended_rsa_bits(void) -{ - return 4096; -} diff --git a/thirdparty/libwebsockets/roles/http/server/access-log.c b/thirdparty/libwebsockets/roles/http/server/access-log.c deleted file mode 100644 index 0e75309d7a..0000000000 --- a/thirdparty/libwebsockets/roles/http/server/access-log.c +++ /dev/null @@ -1,182 +0,0 @@ -/* - * libwebsockets - server access log handling - * - * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com> - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -/* - * Produce Apache-compatible log string for wsi, like this: - * - * 2.31.234.19 - - [27/Mar/2016:03:22:44 +0800] - * "GET /aep-screen.png HTTP/1.1" - * 200 152987 "https://libwebsockets.org/index.html" - * "Mozilla/5.0 (Macint... Chrome/49.0.2623.87 Safari/537.36" - * - */ - -extern const char * const method_names[]; - -static const char * const hver[] = { - "HTTP/1.0", "HTTP/1.1", "HTTP/2" -}; - -void -lws_prepare_access_log_info(struct lws *wsi, char *uri_ptr, int meth) -{ -#ifdef LWS_WITH_IPV6 - char ads[INET6_ADDRSTRLEN]; -#else - char ads[INET_ADDRSTRLEN]; -#endif - char da[64]; - const char *pa, *me; - struct tm *tmp; - time_t t = time(NULL); - int l = 256, m; - - if (!wsi->vhost) - return; - - /* only worry about preparing it if we store it */ - if (wsi->vhost->log_fd == (int)LWS_INVALID_FILE) - return; - - if (wsi->access_log_pending) - lws_access_log(wsi); - - wsi->http.access_log.header_log = lws_malloc(l, "access log"); - if (wsi->http.access_log.header_log) { - - tmp = localtime(&t); - if (tmp) - strftime(da, sizeof(da), "%d/%b/%Y:%H:%M:%S %z", tmp); - else - strcpy(da, "01/Jan/1970:00:00:00 +0000"); - - pa = lws_get_peer_simple(wsi, ads, sizeof(ads)); - if (!pa) - pa = "(unknown)"; - - if (wsi->http2_substream) - me = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_METHOD); - else - me = method_names[meth]; - if (!me) - me = "(null)"; - - lws_snprintf(wsi->http.access_log.header_log, l, - "%s - - [%s] \"%s %s %s\"", - pa, da, me, uri_ptr, - hver[wsi->http.request_version]); - - l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_USER_AGENT); - if (l) { - wsi->http.access_log.user_agent = lws_malloc(l + 2, "access log"); - if (!wsi->http.access_log.user_agent) { - lwsl_err("OOM getting user agent\n"); - lws_free_set_NULL(wsi->http.access_log.header_log); - return; - } - - lws_hdr_copy(wsi, wsi->http.access_log.user_agent, - l + 1, WSI_TOKEN_HTTP_USER_AGENT); - - for (m = 0; m < l; m++) - if (wsi->http.access_log.user_agent[m] == '\"') - wsi->http.access_log.user_agent[m] = '\''; - } - l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_REFERER); - if (l) { - wsi->http.access_log.referrer = lws_malloc(l + 2, "referrer"); - if (!wsi->http.access_log.referrer) { - lwsl_err("OOM getting user agent\n"); - lws_free_set_NULL(wsi->http.access_log.user_agent); - lws_free_set_NULL(wsi->http.access_log.header_log); - return; - } - lws_hdr_copy(wsi, wsi->http.access_log.referrer, - l + 1, WSI_TOKEN_HTTP_REFERER); - - for (m = 0; m < l; m++) - if (wsi->http.access_log.referrer[m] == '\"') - wsi->http.access_log.referrer[m] = '\''; - } - wsi->access_log_pending = 1; - } -} - - -int -lws_access_log(struct lws *wsi) -{ - char *p = wsi->http.access_log.user_agent, ass[512], - *p1 = wsi->http.access_log.referrer; - int l; - - if (!wsi->vhost) - return 0; - - if (wsi->vhost->log_fd == (int)LWS_INVALID_FILE) - return 0; - - if (!wsi->access_log_pending) - return 0; - - if (!wsi->http.access_log.header_log) - return 0; - - if (!p) - p = ""; - - if (!p1) - p1 = ""; - - /* - * We do this in two parts to restrict an oversize referrer such that - * we will always have space left to append an empty useragent, while - * maintaining the structure of the log text - */ - l = lws_snprintf(ass, sizeof(ass) - 7, "%s %d %lu \"%s", - wsi->http.access_log.header_log, - wsi->http.access_log.response, wsi->http.access_log.sent, p1); - if (strlen(p) > sizeof(ass) - 6 - l) - p[sizeof(ass) - 6 - l] = '\0'; - l += lws_snprintf(ass + l, sizeof(ass) - 1 - l, "\" \"%s\"\n", p); - - if (write(wsi->vhost->log_fd, ass, l) != l) - lwsl_err("Failed to write log\n"); - - if (wsi->http.access_log.header_log) { - lws_free(wsi->http.access_log.header_log); - wsi->http.access_log.header_log = NULL; - } - if (wsi->http.access_log.user_agent) { - lws_free(wsi->http.access_log.user_agent); - wsi->http.access_log.user_agent = NULL; - } - if (wsi->http.access_log.referrer) { - lws_free(wsi->http.access_log.referrer); - wsi->http.access_log.referrer = NULL; - } - wsi->access_log_pending = 0; - - return 0; -} - diff --git a/thirdparty/libwebsockets/uwp_fixes.diff b/thirdparty/libwebsockets/uwp_fixes.diff index 21c3275bba..3350f2a661 100644 --- a/thirdparty/libwebsockets/uwp_fixes.diff +++ b/thirdparty/libwebsockets/uwp_fixes.diff @@ -1,8 +1,8 @@ -diff --git a/thirdparty/libwebsockets/plat/lws-plat-win.c b/thirdparty/libwebsockets/plat/lws-plat-win.c -index bd513b494..1850b6425 100644 ---- a/thirdparty/libwebsockets/plat/lws-plat-win.c -+++ b/thirdparty/libwebsockets/plat/lws-plat-win.c -@@ -641,9 +641,20 @@ _lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, +diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-file.c b/thirdparty/libwebsockets/lib/plat/windows/windows-file.c +index 6516b70b0..eb73aab7f 100644 +--- a/thirdparty/libwebsockets/lib/plat/windows/windows-file.c ++++ b/thirdparty/libwebsockets/lib/plat/windows/windows-file.c +@@ -36,9 +36,20 @@ _lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, HANDLE ret; WCHAR buf[MAX_PATH]; lws_fop_fd_t fop_fd; @@ -24,7 +24,7 @@ index bd513b494..1850b6425 100644 if (((*flags) & 7) == _O_RDONLY) { ret = CreateFileW(buf, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); -@@ -651,6 +662,7 @@ _lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, +@@ -46,6 +57,7 @@ _lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, ret = CreateFileW(buf, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); } @@ -32,7 +32,7 @@ index bd513b494..1850b6425 100644 if (ret == LWS_INVALID_FILE) goto bail; -@@ -663,9 +675,9 @@ _lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, +@@ -58,9 +70,9 @@ _lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, fop_fd->fd = ret; fop_fd->filesystem_priv = NULL; /* we don't use it */ fop_fd->flags = *flags; diff --git a/thirdparty/libwebsockets/win32helpers/getopt.c b/thirdparty/libwebsockets/win32helpers/getopt.c index 3bb21f6f28..2181f1cb12 100644 --- a/thirdparty/libwebsockets/win32helpers/getopt.c +++ b/thirdparty/libwebsockets/win32helpers/getopt.c @@ -1,153 +1,153 @@ -/* $NetBSD: getopt.c,v 1.16 1999/12/02 13:15:56 kleink Exp $ */ - -/* - * Copyright (c) 1987, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if 0 -static char sccsid[] = "@(#)getopt.c 8.3 (Berkeley) 4/27/95"; -#endif - -#include <assert.h> -#include <errno.h> -#include <stdio.h> -#include <string.h> - -#define __P(x) x -#define _DIAGASSERT(x) assert(x) - -#ifdef __weak_alias -__weak_alias(getopt,_getopt); -#endif - - -int opterr = 1, /* if error message should be printed */ - optind = 1, /* index into parent argv vector */ - optopt, /* character checked for validity */ - optreset; /* reset getopt */ -char *optarg; /* argument associated with option */ - -static char * _progname __P((char *)); -int getopt_internal __P((int, char * const *, const char *)); - -static char * -_progname(nargv0) - char * nargv0; -{ - char * tmp; - - _DIAGASSERT(nargv0 != NULL); - - tmp = strrchr(nargv0, '/'); - if (tmp) - tmp++; - else - tmp = nargv0; - return(tmp); -} - -#define BADCH (int)'?' -#define BADARG (int)':' -#define EMSG "" - -/* - * getopt -- - * Parse argc/argv argument vector. - */ -int -getopt(nargc, nargv, ostr) - int nargc; - char * const nargv[]; - const char *ostr; -{ - static char *__progname = 0; - static char *place = EMSG; /* option letter processing */ - char *oli; /* option letter list index */ - __progname = __progname?__progname:_progname(*nargv); - - _DIAGASSERT(nargv != NULL); - _DIAGASSERT(ostr != NULL); - - if (optreset || !*place) { /* update scanning pointer */ - optreset = 0; - if (optind >= nargc || *(place = nargv[optind]) != '-') { - place = EMSG; - return (-1); - } - if (place[1] && *++place == '-' /* found "--" */ - && place[1] == '\0') { - ++optind; - place = EMSG; - return (-1); - } - } /* option letter okay? */ - if ((optopt = (int)*place++) == (int)':' || - !(oli = strchr(ostr, optopt))) { - /* - * if the user didn't specify '-' as an option, - * assume it means -1. - */ - if (optopt == (int)'-') - return (-1); - if (!*place) - ++optind; - if (opterr && *ostr != ':') - (void)fprintf(stderr, - "%s: illegal option -- %c\n", __progname, optopt); - return (BADCH); - } - if (*++oli != ':') { /* don't need argument */ - optarg = NULL; - if (!*place) - ++optind; - } - else { /* need an argument */ - if (*place) /* no white space */ - optarg = place; - else if (nargc <= ++optind) { /* no arg */ - place = EMSG; - if (*ostr == ':') - return (BADARG); - if (opterr) - (void)fprintf(stderr, - "%s: option requires an argument -- %c\n", - __progname, optopt); - return (BADCH); - } - else /* white space */ - optarg = nargv[optind]; - place = EMSG; - ++optind; - } - return (optopt); /* dump back option letter */ -} - +/* $NetBSD: getopt.c,v 1.16 1999/12/02 13:15:56 kleink Exp $ */
+
+/*
+ * Copyright (c) 1987, 1993, 1994
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the University of
+ * California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if 0
+static char sccsid[] = "@(#)getopt.c 8.3 (Berkeley) 4/27/95";
+#endif
+
+#include <assert.h>
+#include <errno.h>
+#include <stdio.h>
+#include <string.h>
+
+#define __P(x) x
+#define _DIAGASSERT(x) assert(x)
+
+#ifdef __weak_alias
+__weak_alias(getopt,_getopt);
+#endif
+
+
+int opterr = 1, /* if error message should be printed */
+ optind = 1, /* index into parent argv vector */
+ optopt, /* character checked for validity */
+ optreset; /* reset getopt */
+char *optarg; /* argument associated with option */
+
+static char * _progname __P((char *));
+int getopt_internal __P((int, char * const *, const char *));
+
+static char *
+_progname(nargv0)
+ char * nargv0;
+{
+ char * tmp;
+
+ _DIAGASSERT(nargv0 != NULL);
+
+ tmp = strrchr(nargv0, '/');
+ if (tmp)
+ tmp++;
+ else
+ tmp = nargv0;
+ return(tmp);
+}
+
+#define BADCH (int)'?'
+#define BADARG (int)':'
+#define EMSG ""
+
+/*
+ * getopt --
+ * Parse argc/argv argument vector.
+ */
+int
+getopt(nargc, nargv, ostr)
+ int nargc;
+ char * const nargv[];
+ const char *ostr;
+{
+ static char *__progname = 0;
+ static char *place = EMSG; /* option letter processing */
+ char *oli; /* option letter list index */
+ __progname = __progname?__progname:_progname(*nargv);
+
+ _DIAGASSERT(nargv != NULL);
+ _DIAGASSERT(ostr != NULL);
+
+ if (optreset || !*place) { /* update scanning pointer */
+ optreset = 0;
+ if (optind >= nargc || *(place = nargv[optind]) != '-') {
+ place = EMSG;
+ return (-1);
+ }
+ if (place[1] && *++place == '-' /* found "--" */
+ && place[1] == '\0') {
+ ++optind;
+ place = EMSG;
+ return (-1);
+ }
+ } /* option letter okay? */
+ if ((optopt = (int)*place++) == (int)':' ||
+ !(oli = strchr(ostr, optopt))) {
+ /*
+ * if the user didn't specify '-' as an option,
+ * assume it means -1.
+ */
+ if (optopt == (int)'-')
+ return (-1);
+ if (!*place)
+ ++optind;
+ if (opterr && *ostr != ':')
+ (void)fprintf(stderr,
+ "%s: illegal option -- %c\n", __progname, optopt);
+ return (BADCH);
+ }
+ if (*++oli != ':') { /* don't need argument */
+ optarg = NULL;
+ if (!*place)
+ ++optind;
+ }
+ else { /* need an argument */
+ if (*place) /* no white space */
+ optarg = place;
+ else if (nargc <= ++optind) { /* no arg */
+ place = EMSG;
+ if (*ostr == ':')
+ return (BADARG);
+ if (opterr)
+ (void)fprintf(stderr,
+ "%s: option requires an argument -- %c\n",
+ __progname, optopt);
+ return (BADCH);
+ }
+ else /* white space */
+ optarg = nargv[optind];
+ place = EMSG;
+ ++optind;
+ }
+ return (optopt); /* dump back option letter */
+}
+
diff --git a/thirdparty/libwebsockets/win32helpers/getopt_long.c b/thirdparty/libwebsockets/win32helpers/getopt_long.c index 6dfccf367d..22e5fa8945 100644 --- a/thirdparty/libwebsockets/win32helpers/getopt_long.c +++ b/thirdparty/libwebsockets/win32helpers/getopt_long.c @@ -1,240 +1,240 @@ - -/* - * Copyright (c) 1987, 1993, 1994, 1996 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -#include <assert.h> -#include <errno.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include "getopt.h" - -#define lws_ptr_diff(head, tail) \ - ((int)((char *)(head) - (char *)(tail))) - -extern int opterr; /* if error message should be printed */ -extern int optind; /* index into parent argv vector */ -extern int optopt; /* character checked for validity */ -extern int optreset; /* reset getopt */ -extern char *optarg; /* argument associated with option */ - -#define __P(x) x -#define _DIAGASSERT(x) assert(x) - -static char * __progname __P((char *)); -int getopt_internal __P((int, char * const *, const char *)); - -static char * -__progname(nargv0) - char * nargv0; -{ - char * tmp; - - _DIAGASSERT(nargv0 != NULL); - - tmp = strrchr(nargv0, '/'); - if (tmp) - tmp++; - else - tmp = nargv0; - return(tmp); -} - -#define BADCH (int)'?' -#define BADARG (int)':' -#define EMSG "" - -/* - * getopt -- - * Parse argc/argv argument vector. - */ -int -getopt_internal(nargc, nargv, ostr) - int nargc; - char * const *nargv; - const char *ostr; -{ - static char *place = EMSG; /* option letter processing */ - char *oli; /* option letter list index */ - - _DIAGASSERT(nargv != NULL); - _DIAGASSERT(ostr != NULL); - - if (optreset || !*place) { /* update scanning pointer */ - optreset = 0; - if (optind >= nargc || *(place = nargv[optind]) != '-') { - place = EMSG; - return (-1); - } - if (place[1] && *++place == '-') { /* found "--" */ - /* ++optind; */ - place = EMSG; - return (-2); - } - } /* option letter okay? */ - if ((optopt = (int)*place++) == (int)':' || - !(oli = strchr(ostr, optopt))) { - /* - * if the user didn't specify '-' as an option, - * assume it means -1. - */ - if (optopt == (int)'-') - return (-1); - if (!*place) - ++optind; - if (opterr && *ostr != ':') - (void)fprintf(stderr, - "%s: illegal option -- %c\n", __progname(nargv[0]), optopt); - return (BADCH); - } - if (*++oli != ':') { /* don't need argument */ - optarg = NULL; - if (!*place) - ++optind; - } else { /* need an argument */ - if (*place) /* no white space */ - optarg = place; - else if (nargc <= ++optind) { /* no arg */ - place = EMSG; - if ((opterr) && (*ostr != ':')) - (void)fprintf(stderr, - "%s: option requires an argument -- %c\n", - __progname(nargv[0]), optopt); - return (BADARG); - } else /* white space */ - optarg = nargv[optind]; - place = EMSG; - ++optind; - } - return (optopt); /* dump back option letter */ -} - -#if 0 -/* - * getopt -- - * Parse argc/argv argument vector. - */ -int -getopt2(nargc, nargv, ostr) - int nargc; - char * const *nargv; - const char *ostr; -{ - int retval; - - if ((retval = getopt_internal(nargc, nargv, ostr)) == -2) { - retval = -1; - ++optind; - } - return(retval); -} -#endif - -/* - * getopt_long -- - * Parse argc/argv argument vector. - */ -int -getopt_long(nargc, nargv, options, long_options, index) - int nargc; - char ** nargv; - char * options; - struct option * long_options; - int * index; -{ - int retval; - - _DIAGASSERT(nargv != NULL); - _DIAGASSERT(options != NULL); - _DIAGASSERT(long_options != NULL); - /* index may be NULL */ - - if ((retval = getopt_internal(nargc, nargv, options)) == -2) { - char *current_argv = nargv[optind++] + 2, *has_equal; - int i, current_argv_len, match = -1; - - if (*current_argv == '\0') { - return(-1); - } - if ((has_equal = strchr(current_argv, '=')) != NULL) { - current_argv_len = lws_ptr_diff(has_equal, current_argv); - has_equal++; - } else - current_argv_len = (int)strlen(current_argv); - - for (i = 0; long_options[i].name; i++) { - if (strncmp(current_argv, long_options[i].name, current_argv_len)) - continue; - - if (strlen(long_options[i].name) == (unsigned)current_argv_len) { - match = i; - break; - } - if (match == -1) - match = i; - } - if (match != -1) { - if (long_options[match].has_arg == required_argument || - long_options[match].has_arg == optional_argument) { - if (has_equal) - optarg = has_equal; - else - optarg = nargv[optind++]; - } - if ((long_options[match].has_arg == required_argument) - && (optarg == NULL)) { - /* - * Missing argument, leading : - * indicates no error should be generated - */ - if ((opterr) && (*options != ':')) - (void)fprintf(stderr, - "%s: option requires an argument -- %s\n", - __progname(nargv[0]), current_argv); - return (BADARG); - } - } else { /* No matching argument */ - if ((opterr) && (*options != ':')) - (void)fprintf(stderr, - "%s: illegal option -- %s\n", __progname(nargv[0]), current_argv); - return (BADCH); - } - if (long_options[match].flag) { - *long_options[match].flag = long_options[match].val; - retval = 0; - } else - retval = long_options[match].val; - if (index) - *index = match; - } - return(retval); -} +
+/*
+ * Copyright (c) 1987, 1993, 1994, 1996
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the University of
+ * California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+#include <assert.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "getopt.h"
+
+#define lws_ptr_diff(head, tail) \
+ ((int)((char *)(head) - (char *)(tail)))
+
+extern int opterr; /* if error message should be printed */
+extern int optind; /* index into parent argv vector */
+extern int optopt; /* character checked for validity */
+extern int optreset; /* reset getopt */
+extern char *optarg; /* argument associated with option */
+
+#define __P(x) x
+#define _DIAGASSERT(x) assert(x)
+
+static char * __progname __P((char *));
+int getopt_internal __P((int, char * const *, const char *));
+
+static char *
+__progname(nargv0)
+ char * nargv0;
+{
+ char * tmp;
+
+ _DIAGASSERT(nargv0 != NULL);
+
+ tmp = strrchr(nargv0, '/');
+ if (tmp)
+ tmp++;
+ else
+ tmp = nargv0;
+ return(tmp);
+}
+
+#define BADCH (int)'?'
+#define BADARG (int)':'
+#define EMSG ""
+
+/*
+ * getopt --
+ * Parse argc/argv argument vector.
+ */
+int
+getopt_internal(nargc, nargv, ostr)
+ int nargc;
+ char * const *nargv;
+ const char *ostr;
+{
+ static char *place = EMSG; /* option letter processing */
+ char *oli; /* option letter list index */
+
+ _DIAGASSERT(nargv != NULL);
+ _DIAGASSERT(ostr != NULL);
+
+ if (optreset || !*place) { /* update scanning pointer */
+ optreset = 0;
+ if (optind >= nargc || *(place = nargv[optind]) != '-') {
+ place = EMSG;
+ return (-1);
+ }
+ if (place[1] && *++place == '-') { /* found "--" */
+ /* ++optind; */
+ place = EMSG;
+ return (-2);
+ }
+ } /* option letter okay? */
+ if ((optopt = (int)*place++) == (int)':' ||
+ !(oli = strchr(ostr, optopt))) {
+ /*
+ * if the user didn't specify '-' as an option,
+ * assume it means -1.
+ */
+ if (optopt == (int)'-')
+ return (-1);
+ if (!*place)
+ ++optind;
+ if (opterr && *ostr != ':')
+ (void)fprintf(stderr,
+ "%s: illegal option -- %c\n", __progname(nargv[0]), optopt);
+ return (BADCH);
+ }
+ if (*++oli != ':') { /* don't need argument */
+ optarg = NULL;
+ if (!*place)
+ ++optind;
+ } else { /* need an argument */
+ if (*place) /* no white space */
+ optarg = place;
+ else if (nargc <= ++optind) { /* no arg */
+ place = EMSG;
+ if ((opterr) && (*ostr != ':'))
+ (void)fprintf(stderr,
+ "%s: option requires an argument -- %c\n",
+ __progname(nargv[0]), optopt);
+ return (BADARG);
+ } else /* white space */
+ optarg = nargv[optind];
+ place = EMSG;
+ ++optind;
+ }
+ return (optopt); /* dump back option letter */
+}
+
+#if 0
+/*
+ * getopt --
+ * Parse argc/argv argument vector.
+ */
+int
+getopt2(nargc, nargv, ostr)
+ int nargc;
+ char * const *nargv;
+ const char *ostr;
+{
+ int retval;
+
+ if ((retval = getopt_internal(nargc, nargv, ostr)) == -2) {
+ retval = -1;
+ ++optind;
+ }
+ return(retval);
+}
+#endif
+
+/*
+ * getopt_long --
+ * Parse argc/argv argument vector.
+ */
+int
+getopt_long(nargc, nargv, options, long_options, index)
+ int nargc;
+ char ** nargv;
+ char * options;
+ struct option * long_options;
+ int * index;
+{
+ int retval;
+
+ _DIAGASSERT(nargv != NULL);
+ _DIAGASSERT(options != NULL);
+ _DIAGASSERT(long_options != NULL);
+ /* index may be NULL */
+
+ if ((retval = getopt_internal(nargc, nargv, options)) == -2) {
+ char *current_argv = nargv[optind++] + 2, *has_equal;
+ int i, current_argv_len, match = -1;
+
+ if (*current_argv == '\0') {
+ return(-1);
+ }
+ if ((has_equal = strchr(current_argv, '=')) != NULL) {
+ current_argv_len = lws_ptr_diff(has_equal, current_argv);
+ has_equal++;
+ } else
+ current_argv_len = (int)strlen(current_argv);
+
+ for (i = 0; long_options[i].name; i++) {
+ if (strncmp(current_argv, long_options[i].name, current_argv_len))
+ continue;
+
+ if (strlen(long_options[i].name) == (unsigned)current_argv_len) {
+ match = i;
+ break;
+ }
+ if (match == -1)
+ match = i;
+ }
+ if (match != -1) {
+ if (long_options[match].has_arg == required_argument ||
+ long_options[match].has_arg == optional_argument) {
+ if (has_equal)
+ optarg = has_equal;
+ else
+ optarg = nargv[optind++];
+ }
+ if ((long_options[match].has_arg == required_argument)
+ && (optarg == NULL)) {
+ /*
+ * Missing argument, leading :
+ * indicates no error should be generated
+ */
+ if ((opterr) && (*options != ':'))
+ (void)fprintf(stderr,
+ "%s: option requires an argument -- %s\n",
+ __progname(nargv[0]), current_argv);
+ return (BADARG);
+ }
+ } else { /* No matching argument */
+ if ((opterr) && (*options != ':'))
+ (void)fprintf(stderr,
+ "%s: illegal option -- %s\n", __progname(nargv[0]), current_argv);
+ return (BADCH);
+ }
+ if (long_options[match].flag) {
+ *long_options[match].flag = long_options[match].val;
+ retval = 0;
+ } else
+ retval = long_options[match].val;
+ if (index)
+ *index = match;
+ }
+ return(retval);
+}
diff --git a/thirdparty/libwebsockets/win32helpers/gettimeofday.c b/thirdparty/libwebsockets/win32helpers/gettimeofday.c index 35dd73531d..08385c2320 100644 --- a/thirdparty/libwebsockets/win32helpers/gettimeofday.c +++ b/thirdparty/libwebsockets/win32helpers/gettimeofday.c @@ -1,36 +1,36 @@ -#include <time.h> -#include <windows.h> //I've omitted context line - -#include "gettimeofday.h" - -int gettimeofday(struct timeval *tv, struct timezone *tz) -{ - FILETIME ft; - unsigned __int64 tmpres = 0; - static int tzflag; - - if (NULL != tv) { - GetSystemTimeAsFileTime(&ft); - - tmpres |= ft.dwHighDateTime; - tmpres <<= 32; - tmpres |= ft.dwLowDateTime; - - /*converting file time to unix epoch*/ - tmpres /= 10; /*convert into microseconds*/ +#include <time.h>
+#include <windows.h> //I've omitted context line
+
+#include "gettimeofday.h"
+
+int gettimeofday(struct timeval *tv, struct timezone *tz)
+{
+ FILETIME ft;
+ unsigned __int64 tmpres = 0;
+ static int tzflag;
+
+ if (NULL != tv) {
+ GetSystemTimeAsFileTime(&ft);
+
+ tmpres |= ft.dwHighDateTime;
+ tmpres <<= 32;
+ tmpres |= ft.dwLowDateTime;
+
+ /*converting file time to unix epoch*/
+ tmpres /= 10; /*convert into microseconds*/
tmpres -= DELTA_EPOCH_IN_MICROSECS; - tv->tv_sec = (long)(tmpres / 1000000UL); - tv->tv_usec = (long)(tmpres % 1000000UL); - } - - if (NULL != tz) { - if (!tzflag) { - _tzset(); - tzflag++; - } - tz->tz_minuteswest = _timezone / 60; - tz->tz_dsttime = _daylight; - } - - return 0; -} + tv->tv_sec = (long)(tmpres / 1000000UL);
+ tv->tv_usec = (long)(tmpres % 1000000UL);
+ }
+
+ if (NULL != tz) {
+ if (!tzflag) {
+ _tzset();
+ tzflag++;
+ }
+ tz->tz_minuteswest = _timezone / 60;
+ tz->tz_dsttime = _daylight;
+ }
+
+ return 0;
+}
diff --git a/thirdparty/mbedtls/1453.diff b/thirdparty/mbedtls/1453.diff index 6630ad861f..b1c9c43ed2 100644 --- a/thirdparty/mbedtls/1453.diff +++ b/thirdparty/mbedtls/1453.diff @@ -1,8 +1,8 @@ diff --git a/library/entropy_poll.c b/library/entropy_poll.c -index 67900c46c8..cefe882d2a 100644 +index 4556f88a5..ba56b70f7 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c -@@ -54,28 +54,43 @@ +@@ -61,28 +61,43 @@ #define _WIN32_WINNT 0x0400 #endif #include <windows.h> @@ -54,7 +54,7 @@ index 67900c46c8..cefe882d2a 100644 return( 0 ); diff --git a/library/x509_crt.c b/library/x509_crt.c -index 290c1eb3d1..3cf1743821 100644 +index 76558342e..35a134950 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -65,6 +65,19 @@ @@ -77,20 +77,20 @@ index 290c1eb3d1..3cf1743821 100644 #else #include <time.h> #endif -@@ -1126,6 +1139,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) +@@ -1278,6 +1291,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) char filename[MAX_PATH]; char *p; size_t len = strlen( path ); -+ int length_as_int = 0; ++ int lengthAsInt = 0; WIN32_FIND_DATAW file_data; HANDLE hFind; -@@ -1140,7 +1154,18 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) +@@ -1292,7 +1306,18 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) p = filename + len; filename[len++] = '*'; - w_ret = MultiByteToWideChar( CP_ACP, 0, filename, (int)len, szDir, -+ if ( FAILED ( SizeTToInt( len, &length_as_int ) ) ) ++ if ( FAILED ( SizeTToInt( len, &lengthAsInt ) ) ) + return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); + + /* @@ -101,20 +101,20 @@ index 290c1eb3d1..3cf1743821 100644 + * incoming string are less than MAX_PATH to avoid a buffer overrun with + * MultiByteToWideChar(). + */ -+ w_ret = MultiByteToWideChar( CP_ACP, 0, filename, length_as_int, szDir, ++ w_ret = MultiByteToWideChar( CP_ACP, 0, filename, lengthAsInt, szDir, MAX_PATH - 3 ); if( w_ret == 0 ) return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); -@@ -1157,8 +1182,11 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) +@@ -1309,8 +1334,11 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY ) continue; -+ if ( FAILED( SizeTToInt( wcslen( file_data.cFileName ), &length_as_int ) ) ) ++ if ( FAILED( SizeTToInt( wcslen( file_data.cFileName ), &lengthAsInt ) ) ) + return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); + w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName, - lstrlenW( file_data.cFileName ), -+ length_as_int, ++ lengthAsInt, p, (int) len - 1, NULL, NULL ); if( w_ret == 0 ) diff --git a/thirdparty/mbedtls/include/mbedtls/aes.h b/thirdparty/mbedtls/include/mbedtls/aes.h index f6603d5962..b42e564efc 100644 --- a/thirdparty/mbedtls/include/mbedtls/aes.h +++ b/thirdparty/mbedtls/include/mbedtls/aes.h @@ -60,7 +60,11 @@ /* Error codes in range 0x0021-0x0025 */ #define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 /**< Invalid input data. */ + +/* MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE is deprecated and should not be used. */ #define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 /**< Feature not available. For example, an unsupported AES key size. */ + +/* MBEDTLS_ERR_AES_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 /**< AES hardware accelerator failed. */ #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ @@ -79,7 +83,7 @@ extern "C" { /** * \brief The AES context-type definition. */ -typedef struct +typedef struct mbedtls_aes_context { int nr; /*!< The number of rounds. */ uint32_t *rk; /*!< AES round keys. */ @@ -98,7 +102,7 @@ mbedtls_aes_context; /** * \brief The AES XTS context-type definition. */ -typedef struct +typedef struct mbedtls_aes_xts_context { mbedtls_aes_context crypt; /*!< The AES context to use for AES block encryption or decryption. */ @@ -117,7 +121,7 @@ typedef struct * It must be the first API called before using * the context. * - * \param ctx The AES context to initialize. + * \param ctx The AES context to initialize. This must not be \c NULL. */ void mbedtls_aes_init( mbedtls_aes_context *ctx ); @@ -125,6 +129,8 @@ void mbedtls_aes_init( mbedtls_aes_context *ctx ); * \brief This function releases and clears the specified AES context. * * \param ctx The AES context to clear. + * If this is \c NULL, this function does nothing. + * Otherwise, the context must have been at least initialized. */ void mbedtls_aes_free( mbedtls_aes_context *ctx ); @@ -135,7 +141,7 @@ void mbedtls_aes_free( mbedtls_aes_context *ctx ); * It must be the first API called before using * the context. * - * \param ctx The AES XTS context to initialize. + * \param ctx The AES XTS context to initialize. This must not be \c NULL. */ void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ); @@ -143,6 +149,8 @@ void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ); * \brief This function releases and clears the specified AES XTS context. * * \param ctx The AES XTS context to clear. + * If this is \c NULL, this function does nothing. + * Otherwise, the context must have been at least initialized. */ void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ); #endif /* MBEDTLS_CIPHER_MODE_XTS */ @@ -151,7 +159,9 @@ void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ); * \brief This function sets the encryption key. * * \param ctx The AES context to which the key should be bound. + * It must be initialized. * \param key The encryption key. + * This must be a readable buffer of size \p keybits bits. * \param keybits The size of data passed in bits. Valid options are: * <ul><li>128 bits</li> * <li>192 bits</li> @@ -167,7 +177,9 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, * \brief This function sets the decryption key. * * \param ctx The AES context to which the key should be bound. + * It must be initialized. * \param key The decryption key. + * This must be a readable buffer of size \p keybits bits. * \param keybits The size of data passed. Valid options are: * <ul><li>128 bits</li> * <li>192 bits</li> @@ -185,8 +197,10 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, * sets the encryption key. * * \param ctx The AES XTS context to which the key should be bound. + * It must be initialized. * \param key The encryption key. This is comprised of the XTS key1 * concatenated with the XTS key2. + * This must be a readable buffer of size \p keybits bits. * \param keybits The size of \p key passed in bits. Valid options are: * <ul><li>256 bits (each of key1 and key2 is a 128-bit key)</li> * <li>512 bits (each of key1 and key2 is a 256-bit key)</li></ul> @@ -203,8 +217,10 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, * sets the decryption key. * * \param ctx The AES XTS context to which the key should be bound. + * It must be initialized. * \param key The decryption key. This is comprised of the XTS key1 * concatenated with the XTS key2. + * This must be a readable buffer of size \p keybits bits. * \param keybits The size of \p key passed in bits. Valid options are: * <ul><li>256 bits (each of key1 and key2 is a 128-bit key)</li> * <li>512 bits (each of key1 and key2 is a 256-bit key)</li></ul> @@ -230,10 +246,13 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, * call to this API with the same context. * * \param ctx The AES context to use for encryption or decryption. + * It must be initialized and bound to a key. * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or * #MBEDTLS_AES_DECRYPT. - * \param input The 16-Byte buffer holding the input data. - * \param output The 16-Byte buffer holding the output data. + * \param input The buffer holding the input data. + * It must be readable and at least \c 16 Bytes long. + * \param output The buffer where the output data will be written. + * It must be writeable and at least \c 16 Bytes long. * \return \c 0 on success. */ @@ -256,8 +275,8 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, * mbedtls_aes_setkey_enc() or mbedtls_aes_setkey_dec() must be called * before the first call to this API with the same context. * - * \note This function operates on aligned blocks, that is, the input size - * must be a multiple of the AES block size of 16 Bytes. + * \note This function operates on full blocks, that is, the input size + * must be a multiple of the AES block size of \c 16 Bytes. * * \note Upon exit, the content of the IV is updated so that you can * call the same function again on the next @@ -268,13 +287,17 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, * * * \param ctx The AES context to use for encryption or decryption. + * It must be initialized and bound to a key. * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or * #MBEDTLS_AES_DECRYPT. * \param length The length of the input data in Bytes. This must be a - * multiple of the block size (16 Bytes). + * multiple of the block size (\c 16 Bytes). * \param iv Initialization vector (updated after use). + * It must be a readable and writeable buffer of \c 16 Bytes. * \param input The buffer holding the input data. + * It must be readable and of size \p length Bytes. * \param output The buffer holding the output data. + * It must be writeable and of size \p length Bytes. * * \return \c 0 on success. * \return #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH @@ -302,9 +325,10 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, * returns #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH. * * \param ctx The AES XTS context to use for AES XTS operations. + * It must be initialized and bound to a key. * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or * #MBEDTLS_AES_DECRYPT. - * \param length The length of a data unit in bytes. This can be any + * \param length The length of a data unit in Bytes. This can be any * length between 16 bytes and 2^24 bytes inclusive * (between 1 and 2^20 block cipher blocks). * \param data_unit The address of the data unit encoded as an array of 16 @@ -312,15 +336,15 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, * is typically the index of the block device sector that * contains the data. * \param input The buffer holding the input data (which is an entire - * data unit). This function reads \p length bytes from \p + * data unit). This function reads \p length Bytes from \p * input. * \param output The buffer holding the output data (which is an entire - * data unit). This function writes \p length bytes to \p + * data unit). This function writes \p length Bytes to \p * output. * * \return \c 0 on success. * \return #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH if \p length is - * smaller than an AES block in size (16 bytes) or if \p + * smaller than an AES block in size (16 Bytes) or if \p * length is larger than 2^20 blocks (16 MiB). */ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, @@ -356,13 +380,18 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, * * * \param ctx The AES context to use for encryption or decryption. + * It must be initialized and bound to a key. * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or * #MBEDTLS_AES_DECRYPT. - * \param length The length of the input data. + * \param length The length of the input data in Bytes. * \param iv_off The offset in IV (updated after use). + * It must point to a valid \c size_t. * \param iv The initialization vector (updated after use). + * It must be a readable and writeable buffer of \c 16 Bytes. * \param input The buffer holding the input data. + * It must be readable and of size \p length Bytes. * \param output The buffer holding the output data. + * It must be writeable and of size \p length Bytes. * * \return \c 0 on success. */ @@ -397,12 +426,16 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, * * * \param ctx The AES context to use for encryption or decryption. + * It must be initialized and bound to a key. * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or * #MBEDTLS_AES_DECRYPT * \param length The length of the input data. * \param iv The initialization vector (updated after use). + * It must be a readable and writeable buffer of \c 16 Bytes. * \param input The buffer holding the input data. + * It must be readable and of size \p length Bytes. * \param output The buffer holding the output data. + * It must be writeable and of size \p length Bytes. * * \return \c 0 on success. */ @@ -447,11 +480,16 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, * will compromise security. * * \param ctx The AES context to use for encryption or decryption. + * It must be initialized and bound to a key. * \param length The length of the input data. * \param iv_off The offset in IV (updated after use). + * It must point to a valid \c size_t. * \param iv The initialization vector (updated after use). + * It must be a readable and writeable buffer of \c 16 Bytes. * \param input The buffer holding the input data. + * It must be readable and of size \p length Bytes. * \param output The buffer holding the output data. + * It must be writeable and of size \p length Bytes. * * \return \c 0 on success. */ @@ -523,15 +561,21 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, * securely discarded as soon as it's no longer needed. * * \param ctx The AES context to use for encryption or decryption. + * It must be initialized and bound to a key. * \param length The length of the input data. * \param nc_off The offset in the current \p stream_block, for * resuming within the current cipher stream. The * offset pointer should be 0 at the start of a stream. + * It must point to a valid \c size_t. * \param nonce_counter The 128-bit nonce and counter. + * It must be a readable-writeable buffer of \c 16 Bytes. * \param stream_block The saved stream block for resuming. This is * overwritten by the function. + * It must be a readable-writeable buffer of \c 16 Bytes. * \param input The buffer holding the input data. + * It must be readable and of size \p length Bytes. * \param output The buffer holding the output data. + * It must be writeable and of size \p length Bytes. * * \return \c 0 on success. */ @@ -584,7 +628,7 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, * \brief Deprecated internal AES block encryption function * without return value. * - * \deprecated Superseded by mbedtls_aes_encrypt_ext() in 2.5.0. + * \deprecated Superseded by mbedtls_internal_aes_encrypt() * * \param ctx The AES context to use for encryption. * \param input Plaintext block. @@ -598,7 +642,7 @@ MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, * \brief Deprecated internal AES block decryption function * without return value. * - * \deprecated Superseded by mbedtls_aes_decrypt_ext() in 2.5.0. + * \deprecated Superseded by mbedtls_internal_aes_decrypt() * * \param ctx The AES context to use for decryption. * \param input Ciphertext block. diff --git a/thirdparty/mbedtls/include/mbedtls/aesni.h b/thirdparty/mbedtls/include/mbedtls/aesni.h index 746baa0e17..0196f49b87 100644 --- a/thirdparty/mbedtls/include/mbedtls/aesni.h +++ b/thirdparty/mbedtls/include/mbedtls/aesni.h @@ -2,6 +2,9 @@ * \file aesni.h * * \brief AES-NI for hardware AES acceleration on some Intel processors + * + * \warning These functions are only for internal use by other library + * functions; you must not call them directly. */ /* * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved @@ -42,7 +45,10 @@ extern "C" { #endif /** - * \brief AES-NI features detection routine + * \brief Internal function to detect the AES-NI feature in CPUs. + * + * \note This function is only for internal use by other library + * functions; you must not call it directly. * * \param what The feature to detect * (MBEDTLS_AESNI_AES or MBEDTLS_AESNI_CLMUL) @@ -52,7 +58,10 @@ extern "C" { int mbedtls_aesni_has_support( unsigned int what ); /** - * \brief AES-NI AES-ECB block en(de)cryption + * \brief Internal AES-NI AES-ECB block encryption and decryption + * + * \note This function is only for internal use by other library + * functions; you must not call it directly. * * \param ctx AES context * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT @@ -62,12 +71,15 @@ int mbedtls_aesni_has_support( unsigned int what ); * \return 0 on success (cannot fail) */ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); + int mode, + const unsigned char input[16], + unsigned char output[16] ); /** - * \brief GCM multiplication: c = a * b in GF(2^128) + * \brief Internal GCM multiplication: c = a * b in GF(2^128) + * + * \note This function is only for internal use by other library + * functions; you must not call it directly. * * \param c Result * \param a First operand @@ -77,21 +89,29 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx, * elements of GF(2^128) as per the GCM spec. */ void mbedtls_aesni_gcm_mult( unsigned char c[16], - const unsigned char a[16], - const unsigned char b[16] ); + const unsigned char a[16], + const unsigned char b[16] ); /** - * \brief Compute decryption round keys from encryption round keys + * \brief Internal round key inversion. This function computes + * decryption round keys from the encryption round keys. + * + * \note This function is only for internal use by other library + * functions; you must not call it directly. * * \param invkey Round keys for the equivalent inverse cipher * \param fwdkey Original round keys (for encryption) * \param nr Number of rounds (that is, number of round keys minus one) */ void mbedtls_aesni_inverse_key( unsigned char *invkey, - const unsigned char *fwdkey, int nr ); + const unsigned char *fwdkey, + int nr ); /** - * \brief Perform key expansion (for encryption) + * \brief Internal key expansion for encryption + * + * \note This function is only for internal use by other library + * functions; you must not call it directly. * * \param rk Destination buffer where the round keys are written * \param key Encryption key @@ -100,8 +120,8 @@ void mbedtls_aesni_inverse_key( unsigned char *invkey, * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH */ int mbedtls_aesni_setkey_enc( unsigned char *rk, - const unsigned char *key, - size_t bits ); + const unsigned char *key, + size_t bits ); #ifdef __cplusplus } diff --git a/thirdparty/mbedtls/include/mbedtls/arc4.h b/thirdparty/mbedtls/include/mbedtls/arc4.h index f11fc5be0a..c43f4065f1 100644 --- a/thirdparty/mbedtls/include/mbedtls/arc4.h +++ b/thirdparty/mbedtls/include/mbedtls/arc4.h @@ -36,6 +36,7 @@ #include <stddef.h> +/* MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED -0x0019 /**< ARC4 hardware accelerator failed. */ #ifdef __cplusplus @@ -53,7 +54,7 @@ extern "C" { * security risk. We recommend considering stronger ciphers instead. * */ -typedef struct +typedef struct mbedtls_arc4_context { int x; /*!< permutation index */ int y; /*!< permutation index */ diff --git a/thirdparty/mbedtls/include/mbedtls/aria.h b/thirdparty/mbedtls/include/mbedtls/aria.h index bae0621b23..1e8956ed13 100644 --- a/thirdparty/mbedtls/include/mbedtls/aria.h +++ b/thirdparty/mbedtls/include/mbedtls/aria.h @@ -39,6 +39,8 @@ #include <stddef.h> #include <stdint.h> +#include "platform_util.h" + #define MBEDTLS_ARIA_ENCRYPT 1 /**< ARIA encryption. */ #define MBEDTLS_ARIA_DECRYPT 0 /**< ARIA decryption. */ @@ -46,9 +48,18 @@ #define MBEDTLS_ARIA_MAX_ROUNDS 16 /**< Maxiumum number of rounds in ARIA. */ #define MBEDTLS_ARIA_MAX_KEYSIZE 32 /**< Maximum size of an ARIA key in bytes. */ -#define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH -0x005C /**< Invalid key length. */ -#define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E /**< Invalid data input length. */ +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x005C ) +#endif /* !MBEDTLS_DEPRECATED_REMOVED */ +#define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C /**< Bad input data. */ + +#define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E /**< Invalid data input length. */ + +/* MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE is deprecated and should not be used. + */ #define MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE -0x005A /**< Feature not available. For example, an unsupported ARIA key size. */ + +/* MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_ARIA_HW_ACCEL_FAILED -0x0058 /**< ARIA hardware accelerator failed. */ #if !defined(MBEDTLS_ARIA_ALT) @@ -62,7 +73,7 @@ extern "C" { /** * \brief The ARIA context-type definition. */ -typedef struct +typedef struct mbedtls_aria_context { unsigned char nr; /*!< The number of rounds (12, 14 or 16) */ /*! The ARIA round keys. */ @@ -80,14 +91,16 @@ mbedtls_aria_context; * It must be the first API called before using * the context. * - * \param ctx The ARIA context to initialize. + * \param ctx The ARIA context to initialize. This must not be \c NULL. */ void mbedtls_aria_init( mbedtls_aria_context *ctx ); /** * \brief This function releases and clears the specified ARIA context. * - * \param ctx The ARIA context to clear. + * \param ctx The ARIA context to clear. This may be \c NULL, in which + * case this function returns immediately. If it is not \c NULL, + * it must point to an initialized ARIA context. */ void mbedtls_aria_free( mbedtls_aria_context *ctx ); @@ -95,14 +108,16 @@ void mbedtls_aria_free( mbedtls_aria_context *ctx ); * \brief This function sets the encryption key. * * \param ctx The ARIA context to which the key should be bound. - * \param key The encryption key. - * \param keybits The size of data passed in bits. Valid options are: + * This must be initialized. + * \param key The encryption key. This must be a readable buffer + * of size \p keybits Bits. + * \param keybits The size of \p key in Bits. Valid options are: * <ul><li>128 bits</li> * <li>192 bits</li> * <li>256 bits</li></ul> * - * \return \c 0 on success or #MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH - * on failure. + * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, const unsigned char *key, @@ -112,13 +127,16 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, * \brief This function sets the decryption key. * * \param ctx The ARIA context to which the key should be bound. - * \param key The decryption key. + * This must be initialized. + * \param key The decryption key. This must be a readable buffer + * of size \p keybits Bits. * \param keybits The size of data passed. Valid options are: * <ul><li>128 bits</li> * <li>192 bits</li> * <li>256 bits</li></ul> * - * \return \c 0 on success, or #MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH on failure. + * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, const unsigned char *key, @@ -137,10 +155,12 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, * call to this API with the same context. * * \param ctx The ARIA context to use for encryption or decryption. + * This must be initialized and bound to a key. * \param input The 16-Byte buffer holding the input data. * \param output The 16-Byte buffer holding the output data. * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE], @@ -172,16 +192,21 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, * * * \param ctx The ARIA context to use for encryption or decryption. - * \param mode The ARIA operation: #MBEDTLS_ARIA_ENCRYPT or - * #MBEDTLS_ARIA_DECRYPT. + * This must be initialized and bound to a key. + * \param mode The mode of operation. This must be either + * #MBEDTLS_ARIA_ENCRYPT for encryption, or + * #MBEDTLS_ARIA_DECRYPT for decryption. * \param length The length of the input data in Bytes. This must be a * multiple of the block size (16 Bytes). * \param iv Initialization vector (updated after use). - * \param input The buffer holding the input data. - * \param output The buffer holding the output data. + * This must be a readable buffer of size 16 Bytes. + * \param input The buffer holding the input data. This must + * be a readable buffer of length \p length Bytes. + * \param output The buffer holding the output data. This must + * be a writable buffer of length \p length Bytes. * - * \return \c 0 on success, or #MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH - * on failure. + * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, int mode, @@ -216,15 +241,22 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, * * * \param ctx The ARIA context to use for encryption or decryption. - * \param mode The ARIA operation: #MBEDTLS_ARIA_ENCRYPT or - * #MBEDTLS_ARIA_DECRYPT. - * \param length The length of the input data. + * This must be initialized and bound to a key. + * \param mode The mode of operation. This must be either + * #MBEDTLS_ARIA_ENCRYPT for encryption, or + * #MBEDTLS_ARIA_DECRYPT for decryption. + * \param length The length of the input data \p input in Bytes. * \param iv_off The offset in IV (updated after use). + * This must not be larger than 15. * \param iv The initialization vector (updated after use). - * \param input The buffer holding the input data. - * \param output The buffer holding the output data. + * This must be a readable buffer of size 16 Bytes. + * \param input The buffer holding the input data. This must + * be a readable buffer of length \p length Bytes. + * \param output The buffer holding the output data. This must + * be a writable buffer of length \p length Bytes. * * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, int mode, @@ -294,17 +326,24 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, * securely discarded as soon as it's no longer needed. * * \param ctx The ARIA context to use for encryption or decryption. - * \param length The length of the input data. - * \param nc_off The offset in the current \p stream_block, for - * resuming within the current cipher stream. The - * offset pointer should be 0 at the start of a stream. - * \param nonce_counter The 128-bit nonce and counter. - * \param stream_block The saved stream block for resuming. This is - * overwritten by the function. - * \param input The buffer holding the input data. - * \param output The buffer holding the output data. - * - * \return \c 0 on success. + * This must be initialized and bound to a key. + * \param length The length of the input data \p input in Bytes. + * \param nc_off The offset in Bytes in the current \p stream_block, + * for resuming within the current cipher stream. The + * offset pointer should be \c 0 at the start of a + * stream. This must not be larger than \c 15 Bytes. + * \param nonce_counter The 128-bit nonce and counter. This must point to + * a read/write buffer of length \c 16 bytes. + * \param stream_block The saved stream block for resuming. This must + * point to a read/write buffer of length \c 16 bytes. + * This is overwritten by the function. + * \param input The buffer holding the input data. This must + * be a readable buffer of length \p length Bytes. + * \param output The buffer holding the output data. This must + * be a writable buffer of length \p length Bytes. + * + * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx, size_t length, diff --git a/thirdparty/mbedtls/include/mbedtls/asn1write.h b/thirdparty/mbedtls/include/mbedtls/asn1write.h index f76fc807d0..76c1780b59 100644 --- a/thirdparty/mbedtls/include/mbedtls/asn1write.h +++ b/thirdparty/mbedtls/include/mbedtls/asn1write.h @@ -26,191 +26,272 @@ #include "asn1.h" -#define MBEDTLS_ASN1_CHK_ADD(g, f) do { if( ( ret = f ) < 0 ) return( ret ); else \ - g += ret; } while( 0 ) +#define MBEDTLS_ASN1_CHK_ADD(g, f) \ + do { \ + if( ( ret = f ) < 0 ) \ + return( ret ); \ + else \ + g += ret; \ + } while( 0 ) #ifdef __cplusplus extern "C" { #endif /** - * \brief Write a length field in ASN.1 format - * Note: function works backwards in data buffer + * \brief Write a length field in ASN.1 format. * - * \param p reference to current position pointer - * \param start start of the buffer (for bounds-checking) - * \param len the length to write + * \note This function works backwards in data buffer. * - * \return the length written or a negative error code + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param len The length value to write. + * + * \return The number of bytes written to \p p on success. + * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len ); - +int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, + size_t len ); /** - * \brief Write a ASN.1 tag in ASN.1 format - * Note: function works backwards in data buffer + * \brief Write an ASN.1 tag in ASN.1 format. + * + * \note This function works backwards in data buffer. * - * \param p reference to current position pointer - * \param start start of the buffer (for bounds-checking) - * \param tag the tag to write + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param tag The tag to write. * - * \return the length written or a negative error code + * \return The number of bytes written to \p p on success. + * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, - unsigned char tag ); + unsigned char tag ); /** - * \brief Write raw buffer data - * Note: function works backwards in data buffer + * \brief Write raw buffer data. * - * \param p reference to current position pointer - * \param start start of the buffer (for bounds-checking) - * \param buf data buffer to write - * \param size length of the data buffer + * \note This function works backwards in data buffer. * - * \return the length written or a negative error code + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param buf The data buffer to write. + * \param size The length of the data buffer. + * + * \return The number of bytes written to \p p on success. + * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t size ); + const unsigned char *buf, size_t size ); #if defined(MBEDTLS_BIGNUM_C) /** - * \brief Write a big number (MBEDTLS_ASN1_INTEGER) in ASN.1 format - * Note: function works backwards in data buffer + * \brief Write a arbitrary-precision number (#MBEDTLS_ASN1_INTEGER) + * in ASN.1 format. + * + * \note This function works backwards in data buffer. * - * \param p reference to current position pointer - * \param start start of the buffer (for bounds-checking) - * \param X the MPI to write + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param X The MPI to write. * - * \return the length written or a negative error code + * \return The number of bytes written to \p p on success. + * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X ); +int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, + const mbedtls_mpi *X ); #endif /* MBEDTLS_BIGNUM_C */ /** - * \brief Write a NULL tag (MBEDTLS_ASN1_NULL) with zero data in ASN.1 format - * Note: function works backwards in data buffer + * \brief Write a NULL tag (#MBEDTLS_ASN1_NULL) with zero data + * in ASN.1 format. + * + * \note This function works backwards in data buffer. * - * \param p reference to current position pointer - * \param start start of the buffer (for bounds-checking) + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. * - * \return the length written or a negative error code + * \return The number of bytes written to \p p on success. + * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start ); /** - * \brief Write an OID tag (MBEDTLS_ASN1_OID) and data in ASN.1 format - * Note: function works backwards in data buffer + * \brief Write an OID tag (#MBEDTLS_ASN1_OID) and data + * in ASN.1 format. * - * \param p reference to current position pointer - * \param start start of the buffer (for bounds-checking) - * \param oid the OID to write - * \param oid_len length of the OID + * \note This function works backwards in data buffer. * - * \return the length written or a negative error code + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param oid The OID to write. + * \param oid_len The length of the OID. + * + * \return The number of bytes written to \p p on success. + * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len ); + const char *oid, size_t oid_len ); /** - * \brief Write an AlgorithmIdentifier sequence in ASN.1 format - * Note: function works backwards in data buffer + * \brief Write an AlgorithmIdentifier sequence in ASN.1 format. + * + * \note This function works backwards in data buffer. * - * \param p reference to current position pointer - * \param start start of the buffer (for bounds-checking) - * \param oid the OID of the algorithm - * \param oid_len length of the OID - * \param par_len length of parameters, which must be already written. + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param oid The OID of the algorithm to write. + * \param oid_len The length of the algorithm's OID. + * \param par_len The length of the parameters, which must be already written. * If 0, NULL parameters are added * - * \return the length written or a negative error code + * \return The number of bytes written to \p p on success. + * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len, - size_t par_len ); +int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, + unsigned char *start, + const char *oid, size_t oid_len, + size_t par_len ); /** - * \brief Write a boolean tag (MBEDTLS_ASN1_BOOLEAN) and value in ASN.1 format - * Note: function works backwards in data buffer + * \brief Write a boolean tag (#MBEDTLS_ASN1_BOOLEAN) and value + * in ASN.1 format. + * + * \note This function works backwards in data buffer. * - * \param p reference to current position pointer - * \param start start of the buffer (for bounds-checking) - * \param boolean 0 or 1 + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param boolean The boolean value to write, either \c 0 or \c 1. * - * \return the length written or a negative error code + * \return The number of bytes written to \p p on success. + * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean ); +int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, + int boolean ); /** - * \brief Write an int tag (MBEDTLS_ASN1_INTEGER) and value in ASN.1 format - * Note: function works backwards in data buffer + * \brief Write an int tag (#MBEDTLS_ASN1_INTEGER) and value + * in ASN.1 format. * - * \param p reference to current position pointer - * \param start start of the buffer (for bounds-checking) - * \param val the integer value + * \note This function works backwards in data buffer. * - * \return the length written or a negative error code + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param val The integer value to write. + * + * \return The number of bytes written to \p p on success. + * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ); /** - * \brief Write a printable string tag (MBEDTLS_ASN1_PRINTABLE_STRING) and - * value in ASN.1 format - * Note: function works backwards in data buffer + * \brief Write a string in ASN.1 format using a specific + * string encoding tag. + + * \note This function works backwards in data buffer. + * + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param tag The string encoding tag to write, e.g. + * #MBEDTLS_ASN1_UTF8_STRING. + * \param text The string to write. + * \param text_len The length of \p text in bytes (which might + * be strictly larger than the number of characters). + * + * \return The number of bytes written to \p p on success. + * \return A negative error code on failure. + */ +int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, + int tag, const char *text, + size_t text_len ); + +/** + * \brief Write a string in ASN.1 format using the PrintableString + * string encoding tag (#MBEDTLS_ASN1_PRINTABLE_STRING). + * + * \note This function works backwards in data buffer. + * + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param text The string to write. + * \param text_len The length of \p text in bytes (which might + * be strictly larger than the number of characters). + * + * \return The number of bytes written to \p p on success. + * \return A negative error code on failure. + */ +int mbedtls_asn1_write_printable_string( unsigned char **p, + unsigned char *start, + const char *text, size_t text_len ); + +/** + * \brief Write a UTF8 string in ASN.1 format using the UTF8String + * string encoding tag (#MBEDTLS_ASN1_PRINTABLE_STRING). + * + * \note This function works backwards in data buffer. * - * \param p reference to current position pointer - * \param start start of the buffer (for bounds-checking) - * \param text the text to write - * \param text_len length of the text + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param text The string to write. + * \param text_len The length of \p text in bytes (which might + * be strictly larger than the number of characters). * - * \return the length written or a negative error code + * \return The number of bytes written to \p p on success. + * \return A negative error code on failure. */ -int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ); +int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start, + const char *text, size_t text_len ); /** - * \brief Write an IA5 string tag (MBEDTLS_ASN1_IA5_STRING) and - * value in ASN.1 format - * Note: function works backwards in data buffer + * \brief Write a string in ASN.1 format using the IA5String + * string encoding tag (#MBEDTLS_ASN1_IA5_STRING). * - * \param p reference to current position pointer - * \param start start of the buffer (for bounds-checking) - * \param text the text to write - * \param text_len length of the text + * \note This function works backwards in data buffer. * - * \return the length written or a negative error code + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param text The string to write. + * \param text_len The length of \p text in bytes (which might + * be strictly larger than the number of characters). + * + * \return The number of bytes written to \p p on success. + * \return A negative error code on failure. */ int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ); + const char *text, size_t text_len ); /** - * \brief Write a bitstring tag (MBEDTLS_ASN1_BIT_STRING) and - * value in ASN.1 format - * Note: function works backwards in data buffer + * \brief Write a bitstring tag (#MBEDTLS_ASN1_BIT_STRING) and + * value in ASN.1 format. + * + * \note This function works backwards in data buffer. * - * \param p reference to current position pointer - * \param start start of the buffer (for bounds-checking) - * \param buf the bitstring - * \param bits the total number of bits in the bitstring + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param buf The bitstring to write. + * \param bits The total number of bits in the bitstring. * - * \return the length written or a negative error code + * \return The number of bytes written to \p p on success. + * \return A negative error code on failure. */ int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t bits ); + const unsigned char *buf, size_t bits ); /** - * \brief Write an octet string tag (MBEDTLS_ASN1_OCTET_STRING) and - * value in ASN.1 format - * Note: function works backwards in data buffer + * \brief Write an octet string tag (#MBEDTLS_ASN1_OCTET_STRING) + * and value in ASN.1 format. + * + * \note This function works backwards in data buffer. * - * \param p reference to current position pointer - * \param start start of the buffer (for bounds-checking) - * \param buf data buffer to write - * \param size length of the data buffer + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param buf The buffer holding the data to write. + * \param size The length of the data buffer \p buf. * - * \return the length written or a negative error code + * \return The number of bytes written to \p p on success. + * \return A negative error code on failure. */ int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, - const unsigned char *buf, size_t size ); + const unsigned char *buf, size_t size ); /** * \brief Create or find a specific named_data entry for writing in a @@ -218,15 +299,16 @@ int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, * a new entry is added to the head of the list. * Warning: Destructive behaviour for the val data! * - * \param list Pointer to the location of the head of the list to seek - * through (will be updated in case of a new entry) - * \param oid The OID to look for - * \param oid_len Size of the OID - * \param val Data to store (can be NULL if you want to fill it by hand) - * \param val_len Minimum length of the data buffer needed + * \param list The pointer to the location of the head of the list to seek + * through (will be updated in case of a new entry). + * \param oid The OID to look for. + * \param oid_len The size of the OID. + * \param val The data to store (can be \c NULL if you want to fill + * it by hand). + * \param val_len The minimum length of the data buffer needed. * - * \return NULL if if there was a memory allocation error, or a pointer - * to the new / existing entry. + * \return A pointer to the new / existing entry on success. + * \return \c NULL if if there was a memory allocation error. */ mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **list, const char *oid, size_t oid_len, diff --git a/thirdparty/mbedtls/include/mbedtls/bignum.h b/thirdparty/mbedtls/include/mbedtls/bignum.h index 31383b1eb5..141a8e9adf 100644 --- a/thirdparty/mbedtls/include/mbedtls/bignum.h +++ b/thirdparty/mbedtls/include/mbedtls/bignum.h @@ -177,7 +177,7 @@ extern "C" { /** * \brief MPI structure */ -typedef struct +typedef struct mbedtls_mpi { int s; /*!< integer sign */ size_t n; /*!< total # of limbs */ @@ -186,96 +186,115 @@ typedef struct mbedtls_mpi; /** - * \brief Initialize one MPI (make internal references valid) - * This just makes it ready to be set or freed, + * \brief Initialize an MPI context. + * + * This makes the MPI ready to be set or freed, * but does not define a value for the MPI. * - * \param X One MPI to initialize. + * \param X The MPI context to initialize. This must not be \c NULL. */ void mbedtls_mpi_init( mbedtls_mpi *X ); /** - * \brief Unallocate one MPI + * \brief This function frees the components of an MPI context. * - * \param X One MPI to unallocate. + * \param X The MPI context to be cleared. This may be \c NULL, + * in which case this function is a no-op. If it is + * not \c NULL, it must point to an initialized MPI. */ void mbedtls_mpi_free( mbedtls_mpi *X ); /** - * \brief Enlarge to the specified number of limbs + * \brief Enlarge an MPI to the specified number of limbs. * - * This function does nothing if the MPI is already large enough. + * \note This function does nothing if the MPI is + * already large enough. * - * \param X MPI to grow - * \param nblimbs The target number of limbs + * \param X The MPI to grow. It must be initialized. + * \param nblimbs The target number of limbs. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. + * \return Another negative error code on other kinds of failure. */ int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ); /** - * \brief Resize down, keeping at least the specified number of limbs + * \brief This function resizes an MPI downwards, keeping at least the + * specified number of limbs. * * If \c X is smaller than \c nblimbs, it is resized up * instead. * - * \param X MPI to shrink - * \param nblimbs The minimum number of limbs to keep + * \param X The MPI to shrink. This must point to an initialized MPI. + * \param nblimbs The minimum number of limbs to keep. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed * (this can only happen when resizing up). + * \return Another negative error code on other kinds of failure. */ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ); /** - * \brief Copy the contents of Y into X + * \brief Make a copy of an MPI. + * + * \param X The destination MPI. This must point to an initialized MPI. + * \param Y The source MPI. This must point to an initialized MPI. * - * \param X Destination MPI. It is enlarged if necessary. - * \param Y Source MPI. + * \note The limb-buffer in the destination MPI is enlarged + * if necessary to hold the value in the source MPI. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. + * \return Another negative error code on other kinds of failure. */ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ); /** - * \brief Swap the contents of X and Y + * \brief Swap the contents of two MPIs. * - * \param X First MPI value - * \param Y Second MPI value + * \param X The first MPI. It must be initialized. + * \param Y The second MPI. It must be initialized. */ void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ); /** - * \brief Safe conditional assignement X = Y if assign is 1 + * \brief Perform a safe conditional copy of MPI which doesn't + * reveal whether the condition was true or not. * - * \param X MPI to conditionally assign to - * \param Y Value to be assigned - * \param assign 1: perform the assignment, 0: keep X's original value - * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * \param X The MPI to conditionally assign to. This must point + * to an initialized MPI. + * \param Y The MPI to be assigned from. This must point to an + * initialized MPI. + * \param assign The condition deciding whether to perform the + * assignment or not. Possible values: + * * \c 1: Perform the assignment `X = Y`. + * * \c 0: Keep the original value of \p X. * * \note This function is equivalent to - * if( assign ) mbedtls_mpi_copy( X, Y ); + * `if( assign ) mbedtls_mpi_copy( X, Y );` * except that it avoids leaking any information about whether * the assignment was done or not (the above code may leak * information through branch prediction and/or memory access * patterns analysis). + * + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. + * \return Another negative error code on other kinds of failure. */ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign ); /** - * \brief Safe conditional swap X <-> Y if swap is 1 + * \brief Perform a safe conditional swap which doesn't + * reveal whether the condition was true or not. * - * \param X First mbedtls_mpi value - * \param Y Second mbedtls_mpi value - * \param assign 1: perform the swap, 0: keep X and Y's original values - * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, + * \param X The first MPI. This must be initialized. + * \param Y The second MPI. This must be initialized. + * \param assign The condition deciding whether to perform + * the swap or not. Possible values: + * * \c 1: Swap the values of \p X and \p Y. + * * \c 0: Keep the original values of \p X and \p Y. * * \note This function is equivalent to * if( assign ) mbedtls_mpi_swap( X, Y ); @@ -283,415 +302,512 @@ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned * the assignment was done or not (the above code may leak * information through branch prediction and/or memory access * patterns analysis). + * + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. + * \return Another negative error code on other kinds of failure. + * */ int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char assign ); /** - * \brief Set value from integer + * \brief Store integer value in MPI. * - * \param X MPI to set - * \param z Value to use + * \param X The MPI to set. This must be initialized. + * \param z The value to use. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. + * \return Another negative error code on other kinds of failure. */ int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ); /** - * \brief Get a specific bit from X + * \brief Get a specific bit from an MPI. * - * \param X MPI to use - * \param pos Zero-based index of the bit in X + * \param X The MPI to query. This must be initialized. + * \param pos Zero-based index of the bit to query. * - * \return Either a 0 or a 1 + * \return \c 0 or \c 1 on success, depending on whether bit \c pos + * of \c X is unset or set. + * \return A negative error code on failure. */ int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos ); /** - * \brief Set a bit of X to a specific value of 0 or 1 + * \brief Modify a specific bit in an MPI. * - * \note Will grow X if necessary to set a bit to 1 in a not yet - * existing limb. Will not grow if bit should be set to 0 + * \note This function will grow the target MPI if necessary to set a + * bit to \c 1 in a not yet existing limb. It will not grow if + * the bit should be set to \c 0. * - * \param X MPI to use - * \param pos Zero-based index of the bit in X - * \param val The value to set the bit to (0 or 1) + * \param X The MPI to modify. This must be initialized. + * \param pos Zero-based index of the bit to modify. + * \param val The desired value of bit \c pos: \c 0 or \c 1. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, - * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if val is not 0 or 1 + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. + * \return Another negative error code on other kinds of failure. */ int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val ); /** - * \brief Return the number of zero-bits before the least significant - * '1' bit + * \brief Return the number of bits of value \c 0 before the + * least significant bit of value \c 1. + * + * \note This is the same as the zero-based index of + * the least significant bit of value \c 1. * - * Note: Thus also the zero-based index of the least significant '1' bit + * \param X The MPI to query. * - * \param X MPI to use + * \return The number of bits of value \c 0 before the least significant + * bit of value \c 1 in \p X. */ size_t mbedtls_mpi_lsb( const mbedtls_mpi *X ); /** * \brief Return the number of bits up to and including the most - * significant '1' bit' + * significant bit of value \c 1. * - * Note: Thus also the one-based index of the most significant '1' bit + * * \note This is same as the one-based index of the most + * significant bit of value \c 1. * - * \param X MPI to use + * \param X The MPI to query. This must point to an initialized MPI. + * + * \return The number of bits up to and including the most + * significant bit of value \c 1. */ size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X ); /** - * \brief Return the total size in bytes + * \brief Return the total size of an MPI value in bytes. + * + * \param X The MPI to use. This must point to an initialized MPI. * - * \param X MPI to use + * \note The value returned by this function may be less than + * the number of bytes used to store \p X internally. + * This happens if and only if there are trailing bytes + * of value zero. + * + * \return The least number of bytes capable of storing + * the absolute value of \p X. */ size_t mbedtls_mpi_size( const mbedtls_mpi *X ); /** - * \brief Import from an ASCII string + * \brief Import an MPI from an ASCII string. * - * \param X Destination MPI - * \param radix Input numeric base - * \param s Null-terminated string buffer + * \param X The destination MPI. This must point to an initialized MPI. + * \param radix The numeric base of the input string. + * \param s Null-terminated string buffer. * - * \return 0 if successful, or a MBEDTLS_ERR_MPI_XXX error code + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ); /** - * \brief Export into an ASCII string + * \brief Export an MPI to an ASCII string. * - * \param X Source MPI - * \param radix Output numeric base - * \param buf Buffer to write the string to - * \param buflen Length of buf - * \param olen Length of the string written, including final NUL byte + * \param X The source MPI. This must point to an initialized MPI. + * \param radix The numeric base of the output string. + * \param buf The buffer to write the string to. This must be writable + * buffer of length \p buflen Bytes. + * \param buflen The available size in Bytes of \p buf. + * \param olen The address at which to store the length of the string + * written, including the final \c NULL byte. This must + * not be \c NULL. * - * \return 0 if successful, or a MBEDTLS_ERR_MPI_XXX error code. - * *olen is always updated to reflect the amount - * of data that has (or would have) been written. + * \note You can call this function with `buflen == 0` to obtain the + * minimum required buffer size in `*olen`. * - * \note Call this function with buflen = 0 to obtain the - * minimum required buffer size in *olen. + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if the target buffer \p buf + * is too small to hold the value of \p X in the desired base. + * In this case, `*olen` is nonetheless updated to contain the + * size of \p buf required for a successful call. + * \return Another negative error code on different kinds of failure. */ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, char *buf, size_t buflen, size_t *olen ); #if defined(MBEDTLS_FS_IO) /** - * \brief Read MPI from a line in an opened file - * - * \param X Destination MPI - * \param radix Input numeric base - * \param fin Input file handle + * \brief Read an MPI from a line in an opened file. * - * \return 0 if successful, MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if - * the file read buffer is too small or a - * MBEDTLS_ERR_MPI_XXX error code + * \param X The destination MPI. This must point to an initialized MPI. + * \param radix The numeric base of the string representation used + * in the source line. + * \param fin The input file handle to use. This must not be \c NULL. * * \note On success, this function advances the file stream * to the end of the current line or to EOF. * - * The function returns 0 on an empty line. + * The function returns \c 0 on an empty line. * * Leading whitespaces are ignored, as is a - * '0x' prefix for radix 16. + * '0x' prefix for radix \c 16. * + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if the file read buffer + * is too small. + * \return Another negative error code on failure. */ int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ); /** - * \brief Write X into an opened file, or stdout if fout is NULL + * \brief Export an MPI into an opened file. * - * \param p Prefix, can be NULL - * \param X Source MPI - * \param radix Output numeric base - * \param fout Output file handle (can be NULL) + * \param p A string prefix to emit prior to the MPI data. + * For example, this might be a label, or "0x" when + * printing in base \c 16. This may be \c NULL if no prefix + * is needed. + * \param X The source MPI. This must point to an initialized MPI. + * \param radix The numeric base to be used in the emitted string. + * \param fout The output file handle. This may be \c NULL, in which case + * the output is written to \c stdout. * - * \return 0 if successful, or a MBEDTLS_ERR_MPI_XXX error code - * - * \note Set fout == NULL to print X on the console. + * \return \c 0 if successful. + * \return A negative error code on failure. */ -int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE *fout ); +int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, + int radix, FILE *fout ); #endif /* MBEDTLS_FS_IO */ /** - * \brief Import X from unsigned binary data, big endian + * \brief Import an MPI from unsigned big endian binary data. * - * \param X Destination MPI - * \param buf Input buffer - * \param buflen Input buffer size + * \param X The destination MPI. This must point to an initialized MPI. + * \param buf The input buffer. This must be a readable buffer of length + * \p buflen Bytes. + * \param buflen The length of the input buffer \p p in Bytes. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. + * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen ); +int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, + size_t buflen ); /** - * \brief Export X into unsigned binary data, big endian. - * Always fills the whole buffer, which will start with zeros - * if the number is smaller. + * \brief Export an MPI into unsigned big endian binary data + * of fixed size. * - * \param X Source MPI - * \param buf Output buffer - * \param buflen Output buffer size + * \param X The source MPI. This must point to an initialized MPI. + * \param buf The output buffer. This must be a writable buffer of length + * \p buflen Bytes. + * \param buflen The size of the output buffer \p buf in Bytes. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p buf isn't + * large enough to hold the value of \p X. + * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, size_t buflen ); +int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, + size_t buflen ); /** - * \brief Left-shift: X <<= count + * \brief Perform a left-shift on an MPI: X <<= count * - * \param X MPI to shift - * \param count Amount to shift + * \param X The MPI to shift. This must point to an initialized MPI. + * \param count The number of bits to shift by. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return Another negative error code on different kinds of failure. */ int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ); /** - * \brief Right-shift: X >>= count + * \brief Perform a right-shift on an MPI: X >>= count * - * \param X MPI to shift - * \param count Amount to shift + * \param X The MPI to shift. This must point to an initialized MPI. + * \param count The number of bits to shift by. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return Another negative error code on different kinds of failure. */ int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ); /** - * \brief Compare unsigned values + * \brief Compare the absolute values of two MPIs. * - * \param X Left-hand MPI - * \param Y Right-hand MPI + * \param X The left-hand MPI. This must point to an initialized MPI. + * \param Y The right-hand MPI. This must point to an initialized MPI. * - * \return 1 if |X| is greater than |Y|, - * -1 if |X| is lesser than |Y| or - * 0 if |X| is equal to |Y| + * \return \c 1 if `|X|` is greater than `|Y|`. + * \return \c -1 if `|X|` is lesser than `|Y|`. + * \return \c 0 if `|X|` is equal to `|Y|`. */ int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ); /** - * \brief Compare signed values + * \brief Compare two MPIs. * - * \param X Left-hand MPI - * \param Y Right-hand MPI + * \param X The left-hand MPI. This must point to an initialized MPI. + * \param Y The right-hand MPI. This must point to an initialized MPI. * - * \return 1 if X is greater than Y, - * -1 if X is lesser than Y or - * 0 if X is equal to Y + * \return \c 1 if \p X is greater than \p Y. + * \return \c -1 if \p X is lesser than \p Y. + * \return \c 0 if \p X is equal to \p Y. */ int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ); /** - * \brief Compare signed values + * \brief Compare an MPI with an integer. * - * \param X Left-hand MPI - * \param z The integer value to compare to + * \param X The left-hand MPI. This must point to an initialized MPI. + * \param z The integer value to compare \p X to. * - * \return 1 if X is greater than z, - * -1 if X is lesser than z or - * 0 if X is equal to z + * \return \c 1 if \p X is greater than \p z. + * \return \c -1 if \p X is lesser than \p z. + * \return \c 0 if \p X is equal to \p z. */ int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ); /** - * \brief Unsigned addition: X = |A| + |B| + * \brief Perform an unsigned addition of MPIs: X = |A| + |B| * - * \param X Destination MPI - * \param A Left-hand MPI - * \param B Right-hand MPI + * \param X The destination MPI. This must point to an initialized MPI. + * \param A The first summand. This must point to an initialized MPI. + * \param B The second summand. This must point to an initialized MPI. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ); +int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B ); /** - * \brief Unsigned subtraction: X = |A| - |B| + * \brief Perform an unsigned subtraction of MPIs: X = |A| - |B| + * + * \param X The destination MPI. This must point to an initialized MPI. + * \param A The minuend. This must point to an initialized MPI. + * \param B The subtrahend. This must point to an initialized MPI. * - * \param X Destination MPI - * \param A Left-hand MPI - * \param B Right-hand MPI + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p B is greater than \p A. + * \return Another negative error code on different kinds of failure. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_NEGATIVE_VALUE if B is greater than A */ -int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ); +int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B ); /** - * \brief Signed addition: X = A + B + * \brief Perform a signed addition of MPIs: X = A + B * - * \param X Destination MPI - * \param A Left-hand MPI - * \param B Right-hand MPI + * \param X The destination MPI. This must point to an initialized MPI. + * \param A The first summand. This must point to an initialized MPI. + * \param B The second summand. This must point to an initialized MPI. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ); +int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B ); /** - * \brief Signed subtraction: X = A - B + * \brief Perform a signed subtraction of MPIs: X = A - B * - * \param X Destination MPI - * \param A Left-hand MPI - * \param B Right-hand MPI + * \param X The destination MPI. This must point to an initialized MPI. + * \param A The minuend. This must point to an initialized MPI. + * \param B The subtrahend. This must point to an initialized MPI. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ); +int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B ); /** - * \brief Signed addition: X = A + b + * \brief Perform a signed addition of an MPI and an integer: X = A + b * - * \param X Destination MPI - * \param A Left-hand MPI - * \param b The integer value to add + * \param X The destination MPI. This must point to an initialized MPI. + * \param A The first summand. This must point to an initialized MPI. + * \param b The second summand. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ); +int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, + mbedtls_mpi_sint b ); /** - * \brief Signed subtraction: X = A - b + * \brief Perform a signed subtraction of an MPI and an integer: + * X = A - b * - * \param X Destination MPI - * \param A Left-hand MPI - * \param b The integer value to subtract + * \param X The destination MPI. This must point to an initialized MPI. + * \param A The minuend. This must point to an initialized MPI. + * \param b The subtrahend. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b ); +int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, + mbedtls_mpi_sint b ); /** - * \brief Baseline multiplication: X = A * B + * \brief Perform a multiplication of two MPIs: X = A * B + * + * \param X The destination MPI. This must point to an initialized MPI. + * \param A The first factor. This must point to an initialized MPI. + * \param B The second factor. This must point to an initialized MPI. * - * \param X Destination MPI - * \param A Left-hand MPI - * \param B Right-hand MPI + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return Another negative error code on different kinds of failure. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ); +int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *B ); /** - * \brief Baseline multiplication: X = A * b + * \brief Perform a multiplication of an MPI with an unsigned integer: + * X = A * b * - * \param X Destination MPI - * \param A Left-hand MPI - * \param b The unsigned integer value to multiply with + * \param X The destination MPI. This must point to an initialized MPI. + * \param A The first factor. This must point to an initialized MPI. + * \param b The second factor. * - * \note b is unsigned + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return Another negative error code on different kinds of failure. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed */ -int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b ); +int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, + mbedtls_mpi_uint b ); /** - * \brief Division by mbedtls_mpi: A = Q * B + R + * \brief Perform a division with remainder of two MPIs: + * A = Q * B + R * - * \param Q Destination MPI for the quotient - * \param R Destination MPI for the rest value - * \param A Left-hand MPI - * \param B Right-hand MPI + * \param Q The destination MPI for the quotient. + * This may be \c NULL if the value of the + * quotient is not needed. + * \param R The destination MPI for the remainder value. + * This may be \c NULL if the value of the + * remainder is not needed. + * \param A The dividend. This must point to an initialized MPi. + * \param B The divisor. This must point to an initialized MPI. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, - * MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if B == 0 - * - * \note Either Q or R can be NULL. + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. + * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero. + * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ); +int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, + const mbedtls_mpi *B ); /** - * \brief Division by int: A = Q * b + R - * - * \param Q Destination MPI for the quotient - * \param R Destination MPI for the rest value - * \param A Left-hand MPI - * \param b Integer to divide by + * \brief Perform a division with remainder of an MPI by an integer: + * A = Q * b + R * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, - * MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if b == 0 + * \param Q The destination MPI for the quotient. + * This may be \c NULL if the value of the + * quotient is not needed. + * \param R The destination MPI for the remainder value. + * This may be \c NULL if the value of the + * remainder is not needed. + * \param A The dividend. This must point to an initialized MPi. + * \param b The divisor. * - * \note Either Q or R can be NULL. + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. + * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero. + * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, mbedtls_mpi_sint b ); +int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, + mbedtls_mpi_sint b ); /** - * \brief Modulo: R = A mod B + * \brief Perform a modular reduction. R = A mod B * - * \param R Destination MPI for the rest value - * \param A Left-hand MPI - * \param B Right-hand MPI + * \param R The destination MPI for the residue value. + * This must point to an initialized MPI. + * \param A The MPI to compute the residue of. + * This must point to an initialized MPI. + * \param B The base of the modular reduction. + * This must point to an initialized MPI. + * + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero. + * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p B is negative. + * \return Another negative error code on different kinds of failure. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, - * MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if B == 0, - * MBEDTLS_ERR_MPI_NEGATIVE_VALUE if B < 0 */ -int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ); +int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, + const mbedtls_mpi *B ); /** - * \brief Modulo: r = A mod b + * \brief Perform a modular reduction with respect to an integer. + * r = A mod b * - * \param r Destination mbedtls_mpi_uint - * \param A Left-hand MPI - * \param b Integer to divide by + * \param r The address at which to store the residue. + * This must not be \c NULL. + * \param A The MPI to compute the residue of. + * This must point to an initialized MPi. + * \param b The integer base of the modular reduction. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, - * MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if b == 0, - * MBEDTLS_ERR_MPI_NEGATIVE_VALUE if b < 0 + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero. + * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative. + * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b ); +int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, + mbedtls_mpi_sint b ); /** - * \brief Sliding-window exponentiation: X = A^E mod N - * - * \param X Destination MPI - * \param A Left-hand MPI - * \param E Exponent MPI - * \param N Modular MPI - * \param _RR Speed-up MPI used for recalculations + * \brief Perform a sliding-window exponentiation: X = A^E mod N * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, - * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if N is negative or even or - * if E is negative + * \param X The destination MPI. This must point to an initialized MPI. + * \param A The base of the exponentiation. + * This must point to an initialized MPI. + * \param E The exponent MPI. This must point to an initialized MPI. + * \param N The base for the modular reduction. This must point to an + * initialized MPI. + * \param _RR A helper MPI depending solely on \p N which can be used to + * speed-up multiple modular exponentiations for the same value + * of \p N. This may be \c NULL. If it is not \c NULL, it must + * point to an initialized MPI. If it hasn't been used after + * the call to mbedtls_mpi_init(), this function will compute + * the helper value and store it in \p _RR for reuse on + * subsequent calls to this function. Otherwise, the function + * will assume that \p _RR holds the helper value set by a + * previous call to mbedtls_mpi_exp_mod(), and reuse it. + * + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \c N is negative or + * even, or if \c E is negative. + * \return Another negative error code on different kinds of failures. * - * \note _RR is used to avoid re-computing R*R mod N across - * multiple calls, which speeds up things a bit. It can - * be set to NULL if the extra performance is unneeded. */ -int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *E, const mbedtls_mpi *N, mbedtls_mpi *_RR ); +int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *E, const mbedtls_mpi *N, + mbedtls_mpi *_RR ); /** - * \brief Fill an MPI X with size bytes of random + * \brief Fill an MPI with a number of random bytes. * - * \param X Destination MPI - * \param size Size in bytes - * \param f_rng RNG function - * \param p_rng RNG parameter + * \param X The destination MPI. This must point to an initialized MPI. + * \param size The number of random bytes to generate. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG parameter to be passed to \p f_rng. This may be + * \c NULL if \p f_rng doesn't need a context argument. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return Another negative error code on failure. * - * \note The bytes obtained from the PRNG are interpreted + * \note The bytes obtained from the RNG are interpreted * as a big-endian representation of an MPI; this can * be relevant in applications like deterministic ECDSA. */ @@ -700,61 +816,130 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, void *p_rng ); /** - * \brief Greatest common divisor: G = gcd(A, B) - * - * \param G Destination MPI - * \param A Left-hand MPI - * \param B Right-hand MPI - * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed - */ -int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B ); - -/** - * \brief Modular inverse: X = A^-1 mod N + * \brief Compute the greatest common divisor: G = gcd(A, B) * - * \param X Destination MPI - * \param A Left-hand MPI - * \param N Right-hand MPI + * \param G The destination MPI. This must point to an initialized MPI. + * \param A The first operand. This must point to an initialized MPI. + * \param B The second operand. This must point to an initialized MPI. * - * \return 0 if successful, - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, - * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if N is <= 1, - MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N. + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return Another negative error code on different kinds of failure. */ -int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N ); +int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, + const mbedtls_mpi *B ); /** - * \brief Miller-Rabin primality test + * \brief Compute the modular inverse: X = A^-1 mod N * - * \param X MPI to check - * \param f_rng RNG function - * \param p_rng RNG parameter + * \param X The destination MPI. This must point to an initialized MPI. + * \param A The MPI to calculate the modular inverse of. This must point + * to an initialized MPI. + * \param N The base of the modular inversion. This must point to an + * initialized MPI. * - * \return 0 if successful (probably prime), - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, - * MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if X is not prime + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p N is less than + * or equal to one. + * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse + * with respect to \p N. */ -int mbedtls_mpi_is_prime( const mbedtls_mpi *X, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *N ); +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#if defined(MBEDTLS_DEPRECATED_WARNING) +#define MBEDTLS_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_DEPRECATED +#endif /** - * \brief Prime number generation - * - * \param X Destination MPI - * \param nbits Required size of X in bits - * ( 3 <= nbits <= MBEDTLS_MPI_MAX_BITS ) - * \param dh_flag If 1, then (X-1)/2 will be prime too - * \param f_rng RNG function - * \param p_rng RNG parameter - * - * \return 0 if successful (probably prime), - * MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed, - * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if nbits is < 3 - */ -int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int dh_flag, + * \brief Perform a Miller-Rabin primality test with error + * probability of 2<sup>-80</sup>. + * + * \deprecated Superseded by mbedtls_mpi_is_prime_ext() which allows + * specifying the number of Miller-Rabin rounds. + * + * \param X The MPI to check for primality. + * This must point to an initialized MPI. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG parameter to be passed to \p f_rng. + * This may be \c NULL if \p f_rng doesn't use a + * context parameter. + * + * \return \c 0 if successful, i.e. \p X is probably prime. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime. + * \return Another negative error code on other kinds of failure. + */ +MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime( const mbedtls_mpi *X, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); +#undef MBEDTLS_DEPRECATED +#endif /* !MBEDTLS_DEPRECATED_REMOVED */ + +/** + * \brief Miller-Rabin primality test. + * + * \warning If \p X is potentially generated by an adversary, for example + * when validating cryptographic parameters that you didn't + * generate yourself and that are supposed to be prime, then + * \p rounds should be at least the half of the security + * strength of the cryptographic algorithm. On the other hand, + * if \p X is chosen uniformly or non-adversially (as is the + * case when mbedtls_mpi_gen_prime calls this function), then + * \p rounds can be much lower. + * + * \param X The MPI to check for primality. + * This must point to an initialized MPI. + * \param rounds The number of bases to perform the Miller-Rabin primality + * test for. The probability of returning 0 on a composite is + * at most 2<sup>-2*\p rounds</sup>. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG parameter to be passed to \p f_rng. + * This may be \c NULL if \p f_rng doesn't use + * a context parameter. + * + * \return \c 0 if successful, i.e. \p X is probably prime. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime. + * \return Another negative error code on other kinds of failure. + */ +int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); +/** + * \brief Flags for mbedtls_mpi_gen_prime() + * + * Each of these flags is a constraint on the result X returned by + * mbedtls_mpi_gen_prime(). + */ +typedef enum { + MBEDTLS_MPI_GEN_PRIME_FLAG_DH = 0x0001, /**< (X-1)/2 is prime too */ + MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR = 0x0002, /**< lower error rate from 2<sup>-80</sup> to 2<sup>-128</sup> */ +} mbedtls_mpi_gen_prime_flag_t; + +/** + * \brief Generate a prime number. + * + * \param X The destination MPI to store the generated prime in. + * This must point to an initialized MPi. + * \param nbits The required size of the destination MPI in bits. + * This must be between \c 3 and #MBEDTLS_MPI_MAX_BITS. + * \param flags A mask of flags of type #mbedtls_mpi_gen_prime_flag_t. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG parameter to be passed to \p f_rng. + * This may be \c NULL if \p f_rng doesn't use + * a context parameter. + * + * \return \c 0 if successful, in which case \p X holds a + * probably prime number. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. + * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between + * \c 3 and #MBEDTLS_MPI_MAX_BITS. + */ +int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); diff --git a/thirdparty/mbedtls/include/mbedtls/blowfish.h b/thirdparty/mbedtls/include/mbedtls/blowfish.h index 985faa43f0..f01573dcaf 100644 --- a/thirdparty/mbedtls/include/mbedtls/blowfish.h +++ b/thirdparty/mbedtls/include/mbedtls/blowfish.h @@ -33,6 +33,8 @@ #include <stddef.h> #include <stdint.h> +#include "platform_util.h" + #define MBEDTLS_BLOWFISH_ENCRYPT 1 #define MBEDTLS_BLOWFISH_DECRYPT 0 #define MBEDTLS_BLOWFISH_MAX_KEY_BITS 448 @@ -40,9 +42,16 @@ #define MBEDTLS_BLOWFISH_ROUNDS 16 /**< Rounds to use. When increasing this value, make sure to extend the initialisation vectors */ #define MBEDTLS_BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */ -#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH -0x0016 /**< Invalid key length. */ +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0016 ) +#endif /* !MBEDTLS_DEPRECATED_REMOVED */ +#define MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -0x0016 /**< Bad input data. */ + +#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */ + +/* MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED is deprecated and should not be used. + */ #define MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED -0x0017 /**< Blowfish hardware accelerator failed. */ -#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */ #ifdef __cplusplus extern "C" { @@ -55,7 +64,7 @@ extern "C" { /** * \brief Blowfish context structure */ -typedef struct +typedef struct mbedtls_blowfish_context { uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */ uint32_t S[4][256]; /*!< key dependent S-boxes */ @@ -67,40 +76,53 @@ mbedtls_blowfish_context; #endif /* MBEDTLS_BLOWFISH_ALT */ /** - * \brief Initialize Blowfish context + * \brief Initialize a Blowfish context. * - * \param ctx Blowfish context to be initialized + * \param ctx The Blowfish context to be initialized. + * This must not be \c NULL. */ void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ); /** - * \brief Clear Blowfish context + * \brief Clear a Blowfish context. * - * \param ctx Blowfish context to be cleared + * \param ctx The Blowfish context to be cleared. + * This may be \c NULL, in which case this function + * returns immediately. If it is not \c NULL, it must + * point to an initialized Blowfish context. */ void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ); /** - * \brief Blowfish key schedule + * \brief Perform a Blowfish key schedule operation. * - * \param ctx Blowfish context to be initialized - * \param key encryption key - * \param keybits must be between 32 and 448 bits + * \param ctx The Blowfish context to perform the key schedule on. + * \param key The encryption key. This must be a readable buffer of + * length \p keybits Bits. + * \param keybits The length of \p key in Bits. This must be between + * \c 32 and \c 448 and a multiple of \c 8. * - * \return 0 if successful, or MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key, unsigned int keybits ); /** - * \brief Blowfish-ECB block encryption/decryption + * \brief Perform a Blowfish-ECB block encryption/decryption operation. * - * \param ctx Blowfish context - * \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT - * \param input 8-byte input block - * \param output 8-byte output block + * \param ctx The Blowfish context to use. This must be initialized + * and bound to a key. + * \param mode The mode of operation. Possible values are + * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or + * #MBEDTLS_BLOWFISH_DECRYPT for decryption. + * \param input The input block. This must be a readable buffer + * of size \c 8 Bytes. + * \param output The output block. This must be a writable buffer + * of size \c 8 Bytes. * - * \return 0 if successful + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, int mode, @@ -109,9 +131,7 @@ int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, #if defined(MBEDTLS_CIPHER_MODE_CBC) /** - * \brief Blowfish-CBC buffer encryption/decryption - * Length should be a multiple of the block - * size (8 bytes) + * \brief Perform a Blowfish-CBC buffer encryption/decryption operation. * * \note Upon exit, the content of the IV is updated so that you can * call the function same function again on the following @@ -121,15 +141,22 @@ int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, * IV, you should either save it manually or use the cipher * module instead. * - * \param ctx Blowfish context - * \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT - * \param length length of the input data - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data + * \param ctx The Blowfish context to use. This must be initialized + * and bound to a key. + * \param mode The mode of operation. Possible values are + * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or + * #MBEDTLS_BLOWFISH_DECRYPT for decryption. + * \param length The length of the input data in Bytes. This must be + * multiple of \c 8. + * \param iv The initialization vector. This must be a read/write buffer + * of length \c 8 Bytes. It is updated by this function. + * \param input The input data. This must be a readable buffer of length + * \p length Bytes. + * \param output The output data. This must be a writable buffer of length + * \p length Bytes. * - * \return 0 if successful, or - * MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, int mode, @@ -141,7 +168,7 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, #if defined(MBEDTLS_CIPHER_MODE_CFB) /** - * \brief Blowfish CFB buffer encryption/decryption. + * \brief Perform a Blowfish CFB buffer encryption/decryption operation. * * \note Upon exit, the content of the IV is updated so that you can * call the function same function again on the following @@ -151,15 +178,25 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, * IV, you should either save it manually or use the cipher * module instead. * - * \param ctx Blowfish context - * \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT - * \param length length of the input data - * \param iv_off offset in IV (updated after use) - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data + * \param ctx The Blowfish context to use. This must be initialized + * and bound to a key. + * \param mode The mode of operation. Possible values are + * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or + * #MBEDTLS_BLOWFISH_DECRYPT for decryption. + * \param length The length of the input data in Bytes. + * \param iv_off The offset in the initialiation vector. + * The value pointed to must be smaller than \c 8 Bytes. + * It is updated by this function to support the aforementioned + * streaming usage. + * \param iv The initialization vector. This must be a read/write buffer + * of size \c 8 Bytes. It is updated after use. + * \param input The input data. This must be a readable buffer of length + * \p length Bytes. + * \param output The output data. This must be a writable buffer of length + * \p length Bytes. * - * \return 0 if successful + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, int mode, @@ -172,7 +209,7 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, #if defined(MBEDTLS_CIPHER_MODE_CTR) /** - * \brief Blowfish-CTR buffer encryption/decryption + * \brief Perform a Blowfish-CTR buffer encryption/decryption operation. * * \warning You must never reuse a nonce value with the same key. Doing so * would void the encryption for the two messages encrypted with @@ -215,18 +252,24 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, * content must not be written to insecure storage and should be * securely discarded as soon as it's no longer needed. * - * \param ctx Blowfish context - * \param length The length of the data + * \param ctx The Blowfish context to use. This must be initialized + * and bound to a key. + * \param length The length of the input data in Bytes. * \param nc_off The offset in the current stream_block (for resuming - * within current cipher stream). The offset pointer to - * should be 0 at the start of a stream. - * \param nonce_counter The 64-bit nonce and counter. - * \param stream_block The saved stream-block for resuming. Is overwritten - * by the function. - * \param input The input data stream - * \param output The output data stream - * - * \return 0 if successful + * within current cipher stream). The offset pointer + * should be \c 0 at the start of a stream and must be + * smaller than \c 8. It is updated by this function. + * \param nonce_counter The 64-bit nonce and counter. This must point to a + * read/write buffer of length \c 8 Bytes. + * \param stream_block The saved stream-block for resuming. This must point to + * a read/write buffer of length \c 8 Bytes. + * \param input The input data. This must be a readable buffer of + * length \p length Bytes. + * \param output The output data. This must be a writable buffer of + * length \p length Bytes. + * + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx, size_t length, diff --git a/thirdparty/mbedtls/include/mbedtls/bn_mul.h b/thirdparty/mbedtls/include/mbedtls/bn_mul.h index b587317d95..2f7b72fe4c 100644 --- a/thirdparty/mbedtls/include/mbedtls/bn_mul.h +++ b/thirdparty/mbedtls/include/mbedtls/bn_mul.h @@ -170,19 +170,19 @@ #define MULADDC_INIT \ asm( \ - "xorq %%r8, %%r8 \n\t" + "xorq %%r8, %%r8\n" #define MULADDC_CORE \ - "movq (%%rsi), %%rax \n\t" \ - "mulq %%rbx \n\t" \ - "addq $8, %%rsi \n\t" \ - "addq %%rcx, %%rax \n\t" \ - "movq %%r8, %%rcx \n\t" \ - "adcq $0, %%rdx \n\t" \ - "nop \n\t" \ - "addq %%rax, (%%rdi) \n\t" \ - "adcq %%rdx, %%rcx \n\t" \ - "addq $8, %%rdi \n\t" + "movq (%%rsi), %%rax\n" \ + "mulq %%rbx\n" \ + "addq $8, %%rsi\n" \ + "addq %%rcx, %%rax\n" \ + "movq %%r8, %%rcx\n" \ + "adcq $0, %%rdx\n" \ + "nop \n" \ + "addq %%rax, (%%rdi)\n" \ + "adcq %%rdx, %%rcx\n" \ + "addq $8, %%rdi\n" #define MULADDC_STOP \ : "+c" (c), "+D" (d), "+S" (s) \ @@ -565,9 +565,8 @@ #endif /* TriCore */ /* - * gcc -O0 by default uses r7 for the frame pointer, so it complains about our - * use of r7 below, unless -fomit-frame-pointer is passed. Unfortunately, - * passing that option is not easy when building with yotta. + * Note, gcc -O0 by default uses r7 for the frame pointer, so it complains about + * our use of r7 below, unless -fomit-frame-pointer is passed. * * On the other hand, -fomit-frame-pointer is implied by any -Ox options with * x !=0, which we can detect using __OPTIMIZE__ (which is also defined by @@ -637,6 +636,23 @@ "r6", "r7", "r8", "r9", "cc" \ ); +#elif defined (__ARM_FEATURE_DSP) && (__ARM_FEATURE_DSP == 1) + +#define MULADDC_INIT \ + asm( + +#define MULADDC_CORE \ + "ldr r0, [%0], #4 \n\t" \ + "ldr r1, [%1] \n\t" \ + "umaal r1, %2, %3, r0 \n\t" \ + "str r1, [%1], #4 \n\t" + +#define MULADDC_STOP \ + : "=r" (s), "=r" (d), "=r" (c) \ + : "r" (b), "0" (s), "1" (d), "2" (c) \ + : "r0", "r1", "memory" \ + ); + #else #define MULADDC_INIT \ diff --git a/thirdparty/mbedtls/include/mbedtls/camellia.h b/thirdparty/mbedtls/include/mbedtls/camellia.h index 7e4721af78..0f7c42c92d 100644 --- a/thirdparty/mbedtls/include/mbedtls/camellia.h +++ b/thirdparty/mbedtls/include/mbedtls/camellia.h @@ -33,11 +33,20 @@ #include <stddef.h> #include <stdint.h> +#include "platform_util.h" + #define MBEDTLS_CAMELLIA_ENCRYPT 1 #define MBEDTLS_CAMELLIA_DECRYPT 0 -#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0024 /**< Invalid key length. */ -#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */ +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0024 ) +#endif /* !MBEDTLS_DEPRECATED_REMOVED */ +#define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024 /**< Bad input data. */ + +#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */ + +/* MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED is deprecated and should not be used. + */ #define MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED -0x0027 /**< Camellia hardware accelerator failed. */ #ifdef __cplusplus @@ -51,7 +60,7 @@ extern "C" { /** * \brief CAMELLIA context structure */ -typedef struct +typedef struct mbedtls_camellia_context { int nr; /*!< number of rounds */ uint32_t rk[68]; /*!< CAMELLIA round keys */ @@ -63,52 +72,68 @@ mbedtls_camellia_context; #endif /* MBEDTLS_CAMELLIA_ALT */ /** - * \brief Initialize CAMELLIA context + * \brief Initialize a CAMELLIA context. * - * \param ctx CAMELLIA context to be initialized + * \param ctx The CAMELLIA context to be initialized. + * This must not be \c NULL. */ void mbedtls_camellia_init( mbedtls_camellia_context *ctx ); /** - * \brief Clear CAMELLIA context + * \brief Clear a CAMELLIA context. * - * \param ctx CAMELLIA context to be cleared + * \param ctx The CAMELLIA context to be cleared. This may be \c NULL, + * in which case this function returns immediately. If it is not + * \c NULL, it must be initialized. */ void mbedtls_camellia_free( mbedtls_camellia_context *ctx ); /** - * \brief CAMELLIA key schedule (encryption) + * \brief Perform a CAMELLIA key schedule operation for encryption. * - * \param ctx CAMELLIA context to be initialized - * \param key encryption key - * \param keybits must be 128, 192 or 256 + * \param ctx The CAMELLIA context to use. This must be initialized. + * \param key The encryption key to use. This must be a readable buffer + * of size \p keybits Bits. + * \param keybits The length of \p key in Bits. This must be either \c 128, + * \c 192 or \c 256. * - * \return 0 if successful, or MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH + * \return \c 0 if successful. + * \return A negative error code on failure. */ -int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned char *key, - unsigned int keybits ); +int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, + const unsigned char *key, + unsigned int keybits ); /** - * \brief CAMELLIA key schedule (decryption) + * \brief Perform a CAMELLIA key schedule operation for decryption. * - * \param ctx CAMELLIA context to be initialized - * \param key decryption key - * \param keybits must be 128, 192 or 256 + * \param ctx The CAMELLIA context to use. This must be initialized. + * \param key The decryption key. This must be a readable buffer + * of size \p keybits Bits. + * \param keybits The length of \p key in Bits. This must be either \c 128, + * \c 192 or \c 256. * - * \return 0 if successful, or MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH + * \return \c 0 if successful. + * \return A negative error code on failure. */ -int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, const unsigned char *key, - unsigned int keybits ); +int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, + const unsigned char *key, + unsigned int keybits ); /** - * \brief CAMELLIA-ECB block encryption/decryption - * - * \param ctx CAMELLIA context - * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT - * \param input 16-byte input block - * \param output 16-byte output block - * - * \return 0 if successful + * \brief Perform a CAMELLIA-ECB block encryption/decryption operation. + * + * \param ctx The CAMELLIA context to use. This must be initialized + * and bound to a key. + * \param mode The mode of operation. This must be either + * #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT. + * \param input The input block. This must be a readable buffer + * of size \c 16 Bytes. + * \param output The output block. This must be a writable buffer + * of size \c 16 Bytes. + * + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, int mode, @@ -117,9 +142,7 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, #if defined(MBEDTLS_CIPHER_MODE_CBC) /** - * \brief CAMELLIA-CBC buffer encryption/decryption - * Length should be a multiple of the block - * size (16 bytes) + * \brief Perform a CAMELLIA-CBC buffer encryption/decryption operation. * * \note Upon exit, the content of the IV is updated so that you can * call the function same function again on the following @@ -129,15 +152,22 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, * IV, you should either save it manually or use the cipher * module instead. * - * \param ctx CAMELLIA context - * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT - * \param length length of the input data - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if successful, or - * MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH + * \param ctx The CAMELLIA context to use. This must be initialized + * and bound to a key. + * \param mode The mode of operation. This must be either + * #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT. + * \param length The length in Bytes of the input data \p input. + * This must be a multiple of \c 16 Bytes. + * \param iv The initialization vector. This must be a read/write buffer + * of length \c 16 Bytes. It is updated to allow streaming + * use as explained above. + * \param input The buffer holding the input data. This must point to a + * readable buffer of length \p length Bytes. + * \param output The buffer holding the output data. This must point to a + * writable buffer of length \p length Bytes. + * + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, int mode, @@ -149,11 +179,14 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, #if defined(MBEDTLS_CIPHER_MODE_CFB) /** - * \brief CAMELLIA-CFB128 buffer encryption/decryption + * \brief Perform a CAMELLIA-CFB128 buffer encryption/decryption + * operation. * - * Note: Due to the nature of CFB you should use the same key schedule for - * both encryption and decryption. So a context initialized with - * mbedtls_camellia_setkey_enc() for both MBEDTLS_CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT. + * \note Due to the nature of CFB mode, you should use the same + * key for both encryption and decryption. In particular, calls + * to this function should be preceded by a key-schedule via + * mbedtls_camellia_setkey_enc() regardless of whether \p mode + * is #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT. * * \note Upon exit, the content of the IV is updated so that you can * call the function same function again on the following @@ -163,16 +196,24 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, * IV, you should either save it manually or use the cipher * module instead. * - * \param ctx CAMELLIA context - * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT - * \param length length of the input data - * \param iv_off offset in IV (updated after use) - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if successful, or - * MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH + * \param ctx The CAMELLIA context to use. This must be initialized + * and bound to a key. + * \param mode The mode of operation. This must be either + * #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT. + * \param length The length of the input data \p input. Any value is allowed. + * \param iv_off The current offset in the IV. This must be smaller + * than \c 16 Bytes. It is updated after this call to allow + * the aforementioned streaming usage. + * \param iv The initialization vector. This must be a read/write buffer + * of length \c 16 Bytes. It is updated after this call to + * allow the aforementioned streaming usage. + * \param input The buffer holding the input data. This must be a readable + * buffer of size \p length Bytes. + * \param output The buffer to hold the output data. This must be a writable + * buffer of length \p length Bytes. + * + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, int mode, @@ -185,11 +226,13 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, #if defined(MBEDTLS_CIPHER_MODE_CTR) /** - * \brief CAMELLIA-CTR buffer encryption/decryption + * \brief Perform a CAMELLIA-CTR buffer encryption/decryption operation. * - * Note: Due to the nature of CTR you should use the same key schedule for - * both encryption and decryption. So a context initialized with - * mbedtls_camellia_setkey_enc() for both MBEDTLS_CAMELLIA_ENCRYPT and MBEDTLS_CAMELLIA_DECRYPT. + * *note Due to the nature of CTR mode, you should use the same + * key for both encryption and decryption. In particular, calls + * to this function should be preceded by a key-schedule via + * mbedtls_camellia_setkey_enc() regardless of whether \p mode + * is #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT. * * \warning You must never reuse a nonce value with the same key. Doing so * would void the encryption for the two messages encrypted with @@ -212,41 +255,49 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, * per-message nonce, handled by yourself, and the second one * updated by this function internally. * - * For example, you might reserve the first 12 bytes for the - * per-message nonce, and the last 4 bytes for internal use. In that - * case, before calling this function on a new message you need to - * set the first 12 bytes of \p nonce_counter to your chosen nonce - * value, the last 4 to 0, and \p nc_off to 0 (which will cause \p - * stream_block to be ignored). That way, you can encrypt at most - * 2**96 messages of up to 2**32 blocks each with the same key. + * For example, you might reserve the first \c 12 Bytes for the + * per-message nonce, and the last \c 4 Bytes for internal use. + * In that case, before calling this function on a new message you + * need to set the first \c 12 Bytes of \p nonce_counter to your + * chosen nonce value, the last four to \c 0, and \p nc_off to \c 0 + * (which will cause \p stream_block to be ignored). That way, you + * can encrypt at most \c 2**96 messages of up to \c 2**32 blocks + * each with the same key. * * The per-message nonce (or information sufficient to reconstruct - * it) needs to be communicated with the ciphertext and must be unique. - * The recommended way to ensure uniqueness is to use a message - * counter. An alternative is to generate random nonces, but this - * limits the number of messages that can be securely encrypted: - * for example, with 96-bit random nonces, you should not encrypt - * more than 2**32 messages with the same key. + * it) needs to be communicated with the ciphertext and must be + * unique. The recommended way to ensure uniqueness is to use a + * message counter. An alternative is to generate random nonces, + * but this limits the number of messages that can be securely + * encrypted: for example, with 96-bit random nonces, you should + * not encrypt more than 2**32 messages with the same key. * * Note that for both stategies, sizes are measured in blocks and - * that a CAMELLIA block is 16 bytes. + * that a CAMELLIA block is \c 16 Bytes. * * \warning Upon return, \p stream_block contains sensitive data. Its * content must not be written to insecure storage and should be * securely discarded as soon as it's no longer needed. * - * \param ctx CAMELLIA context - * \param length The length of the data - * \param nc_off The offset in the current stream_block (for resuming + * \param ctx The CAMELLIA context to use. This must be initialized + * and bound to a key. + * \param length The length of the input data \p input in Bytes. + * Any value is allowed. + * \param nc_off The offset in the current \p stream_block (for resuming * within current cipher stream). The offset pointer to - * should be 0 at the start of a stream. - * \param nonce_counter The 128-bit nonce and counter. - * \param stream_block The saved stream-block for resuming. Is overwritten - * by the function. - * \param input The input data stream - * \param output The output data stream - * - * \return 0 if successful + * should be \c 0 at the start of a stream. It is updated + * at the end of this call. + * \param nonce_counter The 128-bit nonce and counter. This must be a read/write + * buffer of length \c 16 Bytes. + * \param stream_block The saved stream-block for resuming. This must be a + * read/write buffer of length \c 16 Bytes. + * \param input The input data stream. This must be a readable buffer of + * size \p length Bytes. + * \param output The output data stream. This must be a writable buffer + * of size \p length Bytes. + * + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, size_t length, diff --git a/thirdparty/mbedtls/include/mbedtls/ccm.h b/thirdparty/mbedtls/include/mbedtls/ccm.h index 5d727e7cca..3f6b8f6709 100644 --- a/thirdparty/mbedtls/include/mbedtls/ccm.h +++ b/thirdparty/mbedtls/include/mbedtls/ccm.h @@ -53,8 +53,9 @@ #define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */ #define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */ -#define MBEDTLS_ERR_CCM_HW_ACCEL_FAILED -0x0011 /**< CCM hardware accelerator failed. */ +/* MBEDTLS_ERR_CCM_HW_ACCEL_FAILED is deprecated and should not be used. */ +#define MBEDTLS_ERR_CCM_HW_ACCEL_FAILED -0x0011 /**< CCM hardware accelerator failed. */ #ifdef __cplusplus extern "C" { @@ -68,7 +69,8 @@ extern "C" { * \brief The CCM context-type definition. The CCM context is passed * to the APIs called. */ -typedef struct { +typedef struct mbedtls_ccm_context +{ mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */ } mbedtls_ccm_context; @@ -82,7 +84,7 @@ mbedtls_ccm_context; * to make references valid, and prepare the context * for mbedtls_ccm_setkey() or mbedtls_ccm_free(). * - * \param ctx The CCM context to initialize. + * \param ctx The CCM context to initialize. This must not be \c NULL. */ void mbedtls_ccm_init( mbedtls_ccm_context *ctx ); @@ -90,9 +92,10 @@ void mbedtls_ccm_init( mbedtls_ccm_context *ctx ); * \brief This function initializes the CCM context set in the * \p ctx parameter and sets the encryption key. * - * \param ctx The CCM context to initialize. + * \param ctx The CCM context to initialize. This must be an initialized + * context. * \param cipher The 128-bit block cipher to use. - * \param key The encryption key. + * \param key The encryption key. This must not be \c NULL. * \param keybits The key size in bits. This must be acceptable by the cipher. * * \return \c 0 on success. @@ -107,7 +110,8 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, * \brief This function releases and clears the specified CCM context * and underlying cipher sub-context. * - * \param ctx The CCM context to clear. + * \param ctx The CCM context to clear. If this is \c NULL, the function + * has no effect. Otherwise, this must be initialized. */ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ); @@ -120,19 +124,27 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ); * \p tag = \p output + \p length, and make sure that the * output buffer is at least \p length + \p tag_len wide. * - * \param ctx The CCM context to use for encryption. + * \param ctx The CCM context to use for encryption. This must be + * initialized and bound to a key. * \param length The length of the input data in Bytes. - * \param iv Initialization vector (nonce). + * \param iv The initialization vector (nonce). This must be a readable + * buffer of at least \p iv_len Bytes. * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. - * \param add The additional data field. + * \param add The additional data field. If \p add_len is greater than + * zero, \p add must be a readable buffer of at least that + * length. * \param add_len The length of additional data in Bytes. - * Must be less than 2^16 - 2^8. - * \param input The buffer holding the input data. - * \param output The buffer holding the output data. - * Must be at least \p length Bytes wide. - * \param tag The buffer holding the authentication field. + * This must be less than `2^16 - 2^8`. + * \param input The buffer holding the input data. If \p length is greater + * than zero, \p input must be a readable buffer of at least + * that length. + * \param output The buffer holding the output data. If \p length is greater + * than zero, \p output must be a writable buffer of at least + * that length. + * \param tag The buffer holding the authentication field. This must be a + * readable buffer of at least \p tag_len Bytes. * \param tag_len The length of the authentication field to generate in Bytes: * 4, 6, 8, 10, 12, 14 or 16. * @@ -158,23 +170,30 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, * the tag length has to be encoded into the \p iv passed to * this function. * - * \param ctx The CCM context to use for encryption. + * \param ctx The CCM context to use for encryption. This must be + * initialized and bound to a key. * \param length The length of the input data in Bytes. - * \param iv Initialization vector (nonce). + * \param iv The initialization vector (nonce). This must be a readable + * buffer of at least \p iv_len Bytes. * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. - * \param add The additional data field. + * \param add The additional data field. This must be a readable buffer of + * at least \p add_len Bytes. * \param add_len The length of additional data in Bytes. - * Must be less than 2^16 - 2^8. - * \param input The buffer holding the input data. - * \param output The buffer holding the output data. - * Must be at least \p length Bytes wide. - * \param tag The buffer holding the authentication field. + * This must be less than 2^16 - 2^8. + * \param input The buffer holding the input data. If \p length is greater + * than zero, \p input must be a readable buffer of at least + * that length. + * \param output The buffer holding the output data. If \p length is greater + * than zero, \p output must be a writable buffer of at least + * that length. + * \param tag The buffer holding the authentication field. This must be a + * readable buffer of at least \p tag_len Bytes. * \param tag_len The length of the authentication field to generate in Bytes: * 0, 4, 6, 8, 10, 12, 14 or 16. * - * \warning Passing 0 as \p tag_len means that the message is no + * \warning Passing \c 0 as \p tag_len means that the message is no * longer authenticated. * * \return \c 0 on success. @@ -190,20 +209,27 @@ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, * \brief This function performs a CCM authenticated decryption of a * buffer. * - * \param ctx The CCM context to use for decryption. + * \param ctx The CCM context to use for decryption. This must be + * initialized and bound to a key. * \param length The length of the input data in Bytes. - * \param iv Initialization vector (nonce). + * \param iv The initialization vector (nonce). This must be a readable + * buffer of at least \p iv_len Bytes. * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. - * \param add The additional data field. + * \param add The additional data field. This must be a readable buffer + * of at least that \p add_len Bytes.. * \param add_len The length of additional data in Bytes. - * Must be less than 2^16 - 2^8. - * \param input The buffer holding the input data. - * \param output The buffer holding the output data. - * Must be at least \p length Bytes wide. - * \param tag The buffer holding the authentication field. - * \param tag_len The length of the authentication field in Bytes. + * This must be less than 2^16 - 2^8. + * \param input The buffer holding the input data. If \p length is greater + * than zero, \p input must be a readable buffer of at least + * that length. + * \param output The buffer holding the output data. If \p length is greater + * than zero, \p output must be a writable buffer of at least + * that length. + * \param tag The buffer holding the authentication field. This must be a + * readable buffer of at least \p tag_len Bytes. + * \param tag_len The length of the authentication field to generate in Bytes: * 4, 6, 8, 10, 12, 14 or 16. * * \return \c 0 on success. This indicates that the message is authentic. @@ -225,23 +251,30 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, * this function as \p tag_len. (\p tag needs to be adjusted * accordingly.) * - * \param ctx The CCM context to use for decryption. + * \param ctx The CCM context to use for decryption. This must be + * initialized and bound to a key. * \param length The length of the input data in Bytes. - * \param iv Initialization vector (nonce). + * \param iv The initialization vector (nonce). This must be a readable + * buffer of at least \p iv_len Bytes. * \param iv_len The length of the nonce in Bytes: 7, 8, 9, 10, 11, 12, * or 13. The length L of the message length field is * 15 - \p iv_len. - * \param add The additional data field. + * \param add The additional data field. This must be a readable buffer of + * at least that \p add_len Bytes. * \param add_len The length of additional data in Bytes. - * Must be less than 2^16 - 2^8. - * \param input The buffer holding the input data. - * \param output The buffer holding the output data. - * Must be at least \p length Bytes wide. - * \param tag The buffer holding the authentication field. + * This must be less than 2^16 - 2^8. + * \param input The buffer holding the input data. If \p length is greater + * than zero, \p input must be a readable buffer of at least + * that length. + * \param output The buffer holding the output data. If \p length is greater + * than zero, \p output must be a writable buffer of at least + * that length. + * \param tag The buffer holding the authentication field. This must be a + * readable buffer of at least \p tag_len Bytes. * \param tag_len The length of the authentication field in Bytes. * 0, 4, 6, 8, 10, 12, 14 or 16. * - * \warning Passing 0 as \p tag_len means that the message is no + * \warning Passing \c 0 as \p tag_len means that the message is nos * longer authenticated. * * \return \c 0 on success. diff --git a/thirdparty/mbedtls/include/mbedtls/chacha20.h b/thirdparty/mbedtls/include/mbedtls/chacha20.h index 47bd7d38b9..2ae5e6e5f4 100644 --- a/thirdparty/mbedtls/include/mbedtls/chacha20.h +++ b/thirdparty/mbedtls/include/mbedtls/chacha20.h @@ -43,7 +43,13 @@ #include <stddef.h> #define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA -0x0051 /**< Invalid input parameter(s). */ + +/* MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE is deprecated and should not be + * used. */ #define MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE -0x0053 /**< Feature not available. For example, s part of the API is not implemented. */ + +/* MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED is deprecated and should not be used. + */ #define MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED -0x0055 /**< Chacha20 hardware accelerator failed. */ #ifdef __cplusplus @@ -52,7 +58,7 @@ extern "C" { #if !defined(MBEDTLS_CHACHA20_ALT) -typedef struct +typedef struct mbedtls_chacha20_context { uint32_t state[16]; /*! The state (before round operations). */ uint8_t keystream8[64]; /*! Leftover keystream bytes. */ @@ -77,13 +83,18 @@ mbedtls_chacha20_context; * \c mbedtls_chacha20_free(). * * \param ctx The ChaCha20 context to initialize. + * This must not be \c NULL. */ void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx ); /** - * \brief This function releases and clears the specified ChaCha20 context. + * \brief This function releases and clears the specified + * ChaCha20 context. + * + * \param ctx The ChaCha20 context to clear. This may be \c NULL, + * in which case this function is a no-op. If it is not + * \c NULL, it must point to an initialized context. * - * \param ctx The ChaCha20 context to clear. */ void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ); @@ -96,7 +107,9 @@ void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ); * \c mbedtls_chacha_update(). * * \param ctx The ChaCha20 context to which the key should be bound. - * \param key The encryption/decryption key. Must be 32 bytes in length. + * It must be initialized. + * \param key The encryption/decryption key. This must be \c 32 Bytes + * in length. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL. @@ -115,8 +128,9 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, * messages encrypted with the same nonce and key. * * \param ctx The ChaCha20 context to which the nonce should be bound. - * \param nonce The nonce. Must be 12 bytes in size. - * \param counter The initial counter value. This is usually 0. + * It must be initialized and bound to a key. + * \param nonce The nonce. This must be \c 12 Bytes in size. + * \param counter The initial counter value. This is usually \c 0. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is @@ -144,16 +158,16 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, * key and nonce. * * \param ctx The ChaCha20 context to use for encryption or decryption. - * \param size The length of the input data in bytes. + * It must be initialized and bound to a key and nonce. + * \param size The length of the input data in Bytes. * \param input The buffer holding the input data. - * This pointer can be NULL if size == 0. + * This pointer can be \c NULL if `size == 0`. * \param output The buffer holding the output data. - * Must be able to hold \p size bytes. - * This pointer can be NULL if size == 0. + * This must be able to hold \p size Bytes. + * This pointer can be \c NULL if `size == 0`. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if the ctx, input, or - * output pointers are NULL. + * \return A negative error code on failure. */ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, size_t size, @@ -174,19 +188,19 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, * \note The \p input and \p output pointers must either be equal or * point to non-overlapping buffers. * - * \param key The encryption/decryption key. Must be 32 bytes in length. - * \param nonce The nonce. Must be 12 bytes in size. - * \param counter The initial counter value. This is usually 0. - * \param size The length of the input data in bytes. + * \param key The encryption/decryption key. + * This must be \c 32 Bytes in length. + * \param nonce The nonce. This must be \c 12 Bytes in size. + * \param counter The initial counter value. This is usually \c 0. + * \param size The length of the input data in Bytes. * \param input The buffer holding the input data. - * This pointer can be NULL if size == 0. + * This pointer can be \c NULL if `size == 0`. * \param output The buffer holding the output data. - * Must be able to hold \p size bytes. - * This pointer can be NULL if size == 0. + * This must be able to hold \p size Bytes. + * This pointer can be \c NULL if `size == 0`. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if key, nonce, input, - * or output is NULL. + * \return A negative error code on failure. */ int mbedtls_chacha20_crypt( const unsigned char key[32], const unsigned char nonce[12], diff --git a/thirdparty/mbedtls/include/mbedtls/chachapoly.h b/thirdparty/mbedtls/include/mbedtls/chachapoly.h index 42b2b230c5..49e615d278 100644 --- a/thirdparty/mbedtls/include/mbedtls/chachapoly.h +++ b/thirdparty/mbedtls/include/mbedtls/chachapoly.h @@ -60,7 +60,7 @@ mbedtls_chachapoly_mode_t; #include "chacha20.h" -typedef struct +typedef struct mbedtls_chachapoly_context { mbedtls_chacha20_context chacha20_ctx; /**< The ChaCha20 context. */ mbedtls_poly1305_context poly1305_ctx; /**< The Poly1305 context. */ @@ -115,27 +115,29 @@ mbedtls_chachapoly_context; * all previous outputs of \c mbedtls_chachapoly_update(), * otherwise you can now safely use the plaintext. * - * \param ctx The ChachaPoly context to initialize. + * \param ctx The ChachaPoly context to initialize. Must not be \c NULL. */ void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx ); /** - * \brief This function releases and clears the specified ChaCha20-Poly1305 context. + * \brief This function releases and clears the specified + * ChaCha20-Poly1305 context. * - * \param ctx The ChachaPoly context to clear. + * \param ctx The ChachaPoly context to clear. This may be \c NULL, in which + * case this function is a no-op. */ void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ); /** - * \brief This function sets the ChaCha20-Poly1305 symmetric encryption key. + * \brief This function sets the ChaCha20-Poly1305 + * symmetric encryption key. * * \param ctx The ChaCha20-Poly1305 context to which the key should be - * bound. - * \param key The 256-bit (32 bytes) key. + * bound. This must be initialized. + * \param key The \c 256 Bit (\c 32 Bytes) key. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA - * if \p ctx or \p key are NULL. + * \return A negative error code on failure. */ int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, const unsigned char key[32] ); @@ -155,14 +157,15 @@ int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, * \warning Decryption with the piecewise API is discouraged, see the * warning on \c mbedtls_chachapoly_init(). * - * \param ctx The ChaCha20-Poly1305 context. - * \param nonce The nonce/IV to use for the message. Must be 12 bytes. + * \param ctx The ChaCha20-Poly1305 context. This must be initialized + * and bound to a key. + * \param nonce The nonce/IV to use for the message. + * This must be a redable buffer of length \c 12 Bytes. * \param mode The operation to perform: #MBEDTLS_CHACHAPOLY_ENCRYPT or * #MBEDTLS_CHACHAPOLY_DECRYPT (discouraged, see warning). * * \return \c 0 on success. - * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA - * if \p ctx or \p mac are NULL. + * \return A negative error code on failure. */ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, const unsigned char nonce[12], @@ -193,11 +196,12 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, * \warning Decryption with the piecewise API is discouraged, see the * warning on \c mbedtls_chachapoly_init(). * - * \param ctx The ChaCha20-Poly1305 context to use. - * \param aad_len The length (in bytes) of the AAD. The length has no + * \param ctx The ChaCha20-Poly1305 context. This must be initialized + * and bound to a key. + * \param aad_len The length in Bytes of the AAD. The length has no * restrictions. * \param aad Buffer containing the AAD. - * This pointer can be NULL if aad_len == 0. + * This pointer can be \c NULL if `aad_len == 0`. * * \return \c 0 on success. * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA @@ -227,20 +231,19 @@ int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx, * \warning Decryption with the piecewise API is discouraged, see the * warning on \c mbedtls_chachapoly_init(). * - * \param ctx The ChaCha20-Poly1305 context to use. + * \param ctx The ChaCha20-Poly1305 context to use. This must be initialized. * \param len The length (in bytes) of the data to encrypt or decrypt. * \param input The buffer containing the data to encrypt or decrypt. - * This pointer can be NULL if len == 0. - * \param output The buffer to where the encrypted or decrypted data is written. - * Must be able to hold \p len bytes. - * This pointer can be NULL if len == 0. + * This pointer can be \c NULL if `len == 0`. + * \param output The buffer to where the encrypted or decrypted data is + * written. This must be able to hold \p len bytes. + * This pointer can be \c NULL if `len == 0`. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA - * if \p ctx, \p input, or \p output are NULL. * \return #MBEDTLS_ERR_CHACHAPOLY_BAD_STATE * if the operation has not been started or has been * finished. + * \return Another negative error code on other kinds of failure. */ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, size_t len, @@ -251,18 +254,17 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, * \brief This function finished the ChaCha20-Poly1305 operation and * generates the MAC (authentication tag). * - * \param ctx The ChaCha20-Poly1305 context to use. + * \param ctx The ChaCha20-Poly1305 context to use. This must be initialized. * \param mac The buffer to where the 128-bit (16 bytes) MAC is written. * * \warning Decryption with the piecewise API is discouraged, see the * warning on \c mbedtls_chachapoly_init(). * * \return \c 0 on success. - * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA - * if \p ctx or \p mac are NULL. * \return #MBEDTLS_ERR_CHACHAPOLY_BAD_STATE * if the operation has not been started or has been * finished. + * \return Another negative error code on other kinds of failure. */ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, unsigned char mac[16] ); @@ -280,20 +282,21 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, * and key. * * \param ctx The ChaCha20-Poly1305 context to use (holds the key). + * This must be initialized. * \param length The length (in bytes) of the data to encrypt or decrypt. * \param nonce The 96-bit (12 bytes) nonce/IV to use. - * \param aad The buffer containing the additional authenticated data (AAD). - * This pointer can be NULL if aad_len == 0. + * \param aad The buffer containing the additional authenticated + * data (AAD). This pointer can be \c NULL if `aad_len == 0`. * \param aad_len The length (in bytes) of the AAD data to process. * \param input The buffer containing the data to encrypt or decrypt. - * This pointer can be NULL if ilen == 0. - * \param output The buffer to where the encrypted or decrypted data is written. - * This pointer can be NULL if ilen == 0. - * \param tag The buffer to where the computed 128-bit (16 bytes) MAC is written. + * This pointer can be \c NULL if `ilen == 0`. + * \param output The buffer to where the encrypted or decrypted data + * is written. This pointer can be \c NULL if `ilen == 0`. + * \param tag The buffer to where the computed 128-bit (16 bytes) MAC + * is written. This must not be \c NULL. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA - * if one or more of the required parameters are NULL. + * \return A negative error code on failure. */ int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, size_t length, @@ -312,22 +315,22 @@ int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, * \c mbedtls_chachapoly_setkey(). * * \param ctx The ChaCha20-Poly1305 context to use (holds the key). - * \param length The length (in bytes) of the data to decrypt. - * \param nonce The 96-bit (12 bytes) nonce/IV to use. + * \param length The length (in Bytes) of the data to decrypt. + * \param nonce The \c 96 Bit (\c 12 bytes) nonce/IV to use. * \param aad The buffer containing the additional authenticated data (AAD). - * This pointer can be NULL if aad_len == 0. + * This pointer can be \c NULL if `aad_len == 0`. * \param aad_len The length (in bytes) of the AAD data to process. * \param tag The buffer holding the authentication tag. + * This must be a readable buffer of length \c 16 Bytes. * \param input The buffer containing the data to decrypt. - * This pointer can be NULL if ilen == 0. + * This pointer can be \c NULL if `ilen == 0`. * \param output The buffer to where the decrypted data is written. - * This pointer can be NULL if ilen == 0. + * This pointer can be \c NULL if `ilen == 0`. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA - * if one or more of the required parameters are NULL. * \return #MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED * if the data was not authentic. + * \return Another negative error code on other kinds of failure. */ int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, size_t length, diff --git a/thirdparty/mbedtls/include/mbedtls/check_config.h b/thirdparty/mbedtls/include/mbedtls/check_config.h index 9e6bb8a46a..b86e5807e0 100644 --- a/thirdparty/mbedtls/include/mbedtls/check_config.h +++ b/thirdparty/mbedtls/include/mbedtls/check_config.h @@ -108,6 +108,17 @@ #error "MBEDTLS_ECJPAKE_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_ECP_RESTARTABLE) && \ + ( defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) || \ + defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) || \ + defined(MBEDTLS_ECDSA_SIGN_ALT) || \ + defined(MBEDTLS_ECDSA_VERIFY_ALT) || \ + defined(MBEDTLS_ECDSA_GENKEY_ALT) || \ + defined(MBEDTLS_ECP_INTERNAL_ALT) || \ + defined(MBEDTLS_ECP_ALT) ) +#error "MBEDTLS_ECP_RESTARTABLE defined, but it cannot coexist with an alternative ECP implementation" +#endif + #if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C) #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites" #endif @@ -127,6 +138,10 @@ #error "MBEDTLS_ECP_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_ASN1_PARSE_C) +#error "MBEDTLS_PK_PARSE_C defined, but not all prerequesites" +#endif + #if defined(MBEDTLS_ENTROPY_C) && (!defined(MBEDTLS_SHA512_C) && \ !defined(MBEDTLS_SHA256_C)) #error "MBEDTLS_ENTROPY_C defined, but not all prerequisites" diff --git a/thirdparty/mbedtls/include/mbedtls/cipher.h b/thirdparty/mbedtls/include/mbedtls/cipher.h index ea0ce983f1..922b6c32c6 100644 --- a/thirdparty/mbedtls/include/mbedtls/cipher.h +++ b/thirdparty/mbedtls/include/mbedtls/cipher.h @@ -36,6 +36,7 @@ #endif #include <stddef.h> +#include "mbedtls/platform_util.h" #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) #define MBEDTLS_CIPHER_MODE_AEAD @@ -45,7 +46,8 @@ #define MBEDTLS_CIPHER_MODE_WITH_PADDING #endif -#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \ + defined(MBEDTLS_CHACHA20_C) #define MBEDTLS_CIPHER_MODE_STREAM #endif @@ -61,6 +63,8 @@ #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */ #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */ #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380 /**< The context is invalid. For example, because it was freed. */ + +/* MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400 /**< Cipher hardware accelerator failed. */ #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length. */ @@ -235,7 +239,8 @@ typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t; * Cipher information. Allows calling cipher functions * in a generic way. */ -typedef struct { +typedef struct mbedtls_cipher_info_t +{ /** Full cipher identifier. For example, * MBEDTLS_CIPHER_AES_256_CBC. */ @@ -276,7 +281,8 @@ typedef struct { /** * Generic cipher context. */ -typedef struct { +typedef struct mbedtls_cipher_context_t +{ /** Information about the associated cipher. */ const mbedtls_cipher_info_t *cipher_info; @@ -331,11 +337,12 @@ const int *mbedtls_cipher_list( void ); * \brief This function retrieves the cipher-information * structure associated with the given cipher name. * - * \param cipher_name Name of the cipher to search for. + * \param cipher_name Name of the cipher to search for. This must not be + * \c NULL. * * \return The cipher information structure associated with the * given \p cipher_name. - * \return NULL if the associated cipher information is not found. + * \return \c NULL if the associated cipher information is not found. */ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name ); @@ -347,7 +354,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher * * \return The cipher information structure associated with the * given \p cipher_type. - * \return NULL if the associated cipher information is not found. + * \return \c NULL if the associated cipher information is not found. */ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type ); @@ -363,7 +370,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher * * \return The cipher information structure associated with the * given \p cipher_id. - * \return NULL if the associated cipher information is not found. + * \return \c NULL if the associated cipher information is not found. */ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id, int key_bitlen, @@ -371,6 +378,8 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_ciph /** * \brief This function initializes a \p cipher_context as NONE. + * + * \param ctx The context to be initialized. This must not be \c NULL. */ void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ); @@ -378,6 +387,10 @@ void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ); * \brief This function frees and clears the cipher-specific * context of \p ctx. Freeing \p ctx itself remains the * responsibility of the caller. + * + * \param ctx The context to be freed. If this is \c NULL, the + * function has no effect, otherwise this must point to an + * initialized context. */ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); @@ -387,7 +400,7 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); * structure with the appropriate values. It also clears * the structure. * - * \param ctx The context to initialize. May not be NULL. + * \param ctx The context to initialize. This must be initialized. * \param cipher_info The cipher to use. * * \return \c 0 on success. @@ -400,19 +413,22 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); * In future versions, the caller will be required to call * mbedtls_cipher_init() on the structure first. */ -int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info ); +int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, + const mbedtls_cipher_info_t *cipher_info ); /** * \brief This function returns the block size of the given cipher. * - * \param ctx The context of the cipher. Must be initialized. + * \param ctx The context of the cipher. This must be initialized. * - * \return The size of the blocks of the cipher. - * \return 0 if \p ctx has not been initialized. + * \return The block size of the underlying cipher. + * \return \c 0 if \p ctx has not been initialized. */ -static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx ) +static inline unsigned int mbedtls_cipher_get_block_size( + const mbedtls_cipher_context_t *ctx ) { - if( NULL == ctx || NULL == ctx->cipher_info ) + MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); + if( ctx->cipher_info == NULL ) return 0; return ctx->cipher_info->block_size; @@ -422,14 +438,16 @@ static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_c * \brief This function returns the mode of operation for * the cipher. For example, MBEDTLS_MODE_CBC. * - * \param ctx The context of the cipher. Must be initialized. + * \param ctx The context of the cipher. This must be initialized. * * \return The mode of operation. * \return #MBEDTLS_MODE_NONE if \p ctx has not been initialized. */ -static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx ) +static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( + const mbedtls_cipher_context_t *ctx ) { - if( NULL == ctx || NULL == ctx->cipher_info ) + MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_MODE_NONE ); + if( ctx->cipher_info == NULL ) return MBEDTLS_MODE_NONE; return ctx->cipher_info->mode; @@ -439,15 +457,17 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtl * \brief This function returns the size of the IV or nonce * of the cipher, in Bytes. * - * \param ctx The context of the cipher. Must be initialized. + * \param ctx The context of the cipher. This must be initialized. * * \return The recommended IV size if no IV has been set. * \return \c 0 for ciphers not using an IV or a nonce. * \return The actual size if an IV has been set. */ -static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx ) +static inline int mbedtls_cipher_get_iv_size( + const mbedtls_cipher_context_t *ctx ) { - if( NULL == ctx || NULL == ctx->cipher_info ) + MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); + if( ctx->cipher_info == NULL ) return 0; if( ctx->iv_size != 0 ) @@ -459,14 +479,17 @@ static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ct /** * \brief This function returns the type of the given cipher. * - * \param ctx The context of the cipher. Must be initialized. + * \param ctx The context of the cipher. This must be initialized. * * \return The type of the cipher. * \return #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized. */ -static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx ) +static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( + const mbedtls_cipher_context_t *ctx ) { - if( NULL == ctx || NULL == ctx->cipher_info ) + MBEDTLS_INTERNAL_VALIDATE_RET( + ctx != NULL, MBEDTLS_CIPHER_NONE ); + if( ctx->cipher_info == NULL ) return MBEDTLS_CIPHER_NONE; return ctx->cipher_info->type; @@ -476,14 +499,16 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_ciphe * \brief This function returns the name of the given cipher * as a string. * - * \param ctx The context of the cipher. Must be initialized. + * \param ctx The context of the cipher. This must be initialized. * * \return The name of the cipher. * \return NULL if \p ctx has not been not initialized. */ -static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx ) +static inline const char *mbedtls_cipher_get_name( + const mbedtls_cipher_context_t *ctx ) { - if( NULL == ctx || NULL == ctx->cipher_info ) + MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 ); + if( ctx->cipher_info == NULL ) return 0; return ctx->cipher_info->name; @@ -492,15 +517,18 @@ static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_ /** * \brief This function returns the key length of the cipher. * - * \param ctx The context of the cipher. Must be initialized. + * \param ctx The context of the cipher. This must be initialized. * * \return The key length of the cipher in bits. * \return #MBEDTLS_KEY_LENGTH_NONE if ctx \p has not been * initialized. */ -static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx ) +static inline int mbedtls_cipher_get_key_bitlen( + const mbedtls_cipher_context_t *ctx ) { - if( NULL == ctx || NULL == ctx->cipher_info ) + MBEDTLS_INTERNAL_VALIDATE_RET( + ctx != NULL, MBEDTLS_KEY_LENGTH_NONE ); + if( ctx->cipher_info == NULL ) return MBEDTLS_KEY_LENGTH_NONE; return (int) ctx->cipher_info->key_bitlen; @@ -509,14 +537,17 @@ static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t /** * \brief This function returns the operation of the given cipher. * - * \param ctx The context of the cipher. Must be initialized. + * \param ctx The context of the cipher. This must be initialized. * * \return The type of operation: #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT. * \return #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized. */ -static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx ) +static inline mbedtls_operation_t mbedtls_cipher_get_operation( + const mbedtls_cipher_context_t *ctx ) { - if( NULL == ctx || NULL == ctx->cipher_info ) + MBEDTLS_INTERNAL_VALIDATE_RET( + ctx != NULL, MBEDTLS_OPERATION_NONE ); + if( ctx->cipher_info == NULL ) return MBEDTLS_OPERATION_NONE; return ctx->operation; @@ -525,11 +556,11 @@ static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_ci /** * \brief This function sets the key to use with the given context. * - * \param ctx The generic cipher context. May not be NULL. Must have - * been initialized using mbedtls_cipher_info_from_type() - * or mbedtls_cipher_info_from_string(). - * \param key The key to use. - * \param key_bitlen The key length to use, in bits. + * \param ctx The generic cipher context. This must be initialized and + * bound to a cipher information structure. + * \param key The key to use. This must be a readable buffer of at + * least \p key_bitlen Bits. + * \param key_bitlen The key length to use, in Bits. * \param operation The operation that the key will be used for: * #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT. * @@ -538,8 +569,10 @@ static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_ci * parameter-verification failure. * \return A cipher-specific error code on failure. */ -int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key, - int key_bitlen, const mbedtls_operation_t operation ); +int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, + const unsigned char *key, + int key_bitlen, + const mbedtls_operation_t operation ); #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /** @@ -548,7 +581,8 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *k * * The default passing mode is PKCS7 padding. * - * \param ctx The generic cipher context. + * \param ctx The generic cipher context. This must be initialized and + * bound to a cipher information structure. * \param mode The padding mode. * * \return \c 0 on success. @@ -557,7 +591,8 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *k * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode * does not support padding. */ -int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode ); +int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, + mbedtls_cipher_padding_t mode ); #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ /** @@ -567,8 +602,10 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_ciph * \note Some ciphers do not use IVs nor nonce. For these * ciphers, this function has no effect. * - * \param ctx The generic cipher context. - * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. + * \param ctx The generic cipher context. This must be initialized and + * bound to a cipher information structure. + * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. This + * must be a readable buffer of at least \p iv_len Bytes. * \param iv_len The IV length for ciphers with variable-size IV. * This parameter is discarded by ciphers with fixed-size IV. * @@ -577,12 +614,13 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_ciph * parameter-verification failure. */ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len ); + const unsigned char *iv, + size_t iv_len ); /** * \brief This function resets the cipher state. * - * \param ctx The generic cipher context. + * \param ctx The generic cipher context. This must be initialized. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on @@ -594,11 +632,13 @@ int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ); /** * \brief This function adds additional data for AEAD ciphers. * Currently supported with GCM and ChaCha20+Poly1305. - * Must be called exactly once, after mbedtls_cipher_reset(). + * This must be called exactly once, after + * mbedtls_cipher_reset(). * - * \param ctx The generic cipher context. - * \param ad The additional data to use. - * \param ad_len the Length of \p ad. + * \param ctx The generic cipher context. This must be initialized. + * \param ad The additional data to use. This must be a readable + * buffer of at least \p ad_len Bytes. + * \param ad_len the Length of \p ad Bytes. * * \return \c 0 on success. * \return A specific error code on failure. @@ -622,14 +662,17 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, * mbedtls_cipher_finish(), must have \p ilen as a * multiple of the block size of the cipher. * - * \param ctx The generic cipher context. - * \param input The buffer holding the input data. + * \param ctx The generic cipher context. This must be initialized and + * bound to a key. + * \param input The buffer holding the input data. This must be a + * readable buffer of at least \p ilen Bytes. * \param ilen The length of the input data. - * \param output The buffer for the output data. Must be able to hold at - * least \p ilen + block_size. Must not be the same buffer - * as input. + * \param output The buffer for the output data. This must be able to + * hold at least `ilen + block_size`. This must not be the + * same buffer as \p input. * \param olen The length of the output data, to be updated with the - * actual number of Bytes written. + * actual number of Bytes written. This must not be + * \c NULL. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on @@ -647,9 +690,12 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i * contained in it is padded to the size of * the last block, and written to the \p output buffer. * - * \param ctx The generic cipher context. - * \param output The buffer to write data to. Needs block_size available. + * \param ctx The generic cipher context. This must be initialized and + * bound to a key. + * \param output The buffer to write data to. This needs to be a writable + * buffer of at least \p block_size Bytes. * \param olen The length of the data written to the \p output buffer. + * This may not be \c NULL. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on @@ -667,10 +713,14 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, /** * \brief This function writes a tag for AEAD ciphers. * Currently supported with GCM and ChaCha20+Poly1305. - * Must be called after mbedtls_cipher_finish(). - * - * \param ctx The generic cipher context. - * \param tag The buffer to write the tag to. + * This must be called after mbedtls_cipher_finish(). + * + * \param ctx The generic cipher context. This must be initialized, + * bound to a key, and have just completed a cipher + * operation through mbedtls_cipher_finish() the tag for + * which should be written. + * \param tag The buffer to write the tag to. This must be a writable + * buffer of at least \p tag_len Bytes. * \param tag_len The length of the tag to write. * * \return \c 0 on success. @@ -682,10 +732,11 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, /** * \brief This function checks the tag for AEAD ciphers. * Currently supported with GCM and ChaCha20+Poly1305. - * Must be called after mbedtls_cipher_finish(). + * This must be called after mbedtls_cipher_finish(). * - * \param ctx The generic cipher context. - * \param tag The buffer holding the tag. + * \param ctx The generic cipher context. This must be initialized. + * \param tag The buffer holding the tag. This must be a readable + * buffer of at least \p tag_len Bytes. * \param tag_len The length of the tag to check. * * \return \c 0 on success. @@ -699,18 +750,22 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, * \brief The generic all-in-one encryption/decryption function, * for all ciphers except AEAD constructs. * - * \param ctx The generic cipher context. + * \param ctx The generic cipher context. This must be initialized. * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. + * This must be a readable buffer of at least \p iv_len + * Bytes. * \param iv_len The IV length for ciphers with variable-size IV. * This parameter is discarded by ciphers with fixed-size * IV. - * \param input The buffer holding the input data. - * \param ilen The length of the input data. - * \param output The buffer for the output data. Must be able to hold at - * least \p ilen + block_size. Must not be the same buffer - * as input. + * \param input The buffer holding the input data. This must be a + * readable buffer of at least \p ilen Bytes. + * \param ilen The length of the input data in Bytes. + * \param output The buffer for the output data. This must be able to + * hold at least `ilen + block_size`. This must not be the + * same buffer as \p input. * \param olen The length of the output data, to be updated with the - * actual number of Bytes written. + * actual number of Bytes written. This must not be + * \c NULL. * * \note Some ciphers do not use IVs nor nonce. For these * ciphers, use \p iv = NULL and \p iv_len = 0. @@ -733,19 +788,26 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, /** * \brief The generic autenticated encryption (AEAD) function. * - * \param ctx The generic cipher context. + * \param ctx The generic cipher context. This must be initialized and + * bound to a key. * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. + * This must be a readable buffer of at least \p iv_len + * Bytes. * \param iv_len The IV length for ciphers with variable-size IV. * This parameter is discarded by ciphers with fixed-size IV. - * \param ad The additional data to authenticate. + * \param ad The additional data to authenticate. This must be a + * readable buffer of at least \p ad_len Bytes. * \param ad_len The length of \p ad. - * \param input The buffer holding the input data. + * \param input The buffer holding the input data. This must be a + * readable buffer of at least \p ilen Bytes. * \param ilen The length of the input data. - * \param output The buffer for the output data. - * Must be able to hold at least \p ilen. + * \param output The buffer for the output data. This must be able to + * hold at least \p ilen Bytes. * \param olen The length of the output data, to be updated with the - * actual number of Bytes written. - * \param tag The buffer for the authentication tag. + * actual number of Bytes written. This must not be + * \c NULL. + * \param tag The buffer for the authentication tag. This must be a + * writable buffer of at least \p tag_len Bytes. * \param tag_len The desired length of the authentication tag. * * \return \c 0 on success. @@ -767,19 +829,26 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, * is zeroed out to prevent the unauthentic plaintext being * used, making this interface safer. * - * \param ctx The generic cipher context. + * \param ctx The generic cipher context. This must be initialized and + * and bound to a key. * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. + * This must be a readable buffer of at least \p iv_len + * Bytes. * \param iv_len The IV length for ciphers with variable-size IV. * This parameter is discarded by ciphers with fixed-size IV. - * \param ad The additional data to be authenticated. + * \param ad The additional data to be authenticated. This must be a + * readable buffer of at least \p ad_len Bytes. * \param ad_len The length of \p ad. - * \param input The buffer holding the input data. + * \param input The buffer holding the input data. This must be a + * readable buffer of at least \p ilen Bytes. * \param ilen The length of the input data. * \param output The buffer for the output data. - * Must be able to hold at least \p ilen. + * This must be able to hold at least \p ilen Bytes. * \param olen The length of the output data, to be updated with the - * actual number of Bytes written. - * \param tag The buffer holding the authentication tag. + * actual number of Bytes written. This must not be + * \c NULL. + * \param tag The buffer holding the authentication tag. This must be + * a readable buffer of at least \p tag_len Bytes. * \param tag_len The length of the authentication tag. * * \return \c 0 on success. diff --git a/thirdparty/mbedtls/include/mbedtls/cmac.h b/thirdparty/mbedtls/include/mbedtls/cmac.h index a4fd552565..c196793531 100644 --- a/thirdparty/mbedtls/include/mbedtls/cmac.h +++ b/thirdparty/mbedtls/include/mbedtls/cmac.h @@ -34,6 +34,7 @@ extern "C" { #endif +/* MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -0x007A /**< CMAC hardware accelerator failed. */ #define MBEDTLS_AES_BLOCK_SIZE 16 diff --git a/thirdparty/mbedtls/include/mbedtls/config.h b/thirdparty/mbedtls/include/mbedtls/config.h index 6daa8d103b..51d66291a5 100644 --- a/thirdparty/mbedtls/include/mbedtls/config.h +++ b/thirdparty/mbedtls/include/mbedtls/config.h @@ -137,12 +137,21 @@ /** * \def MBEDTLS_HAVE_TIME_DATE * - * System has time.h and time(), gmtime() and the clock is correct. + * System has time.h, time(), and an implementation for + * mbedtls_platform_gmtime_r() (see below). * The time needs to be correct (not necesarily very accurate, but at least * the date should be correct). This is used to verify the validity period of * X.509 certificates. * * Comment if your system does not have a correct clock. + * + * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that + * behaves similarly to the gmtime_r() function from the C standard. Refer to + * the documentation for mbedtls_platform_gmtime_r() for more information. + * + * \note It is possible to configure an implementation for + * mbedtls_platform_gmtime_r() at compile-time by using the macro + * MBEDTLS_PLATFORM_GMTIME_R_ALT. */ #define MBEDTLS_HAVE_TIME_DATE @@ -247,6 +256,48 @@ */ //#define MBEDTLS_DEPRECATED_REMOVED +/** + * \def MBEDTLS_CHECK_PARAMS + * + * This configuration option controls whether the library validates more of + * the parameters passed to it. + * + * When this flag is not defined, the library only attempts to validate an + * input parameter if: (1) they may come from the outside world (such as the + * network, the filesystem, etc.) or (2) not validating them could result in + * internal memory errors such as overflowing a buffer controlled by the + * library. On the other hand, it doesn't attempt to validate parameters whose + * values are fully controlled by the application (such as pointers). + * + * When this flag is defined, the library additionally attempts to validate + * parameters that are fully controlled by the application, and should always + * be valid if the application code is fully correct and trusted. + * + * For example, when a function accepts as input a pointer to a buffer that may + * contain untrusted data, and its documentation mentions that this pointer + * must not be NULL: + * - the pointer is checked to be non-NULL only if this option is enabled + * - the content of the buffer is always validated + * + * When this flag is defined, if a library function receives a parameter that + * is invalid, it will: + * - invoke the macro MBEDTLS_PARAM_FAILED() which by default expands to a + * call to the function mbedtls_param_failed() + * - immediately return (with a specific error code unless the function + * returns void and can't communicate an error). + * + * When defining this flag, you also need to: + * - either provide a definition of the function mbedtls_param_failed() in + * your application (see platform_util.h for its prototype) as the library + * calls that function, but does not provide a default definition for it, + * - or provide a different definition of the macro MBEDTLS_PARAM_FAILED() + * below if the above mechanism is not flexible enough to suit your needs. + * See the documentation of this macro later in this file. + * + * Uncomment to enable validation of application-controlled parameters. + */ +//#define MBEDTLS_CHECK_PARAMS + /* \} name SECTION: System support */ /** @@ -405,11 +456,11 @@ * unsigned char mbedtls_internal_ecp_grp_capable( * const mbedtls_ecp_group *grp ) * int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp ) - * void mbedtls_internal_ecp_deinit( const mbedtls_ecp_group *grp ) + * void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp ) * The mbedtls_internal_ecp_grp_capable function should return 1 if the * replacement functions implement arithmetic for the given group and 0 * otherwise. - * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_deinit are + * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_free are * called before and after each point operation and provide an opportunity to * implement optimized set up and tear down instructions. * @@ -669,6 +720,30 @@ #define MBEDTLS_ECP_NIST_OPTIM /** + * \def MBEDTLS_ECP_RESTARTABLE + * + * Enable "non-blocking" ECC operations that can return early and be resumed. + * + * This allows various functions to pause by returning + * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module, + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in + * order to further progress and eventually complete their operation. This is + * controlled through mbedtls_ecp_set_max_ops() which limits the maximum + * number of ECC operations a function may perform before pausing; see + * mbedtls_ecp_set_max_ops() for more information. + * + * This is useful in non-threaded environments if you want to avoid blocking + * for too long on ECC (and, hence, X.509 or SSL/TLS) operations. + * + * Uncomment this macro to enable restartable ECC computations. + * + * \note This option only works with the default software implementation of + * elliptic curve functionality. It is incompatible with + * MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT. + */ +//#define MBEDTLS_ECP_RESTARTABLE + +/** * \def MBEDTLS_ECDSA_DETERMINISTIC * * Enable deterministic ECDSA (RFC 6979). @@ -1279,7 +1354,7 @@ /** * \def MBEDTLS_SSL_RENEGOTIATION * - * Disable support for TLS renegotiation. + * Enable support for TLS renegotiation. * * The two main uses of renegotiation are (1) refresh keys on long-lived * connections and (2) client authentication after the initial handshake. @@ -2018,14 +2093,16 @@ /** * \def MBEDTLS_CTR_DRBG_C * - * Enable the CTR_DRBG AES-256-based random generator. + * Enable the CTR_DRBG AES-based random generator. + * The CTR_DRBG generator uses AES-256 by default. + * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below. * * Module: library/ctr_drbg.c * Caller: * * Requires: MBEDTLS_AES_C * - * This module provides the CTR_DRBG AES-256 random number generator. + * This module provides the CTR_DRBG AES random number generator. */ #define MBEDTLS_CTR_DRBG_C @@ -2389,6 +2466,22 @@ #define MBEDTLS_OID_C /** + * \def MBEDTLS_PADLOCK_C + * + * Enable VIA Padlock support on x86. + * + * Module: library/padlock.c + * Caller: library/aes.c + * + * Requires: MBEDTLS_HAVE_ASM + * + * This modules adds support for the VIA PadLock on x86. + */ +// -- GODOT start -- +// #define MBEDTLS_PADLOCK_C +// -- GODOT end -- + +/** * \def MBEDTLS_PEM_PARSE_C * * Enable PEM decoding / parsing. @@ -2896,6 +2989,7 @@ //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ +//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */ /* HMAC_DRBG options */ //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ @@ -2946,6 +3040,36 @@ //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ +/** + * \brief This macro is invoked by the library when an invalid parameter + * is detected that is only checked with MBEDTLS_CHECK_PARAMS + * (see the documentation of that option for context). + * + * When you leave this undefined here, a default definition is + * provided that invokes the function mbedtls_param_failed(), + * which is declared in platform_util.h for the benefit of the + * library, but that you need to define in your application. + * + * When you define this here, this replaces the default + * definition in platform_util.h (which no longer declares the + * function mbedtls_param_failed()) and it is your responsibility + * to make sure this macro expands to something suitable (in + * particular, that all the necessary declarations are visible + * from within the library - you can ensure that by providing + * them in this file next to the macro definition). + * + * Note that you may define this macro to expand to nothing, in + * which case you don't have to worry about declarations or + * definitions. However, you will then be notified about invalid + * parameters only in non-void functions, and void function will + * just silently return early on invalid parameters, which + * partially negates the benefits of enabling + * #MBEDTLS_CHECK_PARAMS in the first place, so is discouraged. + * + * \param cond The expression that should evaluate to true, but doesn't. + */ +//#define MBEDTLS_PARAM_FAILED( cond ) assert( cond ) + /* SSL Cache options */ //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ @@ -2954,31 +3078,65 @@ /** \def MBEDTLS_SSL_MAX_CONTENT_LEN * - * Maximum fragment length in bytes. + * Maximum length (in bytes) of incoming and outgoing plaintext fragments. + * + * This determines the size of both the incoming and outgoing TLS I/O buffers + * in such a way that both are capable of holding the specified amount of + * plaintext data, regardless of the protection mechanism used. * - * Determines the size of both the incoming and outgoing TLS I/O buffers. + * To configure incoming and outgoing I/O buffers separately, use + * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, + * which overwrite the value set by this option. * - * Uncommenting MBEDTLS_SSL_IN_CONTENT_LEN and/or MBEDTLS_SSL_OUT_CONTENT_LEN - * will override this length by setting maximum incoming and/or outgoing - * fragment length, respectively. + * \note When using a value less than the default of 16KB on the client, it is + * recommended to use the Maximum Fragment Length (MFL) extension to + * inform the server about this limitation. On the server, there + * is no supported, standardized way of informing the client about + * restriction on the maximum size of incoming messages, and unless + * the limitation has been communicated by other means, it is recommended + * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN + * while keeping the default value of 16KB for the incoming buffer. + * + * Uncomment to set the maximum plaintext size of both + * incoming and outgoing I/O buffers. */ //#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /** \def MBEDTLS_SSL_IN_CONTENT_LEN * - * Maximum incoming fragment length in bytes. + * Maximum length (in bytes) of incoming plaintext fragments. + * + * This determines the size of the incoming TLS I/O buffer in such a way + * that it is capable of holding the specified amount of plaintext data, + * regardless of the protection mechanism used. + * + * If this option is undefined, it inherits its value from + * #MBEDTLS_SSL_MAX_CONTENT_LEN. + * + * \note When using a value less than the default of 16KB on the client, it is + * recommended to use the Maximum Fragment Length (MFL) extension to + * inform the server about this limitation. On the server, there + * is no supported, standardized way of informing the client about + * restriction on the maximum size of incoming messages, and unless + * the limitation has been communicated by other means, it is recommended + * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN + * while keeping the default value of 16KB for the incoming buffer. * - * Uncomment to set the size of the inward TLS buffer independently of the - * outward buffer. + * Uncomment to set the maximum plaintext size of the incoming I/O buffer + * independently of the outgoing I/O buffer. */ //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 /** \def MBEDTLS_SSL_OUT_CONTENT_LEN * - * Maximum outgoing fragment length in bytes. + * Maximum length (in bytes) of outgoing plaintext fragments. * - * Uncomment to set the size of the outward TLS buffer independently of the - * inward buffer. + * This determines the size of the outgoing TLS I/O buffer in such a way + * that it is capable of holding the specified amount of plaintext data, + * regardless of the protection mechanism used. + * + * If this option undefined, it inherits its value from + * #MBEDTLS_SSL_MAX_CONTENT_LEN. * * It is possible to save RAM by setting a smaller outward buffer, while keeping * the default inward 16384 byte buffer to conform to the TLS specification. @@ -2988,14 +3146,28 @@ * The specific size requirement depends on the configured ciphers and any * certificate data which is sent during the handshake. * - * For absolute minimum RAM usage, it's best to enable - * MBEDTLS_SSL_MAX_FRAGMENT_LENGTH and reduce MBEDTLS_SSL_MAX_CONTENT_LEN. This - * reduces both incoming and outgoing buffer sizes. However this is only - * guaranteed if the other end of the connection also supports the TLS - * max_fragment_len extension. Otherwise the connection may fail. + * Uncomment to set the maximum plaintext size of the outgoing I/O buffer + * independently of the incoming I/O buffer. */ //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 +/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING + * + * Maximum number of heap-allocated bytes for the purpose of + * DTLS handshake message reassembly and future message buffering. + * + * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN + * to account for a reassembled handshake message of maximum size, + * together with its reassembly bitmap. + * + * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) + * should be sufficient for all practical situations as it allows + * to reassembly a large handshake message (such as a certificate) + * while buffering multiple smaller handshake messages. + * + */ +//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 + //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */ //#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ @@ -3069,25 +3241,33 @@ */ //#define MBEDTLS_PLATFORM_ZEROIZE_ALT -/* \} name SECTION: Customisation configuration options */ - -/* Target and application specific configurations */ -//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "target_config.h" +/** + * Uncomment the macro to let Mbed TLS use your alternate implementation of + * mbedtls_platform_gmtime_r(). This replaces the default implementation in + * platform_util.c. + * + * gmtime() is not a thread-safe function as defined in the C standard. The + * library will try to use safer implementations of this function, such as + * gmtime_r() when available. However, if Mbed TLS cannot identify the target + * system, the implementation of mbedtls_platform_gmtime_r() will default to + * using the standard gmtime(). In this case, calls from the library to + * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex + * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the + * library are also guarded with this mutex to avoid race conditions. However, + * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will + * unconditionally use the implementation for mbedtls_platform_gmtime_r() + * supplied at compile time. + */ +//#define MBEDTLS_PLATFORM_GMTIME_R_ALT -#if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE) -#include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE -#endif +/* \} name SECTION: Customisation configuration options */ -/* +/* Target and application specific configurations + * * Allow user to override any previous default. * - * Use two macro names for that, as: - * - with yotta the prefix YOTTA_CFG_ is forced - * - without yotta is looks weird to have a YOTTA prefix. */ -#if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE) -#include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE -#elif defined(MBEDTLS_USER_CONFIG_FILE) +#if defined(MBEDTLS_USER_CONFIG_FILE) #include MBEDTLS_USER_CONFIG_FILE #endif diff --git a/thirdparty/mbedtls/include/mbedtls/ctr_drbg.h b/thirdparty/mbedtls/include/mbedtls/ctr_drbg.h index 3835d7299b..10f9389d9f 100644 --- a/thirdparty/mbedtls/include/mbedtls/ctr_drbg.h +++ b/thirdparty/mbedtls/include/mbedtls/ctr_drbg.h @@ -8,8 +8,11 @@ * Recommendation for Random Number Generation Using Deterministic Random * Bit Generators</em>. * - * The Mbed TLS implementation of CTR_DRBG uses AES-256 as the underlying - * block cipher. + * The Mbed TLS implementation of CTR_DRBG uses AES-256 (default) or AES-128 + * as the underlying block cipher. + * + * \warning Using 128-bit keys for CTR_DRBG limits the security of generated + * keys and operations that use random values generated to 128-bit security. */ /* * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved @@ -45,7 +48,13 @@ #define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read or write error in file. */ #define MBEDTLS_CTR_DRBG_BLOCKSIZE 16 /**< The block size used by the cipher. */ -#define MBEDTLS_CTR_DRBG_KEYSIZE 32 /**< The key size used by the cipher. */ + +#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) +#define MBEDTLS_CTR_DRBG_KEYSIZE 16 /**< The key size used by the cipher (compile-time choice: 128 bits). */ +#else +#define MBEDTLS_CTR_DRBG_KEYSIZE 32 /**< The key size used by the cipher (compile-time choice: 256 bits). */ +#endif + #define MBEDTLS_CTR_DRBG_KEYBITS ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 ) /**< The key size for the DRBG operation, in bits. */ #define MBEDTLS_CTR_DRBG_SEEDLEN ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE ) /**< The seed length, calculated as (counter + AES key). */ @@ -108,7 +117,7 @@ extern "C" { /** * \brief The CTR_DRBG context structure. */ -typedef struct +typedef struct mbedtls_ctr_drbg_context { unsigned char counter[16]; /*!< The counter (V). */ int reseed_counter; /*!< The reseed counter. */ @@ -230,18 +239,20 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, /** * \brief This function updates the state of the CTR_DRBG context. * - * \note If \p add_len is greater than - * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT, only the first - * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT Bytes are used. - * The remaining Bytes are silently discarded. - * * \param ctx The CTR_DRBG context. * \param additional The data to update the state with. - * \param add_len Length of \p additional data. - * + * \param add_len Length of \p additional in bytes. This must be at + * most #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG if + * \p add_len is more than + * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT. + * \return An error from the underlying AES cipher on failure. */ -void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, size_t add_len ); +int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t add_len ); /** * \brief This function updates a CTR_DRBG instance with additional @@ -281,6 +292,35 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len ); + +#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if defined(MBEDTLS_DEPRECATED_WARNING) +#define MBEDTLS_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_DEPRECATED +#endif +/** + * \brief This function updates the state of the CTR_DRBG context. + * + * \deprecated Superseded by mbedtls_ctr_drbg_update_ret() + * in 2.16.0. + * + * \note If \p add_len is greater than + * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT, only the first + * #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT Bytes are used. + * The remaining Bytes are silently discarded. + * + * \param ctx The CTR_DRBG context. + * \param additional The data to update the state with. + * \param add_len Length of \p additional data. + */ +MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update( + mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t add_len ); +#undef MBEDTLS_DEPRECATED +#endif /* !MBEDTLS_DEPRECATED_REMOVED */ + #if defined(MBEDTLS_FS_IO) /** * \brief This function writes a seed file. diff --git a/thirdparty/mbedtls/include/mbedtls/debug.h b/thirdparty/mbedtls/include/mbedtls/debug.h index ef8db67ff1..736444bb76 100644 --- a/thirdparty/mbedtls/include/mbedtls/debug.h +++ b/thirdparty/mbedtls/include/mbedtls/debug.h @@ -65,6 +65,11 @@ mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ) #endif +#if defined(MBEDTLS_ECDH_C) +#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) \ + mbedtls_debug_printf_ecdh( ssl, level, __FILE__, __LINE__, ecdh, attr ) +#endif + #else /* MBEDTLS_DEBUG_C */ #define MBEDTLS_SSL_DEBUG_MSG( level, args ) do { } while( 0 ) @@ -73,6 +78,7 @@ #define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) +#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr ) do { } while( 0 ) #endif /* MBEDTLS_DEBUG_C */ @@ -221,6 +227,36 @@ void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, const char *text, const mbedtls_x509_crt *crt ); #endif +#if defined(MBEDTLS_ECDH_C) +typedef enum +{ + MBEDTLS_DEBUG_ECDH_Q, + MBEDTLS_DEBUG_ECDH_QP, + MBEDTLS_DEBUG_ECDH_Z, +} mbedtls_debug_ecdh_attr; + +/** + * \brief Print a field of the ECDH structure in the SSL context to the debug + * output. This function is always used through the + * MBEDTLS_SSL_DEBUG_ECDH() macro, which supplies the ssl context, file + * and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the error has occurred in + * \param line line number the error has occurred in + * \param ecdh the ECDH context + * \param attr the identifier of the attribute being output + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const mbedtls_ecdh_context *ecdh, + mbedtls_debug_ecdh_attr attr ); +#endif + #ifdef __cplusplus } #endif diff --git a/thirdparty/mbedtls/include/mbedtls/des.h b/thirdparty/mbedtls/include/mbedtls/des.h index 6eb7d03bae..d62042d14e 100644 --- a/thirdparty/mbedtls/include/mbedtls/des.h +++ b/thirdparty/mbedtls/include/mbedtls/des.h @@ -42,6 +42,8 @@ #define MBEDTLS_DES_DECRYPT 0 #define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */ + +/* MBEDTLS_ERR_DES_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_DES_HW_ACCEL_FAILED -0x0033 /**< DES hardware accelerator failed. */ #define MBEDTLS_DES_KEY_SIZE 8 @@ -61,7 +63,7 @@ extern "C" { * security risk. We recommend considering stronger ciphers * instead. */ -typedef struct +typedef struct mbedtls_des_context { uint32_t sk[32]; /*!< DES subkeys */ } @@ -70,7 +72,7 @@ mbedtls_des_context; /** * \brief Triple-DES context structure */ -typedef struct +typedef struct mbedtls_des3_context { uint32_t sk[96]; /*!< 3DES subkeys */ } diff --git a/thirdparty/mbedtls/include/mbedtls/dhm.h b/thirdparty/mbedtls/include/mbedtls/dhm.h index 75317a8e6d..a5452c199a 100644 --- a/thirdparty/mbedtls/include/mbedtls/dhm.h +++ b/thirdparty/mbedtls/include/mbedtls/dhm.h @@ -84,7 +84,10 @@ #define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */ #define MBEDTLS_ERR_DHM_ALLOC_FAILED -0x3400 /**< Allocation of memory failed. */ #define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read or write of file failed. */ + +/* MBEDTLS_ERR_DHM_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_DHM_HW_ACCEL_FAILED -0x3500 /**< DHM hardware accelerator failed. */ + #define MBEDTLS_ERR_DHM_SET_GROUP_FAILED -0x3580 /**< Setting the modulus and generator failed. */ #ifdef __cplusplus @@ -96,7 +99,7 @@ extern "C" { /** * \brief The DHM context structure. */ -typedef struct +typedef struct mbedtls_dhm_context { size_t len; /*!< The size of \p P in Bytes. */ mbedtls_mpi P; /*!< The prime modulus. */ @@ -124,9 +127,15 @@ mbedtls_dhm_context; void mbedtls_dhm_init( mbedtls_dhm_context *ctx ); /** - * \brief This function parses the ServerKeyExchange parameters. + * \brief This function parses the DHM parameters in a + * TLS ServerKeyExchange handshake message + * (DHM modulus, generator, and public key). * - * \param ctx The DHM context. + * \note In a TLS handshake, this is the how the client + * sets up its DHM context from the server's public + * DHM key material. + * + * \param ctx The DHM context to use. This must be initialized. * \param p On input, *p must be the start of the input buffer. * On output, *p is updated to point to the end of the data * that has been read. On success, this is the first byte @@ -140,31 +149,37 @@ void mbedtls_dhm_init( mbedtls_dhm_context *ctx ); * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. */ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, - unsigned char **p, - const unsigned char *end ); + unsigned char **p, + const unsigned char *end ); /** - * \brief This function sets up and writes the ServerKeyExchange - * parameters. - * - * \note The destination buffer must be large enough to hold - * the reduced binary presentation of the modulus, the generator - * and the public key, each wrapped with a 2-byte length field. - * It is the responsibility of the caller to ensure that enough - * space is available. Refer to \c mbedtls_mpi_size to computing - * the byte-size of an MPI. + * \brief This function generates a DHM key pair and exports its + * public part together with the DHM parameters in the format + * used in a TLS ServerKeyExchange handshake message. * - * \note This function assumes that \c ctx->P and \c ctx->G - * have already been properly set. For that, use + * \note This function assumes that the DHM parameters \c ctx->P + * and \c ctx->G have already been properly set. For that, use * mbedtls_dhm_set_group() below in conjunction with * mbedtls_mpi_read_binary() and mbedtls_mpi_read_string(). * - * \param ctx The DHM context. + * \note In a TLS handshake, this is the how the server generates + * and exports its DHM key material. + * + * \param ctx The DHM context to use. This must be initialized + * and have the DHM parameters set. It may or may not + * already have imported the peer's public key. * \param x_size The private key size in Bytes. - * \param olen The number of characters written. - * \param output The destination buffer. - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * \param olen The address at which to store the number of Bytes + * written on success. This must not be \c NULL. + * \param output The destination buffer. This must be a writable buffer of + * sufficient size to hold the reduced binary presentation of + * the modulus, the generator and the public key, each wrapped + * with a 2-byte length field. It is the responsibility of the + * caller to ensure that enough space is available. Refer to + * mbedtls_mpi_size() to computing the byte-size of an MPI. + * \param f_rng The RNG function. Must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng doesn't need a context parameter. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. @@ -177,12 +192,14 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, /** * \brief This function sets the prime modulus and generator. * - * \note This function can be used to set \p P, \p G + * \note This function can be used to set \c ctx->P, \c ctx->G * in preparation for mbedtls_dhm_make_params(). * - * \param ctx The DHM context. - * \param P The MPI holding the DHM prime modulus. - * \param G The MPI holding the DHM generator. + * \param ctx The DHM context to configure. This must be initialized. + * \param P The MPI holding the DHM prime modulus. This must be + * an initialized MPI. + * \param G The MPI holding the DHM generator. This must be an + * initialized MPI. * * \return \c 0 if successful. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. @@ -192,11 +209,17 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, const mbedtls_mpi *G ); /** - * \brief This function imports the public value of the peer, G^Y. + * \brief This function imports the raw public value of the peer. + * + * \note In a TLS handshake, this is the how the server imports + * the Client's public DHM key. * - * \param ctx The DHM context. - * \param input The input buffer containing the G^Y value of the peer. - * \param ilen The size of the input buffer. + * \param ctx The DHM context to use. This must be initialized and have + * its DHM parameters set, e.g. via mbedtls_dhm_set_group(). + * It may or may not already have generated its own private key. + * \param input The input buffer containing the \c G^Y value of the peer. + * This must be a readable buffer of size \p ilen Bytes. + * \param ilen The size of the input buffer \p input in Bytes. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. @@ -205,21 +228,25 @@ int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, const unsigned char *input, size_t ilen ); /** - * \brief This function creates its own private key, \c X, and - * exports \c G^X. + * \brief This function creates a DHM key pair and exports + * the raw public key in big-endian format. * * \note The destination buffer is always fully written * so as to contain a big-endian representation of G^X mod P. - * If it is larger than ctx->len, it is padded accordingly + * If it is larger than \c ctx->len, it is padded accordingly * with zero-bytes at the beginning. * - * \param ctx The DHM context. + * \param ctx The DHM context to use. This must be initialized and + * have the DHM parameters set. It may or may not already + * have imported the peer's public key. * \param x_size The private key size in Bytes. - * \param output The destination buffer. - * \param olen The length of the destination buffer. Must be at least - * equal to ctx->len (the size of \c P). - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * \param output The destination buffer. This must be a writable buffer of + * size \p olen Bytes. + * \param olen The length of the destination buffer. This must be at least + * equal to `ctx->len` (the size of \c P). + * \param f_rng The RNG function. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL + * if \p f_rng doesn't need a context argument. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. @@ -230,22 +257,27 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, void *p_rng ); /** - * \brief This function derives and exports the shared secret - * \c (G^Y)^X mod \c P. + * \brief This function derives and exports the shared secret + * \c (G^Y)^X mod \c P. * - * \note If \p f_rng is not NULL, it is used to blind the input as - * a countermeasure against timing attacks. Blinding is used - * only if our private key \c X is re-used, and not used - * otherwise. We recommend always passing a non-NULL - * \p f_rng argument. + * \note If \p f_rng is not \c NULL, it is used to blind the input as + * a countermeasure against timing attacks. Blinding is used + * only if our private key \c X is re-used, and not used + * otherwise. We recommend always passing a non-NULL + * \p f_rng argument. * - * \param ctx The DHM context. - * \param output The destination buffer. - * \param output_size The size of the destination buffer. Must be at least - * the size of ctx->len (the size of \c P). + * \param ctx The DHM context to use. This must be initialized + * and have its own private key generated and the peer's + * public key imported. + * \param output The buffer to write the generated shared key to. This + * must be a writable buffer of size \p output_size Bytes. + * \param output_size The size of the destination buffer. This must be at + * least the size of \c ctx->len (the size of \c P). * \param olen On exit, holds the actual number of Bytes written. - * \param f_rng The RNG function, for blinding purposes. - * \param p_rng The RNG context. + * \param f_rng The RNG function, for blinding purposes. This may + * b \c NULL if blinding isn't needed. + * \param p_rng The RNG context. This may be \c NULL if \p f_rng + * doesn't need a context argument. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_DHM_XXX error code on failure. @@ -256,9 +288,12 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, void *p_rng ); /** - * \brief This function frees and clears the components of a DHM context. + * \brief This function frees and clears the components + * of a DHM context. * - * \param ctx The DHM context to free and clear. + * \param ctx The DHM context to free and clear. This may be \c NULL, + * in which case this function is a no-op. If it is not \c NULL, + * it must point to an initialized DHM context. */ void mbedtls_dhm_free( mbedtls_dhm_context *ctx ); @@ -267,17 +302,19 @@ void mbedtls_dhm_free( mbedtls_dhm_context *ctx ); /** * \brief This function parses DHM parameters in PEM or DER format. * - * \param dhm The DHM context to initialize. - * \param dhmin The input buffer. - * \param dhminlen The size of the buffer, including the terminating null - * Byte for PEM data. + * \param dhm The DHM context to import the DHM parameters into. + * This must be initialized. + * \param dhmin The input buffer. This must be a readable buffer of + * length \p dhminlen Bytes. + * \param dhminlen The size of the input buffer \p dhmin, including the + * terminating \c NULL Byte for PEM data. * * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX error code - * error code on failure. + * \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX error + * code on failure. */ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, - size_t dhminlen ); + size_t dhminlen ); #if defined(MBEDTLS_FS_IO) /** \ingroup x509_module */ @@ -285,11 +322,13 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, * \brief This function loads and parses DHM parameters from a file. * * \param dhm The DHM context to load the parameters to. + * This must be initialized. * \param path The filename to read the DHM parameters from. + * This must not be \c NULL. * * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX error code - * error code on failure. + * \return An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX + * error code on failure. */ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ); #endif /* MBEDTLS_FS_IO */ @@ -350,15 +389,6 @@ int mbedtls_dhm_self_test( int verbose ); #if !defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_DEPRECATED_WARNING) -#define MBEDTLS_DEPRECATED __attribute__((deprecated)) -MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_constant_t; -#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) \ - ( (mbedtls_deprecated_constant_t) ( VAL ) ) -#else -#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) VAL -#endif /* ! MBEDTLS_DEPRECATED_WARNING */ - /** * \warning The origin of the primes in RFC 5114 is not documented and * their use therefore constitutes a security risk! diff --git a/thirdparty/mbedtls/include/mbedtls/ecdh.h b/thirdparty/mbedtls/include/mbedtls/ecdh.h index 5fdf55a88a..05b2b03970 100644 --- a/thirdparty/mbedtls/include/mbedtls/ecdh.h +++ b/thirdparty/mbedtls/include/mbedtls/ecdh.h @@ -36,6 +36,18 @@ #include "ecp.h" +/* + * Use a backward compatible ECDH context. + * + * This flag is always enabled for now and future versions might add a + * configuration option that conditionally undefines this flag. + * The configuration option in question may have a different name. + * + * Features undefining this flag, must have a warning in their description in + * config.h stating that the feature breaks backward compatibility. + */ +#define MBEDTLS_ECDH_LEGACY_CONTEXT + #ifdef __cplusplus extern "C" { #endif @@ -49,11 +61,49 @@ typedef enum MBEDTLS_ECDH_THEIRS, /**< The key of the peer. */ } mbedtls_ecdh_side; +#if !defined(MBEDTLS_ECDH_LEGACY_CONTEXT) +/** + * Defines the ECDH implementation used. + * + * Later versions of the library may add new variants, therefore users should + * not make any assumptions about them. + */ +typedef enum +{ + MBEDTLS_ECDH_VARIANT_NONE = 0, /*!< Implementation not defined. */ + MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0,/*!< The default Mbed TLS implementation */ +} mbedtls_ecdh_variant; + +/** + * The context used by the default ECDH implementation. + * + * Later versions might change the structure of this context, therefore users + * should not make any assumptions about the structure of + * mbedtls_ecdh_context_mbed. + */ +typedef struct mbedtls_ecdh_context_mbed +{ + mbedtls_ecp_group grp; /*!< The elliptic curve used. */ + mbedtls_mpi d; /*!< The private key. */ + mbedtls_ecp_point Q; /*!< The public key. */ + mbedtls_ecp_point Qp; /*!< The value of the public key of the peer. */ + mbedtls_mpi z; /*!< The shared secret. */ +#if defined(MBEDTLS_ECP_RESTARTABLE) + mbedtls_ecp_restart_ctx rs; /*!< The restart context for EC computations. */ +#endif +} mbedtls_ecdh_context_mbed; +#endif + /** + * + * \warning Performing multiple operations concurrently on the same + * ECDSA context is not supported; objects of this type + * should not be shared between multiple threads. * \brief The ECDH context structure. */ -typedef struct +typedef struct mbedtls_ecdh_context { +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) mbedtls_ecp_group grp; /*!< The elliptic curve used. */ mbedtls_mpi d; /*!< The private key. */ mbedtls_ecp_point Q; /*!< The public key. */ @@ -63,6 +113,29 @@ typedef struct mbedtls_ecp_point Vi; /*!< The blinding value. */ mbedtls_ecp_point Vf; /*!< The unblinding value. */ mbedtls_mpi _d; /*!< The previous \p d. */ +#if defined(MBEDTLS_ECP_RESTARTABLE) + int restart_enabled; /*!< The flag for restartable mode. */ + mbedtls_ecp_restart_ctx rs; /*!< The restart context for EC computations. */ +#endif /* MBEDTLS_ECP_RESTARTABLE */ +#else + uint8_t point_format; /*!< The format of point export in TLS messages + as defined in RFC 4492. */ + mbedtls_ecp_group_id grp_id;/*!< The elliptic curve used. */ + mbedtls_ecdh_variant var; /*!< The ECDH implementation/structure used. */ + union + { + mbedtls_ecdh_context_mbed mbed_ecdh; + } ctx; /*!< Implementation-specific context. The + context in use is specified by the \c var + field. */ +#if defined(MBEDTLS_ECP_RESTARTABLE) + uint8_t restart_enabled; /*!< The flag for restartable mode. Functions of + an alternative implementation not supporting + restartable mode must return + MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error + if this flag is set. */ +#endif /* MBEDTLS_ECP_RESTARTABLE */ +#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */ } mbedtls_ecdh_context; @@ -76,16 +149,20 @@ mbedtls_ecdh_context; * * \see ecp.h * - * \param grp The ECP group. + * \param grp The ECP group to use. This must be initialized and have + * domain parameters loaded, for example through + * mbedtls_ecp_load() or mbedtls_ecp_tls_read_group(). * \param d The destination MPI (private key). + * This must be initialized. * \param Q The destination point (public key). - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * This must be initialized. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL in case \p f_rng doesn't need a context argument. * * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_ECP_XXX or + * \return Another \c MBEDTLS_ERR_ECP_XXX or * \c MBEDTLS_MPI_XXX error code on failure. - * */ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int (*f_rng)(void *, unsigned char *, size_t), @@ -104,15 +181,25 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp * countermeasures against side-channel attacks. * For more information, see mbedtls_ecp_mul(). * - * \param grp The ECP group. + * \param grp The ECP group to use. This must be initialized and have + * domain parameters loaded, for example through + * mbedtls_ecp_load() or mbedtls_ecp_tls_read_group(). * \param z The destination MPI (shared secret). + * This must be initialized. * \param Q The public key from another party. + * This must be initialized. * \param d Our secret exponent (private key). - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * This must be initialized. + * \param f_rng The RNG function. This may be \c NULL if randomization + * of intermediate results during the ECP computations is + * not needed (discouraged). See the documentation of + * mbedtls_ecp_mul() for more. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng is \c NULL or doesn't need a + * context argument. * * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_ECP_XXX or + * \return Another \c MBEDTLS_ERR_ECP_XXX or * \c MBEDTLS_MPI_XXX error code on failure. */ int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, @@ -123,39 +210,62 @@ int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, /** * \brief This function initializes an ECDH context. * - * \param ctx The ECDH context to initialize. + * \param ctx The ECDH context to initialize. This must not be \c NULL. */ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ); /** + * \brief This function sets up the ECDH context with the information + * given. + * + * This function should be called after mbedtls_ecdh_init() but + * before mbedtls_ecdh_make_params(). There is no need to call + * this function before mbedtls_ecdh_read_params(). + * + * This is the first function used by a TLS server for ECDHE + * ciphersuites. + * + * \param ctx The ECDH context to set up. This must be initialized. + * \param grp_id The group id of the group to set up the context for. + * + * \return \c 0 on success. + */ +int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, + mbedtls_ecp_group_id grp_id ); + +/** * \brief This function frees a context. * - * \param ctx The context to free. + * \param ctx The context to free. This may be \c NULL, in which + * case this function does nothing. If it is not \c NULL, + * it must point to an initialized ECDH context. */ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ); /** - * \brief This function generates a public key and a TLS - * ServerKeyExchange payload. - * - * This is the first function used by a TLS server for ECDHE - * ciphersuites. + * \brief This function generates an EC key pair and exports its + * in the format used in a TLS ServerKeyExchange handshake + * message. * - * \note This function assumes that the ECP group (grp) of the - * \p ctx context has already been properly set, - * for example, using mbedtls_ecp_group_load(). + * This is the second function used by a TLS server for ECDHE + * ciphersuites. (It is called after mbedtls_ecdh_setup().) * * \see ecp.h * - * \param ctx The ECDH context. - * \param olen The number of characters written. - * \param buf The destination buffer. - * \param blen The length of the destination buffer. - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * \param ctx The ECDH context to use. This must be initialized + * and bound to a group, for example via mbedtls_ecdh_setup(). + * \param olen The address at which to store the number of Bytes written. + * \param buf The destination buffer. This must be a writable buffer of + * length \p blen Bytes. + * \param blen The length of the destination buffer \p buf in Bytes. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL in case \p f_rng doesn't need a context argument. * * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c mbedtls_ecp_set_max_ops(). + * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. */ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, @@ -163,24 +273,32 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, void *p_rng ); /** - * \brief This function parses and processes a TLS ServerKeyExhange - * payload. + * \brief This function parses the ECDHE parameters in a + * TLS ServerKeyExchange handshake message. * - * This is the first function used by a TLS client for ECDHE - * ciphersuites. + * \note In a TLS handshake, this is the how the client + * sets up its ECDHE context from the server's public + * ECDHE key material. * * \see ecp.h * - * \param ctx The ECDH context. - * \param buf The pointer to the start of the input buffer. - * \param end The address for one Byte past the end of the buffer. + * \param ctx The ECDHE context to use. This must be initialized. + * \param buf On input, \c *buf must be the start of the input buffer. + * On output, \c *buf is updated to point to the end of the + * data that has been read. On success, this is the first byte + * past the end of the ServerKeyExchange parameters. + * On error, this is the point at which an error has been + * detected, which is usually not useful except to debug + * failures. + * \param end The end of the input buffer. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. * */ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, - const unsigned char **buf, const unsigned char *end ); + const unsigned char **buf, + const unsigned char *end ); /** * \brief This function sets up an ECDH context from an EC key. @@ -191,36 +309,45 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, * * \see ecp.h * - * \param ctx The ECDH context to set up. - * \param key The EC key to use. - * \param side Defines the source of the key: 1: Our key, or - * 0: The key of the peer. + * \param ctx The ECDH context to set up. This must be initialized. + * \param key The EC key to use. This must be initialized. + * \param side Defines the source of the key. Possible values are: + * - #MBEDTLS_ECDH_OURS: The key is ours. + * - #MBEDTLS_ECDH_THEIRS: The key is that of the peer. * * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. * */ -int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, - mbedtls_ecdh_side side ); +int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, + const mbedtls_ecp_keypair *key, + mbedtls_ecdh_side side ); /** - * \brief This function generates a public key and a TLS - * ClientKeyExchange payload. + * \brief This function generates a public key and exports it + * as a TLS ClientKeyExchange payload. * * This is the second function used by a TLS client for ECDH(E) * ciphersuites. * * \see ecp.h * - * \param ctx The ECDH context. - * \param olen The number of Bytes written. - * \param buf The destination buffer. - * \param blen The size of the destination buffer. - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * \param ctx The ECDH context to use. This must be initialized + * and bound to a group, the latter usually by + * mbedtls_ecdh_read_params(). + * \param olen The address at which to store the number of Bytes written. + * This must not be \c NULL. + * \param buf The destination buffer. This must be a writable buffer + * of length \p blen Bytes. + * \param blen The size of the destination buffer \p buf in Bytes. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL in case \p f_rng doesn't need a context argument. * * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c mbedtls_ecp_set_max_ops(). + * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. */ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, @@ -228,23 +355,26 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, void *p_rng ); /** - * \brief This function parses and processes a TLS ClientKeyExchange - * payload. + * \brief This function parses and processes the ECDHE payload of a + * TLS ClientKeyExchange message. * - * This is the second function used by a TLS server for ECDH(E) - * ciphersuites. + * This is the third function used by a TLS server for ECDH(E) + * ciphersuites. (It is called after mbedtls_ecdh_setup() and + * mbedtls_ecdh_make_params().) * * \see ecp.h * - * \param ctx The ECDH context. - * \param buf The start of the input buffer. - * \param blen The length of the input buffer. + * \param ctx The ECDH context to use. This must be initialized + * and bound to a group, for example via mbedtls_ecdh_setup(). + * \param buf The pointer to the ClientKeyExchange payload. This must + * be a readable buffer of length \p blen Bytes. + * \param blen The length of the input buffer \p buf in Bytes. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. */ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, - const unsigned char *buf, size_t blen ); + const unsigned char *buf, size_t blen ); /** * \brief This function derives and exports the shared secret. @@ -257,22 +387,46 @@ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, * For more information, see mbedtls_ecp_mul(). * * \see ecp.h - * - * \param ctx The ECDH context. - * \param olen The number of Bytes written. - * \param buf The destination buffer. - * \param blen The length of the destination buffer. - * \param f_rng The RNG function. - * \param p_rng The RNG context. + + * \param ctx The ECDH context to use. This must be initialized + * and have its own private key generated and the peer's + * public key imported. + * \param olen The address at which to store the total number of + * Bytes written on success. This must not be \c NULL. + * \param buf The buffer to write the generated shared key to. This + * must be a writable buffer of size \p blen Bytes. + * \param blen The length of the destination buffer \p buf in Bytes. + * \param f_rng The RNG function, for blinding purposes. This may + * b \c NULL if blinding isn't needed. + * \param p_rng The RNG context. This may be \c NULL if \p f_rng + * doesn't need a context argument. * * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_ECP_XXX error code on failure. + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c mbedtls_ecp_set_max_ops(). + * \return Another \c MBEDTLS_ERR_ECP_XXX error code on failure. */ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, unsigned char *buf, size_t blen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +#if defined(MBEDTLS_ECP_RESTARTABLE) +/** + * \brief This function enables restartable EC computations for this + * context. (Default: disabled.) + * + * \see \c mbedtls_ecp_set_max_ops() + * + * \note It is not possible to safely disable restartable + * computations once enabled, except by free-ing the context, + * which cancels possible in-progress operations. + * + * \param ctx The ECDH context to use. This must be initialized. + */ +void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx ); +#endif /* MBEDTLS_ECP_RESTARTABLE */ + #ifdef __cplusplus } #endif diff --git a/thirdparty/mbedtls/include/mbedtls/ecdsa.h b/thirdparty/mbedtls/include/mbedtls/ecdsa.h index ce1a03d791..40fdab3729 100644 --- a/thirdparty/mbedtls/include/mbedtls/ecdsa.h +++ b/thirdparty/mbedtls/include/mbedtls/ecdsa.h @@ -55,20 +55,71 @@ /** The maximal size of an ECDSA signature in Bytes. */ #define MBEDTLS_ECDSA_MAX_LEN ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) ) +#ifdef __cplusplus +extern "C" { +#endif + /** * \brief The ECDSA context structure. + * + * \warning Performing multiple operations concurrently on the same + * ECDSA context is not supported; objects of this type + * should not be shared between multiple threads. */ typedef mbedtls_ecp_keypair mbedtls_ecdsa_context; -#ifdef __cplusplus -extern "C" { +#if defined(MBEDTLS_ECP_RESTARTABLE) + +/** + * \brief Internal restart context for ecdsa_verify() + * + * \note Opaque struct, defined in ecdsa.c + */ +typedef struct mbedtls_ecdsa_restart_ver mbedtls_ecdsa_restart_ver_ctx; + +/** + * \brief Internal restart context for ecdsa_sign() + * + * \note Opaque struct, defined in ecdsa.c + */ +typedef struct mbedtls_ecdsa_restart_sig mbedtls_ecdsa_restart_sig_ctx; + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) +/** + * \brief Internal restart context for ecdsa_sign_det() + * + * \note Opaque struct, defined in ecdsa.c + */ +typedef struct mbedtls_ecdsa_restart_det mbedtls_ecdsa_restart_det_ctx; +#endif + +/** + * \brief General context for resuming ECDSA operations + */ +typedef struct +{ + mbedtls_ecp_restart_ctx ecp; /*!< base context for ECP restart and + shared administrative info */ + mbedtls_ecdsa_restart_ver_ctx *ver; /*!< ecdsa_verify() sub-context */ + mbedtls_ecdsa_restart_sig_ctx *sig; /*!< ecdsa_sign() sub-context */ +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + mbedtls_ecdsa_restart_det_ctx *det; /*!< ecdsa_sign_det() sub-context */ #endif +} mbedtls_ecdsa_restart_ctx; + +#else /* MBEDTLS_ECP_RESTARTABLE */ + +/* Now we can declare functions that take a pointer to that */ +typedef void mbedtls_ecdsa_restart_ctx; + +#endif /* MBEDTLS_ECP_RESTARTABLE */ /** * \brief This function computes the ECDSA signature of a * previously-hashed message. * - * \note The deterministic version is usually preferred. + * \note The deterministic version implemented in + * mbedtls_ecdsa_sign_det() is usually preferred. * * \note If the bitlength of the message hash is larger than the * bitlength of the group order, then the hash is truncated @@ -78,14 +129,22 @@ extern "C" { * * \see ecp.h * - * \param grp The ECP group. - * \param r The first output integer. - * \param s The second output integer. - * \param d The private signing key. - * \param buf The message hash. - * \param blen The length of \p buf. - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * \param grp The context for the elliptic curve to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param r The MPI context in which to store the first part + * the signature. This must be initialized. + * \param s The MPI context in which to store the second part + * the signature. This must be initialized. + * \param d The private signing key. This must be initialized. + * \param buf The content to be signed. This is usually the hash of + * the original data to be signed. This must be a readable + * buffer of length \p blen Bytes. It may be \c NULL if + * \p blen is zero. + * \param blen The length of \p buf in Bytes. + * \param f_rng The RNG function. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng doesn't need a context parameter. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX @@ -112,21 +171,29 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, * * \see ecp.h * - * \param grp The ECP group. - * \param r The first output integer. - * \param s The second output integer. - * \param d The private signing key. - * \param buf The message hash. - * \param blen The length of \p buf. - * \param md_alg The MD algorithm used to hash the message. + * \param grp The context for the elliptic curve to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param r The MPI context in which to store the first part + * the signature. This must be initialized. + * \param s The MPI context in which to store the second part + * the signature. This must be initialized. + * \param d The private signing key. This must be initialized + * and setup, for example through mbedtls_ecp_gen_privkey(). + * \param buf The hashed content to be signed. This must be a readable + * buffer of length \p blen Bytes. It may be \c NULL if + * \p blen is zero. + * \param blen The length of \p buf in Bytes. + * \param md_alg The hash algorithm used to hash the original data. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX * error code on failure. */ -int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg ); +int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, + mbedtls_mpi *s, const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg ); #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ /** @@ -141,12 +208,19 @@ int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi * * \see ecp.h * - * \param grp The ECP group. - * \param buf The message hash. - * \param blen The length of \p buf. - * \param Q The public key to use for verification. + * \param grp The ECP group to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param buf The hashed content that was signed. This must be a readable + * buffer of length \p blen Bytes. It may be \c NULL if + * \p blen is zero. + * \param blen The length of \p buf in Bytes. + * \param Q The public key to use for verification. This must be + * initialized and setup. * \param r The first integer of the signature. + * This must be initialized. * \param s The second integer of the signature. + * This must be initialized. * * \return \c 0 on success. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the signature @@ -155,8 +229,9 @@ int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi * error code on failure for any other reason. */ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, - const unsigned char *buf, size_t blen, - const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s); + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, const mbedtls_mpi *r, + const mbedtls_mpi *s); /** * \brief This function computes the ECDSA signature and writes it @@ -173,11 +248,6 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, * of the Digital Signature Algorithm (DSA) and Elliptic * Curve Digital Signature Algorithm (ECDSA)</em>. * - * \note The \p sig buffer must be at least twice as large as the - * size of the curve used, plus 9. For example, 73 Bytes if - * a 256-bit curve is used. A buffer length of - * #MBEDTLS_ECDSA_MAX_LEN is always safe. - * * \note If the bitlength of the message hash is larger than the * bitlength of the group order, then the hash is truncated as * defined in <em>Standards for Efficient Cryptography Group @@ -186,25 +256,84 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, * * \see ecp.h * - * \param ctx The ECDSA context. + * \param ctx The ECDSA context to use. This must be initialized + * and have a group and private key bound to it, for example + * via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). * \param md_alg The message digest that was used to hash the message. - * \param hash The message hash. - * \param hlen The length of the hash. - * \param sig The buffer that holds the signature. - * \param slen The length of the signature written. - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * \param hash The message hash to be signed. This must be a readable + * buffer of length \p blen Bytes. + * \param hlen The length of the hash \p hash in Bytes. + * \param sig The buffer to which to write the signature. This must be a + * writable buffer of length at least twice as large as the + * size of the curve used, plus 9. For example, 73 Bytes if + * a 256-bit curve is used. A buffer length of + * #MBEDTLS_ECDSA_MAX_LEN is always safe. + * \param slen The address at which to store the actual length of + * the signature written. Must not be \c NULL. + * \param f_rng The RNG function. This must not be \c NULL if + * #MBEDTLS_ECDSA_DETERMINISTIC is unset. Otherwise, + * it is unused and may be set to \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng is \c NULL or doesn't use a context. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or * \c MBEDTLS_ERR_ASN1_XXX error code on failure. */ -int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, +int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +/** + * \brief This function computes the ECDSA signature and writes it + * to a buffer, in a restartable way. + * + * \see \c mbedtls_ecdsa_write_signature() + * + * \note This function is like \c mbedtls_ecdsa_write_signature() + * but it can return early and restart according to the limit + * set with \c mbedtls_ecp_set_max_ops() to reduce blocking. + * + * \param ctx The ECDSA context to use. This must be initialized + * and have a group and private key bound to it, for example + * via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). + * \param md_alg The message digest that was used to hash the message. + * \param hash The message hash to be signed. This must be a readable + * buffer of length \p blen Bytes. + * \param hlen The length of the hash \p hash in Bytes. + * \param sig The buffer to which to write the signature. This must be a + * writable buffer of length at least twice as large as the + * size of the curve used, plus 9. For example, 73 Bytes if + * a 256-bit curve is used. A buffer length of + * #MBEDTLS_ECDSA_MAX_LEN is always safe. + * \param slen The address at which to store the actual length of + * the signature written. Must not be \c NULL. + * \param f_rng The RNG function. This must not be \c NULL if + * #MBEDTLS_ECDSA_DETERMINISTIC is unset. Otherwise, + * it is unused and may be set to \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng is \c NULL or doesn't use a context. + * \param rs_ctx The restart context to use. This may be \c NULL to disable + * restarting. If it is not \c NULL, it must point to an + * initialized restart context. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c mbedtls_ecp_set_max_ops(). + * \return Another \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or + * \c MBEDTLS_ERR_ASN1_XXX error code on failure. + */ +int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecdsa_restart_ctx *rs_ctx ); + #if defined(MBEDTLS_ECDSA_DETERMINISTIC) #if ! defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) @@ -225,11 +354,6 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t * \warning It is not thread-safe to use the same context in * multiple threads. * - * \note The \p sig buffer must be at least twice as large as the - * size of the curve used, plus 9. For example, 73 Bytes if a - * 256-bit curve is used. A buffer length of - * #MBEDTLS_ECDSA_MAX_LEN is always safe. - * * \note If the bitlength of the message hash is larger than the * bitlength of the group order, then the hash is truncated as * defined in <em>Standards for Efficient Cryptography Group @@ -241,12 +365,20 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t * \deprecated Superseded by mbedtls_ecdsa_write_signature() in * Mbed TLS version 2.0 and later. * - * \param ctx The ECDSA context. - * \param hash The message hash. - * \param hlen The length of the hash. - * \param sig The buffer that holds the signature. - * \param slen The length of the signature written. - * \param md_alg The MD algorithm used to hash the message. + * \param ctx The ECDSA context to use. This must be initialized + * and have a group and private key bound to it, for example + * via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). + * \param hash The message hash to be signed. This must be a readable + * buffer of length \p blen Bytes. + * \param hlen The length of the hash \p hash in Bytes. + * \param sig The buffer to which to write the signature. This must be a + * writable buffer of length at least twice as large as the + * size of the curve used, plus 9. For example, 73 Bytes if + * a 256-bit curve is used. A buffer length of + * #MBEDTLS_ECDSA_MAX_LEN is always safe. + * \param slen The address at which to store the actual length of + * the signature written. Must not be \c NULL. + * \param md_alg The message digest that was used to hash the message. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or @@ -271,11 +403,14 @@ int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, * * \see ecp.h * - * \param ctx The ECDSA context. - * \param hash The message hash. - * \param hlen The size of the hash. - * \param sig The signature to read and verify. - * \param slen The size of \p sig. + * \param ctx The ECDSA context to use. This must be initialized + * and have a group and public key bound to it. + * \param hash The message hash that was signed. This must be a readable + * buffer of length \p size Bytes. + * \param hlen The size of the hash \p hash. + * \param sig The signature to read and verify. This must be a readable + * buffer of length \p slen Bytes. + * \param slen The size of \p sig in Bytes. * * \return \c 0 on success. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid. @@ -289,15 +424,53 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, const unsigned char *sig, size_t slen ); /** + * \brief This function reads and verifies an ECDSA signature, + * in a restartable way. + * + * \see \c mbedtls_ecdsa_read_signature() + * + * \note This function is like \c mbedtls_ecdsa_read_signature() + * but it can return early and restart according to the limit + * set with \c mbedtls_ecp_set_max_ops() to reduce blocking. + * + * \param ctx The ECDSA context to use. This must be initialized + * and have a group and public key bound to it. + * \param hash The message hash that was signed. This must be a readable + * buffer of length \p size Bytes. + * \param hlen The size of the hash \p hash. + * \param sig The signature to read and verify. This must be a readable + * buffer of length \p slen Bytes. + * \param slen The size of \p sig in Bytes. + * \param rs_ctx The restart context to use. This may be \c NULL to disable + * restarting. If it is not \c NULL, it must point to an + * initialized restart context. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid. + * \return #MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH if there is a valid + * signature in \p sig, but its length is less than \p siglen. + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c mbedtls_ecp_set_max_ops(). + * \return Another \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX + * error code on failure for any other reason. + */ +int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + const unsigned char *sig, size_t slen, + mbedtls_ecdsa_restart_ctx *rs_ctx ); + +/** * \brief This function generates an ECDSA keypair on the given curve. * * \see ecp.h * * \param ctx The ECDSA context to store the keypair in. + * This must be initialized. * \param gid The elliptic curve to use. One of the various * \c MBEDTLS_ECP_DP_XXX macros depending on configuration. - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng doesn't need a context argument. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX code on failure. @@ -306,32 +479,59 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); /** - * \brief This function sets an ECDSA context from an EC key pair. + * \brief This function sets up an ECDSA context from an EC key pair. * * \see ecp.h * - * \param ctx The ECDSA context to set. - * \param key The EC key to use. + * \param ctx The ECDSA context to setup. This must be initialized. + * \param key The EC key to use. This must be initialized and hold + * a private-public key pair or a public key. In the former + * case, the ECDSA context may be used for signature creation + * and verification after this call. In the latter case, it + * may be used for signature verification. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX code on failure. */ -int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key ); +int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, + const mbedtls_ecp_keypair *key ); /** * \brief This function initializes an ECDSA context. * * \param ctx The ECDSA context to initialize. + * This must not be \c NULL. */ void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx ); /** * \brief This function frees an ECDSA context. * - * \param ctx The ECDSA context to free. + * \param ctx The ECDSA context to free. This may be \c NULL, + * in which case this function does nothing. If it + * is not \c NULL, it must be initialized. */ void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx ); +#if defined(MBEDTLS_ECP_RESTARTABLE) +/** + * \brief Initialize a restart context. + * + * \param ctx The restart context to initialize. + * This must not be \c NULL. + */ +void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx ); + +/** + * \brief Free the components of a restart context. + * + * \param ctx The restart context to free. This may be \c NULL, + * in which case this function does nothing. If it + * is not \c NULL, it must be initialized. + */ +void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx ); +#endif /* MBEDTLS_ECP_RESTARTABLE */ + #ifdef __cplusplus } #endif diff --git a/thirdparty/mbedtls/include/mbedtls/ecjpake.h b/thirdparty/mbedtls/include/mbedtls/ecjpake.h index cc2b316f5e..b967af8385 100644 --- a/thirdparty/mbedtls/include/mbedtls/ecjpake.h +++ b/thirdparty/mbedtls/include/mbedtls/ecjpake.h @@ -68,7 +68,7 @@ typedef enum { * convetion from the Thread v1.0 spec. Correspondance is indicated in the * description as a pair C: client name, S: server name */ -typedef struct +typedef struct mbedtls_ecjpake_context { const mbedtls_md_info_t *md_info; /**< Hash to use */ mbedtls_ecp_group grp; /**< Elliptic curve */ @@ -92,28 +92,33 @@ typedef struct #endif /* MBEDTLS_ECJPAKE_ALT */ /** - * \brief Initialize a context - * (just makes it ready for setup() or free()). + * \brief Initialize an ECJPAKE context. * - * \param ctx context to initialize + * \param ctx The ECJPAKE context to initialize. + * This must not be \c NULL. */ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ); /** - * \brief Set up a context for use + * \brief Set up an ECJPAKE context for use. * * \note Currently the only values for hash/curve allowed by the - * standard are MBEDTLS_MD_SHA256/MBEDTLS_ECP_DP_SECP256R1. + * standard are #MBEDTLS_MD_SHA256/#MBEDTLS_ECP_DP_SECP256R1. * - * \param ctx context to set up - * \param role Our role: client or server - * \param hash hash function to use (MBEDTLS_MD_XXX) - * \param curve elliptic curve identifier (MBEDTLS_ECP_DP_XXX) - * \param secret pre-shared secret (passphrase) - * \param len length of the shared secret + * \param ctx The ECJPAKE context to set up. This must be initialized. + * \param role The role of the caller. This must be either + * #MBEDTLS_ECJPAKE_CLIENT or #MBEDTLS_ECJPAKE_SERVER. + * \param hash The identifier of the hash function to use, + * for example #MBEDTLS_MD_SHA256. + * \param curve The identifier of the elliptic curve to use, + * for example #MBEDTLS_ECP_DP_SECP256R1. + * \param secret The pre-shared secret (passphrase). This must be + * a readable buffer of length \p len Bytes. It need + * only be valid for the duration of this call. + * \param len The length of the pre-shared secret \p secret. * - * \return 0 if successfull, - * a negative error code otherwise + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, mbedtls_ecjpake_role role, @@ -123,29 +128,34 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, size_t len ); /** - * \brief Check if a context is ready for use + * \brief Check if an ECJPAKE context is ready for use. * - * \param ctx Context to check + * \param ctx The ECJPAKE context to check. This must be + * initialized. * - * \return 0 if the context is ready for use, - * MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise + * \return \c 0 if the context is ready for use. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise. */ int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx ); /** * \brief Generate and write the first round message * (TLS: contents of the Client/ServerHello extension, - * excluding extension type and length bytes) + * excluding extension type and length bytes). * - * \param ctx Context to use - * \param buf Buffer to write the contents to - * \param len Buffer size - * \param olen Will be updated with the number of bytes written - * \param f_rng RNG function - * \param p_rng RNG parameter + * \param ctx The ECJPAKE context to use. This must be + * initialized and set up. + * \param buf The buffer to write the contents to. This must be a + * writable buffer of length \p len Bytes. + * \param len The length of \p buf in Bytes. + * \param olen The address at which to store the total number + * of Bytes written to \p buf. This must not be \c NULL. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG parameter to be passed to \p f_rng. This + * may be \c NULL if \p f_rng doesn't use a context. * - * \return 0 if successfull, - * a negative error code otherwise + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, @@ -155,14 +165,16 @@ int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx, /** * \brief Read and process the first round message * (TLS: contents of the Client/ServerHello extension, - * excluding extension type and length bytes) + * excluding extension type and length bytes). * - * \param ctx Context to use - * \param buf Pointer to extension contents - * \param len Extension length + * \param ctx The ECJPAKE context to use. This must be initialized + * and set up. + * \param buf The buffer holding the first round message. This must + * be a readable buffer of length \p len Bytes. + * \param len The length in Bytes of \p buf. * - * \return 0 if successfull, - * a negative error code otherwise + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx, const unsigned char *buf, @@ -170,17 +182,21 @@ int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx, /** * \brief Generate and write the second round message - * (TLS: contents of the Client/ServerKeyExchange) + * (TLS: contents of the Client/ServerKeyExchange). * - * \param ctx Context to use - * \param buf Buffer to write the contents to - * \param len Buffer size - * \param olen Will be updated with the number of bytes written - * \param f_rng RNG function - * \param p_rng RNG parameter + * \param ctx The ECJPAKE context to use. This must be initialized, + * set up, and already have performed round one. + * \param buf The buffer to write the round two contents to. + * This must be a writable buffer of length \p len Bytes. + * \param len The size of \p buf in Bytes. + * \param olen The address at which to store the total number of Bytes + * written to \p buf. This must not be \c NULL. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG parameter to be passed to \p f_rng. This + * may be \c NULL if \p f_rng doesn't use a context. * - * \return 0 if successfull, - * a negative error code otherwise + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, @@ -189,14 +205,16 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, /** * \brief Read and process the second round message - * (TLS: contents of the Client/ServerKeyExchange) + * (TLS: contents of the Client/ServerKeyExchange). * - * \param ctx Context to use - * \param buf Pointer to the message - * \param len Message length + * \param ctx The ECJPAKE context to use. This must be initialized + * and set up and already have performed round one. + * \param buf The buffer holding the second round message. This must + * be a readable buffer of length \p len Bytes. + * \param len The length in Bytes of \p buf. * - * \return 0 if successfull, - * a negative error code otherwise + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, const unsigned char *buf, @@ -204,17 +222,21 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, /** * \brief Derive the shared secret - * (TLS: Pre-Master Secret) + * (TLS: Pre-Master Secret). * - * \param ctx Context to use - * \param buf Buffer to write the contents to - * \param len Buffer size - * \param olen Will be updated with the number of bytes written - * \param f_rng RNG function - * \param p_rng RNG parameter + * \param ctx The ECJPAKE context to use. This must be initialized, + * set up and have performed both round one and two. + * \param buf The buffer to write the derived secret to. This must + * be a writable buffer of length \p len Bytes. + * \param len The length of \p buf in Bytes. + * \param olen The address at which to store the total number of Bytes + * written to \p buf. This must not be \c NULL. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG parameter to be passed to \p f_rng. This + * may be \c NULL if \p f_rng doesn't use a context. * - * \return 0 if successfull, - * a negative error code otherwise + * \return \c 0 if successful. + * \return A negative error code on failure. */ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, @@ -222,14 +244,15 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, void *p_rng ); /** - * \brief Free a context's content + * \brief This clears an ECJPAKE context and frees any + * embedded data structure. * - * \param ctx context to free + * \param ctx The ECJPAKE context to free. This may be \c NULL, + * in which case this function does nothing. If it is not + * \c NULL, it must point to an initialized ECJPAKE context. */ void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx ); - - #if defined(MBEDTLS_SELF_TEST) /** diff --git a/thirdparty/mbedtls/include/mbedtls/ecp.h b/thirdparty/mbedtls/include/mbedtls/ecp.h index 3a407986dd..de3a343cb6 100644 --- a/thirdparty/mbedtls/include/mbedtls/ecp.h +++ b/thirdparty/mbedtls/include/mbedtls/ecp.h @@ -49,8 +49,12 @@ #define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as ephemeral key, failed. */ #define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */ #define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< The buffer contains a valid signature followed by more data. */ + +/* MBEDTLS_ERR_ECP_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED -0x4B80 /**< The ECP hardware accelerator failed. */ +#define MBEDTLS_ERR_ECP_IN_PROGRESS -0x4B00 /**< Operation in progress, call again with the same parameters to continue. */ + #ifdef __cplusplus extern "C" { #endif @@ -92,7 +96,7 @@ typedef enum /** * Curve information, for use by other modules. */ -typedef struct +typedef struct mbedtls_ecp_curve_info { mbedtls_ecp_group_id grp_id; /*!< An internal identifier. */ uint16_t tls_id; /*!< The TLS NamedCurve identifier. */ @@ -111,7 +115,7 @@ typedef struct * Otherwise, \p X and \p Y are its standard (affine) * coordinates. */ -typedef struct +typedef struct mbedtls_ecp_point { mbedtls_mpi X; /*!< The X coordinate of the ECP point. */ mbedtls_mpi Y; /*!< The Y coordinate of the ECP point. */ @@ -155,8 +159,12 @@ mbedtls_ecp_point; * additions or subtractions. Therefore, it is only an approximative modular * reduction. It must return 0 on success and non-zero on failure. * + * \note Alternative implementations must keep the group IDs distinct. If + * two group structures have the same ID, then they must be + * identical. + * */ -typedef struct +typedef struct mbedtls_ecp_group { mbedtls_ecp_group_id id; /*!< An internal group identifier. */ mbedtls_mpi P; /*!< The prime modulus of the base field. */ @@ -181,6 +189,70 @@ typedef struct } mbedtls_ecp_group; +#if defined(MBEDTLS_ECP_RESTARTABLE) + +/** + * \brief Internal restart context for multiplication + * + * \note Opaque struct + */ +typedef struct mbedtls_ecp_restart_mul mbedtls_ecp_restart_mul_ctx; + +/** + * \brief Internal restart context for ecp_muladd() + * + * \note Opaque struct + */ +typedef struct mbedtls_ecp_restart_muladd mbedtls_ecp_restart_muladd_ctx; + +/** + * \brief General context for resuming ECC operations + */ +typedef struct +{ + unsigned ops_done; /*!< current ops count */ + unsigned depth; /*!< call depth (0 = top-level) */ + mbedtls_ecp_restart_mul_ctx *rsm; /*!< ecp_mul_comb() sub-context */ + mbedtls_ecp_restart_muladd_ctx *ma; /*!< ecp_muladd() sub-context */ +} mbedtls_ecp_restart_ctx; + +/* + * Operation counts for restartable functions + */ +#define MBEDTLS_ECP_OPS_CHK 3 /*!< basic ops count for ecp_check_pubkey() */ +#define MBEDTLS_ECP_OPS_DBL 8 /*!< basic ops count for ecp_double_jac() */ +#define MBEDTLS_ECP_OPS_ADD 11 /*!< basic ops count for see ecp_add_mixed() */ +#define MBEDTLS_ECP_OPS_INV 120 /*!< empirical equivalent for mpi_mod_inv() */ + +/** + * \brief Internal; for restartable functions in other modules. + * Check and update basic ops budget. + * + * \param grp Group structure + * \param rs_ctx Restart context + * \param ops Number of basic ops to do + * + * \return \c 0 if doing \p ops basic ops is still allowed, + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS otherwise. + */ +int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp, + mbedtls_ecp_restart_ctx *rs_ctx, + unsigned ops ); + +/* Utility macro for checking and updating ops budget */ +#define MBEDTLS_ECP_BUDGET( ops ) \ + MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, rs_ctx, \ + (unsigned) (ops) ) ); + +#else /* MBEDTLS_ECP_RESTARTABLE */ + +#define MBEDTLS_ECP_BUDGET( ops ) /* no-op; for compatibility */ + +/* We want to declare restartable versions of existing functions anyway */ +typedef void mbedtls_ecp_restart_ctx; + +#endif /* MBEDTLS_ECP_RESTARTABLE */ + /** * \name SECTION: Module settings * @@ -251,7 +323,7 @@ mbedtls_ecp_group; * \note Members are deliberately in the same order as in the * ::mbedtls_ecdsa_context structure. */ -typedef struct +typedef struct mbedtls_ecp_keypair { mbedtls_ecp_group grp; /*!< Elliptic curve and base point */ mbedtls_mpi d; /*!< our secret value */ @@ -270,6 +342,75 @@ mbedtls_ecp_keypair; */ #define MBEDTLS_ECP_TLS_NAMED_CURVE 3 /**< The named_curve of ECCurveType. */ +#if defined(MBEDTLS_ECP_RESTARTABLE) +/** + * \brief Set the maximum number of basic operations done in a row. + * + * If more operations are needed to complete a computation, + * #MBEDTLS_ERR_ECP_IN_PROGRESS will be returned by the + * function performing the computation. It is then the + * caller's responsibility to either call again with the same + * parameters until it returns 0 or an error code; or to free + * the restart context if the operation is to be aborted. + * + * It is strictly required that all input parameters and the + * restart context be the same on successive calls for the + * same operation, but output parameters need not be the + * same; they must not be used until the function finally + * returns 0. + * + * This only applies to functions whose documentation + * mentions they may return #MBEDTLS_ERR_ECP_IN_PROGRESS (or + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS for functions in the + * SSL module). For functions that accept a "restart context" + * argument, passing NULL disables restart and makes the + * function equivalent to the function with the same name + * with \c _restartable removed. For functions in the ECDH + * module, restart is disabled unless the function accepts + * an "ECDH context" argument and + * mbedtls_ecdh_enable_restart() was previously called on + * that context. For function in the SSL module, restart is + * only enabled for specific sides and key exchanges + * (currently only for clients and ECDHE-ECDSA). + * + * \param max_ops Maximum number of basic operations done in a row. + * Default: 0 (unlimited). + * Lower (non-zero) values mean ECC functions will block for + * a lesser maximum amount of time. + * + * \note A "basic operation" is defined as a rough equivalent of a + * multiplication in GF(p) for the NIST P-256 curve. + * As an indication, with default settings, a scalar + * multiplication (full run of \c mbedtls_ecp_mul()) is: + * - about 3300 basic operations for P-256 + * - about 9400 basic operations for P-384 + * + * \note Very low values are not always respected: sometimes + * functions need to block for a minimum number of + * operations, and will do so even if max_ops is set to a + * lower value. That minimum depends on the curve size, and + * can be made lower by decreasing the value of + * \c MBEDTLS_ECP_WINDOW_SIZE. As an indication, here is the + * lowest effective value for various curves and values of + * that parameter (w for short): + * w=6 w=5 w=4 w=3 w=2 + * P-256 208 208 160 136 124 + * P-384 682 416 320 272 248 + * P-521 1364 832 640 544 496 + * + * \note This setting is currently ignored by Curve25519. + */ +void mbedtls_ecp_set_max_ops( unsigned max_ops ); + +/** + * \brief Check if restart is enabled (max_ops != 0) + * + * \return \c 0 if \c max_ops == 0 (restart disabled) + * \return \c 1 otherwise (restart enabled) + */ +int mbedtls_ecp_restart_is_enabled( void ); +#endif /* MBEDTLS_ECP_RESTARTABLE */ + /** * \brief This function retrieves the information defined in * mbedtls_ecp_curve_info() for all supported curves in order @@ -356,25 +497,51 @@ void mbedtls_ecp_point_free( mbedtls_ecp_point *pt ); /** * \brief This function frees the components of an ECP group. - * \param grp The group to free. + * + * \param grp The group to free. This may be \c NULL, in which + * case this function returns immediately. If it is not + * \c NULL, it must point to an initialized ECP group. */ void mbedtls_ecp_group_free( mbedtls_ecp_group *grp ); /** * \brief This function frees the components of a key pair. - * \param key The key pair to free. + * + * \param key The key pair to free. This may be \c NULL, in which + * case this function returns immediately. If it is not + * \c NULL, it must point to an initialized ECP key pair. */ void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ); +#if defined(MBEDTLS_ECP_RESTARTABLE) +/** + * \brief Initialize a restart context. + * + * \param ctx The restart context to initialize. This must + * not be \c NULL. + */ +void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx ); + +/** + * \brief Free the components of a restart context. + * + * \param ctx The restart context to free. This may be \c NULL, in which + * case this function returns immediately. If it is not + * \c NULL, it must point to an initialized restart context. + */ +void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx ); +#endif /* MBEDTLS_ECP_RESTARTABLE */ + /** * \brief This function copies the contents of point \p Q into * point \p P. * - * \param P The destination point. - * \param Q The source point. + * \param P The destination point. This must be initialized. + * \param Q The source point. This must be initialized. * * \return \c 0 on success. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. + * \return Another negative error code for other kinds of failure. */ int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ); @@ -382,31 +549,35 @@ int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ); * \brief This function copies the contents of group \p src into * group \p dst. * - * \param dst The destination group. - * \param src The source group. + * \param dst The destination group. This must be initialized. + * \param src The source group. This must be initialized. * * \return \c 0 on success. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. + * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, const mbedtls_ecp_group *src ); +int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, + const mbedtls_ecp_group *src ); /** - * \brief This function sets a point to zero. + * \brief This function sets a point to the point at infinity. * - * \param pt The point to set. + * \param pt The point to set. This must be initialized. * * \return \c 0 on success. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. + * \return Another negative error code on other kinds of failure. */ int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ); /** - * \brief This function checks if a point is zero. + * \brief This function checks if a point is the point at infinity. * - * \param pt The point to test. + * \param pt The point to test. This must be initialized. * * \return \c 1 if the point is zero. * \return \c 0 if the point is non-zero. + * \return A negative error code on failure. */ int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt ); @@ -416,8 +587,8 @@ int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt ); * \note This assumes that the points are normalized. Otherwise, * they may compare as "not equal" even if they are. * - * \param P The first point to compare. - * \param Q The second point to compare. + * \param P The first point to compare. This must be initialized. + * \param Q The second point to compare. This must be initialized. * * \return \c 0 if the points are equal. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the points are not equal. @@ -429,7 +600,7 @@ int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P, * \brief This function imports a non-zero point from two ASCII * strings. * - * \param P The destination point. + * \param P The destination point. This must be initialized. * \param radix The numeric base of the input. * \param x The first affine coordinate, as a null-terminated string. * \param y The second affine coordinate, as a null-terminated string. @@ -444,15 +615,21 @@ int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, * \brief This function exports a point into unsigned binary data. * * \param grp The group to which the point should belong. - * \param P The point to export. - * \param format The point format. Should be an \c MBEDTLS_ECP_PF_XXX macro. - * \param olen The length of the output. - * \param buf The output buffer. - * \param buflen The length of the output buffer. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param P The point to export. This must be initialized. + * \param format The point format. This must be either + * #MBEDTLS_ECP_PF_COMPRESSED or #MBEDTLS_ECP_PF_UNCOMPRESSED. + * \param olen The address at which to store the length of + * the output in Bytes. This must not be \c NULL. + * \param buf The output buffer. This must be a writable buffer + * of length \p buflen Bytes. + * \param buflen The length of the output buffer \p buf in Bytes. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA - * or #MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL on failure. + * \return #MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL if the output buffer + * is too small to hold the point. + * \return Another negative error code on other kinds of failure. */ int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, int format, size_t *olen, @@ -466,108 +643,158 @@ int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, const mbedtls_ * for that. * * \param grp The group to which the point should belong. - * \param P The point to import. - * \param buf The input buffer. - * \param ilen The length of the input. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param P The destination context to import the point to. + * This must be initialized. + * \param buf The input buffer. This must be a readable buffer + * of length \p ilen Bytes. + * \param ilen The length of the input buffer \p buf in Bytes. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the input is invalid. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the point format * is not implemented. - * */ -int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P, - const unsigned char *buf, size_t ilen ); +int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, + mbedtls_ecp_point *P, + const unsigned char *buf, size_t ilen ); /** * \brief This function imports a point from a TLS ECPoint record. * - * \note On function return, \p buf is updated to point to immediately + * \note On function return, \p *buf is updated to point immediately * after the ECPoint record. * - * \param grp The ECP group used. + * \param grp The ECP group to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). * \param pt The destination point. * \param buf The address of the pointer to the start of the input buffer. * \param len The length of the buffer. * * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_MPI_XXX error code on initialization failure. + * \return An \c MBEDTLS_ERR_MPI_XXX error code on initialization + * failure. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid. */ -int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, - const unsigned char **buf, size_t len ); +int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, + mbedtls_ecp_point *pt, + const unsigned char **buf, size_t len ); /** - * \brief This function exports a point as a TLS ECPoint record. - * - * \param grp The ECP group used. - * \param pt The point format to export to. The point format is an - * \c MBEDTLS_ECP_PF_XXX constant. - * \param format The export format. - * \param olen The length of the data written. - * \param buf The buffer to write to. - * \param blen The length of the buffer. + * \brief This function exports a point as a TLS ECPoint record + * defined in RFC 4492, Section 5.4. + * + * \param grp The ECP group to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param pt The point to be exported. This must be initialized. + * \param format The point format to use. This must be either + * #MBEDTLS_ECP_PF_COMPRESSED or #MBEDTLS_ECP_PF_UNCOMPRESSED. + * \param olen The address at which to store the length in Bytes + * of the data written. + * \param buf The target buffer. This must be a writable buffer of + * length \p blen Bytes. + * \param blen The length of the target buffer \p buf in Bytes. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA or - * #MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL on failure. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the input is invalid. + * \return #MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL if the target buffer + * is too small to hold the exported point. + * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt, - int format, size_t *olen, - unsigned char *buf, size_t blen ); +int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *pt, + int format, size_t *olen, + unsigned char *buf, size_t blen ); /** - * \brief This function sets a group using standardized domain parameters. + * \brief This function sets up an ECP group context + * from a standardized set of domain parameters. * * \note The index should be a value of the NamedCurve enum, * as defined in <em>RFC-4492: Elliptic Curve Cryptography * (ECC) Cipher Suites for Transport Layer Security (TLS)</em>, * usually in the form of an \c MBEDTLS_ECP_DP_XXX macro. * - * \param grp The destination group. + * \param grp The group context to setup. This must be initialized. * \param id The identifier of the domain parameter set to load. * - * \return \c 0 on success, - * \return An \c MBEDTLS_ERR_MPI_XXX error code on initialization failure. - * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE for unkownn groups. - + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if \p id doesn't + * correspond to a known group. + * \return Another negative error code on other kinds of failure. */ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ); /** - * \brief This function sets a group from a TLS ECParameters record. + * \brief This function sets up an ECP group context from a TLS + * ECParameters record as defined in RFC 4492, Section 5.4. * - * \note \p buf is updated to point right after the ECParameters record - * on exit. + * \note The read pointer \p buf is updated to point right after + * the ECParameters record on exit. * - * \param grp The destination group. + * \param grp The group context to setup. This must be initialized. * \param buf The address of the pointer to the start of the input buffer. - * \param len The length of the buffer. + * \param len The length of the input buffer \c *buf in Bytes. * * \return \c 0 on success. - * \return An \c MBEDTLS_ERR_MPI_XXX error code on initialization failure. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid. + * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the group is not + * recognized. + * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, const unsigned char **buf, size_t len ); +int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, + const unsigned char **buf, size_t len ); /** - * \brief This function writes the TLS ECParameters record for a group. + * \brief This function extracts an elliptic curve group ID from a + * TLS ECParameters record as defined in RFC 4492, Section 5.4. + * + * \note The read pointer \p buf is updated to point right after + * the ECParameters record on exit. + * + * \param grp The address at which to store the group id. + * This must not be \c NULL. + * \param buf The address of the pointer to the start of the input buffer. + * \param len The length of the input buffer \c *buf in Bytes. * - * \param grp The ECP group used. - * \param olen The number of Bytes written. - * \param buf The buffer to write to. - * \param blen The length of the buffer. + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid. + * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the group is not + * recognized. + * \return Another negative error code on other kinds of failure. + */ +int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp, + const unsigned char **buf, + size_t len ); +/** + * \brief This function exports an elliptic curve as a TLS + * ECParameters record as defined in RFC 4492, Section 5.4. + * + * \param grp The ECP group to be exported. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param olen The address at which to store the number of Bytes written. + * This must not be \c NULL. + * \param buf The buffer to write to. This must be a writable buffer + * of length \p blen Bytes. + * \param blen The length of the output buffer \p buf in Bytes. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL on failure. + * \return #MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL if the output + * buffer is too small to hold the exported group. + * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, - unsigned char *buf, size_t blen ); +int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, + size_t *olen, + unsigned char *buf, size_t blen ); /** - * \brief This function performs multiplication of a point by - * an integer: \p R = \p m * \p P. + * \brief This function performs a scalar multiplication of a point + * by an integer: \p R = \p m * \p P. * * It is not thread-safe to use same group in multiple threads. * @@ -581,23 +808,63 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, * targeting these results. We recommend always providing * a non-NULL \p f_rng. The overhead is negligible. * - * \param grp The ECP group. - * \param R The destination point. - * \param m The integer by which to multiply. - * \param P The point to multiply. - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * \param grp The ECP group to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param R The point in which to store the result of the calculation. + * This must be initialized. + * \param m The integer by which to multiply. This must be initialized. + * \param P The point to multiply. This must be initialized. + * \param f_rng The RNG function. This may be \c NULL if randomization + * of intermediate results isn't desired (discouraged). + * \param p_rng The RNG context to be passed to \p p_rng. * * \return \c 0 on success. * \return #MBEDTLS_ERR_ECP_INVALID_KEY if \p m is not a valid private * key, or \p P is not a valid public key. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. + * \return Another negative error code on other kinds of failure. */ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); /** + * \brief This function performs multiplication of a point by + * an integer: \p R = \p m * \p P in a restartable way. + * + * \see mbedtls_ecp_mul() + * + * \note This function does the same as \c mbedtls_ecp_mul(), but + * it can return early and restart according to the limit set + * with \c mbedtls_ecp_set_max_ops() to reduce blocking. + * + * \param grp The ECP group to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param R The point in which to store the result of the calculation. + * This must be initialized. + * \param m The integer by which to multiply. This must be initialized. + * \param P The point to multiply. This must be initialized. + * \param f_rng The RNG function. This may be \c NULL if randomization + * of intermediate results isn't desired (discouraged). + * \param p_rng The RNG context to be passed to \p p_rng. + * \param rs_ctx The restart context (NULL disables restart). + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_INVALID_KEY if \p m is not a valid private + * key, or \p P is not a valid public key. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c mbedtls_ecp_set_max_ops(). + * \return Another negative error code on other kinds of failure. + */ +int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx ); + +/** * \brief This function performs multiplication and addition of two * points by integers: \p R = \p m * \p P + \p n * \p Q * @@ -606,24 +873,71 @@ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * \note In contrast to mbedtls_ecp_mul(), this function does not * guarantee a constant execution flow and timing. * - * \param grp The ECP group. - * \param R The destination point. + * \param grp The ECP group to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param R The point in which to store the result of the calculation. + * This must be initialized. * \param m The integer by which to multiply \p P. - * \param P The point to multiply by \p m. + * This must be initialized. + * \param P The point to multiply by \p m. This must be initialized. * \param n The integer by which to multiply \p Q. + * This must be initialized. * \param Q The point to be multiplied by \p n. + * This must be initialized. * * \return \c 0 on success. * \return #MBEDTLS_ERR_ECP_INVALID_KEY if \p m or \p n are not * valid private keys, or \p P or \p Q are not valid public * keys. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. + * \return Another negative error code on other kinds of failure. */ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *n, const mbedtls_ecp_point *Q ); /** + * \brief This function performs multiplication and addition of two + * points by integers: \p R = \p m * \p P + \p n * \p Q in a + * restartable way. + * + * \see \c mbedtls_ecp_muladd() + * + * \note This function works the same as \c mbedtls_ecp_muladd(), + * but it can return early and restart according to the limit + * set with \c mbedtls_ecp_set_max_ops() to reduce blocking. + * + * \param grp The ECP group to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param R The point in which to store the result of the calculation. + * This must be initialized. + * \param m The integer by which to multiply \p P. + * This must be initialized. + * \param P The point to multiply by \p m. This must be initialized. + * \param n The integer by which to multiply \p Q. + * This must be initialized. + * \param Q The point to be multiplied by \p n. + * This must be initialized. + * \param rs_ctx The restart context (NULL disables restart). + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_INVALID_KEY if \p m or \p n are not + * valid private keys, or \p P or \p Q are not valid public + * keys. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c mbedtls_ecp_set_max_ops(). + * \return Another negative error code on other kinds of failure. + */ +int mbedtls_ecp_muladd_restartable( + mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + const mbedtls_mpi *n, const mbedtls_ecp_point *Q, + mbedtls_ecp_restart_ctx *rs_ctx ); + +/** * \brief This function checks that a point is a valid public key * on this curve. * @@ -640,30 +954,60 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * structures, such as ::mbedtls_ecdh_context or * ::mbedtls_ecdsa_context. * - * \param grp The curve the point should lie on. - * \param pt The point to check. + * \param grp The ECP group the point should belong to. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param pt The point to check. This must be initialized. * * \return \c 0 if the point is a valid public key. - * \return #MBEDTLS_ERR_ECP_INVALID_KEY on failure. + * \return #MBEDTLS_ERR_ECP_INVALID_KEY if the point is not + * a valid public key for the given curve. + * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ); +int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *pt ); /** - * \brief This function checks that an \p mbedtls_mpi is a valid private - * key for this curve. + * \brief This function checks that an \p mbedtls_mpi is a + * valid private key for this curve. * * \note This function uses bare components rather than an * ::mbedtls_ecp_keypair structure to ease use with other * structures, such as ::mbedtls_ecdh_context or * ::mbedtls_ecdsa_context. * - * \param grp The group used. - * \param d The integer to check. + * \param grp The ECP group the private key should belong to. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param d The integer to check. This must be initialized. * * \return \c 0 if the point is a valid private key. - * \return #MBEDTLS_ERR_ECP_INVALID_KEY on failure. + * \return #MBEDTLS_ERR_ECP_INVALID_KEY if the point is not a valid + * private key for the given curve. + * \return Another negative error code on other kinds of failure. + */ +int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, + const mbedtls_mpi *d ); + +/** + * \brief This function generates a private key. + * + * \param grp The ECP group to generate a private key for. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param d The destination MPI (secret part). This must be initialized. + * \param f_rng The RNG function. This must not be \c NULL. + * \param p_rng The RNG parameter to be passed to \p f_rng. This may be + * \c NULL if \p f_rng doesn't need a context argument. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code + * on failure. */ -int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi *d ); +int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, + mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); /** * \brief This function generates a keypair with a configurable base @@ -674,22 +1018,29 @@ int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi * * structures, such as ::mbedtls_ecdh_context or * ::mbedtls_ecdsa_context. * - * \param grp The ECP group. - * \param G The chosen base point. + * \param grp The ECP group to generate a key pair for. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param G The base point to use. This must be initialized + * and belong to \p grp. It replaces the default base + * point \c grp->G used by mbedtls_ecp_gen_keypair(). * \param d The destination MPI (secret part). + * This must be initialized. * \param Q The destination point (public part). - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * This must be initialized. + * \param f_rng The RNG function. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may + * be \c NULL if \p f_rng doesn't need a context argument. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * on failure. */ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, - const mbedtls_ecp_point *G, - mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); + const mbedtls_ecp_point *G, + mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); /** * \brief This function generates an ECP keypair. @@ -699,34 +1050,42 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, * structures, such as ::mbedtls_ecdh_context or * ::mbedtls_ecdsa_context. * - * \param grp The ECP group. + * \param grp The ECP group to generate a key pair for. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). * \param d The destination MPI (secret part). + * This must be initialized. * \param Q The destination point (public part). - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * This must be initialized. + * \param f_rng The RNG function. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may + * be \c NULL if \p f_rng doesn't need a context argument. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * on failure. */ -int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); +int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d, + mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); /** * \brief This function generates an ECP key. * * \param grp_id The ECP group identifier. - * \param key The destination key. - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * \param key The destination key. This must be initialized. + * \param f_rng The RNG function to use. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may + * be \c NULL if \p f_rng doesn't need a context argument. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code * on failure. */ int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); /** * \brief This function checks that the keypair objects @@ -734,16 +1093,19 @@ int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, * same public point, and that the private key in * \p prv is consistent with the public key. * - * \param pub The keypair structure holding the public key. - * If it contains a private key, that part is ignored. + * \param pub The keypair structure holding the public key. This + * must be initialized. If it contains a private key, that + * part is ignored. * \param prv The keypair structure holding the full keypair. + * This must be initialized. * * \return \c 0 on success, meaning that the keys are valid and match. * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the keys are invalid or do not match. * \return An \c MBEDTLS_ERR_ECP_XXX or an \c MBEDTLS_ERR_MPI_XXX * error code on calculation failure. */ -int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv ); +int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, + const mbedtls_ecp_keypair *prv ); #if defined(MBEDTLS_SELF_TEST) diff --git a/thirdparty/mbedtls/include/mbedtls/entropy.h b/thirdparty/mbedtls/include/mbedtls/entropy.h index a5cb05a584..ca06dc3c58 100644 --- a/thirdparty/mbedtls/include/mbedtls/entropy.h +++ b/thirdparty/mbedtls/include/mbedtls/entropy.h @@ -107,7 +107,7 @@ typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, s /** * \brief Entropy source state */ -typedef struct +typedef struct mbedtls_entropy_source_state { mbedtls_entropy_f_source_ptr f_source; /**< The entropy source callback */ void * p_source; /**< The callback data pointer */ @@ -120,7 +120,7 @@ mbedtls_entropy_source_state; /** * \brief Entropy context structure */ -typedef struct +typedef struct mbedtls_entropy_context { int accumulator_started; #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) diff --git a/thirdparty/mbedtls/include/mbedtls/error.h b/thirdparty/mbedtls/include/mbedtls/error.h index 6b82d4fbbe..647a11a566 100644 --- a/thirdparty/mbedtls/include/mbedtls/error.h +++ b/thirdparty/mbedtls/include/mbedtls/error.h @@ -74,12 +74,13 @@ * MD4 1 0x002D-0x002D * MD5 1 0x002F-0x002F * RIPEMD160 1 0x0031-0x0031 - * SHA1 1 0x0035-0x0035 - * SHA256 1 0x0037-0x0037 - * SHA512 1 0x0039-0x0039 + * SHA1 1 0x0035-0x0035 0x0073-0x0073 + * SHA256 1 0x0037-0x0037 0x0074-0x0074 + * SHA512 1 0x0039-0x0039 0x0075-0x0075 * CHACHA20 3 0x0051-0x0055 * POLY1305 3 0x0057-0x005B * CHACHAPOLY 2 0x0054-0x0056 + * PLATFORM 1 0x0070-0x0072 * * High-level module nr (3 bits - 0x0...-0x7...) * Name ID Nr of Errors @@ -90,12 +91,12 @@ * DHM 3 11 * PK 3 15 (Started from top) * RSA 4 11 - * ECP 4 9 (Started from top) + * ECP 4 10 (Started from top) * MD 5 5 * HKDF 5 1 (Started from top) * CIPHER 6 8 - * SSL 6 22 (Started from top) - * SSL 7 31 + * SSL 6 23 (Started from top) + * SSL 7 32 * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/thirdparty/mbedtls/include/mbedtls/gcm.h b/thirdparty/mbedtls/include/mbedtls/gcm.h index 87535ab957..fccabb0d97 100644 --- a/thirdparty/mbedtls/include/mbedtls/gcm.h +++ b/thirdparty/mbedtls/include/mbedtls/gcm.h @@ -41,7 +41,10 @@ #define MBEDTLS_GCM_DECRYPT 0 #define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */ + +/* MBEDTLS_ERR_GCM_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_GCM_HW_ACCEL_FAILED -0x0013 /**< GCM hardware accelerator failed. */ + #define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */ #ifdef __cplusplus @@ -53,7 +56,8 @@ extern "C" { /** * \brief The GCM context structure. */ -typedef struct { +typedef struct mbedtls_gcm_context +{ mbedtls_cipher_context_t cipher_ctx; /*!< The cipher context used. */ uint64_t HL[16]; /*!< Precalculated HTable low. */ uint64_t HH[16]; /*!< Precalculated HTable high. */ @@ -81,7 +85,7 @@ mbedtls_gcm_context; * cipher, nor set the key. For this purpose, use * mbedtls_gcm_setkey(). * - * \param ctx The GCM context to initialize. + * \param ctx The GCM context to initialize. This must not be \c NULL. */ void mbedtls_gcm_init( mbedtls_gcm_context *ctx ); @@ -89,9 +93,10 @@ void mbedtls_gcm_init( mbedtls_gcm_context *ctx ); * \brief This function associates a GCM context with a * cipher algorithm and a key. * - * \param ctx The GCM context to initialize. + * \param ctx The GCM context. This must be initialized. * \param cipher The 128-bit block cipher to use. - * \param key The encryption key. + * \param key The encryption key. This must be a readable buffer of at + * least \p keybits bits. * \param keybits The key size in bits. Valid options are: * <ul><li>128 bits</li> * <li>192 bits</li> @@ -118,7 +123,8 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, * authentic. You should use this function to perform encryption * only. For decryption, use mbedtls_gcm_auth_decrypt() instead. * - * \param ctx The GCM context to use for encryption or decryption. + * \param ctx The GCM context to use for encryption or decryption. This + * must be initialized. * \param mode The operation to perform: * - #MBEDTLS_GCM_ENCRYPT to perform authenticated encryption. * The ciphertext is written to \p output and the @@ -132,22 +138,28 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, * calling this function in decryption mode. * \param length The length of the input data, which is equal to the length * of the output data. - * \param iv The initialization vector. + * \param iv The initialization vector. This must be a readable buffer of + * at least \p iv_len Bytes. * \param iv_len The length of the IV. - * \param add The buffer holding the additional data. + * \param add The buffer holding the additional data. This must be of at + * least that size in Bytes. * \param add_len The length of the additional data. - * \param input The buffer holding the input data. Its size is \b length. - * \param output The buffer for holding the output data. It must have room - * for \b length bytes. + * \param input The buffer holding the input data. If \p length is greater + * than zero, this must be a readable buffer of at least that + * size in Bytes. + * \param output The buffer for holding the output data. If \p length is greater + * than zero, this must be a writable buffer of at least that + * size in Bytes. * \param tag_len The length of the tag to generate. - * \param tag The buffer for holding the tag. + * \param tag The buffer for holding the tag. This must be a readable + * buffer of at least \p tag_len Bytes. * * \return \c 0 if the encryption or decryption was performed * successfully. Note that in #MBEDTLS_GCM_DECRYPT mode, * this does not indicate that the data is authentic. - * \return #MBEDTLS_ERR_GCM_BAD_INPUT if the lengths are not valid. - * \return #MBEDTLS_ERR_GCM_HW_ACCEL_FAILED or a cipher-specific - * error code if the encryption or decryption failed. + * \return #MBEDTLS_ERR_GCM_BAD_INPUT if the lengths or pointers are + * not valid or a cipher-specific error code if the encryption + * or decryption failed. */ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, int mode, @@ -169,24 +181,30 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, * input buffer. If the buffers overlap, the output buffer * must trail at least 8 Bytes behind the input buffer. * - * \param ctx The GCM context. + * \param ctx The GCM context. This must be initialized. * \param length The length of the ciphertext to decrypt, which is also * the length of the decrypted plaintext. - * \param iv The initialization vector. + * \param iv The initialization vector. This must be a readable buffer + * of at least \p iv_len Bytes. * \param iv_len The length of the IV. - * \param add The buffer holding the additional data. + * \param add The buffer holding the additional data. This must be of at + * least that size in Bytes. * \param add_len The length of the additional data. - * \param tag The buffer holding the tag to verify. + * \param tag The buffer holding the tag to verify. This must be a + * readable buffer of at least \p tag_len Bytes. * \param tag_len The length of the tag to verify. - * \param input The buffer holding the ciphertext. Its size is \b length. - * \param output The buffer for holding the decrypted plaintext. It must - * have room for \b length bytes. + * \param input The buffer holding the ciphertext. If \p length is greater + * than zero, this must be a readable buffer of at least that + * size. + * \param output The buffer for holding the decrypted plaintext. If \p length + * is greater than zero, this must be a writable buffer of at + * least that size. * * \return \c 0 if successful and authenticated. * \return #MBEDTLS_ERR_GCM_AUTH_FAILED if the tag does not match. - * \return #MBEDTLS_ERR_GCM_BAD_INPUT if the lengths are not valid. - * \return #MBEDTLS_ERR_GCM_HW_ACCEL_FAILED or a cipher-specific - * error code if the decryption failed. + * \return #MBEDTLS_ERR_GCM_BAD_INPUT if the lengths or pointers are + * not valid or a cipher-specific error code if the decryption + * failed. */ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, size_t length, @@ -203,15 +221,16 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, * \brief This function starts a GCM encryption or decryption * operation. * - * \param ctx The GCM context. + * \param ctx The GCM context. This must be initialized. * \param mode The operation to perform: #MBEDTLS_GCM_ENCRYPT or * #MBEDTLS_GCM_DECRYPT. - * \param iv The initialization vector. + * \param iv The initialization vector. This must be a readable buffer of + * at least \p iv_len Bytes. * \param iv_len The length of the IV. - * \param add The buffer holding the additional data, or NULL - * if \p add_len is 0. - * \param add_len The length of the additional data. If 0, - * \p add is NULL. + * \param add The buffer holding the additional data, or \c NULL + * if \p add_len is \c 0. + * \param add_len The length of the additional data. If \c 0, + * \p add may be \c NULL. * * \return \c 0 on success. */ @@ -234,11 +253,15 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, * input buffer. If the buffers overlap, the output buffer * must trail at least 8 Bytes behind the input buffer. * - * \param ctx The GCM context. + * \param ctx The GCM context. This must be initialized. * \param length The length of the input data. This must be a multiple of * 16 except in the last call before mbedtls_gcm_finish(). - * \param input The buffer holding the input data. - * \param output The buffer for holding the output data. + * \param input The buffer holding the input data. If \p length is greater + * than zero, this must be a readable buffer of at least that + * size in Bytes. + * \param output The buffer for holding the output data. If \p length is + * greater than zero, this must be a writable buffer of at + * least that size in Bytes. * * \return \c 0 on success. * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure. @@ -255,9 +278,11 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, * It wraps up the GCM stream, and generates the * tag. The tag can have a maximum length of 16 Bytes. * - * \param ctx The GCM context. - * \param tag The buffer for holding the tag. - * \param tag_len The length of the tag to generate. Must be at least four. + * \param ctx The GCM context. This must be initialized. + * \param tag The buffer for holding the tag. This must be a readable + * buffer of at least \p tag_len Bytes. + * \param tag_len The length of the tag to generate. This must be at least + * four. * * \return \c 0 on success. * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure. @@ -270,7 +295,8 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, * \brief This function clears a GCM context and the underlying * cipher sub-context. * - * \param ctx The GCM context to clear. + * \param ctx The GCM context to clear. If this is \c NULL, the call has + * no effect. Otherwise, this must be initialized. */ void mbedtls_gcm_free( mbedtls_gcm_context *ctx ); diff --git a/thirdparty/mbedtls/include/mbedtls/havege.h b/thirdparty/mbedtls/include/mbedtls/havege.h index d4cb3ed38d..57e8c40943 100644 --- a/thirdparty/mbedtls/include/mbedtls/havege.h +++ b/thirdparty/mbedtls/include/mbedtls/havege.h @@ -35,7 +35,7 @@ extern "C" { /** * \brief HAVEGE state structure */ -typedef struct +typedef struct mbedtls_havege_state { int PT1, PT2, offset[2]; int pool[MBEDTLS_HAVEGE_COLLECT_SIZE]; diff --git a/thirdparty/mbedtls/include/mbedtls/hkdf.h b/thirdparty/mbedtls/include/mbedtls/hkdf.h index 6833e7272e..e6ed7cde97 100644 --- a/thirdparty/mbedtls/include/mbedtls/hkdf.h +++ b/thirdparty/mbedtls/include/mbedtls/hkdf.h @@ -73,6 +73,11 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt, * \brief Take the input keying material \p ikm and extract from it a * fixed-length pseudorandom key \p prk. * + * \warning This function should only be used if the security of it has been + * studied and established in that particular context (eg. TLS 1.3 + * key schedule). For standard HKDF security guarantees use + * \c mbedtls_hkdf instead. + * * \param md A hash function; md.size denotes the length of the * hash function output in bytes. * \param salt An optional salt value (a non-secret random value); @@ -97,10 +102,15 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md, * \brief Expand the supplied \p prk into several additional pseudorandom * keys, which is the output of the HKDF. * + * \warning This function should only be used if the security of it has been + * studied and established in that particular context (eg. TLS 1.3 + * key schedule). For standard HKDF security guarantees use + * \c mbedtls_hkdf instead. + * * \param md A hash function; md.size denotes the length of the hash * function output in bytes. - * \param prk A pseudorandom key of at least md.size bytes. \p prk is usually, - * the output from the HKDF extract step. + * \param prk A pseudorandom key of at least md.size bytes. \p prk is + * usually the output from the HKDF extract step. * \param prk_len The length in bytes of \p prk. * \param info An optional context and application specific information * string. This can be a zero-length string. diff --git a/thirdparty/mbedtls/include/mbedtls/hmac_drbg.h b/thirdparty/mbedtls/include/mbedtls/hmac_drbg.h index 2608de8595..146367b9de 100644 --- a/thirdparty/mbedtls/include/mbedtls/hmac_drbg.h +++ b/thirdparty/mbedtls/include/mbedtls/hmac_drbg.h @@ -74,7 +74,7 @@ extern "C" { /** * HMAC_DRBG context. */ -typedef struct +typedef struct mbedtls_hmac_drbg_context { /* Working state: the key K is not stored explicitely, * but is implied by the HMAC context */ @@ -195,10 +195,13 @@ void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, * \param additional Additional data to update state with, or NULL * \param add_len Length of additional data, or 0 * + * \return \c 0 on success, or an error from the underlying + * hash calculation. + * * \note Additional data is optional, pass NULL and 0 as second * third argument if no additional data is being used. */ -void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, +int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len ); /** @@ -257,6 +260,31 @@ int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len */ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ); +#if ! defined(MBEDTLS_DEPRECATED_REMOVED) +#if defined(MBEDTLS_DEPRECATED_WARNING) +#define MBEDTLS_DEPRECATED __attribute__((deprecated)) +#else +#define MBEDTLS_DEPRECATED +#endif +/** + * \brief HMAC_DRBG update state + * + * \deprecated Superseded by mbedtls_hmac_drbg_update_ret() + * in 2.16.0. + * + * \param ctx HMAC_DRBG context + * \param additional Additional data to update state with, or NULL + * \param add_len Length of additional data, or 0 + * + * \note Additional data is optional, pass NULL and 0 as second + * third argument if no additional data is being used. + */ +MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update( + mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, size_t add_len ); +#undef MBEDTLS_DEPRECATED +#endif /* !MBEDTLS_DEPRECATED_REMOVED */ + #if defined(MBEDTLS_FS_IO) /** * \brief Write a seed file diff --git a/thirdparty/mbedtls/include/mbedtls/md.h b/thirdparty/mbedtls/include/mbedtls/md.h index 6b6f5c53dd..8bcf766a6c 100644 --- a/thirdparty/mbedtls/include/mbedtls/md.h +++ b/thirdparty/mbedtls/include/mbedtls/md.h @@ -39,6 +39,8 @@ #define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */ #define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */ + +/* MBEDTLS_ERR_MD_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_MD_HW_ACCEL_FAILED -0x5280 /**< MD hardware accelerator failed. */ #ifdef __cplusplus @@ -80,7 +82,8 @@ typedef struct mbedtls_md_info_t mbedtls_md_info_t; /** * The generic message-digest context. */ -typedef struct { +typedef struct mbedtls_md_context_t +{ /** Information about the associated message digest. */ const mbedtls_md_info_t *md_info; diff --git a/thirdparty/mbedtls/include/mbedtls/md2.h b/thirdparty/mbedtls/include/mbedtls/md2.h index 08e75b247b..f9bd98f804 100644 --- a/thirdparty/mbedtls/include/mbedtls/md2.h +++ b/thirdparty/mbedtls/include/mbedtls/md2.h @@ -37,6 +37,7 @@ #include <stddef.h> +/* MBEDTLS_ERR_MD2_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_MD2_HW_ACCEL_FAILED -0x002B /**< MD2 hardware accelerator failed */ #ifdef __cplusplus @@ -55,7 +56,7 @@ extern "C" { * stronger message digests instead. * */ -typedef struct +typedef struct mbedtls_md2_context { unsigned char cksum[16]; /*!< checksum of the data block */ unsigned char state[48]; /*!< intermediate digest state */ diff --git a/thirdparty/mbedtls/include/mbedtls/md4.h b/thirdparty/mbedtls/include/mbedtls/md4.h index 8ee4e5cabf..dc3c048949 100644 --- a/thirdparty/mbedtls/include/mbedtls/md4.h +++ b/thirdparty/mbedtls/include/mbedtls/md4.h @@ -38,6 +38,7 @@ #include <stddef.h> #include <stdint.h> +/* MBEDTLS_ERR_MD4_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_MD4_HW_ACCEL_FAILED -0x002D /**< MD4 hardware accelerator failed */ #ifdef __cplusplus @@ -56,7 +57,7 @@ extern "C" { * stronger message digests instead. * */ -typedef struct +typedef struct mbedtls_md4_context { uint32_t total[2]; /*!< number of bytes processed */ uint32_t state[4]; /*!< intermediate digest state */ diff --git a/thirdparty/mbedtls/include/mbedtls/md5.h b/thirdparty/mbedtls/include/mbedtls/md5.h index 43ead4b747..6c3354fd30 100644 --- a/thirdparty/mbedtls/include/mbedtls/md5.h +++ b/thirdparty/mbedtls/include/mbedtls/md5.h @@ -37,6 +37,7 @@ #include <stddef.h> #include <stdint.h> +/* MBEDTLS_ERR_MD5_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_MD5_HW_ACCEL_FAILED -0x002F /**< MD5 hardware accelerator failed */ #ifdef __cplusplus @@ -55,7 +56,7 @@ extern "C" { * stronger message digests instead. * */ -typedef struct +typedef struct mbedtls_md5_context { uint32_t total[2]; /*!< number of bytes processed */ uint32_t state[4]; /*!< intermediate digest state */ diff --git a/thirdparty/mbedtls/include/mbedtls/net_sockets.h b/thirdparty/mbedtls/include/mbedtls/net_sockets.h index 9f07eeb4d3..4c7ef00fe6 100644 --- a/thirdparty/mbedtls/include/mbedtls/net_sockets.h +++ b/thirdparty/mbedtls/include/mbedtls/net_sockets.h @@ -84,7 +84,7 @@ extern "C" { * (eg two file descriptors for combined IPv4 + IPv6 support, or additional * structures for hand-made UDP demultiplexing). */ -typedef struct +typedef struct mbedtls_net_context { int fd; /**< The underlying file descriptor */ } diff --git a/thirdparty/mbedtls/include/mbedtls/oid.h b/thirdparty/mbedtls/include/mbedtls/oid.h index f82554844c..6fbd018aaa 100644 --- a/thirdparty/mbedtls/include/mbedtls/oid.h +++ b/thirdparty/mbedtls/include/mbedtls/oid.h @@ -403,7 +403,8 @@ extern "C" { /** * \brief Base OID descriptor structure */ -typedef struct { +typedef struct mbedtls_oid_descriptor_t +{ const char *asn1; /*!< OID ASN.1 representation */ size_t asn1_len; /*!< length of asn1 */ const char *name; /*!< official name (e.g. from RFC) */ diff --git a/thirdparty/mbedtls/include/mbedtls/padlock.h b/thirdparty/mbedtls/include/mbedtls/padlock.h index 677936ebf8..7a5d083a95 100644 --- a/thirdparty/mbedtls/include/mbedtls/padlock.h +++ b/thirdparty/mbedtls/include/mbedtls/padlock.h @@ -3,6 +3,9 @@ * * \brief VIA PadLock ACE for HW encryption/decryption supported by some * processors + * + * \warning These functions are only for internal use by other library + * functions; you must not call them directly. */ /* * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved @@ -57,7 +60,10 @@ extern "C" { #endif /** - * \brief PadLock detection routine + * \brief Internal PadLock detection routine + * + * \note This function is only for internal use by other library + * functions; you must not call it directly. * * \param feature The feature to detect * @@ -66,7 +72,10 @@ extern "C" { int mbedtls_padlock_has_support( int feature ); /** - * \brief PadLock AES-ECB block en(de)cryption + * \brief Internal PadLock AES-ECB block en(de)cryption + * + * \note This function is only for internal use by other library + * functions; you must not call it directly. * * \param ctx AES context * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT @@ -76,12 +85,15 @@ int mbedtls_padlock_has_support( int feature ); * \return 0 if success, 1 if operation failed */ int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); + int mode, + const unsigned char input[16], + unsigned char output[16] ); /** - * \brief PadLock AES-CBC buffer en(de)cryption + * \brief Internal PadLock AES-CBC buffer en(de)cryption + * + * \note This function is only for internal use by other library + * functions; you must not call it directly. * * \param ctx AES context * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT @@ -93,11 +105,11 @@ int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx, * \return 0 if success, 1 if operation failed */ int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); #ifdef __cplusplus } diff --git a/thirdparty/mbedtls/include/mbedtls/pem.h b/thirdparty/mbedtls/include/mbedtls/pem.h index 2cf4c0a709..fa82f7bdbd 100644 --- a/thirdparty/mbedtls/include/mbedtls/pem.h +++ b/thirdparty/mbedtls/include/mbedtls/pem.h @@ -51,7 +51,7 @@ extern "C" { /** * \brief PEM context structure */ -typedef struct +typedef struct mbedtls_pem_context { unsigned char *buf; /*!< buffer for decoded data */ size_t buflen; /*!< length of the buffer */ diff --git a/thirdparty/mbedtls/include/mbedtls/pk.h b/thirdparty/mbedtls/include/mbedtls/pk.h index ee06b2fd20..91950f9407 100644 --- a/thirdparty/mbedtls/include/mbedtls/pk.h +++ b/thirdparty/mbedtls/include/mbedtls/pk.h @@ -64,6 +64,8 @@ #define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */ #define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */ #define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x3900 /**< The buffer contains a valid signature followed by more data. */ + +/* MBEDTLS_ERR_PK_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_PK_HW_ACCEL_FAILED -0x3880 /**< PK hardware accelerator failed. */ #ifdef __cplusplus @@ -87,7 +89,7 @@ typedef enum { * \brief Options for RSASSA-PSS signature verification. * See \c mbedtls_rsa_rsassa_pss_verify_ext() */ -typedef struct +typedef struct mbedtls_pk_rsassa_pss_options { mbedtls_md_type_t mgf1_hash_id; int expected_salt_len; @@ -107,7 +109,7 @@ typedef enum /** * \brief Item to send to the debug module */ -typedef struct +typedef struct mbedtls_pk_debug_item { mbedtls_pk_debug_type type; const char *name; @@ -125,12 +127,26 @@ typedef struct mbedtls_pk_info_t mbedtls_pk_info_t; /** * \brief Public key container */ -typedef struct +typedef struct mbedtls_pk_context { - const mbedtls_pk_info_t * pk_info; /**< Public key informations */ + const mbedtls_pk_info_t * pk_info; /**< Public key information */ void * pk_ctx; /**< Underlying public key context */ } mbedtls_pk_context; +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) +/** + * \brief Context for resuming operations + */ +typedef struct +{ + const mbedtls_pk_info_t * pk_info; /**< Public key information */ + void * rs_ctx; /**< Underlying restart context */ +} mbedtls_pk_restart_ctx; +#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ +/* Now we can declare functions that take a pointer to that */ +typedef void mbedtls_pk_restart_ctx; +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + #if defined(MBEDTLS_RSA_C) /** * Quick access to an RSA context inside a PK context. @@ -181,20 +197,45 @@ typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx ); const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ); /** - * \brief Initialize a mbedtls_pk_context (as NONE) + * \brief Initialize a #mbedtls_pk_context (as NONE). + * + * \param ctx The context to initialize. + * This must not be \c NULL. */ void mbedtls_pk_init( mbedtls_pk_context *ctx ); /** - * \brief Free a mbedtls_pk_context + * \brief Free the components of a #mbedtls_pk_context. + * + * \param ctx The context to clear. It must have been initialized. + * If this is \c NULL, this function does nothing. */ void mbedtls_pk_free( mbedtls_pk_context *ctx ); +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) +/** + * \brief Initialize a restart context + * + * \param ctx The context to initialize. + * This must not be \c NULL. + */ +void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx ); + +/** + * \brief Free the components of a restart context + * + * \param ctx The context to clear. It must have been initialized. + * If this is \c NULL, this function does nothing. + */ +void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ); +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + /** * \brief Initialize a PK context with the information given * and allocates the type-specific PK subcontext. * - * \param ctx Context to initialize. Must be empty (type NONE). + * \param ctx Context to initialize. It must not have been set + * up yet (type #MBEDTLS_PK_NONE). * \param info Information to use * * \return 0 on success, @@ -210,7 +251,8 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ); /** * \brief Initialize an RSA-alt context * - * \param ctx Context to initialize. Must be empty (type NONE). + * \param ctx Context to initialize. It must not have been set + * up yet (type #MBEDTLS_PK_NONE). * \param key RSA key pointer * \param decrypt_func Decryption function * \param sign_func Signing function @@ -230,7 +272,7 @@ int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, /** * \brief Get the size in bits of the underlying key * - * \param ctx Context to use + * \param ctx The context to query. It must have been initialized. * * \return Key size in bits, or 0 on error */ @@ -238,7 +280,8 @@ size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ); /** * \brief Get the length in bytes of the underlying key - * \param ctx Context to use + * + * \param ctx The context to query. It must have been initialized. * * \return Key length in bytes, or 0 on error */ @@ -250,18 +293,21 @@ static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx ) /** * \brief Tell if a context can do the operation given by type * - * \param ctx Context to test - * \param type Target type + * \param ctx The context to query. It must have been initialized. + * \param type The desired type. * - * \return 0 if context can't do the operations, - * 1 otherwise. + * \return 1 if the context can do operations on the given type. + * \return 0 if the context cannot do the operations on the given + * type. This is always the case for a context that has + * been initialized but not set up, or that has been + * cleared with mbedtls_pk_free(). */ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ); /** * \brief Verify signature (including padding if relevant). * - * \param ctx PK context to use + * \param ctx The PK context to use. It must have been set up. * \param md_alg Hash algorithm used (see notes) * \param hash Hash of the message to sign * \param hash_len Hash length or 0 (see notes) @@ -287,12 +333,38 @@ int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *sig, size_t sig_len ); /** + * \brief Restartable version of \c mbedtls_pk_verify() + * + * \note Performs the same job as \c mbedtls_pk_verify(), but can + * return early and restart according to the limit set with + * \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC + * operations. For RSA, same as \c mbedtls_pk_verify(). + * + * \param ctx The PK context to use. It must have been set up. + * \param md_alg Hash algorithm used (see notes) + * \param hash Hash of the message to sign + * \param hash_len Hash length or 0 (see notes) + * \param sig Signature to verify + * \param sig_len Signature length + * \param rs_ctx Restart context (NULL to disable restart) + * + * \return See \c mbedtls_pk_verify(), or + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c mbedtls_ecp_set_max_ops(). + */ +int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + mbedtls_pk_restart_ctx *rs_ctx ); + +/** * \brief Verify signature, with options. * (Includes verification of the padding depending on type.) * * \param type Signature type (inc. possible padding type) to verify * \param options Pointer to type-specific options, or NULL - * \param ctx PK context to use + * \param ctx The PK context to use. It must have been set up. * \param md_alg Hash algorithm used (see notes) * \param hash Hash of the message to sign * \param hash_len Hash length or 0 (see notes) @@ -323,7 +395,8 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, /** * \brief Make signature, including padding if relevant. * - * \param ctx PK context to use - must hold a private key + * \param ctx The PK context to use. It must have been set up + * with a private key. * \param md_alg Hash algorithm used (see notes) * \param hash Hash of the message to sign * \param hash_len Hash length or 0 (see notes) @@ -350,9 +423,40 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); /** + * \brief Restartable version of \c mbedtls_pk_sign() + * + * \note Performs the same job as \c mbedtls_pk_sign(), but can + * return early and restart according to the limit set with + * \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC + * operations. For RSA, same as \c mbedtls_pk_sign(). + * + * \param ctx The PK context to use. It must have been set up + * with a private key. + * \param md_alg Hash algorithm used (see notes) + * \param hash Hash of the message to sign + * \param hash_len Hash length or 0 (see notes) + * \param sig Place to write the signature + * \param sig_len Number of bytes written + * \param f_rng RNG function + * \param p_rng RNG parameter + * \param rs_ctx Restart context (NULL to disable restart) + * + * \return See \c mbedtls_pk_sign(), or + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c mbedtls_ecp_set_max_ops(). + */ +int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_pk_restart_ctx *rs_ctx ); + +/** * \brief Decrypt message (including padding if relevant). * - * \param ctx PK context to use - must hold a private key + * \param ctx The PK context to use. It must have been set up + * with a private key. * \param input Input to decrypt * \param ilen Input size * \param output Decrypted output @@ -373,7 +477,7 @@ int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, /** * \brief Encrypt message (including padding if relevant). * - * \param ctx PK context to use + * \param ctx The PK context to use. It must have been set up. * \param input Message to encrypt * \param ilen Message size * \param output Encrypted output @@ -404,7 +508,7 @@ int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_conte /** * \brief Export debug information * - * \param ctx Context to use + * \param ctx The PK context to use. It must have been initialized. * \param items Place to write debug items * * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA @@ -414,7 +518,7 @@ int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *item /** * \brief Access the type name * - * \param ctx Context to use + * \param ctx The PK context to use. It must have been initialized. * * \return Type name on success, or "invalid PK" */ @@ -423,9 +527,10 @@ const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx ); /** * \brief Get the key type * - * \param ctx Context to use + * \param ctx The PK context to use. It must have been initialized. * - * \return Type on success, or MBEDTLS_PK_NONE + * \return Type on success. + * \return #MBEDTLS_PK_NONE for a context that has not been set up. */ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); @@ -434,12 +539,22 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx ); /** * \brief Parse a private key in PEM or DER format * - * \param ctx key to be initialized - * \param key input buffer - * \param keylen size of the buffer - * (including the terminating null byte for PEM data) - * \param pwd password for decryption (optional) - * \param pwdlen size of the password + * \param ctx The PK context to fill. It must have been initialized + * but not set up. + * \param key Input buffer to parse. + * The buffer must contain the input exactly, with no + * extra trailing material. For PEM, the buffer must + * contain a null-terminated string. + * \param keylen Size of \b key in bytes. + * For PEM data, this includes the terminating null byte, + * so \p keylen must be equal to `strlen(key) + 1`. + * \param pwd Optional password for decryption. + * Pass \c NULL if expecting a non-encrypted key. + * Pass a string of \p pwdlen bytes if expecting an encrypted + * key; a non-encrypted key will also be accepted. + * The empty password is not supported. + * \param pwdlen Size of the password in bytes. + * Ignored if \p pwd is \c NULL. * * \note On entry, ctx must be empty, either freshly initialised * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a @@ -457,10 +572,15 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *ctx, /** * \brief Parse a public key in PEM or DER format * - * \param ctx key to be initialized - * \param key input buffer - * \param keylen size of the buffer - * (including the terminating null byte for PEM data) + * \param ctx The PK context to fill. It must have been initialized + * but not set up. + * \param key Input buffer to parse. + * The buffer must contain the input exactly, with no + * extra trailing material. For PEM, the buffer must + * contain a null-terminated string. + * \param keylen Size of \b key in bytes. + * For PEM data, this includes the terminating null byte, + * so \p keylen must be equal to `strlen(key) + 1`. * * \note On entry, ctx must be empty, either freshly initialised * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a @@ -478,9 +598,14 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, /** * \brief Load and parse a private key * - * \param ctx key to be initialized + * \param ctx The PK context to fill. It must have been initialized + * but not set up. * \param path filename to read the private key from - * \param password password to decrypt the file (can be NULL) + * \param password Optional password to decrypt the file. + * Pass \c NULL if expecting a non-encrypted key. + * Pass a null-terminated string if expecting an encrypted + * key; a non-encrypted key will also be accepted. + * The empty password is not supported. * * \note On entry, ctx must be empty, either freshly initialised * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a @@ -497,7 +622,8 @@ int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, /** * \brief Load and parse a public key * - * \param ctx key to be initialized + * \param ctx The PK context to fill. It must have been initialized + * but not set up. * \param path filename to read the public key from * * \note On entry, ctx must be empty, either freshly initialised @@ -520,7 +646,7 @@ int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ) * return value to determine where you should start * using the buffer * - * \param ctx private to write away + * \param ctx PK context which must contain a valid private key. * \param buf buffer to write to * \param size size of the buffer * @@ -535,7 +661,7 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_ * return value to determine where you should start * using the buffer * - * \param ctx public key to write away + * \param ctx PK context which must contain a valid public or private key. * \param buf buffer to write to * \param size size of the buffer * @@ -548,9 +674,10 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, si /** * \brief Write a public key to a PEM string * - * \param ctx public key to write away - * \param buf buffer to write to - * \param size size of the buffer + * \param ctx PK context which must contain a valid public or private key. + * \param buf Buffer to write to. The output includes a + * terminating null byte. + * \param size Size of the buffer in bytes. * * \return 0 if successful, or a specific error code */ @@ -559,9 +686,10 @@ int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, si /** * \brief Write a private key to a PKCS#1 or SEC1 PEM string * - * \param ctx private to write away - * \param buf buffer to write to - * \param size size of the buffer + * \param ctx PK context which must contain a valid private key. + * \param buf Buffer to write to. The output includes a + * terminating null byte. + * \param size Size of the buffer in bytes. * * \return 0 if successful, or a specific error code */ @@ -580,7 +708,8 @@ int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_ * * \param p the position in the ASN.1 data * \param end end of the buffer - * \param pk the key to fill + * \param pk The PK context to fill. It must have been initialized + * but not set up. * * \return 0 if successful, or a specific PK error code */ @@ -595,7 +724,7 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, * * \param p reference to current position pointer * \param start start of the buffer (for bounds-checking) - * \param key public key to write away + * \param key PK context which must contain a valid public or private key. * * \return the length written or a negative error code */ diff --git a/thirdparty/mbedtls/include/mbedtls/pk_internal.h b/thirdparty/mbedtls/include/mbedtls/pk_internal.h index 3dae0fc5b2..48b7a5f7bf 100644 --- a/thirdparty/mbedtls/include/mbedtls/pk_internal.h +++ b/thirdparty/mbedtls/include/mbedtls/pk_internal.h @@ -59,6 +59,21 @@ struct mbedtls_pk_info_t int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + /** Verify signature (restartable) */ + int (*verify_rs_func)( void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx ); + + /** Make signature (restartable) */ + int (*sign_rs_func)( void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, void *rs_ctx ); +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + /** Decrypt message */ int (*decrypt_func)( void *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, @@ -80,6 +95,14 @@ struct mbedtls_pk_info_t /** Free the given context */ void (*ctx_free_func)( void *ctx ); +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + /** Allocate the restart context */ + void * (*rs_alloc_func)( void ); + + /** Free the restart context */ + void (*rs_free_func)( void *rs_ctx ); +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + /** Interface with the debug module */ void (*debug_func)( const void *ctx, mbedtls_pk_debug_item *items ); diff --git a/thirdparty/mbedtls/include/mbedtls/pkcs11.h b/thirdparty/mbedtls/include/mbedtls/pkcs11.h index bf65c55a79..02427ddc1e 100644 --- a/thirdparty/mbedtls/include/mbedtls/pkcs11.h +++ b/thirdparty/mbedtls/include/mbedtls/pkcs11.h @@ -50,7 +50,8 @@ extern "C" { /** * Context for PKCS #11 private keys. */ -typedef struct { +typedef struct mbedtls_pkcs11_context +{ pkcs11h_certificate_t pkcs11h_cert; int len; } mbedtls_pkcs11_context; diff --git a/thirdparty/mbedtls/include/mbedtls/pkcs12.h b/thirdparty/mbedtls/include/mbedtls/pkcs12.h index a621ef5b15..69f04177c8 100644 --- a/thirdparty/mbedtls/include/mbedtls/pkcs12.h +++ b/thirdparty/mbedtls/include/mbedtls/pkcs12.h @@ -46,6 +46,8 @@ extern "C" { #endif +#if defined(MBEDTLS_ASN1_PARSE_C) + /** * \brief PKCS12 Password Based function (encryption / decryption) * for pbeWithSHAAnd128BitRC4 @@ -87,6 +89,8 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode, const unsigned char *input, size_t len, unsigned char *output ); +#endif /* MBEDTLS_ASN1_PARSE_C */ + /** * \brief The PKCS#12 derivation function uses a password and a salt * to produce pseudo-random bits for a particular "purpose". diff --git a/thirdparty/mbedtls/include/mbedtls/pkcs5.h b/thirdparty/mbedtls/include/mbedtls/pkcs5.h index 9a3c9fddcc..d4bb36dfae 100644 --- a/thirdparty/mbedtls/include/mbedtls/pkcs5.h +++ b/thirdparty/mbedtls/include/mbedtls/pkcs5.h @@ -44,6 +44,8 @@ extern "C" { #endif +#if defined(MBEDTLS_ASN1_PARSE_C) + /** * \brief PKCS#5 PBES2 function * @@ -62,6 +64,8 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, const unsigned char *data, size_t datalen, unsigned char *output ); +#endif /* MBEDTLS_ASN1_PARSE_C */ + /** * \brief PKCS#5 PBKDF2 using HMAC * diff --git a/thirdparty/mbedtls/include/mbedtls/platform.h b/thirdparty/mbedtls/include/mbedtls/platform.h index 624cc642ac..89fe8a7b19 100644 --- a/thirdparty/mbedtls/include/mbedtls/platform.h +++ b/thirdparty/mbedtls/include/mbedtls/platform.h @@ -43,6 +43,9 @@ #include "platform_time.h" #endif +#define MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED -0x0070 /**< Hardware accelerator failed */ +#define MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED -0x0072 /**< The requested feature is not supported by the platform */ + #ifdef __cplusplus extern "C" { #endif @@ -315,7 +318,8 @@ int mbedtls_platform_set_nv_seed( * \note This structure may be used to assist platform-specific * setup or teardown operations. */ -typedef struct { +typedef struct mbedtls_platform_context +{ char dummy; /**< A placeholder member, as empty structs are not portable. */ } mbedtls_platform_context; diff --git a/thirdparty/mbedtls/include/mbedtls/platform_util.h b/thirdparty/mbedtls/include/mbedtls/platform_util.h index 84f0732eeb..b0e72ad149 100644 --- a/thirdparty/mbedtls/include/mbedtls/platform_util.h +++ b/thirdparty/mbedtls/include/mbedtls/platform_util.h @@ -25,12 +25,104 @@ #ifndef MBEDTLS_PLATFORM_UTIL_H #define MBEDTLS_PLATFORM_UTIL_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include <stddef.h> +#if defined(MBEDTLS_HAVE_TIME_DATE) +#include "mbedtls/platform_time.h" +#include <time.h> +#endif /* MBEDTLS_HAVE_TIME_DATE */ #ifdef __cplusplus extern "C" { #endif +#if defined(MBEDTLS_CHECK_PARAMS) + +#if defined(MBEDTLS_PARAM_FAILED) +/** An alternative definition of MBEDTLS_PARAM_FAILED has been set in config.h. + * + * This flag can be used to check whether it is safe to assume that + * MBEDTLS_PARAM_FAILED() will expand to a call to mbedtls_param_failed(). + */ +#define MBEDTLS_PARAM_FAILED_ALT +#else /* MBEDTLS_PARAM_FAILED */ +#define MBEDTLS_PARAM_FAILED( cond ) \ + mbedtls_param_failed( #cond, __FILE__, __LINE__ ) + +/** + * \brief User supplied callback function for parameter validation failure. + * See #MBEDTLS_CHECK_PARAMS for context. + * + * This function will be called unless an alternative treatement + * is defined through the #MBEDTLS_PARAM_FAILED macro. + * + * This function can return, and the operation will be aborted, or + * alternatively, through use of setjmp()/longjmp() can resume + * execution in the application code. + * + * \param failure_condition The assertion that didn't hold. + * \param file The file where the assertion failed. + * \param line The line in the file where the assertion failed. + */ +void mbedtls_param_failed( const char *failure_condition, + const char *file, + int line ); +#endif /* MBEDTLS_PARAM_FAILED */ + +/* Internal macro meant to be called only from within the library. */ +#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) \ + do { \ + if( !(cond) ) \ + { \ + MBEDTLS_PARAM_FAILED( cond ); \ + return( ret ); \ + } \ + } while( 0 ) + +/* Internal macro meant to be called only from within the library. */ +#define MBEDTLS_INTERNAL_VALIDATE( cond ) \ + do { \ + if( !(cond) ) \ + { \ + MBEDTLS_PARAM_FAILED( cond ); \ + return; \ + } \ + } while( 0 ) + +#else /* MBEDTLS_CHECK_PARAMS */ + +/* Internal macros meant to be called only from within the library. */ +#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret ) do { } while( 0 ) +#define MBEDTLS_INTERNAL_VALIDATE( cond ) do { } while( 0 ) + +#endif /* MBEDTLS_CHECK_PARAMS */ + +/* Internal helper macros for deprecating API constants. */ +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#if defined(MBEDTLS_DEPRECATED_WARNING) +/* Deliberately don't (yet) export MBEDTLS_DEPRECATED here + * to avoid conflict with other headers which define and use + * it, too. We might want to move all these definitions here at + * some point for uniformity. */ +#define MBEDTLS_DEPRECATED __attribute__((deprecated)) +MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_string_constant_t; +#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) \ + ( (mbedtls_deprecated_string_constant_t) ( VAL ) ) +MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t; +#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) \ + ( (mbedtls_deprecated_numeric_constant_t) ( VAL ) ) +#undef MBEDTLS_DEPRECATED +#else /* MBEDTLS_DEPRECATED_WARNING */ +#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) VAL +#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) VAL +#endif /* MBEDTLS_DEPRECATED_WARNING */ +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + /** * \brief Securely zeroize a buffer * @@ -55,6 +147,37 @@ extern "C" { */ void mbedtls_platform_zeroize( void *buf, size_t len ); +#if defined(MBEDTLS_HAVE_TIME_DATE) +/** + * \brief Platform-specific implementation of gmtime_r() + * + * The function is a thread-safe abstraction that behaves + * similarly to the gmtime_r() function from Unix/POSIX. + * + * Mbed TLS will try to identify the underlying platform and + * make use of an appropriate underlying implementation (e.g. + * gmtime_r() for POSIX and gmtime_s() for Windows). If this is + * not possible, then gmtime() will be used. In this case, calls + * from the library to gmtime() will be guarded by the mutex + * mbedtls_threading_gmtime_mutex if MBEDTLS_THREADING_C is + * enabled. It is recommended that calls from outside the library + * are also guarded by this mutex. + * + * If MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, then Mbed TLS will + * unconditionally use the alternative implementation for + * mbedtls_platform_gmtime_r() supplied by the user at compile time. + * + * \param tt Pointer to an object containing time (in seconds) since the + * epoch to be converted + * \param tm_buf Pointer to an object where the results will be stored + * + * \return Pointer to an object of type struct tm on success, otherwise + * NULL + */ +struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt, + struct tm *tm_buf ); +#endif /* MBEDTLS_HAVE_TIME_DATE */ + #ifdef __cplusplus } #endif diff --git a/thirdparty/mbedtls/include/mbedtls/poly1305.h b/thirdparty/mbedtls/include/mbedtls/poly1305.h index 54b50abc25..05866a2da6 100644 --- a/thirdparty/mbedtls/include/mbedtls/poly1305.h +++ b/thirdparty/mbedtls/include/mbedtls/poly1305.h @@ -43,7 +43,13 @@ #include <stddef.h> #define MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA -0x0057 /**< Invalid input parameter(s). */ + +/* MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE is deprecated and should not be + * used. */ #define MBEDTLS_ERR_POLY1305_FEATURE_UNAVAILABLE -0x0059 /**< Feature not available. For example, s part of the API is not implemented. */ + +/* MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED is deprecated and should not be used. + */ #define MBEDTLS_ERR_POLY1305_HW_ACCEL_FAILED -0x005B /**< Poly1305 hardware accelerator failed. */ #ifdef __cplusplus @@ -52,7 +58,7 @@ extern "C" { #if !defined(MBEDTLS_POLY1305_ALT) -typedef struct +typedef struct mbedtls_poly1305_context { uint32_t r[4]; /** The value for 'r' (low 128 bits of the key). */ uint32_t s[4]; /** The value for 's' (high 128 bits of the key). */ @@ -78,14 +84,18 @@ mbedtls_poly1305_context; * \c mbedtls_poly1305_finish(), then finally * \c mbedtls_poly1305_free(). * - * \param ctx The Poly1305 context to initialize. + * \param ctx The Poly1305 context to initialize. This must + * not be \c NULL. */ void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ); /** - * \brief This function releases and clears the specified Poly1305 context. + * \brief This function releases and clears the specified + * Poly1305 context. * - * \param ctx The Poly1305 context to clear. + * \param ctx The Poly1305 context to clear. This may be \c NULL, in which + * case this function is a no-op. If it is not \c NULL, it must + * point to an initialized Poly1305 context. */ void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx ); @@ -96,11 +106,11 @@ void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx ); * invocation of Poly1305. * * \param ctx The Poly1305 context to which the key should be bound. - * \param key The buffer containing the 256-bit key. + * This must be initialized. + * \param key The buffer containing the \c 32 Byte (\c 256 Bit) key. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA - * if ctx or key are NULL. + * \return A negative error code on failure. */ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, const unsigned char key[32] ); @@ -114,13 +124,14 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, * It can be called repeatedly to process a stream of data. * * \param ctx The Poly1305 context to use for the Poly1305 operation. - * \param ilen The length of the input data (in bytes). Any value is accepted. + * This must be initialized and bound to a key. + * \param ilen The length of the input data in Bytes. + * Any value is accepted. * \param input The buffer holding the input data. - * This pointer can be NULL if ilen == 0. + * This pointer can be \c NULL if `ilen == 0`. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA - * if ctx or input are NULL. + * \return A negative error code on failure. */ int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx, const unsigned char *input, @@ -131,12 +142,12 @@ int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx, * Authentication Code (MAC). * * \param ctx The Poly1305 context to use for the Poly1305 operation. - * \param mac The buffer to where the MAC is written. Must be big enough - * to hold the 16-byte MAC. + * This must be initialized and bound to a key. + * \param mac The buffer to where the MAC is written. This must + * be a writable buffer of length \c 16 Bytes. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA - * if ctx or mac are NULL. + * \return A negative error code on failure. */ int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx, unsigned char mac[16] ); @@ -148,16 +159,16 @@ int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx, * \warning The key must be unique and unpredictable for each * invocation of Poly1305. * - * \param key The buffer containing the 256-bit key. - * \param ilen The length of the input data (in bytes). Any value is accepted. + * \param key The buffer containing the \c 32 Byte (\c 256 Bit) key. + * \param ilen The length of the input data in Bytes. + * Any value is accepted. * \param input The buffer holding the input data. - * This pointer can be NULL if ilen == 0. - * \param mac The buffer to where the MAC is written. Must be big enough - * to hold the 16-byte MAC. + * This pointer can be \c NULL if `ilen == 0`. + * \param mac The buffer to where the MAC is written. This must be + * a writable buffer of length \c 16 Bytes. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA - * if key, input, or mac are NULL. + * \return A negative error code on failure. */ int mbedtls_poly1305_mac( const unsigned char key[32], const unsigned char *input, diff --git a/thirdparty/mbedtls/include/mbedtls/ripemd160.h b/thirdparty/mbedtls/include/mbedtls/ripemd160.h index a0dac0c360..c74b7d2c6c 100644 --- a/thirdparty/mbedtls/include/mbedtls/ripemd160.h +++ b/thirdparty/mbedtls/include/mbedtls/ripemd160.h @@ -33,6 +33,8 @@ #include <stddef.h> #include <stdint.h> +/* MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED is deprecated and should not be used. + */ #define MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED -0x0031 /**< RIPEMD160 hardware accelerator failed */ #ifdef __cplusplus @@ -46,7 +48,7 @@ extern "C" { /** * \brief RIPEMD-160 context structure */ -typedef struct +typedef struct mbedtls_ripemd160_context { uint32_t total[2]; /*!< number of bytes processed */ uint32_t state[5]; /*!< intermediate digest state */ diff --git a/thirdparty/mbedtls/include/mbedtls/rsa.h b/thirdparty/mbedtls/include/mbedtls/rsa.h index 19eb2ee74c..ed65a34452 100644 --- a/thirdparty/mbedtls/include/mbedtls/rsa.h +++ b/thirdparty/mbedtls/include/mbedtls/rsa.h @@ -55,7 +55,12 @@ #define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */ #define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */ #define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */ + +/* MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION is deprecated and should not be used. + */ #define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION -0x4500 /**< The implementation does not offer the requested operation, for example, because of security violations or lack of functionality. */ + +/* MBEDTLS_ERR_RSA_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED -0x4580 /**< RSA hardware accelerator failed. */ /* @@ -92,7 +97,7 @@ extern "C" { * is deprecated. All manipulation should instead be done through * the public interface functions. */ -typedef struct +typedef struct mbedtls_rsa_context { int ver; /*!< Always 0.*/ size_t len; /*!< The size of \p N in Bytes. */ @@ -153,15 +158,16 @@ mbedtls_rsa_context; * making signatures, but can be overriden for verifying them. * If set to #MBEDTLS_MD_NONE, it is always overriden. * - * \param ctx The RSA context to initialize. - * \param padding Selects padding mode: #MBEDTLS_RSA_PKCS_V15 or - * #MBEDTLS_RSA_PKCS_V21. - * \param hash_id The hash identifier of #mbedtls_md_type_t type, if - * \p padding is #MBEDTLS_RSA_PKCS_V21. + * \param ctx The RSA context to initialize. This must not be \c NULL. + * \param padding The padding mode to use. This must be either + * #MBEDTLS_RSA_PKCS_V15 or #MBEDTLS_RSA_PKCS_V21. + * \param hash_id The hash identifier of ::mbedtls_md_type_t type, if + * \p padding is #MBEDTLS_RSA_PKCS_V21. It is unused + * otherwise. */ void mbedtls_rsa_init( mbedtls_rsa_context *ctx, int padding, - int hash_id); + int hash_id ); /** * \brief This function imports a set of core parameters into an @@ -183,11 +189,11 @@ void mbedtls_rsa_init( mbedtls_rsa_context *ctx, * for the lifetime of the RSA context being set up. * * \param ctx The initialized RSA context to store the parameters in. - * \param N The RSA modulus, or NULL. - * \param P The first prime factor of \p N, or NULL. - * \param Q The second prime factor of \p N, or NULL. - * \param D The private exponent, or NULL. - * \param E The public exponent, or NULL. + * \param N The RSA modulus. This may be \c NULL. + * \param P The first prime factor of \p N. This may be \c NULL. + * \param Q The second prime factor of \p N. This may be \c NULL. + * \param D The private exponent. This may be \c NULL. + * \param E The public exponent. This may be \c NULL. * * \return \c 0 on success. * \return A non-zero error code on failure. @@ -217,16 +223,16 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx, * for the lifetime of the RSA context being set up. * * \param ctx The initialized RSA context to store the parameters in. - * \param N The RSA modulus, or NULL. - * \param N_len The Byte length of \p N, ignored if \p N == NULL. - * \param P The first prime factor of \p N, or NULL. - * \param P_len The Byte length of \p P, ignored if \p P == NULL. - * \param Q The second prime factor of \p N, or NULL. - * \param Q_len The Byte length of \p Q, ignored if \p Q == NULL. - * \param D The private exponent, or NULL. - * \param D_len The Byte length of \p D, ignored if \p D == NULL. - * \param E The public exponent, or NULL. - * \param E_len The Byte length of \p E, ignored if \p E == NULL. + * \param N The RSA modulus. This may be \c NULL. + * \param N_len The Byte length of \p N; it is ignored if \p N == NULL. + * \param P The first prime factor of \p N. This may be \c NULL. + * \param P_len The Byte length of \p P; it ns ignored if \p P == NULL. + * \param Q The second prime factor of \p N. This may be \c NULL. + * \param Q_len The Byte length of \p Q; it is ignored if \p Q == NULL. + * \param D The private exponent. This may be \c NULL. + * \param D_len The Byte length of \p D; it is ignored if \p D == NULL. + * \param E The public exponent. This may be \c NULL. + * \param E_len The Byte length of \p E; it is ignored if \p E == NULL. * * \return \c 0 on success. * \return A non-zero error code on failure. @@ -281,7 +287,7 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ); * zero Bytes. * * Possible reasons for returning - * #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION:<ul> + * #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED:<ul> * <li>An alternative RSA implementation is in use, which * stores the key externally, and either cannot or should * not export it into RAM.</li> @@ -294,14 +300,19 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ); * the RSA context stays intact and remains usable. * * \param ctx The initialized RSA context. - * \param N The MPI to hold the RSA modulus, or NULL. - * \param P The MPI to hold the first prime factor of \p N, or NULL. - * \param Q The MPI to hold the second prime factor of \p N, or NULL. - * \param D The MPI to hold the private exponent, or NULL. - * \param E The MPI to hold the public exponent, or NULL. + * \param N The MPI to hold the RSA modulus. + * This may be \c NULL if this field need not be exported. + * \param P The MPI to hold the first prime factor of \p N. + * This may be \c NULL if this field need not be exported. + * \param Q The MPI to hold the second prime factor of \p N. + * This may be \c NULL if this field need not be exported. + * \param D The MPI to hold the private exponent. + * This may be \c NULL if this field need not be exported. + * \param E The MPI to hold the public exponent. + * This may be \c NULL if this field need not be exported. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION if exporting the + * \return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED if exporting the * requested parameters cannot be done due to missing * functionality or because of security policies. * \return A non-zero return code on any other failure. @@ -321,7 +332,7 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, * zero Bytes. * * Possible reasons for returning - * #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION:<ul> + * #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED:<ul> * <li>An alternative RSA implementation is in use, which * stores the key externally, and either cannot or should * not export it into RAM.</li> @@ -336,21 +347,24 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, * buffer pointers are NULL. * * \param ctx The initialized RSA context. - * \param N The Byte array to store the RSA modulus, or NULL. + * \param N The Byte array to store the RSA modulus, + * or \c NULL if this field need not be exported. * \param N_len The size of the buffer for the modulus. - * \param P The Byte array to hold the first prime factor of \p N, or - * NULL. + * \param P The Byte array to hold the first prime factor of \p N, + * or \c NULL if this field need not be exported. * \param P_len The size of the buffer for the first prime factor. - * \param Q The Byte array to hold the second prime factor of \p N, or - * NULL. + * \param Q The Byte array to hold the second prime factor of \p N, + * or \c NULL if this field need not be exported. * \param Q_len The size of the buffer for the second prime factor. - * \param D The Byte array to hold the private exponent, or NULL. + * \param D The Byte array to hold the private exponent, + * or \c NULL if this field need not be exported. * \param D_len The size of the buffer for the private exponent. - * \param E The Byte array to hold the public exponent, or NULL. + * \param E The Byte array to hold the public exponent, + * or \c NULL if this field need not be exported. * \param E_len The size of the buffer for the public exponent. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION if exporting the + * \return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED if exporting the * requested parameters cannot be done due to missing * functionality or because of security policies. * \return A non-zero return code on any other failure. @@ -370,9 +384,12 @@ int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx, * mbedtls_rsa_deduce_opt(). * * \param ctx The initialized RSA context. - * \param DP The MPI to hold D modulo P-1, or NULL. - * \param DQ The MPI to hold D modulo Q-1, or NULL. - * \param QP The MPI to hold modular inverse of Q modulo P, or NULL. + * \param DP The MPI to hold \c D modulo `P-1`, + * or \c NULL if it need not be exported. + * \param DQ The MPI to hold \c D modulo `Q-1`, + * or \c NULL if it need not be exported. + * \param QP The MPI to hold modular inverse of \c Q modulo \c P, + * or \c NULL if it need not be exported. * * \return \c 0 on success. * \return A non-zero error code on failure. @@ -385,13 +402,13 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, * \brief This function sets padding for an already initialized RSA * context. See mbedtls_rsa_init() for details. * - * \param ctx The RSA context to be set. - * \param padding Selects padding mode: #MBEDTLS_RSA_PKCS_V15 or - * #MBEDTLS_RSA_PKCS_V21. + * \param ctx The initialized RSA context to be configured. + * \param padding The padding mode to use. This must be either + * #MBEDTLS_RSA_PKCS_V15 or #MBEDTLS_RSA_PKCS_V21. * \param hash_id The #MBEDTLS_RSA_PKCS_V21 hash identifier. */ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, - int hash_id); + int hash_id ); /** * \brief This function retrieves the length of RSA modulus in Bytes. @@ -409,11 +426,14 @@ size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ); * \note mbedtls_rsa_init() must be called before this function, * to set up the RSA context. * - * \param ctx The RSA context used to hold the key. - * \param f_rng The RNG function. - * \param p_rng The RNG context. + * \param ctx The initialized RSA context used to hold the key. + * \param f_rng The RNG function to be used for key generation. + * This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. + * This may be \c NULL if \p f_rng doesn't need a context. * \param nbits The size of the public key in bits. - * \param exponent The public exponent. For example, 65537. + * \param exponent The public exponent to use. For example, \c 65537. + * This must be odd and greater than \c 1. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -431,7 +451,7 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, * enough information is present to perform an RSA public key * operation using mbedtls_rsa_public(). * - * \param ctx The RSA context to check. + * \param ctx The initialized RSA context to check. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -470,7 +490,7 @@ int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ); * parameters, which goes beyond what is effectively checkable * by the library.</li></ul> * - * \param ctx The RSA context to check. + * \param ctx The initialized RSA context to check. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -482,8 +502,8 @@ int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ); * * It checks each of the contexts, and makes sure they match. * - * \param pub The RSA context holding the public key. - * \param prv The RSA context holding the private key. + * \param pub The initialized RSA context holding the public key. + * \param prv The initialized RSA context holding the private key. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -494,18 +514,19 @@ int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, /** * \brief This function performs an RSA public key operation. * + * \param ctx The initialized RSA context to use. + * \param input The input buffer. This must be a readable buffer + * of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. + * \param output The output buffer. This must be a writable buffer + * of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. + * * \note This function does not handle message padding. * * \note Make sure to set \p input[0] = 0 or ensure that * input is smaller than \p N. * - * \note The input and output buffers must be large - * enough. For example, 128 Bytes if RSA-1024 is used. - * - * \param ctx The RSA context. - * \param input The input buffer. - * \param output The output buffer. - * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ @@ -516,9 +537,6 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx, /** * \brief This function performs an RSA private key operation. * - * \note The input and output buffers must be large - * enough. For example, 128 Bytes if RSA-1024 is used. - * * \note Blinding is used if and only if a PRNG is provided. * * \note If blinding is used, both the base of exponentation @@ -530,11 +548,18 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx, * Future versions of the library may enforce the presence * of a PRNG. * - * \param ctx The RSA context. - * \param f_rng The RNG function. Needed for blinding. - * \param p_rng The RNG context. - * \param input The input buffer. - * \param output The output buffer. + * \param ctx The initialized RSA context to use. + * \param f_rng The RNG function, used for blinding. It is discouraged + * and deprecated to pass \c NULL here, in which case + * blinding will be omitted. + * \param p_rng The RNG context to pass to \p f_rng. This may be \c NULL + * if \p f_rng is \c NULL or if \p f_rng doesn't need a context. + * \param input The input buffer. This must be a readable buffer + * of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. + * \param output The output buffer. This must be a writable buffer + * of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -553,9 +578,6 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * It is the generic wrapper for performing a PKCS#1 encryption * operation using the \p mode from the context. * - * \note The input and output buffers must be as large as the size - * of \p ctx->N. For example, 128 Bytes if RSA-1024 is used. - * * \deprecated It is deprecated and discouraged to call this function * in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library * are likely to remove the \p mode argument and have it @@ -563,16 +585,26 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PRIVATE and might instead - * return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION. - * - * \param ctx The RSA context. - * \param f_rng The RNG function. Needed for padding, PKCS#1 v2.1 - * encoding, and #MBEDTLS_RSA_PRIVATE. - * \param p_rng The RNG context. - * \param mode #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. - * \param ilen The length of the plaintext. - * \param input The buffer holding the data to encrypt. - * \param output The buffer used to hold the ciphertext. + * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. + * + * \param ctx The initialized RSA context to use. + * \param f_rng The RNG to use. It is mandatory for PKCS#1 v2.1 padding + * encoding, and for PKCS#1 v1.5 padding encoding when used + * with \p mode set to #MBEDTLS_RSA_PUBLIC. For PKCS#1 v1.5 + * padding encoding and \p mode set to #MBEDTLS_RSA_PRIVATE, + * it is used for blinding and should be provided in this + * case; see mbedtls_rsa_private() for more. + * \param p_rng The RNG context to be passed to \p f_rng. May be + * \c NULL if \p f_rng is \c NULL or if \p f_rng doesn't + * need a context argument. + * \param mode The mode of operation. This must be either + * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). + * \param ilen The length of the plaintext in Bytes. + * \param input The input data to encrypt. This must be a readable + * buffer of size \p ilen Bytes. This must not be \c NULL. + * \param output The output buffer. This must be a writable buffer + * of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -588,9 +620,6 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, * \brief This function performs a PKCS#1 v1.5 encryption operation * (RSAES-PKCS1-v1_5-ENCRYPT). * - * \note The output buffer must be as large as the size - * of \p ctx->N. For example, 128 Bytes if RSA-1024 is used. - * * \deprecated It is deprecated and discouraged to call this function * in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library * are likely to remove the \p mode argument and have it @@ -598,16 +627,24 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PRIVATE and might instead - * return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION. - * - * \param ctx The RSA context. - * \param f_rng The RNG function. Needed for padding and - * #MBEDTLS_RSA_PRIVATE. - * \param p_rng The RNG context. - * \param mode #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. - * \param ilen The length of the plaintext. - * \param input The buffer holding the data to encrypt. - * \param output The buffer used to hold the ciphertext. + * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. + * + * \param ctx The initialized RSA context to use. + * \param f_rng The RNG function to use. It is needed for padding generation + * if \p mode is #MBEDTLS_RSA_PUBLIC. If \p mode is + * #MBEDTLS_RSA_PRIVATE (discouraged), it is used for + * blinding and should be provided; see mbedtls_rsa_private(). + * \param p_rng The RNG context to be passed to \p f_rng. This may + * be \c NULL if \p f_rng is \c NULL or if \p f_rng + * doesn't need a context argument. + * \param mode The mode of operation. This must be either + * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). + * \param ilen The length of the plaintext in Bytes. + * \param input The input data to encrypt. This must be a readable + * buffer of size \p ilen Bytes. This must not be \c NULL. + * \param output The output buffer. This must be a writable buffer + * of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -633,18 +670,25 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PRIVATE and might instead - * return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION. - * - * \param ctx The RSA context. - * \param f_rng The RNG function. Needed for padding and PKCS#1 v2.1 - * encoding and #MBEDTLS_RSA_PRIVATE. - * \param p_rng The RNG context. - * \param mode #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. + * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. + * + * \param ctx The initnialized RSA context to use. + * \param f_rng The RNG function to use. This is needed for padding + * generation and must be provided. + * \param p_rng The RNG context to be passed to \p f_rng. This may + * be \c NULL if \p f_rng doesn't need a context argument. + * \param mode The mode of operation. This must be either + * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param label The buffer holding the custom label to use. - * \param label_len The length of the label. - * \param ilen The length of the plaintext. - * \param input The buffer holding the data to encrypt. - * \param output The buffer used to hold the ciphertext. + * This must be a readable buffer of length \p label_len + * Bytes. It may be \c NULL if \p label_len is \c 0. + * \param label_len The length of the label in Bytes. + * \param ilen The length of the plaintext buffer \p input in Bytes. + * \param input The input data to encrypt. This must be a readable + * buffer of size \p ilen Bytes. This must not be \c NULL. + * \param output The output buffer. This must be a writable buffer + * of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -672,9 +716,6 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, * hold the decryption of the particular ciphertext provided, * the function returns \c MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE. * - * \note The input buffer must be as large as the size - * of \p ctx->N. For example, 128 Bytes if RSA-1024 is used. - * * \deprecated It is deprecated and discouraged to call this function * in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library * are likely to remove the \p mode argument and have it @@ -682,16 +723,25 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PUBLIC and might instead - * return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION. - * - * \param ctx The RSA context. - * \param f_rng The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE. - * \param p_rng The RNG context. - * \param mode #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. - * \param olen The length of the plaintext. - * \param input The buffer holding the encrypted data. - * \param output The buffer used to hold the plaintext. - * \param output_max_len The maximum length of the output buffer. + * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. + * + * \param ctx The initialized RSA context to use. + * \param f_rng The RNG function. If \p mode is #MBEDTLS_RSA_PRIVATE, + * this is used for blinding and should be provided; see + * mbedtls_rsa_private() for more. If \p mode is + * #MBEDTLS_RSA_PUBLIC, it is ignored. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng is \c NULL or doesn't need a context. + * \param mode The mode of operation. This must be either + * #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated). + * \param olen The address at which to store the length of + * the plaintext. This must not be \c NULL. + * \param input The ciphertext buffer. This must be a readable buffer + * of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. + * \param output The buffer used to hold the plaintext. This must + * be a writable buffer of length \p output_max_len Bytes. + * \param output_max_len The length in Bytes of the output buffer \p output. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -715,9 +765,6 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, * hold the decryption of the particular ciphertext provided, * the function returns #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE. * - * \note The input buffer must be as large as the size - * of \p ctx->N. For example, 128 Bytes if RSA-1024 is used. - * * \deprecated It is deprecated and discouraged to call this function * in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library * are likely to remove the \p mode argument and have it @@ -725,16 +772,25 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PUBLIC and might instead - * return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION. - * - * \param ctx The RSA context. - * \param f_rng The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE. - * \param p_rng The RNG context. - * \param mode #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. - * \param olen The length of the plaintext. - * \param input The buffer holding the encrypted data. - * \param output The buffer to hold the plaintext. - * \param output_max_len The maximum length of the output buffer. + * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. + * + * \param ctx The initialized RSA context to use. + * \param f_rng The RNG function. If \p mode is #MBEDTLS_RSA_PRIVATE, + * this is used for blinding and should be provided; see + * mbedtls_rsa_private() for more. If \p mode is + * #MBEDTLS_RSA_PUBLIC, it is ignored. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng is \c NULL or doesn't need a context. + * \param mode The mode of operation. This must be either + * #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated). + * \param olen The address at which to store the length of + * the plaintext. This must not be \c NULL. + * \param input The ciphertext buffer. This must be a readable buffer + * of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. + * \param output The buffer used to hold the plaintext. This must + * be a writable buffer of length \p output_max_len Bytes. + * \param output_max_len The length in Bytes of the output buffer \p output. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -760,9 +816,6 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, * ciphertext provided, the function returns * #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE. * - * \note The input buffer must be as large as the size - * of \p ctx->N. For example, 128 Bytes if RSA-1024 is used. - * * \deprecated It is deprecated and discouraged to call this function * in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library * are likely to remove the \p mode argument and have it @@ -770,18 +823,29 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PUBLIC and might instead - * return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION. - * - * \param ctx The RSA context. - * \param f_rng The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE. - * \param p_rng The RNG context. - * \param mode #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. + * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. + * + * \param ctx The initialized RSA context to use. + * \param f_rng The RNG function. If \p mode is #MBEDTLS_RSA_PRIVATE, + * this is used for blinding and should be provided; see + * mbedtls_rsa_private() for more. If \p mode is + * #MBEDTLS_RSA_PUBLIC, it is ignored. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng is \c NULL or doesn't need a context. + * \param mode The mode of operation. This must be either + * #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated). * \param label The buffer holding the custom label to use. - * \param label_len The length of the label. - * \param olen The length of the plaintext. - * \param input The buffer holding the encrypted data. - * \param output The buffer to hold the plaintext. - * \param output_max_len The maximum length of the output buffer. + * This must be a readable buffer of length \p label_len + * Bytes. It may be \c NULL if \p label_len is \c 0. + * \param label_len The length of the label in Bytes. + * \param olen The address at which to store the length of + * the plaintext. This must not be \c NULL. + * \param input The ciphertext buffer. This must be a readable buffer + * of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. + * \param output The buffer used to hold the plaintext. This must + * be a writable buffer of length \p output_max_len Bytes. + * \param output_max_len The length in Bytes of the output buffer \p output. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -817,18 +881,30 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PUBLIC and might instead - * return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION. - * - * \param ctx The RSA context. - * \param f_rng The RNG function. Needed for PKCS#1 v2.1 encoding and for - * #MBEDTLS_RSA_PRIVATE. - * \param p_rng The RNG context. - * \param mode #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. + * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. + * + * \param ctx The initialized RSA context to use. + * \param f_rng The RNG function to use. If the padding mode is PKCS#1 v2.1, + * this must be provided. If the padding mode is PKCS#1 v1.5 and + * \p mode is #MBEDTLS_RSA_PRIVATE, it is used for blinding + * and should be provided; see mbedtls_rsa_private() for more + * more. It is ignored otherwise. + * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL + * if \p f_rng is \c NULL or doesn't need a context argument. + * \param mode The mode of operation. This must be either + * #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. Only used if \p md_alg is #MBEDTLS_MD_NONE. - * \param hash The buffer holding the message digest. - * \param sig The buffer to hold the ciphertext. + * \param hashlen The length of the message digest. + * Ths is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hash The buffer holding the message digest or raw data. + * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable + * buffer of length \p hashlen Bytes. If \p md_alg is not + * #MBEDTLS_MD_NONE, it must be a readable buffer of length + * the size of the hash corresponding to \p md_alg. + * \param sig The buffer to hold the signature. This must be a writable + * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. * * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -846,9 +922,6 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, * \brief This function performs a PKCS#1 v1.5 signature * operation (RSASSA-PKCS1-v1_5-SIGN). * - * \note The \p sig buffer must be as large as the size - * of \p ctx->N. For example, 128 Bytes if RSA-1024 is used. - * * \deprecated It is deprecated and discouraged to call this function * in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library * are likely to remove the \p mode argument and have it @@ -856,17 +929,29 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PUBLIC and might instead - * return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION. - * - * \param ctx The RSA context. - * \param f_rng The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE. - * \param p_rng The RNG context. - * \param mode #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. + * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. + * + * \param ctx The initialized RSA context to use. + * \param f_rng The RNG function. If \p mode is #MBEDTLS_RSA_PRIVATE, + * this is used for blinding and should be provided; see + * mbedtls_rsa_private() for more. If \p mode is + * #MBEDTLS_RSA_PUBLIC, it is ignored. + * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL + * if \p f_rng is \c NULL or doesn't need a context argument. + * \param mode The mode of operation. This must be either + * #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. Only used if \p md_alg is #MBEDTLS_MD_NONE. - * \param hash The buffer holding the message digest. - * \param sig The buffer to hold the ciphertext. + * \param hashlen The length of the message digest. + * Ths is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hash The buffer holding the message digest or raw data. + * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable + * buffer of length \p hashlen Bytes. If \p md_alg is not + * #MBEDTLS_MD_NONE, it must be a readable buffer of length + * the size of the hash corresponding to \p md_alg. + * \param sig The buffer to hold the signature. This must be a writable + * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. * * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -884,9 +969,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, * \brief This function performs a PKCS#1 v2.1 PSS signature * operation (RSASSA-PSS-SIGN). * - * \note The \p sig buffer must be as large as the size - * of \p ctx->N. For example, 128 Bytes if RSA-1024 is used. - * * \note The \p hash_id in the RSA context is the one used for the * encoding. \p md_alg in the function call is the type of hash * that is encoded. According to <em>RFC-3447: Public-Key @@ -894,6 +976,16 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, * Specifications</em> it is advised to keep both hashes the * same. * + * \note This function always uses the maximum possible salt size, + * up to the length of the payload hash. This choice of salt + * size complies with FIPS 186-4 §5.5 (e) and RFC 8017 (PKCS#1 + * v2.2) §9.1.1 step 3. Furthermore this function enforces a + * minimum salt size which is the hash size minus 2 bytes. If + * this minimum size is too large given the key size (the salt + * size, plus the hash size, plus 2 bytes must be no more than + * the key size in bytes), this function returns + * #MBEDTLS_ERR_RSA_BAD_INPUT_DATA. + * * \deprecated It is deprecated and discouraged to call this function * in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library * are likely to remove the \p mode argument and have it @@ -901,18 +993,26 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PUBLIC and might instead - * return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION. - * - * \param ctx The RSA context. - * \param f_rng The RNG function. Needed for PKCS#1 v2.1 encoding and for - * #MBEDTLS_RSA_PRIVATE. - * \param p_rng The RNG context. - * \param mode #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. + * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. + * + * \param ctx The initialized RSA context to use. + * \param f_rng The RNG function. It must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL + * if \p f_rng doesn't need a context argument. + * \param mode The mode of operation. This must be either + * #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. Only used if \p md_alg is #MBEDTLS_MD_NONE. - * \param hash The buffer holding the message digest. - * \param sig The buffer to hold the ciphertext. + * \param hashlen The length of the message digest. + * Ths is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hash The buffer holding the message digest or raw data. + * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable + * buffer of length \p hashlen Bytes. If \p md_alg is not + * #MBEDTLS_MD_NONE, it must be a readable buffer of length + * the size of the hash corresponding to \p md_alg. + * \param sig The buffer to hold the signature. This must be a writable + * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. * * \return \c 0 if the signing operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -933,9 +1033,6 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * This is the generic wrapper for performing a PKCS#1 * verification using the mode from the context. * - * \note The \p sig buffer must be as large as the size - * of \p ctx->N. For example, 128 Bytes if RSA-1024 is used. - * * \note For PKCS#1 v2.1 encoding, see comments on * mbedtls_rsa_rsassa_pss_verify() about \p md_alg and * \p hash_id. @@ -947,17 +1044,28 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PRIVATE and might instead - * return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION. - * - * \param ctx The RSA public key context. - * \param f_rng The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE. - * \param p_rng The RNG context. - * \param mode #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. + * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. + * + * \param ctx The initialized RSA public key context to use. + * \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE, + * this is used for blinding and should be provided; see + * mbedtls_rsa_private() for more. Otherwise, it is ignored. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng is \c NULL or doesn't need a context. + * \param mode The mode of operation. This must be either + * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. Only used if \p md_alg is #MBEDTLS_MD_NONE. - * \param hash The buffer holding the message digest. - * \param sig The buffer holding the ciphertext. + * \param hashlen The length of the message digest. + * This is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hash The buffer holding the message digest or raw data. + * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable + * buffer of length \p hashlen Bytes. If \p md_alg is not + * #MBEDTLS_MD_NONE, it must be a readable buffer of length + * the size of the hash corresponding to \p md_alg. + * \param sig The buffer holding the signature. This must be a readable + * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. * * \return \c 0 if the verify operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -975,9 +1083,6 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, * \brief This function performs a PKCS#1 v1.5 verification * operation (RSASSA-PKCS1-v1_5-VERIFY). * - * \note The \p sig buffer must be as large as the size - * of \p ctx->N. For example, 128 Bytes if RSA-1024 is used. - * * \deprecated It is deprecated and discouraged to call this function * in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library * are likely to remove the \p mode argument and have it @@ -985,17 +1090,28 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PRIVATE and might instead - * return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION. - * - * \param ctx The RSA public key context. - * \param f_rng The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE. - * \param p_rng The RNG context. - * \param mode #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. + * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. + * + * \param ctx The initialized RSA public key context to use. + * \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE, + * this is used for blinding and should be provided; see + * mbedtls_rsa_private() for more. Otherwise, it is ignored. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng is \c NULL or doesn't need a context. + * \param mode The mode of operation. This must be either + * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. Only used if \p md_alg is #MBEDTLS_MD_NONE. - * \param hash The buffer holding the message digest. - * \param sig The buffer holding the ciphertext. + * \param hashlen The length of the message digest. + * This is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hash The buffer holding the message digest or raw data. + * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable + * buffer of length \p hashlen Bytes. If \p md_alg is not + * #MBEDTLS_MD_NONE, it must be a readable buffer of length + * the size of the hash corresponding to \p md_alg. + * \param sig The buffer holding the signature. This must be a readable + * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. * * \return \c 0 if the verify operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -1016,9 +1132,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * The hash function for the MGF mask generating function * is that specified in the RSA context. * - * \note The \p sig buffer must be as large as the size - * of \p ctx->N. For example, 128 Bytes if RSA-1024 is used. - * * \note The \p hash_id in the RSA context is the one used for the * verification. \p md_alg in the function call is the type of * hash that is verified. According to <em>RFC-3447: Public-Key @@ -1034,17 +1147,28 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PRIVATE and might instead - * return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION. - * - * \param ctx The RSA public key context. - * \param f_rng The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE. - * \param p_rng The RNG context. - * \param mode #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. + * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. + * + * \param ctx The initialized RSA public key context to use. + * \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE, + * this is used for blinding and should be provided; see + * mbedtls_rsa_private() for more. Otherwise, it is ignored. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng is \c NULL or doesn't need a context. + * \param mode The mode of operation. This must be either + * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. Only used if \p md_alg is #MBEDTLS_MD_NONE. - * \param hash The buffer holding the message digest. - * \param sig The buffer holding the ciphertext. + * \param hashlen The length of the message digest. + * This is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hash The buffer holding the message digest or raw data. + * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable + * buffer of length \p hashlen Bytes. If \p md_alg is not + * #MBEDTLS_MD_NONE, it must be a readable buffer of length + * the size of the hash corresponding to \p md_alg. + * \param sig The buffer holding the signature. This must be a readable + * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. * * \return \c 0 if the verify operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -1070,19 +1194,29 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, * * \note The \p hash_id in the RSA context is ignored. * - * \param ctx The RSA public key context. - * \param f_rng The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE. - * \param p_rng The RNG context. - * \param mode #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. + * \param ctx The initialized RSA public key context to use. + * \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE, + * this is used for blinding and should be provided; see + * mbedtls_rsa_private() for more. Otherwise, it is ignored. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng is \c NULL or doesn't need a context. + * \param mode The mode of operation. This must be either + * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. - * \param hashlen The length of the message digest. Only used if \p md_alg is - * #MBEDTLS_MD_NONE. - * \param hash The buffer holding the message digest. - * \param mgf1_hash_id The message digest used for mask generation. - * \param expected_salt_len The length of the salt used in padding. Use - * #MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length. - * \param sig The buffer holding the ciphertext. + * \param hashlen The length of the message digest. + * This is only used if \p md_alg is #MBEDTLS_MD_NONE. + * \param hash The buffer holding the message digest or raw data. + * If \p md_alg is #MBEDTLS_MD_NONE, this must be a readable + * buffer of length \p hashlen Bytes. If \p md_alg is not + * #MBEDTLS_MD_NONE, it must be a readable buffer of length + * the size of the hash corresponding to \p md_alg. + * \param mgf1_hash_id The message digest used for mask generation. + * \param expected_salt_len The length of the salt used in padding. Use + * #MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length. + * \param sig The buffer holding the signature. This must be a readable + * buffer of length \c ctx->len Bytes. For example, \c 256 Bytes + * for an 2048-bit RSA modulus. * * \return \c 0 if the verify operation was successful. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -1101,8 +1235,8 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, /** * \brief This function copies the components of an RSA context. * - * \param dst The destination context. - * \param src The source context. + * \param dst The destination context. This must be initialized. + * \param src The source context. This must be initialized. * * \return \c 0 on success. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure. @@ -1112,7 +1246,9 @@ int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ) /** * \brief This function frees the components of an RSA key. * - * \param ctx The RSA Context to free. + * \param ctx The RSA context to free. May be \c NULL, in which case + * this function is a no-op. If it is not \c NULL, it must + * point to an initialized RSA context. */ void mbedtls_rsa_free( mbedtls_rsa_context *ctx ); diff --git a/thirdparty/mbedtls/include/mbedtls/sha1.h b/thirdparty/mbedtls/include/mbedtls/sha1.h index 65a124c94b..38ea10b137 100644 --- a/thirdparty/mbedtls/include/mbedtls/sha1.h +++ b/thirdparty/mbedtls/include/mbedtls/sha1.h @@ -40,7 +40,9 @@ #include <stddef.h> #include <stdint.h> +/* MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED -0x0035 /**< SHA-1 hardware accelerator failed */ +#define MBEDTLS_ERR_SHA1_BAD_INPUT_DATA -0x0073 /**< SHA-1 input data was malformed. */ #ifdef __cplusplus extern "C" { @@ -58,7 +60,7 @@ extern "C" { * stronger message digests instead. * */ -typedef struct +typedef struct mbedtls_sha1_context { uint32_t total[2]; /*!< The number of Bytes processed. */ uint32_t state[5]; /*!< The intermediate digest state. */ @@ -78,6 +80,7 @@ mbedtls_sha1_context; * stronger message digests instead. * * \param ctx The SHA-1 context to initialize. + * This must not be \c NULL. * */ void mbedtls_sha1_init( mbedtls_sha1_context *ctx ); @@ -89,7 +92,10 @@ void mbedtls_sha1_init( mbedtls_sha1_context *ctx ); * constitutes a security risk. We recommend considering * stronger message digests instead. * - * \param ctx The SHA-1 context to clear. + * \param ctx The SHA-1 context to clear. This may be \c NULL, + * in which case this function does nothing. If it is + * not \c NULL, it must point to an initialized + * SHA-1 context. * */ void mbedtls_sha1_free( mbedtls_sha1_context *ctx ); @@ -101,8 +107,8 @@ void mbedtls_sha1_free( mbedtls_sha1_context *ctx ); * constitutes a security risk. We recommend considering * stronger message digests instead. * - * \param dst The SHA-1 context to clone to. - * \param src The SHA-1 context to clone from. + * \param dst The SHA-1 context to clone to. This must be initialized. + * \param src The SHA-1 context to clone from. This must be initialized. * */ void mbedtls_sha1_clone( mbedtls_sha1_context *dst, @@ -115,9 +121,10 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst, * constitutes a security risk. We recommend considering * stronger message digests instead. * - * \param ctx The SHA-1 context to initialize. + * \param ctx The SHA-1 context to initialize. This must be initialized. * * \return \c 0 on success. + * \return A negative error code on failure. * */ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ); @@ -130,11 +137,14 @@ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ); * constitutes a security risk. We recommend considering * stronger message digests instead. * - * \param ctx The SHA-1 context. + * \param ctx The SHA-1 context. This must be initialized + * and have a hash operation started. * \param input The buffer holding the input data. - * \param ilen The length of the input data. + * This must be a readable buffer of length \p ilen Bytes. + * \param ilen The length of the input data \p input in Bytes. * * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, const unsigned char *input, @@ -148,10 +158,13 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, * constitutes a security risk. We recommend considering * stronger message digests instead. * - * \param ctx The SHA-1 context. - * \param output The SHA-1 checksum result. + * \param ctx The SHA-1 context to use. This must be initialized and + * have a hash operation started. + * \param output The SHA-1 checksum result. This must be a writable + * buffer of length \c 20 Bytes. * * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, unsigned char output[20] ); @@ -163,10 +176,12 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, * constitutes a security risk. We recommend considering * stronger message digests instead. * - * \param ctx The SHA-1 context. - * \param data The data block being processed. + * \param ctx The SHA-1 context to use. This must be initialized. + * \param data The data block being processed. This must be a + * readable buffer of length \c 64 Bytes. * * \return \c 0 on success. + * \return A negative error code on failure. * */ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, @@ -187,7 +202,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, * * \deprecated Superseded by mbedtls_sha1_starts_ret() in 2.7.0. * - * \param ctx The SHA-1 context to initialize. + * \param ctx The SHA-1 context to initialize. This must be initialized. * */ MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ); @@ -202,9 +217,11 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx ); * * \deprecated Superseded by mbedtls_sha1_update_ret() in 2.7.0. * - * \param ctx The SHA-1 context. + * \param ctx The SHA-1 context. This must be initialized and + * have a hash operation started. * \param input The buffer holding the input data. - * \param ilen The length of the input data. + * This must be a readable buffer of length \p ilen Bytes. + * \param ilen The length of the input data \p input in Bytes. * */ MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx, @@ -221,9 +238,10 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx, * * \deprecated Superseded by mbedtls_sha1_finish_ret() in 2.7.0. * - * \param ctx The SHA-1 context. + * \param ctx The SHA-1 context. This must be initialized and + * have a hash operation started. * \param output The SHA-1 checksum result. - * + * This must be a writable buffer of length \c 20 Bytes. */ MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] ); @@ -237,8 +255,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, * * \deprecated Superseded by mbedtls_internal_sha1_process() in 2.7.0. * - * \param ctx The SHA-1 context. + * \param ctx The SHA-1 context. This must be initialized. * \param data The data block being processed. + * This must be a readable buffer of length \c 64 bytes. * */ MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx, @@ -261,10 +280,13 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx, * stronger message digests instead. * * \param input The buffer holding the input data. - * \param ilen The length of the input data. + * This must be a readable buffer of length \p ilen Bytes. + * \param ilen The length of the input data \p input in Bytes. * \param output The SHA-1 checksum result. + * This must be a writable buffer of length \c 20 Bytes. * * \return \c 0 on success. + * \return A negative error code on failure. * */ int mbedtls_sha1_ret( const unsigned char *input, @@ -293,8 +315,10 @@ int mbedtls_sha1_ret( const unsigned char *input, * \deprecated Superseded by mbedtls_sha1_ret() in 2.7.0 * * \param input The buffer holding the input data. - * \param ilen The length of the input data. - * \param output The SHA-1 checksum result. + * This must be a readable buffer of length \p ilen Bytes. + * \param ilen The length of the input data \p input in Bytes. + * \param output The SHA-1 checksum result. This must be a writable + * buffer of size \c 20 Bytes. * */ MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input, diff --git a/thirdparty/mbedtls/include/mbedtls/sha256.h b/thirdparty/mbedtls/include/mbedtls/sha256.h index adf31a82ed..0e42f0abba 100644 --- a/thirdparty/mbedtls/include/mbedtls/sha256.h +++ b/thirdparty/mbedtls/include/mbedtls/sha256.h @@ -36,7 +36,9 @@ #include <stddef.h> #include <stdint.h> +/* MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED -0x0037 /**< SHA-256 hardware accelerator failed */ +#define MBEDTLS_ERR_SHA256_BAD_INPUT_DATA -0x0074 /**< SHA-256 input data was malformed. */ #ifdef __cplusplus extern "C" { @@ -53,7 +55,7 @@ extern "C" { * checksum calculations. The choice between these two is * made in the call to mbedtls_sha256_starts_ret(). */ -typedef struct +typedef struct mbedtls_sha256_context { uint32_t total[2]; /*!< The number of Bytes processed. */ uint32_t state[8]; /*!< The intermediate digest state. */ @@ -70,22 +72,24 @@ mbedtls_sha256_context; /** * \brief This function initializes a SHA-256 context. * - * \param ctx The SHA-256 context to initialize. + * \param ctx The SHA-256 context to initialize. This must not be \c NULL. */ void mbedtls_sha256_init( mbedtls_sha256_context *ctx ); /** * \brief This function clears a SHA-256 context. * - * \param ctx The SHA-256 context to clear. + * \param ctx The SHA-256 context to clear. This may be \c NULL, in which + * case this function returns immediately. If it is not \c NULL, + * it must point to an initialized SHA-256 context. */ void mbedtls_sha256_free( mbedtls_sha256_context *ctx ); /** * \brief This function clones the state of a SHA-256 context. * - * \param dst The destination context. - * \param src The context to clone. + * \param dst The destination context. This must be initialized. + * \param src The context to clone. This must be initialized. */ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, const mbedtls_sha256_context *src ); @@ -94,11 +98,12 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, * \brief This function starts a SHA-224 or SHA-256 checksum * calculation. * - * \param ctx The context to initialize. - * \param is224 Determines which function to use: - * 0: Use SHA-256, or 1: Use SHA-224. + * \param ctx The context to use. This must be initialized. + * \param is224 This determines which function to use. This must be + * either \c 0 for SHA-256, or \c 1 for SHA-224. * * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ); @@ -106,11 +111,14 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ); * \brief This function feeds an input buffer into an ongoing * SHA-256 checksum calculation. * - * \param ctx The SHA-256 context. - * \param input The buffer holding the data. - * \param ilen The length of the input data. + * \param ctx The SHA-256 context. This must be initialized + * and have a hash operation started. + * \param input The buffer holding the data. This must be a readable + * buffer of length \p ilen Bytes. + * \param ilen The length of the input data in Bytes. * * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, const unsigned char *input, @@ -120,10 +128,13 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, * \brief This function finishes the SHA-256 operation, and writes * the result to the output buffer. * - * \param ctx The SHA-256 context. + * \param ctx The SHA-256 context. This must be initialized + * and have a hash operation started. * \param output The SHA-224 or SHA-256 checksum result. + * This must be a writable buffer of length \c 32 Bytes. * * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, unsigned char output[32] ); @@ -133,10 +144,12 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, * the ongoing SHA-256 computation. This function is for * internal use only. * - * \param ctx The SHA-256 context. - * \param data The buffer holding one block of data. + * \param ctx The SHA-256 context. This must be initialized. + * \param data The buffer holding one block of data. This must + * be a readable buffer of length \c 64 Bytes. * * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ); @@ -151,12 +164,11 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, * \brief This function starts a SHA-224 or SHA-256 checksum * calculation. * - * * \deprecated Superseded by mbedtls_sha256_starts_ret() in 2.7.0. * - * \param ctx The context to initialize. - * \param is224 Determines which function to use: - * 0: Use SHA-256, or 1: Use SHA-224. + * \param ctx The context to use. This must be initialized. + * \param is224 Determines which function to use. This must be + * either \c 0 for SHA-256, or \c 1 for SHA-224. */ MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 ); @@ -167,9 +179,11 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, * * \deprecated Superseded by mbedtls_sha256_update_ret() in 2.7.0. * - * \param ctx The SHA-256 context to initialize. - * \param input The buffer holding the data. - * \param ilen The length of the input data. + * \param ctx The SHA-256 context to use. This must be + * initialized and have a hash operation started. + * \param input The buffer holding the data. This must be a readable + * buffer of length \p ilen Bytes. + * \param ilen The length of the input data in Bytes. */ MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input, @@ -181,8 +195,10 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx, * * \deprecated Superseded by mbedtls_sha256_finish_ret() in 2.7.0. * - * \param ctx The SHA-256 context. - * \param output The SHA-224 or SHA-256 checksum result. + * \param ctx The SHA-256 context. This must be initialized and + * have a hash operation started. + * \param output The SHA-224 or SHA-256 checksum result. This must be + * a writable buffer of length \c 32 Bytes. */ MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] ); @@ -194,8 +210,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, * * \deprecated Superseded by mbedtls_internal_sha256_process() in 2.7.0. * - * \param ctx The SHA-256 context. - * \param data The buffer holding one block of data. + * \param ctx The SHA-256 context. This must be initialized. + * \param data The buffer holding one block of data. This must be + * a readable buffer of size \c 64 Bytes. */ MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] ); @@ -213,11 +230,13 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx, * The SHA-256 result is calculated as * output = SHA-256(input buffer). * - * \param input The buffer holding the input data. - * \param ilen The length of the input data. - * \param output The SHA-224 or SHA-256 checksum result. - * \param is224 Determines which function to use: - * 0: Use SHA-256, or 1: Use SHA-224. + * \param input The buffer holding the data. This must be a readable + * buffer of length \p ilen Bytes. + * \param ilen The length of the input data in Bytes. + * \param output The SHA-224 or SHA-256 checksum result. This must + * be a writable buffer of length \c 32 Bytes. + * \param is224 Determines which function to use. This must be + * either \c 0 for SHA-256, or \c 1 for SHA-224. */ int mbedtls_sha256_ret( const unsigned char *input, size_t ilen, @@ -243,11 +262,13 @@ int mbedtls_sha256_ret( const unsigned char *input, * * \deprecated Superseded by mbedtls_sha256_ret() in 2.7.0. * - * \param input The buffer holding the data. - * \param ilen The length of the input data. - * \param output The SHA-224 or SHA-256 checksum result. - * \param is224 Determines which function to use: - * 0: Use SHA-256, or 1: Use SHA-224. + * \param input The buffer holding the data. This must be a readable + * buffer of length \p ilen Bytes. + * \param ilen The length of the input data in Bytes. + * \param output The SHA-224 or SHA-256 checksum result. This must be + * a writable buffer of length \c 32 Bytes. + * \param is224 Determines which function to use. This must be either + * \c 0 for SHA-256, or \c 1 for SHA-224. */ MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input, size_t ilen, diff --git a/thirdparty/mbedtls/include/mbedtls/sha512.h b/thirdparty/mbedtls/include/mbedtls/sha512.h index 5bb83f43bd..7b26cf5cc3 100644 --- a/thirdparty/mbedtls/include/mbedtls/sha512.h +++ b/thirdparty/mbedtls/include/mbedtls/sha512.h @@ -35,7 +35,9 @@ #include <stddef.h> #include <stdint.h> +/* MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED -0x0039 /**< SHA-512 hardware accelerator failed */ +#define MBEDTLS_ERR_SHA512_BAD_INPUT_DATA -0x0075 /**< SHA-512 input data was malformed. */ #ifdef __cplusplus extern "C" { @@ -52,7 +54,7 @@ extern "C" { * checksum calculations. The choice between these two is * made in the call to mbedtls_sha512_starts_ret(). */ -typedef struct +typedef struct mbedtls_sha512_context { uint64_t total[2]; /*!< The number of Bytes processed. */ uint64_t state[8]; /*!< The intermediate digest state. */ @@ -69,22 +71,26 @@ mbedtls_sha512_context; /** * \brief This function initializes a SHA-512 context. * - * \param ctx The SHA-512 context to initialize. + * \param ctx The SHA-512 context to initialize. This must + * not be \c NULL. */ void mbedtls_sha512_init( mbedtls_sha512_context *ctx ); /** * \brief This function clears a SHA-512 context. * - * \param ctx The SHA-512 context to clear. + * \param ctx The SHA-512 context to clear. This may be \c NULL, + * in which case this function does nothing. If it + * is not \c NULL, it must point to an initialized + * SHA-512 context. */ void mbedtls_sha512_free( mbedtls_sha512_context *ctx ); /** * \brief This function clones the state of a SHA-512 context. * - * \param dst The destination context. - * \param src The context to clone. + * \param dst The destination context. This must be initialized. + * \param src The context to clone. This must be initialized. */ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, const mbedtls_sha512_context *src ); @@ -93,11 +99,12 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, * \brief This function starts a SHA-384 or SHA-512 checksum * calculation. * - * \param ctx The SHA-512 context to initialize. - * \param is384 Determines which function to use: - * 0: Use SHA-512, or 1: Use SHA-384. + * \param ctx The SHA-512 context to use. This must be initialized. + * \param is384 Determines which function to use. This must be + * either \c for SHA-512, or \c 1 for SHA-384. * * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ); @@ -105,11 +112,14 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ); * \brief This function feeds an input buffer into an ongoing * SHA-512 checksum calculation. * - * \param ctx The SHA-512 context. - * \param input The buffer holding the input data. - * \param ilen The length of the input data. + * \param ctx The SHA-512 context. This must be initialized + * and have a hash operation started. + * \param input The buffer holding the input data. This must + * be a readable buffer of length \p ilen Bytes. + * \param ilen The length of the input data in Bytes. * * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, const unsigned char *input, @@ -120,10 +130,13 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, * the result to the output buffer. This function is for * internal use only. * - * \param ctx The SHA-512 context. + * \param ctx The SHA-512 context. This must be initialized + * and have a hash operation started. * \param output The SHA-384 or SHA-512 checksum result. + * This must be a writable buffer of length \c 64 Bytes. * * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, unsigned char output[64] ); @@ -132,10 +145,12 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, * \brief This function processes a single data block within * the ongoing SHA-512 computation. * - * \param ctx The SHA-512 context. - * \param data The buffer holding one block of data. + * \param ctx The SHA-512 context. This must be initialized. + * \param data The buffer holding one block of data. This + * must be a readable buffer of length \c 128 Bytes. * * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] ); @@ -151,9 +166,9 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * * \deprecated Superseded by mbedtls_sha512_starts_ret() in 2.7.0 * - * \param ctx The SHA-512 context to initialize. - * \param is384 Determines which function to use: - * 0: Use SHA-512, or 1: Use SHA-384. + * \param ctx The SHA-512 context to use. This must be initialized. + * \param is384 Determines which function to use. This must be either + * \c 0 for SHA-512 or \c 1 for SHA-384. */ MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 ); @@ -164,9 +179,11 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, * * \deprecated Superseded by mbedtls_sha512_update_ret() in 2.7.0. * - * \param ctx The SHA-512 context. - * \param input The buffer holding the data. - * \param ilen The length of the input data. + * \param ctx The SHA-512 context. This must be initialized + * and have a hash operation started. + * \param input The buffer holding the data. This must be a readable + * buffer of length \p ilen Bytes. + * \param ilen The length of the input data in Bytes. */ MBEDTLS_DEPRECATED void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input, @@ -178,8 +195,10 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_update( mbedtls_sha512_context *ctx, * * \deprecated Superseded by mbedtls_sha512_finish_ret() in 2.7.0. * - * \param ctx The SHA-512 context. - * \param output The SHA-384 or SHA-512 checksum result. + * \param ctx The SHA-512 context. This must be initialized + * and have a hash operation started. + * \param output The SHA-384 or SHA-512 checksum result. This must + * be a writable buffer of size \c 64 Bytes. */ MBEDTLS_DEPRECATED void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] ); @@ -191,8 +210,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, * * \deprecated Superseded by mbedtls_internal_sha512_process() in 2.7.0. * - * \param ctx The SHA-512 context. - * \param data The buffer holding one block of data. + * \param ctx The SHA-512 context. This must be initialized. + * \param data The buffer holding one block of data. This must be + * a readable buffer of length \c 128 Bytes. */ MBEDTLS_DEPRECATED void mbedtls_sha512_process( mbedtls_sha512_context *ctx, @@ -211,13 +231,16 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_process( * The SHA-512 result is calculated as * output = SHA-512(input buffer). * - * \param input The buffer holding the input data. - * \param ilen The length of the input data. + * \param input The buffer holding the input data. This must be + * a readable buffer of length \p ilen Bytes. + * \param ilen The length of the input data in Bytes. * \param output The SHA-384 or SHA-512 checksum result. - * \param is384 Determines which function to use: - * 0: Use SHA-512, or 1: Use SHA-384. + * This must be a writable buffer of length \c 64 Bytes. + * \param is384 Determines which function to use. This must be either + * \c 0 for SHA-512, or \c 1 for SHA-384. * * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_sha512_ret( const unsigned char *input, size_t ilen, @@ -242,11 +265,13 @@ int mbedtls_sha512_ret( const unsigned char *input, * * \deprecated Superseded by mbedtls_sha512_ret() in 2.7.0 * - * \param input The buffer holding the data. - * \param ilen The length of the input data. - * \param output The SHA-384 or SHA-512 checksum result. - * \param is384 Determines which function to use: - * 0: Use SHA-512, or 1: Use SHA-384. + * \param input The buffer holding the data. This must be a + * readable buffer of length \p ilen Bytes. + * \param ilen The length of the input data in Bytes. + * \param output The SHA-384 or SHA-512 checksum result. This must + * be a writable buffer of length \c 64 Bytes. + * \param is384 Determines which function to use. This must be either + * \c 0 for SHA-512, or \c 1 for SHA-384. */ MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input, size_t ilen, diff --git a/thirdparty/mbedtls/include/mbedtls/ssl.h b/thirdparty/mbedtls/include/mbedtls/ssl.h index 2d511a8ea1..8106bb4ab0 100644 --- a/thirdparty/mbedtls/include/mbedtls/ssl.h +++ b/thirdparty/mbedtls/include/mbedtls/ssl.h @@ -121,6 +121,8 @@ #define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH -0x6600 /**< Couldn't set the hash for verifying CertificateVerify */ #define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */ #define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */ +#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */ +#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */ /* * Various constants @@ -242,6 +244,14 @@ #define MBEDTLS_SSL_OUT_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN #endif +/* + * Maximum number of heap-allocated bytes for the purpose of + * DTLS handshake message reassembly and future message buffering. + */ +#if !defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING) +#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 +#endif + /* \} name SECTION: Module settings */ /* @@ -1022,14 +1032,14 @@ struct mbedtls_ssl_context int renego_records_seen; /*!< Records since renego request, or with DTLS, number of retransmissions of request if renego_max_records is < 0 */ -#endif +#endif /* MBEDTLS_SSL_RENEGOTIATION */ int major_ver; /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */ int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */ #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) unsigned badmac_seen; /*!< records with a bad MAC received */ -#endif +#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ mbedtls_ssl_send_t *f_send; /*!< Callback for network send */ mbedtls_ssl_recv_t *f_recv; /*!< Callback for network receive */ @@ -1085,11 +1095,11 @@ struct mbedtls_ssl_context uint16_t in_epoch; /*!< DTLS epoch for incoming records */ size_t next_record_offset; /*!< offset of the next record in datagram (equal to in_left if none) */ -#endif +#endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) uint64_t in_window_top; /*!< last validated record seq_num */ uint64_t in_window; /*!< bitmask for replay detection */ -#endif +#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ size_t in_hslen; /*!< current handshake message length, including the handshake header */ @@ -1098,6 +1108,11 @@ struct mbedtls_ssl_context int keep_current_message; /*!< drop or reuse current message on next call to record layer? */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + uint8_t disable_datagram_packing; /*!< Disable packing multiple records + * within a single datagram. */ +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + /* * Record layer (outgoing data) */ @@ -1112,12 +1127,18 @@ struct mbedtls_ssl_context size_t out_msglen; /*!< record header: message length */ size_t out_left; /*!< amount of data not yet written */ + unsigned char cur_out_ctr[8]; /*!< Outgoing record sequence number. */ + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + uint16_t mtu; /*!< path mtu, used to fragment outgoing messages */ +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + #if defined(MBEDTLS_ZLIB_SUPPORT) unsigned char *compress_buf; /*!< zlib data buffer */ -#endif +#endif /* MBEDTLS_ZLIB_SUPPORT */ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) signed char split_done; /*!< current record already splitted? */ -#endif +#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ /* * PKI layer @@ -1130,11 +1151,11 @@ struct mbedtls_ssl_context #if defined(MBEDTLS_X509_CRT_PARSE_C) char *hostname; /*!< expected peer CN for verification (and SNI if available) */ -#endif +#endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_ALPN) const char *alpn_chosen; /*!< negotiated protocol */ -#endif +#endif /* MBEDTLS_SSL_ALPN */ /* * Information for DTLS hello verify @@ -1142,7 +1163,7 @@ struct mbedtls_ssl_context #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) unsigned char *cli_id; /*!< transport-level ID of the client */ size_t cli_id_len; /*!< length of cli_id */ -#endif +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ /* * Secure renegotiation @@ -1154,7 +1175,7 @@ struct mbedtls_ssl_context size_t verify_data_len; /*!< length of verify data stored */ char own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ -#endif +#endif /* MBEDTLS_SSL_RENEGOTIATION */ }; #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) @@ -1374,6 +1395,52 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, mbedtls_ssl_recv_t *f_recv, mbedtls_ssl_recv_timeout_t *f_recv_timeout ); +#if defined(MBEDTLS_SSL_PROTO_DTLS) +/** + * \brief Set the Maximum Tranport Unit (MTU). + * Special value: 0 means unset (no limit). + * This represents the maximum size of a datagram payload + * handled by the transport layer (usually UDP) as determined + * by the network link and stack. In practice, this controls + * the maximum size datagram the DTLS layer will pass to the + * \c f_send() callback set using \c mbedtls_ssl_set_bio(). + * + * \note The limit on datagram size is converted to a limit on + * record payload by subtracting the current overhead of + * encapsulation and encryption/authentication if any. + * + * \note This can be called at any point during the connection, for + * example when a Path Maximum Transfer Unit (PMTU) + * estimate becomes available from other sources, + * such as lower (or higher) protocol layers. + * + * \note This setting only controls the size of the packets we send, + * and does not restrict the size of the datagrams we're + * willing to receive. Client-side, you can request the + * server to use smaller records with \c + * mbedtls_ssl_conf_max_frag_len(). + * + * \note If both a MTU and a maximum fragment length have been + * configured (or negotiated with the peer), the resulting + * lower limit on record payload (see first note) is used. + * + * \note This can only be used to decrease the maximum size + * of datagrams (hence records, see first note) sent. It + * cannot be used to increase the maximum size of records over + * the limit set by #MBEDTLS_SSL_OUT_CONTENT_LEN. + * + * \note Values lower than the current record layer expansion will + * result in an error when trying to send data. + * + * \note Using record compression together with a non-zero MTU value + * will result in an error when trying to send data. + * + * \param ssl SSL context + * \param mtu Value of the path MTU in bytes + */ +void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu ); +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + /** * \brief Set the timeout period for mbedtls_ssl_read() * (Default: no timeout.) @@ -1757,6 +1824,38 @@ void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limi #endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ #if defined(MBEDTLS_SSL_PROTO_DTLS) + +/** + * \brief Allow or disallow packing of multiple handshake records + * within a single datagram. + * + * \param ssl The SSL context to configure. + * \param allow_packing This determines whether datagram packing may + * be used or not. A value of \c 0 means that every + * record will be sent in a separate datagram; a + * value of \c 1 means that, if space permits, + * multiple handshake messages (including CCS) belonging to + * a single flight may be packed within a single datagram. + * + * \note This is enabled by default and should only be disabled + * for test purposes, or if datagram packing causes + * interoperability issues with peers that don't support it. + * + * \note Allowing datagram packing reduces the network load since + * there's less overhead if multiple messages share the same + * datagram. Also, it increases the handshake efficiency + * since messages belonging to a single datagram will not + * be reordered in transit, and so future message buffering + * or flight retransmission (if no buffering is used) as + * means to deal with reordering are needed less frequently. + * + * \note Application records are not affected by this option and + * are currently always sent in separate datagrams. + * + */ +void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl, + unsigned allow_packing ); + /** * \brief Set retransmit timeout values for the DTLS handshake. * (DTLS only, no effect on TLS.) @@ -1945,6 +2044,14 @@ void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf, * whether it matches those preferences - the server can then * decide what it wants to do with it. * + * \note The provided \p pk_key needs to match the public key in the + * first certificate in \p own_cert, or all handshakes using + * that certificate will fail. It is your responsibility + * to ensure that; this function will not perform any check. + * You may use mbedtls_pk_check_pair() in order to perform + * this check yourself, but be aware that this function can + * be computationally expensive on some key types. + * * \param conf SSL configuration * \param own_cert own public certificate chain * \param pk_key own private key @@ -2433,6 +2540,18 @@ void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, * (Client: set maximum fragment length to emit *and* * negotiate with the server during handshake) * + * \note With TLS, this currently only affects ApplicationData (sent + * with \c mbedtls_ssl_read()), not handshake messages. + * With DTLS, this affects both ApplicationData and handshake. + * + * \note This sets the maximum length for a record's payload, + * excluding record overhead that will be added to it, see + * \c mbedtls_ssl_get_record_expansion(). + * + * \note For DTLS, it is also possible to set a limit for the total + * size of daragrams passed to the transport layer, including + * record overhead, see \c mbedtls_ssl_set_mtu(). + * * \param conf SSL configuration * \param mfl_code Code for maximum fragment length (allowed values: * MBEDTLS_SSL_MAX_FRAG_LEN_512, MBEDTLS_SSL_MAX_FRAG_LEN_1024, @@ -2663,13 +2782,14 @@ size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ); /** * \brief Return the result of the certificate verification * - * \param ssl SSL context + * \param ssl The SSL context to use. * - * \return 0 if successful, - * -1 if result is not available (eg because the handshake was - * aborted too early), or - * a combination of BADCERT_xxx and BADCRL_xxx flags, see - * x509.h + * \return \c 0 if the certificate verification was successful. + * \return \c -1u if the result is not available. This may happen + * e.g. if the handshake aborts early, or a verification + * callback returned a fatal error. + * \return A bitwise combination of \c MBEDTLS_X509_BADCERT_XXX + * and \c MBEDTLS_X509_BADCRL_XXX failure flags; see x509.h. */ uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ); @@ -2695,6 +2815,9 @@ const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ); * \brief Return the (maximum) number of bytes added by the record * layer: header + encryption/MAC overhead (inc. padding) * + * \note This function is not available (always returns an error) + * when record compression is enabled. + * * \param ssl SSL context * * \return Current maximum record expansion in bytes, or @@ -2709,6 +2832,23 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); * This is the value negotiated with peer if any, * or the locally configured value. * + * \sa mbedtls_ssl_conf_max_frag_len() + * \sa mbedtls_ssl_get_max_record_payload() + * + * \param ssl SSL context + * + * \return Current maximum fragment length. + */ +size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl ); +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +/** + * \brief Return the current maximum outgoing record payload in bytes. + * This takes into account the config.h setting \c + * MBEDTLS_SSL_OUT_CONTENT_LEN, the configured and negotiated + * max fragment length extension if used, and for DTLS the + * path MTU as configured and current record expansion. + * * \note With DTLS, \c mbedtls_ssl_write() will return an error if * called with a larger length value. * With TLS, \c mbedtls_ssl_write() will fragment the input if @@ -2716,12 +2856,19 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ); * to the caller to call \c mbedtls_ssl_write() again in * order to send the remaining bytes if any. * + * \note This function is not available (always returns an error) + * when record compression is enabled. + * + * \sa mbedtls_ssl_set_mtu() + * \sa mbedtls_ssl_get_max_frag_len() + * \sa mbedtls_ssl_get_record_expansion() + * * \param ssl SSL context * - * \return Current maximum fragment length. + * \return Current maximum payload for an outgoing record, + * or a negative error code. */ -size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl ); -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ +int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ); #if defined(MBEDTLS_X509_CRT_PARSE_C) /** @@ -2776,35 +2923,50 @@ int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session * * \param ssl SSL context * - * \return 0 if successful, or - * MBEDTLS_ERR_SSL_WANT_READ or MBEDTLS_ERR_SSL_WANT_WRITE, or - * MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED (see below), or - * a specific SSL error code. + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_SSL_WANT_READ or #MBEDTLS_ERR_SSL_WANT_WRITE + * if the handshake is incomplete and waiting for data to + * be available for reading from or writing to the underlying + * transport - in this case you must call this function again + * when the underlying transport is ready for the operation. + * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if an asynchronous + * operation is in progress (see + * mbedtls_ssl_conf_async_private_cb()) - in this case you + * must call this function again when the operation is ready. + * \return #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS if a cryptographic + * operation is in progress (see mbedtls_ecp_set_max_ops()) - + * in this case you must call this function again to complete + * the handshake when you're done attending other tasks. + * \return #MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED if DTLS is in use + * and the client did not demonstrate reachability yet - in + * this case you must stop using the context (see below). + * \return Another SSL error code - in this case you must stop using + * the context (see below). + * + * \warning If this function returns something other than + * \c 0, + * #MBEDTLS_ERR_SSL_WANT_READ, + * #MBEDTLS_ERR_SSL_WANT_WRITE, + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, + * you must stop using the SSL context for reading or writing, + * and either free it or call \c mbedtls_ssl_session_reset() + * on it before re-using it for a new connection; the current + * connection must be closed. * - * If this function returns MBEDTLS_ERR_SSL_WANT_READ, the - * handshake is unfinished and no further data is available - * from the underlying transport. In this case, you must call - * the function again at some later stage. + * \note If DTLS is in use, then you may choose to handle + * #MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED specially for logging + * purposes, as it is an expected return value rather than an + * actual error, but you still need to reset/free the context. * * \note Remarks regarding event-driven DTLS: - * If the function returns MBEDTLS_ERR_SSL_WANT_READ, no datagram + * If the function returns #MBEDTLS_ERR_SSL_WANT_READ, no datagram * from the underlying transport layer is currently being processed, * and it is safe to idle until the timer or the underlying transport * signal a new event. This is not true for a successful handshake, * in which case the datagram of the underlying transport that is * currently being processed might or might not contain further * DTLS records. - * - * \note If this function returns something other than 0 or - * MBEDTLS_ERR_SSL_WANT_READ/WRITE, you must stop using - * the SSL context for reading or writing, and either free it or - * call \c mbedtls_ssl_session_reset() on it before re-using it - * for a new connection; the current connection must be closed. - * - * \note If DTLS is in use, then you may choose to handle - * MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED specially for logging - * purposes, as it is an expected return value rather than an - * actual error, but you still need to reset/free the context. */ int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ); @@ -2812,20 +2974,21 @@ int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ); * \brief Perform a single step of the SSL handshake * * \note The state of the context (ssl->state) will be at - * the next state after execution of this function. Do not + * the next state after this function returns \c 0. Do not * call this function if state is MBEDTLS_SSL_HANDSHAKE_OVER. * - * \note If this function returns something other than 0 or - * MBEDTLS_ERR_SSL_WANT_READ/WRITE, you must stop using - * the SSL context for reading or writing, and either free it or - * call \c mbedtls_ssl_session_reset() on it before re-using it - * for a new connection; the current connection must be closed. - * * \param ssl SSL context * - * \return 0 if successful, or - * MBEDTLS_ERR_SSL_WANT_READ or MBEDTLS_ERR_SSL_WANT_WRITE, or - * a specific SSL error code. + * \return See mbedtls_ssl_handshake(). + * + * \warning If this function returns something other than \c 0, + * #MBEDTLS_ERR_SSL_WANT_READ, #MBEDTLS_ERR_SSL_WANT_WRITE, + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, you must stop using + * the SSL context for reading or writing, and either free it + * or call \c mbedtls_ssl_session_reset() on it before + * re-using it for a new connection; the current connection + * must be closed. */ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ); @@ -2840,13 +3003,18 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl ); * \param ssl SSL context * * \return 0 if successful, or any mbedtls_ssl_handshake() return - * value. + * value except #MBEDTLS_ERR_SSL_CLIENT_RECONNECT that can't + * happen during a renegotiation. + * + * \warning If this function returns something other than \c 0, + * #MBEDTLS_ERR_SSL_WANT_READ, #MBEDTLS_ERR_SSL_WANT_WRITE, + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, you must stop using + * the SSL context for reading or writing, and either free it + * or call \c mbedtls_ssl_session_reset() on it before + * re-using it for a new connection; the current connection + * must be closed. * - * \note If this function returns something other than 0 or - * MBEDTLS_ERR_SSL_WANT_READ/WRITE, you must stop using - * the SSL context for reading or writing, and either free it or - * call \c mbedtls_ssl_session_reset() on it before re-using it - * for a new connection; the current connection must be closed. */ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ); #endif /* MBEDTLS_SSL_RENEGOTIATION */ @@ -2858,42 +3026,56 @@ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl ); * \param buf buffer that will hold the data * \param len maximum number of bytes to read * - * \return One of the following: - * - 0 if the read end of the underlying transport was closed, - * - the (positive) number of bytes read, or - * - a negative error code on failure. - * - * If MBEDTLS_ERR_SSL_WANT_READ is returned, no application data - * is available from the underlying transport. In this case, - * the function needs to be called again at some later stage. - * - * If MBEDTLS_ERR_SSL_WANT_WRITE is returned, a write is pending - * but the underlying transport isn't available for writing. In this - * case, the function needs to be called again at some later stage. + * \return The (positive) number of bytes read if successful. + * \return \c 0 if the read end of the underlying transport was closed + * - in this case you must stop using the context (see below). + * \return #MBEDTLS_ERR_SSL_WANT_READ or #MBEDTLS_ERR_SSL_WANT_WRITE + * if the handshake is incomplete and waiting for data to + * be available for reading from or writing to the underlying + * transport - in this case you must call this function again + * when the underlying transport is ready for the operation. + * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if an asynchronous + * operation is in progress (see + * mbedtls_ssl_conf_async_private_cb()) - in this case you + * must call this function again when the operation is ready. + * \return #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS if a cryptographic + * operation is in progress (see mbedtls_ecp_set_max_ops()) - + * in this case you must call this function again to complete + * the handshake when you're done attending other tasks. + * \return #MBEDTLS_ERR_SSL_CLIENT_RECONNECT if we're at the server + * side of a DTLS connection and the client is initiating a + * new connection using the same source port. See below. + * \return Another SSL error code - in this case you must stop using + * the context (see below). + * + * \warning If this function returns something other than + * a positive value, + * #MBEDTLS_ERR_SSL_WANT_READ, + * #MBEDTLS_ERR_SSL_WANT_WRITE, + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS, + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS or + * #MBEDTLS_ERR_SSL_CLIENT_RECONNECT, + * you must stop using the SSL context for reading or writing, + * and either free it or call \c mbedtls_ssl_session_reset() + * on it before re-using it for a new connection; the current + * connection must be closed. * - * When this function return MBEDTLS_ERR_SSL_CLIENT_RECONNECT + * \note When this function returns #MBEDTLS_ERR_SSL_CLIENT_RECONNECT * (which can only happen server-side), it means that a client * is initiating a new connection using the same source port. * You can either treat that as a connection close and wait * for the client to resend a ClientHello, or directly * continue with \c mbedtls_ssl_handshake() with the same - * context (as it has beeen reset internally). Either way, you - * should make sure this is seen by the application as a new + * context (as it has been reset internally). Either way, you + * must make sure this is seen by the application as a new * connection: application state, if any, should be reset, and * most importantly the identity of the client must be checked * again. WARNING: not validating the identity of the client * again, or not transmitting the new identity to the * application layer, would allow authentication bypass! * - * \note If this function returns something other than a positive value - * or MBEDTLS_ERR_SSL_WANT_READ/WRITE or MBEDTLS_ERR_SSL_CLIENT_RECONNECT, - * you must stop using the SSL context for reading or writing, - * and either free it or call \c mbedtls_ssl_session_reset() on it - * before re-using it for a new connection; the current connection - * must be closed. - * * \note Remarks regarding event-driven DTLS: - * - If the function returns MBEDTLS_ERR_SSL_WANT_READ, no datagram + * - If the function returns #MBEDTLS_ERR_SSL_WANT_READ, no datagram * from the underlying transport layer is currently being processed, * and it is safe to idle until the timer or the underlying transport * signal a new event. @@ -2922,21 +3104,39 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) * \param buf buffer holding the data * \param len how many bytes must be written * - * \return the number of bytes actually written (may be less than len), - * or MBEDTLS_ERR_SSL_WANT_WRITE or MBEDTLS_ERR_SSL_WANT_READ, - * or another negative error code. - * - * \note If this function returns something other than 0, a positive - * value or MBEDTLS_ERR_SSL_WANT_READ/WRITE, you must stop - * using the SSL context for reading or writing, and either - * free it or call \c mbedtls_ssl_session_reset() on it before - * re-using it for a new connection; the current connection - * must be closed. + * \return The (non-negative) number of bytes actually written if + * successful (may be less than \p len). + * \return #MBEDTLS_ERR_SSL_WANT_READ or #MBEDTLS_ERR_SSL_WANT_WRITE + * if the handshake is incomplete and waiting for data to + * be available for reading from or writing to the underlying + * transport - in this case you must call this function again + * when the underlying transport is ready for the operation. + * \return #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS if an asynchronous + * operation is in progress (see + * mbedtls_ssl_conf_async_private_cb()) - in this case you + * must call this function again when the operation is ready. + * \return #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS if a cryptographic + * operation is in progress (see mbedtls_ecp_set_max_ops()) - + * in this case you must call this function again to complete + * the handshake when you're done attending other tasks. + * \return Another SSL error code - in this case you must stop using + * the context (see below). + * + * \warning If this function returns something other than + * a non-negative value, + * #MBEDTLS_ERR_SSL_WANT_READ, + * #MBEDTLS_ERR_SSL_WANT_WRITE, + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, + * you must stop using the SSL context for reading or writing, + * and either free it or call \c mbedtls_ssl_session_reset() + * on it before re-using it for a new connection; the current + * connection must be closed. * - * \note When this function returns MBEDTLS_ERR_SSL_WANT_WRITE/READ, + * \note When this function returns #MBEDTLS_ERR_SSL_WANT_WRITE/READ, * it must be called later with the *same* arguments, * until it returns a value greater that or equal to 0. When - * the function returns MBEDTLS_ERR_SSL_WANT_WRITE there may be + * the function returns #MBEDTLS_ERR_SSL_WANT_WRITE there may be * some partial data in the output buffer, however this is not * yet sent. * diff --git a/thirdparty/mbedtls/include/mbedtls/ssl_cookie.h b/thirdparty/mbedtls/include/mbedtls/ssl_cookie.h index 80b65bbbb9..6a0ad4fa96 100644 --- a/thirdparty/mbedtls/include/mbedtls/ssl_cookie.h +++ b/thirdparty/mbedtls/include/mbedtls/ssl_cookie.h @@ -50,7 +50,7 @@ extern "C" { /** * \brief Context for the default cookie functions. */ -typedef struct +typedef struct mbedtls_ssl_cookie_ctx { mbedtls_md_context_t hmac_ctx; /*!< context for the HMAC portion */ #if !defined(MBEDTLS_HAVE_TIME) diff --git a/thirdparty/mbedtls/include/mbedtls/ssl_internal.h b/thirdparty/mbedtls/include/mbedtls/ssl_internal.h index d214703d77..97abb9f90b 100644 --- a/thirdparty/mbedtls/include/mbedtls/ssl_internal.h +++ b/thirdparty/mbedtls/include/mbedtls/ssl_internal.h @@ -93,6 +93,14 @@ #endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ +/* Shorthand for restartable ECC */ +#if defined(MBEDTLS_ECP_RESTARTABLE) && \ + defined(MBEDTLS_SSL_CLI_C) && \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#define MBEDTLS_SSL__ECP_RESTARTABLE +#endif + #define MBEDTLS_SSL_INITIAL_HANDSHAKE 0 #define MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS 1 /* In progress */ #define MBEDTLS_SSL_RENEGOTIATION_DONE 2 /* Done or aborted */ @@ -155,6 +163,9 @@ #define MBEDTLS_SSL_OUT_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \ ( MBEDTLS_SSL_OUT_CONTENT_LEN ) ) +/* The maximum number of buffered handshake messages. */ +#define MBEDTLS_SSL_MAX_BUFFERED_HS 4 + /* Maximum length we can advertise as our max content length for RFC 6066 max_fragment_length extension negotiation purposes (the lesser of both sizes, if they are unequal.) @@ -284,7 +295,18 @@ struct mbedtls_ssl_handshake_params mbedtls_x509_crl *sni_ca_crl; /*!< trusted CAs CRLs from SNI */ #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ - +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + int ecrs_enabled; /*!< Handshake supports EC restart? */ + mbedtls_x509_crt_restart_ctx ecrs_ctx; /*!< restart context */ + enum { /* this complements ssl->state with info on intra-state operations */ + ssl_ecrs_none = 0, /*!< nothing going on (yet) */ + ssl_ecrs_crt_verify, /*!< Certificate: crt_verify() */ + ssl_ecrs_ske_start_processing, /*!< ServerKeyExchange: pk_verify() */ + ssl_ecrs_cke_ecdh_calc_secret, /*!< ClientKeyExchange: ECDH step 2 */ + ssl_ecrs_crt_vrfy_sign, /*!< CertificateVerify: pk_sign() */ + } ecrs_state; /*!< current (or last) operation */ + size_t ecrs_n; /*!< place for saving a length */ +#endif #if defined(MBEDTLS_SSL_PROTO_DTLS) unsigned int out_msg_seq; /*!< Outgoing handshake sequence number */ unsigned int in_msg_seq; /*!< Incoming handshake sequence number */ @@ -294,18 +316,45 @@ struct mbedtls_ssl_handshake_params unsigned char verify_cookie_len; /*!< Cli: cookie length Srv: flag for sending a cookie */ - unsigned char *hs_msg; /*!< Reassembled handshake message */ - uint32_t retransmit_timeout; /*!< Current value of timeout */ unsigned char retransmit_state; /*!< Retransmission state */ - mbedtls_ssl_flight_item *flight; /*!< Current outgoing flight */ - mbedtls_ssl_flight_item *cur_msg; /*!< Current message in flight */ + mbedtls_ssl_flight_item *flight; /*!< Current outgoing flight */ + mbedtls_ssl_flight_item *cur_msg; /*!< Current message in flight */ + unsigned char *cur_msg_p; /*!< Position in current message */ unsigned int in_flight_start_seq; /*!< Minimum message sequence in the flight being received */ mbedtls_ssl_transform *alt_transform_out; /*!< Alternative transform for resending messages */ unsigned char alt_out_ctr[8]; /*!< Alternative record epoch/counter for resending messages */ + + struct + { + size_t total_bytes_buffered; /*!< Cumulative size of heap allocated + * buffers used for message buffering. */ + + uint8_t seen_ccs; /*!< Indicates if a CCS message has + * been seen in the current flight. */ + + struct mbedtls_ssl_hs_buffer + { + unsigned is_valid : 1; + unsigned is_fragmented : 1; + unsigned is_complete : 1; + unsigned char *data; + size_t data_len; + } hs[MBEDTLS_SSL_MAX_BUFFERED_HS]; + + struct + { + unsigned char *data; + size_t len; + unsigned epoch; + } future_record; + + } buffering; + + uint16_t mtu; /*!< Handshake mtu, used to fragment outgoing messages */ #endif /* MBEDTLS_SSL_PROTO_DTLS */ /* @@ -364,6 +413,8 @@ struct mbedtls_ssl_handshake_params #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ }; +typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer; + /* * This structure contains a full set of runtime transform parameters * either in negotiation or active. @@ -478,7 +529,6 @@ int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl ); void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ); int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ); -int mbedtls_ssl_read_record_layer( mbedtls_ssl_context *ssl ); int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl ); int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ); void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ); @@ -490,7 +540,10 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ); * of the logic of (D)TLS from the implementation * of the secure transport. * - * \param ssl SSL context to use + * \param ssl The SSL context to use. + * \param update_hs_digest This indicates if the handshake digest + * should be automatically updated in case + * a handshake message is found. * * \return 0 or non-zero error code. * @@ -556,10 +609,12 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ); * following the above definition. * */ -int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, + unsigned update_hs_digest ); int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ); -int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ); int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ); int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ); @@ -668,6 +723,7 @@ static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl ) void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ); void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ); int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ); #endif /* Visible for testing purposes only */ diff --git a/thirdparty/mbedtls/include/mbedtls/ssl_ticket.h b/thirdparty/mbedtls/include/mbedtls/ssl_ticket.h index 93ad46ac9c..b2686df09f 100644 --- a/thirdparty/mbedtls/include/mbedtls/ssl_ticket.h +++ b/thirdparty/mbedtls/include/mbedtls/ssl_ticket.h @@ -44,7 +44,7 @@ extern "C" { /** * \brief Information for session ticket protection */ -typedef struct +typedef struct mbedtls_ssl_ticket_key { unsigned char name[4]; /*!< random key identifier */ uint32_t generation_time; /*!< key generation timestamp (seconds) */ @@ -55,7 +55,7 @@ mbedtls_ssl_ticket_key; /** * \brief Context for session ticket handling functions */ -typedef struct +typedef struct mbedtls_ssl_ticket_context { mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys */ unsigned char active; /*!< index of the currently active key */ diff --git a/thirdparty/mbedtls/include/mbedtls/threading.h b/thirdparty/mbedtls/include/mbedtls/threading.h index c25daa5cdf..92e6e6b987 100644 --- a/thirdparty/mbedtls/include/mbedtls/threading.h +++ b/thirdparty/mbedtls/include/mbedtls/threading.h @@ -36,13 +36,16 @@ extern "C" { #endif +/* MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE is deprecated and should not be + * used. */ #define MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE -0x001A /**< The selected feature is not available. */ + #define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA -0x001C /**< Bad input parameters to function. */ #define MBEDTLS_ERR_THREADING_MUTEX_ERROR -0x001E /**< Locking / unlocking / free failed with error code. */ #if defined(MBEDTLS_THREADING_PTHREAD) #include <pthread.h> -typedef struct +typedef struct mbedtls_threading_mutex_t { pthread_mutex_t mutex; char is_valid; @@ -99,6 +102,17 @@ extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex ); #if defined(MBEDTLS_FS_IO) extern mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex; #endif + +#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT) +/* This mutex may or may not be used in the default definition of + * mbedtls_platform_gmtime_r(), but in order to determine that, + * we need to check POSIX features, hence modify _POSIX_C_SOURCE. + * With the current approach, this declaration is orphaned, lacking + * an accompanying definition, in case mbedtls_platform_gmtime_r() + * doesn't need it, but that's not a problem. */ +extern mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex; +#endif /* MBEDTLS_HAVE_TIME_DATE && !MBEDTLS_PLATFORM_GMTIME_R_ALT */ + #endif /* MBEDTLS_THREADING_C */ #ifdef __cplusplus diff --git a/thirdparty/mbedtls/include/mbedtls/timing.h b/thirdparty/mbedtls/include/mbedtls/timing.h index bbcb90688a..a965fe0d35 100644 --- a/thirdparty/mbedtls/include/mbedtls/timing.h +++ b/thirdparty/mbedtls/include/mbedtls/timing.h @@ -51,7 +51,7 @@ struct mbedtls_timing_hr_time /** * \brief Context for mbedtls_timing_set/get_delay() */ -typedef struct +typedef struct mbedtls_timing_delay_context { struct mbedtls_timing_hr_time timer; uint32_t int_ms; diff --git a/thirdparty/mbedtls/include/mbedtls/version.h b/thirdparty/mbedtls/include/mbedtls/version.h index eaf25d908c..56e7398a2a 100644 --- a/thirdparty/mbedtls/include/mbedtls/version.h +++ b/thirdparty/mbedtls/include/mbedtls/version.h @@ -39,7 +39,7 @@ * Major, Minor, Patchlevel */ #define MBEDTLS_VERSION_MAJOR 2 -#define MBEDTLS_VERSION_MINOR 12 +#define MBEDTLS_VERSION_MINOR 16 #define MBEDTLS_VERSION_PATCH 0 /** @@ -47,9 +47,9 @@ * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x020C0000 -#define MBEDTLS_VERSION_STRING "2.12.0" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.12.0" +#define MBEDTLS_VERSION_NUMBER 0x02100000 +#define MBEDTLS_VERSION_STRING "2.16.0" +#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.0" #if defined(MBEDTLS_VERSION_C) diff --git a/thirdparty/mbedtls/include/mbedtls/x509_crt.h b/thirdparty/mbedtls/include/mbedtls/x509_crt.h index ac23cffe84..3dd5922486 100644 --- a/thirdparty/mbedtls/include/mbedtls/x509_crt.h +++ b/thirdparty/mbedtls/include/mbedtls/x509_crt.h @@ -105,7 +105,7 @@ mbedtls_x509_crt; * * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG(). */ -typedef struct +typedef struct mbedtls_x509_crt_profile { uint32_t allowed_mds; /**< MDs for signatures */ uint32_t allowed_pks; /**< PK algs for signatures */ @@ -143,6 +143,63 @@ typedef struct mbedtls_x509write_cert } mbedtls_x509write_cert; +/** + * Item in a verification chain: cert and flags for it + */ +typedef struct { + mbedtls_x509_crt *crt; + uint32_t flags; +} mbedtls_x509_crt_verify_chain_item; + +/** + * Max size of verification chain: end-entity + intermediates + trusted root + */ +#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 ) + +/** + * Verification chain as built by \c mbedtls_crt_verify_chain() + */ +typedef struct +{ + mbedtls_x509_crt_verify_chain_item items[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE]; + unsigned len; +} mbedtls_x509_crt_verify_chain; + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + +/** + * \brief Context for resuming X.509 verify operations + */ +typedef struct +{ + /* for check_signature() */ + mbedtls_pk_restart_ctx pk; + + /* for find_parent_in() */ + mbedtls_x509_crt *parent; /* non-null iff parent_in in progress */ + mbedtls_x509_crt *fallback_parent; + int fallback_signature_is_good; + + /* for find_parent() */ + int parent_is_trusted; /* -1 if find_parent is not in progress */ + + /* for verify_chain() */ + enum { + x509_crt_rs_none, + x509_crt_rs_find_parent, + } in_progress; /* none if no operation is in progress */ + int self_cnt; + mbedtls_x509_crt_verify_chain ver_chain; + +} mbedtls_x509_crt_restart_ctx; + +#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + +/* Now we can declare functions that take a pointer to that */ +typedef void mbedtls_x509_crt_restart_ctx; + +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + #if defined(MBEDTLS_X509_CRT_PARSE_C) /** * Default security profile. Should provide a good balance between security @@ -175,19 +232,34 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *bu size_t buflen ); /** - * \brief Parse one or more certificates and add them - * to the chained list. Parses permissively. If some - * certificates can be parsed, the result is the number - * of failed certificates it encountered. If none complete - * correctly, the first error is returned. + * \brief Parse one DER-encoded or one or more concatenated PEM-encoded + * certificates and add them to the chained list. * - * \param chain points to the start of the chain - * \param buf buffer holding the certificate data in PEM or DER format - * \param buflen size of the buffer - * (including the terminating null byte for PEM data) + * For CRTs in PEM encoding, the function parses permissively: + * if at least one certificate can be parsed, the function + * returns the number of certificates for which parsing failed + * (hence \c 0 if all certificates were parsed successfully). + * If no certificate could be parsed, the function returns + * the first (negative) error encountered during parsing. + * + * PEM encoded certificates may be interleaved by other data + * such as human readable descriptions of their content, as + * long as the certificates are enclosed in the PEM specific + * '-----{BEGIN/END} CERTIFICATE-----' delimiters. + * + * \param chain The chain to which to add the parsed certificates. + * \param buf The buffer holding the certificate data in PEM or DER format. + * For certificates in PEM encoding, this may be a concatenation + * of multiple certificates; for DER encoding, the buffer must + * comprise exactly one certificate. + * \param buflen The size of \p buf, including the terminating \c NULL byte + * in case of PEM encoded data. + * + * \return \c 0 if all certificates were parsed successfully. + * \return The (positive) number of certificates that couldn't + * be parsed if parsing was partly successful (see above). + * \return A negative X509 or PEM error code otherwise. * - * \return 0 if all certificates parsed successfully, a positive number - * if partly successful or a specific X509 or PEM error code */ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen ); @@ -353,6 +425,37 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), void *p_vrfy ); +/** + * \brief Restartable version of \c mbedtls_crt_verify_with_profile() + * + * \note Performs the same job as \c mbedtls_crt_verify_with_profile() + * but can return early and restart according to the limit + * set with \c mbedtls_ecp_set_max_ops() to reduce blocking. + * + * \param crt a certificate (chain) to be verified + * \param trust_ca the list of trusted CAs + * \param ca_crl the list of CRLs for trusted CAs + * \param profile security profile for verification + * \param cn expected Common Name (can be set to + * NULL if the CN must not be verified) + * \param flags result of the verification + * \param f_vrfy verification function + * \param p_vrfy verification parameter + * \param rs_ctx restart context (NULL to disable restart) + * + * \return See \c mbedtls_crt_verify_with_profile(), or + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c mbedtls_ecp_set_max_ops(). + */ +int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy, + mbedtls_x509_crt_restart_ctx *rs_ctx ); + #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) /** * \brief Check usage of certificate against keyUsage extension. @@ -424,6 +527,18 @@ void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ); * \param crt Certificate chain to free */ void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ); + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) +/** + * \brief Initialize a restart context + */ +void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ); + +/** + * \brief Free the components of a restart context + */ +void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ); +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ /* \} name */ diff --git a/thirdparty/mbedtls/include/mbedtls/xtea.h b/thirdparty/mbedtls/include/mbedtls/xtea.h index 8df708a3a5..6430c1318a 100644 --- a/thirdparty/mbedtls/include/mbedtls/xtea.h +++ b/thirdparty/mbedtls/include/mbedtls/xtea.h @@ -37,6 +37,8 @@ #define MBEDTLS_XTEA_DECRYPT 0 #define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */ + +/* MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED is deprecated and should not be used. */ #define MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED -0x0029 /**< XTEA hardware accelerator failed. */ #ifdef __cplusplus @@ -50,7 +52,7 @@ extern "C" { /** * \brief XTEA context structure */ -typedef struct +typedef struct mbedtls_xtea_context { uint32_t k[4]; /*!< key */ } diff --git a/thirdparty/mbedtls/library/aes.c b/thirdparty/mbedtls/library/aes.c index 5c939bba47..0543cd7817 100644 --- a/thirdparty/mbedtls/library/aes.c +++ b/thirdparty/mbedtls/library/aes.c @@ -36,6 +36,7 @@ #include <string.h> #include "mbedtls/aes.h" +#include "mbedtls/platform.h" #include "mbedtls/platform_util.h" #if defined(MBEDTLS_PADLOCK_C) #include "mbedtls/padlock.h" @@ -55,6 +56,12 @@ #if !defined(MBEDTLS_AES_ALT) +/* Parameter validation macros based on platform_util.h */ +#define AES_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_AES_BAD_INPUT_DATA ) +#define AES_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + /* * 32-bit integer manipulation macros (little endian) */ @@ -510,6 +517,8 @@ static void aes_gen_tables( void ) void mbedtls_aes_init( mbedtls_aes_context *ctx ) { + AES_VALIDATE( ctx != NULL ); + memset( ctx, 0, sizeof( mbedtls_aes_context ) ); } @@ -524,12 +533,17 @@ void mbedtls_aes_free( mbedtls_aes_context *ctx ) #if defined(MBEDTLS_CIPHER_MODE_XTS) void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx ) { + AES_VALIDATE( ctx != NULL ); + mbedtls_aes_init( &ctx->crypt ); mbedtls_aes_init( &ctx->tweak ); } void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx ) { + if( ctx == NULL ) + return; + mbedtls_aes_free( &ctx->crypt ); mbedtls_aes_free( &ctx->tweak ); } @@ -545,14 +559,8 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, unsigned int i; uint32_t *RK; -#if !defined(MBEDTLS_AES_ROM_TABLES) - if( aes_init_done == 0 ) - { - aes_gen_tables(); - aes_init_done = 1; - - } -#endif + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( key != NULL ); switch( keybits ) { @@ -562,6 +570,14 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH ); } +#if !defined(MBEDTLS_AES_ROM_TABLES) + if( aes_init_done == 0 ) + { + aes_gen_tables(); + aes_init_done = 1; + } +#endif + #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) if( aes_padlock_ace == -1 ) aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE ); @@ -661,6 +677,9 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, uint32_t *RK; uint32_t *SK; + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( key != NULL ); + mbedtls_aes_init( &cty ); #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) @@ -751,6 +770,9 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx, const unsigned char *key1, *key2; unsigned int key1bits, key2bits; + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( key != NULL ); + ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits, &key2, &key2bits ); if( ret != 0 ) @@ -773,6 +795,9 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx, const unsigned char *key1, *key2; unsigned int key1bits, key2bits; + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( key != NULL ); + ret = mbedtls_aes_xts_decode_keys( key, keybits, &key1, &key1bits, &key2, &key2bits ); if( ret != 0 ) @@ -976,10 +1001,16 @@ void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, * AES-ECB block encryption/decryption */ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ) + int mode, + const unsigned char input[16], + unsigned char output[16] ) { + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( input != NULL ); + AES_VALIDATE_RET( output != NULL ); + AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT ); + #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) ) return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) ); @@ -1017,6 +1048,13 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, int i; unsigned char temp[16]; + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT ); + AES_VALIDATE_RET( iv != NULL ); + AES_VALIDATE_RET( input != NULL ); + AES_VALIDATE_RET( output != NULL ); + if( length % 16 ) return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); @@ -1142,11 +1180,18 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx, unsigned char prev_tweak[16]; unsigned char tmp[16]; - /* Sectors must be at least 16 bytes. */ + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT ); + AES_VALIDATE_RET( data_unit != NULL ); + AES_VALIDATE_RET( input != NULL ); + AES_VALIDATE_RET( output != NULL ); + + /* Data units must be at least 16 bytes long. */ if( length < 16 ) return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; - /* NIST SP 80-38E disallows data units larger than 2**20 blocks. */ + /* NIST SP 800-38E disallows data units larger than 2**20 blocks. */ if( length > ( 1 << 20 ) * 16 ) return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; @@ -1241,7 +1286,20 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, unsigned char *output ) { int c; - size_t n = *iv_off; + size_t n; + + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT ); + AES_VALIDATE_RET( iv_off != NULL ); + AES_VALIDATE_RET( iv != NULL ); + AES_VALIDATE_RET( input != NULL ); + AES_VALIDATE_RET( output != NULL ); + + n = *iv_off; + + if( n > 15 ) + return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); if( mode == MBEDTLS_AES_DECRYPT ) { @@ -1279,15 +1337,21 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, * AES-CFB8 buffer encryption/decryption */ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ) { unsigned char c; unsigned char ov[17]; + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( mode == MBEDTLS_AES_ENCRYPT || + mode == MBEDTLS_AES_DECRYPT ); + AES_VALIDATE_RET( iv != NULL ); + AES_VALIDATE_RET( input != NULL ); + AES_VALIDATE_RET( output != NULL ); while( length-- ) { memcpy( ov, iv, 16 ); @@ -1320,7 +1384,18 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx, unsigned char *output ) { int ret = 0; - size_t n = *iv_off; + size_t n; + + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( iv_off != NULL ); + AES_VALIDATE_RET( iv != NULL ); + AES_VALIDATE_RET( input != NULL ); + AES_VALIDATE_RET( output != NULL ); + + n = *iv_off; + + if( n > 15 ) + return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); while( length-- ) { @@ -1355,7 +1430,16 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, unsigned char *output ) { int c, i; - size_t n = *nc_off; + size_t n; + + AES_VALIDATE_RET( ctx != NULL ); + AES_VALIDATE_RET( nc_off != NULL ); + AES_VALIDATE_RET( nonce_counter != NULL ); + AES_VALIDATE_RET( stream_block != NULL ); + AES_VALIDATE_RET( input != NULL ); + AES_VALIDATE_RET( output != NULL ); + + n = *nc_off; if ( n > 0x0F ) return( MBEDTLS_ERR_AES_BAD_INPUT_DATA ); @@ -1757,7 +1841,7 @@ int mbedtls_aes_self_test( int verbose ) * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 ) + if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) { mbedtls_printf( "skipped\n" ); continue; @@ -1821,7 +1905,7 @@ int mbedtls_aes_self_test( int verbose ) * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 ) + if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) { mbedtls_printf( "skipped\n" ); continue; @@ -1886,7 +1970,7 @@ int mbedtls_aes_self_test( int verbose ) * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 ) + if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) { mbedtls_printf( "skipped\n" ); continue; @@ -1949,7 +2033,7 @@ int mbedtls_aes_self_test( int verbose ) * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 ) + if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192 ) { mbedtls_printf( "skipped\n" ); continue; diff --git a/thirdparty/mbedtls/library/aria.c b/thirdparty/mbedtls/library/aria.c index e9bcd6d135..aff66d667f 100644 --- a/thirdparty/mbedtls/library/aria.c +++ b/thirdparty/mbedtls/library/aria.c @@ -55,6 +55,12 @@ #define inline __inline #endif +/* Parameter validation macros */ +#define ARIA_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ) +#define ARIA_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + /* * 32-bit integer manipulation macros (little endian) */ @@ -449,9 +455,11 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, int i; uint32_t w[4][4], *w2; + ARIA_VALIDATE_RET( ctx != NULL ); + ARIA_VALIDATE_RET( key != NULL ); if( keybits != 128 && keybits != 192 && keybits != 256 ) - return( MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH ); + return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); /* Copy key to W0 (and potential remainder to W1) */ GET_UINT32_LE( w[0][0], key, 0 ); @@ -503,6 +511,8 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx, const unsigned char *key, unsigned int keybits ) { int i, j, k, ret; + ARIA_VALIDATE_RET( ctx != NULL ); + ARIA_VALIDATE_RET( key != NULL ); ret = mbedtls_aria_setkey_enc( ctx, key, keybits ); if( ret != 0 ) @@ -539,6 +549,9 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, int i; uint32_t a, b, c, d; + ARIA_VALIDATE_RET( ctx != NULL ); + ARIA_VALIDATE_RET( input != NULL ); + ARIA_VALIDATE_RET( output != NULL ); GET_UINT32_LE( a, input, 0 ); GET_UINT32_LE( b, input, 4 ); @@ -586,6 +599,7 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, /* Initialize context */ void mbedtls_aria_init( mbedtls_aria_context *ctx ) { + ARIA_VALIDATE( ctx != NULL ); memset( ctx, 0, sizeof( mbedtls_aria_context ) ); } @@ -612,6 +626,13 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx, int i; unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE]; + ARIA_VALIDATE_RET( ctx != NULL ); + ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT || + mode == MBEDTLS_ARIA_DECRYPT ); + ARIA_VALIDATE_RET( length == 0 || input != NULL ); + ARIA_VALIDATE_RET( length == 0 || output != NULL ); + ARIA_VALIDATE_RET( iv != NULL ); + if( length % MBEDTLS_ARIA_BLOCKSIZE ) return( MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH ); @@ -665,7 +686,23 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx, unsigned char *output ) { unsigned char c; - size_t n = *iv_off; + size_t n; + + ARIA_VALIDATE_RET( ctx != NULL ); + ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT || + mode == MBEDTLS_ARIA_DECRYPT ); + ARIA_VALIDATE_RET( length == 0 || input != NULL ); + ARIA_VALIDATE_RET( length == 0 || output != NULL ); + ARIA_VALIDATE_RET( iv != NULL ); + ARIA_VALIDATE_RET( iv_off != NULL ); + + n = *iv_off; + + /* An overly large value of n can lead to an unlimited + * buffer overflow. Therefore, guard against this + * outside of parameter validation. */ + if( n >= MBEDTLS_ARIA_BLOCKSIZE ) + return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); if( mode == MBEDTLS_ARIA_DECRYPT ) { @@ -713,7 +750,21 @@ int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx, unsigned char *output ) { int c, i; - size_t n = *nc_off; + size_t n; + + ARIA_VALIDATE_RET( ctx != NULL ); + ARIA_VALIDATE_RET( length == 0 || input != NULL ); + ARIA_VALIDATE_RET( length == 0 || output != NULL ); + ARIA_VALIDATE_RET( nonce_counter != NULL ); + ARIA_VALIDATE_RET( stream_block != NULL ); + ARIA_VALIDATE_RET( nc_off != NULL ); + + n = *nc_off; + /* An overly large value of n can lead to an unlimited + * buffer overflow. Therefore, guard against this + * outside of parameter validation. */ + if( n >= MBEDTLS_ARIA_BLOCKSIZE ) + return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA ); while( length-- ) { @@ -875,11 +926,11 @@ static const uint8_t aria_test2_ctr_ct[3][48] = // CTR ciphertext #define ARIA_SELF_TEST_IF_FAIL \ { \ if( verbose ) \ - printf( "failed\n" ); \ + mbedtls_printf( "failed\n" ); \ return( 1 ); \ } else { \ if( verbose ) \ - printf( "passed\n" ); \ + mbedtls_printf( "passed\n" ); \ } /* @@ -908,7 +959,7 @@ int mbedtls_aria_self_test( int verbose ) { /* test ECB encryption */ if( verbose ) - printf( " ARIA-ECB-%d (enc): ", 128 + 64 * i ); + mbedtls_printf( " ARIA-ECB-%d (enc): ", 128 + 64 * i ); mbedtls_aria_setkey_enc( &ctx, aria_test1_ecb_key, 128 + 64 * i ); mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_pt, blk ); if( memcmp( blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE ) != 0 ) @@ -916,14 +967,14 @@ int mbedtls_aria_self_test( int verbose ) /* test ECB decryption */ if( verbose ) - printf( " ARIA-ECB-%d (dec): ", 128 + 64 * i ); + mbedtls_printf( " ARIA-ECB-%d (dec): ", 128 + 64 * i ); mbedtls_aria_setkey_dec( &ctx, aria_test1_ecb_key, 128 + 64 * i ); mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_ct[i], blk ); if( memcmp( blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE ) != 0 ) ARIA_SELF_TEST_IF_FAIL; } if( verbose ) - printf( "\n" ); + mbedtls_printf( "\n" ); /* * Test set 2 @@ -933,7 +984,7 @@ int mbedtls_aria_self_test( int verbose ) { /* Test CBC encryption */ if( verbose ) - printf( " ARIA-CBC-%d (enc): ", 128 + 64 * i ); + mbedtls_printf( " ARIA-CBC-%d (enc): ", 128 + 64 * i ); mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); memset( buf, 0x55, sizeof( buf ) ); @@ -944,7 +995,7 @@ int mbedtls_aria_self_test( int verbose ) /* Test CBC decryption */ if( verbose ) - printf( " ARIA-CBC-%d (dec): ", 128 + 64 * i ); + mbedtls_printf( " ARIA-CBC-%d (dec): ", 128 + 64 * i ); mbedtls_aria_setkey_dec( &ctx, aria_test2_key, 128 + 64 * i ); memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); memset( buf, 0xAA, sizeof( buf ) ); @@ -954,7 +1005,7 @@ int mbedtls_aria_self_test( int verbose ) ARIA_SELF_TEST_IF_FAIL; } if( verbose ) - printf( "\n" ); + mbedtls_printf( "\n" ); #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -963,7 +1014,7 @@ int mbedtls_aria_self_test( int verbose ) { /* Test CFB encryption */ if( verbose ) - printf( " ARIA-CFB-%d (enc): ", 128 + 64 * i ); + mbedtls_printf( " ARIA-CFB-%d (enc): ", 128 + 64 * i ); mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); memset( buf, 0x55, sizeof( buf ) ); @@ -975,7 +1026,7 @@ int mbedtls_aria_self_test( int verbose ) /* Test CFB decryption */ if( verbose ) - printf( " ARIA-CFB-%d (dec): ", 128 + 64 * i ); + mbedtls_printf( " ARIA-CFB-%d (dec): ", 128 + 64 * i ); mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); memset( buf, 0xAA, sizeof( buf ) ); @@ -986,7 +1037,7 @@ int mbedtls_aria_self_test( int verbose ) ARIA_SELF_TEST_IF_FAIL; } if( verbose ) - printf( "\n" ); + mbedtls_printf( "\n" ); #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) @@ -994,7 +1045,7 @@ int mbedtls_aria_self_test( int verbose ) { /* Test CTR encryption */ if( verbose ) - printf( " ARIA-CTR-%d (enc): ", 128 + 64 * i ); + mbedtls_printf( " ARIA-CTR-%d (enc): ", 128 + 64 * i ); mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 memset( buf, 0x55, sizeof( buf ) ); @@ -1006,7 +1057,7 @@ int mbedtls_aria_self_test( int verbose ) /* Test CTR decryption */ if( verbose ) - printf( " ARIA-CTR-%d (dec): ", 128 + 64 * i ); + mbedtls_printf( " ARIA-CTR-%d (dec): ", 128 + 64 * i ); mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 memset( buf, 0xAA, sizeof( buf ) ); @@ -1017,7 +1068,7 @@ int mbedtls_aria_self_test( int verbose ) ARIA_SELF_TEST_IF_FAIL; } if( verbose ) - printf( "\n" ); + mbedtls_printf( "\n" ); #endif /* MBEDTLS_CIPHER_MODE_CTR */ return( 0 ); diff --git a/thirdparty/mbedtls/library/asn1write.c b/thirdparty/mbedtls/library/asn1write.c index 72acdf3012..a4d23f6196 100644 --- a/thirdparty/mbedtls/library/asn1write.c +++ b/thirdparty/mbedtls/library/asn1write.c @@ -257,34 +257,37 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val ) return( (int) len ); } -int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ) +int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, int tag, + const char *text, size_t text_len ) { int ret; size_t len = 0; MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) text, text_len ) ); + (const unsigned char *) text, text_len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_PRINTABLE_STRING ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) ); return( (int) len ); } -int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, - const char *text, size_t text_len ) +int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start, + const char *text, size_t text_len ) { - int ret; - size_t len = 0; - - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, - (const unsigned char *) text, text_len ) ); + return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len) ); +} - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_IA5_STRING ) ); +int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start, + const char *text, size_t text_len ) +{ + return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text, text_len) ); +} - return( (int) len ); +int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start, + const char *text, size_t text_len ) +{ + return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len) ); } int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start, @@ -328,14 +331,36 @@ int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start, return( (int) len ); } -mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **head, + +/* This is a copy of the ASN.1 parsing function mbedtls_asn1_find_named_data(), + * which is replicated to avoid a dependency ASN1_WRITE_C on ASN1_PARSE_C. */ +static mbedtls_asn1_named_data *asn1_find_named_data( + mbedtls_asn1_named_data *list, + const char *oid, size_t len ) +{ + while( list != NULL ) + { + if( list->oid.len == len && + memcmp( list->oid.p, oid, len ) == 0 ) + { + break; + } + + list = list->next; + } + + return( list ); +} + +mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( + mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, const unsigned char *val, size_t val_len ) { mbedtls_asn1_named_data *cur; - if( ( cur = mbedtls_asn1_find_named_data( *head, oid, oid_len ) ) == NULL ) + if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL ) { // Add new entry if not present yet based on OID // diff --git a/thirdparty/mbedtls/library/bignum.c b/thirdparty/mbedtls/library/bignum.c index 423e375fd1..f968a0ad7d 100644 --- a/thirdparty/mbedtls/library/bignum.c +++ b/thirdparty/mbedtls/library/bignum.c @@ -59,6 +59,11 @@ #define mbedtls_free free #endif +#define MPI_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA ) +#define MPI_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + #define ciL (sizeof(mbedtls_mpi_uint)) /* chars in limb */ #define biL (ciL << 3) /* bits in limb */ #define biH (ciL << 2) /* half limb size */ @@ -83,8 +88,7 @@ static void mbedtls_mpi_zeroize( mbedtls_mpi_uint *v, size_t n ) */ void mbedtls_mpi_init( mbedtls_mpi *X ) { - if( X == NULL ) - return; + MPI_VALIDATE( X != NULL ); X->s = 1; X->n = 0; @@ -116,6 +120,7 @@ void mbedtls_mpi_free( mbedtls_mpi *X ) int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs ) { mbedtls_mpi_uint *p; + MPI_VALIDATE_RET( X != NULL ); if( nblimbs > MBEDTLS_MPI_MAX_LIMBS ) return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); @@ -147,6 +152,10 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs ) { mbedtls_mpi_uint *p; size_t i; + MPI_VALIDATE_RET( X != NULL ); + + if( nblimbs > MBEDTLS_MPI_MAX_LIMBS ) + return( MBEDTLS_ERR_MPI_ALLOC_FAILED ); /* Actually resize up in this case */ if( X->n <= nblimbs ) @@ -183,6 +192,8 @@ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ) { int ret = 0; size_t i; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( Y != NULL ); if( X == Y ) return( 0 ); @@ -222,6 +233,8 @@ cleanup: void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y ) { mbedtls_mpi T; + MPI_VALIDATE( X != NULL ); + MPI_VALIDATE( Y != NULL ); memcpy( &T, X, sizeof( mbedtls_mpi ) ); memcpy( X, Y, sizeof( mbedtls_mpi ) ); @@ -237,6 +250,8 @@ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned { int ret = 0; size_t i; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( Y != NULL ); /* make sure assign is 0 or 1 in a time-constant manner */ assign = (assign | (unsigned char)-assign) >> 7; @@ -266,6 +281,8 @@ int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char sw int ret, s; size_t i; mbedtls_mpi_uint tmp; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( Y != NULL ); if( X == Y ) return( 0 ); @@ -298,6 +315,7 @@ cleanup: int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ) { int ret; + MPI_VALIDATE_RET( X != NULL ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, 1 ) ); memset( X->p, 0, X->n * ciL ); @@ -315,12 +333,18 @@ cleanup: */ int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos ) { + MPI_VALIDATE_RET( X != NULL ); + if( X->n * biL <= pos ) return( 0 ); return( ( X->p[pos / biL] >> ( pos % biL ) ) & 0x01 ); } +/* Get a specific byte, without range checks. */ +#define GET_BYTE( X, i ) \ + ( ( ( X )->p[( i ) / ciL] >> ( ( ( i ) % ciL ) * 8 ) ) & 0xff ) + /* * Set a bit to a specific value of 0 or 1 */ @@ -329,6 +353,7 @@ int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val ) int ret = 0; size_t off = pos / biL; size_t idx = pos % biL; + MPI_VALIDATE_RET( X != NULL ); if( val != 0 && val != 1 ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); @@ -355,6 +380,7 @@ cleanup: size_t mbedtls_mpi_lsb( const mbedtls_mpi *X ) { size_t i, j, count = 0; + MBEDTLS_INTERNAL_VALIDATE_RET( X != NULL, 0 ); for( i = 0; i < X->n; i++ ) for( j = 0; j < biL; j++, count++ ) @@ -435,6 +461,8 @@ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s ) size_t i, j, slen, n; mbedtls_mpi_uint d; mbedtls_mpi T; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( s != NULL ); if( radix < 2 || radix > 16 ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); @@ -535,6 +563,9 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, size_t n; char *p; mbedtls_mpi T; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( olen != NULL ); + MPI_VALIDATE_RET( buflen == 0 || buf != NULL ); if( radix < 2 || radix > 16 ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); @@ -616,6 +647,12 @@ int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ) */ char s[ MBEDTLS_MPI_RW_BUFFER_SIZE ]; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( fin != NULL ); + + if( radix < 2 || radix > 16 ) + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); + memset( s, 0, sizeof( s ) ); if( fgets( s, sizeof( s ) - 1, fin ) == NULL ) return( MBEDTLS_ERR_MPI_FILE_IO_ERROR ); @@ -647,6 +684,10 @@ int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE * newline characters and '\0' */ char s[ MBEDTLS_MPI_RW_BUFFER_SIZE ]; + MPI_VALIDATE_RET( X != NULL ); + + if( radix < 2 || radix > 16 ) + return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); memset( s, 0, sizeof( s ) ); @@ -683,6 +724,9 @@ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t bu size_t i, j; size_t const limbs = CHARS_TO_LIMBS( buflen ); + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( buflen == 0 || buf != NULL ); + /* Ensure that target MPI has exactly the necessary number of limbs */ if( X->n != limbs ) { @@ -704,19 +748,45 @@ cleanup: /* * Export X into unsigned binary data, big endian */ -int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, size_t buflen ) +int mbedtls_mpi_write_binary( const mbedtls_mpi *X, + unsigned char *buf, size_t buflen ) { - size_t i, j, n; + size_t stored_bytes; + size_t bytes_to_copy; + unsigned char *p; + size_t i; - n = mbedtls_mpi_size( X ); + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( buflen == 0 || buf != NULL ); - if( buflen < n ) - return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); + stored_bytes = X->n * ciL; - memset( buf, 0, buflen ); + if( stored_bytes < buflen ) + { + /* There is enough space in the output buffer. Write initial + * null bytes and record the position at which to start + * writing the significant bytes. In this case, the execution + * trace of this function does not depend on the value of the + * number. */ + bytes_to_copy = stored_bytes; + p = buf + buflen - stored_bytes; + memset( buf, 0, buflen - stored_bytes ); + } + else + { + /* The output buffer is smaller than the allocated size of X. + * However X may fit if its leading bytes are zero. */ + bytes_to_copy = buflen; + p = buf; + for( i = bytes_to_copy; i < stored_bytes; i++ ) + { + if( GET_BYTE( X, i ) != 0 ) + return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL ); + } + } - for( i = buflen - 1, j = 0; n > 0; i--, j++, n-- ) - buf[i] = (unsigned char)( X->p[j / ciL] >> ((j % ciL) << 3) ); + for( i = 0; i < bytes_to_copy; i++ ) + p[bytes_to_copy - i - 1] = GET_BYTE( X, i ); return( 0 ); } @@ -729,6 +799,7 @@ int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count ) int ret; size_t i, v0, t1; mbedtls_mpi_uint r0 = 0, r1; + MPI_VALIDATE_RET( X != NULL ); v0 = count / (biL ); t1 = count & (biL - 1); @@ -778,6 +849,7 @@ int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ) { size_t i, v0, v1; mbedtls_mpi_uint r0 = 0, r1; + MPI_VALIDATE_RET( X != NULL ); v0 = count / biL; v1 = count & (biL - 1); @@ -820,6 +892,8 @@ int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count ) int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ) { size_t i, j; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( Y != NULL ); for( i = X->n; i > 0; i-- ) if( X->p[i - 1] != 0 ) @@ -850,6 +924,8 @@ int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y ) int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y ) { size_t i, j; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( Y != NULL ); for( i = X->n; i > 0; i-- ) if( X->p[i - 1] != 0 ) @@ -884,6 +960,7 @@ int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z ) { mbedtls_mpi Y; mbedtls_mpi_uint p[1]; + MPI_VALIDATE_RET( X != NULL ); *p = ( z < 0 ) ? -z : z; Y.s = ( z < 0 ) ? -1 : 1; @@ -901,6 +978,9 @@ int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi int ret; size_t i, j; mbedtls_mpi_uint *o, *p, c, tmp; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET( B != NULL ); if( X == B ) { @@ -978,6 +1058,9 @@ int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi mbedtls_mpi TB; int ret; size_t n; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET( B != NULL ); if( mbedtls_mpi_cmp_abs( A, B ) < 0 ) return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE ); @@ -1018,8 +1101,12 @@ cleanup: */ int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret, s = A->s; + int ret, s; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET( B != NULL ); + s = A->s; if( A->s * B->s < 0 ) { if( mbedtls_mpi_cmp_abs( A, B ) >= 0 ) @@ -1049,8 +1136,12 @@ cleanup: */ int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B ) { - int ret, s = A->s; + int ret, s; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET( B != NULL ); + s = A->s; if( A->s * B->s > 0 ) { if( mbedtls_mpi_cmp_abs( A, B ) >= 0 ) @@ -1082,6 +1173,8 @@ int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint { mbedtls_mpi _B; mbedtls_mpi_uint p[1]; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( A != NULL ); p[0] = ( b < 0 ) ? -b : b; _B.s = ( b < 0 ) ? -1 : 1; @@ -1098,6 +1191,8 @@ int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint { mbedtls_mpi _B; mbedtls_mpi_uint p[1]; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( A != NULL ); p[0] = ( b < 0 ) ? -b : b; _B.s = ( b < 0 ) ? -1 : 1; @@ -1187,6 +1282,9 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi int ret; size_t i, j; mbedtls_mpi TA, TB; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET( B != NULL ); mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB ); @@ -1223,6 +1321,8 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint { mbedtls_mpi _B; mbedtls_mpi_uint p[1]; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( A != NULL ); _B.s = 1; _B.n = 1; @@ -1331,11 +1431,14 @@ static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1, /* * Division by mbedtls_mpi: A = Q * B + R (HAC 14.20) */ -int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ) +int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, + const mbedtls_mpi *B ) { int ret; size_t i, n, t, k; mbedtls_mpi X, Y, Z, T1, T2; + MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET( B != NULL ); if( mbedtls_mpi_cmp_int( B, 0 ) == 0 ) return( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO ); @@ -1446,10 +1549,13 @@ cleanup: /* * Division by int: A = Q * b + R */ -int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, mbedtls_mpi_sint b ) +int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, + const mbedtls_mpi *A, + mbedtls_mpi_sint b ) { mbedtls_mpi _B; mbedtls_mpi_uint p[1]; + MPI_VALIDATE_RET( A != NULL ); p[0] = ( b < 0 ) ? -b : b; _B.s = ( b < 0 ) ? -1 : 1; @@ -1465,6 +1571,9 @@ int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, m int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B ) { int ret; + MPI_VALIDATE_RET( R != NULL ); + MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET( B != NULL ); if( mbedtls_mpi_cmp_int( B, 0 ) < 0 ) return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE ); @@ -1489,6 +1598,8 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_ { size_t i; mbedtls_mpi_uint x, y, z; + MPI_VALIDATE_RET( r != NULL ); + MPI_VALIDATE_RET( A != NULL ); if( b == 0 ) return( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO ); @@ -1602,7 +1713,8 @@ static int mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi /* * Montgomery reduction: A = A * R^-1 mod N */ -static int mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, mbedtls_mpi_uint mm, const mbedtls_mpi *T ) +static int mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, + mbedtls_mpi_uint mm, const mbedtls_mpi *T ) { mbedtls_mpi_uint z = 1; mbedtls_mpi U; @@ -1616,7 +1728,9 @@ static int mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, mbedtls_mpi_uint m /* * Sliding-window exponentiation: X = A^E mod N (HAC 14.85) */ -int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *E, const mbedtls_mpi *N, mbedtls_mpi *_RR ) +int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, + const mbedtls_mpi *E, const mbedtls_mpi *N, + mbedtls_mpi *_RR ) { int ret; size_t wbits, wsize, one = 1; @@ -1626,6 +1740,11 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi mbedtls_mpi RR, T, W[ 2 << MBEDTLS_MPI_WINDOW_SIZE ], Apos; int neg; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET( E != NULL ); + MPI_VALIDATE_RET( N != NULL ); + if( mbedtls_mpi_cmp_int( N, 0 ) <= 0 || ( N->p[0] & 1 ) == 0 ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); @@ -1830,6 +1949,10 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B size_t lz, lzt; mbedtls_mpi TG, TA, TB; + MPI_VALIDATE_RET( G != NULL ); + MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET( B != NULL ); + mbedtls_mpi_init( &TG ); mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TA, A ) ); @@ -1886,6 +2009,8 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size, { int ret; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( f_rng != NULL ); if( size > MBEDTLS_MPI_MAX_SIZE ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); @@ -1905,6 +2030,9 @@ int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi { int ret; mbedtls_mpi G, TA, TU, U1, U2, TB, TV, V1, V2; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( A != NULL ); + MPI_VALIDATE_RET( N != NULL ); if( mbedtls_mpi_cmp_int( N, 1 ) <= 0 ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); @@ -2056,15 +2184,19 @@ cleanup: /* * Miller-Rabin pseudo-primality test (HAC 4.24) */ -static int mpi_miller_rabin( const mbedtls_mpi *X, +static int mpi_miller_rabin( const mbedtls_mpi *X, size_t rounds, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret, count; - size_t i, j, k, n, s; + size_t i, j, k, s; mbedtls_mpi W, R, T, A, RR; - mbedtls_mpi_init( &W ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &A ); + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( f_rng != NULL ); + + mbedtls_mpi_init( &W ); mbedtls_mpi_init( &R ); + mbedtls_mpi_init( &T ); mbedtls_mpi_init( &A ); mbedtls_mpi_init( &RR ); /* @@ -2077,27 +2209,12 @@ static int mpi_miller_rabin( const mbedtls_mpi *X, MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &R, s ) ); i = mbedtls_mpi_bitlen( X ); - /* - * HAC, table 4.4 - */ - n = ( ( i >= 1300 ) ? 2 : ( i >= 850 ) ? 3 : - ( i >= 650 ) ? 4 : ( i >= 350 ) ? 8 : - ( i >= 250 ) ? 12 : ( i >= 150 ) ? 18 : 27 ); - for( i = 0; i < n; i++ ) + for( i = 0; i < rounds; i++ ) { /* * pick a random A, 1 < A < |X| - 1 */ - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &A, X->n * ciL, f_rng, p_rng ) ); - - if( mbedtls_mpi_cmp_mpi( &A, &W ) >= 0 ) - { - j = mbedtls_mpi_bitlen( &A ) - mbedtls_mpi_bitlen( &W ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &A, j + 1 ) ); - } - A.p[0] |= 3; - count = 0; do { MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &A, X->n * ciL, f_rng, p_rng ) ); @@ -2105,7 +2222,7 @@ static int mpi_miller_rabin( const mbedtls_mpi *X, j = mbedtls_mpi_bitlen( &A ); k = mbedtls_mpi_bitlen( &W ); if (j > k) { - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &A, j - k ) ); + A.p[A.n - 1] &= ( (mbedtls_mpi_uint) 1 << ( k - ( A.n - 1 ) * biL - 1 ) ) - 1; } if (count++ > 30) { @@ -2151,7 +2268,8 @@ static int mpi_miller_rabin( const mbedtls_mpi *X, } cleanup: - mbedtls_mpi_free( &W ); mbedtls_mpi_free( &R ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &A ); + mbedtls_mpi_free( &W ); mbedtls_mpi_free( &R ); + mbedtls_mpi_free( &T ); mbedtls_mpi_free( &A ); mbedtls_mpi_free( &RR ); return( ret ); @@ -2160,12 +2278,14 @@ cleanup: /* * Pseudo-primality test: small factors, then Miller-Rabin */ -int mbedtls_mpi_is_prime( const mbedtls_mpi *X, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) { int ret; mbedtls_mpi XX; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( f_rng != NULL ); XX.s = 1; XX.n = X->n; @@ -2186,17 +2306,37 @@ int mbedtls_mpi_is_prime( const mbedtls_mpi *X, return( ret ); } - return( mpi_miller_rabin( &XX, f_rng, p_rng ) ); + return( mpi_miller_rabin( &XX, rounds, f_rng, p_rng ) ); +} + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +/* + * Pseudo-primality test, error probability 2^-80 + */ +int mbedtls_mpi_is_prime( const mbedtls_mpi *X, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( f_rng != NULL ); + + /* + * In the past our key generation aimed for an error rate of at most + * 2^-80. Since this function is deprecated, aim for the same certainty + * here as well. + */ + return( mbedtls_mpi_is_prime_ext( X, 40, f_rng, p_rng ) ); } +#endif /* * Prime number generation * - * If dh_flag is 0 and nbits is at least 1024, then the procedure - * follows the RSA probably-prime generation method of FIPS 186-4. - * NB. FIPS 186-4 only allows the specific bit lengths of 1024 and 1536. + * To generate an RSA key in a way recommended by FIPS 186-4, both primes must + * be either 1024 bits or 1536 bits long, and flags must contain + * MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR. */ -int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int dh_flag, +int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { @@ -2209,9 +2349,13 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int dh_flag, #endif int ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; size_t k, n; + int rounds; mbedtls_mpi_uint r; mbedtls_mpi Y; + MPI_VALIDATE_RET( X != NULL ); + MPI_VALIDATE_RET( f_rng != NULL ); + if( nbits < 3 || nbits > MBEDTLS_MPI_MAX_BITS ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); @@ -2219,6 +2363,27 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int dh_flag, n = BITS_TO_LIMBS( nbits ); + if( ( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR ) == 0 ) + { + /* + * 2^-80 error probability, number of rounds chosen per HAC, table 4.4 + */ + rounds = ( ( nbits >= 1300 ) ? 2 : ( nbits >= 850 ) ? 3 : + ( nbits >= 650 ) ? 4 : ( nbits >= 350 ) ? 8 : + ( nbits >= 250 ) ? 12 : ( nbits >= 150 ) ? 18 : 27 ); + } + else + { + /* + * 2^-100 error probability, number of rounds computed based on HAC, + * fact 4.48 + */ + rounds = ( ( nbits >= 1450 ) ? 4 : ( nbits >= 1150 ) ? 5 : + ( nbits >= 1000 ) ? 6 : ( nbits >= 850 ) ? 7 : + ( nbits >= 750 ) ? 8 : ( nbits >= 500 ) ? 13 : + ( nbits >= 250 ) ? 28 : ( nbits >= 150 ) ? 40 : 51 ); + } + while( 1 ) { MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( X, n * ciL, f_rng, p_rng ) ); @@ -2229,9 +2394,9 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int dh_flag, if( k > nbits ) MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, k - nbits ) ); X->p[0] |= 1; - if( dh_flag == 0 ) + if( ( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH ) == 0 ) { - ret = mbedtls_mpi_is_prime( X, f_rng, p_rng ); + ret = mbedtls_mpi_is_prime_ext( X, rounds, f_rng, p_rng ); if( ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) goto cleanup; @@ -2264,8 +2429,10 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int dh_flag, */ if( ( ret = mpi_check_small_factors( X ) ) == 0 && ( ret = mpi_check_small_factors( &Y ) ) == 0 && - ( ret = mpi_miller_rabin( X, f_rng, p_rng ) ) == 0 && - ( ret = mpi_miller_rabin( &Y, f_rng, p_rng ) ) == 0 ) + ( ret = mpi_miller_rabin( X, rounds, f_rng, p_rng ) ) + == 0 && + ( ret = mpi_miller_rabin( &Y, rounds, f_rng, p_rng ) ) + == 0 ) goto cleanup; if( ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE ) diff --git a/thirdparty/mbedtls/library/blowfish.c b/thirdparty/mbedtls/library/blowfish.c index 5b6bb9885f..cbf9238246 100644 --- a/thirdparty/mbedtls/library/blowfish.c +++ b/thirdparty/mbedtls/library/blowfish.c @@ -40,6 +40,12 @@ #if !defined(MBEDTLS_BLOWFISH_ALT) +/* Parameter validation macros */ +#define BLOWFISH_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ) +#define BLOWFISH_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + /* * 32-bit integer manipulation macros (big endian) */ @@ -153,6 +159,7 @@ static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ) { + BLOWFISH_VALIDATE( ctx != NULL ); memset( ctx, 0, sizeof( mbedtls_blowfish_context ) ); } @@ -167,16 +174,20 @@ void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ) /* * Blowfish key schedule */ -int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key, - unsigned int keybits ) +int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, + const unsigned char *key, + unsigned int keybits ) { unsigned int i, j, k; uint32_t data, datal, datar; + BLOWFISH_VALIDATE_RET( ctx != NULL ); + BLOWFISH_VALIDATE_RET( key != NULL ); - if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS || keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS || - ( keybits % 8 ) ) + if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS || + keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS || + keybits % 8 != 0 ) { - return( MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH ); + return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); } keybits >>= 3; @@ -231,6 +242,11 @@ int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx, unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] ) { uint32_t X0, X1; + BLOWFISH_VALIDATE_RET( ctx != NULL ); + BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT || + mode == MBEDTLS_BLOWFISH_DECRYPT ); + BLOWFISH_VALIDATE_RET( input != NULL ); + BLOWFISH_VALIDATE_RET( output != NULL ); GET_UINT32_BE( X0, input, 0 ); GET_UINT32_BE( X1, input, 4 ); @@ -263,6 +279,12 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx, { int i; unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE]; + BLOWFISH_VALIDATE_RET( ctx != NULL ); + BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT || + mode == MBEDTLS_BLOWFISH_DECRYPT ); + BLOWFISH_VALIDATE_RET( iv != NULL ); + BLOWFISH_VALIDATE_RET( length == 0 || input != NULL ); + BLOWFISH_VALIDATE_RET( length == 0 || output != NULL ); if( length % MBEDTLS_BLOWFISH_BLOCKSIZE ) return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH ); @@ -317,7 +339,19 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx, unsigned char *output ) { int c; - size_t n = *iv_off; + size_t n; + + BLOWFISH_VALIDATE_RET( ctx != NULL ); + BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT || + mode == MBEDTLS_BLOWFISH_DECRYPT ); + BLOWFISH_VALIDATE_RET( iv != NULL ); + BLOWFISH_VALIDATE_RET( iv_off != NULL ); + BLOWFISH_VALIDATE_RET( length == 0 || input != NULL ); + BLOWFISH_VALIDATE_RET( length == 0 || output != NULL ); + + n = *iv_off; + if( n >= 8 ) + return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); if( mode == MBEDTLS_BLOWFISH_DECRYPT ) { @@ -365,7 +399,17 @@ int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx, unsigned char *output ) { int c, i; - size_t n = *nc_off; + size_t n; + BLOWFISH_VALIDATE_RET( ctx != NULL ); + BLOWFISH_VALIDATE_RET( nonce_counter != NULL ); + BLOWFISH_VALIDATE_RET( stream_block != NULL ); + BLOWFISH_VALIDATE_RET( nc_off != NULL ); + BLOWFISH_VALIDATE_RET( length == 0 || input != NULL ); + BLOWFISH_VALIDATE_RET( length == 0 || output != NULL ); + + n = *nc_off; + if( n >= 8 ) + return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA ); while( length-- ) { diff --git a/thirdparty/mbedtls/library/camellia.c b/thirdparty/mbedtls/library/camellia.c index 41b7da0fae..22262b89a8 100644 --- a/thirdparty/mbedtls/library/camellia.c +++ b/thirdparty/mbedtls/library/camellia.c @@ -49,6 +49,12 @@ #if !defined(MBEDTLS_CAMELLIA_ALT) +/* Parameter validation macros */ +#define CAMELLIA_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ) +#define CAMELLIA_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + /* * 32-bit integer manipulation macros (big endian) */ @@ -321,6 +327,7 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2], void mbedtls_camellia_init( mbedtls_camellia_context *ctx ) { + CAMELLIA_VALIDATE( ctx != NULL ); memset( ctx, 0, sizeof( mbedtls_camellia_context ) ); } @@ -335,8 +342,9 @@ void mbedtls_camellia_free( mbedtls_camellia_context *ctx ) /* * Camellia key schedule (encryption) */ -int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned char *key, - unsigned int keybits ) +int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, + const unsigned char *key, + unsigned int keybits ) { int idx; size_t i; @@ -346,6 +354,9 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned c uint32_t KC[16]; uint32_t TK[20]; + CAMELLIA_VALIDATE_RET( ctx != NULL ); + CAMELLIA_VALIDATE_RET( key != NULL ); + RK = ctx->rk; memset( t, 0, 64 ); @@ -356,7 +367,7 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned c case 128: ctx->nr = 3; idx = 0; break; case 192: case 256: ctx->nr = 4; idx = 1; break; - default : return( MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH ); + default : return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ); } for( i = 0; i < keybits / 8; ++i ) @@ -440,14 +451,17 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned c /* * Camellia key schedule (decryption) */ -int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, const unsigned char *key, - unsigned int keybits ) +int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, + const unsigned char *key, + unsigned int keybits ) { int idx, ret; size_t i; mbedtls_camellia_context cty; uint32_t *RK; uint32_t *SK; + CAMELLIA_VALIDATE_RET( ctx != NULL ); + CAMELLIA_VALIDATE_RET( key != NULL ); mbedtls_camellia_init( &cty ); @@ -495,6 +509,11 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, { int NR; uint32_t *RK, X[4]; + CAMELLIA_VALIDATE_RET( ctx != NULL ); + CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT || + mode == MBEDTLS_CAMELLIA_DECRYPT ); + CAMELLIA_VALIDATE_RET( input != NULL ); + CAMELLIA_VALIDATE_RET( output != NULL ); ( (void) mode ); @@ -552,14 +571,20 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx, * Camellia-CBC buffer encryption/decryption */ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ) + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ) { int i; unsigned char temp[16]; + CAMELLIA_VALIDATE_RET( ctx != NULL ); + CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT || + mode == MBEDTLS_CAMELLIA_DECRYPT ); + CAMELLIA_VALIDATE_RET( iv != NULL ); + CAMELLIA_VALIDATE_RET( length == 0 || input != NULL ); + CAMELLIA_VALIDATE_RET( length == 0 || output != NULL ); if( length % 16 ) return( MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH ); @@ -614,7 +639,18 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx, unsigned char *output ) { int c; - size_t n = *iv_off; + size_t n; + CAMELLIA_VALIDATE_RET( ctx != NULL ); + CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT || + mode == MBEDTLS_CAMELLIA_DECRYPT ); + CAMELLIA_VALIDATE_RET( iv != NULL ); + CAMELLIA_VALIDATE_RET( iv_off != NULL ); + CAMELLIA_VALIDATE_RET( length == 0 || input != NULL ); + CAMELLIA_VALIDATE_RET( length == 0 || output != NULL ); + + n = *iv_off; + if( n >= 16 ) + return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ); if( mode == MBEDTLS_CAMELLIA_DECRYPT ) { @@ -662,7 +698,17 @@ int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx, unsigned char *output ) { int c, i; - size_t n = *nc_off; + size_t n; + CAMELLIA_VALIDATE_RET( ctx != NULL ); + CAMELLIA_VALIDATE_RET( nonce_counter != NULL ); + CAMELLIA_VALIDATE_RET( stream_block != NULL ); + CAMELLIA_VALIDATE_RET( nc_off != NULL ); + CAMELLIA_VALIDATE_RET( length == 0 || input != NULL ); + CAMELLIA_VALIDATE_RET( length == 0 || output != NULL ); + + n = *nc_off; + if( n >= 16 ) + return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA ); while( length-- ) { diff --git a/thirdparty/mbedtls/library/ccm.c b/thirdparty/mbedtls/library/ccm.c index 804eaf80f1..01e58b0436 100644 --- a/thirdparty/mbedtls/library/ccm.c +++ b/thirdparty/mbedtls/library/ccm.c @@ -52,6 +52,11 @@ #if !defined(MBEDTLS_CCM_ALT) +#define CCM_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CCM_BAD_INPUT ) +#define CCM_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + #define CCM_ENCRYPT 0 #define CCM_DECRYPT 1 @@ -60,6 +65,7 @@ */ void mbedtls_ccm_init( mbedtls_ccm_context *ctx ) { + CCM_VALIDATE( ctx != NULL ); memset( ctx, 0, sizeof( mbedtls_ccm_context ) ); } @@ -71,6 +77,9 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, int ret; const mbedtls_cipher_info_t *cipher_info; + CCM_VALIDATE_RET( ctx != NULL ); + CCM_VALIDATE_RET( key != NULL ); + cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, MBEDTLS_MODE_ECB ); if( cipher_info == NULL ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); @@ -97,6 +106,8 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, */ void mbedtls_ccm_free( mbedtls_ccm_context *ctx ) { + if( ctx == NULL ) + return; mbedtls_cipher_free( &ctx->cipher_ctx ); mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ccm_context ) ); } @@ -310,6 +321,12 @@ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len ) { + CCM_VALIDATE_RET( ctx != NULL ); + CCM_VALIDATE_RET( iv != NULL ); + CCM_VALIDATE_RET( add_len == 0 || add != NULL ); + CCM_VALIDATE_RET( length == 0 || input != NULL ); + CCM_VALIDATE_RET( length == 0 || output != NULL ); + CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); return( ccm_auth_crypt( ctx, CCM_ENCRYPT, length, iv, iv_len, add, add_len, input, output, tag, tag_len ) ); } @@ -320,6 +337,12 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len ) { + CCM_VALIDATE_RET( ctx != NULL ); + CCM_VALIDATE_RET( iv != NULL ); + CCM_VALIDATE_RET( add_len == 0 || add != NULL ); + CCM_VALIDATE_RET( length == 0 || input != NULL ); + CCM_VALIDATE_RET( length == 0 || output != NULL ); + CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); if( tag_len == 0 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); @@ -341,6 +364,13 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, unsigned char i; int diff; + CCM_VALIDATE_RET( ctx != NULL ); + CCM_VALIDATE_RET( iv != NULL ); + CCM_VALIDATE_RET( add_len == 0 || add != NULL ); + CCM_VALIDATE_RET( length == 0 || input != NULL ); + CCM_VALIDATE_RET( length == 0 || output != NULL ); + CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); + if( ( ret = ccm_auth_crypt( ctx, CCM_DECRYPT, length, iv, iv_len, add, add_len, input, output, check_tag, tag_len ) ) != 0 ) @@ -367,6 +397,13 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len ) { + CCM_VALIDATE_RET( ctx != NULL ); + CCM_VALIDATE_RET( iv != NULL ); + CCM_VALIDATE_RET( add_len == 0 || add != NULL ); + CCM_VALIDATE_RET( length == 0 || input != NULL ); + CCM_VALIDATE_RET( length == 0 || output != NULL ); + CCM_VALIDATE_RET( tag_len == 0 || tag != NULL ); + if( tag_len == 0 ) return( MBEDTLS_ERR_CCM_BAD_INPUT ); @@ -381,7 +418,8 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, */ #define NB_TESTS 3 - +#define CCM_SELFTEST_PT_MAX_LEN 24 +#define CCM_SELFTEST_CT_MAX_LEN 32 /* * The data is the same for all tests, only the used length changes */ @@ -401,7 +439,7 @@ static const unsigned char ad[] = { 0x10, 0x11, 0x12, 0x13 }; -static const unsigned char msg[] = { +static const unsigned char msg[CCM_SELFTEST_PT_MAX_LEN] = { 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, @@ -412,7 +450,7 @@ static const size_t add_len[NB_TESTS] = { 8, 16, 20 }; static const size_t msg_len[NB_TESTS] = { 4, 16, 24 }; static const size_t tag_len[NB_TESTS] = { 4, 6, 8 }; -static const unsigned char res[NB_TESTS][32] = { +static const unsigned char res[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = { { 0x71, 0x62, 0x01, 0x5b, 0x4d, 0xac, 0x25, 0x5d }, { 0xd2, 0xa1, 0xf0, 0xe0, 0x51, 0xea, 0x5f, 0x62, 0x08, 0x1a, 0x77, 0x92, 0x07, 0x3d, 0x59, 0x3d, @@ -426,7 +464,13 @@ static const unsigned char res[NB_TESTS][32] = { int mbedtls_ccm_self_test( int verbose ) { mbedtls_ccm_context ctx; - unsigned char out[32]; + /* + * Some hardware accelerators require the input and output buffers + * would be in RAM, because the flash is not accessible. + * Use buffers on the stack to hold the test vectors data. + */ + unsigned char plaintext[CCM_SELFTEST_PT_MAX_LEN]; + unsigned char ciphertext[CCM_SELFTEST_CT_MAX_LEN]; size_t i; int ret; @@ -445,27 +489,32 @@ int mbedtls_ccm_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " CCM-AES #%u: ", (unsigned int) i + 1 ); + memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN ); + memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN ); + memcpy( plaintext, msg, msg_len[i] ); + ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len[i], - iv, iv_len[i], ad, add_len[i], - msg, out, - out + msg_len[i], tag_len[i] ); + iv, iv_len[i], ad, add_len[i], + plaintext, ciphertext, + ciphertext + msg_len[i], tag_len[i] ); if( ret != 0 || - memcmp( out, res[i], msg_len[i] + tag_len[i] ) != 0 ) + memcmp( ciphertext, res[i], msg_len[i] + tag_len[i] ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); return( 1 ); } + memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN ); ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len[i], - iv, iv_len[i], ad, add_len[i], - res[i], out, - res[i] + msg_len[i], tag_len[i] ); + iv, iv_len[i], ad, add_len[i], + ciphertext, plaintext, + ciphertext + msg_len[i], tag_len[i] ); if( ret != 0 || - memcmp( out, msg, msg_len[i] ) != 0 ) + memcmp( plaintext, msg, msg_len[i] ) != 0 ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); diff --git a/thirdparty/mbedtls/library/certs.c b/thirdparty/mbedtls/library/certs.c index f1379b8cb1..ff0f11e923 100644 --- a/thirdparty/mbedtls/library/certs.c +++ b/thirdparty/mbedtls/library/certs.c @@ -218,12 +218,13 @@ const size_t mbedtls_test_ca_key_rsa_len = sizeof( mbedtls_test_ca_key_rsa ); const char mbedtls_test_ca_pwd_rsa[] = "PolarSSLTest"; const size_t mbedtls_test_ca_pwd_rsa_len = sizeof( mbedtls_test_ca_pwd_rsa ) - 1; +/* tests/data_files/server2.crt */ const char mbedtls_test_srv_crt_rsa[] = "-----BEGIN CERTIFICATE-----\r\n" "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" -"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" +"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" "MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" -"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" +"A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" @@ -231,16 +232,17 @@ const char mbedtls_test_srv_crt_rsa[] = "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" -"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJxnXClY\r\n" -"oHkbp70cqBrsGXLybA74czbO5RdLEgFs7rHVS9r+c293luS/KdliLScZqAzYVylw\r\n" -"UfRWvKMoWhHYKp3dEIS4xTXk6/5zXxhv9Rw8SGc8qn6vITHk1S1mPevtekgasY5Y\r\n" -"iWQuM3h4YVlRH3HHEMAD1TnAexfXHHDFQGe+Bd1iAbz1/sH9H8l4StwX6egvTK3M\r\n" -"wXRwkKkvjKaEDA9ATbZx0mI8LGsxSuCqe9r9dyjmttd47J1p1Rulz3CLzaRcVIuS\r\n" -"RRQfaD8neM9c1S/iJ/amTVqJxA1KOdOS5780WhPfSArA+g4qAmSjelc3p4wWpha8\r\n" -"zhuYwjVuX6JHG0c=\r\n" +"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAAFzC0rF\r\n" +"y6De8WMcdgQrEw3AhBHFjzqnxZw1ene4IBSC7lTw8rBSy3jOWQdPUWn+0y/pCeeF\r\n" +"kti6sevFdl1hLemGtd4q+T9TKEKGg3ND4ARfB5AUZZ9uEHq8WBkiwus5clGS17Qd\r\n" +"dS/TOisB59tQruLx1E1bPLtBKyqk4koC5WAULJwfpswGSyWJTpYwIpxcWE3D2tBu\r\n" +"UB6MZfXZFzWmWEOyKbeoXjXe8GBCGgHLywvYDsGQ36HSGtEsAvR2QaTLSxWYcfk1\r\n" +"fbDn4jSWkb4yZy1r01UEigFQtONieGwRFaUqEcFJHJvEEGVgh9keaVlOj2vrwf5r\r\n" +"4mN4lW7gLdenN6g=\r\n" "-----END CERTIFICATE-----\r\n"; const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa ); +/* tests/data_files/server2.key */ const char mbedtls_test_srv_key_rsa[] = "-----BEGIN RSA PRIVATE KEY-----\r\n" "MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n" @@ -271,11 +273,12 @@ const char mbedtls_test_srv_key_rsa[] = "-----END RSA PRIVATE KEY-----\r\n"; const size_t mbedtls_test_srv_key_rsa_len = sizeof( mbedtls_test_srv_key_rsa ); +/* tests/data_files/cli-rsa-sha256.crt */ const char mbedtls_test_cli_crt_rsa[] = "-----BEGIN CERTIFICATE-----\r\n" -"MIIDhTCCAm2gAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" +"MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" -"MTcwNTA1MTMwNzU5WhcNMjcwNTA2MTMwNzU5WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n" +"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n" "A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n" "BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n" "M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n" @@ -283,18 +286,18 @@ const char mbedtls_test_cli_crt_rsa[] = "MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n" "4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n" "/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n" -"o4GSMIGPMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITBjBgNVHSMEXDBa\r\n" -"gBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNV\r\n" -"BAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEAMAkGA1Ud\r\n" -"EwQCMAAwDQYJKoZIhvcNAQELBQADggEBAC7yO786NvcHpK8UovKIG9cB32oSQQom\r\n" -"LoR0eHDRzdqEkoq7yGZufHFiRAAzbMqJfogRtxlrWAeB4y/jGaMBV25IbFOIcH2W\r\n" -"iCEaMMbG+VQLKNvuC63kmw/Zewc9ThM6Pa1Hcy0axT0faf1B/U01j0FIcw/6mTfK\r\n" -"D8w48OIwc1yr0JtutCVjig5DC0yznGMt32RyseOLcUe+lfq005v2PAiCozr5X8rE\r\n" -"ofGZpiM2NqRPePgYy+Vc75Zk28xkRQq1ncprgQb3S4vTsZdScpM9hLf+eMlrgqlj\r\n" -"c5PLSkXBeLE5+fedkyfTaLxxQlgCpuoOhKBm04/R1pWNzUHyqagjO9Q=\r\n" +"o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n" +"BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsFAAOC\r\n" +"AQEAlHabem2Tu69VUN7EipwnQn1dIHdgvT5i+iQHpSxY1crPnBbAeSdAXwsVEqLQ\r\n" +"gOOIAQD5VIITNuoGgo4i+4OpNh9u7ZkpRHla+/swsfrFWRRbBNP5Bcu74AGLstwU\r\n" +"zM8gIkBiyfM1Q1qDQISV9trlCG6O8vh8dp/rbI3rfzo99BOHXgFCrzXjCuW4vDsF\r\n" +"r+Dao26bX3sJ6UnEWg1H3o2x6PpUcvQ36h71/bz4TEbbUUEpe02V4QWuL+wrhHJL\r\n" +"U7o3SVE3Og7jPF8sat0a50YUWhwEFI256m02KAXLg89ueUyYKEr6rNwhcvXJpvU9\r\n" +"giIVvd0Sbjjnn7NC4VDbcXV8vw==\r\n" "-----END CERTIFICATE-----\r\n"; const size_t mbedtls_test_cli_crt_rsa_len = sizeof( mbedtls_test_cli_crt_rsa ); +/* tests/data_files/cli-rsa.key */ const char mbedtls_test_cli_key_rsa[] = "-----BEGIN RSA PRIVATE KEY-----\r\n" "MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n" diff --git a/thirdparty/mbedtls/library/chacha20.c b/thirdparty/mbedtls/library/chacha20.c index d14a51e044..0757163e2f 100644 --- a/thirdparty/mbedtls/library/chacha20.c +++ b/thirdparty/mbedtls/library/chacha20.c @@ -53,6 +53,12 @@ #define inline __inline #endif +/* Parameter validation macros */ +#define CHACHA20_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA ) +#define CHACHA20_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + #define BYTES_TO_U32_LE( data, offset ) \ ( (uint32_t) data[offset] \ | (uint32_t) ( (uint32_t) data[( offset ) + 1] << 8 ) \ @@ -181,14 +187,13 @@ static void chacha20_block( const uint32_t initial_state[16], void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx ) { - if( ctx != NULL ) - { - mbedtls_platform_zeroize( ctx->state, sizeof( ctx->state ) ); - mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); + CHACHA20_VALIDATE( ctx != NULL ); - /* Initially, there's no keystream bytes available */ - ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES; - } + mbedtls_platform_zeroize( ctx->state, sizeof( ctx->state ) ); + mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) ); + + /* Initially, there's no keystream bytes available */ + ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES; } void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ) @@ -202,10 +207,8 @@ void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx ) int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx, const unsigned char key[32] ) { - if( ( ctx == NULL ) || ( key == NULL ) ) - { - return( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA ); - } + CHACHA20_VALIDATE_RET( ctx != NULL ); + CHACHA20_VALIDATE_RET( key != NULL ); /* ChaCha20 constants - the string "expand 32-byte k" */ ctx->state[0] = 0x61707865; @@ -230,10 +233,8 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx, const unsigned char nonce[12], uint32_t counter ) { - if( ( ctx == NULL ) || ( nonce == NULL ) ) - { - return( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA ); - } + CHACHA20_VALIDATE_RET( ctx != NULL ); + CHACHA20_VALIDATE_RET( nonce != NULL ); /* Counter */ ctx->state[12] = counter; @@ -259,15 +260,9 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx, size_t offset = 0U; size_t i; - if( ctx == NULL ) - { - return( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA ); - } - else if( ( size > 0U ) && ( ( input == NULL ) || ( output == NULL ) ) ) - { - /* input and output pointers are allowed to be NULL only if size == 0 */ - return( MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA ); - } + CHACHA20_VALIDATE_RET( ctx != NULL ); + CHACHA20_VALIDATE_RET( size == 0 || input != NULL ); + CHACHA20_VALIDATE_RET( size == 0 || output != NULL ); /* Use leftover keystream bytes, if available */ while( size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES ) @@ -332,6 +327,11 @@ int mbedtls_chacha20_crypt( const unsigned char key[32], mbedtls_chacha20_context ctx; int ret; + CHACHA20_VALIDATE_RET( key != NULL ); + CHACHA20_VALIDATE_RET( nonce != NULL ); + CHACHA20_VALIDATE_RET( data_len == 0 || input != NULL ); + CHACHA20_VALIDATE_RET( data_len == 0 || output != NULL ); + mbedtls_chacha20_init( &ctx ); ret = mbedtls_chacha20_setkey( &ctx, key ); diff --git a/thirdparty/mbedtls/library/chachapoly.c b/thirdparty/mbedtls/library/chachapoly.c index 860f877653..dc643dd618 100644 --- a/thirdparty/mbedtls/library/chachapoly.c +++ b/thirdparty/mbedtls/library/chachapoly.c @@ -44,6 +44,12 @@ #if !defined(MBEDTLS_CHACHAPOLY_ALT) +/* Parameter validation macros */ +#define CHACHAPOLY_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ) +#define CHACHAPOLY_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + #define CHACHAPOLY_STATE_INIT ( 0 ) #define CHACHAPOLY_STATE_AAD ( 1 ) #define CHACHAPOLY_STATE_CIPHERTEXT ( 2 ) /* Encrypting or decrypting */ @@ -90,39 +96,35 @@ static int chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx ) void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx ) { - if( ctx != NULL ) - { - mbedtls_chacha20_init( &ctx->chacha20_ctx ); - mbedtls_poly1305_init( &ctx->poly1305_ctx ); - ctx->aad_len = 0U; - ctx->ciphertext_len = 0U; - ctx->state = CHACHAPOLY_STATE_INIT; - ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; - } + CHACHAPOLY_VALIDATE( ctx != NULL ); + + mbedtls_chacha20_init( &ctx->chacha20_ctx ); + mbedtls_poly1305_init( &ctx->poly1305_ctx ); + ctx->aad_len = 0U; + ctx->ciphertext_len = 0U; + ctx->state = CHACHAPOLY_STATE_INIT; + ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; } void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx ) { - if( ctx != NULL ) - { - mbedtls_chacha20_free( &ctx->chacha20_ctx ); - mbedtls_poly1305_free( &ctx->poly1305_ctx ); - ctx->aad_len = 0U; - ctx->ciphertext_len = 0U; - ctx->state = CHACHAPOLY_STATE_INIT; - ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; - } + if( ctx == NULL ) + return; + + mbedtls_chacha20_free( &ctx->chacha20_ctx ); + mbedtls_poly1305_free( &ctx->poly1305_ctx ); + ctx->aad_len = 0U; + ctx->ciphertext_len = 0U; + ctx->state = CHACHAPOLY_STATE_INIT; + ctx->mode = MBEDTLS_CHACHAPOLY_ENCRYPT; } int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx, const unsigned char key[32] ) { int ret; - - if( ( ctx == NULL ) || ( key == NULL ) ) - { - return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); - } + CHACHAPOLY_VALIDATE_RET( ctx != NULL ); + CHACHAPOLY_VALIDATE_RET( key != NULL ); ret = mbedtls_chacha20_setkey( &ctx->chacha20_ctx, key ); @@ -135,11 +137,8 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, { int ret; unsigned char poly1305_key[64]; - - if( ( ctx == NULL ) || ( nonce == NULL ) ) - { - return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); - } + CHACHAPOLY_VALIDATE_RET( ctx != NULL ); + CHACHAPOLY_VALIDATE_RET( nonce != NULL ); /* Set counter = 0, will be update to 1 when generating Poly1305 key */ ret = mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 0U ); @@ -176,19 +175,11 @@ int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx, const unsigned char *aad, size_t aad_len ) { - if( ctx == NULL ) - { - return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); - } - else if( ( aad_len > 0U ) && ( aad == NULL ) ) - { - /* aad pointer is allowed to be NULL if aad_len == 0 */ - return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); - } - else if( ctx->state != CHACHAPOLY_STATE_AAD ) - { + CHACHAPOLY_VALIDATE_RET( ctx != NULL ); + CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL ); + + if( ctx->state != CHACHAPOLY_STATE_AAD ) return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); - } ctx->aad_len += aad_len; @@ -201,18 +192,12 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx, unsigned char *output ) { int ret; + CHACHAPOLY_VALIDATE_RET( ctx != NULL ); + CHACHAPOLY_VALIDATE_RET( len == 0 || input != NULL ); + CHACHAPOLY_VALIDATE_RET( len == 0 || output != NULL ); - if( ctx == NULL ) - { - return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); - } - else if( ( len > 0U ) && ( ( input == NULL ) || ( output == NULL ) ) ) - { - /* input and output pointers are allowed to be NULL if len == 0 */ - return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); - } - else if( ( ctx->state != CHACHAPOLY_STATE_AAD ) && - ( ctx->state != CHACHAPOLY_STATE_CIPHERTEXT ) ) + if( ( ctx->state != CHACHAPOLY_STATE_AAD ) && + ( ctx->state != CHACHAPOLY_STATE_CIPHERTEXT ) ) { return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); } @@ -257,12 +242,10 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx, { int ret; unsigned char len_block[16]; + CHACHAPOLY_VALIDATE_RET( ctx != NULL ); + CHACHAPOLY_VALIDATE_RET( mac != NULL ); - if( ( ctx == NULL ) || ( mac == NULL ) ) - { - return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); - } - else if( ctx->state == CHACHAPOLY_STATE_INIT ) + if( ctx->state == CHACHAPOLY_STATE_INIT ) { return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE ); } @@ -350,6 +333,13 @@ int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx, unsigned char *output, unsigned char tag[16] ) { + CHACHAPOLY_VALIDATE_RET( ctx != NULL ); + CHACHAPOLY_VALIDATE_RET( nonce != NULL ); + CHACHAPOLY_VALIDATE_RET( tag != NULL ); + CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL ); + CHACHAPOLY_VALIDATE_RET( length == 0 || input != NULL ); + CHACHAPOLY_VALIDATE_RET( length == 0 || output != NULL ); + return( chachapoly_crypt_and_tag( ctx, MBEDTLS_CHACHAPOLY_ENCRYPT, length, nonce, aad, aad_len, input, output, tag ) ); @@ -368,9 +358,12 @@ int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx, unsigned char check_tag[16]; size_t i; int diff; - - if( tag == NULL ) - return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); + CHACHAPOLY_VALIDATE_RET( ctx != NULL ); + CHACHAPOLY_VALIDATE_RET( nonce != NULL ); + CHACHAPOLY_VALIDATE_RET( tag != NULL ); + CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL ); + CHACHAPOLY_VALIDATE_RET( length == 0 || input != NULL ); + CHACHAPOLY_VALIDATE_RET( length == 0 || output != NULL ); if( ( ret = chachapoly_crypt_and_tag( ctx, MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce, diff --git a/thirdparty/mbedtls/library/cipher.c b/thirdparty/mbedtls/library/cipher.c index 7ae6c4ac5d..273997577b 100644 --- a/thirdparty/mbedtls/library/cipher.c +++ b/thirdparty/mbedtls/library/cipher.c @@ -65,6 +65,11 @@ #define mbedtls_free free #endif +#define CIPHER_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ) +#define CIPHER_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) /* Compare the contents of two buffers in constant time. * Returns 0 if the contents are bitwise identical, otherwise returns @@ -81,7 +86,7 @@ static int mbedtls_constant_time_memcmp( const void *v1, const void *v2, size_t for( diff = 0, i = 0; i < len; i++ ) diff |= p1[i] ^ p2[i]; - return (int)diff; + return( (int)diff ); } #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ @@ -150,6 +155,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_ciph void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ) { + CIPHER_VALIDATE( ctx != NULL ); memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); } @@ -175,7 +181,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ) int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info ) { - if( NULL == cipher_info || NULL == ctx ) + CIPHER_VALIDATE_RET( ctx != NULL ); + if( cipher_info == NULL ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); @@ -199,10 +206,16 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_in return( 0 ); } -int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key, - int key_bitlen, const mbedtls_operation_t operation ) +int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, + const unsigned char *key, + int key_bitlen, + const mbedtls_operation_t operation ) { - if( NULL == ctx || NULL == ctx->cipher_info ) + CIPHER_VALIDATE_RET( ctx != NULL ); + CIPHER_VALIDATE_RET( key != NULL ); + CIPHER_VALIDATE_RET( operation == MBEDTLS_ENCRYPT || + operation == MBEDTLS_DECRYPT ); + if( ctx->cipher_info == NULL ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 && @@ -222,23 +235,26 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *k MBEDTLS_MODE_OFB == ctx->cipher_info->mode || MBEDTLS_MODE_CTR == ctx->cipher_info->mode ) { - return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key, - ctx->key_bitlen ); + return( ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key, + ctx->key_bitlen ) ); } if( MBEDTLS_DECRYPT == operation ) - return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key, - ctx->key_bitlen ); + return( ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key, + ctx->key_bitlen ) ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, - const unsigned char *iv, size_t iv_len ) + const unsigned char *iv, + size_t iv_len ) { size_t actual_iv_size; - if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv ) + CIPHER_VALIDATE_RET( ctx != NULL ); + CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); + if( ctx->cipher_info == NULL ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); /* avoid buffer overflow in ctx->iv */ @@ -268,15 +284,19 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, } #endif - memcpy( ctx->iv, iv, actual_iv_size ); - ctx->iv_size = actual_iv_size; + if ( actual_iv_size != 0 ) + { + memcpy( ctx->iv, iv, actual_iv_size ); + ctx->iv_size = actual_iv_size; + } return( 0 ); } int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ) { - if( NULL == ctx || NULL == ctx->cipher_info ) + CIPHER_VALIDATE_RET( ctx != NULL ); + if( ctx->cipher_info == NULL ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); ctx->unprocessed_len = 0; @@ -288,14 +308,16 @@ int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ) int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len ) { - if( NULL == ctx || NULL == ctx->cipher_info ) + CIPHER_VALIDATE_RET( ctx != NULL ); + CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); + if( ctx->cipher_info == NULL ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { - return mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation, - ctx->iv, ctx->iv_size, ad, ad_len ); + return( mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation, + ctx->iv, ctx->iv_size, ad, ad_len ) ); } #endif @@ -315,8 +337,8 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, if ( result != 0 ) return( result ); - return mbedtls_chachapoly_update_aad( (mbedtls_chachapoly_context*) ctx->cipher_ctx, - ad, ad_len ); + return( mbedtls_chachapoly_update_aad( (mbedtls_chachapoly_context*) ctx->cipher_ctx, + ad, ad_len ) ); } #endif @@ -328,12 +350,14 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i size_t ilen, unsigned char *output, size_t *olen ) { int ret; - size_t block_size = 0; + size_t block_size; - if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen ) - { + CIPHER_VALIDATE_RET( ctx != NULL ); + CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); + CIPHER_VALIDATE_RET( output != NULL ); + CIPHER_VALIDATE_RET( olen != NULL ); + if( ctx->cipher_info == NULL ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - } *olen = 0; block_size = mbedtls_cipher_get_block_size( ctx ); @@ -358,8 +382,8 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i if( ctx->cipher_info->mode == MBEDTLS_MODE_GCM ) { *olen = ilen; - return mbedtls_gcm_update( (mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input, - output ); + return( mbedtls_gcm_update( (mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input, + output ) ); } #endif @@ -367,14 +391,14 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 ) { *olen = ilen; - return mbedtls_chachapoly_update( (mbedtls_chachapoly_context*) ctx->cipher_ctx, - ilen, input, output ); + return( mbedtls_chachapoly_update( (mbedtls_chachapoly_context*) ctx->cipher_ctx, + ilen, input, output ) ); } #endif if ( 0 == block_size ) { - return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT; + return( MBEDTLS_ERR_CIPHER_INVALID_CONTEXT ); } if( input == output && @@ -437,7 +461,7 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i { if( 0 == block_size ) { - return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT; + return( MBEDTLS_ERR_CIPHER_INVALID_CONTEXT ); } /* Encryption: only cache partial blocks @@ -738,7 +762,10 @@ static int get_no_padding( unsigned char *input, size_t input_len, int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen ) { - if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen ) + CIPHER_VALIDATE_RET( ctx != NULL ); + CIPHER_VALIDATE_RET( output != NULL ); + CIPHER_VALIDATE_RET( olen != NULL ); + if( ctx->cipher_info == NULL ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); *olen = 0; @@ -808,8 +835,8 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, /* Set output size for decryption */ if( MBEDTLS_DECRYPT == ctx->operation ) - return ctx->get_padding( output, mbedtls_cipher_get_block_size( ctx ), - olen ); + return( ctx->get_padding( output, mbedtls_cipher_get_block_size( ctx ), + olen ) ); /* Set output size for encryption */ *olen = mbedtls_cipher_get_block_size( ctx ); @@ -823,10 +850,12 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, } #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) -int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode ) +int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, + mbedtls_cipher_padding_t mode ) { - if( NULL == ctx || - MBEDTLS_MODE_CBC != ctx->cipher_info->mode ) + CIPHER_VALIDATE_RET( ctx != NULL ); + + if( NULL == ctx->cipher_info || MBEDTLS_MODE_CBC != ctx->cipher_info->mode ) { return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } @@ -874,7 +903,9 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_ciph int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len ) { - if( NULL == ctx || NULL == ctx->cipher_info || NULL == tag ) + CIPHER_VALIDATE_RET( ctx != NULL ); + CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); + if( ctx->cipher_info == NULL ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); if( MBEDTLS_ENCRYPT != ctx->operation ) @@ -882,7 +913,8 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) - return mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, tag, tag_len ); + return( mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, + tag, tag_len ) ); #endif #if defined(MBEDTLS_CHACHAPOLY_C) @@ -892,8 +924,8 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, if ( tag_len != 16U ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - return mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx, - tag ); + return( mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx, + tag ) ); } #endif @@ -906,8 +938,12 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, unsigned char check_tag[16]; int ret; - if( NULL == ctx || NULL == ctx->cipher_info || - MBEDTLS_DECRYPT != ctx->operation ) + CIPHER_VALIDATE_RET( ctx != NULL ); + CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); + if( ctx->cipher_info == NULL ) + return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); + + if( MBEDTLS_DECRYPT != ctx->operation ) { return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); } @@ -969,6 +1005,12 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, int ret; size_t finish_olen; + CIPHER_VALIDATE_RET( ctx != NULL ); + CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL ); + CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); + CIPHER_VALIDATE_RET( output != NULL ); + CIPHER_VALIDATE_RET( olen != NULL ); + if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 ) return( ret ); @@ -997,6 +1039,14 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen, unsigned char *tag, size_t tag_len ) { + CIPHER_VALIDATE_RET( ctx != NULL ); + CIPHER_VALIDATE_RET( iv != NULL ); + CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); + CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); + CIPHER_VALIDATE_RET( output != NULL ); + CIPHER_VALIDATE_RET( olen != NULL ); + CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); + #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { @@ -1044,6 +1094,14 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen, const unsigned char *tag, size_t tag_len ) { + CIPHER_VALIDATE_RET( ctx != NULL ); + CIPHER_VALIDATE_RET( iv != NULL ); + CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL ); + CIPHER_VALIDATE_RET( ilen == 0 || input != NULL ); + CIPHER_VALIDATE_RET( output != NULL ); + CIPHER_VALIDATE_RET( olen != NULL ); + CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL ); + #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { diff --git a/thirdparty/mbedtls/library/cipher_wrap.c b/thirdparty/mbedtls/library/cipher_wrap.c index 893490acc8..6dd8c5d3a9 100644 --- a/thirdparty/mbedtls/library/cipher_wrap.c +++ b/thirdparty/mbedtls/library/cipher_wrap.c @@ -258,7 +258,7 @@ static const mbedtls_cipher_info_t aes_128_ecb_info = { MBEDTLS_MODE_ECB, 128, "AES-128-ECB", - 16, + 0, 0, 16, &aes_info @@ -269,7 +269,7 @@ static const mbedtls_cipher_info_t aes_192_ecb_info = { MBEDTLS_MODE_ECB, 192, "AES-192-ECB", - 16, + 0, 0, 16, &aes_info @@ -280,7 +280,7 @@ static const mbedtls_cipher_info_t aes_256_ecb_info = { MBEDTLS_MODE_ECB, 256, "AES-256-ECB", - 16, + 0, 0, 16, &aes_info diff --git a/thirdparty/mbedtls/library/ctr_drbg.c b/thirdparty/mbedtls/library/ctr_drbg.c index d0e5ba862d..fb121575bb 100644 --- a/thirdparty/mbedtls/library/ctr_drbg.c +++ b/thirdparty/mbedtls/library/ctr_drbg.c @@ -66,6 +66,18 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ) * Non-public function wrapped by mbedtls_ctr_drbg_seed(). Necessary to allow * NIST tests to succeed (which require known length fixed entropy) */ +/* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) + * mbedtls_ctr_drbg_seed_entropy_len(ctx, f_entropy, p_entropy, + * custom, len, entropy_len) + * implements + * CTR_DRBG_Instantiate(entropy_input, nonce, personalization_string, + * security_strength) -> initial_working_state + * with inputs + * custom[:len] = nonce || personalization_string + * where entropy_input comes from f_entropy for entropy_len bytes + * and with outputs + * ctx = initial_working_state + */ int mbedtls_ctr_drbg_seed_entropy_len( mbedtls_ctr_drbg_context *ctx, int (*f_entropy)(void *, unsigned char *, size_t), @@ -256,6 +268,14 @@ exit: return( ret ); } +/* CTR_DRBG_Update (SP 800-90A §10.2.1.2) + * ctr_drbg_update_internal(ctx, provided_data) + * implements + * CTR_DRBG_Update(provided_data, Key, V) + * with inputs and outputs + * ctx->aes_ctx = Key + * ctx->counter = V + */ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx, const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN] ) { @@ -279,9 +299,7 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx, * Crypt counter block */ if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p ) ) != 0 ) - { - return( ret ); - } + goto exit; p += MBEDTLS_CTR_DRBG_BLOCKSIZE; } @@ -293,31 +311,71 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx, * Update key and counter */ if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 ) - { - return( ret ); - } + goto exit; memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE ); - return( 0 ); +exit: + mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); + return( ret ); } -void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, size_t add_len ) +/* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2) + * mbedtls_ctr_drbg_update(ctx, additional, add_len) + * implements + * CTR_DRBG_Instantiate(entropy_input, nonce, personalization_string, + * security_strength) -> initial_working_state + * with inputs + * ctx->counter = all-bits-0 + * ctx->aes_ctx = context from all-bits-0 key + * additional[:add_len] = entropy_input || nonce || personalization_string + * and with outputs + * ctx = initial_working_state + */ +int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t add_len ) { unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN]; + int ret; - if( add_len > 0 ) - { - /* MAX_INPUT would be more logical here, but we have to match - * block_cipher_df()'s limits since we can't propagate errors */ - if( add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) - add_len = MBEDTLS_CTR_DRBG_MAX_SEED_INPUT; + if( add_len == 0 ) + return( 0 ); - block_cipher_df( add_input, additional, add_len ); - ctr_drbg_update_internal( ctx, add_input ); - } + if( ( ret = block_cipher_df( add_input, additional, add_len ) ) != 0 ) + goto exit; + if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 ) + goto exit; + +exit: + mbedtls_platform_zeroize( add_input, sizeof( add_input ) ); + return( ret ); } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx, + const unsigned char *additional, + size_t add_len ) +{ + /* MAX_INPUT would be more logical here, but we have to match + * block_cipher_df()'s limits since we can't propagate errors */ + if( add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) + add_len = MBEDTLS_CTR_DRBG_MAX_SEED_INPUT; + (void) mbedtls_ctr_drbg_update_ret( ctx, additional, add_len ); +} +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + +/* CTR_DRBG_Reseed with derivation function (SP 800-90A §10.2.1.4.2) + * mbedtls_ctr_drbg_reseed(ctx, additional, len) + * implements + * CTR_DRBG_Reseed(working_state, entropy_input, additional_input) + * -> new_working_state + * with inputs + * ctx contains working_state + * additional[:len] = additional_input + * and entropy_input comes from calling ctx->f_entropy + * and with output + * ctx contains new_working_state + */ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t len ) { @@ -355,22 +413,39 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, * Reduce to 384 bits */ if( ( ret = block_cipher_df( seed, seed, seedlen ) ) != 0 ) - { - return( ret ); - } + goto exit; /* * Update state */ if( ( ret = ctr_drbg_update_internal( ctx, seed ) ) != 0 ) - { - return( ret ); - } + goto exit; ctx->reseed_counter = 1; - return( 0 ); +exit: + mbedtls_platform_zeroize( seed, sizeof( seed ) ); + return( ret ); } +/* CTR_DRBG_Generate with derivation function (SP 800-90A §10.2.1.5.2) + * mbedtls_ctr_drbg_random_with_add(ctx, output, output_len, additional, add_len) + * implements + * CTR_DRBG_Reseed(working_state, entropy_input, additional[:add_len]) + * -> working_state_after_reseed + * if required, then + * CTR_DRBG_Generate(working_state_after_reseed, + * requested_number_of_bits, additional_input) + * -> status, returned_bits, new_working_state + * with inputs + * ctx contains working_state + * requested_number_of_bits = 8 * output_len + * additional[:add_len] = additional_input + * and entropy_input comes from calling ctx->f_entropy + * and with outputs + * status = SUCCESS (this function does the reseed internally) + * returned_bits = output[:output_len] + * ctx contains new_working_state + */ int mbedtls_ctr_drbg_random_with_add( void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len ) @@ -404,13 +479,9 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, if( add_len > 0 ) { if( ( ret = block_cipher_df( add_input, additional, add_len ) ) != 0 ) - { - return( ret ); - } + goto exit; if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 ) - { - return( ret ); - } + goto exit; } while( output_len > 0 ) @@ -426,9 +497,7 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, * Crypt counter block */ if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp ) ) != 0 ) - { - return( ret ); - } + goto exit; use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? MBEDTLS_CTR_DRBG_BLOCKSIZE : output_len; @@ -441,12 +510,13 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, } if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 ) - { - return( ret ); - } + goto exit; ctx->reseed_counter++; +exit: + mbedtls_platform_zeroize( add_input, sizeof( add_input ) ); + mbedtls_platform_zeroize( tmp, sizeof( tmp ) ); return( 0 ); } @@ -498,35 +568,36 @@ exit: int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ) { int ret = 0; - FILE *f; + FILE *f = NULL; size_t n; unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ]; + unsigned char c; if( ( f = fopen( path, "rb" ) ) == NULL ) return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR ); - fseek( f, 0, SEEK_END ); - n = (size_t) ftell( f ); - fseek( f, 0, SEEK_SET ); - - if( n > MBEDTLS_CTR_DRBG_MAX_INPUT ) + n = fread( buf, 1, sizeof( buf ), f ); + if( fread( &c, 1, 1, f ) != 0 ) { - fclose( f ); - return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); + ret = MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; + goto exit; } - - if( fread( buf, 1, n, f ) != n ) + if( n == 0 || ferror( f ) ) + { ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; - else - mbedtls_ctr_drbg_update( ctx, buf, n ); - + goto exit; + } fclose( f ); + f = NULL; - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + ret = mbedtls_ctr_drbg_update_ret( ctx, buf, n ); +exit: + mbedtls_platform_zeroize( buf, sizeof( buf ) ); + if( f != NULL ) + fclose( f ); if( ret != 0 ) return( ret ); - return( mbedtls_ctr_drbg_write_seed_file( ctx, path ) ); } #endif /* MBEDTLS_FS_IO */ diff --git a/thirdparty/mbedtls/library/debug.c b/thirdparty/mbedtls/library/debug.c index db3924ac54..824cd0236e 100644 --- a/thirdparty/mbedtls/library/debug.c +++ b/thirdparty/mbedtls/library/debug.c @@ -365,4 +365,54 @@ void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level, } #endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_ECDH_C) +static void mbedtls_debug_printf_ecdh_internal( const mbedtls_ssl_context *ssl, + int level, const char *file, + int line, + const mbedtls_ecdh_context *ecdh, + mbedtls_debug_ecdh_attr attr ) +{ +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + const mbedtls_ecdh_context* ctx = ecdh; +#else + const mbedtls_ecdh_context_mbed* ctx = &ecdh->ctx.mbed_ecdh; +#endif + + switch( attr ) + { + case MBEDTLS_DEBUG_ECDH_Q: + mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Q", + &ctx->Q ); + break; + case MBEDTLS_DEBUG_ECDH_QP: + mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Qp", + &ctx->Qp ); + break; + case MBEDTLS_DEBUG_ECDH_Z: + mbedtls_debug_print_mpi( ssl, level, file, line, "ECDH: z", + &ctx->z ); + break; + default: + break; + } +} + +void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const mbedtls_ecdh_context *ecdh, + mbedtls_debug_ecdh_attr attr ) +{ +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, attr ); +#else + switch( ecdh->var ) + { + default: + mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, + attr ); + } +#endif +} +#endif /* MBEDTLS_ECDH_C */ + #endif /* MBEDTLS_DEBUG_C */ diff --git a/thirdparty/mbedtls/library/dhm.c b/thirdparty/mbedtls/library/dhm.c index 82cbb0ce88..fb6937e854 100644 --- a/thirdparty/mbedtls/library/dhm.c +++ b/thirdparty/mbedtls/library/dhm.c @@ -60,6 +60,11 @@ #if !defined(MBEDTLS_DHM_ALT) +#define DHM_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_DHM_BAD_INPUT_DATA ) +#define DHM_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + /* * helper to validate the mbedtls_mpi size and import it */ @@ -121,6 +126,7 @@ cleanup: void mbedtls_dhm_init( mbedtls_dhm_context *ctx ) { + DHM_VALIDATE( ctx != NULL ); memset( ctx, 0, sizeof( mbedtls_dhm_context ) ); } @@ -132,6 +138,9 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx, const unsigned char *end ) { int ret; + DHM_VALIDATE_RET( ctx != NULL ); + DHM_VALIDATE_RET( p != NULL && *p != NULL ); + DHM_VALIDATE_RET( end != NULL ); if( ( ret = dhm_read_bignum( &ctx->P, p, end ) ) != 0 || ( ret = dhm_read_bignum( &ctx->G, p, end ) ) != 0 || @@ -157,6 +166,10 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size, int ret, count = 0; size_t n1, n2, n3; unsigned char *p; + DHM_VALIDATE_RET( ctx != NULL ); + DHM_VALIDATE_RET( output != NULL ); + DHM_VALIDATE_RET( olen != NULL ); + DHM_VALIDATE_RET( f_rng != NULL ); if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 ) return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); @@ -227,9 +240,9 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx, const mbedtls_mpi *G ) { int ret; - - if( ctx == NULL || P == NULL || G == NULL ) - return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); + DHM_VALIDATE_RET( ctx != NULL ); + DHM_VALIDATE_RET( P != NULL ); + DHM_VALIDATE_RET( G != NULL ); if( ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 || ( ret = mbedtls_mpi_copy( &ctx->G, G ) ) != 0 ) @@ -248,8 +261,10 @@ int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, const unsigned char *input, size_t ilen ) { int ret; + DHM_VALIDATE_RET( ctx != NULL ); + DHM_VALIDATE_RET( input != NULL ); - if( ctx == NULL || ilen < 1 || ilen > ctx->len ) + if( ilen < 1 || ilen > ctx->len ) return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); if( ( ret = mbedtls_mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 ) @@ -267,8 +282,11 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size, void *p_rng ) { int ret, count = 0; + DHM_VALIDATE_RET( ctx != NULL ); + DHM_VALIDATE_RET( output != NULL ); + DHM_VALIDATE_RET( f_rng != NULL ); - if( ctx == NULL || olen < 1 || olen > ctx->len ) + if( olen < 1 || olen > ctx->len ) return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 ) @@ -380,8 +398,11 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx, { int ret; mbedtls_mpi GYb; + DHM_VALIDATE_RET( ctx != NULL ); + DHM_VALIDATE_RET( output != NULL ); + DHM_VALIDATE_RET( olen != NULL ); - if( ctx == NULL || output_size < ctx->len ) + if( output_size < ctx->len ) return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA ); if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 ) @@ -428,11 +449,19 @@ cleanup: */ void mbedtls_dhm_free( mbedtls_dhm_context *ctx ) { - mbedtls_mpi_free( &ctx->pX ); mbedtls_mpi_free( &ctx->Vf ); - mbedtls_mpi_free( &ctx->Vi ); mbedtls_mpi_free( &ctx->RP ); - mbedtls_mpi_free( &ctx->K ); mbedtls_mpi_free( &ctx->GY ); - mbedtls_mpi_free( &ctx->GX ); mbedtls_mpi_free( &ctx->X ); - mbedtls_mpi_free( &ctx->G ); mbedtls_mpi_free( &ctx->P ); + if( ctx == NULL ) + return; + + mbedtls_mpi_free( &ctx->pX ); + mbedtls_mpi_free( &ctx->Vf ); + mbedtls_mpi_free( &ctx->Vi ); + mbedtls_mpi_free( &ctx->RP ); + mbedtls_mpi_free( &ctx->K ); + mbedtls_mpi_free( &ctx->GY ); + mbedtls_mpi_free( &ctx->GX ); + mbedtls_mpi_free( &ctx->X ); + mbedtls_mpi_free( &ctx->G ); + mbedtls_mpi_free( &ctx->P ); mbedtls_platform_zeroize( ctx, sizeof( mbedtls_dhm_context ) ); } @@ -449,7 +478,12 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin, unsigned char *p, *end; #if defined(MBEDTLS_PEM_PARSE_C) mbedtls_pem_context pem; +#endif /* MBEDTLS_PEM_PARSE_C */ + + DHM_VALIDATE_RET( dhm != NULL ); + DHM_VALIDATE_RET( dhmin != NULL ); +#if defined(MBEDTLS_PEM_PARSE_C) mbedtls_pem_init( &pem ); /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ @@ -596,6 +630,8 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path ) int ret; size_t n; unsigned char *buf; + DHM_VALIDATE_RET( dhm != NULL ); + DHM_VALIDATE_RET( path != NULL ); if( ( ret = load_file( path, &buf, &n ) ) != 0 ) return( ret ); diff --git a/thirdparty/mbedtls/library/ecdh.c b/thirdparty/mbedtls/library/ecdh.c index 61380b6936..da95c60dad 100644 --- a/thirdparty/mbedtls/library/ecdh.c +++ b/thirdparty/mbedtls/library/ecdh.c @@ -35,41 +35,82 @@ #if defined(MBEDTLS_ECDH_C) #include "mbedtls/ecdh.h" +#include "mbedtls/platform_util.h" #include <string.h> +/* Parameter validation macros based on platform_util.h */ +#define ECDH_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) +#define ECDH_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) +typedef mbedtls_ecdh_context mbedtls_ecdh_context_mbed; +#endif + #if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) /* - * Generate public key: simple wrapper around mbedtls_ecp_gen_keypair + * Generate public key (restartable version) + * + * Note: this internal function relies on its caller preserving the value of + * the output parameter 'd' across continuation calls. This would not be + * acceptable for a public function but is OK here as we control call sites. + */ +static int ecdh_gen_public_restartable( mbedtls_ecp_group *grp, + mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx ) +{ + int ret; + + /* If multiplication is in progress, we already generated a privkey */ +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx == NULL || rs_ctx->rsm == NULL ) +#endif + MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) ); + + MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, Q, d, &grp->G, + f_rng, p_rng, rs_ctx ) ); + +cleanup: + return( ret ); +} + +/* + * Generate public key */ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - return mbedtls_ecp_gen_keypair( grp, d, Q, f_rng, p_rng ); + ECDH_VALIDATE_RET( grp != NULL ); + ECDH_VALIDATE_RET( d != NULL ); + ECDH_VALIDATE_RET( Q != NULL ); + ECDH_VALIDATE_RET( f_rng != NULL ); + return( ecdh_gen_public_restartable( grp, d, Q, f_rng, p_rng, NULL ) ); } -#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ +#endif /* !MBEDTLS_ECDH_GEN_PUBLIC_ALT */ #if !defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) /* * Compute shared secret (SEC1 3.3.1) */ -int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, +static int ecdh_compute_shared_restartable( mbedtls_ecp_group *grp, + mbedtls_mpi *z, const mbedtls_ecp_point *Q, const mbedtls_mpi *d, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx ) { int ret; mbedtls_ecp_point P; mbedtls_ecp_point_init( &P ); - /* - * Make sure Q is a valid pubkey before using it - */ - MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) ); - - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &P, d, Q, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &P, d, Q, + f_rng, p_rng, rs_ctx ) ); if( mbedtls_ecp_is_zero( &P ) ) { @@ -84,65 +125,195 @@ cleanup: return( ret ); } -#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ + +/* + * Compute shared secret (SEC1 3.3.1) + */ +int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z, + const mbedtls_ecp_point *Q, const mbedtls_mpi *d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + ECDH_VALIDATE_RET( grp != NULL ); + ECDH_VALIDATE_RET( Q != NULL ); + ECDH_VALIDATE_RET( d != NULL ); + ECDH_VALIDATE_RET( z != NULL ); + return( ecdh_compute_shared_restartable( grp, z, Q, d, + f_rng, p_rng, NULL ) ); +} +#endif /* !MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ + +static void ecdh_init_internal( mbedtls_ecdh_context_mbed *ctx ) +{ + mbedtls_ecp_group_init( &ctx->grp ); + mbedtls_mpi_init( &ctx->d ); + mbedtls_ecp_point_init( &ctx->Q ); + mbedtls_ecp_point_init( &ctx->Qp ); + mbedtls_mpi_init( &ctx->z ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + mbedtls_ecp_restart_init( &ctx->rs ); +#endif +} /* * Initialize context */ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) { + ECDH_VALIDATE( ctx != NULL ); + +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + ecdh_init_internal( ctx ); + mbedtls_ecp_point_init( &ctx->Vi ); + mbedtls_ecp_point_init( &ctx->Vf ); + mbedtls_mpi_init( &ctx->_d ); +#else memset( ctx, 0, sizeof( mbedtls_ecdh_context ) ); + + ctx->var = MBEDTLS_ECDH_VARIANT_NONE; +#endif + ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; +#if defined(MBEDTLS_ECP_RESTARTABLE) + ctx->restart_enabled = 0; +#endif +} + +static int ecdh_setup_internal( mbedtls_ecdh_context_mbed *ctx, + mbedtls_ecp_group_id grp_id ) +{ + int ret; + + ret = mbedtls_ecp_group_load( &ctx->grp, grp_id ); + if( ret != 0 ) + { + return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); + } + + return( 0 ); } /* - * Free context + * Setup context */ -void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ) +int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx, mbedtls_ecp_group_id grp_id ) { - if( ctx == NULL ) - return; + ECDH_VALIDATE_RET( ctx != NULL ); +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + return( ecdh_setup_internal( ctx, grp_id ) ); +#else + switch( grp_id ) + { + default: + ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; + ctx->var = MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0; + ctx->grp_id = grp_id; + ecdh_init_internal( &ctx->ctx.mbed_ecdh ); + return( ecdh_setup_internal( &ctx->ctx.mbed_ecdh, grp_id ) ); + } +#endif +} + +static void ecdh_free_internal( mbedtls_ecdh_context_mbed *ctx ) +{ mbedtls_ecp_group_free( &ctx->grp ); + mbedtls_mpi_free( &ctx->d ); mbedtls_ecp_point_free( &ctx->Q ); mbedtls_ecp_point_free( &ctx->Qp ); - mbedtls_ecp_point_free( &ctx->Vi ); - mbedtls_ecp_point_free( &ctx->Vf ); - mbedtls_mpi_free( &ctx->d ); mbedtls_mpi_free( &ctx->z ); - mbedtls_mpi_free( &ctx->_d ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + mbedtls_ecp_restart_free( &ctx->rs ); +#endif } +#if defined(MBEDTLS_ECP_RESTARTABLE) /* - * Setup and write the ServerKeyExhange parameters (RFC 4492) - * struct { - * ECParameters curve_params; - * ECPoint public; - * } ServerECDHParams; + * Enable restartable operations for context */ -int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx ) +{ + ECDH_VALIDATE( ctx != NULL ); + + ctx->restart_enabled = 1; +} +#endif + +/* + * Free context + */ +void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx ) +{ + if( ctx == NULL ) + return; + +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + mbedtls_ecp_point_free( &ctx->Vi ); + mbedtls_ecp_point_free( &ctx->Vf ); + mbedtls_mpi_free( &ctx->_d ); + ecdh_free_internal( ctx ); +#else + switch( ctx->var ) + { + case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: + ecdh_free_internal( &ctx->ctx.mbed_ecdh ); + break; + default: + break; + } + + ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED; + ctx->var = MBEDTLS_ECDH_VARIANT_NONE; + ctx->grp_id = MBEDTLS_ECP_DP_NONE; +#endif +} + +static int ecdh_make_params_internal( mbedtls_ecdh_context_mbed *ctx, + size_t *olen, int point_format, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng, + int restart_enabled ) { int ret; size_t grp_len, pt_len; +#if defined(MBEDTLS_ECP_RESTARTABLE) + mbedtls_ecp_restart_ctx *rs_ctx = NULL; +#endif - if( ctx == NULL || ctx->grp.pbits == 0 ) + if( ctx->grp.pbits == 0 ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ) - != 0 ) +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( restart_enabled ) + rs_ctx = &ctx->rs; +#else + (void) restart_enabled; +#endif + + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q, + f_rng, p_rng, rs_ctx ) ) != 0 ) return( ret ); +#else + if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, + f_rng, p_rng ) ) != 0 ) + return( ret ); +#endif /* MBEDTLS_ECP_RESTARTABLE */ - if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) ) - != 0 ) + if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, + blen ) ) != 0 ) return( ret ); buf += grp_len; blen -= grp_len; - if( ( ret = mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format, - &pt_len, buf, blen ) ) != 0 ) + if( ( ret = mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, point_format, + &pt_len, buf, blen ) ) != 0 ) return( ret ); *olen = grp_len + pt_len; @@ -150,6 +321,55 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, } /* + * Setup and write the ServerKeyExhange parameters (RFC 4492) + * struct { + * ECParameters curve_params; + * ECPoint public; + * } ServerECDHParams; + */ +int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int restart_enabled = 0; + ECDH_VALIDATE_RET( ctx != NULL ); + ECDH_VALIDATE_RET( olen != NULL ); + ECDH_VALIDATE_RET( buf != NULL ); + ECDH_VALIDATE_RET( f_rng != NULL ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + restart_enabled = ctx->restart_enabled; +#else + (void) restart_enabled; +#endif + +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + return( ecdh_make_params_internal( ctx, olen, ctx->point_format, buf, blen, + f_rng, p_rng, restart_enabled ) ); +#else + switch( ctx->var ) + { + case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: + return( ecdh_make_params_internal( &ctx->ctx.mbed_ecdh, olen, + ctx->point_format, buf, blen, + f_rng, p_rng, + restart_enabled ) ); + default: + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } +#endif +} + +static int ecdh_read_params_internal( mbedtls_ecdh_context_mbed *ctx, + const unsigned char **buf, + const unsigned char *end ) +{ + return( mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, + end - *buf ) ); +} + +/* * Read the ServerKeyExhange parameters (RFC 4492) * struct { * ECParameters curve_params; @@ -157,31 +377,43 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen, * } ServerECDHParams; */ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx, - const unsigned char **buf, const unsigned char *end ) + const unsigned char **buf, + const unsigned char *end ) { int ret; - - if( ( ret = mbedtls_ecp_tls_read_group( &ctx->grp, buf, end - *buf ) ) != 0 ) + mbedtls_ecp_group_id grp_id; + ECDH_VALIDATE_RET( ctx != NULL ); + ECDH_VALIDATE_RET( buf != NULL ); + ECDH_VALIDATE_RET( *buf != NULL ); + ECDH_VALIDATE_RET( end != NULL ); + + if( ( ret = mbedtls_ecp_tls_read_group_id( &grp_id, buf, end - *buf ) ) + != 0 ) return( ret ); - if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, end - *buf ) ) - != 0 ) + if( ( ret = mbedtls_ecdh_setup( ctx, grp_id ) ) != 0 ) return( ret ); - return( 0 ); +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + return( ecdh_read_params_internal( ctx, buf, end ) ); +#else + switch( ctx->var ) + { + case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: + return( ecdh_read_params_internal( &ctx->ctx.mbed_ecdh, + buf, end ) ); + default: + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } +#endif } -/* - * Get parameters from a keypair - */ -int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key, - mbedtls_ecdh_side side ) +static int ecdh_get_params_internal( mbedtls_ecdh_context_mbed *ctx, + const mbedtls_ecp_keypair *key, + mbedtls_ecdh_side side ) { int ret; - if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ) - return( ret ); - /* If it's not our key, just import the public part as Qp */ if( side == MBEDTLS_ECDH_THEIRS ) return( mbedtls_ecp_copy( &ctx->Qp, &key->Q ) ); @@ -198,39 +430,116 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypai } /* - * Setup and export the client public value + * Get parameters from a keypair */ -int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, + const mbedtls_ecp_keypair *key, + mbedtls_ecdh_side side ) { int ret; + ECDH_VALIDATE_RET( ctx != NULL ); + ECDH_VALIDATE_RET( key != NULL ); + ECDH_VALIDATE_RET( side == MBEDTLS_ECDH_OURS || + side == MBEDTLS_ECDH_THEIRS ); - if( ctx == NULL || ctx->grp.pbits == 0 ) + if( ( ret = mbedtls_ecdh_setup( ctx, key->grp.id ) ) != 0 ) + return( ret ); + +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + return( ecdh_get_params_internal( ctx, key, side ) ); +#else + switch( ctx->var ) + { + case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: + return( ecdh_get_params_internal( &ctx->ctx.mbed_ecdh, + key, side ) ); + default: + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } +#endif +} + +static int ecdh_make_public_internal( mbedtls_ecdh_context_mbed *ctx, + size_t *olen, int point_format, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng, + int restart_enabled ) +{ + int ret; +#if defined(MBEDTLS_ECP_RESTARTABLE) + mbedtls_ecp_restart_ctx *rs_ctx = NULL; +#endif + + if( ctx->grp.pbits == 0 ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ) - != 0 ) +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( restart_enabled ) + rs_ctx = &ctx->rs; +#else + (void) restart_enabled; +#endif + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( ( ret = ecdh_gen_public_restartable( &ctx->grp, &ctx->d, &ctx->Q, + f_rng, p_rng, rs_ctx ) ) != 0 ) + return( ret ); +#else + if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, + f_rng, p_rng ) ) != 0 ) return( ret ); +#endif /* MBEDTLS_ECP_RESTARTABLE */ - return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format, - olen, buf, blen ); + return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, point_format, olen, + buf, blen ); } /* - * Parse and import the client's public value + * Setup and export the client public value */ -int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, - const unsigned char *buf, size_t blen ) +int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int restart_enabled = 0; + ECDH_VALIDATE_RET( ctx != NULL ); + ECDH_VALIDATE_RET( olen != NULL ); + ECDH_VALIDATE_RET( buf != NULL ); + ECDH_VALIDATE_RET( f_rng != NULL ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + restart_enabled = ctx->restart_enabled; +#endif + +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + return( ecdh_make_public_internal( ctx, olen, ctx->point_format, buf, blen, + f_rng, p_rng, restart_enabled ) ); +#else + switch( ctx->var ) + { + case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: + return( ecdh_make_public_internal( &ctx->ctx.mbed_ecdh, olen, + ctx->point_format, buf, blen, + f_rng, p_rng, + restart_enabled ) ); + default: + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } +#endif +} + +static int ecdh_read_public_internal( mbedtls_ecdh_context_mbed *ctx, + const unsigned char *buf, size_t blen ) { int ret; const unsigned char *p = buf; - if( ctx == NULL ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - - if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, blen ) ) != 0 ) + if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, + blen ) ) != 0 ) return( ret ); if( (size_t)( p - buf ) != blen ) @@ -240,23 +549,66 @@ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, } /* - * Derive and export the shared secret + * Parse and import the client's public value */ -int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, - unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) +int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx, + const unsigned char *buf, size_t blen ) +{ + ECDH_VALIDATE_RET( ctx != NULL ); + ECDH_VALIDATE_RET( buf != NULL ); + +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + return( ecdh_read_public_internal( ctx, buf, blen ) ); +#else + switch( ctx->var ) + { + case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: + return( ecdh_read_public_internal( &ctx->ctx.mbed_ecdh, + buf, blen ) ); + default: + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } +#endif +} + +static int ecdh_calc_secret_internal( mbedtls_ecdh_context_mbed *ctx, + size_t *olen, unsigned char *buf, + size_t blen, + int (*f_rng)(void *, + unsigned char *, + size_t), + void *p_rng, + int restart_enabled ) { int ret; +#if defined(MBEDTLS_ECP_RESTARTABLE) + mbedtls_ecp_restart_ctx *rs_ctx = NULL; +#endif - if( ctx == NULL ) + if( ctx == NULL || ctx->grp.pbits == 0 ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d, - f_rng, p_rng ) ) != 0 ) +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( restart_enabled ) + rs_ctx = &ctx->rs; +#else + (void) restart_enabled; +#endif + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( ( ret = ecdh_compute_shared_restartable( &ctx->grp, &ctx->z, &ctx->Qp, + &ctx->d, f_rng, p_rng, + rs_ctx ) ) != 0 ) { return( ret ); } +#else + if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, + &ctx->d, f_rng, p_rng ) ) != 0 ) + { + return( ret ); + } +#endif /* MBEDTLS_ECP_RESTARTABLE */ if( mbedtls_mpi_size( &ctx->z ) > blen ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); @@ -265,4 +617,37 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, return mbedtls_mpi_write_binary( &ctx->z, buf, *olen ); } +/* + * Derive and export the shared secret + */ +int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen, + unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int restart_enabled = 0; + ECDH_VALIDATE_RET( ctx != NULL ); + ECDH_VALIDATE_RET( olen != NULL ); + ECDH_VALIDATE_RET( buf != NULL ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + restart_enabled = ctx->restart_enabled; +#endif + +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + return( ecdh_calc_secret_internal( ctx, olen, buf, blen, f_rng, p_rng, + restart_enabled ) ); +#else + switch( ctx->var ) + { + case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: + return( ecdh_calc_secret_internal( &ctx->ctx.mbed_ecdh, olen, buf, + blen, f_rng, p_rng, + restart_enabled ) ); + default: + return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + } +#endif +} + #endif /* MBEDTLS_ECDH_C */ diff --git a/thirdparty/mbedtls/library/ecdsa.c b/thirdparty/mbedtls/library/ecdsa.c index 17a88bdd29..1204ef9949 100644 --- a/thirdparty/mbedtls/library/ecdsa.c +++ b/thirdparty/mbedtls/library/ecdsa.c @@ -42,6 +42,186 @@ #include "mbedtls/hmac_drbg.h" #endif +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include <stdlib.h> +#define mbedtls_calloc calloc +#define mbedtls_free free +#endif + +#include "mbedtls/platform_util.h" + +/* Parameter validation macros based on platform_util.h */ +#define ECDSA_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) +#define ECDSA_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + +#if defined(MBEDTLS_ECP_RESTARTABLE) + +/* + * Sub-context for ecdsa_verify() + */ +struct mbedtls_ecdsa_restart_ver +{ + mbedtls_mpi u1, u2; /* intermediate values */ + enum { /* what to do next? */ + ecdsa_ver_init = 0, /* getting started */ + ecdsa_ver_muladd, /* muladd step */ + } state; +}; + +/* + * Init verify restart sub-context + */ +static void ecdsa_restart_ver_init( mbedtls_ecdsa_restart_ver_ctx *ctx ) +{ + mbedtls_mpi_init( &ctx->u1 ); + mbedtls_mpi_init( &ctx->u2 ); + ctx->state = ecdsa_ver_init; +} + +/* + * Free the components of a verify restart sub-context + */ +static void ecdsa_restart_ver_free( mbedtls_ecdsa_restart_ver_ctx *ctx ) +{ + if( ctx == NULL ) + return; + + mbedtls_mpi_free( &ctx->u1 ); + mbedtls_mpi_free( &ctx->u2 ); + + ecdsa_restart_ver_init( ctx ); +} + +/* + * Sub-context for ecdsa_sign() + */ +struct mbedtls_ecdsa_restart_sig +{ + int sign_tries; + int key_tries; + mbedtls_mpi k; /* per-signature random */ + mbedtls_mpi r; /* r value */ + enum { /* what to do next? */ + ecdsa_sig_init = 0, /* getting started */ + ecdsa_sig_mul, /* doing ecp_mul() */ + ecdsa_sig_modn, /* mod N computations */ + } state; +}; + +/* + * Init verify sign sub-context + */ +static void ecdsa_restart_sig_init( mbedtls_ecdsa_restart_sig_ctx *ctx ) +{ + ctx->sign_tries = 0; + ctx->key_tries = 0; + mbedtls_mpi_init( &ctx->k ); + mbedtls_mpi_init( &ctx->r ); + ctx->state = ecdsa_sig_init; +} + +/* + * Free the components of a sign restart sub-context + */ +static void ecdsa_restart_sig_free( mbedtls_ecdsa_restart_sig_ctx *ctx ) +{ + if( ctx == NULL ) + return; + + mbedtls_mpi_free( &ctx->k ); + mbedtls_mpi_free( &ctx->r ); +} + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) +/* + * Sub-context for ecdsa_sign_det() + */ +struct mbedtls_ecdsa_restart_det +{ + mbedtls_hmac_drbg_context rng_ctx; /* DRBG state */ + enum { /* what to do next? */ + ecdsa_det_init = 0, /* getting started */ + ecdsa_det_sign, /* make signature */ + } state; +}; + +/* + * Init verify sign_det sub-context + */ +static void ecdsa_restart_det_init( mbedtls_ecdsa_restart_det_ctx *ctx ) +{ + mbedtls_hmac_drbg_init( &ctx->rng_ctx ); + ctx->state = ecdsa_det_init; +} + +/* + * Free the components of a sign_det restart sub-context + */ +static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *ctx ) +{ + if( ctx == NULL ) + return; + + mbedtls_hmac_drbg_free( &ctx->rng_ctx ); + + ecdsa_restart_det_init( ctx ); +} +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ + +#define ECDSA_RS_ECP &rs_ctx->ecp + +/* Utility macro for checking and updating ops budget */ +#define ECDSA_BUDGET( ops ) \ + MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, &rs_ctx->ecp, ops ) ); + +/* Call this when entering a function that needs its own sub-context */ +#define ECDSA_RS_ENTER( SUB ) do { \ + /* reset ops count for this call if top-level */ \ + if( rs_ctx != NULL && rs_ctx->ecp.depth++ == 0 ) \ + rs_ctx->ecp.ops_done = 0; \ + \ + /* set up our own sub-context if needed */ \ + if( mbedtls_ecp_restart_is_enabled() && \ + rs_ctx != NULL && rs_ctx->SUB == NULL ) \ + { \ + rs_ctx->SUB = mbedtls_calloc( 1, sizeof( *rs_ctx->SUB ) ); \ + if( rs_ctx->SUB == NULL ) \ + return( MBEDTLS_ERR_ECP_ALLOC_FAILED ); \ + \ + ecdsa_restart_## SUB ##_init( rs_ctx->SUB ); \ + } \ +} while( 0 ) + +/* Call this when leaving a function that needs its own sub-context */ +#define ECDSA_RS_LEAVE( SUB ) do { \ + /* clear our sub-context when not in progress (done or error) */ \ + if( rs_ctx != NULL && rs_ctx->SUB != NULL && \ + ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) \ + { \ + ecdsa_restart_## SUB ##_free( rs_ctx->SUB ); \ + mbedtls_free( rs_ctx->SUB ); \ + rs_ctx->SUB = NULL; \ + } \ + \ + if( rs_ctx != NULL ) \ + rs_ctx->ecp.depth--; \ +} while( 0 ) + +#else /* MBEDTLS_ECP_RESTARTABLE */ + +#define ECDSA_RS_ECP NULL + +#define ECDSA_BUDGET( ops ) /* no-op; for compatibility */ + +#define ECDSA_RS_ENTER( SUB ) (void) rs_ctx +#define ECDSA_RS_LEAVE( SUB ) (void) rs_ctx + +#endif /* MBEDTLS_ECP_RESTARTABLE */ + /* * Derive a suitable integer for group grp from a buffer of length len * SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3 @@ -70,13 +250,17 @@ cleanup: * Compute ECDSA signature of a hashed message (SEC1 4.1.3) * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message) */ -int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, +static int ecdsa_sign_restartable( mbedtls_ecp_group *grp, + mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_ecdsa_restart_ctx *rs_ctx ) { - int ret, key_tries, sign_tries, blind_tries; + int ret, key_tries, sign_tries; + int *p_sign_tries = &sign_tries, *p_key_tries = &key_tries; mbedtls_ecp_point R; mbedtls_mpi k, e, t; + mbedtls_mpi *pk = &k, *pr = r; /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ if( grp->N.p == NULL ) @@ -89,26 +273,72 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, mbedtls_ecp_point_init( &R ); mbedtls_mpi_init( &k ); mbedtls_mpi_init( &e ); mbedtls_mpi_init( &t ); - sign_tries = 0; + ECDSA_RS_ENTER( sig ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->sig != NULL ) + { + /* redirect to our context */ + p_sign_tries = &rs_ctx->sig->sign_tries; + p_key_tries = &rs_ctx->sig->key_tries; + pk = &rs_ctx->sig->k; + pr = &rs_ctx->sig->r; + + /* jump to current step */ + if( rs_ctx->sig->state == ecdsa_sig_mul ) + goto mul; + if( rs_ctx->sig->state == ecdsa_sig_modn ) + goto modn; + } +#endif /* MBEDTLS_ECP_RESTARTABLE */ + + *p_sign_tries = 0; do { + if( *p_sign_tries++ > 10 ) + { + ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; + goto cleanup; + } + /* * Steps 1-3: generate a suitable ephemeral keypair * and set r = xR mod n */ - key_tries = 0; + *p_key_tries = 0; do { - MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair( grp, &k, &R, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( r, &R.X, &grp->N ) ); - - if( key_tries++ > 10 ) + if( *p_key_tries++ > 10 ) { ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; goto cleanup; } + + MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->sig != NULL ) + rs_ctx->sig->state = ecdsa_sig_mul; + +mul: +#endif + MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &R, pk, &grp->G, + f_rng, p_rng, ECDSA_RS_ECP ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pr, &R.X, &grp->N ) ); } - while( mbedtls_mpi_cmp_int( r, 0 ) == 0 ); + while( mbedtls_mpi_cmp_int( pr, 0 ) == 0 ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->sig != NULL ) + rs_ctx->sig->state = ecdsa_sig_modn; + +modn: +#endif + /* + * Accounting for everything up to the end of the loop + * (step 6, but checking now avoids saving e and t) + */ + ECDSA_BUDGET( MBEDTLS_ECP_OPS_INV + 4 ); /* * Step 5: derive MPI from hashed message @@ -119,57 +349,67 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, * Generate a random value to blind inv_mod in next step, * avoiding a potential timing leak. */ - blind_tries = 0; - do - { - size_t n_size = ( grp->nbits + 7 ) / 8; - MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &t, n_size, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &t, 8 * n_size - grp->nbits ) ); - - /* See mbedtls_ecp_gen_keypair() */ - if( ++blind_tries > 30 ) - return( MBEDTLS_ERR_ECP_RANDOM_FAILED ); - } - while( mbedtls_mpi_cmp_int( &t, 1 ) < 0 || - mbedtls_mpi_cmp_mpi( &t, &grp->N ) >= 0 ); + MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, &t, f_rng, p_rng ) ); /* * Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n */ - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, r, d ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, pr, d ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &e, &e, s ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &e, &e, &t ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &k, &k, &t ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, &k, &grp->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pk, pk, &t ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, pk, &grp->N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) ); - - if( sign_tries++ > 10 ) - { - ret = MBEDTLS_ERR_ECP_RANDOM_FAILED; - goto cleanup; - } } while( mbedtls_mpi_cmp_int( s, 0 ) == 0 ); +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->sig != NULL ) + mbedtls_mpi_copy( r, pr ); +#endif + cleanup: mbedtls_ecp_point_free( &R ); mbedtls_mpi_free( &k ); mbedtls_mpi_free( &e ); mbedtls_mpi_free( &t ); + ECDSA_RS_LEAVE( sig ); + return( ret ); } -#endif /* MBEDTLS_ECDSA_SIGN_ALT */ + +/* + * Compute ECDSA signature of a hashed message + */ +int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + ECDSA_VALIDATE_RET( grp != NULL ); + ECDSA_VALIDATE_RET( r != NULL ); + ECDSA_VALIDATE_RET( s != NULL ); + ECDSA_VALIDATE_RET( d != NULL ); + ECDSA_VALIDATE_RET( f_rng != NULL ); + ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); + + return( ecdsa_sign_restartable( grp, r, s, d, buf, blen, + f_rng, p_rng, NULL ) ); +} +#endif /* !MBEDTLS_ECDSA_SIGN_ALT */ #if defined(MBEDTLS_ECDSA_DETERMINISTIC) /* * Deterministic signature wrapper */ -int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, +static int ecdsa_sign_det_restartable( mbedtls_ecp_group *grp, + mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg ) + mbedtls_md_type_t md_alg, + mbedtls_ecdsa_restart_ctx *rs_ctx ) { int ret; mbedtls_hmac_drbg_context rng_ctx; + mbedtls_hmac_drbg_context *p_rng = &rng_ctx; unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES]; size_t grp_len = ( grp->nbits + 7 ) / 8; const mbedtls_md_info_t *md_info; @@ -181,21 +421,64 @@ int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi mbedtls_mpi_init( &h ); mbedtls_hmac_drbg_init( &rng_ctx ); + ECDSA_RS_ENTER( det ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->det != NULL ) + { + /* redirect to our context */ + p_rng = &rs_ctx->det->rng_ctx; + + /* jump to current step */ + if( rs_ctx->det->state == ecdsa_det_sign ) + goto sign; + } +#endif /* MBEDTLS_ECP_RESTARTABLE */ + /* Use private key and message hash (reduced) to initialize HMAC_DRBG */ MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, data, grp_len ) ); MBEDTLS_MPI_CHK( derive_mpi( grp, &h, buf, blen ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, data + grp_len, grp_len ) ); - mbedtls_hmac_drbg_seed_buf( &rng_ctx, md_info, data, 2 * grp_len ); + mbedtls_hmac_drbg_seed_buf( p_rng, md_info, data, 2 * grp_len ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->det != NULL ) + rs_ctx->det->state = ecdsa_det_sign; +sign: +#endif +#if defined(MBEDTLS_ECDSA_SIGN_ALT) ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, &rng_ctx ); + mbedtls_hmac_drbg_random, p_rng ); +#else + ret = ecdsa_sign_restartable( grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng, rs_ctx ); +#endif /* MBEDTLS_ECDSA_SIGN_ALT */ cleanup: mbedtls_hmac_drbg_free( &rng_ctx ); mbedtls_mpi_free( &h ); + ECDSA_RS_LEAVE( det ); + return( ret ); } + +/* + * Deterministic signature wrapper + */ +int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg ) +{ + ECDSA_VALIDATE_RET( grp != NULL ); + ECDSA_VALIDATE_RET( r != NULL ); + ECDSA_VALIDATE_RET( s != NULL ); + ECDSA_VALIDATE_RET( d != NULL ); + ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); + + return( ecdsa_sign_det_restartable( grp, r, s, d, buf, blen, md_alg, NULL ) ); +} #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ #if !defined(MBEDTLS_ECDSA_VERIFY_ALT) @@ -203,21 +486,40 @@ cleanup: * Verify ECDSA signature of hashed message (SEC1 4.1.4) * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message) */ -int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, - const unsigned char *buf, size_t blen, - const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s) +static int ecdsa_verify_restartable( mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, + const mbedtls_mpi *r, const mbedtls_mpi *s, + mbedtls_ecdsa_restart_ctx *rs_ctx ) { int ret; mbedtls_mpi e, s_inv, u1, u2; mbedtls_ecp_point R; + mbedtls_mpi *pu1 = &u1, *pu2 = &u2; mbedtls_ecp_point_init( &R ); - mbedtls_mpi_init( &e ); mbedtls_mpi_init( &s_inv ); mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 ); + mbedtls_mpi_init( &e ); mbedtls_mpi_init( &s_inv ); + mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 ); /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ if( grp->N.p == NULL ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + ECDSA_RS_ENTER( ver ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->ver != NULL ) + { + /* redirect to our context */ + pu1 = &rs_ctx->ver->u1; + pu2 = &rs_ctx->ver->u2; + + /* jump to current step */ + if( rs_ctx->ver->state == ecdsa_ver_muladd ) + goto muladd; + } +#endif /* MBEDTLS_ECP_RESTARTABLE */ + /* * Step 1: make sure r and s are in range 1..n-1 */ @@ -229,11 +531,6 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, } /* - * Additional precaution: make sure Q is valid - */ - MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) ); - - /* * Step 3: derive MPI from hashed message */ MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) ); @@ -241,21 +538,27 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, /* * Step 4: u1 = e / s mod n, u2 = r / s mod n */ + ECDSA_BUDGET( MBEDTLS_ECP_OPS_CHK + MBEDTLS_ECP_OPS_INV + 2 ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &s_inv, s, &grp->N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u1, &e, &s_inv ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u1, &u1, &grp->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pu1, &e, &s_inv ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pu1, pu1, &grp->N ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u2, r, &s_inv ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u2, &u2, &grp->N ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( pu2, r, &s_inv ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pu2, pu2, &grp->N ) ); +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->ver != NULL ) + rs_ctx->ver->state = ecdsa_ver_muladd; + +muladd: +#endif /* * Step 5: R = u1 G + u2 Q - * - * Since we're not using any secret data, no need to pass a RNG to - * mbedtls_ecp_mul() for countermesures. */ - MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( grp, &R, &u1, &grp->G, &u2, Q ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_muladd_restartable( grp, + &R, pu1, &grp->G, pu2, Q, ECDSA_RS_ECP ) ); if( mbedtls_ecp_is_zero( &R ) ) { @@ -280,11 +583,32 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, cleanup: mbedtls_ecp_point_free( &R ); - mbedtls_mpi_free( &e ); mbedtls_mpi_free( &s_inv ); mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 ); + mbedtls_mpi_free( &e ); mbedtls_mpi_free( &s_inv ); + mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 ); + + ECDSA_RS_LEAVE( ver ); return( ret ); } -#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ + +/* + * Verify ECDSA signature of hashed message + */ +int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, + const mbedtls_mpi *r, + const mbedtls_mpi *s) +{ + ECDSA_VALIDATE_RET( grp != NULL ); + ECDSA_VALIDATE_RET( Q != NULL ); + ECDSA_VALIDATE_RET( r != NULL ); + ECDSA_VALIDATE_RET( s != NULL ); + ECDSA_VALIDATE_RET( buf != NULL || blen == 0 ); + + return( ecdsa_verify_restartable( grp, buf, blen, Q, r, s, NULL ) ); +} +#endif /* !MBEDTLS_ECDSA_VERIFY_ALT */ /* * Convert a signature (given by context) to ASN.1 @@ -313,14 +637,20 @@ static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s, /* * Compute and write signature */ -int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, +int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) + void *p_rng, + mbedtls_ecdsa_restart_ctx *rs_ctx ) { int ret; mbedtls_mpi r, s; + ECDSA_VALIDATE_RET( ctx != NULL ); + ECDSA_VALIDATE_RET( hash != NULL ); + ECDSA_VALIDATE_RET( sig != NULL ); + ECDSA_VALIDATE_RET( slen != NULL ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); @@ -329,14 +659,19 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t (void) f_rng; (void) p_rng; - MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ctx->grp, &r, &s, &ctx->d, - hash, hlen, md_alg ) ); + MBEDTLS_MPI_CHK( ecdsa_sign_det_restartable( &ctx->grp, &r, &s, &ctx->d, + hash, hlen, md_alg, rs_ctx ) ); #else (void) md_alg; +#if defined(MBEDTLS_ECDSA_SIGN_ALT) MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d, hash, hlen, f_rng, p_rng ) ); -#endif +#else + MBEDTLS_MPI_CHK( ecdsa_sign_restartable( &ctx->grp, &r, &s, &ctx->d, + hash, hlen, f_rng, p_rng, rs_ctx ) ); +#endif /* MBEDTLS_ECDSA_SIGN_ALT */ +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) ); @@ -347,13 +682,35 @@ cleanup: return( ret ); } -#if ! defined(MBEDTLS_DEPRECATED_REMOVED) && \ +/* + * Compute and write signature + */ +int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hlen, + unsigned char *sig, size_t *slen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + ECDSA_VALIDATE_RET( ctx != NULL ); + ECDSA_VALIDATE_RET( hash != NULL ); + ECDSA_VALIDATE_RET( sig != NULL ); + ECDSA_VALIDATE_RET( slen != NULL ); + return( mbedtls_ecdsa_write_signature_restartable( + ctx, md_alg, hash, hlen, sig, slen, f_rng, p_rng, NULL ) ); +} + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) && \ defined(MBEDTLS_ECDSA_DETERMINISTIC) int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, mbedtls_md_type_t md_alg ) { + ECDSA_VALIDATE_RET( ctx != NULL ); + ECDSA_VALIDATE_RET( hash != NULL ); + ECDSA_VALIDATE_RET( sig != NULL ); + ECDSA_VALIDATE_RET( slen != NULL ); return( mbedtls_ecdsa_write_signature( ctx, md_alg, hash, hlen, sig, slen, NULL, NULL ) ); } @@ -366,11 +723,29 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen ) { + ECDSA_VALIDATE_RET( ctx != NULL ); + ECDSA_VALIDATE_RET( hash != NULL ); + ECDSA_VALIDATE_RET( sig != NULL ); + return( mbedtls_ecdsa_read_signature_restartable( + ctx, hash, hlen, sig, slen, NULL ) ); +} + +/* + * Restartable read and check signature + */ +int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx, + const unsigned char *hash, size_t hlen, + const unsigned char *sig, size_t slen, + mbedtls_ecdsa_restart_ctx *rs_ctx ) +{ int ret; unsigned char *p = (unsigned char *) sig; const unsigned char *end = sig + slen; size_t len; mbedtls_mpi r, s; + ECDSA_VALIDATE_RET( ctx != NULL ); + ECDSA_VALIDATE_RET( hash != NULL ); + ECDSA_VALIDATE_RET( sig != NULL ); mbedtls_mpi_init( &r ); mbedtls_mpi_init( &s ); @@ -395,10 +770,15 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx, ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } - +#if defined(MBEDTLS_ECDSA_VERIFY_ALT) if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen, - &ctx->Q, &r, &s ) ) != 0 ) + &ctx->Q, &r, &s ) ) != 0 ) goto cleanup; +#else + if( ( ret = ecdsa_verify_restartable( &ctx->grp, hash, hlen, + &ctx->Q, &r, &s, rs_ctx ) ) != 0 ) + goto cleanup; +#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ /* At this point we know that the buffer starts with a valid signature. * Return 0 if the buffer just contains the signature, and a specific @@ -420,10 +800,13 @@ cleanup: int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { + ECDSA_VALIDATE_RET( ctx != NULL ); + ECDSA_VALIDATE_RET( f_rng != NULL ); + return( mbedtls_ecp_group_load( &ctx->grp, gid ) || mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ); } -#endif /* MBEDTLS_ECDSA_GENKEY_ALT */ +#endif /* !MBEDTLS_ECDSA_GENKEY_ALT */ /* * Set context from an mbedtls_ecp_keypair @@ -431,6 +814,8 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key ) { int ret; + ECDSA_VALIDATE_RET( ctx != NULL ); + ECDSA_VALIDATE_RET( key != NULL ); if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 || ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 || @@ -447,6 +832,8 @@ int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_ke */ void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx ) { + ECDSA_VALIDATE( ctx != NULL ); + mbedtls_ecp_keypair_init( ctx ); } @@ -455,7 +842,53 @@ void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx ) */ void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx ) { + if( ctx == NULL ) + return; + mbedtls_ecp_keypair_free( ctx ); } +#if defined(MBEDTLS_ECP_RESTARTABLE) +/* + * Initialize a restart context + */ +void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx ) +{ + ECDSA_VALIDATE( ctx != NULL ); + + mbedtls_ecp_restart_init( &ctx->ecp ); + + ctx->ver = NULL; + ctx->sig = NULL; +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + ctx->det = NULL; +#endif +} + +/* + * Free the components of a restart context + */ +void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx ) +{ + if( ctx == NULL ) + return; + + mbedtls_ecp_restart_free( &ctx->ecp ); + + ecdsa_restart_ver_free( ctx->ver ); + mbedtls_free( ctx->ver ); + ctx->ver = NULL; + + ecdsa_restart_sig_free( ctx->sig ); + mbedtls_free( ctx->sig ); + ctx->sig = NULL; + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + ecdsa_restart_det_free( ctx->det ); + mbedtls_free( ctx->det ); + ctx->det = NULL; +#endif +} +#endif /* MBEDTLS_ECP_RESTARTABLE */ + #endif /* MBEDTLS_ECDSA_C */ diff --git a/thirdparty/mbedtls/library/ecjpake.c b/thirdparty/mbedtls/library/ecjpake.c index ec5a4007db..be941b14b1 100644 --- a/thirdparty/mbedtls/library/ecjpake.c +++ b/thirdparty/mbedtls/library/ecjpake.c @@ -33,11 +33,18 @@ #if defined(MBEDTLS_ECJPAKE_C) #include "mbedtls/ecjpake.h" +#include "mbedtls/platform_util.h" #include <string.h> #if !defined(MBEDTLS_ECJPAKE_ALT) +/* Parameter validation macros based on platform_util.h */ +#define ECJPAKE_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) +#define ECJPAKE_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + /* * Convert a mbedtls_ecjpake_role to identifier string */ @@ -54,8 +61,7 @@ static const char * const ecjpake_id[] = { */ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx ) { - if( ctx == NULL ) - return; + ECJPAKE_VALIDATE( ctx != NULL ); ctx->md_info = NULL; mbedtls_ecp_group_init( &ctx->grp ); @@ -106,6 +112,11 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx, { int ret; + ECJPAKE_VALIDATE_RET( ctx != NULL ); + ECJPAKE_VALIDATE_RET( role == MBEDTLS_ECJPAKE_CLIENT || + role == MBEDTLS_ECJPAKE_SERVER ); + ECJPAKE_VALIDATE_RET( secret != NULL || len == 0 ); + ctx->role = role; if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == NULL ) @@ -127,6 +138,8 @@ cleanup: */ int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx ) { + ECJPAKE_VALIDATE_RET( ctx != NULL ); + if( ctx->md_info == NULL || ctx->grp.id == MBEDTLS_ECP_DP_NONE || ctx->s.p == NULL ) @@ -504,6 +517,9 @@ int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len ) { + ECJPAKE_VALIDATE_RET( ctx != NULL ); + ECJPAKE_VALIDATE_RET( buf != NULL ); + return( ecjpake_kkpp_read( ctx->md_info, &ctx->grp, ctx->point_format, &ctx->grp.G, &ctx->Xp1, &ctx->Xp2, ID_PEER, @@ -518,6 +534,11 @@ int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { + ECJPAKE_VALIDATE_RET( ctx != NULL ); + ECJPAKE_VALIDATE_RET( buf != NULL ); + ECJPAKE_VALIDATE_RET( olen != NULL ); + ECJPAKE_VALIDATE_RET( f_rng != NULL ); + return( ecjpake_kkpp_write( ctx->md_info, &ctx->grp, ctx->point_format, &ctx->grp.G, &ctx->xm1, &ctx->Xm1, &ctx->xm2, &ctx->Xm2, @@ -560,6 +581,9 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx, mbedtls_ecp_group grp; mbedtls_ecp_point G; /* C: GB, S: GA */ + ECJPAKE_VALIDATE_RET( ctx != NULL ); + ECJPAKE_VALIDATE_RET( buf != NULL ); + mbedtls_ecp_group_init( &grp ); mbedtls_ecp_point_init( &G ); @@ -652,6 +676,11 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx, const unsigned char *end = buf + len; size_t ec_len; + ECJPAKE_VALIDATE_RET( ctx != NULL ); + ECJPAKE_VALIDATE_RET( buf != NULL ); + ECJPAKE_VALIDATE_RET( olen != NULL ); + ECJPAKE_VALIDATE_RET( f_rng != NULL ); + mbedtls_ecp_point_init( &G ); mbedtls_ecp_point_init( &Xm ); mbedtls_mpi_init( &xm ); @@ -727,6 +756,11 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx, unsigned char kx[MBEDTLS_ECP_MAX_BYTES]; size_t x_bytes; + ECJPAKE_VALIDATE_RET( ctx != NULL ); + ECJPAKE_VALIDATE_RET( buf != NULL ); + ECJPAKE_VALIDATE_RET( olen != NULL ); + ECJPAKE_VALIDATE_RET( f_rng != NULL ); + *olen = mbedtls_md_get_size( ctx->md_info ); if( len < *olen ) return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL ); diff --git a/thirdparty/mbedtls/library/ecp.c b/thirdparty/mbedtls/library/ecp.c index 41db3fbe5b..ecea5910e0 100644 --- a/thirdparty/mbedtls/library/ecp.c +++ b/thirdparty/mbedtls/library/ecp.c @@ -47,6 +47,35 @@ #include MBEDTLS_CONFIG_FILE #endif +/** + * \brief Function level alternative implementation. + * + * The MBEDTLS_ECP_INTERNAL_ALT macro enables alternative implementations to + * replace certain functions in this module. The alternative implementations are + * typically hardware accelerators and need to activate the hardware before the + * computation starts and deactivate it after it finishes. The + * mbedtls_internal_ecp_init() and mbedtls_internal_ecp_free() functions serve + * this purpose. + * + * To preserve the correct functionality the following conditions must hold: + * + * - The alternative implementation must be activated by + * mbedtls_internal_ecp_init() before any of the replaceable functions is + * called. + * - mbedtls_internal_ecp_free() must \b only be called when the alternative + * implementation is activated. + * - mbedtls_internal_ecp_init() must \b not be called when the alternative + * implementation is activated. + * - Public functions must not return while the alternative implementation is + * activated. + * - Replaceable functions are guarded by \c MBEDTLS_ECP_XXX_ALT macros and + * before calling them an \code if( mbedtls_internal_ecp_grp_capable( grp ) ) + * \endcode ensures that the alternative implementation supports the current + * group. + */ +#if defined(MBEDTLS_ECP_INTERNAL_ALT) +#endif + #if defined(MBEDTLS_ECP_C) #include "mbedtls/ecp.h" @@ -57,6 +86,12 @@ #if !defined(MBEDTLS_ECP_ALT) +/* Parameter validation macros based on platform_util.h */ +#define ECP_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) +#define ECP_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else @@ -82,6 +117,233 @@ static unsigned long add_count, dbl_count, mul_count; #endif +#if defined(MBEDTLS_ECP_RESTARTABLE) +/* + * Maximum number of "basic operations" to be done in a row. + * + * Default value 0 means that ECC operations will not yield. + * Note that regardless of the value of ecp_max_ops, always at + * least one step is performed before yielding. + * + * Setting ecp_max_ops=1 can be suitable for testing purposes + * as it will interrupt computation at all possible points. + */ +static unsigned ecp_max_ops = 0; + +/* + * Set ecp_max_ops + */ +void mbedtls_ecp_set_max_ops( unsigned max_ops ) +{ + ecp_max_ops = max_ops; +} + +/* + * Check if restart is enabled + */ +int mbedtls_ecp_restart_is_enabled( void ) +{ + return( ecp_max_ops != 0 ); +} + +/* + * Restart sub-context for ecp_mul_comb() + */ +struct mbedtls_ecp_restart_mul +{ + mbedtls_ecp_point R; /* current intermediate result */ + size_t i; /* current index in various loops, 0 outside */ + mbedtls_ecp_point *T; /* table for precomputed points */ + unsigned char T_size; /* number of points in table T */ + enum { /* what were we doing last time we returned? */ + ecp_rsm_init = 0, /* nothing so far, dummy initial state */ + ecp_rsm_pre_dbl, /* precompute 2^n multiples */ + ecp_rsm_pre_norm_dbl, /* normalize precomputed 2^n multiples */ + ecp_rsm_pre_add, /* precompute remaining points by adding */ + ecp_rsm_pre_norm_add, /* normalize all precomputed points */ + ecp_rsm_comb_core, /* ecp_mul_comb_core() */ + ecp_rsm_final_norm, /* do the final normalization */ + } state; +}; + +/* + * Init restart_mul sub-context + */ +static void ecp_restart_rsm_init( mbedtls_ecp_restart_mul_ctx *ctx ) +{ + mbedtls_ecp_point_init( &ctx->R ); + ctx->i = 0; + ctx->T = NULL; + ctx->T_size = 0; + ctx->state = ecp_rsm_init; +} + +/* + * Free the components of a restart_mul sub-context + */ +static void ecp_restart_rsm_free( mbedtls_ecp_restart_mul_ctx *ctx ) +{ + unsigned char i; + + if( ctx == NULL ) + return; + + mbedtls_ecp_point_free( &ctx->R ); + + if( ctx->T != NULL ) + { + for( i = 0; i < ctx->T_size; i++ ) + mbedtls_ecp_point_free( ctx->T + i ); + mbedtls_free( ctx->T ); + } + + ecp_restart_rsm_init( ctx ); +} + +/* + * Restart context for ecp_muladd() + */ +struct mbedtls_ecp_restart_muladd +{ + mbedtls_ecp_point mP; /* mP value */ + mbedtls_ecp_point R; /* R intermediate result */ + enum { /* what should we do next? */ + ecp_rsma_mul1 = 0, /* first multiplication */ + ecp_rsma_mul2, /* second multiplication */ + ecp_rsma_add, /* addition */ + ecp_rsma_norm, /* normalization */ + } state; +}; + +/* + * Init restart_muladd sub-context + */ +static void ecp_restart_ma_init( mbedtls_ecp_restart_muladd_ctx *ctx ) +{ + mbedtls_ecp_point_init( &ctx->mP ); + mbedtls_ecp_point_init( &ctx->R ); + ctx->state = ecp_rsma_mul1; +} + +/* + * Free the components of a restart_muladd sub-context + */ +static void ecp_restart_ma_free( mbedtls_ecp_restart_muladd_ctx *ctx ) +{ + if( ctx == NULL ) + return; + + mbedtls_ecp_point_free( &ctx->mP ); + mbedtls_ecp_point_free( &ctx->R ); + + ecp_restart_ma_init( ctx ); +} + +/* + * Initialize a restart context + */ +void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx ) +{ + ECP_VALIDATE( ctx != NULL ); + ctx->ops_done = 0; + ctx->depth = 0; + ctx->rsm = NULL; + ctx->ma = NULL; +} + +/* + * Free the components of a restart context + */ +void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx ) +{ + if( ctx == NULL ) + return; + + ecp_restart_rsm_free( ctx->rsm ); + mbedtls_free( ctx->rsm ); + + ecp_restart_ma_free( ctx->ma ); + mbedtls_free( ctx->ma ); + + mbedtls_ecp_restart_init( ctx ); +} + +/* + * Check if we can do the next step + */ +int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp, + mbedtls_ecp_restart_ctx *rs_ctx, + unsigned ops ) +{ + ECP_VALIDATE_RET( grp != NULL ); + + if( rs_ctx != NULL && ecp_max_ops != 0 ) + { + /* scale depending on curve size: the chosen reference is 256-bit, + * and multiplication is quadratic. Round to the closest integer. */ + if( grp->pbits >= 512 ) + ops *= 4; + else if( grp->pbits >= 384 ) + ops *= 2; + + /* Avoid infinite loops: always allow first step. + * Because of that, however, it's not generally true + * that ops_done <= ecp_max_ops, so the check + * ops_done > ecp_max_ops below is mandatory. */ + if( ( rs_ctx->ops_done != 0 ) && + ( rs_ctx->ops_done > ecp_max_ops || + ops > ecp_max_ops - rs_ctx->ops_done ) ) + { + return( MBEDTLS_ERR_ECP_IN_PROGRESS ); + } + + /* update running count */ + rs_ctx->ops_done += ops; + } + + return( 0 ); +} + +/* Call this when entering a function that needs its own sub-context */ +#define ECP_RS_ENTER( SUB ) do { \ + /* reset ops count for this call if top-level */ \ + if( rs_ctx != NULL && rs_ctx->depth++ == 0 ) \ + rs_ctx->ops_done = 0; \ + \ + /* set up our own sub-context if needed */ \ + if( mbedtls_ecp_restart_is_enabled() && \ + rs_ctx != NULL && rs_ctx->SUB == NULL ) \ + { \ + rs_ctx->SUB = mbedtls_calloc( 1, sizeof( *rs_ctx->SUB ) ); \ + if( rs_ctx->SUB == NULL ) \ + return( MBEDTLS_ERR_ECP_ALLOC_FAILED ); \ + \ + ecp_restart_## SUB ##_init( rs_ctx->SUB ); \ + } \ +} while( 0 ) + +/* Call this when leaving a function that needs its own sub-context */ +#define ECP_RS_LEAVE( SUB ) do { \ + /* clear our sub-context when not in progress (done or error) */ \ + if( rs_ctx != NULL && rs_ctx->SUB != NULL && \ + ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) \ + { \ + ecp_restart_## SUB ##_free( rs_ctx->SUB ); \ + mbedtls_free( rs_ctx->SUB ); \ + rs_ctx->SUB = NULL; \ + } \ + \ + if( rs_ctx != NULL ) \ + rs_ctx->depth--; \ +} while( 0 ) + +#else /* MBEDTLS_ECP_RESTARTABLE */ + +#define ECP_RS_ENTER( sub ) (void) rs_ctx; +#define ECP_RS_LEAVE( sub ) (void) rs_ctx; + +#endif /* MBEDTLS_ECP_RESTARTABLE */ + #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \ defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ @@ -243,6 +505,9 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name { const mbedtls_ecp_curve_info *curve_info; + if( name == NULL ) + return( NULL ); + for( curve_info = mbedtls_ecp_curve_list(); curve_info->grp_id != MBEDTLS_ECP_DP_NONE; curve_info++ ) @@ -273,8 +538,7 @@ static inline ecp_curve_type ecp_get_type( const mbedtls_ecp_group *grp ) */ void mbedtls_ecp_point_init( mbedtls_ecp_point *pt ) { - if( pt == NULL ) - return; + ECP_VALIDATE( pt != NULL ); mbedtls_mpi_init( &pt->X ); mbedtls_mpi_init( &pt->Y ); @@ -286,10 +550,23 @@ void mbedtls_ecp_point_init( mbedtls_ecp_point *pt ) */ void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ) { - if( grp == NULL ) - return; - - memset( grp, 0, sizeof( mbedtls_ecp_group ) ); + ECP_VALIDATE( grp != NULL ); + + grp->id = MBEDTLS_ECP_DP_NONE; + mbedtls_mpi_init( &grp->P ); + mbedtls_mpi_init( &grp->A ); + mbedtls_mpi_init( &grp->B ); + mbedtls_ecp_point_init( &grp->G ); + mbedtls_mpi_init( &grp->N ); + grp->pbits = 0; + grp->nbits = 0; + grp->h = 0; + grp->modp = NULL; + grp->t_pre = NULL; + grp->t_post = NULL; + grp->t_data = NULL; + grp->T = NULL; + grp->T_size = 0; } /* @@ -297,8 +574,7 @@ void mbedtls_ecp_group_init( mbedtls_ecp_group *grp ) */ void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key ) { - if( key == NULL ) - return; + ECP_VALIDATE( key != NULL ); mbedtls_ecp_group_init( &key->grp ); mbedtls_mpi_init( &key->d ); @@ -366,6 +642,8 @@ void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key ) int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ) { int ret; + ECP_VALIDATE_RET( P != NULL ); + ECP_VALIDATE_RET( Q != NULL ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->X, &Q->X ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->Y, &Q->Y ) ); @@ -380,7 +658,10 @@ cleanup: */ int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, const mbedtls_ecp_group *src ) { - return mbedtls_ecp_group_load( dst, src->id ); + ECP_VALIDATE_RET( dst != NULL ); + ECP_VALIDATE_RET( src != NULL ); + + return( mbedtls_ecp_group_load( dst, src->id ) ); } /* @@ -389,6 +670,7 @@ int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, const mbedtls_ecp_group *src int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt ) { int ret; + ECP_VALIDATE_RET( pt != NULL ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->X , 1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Y , 1 ) ); @@ -403,15 +685,20 @@ cleanup: */ int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt ) { + ECP_VALIDATE_RET( pt != NULL ); + return( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 ); } /* - * Compare two points lazyly + * Compare two points lazily */ int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q ) { + ECP_VALIDATE_RET( P != NULL ); + ECP_VALIDATE_RET( Q != NULL ); + if( mbedtls_mpi_cmp_mpi( &P->X, &Q->X ) == 0 && mbedtls_mpi_cmp_mpi( &P->Y, &Q->Y ) == 0 && mbedtls_mpi_cmp_mpi( &P->Z, &Q->Z ) == 0 ) @@ -429,6 +716,9 @@ int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix, const char *x, const char *y ) { int ret; + ECP_VALIDATE_RET( P != NULL ); + ECP_VALIDATE_RET( x != NULL ); + ECP_VALIDATE_RET( y != NULL ); MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P->X, radix, x ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P->Y, radix, y ) ); @@ -441,16 +731,19 @@ cleanup: /* * Export a point into unsigned binary data (SEC1 2.3.3) */ -int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, - int format, size_t *olen, - unsigned char *buf, size_t buflen ) +int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *P, + int format, size_t *olen, + unsigned char *buf, size_t buflen ) { int ret = 0; size_t plen; - - if( format != MBEDTLS_ECP_PF_UNCOMPRESSED && - format != MBEDTLS_ECP_PF_COMPRESSED ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( P != NULL ); + ECP_VALIDATE_RET( olen != NULL ); + ECP_VALIDATE_RET( buf != NULL ); + ECP_VALIDATE_RET( format == MBEDTLS_ECP_PF_UNCOMPRESSED || + format == MBEDTLS_ECP_PF_COMPRESSED ); /* * Common case: P == 0 @@ -497,11 +790,15 @@ cleanup: /* * Import a point from unsigned binary data (SEC1 2.3.4) */ -int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, - const unsigned char *buf, size_t ilen ) +int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, + mbedtls_ecp_point *pt, + const unsigned char *buf, size_t ilen ) { int ret; size_t plen; + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( pt != NULL ); + ECP_VALIDATE_RET( buf != NULL ); if( ilen < 1 ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); @@ -536,11 +833,16 @@ cleanup: * opaque point <1..2^8-1>; * } ECPoint; */ -int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, - const unsigned char **buf, size_t buf_len ) +int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, + mbedtls_ecp_point *pt, + const unsigned char **buf, size_t buf_len ) { unsigned char data_len; const unsigned char *buf_start; + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( pt != NULL ); + ECP_VALIDATE_RET( buf != NULL ); + ECP_VALIDATE_RET( *buf != NULL ); /* * We must have at least two bytes (1 for length, at least one for data) @@ -558,7 +860,7 @@ int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, mbedtls_ecp_point buf_start = *buf; *buf += data_len; - return mbedtls_ecp_point_read_binary( grp, pt, buf_start, data_len ); + return( mbedtls_ecp_point_read_binary( grp, pt, buf_start, data_len ) ); } /* @@ -572,6 +874,12 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp unsigned char *buf, size_t blen ) { int ret; + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( pt != NULL ); + ECP_VALIDATE_RET( olen != NULL ); + ECP_VALIDATE_RET( buf != NULL ); + ECP_VALIDATE_RET( format == MBEDTLS_ECP_PF_UNCOMPRESSED || + format == MBEDTLS_ECP_PF_COMPRESSED ); /* * buffer length must be at least one, for our length byte @@ -595,10 +903,33 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp /* * Set a group from an ECParameters record (RFC 4492) */ -int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, const unsigned char **buf, size_t len ) +int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, + const unsigned char **buf, size_t len ) +{ + int ret; + mbedtls_ecp_group_id grp_id; + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( buf != NULL ); + ECP_VALIDATE_RET( *buf != NULL ); + + if( ( ret = mbedtls_ecp_tls_read_group_id( &grp_id, buf, len ) ) != 0 ) + return( ret ); + + return( mbedtls_ecp_group_load( grp, grp_id ) ); +} + +/* + * Read a group id from an ECParameters record (RFC 4492) and convert it to + * mbedtls_ecp_group_id. + */ +int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp, + const unsigned char **buf, size_t len ) { uint16_t tls_id; const mbedtls_ecp_curve_info *curve_info; + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( buf != NULL ); + ECP_VALIDATE_RET( *buf != NULL ); /* * We expect at least three bytes (see below) @@ -622,7 +953,9 @@ int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, const unsigned char **bu if( ( curve_info = mbedtls_ecp_curve_info_from_tls_id( tls_id ) ) == NULL ) return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); - return mbedtls_ecp_group_load( grp, curve_info->grp_id ); + *grp = curve_info->grp_id; + + return( 0 ); } /* @@ -632,6 +965,9 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen, unsigned char *buf, size_t blen ) { const mbedtls_ecp_curve_info *curve_info; + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( buf != NULL ); + ECP_VALIDATE_RET( olen != NULL ); if( ( curve_info = mbedtls_ecp_curve_info_from_grp_id( grp->id ) ) == NULL ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); @@ -752,11 +1088,10 @@ static int ecp_normalize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *p return( 0 ); #if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) - if ( mbedtls_internal_ecp_grp_capable( grp ) ) - { - return mbedtls_internal_ecp_normalize_jac( grp, pt ); - } + if( mbedtls_internal_ecp_grp_capable( grp ) ) + return( mbedtls_internal_ecp_normalize_jac( grp, pt ) ); #endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */ + mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi ); /* @@ -796,32 +1131,33 @@ cleanup: * Cost: 1N(t) := 1I + (6t - 3)M + 1S */ static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, - mbedtls_ecp_point *T[], size_t t_len ) + mbedtls_ecp_point *T[], size_t T_size ) { int ret; size_t i; mbedtls_mpi *c, u, Zi, ZZi; - if( t_len < 2 ) + if( T_size < 2 ) return( ecp_normalize_jac( grp, *T ) ); #if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) - if ( mbedtls_internal_ecp_grp_capable( grp ) ) - { - return mbedtls_internal_ecp_normalize_jac_many(grp, T, t_len); - } + if( mbedtls_internal_ecp_grp_capable( grp ) ) + return( mbedtls_internal_ecp_normalize_jac_many( grp, T, T_size ) ); #endif - if( ( c = mbedtls_calloc( t_len, sizeof( mbedtls_mpi ) ) ) == NULL ) + if( ( c = mbedtls_calloc( T_size, sizeof( mbedtls_mpi ) ) ) == NULL ) return( MBEDTLS_ERR_ECP_ALLOC_FAILED ); + for( i = 0; i < T_size; i++ ) + mbedtls_mpi_init( &c[i] ); + mbedtls_mpi_init( &u ); mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi ); /* * c[i] = Z_0 * ... * Z_i */ MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &c[0], &T[0]->Z ) ); - for( i = 1; i < t_len; i++ ) + for( i = 1; i < T_size; i++ ) { MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &c[i], &c[i-1], &T[i]->Z ) ); MOD_MUL( c[i] ); @@ -830,9 +1166,9 @@ static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, /* * u = 1 / (Z_0 * ... * Z_n) mod P */ - MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &u, &c[t_len-1], &grp->P ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &u, &c[T_size-1], &grp->P ) ); - for( i = t_len - 1; ; i-- ) + for( i = T_size - 1; ; i-- ) { /* * Zi = 1 / Z_i mod p @@ -872,7 +1208,7 @@ static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp, cleanup: mbedtls_mpi_free( &u ); mbedtls_mpi_free( &Zi ); mbedtls_mpi_free( &ZZi ); - for( i = 0; i < t_len; i++ ) + for( i = 0; i < T_size; i++ ) mbedtls_mpi_free( &c[i] ); mbedtls_free( c ); @@ -929,10 +1265,8 @@ static int ecp_double_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, #endif #if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) - if ( mbedtls_internal_ecp_grp_capable( grp ) ) - { - return mbedtls_internal_ecp_double_jac( grp, R, P ); - } + if( mbedtls_internal_ecp_grp_capable( grp ) ) + return( mbedtls_internal_ecp_double_jac( grp, R, P ) ); #endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */ mbedtls_mpi_init( &M ); mbedtls_mpi_init( &S ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &U ); @@ -1027,10 +1361,8 @@ static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, #endif #if defined(MBEDTLS_ECP_ADD_MIXED_ALT) - if ( mbedtls_internal_ecp_grp_capable( grp ) ) - { - return mbedtls_internal_ecp_add_mixed( grp, R, P, Q ); - } + if( mbedtls_internal_ecp_grp_capable( grp ) ) + return( mbedtls_internal_ecp_add_mixed( grp, R, P, Q ) ); #endif /* MBEDTLS_ECP_ADD_MIXED_ALT */ /* @@ -1114,10 +1446,8 @@ static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *p int count = 0; #if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) - if ( mbedtls_internal_ecp_grp_capable( grp ) ) - { - return mbedtls_internal_ecp_randomize_jac( grp, pt, f_rng, p_rng ); - } + if( mbedtls_internal_ecp_grp_capable( grp ) ) + return( mbedtls_internal_ecp_randomize_jac( grp, pt, f_rng, p_rng ) ); #endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */ p_size = ( grp->pbits + 7 ) / 8; @@ -1173,11 +1503,38 @@ cleanup: * modified version that provides resistance to SPA by avoiding zero * digits in the representation as in [3]. We modify the method further by * requiring that all K_i be odd, which has the small cost that our - * representation uses one more K_i, due to carries. + * representation uses one more K_i, due to carries, but saves on the size of + * the precomputed table. * - * Also, for the sake of compactness, only the seven low-order bits of x[i] - * are used to represent K_i, and the msb of x[i] encodes the the sign (s_i in - * the paper): it is set if and only if if s_i == -1; + * Summary of the comb method and its modifications: + * + * - The goal is to compute m*P for some w*d-bit integer m. + * + * - The basic comb method splits m into the w-bit integers + * x[0] .. x[d-1] where x[i] consists of the bits in m whose + * index has residue i modulo d, and computes m * P as + * S[x[0]] + 2 * S[x[1]] + .. + 2^(d-1) S[x[d-1]], where + * S[i_{w-1} .. i_0] := i_{w-1} 2^{(w-1)d} P + ... + i_1 2^d P + i_0 P. + * + * - If it happens that, say, x[i+1]=0 (=> S[x[i+1]]=0), one can replace the sum by + * .. + 2^{i-1} S[x[i-1]] - 2^i S[x[i]] + 2^{i+1} S[x[i]] + 2^{i+2} S[x[i+2]] .., + * thereby successively converting it into a form where all summands + * are nonzero, at the cost of negative summands. This is the basic idea of [3]. + * + * - More generally, even if x[i+1] != 0, we can first transform the sum as + * .. - 2^i S[x[i]] + 2^{i+1} ( S[x[i]] + S[x[i+1]] ) + 2^{i+2} S[x[i+2]] .., + * and then replace S[x[i]] + S[x[i+1]] = S[x[i] ^ x[i+1]] + 2 S[x[i] & x[i+1]]. + * Performing and iterating this procedure for those x[i] that are even + * (keeping track of carry), we can transform the original sum into one of the form + * S[x'[0]] +- 2 S[x'[1]] +- .. +- 2^{d-1} S[x'[d-1]] + 2^d S[x'[d]] + * with all x'[i] odd. It is therefore only necessary to know S at odd indices, + * which is why we are only computing half of it in the first place in + * ecp_precompute_comb and accessing it with index abs(i) / 2 in ecp_select_comb. + * + * - For the sake of compactness, only the seven low-order bits of x[i] + * are used to represent its absolute value (K_i in the paper), and the msb + * of x[i] encodes the sign (s_i in the paper): it is set if and only if + * if s_i == -1; * * Calling conventions: * - x is an array of size d + 1 @@ -1186,8 +1543,8 @@ cleanup: * - m is the MPI, expected to be odd and such that bitlength(m) <= w * d * (the result will be incorrect if these assumptions are not satisfied) */ -static void ecp_comb_fixed( unsigned char x[], size_t d, - unsigned char w, const mbedtls_mpi *m ) +static void ecp_comb_recode_core( unsigned char x[], size_t d, + unsigned char w, const mbedtls_mpi *m ) { size_t i, j; unsigned char c, cc, adjust; @@ -1217,70 +1574,178 @@ static void ecp_comb_fixed( unsigned char x[], size_t d, } /* - * Precompute points for the comb method + * Precompute points for the adapted comb method * - * If i = i_{w-1} ... i_1 is the binary representation of i, then - * T[i] = i_{w-1} 2^{(w-1)d} P + ... + i_1 2^d P + P + * Assumption: T must be able to hold 2^{w - 1} elements. * - * T must be able to hold 2^{w - 1} elements + * Operation: If i = i_{w-1} ... i_1 is the binary representation of i, + * sets T[i] = i_{w-1} 2^{(w-1)d} P + ... + i_1 2^d P + P. * * Cost: d(w-1) D + (2^{w-1} - 1) A + 1 N(w-1) + 1 N(2^{w-1} - 1) + * + * Note: Even comb values (those where P would be omitted from the + * sum defining T[i] above) are not needed in our adaption + * the comb method. See ecp_comb_recode_core(). + * + * This function currently works in four steps: + * (1) [dbl] Computation of intermediate T[i] for 2-power values of i + * (2) [norm_dbl] Normalization of coordinates of these T[i] + * (3) [add] Computation of all T[i] + * (4) [norm_add] Normalization of all T[i] + * + * Step 1 can be interrupted but not the others; together with the final + * coordinate normalization they are the largest steps done at once, depending + * on the window size. Here are operation counts for P-256: + * + * step (2) (3) (4) + * w = 5 142 165 208 + * w = 4 136 77 160 + * w = 3 130 33 136 + * w = 2 124 11 124 + * + * So if ECC operations are blocking for too long even with a low max_ops + * value, it's useful to set MBEDTLS_ECP_WINDOW_SIZE to a lower value in order + * to minimize maximum blocking time. */ static int ecp_precompute_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point T[], const mbedtls_ecp_point *P, - unsigned char w, size_t d ) + unsigned char w, size_t d, + mbedtls_ecp_restart_ctx *rs_ctx ) { int ret; - unsigned char i, k; - size_t j; + unsigned char i; + size_t j = 0; + const unsigned char T_size = 1U << ( w - 1 ); mbedtls_ecp_point *cur, *TT[COMB_MAX_PRE - 1]; +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + { + if( rs_ctx->rsm->state == ecp_rsm_pre_dbl ) + goto dbl; + if( rs_ctx->rsm->state == ecp_rsm_pre_norm_dbl ) + goto norm_dbl; + if( rs_ctx->rsm->state == ecp_rsm_pre_add ) + goto add; + if( rs_ctx->rsm->state == ecp_rsm_pre_norm_add ) + goto norm_add; + } +#else + (void) rs_ctx; +#endif + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + { + rs_ctx->rsm->state = ecp_rsm_pre_dbl; + + /* initial state for the loop */ + rs_ctx->rsm->i = 0; + } + +dbl: +#endif /* * Set T[0] = P and * T[2^{l-1}] = 2^{dl} P for l = 1 .. w-1 (this is not the final value) */ MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &T[0], P ) ); - k = 0; - for( i = 1; i < ( 1U << ( w - 1 ) ); i <<= 1 ) +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0 ) + j = rs_ctx->rsm->i; + else +#endif + j = 0; + + for( ; j < d * ( w - 1 ); j++ ) { + MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_DBL ); + + i = 1U << ( j / d ); cur = T + i; - MBEDTLS_MPI_CHK( mbedtls_ecp_copy( cur, T + ( i >> 1 ) ) ); - for( j = 0; j < d; j++ ) - MBEDTLS_MPI_CHK( ecp_double_jac( grp, cur, cur ) ); - TT[k++] = cur; + if( j % d == 0 ) + MBEDTLS_MPI_CHK( mbedtls_ecp_copy( cur, T + ( i >> 1 ) ) ); + + MBEDTLS_MPI_CHK( ecp_double_jac( grp, cur, cur ) ); } - MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) ); +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + rs_ctx->rsm->state = ecp_rsm_pre_norm_dbl; +norm_dbl: +#endif + /* + * Normalize current elements in T. As T has holes, + * use an auxiliary array of pointers to elements in T. + */ + j = 0; + for( i = 1; i < T_size; i <<= 1 ) + TT[j++] = T + i; + + MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV + 6 * j - 2 ); + + MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, j ) ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + rs_ctx->rsm->state = ecp_rsm_pre_add; + +add: +#endif /* * Compute the remaining ones using the minimal number of additions * Be careful to update T[2^l] only after using it! */ - k = 0; - for( i = 1; i < ( 1U << ( w - 1 ) ); i <<= 1 ) + MBEDTLS_ECP_BUDGET( ( T_size - 1 ) * MBEDTLS_ECP_OPS_ADD ); + + for( i = 1; i < T_size; i <<= 1 ) { j = i; while( j-- ) - { MBEDTLS_MPI_CHK( ecp_add_mixed( grp, &T[i + j], &T[j], &T[i] ) ); - TT[k++] = &T[i + j]; - } } - MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) ); +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + rs_ctx->rsm->state = ecp_rsm_pre_norm_add; + +norm_add: +#endif + /* + * Normalize final elements in T. Even though there are no holes now, we + * still need the auxiliary array for homogeneity with the previous + * call. Also, skip T[0] which is already normalised, being a copy of P. + */ + for( j = 0; j + 1 < T_size; j++ ) + TT[j] = T + j + 1; + + MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV + 6 * j - 2 ); + + MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, j ) ); cleanup: +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->rsm != NULL && + ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + { + if( rs_ctx->rsm->state == ecp_rsm_pre_dbl ) + rs_ctx->rsm->i = j; + } +#endif return( ret ); } /* * Select precomputed point: R = sign(i) * T[ abs(i) / 2 ] + * + * See ecp_comb_recode_core() for background */ static int ecp_select_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_ecp_point T[], unsigned char t_len, + const mbedtls_ecp_point T[], unsigned char T_size, unsigned char i ) { int ret; @@ -1290,7 +1755,7 @@ static int ecp_select_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, ii = ( i & 0x7Fu ) >> 1; /* Read the whole table to thwart cache-based timing attacks */ - for( j = 0; j < t_len; j++ ) + for( j = 0; j < T_size; j++ ) { MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->X, &T[j].X, j == ii ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->Y, &T[j].Y, j == ii ) ); @@ -1310,10 +1775,11 @@ cleanup: * Cost: d A + d D + 1 R */ static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_ecp_point T[], unsigned char t_len, + const mbedtls_ecp_point T[], unsigned char T_size, const unsigned char x[], size_t d, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx ) { int ret; mbedtls_ecp_point Txi; @@ -1321,17 +1787,42 @@ static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R mbedtls_ecp_point_init( &Txi ); - /* Start with a non-zero point and randomize its coordinates */ - i = d; - MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, t_len, x[i] ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) ); - if( f_rng != 0 ) - MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) ); +#if !defined(MBEDTLS_ECP_RESTARTABLE) + (void) rs_ctx; +#endif + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->rsm != NULL && + rs_ctx->rsm->state != ecp_rsm_comb_core ) + { + rs_ctx->rsm->i = 0; + rs_ctx->rsm->state = ecp_rsm_comb_core; + } + + /* new 'if' instead of nested for the sake of the 'else' branch */ + if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->i != 0 ) + { + /* restore current index (R already pointing to rs_ctx->rsm->R) */ + i = rs_ctx->rsm->i; + } + else +#endif + { + /* Start with a non-zero point and randomize its coordinates */ + i = d; + MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, T_size, x[i] ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) ); + if( f_rng != 0 ) + MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) ); + } - while( i-- != 0 ) + while( i != 0 ) { + MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_DBL + MBEDTLS_ECP_OPS_ADD ); + --i; + MBEDTLS_MPI_CHK( ecp_double_jac( grp, R, R ) ); - MBEDTLS_MPI_CHK( ecp_select_comb( grp, &Txi, T, t_len, x[i] ) ); + MBEDTLS_MPI_CHK( ecp_select_comb( grp, &Txi, T, T_size, x[i] ) ); MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, R, &Txi ) ); } @@ -1339,32 +1830,130 @@ cleanup: mbedtls_ecp_point_free( &Txi ); +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->rsm != NULL && + ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + { + rs_ctx->rsm->i = i; + /* no need to save R, already pointing to rs_ctx->rsm->R */ + } +#endif + return( ret ); } /* - * Multiplication using the comb method, - * for curves in short Weierstrass form - */ -static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, - const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ) + * Recode the scalar to get constant-time comb multiplication + * + * As the actual scalar recoding needs an odd scalar as a starting point, + * this wrapper ensures that by replacing m by N - m if necessary, and + * informs the caller that the result of multiplication will be negated. + * + * This works because we only support large prime order for Short Weierstrass + * curves, so N is always odd hence either m or N - m is. + * + * See ecp_comb_recode_core() for background. + */ +static int ecp_comb_recode_scalar( const mbedtls_ecp_group *grp, + const mbedtls_mpi *m, + unsigned char k[COMB_MAX_D + 1], + size_t d, + unsigned char w, + unsigned char *parity_trick ) { int ret; - unsigned char w, m_is_odd, p_eq_g, pre_len, i; - size_t d; - unsigned char k[COMB_MAX_D + 1]; - mbedtls_ecp_point *T; mbedtls_mpi M, mm; mbedtls_mpi_init( &M ); mbedtls_mpi_init( &mm ); - /* we need N to be odd to trnaform m in an odd number, check now */ + /* N is always odd (see above), just make extra sure */ if( mbedtls_mpi_get_bit( &grp->N, 0 ) != 1 ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); + /* do we need the parity trick? */ + *parity_trick = ( mbedtls_mpi_get_bit( m, 0 ) == 0 ); + + /* execute parity fix in constant time */ + MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &M, m ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mm, &grp->N, m ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &M, &mm, *parity_trick ) ); + + /* actual scalar recoding */ + ecp_comb_recode_core( k, d, w, &M ); + +cleanup: + mbedtls_mpi_free( &mm ); + mbedtls_mpi_free( &M ); + + return( ret ); +} + +/* + * Perform comb multiplication (for short Weierstrass curves) + * once the auxiliary table has been pre-computed. + * + * Scalar recoding may use a parity trick that makes us compute -m * P, + * if that is the case we'll need to recover m * P at the end. + */ +static int ecp_mul_comb_after_precomp( const mbedtls_ecp_group *grp, + mbedtls_ecp_point *R, + const mbedtls_mpi *m, + const mbedtls_ecp_point *T, + unsigned char T_size, + unsigned char w, + size_t d, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx ) +{ + int ret; + unsigned char parity_trick; + unsigned char k[COMB_MAX_D + 1]; + mbedtls_ecp_point *RR = R; + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + { + RR = &rs_ctx->rsm->R; + + if( rs_ctx->rsm->state == ecp_rsm_final_norm ) + goto final_norm; + } +#endif + + MBEDTLS_MPI_CHK( ecp_comb_recode_scalar( grp, m, k, d, w, + &parity_trick ) ); + MBEDTLS_MPI_CHK( ecp_mul_comb_core( grp, RR, T, T_size, k, d, + f_rng, p_rng, rs_ctx ) ); + MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, RR, parity_trick ) ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + rs_ctx->rsm->state = ecp_rsm_final_norm; + +final_norm: +#endif + MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV ); + MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, RR ) ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->rsm != NULL ) + MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, RR ) ); +#endif + +cleanup: + return( ret ); +} + +/* + * Pick window size based on curve size and whether we optimize for base point + */ +static unsigned char ecp_pick_window_size( const mbedtls_ecp_group *grp, + unsigned char p_eq_g ) +{ + unsigned char w; + /* * Minimize the number of multiplications, that is minimize * 10 * d * w + 18 * 2^(w-1) + 11 * d + 7 * w, with d = ceil( nbits / w ) @@ -1377,14 +1966,8 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, * Just adding one avoids upping the cost of the first mul too much, * and the memory cost too. */ -#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 - p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 && - mbedtls_mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 ); if( p_eq_g ) w++; -#else - p_eq_g = 0; -#endif /* * Make sure w is within bounds. @@ -1395,70 +1978,140 @@ static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, if( w >= grp->nbits ) w = 2; - /* Other sizes that depend on w */ - pre_len = 1U << ( w - 1 ); + return( w ); +} + +/* + * Multiplication using the comb method - for curves in short Weierstrass form + * + * This function is mainly responsible for administrative work: + * - managing the restart context if enabled + * - managing the table of precomputed points (passed between the below two + * functions): allocation, computation, ownership tranfer, freeing. + * + * It delegates the actual arithmetic work to: + * ecp_precompute_comb() and ecp_mul_comb_with_precomp() + * + * See comments on ecp_comb_recode_core() regarding the computation strategy. + */ +static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx ) +{ + int ret; + unsigned char w, p_eq_g, i; + size_t d; + unsigned char T_size, T_ok; + mbedtls_ecp_point *T; + + ECP_RS_ENTER( rsm ); + + /* Is P the base point ? */ +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 + p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 && + mbedtls_mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 ); +#else + p_eq_g = 0; +#endif + + /* Pick window size and deduce related sizes */ + w = ecp_pick_window_size( grp, p_eq_g ); + T_size = 1U << ( w - 1 ); d = ( grp->nbits + w - 1 ) / w; - /* - * Prepare precomputed points: if P == G we want to - * use grp->T if already initialized, or initialize it. - */ - T = p_eq_g ? grp->T : NULL; + /* Pre-computed table: do we have it already for the base point? */ + if( p_eq_g && grp->T != NULL ) + { + /* second pointer to the same table, will be deleted on exit */ + T = grp->T; + T_ok = 1; + } + else +#if defined(MBEDTLS_ECP_RESTARTABLE) + /* Pre-computed table: do we have one in progress? complete? */ + if( rs_ctx != NULL && rs_ctx->rsm != NULL && rs_ctx->rsm->T != NULL ) + { + /* transfer ownership of T from rsm to local function */ + T = rs_ctx->rsm->T; + rs_ctx->rsm->T = NULL; + rs_ctx->rsm->T_size = 0; - if( T == NULL ) + /* This effectively jumps to the call to mul_comb_after_precomp() */ + T_ok = rs_ctx->rsm->state >= ecp_rsm_comb_core; + } + else +#endif + /* Allocate table if we didn't have any */ { - T = mbedtls_calloc( pre_len, sizeof( mbedtls_ecp_point ) ); + T = mbedtls_calloc( T_size, sizeof( mbedtls_ecp_point ) ); if( T == NULL ) { ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; goto cleanup; } - MBEDTLS_MPI_CHK( ecp_precompute_comb( grp, T, P, w, d ) ); + for( i = 0; i < T_size; i++ ) + mbedtls_ecp_point_init( &T[i] ); + + T_ok = 0; + } + + /* Compute table (or finish computing it) if not done already */ + if( !T_ok ) + { + MBEDTLS_MPI_CHK( ecp_precompute_comb( grp, T, P, w, d, rs_ctx ) ); if( p_eq_g ) { + /* almost transfer ownership of T to the group, but keep a copy of + * the pointer to use for calling the next function more easily */ grp->T = T; - grp->T_size = pre_len; + grp->T_size = T_size; } } - /* - * Make sure M is odd (M = m or M = N - m, since N is odd) - * using the fact that m * P = - (N - m) * P - */ - m_is_odd = ( mbedtls_mpi_get_bit( m, 0 ) == 1 ); - MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &M, m ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mm, &grp->N, m ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &M, &mm, ! m_is_odd ) ); + /* Actual comb multiplication using precomputed points */ + MBEDTLS_MPI_CHK( ecp_mul_comb_after_precomp( grp, R, m, + T, T_size, w, d, + f_rng, p_rng, rs_ctx ) ); - /* - * Go for comb multiplication, R = M * P - */ - ecp_comb_fixed( k, d, w, &M ); - MBEDTLS_MPI_CHK( ecp_mul_comb_core( grp, R, T, pre_len, k, d, f_rng, p_rng ) ); +cleanup: - /* - * Now get m * P from M * P and normalize it - */ - MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, R, ! m_is_odd ) ); - MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, R ) ); + /* does T belong to the group? */ + if( T == grp->T ) + T = NULL; -cleanup: + /* does T belong to the restart context? */ +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->rsm != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS && T != NULL ) + { + /* transfer ownership of T from local function to rsm */ + rs_ctx->rsm->T_size = T_size; + rs_ctx->rsm->T = T; + T = NULL; + } +#endif - if( T != NULL && ! p_eq_g ) + /* did T belong to us? then let's destroy it! */ + if( T != NULL ) { - for( i = 0; i < pre_len; i++ ) + for( i = 0; i < T_size; i++ ) mbedtls_ecp_point_free( &T[i] ); mbedtls_free( T ); } - mbedtls_mpi_free( &M ); - mbedtls_mpi_free( &mm ); - + /* don't free R while in progress in case R == P */ +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) +#endif + /* prevent caller from using invalid value */ if( ret != 0 ) mbedtls_ecp_point_free( R ); + ECP_RS_LEAVE( rsm ); + return( ret ); } @@ -1482,10 +2135,8 @@ static int ecp_normalize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P int ret; #if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) - if ( mbedtls_internal_ecp_grp_capable( grp ) ) - { - return mbedtls_internal_ecp_normalize_mxz( grp, P ); - } + if( mbedtls_internal_ecp_grp_capable( grp ) ) + return( mbedtls_internal_ecp_normalize_mxz( grp, P ) ); #endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &P->Z, &P->Z, &grp->P ) ); @@ -1513,10 +2164,8 @@ static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P int count = 0; #if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) - if ( mbedtls_internal_ecp_grp_capable( grp ) ) - { - return mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng ); - } + if( mbedtls_internal_ecp_grp_capable( grp ) ) + return( mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng ); #endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */ p_size = ( grp->pbits + 7 ) / 8; @@ -1568,10 +2217,8 @@ static int ecp_double_add_mxz( const mbedtls_ecp_group *grp, mbedtls_mpi A, AA, B, BB, E, C, D, DA, CB; #if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) - if ( mbedtls_internal_ecp_grp_capable( grp ) ) - { - return mbedtls_internal_ecp_double_add_mxz( grp, R, S, P, Q, d ); - } + if( mbedtls_internal_ecp_grp_capable( grp ) ) + return( mbedtls_internal_ecp_double_add_mxz( grp, R, S, P, Q, d ) ); #endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */ mbedtls_mpi_init( &A ); mbedtls_mpi_init( &AA ); mbedtls_mpi_init( &B ); @@ -1668,54 +2315,85 @@ cleanup: #endif /* ECP_MONTGOMERY */ /* - * Multiplication R = m * P + * Restartable multiplication R = m * P */ -int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, +int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_ecp_restart_ctx *rs_ctx ) { int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; #if defined(MBEDTLS_ECP_INTERNAL_ALT) char is_grp_capable = 0; #endif - - /* Common sanity checks */ - if( mbedtls_mpi_cmp_int( &P->Z, 1 ) != 0 ) - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); - - if( ( ret = mbedtls_ecp_check_privkey( grp, m ) ) != 0 || - ( ret = mbedtls_ecp_check_pubkey( grp, P ) ) != 0 ) - return( ret ); + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( R != NULL ); + ECP_VALIDATE_RET( m != NULL ); + ECP_VALIDATE_RET( P != NULL ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + /* reset ops count for this call if top-level */ + if( rs_ctx != NULL && rs_ctx->depth++ == 0 ) + rs_ctx->ops_done = 0; +#endif #if defined(MBEDTLS_ECP_INTERNAL_ALT) - if ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) ) - { + if( ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) ) ) MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) ); +#endif /* MBEDTLS_ECP_INTERNAL_ALT */ + +#if defined(MBEDTLS_ECP_RESTARTABLE) + /* skip argument check when restarting */ + if( rs_ctx == NULL || rs_ctx->rsm == NULL ) +#endif + { + /* check_privkey is free */ + MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_CHK ); + + /* Common sanity checks */ + MBEDTLS_MPI_CHK( mbedtls_ecp_check_privkey( grp, m ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, P ) ); } -#endif /* MBEDTLS_ECP_INTERNAL_ALT */ + ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; #if defined(ECP_MONTGOMERY) if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY ) - ret = ecp_mul_mxz( grp, R, m, P, f_rng, p_rng ); - + MBEDTLS_MPI_CHK( ecp_mul_mxz( grp, R, m, P, f_rng, p_rng ) ); #endif #if defined(ECP_SHORTWEIERSTRASS) if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS ) - ret = ecp_mul_comb( grp, R, m, P, f_rng, p_rng ); - + MBEDTLS_MPI_CHK( ecp_mul_comb( grp, R, m, P, f_rng, p_rng, rs_ctx ) ); #endif -#if defined(MBEDTLS_ECP_INTERNAL_ALT) + cleanup: - if ( is_grp_capable ) - { +#if defined(MBEDTLS_ECP_INTERNAL_ALT) + if( is_grp_capable ) mbedtls_internal_ecp_free( grp ); - } - #endif /* MBEDTLS_ECP_INTERNAL_ALT */ + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL ) + rs_ctx->depth--; +#endif + return( ret ); } +/* + * Multiplication R = m * P + */ +int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( R != NULL ); + ECP_VALIDATE_RET( m != NULL ); + ECP_VALIDATE_RET( P != NULL ); + return( mbedtls_ecp_mul_restartable( grp, R, m, P, f_rng, p_rng, NULL ) ); +} + #if defined(ECP_SHORTWEIERSTRASS) /* * Check that an affine point is valid as a public key, @@ -1773,7 +2451,8 @@ cleanup: static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, - const mbedtls_ecp_point *P ) + const mbedtls_ecp_point *P, + mbedtls_ecp_restart_ctx *rs_ctx ) { int ret; @@ -1789,7 +2468,8 @@ static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp, } else { - MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, R, m, P, + NULL, NULL, rs_ctx ) ); } cleanup: @@ -1797,51 +2477,118 @@ cleanup: } /* - * Linear combination + * Restartable linear combination * NOT constant-time */ -int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, +int mbedtls_ecp_muladd_restartable( + mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, - const mbedtls_mpi *n, const mbedtls_ecp_point *Q ) + const mbedtls_mpi *n, const mbedtls_ecp_point *Q, + mbedtls_ecp_restart_ctx *rs_ctx ) { int ret; mbedtls_ecp_point mP; + mbedtls_ecp_point *pmP = &mP; + mbedtls_ecp_point *pR = R; #if defined(MBEDTLS_ECP_INTERNAL_ALT) char is_grp_capable = 0; #endif + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( R != NULL ); + ECP_VALIDATE_RET( m != NULL ); + ECP_VALIDATE_RET( P != NULL ); + ECP_VALIDATE_RET( n != NULL ); + ECP_VALIDATE_RET( Q != NULL ); if( ecp_get_type( grp ) != ECP_TYPE_SHORT_WEIERSTRASS ) return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ); mbedtls_ecp_point_init( &mP ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, &mP, m, P ) ); - MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, R, n, Q ) ); + ECP_RS_ENTER( ma ); -#if defined(MBEDTLS_ECP_INTERNAL_ALT) - if ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) ) +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->ma != NULL ) { - MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) ); + /* redirect intermediate results to restart context */ + pmP = &rs_ctx->ma->mP; + pR = &rs_ctx->ma->R; + + /* jump to next operation */ + if( rs_ctx->ma->state == ecp_rsma_mul2 ) + goto mul2; + if( rs_ctx->ma->state == ecp_rsma_add ) + goto add; + if( rs_ctx->ma->state == ecp_rsma_norm ) + goto norm; } +#endif /* MBEDTLS_ECP_RESTARTABLE */ + MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, pmP, m, P, rs_ctx ) ); +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->ma != NULL ) + rs_ctx->ma->state = ecp_rsma_mul2; + +mul2: +#endif + MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, pR, n, Q, rs_ctx ) ); + +#if defined(MBEDTLS_ECP_INTERNAL_ALT) + if( ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp ) ) ) + MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) ); #endif /* MBEDTLS_ECP_INTERNAL_ALT */ - MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, &mP, R ) ); - MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, R ) ); -cleanup: +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->ma != NULL ) + rs_ctx->ma->state = ecp_rsma_add; + +add: +#endif + MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_ADD ); + MBEDTLS_MPI_CHK( ecp_add_mixed( grp, pR, pmP, pR ) ); +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->ma != NULL ) + rs_ctx->ma->state = ecp_rsma_norm; + +norm: +#endif + MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_INV ); + MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, pR ) ); + +#if defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && rs_ctx->ma != NULL ) + MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, pR ) ); +#endif +cleanup: #if defined(MBEDTLS_ECP_INTERNAL_ALT) - if ( is_grp_capable ) - { + if( is_grp_capable ) mbedtls_internal_ecp_free( grp ); - } - #endif /* MBEDTLS_ECP_INTERNAL_ALT */ + mbedtls_ecp_point_free( &mP ); + ECP_RS_LEAVE( ma ); + return( ret ); } +/* + * Linear combination + * NOT constant-time + */ +int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R, + const mbedtls_mpi *m, const mbedtls_ecp_point *P, + const mbedtls_mpi *n, const mbedtls_ecp_point *Q ) +{ + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( R != NULL ); + ECP_VALIDATE_RET( m != NULL ); + ECP_VALIDATE_RET( P != NULL ); + ECP_VALIDATE_RET( n != NULL ); + ECP_VALIDATE_RET( Q != NULL ); + return( mbedtls_ecp_muladd_restartable( grp, R, m, P, n, Q, NULL ) ); +} #if defined(ECP_MONTGOMERY) /* @@ -1862,8 +2609,12 @@ static int ecp_check_pubkey_mx( const mbedtls_ecp_group *grp, const mbedtls_ecp_ /* * Check that a point is valid as a public key */ -int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt ) +int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, + const mbedtls_ecp_point *pt ) { + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( pt != NULL ); + /* Must use affine coordinates */ if( mbedtls_mpi_cmp_int( &pt->Z, 1 ) != 0 ) return( MBEDTLS_ERR_ECP_INVALID_KEY ); @@ -1882,8 +2633,12 @@ int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, const mbedtls_ecp_po /* * Check that an mbedtls_mpi is valid as a private key */ -int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi *d ) +int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, + const mbedtls_mpi *d ) { + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( d != NULL ); + #if defined(ECP_MONTGOMERY) if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY ) { @@ -1892,7 +2647,6 @@ int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi * mbedtls_mpi_get_bit( d, 1 ) != 0 || mbedtls_mpi_bitlen( d ) - 1 != grp->nbits ) /* mbedtls_mpi_bitlen is one-based! */ return( MBEDTLS_ERR_ECP_INVALID_KEY ); - else /* see [Curve25519] page 5 */ if( grp->nbits == 254 && mbedtls_mpi_get_bit( d, 2 ) != 0 ) @@ -1917,16 +2671,21 @@ int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi * } /* - * Generate a keypair with configurable base point + * Generate a private key */ -int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, - const mbedtls_ecp_point *G, - mbedtls_mpi *d, mbedtls_ecp_point *Q, +int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp, + mbedtls_mpi *d, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - int ret; - size_t n_size = ( grp->nbits + 7 ) / 8; + int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + size_t n_size; + + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( d != NULL ); + ECP_VALIDATE_RET( f_rng != NULL ); + + n_size = ( grp->nbits + 7 ) / 8; #if defined(ECP_MONTGOMERY) if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY ) @@ -1954,8 +2713,8 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) ); } } - else #endif /* ECP_MONTGOMERY */ + #if defined(ECP_SHORTWEIERSTRASS) if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS ) { @@ -1989,15 +2748,33 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, while( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 ); } - else #endif /* ECP_SHORTWEIERSTRASS */ - return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); cleanup: - if( ret != 0 ) - return( ret ); + return( ret ); +} - return( mbedtls_ecp_mul( grp, Q, d, G, f_rng, p_rng ) ); +/* + * Generate a keypair with configurable base point + */ +int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp, + const mbedtls_ecp_point *G, + mbedtls_mpi *d, mbedtls_ecp_point *Q, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( d != NULL ); + ECP_VALIDATE_RET( G != NULL ); + ECP_VALIDATE_RET( Q != NULL ); + ECP_VALIDATE_RET( f_rng != NULL ); + + MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, Q, d, G, f_rng, p_rng ) ); + +cleanup: + return( ret ); } /* @@ -2008,6 +2785,11 @@ int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { + ECP_VALIDATE_RET( grp != NULL ); + ECP_VALIDATE_RET( d != NULL ); + ECP_VALIDATE_RET( Q != NULL ); + ECP_VALIDATE_RET( f_rng != NULL ); + return( mbedtls_ecp_gen_keypair_base( grp, &grp->G, d, Q, f_rng, p_rng ) ); } @@ -2018,6 +2800,8 @@ int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { int ret; + ECP_VALIDATE_RET( key != NULL ); + ECP_VALIDATE_RET( f_rng != NULL ); if( ( ret = mbedtls_ecp_group_load( &key->grp, grp_id ) ) != 0 ) return( ret ); @@ -2033,6 +2817,8 @@ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ec int ret; mbedtls_ecp_point Q; mbedtls_ecp_group grp; + ECP_VALIDATE_RET( pub != NULL ); + ECP_VALIDATE_RET( prv != NULL ); if( pub->grp.id == MBEDTLS_ECP_DP_NONE || pub->grp.id != prv->grp.id || diff --git a/thirdparty/mbedtls/library/ecp_curves.c b/thirdparty/mbedtls/library/ecp_curves.c index 68e2441ae8..731621dc3c 100644 --- a/thirdparty/mbedtls/library/ecp_curves.c +++ b/thirdparty/mbedtls/library/ecp_curves.c @@ -28,11 +28,18 @@ #if defined(MBEDTLS_ECP_C) #include "mbedtls/ecp.h" +#include "mbedtls/platform_util.h" #include <string.h> #if !defined(MBEDTLS_ECP_ALT) +/* Parameter validation macros based on platform_util.h */ +#define ECP_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) +#define ECP_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ !defined(inline) && !defined(__cplusplus) #define inline __inline @@ -746,6 +753,7 @@ cleanup: */ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id ) { + ECP_VALIDATE_RET( grp != NULL ); mbedtls_ecp_group_free( grp ); grp->id = id; diff --git a/thirdparty/mbedtls/library/entropy_poll.c b/thirdparty/mbedtls/library/entropy_poll.c index f44a753f4d..ba56b70f77 100644 --- a/thirdparty/mbedtls/library/entropy_poll.c +++ b/thirdparty/mbedtls/library/entropy_poll.c @@ -114,6 +114,7 @@ int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len #include <sys/syscall.h> #if defined(SYS_getrandom) #define HAVE_GETRANDOM +#include <errno.h> static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags ) { @@ -123,47 +124,8 @@ static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags ) memset( buf, 0, buflen ); #endif #endif - return( syscall( SYS_getrandom, buf, buflen, flags ) ); } - -#include <sys/utsname.h> -/* Check if version is at least 3.17.0 */ -static int check_version_3_17_plus( void ) -{ - int minor; - struct utsname un; - const char *ver; - - /* Get version information */ - uname(&un); - ver = un.release; - - /* Check major version; assume a single digit */ - if( ver[0] < '3' || ver[0] > '9' || ver [1] != '.' ) - return( -1 ); - - if( ver[0] - '0' > 3 ) - return( 0 ); - - /* Ok, so now we know major == 3, check minor. - * Assume 1 or 2 digits. */ - if( ver[2] < '0' || ver[2] > '9' ) - return( -1 ); - - minor = ver[2] - '0'; - - if( ver[3] >= '0' && ver[3] <= '9' ) - minor = 10 * minor + ver[3] - '0'; - else if( ver [3] != '.' ) - return( -1 ); - - if( minor < 17 ) - return( -1 ); - - return( 0 ); -} -static int has_getrandom = -1; #endif /* SYS_getrandom */ #endif /* __linux__ */ @@ -174,22 +136,21 @@ int mbedtls_platform_entropy_poll( void *data, { FILE *file; size_t read_len; + int ret; ((void) data); #if defined(HAVE_GETRANDOM) - if( has_getrandom == -1 ) - has_getrandom = ( check_version_3_17_plus() == 0 ); - - if( has_getrandom ) + ret = getrandom_wrapper( output, len, 0 ); + if( ret >= 0 ) { - int ret; - - if( ( ret = getrandom_wrapper( output, len, 0 ) ) < 0 ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - *olen = ret; return( 0 ); } + else if( errno != ENOSYS ) + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + /* Fall through if the system call isn't known. */ +#else + ((void) ret); #endif /* HAVE_GETRANDOM */ *olen = 0; diff --git a/thirdparty/mbedtls/library/entropy_poll.c.orig b/thirdparty/mbedtls/library/entropy_poll.c.orig deleted file mode 100644 index 040aa117dc..0000000000 --- a/thirdparty/mbedtls/library/entropy_poll.c.orig +++ /dev/null @@ -1,275 +0,0 @@ -/* - * Platform-specific and custom entropy polling functions - * - * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) - */ - -#if defined(__linux__) -/* Ensure that syscall() is available even when compiling with -std=c99 */ -#define _GNU_SOURCE -#endif - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include <string.h> - -#if defined(MBEDTLS_ENTROPY_C) - -#include "mbedtls/entropy.h" -#include "mbedtls/entropy_poll.h" - -#if defined(MBEDTLS_TIMING_C) -#include "mbedtls/timing.h" -#endif -#if defined(MBEDTLS_HAVEGE_C) -#include "mbedtls/havege.h" -#endif -#if defined(MBEDTLS_ENTROPY_NV_SEED) -#include "mbedtls/platform.h" -#endif - -#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) - -#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \ - !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \ - !defined(__HAIKU__) -#error "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h" -#endif - -#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) - -#if !defined(_WIN32_WINNT) -#define _WIN32_WINNT 0x0400 -#endif -#include <windows.h> -#include <wincrypt.h> - -int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len, - size_t *olen ) -{ - HCRYPTPROV provider; - ((void) data); - *olen = 0; - - if( CryptAcquireContext( &provider, NULL, NULL, - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE ) - { - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - } - - if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE ) - { - CryptReleaseContext( provider, 0 ); - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - } - - CryptReleaseContext( provider, 0 ); - *olen = len; - - return( 0 ); -} -#else /* _WIN32 && !EFIX64 && !EFI32 */ - -/* - * Test for Linux getrandom() support. - * Since there is no wrapper in the libc yet, use the generic syscall wrapper - * available in GNU libc and compatible libc's (eg uClibc). - */ -#if defined(__linux__) && defined(__GLIBC__) -#include <unistd.h> -#include <sys/syscall.h> -#if defined(SYS_getrandom) -#define HAVE_GETRANDOM - -static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags ) -{ - /* MemSan cannot understand that the syscall writes to the buffer */ -#if defined(__has_feature) -#if __has_feature(memory_sanitizer) - memset( buf, 0, buflen ); -#endif -#endif - - return( syscall( SYS_getrandom, buf, buflen, flags ) ); -} - -#include <sys/utsname.h> -/* Check if version is at least 3.17.0 */ -static int check_version_3_17_plus( void ) -{ - int minor; - struct utsname un; - const char *ver; - - /* Get version information */ - uname(&un); - ver = un.release; - - /* Check major version; assume a single digit */ - if( ver[0] < '3' || ver[0] > '9' || ver [1] != '.' ) - return( -1 ); - - if( ver[0] - '0' > 3 ) - return( 0 ); - - /* Ok, so now we know major == 3, check minor. - * Assume 1 or 2 digits. */ - if( ver[2] < '0' || ver[2] > '9' ) - return( -1 ); - - minor = ver[2] - '0'; - - if( ver[3] >= '0' && ver[3] <= '9' ) - minor = 10 * minor + ver[3] - '0'; - else if( ver [3] != '.' ) - return( -1 ); - - if( minor < 17 ) - return( -1 ); - - return( 0 ); -} -static int has_getrandom = -1; -#endif /* SYS_getrandom */ -#endif /* __linux__ */ - -#include <stdio.h> - -int mbedtls_platform_entropy_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) -{ - FILE *file; - size_t read_len; - ((void) data); - -#if defined(HAVE_GETRANDOM) - if( has_getrandom == -1 ) - has_getrandom = ( check_version_3_17_plus() == 0 ); - - if( has_getrandom ) - { - int ret; - - if( ( ret = getrandom_wrapper( output, len, 0 ) ) < 0 ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - - *olen = ret; - return( 0 ); - } -#endif /* HAVE_GETRANDOM */ - - *olen = 0; - - file = fopen( "/dev/urandom", "rb" ); - if( file == NULL ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - - read_len = fread( output, 1, len, file ); - if( read_len != len ) - { - fclose( file ); - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - } - - fclose( file ); - *olen = len; - - return( 0 ); -} -#endif /* _WIN32 && !EFIX64 && !EFI32 */ -#endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */ - -#if defined(MBEDTLS_TEST_NULL_ENTROPY) -int mbedtls_null_entropy_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) -{ - ((void) data); - ((void) output); - *olen = 0; - - if( len < sizeof(unsigned char) ) - return( 0 ); - - *olen = sizeof(unsigned char); - - return( 0 ); -} -#endif - -#if defined(MBEDTLS_TIMING_C) -int mbedtls_hardclock_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) -{ - unsigned long timer = mbedtls_timing_hardclock(); - ((void) data); - *olen = 0; - - if( len < sizeof(unsigned long) ) - return( 0 ); - - memcpy( output, &timer, sizeof(unsigned long) ); - *olen = sizeof(unsigned long); - - return( 0 ); -} -#endif /* MBEDTLS_TIMING_C */ - -#if defined(MBEDTLS_HAVEGE_C) -int mbedtls_havege_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) -{ - mbedtls_havege_state *hs = (mbedtls_havege_state *) data; - *olen = 0; - - if( mbedtls_havege_random( hs, output, len ) != 0 ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - - *olen = len; - - return( 0 ); -} -#endif /* MBEDTLS_HAVEGE_C */ - -#if defined(MBEDTLS_ENTROPY_NV_SEED) -int mbedtls_nv_seed_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) -{ - unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; - size_t use_len = MBEDTLS_ENTROPY_BLOCK_SIZE; - ((void) data); - - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); - - if( mbedtls_nv_seed_read( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 ) - return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); - - if( len < use_len ) - use_len = len; - - memcpy( output, buf, use_len ); - *olen = use_len; - - return( 0 ); -} -#endif /* MBEDTLS_ENTROPY_NV_SEED */ - -#endif /* MBEDTLS_ENTROPY_C */ diff --git a/thirdparty/mbedtls/library/error.c b/thirdparty/mbedtls/library/error.c index 774244b454..12312a0562 100644 --- a/thirdparty/mbedtls/library/error.c +++ b/thirdparty/mbedtls/library/error.c @@ -165,6 +165,10 @@ #include "mbedtls/pkcs5.h" #endif +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#endif + #if defined(MBEDTLS_POLY1305_C) #include "mbedtls/poly1305.h" #endif @@ -289,6 +293,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) mbedtls_snprintf( buf, buflen, "ECP - The buffer contains a valid signature followed by more data" ); if( use_ret == -(MBEDTLS_ERR_ECP_HW_ACCEL_FAILED) ) mbedtls_snprintf( buf, buflen, "ECP - The ECP hardware accelerator failed" ); + if( use_ret == -(MBEDTLS_ERR_ECP_IN_PROGRESS) ) + mbedtls_snprintf( buf, buflen, "ECP - Operation in progress, call again with the same parameters to continue" ); #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_MD_C) @@ -515,6 +521,10 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) mbedtls_snprintf( buf, buflen, "SSL - Internal-only message signaling that further message-processing should be done" ); if( use_ret == -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS) ) mbedtls_snprintf( buf, buflen, "SSL - The asynchronous operation is not completed yet" ); + if( use_ret == -(MBEDTLS_ERR_SSL_EARLY_MESSAGE) ) + mbedtls_snprintf( buf, buflen, "SSL - Internal-only message signaling that a message arrived early" ); + if( use_ret == -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) ) + mbedtls_snprintf( buf, buflen, "SSL - A cryptographic operation is in progress. Try again later" ); #endif /* MBEDTLS_SSL_TLS_C */ #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) @@ -608,8 +618,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) #endif /* MBEDTLS_ARC4_C */ #if defined(MBEDTLS_ARIA_C) - if( use_ret == -(MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH) ) - mbedtls_snprintf( buf, buflen, "ARIA - Invalid key length" ); + if( use_ret == -(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "ARIA - Bad input data" ); if( use_ret == -(MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH) ) mbedtls_snprintf( buf, buflen, "ARIA - Invalid data input length" ); if( use_ret == -(MBEDTLS_ERR_ARIA_FEATURE_UNAVAILABLE) ) @@ -662,17 +672,17 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) #endif /* MBEDTLS_BIGNUM_C */ #if defined(MBEDTLS_BLOWFISH_C) - if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH) ) - mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid key length" ); - if( use_ret == -(MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED) ) - mbedtls_snprintf( buf, buflen, "BLOWFISH - Blowfish hardware accelerator failed" ); + if( use_ret == -(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "BLOWFISH - Bad input data" ); if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH) ) mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid data input length" ); + if( use_ret == -(MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED) ) + mbedtls_snprintf( buf, buflen, "BLOWFISH - Blowfish hardware accelerator failed" ); #endif /* MBEDTLS_BLOWFISH_C */ #if defined(MBEDTLS_CAMELLIA_C) - if( use_ret == -(MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH) ) - mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid key length" ); + if( use_ret == -(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "CAMELLIA - Bad input data" ); if( use_ret == -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH) ) mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid data input length" ); if( use_ret == -(MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED) ) @@ -821,6 +831,13 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) mbedtls_snprintf( buf, buflen, "PADLOCK - Input data should be aligned" ); #endif /* MBEDTLS_PADLOCK_C */ +#if defined(MBEDTLS_PLATFORM_C) + if( use_ret == -(MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED) ) + mbedtls_snprintf( buf, buflen, "PLATFORM - Hardware accelerator failed" ); + if( use_ret == -(MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED) ) + mbedtls_snprintf( buf, buflen, "PLATFORM - The requested feature is not supported by the platform" ); +#endif /* MBEDTLS_PLATFORM_C */ + #if defined(MBEDTLS_POLY1305_C) if( use_ret == -(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA) ) mbedtls_snprintf( buf, buflen, "POLY1305 - Invalid input parameter(s)" ); @@ -838,16 +855,22 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) #if defined(MBEDTLS_SHA1_C) if( use_ret == -(MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED) ) mbedtls_snprintf( buf, buflen, "SHA1 - SHA-1 hardware accelerator failed" ); + if( use_ret == -(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "SHA1 - SHA-1 input data was malformed" ); #endif /* MBEDTLS_SHA1_C */ #if defined(MBEDTLS_SHA256_C) if( use_ret == -(MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED) ) mbedtls_snprintf( buf, buflen, "SHA256 - SHA-256 hardware accelerator failed" ); + if( use_ret == -(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "SHA256 - SHA-256 input data was malformed" ); #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA512_C) if( use_ret == -(MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED) ) mbedtls_snprintf( buf, buflen, "SHA512 - SHA-512 hardware accelerator failed" ); + if( use_ret == -(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA) ) + mbedtls_snprintf( buf, buflen, "SHA512 - SHA-512 input data was malformed" ); #endif /* MBEDTLS_SHA512_C */ #if defined(MBEDTLS_THREADING_C) diff --git a/thirdparty/mbedtls/library/gcm.c b/thirdparty/mbedtls/library/gcm.c index 57b027933d..675926a518 100644 --- a/thirdparty/mbedtls/library/gcm.c +++ b/thirdparty/mbedtls/library/gcm.c @@ -48,9 +48,8 @@ #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) #include "mbedtls/aes.h" -#if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" -#else +#if !defined(MBEDTLS_PLATFORM_C) #include <stdio.h> #define mbedtls_printf printf #endif /* MBEDTLS_PLATFORM_C */ @@ -58,6 +57,12 @@ #if !defined(MBEDTLS_GCM_ALT) +/* Parameter validation macros */ +#define GCM_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_GCM_BAD_INPUT ) +#define GCM_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + /* * 32-bit integer manipulation macros (big endian) */ @@ -86,6 +91,7 @@ */ void mbedtls_gcm_init( mbedtls_gcm_context *ctx ) { + GCM_VALIDATE( ctx != NULL ); memset( ctx, 0, sizeof( mbedtls_gcm_context ) ); } @@ -165,6 +171,10 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx, int ret; const mbedtls_cipher_info_t *cipher_info; + GCM_VALIDATE_RET( ctx != NULL ); + GCM_VALIDATE_RET( key != NULL ); + GCM_VALIDATE_RET( keybits == 128 || keybits == 192 || keybits == 256 ); + cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, MBEDTLS_MODE_ECB ); if( cipher_info == NULL ) return( MBEDTLS_ERR_GCM_BAD_INPUT ); @@ -275,6 +285,10 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, const unsigned char *p; size_t use_len, olen = 0; + GCM_VALIDATE_RET( ctx != NULL ); + GCM_VALIDATE_RET( iv != NULL ); + GCM_VALIDATE_RET( add_len == 0 || add != NULL ); + /* IV and AD are limited to 2^64 bits, so 2^61 bytes */ /* IV is not allowed to be zero length */ if( iv_len == 0 || @@ -357,6 +371,10 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, unsigned char *out_p = output; size_t use_len, olen = 0; + GCM_VALIDATE_RET( ctx != NULL ); + GCM_VALIDATE_RET( length == 0 || input != NULL ); + GCM_VALIDATE_RET( length == 0 || output != NULL ); + if( output > input && (size_t) ( output - input ) < length ) return( MBEDTLS_ERR_GCM_BAD_INPUT ); @@ -410,8 +428,14 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, { unsigned char work_buf[16]; size_t i; - uint64_t orig_len = ctx->len * 8; - uint64_t orig_add_len = ctx->add_len * 8; + uint64_t orig_len; + uint64_t orig_add_len; + + GCM_VALIDATE_RET( ctx != NULL ); + GCM_VALIDATE_RET( tag != NULL ); + + orig_len = ctx->len * 8; + orig_add_len = ctx->add_len * 8; if( tag_len > 16 || tag_len < 4 ) return( MBEDTLS_ERR_GCM_BAD_INPUT ); @@ -453,6 +477,13 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, { int ret; + GCM_VALIDATE_RET( ctx != NULL ); + GCM_VALIDATE_RET( iv != NULL ); + GCM_VALIDATE_RET( add_len == 0 || add != NULL ); + GCM_VALIDATE_RET( length == 0 || input != NULL ); + GCM_VALIDATE_RET( length == 0 || output != NULL ); + GCM_VALIDATE_RET( tag != NULL ); + if( ( ret = mbedtls_gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 ) return( ret ); @@ -481,6 +512,13 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, size_t i; int diff; + GCM_VALIDATE_RET( ctx != NULL ); + GCM_VALIDATE_RET( iv != NULL ); + GCM_VALIDATE_RET( add_len == 0 || add != NULL ); + GCM_VALIDATE_RET( tag != NULL ); + GCM_VALIDATE_RET( length == 0 || input != NULL ); + GCM_VALIDATE_RET( length == 0 || output != NULL ); + if( ( ret = mbedtls_gcm_crypt_and_tag( ctx, MBEDTLS_GCM_DECRYPT, length, iv, iv_len, add, add_len, input, output, tag_len, check_tag ) ) != 0 ) @@ -503,6 +541,8 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, void mbedtls_gcm_free( mbedtls_gcm_context *ctx ) { + if( ctx == NULL ) + return; mbedtls_cipher_free( &ctx->cipher_ctx ); mbedtls_platform_zeroize( ctx, sizeof( mbedtls_gcm_context ) ); } @@ -764,7 +804,7 @@ int mbedtls_gcm_self_test( int verbose ) * there is an alternative underlying implementation i.e. when * MBEDTLS_AES_ALT is defined. */ - if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && key_len == 192 ) + if( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && key_len == 192 ) { mbedtls_printf( "skipped\n" ); break; diff --git a/thirdparty/mbedtls/library/hmac_drbg.c b/thirdparty/mbedtls/library/hmac_drbg.c index dad55ff861..c50330e7d8 100644 --- a/thirdparty/mbedtls/library/hmac_drbg.c +++ b/thirdparty/mbedtls/library/hmac_drbg.c @@ -66,31 +66,60 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ) /* * HMAC_DRBG update, using optional additional data (10.1.2.2) */ -void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, - const unsigned char *additional, size_t add_len ) +int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, + size_t add_len ) { size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info ); unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1; unsigned char sep[1]; unsigned char K[MBEDTLS_MD_MAX_SIZE]; + int ret; for( sep[0] = 0; sep[0] < rounds; sep[0]++ ) { /* Step 1 or 4 */ - mbedtls_md_hmac_reset( &ctx->md_ctx ); - mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); - mbedtls_md_hmac_update( &ctx->md_ctx, sep, 1 ); + if( ( ret = mbedtls_md_hmac_reset( &ctx->md_ctx ) ) != 0 ) + goto exit; + if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, + ctx->V, md_len ) ) != 0 ) + goto exit; + if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, + sep, 1 ) ) != 0 ) + goto exit; if( rounds == 2 ) - mbedtls_md_hmac_update( &ctx->md_ctx, additional, add_len ); - mbedtls_md_hmac_finish( &ctx->md_ctx, K ); + { + if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, + additional, add_len ) ) != 0 ) + goto exit; + } + if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, K ) ) != 0 ) + goto exit; /* Step 2 or 5 */ - mbedtls_md_hmac_starts( &ctx->md_ctx, K, md_len ); - mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); - mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ); + if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, K, md_len ) ) != 0 ) + goto exit; + if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, + ctx->V, md_len ) ) != 0 ) + goto exit; + if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ) ) != 0 ) + goto exit; } + +exit: + mbedtls_platform_zeroize( K, sizeof( K ) ); + return( ret ); } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx, + const unsigned char *additional, + size_t add_len ) +{ + (void) mbedtls_hmac_drbg_update_ret( ctx, additional, add_len ); +} +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + /* * Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA) */ @@ -108,10 +137,13 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, * Use the V memory location, which is currently all 0, to initialize the * MD context with an all-zero key. Then set V to its initial value. */ - mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, mbedtls_md_get_size( md_info ) ); + if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, + mbedtls_md_get_size( md_info ) ) ) != 0 ) + return( ret ); memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) ); - mbedtls_hmac_drbg_update( ctx, data, data_len ); + if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, data, data_len ) ) != 0 ) + return( ret ); return( 0 ); } @@ -124,6 +156,7 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, { unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT]; size_t seedlen; + int ret; /* III. Check input length */ if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT || @@ -135,7 +168,8 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, memset( seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ); /* IV. Gather entropy_len bytes of entropy for the seed */ - if( ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) != 0 ) + if( ( ret = ctx->f_entropy( ctx->p_entropy, + seed, ctx->entropy_len ) ) != 0 ) return( MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED ); seedlen = ctx->entropy_len; @@ -148,13 +182,16 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx, } /* 2. Update state */ - mbedtls_hmac_drbg_update( ctx, seed, seedlen ); + if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, seed, seedlen ) ) != 0 ) + goto exit; /* 3. Reset reseed_counter */ ctx->reseed_counter = 1; +exit: /* 4. Done */ - return( 0 ); + mbedtls_platform_zeroize( seed, seedlen ); + return( ret ); } /* @@ -180,7 +217,8 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, * Use the V memory location, which is currently all 0, to initialize the * MD context with an all-zero key. Then set V to its initial value. */ - mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, md_size ); + if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, md_size ) ) != 0 ) + return( ret ); memset( ctx->V, 0x01, md_size ); ctx->f_entropy = f_entropy; @@ -273,16 +311,24 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, /* 2. Use additional data if any */ if( additional != NULL && add_len != 0 ) - mbedtls_hmac_drbg_update( ctx, additional, add_len ); + { + if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, + additional, add_len ) ) != 0 ) + goto exit; + } /* 3, 4, 5. Generate bytes */ while( left != 0 ) { size_t use_len = left > md_len ? md_len : left; - mbedtls_md_hmac_reset( &ctx->md_ctx ); - mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); - mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ); + if( ( ret = mbedtls_md_hmac_reset( &ctx->md_ctx ) ) != 0 ) + goto exit; + if( ( ret = mbedtls_md_hmac_update( &ctx->md_ctx, + ctx->V, md_len ) ) != 0 ) + goto exit; + if( ( ret = mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V ) ) != 0 ) + goto exit; memcpy( out, ctx->V, use_len ); out += use_len; @@ -290,13 +336,16 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng, } /* 6. Update */ - mbedtls_hmac_drbg_update( ctx, additional, add_len ); + if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, + additional, add_len ) ) != 0 ) + goto exit; /* 7. Update reseed counter */ ctx->reseed_counter++; +exit: /* 8. Done */ - return( 0 ); + return( ret ); } /* @@ -368,35 +417,36 @@ exit: int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path ) { int ret = 0; - FILE *f; + FILE *f = NULL; size_t n; unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ]; + unsigned char c; if( ( f = fopen( path, "rb" ) ) == NULL ) return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR ); - fseek( f, 0, SEEK_END ); - n = (size_t) ftell( f ); - fseek( f, 0, SEEK_SET ); - - if( n > MBEDTLS_HMAC_DRBG_MAX_INPUT ) + n = fread( buf, 1, sizeof( buf ), f ); + if( fread( &c, 1, 1, f ) != 0 ) { - fclose( f ); - return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG ); + ret = MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG; + goto exit; } - - if( fread( buf, 1, n, f ) != n ) + if( n == 0 || ferror( f ) ) + { ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR; - else - mbedtls_hmac_drbg_update( ctx, buf, n ); - + goto exit; + } fclose( f ); + f = NULL; - mbedtls_platform_zeroize( buf, sizeof( buf ) ); + ret = mbedtls_hmac_drbg_update_ret( ctx, buf, n ); +exit: + mbedtls_platform_zeroize( buf, sizeof( buf ) ); + if( f != NULL ) + fclose( f ); if( ret != 0 ) return( ret ); - return( mbedtls_hmac_drbg_write_seed_file( ctx, path ) ); } #endif /* MBEDTLS_FS_IO */ diff --git a/thirdparty/mbedtls/library/nist_kw.c b/thirdparty/mbedtls/library/nist_kw.c index 176af9fe08..317a2426ae 100644 --- a/thirdparty/mbedtls/library/nist_kw.c +++ b/thirdparty/mbedtls/library/nist_kw.c @@ -311,7 +311,7 @@ cleanup: } mbedtls_platform_zeroize( inbuff, KW_SEMIBLOCK_LENGTH * 2 ); mbedtls_platform_zeroize( outbuff, KW_SEMIBLOCK_LENGTH * 2 ); - mbedtls_cipher_finish( &ctx->cipher_ctx, NULL, &olen ); + return( ret ); } @@ -528,7 +528,7 @@ cleanup: mbedtls_platform_zeroize( &bad_padding, sizeof( bad_padding) ); mbedtls_platform_zeroize( &diff, sizeof( diff ) ); mbedtls_platform_zeroize( A, sizeof( A ) ); - mbedtls_cipher_finish( &ctx->cipher_ctx, NULL, &olen ); + return( ret ); } diff --git a/thirdparty/mbedtls/library/pem.c b/thirdparty/mbedtls/library/pem.c index 6069a23dec..897c8a0d6f 100644 --- a/thirdparty/mbedtls/library/pem.c +++ b/thirdparty/mbedtls/library/pem.c @@ -423,9 +423,11 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const void mbedtls_pem_free( mbedtls_pem_context *ctx ) { - if( ctx->buf != NULL ) + if ( ctx->buf != NULL ) + { mbedtls_platform_zeroize( ctx->buf, ctx->buflen ); - mbedtls_free( ctx->buf ); + mbedtls_free( ctx->buf ); + } mbedtls_free( ctx->info ); mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pem_context ) ); diff --git a/thirdparty/mbedtls/library/pk.c b/thirdparty/mbedtls/library/pk.c index f05b139e3f..bac685dc19 100644 --- a/thirdparty/mbedtls/library/pk.c +++ b/thirdparty/mbedtls/library/pk.c @@ -44,13 +44,18 @@ #include <limits.h> #include <stdint.h> +/* Parameter validation macros based on platform_util.h */ +#define PK_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA ) +#define PK_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + /* * Initialise a mbedtls_pk_context */ void mbedtls_pk_init( mbedtls_pk_context *ctx ) { - if( ctx == NULL ) - return; + PK_VALIDATE( ctx != NULL ); ctx->pk_info = NULL; ctx->pk_ctx = NULL; @@ -61,14 +66,44 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx ) */ void mbedtls_pk_free( mbedtls_pk_context *ctx ) { - if( ctx == NULL || ctx->pk_info == NULL ) + if( ctx == NULL ) return; - ctx->pk_info->ctx_free_func( ctx->pk_ctx ); + if ( ctx->pk_info != NULL ) + ctx->pk_info->ctx_free_func( ctx->pk_ctx ); mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pk_context ) ); } +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) +/* + * Initialize a restart context + */ +void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx ) +{ + PK_VALIDATE( ctx != NULL ); + ctx->pk_info = NULL; + ctx->rs_ctx = NULL; +} + +/* + * Free the components of a restart context + */ +void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ) +{ + if( ctx == NULL || ctx->pk_info == NULL || + ctx->pk_info->rs_free_func == NULL ) + { + return; + } + + ctx->pk_info->rs_free_func( ctx->rs_ctx ); + + ctx->pk_info = NULL; + ctx->rs_ctx = NULL; +} +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + /* * Get pk_info structure from type */ @@ -100,7 +135,8 @@ const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type ) */ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info ) { - if( ctx == NULL || info == NULL || ctx->pk_info != NULL ) + PK_VALIDATE_RET( ctx != NULL ); + if( info == NULL || ctx->pk_info != NULL ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) @@ -123,7 +159,8 @@ int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, mbedtls_rsa_alt_context *rsa_alt; const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info; - if( ctx == NULL || ctx->pk_info != NULL ) + PK_VALIDATE_RET( ctx != NULL ); + if( ctx->pk_info != NULL ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL ) @@ -147,7 +184,9 @@ int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key, */ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type ) { - /* null or NONE context can't do anything */ + /* A context with null pk_info is not set up yet and can't do anything. + * For backward compatibility, also accept NULL instead of a context + * pointer. */ if( ctx == NULL || ctx->pk_info == NULL ) return( 0 ); @@ -171,17 +210,71 @@ static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len return( 0 ); } +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* - * Verify a signature + * Helper to set up a restart context if needed */ -int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, +static int pk_restart_setup( mbedtls_pk_restart_ctx *ctx, + const mbedtls_pk_info_t *info ) +{ + /* Don't do anything if already set up or invalid */ + if( ctx == NULL || ctx->pk_info != NULL ) + return( 0 ); + + /* Should never happen when we're called */ + if( info->rs_alloc_func == NULL || info->rs_free_func == NULL ) + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + + if( ( ctx->rs_ctx = info->rs_alloc_func() ) == NULL ) + return( MBEDTLS_ERR_PK_ALLOC_FAILED ); + + ctx->pk_info = info; + + return( 0 ); +} +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + +/* + * Verify a signature (restartable) + */ +int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, + mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len ) + const unsigned char *sig, size_t sig_len, + mbedtls_pk_restart_ctx *rs_ctx ) { - if( ctx == NULL || ctx->pk_info == NULL || + PK_VALIDATE_RET( ctx != NULL ); + PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) || + hash != NULL ); + PK_VALIDATE_RET( sig != NULL ); + + if( ctx->pk_info == NULL || pk_hashlen_helper( md_alg, &hash_len ) != 0 ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + /* optimization: use non-restartable version if restart disabled */ + if( rs_ctx != NULL && + mbedtls_ecp_restart_is_enabled() && + ctx->pk_info->verify_rs_func != NULL ) + { + int ret; + + if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 ) + return( ret ); + + ret = ctx->pk_info->verify_rs_func( ctx->pk_ctx, + md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx ); + + if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) + mbedtls_pk_restart_free( rs_ctx ); + + return( ret ); + } +#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + (void) rs_ctx; +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + if( ctx->pk_info->verify_func == NULL ) return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); @@ -190,6 +283,17 @@ int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, } /* + * Verify a signature + */ +int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len ) +{ + return( mbedtls_pk_verify_restartable( ctx, md_alg, hash, hash_len, + sig, sig_len, NULL ) ); +} + +/* * Verify a signature with options */ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, @@ -197,7 +301,12 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ) { - if( ctx == NULL || ctx->pk_info == NULL ) + PK_VALIDATE_RET( ctx != NULL ); + PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) || + hash != NULL ); + PK_VALIDATE_RET( sig != NULL ); + + if( ctx->pk_info == NULL ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ! mbedtls_pk_can_do( ctx, type ) ) @@ -248,17 +357,47 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, } /* - * Make a signature + * Make a signature (restartable) */ -int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, +int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx, + mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + mbedtls_pk_restart_ctx *rs_ctx ) { - if( ctx == NULL || ctx->pk_info == NULL || + PK_VALIDATE_RET( ctx != NULL ); + PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) || + hash != NULL ); + PK_VALIDATE_RET( sig != NULL ); + + if( ctx->pk_info == NULL || pk_hashlen_helper( md_alg, &hash_len ) != 0 ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + /* optimization: use non-restartable version if restart disabled */ + if( rs_ctx != NULL && + mbedtls_ecp_restart_is_enabled() && + ctx->pk_info->sign_rs_func != NULL ) + { + int ret; + + if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 ) + return( ret ); + + ret = ctx->pk_info->sign_rs_func( ctx->pk_ctx, md_alg, + hash, hash_len, sig, sig_len, f_rng, p_rng, rs_ctx->rs_ctx ); + + if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) + mbedtls_pk_restart_free( rs_ctx ); + + return( ret ); + } +#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + (void) rs_ctx; +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + if( ctx->pk_info->sign_func == NULL ) return( MBEDTLS_ERR_PK_TYPE_MISMATCH ); @@ -267,6 +406,18 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, } /* + * Make a signature + */ +int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) +{ + return( mbedtls_pk_sign_restartable( ctx, md_alg, hash, hash_len, + sig, sig_len, f_rng, p_rng, NULL ) ); +} + +/* * Decrypt message */ int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, @@ -274,7 +425,12 @@ int mbedtls_pk_decrypt( mbedtls_pk_context *ctx, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - if( ctx == NULL || ctx->pk_info == NULL ) + PK_VALIDATE_RET( ctx != NULL ); + PK_VALIDATE_RET( input != NULL || ilen == 0 ); + PK_VALIDATE_RET( output != NULL || osize == 0 ); + PK_VALIDATE_RET( olen != NULL ); + + if( ctx->pk_info == NULL ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ctx->pk_info->decrypt_func == NULL ) @@ -292,7 +448,12 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { - if( ctx == NULL || ctx->pk_info == NULL ) + PK_VALIDATE_RET( ctx != NULL ); + PK_VALIDATE_RET( input != NULL || ilen == 0 ); + PK_VALIDATE_RET( output != NULL || osize == 0 ); + PK_VALIDATE_RET( olen != NULL ); + + if( ctx->pk_info == NULL ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ctx->pk_info->encrypt_func == NULL ) @@ -307,8 +468,11 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx, */ int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv ) { - if( pub == NULL || pub->pk_info == NULL || - prv == NULL || prv->pk_info == NULL || + PK_VALIDATE_RET( pub != NULL ); + PK_VALIDATE_RET( prv != NULL ); + + if( pub->pk_info == NULL || + prv->pk_info == NULL || prv->pk_info->check_pair_func == NULL ) { return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); @@ -333,6 +497,8 @@ int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_conte */ size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ) { + /* For backward compatibility, accept NULL or a context that + * isn't set up yet, and return a fake value that should be safe. */ if( ctx == NULL || ctx->pk_info == NULL ) return( 0 ); @@ -344,7 +510,8 @@ size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx ) */ int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items ) { - if( ctx == NULL || ctx->pk_info == NULL ) + PK_VALIDATE_RET( ctx != NULL ); + if( ctx->pk_info == NULL ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); if( ctx->pk_info->debug_func == NULL ) diff --git a/thirdparty/mbedtls/library/pk_wrap.c b/thirdparty/mbedtls/library/pk_wrap.c index 2c7d2d79b8..87806be337 100644 --- a/thirdparty/mbedtls/library/pk_wrap.c +++ b/thirdparty/mbedtls/library/pk_wrap.c @@ -190,11 +190,19 @@ const mbedtls_pk_info_t mbedtls_rsa_info = { rsa_can_do, rsa_verify_wrap, rsa_sign_wrap, +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + NULL, + NULL, +#endif rsa_decrypt_wrap, rsa_encrypt_wrap, rsa_check_pair_wrap, rsa_alloc_wrap, rsa_free_wrap, +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + NULL, + NULL, +#endif rsa_debug, }; #endif /* MBEDTLS_RSA_C */ @@ -262,6 +270,110 @@ static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, return( ret ); } +#if defined(MBEDTLS_ECP_RESTARTABLE) +/* Forward declarations */ +static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx ); + +static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + void *rs_ctx ); + +/* + * Restart context for ECDSA operations with ECKEY context + * + * We need to store an actual ECDSA context, as we need to pass the same to + * the underlying ecdsa function, so we can't create it on the fly every time. + */ +typedef struct +{ + mbedtls_ecdsa_restart_ctx ecdsa_rs; + mbedtls_ecdsa_context ecdsa_ctx; +} eckey_restart_ctx; + +static void *eckey_rs_alloc( void ) +{ + eckey_restart_ctx *rs_ctx; + + void *ctx = mbedtls_calloc( 1, sizeof( eckey_restart_ctx ) ); + + if( ctx != NULL ) + { + rs_ctx = ctx; + mbedtls_ecdsa_restart_init( &rs_ctx->ecdsa_rs ); + mbedtls_ecdsa_init( &rs_ctx->ecdsa_ctx ); + } + + return( ctx ); +} + +static void eckey_rs_free( void *ctx ) +{ + eckey_restart_ctx *rs_ctx; + + if( ctx == NULL) + return; + + rs_ctx = ctx; + mbedtls_ecdsa_restart_free( &rs_ctx->ecdsa_rs ); + mbedtls_ecdsa_free( &rs_ctx->ecdsa_ctx ); + + mbedtls_free( ctx ); +} + +static int eckey_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx ) +{ + int ret; + eckey_restart_ctx *rs = rs_ctx; + + /* Should never happen */ + if( rs == NULL ) + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + + /* set up our own sub-context if needed (that is, on first run) */ + if( rs->ecdsa_ctx.grp.pbits == 0 ) + MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) ); + + MBEDTLS_MPI_CHK( ecdsa_verify_rs_wrap( &rs->ecdsa_ctx, + md_alg, hash, hash_len, + sig, sig_len, &rs->ecdsa_rs ) ); + +cleanup: + return( ret ); +} + +static int eckey_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + void *rs_ctx ) +{ + int ret; + eckey_restart_ctx *rs = rs_ctx; + + /* Should never happen */ + if( rs == NULL ) + return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); + + /* set up our own sub-context if needed (that is, on first run) */ + if( rs->ecdsa_ctx.grp.pbits == 0 ) + MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) ); + + MBEDTLS_MPI_CHK( ecdsa_sign_rs_wrap( &rs->ecdsa_ctx, md_alg, + hash, hash_len, sig, sig_len, + f_rng, p_rng, &rs->ecdsa_rs ) ); + +cleanup: + return( ret ); +} +#endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECDSA_C */ static int eckey_check_pair( const void *pub, const void *prv ) @@ -301,15 +413,23 @@ const mbedtls_pk_info_t mbedtls_eckey_info = { #if defined(MBEDTLS_ECDSA_C) eckey_verify_wrap, eckey_sign_wrap, -#else +#if defined(MBEDTLS_ECP_RESTARTABLE) + eckey_verify_rs_wrap, + eckey_sign_rs_wrap, +#endif +#else /* MBEDTLS_ECDSA_C */ NULL, NULL, -#endif +#endif /* MBEDTLS_ECDSA_C */ NULL, NULL, eckey_check_pair, eckey_alloc_wrap, eckey_free_wrap, +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + eckey_rs_alloc, + eckey_rs_free, +#endif eckey_debug, }; @@ -329,11 +449,19 @@ const mbedtls_pk_info_t mbedtls_eckeydh_info = { eckeydh_can_do, NULL, NULL, +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + NULL, + NULL, +#endif NULL, NULL, eckey_check_pair, eckey_alloc_wrap, /* Same underlying key structure */ eckey_free_wrap, /* Same underlying key structure */ +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + NULL, + NULL, +#endif eckey_debug, /* Same underlying key structure */ }; #endif /* MBEDTLS_ECP_C */ @@ -369,6 +497,40 @@ static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) ); } +#if defined(MBEDTLS_ECP_RESTARTABLE) +static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx ) +{ + int ret; + ((void) md_alg); + + ret = mbedtls_ecdsa_read_signature_restartable( + (mbedtls_ecdsa_context *) ctx, + hash, hash_len, sig, sig_len, + (mbedtls_ecdsa_restart_ctx *) rs_ctx ); + + if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH ) + return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); + + return( ret ); +} + +static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + void *rs_ctx ) +{ + return( mbedtls_ecdsa_write_signature_restartable( + (mbedtls_ecdsa_context *) ctx, + md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng, + (mbedtls_ecdsa_restart_ctx *) rs_ctx ) ); + +} +#endif /* MBEDTLS_ECP_RESTARTABLE */ + static void *ecdsa_alloc_wrap( void ) { void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) ); @@ -385,6 +547,24 @@ static void ecdsa_free_wrap( void *ctx ) mbedtls_free( ctx ); } +#if defined(MBEDTLS_ECP_RESTARTABLE) +static void *ecdsa_rs_alloc( void ) +{ + void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_restart_ctx ) ); + + if( ctx != NULL ) + mbedtls_ecdsa_restart_init( ctx ); + + return( ctx ); +} + +static void ecdsa_rs_free( void *ctx ) +{ + mbedtls_ecdsa_restart_free( ctx ); + mbedtls_free( ctx ); +} +#endif /* MBEDTLS_ECP_RESTARTABLE */ + const mbedtls_pk_info_t mbedtls_ecdsa_info = { MBEDTLS_PK_ECDSA, "ECDSA", @@ -392,11 +572,19 @@ const mbedtls_pk_info_t mbedtls_ecdsa_info = { ecdsa_can_do, ecdsa_verify_wrap, ecdsa_sign_wrap, +#if defined(MBEDTLS_ECP_RESTARTABLE) + ecdsa_verify_rs_wrap, + ecdsa_sign_rs_wrap, +#endif NULL, NULL, eckey_check_pair, /* Compatible key structures */ ecdsa_alloc_wrap, ecdsa_free_wrap, +#if defined(MBEDTLS_ECP_RESTARTABLE) + ecdsa_rs_alloc, + ecdsa_rs_free, +#endif eckey_debug, /* Compatible key structures */ }; #endif /* MBEDTLS_ECDSA_C */ @@ -506,6 +694,10 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = { rsa_alt_can_do, NULL, rsa_alt_sign_wrap, +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + NULL, + NULL, +#endif rsa_alt_decrypt_wrap, NULL, #if defined(MBEDTLS_RSA_C) @@ -515,6 +707,10 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = { #endif rsa_alt_alloc_wrap, rsa_alt_free_wrap, +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + NULL, + NULL, +#endif NULL, }; diff --git a/thirdparty/mbedtls/library/pkcs12.c b/thirdparty/mbedtls/library/pkcs12.c index 16a15cb63e..7edf064c13 100644 --- a/thirdparty/mbedtls/library/pkcs12.c +++ b/thirdparty/mbedtls/library/pkcs12.c @@ -48,6 +48,8 @@ #include "mbedtls/des.h" #endif +#if defined(MBEDTLS_ASN1_PARSE_C) + static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params, mbedtls_asn1_buf *salt, int *iterations ) { @@ -226,6 +228,8 @@ exit: return( ret ); } +#endif /* MBEDTLS_ASN1_PARSE_C */ + static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, const unsigned char *filler, size_t fill_len ) { diff --git a/thirdparty/mbedtls/library/pkcs5.c b/thirdparty/mbedtls/library/pkcs5.c index f04f0ab25e..50133435ce 100644 --- a/thirdparty/mbedtls/library/pkcs5.c +++ b/thirdparty/mbedtls/library/pkcs5.c @@ -54,22 +54,7 @@ #define mbedtls_printf printf #endif -#if !defined(MBEDTLS_ASN1_PARSE_C) -int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *data, size_t datalen, - unsigned char *output ) -{ - ((void) pbe_params); - ((void) mode); - ((void) pwd); - ((void) pwdlen); - ((void) data); - ((void) datalen); - ((void) output); - return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE ); -} -#else +#if defined(MBEDTLS_ASN1_PARSE_C) static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params, mbedtls_asn1_buf *salt, int *iterations, int *keylen, mbedtls_md_type_t *md_type ) diff --git a/thirdparty/mbedtls/library/pkparse.c b/thirdparty/mbedtls/library/pkparse.c index d6ac987e23..ae210bca6a 100644 --- a/thirdparty/mbedtls/library/pkparse.c +++ b/thirdparty/mbedtls/library/pkparse.c @@ -61,6 +61,12 @@ #define mbedtls_free free #endif +/* Parameter validation macros based on platform_util.h */ +#define PK_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA ) +#define PK_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + #if defined(MBEDTLS_FS_IO) /* * Load all data from a file into a given buffer. @@ -74,6 +80,10 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n ) FILE *f; long size; + PK_VALIDATE_RET( path != NULL ); + PK_VALIDATE_RET( buf != NULL ); + PK_VALIDATE_RET( n != NULL ); + if( ( f = fopen( path, "rb" ) ) == NULL ) return( MBEDTLS_ERR_PK_FILE_IO_ERROR ); @@ -124,6 +134,9 @@ int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx, size_t n; unsigned char *buf; + PK_VALIDATE_RET( ctx != NULL ); + PK_VALIDATE_RET( path != NULL ); + if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) return( ret ); @@ -148,6 +161,9 @@ int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path ) size_t n; unsigned char *buf; + PK_VALIDATE_RET( ctx != NULL ); + PK_VALIDATE_RET( path != NULL ); + if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 ) return( ret ); @@ -605,6 +621,11 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end, mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; const mbedtls_pk_info_t *pk_info; + PK_VALIDATE_RET( p != NULL ); + PK_VALIDATE_RET( *p != NULL ); + PK_VALIDATE_RET( end != NULL ); + PK_VALIDATE_RET( pk != NULL ); + if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) { @@ -1145,16 +1166,22 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, { int ret; const mbedtls_pk_info_t *pk_info; - #if defined(MBEDTLS_PEM_PARSE_C) size_t len; mbedtls_pem_context pem; +#endif - mbedtls_pem_init( &pem ); + PK_VALIDATE_RET( pk != NULL ); + if( keylen == 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + PK_VALIDATE_RET( key != NULL ); + +#if defined(MBEDTLS_PEM_PARSE_C) + mbedtls_pem_init( &pem ); #if defined(MBEDTLS_RSA_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( keylen == 0 || key[keylen - 1] != '\0' ) + if( key[keylen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, @@ -1185,7 +1212,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, #if defined(MBEDTLS_ECP_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( keylen == 0 || key[keylen - 1] != '\0' ) + if( key[keylen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, @@ -1215,7 +1242,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, #endif /* MBEDTLS_ECP_C */ /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( keylen == 0 || key[keylen - 1] != '\0' ) + if( key[keylen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, @@ -1238,7 +1265,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( keylen == 0 || key[keylen - 1] != '\0' ) + if( key[keylen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, @@ -1276,9 +1303,6 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, { unsigned char *key_copy; - if( keylen == 0 ) - return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); - if( ( key_copy = mbedtls_calloc( 1, keylen ) ) == NULL ) return( MBEDTLS_ERR_PK_ALLOC_FAILED ); @@ -1295,6 +1319,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, return( 0 ); mbedtls_pk_free( pk ); + mbedtls_pk_init( pk ); if( ret == MBEDTLS_ERR_PK_PASSWORD_MISMATCH ) { @@ -1306,39 +1331,42 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk, return( 0 ); mbedtls_pk_free( pk ); + mbedtls_pk_init( pk ); #if defined(MBEDTLS_RSA_C) pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ); - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 || - ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), - key, keylen ) ) != 0 ) - { - mbedtls_pk_free( pk ); - } - else + if( mbedtls_pk_setup( pk, pk_info ) == 0 && + pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), key, keylen ) == 0 ) { return( 0 ); } + mbedtls_pk_free( pk ); + mbedtls_pk_init( pk ); #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_ECP_C) - pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ); - if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 || - ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), - key, keylen ) ) != 0 ) - { - mbedtls_pk_free( pk ); - } - else + if( mbedtls_pk_setup( pk, pk_info ) == 0 && + pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), + key, keylen ) == 0 ) { return( 0 ); } - + mbedtls_pk_free( pk ); #endif /* MBEDTLS_ECP_C */ + /* If MBEDTLS_RSA_C is defined but MBEDTLS_ECP_C isn't, + * it is ok to leave the PK context initialized but not + * freed: It is the caller's responsibility to call pk_init() + * before calling this function, and to call pk_free() + * when it fails. If MBEDTLS_ECP_C is defined but MBEDTLS_RSA_C + * isn't, this leads to mbedtls_pk_free() being called + * twice, once here and once by the caller, but this is + * also ok and in line with the mbedtls_pk_free() calls + * on failed PEM parsing attempts. */ + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); } @@ -1356,11 +1384,18 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, #if defined(MBEDTLS_PEM_PARSE_C) size_t len; mbedtls_pem_context pem; +#endif + PK_VALIDATE_RET( ctx != NULL ); + if( keylen == 0 ) + return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT ); + PK_VALIDATE_RET( key != NULL || keylen == 0 ); + +#if defined(MBEDTLS_PEM_PARSE_C) mbedtls_pem_init( &pem ); #if defined(MBEDTLS_RSA_C) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( keylen == 0 || key[keylen - 1] != '\0' ) + if( key[keylen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, @@ -1391,7 +1426,7 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx, #endif /* MBEDTLS_RSA_C */ /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ - if( keylen == 0 || key[keylen - 1] != '\0' ) + if( key[keylen - 1] != '\0' ) ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; else ret = mbedtls_pem_read_buffer( &pem, diff --git a/thirdparty/mbedtls/library/pkwrite.c b/thirdparty/mbedtls/library/pkwrite.c index 8eabd889b5..8d1da2f757 100644 --- a/thirdparty/mbedtls/library/pkwrite.c +++ b/thirdparty/mbedtls/library/pkwrite.c @@ -30,6 +30,7 @@ #include "mbedtls/pk.h" #include "mbedtls/asn1write.h" #include "mbedtls/oid.h" +#include "mbedtls/platform_util.h" #include <string.h> @@ -54,6 +55,12 @@ #define mbedtls_free free #endif +/* Parameter validation macros based on platform_util.h */ +#define PK_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_PK_BAD_INPUT_DATA ) +#define PK_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + #if defined(MBEDTLS_RSA_C) /* * RSAPublicKey ::= SEQUENCE { @@ -151,6 +158,11 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start, int ret; size_t len = 0; + PK_VALIDATE_RET( p != NULL ); + PK_VALIDATE_RET( *p != NULL ); + PK_VALIDATE_RET( start != NULL ); + PK_VALIDATE_RET( key != NULL ); + #if defined(MBEDTLS_RSA_C) if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA ) MBEDTLS_ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, mbedtls_pk_rsa( *key ) ) ); @@ -173,6 +185,11 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si size_t len = 0, par_len = 0, oid_len; const char *oid; + PK_VALIDATE_RET( key != NULL ); + if( size == 0 ) + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + PK_VALIDATE_RET( buf != NULL ); + c = buf + size; MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) ); @@ -217,9 +234,16 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_t size ) { int ret; - unsigned char *c = buf + size; + unsigned char *c; size_t len = 0; + PK_VALIDATE_RET( key != NULL ); + if( size == 0 ) + return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); + PK_VALIDATE_RET( buf != NULL ); + + c = buf + size; + #if defined(MBEDTLS_RSA_C) if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA ) { @@ -457,6 +481,9 @@ int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *key, unsigned char *buf, si unsigned char output_buf[PUB_DER_MAX_BYTES]; size_t olen = 0; + PK_VALIDATE_RET( key != NULL ); + PK_VALIDATE_RET( buf != NULL || size == 0 ); + if( ( ret = mbedtls_pk_write_pubkey_der( key, output_buf, sizeof(output_buf) ) ) < 0 ) { @@ -480,6 +507,9 @@ int mbedtls_pk_write_key_pem( mbedtls_pk_context *key, unsigned char *buf, size_ const char *begin, *end; size_t olen = 0; + PK_VALIDATE_RET( key != NULL ); + PK_VALIDATE_RET( buf != NULL || size == 0 ); + if( ( ret = mbedtls_pk_write_key_der( key, output_buf, sizeof(output_buf) ) ) < 0 ) return( ret ); diff --git a/thirdparty/mbedtls/library/platform.c b/thirdparty/mbedtls/library/platform.c index b24b2fa652..73a6db9ebe 100644 --- a/thirdparty/mbedtls/library/platform.c +++ b/thirdparty/mbedtls/library/platform.c @@ -30,7 +30,14 @@ #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#if defined(MBEDTLS_PLATFORM_MEMORY) +/* The compile time configuration of memory allocation via the macros + * MBEDTLS_PLATFORM_{FREE/CALLOC}_MACRO takes precedence over the runtime + * configuration via mbedtls_platform_set_calloc_free(). So, omit everything + * related to the latter if MBEDTLS_PLATFORM_{FREE/CALLOC}_MACRO are defined. */ +#if defined(MBEDTLS_PLATFORM_MEMORY) && \ + !( defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && \ + defined(MBEDTLS_PLATFORM_FREE_MACRO) ) + #if !defined(MBEDTLS_PLATFORM_STD_CALLOC) static void *platform_calloc_uninit( size_t n, size_t size ) { @@ -71,7 +78,9 @@ int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ), mbedtls_free_func = free_func; return( 0 ); } -#endif /* MBEDTLS_PLATFORM_MEMORY */ +#endif /* MBEDTLS_PLATFORM_MEMORY && + !( defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && + defined(MBEDTLS_PLATFORM_FREE_MACRO) ) */ #if defined(_WIN32) #include <stdarg.h> diff --git a/thirdparty/mbedtls/library/platform_util.c b/thirdparty/mbedtls/library/platform_util.c index 1a57de9393..756e22679a 100644 --- a/thirdparty/mbedtls/library/platform_util.c +++ b/thirdparty/mbedtls/library/platform_util.c @@ -20,6 +20,14 @@ * This file is part of Mbed TLS (https://tls.mbed.org) */ +/* + * Ensure gmtime_r is available even with -std=c99; must be defined before + * config.h, which pulls in glibc's features.h. Harmless on other platforms. + */ +#if !defined(_POSIX_C_SOURCE) +#define _POSIX_C_SOURCE 200112L +#endif + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else @@ -27,6 +35,8 @@ #endif #include "mbedtls/platform_util.h" +#include "mbedtls/platform.h" +#include "mbedtls/threading.h" #include <stddef.h> #include <string.h> @@ -65,3 +75,62 @@ void mbedtls_platform_zeroize( void *buf, size_t len ) memset_func( buf, 0, len ); } #endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */ + +#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT) +#include <time.h> +#if !defined(_WIN32) && (defined(unix) || \ + defined(__unix) || defined(__unix__) || (defined(__APPLE__) && \ + defined(__MACH__))) +#include <unistd.h> +#endif /* !_WIN32 && (unix || __unix || __unix__ || + * (__APPLE__ && __MACH__)) */ + +#if !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ + ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ + _POSIX_THREAD_SAFE_FUNCTIONS >= 20112L ) ) +/* + * This is a convenience shorthand macro to avoid checking the long + * preprocessor conditions above. Ideally, we could expose this macro in + * platform_util.h and simply use it in platform_util.c, threading.c and + * threading.h. However, this macro is not part of the Mbed TLS public API, so + * we keep it private by only defining it in this file + */ +#if ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) +#define PLATFORM_UTIL_USE_GMTIME +#endif /* ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) */ + +#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ + ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ + _POSIX_THREAD_SAFE_FUNCTIONS >= 20112L ) ) */ + +struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt, + struct tm *tm_buf ) +{ +#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) + return( ( gmtime_s( tm_buf, tt ) == 0 ) ? tm_buf : NULL ); +#elif !defined(PLATFORM_UTIL_USE_GMTIME) + return( gmtime_r( tt, tm_buf ) ); +#else + struct tm *lt; + +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_lock( &mbedtls_threading_gmtime_mutex ) != 0 ) + return( NULL ); +#endif /* MBEDTLS_THREADING_C */ + + lt = gmtime( tt ); + + if( lt != NULL ) + { + memcpy( tm_buf, lt, sizeof( struct tm ) ); + } + +#if defined(MBEDTLS_THREADING_C) + if( mbedtls_mutex_unlock( &mbedtls_threading_gmtime_mutex ) != 0 ) + return( NULL ); +#endif /* MBEDTLS_THREADING_C */ + + return( ( lt == NULL ) ? NULL : tm_buf ); +#endif /* _WIN32 && !EFIX64 && !EFI32 */ +} +#endif /* MBEDTLS_HAVE_TIME_DATE && MBEDTLS_PLATFORM_GMTIME_R_ALT */ diff --git a/thirdparty/mbedtls/library/poly1305.c b/thirdparty/mbedtls/library/poly1305.c index e22d3afb68..b274119181 100644 --- a/thirdparty/mbedtls/library/poly1305.c +++ b/thirdparty/mbedtls/library/poly1305.c @@ -49,6 +49,12 @@ #define inline __inline #endif +/* Parameter validation macros */ +#define POLY1305_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ) +#define POLY1305_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + #define POLY1305_BLOCK_SIZE_BYTES ( 16U ) #define BYTES_TO_U32_LE( data, offset ) \ @@ -276,27 +282,24 @@ static void poly1305_compute_mac( const mbedtls_poly1305_context *ctx, void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx ) { - if( ctx != NULL ) - { - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) ); - } + POLY1305_VALIDATE( ctx != NULL ); + + mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) ); } void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx ) { - if( ctx != NULL ) - { - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) ); - } + if( ctx == NULL ) + return; + + mbedtls_platform_zeroize( ctx, sizeof( mbedtls_poly1305_context ) ); } int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx, const unsigned char key[32] ) { - if( ctx == NULL || key == NULL ) - { - return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); - } + POLY1305_VALIDATE_RET( ctx != NULL ); + POLY1305_VALIDATE_RET( key != NULL ); /* r &= 0x0ffffffc0ffffffc0ffffffc0fffffff */ ctx->r[0] = BYTES_TO_U32_LE( key, 0 ) & 0x0FFFFFFFU; @@ -331,16 +334,8 @@ int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx, size_t remaining = ilen; size_t queue_free_len; size_t nblocks; - - if( ctx == NULL ) - { - return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); - } - else if( ( ilen > 0U ) && ( input == NULL ) ) - { - /* input pointer is allowed to be NULL only if ilen == 0 */ - return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); - } + POLY1305_VALIDATE_RET( ctx != NULL ); + POLY1305_VALIDATE_RET( ilen == 0 || input != NULL ); if( ( remaining > 0U ) && ( ctx->queue_len > 0U ) ) { @@ -398,10 +393,8 @@ int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx, int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx, unsigned char mac[16] ) { - if( ( ctx == NULL ) || ( mac == NULL ) ) - { - return( MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA ); - } + POLY1305_VALIDATE_RET( ctx != NULL ); + POLY1305_VALIDATE_RET( mac != NULL ); /* Process any leftover data */ if( ctx->queue_len > 0U ) @@ -431,6 +424,9 @@ int mbedtls_poly1305_mac( const unsigned char key[32], { mbedtls_poly1305_context ctx; int ret; + POLY1305_VALIDATE_RET( key != NULL ); + POLY1305_VALIDATE_RET( mac != NULL ); + POLY1305_VALIDATE_RET( ilen == 0 || input != NULL ); mbedtls_poly1305_init( &ctx ); diff --git a/thirdparty/mbedtls/library/rsa.c b/thirdparty/mbedtls/library/rsa.c index 88c1cf1007..af1a878599 100644 --- a/thirdparty/mbedtls/library/rsa.c +++ b/thirdparty/mbedtls/library/rsa.c @@ -71,6 +71,12 @@ #if !defined(MBEDTLS_RSA_ALT) +/* Parameter validation macros */ +#define RSA_VALIDATE_RET( cond ) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_RSA_BAD_INPUT_DATA ) +#define RSA_VALIDATE( cond ) \ + MBEDTLS_INTERNAL_VALIDATE( cond ) + #if defined(MBEDTLS_PKCS1_V15) /* constant-time buffer comparison */ static inline int mbedtls_safer_memcmp( const void *a, const void *b, size_t n ) @@ -93,6 +99,7 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx, const mbedtls_mpi *D, const mbedtls_mpi *E ) { int ret; + RSA_VALIDATE_RET( ctx != NULL ); if( ( N != NULL && ( ret = mbedtls_mpi_copy( &ctx->N, N ) ) != 0 ) || ( P != NULL && ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ) || @@ -117,6 +124,7 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, unsigned char const *E, size_t E_len ) { int ret = 0; + RSA_VALIDATE_RET( ctx != NULL ); if( N != NULL ) { @@ -240,12 +248,16 @@ static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) { int ret = 0; + int have_N, have_P, have_Q, have_D, have_E; + int n_missing, pq_missing, d_missing, is_pub, is_priv; + + RSA_VALIDATE_RET( ctx != NULL ); - const int have_N = ( mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 ); - const int have_P = ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 ); - const int have_Q = ( mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 ); - const int have_D = ( mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 ); - const int have_E = ( mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0 ); + have_N = ( mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 ); + have_P = ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 ); + have_Q = ( mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 ); + have_D = ( mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 ); + have_E = ( mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0 ); /* * Check whether provided parameters are enough @@ -257,13 +269,13 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) * */ - const int n_missing = have_P && have_Q && have_D && have_E; - const int pq_missing = have_N && !have_P && !have_Q && have_D && have_E; - const int d_missing = have_P && have_Q && !have_D && have_E; - const int is_pub = have_N && !have_P && !have_Q && !have_D && have_E; + n_missing = have_P && have_Q && have_D && have_E; + pq_missing = have_N && !have_P && !have_Q && have_D && have_E; + d_missing = have_P && have_Q && !have_D && have_E; + is_pub = have_N && !have_P && !have_Q && !have_D && have_E; /* These three alternatives are mutually exclusive */ - const int is_priv = n_missing || pq_missing || d_missing; + is_priv = n_missing || pq_missing || d_missing; if( !is_priv && !is_pub ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -336,9 +348,11 @@ int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx, unsigned char *E, size_t E_len ) { int ret = 0; + int is_priv; + RSA_VALIDATE_RET( ctx != NULL ); /* Check if key is private or public */ - const int is_priv = + is_priv = mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 && mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 && mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 && @@ -379,9 +393,11 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, mbedtls_mpi *D, mbedtls_mpi *E ) { int ret; + int is_priv; + RSA_VALIDATE_RET( ctx != NULL ); /* Check if key is private or public */ - int is_priv = + is_priv = mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 && mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 && mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 && @@ -421,9 +437,11 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP ) { int ret; + int is_priv; + RSA_VALIDATE_RET( ctx != NULL ); /* Check if key is private or public */ - int is_priv = + is_priv = mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 && mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 && mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 && @@ -459,6 +477,10 @@ void mbedtls_rsa_init( mbedtls_rsa_context *ctx, int padding, int hash_id ) { + RSA_VALIDATE( ctx != NULL ); + RSA_VALIDATE( padding == MBEDTLS_RSA_PKCS_V15 || + padding == MBEDTLS_RSA_PKCS_V21 ); + memset( ctx, 0, sizeof( mbedtls_rsa_context ) ); mbedtls_rsa_set_padding( ctx, padding, hash_id ); @@ -471,8 +493,13 @@ void mbedtls_rsa_init( mbedtls_rsa_context *ctx, /* * Set padding for an existing RSA context */ -void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, int hash_id ) +void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, + int hash_id ) { + RSA_VALIDATE( ctx != NULL ); + RSA_VALIDATE( padding == MBEDTLS_RSA_PKCS_V15 || + padding == MBEDTLS_RSA_PKCS_V21 ); + ctx->padding = padding; ctx->hash_id = hash_id; } @@ -502,12 +529,20 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, { int ret; mbedtls_mpi H, G, L; + int prime_quality = 0; + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( f_rng != NULL ); - if( f_rng == NULL || nbits < 128 || exponent < 3 ) + if( nbits < 128 || exponent < 3 || nbits % 2 != 0 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - if( nbits % 2 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + /* + * If the modulus is 1024 bit long or shorter, then the security strength of + * the RSA algorithm is less than or equal to 80 bits and therefore an error + * rate of 2^-80 is sufficient. + */ + if( nbits > 1024 ) + prime_quality = MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR; mbedtls_mpi_init( &H ); mbedtls_mpi_init( &G ); @@ -523,11 +558,11 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, do { - MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, nbits >> 1, 0, - f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, nbits >> 1, + prime_quality, f_rng, p_rng ) ); - MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1, 0, - f_rng, p_rng ) ); + MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1, + prime_quality, f_rng, p_rng ) ); /* make sure the difference between p and q is not too small (FIPS 186-4 §B.3.3 step 5.4) */ MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &H, &ctx->P, &ctx->Q ) ); @@ -603,6 +638,8 @@ cleanup: */ int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ) { + RSA_VALIDATE_RET( ctx != NULL ); + if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) != 0 ) return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); @@ -626,6 +663,8 @@ int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ) */ int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ) { + RSA_VALIDATE_RET( ctx != NULL ); + if( mbedtls_rsa_check_pubkey( ctx ) != 0 || rsa_check_context( ctx, 1 /* private */, 1 /* blinding */ ) != 0 ) { @@ -655,6 +694,9 @@ int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ) int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, const mbedtls_rsa_context *prv ) { + RSA_VALIDATE_RET( pub != NULL ); + RSA_VALIDATE_RET( prv != NULL ); + if( mbedtls_rsa_check_pubkey( pub ) != 0 || mbedtls_rsa_check_privkey( prv ) != 0 ) { @@ -680,6 +722,9 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx, int ret; size_t olen; mbedtls_mpi T; + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( input != NULL ); + RSA_VALIDATE_RET( output != NULL ); if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -822,6 +867,10 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * checked result; should be the same in the end. */ mbedtls_mpi I, C; + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( input != NULL ); + RSA_VALIDATE_RET( output != NULL ); + if( rsa_check_context( ctx, 1 /* private key checks */, f_rng != NULL /* blinding y/n */ ) != 0 ) { @@ -1082,6 +1131,13 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC ); + RSA_VALIDATE_RET( output != NULL ); + RSA_VALIDATE_RET( input != NULL ); + RSA_VALIDATE_RET( label_len == 0 || label != NULL ); + if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -1158,11 +1214,13 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, int ret; unsigned char *p = output; - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC ); + RSA_VALIDATE_RET( output != NULL ); + RSA_VALIDATE_RET( input != NULL ); - // We don't check p_rng because it won't be dereferenced here - if( f_rng == NULL || input == NULL || output == NULL ) + if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); olen = ctx->len; @@ -1176,6 +1234,9 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, *p++ = 0; if( mode == MBEDTLS_RSA_PUBLIC ) { + if( f_rng == NULL ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + *p++ = MBEDTLS_RSA_CRYPT; while( nb_pad-- > 0 ) @@ -1220,6 +1281,12 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, const unsigned char *input, unsigned char *output ) { + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC ); + RSA_VALIDATE_RET( output != NULL ); + RSA_VALIDATE_RET( input != NULL ); + switch( ctx->padding ) { #if defined(MBEDTLS_PKCS1_V15) @@ -1262,6 +1329,14 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC ); + RSA_VALIDATE_RET( output_max_len == 0 || output != NULL ); + RSA_VALIDATE_RET( label_len == 0 || label != NULL ); + RSA_VALIDATE_RET( input != NULL ); + RSA_VALIDATE_RET( olen != NULL ); + /* * Parameters sanity checks */ @@ -1378,6 +1453,97 @@ cleanup: #endif /* MBEDTLS_PKCS1_V21 */ #if defined(MBEDTLS_PKCS1_V15) +/** Turn zero-or-nonzero into zero-or-all-bits-one, without branches. + * + * \param value The value to analyze. + * \return Zero if \p value is zero, otherwise all-bits-one. + */ +static unsigned all_or_nothing_int( unsigned value ) +{ + /* MSVC has a warning about unary minus on unsigned, but this is + * well-defined and precisely what we want to do here */ +#if defined(_MSC_VER) +#pragma warning( push ) +#pragma warning( disable : 4146 ) +#endif + return( - ( ( value | - value ) >> ( sizeof( value ) * 8 - 1 ) ) ); +#if defined(_MSC_VER) +#pragma warning( pop ) +#endif +} + +/** Check whether a size is out of bounds, without branches. + * + * This is equivalent to `size > max`, but is likely to be compiled to + * to code using bitwise operation rather than a branch. + * + * \param size Size to check. + * \param max Maximum desired value for \p size. + * \return \c 0 if `size <= max`. + * \return \c 1 if `size > max`. + */ +static unsigned size_greater_than( size_t size, size_t max ) +{ + /* Return the sign bit (1 for negative) of (max - size). */ + return( ( max - size ) >> ( sizeof( size_t ) * 8 - 1 ) ); +} + +/** Choose between two integer values, without branches. + * + * This is equivalent to `cond ? if1 : if0`, but is likely to be compiled + * to code using bitwise operation rather than a branch. + * + * \param cond Condition to test. + * \param if1 Value to use if \p cond is nonzero. + * \param if0 Value to use if \p cond is zero. + * \return \c if1 if \p cond is nonzero, otherwise \c if0. + */ +static unsigned if_int( unsigned cond, unsigned if1, unsigned if0 ) +{ + unsigned mask = all_or_nothing_int( cond ); + return( ( mask & if1 ) | (~mask & if0 ) ); +} + +/** Shift some data towards the left inside a buffer without leaking + * the length of the data through side channels. + * + * `mem_move_to_left(start, total, offset)` is functionally equivalent to + * ``` + * memmove(start, start + offset, total - offset); + * memset(start + offset, 0, total - offset); + * ``` + * but it strives to use a memory access pattern (and thus total timing) + * that does not depend on \p offset. This timing independence comes at + * the expense of performance. + * + * \param start Pointer to the start of the buffer. + * \param total Total size of the buffer. + * \param offset Offset from which to copy \p total - \p offset bytes. + */ +static void mem_move_to_left( void *start, + size_t total, + size_t offset ) +{ + volatile unsigned char *buf = start; + size_t i, n; + if( total == 0 ) + return; + for( i = 0; i < total; i++ ) + { + unsigned no_op = size_greater_than( total - offset, i ); + /* The first `total - offset` passes are a no-op. The last + * `offset` passes shift the data one byte to the left and + * zero out the last byte. */ + for( n = 0; n < total - 1; n++ ) + { + unsigned char current = buf[n]; + unsigned char next = buf[n+1]; + buf[n] = if_int( no_op, current, next ); + } + buf[total-1] = if_int( no_op, buf[total-1], 0 ); + } +} + /* * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-DECRYPT function */ @@ -1387,18 +1553,42 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, int mode, size_t *olen, const unsigned char *input, unsigned char *output, - size_t output_max_len) + size_t output_max_len ) { int ret; - size_t ilen, pad_count = 0, i; - unsigned char *p, bad, pad_done = 0; + size_t ilen, i, plaintext_max_size; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; + /* The following variables take sensitive values: their value must + * not leak into the observable behavior of the function other than + * the designated outputs (output, olen, return value). Otherwise + * this would open the execution of the function to + * side-channel-based variants of the Bleichenbacher padding oracle + * attack. Potential side channels include overall timing, memory + * access patterns (especially visible to an adversary who has access + * to a shared memory cache), and branches (especially visible to + * an adversary who has access to a shared code cache or to a shared + * branch predictor). */ + size_t pad_count = 0; + unsigned bad = 0; + unsigned char pad_done = 0; + size_t plaintext_size = 0; + unsigned output_too_large; + + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC ); + RSA_VALIDATE_RET( output_max_len == 0 || output != NULL ); + RSA_VALIDATE_RET( input != NULL ); + RSA_VALIDATE_RET( olen != NULL ); + + ilen = ctx->len; + plaintext_max_size = ( output_max_len > ilen - 11 ? + ilen - 11 : + output_max_len ); if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - ilen = ctx->len; - if( ilen < 16 || ilen > sizeof( buf ) ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -1409,63 +1599,109 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, if( ret != 0 ) goto cleanup; - p = buf; - bad = 0; - - /* - * Check and get padding len in "constant-time" - */ - bad |= *p++; /* First byte must be 0 */ + /* Check and get padding length in constant time and constant + * memory trace. The first byte must be 0. */ + bad |= buf[0]; - /* This test does not depend on secret data */ if( mode == MBEDTLS_RSA_PRIVATE ) { - bad |= *p++ ^ MBEDTLS_RSA_CRYPT; + /* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00 + * where PS must be at least 8 nonzero bytes. */ + bad |= buf[1] ^ MBEDTLS_RSA_CRYPT; - /* Get padding len, but always read till end of buffer - * (minus one, for the 00 byte) */ - for( i = 0; i < ilen - 3; i++ ) + /* Read the whole buffer. Set pad_done to nonzero if we find + * the 0x00 byte and remember the padding length in pad_count. */ + for( i = 2; i < ilen; i++ ) { - pad_done |= ((p[i] | (unsigned char)-p[i]) >> 7) ^ 1; + pad_done |= ((buf[i] | (unsigned char)-buf[i]) >> 7) ^ 1; pad_count += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1; } - - p += pad_count; - bad |= *p++; /* Must be zero */ } else { - bad |= *p++ ^ MBEDTLS_RSA_SIGN; + /* Decode EMSA-PKCS1-v1_5 padding: 0x00 || 0x01 || PS || 0x00 + * where PS must be at least 8 bytes with the value 0xFF. */ + bad |= buf[1] ^ MBEDTLS_RSA_SIGN; - /* Get padding len, but always read till end of buffer - * (minus one, for the 00 byte) */ - for( i = 0; i < ilen - 3; i++ ) + /* Read the whole buffer. Set pad_done to nonzero if we find + * the 0x00 byte and remember the padding length in pad_count. + * If there's a non-0xff byte in the padding, the padding is bad. */ + for( i = 2; i < ilen; i++ ) { - pad_done |= ( p[i] != 0xFF ); - pad_count += ( pad_done == 0 ); + pad_done |= if_int( buf[i], 0, 1 ); + pad_count += if_int( pad_done, 0, 1 ); + bad |= if_int( pad_done, 0, buf[i] ^ 0xFF ); } - - p += pad_count; - bad |= *p++; /* Must be zero */ } - bad |= ( pad_count < 8 ); - - if( bad ) - { - ret = MBEDTLS_ERR_RSA_INVALID_PADDING; - goto cleanup; - } - - if( ilen - ( p - buf ) > output_max_len ) - { - ret = MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE; - goto cleanup; - } - - *olen = ilen - (p - buf); - memcpy( output, p, *olen ); - ret = 0; + /* If pad_done is still zero, there's no data, only unfinished padding. */ + bad |= if_int( pad_done, 0, 1 ); + + /* There must be at least 8 bytes of padding. */ + bad |= size_greater_than( 8, pad_count ); + + /* If the padding is valid, set plaintext_size to the number of + * remaining bytes after stripping the padding. If the padding + * is invalid, avoid leaking this fact through the size of the + * output: use the maximum message size that fits in the output + * buffer. Do it without branches to avoid leaking the padding + * validity through timing. RSA keys are small enough that all the + * size_t values involved fit in unsigned int. */ + plaintext_size = if_int( bad, + (unsigned) plaintext_max_size, + (unsigned) ( ilen - pad_count - 3 ) ); + + /* Set output_too_large to 0 if the plaintext fits in the output + * buffer and to 1 otherwise. */ + output_too_large = size_greater_than( plaintext_size, + plaintext_max_size ); + + /* Set ret without branches to avoid timing attacks. Return: + * - INVALID_PADDING if the padding is bad (bad != 0). + * - OUTPUT_TOO_LARGE if the padding is good but the decrypted + * plaintext does not fit in the output buffer. + * - 0 if the padding is correct. */ + ret = - (int) if_int( bad, - MBEDTLS_ERR_RSA_INVALID_PADDING, + if_int( output_too_large, - MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE, + 0 ) ); + + /* If the padding is bad or the plaintext is too large, zero the + * data that we're about to copy to the output buffer. + * We need to copy the same amount of data + * from the same buffer whether the padding is good or not to + * avoid leaking the padding validity through overall timing or + * through memory or cache access patterns. */ + bad = all_or_nothing_int( bad | output_too_large ); + for( i = 11; i < ilen; i++ ) + buf[i] &= ~bad; + + /* If the plaintext is too large, truncate it to the buffer size. + * Copy anyway to avoid revealing the length through timing, because + * revealing the length is as bad as revealing the padding validity + * for a Bleichenbacher attack. */ + plaintext_size = if_int( output_too_large, + (unsigned) plaintext_max_size, + (unsigned) plaintext_size ); + + /* Move the plaintext to the leftmost position where it can start in + * the working buffer, i.e. make it start plaintext_max_size from + * the end of the buffer. Do this with a memory access trace that + * does not depend on the plaintext size. After this move, the + * starting location of the plaintext is no longer sensitive + * information. */ + mem_move_to_left( buf + ilen - plaintext_max_size, + plaintext_max_size, + plaintext_max_size - plaintext_size ); + + /* Finally copy the decrypted plaintext plus trailing zeros + * into the output buffer. */ + memcpy( output, buf + ilen - plaintext_max_size, plaintext_max_size ); + + /* Report the amount of data we copied to the output buffer. In case + * of errors (bad padding or output too large), the value of *olen + * when this function returns is not specified. Making it equivalent + * to the good case limits the risks of leaking the padding validity. */ + *olen = plaintext_size; cleanup: mbedtls_platform_zeroize( buf, sizeof( buf ) ); @@ -1485,6 +1721,13 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, unsigned char *output, size_t output_max_len) { + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC ); + RSA_VALIDATE_RET( output_max_len == 0 || output != NULL ); + RSA_VALIDATE_RET( input != NULL ); + RSA_VALIDATE_RET( olen != NULL ); + switch( ctx->padding ) { #if defined(MBEDTLS_PKCS1_V15) @@ -1521,11 +1764,18 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, size_t olen; unsigned char *p = sig; unsigned char salt[MBEDTLS_MD_MAX_SIZE]; - unsigned int slen, hlen, offset = 0; + size_t slen, min_slen, hlen, offset = 0; int ret; size_t msb; const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC ); + RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && + hashlen == 0 ) || + hash != NULL ); + RSA_VALIDATE_RET( sig != NULL ); if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -1550,10 +1800,20 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); hlen = mbedtls_md_get_size( md_info ); - slen = hlen; - if( olen < hlen + slen + 2 ) + /* Calculate the largest possible salt length. Normally this is the hash + * length, which is the maximum length the salt can have. If there is not + * enough room, use the maximum salt length that fits. The constraint is + * that the hash length plus the salt length plus 2 bytes must be at most + * the key length. This complies with FIPS 186-4 §5.5 (e) and RFC 8017 + * (PKCS#1 v2.2) §9.1.1 step 3. */ + min_slen = hlen - 2; + if( olen < hlen + min_slen + 2 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + else if( olen >= hlen + hlen + 2 ) + slen = hlen; + else + slen = olen - hlen - 2; memset( sig, 0, olen ); @@ -1563,7 +1823,7 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, /* Note: EMSA-PSS encoding is over the length of N - 1 bits */ msb = mbedtls_mpi_bitlen( &ctx->N ) - 1; - p += olen - hlen * 2 - 2; + p += olen - hlen - slen - 2; *p++ = 0x01; memcpy( p, salt, slen ); p += slen; @@ -1763,6 +2023,14 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, int ret; unsigned char *sig_try = NULL, *verif = NULL; + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC ); + RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && + hashlen == 0 ) || + hash != NULL ); + RSA_VALIDATE_RET( sig != NULL ); + if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -1832,6 +2100,14 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, const unsigned char *hash, unsigned char *sig ) { + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC ); + RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && + hashlen == 0 ) || + hash != NULL ); + RSA_VALIDATE_RET( sig != NULL ); + switch( ctx->padding ) { #if defined(MBEDTLS_PKCS1_V15) @@ -1878,6 +2154,14 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, mbedtls_md_context_t md_ctx; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC ); + RSA_VALIDATE_RET( sig != NULL ); + RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && + hashlen == 0 ) || + hash != NULL ); + if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -2006,7 +2290,16 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, const unsigned char *hash, const unsigned char *sig ) { - mbedtls_md_type_t mgf1_hash_id = ( ctx->hash_id != MBEDTLS_MD_NONE ) + mbedtls_md_type_t mgf1_hash_id; + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC ); + RSA_VALIDATE_RET( sig != NULL ); + RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && + hashlen == 0 ) || + hash != NULL ); + + mgf1_hash_id = ( ctx->hash_id != MBEDTLS_MD_NONE ) ? (mbedtls_md_type_t) ctx->hash_id : md_alg; @@ -2032,9 +2325,19 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, const unsigned char *sig ) { int ret = 0; - const size_t sig_len = ctx->len; + size_t sig_len; unsigned char *encoded = NULL, *encoded_expected = NULL; + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC ); + RSA_VALIDATE_RET( sig != NULL ); + RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && + hashlen == 0 ) || + hash != NULL ); + + sig_len = ctx->len; + if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -2104,6 +2407,14 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, const unsigned char *hash, const unsigned char *sig ) { + RSA_VALIDATE_RET( ctx != NULL ); + RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || + mode == MBEDTLS_RSA_PUBLIC ); + RSA_VALIDATE_RET( sig != NULL ); + RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && + hashlen == 0 ) || + hash != NULL ); + switch( ctx->padding ) { #if defined(MBEDTLS_PKCS1_V15) @@ -2129,6 +2440,8 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src ) { int ret; + RSA_VALIDATE_RET( dst != NULL ); + RSA_VALIDATE_RET( src != NULL ); dst->ver = src->ver; dst->len = src->len; @@ -2168,14 +2481,23 @@ cleanup: */ void mbedtls_rsa_free( mbedtls_rsa_context *ctx ) { - mbedtls_mpi_free( &ctx->Vi ); mbedtls_mpi_free( &ctx->Vf ); - mbedtls_mpi_free( &ctx->RN ); mbedtls_mpi_free( &ctx->D ); - mbedtls_mpi_free( &ctx->Q ); mbedtls_mpi_free( &ctx->P ); - mbedtls_mpi_free( &ctx->E ); mbedtls_mpi_free( &ctx->N ); + if( ctx == NULL ) + return; + + mbedtls_mpi_free( &ctx->Vi ); + mbedtls_mpi_free( &ctx->Vf ); + mbedtls_mpi_free( &ctx->RN ); + mbedtls_mpi_free( &ctx->D ); + mbedtls_mpi_free( &ctx->Q ); + mbedtls_mpi_free( &ctx->P ); + mbedtls_mpi_free( &ctx->E ); + mbedtls_mpi_free( &ctx->N ); #if !defined(MBEDTLS_RSA_NO_CRT) - mbedtls_mpi_free( &ctx->RQ ); mbedtls_mpi_free( &ctx->RP ); - mbedtls_mpi_free( &ctx->QP ); mbedtls_mpi_free( &ctx->DQ ); + mbedtls_mpi_free( &ctx->RQ ); + mbedtls_mpi_free( &ctx->RP ); + mbedtls_mpi_free( &ctx->QP ); + mbedtls_mpi_free( &ctx->DQ ); mbedtls_mpi_free( &ctx->DP ); #endif /* MBEDTLS_RSA_NO_CRT */ diff --git a/thirdparty/mbedtls/library/rsa_internal.c b/thirdparty/mbedtls/library/rsa_internal.c index 507009f131..9a42d47ceb 100644 --- a/thirdparty/mbedtls/library/rsa_internal.c +++ b/thirdparty/mbedtls/library/rsa_internal.c @@ -351,15 +351,20 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P, */ #if defined(MBEDTLS_GENPRIME) + /* + * When generating keys, the strongest security we support aims for an error + * rate of at most 2^-100 and we are aiming for the same certainty here as + * well. + */ if( f_rng != NULL && P != NULL && - ( ret = mbedtls_mpi_is_prime( P, f_rng, p_rng ) ) != 0 ) + ( ret = mbedtls_mpi_is_prime_ext( P, 50, f_rng, p_rng ) ) != 0 ) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; } if( f_rng != NULL && Q != NULL && - ( ret = mbedtls_mpi_is_prime( Q, f_rng, p_rng ) ) != 0 ) + ( ret = mbedtls_mpi_is_prime_ext( Q, 50, f_rng, p_rng ) ) != 0 ) { ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; goto cleanup; diff --git a/thirdparty/mbedtls/library/sha1.c b/thirdparty/mbedtls/library/sha1.c index bab6087c4e..e8d4096fbb 100644 --- a/thirdparty/mbedtls/library/sha1.c +++ b/thirdparty/mbedtls/library/sha1.c @@ -46,6 +46,11 @@ #endif /* MBEDTLS_PLATFORM_C */ #endif /* MBEDTLS_SELF_TEST */ +#define SHA1_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA1_BAD_INPUT_DATA ) + +#define SHA1_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond ) + #if !defined(MBEDTLS_SHA1_ALT) /* @@ -73,6 +78,8 @@ void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) { + SHA1_VALIDATE( ctx != NULL ); + memset( ctx, 0, sizeof( mbedtls_sha1_context ) ); } @@ -87,6 +94,9 @@ void mbedtls_sha1_free( mbedtls_sha1_context *ctx ) void mbedtls_sha1_clone( mbedtls_sha1_context *dst, const mbedtls_sha1_context *src ) { + SHA1_VALIDATE( dst != NULL ); + SHA1_VALIDATE( src != NULL ); + *dst = *src; } @@ -95,6 +105,8 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst, */ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx ) { + SHA1_VALIDATE_RET( ctx != NULL ); + ctx->total[0] = 0; ctx->total[1] = 0; @@ -120,6 +132,9 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, { uint32_t temp, W[16], A, B, C, D, E; + SHA1_VALIDATE_RET( ctx != NULL ); + SHA1_VALIDATE_RET( (const unsigned char *)data != NULL ); + GET_UINT32_BE( W[ 0], data, 0 ); GET_UINT32_BE( W[ 1], data, 4 ); GET_UINT32_BE( W[ 2], data, 8 ); @@ -294,6 +309,9 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx, size_t fill; uint32_t left; + SHA1_VALIDATE_RET( ctx != NULL ); + SHA1_VALIDATE_RET( ilen == 0 || input != NULL ); + if( ilen == 0 ) return( 0 ); @@ -352,6 +370,9 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, uint32_t used; uint32_t high, low; + SHA1_VALIDATE_RET( ctx != NULL ); + SHA1_VALIDATE_RET( (unsigned char *)output != NULL ); + /* * Add padding: 0x80 then 0x00 until 8 bytes remain for the length */ @@ -420,6 +441,9 @@ int mbedtls_sha1_ret( const unsigned char *input, int ret; mbedtls_sha1_context ctx; + SHA1_VALIDATE_RET( ilen == 0 || input != NULL ); + SHA1_VALIDATE_RET( (unsigned char *)output != NULL ); + mbedtls_sha1_init( &ctx ); if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 ) diff --git a/thirdparty/mbedtls/library/sha256.c b/thirdparty/mbedtls/library/sha256.c index dbb4a89861..8a540adfbe 100644 --- a/thirdparty/mbedtls/library/sha256.c +++ b/thirdparty/mbedtls/library/sha256.c @@ -49,6 +49,10 @@ #endif /* MBEDTLS_PLATFORM_C */ #endif /* MBEDTLS_SELF_TEST */ +#define SHA256_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA256_BAD_INPUT_DATA ) +#define SHA256_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond ) + #if !defined(MBEDTLS_SHA256_ALT) /* @@ -76,6 +80,8 @@ do { \ void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) { + SHA256_VALIDATE( ctx != NULL ); + memset( ctx, 0, sizeof( mbedtls_sha256_context ) ); } @@ -90,6 +96,9 @@ void mbedtls_sha256_free( mbedtls_sha256_context *ctx ) void mbedtls_sha256_clone( mbedtls_sha256_context *dst, const mbedtls_sha256_context *src ) { + SHA256_VALIDATE( dst != NULL ); + SHA256_VALIDATE( src != NULL ); + *dst = *src; } @@ -98,6 +107,9 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, */ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) { + SHA256_VALIDATE_RET( ctx != NULL ); + SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 ); + ctx->total[0] = 0; ctx->total[1] = 0; @@ -192,6 +204,9 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, uint32_t A[8]; unsigned int i; + SHA256_VALIDATE_RET( ctx != NULL ); + SHA256_VALIDATE_RET( (const unsigned char *)data != NULL ); + for( i = 0; i < 8; i++ ) A[i] = ctx->state[i]; @@ -263,6 +278,9 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, size_t fill; uint32_t left; + SHA256_VALIDATE_RET( ctx != NULL ); + SHA256_VALIDATE_RET( ilen == 0 || input != NULL ); + if( ilen == 0 ) return( 0 ); @@ -321,6 +339,9 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, uint32_t used; uint32_t high, low; + SHA256_VALIDATE_RET( ctx != NULL ); + SHA256_VALIDATE_RET( (unsigned char *)output != NULL ); + /* * Add padding: 0x80 then 0x00 until 8 bytes remain for the length */ @@ -395,6 +416,10 @@ int mbedtls_sha256_ret( const unsigned char *input, int ret; mbedtls_sha256_context ctx; + SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 ); + SHA256_VALIDATE_RET( ilen == 0 || input != NULL ); + SHA256_VALIDATE_RET( (unsigned char *)output != NULL ); + mbedtls_sha256_init( &ctx ); if( ( ret = mbedtls_sha256_starts_ret( &ctx, is224 ) ) != 0 ) diff --git a/thirdparty/mbedtls/library/sha512.c b/thirdparty/mbedtls/library/sha512.c index a9440e8af5..941ecda762 100644 --- a/thirdparty/mbedtls/library/sha512.c +++ b/thirdparty/mbedtls/library/sha512.c @@ -55,6 +55,10 @@ #endif /* MBEDTLS_PLATFORM_C */ #endif /* MBEDTLS_SELF_TEST */ +#define SHA512_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_SHA512_BAD_INPUT_DATA ) +#define SHA512_VALIDATE(cond) MBEDTLS_INTERNAL_VALIDATE( cond ) + #if !defined(MBEDTLS_SHA512_ALT) /* @@ -90,6 +94,8 @@ void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) { + SHA512_VALIDATE( ctx != NULL ); + memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); } @@ -104,6 +110,9 @@ void mbedtls_sha512_free( mbedtls_sha512_context *ctx ) void mbedtls_sha512_clone( mbedtls_sha512_context *dst, const mbedtls_sha512_context *src ) { + SHA512_VALIDATE( dst != NULL ); + SHA512_VALIDATE( src != NULL ); + *dst = *src; } @@ -112,6 +121,9 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, */ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) { + SHA512_VALIDATE_RET( ctx != NULL ); + SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); + ctx->total[0] = 0; ctx->total[1] = 0; @@ -209,6 +221,9 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, uint64_t temp1, temp2, W[80]; uint64_t A, B, C, D, E, F, G, H; + SHA512_VALIDATE_RET( ctx != NULL ); + SHA512_VALIDATE_RET( (const unsigned char *)data != NULL ); + #define SHR(x,n) (x >> n) #define ROTR(x,n) (SHR(x,n) | (x << (64 - n))) @@ -294,6 +309,9 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, size_t fill; unsigned int left; + SHA512_VALIDATE_RET( ctx != NULL ); + SHA512_VALIDATE_RET( ilen == 0 || input != NULL ); + if( ilen == 0 ) return( 0 ); @@ -351,6 +369,9 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, unsigned used; uint64_t high, low; + SHA512_VALIDATE_RET( ctx != NULL ); + SHA512_VALIDATE_RET( (unsigned char *)output != NULL ); + /* * Add padding: 0x80 then 0x00 until 16 bytes remain for the length */ @@ -427,6 +448,10 @@ int mbedtls_sha512_ret( const unsigned char *input, int ret; mbedtls_sha512_context ctx; + SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); + SHA512_VALIDATE_RET( ilen == 0 || input != NULL ); + SHA512_VALIDATE_RET( (unsigned char *)output != NULL ); + mbedtls_sha512_init( &ctx ); if( ( ret = mbedtls_sha512_starts_ret( &ctx, is384 ) ) != 0 ) diff --git a/thirdparty/mbedtls/library/ssl_ciphersuites.c b/thirdparty/mbedtls/library/ssl_ciphersuites.c index 59cdc7a806..745474effe 100644 --- a/thirdparty/mbedtls/library/ssl_ciphersuites.c +++ b/thirdparty/mbedtls/library/ssl_ciphersuites.c @@ -2320,7 +2320,8 @@ mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphers #endif /* MBEDTLS_PK_C */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ) { switch( info->key_exchange ) @@ -2330,13 +2331,14 @@ int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ) case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECJPAKE: return( 1 ); default: return( 0 ); } } -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ) diff --git a/thirdparty/mbedtls/library/ssl_cli.c b/thirdparty/mbedtls/library/ssl_cli.c index ba59c48989..afced7a99c 100644 --- a/thirdparty/mbedtls/library/ssl_cli.c +++ b/thirdparty/mbedtls/library/ssl_cli.c @@ -766,6 +766,10 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) unsigned char offer_compress; const int *ciphersuites; const mbedtls_ssl_ciphersuite_t *ciphersuite_info; +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + int uses_ec = 0; +#endif MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); @@ -917,6 +921,11 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x", ciphersuites[i] ) ); +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) + uses_ec |= mbedtls_ssl_ciphersuite_uses_ec( ciphersuite_info ); +#endif + n++; *p++ = (unsigned char)( ciphersuites[i] >> 8 ); *p++ = (unsigned char)( ciphersuites[i] ); @@ -1010,11 +1019,14 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - ssl_write_supported_elliptic_curves_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; + if( uses_ec ) + { + ssl_write_supported_elliptic_curves_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; - ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; + ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; + } #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) @@ -1076,11 +1088,20 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) mbedtls_ssl_send_flight_completed( ssl ); #endif - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); return( ret ); } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); @@ -1479,7 +1500,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) buf = ssl->in_msg; - if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) { /* No alert on a read error. */ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); @@ -1742,6 +1763,14 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", suite_info->name ) ); +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA && + ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) + { + ssl->handshake->ecrs_enabled = 1; + } +#endif + if( comp != MBEDTLS_SSL_COMPRESS_NULL #if defined(MBEDTLS_ZLIB_SUPPORT) && comp != MBEDTLS_SSL_COMPRESS_DEFLATE @@ -1998,8 +2027,14 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, unsigned char * static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) { const mbedtls_ecp_curve_info *curve_info; + mbedtls_ecp_group_id grp_id; +#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) + grp_id = ssl->handshake->ecdh_ctx.grp.id; +#else + grp_id = ssl->handshake->ecdh_ctx.grp_id; +#endif - curve_info = mbedtls_ecp_curve_info_from_grp_id( ssl->handshake->ecdh_ctx.grp.id ); + curve_info = mbedtls_ecp_curve_info_from_grp_id( grp_id ); if( curve_info == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); @@ -2009,14 +2044,15 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) ); #if defined(MBEDTLS_ECP_C) - if( mbedtls_ssl_check_curve( ssl, ssl->handshake->ecdh_ctx.grp.id ) != 0 ) + if( mbedtls_ssl_check_curve( ssl, grp_id ) != 0 ) #else if( ssl->handshake->ecdh_ctx.grp.nbits < 163 || ssl->handshake->ecdh_ctx.grp.nbits > 521 ) #endif return( -1 ); - MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Qp", &ssl->handshake->ecdh_ctx.Qp ); + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_QP ); return( 0 ); } @@ -2047,6 +2083,10 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, (const unsigned char **) p, end ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_read_params" ), ret ); +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; +#endif return( ret ); } @@ -2076,7 +2116,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, * * opaque psk_identity_hint<0..2^16-1>; */ - if( (*p) > end - 2 ) + if( end - (*p) < 2 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message " "(psk_identity_hint length)" ) ); @@ -2085,7 +2125,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, len = (*p)[0] << 8 | (*p)[1]; *p += 2; - if( (*p) > end - len ) + if( end - (*p) < (int) len ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message " "(psk_identity_hint length)" ) ); @@ -2328,7 +2368,15 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled && + ssl->handshake->ecrs_state == ssl_ecrs_ske_start_processing ) + { + goto start_processing; + } +#endif + + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); @@ -2365,6 +2413,12 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled ) + ssl->handshake->ecrs_state = ssl_ecrs_ske_start_processing; + +start_processing: +#endif p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); end = ssl->in_msg + ssl->in_hslen; MBEDTLS_SSL_DEBUG_BUF( 3, "server key exchange", p, end - p ); @@ -2457,6 +2511,7 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); size_t params_len = p - params; + void *rs_ctx = NULL; /* * Handle the digitally-signed structure @@ -2579,12 +2634,25 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH ); } - if( ( ret = mbedtls_pk_verify( &ssl->session_negotiate->peer_cert->pk, - md_alg, hash, hashlen, p, sig_len ) ) != 0 ) +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled ) + rs_ctx = &ssl->handshake->ecrs_ctx.pk; +#endif + + if( ( ret = mbedtls_pk_verify_restartable( + &ssl->session_negotiate->peer_cert->pk, + md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 ) { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR ); +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) +#endif + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR ); MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret ); +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; +#endif return( ret ); } } @@ -2635,7 +2703,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) return( 0 ); } - if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); @@ -2709,7 +2777,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) * therefore the buffer length at this point must be greater than that * regardless of the actual code path. */ - if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n ) + if( ssl->in_hslen <= mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, @@ -2787,7 +2855,7 @@ static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello done" ) ); - if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); @@ -2882,6 +2950,16 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) */ i = 4; +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled ) + { + if( ssl->handshake->ecrs_state == ssl_ecrs_cke_ecdh_calc_secret ) + goto ecdh_calc_secret; + + mbedtls_ecdh_enable_restart( &ssl->handshake->ecdh_ctx ); + } +#endif + ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, &n, &ssl->out_msg[i], 1000, @@ -2889,11 +2967,27 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret ); +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; +#endif return( ret ); } - MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q ); + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Q ); + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled ) + { + ssl->handshake->ecrs_n = n; + ssl->handshake->ecrs_state = ssl_ecrs_cke_ecdh_calc_secret; + } +ecdh_calc_secret: + if( ssl->handshake->ecrs_enabled ) + n = ssl->handshake->ecrs_n; +#endif if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &ssl->handshake->pmslen, ssl->handshake->premaster, @@ -2901,10 +2995,15 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; +#endif return( ret ); } - MBEDTLS_SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z ); + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Z ); } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || @@ -2999,7 +3098,8 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) return( ret ); } - MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q ); + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Q ); } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ @@ -3063,9 +3163,9 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); return( ret ); } @@ -3119,9 +3219,18 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) unsigned char *hash_start = hash; mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; unsigned int hashlen; + void *rs_ctx = NULL; MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled && + ssl->handshake->ecrs_state == ssl_ecrs_crt_vrfy_sign ) + { + goto sign; + } +#endif + if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret ); @@ -3153,8 +3262,15 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) } /* - * Make an RSA signature of the handshake digests + * Make a signature of the handshake digests */ +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled ) + ssl->handshake->ecrs_state = ssl_ecrs_crt_vrfy_sign; + +sign: +#endif + ssl->handshake->calc_verify( ssl, hash ); #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ @@ -3231,11 +3347,21 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), md_alg, hash_start, hashlen, +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled ) + rs_ctx = &ssl->handshake->ecrs_ctx.pk; +#endif + + if( ( ret = mbedtls_pk_sign_restartable( mbedtls_ssl_own_key( ssl ), + md_alg, hash_start, hashlen, ssl->out_msg + 6 + offset, &n, - ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) + ssl->conf->f_rng, ssl->conf->p_rng, rs_ctx ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret ); +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS; +#endif return( ret ); } @@ -3248,9 +3374,9 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); return( ret ); } @@ -3276,7 +3402,7 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse new session ticket" ) ); - if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); @@ -3311,8 +3437,8 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); - lifetime = ( msg[0] << 24 ) | ( msg[1] << 16 ) | - ( msg[2] << 8 ) | ( msg[3] ); + lifetime = ( ((uint32_t) msg[0]) << 24 ) | ( msg[1] << 16 ) | + ( msg[2] << 8 ) | ( msg[3] ); ticket_len = ( msg[4] << 8 ) | ( msg[5] ); @@ -3390,10 +3516,10 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) { - if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) return( ret ); } -#endif +#endif /* MBEDTLS_SSL_PROTO_DTLS */ /* Change state now, so that it is right in mbedtls_ssl_read_record(), used * by DTLS for dropping out-of-sequence ChangeCipherSpec records */ diff --git a/thirdparty/mbedtls/library/ssl_srv.c b/thirdparty/mbedtls/library/ssl_srv.c index 52087ae6e1..bc77f80203 100644 --- a/thirdparty/mbedtls/library/ssl_srv.c +++ b/thirdparty/mbedtls/library/ssl_srv.c @@ -1294,7 +1294,7 @@ read_record_header: return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } - memcpy( ssl->out_ctr + 2, ssl->in_ctr + 2, 6 ); + memcpy( ssl->cur_out_ctr + 2, ssl->in_ctr + 2, 6 ); #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 ) @@ -2384,12 +2384,21 @@ static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) ssl->state = MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT; - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); return( ret ); } +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); + return( ret ); + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello verify request" ) ); return( 0 ); @@ -2589,8 +2598,12 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); - ext_len += olen; + if ( mbedtls_ssl_ciphersuite_uses_ec( + mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ) ) ) + { + ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; + } #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) @@ -2620,7 +2633,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; - ret = mbedtls_ssl_write_record( ssl ); + ret = mbedtls_ssl_write_handshake_msg( ssl ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); @@ -2815,7 +2828,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 ); ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size ); - ret = mbedtls_ssl_write_record( ssl ); + ret = mbedtls_ssl_write_handshake_msg( ssl ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) ); @@ -3035,8 +3048,8 @@ curve_matching_done: MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", (*curve)->name ) ); - if( ( ret = mbedtls_ecp_group_load( &ssl->handshake->ecdh_ctx.grp, - (*curve)->grp_id ) ) != 0 ) + if( ( ret = mbedtls_ecdh_setup( &ssl->handshake->ecdh_ctx, + (*curve)->grp_id ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret ); return( ret ); @@ -3058,7 +3071,8 @@ curve_matching_done: ssl->out_msglen += len; - MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Q ", &ssl->handshake->ecdh_ctx.Q ); + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Q ); } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED */ @@ -3332,9 +3346,9 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); return( ret ); } @@ -3359,11 +3373,20 @@ static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl ) mbedtls_ssl_send_flight_completed( ssl ); #endif - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); return( ret ); } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello done" ) ); @@ -3706,7 +3729,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) } else #endif - if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); @@ -3772,7 +3795,8 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); } - MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp ); + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_QP ); if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &ssl->handshake->pmslen, @@ -3784,7 +3808,8 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); } - MBEDTLS_SSL_DEBUG_MPI( 3, "ECDH: z ", &ssl->handshake->ecdh_ctx.z ); + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Z ); } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED || @@ -3897,7 +3922,8 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); } - MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp ); + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_QP ); if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, ciphersuite_info->key_exchange ) ) != 0 ) @@ -4016,25 +4042,10 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) } /* Read the message without adding it to the checksum */ - do { - - do ret = mbedtls_ssl_read_record_layer( ssl ); - while( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); - - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record_layer" ), ret ); - return( ret ); - } - - ret = mbedtls_ssl_handle_message_type( ssl ); - - } while( MBEDTLS_ERR_SSL_NON_FATAL == ret || - MBEDTLS_ERR_SSL_CONTINUE_PROCESSING == ret ); - + ret = mbedtls_ssl_read_record( ssl, 0 /* no checksum update */ ); if( 0 != ret ) { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_handle_message_type" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record" ), ret ); return( ret ); } @@ -4223,9 +4234,9 @@ static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl ) */ ssl->handshake->new_session_ticket = 0; - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); return( ret ); } @@ -4254,10 +4265,10 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) { - if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) return( ret ); } -#endif +#endif /* MBEDTLS_SSL_PROTO_DTLS */ switch( ssl->state ) { diff --git a/thirdparty/mbedtls/library/ssl_ticket.c b/thirdparty/mbedtls/library/ssl_ticket.c index a2b304869e..8492c19a8c 100644 --- a/thirdparty/mbedtls/library/ssl_ticket.c +++ b/thirdparty/mbedtls/library/ssl_ticket.c @@ -97,7 +97,7 @@ static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx ) uint32_t current_time = (uint32_t) mbedtls_time( NULL ); uint32_t key_time = ctx->keys[ctx->active].generation_time; - if( current_time > key_time && + if( current_time >= key_time && current_time - key_time < ctx->ticket_lifetime ) { return( 0 ); @@ -188,9 +188,9 @@ static int ssl_save_session( const mbedtls_ssl_session *session, if( left < 3 + cert_len ) return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - *p++ = (unsigned char)( cert_len >> 16 & 0xFF ); - *p++ = (unsigned char)( cert_len >> 8 & 0xFF ); - *p++ = (unsigned char)( cert_len & 0xFF ); + *p++ = (unsigned char)( ( cert_len >> 16 ) & 0xFF ); + *p++ = (unsigned char)( ( cert_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( cert_len ) & 0xFF ); if( session->peer_cert != NULL ) memcpy( p, session->peer_cert->raw.p, cert_len ); @@ -215,14 +215,14 @@ static int ssl_load_session( mbedtls_ssl_session *session, size_t cert_len; #endif /* MBEDTLS_X509_CRT_PARSE_C */ - if( p + sizeof( mbedtls_ssl_session ) > end ) + if( sizeof( mbedtls_ssl_session ) > (size_t)( end - p ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); memcpy( session, p, sizeof( mbedtls_ssl_session ) ); p += sizeof( mbedtls_ssl_session ); #if defined(MBEDTLS_X509_CRT_PARSE_C) - if( p + 3 > end ) + if( 3 > (size_t)( end - p ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); cert_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2]; @@ -236,7 +236,7 @@ static int ssl_load_session( mbedtls_ssl_session *session, { int ret; - if( p + cert_len > end ) + if( cert_len > (size_t)( end - p ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); session->peer_cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) ); @@ -247,7 +247,7 @@ static int ssl_load_session( mbedtls_ssl_session *session, mbedtls_x509_crt_init( session->peer_cert ); if( ( ret = mbedtls_x509_crt_parse_der( session->peer_cert, - p, cert_len ) ) != 0 ) + p, cert_len ) ) != 0 ) { mbedtls_x509_crt_free( session->peer_cert ); mbedtls_free( session->peer_cert ); diff --git a/thirdparty/mbedtls/library/ssl_tls.c b/thirdparty/mbedtls/library/ssl_tls.c index 91f96c8ab6..38690fa664 100644 --- a/thirdparty/mbedtls/library/ssl_tls.c +++ b/thirdparty/mbedtls/library/ssl_tls.c @@ -54,6 +54,9 @@ #include "mbedtls/oid.h" #endif +static void ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ); +static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl ); + /* Length of the "epoch" field in the record header */ static inline size_t ssl_ep_len( const mbedtls_ssl_context *ssl ) { @@ -96,7 +99,101 @@ static int ssl_check_timer( mbedtls_ssl_context *ssl ) return( 0 ); } +static void ssl_update_out_pointers( mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform ); +static void ssl_update_in_pointers( mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform ); + +#define SSL_DONT_FORCE_FLUSH 0 +#define SSL_FORCE_FLUSH 1 + #if defined(MBEDTLS_SSL_PROTO_DTLS) + +/* Forward declarations for functions related to message buffering. */ +static void ssl_buffering_free( mbedtls_ssl_context *ssl ); +static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, + uint8_t slot ); +static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ); +static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ); +static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ); +static int ssl_buffer_message( mbedtls_ssl_context *ssl ); +static int ssl_buffer_future_record( mbedtls_ssl_context *ssl ); +static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ); + +static size_t ssl_get_current_mtu( const mbedtls_ssl_context *ssl ); +static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl ) +{ + size_t mtu = ssl_get_current_mtu( ssl ); + + if( mtu != 0 && mtu < MBEDTLS_SSL_OUT_BUFFER_LEN ) + return( mtu ); + + return( MBEDTLS_SSL_OUT_BUFFER_LEN ); +} + +static int ssl_get_remaining_space_in_datagram( mbedtls_ssl_context const *ssl ) +{ + size_t const bytes_written = ssl->out_left; + size_t const mtu = ssl_get_maximum_datagram_size( ssl ); + + /* Double-check that the write-index hasn't gone + * past what we can transmit in a single datagram. */ + if( bytes_written > mtu ) + { + /* Should never happen... */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + return( (int) ( mtu - bytes_written ) ); +} + +static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl ) +{ + int ret; + size_t remaining, expansion; + size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + const size_t mfl = mbedtls_ssl_get_max_frag_len( ssl ); + + if( max_len > mfl ) + max_len = mfl; + + /* By the standard (RFC 6066 Sect. 4), the MFL extension + * only limits the maximum record payload size, so in theory + * we would be allowed to pack multiple records of payload size + * MFL into a single datagram. However, this would mean that there's + * no way to explicitly communicate MTU restrictions to the peer. + * + * The following reduction of max_len makes sure that we never + * write datagrams larger than MFL + Record Expansion Overhead. + */ + if( max_len <= ssl->out_left ) + return( 0 ); + + max_len -= ssl->out_left; +#endif + + ret = ssl_get_remaining_space_in_datagram( ssl ); + if( ret < 0 ) + return( ret ); + remaining = (size_t) ret; + + ret = mbedtls_ssl_get_record_expansion( ssl ); + if( ret < 0 ) + return( ret ); + expansion = (size_t) ret; + + if( remaining <= expansion ) + return( 0 ); + + remaining -= expansion; + if( remaining >= max_len ) + remaining = max_len; + + return( (int) remaining ); +} + /* * Double the retransmit timeout value, within the allowed range, * returning -1 if the maximum value has already been reached. @@ -108,6 +205,18 @@ static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl ) if( ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max ) return( -1 ); + /* Implement the final paragraph of RFC 6347 section 4.1.1.1 + * in the following way: after the initial transmission and a first + * retransmission, back off to a temporary estimated MTU of 508 bytes. + * This value is guaranteed to be deliverable (if not guaranteed to be + * delivered) of any compliant IPv4 (and IPv6) network, and should work + * on most non-IP stacks too. */ + if( ssl->handshake->retransmit_timeout != ssl->conf->hs_timeout_min ) + { + ssl->handshake->mtu = 508; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "mtu autoreduction to %d bytes", ssl->handshake->mtu ) ); + } + new_timeout = 2 * ssl->handshake->retransmit_timeout; /* Avoid arithmetic overflow and range overflow */ @@ -1224,7 +1333,8 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch *(p++) = (unsigned char)( zlen ); p += zlen; - MBEDTLS_SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z ); + MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, + MBEDTLS_DEBUG_ECDH_Z ); } else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ @@ -1345,14 +1455,6 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 4, "before encrypt: output payload", ssl->out_msg, ssl->out_msglen ); - if( ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record content %u too large, maximum %d", - (unsigned) ssl->out_msglen, - MBEDTLS_SSL_OUT_CONTENT_LEN ) ); - return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - } - /* * Add MAC before if needed */ @@ -1626,6 +1728,8 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) if( auth_done == 0 ) { + unsigned char mac[MBEDTLS_SSL_MAC_ADD]; + /* * MAC(MAC_write_key, seq_num + * TLSCipherText.type + @@ -1648,10 +1752,12 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl ) mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, pseudo_hdr, 13 ); mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_iv, ssl->out_msglen ); - mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, - ssl->out_iv + ssl->out_msglen ); + mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, mac ); mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc ); + memcpy( ssl->out_iv + ssl->out_msglen, mac, + ssl->transform_out->maclen ); + ssl->out_msglen += ssl->transform_out->maclen; auth_done++; } @@ -2202,13 +2308,13 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl ) correct = 0; } auth_done++; - - /* - * Finally check the correct flag - */ - if( correct == 0 ) - return( MBEDTLS_ERR_SSL_INVALID_MAC ); } + + /* + * Finally check the correct flag + */ + if( correct == 0 ) + return( MBEDTLS_ERR_SSL_INVALID_MAC ); #endif /* SSL_SOME_MODES_USE_MAC */ /* Make extra sure authentication was performed, exactly once */ @@ -2644,7 +2750,7 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want ) int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) { int ret; - unsigned char *buf, i; + unsigned char *buf; MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> flush output" ) ); @@ -2667,8 +2773,7 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "message length: %d, out_left: %d", mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen, ssl->out_left ) ); - buf = ssl->out_hdr + mbedtls_ssl_hdr_len( ssl ) + - ssl->out_msglen - ssl->out_left; + buf = ssl->out_hdr - ssl->out_left; ret = ssl->f_send( ssl->p_bio, buf, ssl->out_left ); MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", ret ); @@ -2687,16 +2792,17 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) ssl->out_left -= ret; } - for( i = 8; i > ssl_ep_len( ssl ); i-- ) - if( ++ssl->out_ctr[i - 1] != 0 ) - break; - - /* The loop goes to its end iff the counter is wrapping */ - if( i == ssl_ep_len( ssl ) ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->out_hdr = ssl->out_buf; + } + else +#endif { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) ); - return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + ssl->out_hdr = ssl->out_buf + 8; } + ssl_update_out_pointers( ssl, ssl->transform_out ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) ); @@ -2713,6 +2819,9 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl ) static int ssl_flight_append( mbedtls_ssl_context *ssl ) { mbedtls_ssl_flight_item *msg; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_flight_append" ) ); + MBEDTLS_SSL_DEBUG_BUF( 4, "message appended to flight", + ssl->out_msg, ssl->out_msglen ); /* Allocate space for current message */ if( ( msg = mbedtls_calloc( 1, sizeof( mbedtls_ssl_flight_item ) ) ) == NULL ) @@ -2746,6 +2855,7 @@ static int ssl_flight_append( mbedtls_ssl_context *ssl ) cur->next = msg; } + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_flight_append" ) ); return( 0 ); } @@ -2794,19 +2904,12 @@ static void ssl_swap_epochs( mbedtls_ssl_context *ssl ) ssl->handshake->alt_transform_out = tmp_transform; /* Swap epoch + sequence_number */ - memcpy( tmp_out_ctr, ssl->out_ctr, 8 ); - memcpy( ssl->out_ctr, ssl->handshake->alt_out_ctr, 8 ); + memcpy( tmp_out_ctr, ssl->cur_out_ctr, 8 ); + memcpy( ssl->cur_out_ctr, ssl->handshake->alt_out_ctr, 8 ); memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr, 8 ); /* Adjust to the newly activated transform */ - if( ssl->transform_out != NULL && - ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - { - ssl->out_msg = ssl->out_iv + ssl->transform_out->ivlen - - ssl->transform_out->fixed_ivlen; - } - else - ssl->out_msg = ssl->out_iv; + ssl_update_out_pointers( ssl, ssl->transform_out ); #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) if( mbedtls_ssl_hw_record_activate != NULL ) @@ -2822,20 +2925,38 @@ static void ssl_swap_epochs( mbedtls_ssl_context *ssl ) /* * Retransmit the current flight of messages. + */ +int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ) +{ + int ret = 0; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_resend" ) ); + + ret = mbedtls_ssl_flight_transmit( ssl ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_resend" ) ); + + return( ret ); +} + +/* + * Transmit or retransmit the current flight of messages. * * Need to remember the current message in case flush_output returns * WANT_WRITE, causing us to exit this function and come back later. * This function must be called until state is no longer SENDING. */ -int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_resend" ) ); + int ret; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_flight_transmit" ) ); if( ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING ) { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialise resending" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialise flight transmission" ) ); ssl->handshake->cur_msg = ssl->handshake->flight; + ssl->handshake->cur_msg_p = ssl->handshake->flight->p + 12; ssl_swap_epochs( ssl ); ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_SENDING; @@ -2843,33 +2964,129 @@ int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ) while( ssl->handshake->cur_msg != NULL ) { - int ret; - mbedtls_ssl_flight_item *cur = ssl->handshake->cur_msg; + size_t max_frag_len; + const mbedtls_ssl_flight_item * const cur = ssl->handshake->cur_msg; + + int const is_finished = + ( cur->type == MBEDTLS_SSL_MSG_HANDSHAKE && + cur->p[0] == MBEDTLS_SSL_HS_FINISHED ); + + uint8_t const force_flush = ssl->disable_datagram_packing == 1 ? + SSL_FORCE_FLUSH : SSL_DONT_FORCE_FLUSH; /* Swap epochs before sending Finished: we can't do it after * sending ChangeCipherSpec, in case write returns WANT_READ. * Must be done before copying, may change out_msg pointer */ - if( cur->type == MBEDTLS_SSL_MSG_HANDSHAKE && - cur->p[0] == MBEDTLS_SSL_HS_FINISHED ) + if( is_finished && ssl->handshake->cur_msg_p == ( cur->p + 12 ) ) { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "swap epochs to send finished message" ) ); ssl_swap_epochs( ssl ); } - memcpy( ssl->out_msg, cur->p, cur->len ); - ssl->out_msglen = cur->len; - ssl->out_msgtype = cur->type; + ret = ssl_get_remaining_payload_in_datagram( ssl ); + if( ret < 0 ) + return( ret ); + max_frag_len = (size_t) ret; + + /* CCS is copied as is, while HS messages may need fragmentation */ + if( cur->type == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) + { + if( max_frag_len == 0 ) + { + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + + continue; + } + + memcpy( ssl->out_msg, cur->p, cur->len ); + ssl->out_msglen = cur->len; + ssl->out_msgtype = cur->type; + + /* Update position inside current message */ + ssl->handshake->cur_msg_p += cur->len; + } + else + { + const unsigned char * const p = ssl->handshake->cur_msg_p; + const size_t hs_len = cur->len - 12; + const size_t frag_off = p - ( cur->p + 12 ); + const size_t rem_len = hs_len - frag_off; + size_t cur_hs_frag_len, max_hs_frag_len; - ssl->handshake->cur_msg = cur->next; + if( ( max_frag_len < 12 ) || ( max_frag_len == 12 && hs_len != 0 ) ) + { + if( is_finished ) + ssl_swap_epochs( ssl ); - MBEDTLS_SSL_DEBUG_BUF( 3, "resent handshake message header", ssl->out_msg, 12 ); + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + + continue; + } + max_hs_frag_len = max_frag_len - 12; + + cur_hs_frag_len = rem_len > max_hs_frag_len ? + max_hs_frag_len : rem_len; + + if( frag_off == 0 && cur_hs_frag_len != hs_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "fragmenting handshake message (%u > %u)", + (unsigned) cur_hs_frag_len, + (unsigned) max_hs_frag_len ) ); + } + + /* Messages are stored with handshake headers as if not fragmented, + * copy beginning of headers then fill fragmentation fields. + * Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */ + memcpy( ssl->out_msg, cur->p, 6 ); + + ssl->out_msg[6] = ( ( frag_off >> 16 ) & 0xff ); + ssl->out_msg[7] = ( ( frag_off >> 8 ) & 0xff ); + ssl->out_msg[8] = ( ( frag_off ) & 0xff ); + + ssl->out_msg[ 9] = ( ( cur_hs_frag_len >> 16 ) & 0xff ); + ssl->out_msg[10] = ( ( cur_hs_frag_len >> 8 ) & 0xff ); + ssl->out_msg[11] = ( ( cur_hs_frag_len ) & 0xff ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 ); + + /* Copy the handshake message content and set records fields */ + memcpy( ssl->out_msg + 12, p, cur_hs_frag_len ); + ssl->out_msglen = cur_hs_frag_len + 12; + ssl->out_msgtype = cur->type; + + /* Update position inside current message */ + ssl->handshake->cur_msg_p += cur_hs_frag_len; + } + + /* If done with the current message move to the next one if any */ + if( ssl->handshake->cur_msg_p >= cur->p + cur->len ) + { + if( cur->next != NULL ) + { + ssl->handshake->cur_msg = cur->next; + ssl->handshake->cur_msg_p = cur->next->p + 12; + } + else + { + ssl->handshake->cur_msg = NULL; + ssl->handshake->cur_msg_p = NULL; + } + } - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + /* Actually send the message out */ + if( ( ret = mbedtls_ssl_write_record( ssl, force_flush ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); } } + if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + + /* Update state and set timer */ if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER ) ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED; else @@ -2878,7 +3095,7 @@ int mbedtls_ssl_resend( mbedtls_ssl_context *ssl ) ssl_set_timer( ssl, ssl->handshake->retransmit_timeout ); } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_resend" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_flight_transmit" ) ); return( 0 ); } @@ -2896,6 +3113,12 @@ void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl ) /* The next incoming flight will start with this msg_seq */ ssl->handshake->in_flight_start_seq = ssl->handshake->in_msg_seq; + /* We don't want to remember CCS's across flight boundaries. */ + ssl->handshake->buffering.seen_ccs = 0; + + /* Clear future message buffering structure. */ + ssl_buffering_free( ssl ); + /* Cancel timer */ ssl_set_timer( ssl, 0 ); @@ -2927,43 +3150,102 @@ void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_DTLS */ /* - * Record layer functions + * Handshake layer functions */ /* - * Write current record. - * Uses ssl->out_msgtype, ssl->out_msglen and bytes at ssl->out_msg. + * Write (DTLS: or queue) current handshake (including CCS) message. + * + * - fill in handshake headers + * - update handshake checksum + * - DTLS: save message for resending + * - then pass to the record layer + * + * DTLS: except for HelloRequest, messages are only queued, and will only be + * actually sent when calling flight_transmit() or resend(). + * + * Inputs: + * - ssl->out_msglen: 4 + actual handshake message len + * (4 is the size of handshake headers for TLS) + * - ssl->out_msg[0]: the handshake type (ClientHello, ServerHello, etc) + * - ssl->out_msg + 4: the handshake message body + * + * Outputs, ie state before passing to flight_append() or write_record(): + * - ssl->out_msglen: the length of the record contents + * (including handshake headers but excluding record headers) + * - ssl->out_msg: the record contents (handshake headers + content) */ -int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) { - int ret, done = 0, out_msg_type; - size_t len = ssl->out_msglen; + int ret; + const size_t hs_len = ssl->out_msglen - 4; + const unsigned char hs_type = ssl->out_msg[0]; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write record" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write handshake message" ) ); + + /* + * Sanity checks + */ + if( ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->out_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) + { + /* In SSLv3, the client might send a NoCertificate alert. */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C) + if( ! ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 && + ssl->out_msgtype == MBEDTLS_SSL_MSG_ALERT && + ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) ) +#endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */ + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + } + + /* Whenever we send anything different from a + * HelloRequest we should be in a handshake - double check. */ + if( ! ( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST ) && + ssl->handshake == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake != NULL && ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) { - ; /* Skip special handshake treatment when resending */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } - else #endif - if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) - { - out_msg_type = ssl->out_msg[0]; - if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST && - ssl->handshake == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } + /* Double-check that we did not exceed the bounds + * of the outgoing record buffer. + * This should never fail as the various message + * writing functions must obey the bounds of the + * outgoing record buffer, but better be safe. + * + * Note: We deliberately do not check for the MTU or MFL here. + */ + if( ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record too large: " + "size %u, maximum %u", + (unsigned) ssl->out_msglen, + (unsigned) MBEDTLS_SSL_OUT_CONTENT_LEN ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } - ssl->out_msg[1] = (unsigned char)( ( len - 4 ) >> 16 ); - ssl->out_msg[2] = (unsigned char)( ( len - 4 ) >> 8 ); - ssl->out_msg[3] = (unsigned char)( ( len - 4 ) ); + /* + * Fill handshake headers + */ + if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) + { + ssl->out_msg[1] = (unsigned char)( hs_len >> 16 ); + ssl->out_msg[2] = (unsigned char)( hs_len >> 8 ); + ssl->out_msg[3] = (unsigned char)( hs_len ); /* * DTLS has additional fields in the Handshake layer, @@ -2980,17 +3262,16 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS handshake message too large: " "size %u, maximum %u", - (unsigned) ( ssl->in_hslen - 4 ), + (unsigned) ( hs_len ), (unsigned) ( MBEDTLS_SSL_OUT_CONTENT_LEN - 12 ) ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - memmove( ssl->out_msg + 12, ssl->out_msg + 4, len - 4 ); + memmove( ssl->out_msg + 12, ssl->out_msg + 4, hs_len ); ssl->out_msglen += 8; - len += 8; /* Write message_seq and update it, except for HelloRequest */ - if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) + if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) { ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF; ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF; @@ -3002,23 +3283,23 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) ssl->out_msg[5] = 0; } - /* We don't fragment, so frag_offset = 0 and frag_len = len */ + /* Handshake hashes are computed without fragmentation, + * so set frag_offset = 0 and frag_len = hs_len for now */ memset( ssl->out_msg + 6, 0x00, 3 ); memcpy( ssl->out_msg + 9, ssl->out_msg + 1, 3 ); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) - ssl->handshake->update_checksum( ssl, ssl->out_msg, len ); + /* Update running hashes of handshake messages seen */ + if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) + ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen ); } - /* Save handshake and CCS messages for resending */ + /* Either send now, or just save to be sent (and resent) later */ #if defined(MBEDTLS_SSL_PROTO_DTLS) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl->handshake != NULL && - ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING && - ( ssl->out_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC || - ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) ) + ! ( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + hs_type == MBEDTLS_SSL_HS_HELLO_REQUEST ) ) { if( ( ret = ssl_flight_append( ssl ) ) != 0 ) { @@ -3026,7 +3307,40 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) return( ret ); } } + else #endif + { + if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + return( ret ); + } + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write handshake message" ) ); + + return( 0 ); +} + +/* + * Record layer functions + */ + +/* + * Write current record. + * + * Uses: + * - ssl->out_msgtype: type of the message (AppData, Handshake, Alert, CCS) + * - ssl->out_msglen: length of the record content (excl headers) + * - ssl->out_msg: record content + */ +int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) +{ + int ret, done = 0; + size_t len = ssl->out_msglen; + uint8_t flush = force_flush; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write record" ) ); #if defined(MBEDTLS_ZLIB_SUPPORT) if( ssl->transform_out != NULL && @@ -3060,10 +3374,14 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */ if( !done ) { + unsigned i; + size_t protected_record_size; + ssl->out_hdr[0] = (unsigned char) ssl->out_msgtype; mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver, ssl->conf->transport, ssl->out_hdr + 1 ); + memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 ); ssl->out_len[0] = (unsigned char)( len >> 8 ); ssl->out_len[1] = (unsigned char)( len ); @@ -3080,18 +3398,76 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) ssl->out_len[1] = (unsigned char)( len ); } - ssl->out_left = mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen; + protected_record_size = len + mbedtls_ssl_hdr_len( ssl ); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + /* In case of DTLS, double-check that we don't exceed + * the remaining space in the datagram. */ + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ret = ssl_get_remaining_space_in_datagram( ssl ); + if( ret < 0 ) + return( ret ); + + if( protected_record_size > (size_t) ret ) + { + /* Should never happen */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ MBEDTLS_SSL_DEBUG_MSG( 3, ( "output record: msgtype = %d, " - "version = [%d:%d], msglen = %d", - ssl->out_hdr[0], ssl->out_hdr[1], ssl->out_hdr[2], - ( ssl->out_len[0] << 8 ) | ssl->out_len[1] ) ); + "version = [%d:%d], msglen = %d", + ssl->out_hdr[0], ssl->out_hdr[1], + ssl->out_hdr[2], len ) ); MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network", - ssl->out_hdr, mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen ); + ssl->out_hdr, protected_record_size ); + + ssl->out_left += protected_record_size; + ssl->out_hdr += protected_record_size; + ssl_update_out_pointers( ssl, ssl->transform_out ); + + for( i = 8; i > ssl_ep_len( ssl ); i-- ) + if( ++ssl->cur_out_ctr[i - 1] != 0 ) + break; + + /* The loop goes to its end iff the counter is wrapping */ + if( i == ssl_ep_len( ssl ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) ); + return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING ); + } } - if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + flush == SSL_DONT_FORCE_FLUSH ) + { + size_t remaining; + ret = ssl_get_remaining_payload_in_datagram( ssl ); + if( ret < 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_remaining_payload_in_datagram", + ret ); + return( ret ); + } + + remaining = (size_t) ret; + if( remaining == 0 ) + { + flush = SSL_FORCE_FLUSH; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Still %u bytes available in current datagram", (unsigned) remaining ) ); + } + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + + if( ( flush == SSL_FORCE_FLUSH ) && + ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret ); return( ret ); @@ -3103,6 +3479,52 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl ) } #if defined(MBEDTLS_SSL_PROTO_DTLS) + +static int ssl_hs_is_proper_fragment( mbedtls_ssl_context *ssl ) +{ + if( ssl->in_msglen < ssl->in_hslen || + memcmp( ssl->in_msg + 6, "\0\0\0", 3 ) != 0 || + memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 ) + { + return( 1 ); + } + return( 0 ); +} + +static uint32_t ssl_get_hs_frag_len( mbedtls_ssl_context const *ssl ) +{ + return( ( ssl->in_msg[9] << 16 ) | + ( ssl->in_msg[10] << 8 ) | + ssl->in_msg[11] ); +} + +static uint32_t ssl_get_hs_frag_off( mbedtls_ssl_context const *ssl ) +{ + return( ( ssl->in_msg[6] << 16 ) | + ( ssl->in_msg[7] << 8 ) | + ssl->in_msg[8] ); +} + +static int ssl_check_hs_header( mbedtls_ssl_context const *ssl ) +{ + uint32_t msg_len, frag_off, frag_len; + + msg_len = ssl_get_hs_total_len( ssl ); + frag_off = ssl_get_hs_frag_off( ssl ); + frag_len = ssl_get_hs_frag_len( ssl ); + + if( frag_off > msg_len ) + return( -1 ); + + if( frag_len > msg_len - frag_off ) + return( -1 ); + + if( frag_len + 12 > ssl->in_msglen ) + return( -1 ); + + return( 0 ); +} + /* * Mark bits in bitmask (used for DTLS HS reassembly) */ @@ -3164,161 +3586,29 @@ static int ssl_bitmask_check( unsigned char *mask, size_t len ) return( 0 ); } -/* - * Reassemble fragmented DTLS handshake messages. - * - * Use a temporary buffer for reassembly, divided in two parts: - * - the first holds the reassembled message (including handshake header), - * - the second holds a bitmask indicating which parts of the message - * (excluding headers) have been received so far. - */ -static int ssl_reassemble_dtls_handshake( mbedtls_ssl_context *ssl ) +/* msg_len does not include the handshake header */ +static size_t ssl_get_reassembly_buffer_size( size_t msg_len, + unsigned add_bitmap ) { - unsigned char *msg, *bitmask; - size_t frag_len, frag_off; - size_t msg_len = ssl->in_hslen - 12; /* Without headers */ - - if( ssl->handshake == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "not supported outside handshake (for now)" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); - } - - /* - * For first fragment, check size and allocate buffer - */ - if( ssl->handshake->hs_msg == NULL ) - { - size_t alloc_len; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialize reassembly, total length = %d", - msg_len ) ); - - if( ssl->in_hslen > MBEDTLS_SSL_IN_CONTENT_LEN ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake message too large" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); - } - - /* The bitmask needs one bit per byte of message excluding header */ - alloc_len = 12 + msg_len + msg_len / 8 + ( msg_len % 8 != 0 ); - - ssl->handshake->hs_msg = mbedtls_calloc( 1, alloc_len ); - if( ssl->handshake->hs_msg == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc failed (%d bytes)", alloc_len ) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } - - /* Prepare final header: copy msg_type, length and message_seq, - * then add standardised fragment_offset and fragment_length */ - memcpy( ssl->handshake->hs_msg, ssl->in_msg, 6 ); - memset( ssl->handshake->hs_msg + 6, 0, 3 ); - memcpy( ssl->handshake->hs_msg + 9, - ssl->handshake->hs_msg + 1, 3 ); - } - else - { - /* Make sure msg_type and length are consistent */ - if( memcmp( ssl->handshake->hs_msg, ssl->in_msg, 4 ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment header mismatch" ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - } - - msg = ssl->handshake->hs_msg + 12; - bitmask = msg + msg_len; - - /* - * Check and copy current fragment - */ - frag_off = ( ssl->in_msg[6] << 16 ) | - ( ssl->in_msg[7] << 8 ) | - ssl->in_msg[8]; - frag_len = ( ssl->in_msg[9] << 16 ) | - ( ssl->in_msg[10] << 8 ) | - ssl->in_msg[11]; - - if( frag_off + frag_len > msg_len ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid fragment offset/len: %d + %d > %d", - frag_off, frag_len, msg_len ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - - if( frag_len + 12 > ssl->in_msglen ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid fragment length: %d + 12 > %d", - frag_len, ssl->in_msglen ) ); - return( MBEDTLS_ERR_SSL_INVALID_RECORD ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "adding fragment, offset = %d, length = %d", - frag_off, frag_len ) ); - - memcpy( msg + frag_off, ssl->in_msg + 12, frag_len ); - ssl_bitmask_set( bitmask, frag_off, frag_len ); - - /* - * Do we have the complete message by now? - * If yes, finalize it, else ask to read the next record. - */ - if( ssl_bitmask_check( bitmask, msg_len ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "message is not complete yet" ) ); - return( MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); - } - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake message completed" ) ); - - if( frag_len + 12 < ssl->in_msglen ) - { - /* - * We'got more handshake messages in the same record. - * This case is not handled now because no know implementation does - * that and it's hard to test, so we prefer to fail cleanly for now. - */ - MBEDTLS_SSL_DEBUG_MSG( 1, ( "last fragment not alone in its record" ) ); - return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); - } - - if( ssl->in_left > ssl->next_record_offset ) - { - /* - * We've got more data in the buffer after the current record, - * that we don't want to overwrite. Move it before writing the - * reassembled message, and adjust in_left and next_record_offset. - */ - unsigned char *cur_remain = ssl->in_hdr + ssl->next_record_offset; - unsigned char *new_remain = ssl->in_msg + ssl->in_hslen; - size_t remain_len = ssl->in_left - ssl->next_record_offset; - - /* First compute and check new lengths */ - ssl->next_record_offset = new_remain - ssl->in_hdr; - ssl->in_left = ssl->next_record_offset + remain_len; - - if( ssl->in_left > MBEDTLS_SSL_IN_BUFFER_LEN - - (size_t)( ssl->in_hdr - ssl->in_buf ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "reassembled message too large for buffer" ) ); - return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); - } + size_t alloc_len; - memmove( new_remain, cur_remain, remain_len ); - } + alloc_len = 12; /* Handshake header */ + alloc_len += msg_len; /* Content buffer */ - memcpy( ssl->in_msg, ssl->handshake->hs_msg, ssl->in_hslen ); + if( add_bitmap ) + alloc_len += msg_len / 8 + ( msg_len % 8 != 0 ); /* Bitmap */ - mbedtls_free( ssl->handshake->hs_msg ); - ssl->handshake->hs_msg = NULL; + return( alloc_len ); +} - MBEDTLS_SSL_DEBUG_BUF( 3, "reassembled handshake message", - ssl->in_msg, ssl->in_hslen ); +#endif /* MBEDTLS_SSL_PROTO_DTLS */ - return( 0 ); +static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl ) +{ + return( ( ssl->in_msg[1] << 16 ) | + ( ssl->in_msg[2] << 8 ) | + ssl->in_msg[3] ); } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) { @@ -3329,10 +3619,7 @@ int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_INVALID_RECORD ); } - ssl->in_hslen = mbedtls_ssl_hs_hdr_len( ssl ) + ( - ( ssl->in_msg[1] << 16 ) | - ( ssl->in_msg[2] << 8 ) | - ssl->in_msg[3] ); + ssl->in_hslen = mbedtls_ssl_hs_hdr_len( ssl ) + ssl_get_hs_total_len( ssl ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "handshake message: msglen =" " %d, type = %d, hslen = %d", @@ -3344,12 +3631,26 @@ int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) int ret; unsigned int recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5]; + if( ssl_check_hs_header( ssl ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid handshake header" ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + if( ssl->handshake != NULL && ( ( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && recv_msg_seq != ssl->handshake->in_msg_seq ) || ( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER && ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) ) ) { + if( recv_msg_seq > ssl->handshake->in_msg_seq ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "received future handshake message of sequence number %u (next %u)", + recv_msg_seq, + ssl->handshake->in_msg_seq ) ); + return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + } + /* Retransmit only on last message from previous flight, to avoid * too many retransmissions. * Besides, No sane server ever retransmits HelloVerifyRequest */ @@ -3379,20 +3680,14 @@ int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) } /* Wait until message completion to increment in_msg_seq */ - /* Reassemble if current message is fragmented or reassembly is - * already in progress */ - if( ssl->in_msglen < ssl->in_hslen || - memcmp( ssl->in_msg + 6, "\0\0\0", 3 ) != 0 || - memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 || - ( ssl->handshake != NULL && ssl->handshake->hs_msg != NULL ) ) + /* Message reassembly is handled alongside buffering of future + * messages; the commonality is that both handshake fragments and + * future messages cannot be forwarded immediately to the + * handshake logic layer. */ + if( ssl_hs_is_proper_fragment( ssl ) == 1 ) { MBEDTLS_SSL_DEBUG_MSG( 2, ( "found fragmented DTLS handshake message" ) ); - - if( ( ret = ssl_reassemble_dtls_handshake( ssl ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_reassemble_dtls_handshake", ret ); - return( ret ); - } + return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); } } else @@ -3409,9 +3704,9 @@ int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ) { + mbedtls_ssl_handshake_params * const hs = ssl->handshake; - if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && - ssl->handshake != NULL ) + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && hs != NULL ) { ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen ); } @@ -3421,7 +3716,29 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ssl->handshake != NULL ) { - ssl->handshake->in_msg_seq++; + unsigned offset; + mbedtls_ssl_hs_buffer *hs_buf; + + /* Increment handshake sequence number */ + hs->in_msg_seq++; + + /* + * Clear up handshake buffering and reassembly structure. + */ + + /* Free first entry */ + ssl_buffering_free_slot( ssl, 0 ); + + /* Shift all other entries */ + for( offset = 0, hs_buf = &hs->buffering.hs[0]; + offset + 1 < MBEDTLS_SSL_MAX_BUFFERED_HS; + offset++, hs_buf++ ) + { + *hs_buf = *(hs_buf + 1); + } + + /* Create a fresh last entry */ + memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); } #endif } @@ -3822,7 +4139,16 @@ static int ssl_parse_record_header( mbedtls_ssl_context *ssl ) } else #endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ + { + /* Consider buffering the record. */ + if( rec_epoch == (unsigned int) ssl->in_epoch + 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Consider record for buffering" ) ); + return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + } + return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); + } } #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) @@ -3835,15 +4161,6 @@ static int ssl_parse_record_header( mbedtls_ssl_context *ssl ) } #endif - /* Drop unexpected ChangeCipherSpec messages */ - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC && - ssl->state != MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC && - ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping unexpected ChangeCipherSpec" ) ); - return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); - } - /* Drop unexpected ApplicationData records, * except at the beginning of renegotiations */ if( ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA && @@ -3980,7 +4297,14 @@ static void ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ); * RFC 6347 4.1.2.7) and continue reading until a valid record is found. * */ -int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) + +/* Helper functions for mbedtls_ssl_read_record(). */ +static int ssl_consume_current_message( mbedtls_ssl_context *ssl ); +static int ssl_get_next_record( mbedtls_ssl_context *ssl ); +static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl ); + +int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, + unsigned update_hs_digest ) { int ret; @@ -3990,17 +4314,53 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) { do { - do ret = mbedtls_ssl_read_record_layer( ssl ); - while( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ); - + ret = ssl_consume_current_message( ssl ); if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record_layer" ), ret ); return( ret ); + + if( ssl_record_is_in_progress( ssl ) == 0 ) + { +#if defined(MBEDTLS_SSL_PROTO_DTLS) + int have_buffered = 0; + + /* We only check for buffered messages if the + * current datagram is fully consumed. */ + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl_next_record_is_in_datagram( ssl ) == 0 ) + { + if( ssl_load_buffered_message( ssl ) == 0 ) + have_buffered = 1; + } + + if( have_buffered == 0 ) +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + { + ret = ssl_get_next_record( ssl ); + if( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING ) + continue; + + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_get_next_record" ), ret ); + return( ret ); + } + } } ret = mbedtls_ssl_handle_message_type( ssl ); +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) + { + /* Buffer future message */ + ret = ssl_buffer_message( ssl ); + if( ret != 0 ) + return( ret ); + + ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + } while( MBEDTLS_ERR_SSL_NON_FATAL == ret || MBEDTLS_ERR_SSL_CONTINUE_PROCESSING == ret ); @@ -4010,14 +4370,15 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) return( ret ); } - if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + update_hs_digest == 1 ) { mbedtls_ssl_update_handshake_status( ssl ); } } else { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= reuse previously read message" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "reuse previously read message" ) ); ssl->keep_current_message = 0; } @@ -4026,13 +4387,350 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl ) return( 0 ); } -int mbedtls_ssl_read_record_layer( mbedtls_ssl_context *ssl ) +#if defined(MBEDTLS_SSL_PROTO_DTLS) +static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ) { - int ret; + if( ssl->in_left > ssl->next_record_offset ) + return( 1 ); + + return( 0 ); +} + +static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + mbedtls_ssl_hs_buffer * hs_buf; + int ret = 0; + + if( hs == NULL ) + return( -1 ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_messsage" ) ); + + if( ssl->state == MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC || + ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC ) + { + /* Check if we have seen a ChangeCipherSpec before. + * If yes, synthesize a CCS record. */ + if( !hs->buffering.seen_ccs ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "CCS not seen in the current flight" ) ); + ret = -1; + goto exit; + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Injecting buffered CCS message" ) ); + ssl->in_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; + ssl->in_msglen = 1; + ssl->in_msg[0] = 1; + + /* As long as they are equal, the exact value doesn't matter. */ + ssl->in_left = 0; + ssl->next_record_offset = 0; + + hs->buffering.seen_ccs = 0; + goto exit; + } + +#if defined(MBEDTLS_DEBUG_C) + /* Debug only */ + { + unsigned offset; + for( offset = 1; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ ) + { + hs_buf = &hs->buffering.hs[offset]; + if( hs_buf->is_valid == 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Future message with sequence number %u %s buffered.", + hs->in_msg_seq + offset, + hs_buf->is_complete ? "fully" : "partially" ) ); + } + } + } +#endif /* MBEDTLS_DEBUG_C */ + + /* Check if we have buffered and/or fully reassembled the + * next handshake message. */ + hs_buf = &hs->buffering.hs[0]; + if( ( hs_buf->is_valid == 1 ) && ( hs_buf->is_complete == 1 ) ) + { + /* Synthesize a record containing the buffered HS message. */ + size_t msg_len = ( hs_buf->data[1] << 16 ) | + ( hs_buf->data[2] << 8 ) | + hs_buf->data[3]; + + /* Double-check that we haven't accidentally buffered + * a message that doesn't fit into the input buffer. */ + if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message has been buffered - load" ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered handshake message (incl. header)", + hs_buf->data, msg_len + 12 ); + + ssl->in_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; + ssl->in_hslen = msg_len + 12; + ssl->in_msglen = msg_len + 12; + memcpy( ssl->in_msg, hs_buf->data, ssl->in_hslen ); + + ret = 0; + goto exit; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Next handshake message %u not or only partially bufffered", + hs->in_msg_seq ) ); + } + + ret = -1; + +exit: + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_message" ) ); + return( ret ); +} + +static int ssl_buffer_make_space( mbedtls_ssl_context *ssl, + size_t desired ) +{ + int offset; + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Attempt to free buffered messages to have %u bytes available", + (unsigned) desired ) ); + + /* Get rid of future records epoch first, if such exist. */ + ssl_free_buffered_record( ssl ); + + /* Check if we have enough space available now. */ + if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing future epoch record" ) ); + return( 0 ); + } + + /* We don't have enough space to buffer the next expected handshake + * message. Remove buffers used for future messages to gain space, + * starting with the most distant one. */ + for( offset = MBEDTLS_SSL_MAX_BUFFERED_HS - 1; + offset >= 0; offset-- ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Free buffering slot %d to make space for reassembly of next handshake message", + offset ) ); + + ssl_buffering_free_slot( ssl, (uint8_t) offset ); + + /* Check if we have enough space available now. */ + if( desired <= ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Enough space available after freeing buffered HS messages" ) ); + return( 0 ); + } + } + + return( -1 ); +} + +static int ssl_buffer_message( mbedtls_ssl_context *ssl ) +{ + int ret = 0; + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + + if( hs == NULL ) + return( 0 ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_buffer_message" ) ); + + switch( ssl->in_msgtype ) + { + case MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Remember CCS message" ) ); + + hs->buffering.seen_ccs = 1; + break; + + case MBEDTLS_SSL_MSG_HANDSHAKE: + { + unsigned recv_msg_seq_offset; + unsigned recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5]; + mbedtls_ssl_hs_buffer *hs_buf; + size_t msg_len = ssl->in_hslen - 12; + + /* We should never receive an old handshake + * message - double-check nonetheless. */ + if( recv_msg_seq < ssl->handshake->in_msg_seq ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + recv_msg_seq_offset = recv_msg_seq - ssl->handshake->in_msg_seq; + if( recv_msg_seq_offset >= MBEDTLS_SSL_MAX_BUFFERED_HS ) + { + /* Silently ignore -- message too far in the future */ + MBEDTLS_SSL_DEBUG_MSG( 2, + ( "Ignore future HS message with sequence number %u, " + "buffering window %u - %u", + recv_msg_seq, ssl->handshake->in_msg_seq, + ssl->handshake->in_msg_seq + MBEDTLS_SSL_MAX_BUFFERED_HS - 1 ) ); + + goto exit; + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering HS message with sequence number %u, offset %u ", + recv_msg_seq, recv_msg_seq_offset ) ); + + hs_buf = &hs->buffering.hs[ recv_msg_seq_offset ]; + + /* Check if the buffering for this seq nr has already commenced. */ + if( !hs_buf->is_valid ) + { + size_t reassembly_buf_sz; + + hs_buf->is_fragmented = + ( ssl_hs_is_proper_fragment( ssl ) == 1 ); + + /* We copy the message back into the input buffer + * after reassembly, so check that it's not too large. + * This is an implementation-specific limitation + * and not one from the standard, hence it is not + * checked in ssl_check_hs_header(). */ + if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN ) + { + /* Ignore message */ + goto exit; + } + /* Check if we have enough space to buffer the message. */ + if( hs->buffering.total_bytes_buffered > + MBEDTLS_SSL_DTLS_MAX_BUFFERING ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + reassembly_buf_sz = ssl_get_reassembly_buffer_size( msg_len, + hs_buf->is_fragmented ); + + if( reassembly_buf_sz > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered ) ) + { + if( recv_msg_seq_offset > 0 ) + { + /* If we can't buffer a future message because + * of space limitations -- ignore. */ + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- ignore\n", + (unsigned) msg_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING, + (unsigned) hs->buffering.total_bytes_buffered ) ); + goto exit; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future message of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- attempt to make space by freeing buffered future messages\n", + (unsigned) msg_len, MBEDTLS_SSL_DTLS_MAX_BUFFERING, + (unsigned) hs->buffering.total_bytes_buffered ) ); + } + + if( ssl_buffer_make_space( ssl, reassembly_buf_sz ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Reassembly of next message of size %u (%u with bitmap) would exceed the compile-time limit %u (already %u bytes buffered) -- fail\n", + (unsigned) msg_len, + (unsigned) reassembly_buf_sz, + MBEDTLS_SSL_DTLS_MAX_BUFFERING, + (unsigned) hs->buffering.total_bytes_buffered ) ); + ret = MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + goto exit; + } + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialize reassembly, total length = %d", + msg_len ) ); + + hs_buf->data = mbedtls_calloc( 1, reassembly_buf_sz ); + if( hs_buf->data == NULL ) + { + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto exit; + } + hs_buf->data_len = reassembly_buf_sz; + + /* Prepare final header: copy msg_type, length and message_seq, + * then add standardised fragment_offset and fragment_length */ + memcpy( hs_buf->data, ssl->in_msg, 6 ); + memset( hs_buf->data + 6, 0, 3 ); + memcpy( hs_buf->data + 9, hs_buf->data + 1, 3 ); + + hs_buf->is_valid = 1; + + hs->buffering.total_bytes_buffered += reassembly_buf_sz; + } + else + { + /* Make sure msg_type and length are consistent */ + if( memcmp( hs_buf->data, ssl->in_msg, 4 ) != 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "Fragment header mismatch - ignore" ) ); + /* Ignore */ + goto exit; + } + } + + if( !hs_buf->is_complete ) + { + size_t frag_len, frag_off; + unsigned char * const msg = hs_buf->data + 12; + + /* + * Check and copy current fragment + */ + + /* Validation of header fields already done in + * mbedtls_ssl_prepare_handshake_record(). */ + frag_off = ssl_get_hs_frag_off( ssl ); + frag_len = ssl_get_hs_frag_len( ssl ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "adding fragment, offset = %d, length = %d", + frag_off, frag_len ) ); + memcpy( msg + frag_off, ssl->in_msg + 12, frag_len ); + + if( hs_buf->is_fragmented ) + { + unsigned char * const bitmask = msg + msg_len; + ssl_bitmask_set( bitmask, frag_off, frag_len ); + hs_buf->is_complete = ( ssl_bitmask_check( bitmask, + msg_len ) == 0 ); + } + else + { + hs_buf->is_complete = 1; + } + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "message %scomplete", + hs_buf->is_complete ? "" : "not yet " ) ); + } + + break; + } + + default: + /* We don't buffer other types of messages. */ + break; + } + +exit: + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_buffer_message" ) ); + return( ret ); +} +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +static int ssl_consume_current_message( mbedtls_ssl_context *ssl ) +{ /* - * Step A - * * Consume last content-layer message and potentially * update in_msglen which keeps track of the contents' * consumption state. @@ -4114,20 +4812,161 @@ int mbedtls_ssl_read_record_layer( mbedtls_ssl_context *ssl ) ssl->in_msglen = 0; } - /* - * Step B - * - * Fetch and decode new record if current one is fully consumed. - * - */ + return( 0 ); +} +static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl ) +{ if( ssl->in_msglen > 0 ) + return( 1 ); + + return( 0 ); +} + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + +static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + if( hs == NULL ) + return; + + if( hs->buffering.future_record.data != NULL ) { - /* There's something left to be processed in the current record. */ + hs->buffering.total_bytes_buffered -= + hs->buffering.future_record.len; + + mbedtls_free( hs->buffering.future_record.data ); + hs->buffering.future_record.data = NULL; + } +} + +static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + unsigned char * rec; + size_t rec_len; + unsigned rec_epoch; + + if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + return( 0 ); + + if( hs == NULL ) + return( 0 ); + + rec = hs->buffering.future_record.data; + rec_len = hs->buffering.future_record.len; + rec_epoch = hs->buffering.future_record.epoch; + + if( rec == NULL ) return( 0 ); + + /* Only consider loading future records if the + * input buffer is empty. */ + if( ssl_next_record_is_in_datagram( ssl ) == 1 ) + return( 0 ); + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_record" ) ); + + if( rec_epoch != ssl->in_epoch ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffered record not from current epoch." ) ); + goto exit; } - /* Current record either fully processed or to be discarded. */ + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Found buffered record from current epoch - load" ) ); + + /* Double-check that the record is not too large */ + if( rec_len > MBEDTLS_SSL_IN_BUFFER_LEN - + (size_t)( ssl->in_hdr - ssl->in_buf ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } + + memcpy( ssl->in_hdr, rec, rec_len ); + ssl->in_left = rec_len; + ssl->next_record_offset = 0; + + ssl_free_buffered_record( ssl ); + +exit: + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_load_buffered_record" ) ); + return( 0 ); +} + +static int ssl_buffer_future_record( mbedtls_ssl_context *ssl ) +{ + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + size_t const rec_hdr_len = 13; + size_t const total_buf_sz = rec_hdr_len + ssl->in_msglen; + + /* Don't buffer future records outside handshakes. */ + if( hs == NULL ) + return( 0 ); + + /* Only buffer handshake records (we are only interested + * in Finished messages). */ + if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) + return( 0 ); + + /* Don't buffer more than one future epoch record. */ + if( hs->buffering.future_record.data != NULL ) + return( 0 ); + + /* Don't buffer record if there's not enough buffering space remaining. */ + if( total_buf_sz > ( MBEDTLS_SSL_DTLS_MAX_BUFFERING - + hs->buffering.total_bytes_buffered ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffering of future epoch record of size %u would exceed the compile-time limit %u (already %u bytes buffered) -- ignore\n", + (unsigned) total_buf_sz, MBEDTLS_SSL_DTLS_MAX_BUFFERING, + (unsigned) hs->buffering.total_bytes_buffered ) ); + return( 0 ); + } + + /* Buffer record */ + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Buffer record from epoch %u", + ssl->in_epoch + 1 ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "Buffered record", ssl->in_hdr, + rec_hdr_len + ssl->in_msglen ); + + /* ssl_parse_record_header() only considers records + * of the next epoch as candidates for buffering. */ + hs->buffering.future_record.epoch = ssl->in_epoch + 1; + hs->buffering.future_record.len = total_buf_sz; + + hs->buffering.future_record.data = + mbedtls_calloc( 1, hs->buffering.future_record.len ); + if( hs->buffering.future_record.data == NULL ) + { + /* If we run out of RAM trying to buffer a + * record from the next epoch, just ignore. */ + return( 0 ); + } + + memcpy( hs->buffering.future_record.data, ssl->in_hdr, total_buf_sz ); + + hs->buffering.total_bytes_buffered += total_buf_sz; + return( 0 ); +} + +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +static int ssl_get_next_record( mbedtls_ssl_context *ssl ) +{ + int ret; + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + /* We might have buffered a future record; if so, + * and if the epoch matches now, load it. + * On success, this call will set ssl->in_left to + * the length of the buffered record, so that + * the calls to ssl_fetch_input() below will + * essentially be no-ops. */ + ret = ssl_load_buffered_record( ssl ); + if( ret != 0 ) + return( ret ); +#endif /* MBEDTLS_SSL_PROTO_DTLS */ if( ( ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_hdr_len( ssl ) ) ) != 0 ) { @@ -4141,6 +4980,16 @@ int mbedtls_ssl_read_record_layer( mbedtls_ssl_context *ssl ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && ret != MBEDTLS_ERR_SSL_CLIENT_RECONNECT ) { + if( ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) + { + ret = ssl_buffer_future_record( ssl ); + if( ret != 0 ) + return( ret ); + + /* Fall through to handling of unexpected records */ + ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; + } + if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ) { /* Skip unexpected record (but not whole datagram) */ @@ -4272,6 +5121,39 @@ int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl ) } } + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ) + { + if( ssl->in_msglen != 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, len: %d", + ssl->in_msglen ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + + if( ssl->in_msg[0] != 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid CCS message, content: %02x", + ssl->in_msg[0] ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ssl->state != MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC && + ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC ) + { + if( ssl->handshake == NULL ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping ChangeCipherSpec outside handshake" ) ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ); + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "received out-of-order ChangeCipherSpec - remember" ) ); + return( MBEDTLS_ERR_SSL_EARLY_MESSAGE ); + } +#endif + } + if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT ) { if( ssl->in_msglen != 2 ) @@ -4373,7 +5255,7 @@ int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl, ssl->out_msg[0] = level; ssl->out_msg[1] = message; - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); @@ -4542,9 +5424,9 @@ write_msg: ssl->state++; - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); return( ret ); } @@ -4553,60 +5435,16 @@ write_msg: return( ret ); } -int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) +/* + * Once the certificate message is read, parse it into a cert chain and + * perform basic checks, but leave actual verification to the caller + */ +static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl ) { - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + int ret; size_t i, n; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - int authmode = ssl->conf->authmode; uint8_t alert; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); - - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); - ssl->state++; - return( 0 ); - } - -#if defined(MBEDTLS_SSL_SRV_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); - ssl->state++; - return( 0 ); - } - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET ) - authmode = ssl->handshake->sni_authmode; -#endif - - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && - authmode == MBEDTLS_SSL_VERIFY_NONE ) - { - ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_SKIP_VERIFY; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); - ssl->state++; - return( 0 ); - } -#endif - - if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) - { - /* mbedtls_ssl_read_record may have sent an alert already. We - let it decide whether to alert. */ - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); - return( ret ); - } - - ssl->state++; - #if defined(MBEDTLS_SSL_SRV_C) #if defined(MBEDTLS_SSL_PROTO_SSL3) /* @@ -4626,10 +5464,7 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) one. The client should know what's going on, so we don't send an alert. */ ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING; - if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL ) - return( 0 ); - else - return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE ); } } #endif /* MBEDTLS_SSL_PROTO_SSL3 */ @@ -4650,10 +5485,7 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) one. The client should know what's going on, so we don't send an alert. */ ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING; - if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL ) - return( 0 ); - else - return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE ); } } #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ @@ -4803,6 +5635,94 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */ + return( 0 ); +} + +int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) +{ + int ret; + const mbedtls_ssl_ciphersuite_t * const ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; +#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + const int authmode = ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET + ? ssl->handshake->sni_authmode + : ssl->conf->authmode; +#else + const int authmode = ssl->conf->authmode; +#endif + void *rs_ctx = NULL; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); + + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + ssl->state++; + return( 0 ); + } + +#if defined(MBEDTLS_SSL_SRV_C) + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + ssl->state++; + return( 0 ); + } + + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER && + authmode == MBEDTLS_SSL_VERIFY_NONE ) + { + ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_SKIP_VERIFY; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + + ssl->state++; + return( 0 ); + } +#endif + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled && + ssl->handshake->ecrs_state == ssl_ecrs_crt_verify ) + { + goto crt_verify; + } +#endif + + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) + { + /* mbedtls_ssl_read_record may have sent an alert already. We + let it decide whether to alert. */ + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); + return( ret ); + } + + if( ( ret = ssl_parse_certificate_chain( ssl ) ) != 0 ) + { +#if defined(MBEDTLS_SSL_SRV_C) + if( ret == MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE && + authmode == MBEDTLS_SSL_VERIFY_OPTIONAL ) + { + ret = 0; + } +#endif + + ssl->state++; + return( ret ); + } + +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ssl->handshake->ecrs_enabled) + ssl->handshake->ecrs_state = ssl_ecrs_crt_verify; + +crt_verify: + if( ssl->handshake->ecrs_enabled) + rs_ctx = &ssl->handshake->ecrs_ctx; +#endif + if( authmode != MBEDTLS_SSL_VERIFY_NONE ) { mbedtls_x509_crt *ca_chain; @@ -4824,19 +5744,24 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) /* * Main check: verify certificate */ - ret = mbedtls_x509_crt_verify_with_profile( + ret = mbedtls_x509_crt_verify_restartable( ssl->session_negotiate->peer_cert, ca_chain, ca_crl, ssl->conf->cert_profile, ssl->hostname, &ssl->session_negotiate->verify_result, - ssl->conf->f_vrfy, ssl->conf->p_vrfy ); + ssl->conf->f_vrfy, ssl->conf->p_vrfy, rs_ctx ); if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "x509_verify_cert", ret ); } +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + return( MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS ); +#endif + /* * Secondary checks: always done, but change 'ret' only if it was 0 */ @@ -4889,6 +5814,8 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) if( ret != 0 ) { + uint8_t alert; + /* The certificate may have been rejected for several reasons. Pick one and send the corresponding alert. Which alert to send may be a subject of debate in some cases. */ @@ -4931,6 +5858,8 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_DEBUG_C */ } + ssl->state++; + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) ); return( ret ); @@ -4955,9 +5884,9 @@ int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl ) ssl->state++; - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); return( ret ); } @@ -4972,7 +5901,7 @@ int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse change cipher spec" ) ); - if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); @@ -4986,13 +5915,8 @@ int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } - if( ssl->in_msglen != 1 || ssl->in_msg[0] != 1 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC ); - } + /* CCS records are only accepted if they have length 1 and content '1', + * so we don't need to check this here. */ /* * Switch to our negotiated transform and session parameters for inbound @@ -5022,16 +5946,7 @@ int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_DTLS */ memset( ssl->in_ctr, 0, 8 ); - /* - * Set the in_msg pointer to the correct location based on IV length - */ - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - { - ssl->in_msg = ssl->in_iv + ssl->transform_negotiate->ivlen - - ssl->transform_negotiate->fixed_ivlen; - } - else - ssl->in_msg = ssl->in_iv; + ssl_update_in_pointers( ssl, ssl->transform_negotiate ); #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) if( mbedtls_ssl_hw_record_activate != NULL ) @@ -5482,16 +6397,7 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write finished" ) ); - /* - * Set the out_msg pointer to the correct location based on IV length - */ - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) - { - ssl->out_msg = ssl->out_iv + ssl->transform_negotiate->ivlen - - ssl->transform_negotiate->fixed_ivlen; - } - else - ssl->out_msg = ssl->out_iv; + ssl_update_out_pointers( ssl, ssl->transform_negotiate ); ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint ); @@ -5543,14 +6449,14 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) /* Remember current epoch settings for resending */ ssl->handshake->alt_transform_out = ssl->transform_out; - memcpy( ssl->handshake->alt_out_ctr, ssl->out_ctr, 8 ); + memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, 8 ); /* Set sequence_number to zero */ - memset( ssl->out_ctr + 2, 0, 6 ); + memset( ssl->cur_out_ctr + 2, 0, 6 ); /* Increment epoch */ for( i = 2; i > 0; i-- ) - if( ++ssl->out_ctr[i - 1] != 0 ) + if( ++ssl->cur_out_ctr[i - 1] != 0 ) break; /* The loop goes to its end iff the counter is wrapping */ @@ -5562,7 +6468,7 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) } else #endif /* MBEDTLS_SSL_PROTO_DTLS */ - memset( ssl->out_ctr, 0, 8 ); + memset( ssl->cur_out_ctr, 0, 8 ); ssl->transform_out = ssl->transform_negotiate; ssl->session_out = ssl->session_negotiate; @@ -5583,11 +6489,20 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) mbedtls_ssl_send_flight_completed( ssl ); #endif - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); + return( ret ); + } + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && + ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); return( ret ); } +#endif MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write finished" ) ); @@ -5610,7 +6525,7 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 ); - if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret ); return( ret ); @@ -5722,6 +6637,10 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) #endif #endif +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + mbedtls_x509_crt_restart_init( &handshake->ecrs_ctx ); +#endif + #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) handshake->sni_authmode = MBEDTLS_SSL_VERIFY_UNSET; #endif @@ -5841,6 +6760,78 @@ static int ssl_cookie_check_dummy( void *ctx, } #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ +/* Once ssl->out_hdr as the address of the beginning of the + * next outgoing record is set, deduce the other pointers. + * + * Note: For TLS, we save the implicit record sequence number + * (entering MAC computation) in the 8 bytes before ssl->out_hdr, + * and the caller has to make sure there's space for this. + */ + +static void ssl_update_out_pointers( mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->out_ctr = ssl->out_hdr + 3; + ssl->out_len = ssl->out_hdr + 11; + ssl->out_iv = ssl->out_hdr + 13; + } + else +#endif + { + ssl->out_ctr = ssl->out_hdr - 8; + ssl->out_len = ssl->out_hdr + 3; + ssl->out_iv = ssl->out_hdr + 5; + } + + /* Adjust out_msg to make space for explicit IV, if used. */ + if( transform != NULL && + ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + { + ssl->out_msg = ssl->out_iv + transform->ivlen - transform->fixed_ivlen; + } + else + ssl->out_msg = ssl->out_iv; +} + +/* Once ssl->in_hdr as the address of the beginning of the + * next incoming record is set, deduce the other pointers. + * + * Note: For TLS, we save the implicit record sequence number + * (entering MAC computation) in the 8 bytes before ssl->in_hdr, + * and the caller has to make sure there's space for this. + */ + +static void ssl_update_in_pointers( mbedtls_ssl_context *ssl, + mbedtls_ssl_transform *transform ) +{ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->in_ctr = ssl->in_hdr + 3; + ssl->in_len = ssl->in_hdr + 11; + ssl->in_iv = ssl->in_hdr + 13; + } + else +#endif + { + ssl->in_ctr = ssl->in_hdr - 8; + ssl->in_len = ssl->in_hdr + 3; + ssl->in_iv = ssl->in_hdr + 5; + } + + /* Offset in_msg from in_iv to allow space for explicit IV, if used. */ + if( transform != NULL && + ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + { + ssl->in_msg = ssl->in_iv + transform->ivlen - transform->fixed_ivlen; + } + else + ssl->in_msg = ssl->in_iv; +} + /* * Initialize an SSL context */ @@ -5852,6 +6843,28 @@ void mbedtls_ssl_init( mbedtls_ssl_context *ssl ) /* * Setup an SSL context */ + +static void ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ) +{ + /* Set the incoming and outgoing record pointers. */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + ssl->out_hdr = ssl->out_buf; + ssl->in_hdr = ssl->in_buf; + } + else +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + { + ssl->out_hdr = ssl->out_buf + 8; + ssl->in_hdr = ssl->in_buf + 8; + } + + /* Derive other internal pointers. */ + ssl_update_out_pointers( ssl, NULL /* no transform enabled */ ); + ssl_update_in_pointers ( ssl, NULL /* no transform enabled */ ); +} + int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, const mbedtls_ssl_config *conf ) { @@ -5862,57 +6875,55 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl, /* * Prepare base structures */ + + /* Set to NULL in case of an error condition */ + ssl->out_buf = NULL; + ssl->in_buf = mbedtls_calloc( 1, MBEDTLS_SSL_IN_BUFFER_LEN ); if( ssl->in_buf == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", MBEDTLS_SSL_IN_BUFFER_LEN) ); - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto error; } ssl->out_buf = mbedtls_calloc( 1, MBEDTLS_SSL_OUT_BUFFER_LEN ); if( ssl->out_buf == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", MBEDTLS_SSL_OUT_BUFFER_LEN) ); - mbedtls_free( ssl->in_buf ); - ssl->in_buf = NULL; - return( MBEDTLS_ERR_SSL_ALLOC_FAILED ); - } - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - ssl->out_hdr = ssl->out_buf; - ssl->out_ctr = ssl->out_buf + 3; - ssl->out_len = ssl->out_buf + 11; - ssl->out_iv = ssl->out_buf + 13; - ssl->out_msg = ssl->out_buf + 13; - - ssl->in_hdr = ssl->in_buf; - ssl->in_ctr = ssl->in_buf + 3; - ssl->in_len = ssl->in_buf + 11; - ssl->in_iv = ssl->in_buf + 13; - ssl->in_msg = ssl->in_buf + 13; + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto error; } - else -#endif - { - ssl->out_ctr = ssl->out_buf; - ssl->out_hdr = ssl->out_buf + 8; - ssl->out_len = ssl->out_buf + 11; - ssl->out_iv = ssl->out_buf + 13; - ssl->out_msg = ssl->out_buf + 13; - ssl->in_ctr = ssl->in_buf; - ssl->in_hdr = ssl->in_buf + 8; - ssl->in_len = ssl->in_buf + 11; - ssl->in_iv = ssl->in_buf + 13; - ssl->in_msg = ssl->in_buf + 13; - } + ssl_reset_in_out_pointers( ssl ); if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) - return( ret ); + goto error; return( 0 ); + +error: + mbedtls_free( ssl->in_buf ); + mbedtls_free( ssl->out_buf ); + + ssl->conf = NULL; + + ssl->in_buf = NULL; + ssl->out_buf = NULL; + + ssl->in_hdr = NULL; + ssl->in_ctr = NULL; + ssl->in_len = NULL; + ssl->in_iv = NULL; + ssl->in_msg = NULL; + + ssl->out_hdr = NULL; + ssl->out_ctr = NULL; + ssl->out_len = NULL; + ssl->out_iv = NULL; + ssl->out_msg = NULL; + + return( ret ); } /* @@ -5926,6 +6937,11 @@ static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) { int ret; +#if !defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) || \ + !defined(MBEDTLS_SSL_SRV_C) + ((void) partial); +#endif + ssl->state = MBEDTLS_SSL_HELLO_REQUEST; /* Cancel any possibly running timer */ @@ -5942,12 +6958,10 @@ static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION; ssl->in_offt = NULL; + ssl_reset_in_out_pointers( ssl ); - ssl->in_msg = ssl->in_buf + 13; ssl->in_msgtype = 0; ssl->in_msglen = 0; - if( partial == 0 ) - ssl->in_left = 0; #if defined(MBEDTLS_SSL_PROTO_DTLS) ssl->next_record_offset = 0; ssl->in_epoch = 0; @@ -5961,7 +6975,6 @@ static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->keep_current_message = 0; - ssl->out_msg = ssl->out_buf + 13; ssl->out_msgtype = 0; ssl->out_msglen = 0; ssl->out_left = 0; @@ -5970,12 +6983,23 @@ static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->split_done = 0; #endif + memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) ); + ssl->transform_in = NULL; ssl->transform_out = NULL; + ssl->session_in = NULL; + ssl->session_out = NULL; + memset( ssl->out_buf, 0, MBEDTLS_SSL_OUT_BUFFER_LEN ); + +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) if( partial == 0 ) +#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ + { + ssl->in_left = 0; memset( ssl->in_buf, 0, MBEDTLS_SSL_IN_BUFFER_LEN ); + } #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) if( mbedtls_ssl_hw_record_reset != NULL ) @@ -6008,7 +7032,9 @@ static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) #endif #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) +#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) if( partial == 0 ) +#endif { mbedtls_free( ssl->cli_id ); ssl->cli_id = NULL; @@ -6059,7 +7085,15 @@ void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limi #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) -void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max ) + +void mbedtls_ssl_set_datagram_packing( mbedtls_ssl_context *ssl, + unsigned allow_packing ) +{ + ssl->disable_datagram_packing = !allow_packing; +} + +void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, + uint32_t min, uint32_t max ) { conf->hs_timeout_min = min; conf->hs_timeout_max = max; @@ -6109,6 +7143,13 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, ssl->f_recv_timeout = f_recv_timeout; } +#if defined(MBEDTLS_SSL_PROTO_DTLS) +void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu ) +{ + ssl->mtu = mtu; +} +#endif + void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ) { conf->read_timeout = timeout; @@ -6772,7 +7813,7 @@ int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ) /* * In all other cases, the rest of the message can be dropped. - * As in ssl_read_record_layer, this needs to be adapted if + * As in ssl_get_next_record, this needs to be adapted if * we implement support for multiple alerts in single records. */ @@ -6839,28 +7880,47 @@ const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ) int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) { - size_t transform_expansion; + size_t transform_expansion = 0; const mbedtls_ssl_transform *transform = ssl->transform_out; + unsigned block_size; + + if( transform == NULL ) + return( (int) mbedtls_ssl_hdr_len( ssl ) ); #if defined(MBEDTLS_ZLIB_SUPPORT) if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL ) return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); #endif - if( transform == NULL ) - return( (int) mbedtls_ssl_hdr_len( ssl ) ); - switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) ) { case MBEDTLS_MODE_GCM: case MBEDTLS_MODE_CCM: + case MBEDTLS_MODE_CHACHAPOLY: case MBEDTLS_MODE_STREAM: transform_expansion = transform->minlen; break; case MBEDTLS_MODE_CBC: - transform_expansion = transform->maclen - + mbedtls_cipher_get_block_size( &transform->cipher_ctx_enc ); + + block_size = mbedtls_cipher_get_block_size( + &transform->cipher_ctx_enc ); + + /* Expansion due to the addition of the MAC. */ + transform_expansion += transform->maclen; + + /* Expansion due to the addition of CBC padding; + * Theoretically up to 256 bytes, but we never use + * more than the block size of the underlying cipher. */ + transform_expansion += block_size; + + /* For TLS 1.1 or higher, an explicit IV is added + * after the record header. */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + transform_expansion += block_size; +#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ + break; default: @@ -6881,19 +7941,89 @@ size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl ) */ max_len = ssl_mfl_code_to_length( ssl->conf->mfl_code ); - /* - * Check if a smaller max length was negotiated - */ + /* Check if a smaller max length was negotiated */ if( ssl->session_out != NULL && ssl_mfl_code_to_length( ssl->session_out->mfl_code ) < max_len ) { max_len = ssl_mfl_code_to_length( ssl->session_out->mfl_code ); } - return max_len; + /* During a handshake, use the value being negotiated */ + if( ssl->session_negotiate != NULL && + ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ) < max_len ) + { + max_len = ssl_mfl_code_to_length( ssl->session_negotiate->mfl_code ); + } + + return( max_len ); } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) +static size_t ssl_get_current_mtu( const mbedtls_ssl_context *ssl ) +{ + /* Return unlimited mtu for client hello messages to avoid fragmentation. */ + if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && + ( ssl->state == MBEDTLS_SSL_CLIENT_HELLO || + ssl->state == MBEDTLS_SSL_SERVER_HELLO ) ) + return ( 0 ); + + if( ssl->handshake == NULL || ssl->handshake->mtu == 0 ) + return( ssl->mtu ); + + if( ssl->mtu == 0 ) + return( ssl->handshake->mtu ); + + return( ssl->mtu < ssl->handshake->mtu ? + ssl->mtu : ssl->handshake->mtu ); +} +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +int mbedtls_ssl_get_max_out_record_payload( const mbedtls_ssl_context *ssl ) +{ + size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; + +#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \ + !defined(MBEDTLS_SSL_PROTO_DTLS) + (void) ssl; +#endif + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + const size_t mfl = mbedtls_ssl_get_max_frag_len( ssl ); + + if( max_len > mfl ) + max_len = mfl; +#endif + +#if defined(MBEDTLS_SSL_PROTO_DTLS) + if( ssl_get_current_mtu( ssl ) != 0 ) + { + const size_t mtu = ssl_get_current_mtu( ssl ); + const int ret = mbedtls_ssl_get_record_expansion( ssl ); + const size_t overhead = (size_t) ret; + + if( ret < 0 ) + return( ret ); + + if( mtu <= overhead ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "MTU too low for record expansion" ) ); + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + } + + if( max_len > mtu - overhead ) + max_len = mtu - overhead; + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +#if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \ + !defined(MBEDTLS_SSL_PROTO_DTLS) + ((void) ssl); +#endif + + return( (int) max_len ); +} + #if defined(MBEDTLS_X509_CRT_PARSE_C) const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl ) { @@ -6981,9 +8111,9 @@ static int ssl_write_hello_request( mbedtls_ssl_context *ssl ) ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_REQUEST; - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_handshake_msg( ssl ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_handshake_msg", ret ); return( ret ); } @@ -7113,7 +8243,7 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl ) in_ctr_cmp = memcmp( ssl->in_ctr + ep_len, ssl->conf->renego_period + ep_len, 8 - ep_len ); - out_ctr_cmp = memcmp( ssl->out_ctr + ep_len, + out_ctr_cmp = memcmp( ssl->cur_out_ctr + ep_len, ssl->conf->renego_period + ep_len, 8 - ep_len ); if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 ) @@ -7148,7 +8278,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) if( ssl->handshake != NULL && ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING ) { - if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) return( ret ); } } @@ -7197,7 +8327,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) ssl_set_timer( ssl, ssl->conf->read_timeout ); } - if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) { if( ret == MBEDTLS_ERR_SSL_CONN_EOF ) return( 0 ); @@ -7212,7 +8342,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) /* * OpenSSL sends empty messages to randomize the IV */ - if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_read_record( ssl, 1 ) ) != 0 ) { if( ret == MBEDTLS_ERR_SSL_CONN_EOF ) return( 0 ); @@ -7445,12 +8575,15 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) static int ssl_write_real( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { - int ret; -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - size_t max_len = mbedtls_ssl_get_max_frag_len( ssl ); -#else - size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + int ret = mbedtls_ssl_get_max_out_record_payload( ssl ); + const size_t max_len = (size_t) ret; + + if( ret < 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_get_max_out_record_payload", ret ); + return( ret ); + } + if( len > max_len ) { #if defined(MBEDTLS_SSL_PROTO_DTLS) @@ -7491,7 +8624,7 @@ static int ssl_write_real( mbedtls_ssl_context *ssl, ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; memcpy( ssl->out_msg, buf, len ); - if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 ) + if( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); return( ret ); @@ -7643,6 +8776,42 @@ static void ssl_key_cert_free( mbedtls_ssl_key_cert *key_cert ) } #endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_SSL_PROTO_DTLS) + +static void ssl_buffering_free( mbedtls_ssl_context *ssl ) +{ + unsigned offset; + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + + if( hs == NULL ) + return; + + ssl_free_buffered_record( ssl ); + + for( offset = 0; offset < MBEDTLS_SSL_MAX_BUFFERED_HS; offset++ ) + ssl_buffering_free_slot( ssl, offset ); +} + +static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, + uint8_t slot ) +{ + mbedtls_ssl_handshake_params * const hs = ssl->handshake; + mbedtls_ssl_hs_buffer * const hs_buf = &hs->buffering.hs[slot]; + + if( slot >= MBEDTLS_SSL_MAX_BUFFERED_HS ) + return; + + if( hs_buf->is_valid == 1 ) + { + hs->buffering.total_bytes_buffered -= hs_buf->data_len; + mbedtls_platform_zeroize( hs_buf->data, hs_buf->data_len ); + mbedtls_free( hs_buf->data ); + memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); + } +} + +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) { mbedtls_ssl_handshake_params *handshake = ssl->handshake; @@ -7720,10 +8889,14 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_SERVER_NAME_INDICATION */ +#if defined(MBEDTLS_SSL__ECP_RESTARTABLE) + mbedtls_x509_crt_restart_free( &handshake->ecrs_ctx ); +#endif + #if defined(MBEDTLS_SSL_PROTO_DTLS) mbedtls_free( handshake->verify_cookie ); - mbedtls_free( handshake->hs_msg ); ssl_flight_free( handshake->flight ); + ssl_buffering_free( ssl ); #endif mbedtls_platform_zeroize( handshake, diff --git a/thirdparty/mbedtls/library/threading.c b/thirdparty/mbedtls/library/threading.c index 7a32e672c7..7c90c7c595 100644 --- a/thirdparty/mbedtls/library/threading.c +++ b/thirdparty/mbedtls/library/threading.c @@ -19,6 +19,14 @@ * This file is part of mbed TLS (https://tls.mbed.org) */ +/* + * Ensure gmtime_r is available even with -std=c99; must be defined before + * config.h, which pulls in glibc's features.h. Harmless on other platforms. + */ +#if !defined(_POSIX_C_SOURCE) +#define _POSIX_C_SOURCE 200112L +#endif + #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else @@ -29,6 +37,36 @@ #include "mbedtls/threading.h" +#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT) + +#if !defined(_WIN32) && (defined(unix) || \ + defined(__unix) || defined(__unix__) || (defined(__APPLE__) && \ + defined(__MACH__))) +#include <unistd.h> +#endif /* !_WIN32 && (unix || __unix || __unix__ || + * (__APPLE__ && __MACH__)) */ + +#if !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ + ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ + _POSIX_THREAD_SAFE_FUNCTIONS >= 20112L ) ) +/* + * This is a convenience shorthand macro to avoid checking the long + * preprocessor conditions above. Ideally, we could expose this macro in + * platform_util.h and simply use it in platform_util.c, threading.c and + * threading.h. However, this macro is not part of the Mbed TLS public API, so + * we keep it private by only defining it in this file + */ + +#if ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) +#define THREADING_USE_GMTIME +#endif /* ! ( defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) ) */ + +#endif /* !( ( defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L ) || \ + ( defined(_POSIX_THREAD_SAFE_FUNCTIONS ) && \ + _POSIX_THREAD_SAFE_FUNCTIONS >= 20112L ) ) */ + +#endif /* MBEDTLS_HAVE_TIME_DATE && !MBEDTLS_PLATFORM_GMTIME_R_ALT */ + #if defined(MBEDTLS_THREADING_PTHREAD) static void threading_mutex_init_pthread( mbedtls_threading_mutex_t *mutex ) { @@ -114,6 +152,9 @@ void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * #if defined(MBEDTLS_FS_IO) mbedtls_mutex_init( &mbedtls_threading_readdir_mutex ); #endif +#if defined(THREADING_USE_GMTIME) + mbedtls_mutex_init( &mbedtls_threading_gmtime_mutex ); +#endif } /* @@ -124,6 +165,9 @@ void mbedtls_threading_free_alt( void ) #if defined(MBEDTLS_FS_IO) mbedtls_mutex_free( &mbedtls_threading_readdir_mutex ); #endif +#if defined(THREADING_USE_GMTIME) + mbedtls_mutex_free( &mbedtls_threading_gmtime_mutex ); +#endif } #endif /* MBEDTLS_THREADING_ALT */ @@ -136,5 +180,8 @@ void mbedtls_threading_free_alt( void ) #if defined(MBEDTLS_FS_IO) mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex MUTEX_INIT; #endif +#if defined(THREADING_USE_GMTIME) +mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex MUTEX_INIT; +#endif #endif /* MBEDTLS_THREADING_C */ diff --git a/thirdparty/mbedtls/library/timing.c b/thirdparty/mbedtls/library/timing.c index 3e8139f1f9..413d133fb6 100644 --- a/thirdparty/mbedtls/library/timing.c +++ b/thirdparty/mbedtls/library/timing.c @@ -52,6 +52,7 @@ #include <windows.h> #include <winbase.h> +#include <process.h> struct _hr_time { @@ -267,18 +268,17 @@ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int /* It's OK to use a global because alarm() is supposed to be global anyway */ static DWORD alarmMs; -static DWORD WINAPI TimerProc( LPVOID TimerContext ) +static void TimerProc( void *TimerContext ) { - ((void) TimerContext); + (void) TimerContext; Sleep( alarmMs ); mbedtls_timing_alarmed = 1; - return( TRUE ); + /* _endthread will be called implicitly on return + * That ensures execution of thread funcition's epilogue */ } void mbedtls_set_alarm( int seconds ) { - DWORD ThreadId; - if( seconds == 0 ) { /* No need to create a thread for this simple case. @@ -289,7 +289,7 @@ void mbedtls_set_alarm( int seconds ) mbedtls_timing_alarmed = 0; alarmMs = seconds * 1000; - CloseHandle( CreateThread( NULL, 0, TimerProc, NULL, 0, &ThreadId ) ); + (void) _beginthread( TimerProc, 0, NULL ); } #else /* _WIN32 && !EFIX64 && !EFI32 */ diff --git a/thirdparty/mbedtls/library/version_features.c b/thirdparty/mbedtls/library/version_features.c index 777b6034c4..4c36d3caaa 100644 --- a/thirdparty/mbedtls/library/version_features.c +++ b/thirdparty/mbedtls/library/version_features.c @@ -84,6 +84,9 @@ static const char *features[] = { #if defined(MBEDTLS_DEPRECATED_REMOVED) "MBEDTLS_DEPRECATED_REMOVED", #endif /* MBEDTLS_DEPRECATED_REMOVED */ +#if defined(MBEDTLS_CHECK_PARAMS) + "MBEDTLS_CHECK_PARAMS", +#endif /* MBEDTLS_CHECK_PARAMS */ #if defined(MBEDTLS_TIMING_ALT) "MBEDTLS_TIMING_ALT", #endif /* MBEDTLS_TIMING_ALT */ @@ -339,6 +342,9 @@ static const char *features[] = { #if defined(MBEDTLS_ECP_NIST_OPTIM) "MBEDTLS_ECP_NIST_OPTIM", #endif /* MBEDTLS_ECP_NIST_OPTIM */ +#if defined(MBEDTLS_ECP_RESTARTABLE) + "MBEDTLS_ECP_RESTARTABLE", +#endif /* MBEDTLS_ECP_RESTARTABLE */ #if defined(MBEDTLS_ECDSA_DETERMINISTIC) "MBEDTLS_ECDSA_DETERMINISTIC", #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ diff --git a/thirdparty/mbedtls/library/x509.c b/thirdparty/mbedtls/library/x509.c index 2e6795f750..52b5b649f7 100644 --- a/thirdparty/mbedtls/library/x509.c +++ b/thirdparty/mbedtls/library/x509.c @@ -29,10 +29,6 @@ * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf */ -/* Ensure gmtime_r is available even with -std=c99; must be included before - * config.h, which pulls in glibc's features.h. Harmless on other platforms. */ -#define _POSIX_C_SOURCE 200112L - #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else @@ -67,6 +63,7 @@ #include "mbedtls/platform_time.h" #endif #if defined(MBEDTLS_HAVE_TIME_DATE) +#include "mbedtls/platform_util.h" #include <time.h> #endif @@ -901,11 +898,7 @@ static int x509_get_current_time( mbedtls_x509_time *now ) int ret = 0; tt = mbedtls_time( NULL ); -#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) - lt = gmtime_s( &tm_buf, &tt ) == 0 ? &tm_buf : NULL; -#else - lt = gmtime_r( &tt, &tm_buf ); -#endif + lt = mbedtls_platform_gmtime_r( &tt, &tm_buf ); if( lt == NULL ) ret = -1; diff --git a/thirdparty/mbedtls/library/x509_create.c b/thirdparty/mbedtls/library/x509_create.c index df20ec8ebd..546e8fa1a9 100644 --- a/thirdparty/mbedtls/library/x509_create.c +++ b/thirdparty/mbedtls/library/x509_create.c @@ -33,48 +33,84 @@ #include <string.h> +/* Structure linking OIDs for X.509 DN AttributeTypes to their + * string representations and default string encodings used by Mbed TLS. */ typedef struct { - const char *name; - size_t name_len; - const char*oid; + const char *name; /* String representation of AttributeType, e.g. + * "CN" or "emailAddress". */ + size_t name_len; /* Length of 'name', without trailing 0 byte. */ + const char *oid; /* String representation of OID of AttributeType, + * as per RFC 5280, Appendix A.1. */ + int default_tag; /* The default character encoding used for the + * given attribute type, e.g. + * MBEDTLS_ASN1_UTF8_STRING for UTF-8. */ } x509_attr_descriptor_t; #define ADD_STRLEN( s ) s, sizeof( s ) - 1 +/* X.509 DN attributes from RFC 5280, Appendix A.1. */ static const x509_attr_descriptor_t x509_attrs[] = { - { ADD_STRLEN( "CN" ), MBEDTLS_OID_AT_CN }, - { ADD_STRLEN( "commonName" ), MBEDTLS_OID_AT_CN }, - { ADD_STRLEN( "C" ), MBEDTLS_OID_AT_COUNTRY }, - { ADD_STRLEN( "countryName" ), MBEDTLS_OID_AT_COUNTRY }, - { ADD_STRLEN( "O" ), MBEDTLS_OID_AT_ORGANIZATION }, - { ADD_STRLEN( "organizationName" ), MBEDTLS_OID_AT_ORGANIZATION }, - { ADD_STRLEN( "L" ), MBEDTLS_OID_AT_LOCALITY }, - { ADD_STRLEN( "locality" ), MBEDTLS_OID_AT_LOCALITY }, - { ADD_STRLEN( "R" ), MBEDTLS_OID_PKCS9_EMAIL }, - { ADD_STRLEN( "OU" ), MBEDTLS_OID_AT_ORG_UNIT }, - { ADD_STRLEN( "organizationalUnitName" ), MBEDTLS_OID_AT_ORG_UNIT }, - { ADD_STRLEN( "ST" ), MBEDTLS_OID_AT_STATE }, - { ADD_STRLEN( "stateOrProvinceName" ), MBEDTLS_OID_AT_STATE }, - { ADD_STRLEN( "emailAddress" ), MBEDTLS_OID_PKCS9_EMAIL }, - { ADD_STRLEN( "serialNumber" ), MBEDTLS_OID_AT_SERIAL_NUMBER }, - { ADD_STRLEN( "postalAddress" ), MBEDTLS_OID_AT_POSTAL_ADDRESS }, - { ADD_STRLEN( "postalCode" ), MBEDTLS_OID_AT_POSTAL_CODE }, - { ADD_STRLEN( "dnQualifier" ), MBEDTLS_OID_AT_DN_QUALIFIER }, - { ADD_STRLEN( "title" ), MBEDTLS_OID_AT_TITLE }, - { ADD_STRLEN( "surName" ), MBEDTLS_OID_AT_SUR_NAME }, - { ADD_STRLEN( "SN" ), MBEDTLS_OID_AT_SUR_NAME }, - { ADD_STRLEN( "givenName" ), MBEDTLS_OID_AT_GIVEN_NAME }, - { ADD_STRLEN( "GN" ), MBEDTLS_OID_AT_GIVEN_NAME }, - { ADD_STRLEN( "initials" ), MBEDTLS_OID_AT_INITIALS }, - { ADD_STRLEN( "pseudonym" ), MBEDTLS_OID_AT_PSEUDONYM }, - { ADD_STRLEN( "generationQualifier" ), MBEDTLS_OID_AT_GENERATION_QUALIFIER }, - { ADD_STRLEN( "domainComponent" ), MBEDTLS_OID_DOMAIN_COMPONENT }, - { ADD_STRLEN( "DC" ), MBEDTLS_OID_DOMAIN_COMPONENT }, - { NULL, 0, NULL } + { ADD_STRLEN( "CN" ), + MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "commonName" ), + MBEDTLS_OID_AT_CN, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "C" ), + MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING }, + { ADD_STRLEN( "countryName" ), + MBEDTLS_OID_AT_COUNTRY, MBEDTLS_ASN1_PRINTABLE_STRING }, + { ADD_STRLEN( "O" ), + MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "organizationName" ), + MBEDTLS_OID_AT_ORGANIZATION, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "L" ), + MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "locality" ), + MBEDTLS_OID_AT_LOCALITY, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "R" ), + MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING }, + { ADD_STRLEN( "OU" ), + MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "organizationalUnitName" ), + MBEDTLS_OID_AT_ORG_UNIT, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "ST" ), + MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "stateOrProvinceName" ), + MBEDTLS_OID_AT_STATE, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "emailAddress" ), + MBEDTLS_OID_PKCS9_EMAIL, MBEDTLS_ASN1_IA5_STRING }, + { ADD_STRLEN( "serialNumber" ), + MBEDTLS_OID_AT_SERIAL_NUMBER, MBEDTLS_ASN1_PRINTABLE_STRING }, + { ADD_STRLEN( "postalAddress" ), + MBEDTLS_OID_AT_POSTAL_ADDRESS, MBEDTLS_ASN1_PRINTABLE_STRING }, + { ADD_STRLEN( "postalCode" ), + MBEDTLS_OID_AT_POSTAL_CODE, MBEDTLS_ASN1_PRINTABLE_STRING }, + { ADD_STRLEN( "dnQualifier" ), + MBEDTLS_OID_AT_DN_QUALIFIER, MBEDTLS_ASN1_PRINTABLE_STRING }, + { ADD_STRLEN( "title" ), + MBEDTLS_OID_AT_TITLE, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "surName" ), + MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "SN" ), + MBEDTLS_OID_AT_SUR_NAME, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "givenName" ), + MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "GN" ), + MBEDTLS_OID_AT_GIVEN_NAME, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "initials" ), + MBEDTLS_OID_AT_INITIALS, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "pseudonym" ), + MBEDTLS_OID_AT_PSEUDONYM, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "generationQualifier" ), + MBEDTLS_OID_AT_GENERATION_QUALIFIER, MBEDTLS_ASN1_UTF8_STRING }, + { ADD_STRLEN( "domainComponent" ), + MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING }, + { ADD_STRLEN( "DC" ), + MBEDTLS_OID_DOMAIN_COMPONENT, MBEDTLS_ASN1_IA5_STRING }, + { NULL, 0, NULL, MBEDTLS_ASN1_NULL } }; -static const char *x509_at_oid_from_name( const char *name, size_t name_len ) +static const x509_attr_descriptor_t *x509_attr_descr_from_name( const char *name, size_t name_len ) { const x509_attr_descriptor_t *cur; @@ -83,7 +119,10 @@ static const char *x509_at_oid_from_name( const char *name, size_t name_len ) strncmp( cur->name, name, name_len ) == 0 ) break; - return( cur->oid ); + if ( cur->name == NULL ) + return( NULL ); + + return( cur ); } int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name ) @@ -92,6 +131,7 @@ int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *na const char *s = name, *c = s; const char *end = s + strlen( s ); const char *oid = NULL; + const x509_attr_descriptor_t* attr_descr = NULL; int in_tag = 1; char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; char *d = data; @@ -103,12 +143,13 @@ int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *na { if( in_tag && *c == '=' ) { - if( ( oid = x509_at_oid_from_name( s, c - s ) ) == NULL ) + if( ( attr_descr = x509_attr_descr_from_name( s, c - s ) ) == NULL ) { ret = MBEDTLS_ERR_X509_UNKNOWN_OID; goto exit; } + oid = attr_descr->oid; s = c + 1; in_tag = 0; d = data; @@ -127,13 +168,19 @@ int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *na } else if( !in_tag && ( *c == ',' || c == end ) ) { - if( mbedtls_asn1_store_named_data( head, oid, strlen( oid ), - (unsigned char *) data, - d - data ) == NULL ) + mbedtls_asn1_named_data* cur = + mbedtls_asn1_store_named_data( head, oid, strlen( oid ), + (unsigned char *) data, + d - data ); + + if(cur == NULL ) { return( MBEDTLS_ERR_X509_ALLOC_FAILED ); } + // set tagType + cur->val.tag = attr_descr->default_tag; + while( c < end && *(c + 1) == ' ' ) c++; @@ -192,46 +239,40 @@ int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, * * AttributeValue ::= ANY DEFINED BY AttributeType */ -static int x509_write_name( unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len, - const unsigned char *name, size_t name_len ) +static int x509_write_name( unsigned char **p, unsigned char *start, mbedtls_asn1_named_data* cur_name) { int ret; size_t len = 0; - - // Write PrintableString for all except MBEDTLS_OID_PKCS9_EMAIL - // - if( MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_EMAIL ) == oid_len && - memcmp( oid, MBEDTLS_OID_PKCS9_EMAIL, oid_len ) == 0 ) - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_ia5_string( p, start, - (const char *) name, - name_len ) ); - } - else - { - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_printable_string( p, start, - (const char *) name, - name_len ) ); - } - + const char *oid = (const char*)cur_name->oid.p; + size_t oid_len = cur_name->oid.len; + const unsigned char *name = cur_name->val.p; + size_t name_len = cur_name->val.len; + + // Write correct string tag and value + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tagged_string( p, start, + cur_name->val.tag, + (const char *) name, + name_len ) ); // Write OID // - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, + oid_len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE ) ); + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) ); - MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ); return( (int) len ); } int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first ) + mbedtls_asn1_named_data *first ) { int ret; size_t len = 0; @@ -239,9 +280,7 @@ int mbedtls_x509_write_names( unsigned char **p, unsigned char *start, while( cur != NULL ) { - MBEDTLS_ASN1_CHK_ADD( len, x509_write_name( p, start, (char *) cur->oid.p, - cur->oid.len, - cur->val.p, cur->val.len ) ); + MBEDTLS_ASN1_CHK_ADD( len, x509_write_name( p, start, cur ) ); cur = cur->next; } diff --git a/thirdparty/mbedtls/library/x509_crt.c b/thirdparty/mbedtls/library/x509_crt.c index 3cf1743821..35a134950e 100644 --- a/thirdparty/mbedtls/library/x509_crt.c +++ b/thirdparty/mbedtls/library/x509_crt.c @@ -43,7 +43,6 @@ #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" -#include <stdio.h> #include <string.h> #if defined(MBEDTLS_PEM_PARSE_C) @@ -53,6 +52,7 @@ #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else +#include <stdio.h> #include <stdlib.h> #define mbedtls_free free #define mbedtls_calloc calloc @@ -176,6 +176,9 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb = static int x509_profile_check_md_alg( const mbedtls_x509_crt_profile *profile, mbedtls_md_type_t md_alg ) { + if( md_alg == MBEDTLS_MD_NONE ) + return( -1 ); + if( ( profile->allowed_mds & MBEDTLS_X509_ID_FLAG( md_alg ) ) != 0 ) return( 0 ); @@ -189,6 +192,9 @@ static int x509_profile_check_md_alg( const mbedtls_x509_crt_profile *profile, static int x509_profile_check_pk_alg( const mbedtls_x509_crt_profile *profile, mbedtls_pk_type_t pk_alg ) { + if( pk_alg == MBEDTLS_PK_NONE ) + return( -1 ); + if( ( profile->allowed_pks & MBEDTLS_X509_ID_FLAG( pk_alg ) ) != 0 ) return( 0 ); @@ -221,6 +227,9 @@ static int x509_profile_check_key( const mbedtls_x509_crt_profile *profile, { const mbedtls_ecp_group_id gid = mbedtls_pk_ec( *pk )->grp.id; + if( gid == MBEDTLS_ECP_DP_NONE ) + return( -1 ); + if( ( profile->allowed_curves & MBEDTLS_X509_ID_FLAG( gid ) ) != 0 ) return( 0 ); @@ -232,6 +241,153 @@ static int x509_profile_check_key( const mbedtls_x509_crt_profile *profile, } /* + * Like memcmp, but case-insensitive and always returns -1 if different + */ +static int x509_memcasecmp( const void *s1, const void *s2, size_t len ) +{ + size_t i; + unsigned char diff; + const unsigned char *n1 = s1, *n2 = s2; + + for( i = 0; i < len; i++ ) + { + diff = n1[i] ^ n2[i]; + + if( diff == 0 ) + continue; + + if( diff == 32 && + ( ( n1[i] >= 'a' && n1[i] <= 'z' ) || + ( n1[i] >= 'A' && n1[i] <= 'Z' ) ) ) + { + continue; + } + + return( -1 ); + } + + return( 0 ); +} + +/* + * Return 0 if name matches wildcard, -1 otherwise + */ +static int x509_check_wildcard( const char *cn, const mbedtls_x509_buf *name ) +{ + size_t i; + size_t cn_idx = 0, cn_len = strlen( cn ); + + /* We can't have a match if there is no wildcard to match */ + if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' ) + return( -1 ); + + for( i = 0; i < cn_len; ++i ) + { + if( cn[i] == '.' ) + { + cn_idx = i; + break; + } + } + + if( cn_idx == 0 ) + return( -1 ); + + if( cn_len - cn_idx == name->len - 1 && + x509_memcasecmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 ) + { + return( 0 ); + } + + return( -1 ); +} + +/* + * Compare two X.509 strings, case-insensitive, and allowing for some encoding + * variations (but not all). + * + * Return 0 if equal, -1 otherwise. + */ +static int x509_string_cmp( const mbedtls_x509_buf *a, const mbedtls_x509_buf *b ) +{ + if( a->tag == b->tag && + a->len == b->len && + memcmp( a->p, b->p, b->len ) == 0 ) + { + return( 0 ); + } + + if( ( a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && + ( b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && + a->len == b->len && + x509_memcasecmp( a->p, b->p, b->len ) == 0 ) + { + return( 0 ); + } + + return( -1 ); +} + +/* + * Compare two X.509 Names (aka rdnSequence). + * + * See RFC 5280 section 7.1, though we don't implement the whole algorithm: + * we sometimes return unequal when the full algorithm would return equal, + * but never the other way. (In particular, we don't do Unicode normalisation + * or space folding.) + * + * Return 0 if equal, -1 otherwise. + */ +static int x509_name_cmp( const mbedtls_x509_name *a, const mbedtls_x509_name *b ) +{ + /* Avoid recursion, it might not be optimised by the compiler */ + while( a != NULL || b != NULL ) + { + if( a == NULL || b == NULL ) + return( -1 ); + + /* type */ + if( a->oid.tag != b->oid.tag || + a->oid.len != b->oid.len || + memcmp( a->oid.p, b->oid.p, b->oid.len ) != 0 ) + { + return( -1 ); + } + + /* value */ + if( x509_string_cmp( &a->val, &b->val ) != 0 ) + return( -1 ); + + /* structure of the list of sets */ + if( a->next_merged != b->next_merged ) + return( -1 ); + + a = a->next; + b = b->next; + } + + /* a == NULL == b */ + return( 0 ); +} + +/* + * Reset (init or clear) a verify_chain + */ +static void x509_crt_verify_chain_reset( + mbedtls_x509_crt_verify_chain *ver_chain ) +{ + size_t i; + + for( i = 0; i < MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE; i++ ) + { + ver_chain->items[i].crt = NULL; + ver_chain->items[i].flags = -1; + } + + ver_chain->len = 0; +} + +/* * Version ::= INTEGER { v1(0), v2(1), v3(2) } */ static int x509_get_version( unsigned char **p, @@ -583,18 +739,14 @@ static int x509_get_crt_ext( unsigned char **p, end_ext_data = *p + len; /* Get extension ID */ - extn_oid.tag = **p; - - if( ( ret = mbedtls_asn1_get_tag( p, end, &extn_oid.len, MBEDTLS_ASN1_OID ) ) != 0 ) + if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &extn_oid.len, + MBEDTLS_ASN1_OID ) ) != 0 ) return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); + extn_oid.tag = MBEDTLS_ASN1_OID; extn_oid.p = *p; *p += extn_oid.len; - if( ( end - *p ) < 1 ) - return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + - MBEDTLS_ERR_ASN1_OUT_OF_DATA ); - /* Get optional critical */ if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 && ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) ) @@ -1139,7 +1291,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) char filename[MAX_PATH]; char *p; size_t len = strlen( path ); - int length_as_int = 0; + int lengthAsInt = 0; WIN32_FIND_DATAW file_data; HANDLE hFind; @@ -1154,7 +1306,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) p = filename + len; filename[len++] = '*'; - if ( FAILED ( SizeTToInt( len, &length_as_int ) ) ) + if ( FAILED ( SizeTToInt( len, &lengthAsInt ) ) ) return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); /* @@ -1165,7 +1317,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) * incoming string are less than MAX_PATH to avoid a buffer overrun with * MultiByteToWideChar(). */ - w_ret = MultiByteToWideChar( CP_ACP, 0, filename, length_as_int, szDir, + w_ret = MultiByteToWideChar( CP_ACP, 0, filename, lengthAsInt, szDir, MAX_PATH - 3 ); if( w_ret == 0 ) return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); @@ -1182,11 +1334,11 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY ) continue; - if ( FAILED( SizeTToInt( wcslen( file_data.cFileName ), &length_as_int ) ) ) + if ( FAILED( SizeTToInt( wcslen( file_data.cFileName ), &lengthAsInt ) ) ) return( MBEDTLS_ERR_X509_FILE_IO_ERROR ); w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName, - length_as_int, + lengthAsInt, p, (int) len - 1, NULL, NULL ); if( w_ret == 0 ) @@ -1690,9 +1842,7 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, while( crl_list != NULL ) { if( crl_list->version == 0 || - crl_list->issuer_raw.len != ca->subject_raw.len || - memcmp( crl_list->issuer_raw.p, ca->subject_raw.p, - crl_list->issuer_raw.len ) != 0 ) + x509_name_cmp( &crl_list->issuer, &ca->subject ) != 0 ) { crl_list = crl_list->next; continue; @@ -1702,7 +1852,8 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, * Check if the CA is configured to sign CRLs */ #if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - if( mbedtls_x509_crt_check_key_usage( ca, MBEDTLS_X509_KU_CRL_SIGN ) != 0 ) + if( mbedtls_x509_crt_check_key_usage( ca, + MBEDTLS_X509_KU_CRL_SIGN ) != 0 ) { flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED; break; @@ -1763,140 +1914,11 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, #endif /* MBEDTLS_X509_CRL_PARSE_C */ /* - * Like memcmp, but case-insensitive and always returns -1 if different - */ -static int x509_memcasecmp( const void *s1, const void *s2, size_t len ) -{ - size_t i; - unsigned char diff; - const unsigned char *n1 = s1, *n2 = s2; - - for( i = 0; i < len; i++ ) - { - diff = n1[i] ^ n2[i]; - - if( diff == 0 ) - continue; - - if( diff == 32 && - ( ( n1[i] >= 'a' && n1[i] <= 'z' ) || - ( n1[i] >= 'A' && n1[i] <= 'Z' ) ) ) - { - continue; - } - - return( -1 ); - } - - return( 0 ); -} - -/* - * Return 0 if name matches wildcard, -1 otherwise - */ -static int x509_check_wildcard( const char *cn, const mbedtls_x509_buf *name ) -{ - size_t i; - size_t cn_idx = 0, cn_len = strlen( cn ); - - /* We can't have a match if there is no wildcard to match */ - if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' ) - return( -1 ); - - for( i = 0; i < cn_len; ++i ) - { - if( cn[i] == '.' ) - { - cn_idx = i; - break; - } - } - - if( cn_idx == 0 ) - return( -1 ); - - if( cn_len - cn_idx == name->len - 1 && - x509_memcasecmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 ) - { - return( 0 ); - } - - return( -1 ); -} - -/* - * Compare two X.509 strings, case-insensitive, and allowing for some encoding - * variations (but not all). - * - * Return 0 if equal, -1 otherwise. - */ -static int x509_string_cmp( const mbedtls_x509_buf *a, const mbedtls_x509_buf *b ) -{ - if( a->tag == b->tag && - a->len == b->len && - memcmp( a->p, b->p, b->len ) == 0 ) - { - return( 0 ); - } - - if( ( a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && - ( b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) && - a->len == b->len && - x509_memcasecmp( a->p, b->p, b->len ) == 0 ) - { - return( 0 ); - } - - return( -1 ); -} - -/* - * Compare two X.509 Names (aka rdnSequence). - * - * See RFC 5280 section 7.1, though we don't implement the whole algorithm: - * we sometimes return unequal when the full algorithm would return equal, - * but never the other way. (In particular, we don't do Unicode normalisation - * or space folding.) - * - * Return 0 if equal, -1 otherwise. - */ -static int x509_name_cmp( const mbedtls_x509_name *a, const mbedtls_x509_name *b ) -{ - /* Avoid recursion, it might not be optimised by the compiler */ - while( a != NULL || b != NULL ) - { - if( a == NULL || b == NULL ) - return( -1 ); - - /* type */ - if( a->oid.tag != b->oid.tag || - a->oid.len != b->oid.len || - memcmp( a->oid.p, b->oid.p, b->oid.len ) != 0 ) - { - return( -1 ); - } - - /* value */ - if( x509_string_cmp( &a->val, &b->val ) != 0 ) - return( -1 ); - - /* structure of the list of sets */ - if( a->next_merged != b->next_merged ) - return( -1 ); - - a = a->next; - b = b->next; - } - - /* a == NULL == b */ - return( 0 ); -} - -/* * Check the signature of a certificate by its parent */ static int x509_crt_check_signature( const mbedtls_x509_crt *child, - mbedtls_x509_crt *parent ) + mbedtls_x509_crt *parent, + mbedtls_x509_crt_restart_ctx *rs_ctx ) { const mbedtls_md_info_t *md_info; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; @@ -1908,14 +1930,24 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child, return( -1 ); } - if( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk, - child->sig_md, hash, mbedtls_md_get_size( md_info ), - child->sig.p, child->sig.len ) != 0 ) - { + /* Skip expensive computation on obvious mismatch */ + if( ! mbedtls_pk_can_do( &parent->pk, child->sig_pk ) ) return( -1 ); + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA ) + { + return( mbedtls_pk_verify_restartable( &parent->pk, + child->sig_md, hash, mbedtls_md_get_size( md_info ), + child->sig.p, child->sig.len, &rs_ctx->pk ) ); } +#else + (void) rs_ctx; +#endif - return( 0 ); + return( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk, + child->sig_md, hash, mbedtls_md_get_size( md_info ), + child->sig.p, child->sig.len ) ); } /* @@ -1962,6 +1994,7 @@ static int x509_crt_check_parent( const mbedtls_x509_crt *child, * 1. subject name matches child's issuer * 2. if necessary, the CA bit is set and key usage allows signing certs * 3. for trusted roots, the signature is correct + * (for intermediates, the signature is checked and the result reported) * 4. pathlen constraints are satisfied * * If there's a suitable candidate which is also time-valid, return the first @@ -1984,23 +2017,54 @@ static int x509_crt_check_parent( const mbedtls_x509_crt *child, * Arguments: * - [in] child: certificate for which we're looking for a parent * - [in] candidates: chained list of potential parents + * - [out] r_parent: parent found (or NULL) + * - [out] r_signature_is_good: 1 if child signature by parent is valid, or 0 * - [in] top: 1 if candidates consists of trusted roots, ie we're at the top * of the chain, 0 otherwise * - [in] path_cnt: number of intermediates seen so far * - [in] self_cnt: number of self-signed intermediates seen so far * (will never be greater than path_cnt) + * - [in-out] rs_ctx: context for restarting operations * * Return value: - * - the first suitable parent found (see above regarding time-validity) - * - NULL if no suitable parent was found + * - 0 on success + * - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise */ -static mbedtls_x509_crt *x509_crt_find_parent_in( mbedtls_x509_crt *child, - mbedtls_x509_crt *candidates, - int top, - size_t path_cnt, - size_t self_cnt ) +static int x509_crt_find_parent_in( + mbedtls_x509_crt *child, + mbedtls_x509_crt *candidates, + mbedtls_x509_crt **r_parent, + int *r_signature_is_good, + int top, + unsigned path_cnt, + unsigned self_cnt, + mbedtls_x509_crt_restart_ctx *rs_ctx ) { - mbedtls_x509_crt *parent, *badtime_parent = NULL; + int ret; + mbedtls_x509_crt *parent, *fallback_parent; + int signature_is_good, fallback_signature_is_good; + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + /* did we have something in progress? */ + if( rs_ctx != NULL && rs_ctx->parent != NULL ) + { + /* restore saved state */ + parent = rs_ctx->parent; + fallback_parent = rs_ctx->fallback_parent; + fallback_signature_is_good = rs_ctx->fallback_signature_is_good; + + /* clear saved state */ + rs_ctx->parent = NULL; + rs_ctx->fallback_parent = NULL; + rs_ctx->fallback_signature_is_good = 0; + + /* resume where we left */ + goto check_signature; + } +#endif + + fallback_parent = NULL; + fallback_signature_is_good = 0; for( parent = candidates; parent != NULL; parent = parent->next ) { @@ -2016,17 +2080,38 @@ static mbedtls_x509_crt *x509_crt_find_parent_in( mbedtls_x509_crt *child, } /* Signature */ - if( top && x509_crt_check_signature( child, parent ) != 0 ) +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) +check_signature: +#endif + ret = x509_crt_check_signature( child, parent, rs_ctx ); + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) { - continue; + /* save state */ + rs_ctx->parent = parent; + rs_ctx->fallback_parent = fallback_parent; + rs_ctx->fallback_signature_is_good = fallback_signature_is_good; + + return( ret ); } +#else + (void) ret; +#endif + + signature_is_good = ret == 0; + if( top && ! signature_is_good ) + continue; /* optional time check */ if( mbedtls_x509_time_is_past( &parent->valid_to ) || mbedtls_x509_time_is_future( &parent->valid_from ) ) { - if( badtime_parent == NULL ) - badtime_parent = parent; + if( fallback_parent == NULL ) + { + fallback_parent = parent; + fallback_signature_is_good = signature_is_good; + } continue; } @@ -2034,10 +2119,18 @@ static mbedtls_x509_crt *x509_crt_find_parent_in( mbedtls_x509_crt *child, break; } - if( parent == NULL ) - parent = badtime_parent; + if( parent != NULL ) + { + *r_parent = parent; + *r_signature_is_good = signature_is_good; + } + else + { + *r_parent = fallback_parent; + *r_signature_is_good = fallback_signature_is_good; + } - return( parent ); + return( 0 ); } /* @@ -2049,34 +2142,78 @@ static mbedtls_x509_crt *x509_crt_find_parent_in( mbedtls_x509_crt *child, * Arguments: * - [in] child: certificate for which we're looking for a parent, followed * by a chain of possible intermediates - * - [in] trust_ca: locally trusted CAs - * - [out] 1 if parent was found in trust_ca, 0 if found in provided chain - * - [in] path_cnt: number of intermediates seen so far - * - [in] self_cnt: number of self-signed intermediates seen so far + * - [in] trust_ca: list of locally trusted certificates + * - [out] parent: parent found (or NULL) + * - [out] parent_is_trusted: 1 if returned `parent` is trusted, or 0 + * - [out] signature_is_good: 1 if child signature by parent is valid, or 0 + * - [in] path_cnt: number of links in the chain so far (EE -> ... -> child) + * - [in] self_cnt: number of self-signed certs in the chain so far * (will always be no greater than path_cnt) + * - [in-out] rs_ctx: context for restarting operations * * Return value: - * - the first suitable parent found (see find_parent_in() for "suitable") - * - NULL if no suitable parent was found + * - 0 on success + * - MBEDTLS_ERR_ECP_IN_PROGRESS otherwise */ -static mbedtls_x509_crt *x509_crt_find_parent( mbedtls_x509_crt *child, - mbedtls_x509_crt *trust_ca, - int *parent_is_trusted, - size_t path_cnt, - size_t self_cnt ) +static int x509_crt_find_parent( + mbedtls_x509_crt *child, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crt **parent, + int *parent_is_trusted, + int *signature_is_good, + unsigned path_cnt, + unsigned self_cnt, + mbedtls_x509_crt_restart_ctx *rs_ctx ) { - mbedtls_x509_crt *parent; + int ret; + mbedtls_x509_crt *search_list; - /* Look for a parent in trusted CAs */ *parent_is_trusted = 1; - parent = x509_crt_find_parent_in( child, trust_ca, 1, path_cnt, self_cnt ); - if( parent != NULL ) - return( parent ); +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + /* restore then clear saved state if we have some stored */ + if( rs_ctx != NULL && rs_ctx->parent_is_trusted != -1 ) + { + *parent_is_trusted = rs_ctx->parent_is_trusted; + rs_ctx->parent_is_trusted = -1; + } +#endif + + while( 1 ) { + search_list = *parent_is_trusted ? trust_ca : child->next; + + ret = x509_crt_find_parent_in( child, search_list, + parent, signature_is_good, + *parent_is_trusted, + path_cnt, self_cnt, rs_ctx ); + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + { + /* save state */ + rs_ctx->parent_is_trusted = *parent_is_trusted; + return( ret ); + } +#else + (void) ret; +#endif + + /* stop here if found or already in second iteration */ + if( *parent != NULL || *parent_is_trusted == 0 ) + break; + + /* prepare second iteration */ + *parent_is_trusted = 0; + } + + /* extra precaution against mistakes in the caller */ + if( *parent == NULL ) + { + *parent_is_trusted = 0; + *signature_is_good = 0; + } - /* Look for a parent upwards the chain */ - *parent_is_trusted = 0; - return( x509_crt_find_parent_in( child, child->next, 0, path_cnt, self_cnt ) ); + return( 0 ); } /* @@ -2125,11 +2262,24 @@ static int x509_crt_check_ee_locally_trusted( * - EE, Ci1, ..., Ciq cannot be continued with a trusted root * -> return that chain with NOT_TRUSTED set on Ciq * + * Tests for (aspects of) this function should include at least: + * - trusted EE + * - EE -> trusted root + * - EE -> intermedate CA -> trusted root + * - if relevant: EE untrusted + * - if relevant: EE -> intermediate, untrusted + * with the aspect under test checked at each relevant level (EE, int, root). + * For some aspects longer chains are required, but usually length 2 is + * enough (but length 1 is not in general). + * * Arguments: * - [in] crt: the cert list EE, C1, ..., Cn * - [in] trust_ca: the trusted list R1, ..., Rp * - [in] ca_crl, profile: as in verify_with_profile() - * - [out] ver_chain, chain_len: the built and verified chain + * - [out] ver_chain: the built and verified chain + * Only valid when return value is 0, may contain garbage otherwise! + * Restart note: need not be the same when calling again to resume. + * - [in-out] rs_ctx: context for restarting operations * * Return value: * - non-zero if the chain could not be fully built and examined @@ -2141,24 +2291,50 @@ static int x509_crt_verify_chain( mbedtls_x509_crt *trust_ca, mbedtls_x509_crl *ca_crl, const mbedtls_x509_crt_profile *profile, - x509_crt_verify_chain_item ver_chain[X509_MAX_VERIFY_CHAIN_SIZE], - size_t *chain_len ) + mbedtls_x509_crt_verify_chain *ver_chain, + mbedtls_x509_crt_restart_ctx *rs_ctx ) { + /* Don't initialize any of those variables here, so that the compiler can + * catch potential issues with jumping ahead when restarting */ + int ret; uint32_t *flags; + mbedtls_x509_crt_verify_chain_item *cur; mbedtls_x509_crt *child; mbedtls_x509_crt *parent; - int parent_is_trusted = 0; - int child_is_trusted = 0; - size_t self_cnt = 0; + int parent_is_trusted; + int child_is_trusted; + int signature_is_good; + unsigned self_cnt; + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + /* resume if we had an operation in progress */ + if( rs_ctx != NULL && rs_ctx->in_progress == x509_crt_rs_find_parent ) + { + /* restore saved state */ + *ver_chain = rs_ctx->ver_chain; /* struct copy */ + self_cnt = rs_ctx->self_cnt; + + /* restore derived state */ + cur = &ver_chain->items[ver_chain->len - 1]; + child = cur->crt; + flags = &cur->flags; + + goto find_parent; + } +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ child = crt; - *chain_len = 0; + self_cnt = 0; + parent_is_trusted = 0; + child_is_trusted = 0; while( 1 ) { /* Add certificate to the verification chain */ - ver_chain[*chain_len].crt = child; - flags = &ver_chain[*chain_len].flags; - ++*chain_len; + cur = &ver_chain->items[ver_chain->len]; + cur->crt = child; + cur->flags = 0; + ver_chain->len++; + flags = &cur->flags; /* Check time-validity (all certificates) */ if( mbedtls_x509_time_is_past( &child->valid_to ) ) @@ -2179,15 +2355,33 @@ static int x509_crt_verify_chain( *flags |= MBEDTLS_X509_BADCERT_BAD_PK; /* Special case: EE certs that are locally trusted */ - if( *chain_len == 1 && + if( ver_chain->len == 1 && x509_crt_check_ee_locally_trusted( child, trust_ca ) == 0 ) { return( 0 ); } +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) +find_parent: +#endif /* Look for a parent in trusted CAs or up the chain */ - parent = x509_crt_find_parent( child, trust_ca, &parent_is_trusted, - *chain_len - 1, self_cnt ); + ret = x509_crt_find_parent( child, trust_ca, &parent, + &parent_is_trusted, &signature_is_good, + ver_chain->len - 1, self_cnt, rs_ctx ); + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS ) + { + /* save state */ + rs_ctx->in_progress = x509_crt_rs_find_parent; + rs_ctx->self_cnt = self_cnt; + rs_ctx->ver_chain = *ver_chain; /* struct copy */ + + return( ret ); + } +#else + (void) ret; +#endif /* No parent? We're done here */ if( parent == NULL ) @@ -2199,7 +2393,7 @@ static int x509_crt_verify_chain( /* Count intermediate self-issued (not necessarily self-signed) certs. * These can occur with some strategies for key rollover, see [SIRO], * and should be excluded from max_pathlen checks. */ - if( *chain_len != 1 && + if( ver_chain->len != 1 && x509_name_cmp( &child->issuer, &child->subject ) == 0 ) { self_cnt++; @@ -2208,14 +2402,14 @@ static int x509_crt_verify_chain( /* path_cnt is 0 for the first intermediate CA, * and if parent is trusted it's not an intermediate CA */ if( ! parent_is_trusted && - *chain_len > MBEDTLS_X509_MAX_INTERMEDIATE_CA ) + ver_chain->len > MBEDTLS_X509_MAX_INTERMEDIATE_CA ) { /* return immediately to avoid overflow the chain array */ return( MBEDTLS_ERR_X509_FATAL_ERROR ); } - /* if parent is trusted, the signature was checked by find_parent() */ - if( ! parent_is_trusted && x509_crt_check_signature( child, parent ) != 0 ) + /* signature was checked while searching parent */ + if( ! signature_is_good ) *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED; /* check size of signing key */ @@ -2233,6 +2427,7 @@ static int x509_crt_verify_chain( child = parent; parent = NULL; child_is_trusted = parent_is_trusted; + signature_is_good = 0; } } @@ -2301,21 +2496,22 @@ static void x509_crt_verify_name( const mbedtls_x509_crt *crt, */ static int x509_crt_merge_flags_with_cb( uint32_t *flags, - x509_crt_verify_chain_item ver_chain[X509_MAX_VERIFY_CHAIN_SIZE], - size_t chain_len, + const mbedtls_x509_crt_verify_chain *ver_chain, int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), void *p_vrfy ) { int ret; - size_t i; + unsigned i; uint32_t cur_flags; + const mbedtls_x509_crt_verify_chain_item *cur; - for( i = chain_len; i != 0; --i ) + for( i = ver_chain->len; i != 0; --i ) { - cur_flags = ver_chain[i-1].flags; + cur = &ver_chain->items[i-1]; + cur_flags = cur->flags; if( NULL != f_vrfy ) - if( ( ret = f_vrfy( p_vrfy, ver_chain[i-1].crt, (int) i-1, &cur_flags ) ) != 0 ) + if( ( ret = f_vrfy( p_vrfy, cur->crt, (int) i-1, &cur_flags ) ) != 0 ) return( ret ); *flags |= cur_flags; @@ -2325,7 +2521,7 @@ static int x509_crt_merge_flags_with_cb( } /* - * Verify the certificate validity + * Verify the certificate validity (default profile, not restartable) */ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, mbedtls_x509_crt *trust_ca, @@ -2334,12 +2530,28 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), void *p_vrfy ) { - return( mbedtls_x509_crt_verify_with_profile( crt, trust_ca, ca_crl, - &mbedtls_x509_crt_profile_default, cn, flags, f_vrfy, p_vrfy ) ); + return( mbedtls_x509_crt_verify_restartable( crt, trust_ca, ca_crl, + &mbedtls_x509_crt_profile_default, cn, flags, + f_vrfy, p_vrfy, NULL ) ); +} + +/* + * Verify the certificate validity (user-chosen profile, not restartable) + */ +int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, + mbedtls_x509_crt *trust_ca, + mbedtls_x509_crl *ca_crl, + const mbedtls_x509_crt_profile *profile, + const char *cn, uint32_t *flags, + int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), + void *p_vrfy ) +{ + return( mbedtls_x509_crt_verify_restartable( crt, trust_ca, ca_crl, + profile, cn, flags, f_vrfy, p_vrfy, NULL ) ); } /* - * Verify the certificate validity, with profile + * Verify the certificate validity, with profile, restartable version * * This function: * - checks the requested CN (if any) @@ -2348,23 +2560,23 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt, * - builds and verifies the chain * - then calls the callback and merges the flags */ -int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, +int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt, mbedtls_x509_crt *trust_ca, mbedtls_x509_crl *ca_crl, const mbedtls_x509_crt_profile *profile, const char *cn, uint32_t *flags, int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *), - void *p_vrfy ) + void *p_vrfy, + mbedtls_x509_crt_restart_ctx *rs_ctx ) { int ret; mbedtls_pk_type_t pk_type; - x509_crt_verify_chain_item ver_chain[X509_MAX_VERIFY_CHAIN_SIZE]; - size_t chain_len; - uint32_t *ee_flags = &ver_chain[0].flags; + mbedtls_x509_crt_verify_chain ver_chain; + uint32_t ee_flags; *flags = 0; - memset( ver_chain, 0, sizeof( ver_chain ) ); - chain_len = 0; + ee_flags = 0; + x509_crt_verify_chain_reset( &ver_chain ); if( profile == NULL ) { @@ -2374,28 +2586,36 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt, /* check name if requested */ if( cn != NULL ) - x509_crt_verify_name( crt, cn, ee_flags ); + x509_crt_verify_name( crt, cn, &ee_flags ); /* Check the type and size of the key */ pk_type = mbedtls_pk_get_type( &crt->pk ); if( x509_profile_check_pk_alg( profile, pk_type ) != 0 ) - *ee_flags |= MBEDTLS_X509_BADCERT_BAD_PK; + ee_flags |= MBEDTLS_X509_BADCERT_BAD_PK; if( x509_profile_check_key( profile, &crt->pk ) != 0 ) - *ee_flags |= MBEDTLS_X509_BADCERT_BAD_KEY; + ee_flags |= MBEDTLS_X509_BADCERT_BAD_KEY; /* Check the chain */ ret = x509_crt_verify_chain( crt, trust_ca, ca_crl, profile, - ver_chain, &chain_len ); + &ver_chain, rs_ctx ); + if( ret != 0 ) goto exit; + /* Merge end-entity flags */ + ver_chain.items[0].flags |= ee_flags; + /* Build final flags, calling callback on the way if any */ - ret = x509_crt_merge_flags_with_cb( flags, - ver_chain, chain_len, f_vrfy, p_vrfy ); + ret = x509_crt_merge_flags_with_cb( flags, &ver_chain, f_vrfy, p_vrfy ); exit: +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + if( rs_ctx != NULL && ret != MBEDTLS_ERR_ECP_IN_PROGRESS ) + mbedtls_x509_crt_restart_free( rs_ctx ); +#endif + /* prevent misuse of the vrfy callback - VERIFY_FAILED would be ignored by * the SSL module for authmode optional, but non-zero return from the * callback means a fatal error so it shouldn't be ignored */ @@ -2506,4 +2726,36 @@ void mbedtls_x509_crt_free( mbedtls_x509_crt *crt ) while( cert_cur != NULL ); } +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) +/* + * Initialize a restart context + */ +void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx ) +{ + mbedtls_pk_restart_init( &ctx->pk ); + + ctx->parent = NULL; + ctx->fallback_parent = NULL; + ctx->fallback_signature_is_good = 0; + + ctx->parent_is_trusted = -1; + + ctx->in_progress = x509_crt_rs_none; + ctx->self_cnt = 0; + x509_crt_verify_chain_reset( &ctx->ver_chain ); +} + +/* + * Free the components of a restart context + */ +void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx ) +{ + if( ctx == NULL ) + return; + + mbedtls_pk_restart_free( &ctx->pk ); + mbedtls_x509_crt_restart_init( ctx ); +} +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + #endif /* MBEDTLS_X509_CRT_PARSE_C */ diff --git a/thirdparty/mbedtls/padlock.diff b/thirdparty/mbedtls/padlock.diff new file mode 100644 index 0000000000..6ace48891c --- /dev/null +++ b/thirdparty/mbedtls/padlock.diff @@ -0,0 +1,13 @@ +--- a/thirdparty/mbedtls/include/mbedtls/config.h ++++ b/thirdparty/mbedtls/include/mbedtls/config.h +@@ -2477,7 +2477,9 @@ + * + * This modules adds support for the VIA PadLock on x86. + */ +-#define MBEDTLS_PADLOCK_C ++// -- GODOT start -- ++// #define MBEDTLS_PADLOCK_C ++// -- GODOT end -- + + /** + * \def MBEDTLS_PEM_PARSE_C diff --git a/thirdparty/misc/stb_truetype.h b/thirdparty/misc/stb_truetype.h index e2efae2285..72299ea86d 100644 --- a/thirdparty/misc/stb_truetype.h +++ b/thirdparty/misc/stb_truetype.h @@ -1,4 +1,4 @@ -// stb_truetype.h - v1.19 - public domain +// stb_truetype.h - v1.21 - public domain // authored from 2009-2016 by Sean Barrett / RAD Game Tools // // This library processes TrueType files: @@ -49,6 +49,8 @@ // // VERSION HISTORY // +// 1.21 (2019-02-25) fix warning +// 1.20 (2019-02-07) PackFontRange skips missing codepoints; GetScaleFontVMetrics() // 1.19 (2018-02-11) GPOS kerning, STBTT_fmod // 1.18 (2018-01-29) add missing function // 1.17 (2017-07-23) make more arguments const; doc fix @@ -75,7 +77,7 @@ // // USAGE // -// Include this file in whatever places neeed to refer to it. In ONE C/C++ +// Include this file in whatever places need to refer to it. In ONE C/C++ // file, write: // #define STB_TRUETYPE_IMPLEMENTATION // before the #include of this file. This expands out the actual @@ -242,19 +244,6 @@ // recommend it. // // -// SOURCE STATISTICS (based on v0.6c, 2050 LOC) -// -// Documentation & header file 520 LOC \___ 660 LOC documentation -// Sample code 140 LOC / -// Truetype parsing 620 LOC ---- 620 LOC TrueType -// Software rasterization 240 LOC \ . -// Curve tesselation 120 LOC \__ 550 LOC Bitmap creation -// Bitmap management 100 LOC / -// Baked bitmap interface 70 LOC / -// Font name matching & access 150 LOC ---- 150 -// C runtime library abstraction 60 LOC ---- 60 -// -// // PERFORMANCE MEASUREMENTS FOR 1.06: // // 32-bit 64-bit @@ -556,6 +545,8 @@ STBTT_DEF void stbtt_GetBakedQuad(const stbtt_bakedchar *chardata, int pw, int p // // It's inefficient; you might want to c&p it and optimize it. +STBTT_DEF void stbtt_GetScaledFontVMetrics(const unsigned char *fontdata, int index, float size, float *ascent, float *descent, float *lineGap); +// Query the font vertical metrics without having to create a font first. ////////////////////////////////////////////////////////////////////////////// @@ -641,6 +632,12 @@ STBTT_DEF void stbtt_PackSetOversampling(stbtt_pack_context *spc, unsigned int h // To use with PackFontRangesGather etc., you must set it before calls // call to PackFontRangesGatherRects. +STBTT_DEF void stbtt_PackSetSkipMissingCodepoints(stbtt_pack_context *spc, int skip); +// If skip != 0, this tells stb_truetype to skip any codepoints for which +// there is no corresponding glyph. If skip=0, which is the default, then +// codepoints without a glyph recived the font's "missing character" glyph, +// typically an empty box by convention. + STBTT_DEF void stbtt_GetPackedQuad(const stbtt_packedchar *chardata, int pw, int ph, // same data as above int char_index, // character to display float *xpos, float *ypos, // pointers to current position in screen pixel space @@ -669,6 +666,7 @@ struct stbtt_pack_context { int height; int stride_in_bytes; int padding; + int skip_missing; unsigned int h_oversample, v_oversample; unsigned char *pixels; void *nodes; @@ -694,7 +692,7 @@ STBTT_DEF int stbtt_GetFontOffsetForIndex(const unsigned char *data, int index); // file will only define one font and it always be at offset 0, so it will // return '0' for index 0, and -1 for all other indices. -// The following structure is defined publically so you can declare one on +// The following structure is defined publicly so you can declare one on // the stack or as a global or etc, but you should treat it as opaque. struct stbtt_fontinfo { @@ -733,6 +731,7 @@ STBTT_DEF int stbtt_FindGlyphIndex(const stbtt_fontinfo *info, int unicode_codep // and you want a speed-up, call this function with the character you're // going to process, then use glyph-based functions instead of the // codepoint-based functions. +// Returns 0 if the character codepoint is not defined in the font. ////////////////////////////////////////////////////////////////////////////// @@ -820,7 +819,7 @@ STBTT_DEF int stbtt_GetGlyphShape(const stbtt_fontinfo *info, int glyph_index, s // returns # of vertices and fills *vertices with the pointer to them // these are expressed in "unscaled" coordinates // -// The shape is a series of countours. Each one starts with +// The shape is a series of contours. Each one starts with // a STBTT_moveto, then consists of a series of mixed // STBTT_lineto and STBTT_curveto segments. A lineto // draws a line from previous endpoint to its x,y; a curveto @@ -916,7 +915,7 @@ STBTT_DEF unsigned char * stbtt_GetGlyphSDF(const stbtt_fontinfo *info, float sc STBTT_DEF unsigned char * stbtt_GetCodepointSDF(const stbtt_fontinfo *info, float scale, int codepoint, int padding, unsigned char onedge_value, float pixel_dist_scale, int *width, int *height, int *xoff, int *yoff); // These functions compute a discretized SDF field for a single character, suitable for storing // in a single-channel texture, sampling with bilinear filtering, and testing against -// larger than some threshhold to produce scalable fonts. +// larger than some threshold to produce scalable fonts. // info -- the font // scale -- controls the size of the resulting SDF bitmap, same as it would be creating a regular bitmap // glyph/codepoint -- the character to generate the SDF for @@ -2463,6 +2462,7 @@ static stbtt_int32 stbtt__GetGlyphGPOSInfoAdvance(const stbtt_fontinfo *info, i if (valueFormat2 != 0) return 0; STBTT_assert(coverageIndex < pairSetCount); + STBTT__NOTUSED(pairSetCount); needle=glyph2; r=pairValueCount-1; @@ -3160,7 +3160,13 @@ static void stbtt__rasterize_sorted_edges(stbtt__bitmap *result, stbtt__edge *e, if (e->y0 != e->y1) { stbtt__active_edge *z = stbtt__new_active(&hh, e, off_x, scan_y_top, userdata); if (z != NULL) { - STBTT_assert(z->ey >= scan_y_top); + if (j == 0 && off_y != 0) { + if (z->ey < scan_y_top) { + // this can happen due to subpixel positioning and some kind of fp rounding error i think + z->ey = scan_y_top; + } + } + STBTT_assert(z->ey >= scan_y_top); // if we get really unlucky a tiny bit of an edge can be out of bounds // insert at front z->next = active; active = z; @@ -3229,7 +3235,7 @@ static void stbtt__sort_edges_ins_sort(stbtt__edge *p, int n) static void stbtt__sort_edges_quicksort(stbtt__edge *p, int n) { - /* threshhold for transitioning to insertion sort */ + /* threshold for transitioning to insertion sort */ while (n > 12) { stbtt__edge t; int c01,c12,c,m,i,j; @@ -3364,7 +3370,7 @@ static void stbtt__add_point(stbtt__point *points, int n, float x, float y) points[n].y = y; } -// tesselate until threshhold p is happy... @TODO warped to compensate for non-linear stretching +// tessellate until threshold p is happy... @TODO warped to compensate for non-linear stretching static int stbtt__tesselate_curve(stbtt__point *points, int *num_points, float x0, float y0, float x1, float y1, float x2, float y2, float objspace_flatness_squared, int n) { // midpoint @@ -3789,6 +3795,7 @@ STBTT_DEF int stbtt_PackBegin(stbtt_pack_context *spc, unsigned char *pixels, in spc->stride_in_bytes = stride_in_bytes != 0 ? stride_in_bytes : pw; spc->h_oversample = 1; spc->v_oversample = 1; + spc->skip_missing = 0; stbrp_init_target(context, pw-padding, ph-padding, nodes, num_nodes); @@ -3814,6 +3821,11 @@ STBTT_DEF void stbtt_PackSetOversampling(stbtt_pack_context *spc, unsigned int h spc->v_oversample = v_oversample; } +STBTT_DEF void stbtt_PackSetSkipMissingCodepoints(stbtt_pack_context *spc, int skip) +{ + spc->skip_missing = skip; +} + #define STBTT__OVER_MASK (STBTT_MAX_OVERSAMPLE-1) static void stbtt__h_prefilter(unsigned char *pixels, int w, int h, int stride_in_bytes, unsigned int kernel_width) @@ -3967,13 +3979,17 @@ STBTT_DEF int stbtt_PackFontRangesGatherRects(stbtt_pack_context *spc, const stb int x0,y0,x1,y1; int codepoint = ranges[i].array_of_unicode_codepoints == NULL ? ranges[i].first_unicode_codepoint_in_range + j : ranges[i].array_of_unicode_codepoints[j]; int glyph = stbtt_FindGlyphIndex(info, codepoint); - stbtt_GetGlyphBitmapBoxSubpixel(info,glyph, - scale * spc->h_oversample, - scale * spc->v_oversample, - 0,0, - &x0,&y0,&x1,&y1); - rects[k].w = (stbrp_coord) (x1-x0 + spc->padding + spc->h_oversample-1); - rects[k].h = (stbrp_coord) (y1-y0 + spc->padding + spc->v_oversample-1); + if (glyph == 0 && spc->skip_missing) { + rects[k].w = rects[k].h = 0; + } else { + stbtt_GetGlyphBitmapBoxSubpixel(info,glyph, + scale * spc->h_oversample, + scale * spc->v_oversample, + 0,0, + &x0,&y0,&x1,&y1); + rects[k].w = (stbrp_coord) (x1-x0 + spc->padding + spc->h_oversample-1); + rects[k].h = (stbrp_coord) (y1-y0 + spc->padding + spc->v_oversample-1); + } ++k; } } @@ -4026,7 +4042,7 @@ STBTT_DEF int stbtt_PackFontRangesRenderIntoRects(stbtt_pack_context *spc, const sub_y = stbtt__oversample_shift(spc->v_oversample); for (j=0; j < ranges[i].num_chars; ++j) { stbrp_rect *r = &rects[k]; - if (r->was_packed) { + if (r->was_packed && r->w != 0 && r->h != 0) { stbtt_packedchar *bc = &ranges[i].chardata_for_range[j]; int advance, lsb, x0,y0,x1,y1; int codepoint = ranges[i].array_of_unicode_codepoints == NULL ? ranges[i].first_unicode_codepoint_in_range + j : ranges[i].array_of_unicode_codepoints[j]; @@ -4140,6 +4156,19 @@ STBTT_DEF int stbtt_PackFontRange(stbtt_pack_context *spc, const unsigned char * return stbtt_PackFontRanges(spc, fontdata, font_index, &range, 1); } +STBTT_DEF void stbtt_GetScaledFontVMetrics(const unsigned char *fontdata, int index, float size, float *ascent, float *descent, float *lineGap) +{ + int i_ascent, i_descent, i_lineGap; + float scale; + stbtt_fontinfo info; + stbtt_InitFont(&info, fontdata, stbtt_GetFontOffsetForIndex(fontdata, index)); + scale = size > 0 ? stbtt_ScaleForPixelHeight(&info, size) : stbtt_ScaleForMappingEmToPixels(&info, -size); + stbtt_GetFontVMetrics(&info, &i_ascent, &i_descent, &i_lineGap); + *ascent = (float) i_ascent * scale; + *descent = (float) i_descent * scale; + *lineGap = (float) i_lineGap * scale; +} + STBTT_DEF void stbtt_GetPackedQuad(const stbtt_packedchar *chardata, int pw, int ph, int char_index, float *xpos, float *ypos, stbtt_aligned_quad *q, int align_to_integer) { float ipw = 1.0f / pw, iph = 1.0f / ph; diff --git a/thirdparty/misc/stb_vorbis.c b/thirdparty/misc/stb_vorbis.c index 8edcf0f38a..88276026ef 100644 --- a/thirdparty/misc/stb_vorbis.c +++ b/thirdparty/misc/stb_vorbis.c @@ -1,4 +1,4 @@ -// Ogg Vorbis audio decoder - v1.14 - public domain +// Ogg Vorbis audio decoder - v1.15 - public domain // http://nothings.org/stb_vorbis/ // // Original version written by Sean Barrett in 2007. @@ -33,6 +33,7 @@ // Timur Gagiev // // Partial history: +// 1.15 - 2019-02-07 - explicit failure if Ogg Skeleton data is found // 1.14 - 2018-02-11 - delete bogus dealloca usage // 1.13 - 2018-01-29 - fix truncation of last frame (hopefully) // 1.12 - 2017-11-21 - limit residue begin/end to blocksize/2 to avoid large temp allocs in bad/corrupt files @@ -253,7 +254,7 @@ extern stb_vorbis * stb_vorbis_open_file(FILE *f, int close_handle_on_close, // create an ogg vorbis decoder from an open FILE *, looking for a stream at // the _current_ seek point (ftell). on failure, returns NULL and sets *error. // note that stb_vorbis must "own" this stream; if you seek it in between -// calls to stb_vorbis, it will become confused. Morever, if you attempt to +// calls to stb_vorbis, it will become confused. Moreover, if you attempt to // perform stb_vorbis_seek_*() operations on this file, it will assume it // owns the _entire_ rest of the file after the start point. Use the next // function, stb_vorbis_open_file_section(), to limit it. @@ -374,7 +375,8 @@ enum STBVorbisError VORBIS_invalid_first_page, VORBIS_bad_packet_type, VORBIS_cant_find_last_page, - VORBIS_seek_failed + VORBIS_seek_failed, + VORBIS_ogg_skeleton_not_supported }; @@ -1073,7 +1075,7 @@ static int compute_codewords(Codebook *c, uint8 *len, int n, uint32 *values) assert(z >= 0 && z < 32); available[z] = 0; add_entry(c, bit_reverse(res), i, m++, len[i], values); - // propogate availability up the tree + // propagate availability up the tree if (z != len[i]) { assert(len[i] >= 0 && len[i] < 32); for (y=len[i]; y > z; --y) { @@ -2637,7 +2639,7 @@ static void inverse_mdct(float *buffer, int n, vorb *f, int blocktype) // once I combined the passes. // so there's a missing 'times 2' here (for adding X to itself). - // this propogates through linearly to the end, where the numbers + // this propagates through linearly to the end, where the numbers // are 1/2 too small, and need to be compensated for. { @@ -3578,7 +3580,22 @@ static int start_decoder(vorb *f) if (f->page_flag & PAGEFLAG_continued_packet) return error(f, VORBIS_invalid_first_page); // check for expected packet length if (f->segment_count != 1) return error(f, VORBIS_invalid_first_page); - if (f->segments[0] != 30) return error(f, VORBIS_invalid_first_page); + if (f->segments[0] != 30) { + // check for the Ogg skeleton fishead identifying header to refine our error + if (f->segments[0] == 64 && + getn(f, header, 6) && + header[0] == 'f' && + header[1] == 'i' && + header[2] == 's' && + header[3] == 'h' && + header[4] == 'e' && + header[5] == 'a' && + get8(f) == 'd' && + get8(f) == '\0') return error(f, VORBIS_ogg_skeleton_not_supported); + else + return error(f, VORBIS_invalid_first_page); + } + // read packet // check packet header if (get8(f) != VORBIS_packet_id) return error(f, VORBIS_invalid_first_page); @@ -4566,7 +4583,7 @@ static int get_seek_page_info(stb_vorbis *f, ProbedPage *z) return 1; } -// rarely used function to seek back to the preceeding page while finding the +// rarely used function to seek back to the preceding page while finding the // start of a packet static int go_to_page_before(stb_vorbis *f, unsigned int limit_offset) { diff --git a/thirdparty/nanosvg/nanosvg.h b/thirdparty/nanosvg/nanosvg.h index 2321c56fd2..8c8b061cd1 100644 --- a/thirdparty/nanosvg/nanosvg.h +++ b/thirdparty/nanosvg/nanosvg.h @@ -29,9 +29,11 @@ #ifndef NANOSVG_H #define NANOSVG_H +#ifndef NANOSVG_CPLUSPLUS #ifdef __cplusplus extern "C" { #endif +#endif // NanoSVG is a simple stupid single-header-file SVG parse. The output of the parser is a list of cubic bezier shapes. // @@ -45,15 +47,15 @@ extern "C" { // NanoSVG can return the paths in few different units. For example if you want to render an image, you may choose // to get the paths in pixels, or if you are feeding the data into a CNC-cutter, you may want to use millimeters. // -// The units passed to NanoVG should be one of: 'px', 'pt', 'pc' 'mm', 'cm', or 'in'. +// The units passed to NanoSVG should be one of: 'px', 'pt', 'pc' 'mm', 'cm', or 'in'. // DPI (dots-per-inch) controls how the unit conversion is done. // // If you don't know or care about the units stuff, "px" and 96 should get you going. /* Example Usage: - // Load - NSVGImage* image; + // Load SVG + NSVGimage* image; image = nsvgParseFromFile("test.svg", "px", 96); printf("size: %f x %f\n", image->width, image->height); // Use... @@ -167,12 +169,17 @@ NSVGimage* nsvgParseFromFile(const char* filename, const char* units, float dpi) // Important note: changes the string. NSVGimage* nsvgParse(char* input, const char* units, float dpi); -// Deletes list of paths. +// Duplicates a path. +NSVGpath* nsvgDuplicatePath(NSVGpath* p); + +// Deletes an image. void nsvgDelete(NSVGimage* image); +#ifndef NANOSVG_CPLUSPLUS #ifdef __cplusplus } #endif +#endif #endif // NANOSVG_H @@ -1415,8 +1422,7 @@ static unsigned int nsvg__parseColor(const char* str) static float nsvg__parseOpacity(const char* str) { - float val = 0; - sscanf(str, "%f", &val); + float val = nsvg__atof(str); if (val < 0.0f) val = 0.0f; if (val > 1.0f) val = 1.0f; return val; @@ -1424,8 +1430,7 @@ static float nsvg__parseOpacity(const char* str) static float nsvg__parseMiterLimit(const char* str) { - float val = 0; - sscanf(str, "%f", &val); + float val = nsvg__atof(str); if (val < 0.0f) val = 0.0f; return val; } @@ -1456,9 +1461,9 @@ static int nsvg__parseUnits(const char* units) static NSVGcoordinate nsvg__parseCoordinateRaw(const char* str) { NSVGcoordinate coord = {0, NSVG_UNITS_USER}; - char units[32]=""; - sscanf(str, "%f%31s", &coord.value, units); - coord.units = nsvg__parseUnits(units); + char buf[64]; + coord.units = nsvg__parseUnits(nsvg__parseNumber(str, buf, 64)); + coord.value = nsvg__atof(buf); return coord; } @@ -1650,7 +1655,7 @@ static char nsvg__parseLineJoin(const char* str) else if (strcmp(str, "bevel") == 0) return NSVG_JOIN_BEVEL; // TODO: handle inherit. - return NSVG_CAP_BUTT; + return NSVG_JOIN_MITER; } static char nsvg__parseFillRule(const char* str) @@ -2494,11 +2499,26 @@ static void nsvg__parseSVG(NSVGparser* p, const char** attr) for (i = 0; attr[i]; i += 2) { if (!nsvg__parseAttr(p, attr[i], attr[i + 1])) { if (strcmp(attr[i], "width") == 0) { - p->image->width = nsvg__parseCoordinate(p, attr[i + 1], 0.0f, 1.0f); + p->image->width = nsvg__parseCoordinate(p, attr[i + 1], 0.0f, 0.0f); } else if (strcmp(attr[i], "height") == 0) { - p->image->height = nsvg__parseCoordinate(p, attr[i + 1], 0.0f, 1.0f); + p->image->height = nsvg__parseCoordinate(p, attr[i + 1], 0.0f, 0.0f); } else if (strcmp(attr[i], "viewBox") == 0) { - sscanf(attr[i + 1], "%f%*[%%, \t]%f%*[%%, \t]%f%*[%%, \t]%f", &p->viewMinx, &p->viewMiny, &p->viewWidth, &p->viewHeight); + const char *s = attr[i + 1]; + char buf[64]; + s = nsvg__parseNumber(s, buf, 64); + p->viewMinx = nsvg__atof(buf); + while (*s && (nsvg__isspace(*s) || *s == '%' || *s == ',')) s++; + if (!*s) return; + s = nsvg__parseNumber(s, buf, 64); + p->viewMiny = nsvg__atof(buf); + while (*s && (nsvg__isspace(*s) || *s == '%' || *s == ',')) s++; + if (!*s) return; + s = nsvg__parseNumber(s, buf, 64); + p->viewWidth = nsvg__atof(buf); + while (*s && (nsvg__isspace(*s) || *s == '%' || *s == ',')) s++; + if (!*s) return; + s = nsvg__parseNumber(s, buf, 64); + p->viewHeight = nsvg__atof(buf); } else if (strcmp(attr[i], "preserveAspectRatio") == 0) { if (strstr(attr[i + 1], "none") != 0) { // No uniform scaling @@ -2906,6 +2926,36 @@ error: return NULL; } +NSVGpath* nsvgDuplicatePath(NSVGpath* p) +{ + NSVGpath* res = NULL; + + if (p == NULL) + return NULL; + + res = (NSVGpath*)malloc(sizeof(NSVGpath)); + if (res == NULL) goto error; + memset(res, 0, sizeof(NSVGpath)); + + res->pts = (float*)malloc(p->npts*2*sizeof(float)); + if (res->pts == NULL) goto error; + memcpy(res->pts, p->pts, p->npts * sizeof(float) * 2); + res->npts = p->npts; + + memcpy(res->bounds, p->bounds, sizeof(p->bounds)); + + res->closed = p->closed; + + return res; + +error: + if (res != NULL) { + free(res->pts); + free(res); + } + return NULL; +} + void nsvgDelete(NSVGimage* image) { NSVGshape *snext, *shape; diff --git a/thirdparty/nanosvg/nanosvgrast.h b/thirdparty/nanosvg/nanosvgrast.h index 2940c1f916..b740c316ca 100644 --- a/thirdparty/nanosvg/nanosvgrast.h +++ b/thirdparty/nanosvg/nanosvgrast.h @@ -25,15 +25,18 @@ #ifndef NANOSVGRAST_H #define NANOSVGRAST_H +#ifndef NANOSVGRAST_CPLUSPLUS #ifdef __cplusplus extern "C" { #endif +#endif typedef struct NSVGrasterizer NSVGrasterizer; /* Example Usage: // Load SVG - struct SNVGImage* image = nsvgParseFromFile("test.svg."); + NSVGimage* image; + image = nsvgParseFromFile("test.svg", "px", 96); // Create rasterizer (can be used to render multiple images). struct NSVGrasterizer* rast = nsvgCreateRasterizer(); @@ -63,9 +66,11 @@ void nsvgRasterize(NSVGrasterizer* r, void nsvgDeleteRasterizer(NSVGrasterizer*); +#ifndef NANOSVGRAST_CPLUSPLUS #ifdef __cplusplus } #endif +#endif #endif // NANOSVGRAST_H diff --git a/thirdparty/opus/http.c b/thirdparty/opus/http.c deleted file mode 100644 index 99fa8c08e0..0000000000 --- a/thirdparty/opus/http.c +++ /dev/null @@ -1,3465 +0,0 @@ -/******************************************************************** - * * - * THIS FILE IS PART OF THE libopusfile SOFTWARE CODEC SOURCE CODE. * - * USE, DISTRIBUTION AND REPRODUCTION OF THIS LIBRARY SOURCE IS * - * GOVERNED BY A BSD-STYLE SOURCE LICENSE INCLUDED WITH THIS SOURCE * - * IN 'COPYING'. PLEASE READ THESE TERMS BEFORE DISTRIBUTING. * - * * - * THE libopusfile SOURCE CODE IS (C) COPYRIGHT 2012 * - * by the Xiph.Org Foundation and contributors http://www.xiph.org/ * - * * - ********************************************************************/ -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#include "internal.h" -#include <ctype.h> -#include <errno.h> -#include <limits.h> -#include <string.h> - -/*RFCs referenced in this file: - RFC 761: DOD Standard Transmission Control Protocol - RFC 1535: A Security Problem and Proposed Correction With Widely Deployed DNS - Software - RFC 1738: Uniform Resource Locators (URL) - RFC 1945: Hypertext Transfer Protocol -- HTTP/1.0 - RFC 2068: Hypertext Transfer Protocol -- HTTP/1.1 - RFC 2145: Use and Interpretation of HTTP Version Numbers - RFC 2246: The TLS Protocol Version 1.0 - RFC 2459: Internet X.509 Public Key Infrastructure Certificate and - Certificate Revocation List (CRL) Profile - RFC 2616: Hypertext Transfer Protocol -- HTTP/1.1 - RFC 2617: HTTP Authentication: Basic and Digest Access Authentication - RFC 2817: Upgrading to TLS Within HTTP/1.1 - RFC 2818: HTTP Over TLS - RFC 3492: Punycode: A Bootstring encoding of Unicode for Internationalized - Domain Names in Applications (IDNA) - RFC 3986: Uniform Resource Identifier (URI): Generic Syntax - RFC 3987: Internationalized Resource Identifiers (IRIs) - RFC 4343: Domain Name System (DNS) Case Insensitivity Clarification - RFC 5894: Internationalized Domain Names for Applications (IDNA): - Background, Explanation, and Rationale - RFC 6066: Transport Layer Security (TLS) Extensions: Extension Definitions - RFC 6125: Representation and Verification of Domain-Based Application Service - Identity within Internet Public Key Infrastructure Using X.509 (PKIX) - Certificates in the Context of Transport Layer Security (TLS) - RFC 6555: Happy Eyeballs: Success with Dual-Stack Hosts*/ - -typedef struct OpusParsedURL OpusParsedURL; -typedef struct OpusStringBuf OpusStringBuf; -typedef struct OpusHTTPConn OpusHTTPConn; -typedef struct OpusHTTPStream OpusHTTPStream; - -static char *op_string_range_dup(const char *_start,const char *_end){ - size_t len; - char *ret; - OP_ASSERT(_start<=_end); - len=_end-_start; - /*This is to help avoid overflow elsewhere, later.*/ - if(OP_UNLIKELY(len>=INT_MAX))return NULL; - ret=(char *)_ogg_malloc(sizeof(*ret)*(len+1)); - if(OP_LIKELY(ret!=NULL)){ - ret=(char *)memcpy(ret,_start,sizeof(*ret)*(len)); - ret[len]='\0'; - } - return ret; -} - -static char *op_string_dup(const char *_s){ - return op_string_range_dup(_s,_s+strlen(_s)); -} - -static char *op_string_tolower(char *_s){ - int i; - for(i=0;_s[i]!='\0';i++){ - int c; - c=_s[i]; - if(c>='A'&&c<='Z')c+='a'-'A'; - _s[i]=(char)c; - } - return _s; -} - -/*URI character classes (from RFC 3986).*/ -#define OP_URL_ALPHA \ - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" -#define OP_URL_DIGIT "0123456789" -#define OP_URL_HEXDIGIT "0123456789ABCDEFabcdef" -/*Not a character class, but the characters allowed in <scheme>.*/ -#define OP_URL_SCHEME OP_URL_ALPHA OP_URL_DIGIT "+-." -#define OP_URL_GEN_DELIMS "#/:?@[]" -#define OP_URL_SUB_DELIMS "!$&'()*+,;=" -#define OP_URL_RESERVED OP_URL_GEN_DELIMS OP_URL_SUB_DELIMS -#define OP_URL_UNRESERVED OP_URL_ALPHA OP_URL_DIGIT "-._~" -/*Not a character class, but the characters allowed in <pct-encoded>.*/ -#define OP_URL_PCT_ENCODED "%" -/*Not a character class or production rule, but for convenience.*/ -#define OP_URL_PCHAR_BASE \ - OP_URL_UNRESERVED OP_URL_PCT_ENCODED OP_URL_SUB_DELIMS -#define OP_URL_PCHAR OP_URL_PCHAR_BASE ":@" -/*Not a character class, but the characters allowed in <userinfo> and - <IP-literal>.*/ -#define OP_URL_PCHAR_NA OP_URL_PCHAR_BASE ":" -/*Not a character class, but the characters allowed in <segment-nz-nc>.*/ -#define OP_URL_PCHAR_NC OP_URL_PCHAR_BASE "@" -/*Not a character clsss, but the characters allowed in <path>.*/ -#define OP_URL_PATH OP_URL_PCHAR "/" -/*Not a character class, but the characters allowed in <query> / <fragment>.*/ -#define OP_URL_QUERY_FRAG OP_URL_PCHAR "/?" - -/*Check the <% HEXDIG HEXDIG> escapes of a URL for validity. - Return: 0 if valid, or a negative value on failure.*/ -static int op_validate_url_escapes(const char *_s){ - int i; - for(i=0;_s[i];i++){ - if(_s[i]=='%'){ - if(OP_UNLIKELY(!isxdigit(_s[i+1])) - ||OP_UNLIKELY(!isxdigit(_s[i+2])) - /*RFC 3986 says %00 "should be rejected if the application is not - expecting to receive raw data within a component."*/ - ||OP_UNLIKELY(_s[i+1]=='0'&&_s[i+2]=='0')){ - return OP_FALSE; - } - i+=2; - } - } - return 0; -} - -/*Convert a hex digit to its actual value. - _c: The hex digit to convert. - Presumed to be valid ('0'...'9', 'A'...'F', or 'a'...'f'). - Return: The value of the digit, in the range [0,15].*/ -static int op_hex_value(int _c){ - return _c>='a'?_c-'a'+10:_c>='A'?_c-'A'+10:_c-'0'; -} - -/*Unescape all the <% HEXDIG HEXDIG> sequences in a string in-place. - This does no validity checking.*/ -static char *op_unescape_url_component(char *_s){ - int i; - int j; - for(i=j=0;_s[i];i++,j++){ - if(_s[i]=='%'){ - _s[i]=(char)(op_hex_value(_s[i+1])<<4|op_hex_value(_s[i+2])); - i+=2; - } - } - return _s; -} - -/*Parse a file: URL. - This code is not meant to be fast: strspn() with large sets is likely to be - slow, but it is very convenient. - It is meant to be RFC 1738-compliant (as updated by RFC 3986).*/ -static const char *op_parse_file_url(const char *_src){ - const char *scheme_end; - const char *path; - const char *path_end; - scheme_end=_src+strspn(_src,OP_URL_SCHEME); - if(OP_UNLIKELY(*scheme_end!=':') - ||scheme_end-_src!=4||op_strncasecmp(_src,"file",4)!=0){ - /*Unsupported protocol.*/ - return NULL; - } - /*Make sure all escape sequences are valid to simplify unescaping later.*/ - if(OP_UNLIKELY(op_validate_url_escapes(scheme_end+1)<0))return NULL; - if(scheme_end[1]=='/'&&scheme_end[2]=='/'){ - const char *host; - /*file: URLs can have a host! - Yeah, I was surprised, too, but that's what RFC 1738 says. - It also says, "The file URL scheme is unusual in that it does not specify - an Internet protocol or access method for such files; as such, its - utility in network protocols between hosts is limited," which is a mild - understatement.*/ - host=scheme_end+3; - /*The empty host is what we expect.*/ - if(OP_LIKELY(*host=='/'))path=host; - else{ - const char *host_end; - char host_buf[28]; - /*RFC 1738 says localhost "is interpreted as `the machine from which the - URL is being interpreted,'" so let's check for it.*/ - host_end=host+strspn(host,OP_URL_PCHAR_BASE); - /*No <port> allowed. - This also rejects IP-Literals.*/ - if(*host_end!='/')return NULL; - /*An escaped "localhost" can take at most 27 characters.*/ - if(OP_UNLIKELY(host_end-host>27))return NULL; - memcpy(host_buf,host,sizeof(*host_buf)*(host_end-host)); - host_buf[host_end-host]='\0'; - op_unescape_url_component(host_buf); - op_string_tolower(host_buf); - /*Some other host: give up.*/ - if(OP_UNLIKELY(strcmp(host_buf,"localhost")!=0))return NULL; - path=host_end; - } - } - else path=scheme_end+1; - path_end=path+strspn(path,OP_URL_PATH); - /*This will reject a <query> or <fragment> component, too. - I don't know what to do with queries, but a temporal fragment would at - least make sense. - RFC 1738 pretty clearly defines a <searchpart> that's equivalent to the - RFC 3986 <query> component for other schemes, but not the file: scheme, - so I'm going to just reject it.*/ - if(*path_end!='\0')return NULL; - return path; -} - -#if defined(OP_ENABLE_HTTP) -# if defined(_WIN32) -# include <winsock2.h> -# include <ws2tcpip.h> -# include <openssl/ssl.h> -# include "winerrno.h" - -typedef SOCKET op_sock; - -# define OP_INVALID_SOCKET (INVALID_SOCKET) - -/*Vista and later support WSAPoll(), but we don't want to rely on that. - Instead we re-implement it badly using select(). - Unfortunately, they define a conflicting struct pollfd, so we only define our - own if it looks like that one has not already been defined.*/ -# if !defined(POLLIN) -/*Equivalent to POLLIN.*/ -# define POLLRDNORM (0x0100) -/*Priority band data can be read.*/ -# define POLLRDBAND (0x0200) -/*There is data to read.*/ -# define POLLIN (POLLRDNORM|POLLRDBAND) -/*There is urgent data to read.*/ -# define POLLPRI (0x0400) -/*Equivalent to POLLOUT.*/ -# define POLLWRNORM (0x0010) -/*Writing now will not block.*/ -# define POLLOUT (POLLWRNORM) -/*Priority data may be written.*/ -# define POLLWRBAND (0x0020) -/*Error condition (output only).*/ -# define POLLERR (0x0001) -/*Hang up (output only).*/ -# define POLLHUP (0x0002) -/*Invalid request: fd not open (output only).*/ -# define POLLNVAL (0x0004) - -struct pollfd{ - /*File descriptor.*/ - op_sock fd; - /*Requested events.*/ - short events; - /*Returned events.*/ - short revents; -}; -# endif - -/*But Winsock never defines nfds_t (it's simply hard-coded to ULONG).*/ -typedef unsigned long nfds_t; - -/*The usage of FD_SET() below is O(N^2). - This is okay because select() is limited to 64 sockets in Winsock, anyway. - In practice, we only ever call it with one or two sockets.*/ -static int op_poll_win32(struct pollfd *_fds,nfds_t _nfds,int _timeout){ - struct timeval tv; - fd_set ifds; - fd_set ofds; - fd_set efds; - nfds_t i; - int ret; - FD_ZERO(&ifds); - FD_ZERO(&ofds); - FD_ZERO(&efds); - for(i=0;i<_nfds;i++){ - _fds[i].revents=0; - if(_fds[i].events&POLLIN)FD_SET(_fds[i].fd,&ifds); - if(_fds[i].events&POLLOUT)FD_SET(_fds[i].fd,&ofds); - FD_SET(_fds[i].fd,&efds); - } - if(_timeout>=0){ - tv.tv_sec=_timeout/1000; - tv.tv_usec=(_timeout%1000)*1000; - } - ret=select(-1,&ifds,&ofds,&efds,_timeout<0?NULL:&tv); - if(ret>0){ - for(i=0;i<_nfds;i++){ - if(FD_ISSET(_fds[i].fd,&ifds))_fds[i].revents|=POLLIN; - if(FD_ISSET(_fds[i].fd,&ofds))_fds[i].revents|=POLLOUT; - /*This isn't correct: there are several different things that might have - happened to a fd in efds, but I don't know a good way to distinguish - them without more context from the caller. - It's okay, because we don't actually check any of these bits, we just - need _some_ bit set.*/ - if(FD_ISSET(_fds[i].fd,&efds))_fds[i].revents|=POLLHUP; - } - } - return ret; -} - -/*We define op_errno() to make it clear that it's not an l-value like normal - errno is.*/ -# define op_errno() (WSAGetLastError()?WSAGetLastError()-WSABASEERR:0) -# define op_reset_errno() (WSASetLastError(0)) - -/*The remaining functions don't get an op_ prefix even though they only - operate on sockets, because we don't use non-socket I/O here, and this - minimizes the changes needed to deal with Winsock.*/ -# define close(_fd) closesocket(_fd) -/*This relies on sizeof(u_long)==sizeof(int), which is always true on both - Win32 and Win64.*/ -# define ioctl(_fd,_req,_arg) ioctlsocket(_fd,_req,(u_long *)(_arg)) -# define getsockopt(_fd,_level,_name,_val,_len) \ - getsockopt(_fd,_level,_name,(char *)(_val),_len) -# define setsockopt(_fd,_level,_name,_val,_len) \ - setsockopt(_fd,_level,_name,(const char *)(_val),_len) -# define poll(_fds,_nfds,_timeout) op_poll_win32(_fds,_nfds,_timeout) - -# if defined(_MSC_VER) -typedef ptrdiff_t ssize_t; -# endif - -/*Load certificates from the built-in certificate store.*/ -int SSL_CTX_set_default_verify_paths_win32(SSL_CTX *_ssl_ctx); -# define SSL_CTX_set_default_verify_paths \ - SSL_CTX_set_default_verify_paths_win32 - -# else -/*Normal Berkeley sockets.*/ -# include <sys/ioctl.h> -# include <sys/types.h> -# include <sys/socket.h> -# include <arpa/inet.h> -# include <netinet/in.h> -# include <netinet/tcp.h> -# include <fcntl.h> -# include <netdb.h> -# include <poll.h> -# include <unistd.h> -# include <openssl/ssl.h> - -typedef int op_sock; - -# define OP_INVALID_SOCKET (-1) - -# define op_errno() (errno) -# define op_reset_errno() (errno=0) - -# endif -# include <sys/timeb.h> -# include <openssl/x509v3.h> - -/*The maximum number of simultaneous connections. - RFC 2616 says this SHOULD NOT be more than 2, but everyone on the modern web - ignores that (e.g., IE 8 bumped theirs up from 2 to 6, Firefox uses 15). - If it makes you feel better, we'll only ever actively read from one of these - at a time. - The others are kept around mainly to avoid slow-starting a new connection - when seeking, and time out rapidly.*/ -# define OP_NCONNS_MAX (4) - -/*The amount of time before we attempt to re-resolve the host. - This is 10 minutes, as recommended in RFC 6555 for expiring cached connection - results for dual-stack hosts.*/ -# define OP_RESOLVE_CACHE_TIMEOUT_MS (10*60*(opus_int32)1000) - -/*The number of redirections at which we give up. - The value here is the current default in Firefox. - RFC 2068 mandated a maximum of 5, but RFC 2616 relaxed that to "a client - SHOULD detect infinite redirection loops." - Fortunately, 20 is less than infinity.*/ -# define OP_REDIRECT_LIMIT (20) - -/*The initial size of the buffer used to read a response message (before the - body).*/ -# define OP_RESPONSE_SIZE_MIN (510) -/*The maximum size of a response message (before the body). - Responses larger than this will be discarded. - I've seen a real server return 20 kB of data for a 302 Found response. - Increasing this beyond 32kB will cause problems on platforms with a 16-bit - int.*/ -# define OP_RESPONSE_SIZE_MAX (32766) - -/*The number of milliseconds we will allow a connection to sit idle before we - refuse to resurrect it. - Apache as of 2.2 has reduced its default timeout to 5 seconds (from 15), so - that's what we'll use here.*/ -# define OP_CONNECTION_IDLE_TIMEOUT_MS (5*1000) - -/*The number of milliseconds we will wait to send or receive data before giving - up.*/ -# define OP_POLL_TIMEOUT_MS (30*1000) - -/*We will always attempt to read ahead at least this much in preference to - opening a new connection.*/ -# define OP_READAHEAD_THRESH_MIN (32*(opus_int32)1024) - -/*The amount of data to request after a seek. - This is a trade-off between read throughput after a seek vs. the the ability - to quickly perform another seek with the same connection.*/ -# define OP_PIPELINE_CHUNK_SIZE (32*(opus_int32)1024) -/*Subsequent chunks are requested with larger and larger sizes until they pass - this threshold, after which we just ask for the rest of the resource.*/ -# define OP_PIPELINE_CHUNK_SIZE_MAX (1024*(opus_int32)1024) -/*This is the maximum number of requests we'll make with a single connection. - Many servers will simply disconnect after we attempt some number of requests, - possibly without sending a Connection: close header, meaning we won't - discover it until we try to read beyond the end of the current chunk. - We can reconnect when that happens, but this is slow. - Instead, we impose a limit ourselves (set to the default for Apache - installations and thus likely the most common value in use).*/ -# define OP_PIPELINE_MAX_REQUESTS (100) -/*This should be the number of requests, starting from a chunk size of - OP_PIPELINE_CHUNK_SIZE and doubling each time, until we exceed - OP_PIPELINE_CHUNK_SIZE_MAX and just request the rest of the file. - We won't reuse a connection when seeking unless it has at least this many - requests left, to reduce the chances we'll have to open a new connection - while reading forward afterwards.*/ -# define OP_PIPELINE_MIN_REQUESTS (7) - -/*Is this an https URL? - For now we can simply check the last letter of the scheme.*/ -# define OP_URL_IS_SSL(_url) ((_url)->scheme[4]=='s') - -/*Does this URL use the default port for its scheme?*/ -# define OP_URL_IS_DEFAULT_PORT(_url) \ - (!OP_URL_IS_SSL(_url)&&(_url)->port==80 \ - ||OP_URL_IS_SSL(_url)&&(_url)->port==443) - -struct OpusParsedURL{ - /*Either "http" or "https".*/ - char *scheme; - /*The user name from the <userinfo> component, or NULL.*/ - char *user; - /*The password from the <userinfo> component, or NULL.*/ - char *pass; - /*The <host> component. - This may not be NULL.*/ - char *host; - /*The <path> and <query> components. - This may not be NULL.*/ - char *path; - /*The <port> component. - This is set to the default port if the URL did not contain one.*/ - unsigned port; -}; - -/*Parse a URL. - This code is not meant to be fast: strspn() with large sets is likely to be - slow, but it is very convenient. - It is meant to be RFC 3986-compliant. - We currently do not support IRIs (Internationalized Resource Identifiers, - RFC 3987). - Callers should translate them to URIs first.*/ -static int op_parse_url_impl(OpusParsedURL *_dst,const char *_src){ - const char *scheme_end; - const char *authority; - const char *userinfo_end; - const char *user; - const char *user_end; - const char *pass; - const char *hostport; - const char *hostport_end; - const char *host_end; - const char *port; - opus_int32 port_num; - const char *port_end; - const char *path; - const char *path_end; - const char *uri_end; - scheme_end=_src+strspn(_src,OP_URL_SCHEME); - if(OP_UNLIKELY(*scheme_end!=':') - ||OP_UNLIKELY(scheme_end-_src<4)||OP_UNLIKELY(scheme_end-_src>5) - ||OP_UNLIKELY(op_strncasecmp(_src,"https",scheme_end-_src)!=0)){ - /*Unsupported protocol.*/ - return OP_EIMPL; - } - if(OP_UNLIKELY(scheme_end[1]!='/')||OP_UNLIKELY(scheme_end[2]!='/')){ - /*We require an <authority> component.*/ - return OP_EINVAL; - } - authority=scheme_end+3; - /*Make sure all escape sequences are valid to simplify unescaping later.*/ - if(OP_UNLIKELY(op_validate_url_escapes(authority)<0))return OP_EINVAL; - /*Look for a <userinfo> component.*/ - userinfo_end=authority+strspn(authority,OP_URL_PCHAR_NA); - if(*userinfo_end=='@'){ - /*Found one.*/ - user=authority; - /*Look for a password (yes, clear-text passwords are deprecated, I know, - but what else are people supposed to use? use SSL if you care).*/ - user_end=authority+strspn(authority,OP_URL_PCHAR_BASE); - if(*user_end==':')pass=user_end+1; - else pass=NULL; - hostport=userinfo_end+1; - } - else{ - /*We shouldn't have to initialize user_end, but gcc is too dumb to figure - out that user!=NULL below means we didn't take this else branch.*/ - user=user_end=NULL; - pass=NULL; - hostport=authority; - } - /*Try to figure out where the <host> component ends.*/ - if(hostport[0]=='['){ - hostport++; - /*We have an <IP-literal>, which can contain colons.*/ - hostport_end=host_end=hostport+strspn(hostport,OP_URL_PCHAR_NA); - if(OP_UNLIKELY(*hostport_end++!=']'))return OP_EINVAL; - } - /*Currently we don't support IDNA (RFC 5894), because I don't want to deal - with the policy about which domains should not be internationalized to - avoid confusing similarities. - Give this API Punycode (RFC 3492) domain names instead.*/ - else hostport_end=host_end=hostport+strspn(hostport,OP_URL_PCHAR_BASE); - /*TODO: Validate host.*/ - /*Is there a port number?*/ - port_num=-1; - if(*hostport_end==':'){ - int i; - port=hostport_end+1; - port_end=port+strspn(port,OP_URL_DIGIT); - path=port_end; - /*Not part of RFC 3986, but require port numbers in the range 0...65535.*/ - if(OP_LIKELY(port_end-port>0)){ - while(*port=='0')port++; - if(OP_UNLIKELY(port_end-port>5))return OP_EINVAL; - port_num=0; - for(i=0;i<port_end-port;i++)port_num=port_num*10+port[i]-'0'; - if(OP_UNLIKELY(port_num>65535))return OP_EINVAL; - } - } - else path=hostport_end; - path_end=path+strspn(path,OP_URL_PATH); - /*If the path is not empty, it must begin with a '/'.*/ - if(OP_LIKELY(path_end>path)&&OP_UNLIKELY(path[0]!='/'))return OP_EINVAL; - /*Consume the <query> component, if any (right now we don't split this out - from the <path> component).*/ - if(*path_end=='?')path_end=path_end+strspn(path_end,OP_URL_QUERY_FRAG); - /*Discard the <fragment> component, if any. - This doesn't get sent to the server. - Some day we should add support for Media Fragment URIs - <http://www.w3.org/TR/media-frags/>.*/ - if(*path_end=='#')uri_end=path_end+1+strspn(path_end+1,OP_URL_QUERY_FRAG); - else uri_end=path_end; - /*If there's anything left, this was not a valid URL.*/ - if(OP_UNLIKELY(*uri_end!='\0'))return OP_EINVAL; - _dst->scheme=op_string_range_dup(_src,scheme_end); - if(OP_UNLIKELY(_dst->scheme==NULL))return OP_EFAULT; - op_string_tolower(_dst->scheme); - if(user!=NULL){ - _dst->user=op_string_range_dup(user,user_end); - if(OP_UNLIKELY(_dst->user==NULL))return OP_EFAULT; - op_unescape_url_component(_dst->user); - /*Unescaping might have created a ':' in the username. - That's not allowed by RFC 2617's Basic Authentication Scheme.*/ - if(OP_UNLIKELY(strchr(_dst->user,':')!=NULL))return OP_EINVAL; - } - else _dst->user=NULL; - if(pass!=NULL){ - _dst->pass=op_string_range_dup(pass,userinfo_end); - if(OP_UNLIKELY(_dst->pass==NULL))return OP_EFAULT; - op_unescape_url_component(_dst->pass); - } - else _dst->pass=NULL; - _dst->host=op_string_range_dup(hostport,host_end); - if(OP_UNLIKELY(_dst->host==NULL))return OP_EFAULT; - if(port_num<0){ - if(_src[4]=='s')port_num=443; - else port_num=80; - } - _dst->port=(unsigned)port_num; - /*RFC 2616 says an empty <abs-path> component is equivalent to "/", and we - MUST use the latter in the Request-URI. - Reserve space for the slash here.*/ - if(path==path_end||path[0]=='?')path--; - _dst->path=op_string_range_dup(path,path_end); - if(OP_UNLIKELY(_dst->path==NULL))return OP_EFAULT; - /*And force-set it here.*/ - _dst->path[0]='/'; - return 0; -} - -static void op_parsed_url_init(OpusParsedURL *_url){ - memset(_url,0,sizeof(*_url)); -} - -static void op_parsed_url_clear(OpusParsedURL *_url){ - _ogg_free(_url->scheme); - _ogg_free(_url->user); - _ogg_free(_url->pass); - _ogg_free(_url->host); - _ogg_free(_url->path); -} - -static int op_parse_url(OpusParsedURL *_dst,const char *_src){ - OpusParsedURL url; - int ret; - op_parsed_url_init(&url); - ret=op_parse_url_impl(&url,_src); - if(OP_UNLIKELY(ret<0))op_parsed_url_clear(&url); - else *_dst=*&url; - return ret; -} - -/*A buffer to hold growing strings. - The main purpose of this is to consolidate allocation checks and simplify - cleanup on a failed allocation.*/ -struct OpusStringBuf{ - char *buf; - int nbuf; - int cbuf; -}; - -static void op_sb_init(OpusStringBuf *_sb){ - _sb->buf=NULL; - _sb->nbuf=0; - _sb->cbuf=0; -} - -static void op_sb_clear(OpusStringBuf *_sb){ - _ogg_free(_sb->buf); -} - -/*Make sure we have room for at least _capacity characters (plus 1 more for the - terminating NUL).*/ -static int op_sb_ensure_capacity(OpusStringBuf *_sb,int _capacity){ - char *buf; - int cbuf; - buf=_sb->buf; - cbuf=_sb->cbuf; - if(_capacity>=cbuf-1){ - if(OP_UNLIKELY(cbuf>INT_MAX-1>>1))return OP_EFAULT; - if(OP_UNLIKELY(_capacity>=INT_MAX-1))return OP_EFAULT; - cbuf=OP_MAX(2*cbuf+1,_capacity+1); - buf=_ogg_realloc(buf,sizeof(*buf)*cbuf); - if(OP_UNLIKELY(buf==NULL))return OP_EFAULT; - _sb->buf=buf; - _sb->cbuf=cbuf; - } - return 0; -} - -/*Increase the capacity of the buffer, but not to more than _max_size - characters (plus 1 more for the terminating NUL).*/ -static int op_sb_grow(OpusStringBuf *_sb,int _max_size){ - char *buf; - int cbuf; - buf=_sb->buf; - cbuf=_sb->cbuf; - OP_ASSERT(_max_size<=INT_MAX-1); - cbuf=cbuf<=_max_size-1>>1?2*cbuf+1:_max_size+1; - buf=_ogg_realloc(buf,sizeof(*buf)*cbuf); - if(OP_UNLIKELY(buf==NULL))return OP_EFAULT; - _sb->buf=buf; - _sb->cbuf=cbuf; - return 0; -} - -static int op_sb_append(OpusStringBuf *_sb,const char *_s,int _len){ - char *buf; - int nbuf; - int ret; - nbuf=_sb->nbuf; - if(OP_UNLIKELY(nbuf>INT_MAX-_len))return OP_EFAULT; - ret=op_sb_ensure_capacity(_sb,nbuf+_len); - if(OP_UNLIKELY(ret<0))return ret; - buf=_sb->buf; - memcpy(buf+nbuf,_s,sizeof(*buf)*_len); - nbuf+=_len; - buf[nbuf]='\0'; - _sb->nbuf=nbuf; - return 0; -} - -static int op_sb_append_string(OpusStringBuf *_sb,const char *_s){ - return op_sb_append(_sb,_s,strlen(_s)); -} - -static int op_sb_append_port(OpusStringBuf *_sb,unsigned _port){ - char port_buf[7]; - OP_ASSERT(_port<=65535U); - sprintf(port_buf,":%u",_port); - return op_sb_append_string(_sb,port_buf); -} - -static int op_sb_append_nonnegative_int64(OpusStringBuf *_sb,opus_int64 _i){ - char digit; - int nbuf_start; - int ret; - OP_ASSERT(_i>=0); - nbuf_start=_sb->nbuf; - ret=0; - do{ - digit='0'+_i%10; - ret|=op_sb_append(_sb,&digit,1); - _i/=10; - } - while(_i>0); - if(OP_LIKELY(ret>=0)){ - char *buf; - int nbuf_end; - buf=_sb->buf; - nbuf_end=_sb->nbuf-1; - /*We've added the digits backwards. - Reverse them.*/ - while(nbuf_start<nbuf_end){ - digit=buf[nbuf_start]; - buf[nbuf_start]=buf[nbuf_end]; - buf[nbuf_end]=digit; - nbuf_start++; - nbuf_end--; - } - } - return ret; -} - -static struct addrinfo *op_resolve(const char *_host,unsigned _port){ - struct addrinfo *addrs; - struct addrinfo hints; - char service[6]; - memset(&hints,0,sizeof(hints)); - hints.ai_socktype=SOCK_STREAM; -#if defined(AI_NUMERICSERV) - hints.ai_flags=AI_NUMERICSERV; -#endif - OP_ASSERT(_port<=65535U); - sprintf(service,"%u",_port); - if(OP_LIKELY(!getaddrinfo(_host,service,&hints,&addrs)))return addrs; - return NULL; -} - -static int op_sock_set_nonblocking(op_sock _fd,int _nonblocking){ -#if !defined(_WIN32) - int flags; - flags=fcntl(_fd,F_GETFL); - if(OP_UNLIKELY(flags<0))return flags; - if(_nonblocking)flags|=O_NONBLOCK; - else flags&=~O_NONBLOCK; - return fcntl(_fd,F_SETFL,flags); -#else - return ioctl(_fd,FIONBIO,&_nonblocking); -#endif -} - -/*Disable/enable write coalescing if we can. - We always send whole requests at once and always parse the response headers - before sending another one, so normally write coalescing just causes added - delay.*/ -static void op_sock_set_tcp_nodelay(op_sock _fd,int _nodelay){ -# if defined(TCP_NODELAY)&&(defined(IPPROTO_TCP)||defined(SOL_TCP)) -# if defined(IPPROTO_TCP) -# define OP_SO_LEVEL IPPROTO_TCP -# else -# define OP_SO_LEVEL SOL_TCP -# endif - /*It doesn't really matter if this call fails, but it would be interesting - to hit a case where it does.*/ - OP_ALWAYS_TRUE(!setsockopt(_fd,OP_SO_LEVEL,TCP_NODELAY, - &_nodelay,sizeof(_nodelay))); -# endif -} - -#if defined(_WIN32) -static void op_init_winsock(){ - static LONG count; - static WSADATA wsadata; - if(InterlockedIncrement(&count)==1)WSAStartup(0x0202,&wsadata); -} -#endif - -/*A single physical connection to an HTTP server. - We may have several of these open at once.*/ -struct OpusHTTPConn{ - /*The current position indicator for this connection.*/ - opus_int64 pos; - /*The position where the current request will end, or -1 if we're reading - until EOF (an unseekable stream or the initial HTTP/1.0 request).*/ - opus_int64 end_pos; - /*The position where next request we've sent will start, or -1 if we haven't - sent the next request yet.*/ - opus_int64 next_pos; - /*The end of the next request or -1 if we requested the rest of the resource. - This is only set to a meaningful value if next_pos is not -1.*/ - opus_int64 next_end; - /*The SSL connection, if this is https.*/ - SSL *ssl_conn; - /*The next connection in either the LRU or free list.*/ - OpusHTTPConn *next; - /*The last time we blocked for reading from this connection.*/ - struct timeb read_time; - /*The number of bytes we've read since the last time we blocked.*/ - opus_int64 read_bytes; - /*The estimated throughput of this connection, in bytes/s.*/ - opus_int64 read_rate; - /*The socket we're reading from.*/ - op_sock fd; - /*The number of remaining requests we are allowed on this connection.*/ - int nrequests_left; - /*The chunk size to use for pipelining requests.*/ - opus_int32 chunk_size; -}; - -static void op_http_conn_init(OpusHTTPConn *_conn){ - _conn->next_pos=-1; - _conn->ssl_conn=NULL; - _conn->next=NULL; - _conn->fd=OP_INVALID_SOCKET; -} - -static void op_http_conn_clear(OpusHTTPConn *_conn){ - if(_conn->ssl_conn!=NULL)SSL_free(_conn->ssl_conn); - /*SSL frees the BIO for us.*/ - if(_conn->fd!=OP_INVALID_SOCKET)close(_conn->fd); -} - -/*The global stream state.*/ -struct OpusHTTPStream{ - /*The list of connections.*/ - OpusHTTPConn conns[OP_NCONNS_MAX]; - /*The context object used as a framework for TLS/SSL functions.*/ - SSL_CTX *ssl_ctx; - /*The cached session to reuse for future connections.*/ - SSL_SESSION *ssl_session; - /*The LRU list (ordered from MRU to LRU) of currently connected - connections.*/ - OpusHTTPConn *lru_head; - /*The free list.*/ - OpusHTTPConn *free_head; - /*The URL to connect to.*/ - OpusParsedURL url; - /*Information about the address we connected to.*/ - struct addrinfo addr_info; - /*The address we connected to.*/ - union{ - struct sockaddr s; - struct sockaddr_in v4; - struct sockaddr_in6 v6; - } addr; - /*The last time we re-resolved the host.*/ - struct timeb resolve_time; - /*A buffer used to build HTTP requests.*/ - OpusStringBuf request; - /*A buffer used to build proxy CONNECT requests.*/ - OpusStringBuf proxy_connect; - /*A buffer used to receive the response headers.*/ - OpusStringBuf response; - /*The Content-Length, if specified, or -1 otherwise. - This will always be specified for seekable streams.*/ - opus_int64 content_length; - /*The position indicator used when no connection is active.*/ - opus_int64 pos; - /*The host we actually connected to.*/ - char *connect_host; - /*The port we actually connected to.*/ - unsigned connect_port; - /*The connection we're currently reading from. - This can be -1 if no connection is active.*/ - int cur_conni; - /*Whether or not the server supports range requests.*/ - int seekable; - /*Whether or not the server supports HTTP/1.1 with persistent connections.*/ - int pipeline; - /*Whether or not we should skip certificate checks.*/ - int skip_certificate_check; - /*The offset of the tail of the request. - Only the offset in the Range: header appears after this, allowing us to - quickly edit the request to ask for a new range.*/ - int request_tail; - /*The estimated time required to open a new connection, in milliseconds.*/ - opus_int32 connect_rate; -}; - -static void op_http_stream_init(OpusHTTPStream *_stream){ - OpusHTTPConn **pnext; - int ci; - pnext=&_stream->free_head; - for(ci=0;ci<OP_NCONNS_MAX;ci++){ - op_http_conn_init(_stream->conns+ci); - *pnext=_stream->conns+ci; - pnext=&_stream->conns[ci].next; - } - _stream->ssl_ctx=NULL; - _stream->ssl_session=NULL; - _stream->lru_head=NULL; - op_parsed_url_init(&_stream->url); - op_sb_init(&_stream->request); - op_sb_init(&_stream->proxy_connect); - op_sb_init(&_stream->response); - _stream->connect_host=NULL; - _stream->seekable=0; -} - -/*Close the connection and move it to the free list. - _stream: The stream containing the free list. - _conn: The connection to close. - _pnext: The linked-list pointer currently pointing to this connection. - _gracefully: Whether or not to shut down cleanly.*/ -static void op_http_conn_close(OpusHTTPStream *_stream,OpusHTTPConn *_conn, - OpusHTTPConn **_pnext,int _gracefully){ - /*If we don't shut down gracefully, the server MUST NOT re-use our session - according to RFC 2246, because it can't tell the difference between an - abrupt close and a truncation attack. - So we shut down gracefully if we can. - However, we will not wait if this would block (it's not worth the savings - from session resumption to do so). - Clients (that's us) MAY resume a TLS session that ended with an incomplete - close, according to RFC 2818, so there's no reason to make sure the server - shut things down gracefully.*/ - if(_gracefully&&_conn->ssl_conn!=NULL)SSL_shutdown(_conn->ssl_conn); - op_http_conn_clear(_conn); - _conn->next_pos=-1; - _conn->ssl_conn=NULL; - _conn->fd=OP_INVALID_SOCKET; - OP_ASSERT(*_pnext==_conn); - *_pnext=_conn->next; - _conn->next=_stream->free_head; - _stream->free_head=_conn; -} - -static void op_http_stream_clear(OpusHTTPStream *_stream){ - while(_stream->lru_head!=NULL){ - op_http_conn_close(_stream,_stream->lru_head,&_stream->lru_head,0); - } - if(_stream->ssl_session!=NULL)SSL_SESSION_free(_stream->ssl_session); - if(_stream->ssl_ctx!=NULL)SSL_CTX_free(_stream->ssl_ctx); - op_sb_clear(&_stream->response); - op_sb_clear(&_stream->proxy_connect); - op_sb_clear(&_stream->request); - if(_stream->connect_host!=_stream->url.host)_ogg_free(_stream->connect_host); - op_parsed_url_clear(&_stream->url); -} - -static int op_http_conn_write_fully(OpusHTTPConn *_conn, - const char *_buf,int _buf_size){ - struct pollfd fd; - SSL *ssl_conn; - fd.fd=_conn->fd; - ssl_conn=_conn->ssl_conn; - while(_buf_size>0){ - int err; - if(ssl_conn!=NULL){ - int ret; - ret=SSL_write(ssl_conn,_buf,_buf_size); - if(ret>0){ - /*Wrote some data.*/ - _buf+=ret; - _buf_size-=ret; - continue; - } - /*Connection closed.*/ - else if(ret==0)return OP_FALSE; - err=SSL_get_error(ssl_conn,ret); - /*Yes, renegotiations can cause SSL_write() to block for reading.*/ - if(err==SSL_ERROR_WANT_READ)fd.events=POLLIN; - else if(err==SSL_ERROR_WANT_WRITE)fd.events=POLLOUT; - else return OP_FALSE; - } - else{ - ssize_t ret; - op_reset_errno(); - ret=send(fd.fd,_buf,_buf_size,0); - if(ret>0){ - _buf+=ret; - _buf_size-=ret; - continue; - } - err=op_errno(); - if(err!=EAGAIN&&err!=EWOULDBLOCK)return OP_FALSE; - fd.events=POLLOUT; - } - if(poll(&fd,1,OP_POLL_TIMEOUT_MS)<=0)return OP_FALSE; - } - return 0; -} - -static int op_http_conn_estimate_available(OpusHTTPConn *_conn){ - int available; - int ret; - ret=ioctl(_conn->fd,FIONREAD,&available); - if(ret<0)available=0; - /*This requires the SSL read_ahead flag to be unset to work. - We ignore partial records as well as the protocol overhead for any pending - bytes. - This means we might return somewhat less than can truly be read without - blocking (if there's a partial record). - This is okay, because we're using this value to estimate network transfer - time, and we _have_ already received those bytes. - We also might return slightly more (due to protocol overhead), but that's - small enough that it probably doesn't matter.*/ - if(_conn->ssl_conn!=NULL)available+=SSL_pending(_conn->ssl_conn); - return available; -} - -static opus_int32 op_time_diff_ms(const struct timeb *_end, - const struct timeb *_start){ - opus_int64 dtime; - dtime=_end->time-(opus_int64)_start->time; - OP_ASSERT(_end->millitm<1000); - OP_ASSERT(_start->millitm<1000); - if(OP_UNLIKELY(dtime>(OP_INT32_MAX-1000)/1000))return OP_INT32_MAX; - if(OP_UNLIKELY(dtime<(OP_INT32_MIN+1000)/1000))return OP_INT32_MIN; - return (opus_int32)dtime*1000+_end->millitm-_start->millitm; -} - -/*Update the read rate estimate for this connection.*/ -static void op_http_conn_read_rate_update(OpusHTTPConn *_conn){ - struct timeb read_time; - opus_int32 read_delta_ms; - opus_int64 read_delta_bytes; - opus_int64 read_rate; - read_delta_bytes=_conn->read_bytes; - if(read_delta_bytes<=0)return; - ftime(&read_time); - read_delta_ms=op_time_diff_ms(&read_time,&_conn->read_time); - read_rate=_conn->read_rate; - read_delta_ms=OP_MAX(read_delta_ms,1); - read_rate+=read_delta_bytes*1000/read_delta_ms-read_rate+4>>3; - *&_conn->read_time=*&read_time; - _conn->read_bytes=0; - _conn->read_rate=read_rate; -} - -/*Tries to read from the given connection. - [out] _buf: Returns the data read. - _buf_size: The size of the buffer. - _blocking: Whether or not to block until some data is retrieved. - Return: A positive number of bytes read on success. - 0: The read would block, or the connection was closed. - OP_EREAD: There was a fatal read error.*/ -static int op_http_conn_read(OpusHTTPConn *_conn, - char *_buf,int _buf_size,int _blocking){ - struct pollfd fd; - SSL *ssl_conn; - int nread; - int nread_unblocked; - fd.fd=_conn->fd; - ssl_conn=_conn->ssl_conn; - nread=nread_unblocked=0; - /*RFC 2818 says "client implementations MUST treat any premature closes as - errors and the data received as potentially truncated," so we make very - sure to report read errors upwards.*/ - do{ - int err; - if(ssl_conn!=NULL){ - int ret; - ret=SSL_read(ssl_conn,_buf+nread,_buf_size-nread); - OP_ASSERT(ret<=_buf_size-nread); - if(ret>0){ - /*Read some data. - Keep going to see if there's more.*/ - nread+=ret; - nread_unblocked+=ret; - continue; - } - /*If we already read some data, return it right now.*/ - if(nread>0)break; - err=SSL_get_error(ssl_conn,ret); - if(ret==0){ - /*Connection close. - Check for a clean shutdown to prevent truncation attacks. - This check always succeeds for SSLv2, as it has no "close notify" - message and thus can't verify an orderly shutdown.*/ - return err==SSL_ERROR_ZERO_RETURN?0:OP_EREAD; - } - if(err==SSL_ERROR_WANT_READ)fd.events=POLLIN; - /*Yes, renegotiations can cause SSL_read() to block for writing.*/ - else if(err==SSL_ERROR_WANT_WRITE)fd.events=POLLOUT; - /*Some other error.*/ - else return OP_EREAD; - } - else{ - ssize_t ret; - op_reset_errno(); - ret=recv(fd.fd,_buf+nread,_buf_size-nread,0); - OP_ASSERT(ret<=_buf_size-nread); - if(ret>0){ - /*Read some data. - Keep going to see if there's more.*/ - nread+=ret; - nread_unblocked+=ret; - continue; - } - /*If we already read some data or the connection was closed, return - right now.*/ - if(ret==0||nread>0)break; - err=op_errno(); - if(err!=EAGAIN&&err!=EWOULDBLOCK)return OP_EREAD; - fd.events=POLLIN; - } - _conn->read_bytes+=nread_unblocked; - op_http_conn_read_rate_update(_conn); - nread_unblocked=0; - if(!_blocking)break; - /*Need to wait to get any data at all.*/ - if(poll(&fd,1,OP_POLL_TIMEOUT_MS)<=0)return OP_EREAD; - } - while(nread<_buf_size); - _conn->read_bytes+=nread_unblocked; - return nread; -} - -/*Tries to look at the pending data for a connection without consuming it. - [out] _buf: Returns the data at which we're peeking. - _buf_size: The size of the buffer.*/ -static int op_http_conn_peek(OpusHTTPConn *_conn,char *_buf,int _buf_size){ - struct pollfd fd; - SSL *ssl_conn; - int ret; - fd.fd=_conn->fd; - ssl_conn=_conn->ssl_conn; - for(;;){ - int err; - if(ssl_conn!=NULL){ - ret=SSL_peek(ssl_conn,_buf,_buf_size); - /*Either saw some data or the connection was closed.*/ - if(ret>=0)return ret; - err=SSL_get_error(ssl_conn,ret); - if(err==SSL_ERROR_WANT_READ)fd.events=POLLIN; - /*Yes, renegotiations can cause SSL_peek() to block for writing.*/ - else if(err==SSL_ERROR_WANT_WRITE)fd.events=POLLOUT; - else return 0; - } - else{ - op_reset_errno(); - ret=(int)recv(fd.fd,_buf,_buf_size,MSG_PEEK); - /*Either saw some data or the connection was closed.*/ - if(ret>=0)return ret; - err=op_errno(); - if(err!=EAGAIN&&err!=EWOULDBLOCK)return 0; - fd.events=POLLIN; - } - /*Need to wait to get any data at all.*/ - if(poll(&fd,1,OP_POLL_TIMEOUT_MS)<=0)return 0; - } -} - -/*When parsing response headers, RFC 2616 mandates that all lines end in CR LF. - However, even in the year 2012, I have seen broken servers use just a LF. - This is the evil that Postel's advice from RFC 761 breeds.*/ - -/*Reads the entirety of a response to an HTTP request into the response buffer. - Actual parsing and validation is done later. - Return: The number of bytes in the response on success, OP_EREAD if the - connection was closed before reading any data, or another negative - value on any other error.*/ -static int op_http_conn_read_response(OpusHTTPConn *_conn, - OpusStringBuf *_response){ - int ret; - _response->nbuf=0; - ret=op_sb_ensure_capacity(_response,OP_RESPONSE_SIZE_MIN); - if(OP_UNLIKELY(ret<0))return ret; - for(;;){ - char *buf; - int size; - int capacity; - int read_limit; - int terminated; - size=_response->nbuf; - capacity=_response->cbuf-1; - if(OP_UNLIKELY(size>=capacity)){ - ret=op_sb_grow(_response,OP_RESPONSE_SIZE_MAX); - if(OP_UNLIKELY(ret<0))return ret; - capacity=_response->cbuf-1; - /*The response was too large. - This prevents a bad server from running us out of memory.*/ - if(OP_UNLIKELY(size>=capacity))return OP_EIMPL; - } - buf=_response->buf; - ret=op_http_conn_peek(_conn,buf+size,capacity-size); - if(OP_UNLIKELY(ret<=0))return size<=0?OP_EREAD:OP_FALSE; - /*We read some data.*/ - /*Make sure the starting characters are "HTTP". - Otherwise we could wind up waiting forever for a response from - something that is not an HTTP server.*/ - if(size<4&&op_strncasecmp(buf,"HTTP",OP_MIN(size+ret,4))!=0){ - return OP_FALSE; - } - /*How far can we read without passing the "\r\n\r\n" terminator?*/ - buf[size+ret]='\0'; - terminated=0; - for(read_limit=OP_MAX(size-3,0);read_limit<size+ret;read_limit++){ - /*We don't look for the leading '\r' thanks to broken servers.*/ - if(buf[read_limit]=='\n'){ - if(buf[read_limit+1]=='\r'&&OP_LIKELY(buf[read_limit+2]=='\n')){ - terminated=3; - break; - } - /*This case is for broken servers.*/ - else if(OP_UNLIKELY(buf[read_limit+1]=='\n')){ - terminated=2; - break; - } - } - } - read_limit+=terminated; - OP_ASSERT(size<=read_limit); - OP_ASSERT(read_limit<=size+ret); - /*Actually consume that data.*/ - ret=op_http_conn_read(_conn,buf+size,read_limit-size,1); - if(OP_UNLIKELY(ret<=0))return OP_FALSE; - size+=ret; - buf[size]='\0'; - _response->nbuf=size; - /*We found the terminator and read all the data up to and including it.*/ - if(terminated&&OP_LIKELY(size>=read_limit))return size; - } - return OP_EIMPL; -} - -# define OP_HTTP_DIGIT "0123456789" - -/*The Reason-Phrase is not allowed to contain control characters, except - horizontal tab (HT: \011).*/ -# define OP_HTTP_CREASON_PHRASE \ - "\001\002\003\004\005\006\007\010\012\013\014\015\016\017\020\021" \ - "\022\023\024\025\026\027\030\031\032\033\034\035\036\037\177" - -# define OP_HTTP_CTLS \ - "\001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020" \ - "\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037\177" - -/*This also includes '\t', but we get that from OP_HTTP_CTLS.*/ -# define OP_HTTP_SEPARATORS " \"(),/:;<=>?@[\\]{}" - -/*TEXT can also include LWS, but that has structure, so we parse it - separately.*/ -# define OP_HTTP_CTOKEN OP_HTTP_CTLS OP_HTTP_SEPARATORS - -/*Return: The amount of linear white space (LWS) at the start of _s.*/ -static int op_http_lwsspn(const char *_s){ - int i; - for(i=0;;){ - if(_s[0]=='\r'&&_s[1]=='\n'&&(_s[2]=='\t'||_s[2]==' '))i+=3; - /*This case is for broken servers.*/ - else if(_s[0]=='\n'&&(_s[1]=='\t'||_s[1]==' '))i+=2; - else if(_s[i]=='\t'||_s[i]==' ')i++; - else return i; - } -} - -static char *op_http_parse_status_line(int *_v1_1_compat, - char **_status_code,char *_response){ - char *next; - char *status_code; - int v1_1_compat; - size_t d; - /*RFC 2616 Section 6.1 does not say that the tokens in the Status-Line cannot - be separated by optional LWS, but since it specifically calls out where - spaces are to be placed and that CR and LF are not allowed except at the - end, I am assuming this to be true.*/ - /*We already validated that this starts with "HTTP"*/ - OP_ASSERT(op_strncasecmp(_response,"HTTP",4)==0); - next=_response+4; - if(OP_UNLIKELY(*next++!='/'))return NULL; - d=strspn(next,OP_HTTP_DIGIT); - /*"Leading zeros MUST be ignored by recipients."*/ - while(*next=='0'){ - next++; - OP_ASSERT(d>0); - d--; - } - /*We only support version 1.x*/ - if(OP_UNLIKELY(d!=1)||OP_UNLIKELY(*next++!='1'))return NULL; - if(OP_UNLIKELY(*next++!='.'))return NULL; - d=strspn(next,OP_HTTP_DIGIT); - if(OP_UNLIKELY(d<=0))return NULL; - /*"Leading zeros MUST be ignored by recipients."*/ - while(*next=='0'){ - next++; - OP_ASSERT(d>0); - d--; - } - /*We don't need to parse the version number. - Any non-zero digit means it's greater than 1.*/ - v1_1_compat=d>0; - next+=d; - if(OP_UNLIKELY(*next++!=' '))return NULL; - status_code=next; - d=strspn(next,OP_HTTP_DIGIT); - if(OP_UNLIKELY(d!=3))return NULL; - next+=d; - /*The Reason-Phrase can be empty, but the space must be here.*/ - if(OP_UNLIKELY(*next++!=' '))return NULL; - next+=strcspn(next,OP_HTTP_CREASON_PHRASE); - /*We are not mandating this be present thanks to broken servers.*/ - if(OP_LIKELY(*next=='\r'))next++; - if(OP_UNLIKELY(*next++!='\n'))return NULL; - if(_v1_1_compat!=NULL)*_v1_1_compat=v1_1_compat; - *_status_code=status_code; - return next; -} - -/*Get the next response header. - [out] _header: The header token, NUL-terminated, with leading and trailing - whitespace stripped, and converted to lower case (to simplify - case-insensitive comparisons), or NULL if there are no more - response headers. - [out] _cdr: The remaining contents of the header, excluding the initial - colon (':') and the terminating CRLF ("\r\n"), - NUL-terminated, and with leading and trailing whitespace - stripped, or NULL if there are no more response headers. - [inout] _s: On input, this points to the start of the current line of the - response headers. - On output, it points to the start of the first line following - this header, or NULL if there are no more response headers. - Return: 0 on success, or a negative value on failure.*/ -static int op_http_get_next_header(char **_header,char **_cdr,char **_s){ - char *header; - char *header_end; - char *cdr; - char *cdr_end; - char *next; - size_t d; - next=*_s; - /*The second case is for broken servers.*/ - if(next[0]=='\r'&&next[1]=='\n'||OP_UNLIKELY(next[0]=='\n')){ - /*No more headers.*/ - *_header=NULL; - *_cdr=NULL; - *_s=NULL; - return 0; - } - header=next+op_http_lwsspn(next); - d=strcspn(header,OP_HTTP_CTOKEN); - if(OP_UNLIKELY(d<=0))return OP_FALSE; - header_end=header+d; - next=header_end+op_http_lwsspn(header_end); - if(OP_UNLIKELY(*next++!=':'))return OP_FALSE; - next+=op_http_lwsspn(next); - cdr=next; - do{ - cdr_end=next+strcspn(next,OP_HTTP_CTLS); - next=cdr_end+op_http_lwsspn(cdr_end); - } - while(next>cdr_end); - /*We are not mandating this be present thanks to broken servers.*/ - if(OP_LIKELY(*next=='\r'))next++; - if(OP_UNLIKELY(*next++!='\n'))return OP_FALSE; - *header_end='\0'; - *cdr_end='\0'; - /*Field names are case-insensitive.*/ - op_string_tolower(header); - *_header=header; - *_cdr=cdr; - *_s=next; - return 0; -} - -static opus_int64 op_http_parse_nonnegative_int64(const char **_next, - const char *_cdr){ - const char *next; - opus_int64 ret; - int i; - next=_cdr+strspn(_cdr,OP_HTTP_DIGIT); - *_next=next; - if(OP_UNLIKELY(next<=_cdr))return OP_FALSE; - while(*_cdr=='0')_cdr++; - if(OP_UNLIKELY(next-_cdr>19))return OP_EIMPL; - ret=0; - for(i=0;i<next-_cdr;i++){ - int digit; - digit=_cdr[i]-'0'; - /*Check for overflow.*/ - if(OP_UNLIKELY(ret>(OP_INT64_MAX-9)/10+(digit<=7)))return OP_EIMPL; - ret=ret*10+digit; - } - return ret; -} - -static opus_int64 op_http_parse_content_length(const char *_cdr){ - const char *next; - opus_int64 content_length; - content_length=op_http_parse_nonnegative_int64(&next,_cdr); - if(OP_UNLIKELY(*next!='\0'))return OP_FALSE; - return content_length; -} - -static int op_http_parse_content_range(opus_int64 *_first,opus_int64 *_last, - opus_int64 *_length,const char *_cdr){ - opus_int64 first; - opus_int64 last; - opus_int64 length; - size_t d; - if(OP_UNLIKELY(op_strncasecmp(_cdr,"bytes",5)!=0))return OP_FALSE; - _cdr+=5; - d=op_http_lwsspn(_cdr); - if(OP_UNLIKELY(d<=0))return OP_FALSE; - _cdr+=d; - if(*_cdr!='*'){ - first=op_http_parse_nonnegative_int64(&_cdr,_cdr); - if(OP_UNLIKELY(first<0))return (int)first; - _cdr+=op_http_lwsspn(_cdr); - if(*_cdr++!='-')return OP_FALSE; - _cdr+=op_http_lwsspn(_cdr); - last=op_http_parse_nonnegative_int64(&_cdr,_cdr); - if(OP_UNLIKELY(last<0))return (int)last; - _cdr+=op_http_lwsspn(_cdr); - } - else{ - /*This is for a 416 response (Requested range not satisfiable).*/ - first=last=-1; - _cdr++; - } - if(OP_UNLIKELY(*_cdr++!='/'))return OP_FALSE; - if(*_cdr!='*'){ - length=op_http_parse_nonnegative_int64(&_cdr,_cdr); - if(OP_UNLIKELY(length<0))return (int)length; - } - else{ - /*The total length is unspecified.*/ - _cdr++; - length=-1; - } - if(OP_UNLIKELY(*_cdr!='\0'))return OP_FALSE; - if(OP_UNLIKELY(last<first))return OP_FALSE; - if(length>=0&&OP_UNLIKELY(last>=length))return OP_FALSE; - *_first=first; - *_last=last; - *_length=length; - return 0; -} - -/*Parse the Connection response header and look for a "close" token. - Return: 1 if a "close" token is found, 0 if it's not found, and a negative - value on error.*/ -static int op_http_parse_connection(char *_cdr){ - size_t d; - int ret; - ret=0; - for(;;){ - d=strcspn(_cdr,OP_HTTP_CTOKEN); - if(OP_UNLIKELY(d<=0))return OP_FALSE; - if(op_strncasecmp(_cdr,"close",(int)d)==0)ret=1; - /*We're supposed to strip and ignore any headers mentioned in the - Connection header if this response is from an HTTP/1.0 server (to - work around forwarding of hop-by-hop headers by old proxies), but the - only hop-by-hop header we look at is Connection itself. - Everything else is a well-defined end-to-end header, and going back and - undoing the things we did based on already-examined headers would be - hard (since we only scan them once, in a destructive manner). - Therefore we just ignore all the other tokens.*/ - _cdr+=d; - d=op_http_lwsspn(_cdr); - if(d<=0)break; - _cdr+=d; - } - return OP_UNLIKELY(*_cdr!='\0')?OP_FALSE:ret; -} - -typedef int (*op_ssl_step_func)(SSL *_ssl_conn); - -/*Try to run an SSL function to completion (blocking if necessary).*/ -static int op_do_ssl_step(SSL *_ssl_conn,op_sock _fd,op_ssl_step_func _step){ - struct pollfd fd; - fd.fd=_fd; - for(;;){ - int ret; - int err; - ret=(*_step)(_ssl_conn); - if(ret>=0)return ret; - err=SSL_get_error(_ssl_conn,ret); - if(err==SSL_ERROR_WANT_READ)fd.events=POLLIN; - else if(err==SSL_ERROR_WANT_WRITE)fd.events=POLLOUT; - else return OP_FALSE; - if(poll(&fd,1,OP_POLL_TIMEOUT_MS)<=0)return OP_FALSE; - } -} - -/*Implement a BIO type that just indicates every operation should be retried. - We use this when initializing an SSL connection via a proxy to allow the - initial handshake to proceed all the way up to the first read attempt, and - then return. - This allows the TLS client hello message to be pipelined with the HTTP - CONNECT request.*/ - -static int op_bio_retry_write(BIO *_b,const char *_buf,int _num){ - (void)_buf; - (void)_num; - BIO_clear_retry_flags(_b); - BIO_set_retry_write(_b); - return -1; -} - -static int op_bio_retry_read(BIO *_b,char *_buf,int _num){ - (void)_buf; - (void)_num; - BIO_clear_retry_flags(_b); - BIO_set_retry_read(_b); - return -1; -} - -static int op_bio_retry_puts(BIO *_b,const char *_str){ - return op_bio_retry_write(_b,_str,0); -} - -static long op_bio_retry_ctrl(BIO *_b,int _cmd,long _num,void *_ptr){ - long ret; - (void)_b; - (void)_num; - (void)_ptr; - ret=0; - switch(_cmd){ - case BIO_CTRL_RESET: - case BIO_C_RESET_READ_REQUEST:{ - BIO_clear_retry_flags(_b); - /*Fall through.*/ - } - case BIO_CTRL_EOF: - case BIO_CTRL_SET: - case BIO_CTRL_SET_CLOSE: - case BIO_CTRL_FLUSH: - case BIO_CTRL_DUP:{ - ret=1; - }break; - } - return ret; -} - -# if OPENSSL_VERSION_NUMBER<0x10100000L -# define BIO_set_data(_b,_ptr) ((_b)->ptr=(_ptr)) -# define BIO_set_init(_b,_init) ((_b)->init=(_init)) -# endif - -static int op_bio_retry_new(BIO *_b){ - BIO_set_init(_b,1); -# if OPENSSL_VERSION_NUMBER<0x10100000L - _b->num=0; -# endif - BIO_set_data(_b,NULL); - return 1; -} - -static int op_bio_retry_free(BIO *_b){ - return _b!=NULL; -} - -# if OPENSSL_VERSION_NUMBER<0x10100000L -/*This is not const because OpenSSL doesn't allow it, even though it won't - write to it.*/ -static BIO_METHOD op_bio_retry_method={ - BIO_TYPE_NULL, - "retry", - op_bio_retry_write, - op_bio_retry_read, - op_bio_retry_puts, - NULL, - op_bio_retry_ctrl, - op_bio_retry_new, - op_bio_retry_free, - NULL -}; -# endif - -/*Establish a CONNECT tunnel and pipeline the start of the TLS handshake for - proxying https URL requests.*/ -static int op_http_conn_establish_tunnel(OpusHTTPStream *_stream, - OpusHTTPConn *_conn,op_sock _fd,SSL *_ssl_conn,BIO *_ssl_bio){ -# if OPENSSL_VERSION_NUMBER>=0x10100000L - BIO_METHOD *bio_retry_method; -# endif - BIO *retry_bio; - char *status_code; - char *next; - int ret; - _conn->ssl_conn=NULL; - _conn->fd=_fd; - OP_ASSERT(_stream->proxy_connect.nbuf>0); - ret=op_http_conn_write_fully(_conn, - _stream->proxy_connect.buf,_stream->proxy_connect.nbuf); - if(OP_UNLIKELY(ret<0))return ret; -# if OPENSSL_VERSION_NUMBER>=0x10100000L - bio_retry_method=BIO_meth_new(BIO_TYPE_NULL,"retry"); - if(bio_retry_method==NULL)return OP_EFAULT; - BIO_meth_set_write(bio_retry_method,op_bio_retry_write); - BIO_meth_set_read(bio_retry_method,op_bio_retry_read); - BIO_meth_set_puts(bio_retry_method,op_bio_retry_puts); - BIO_meth_set_ctrl(bio_retry_method,op_bio_retry_ctrl); - BIO_meth_set_create(bio_retry_method,op_bio_retry_new); - BIO_meth_set_destroy(bio_retry_method,op_bio_retry_free); - retry_bio=BIO_new(bio_retry_method); - if(OP_UNLIKELY(retry_bio==NULL)){ - BIO_meth_free(bio_retry_method); - return OP_EFAULT; - } -# else - retry_bio=BIO_new(&op_bio_retry_method); - if(OP_UNLIKELY(retry_bio==NULL))return OP_EFAULT; -# endif - SSL_set_bio(_ssl_conn,retry_bio,_ssl_bio); - SSL_set_connect_state(_ssl_conn); - /*This shouldn't succeed, since we can't read yet.*/ - OP_ALWAYS_TRUE(SSL_connect(_ssl_conn)<0); - SSL_set_bio(_ssl_conn,_ssl_bio,_ssl_bio); -# if OPENSSL_VERSION_NUMBER>=0x10100000L - BIO_meth_free(bio_retry_method); -# endif - /*Only now do we disable write coalescing, to allow the CONNECT - request and the start of the TLS handshake to be combined.*/ - op_sock_set_tcp_nodelay(_fd,1); - ret=op_http_conn_read_response(_conn,&_stream->response); - if(OP_UNLIKELY(ret<0))return ret; - next=op_http_parse_status_line(NULL,&status_code,_stream->response.buf); - /*According to RFC 2817, "Any successful (2xx) response to a - CONNECT request indicates that the proxy has established a - connection to the requested host and port.*/ - if(OP_UNLIKELY(next==NULL)||OP_UNLIKELY(status_code[0]!='2'))return OP_FALSE; - return 0; -} - -/*Match a host name against a host with a possible wildcard pattern according - to the rules of RFC 6125 Section 6.4.3. - Return: 0 if the pattern doesn't match, and a non-zero value if it does.*/ -static int op_http_hostname_match(const char *_host,size_t _host_len, - ASN1_STRING *_pattern){ - const char *pattern; - size_t host_label_len; - size_t host_suffix_len; - size_t pattern_len; - size_t pattern_label_len; - size_t pattern_prefix_len; - size_t pattern_suffix_len; - pattern=(const char *)ASN1_STRING_data(_pattern); - pattern_len=strlen(pattern); - /*Check the pattern for embedded NULs.*/ - if(OP_UNLIKELY(pattern_len!=(size_t)ASN1_STRING_length(_pattern)))return 0; - pattern_label_len=strcspn(pattern,"."); - OP_ASSERT(pattern_label_len<=pattern_len); - pattern_prefix_len=strcspn(pattern,"*"); - if(pattern_prefix_len>=pattern_label_len){ - /*"The client SHOULD NOT attempt to match a presented identifier in which - the wildcard character comprises a label other than the left-most label - (e.g., do not match bar.*.example.net)." [RFC 6125 Section 6.4.3]*/ - if(pattern_prefix_len<pattern_len)return 0; - /*If the pattern does not contain a wildcard in the first element, do an - exact match. - Don't use the system strcasecmp here, as that uses the locale and - RFC 4343 makes clear that DNS's case-insensitivity only applies to - the ASCII range.*/ - return _host_len==pattern_len&&op_strncasecmp(_host,pattern,_host_len)==0; - } - /*"However, the client SHOULD NOT attempt to match a presented identifier - where the wildcard character is embedded within an A-label or U-label of - an internationalized domain name." [RFC 6125 Section 6.4.3]*/ - if(op_strncasecmp(pattern,"xn--",4)==0)return 0; - host_label_len=strcspn(_host,"."); - /*Make sure the host has at least two dots, to prevent the wildcard match - from being ridiculously wide. - We should have already checked to ensure it had at least one.*/ - if(OP_UNLIKELY(_host[host_label_len]!='.') - ||strchr(_host+host_label_len+1,'.')==NULL){ - return 0; - } - OP_ASSERT(host_label_len<_host_len); - /*"If the wildcard character is the only character of the left-most label in - the presented identifier, the client SHOULD NOT compare against anything - but the left-most label of the reference identifier (e.g., *.example.com - would match foo.example.com but not bar.foo.example.com)." [RFC 6125 - Section 6.4.3] - This is really confusingly worded, as we check this by actually comparing - the rest of the pattern for an exact match. - We also use the fact that the wildcard must match at least one character, - so the left-most label of the hostname must be at least as large as the - left-most label of the pattern.*/ - if(host_label_len<pattern_label_len)return 0; - OP_ASSERT(pattern[pattern_prefix_len]=='*'); - /*"The client MAY match a presented identifier in which the wildcard - character is not the only character of the label (e.g., baz*.example.net - and *baz.example.net and b*z.example.net would be taken to match - baz1.example.net and foobaz.example.net and buzz.example.net, - respectively)." [RFC 6125 Section 6.4.3]*/ - pattern_suffix_len=pattern_len-pattern_prefix_len-1; - host_suffix_len=_host_len-host_label_len - +pattern_label_len-pattern_prefix_len-1; - return pattern_suffix_len==host_suffix_len - &&op_strncasecmp(_host,pattern,pattern_prefix_len)==0 - &&op_strncasecmp(_host+_host_len-host_suffix_len, - pattern+pattern_prefix_len+1,host_suffix_len)==0; -} - -/*Convert a host to a numeric address, if possible. - Return: A struct addrinfo containing the address, if it was numeric, and NULL - otherise.*/ -static struct addrinfo *op_inet_pton(const char *_host){ - struct addrinfo *addrs; - struct addrinfo hints; - memset(&hints,0,sizeof(hints)); - hints.ai_socktype=SOCK_STREAM; - hints.ai_flags=AI_NUMERICHOST; - if(!getaddrinfo(_host,NULL,&hints,&addrs))return addrs; - return NULL; -} - -/*Verify the server's hostname matches the certificate they presented using - the procedure from Section 6 of RFC 6125. - Return: 0 if the certificate doesn't match, and a non-zero value if it does.*/ -static int op_http_verify_hostname(OpusHTTPStream *_stream,SSL *_ssl_conn){ - X509 *peer_cert; - STACK_OF(GENERAL_NAME) *san_names; - char *host; - size_t host_len; - int ret; - host=_stream->url.host; - host_len=strlen(host); - peer_cert=SSL_get_peer_certificate(_ssl_conn); - /*We set VERIFY_PEER, so we shouldn't get here without a certificate.*/ - if(OP_UNLIKELY(peer_cert==NULL))return 0; - ret=0; - OP_ASSERT(host_len<INT_MAX); - /*RFC 2818 says (after correcting for Eratta 1077): "If a subjectAltName - extension of type dNSName is present, that MUST be used as the identity. - Otherwise, the (most specific) Common Name field in the Subject field of - the certificate MUST be used. - Although the use of the Common Name is existing practice, it is deprecated - and Certification Authorities are encouraged to use the dNSName - instead." - "Matching is performed using the matching rules specified by RFC 2459. - If more than one identity of a given type is present in the certificate - (e.g., more than one dNSName name), a match in any one of the set is - considered acceptable. - Names may contain the wildcard character * which is condered to match any - single domain name component or component fragment. - E.g., *.a.com matches foo.a.com but not bar.foo.a.com. - f*.com matches foo.com but not bar.com." - "In some cases, the URI is specified as an IP address rather than a - hostname. - In this case, the iPAddress subjectAltName must be present in the - certificate and must exactly match the IP in the URI."*/ - san_names=X509_get_ext_d2i(peer_cert,NID_subject_alt_name,NULL,NULL); - if(san_names!=NULL){ - struct addrinfo *addr; - unsigned char *ip; - int ip_len; - int nsan_names; - int sni; - /*Check to see if the host was specified as a simple IP address.*/ - addr=op_inet_pton(host); - ip=NULL; - ip_len=0; - if(addr!=NULL){ - switch(addr->ai_family){ - case AF_INET:{ - struct sockaddr_in *s; - s=(struct sockaddr_in *)addr->ai_addr; - OP_ASSERT(addr->ai_addrlen>=sizeof(*s)); - ip=(unsigned char *)&s->sin_addr; - ip_len=sizeof(s->sin_addr); - }break; - case AF_INET6:{ - struct sockaddr_in6 *s; - s=(struct sockaddr_in6 *)addr->ai_addr; - OP_ASSERT(addr->ai_addrlen>=sizeof(*s)); - ip=(unsigned char *)&s->sin6_addr; - ip_len=sizeof(s->sin6_addr); - }break; - } - } - /*We can only verify fully-qualified domain names. - To quote RFC 6125: "The extracted data MUST include only information that - can be securely parsed out of the inputs (e.g., parsing the fully - qualified DNS domain name out of the "host" component (or its - equivalent) of a URI or deriving the application service type from the - scheme of a URI) ..." - We don't have a way to check (without relying on DNS records, which might - be subverted) if this address is fully-qualified. - This is particularly problematic when using a CONNECT tunnel, as it is - the server that does DNS lookup, not us. - However, we are certain that if the hostname has no '.', it is definitely - not a fully-qualified domain name (with the exception of crazy TLDs that - actually resolve, like "uz", but I am willing to ignore those). - RFC 1535 says "...in any event where a '.' exists in a specified name it - should be assumed to be a fully qualified domain name (FQDN) and SHOULD - be tried as a rooted name first." - That doesn't give us any security guarantees, of course (a subverted DNS - could fail the original query and our resolver might still retry with a - local domain appended). - If we don't have a FQDN, just set the number of names to 0, so we'll fail - and clean up any resources we allocated.*/ - if(ip==NULL&&strchr(host,'.')==NULL)nsan_names=0; - /*RFC 2459 says there MUST be at least one, but we don't depend on it.*/ - else nsan_names=sk_GENERAL_NAME_num(san_names); - for(sni=0;sni<nsan_names;sni++){ - const GENERAL_NAME *name; - name=sk_GENERAL_NAME_value(san_names,sni); - if(ip==NULL){ - if(name->type==GEN_DNS - &&op_http_hostname_match(host,host_len,name->d.dNSName)){ - ret=1; - break; - } - } - else if(name->type==GEN_IPADD){ - unsigned char *cert_ip; - /*If we do have an IP address, compare it directly. - RFC 6125: "When the reference identity is an IP address, the identity - MUST be converted to the 'network byte order' octet string - representation. - For IP Version 4, as specified in RFC 791, the octet string will - contain exactly four octets. - For IP Version 6, as specified in RFC 2460, the octet string will - contain exactly sixteen octets. - This octet string is then compared against subjectAltName values of - type iPAddress. - A match occurs if the reference identity octet string and the value - octet strings are identical."*/ - cert_ip=ASN1_STRING_data(name->d.iPAddress); - if(ip_len==ASN1_STRING_length(name->d.iPAddress) - &&memcmp(ip,cert_ip,ip_len)==0){ - ret=1; - break; - } - } - } - sk_GENERAL_NAME_pop_free(san_names,GENERAL_NAME_free); - if(addr!=NULL)freeaddrinfo(addr); - } - /*Do the same FQDN check we did above. - We don't do this once in advance for both cases, because in the - subjectAltName case we might have an IPv6 address without a dot.*/ - else if(strchr(host,'.')!=NULL){ - int last_cn_loc; - int cn_loc; - /*If there is no subjectAltName, match against commonName. - RFC 6125 says that at least one significant CA is known to issue certs - with multiple CNs, although it SHOULD NOT. - It also says: "The server's identity may also be verified by comparing - the reference identity to the Common Name (CN) value in the last - Relative Distinguished Name (RDN) of the subject field of the server's - certificate (where "last" refers to the DER-encoded order...)." - So find the last one and check it.*/ - cn_loc=-1; - do{ - last_cn_loc=cn_loc; - cn_loc=X509_NAME_get_index_by_NID(X509_get_subject_name(peer_cert), - NID_commonName,last_cn_loc); - } - while(cn_loc>=0); - ret=last_cn_loc>=0 - &&op_http_hostname_match(host,host_len, - X509_NAME_ENTRY_get_data( - X509_NAME_get_entry(X509_get_subject_name(peer_cert),last_cn_loc))); - } - X509_free(peer_cert); - return ret; -} - -/*Perform the TLS handshake on a new connection.*/ -static int op_http_conn_start_tls(OpusHTTPStream *_stream,OpusHTTPConn *_conn, - op_sock _fd,SSL *_ssl_conn){ - SSL_SESSION *ssl_session; - BIO *ssl_bio; - int skip_certificate_check; - int ret; - ssl_bio=BIO_new_socket(_fd,BIO_NOCLOSE); - if(OP_LIKELY(ssl_bio==NULL))return OP_FALSE; -# if !defined(OPENSSL_NO_TLSEXT) - /*Support for RFC 6066 Server Name Indication.*/ - SSL_set_tlsext_host_name(_ssl_conn,_stream->url.host); -# endif - /*Resume a previous session if available.*/ - if(_stream->ssl_session!=NULL){ - SSL_set_session(_ssl_conn,_stream->ssl_session); - } - /*If we're proxying, establish the CONNECT tunnel.*/ - if(_stream->proxy_connect.nbuf>0){ - ret=op_http_conn_establish_tunnel(_stream,_conn, - _fd,_ssl_conn,ssl_bio); - if(OP_UNLIKELY(ret<0))return ret; - } - else{ - /*Otherwise, just use this socket directly.*/ - op_sock_set_tcp_nodelay(_fd,1); - SSL_set_bio(_ssl_conn,ssl_bio,ssl_bio); - SSL_set_connect_state(_ssl_conn); - } - ret=op_do_ssl_step(_ssl_conn,_fd,SSL_connect); - if(OP_UNLIKELY(ret<=0))return OP_FALSE; - ssl_session=_stream->ssl_session; - skip_certificate_check=_stream->skip_certificate_check; - if(ssl_session==NULL||!skip_certificate_check){ - ret=op_do_ssl_step(_ssl_conn,_fd,SSL_do_handshake); - if(OP_UNLIKELY(ret<=0))return OP_FALSE; - /*OpenSSL does not do hostname verification, despite the fact that we just - passed it the hostname above in the call to SSL_set_tlsext_host_name(), - because they are morons. - Do it for them.*/ - if(!skip_certificate_check&&!op_http_verify_hostname(_stream,_ssl_conn)){ - return OP_FALSE; - } - if(ssl_session==NULL){ - /*Save the session for later resumption.*/ - _stream->ssl_session=SSL_get1_session(_ssl_conn); - } - } - _conn->ssl_conn=_ssl_conn; - _conn->fd=_fd; - _conn->nrequests_left=OP_PIPELINE_MAX_REQUESTS; - return 0; -} - -/*Try to start a connection to the next address in the given list of a given - type. - _fd: The socket to connect with. - [inout] _addr: A pointer to the list of addresses. - This will be advanced to the first one that matches the given - address family (possibly the current one). - _ai_family: The address family to connect to. - Return: 1 If the connection was successful. - 0 If the connection is in progress. - OP_FALSE If the connection failed and there were no more addresses - left to try. - *_addr will be set to NULL in this case.*/ -static int op_sock_connect_next(op_sock _fd, - const struct addrinfo **_addr,int _ai_family){ - const struct addrinfo *addr; - int err; - addr=*_addr; - for(;;){ - /*Move to the next address of the requested type.*/ - for(;addr!=NULL&&addr->ai_family!=_ai_family;addr=addr->ai_next); - *_addr=addr; - /*No more: failure.*/ - if(addr==NULL)return OP_FALSE; - if(connect(_fd,addr->ai_addr,addr->ai_addrlen)>=0)return 1; - err=op_errno(); - /*Winsock will set WSAEWOULDBLOCK.*/ - if(OP_LIKELY(err==EINPROGRESS||err==EWOULDBLOCK))return 0; - addr=addr->ai_next; - } -} - -/*The number of address families to try connecting to simultaneously.*/ -# define OP_NPROTOS (2) - -static int op_http_connect_impl(OpusHTTPStream *_stream,OpusHTTPConn *_conn, - const struct addrinfo *_addrs,struct timeb *_start_time){ - const struct addrinfo *addr; - const struct addrinfo *addrs[OP_NPROTOS]; - struct pollfd fds[OP_NPROTOS]; - int ai_family; - int nprotos; - int ret; - int pi; - int pj; - for(pi=0;pi<OP_NPROTOS;pi++)addrs[pi]=NULL; - /*Try connecting via both IPv4 and IPv6 simultaneously, and keep the first - one that succeeds. - Start by finding the first address from each family. - We order the first connection attempts in the same order the address - families were returned in the DNS records in accordance with RFC 6555.*/ - for(addr=_addrs,nprotos=0;addr!=NULL&&nprotos<OP_NPROTOS;addr=addr->ai_next){ - if(addr->ai_family==AF_INET6||addr->ai_family==AF_INET){ - OP_ASSERT(addr->ai_addrlen<=sizeof(struct sockaddr_in6)); - OP_ASSERT(addr->ai_addrlen<=sizeof(struct sockaddr_in)); - /*If we've seen this address family before, skip this address for now.*/ - for(pi=0;pi<nprotos;pi++)if(addrs[pi]->ai_family==addr->ai_family)break; - if(pi<nprotos)continue; - addrs[nprotos++]=addr; - } - } - /*Pop the connection off the free list and put it on the LRU list.*/ - OP_ASSERT(_stream->free_head==_conn); - _stream->free_head=_conn->next; - _conn->next=_stream->lru_head; - _stream->lru_head=_conn; - ftime(_start_time); - *&_conn->read_time=*_start_time; - _conn->read_bytes=0; - _conn->read_rate=0; - /*Try to start a connection to each protocol. - RFC 6555 says it is RECOMMENDED that connection attempts be paced - 150...250 ms apart "to balance human factors against network load", but - that "stateful algorithms" (that's us) "are expected to be more - aggressive". - We are definitely more aggressive: we don't pace at all.*/ - for(pi=0;pi<nprotos;pi++){ - ai_family=addrs[pi]->ai_family; - fds[pi].fd=socket(ai_family,SOCK_STREAM,addrs[pi]->ai_protocol); - fds[pi].events=POLLOUT; - if(OP_LIKELY(fds[pi].fd!=OP_INVALID_SOCKET)){ - if(OP_LIKELY(op_sock_set_nonblocking(fds[pi].fd,1)>=0)){ - ret=op_sock_connect_next(fds[pi].fd,addrs+pi,ai_family); - if(OP_UNLIKELY(ret>0)){ - /*It succeeded right away (technically possible), so stop.*/ - nprotos=pi+1; - break; - } - /*Otherwise go on to the next protocol, and skip the clean-up below.*/ - else if(ret==0)continue; - /*Tried all the addresses for this protocol.*/ - } - /*Clean up the socket.*/ - close(fds[pi].fd); - } - /*Remove this protocol from the list.*/ - memmove(addrs+pi,addrs+pi+1,sizeof(*addrs)*(nprotos-pi-1)); - nprotos--; - pi--; - } - /*Wait for one of the connections to finish.*/ - while(pi>=nprotos&&nprotos>0&&poll(fds,nprotos,OP_POLL_TIMEOUT_MS)>0){ - for(pi=0;pi<nprotos;pi++){ - socklen_t errlen; - int err; - /*Still waiting...*/ - if(!fds[pi].revents)continue; - errlen=sizeof(err); - /*Some platforms will return the pending error in &err and return 0. - Others will put it in errno and return -1.*/ - ret=getsockopt(fds[pi].fd,SOL_SOCKET,SO_ERROR,&err,&errlen); - if(ret<0)err=op_errno(); - /*Success!*/ - if(err==0||err==EISCONN)break; - /*Move on to the next address for this protocol.*/ - ai_family=addrs[pi]->ai_family; - addrs[pi]=addrs[pi]->ai_next; - ret=op_sock_connect_next(fds[pi].fd,addrs+pi,ai_family); - /*It succeeded right away, so stop.*/ - if(ret>0)break; - /*Otherwise go on to the next protocol, and skip the clean-up below.*/ - else if(ret==0)continue; - /*Tried all the addresses for this protocol. - Remove it from the list.*/ - close(fds[pi].fd); - memmove(fds+pi,fds+pi+1,sizeof(*fds)*(nprotos-pi-1)); - memmove(addrs+pi,addrs+pi+1,sizeof(*addrs)*(nprotos-pi-1)); - nprotos--; - pi--; - } - } - /*Close all the other sockets.*/ - for(pj=0;pj<nprotos;pj++)if(pi!=pj)close(fds[pj].fd); - /*If none of them succeeded, we're done.*/ - if(pi>=nprotos)return OP_FALSE; - /*Save this address for future connection attempts.*/ - if(addrs[pi]!=&_stream->addr_info){ - memcpy(&_stream->addr_info,addrs[pi],sizeof(_stream->addr_info)); - _stream->addr_info.ai_addr=&_stream->addr.s; - _stream->addr_info.ai_next=NULL; - memcpy(&_stream->addr,addrs[pi]->ai_addr,addrs[pi]->ai_addrlen); - } - if(OP_URL_IS_SSL(&_stream->url)){ - SSL *ssl_conn; - /*Start the SSL connection.*/ - OP_ASSERT(_stream->ssl_ctx!=NULL); - ssl_conn=SSL_new(_stream->ssl_ctx); - if(OP_LIKELY(ssl_conn!=NULL)){ - ret=op_http_conn_start_tls(_stream,_conn,fds[pi].fd,ssl_conn); - if(OP_LIKELY(ret>=0))return ret; - SSL_free(ssl_conn); - } - close(fds[pi].fd); - _conn->fd=OP_INVALID_SOCKET; - return OP_FALSE; - } - /*Just a normal non-SSL connection.*/ - _conn->ssl_conn=NULL; - _conn->fd=fds[pi].fd; - _conn->nrequests_left=OP_PIPELINE_MAX_REQUESTS; - /*Disable write coalescing. - We always send whole requests at once and always parse the response headers - before sending another one.*/ - op_sock_set_tcp_nodelay(fds[pi].fd,1); - return 0; -} - -static int op_http_connect(OpusHTTPStream *_stream,OpusHTTPConn *_conn, - const struct addrinfo *_addrs,struct timeb *_start_time){ - struct timeb resolve_time; - struct addrinfo *new_addrs; - int ret; - /*Re-resolve the host if we need to (RFC 6555 says we MUST do so - occasionally).*/ - new_addrs=NULL; - ftime(&resolve_time); - if(_addrs!=&_stream->addr_info||op_time_diff_ms(&resolve_time, - &_stream->resolve_time)>=OP_RESOLVE_CACHE_TIMEOUT_MS){ - new_addrs=op_resolve(_stream->connect_host,_stream->connect_port); - if(OP_LIKELY(new_addrs!=NULL)){ - _addrs=new_addrs; - *&_stream->resolve_time=*&resolve_time; - } - else if(OP_LIKELY(_addrs==NULL))return OP_FALSE; - } - ret=op_http_connect_impl(_stream,_conn,_addrs,_start_time); - if(new_addrs!=NULL)freeaddrinfo(new_addrs); - return ret; -} - -# define OP_BASE64_LENGTH(_len) (((_len)+2)/3*4) - -static const char BASE64_TABLE[64]={ - 'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P', - 'Q','R','S','T','U','V','W','X','Y','Z','a','b','c','d','e','f', - 'g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v', - 'w','x','y','z','0','1','2','3','4','5','6','7','8','9','+','/' -}; - -static char *op_base64_encode(char *_dst,const char *_src,int _len){ - unsigned s0; - unsigned s1; - unsigned s2; - int ngroups; - int i; - ngroups=_len/3; - for(i=0;i<ngroups;i++){ - s0=_src[3*i+0]; - s1=_src[3*i+1]; - s2=_src[3*i+2]; - _dst[4*i+0]=BASE64_TABLE[s0>>2]; - _dst[4*i+1]=BASE64_TABLE[(s0&3)<<4|s1>>4]; - _dst[4*i+2]=BASE64_TABLE[(s1&15)<<2|s2>>6]; - _dst[4*i+3]=BASE64_TABLE[s2&63]; - } - _len-=3*i; - if(_len==1){ - s0=_src[3*i+0]; - _dst[4*i+0]=BASE64_TABLE[s0>>2]; - _dst[4*i+1]=BASE64_TABLE[(s0&3)<<4]; - _dst[4*i+2]='='; - _dst[4*i+3]='='; - i++; - } - else if(_len==2){ - s0=_src[3*i+0]; - s1=_src[3*i+1]; - _dst[4*i+0]=BASE64_TABLE[s0>>2]; - _dst[4*i+1]=BASE64_TABLE[(s0&3)<<4|s1>>4]; - _dst[4*i+2]=BASE64_TABLE[(s1&15)<<2]; - _dst[4*i+3]='='; - i++; - } - _dst[4*i]='\0'; - return _dst+4*i; -} - -/*Construct an HTTP authorization header using RFC 2617's Basic Authentication - Scheme and append it to the given string buffer.*/ -static int op_sb_append_basic_auth_header(OpusStringBuf *_sb, - const char *_header,const char *_user,const char *_pass){ - int user_len; - int pass_len; - int user_pass_len; - int base64_len; - int nbuf_total; - int ret; - ret=op_sb_append_string(_sb,_header); - ret|=op_sb_append(_sb,": Basic ",8); - user_len=strlen(_user); - pass_len=strlen(_pass); - if(OP_UNLIKELY(pass_len>INT_MAX-user_len))return OP_EFAULT; - if(OP_UNLIKELY(user_len+pass_len>(INT_MAX>>2)*3-3))return OP_EFAULT; - user_pass_len=user_len+1+pass_len; - base64_len=OP_BASE64_LENGTH(user_pass_len); - /*Stick "user:pass" at the end of the buffer so we can Base64 encode it - in-place.*/ - nbuf_total=_sb->nbuf; - if(OP_UNLIKELY(base64_len>INT_MAX-nbuf_total))return OP_EFAULT; - nbuf_total+=base64_len; - ret|=op_sb_ensure_capacity(_sb,nbuf_total); - if(OP_UNLIKELY(ret<0))return ret; - _sb->nbuf=nbuf_total-user_pass_len; - OP_ALWAYS_TRUE(!op_sb_append(_sb,_user,user_len)); - OP_ALWAYS_TRUE(!op_sb_append(_sb,":",1)); - OP_ALWAYS_TRUE(!op_sb_append(_sb,_pass,pass_len)); - op_base64_encode(_sb->buf+nbuf_total-base64_len, - _sb->buf+nbuf_total-user_pass_len,user_pass_len); - return op_sb_append(_sb,"\r\n",2); -} - -static int op_http_allow_pipelining(const char *_server){ - /*Servers known to do bad things with pipelined requests. - This list is taken from Gecko's nsHttpConnection::SupportsPipelining() (in - netwerk/protocol/http/nsHttpConnection.cpp).*/ - static const char *BAD_SERVERS[]={ - "EFAServer/", - "Microsoft-IIS/4.", - "Microsoft-IIS/5.", - "Netscape-Enterprise/3.", - "Netscape-Enterprise/4.", - "Netscape-Enterprise/5.", - "Netscape-Enterprise/6.", - "WebLogic 3.", - "WebLogic 4.", - "WebLogic 5.", - "WebLogic 6.", - "Winstone Servlet Engine v0." - }; -# define NBAD_SERVERS ((int)(sizeof(BAD_SERVERS)/sizeof(*BAD_SERVERS))) - if(*_server>='E'&&*_server<='W'){ - int si; - for(si=0;si<NBAD_SERVERS;si++){ - if(strncmp(_server,BAD_SERVERS[si],strlen(BAD_SERVERS[si]))==0){ - return 0; - } - } - } - return 1; -# undef NBAD_SERVERS -} - -static int op_http_stream_open(OpusHTTPStream *_stream,const char *_url, - int _skip_certificate_check,const char *_proxy_host,unsigned _proxy_port, - const char *_proxy_user,const char *_proxy_pass,OpusServerInfo *_info){ - struct addrinfo *addrs; - int nredirs; - int ret; -#if defined(_WIN32) - op_init_winsock(); -#endif - ret=op_parse_url(&_stream->url,_url); - if(OP_UNLIKELY(ret<0))return ret; - if(_proxy_host!=NULL){ - if(OP_UNLIKELY(_proxy_port>65535U))return OP_EINVAL; - _stream->connect_host=op_string_dup(_proxy_host); - _stream->connect_port=_proxy_port; - } - else{ - _stream->connect_host=_stream->url.host; - _stream->connect_port=_stream->url.port; - } - addrs=NULL; - for(nredirs=0;nredirs<OP_REDIRECT_LIMIT;nredirs++){ - OpusParsedURL next_url; - struct timeb start_time; - struct timeb end_time; - char *next; - char *status_code; - int minor_version_pos; - int v1_1_compat; - /*Initialize the SSL library if necessary.*/ - if(OP_URL_IS_SSL(&_stream->url)&&_stream->ssl_ctx==NULL){ - SSL_CTX *ssl_ctx; -# if OPENSSL_VERSION_NUMBER<0x10100000L -# if !defined(OPENSSL_NO_LOCKING) - /*The documentation says SSL_library_init() is not reentrant. - We don't want to add our own depenencies on a threading library, and it - appears that it's safe to call OpenSSL's locking functions before the - library is initialized, so that's what we'll do (really OpenSSL should - do this for us). - This doesn't guarantee that _other_ threads in the application aren't - calling SSL_library_init() at the same time, but there's not much we - can do about that.*/ - CRYPTO_w_lock(CRYPTO_LOCK_SSL); -# endif - SSL_library_init(); - /*Needed to get SHA2 algorithms with old OpenSSL versions.*/ - OpenSSL_add_ssl_algorithms(); -# if !defined(OPENSSL_NO_LOCKING) - CRYPTO_w_unlock(CRYPTO_LOCK_SSL); -# endif -# else - /*Finally, OpenSSL does this for us, but as penance, it can now fail.*/ - if(!OPENSSL_init_ssl(0,NULL))return OP_EFAULT; -# endif - ssl_ctx=SSL_CTX_new(SSLv23_client_method()); - if(ssl_ctx==NULL)return OP_EFAULT; - if(!_skip_certificate_check){ - /*We don't do anything if this fails, since it just means we won't load - any certificates (and thus all checks will fail). - However, as that is probably the result of a system - mis-configuration, assert here to make it easier to identify.*/ - OP_ALWAYS_TRUE(SSL_CTX_set_default_verify_paths(ssl_ctx)); - SSL_CTX_set_verify(ssl_ctx,SSL_VERIFY_PEER,NULL); - } - _stream->ssl_ctx=ssl_ctx; - _stream->skip_certificate_check=_skip_certificate_check; - if(_proxy_host!=NULL){ - /*We need to establish a CONNECT tunnel to handle https proxying. - Build the request we'll send to do so.*/ - _stream->proxy_connect.nbuf=0; - ret=op_sb_append(&_stream->proxy_connect,"CONNECT ",8); - ret|=op_sb_append_string(&_stream->proxy_connect,_stream->url.host); - ret|=op_sb_append_port(&_stream->proxy_connect,_stream->url.port); - /*CONNECT requires at least HTTP 1.1.*/ - ret|=op_sb_append(&_stream->proxy_connect," HTTP/1.1\r\n",11); - ret|=op_sb_append(&_stream->proxy_connect,"Host: ",6); - ret|=op_sb_append_string(&_stream->proxy_connect,_stream->url.host); - /*The example in RFC 2817 Section 5.2 specifies an explicit port even - when connecting to the default port. - Given that the proxy doesn't know whether we're trying to connect to - an http or an https URL except by the port number, this seems like a - good idea.*/ - ret|=op_sb_append_port(&_stream->proxy_connect,_stream->url.port); - ret|=op_sb_append(&_stream->proxy_connect,"\r\n",2); - ret|=op_sb_append(&_stream->proxy_connect,"User-Agent: .\r\n",15); - if(_proxy_user!=NULL&&_proxy_pass!=NULL){ - ret|=op_sb_append_basic_auth_header(&_stream->proxy_connect, - "Proxy-Authorization",_proxy_user,_proxy_pass); - } - /*For backwards compatibility.*/ - ret|=op_sb_append(&_stream->proxy_connect, - "Proxy-Connection: keep-alive\r\n",30); - ret|=op_sb_append(&_stream->proxy_connect,"\r\n",2); - if(OP_UNLIKELY(ret<0))return ret; - } - } - /*Actually make the connection.*/ - ret=op_http_connect(_stream,_stream->conns+0,addrs,&start_time); - if(OP_UNLIKELY(ret<0))return ret; - /*Build the request to send.*/ - _stream->request.nbuf=0; - ret=op_sb_append(&_stream->request,"GET ",4); - ret|=op_sb_append_string(&_stream->request, - _proxy_host!=NULL?_url:_stream->url.path); - /*Send HTTP/1.0 by default for maximum compatibility (so we don't have to - re-try if HTTP/1.1 fails, though it shouldn't, even for a 1.0 server). - This means we aren't conditionally compliant with RFC 2145, because we - violate the requirement that "An HTTP client SHOULD send a request - version equal to the highest version for which the client is at least - conditionally compliant...". - According to RFC 2145, that means we can't claim any compliance with any - IETF HTTP specification.*/ - ret|=op_sb_append(&_stream->request," HTTP/1.0\r\n",11); - /*Remember where this is so we can upgrade to HTTP/1.1 if the server - supports it.*/ - minor_version_pos=_stream->request.nbuf-3; - ret|=op_sb_append(&_stream->request,"Host: ",6); - ret|=op_sb_append_string(&_stream->request,_stream->url.host); - if(!OP_URL_IS_DEFAULT_PORT(&_stream->url)){ - ret|=op_sb_append_port(&_stream->request,_stream->url.port); - } - ret|=op_sb_append(&_stream->request,"\r\n",2); - /*User-Agents have been a bad idea, so send as little as possible. - RFC 2616 requires at least one token in the User-Agent, which must have - at least one character.*/ - ret|=op_sb_append(&_stream->request,"User-Agent: .\r\n",15); - if(_proxy_host!=NULL&&!OP_URL_IS_SSL(&_stream->url) - &&_proxy_user!=NULL&&_proxy_pass!=NULL){ - ret|=op_sb_append_basic_auth_header(&_stream->request, - "Proxy-Authorization",_proxy_user,_proxy_pass); - } - if(_stream->url.user!=NULL&&_stream->url.pass!=NULL){ - ret|=op_sb_append_basic_auth_header(&_stream->request, - "Authorization",_stream->url.user,_stream->url.pass); - } - /*Always send a Referer [sic] header. - It's common to refuse to serve a resource unless one is present. - We just use the relative "/" URI to suggest we came from the same domain, - as this is the most common check. - This might violate RFC 2616's mandate that the field "MUST NOT be sent if - the Request-URI was obtained from a source that does not have its own - URI, such as input from the user keyboard," but we don't really have any - way to know.*/ - /*TODO: Should we update this on redirects?*/ - ret|=op_sb_append(&_stream->request,"Referer: /\r\n",12); - /*Always send a Range request header to find out if we're seekable. - This requires an HTTP/1.1 server to succeed, but we'll still get what we - want with an HTTP/1.0 server that ignores this request header.*/ - ret|=op_sb_append(&_stream->request,"Range: bytes=0-\r\n",17); - /*Remember where this is so we can append offsets to it later.*/ - _stream->request_tail=_stream->request.nbuf-4; - ret|=op_sb_append(&_stream->request,"\r\n",2); - if(OP_UNLIKELY(ret<0))return ret; - ret=op_http_conn_write_fully(_stream->conns+0, - _stream->request.buf,_stream->request.nbuf); - if(OP_UNLIKELY(ret<0))return ret; - ret=op_http_conn_read_response(_stream->conns+0,&_stream->response); - if(OP_UNLIKELY(ret<0))return ret; - ftime(&end_time); - next=op_http_parse_status_line(&v1_1_compat,&status_code, - _stream->response.buf); - if(OP_UNLIKELY(next==NULL))return OP_FALSE; - if(status_code[0]=='2'){ - opus_int64 content_length; - opus_int64 range_length; - int pipeline_supported; - int pipeline_disabled; - /*We only understand 20x codes.*/ - if(status_code[1]!='0')return OP_FALSE; - content_length=-1; - range_length=-1; - /*Pipelining must be explicitly enabled.*/ - pipeline_supported=0; - pipeline_disabled=0; - for(;;){ - char *header; - char *cdr; - ret=op_http_get_next_header(&header,&cdr,&next); - if(OP_UNLIKELY(ret<0))return ret; - if(header==NULL)break; - if(strcmp(header,"content-length")==0){ - /*Two Content-Length headers?*/ - if(OP_UNLIKELY(content_length>=0))return OP_FALSE; - content_length=op_http_parse_content_length(cdr); - if(OP_UNLIKELY(content_length<0))return (int)content_length; - /*Make sure the Content-Length and Content-Range headers match.*/ - if(range_length>=0&&OP_UNLIKELY(content_length!=range_length)){ - return OP_FALSE; - } - } - else if(strcmp(header,"content-range")==0){ - opus_int64 range_first; - opus_int64 range_last; - /*Two Content-Range headers?*/ - if(OP_UNLIKELY(range_length>=0))return OP_FALSE; - ret=op_http_parse_content_range(&range_first,&range_last, - &range_length,cdr); - if(OP_UNLIKELY(ret<0))return ret; - /*"A response with satus code 206 (Partial Content) MUST NOT - include a Content-Range field with a byte-range-resp-spec of - '*'."*/ - if(status_code[2]=='6' - &&(OP_UNLIKELY(range_first<0)||OP_UNLIKELY(range_last<0))){ - return OP_FALSE; - } - /*We asked for the entire resource.*/ - if(range_length>=0){ - /*Quit if we didn't get it.*/ - if(range_last>=0&&OP_UNLIKELY(range_last!=range_length-1)){ - return OP_FALSE; - } - } - /*If there was no length, use the end of the range.*/ - else if(range_last>=0)range_length=range_last+1; - /*Make sure the Content-Length and Content-Range headers match.*/ - if(content_length>=0&&OP_UNLIKELY(content_length!=range_length)){ - return OP_FALSE; - } - } - else if(strcmp(header,"connection")==0){ - /*According to RFC 2616, if an HTTP/1.1 application does not support - pipelining, it "MUST include the 'close' connection option in - every message." - Therefore, if we receive one in the initial response, disable - pipelining entirely. - The server still might support it (e.g., we might just have hit the - request limit for a temporary child process), but if it doesn't - and we assume it does, every time we cross a chunk boundary we'll - error out and reconnect, adding lots of latency.*/ - ret=op_http_parse_connection(cdr); - if(OP_UNLIKELY(ret<0))return ret; - pipeline_disabled|=ret; - } - else if(strcmp(header,"server")==0){ - /*If we got a Server response header, and it wasn't from a known-bad - server, enable pipelining, as long as it's at least HTTP/1.1. - According to RFC 2145, the server is supposed to respond with the - highest minor version number it supports unless it is known or - suspected that we incorrectly implement the HTTP specification. - So it should send back at least HTTP/1.1, despite our HTTP/1.0 - request.*/ - pipeline_supported=v1_1_compat; - if(v1_1_compat)pipeline_disabled|=!op_http_allow_pipelining(cdr); - if(_info!=NULL&&_info->server==NULL)_info->server=op_string_dup(cdr); - } - /*Collect station information headers if the caller requested it. - If there's more than one copy of a header, the first one wins.*/ - else if(_info!=NULL){ - if(strcmp(header,"content-type")==0){ - if(_info->content_type==NULL){ - _info->content_type=op_string_dup(cdr); - } - } - else if(header[0]=='i'&&header[1]=='c' - &&(header[2]=='e'||header[2]=='y')&&header[3]=='-'){ - if(strcmp(header+4,"name")==0){ - if(_info->name==NULL)_info->name=op_string_dup(cdr); - } - else if(strcmp(header+4,"description")==0){ - if(_info->description==NULL)_info->description=op_string_dup(cdr); - } - else if(strcmp(header+4,"genre")==0){ - if(_info->genre==NULL)_info->genre=op_string_dup(cdr); - } - else if(strcmp(header+4,"url")==0){ - if(_info->url==NULL)_info->url=op_string_dup(cdr); - } - else if(strcmp(header,"icy-br")==0 - ||strcmp(header,"ice-bitrate")==0){ - if(_info->bitrate_kbps<0){ - opus_int64 bitrate_kbps; - /*Just re-using this function to parse a random unsigned - integer field.*/ - bitrate_kbps=op_http_parse_content_length(cdr); - if(bitrate_kbps>=0&&bitrate_kbps<=OP_INT32_MAX){ - _info->bitrate_kbps=(opus_int32)bitrate_kbps; - } - } - } - else if(strcmp(header,"icy-pub")==0 - ||strcmp(header,"ice-public")==0){ - if(_info->is_public<0&&(cdr[0]=='0'||cdr[0]=='1')&&cdr[1]=='\0'){ - _info->is_public=cdr[0]-'0'; - } - } - } - } - } - switch(status_code[2]){ - /*200 OK*/ - case '0':break; - /*203 Non-Authoritative Information*/ - case '3':break; - /*204 No Content*/ - case '4':{ - if(content_length>=0&&OP_UNLIKELY(content_length!=0)){ - return OP_FALSE; - } - }break; - /*206 Partial Content*/ - case '6':{ - /*No Content-Range header.*/ - if(OP_UNLIKELY(range_length<0))return OP_FALSE; - content_length=range_length; - /*The server supports range requests for this resource. - We can seek.*/ - _stream->seekable=1; - }break; - /*201 Created: the response "SHOULD include an entity containing a list - of resource characteristics and location(s)," but not an Opus file. - 202 Accepted: the response "SHOULD include an indication of request's - current status and either a pointer to a status monitor or some - estimate of when the user can expect the request to be fulfilled," - but not an Opus file. - 205 Reset Content: this "MUST NOT include an entity," meaning no Opus - file. - 207...209 are not yet defined, so we don't know how to handle them.*/ - default:return OP_FALSE; - } - _stream->content_length=content_length; - _stream->pipeline=pipeline_supported&&!pipeline_disabled; - /*Pipelining requires HTTP/1.1 persistent connections.*/ - if(_stream->pipeline)_stream->request.buf[minor_version_pos]='1'; - _stream->conns[0].pos=0; - _stream->conns[0].end_pos=_stream->seekable?content_length:-1; - _stream->conns[0].chunk_size=-1; - _stream->cur_conni=0; - _stream->connect_rate=op_time_diff_ms(&end_time,&start_time); - _stream->connect_rate=OP_MAX(_stream->connect_rate,1); - if(_info!=NULL)_info->is_ssl=OP_URL_IS_SSL(&_stream->url); - /*The URL has been successfully opened.*/ - return 0; - } - /*Shouldn't get 1xx; 4xx and 5xx are both failures (and we don't retry). - Everything else is undefined.*/ - else if(status_code[0]!='3')return OP_FALSE; - /*We have some form of redirect request.*/ - /*We only understand 30x codes.*/ - if(status_code[1]!='0')return OP_FALSE; - switch(status_code[2]){ - /*300 Multiple Choices: "If the server has a preferred choice of - representation, it SHOULD include the specific URI for that - representation in the Location field," otherwise we'll fail.*/ - case '0': - /*301 Moved Permanently*/ - case '1': - /*302 Found*/ - case '2': - /*307 Temporary Redirect*/ - case '7': - /*308 Permanent Redirect (defined by draft-reschke-http-status-308-07).*/ - case '8':break; - /*305 Use Proxy: "The Location field gives the URI of the proxy." - TODO: This shouldn't actually be that hard to do.*/ - case '5':return OP_EIMPL; - /*303 See Other: "The new URI is not a substitute reference for the - originally requested resource." - 304 Not Modified: "The 304 response MUST NOT contain a message-body." - 306 (Unused) - 309 is not yet defined, so we don't know how to handle it.*/ - default:return OP_FALSE; - } - _url=NULL; - for(;;){ - char *header; - char *cdr; - ret=op_http_get_next_header(&header,&cdr,&next); - if(OP_UNLIKELY(ret<0))return ret; - if(header==NULL)break; - if(strcmp(header,"location")==0&&OP_LIKELY(_url==NULL))_url=cdr; - } - if(OP_UNLIKELY(_url==NULL))return OP_FALSE; - ret=op_parse_url(&next_url,_url); - if(OP_UNLIKELY(ret<0))return ret; - if(_proxy_host==NULL||_stream->ssl_session!=NULL){ - if(strcmp(_stream->url.host,next_url.host)==0 - &&_stream->url.port==next_url.port){ - /*Try to skip re-resolve when connecting to the same host.*/ - addrs=&_stream->addr_info; - } - else{ - if(_stream->ssl_session!=NULL){ - /*Forget any cached SSL session from the last host.*/ - SSL_SESSION_free(_stream->ssl_session); - _stream->ssl_session=NULL; - } - } - } - if(_proxy_host==NULL){ - OP_ASSERT(_stream->connect_host==_stream->url.host); - _stream->connect_host=next_url.host; - _stream->connect_port=next_url.port; - } - /*Always try to skip re-resolve for proxy connections.*/ - else addrs=&_stream->addr_info; - op_parsed_url_clear(&_stream->url); - *&_stream->url=*&next_url; - /*TODO: On servers/proxies that support pipelining, we might be able to - re-use this connection.*/ - op_http_conn_close(_stream,_stream->conns+0,&_stream->lru_head,1); - } - /*Redirection limit reached.*/ - return OP_FALSE; -} - -static int op_http_conn_send_request(OpusHTTPStream *_stream, - OpusHTTPConn *_conn,opus_int64 _pos,opus_int32 _chunk_size, - int _try_not_to_block){ - opus_int64 next_end; - int ret; - /*We shouldn't have another request outstanding.*/ - OP_ASSERT(_conn->next_pos<0); - /*Build the request to send.*/ - OP_ASSERT(_stream->request.nbuf>=_stream->request_tail); - _stream->request.nbuf=_stream->request_tail; - ret=op_sb_append_nonnegative_int64(&_stream->request,_pos); - ret|=op_sb_append(&_stream->request,"-",1); - if(_chunk_size>0&&OP_ADV_OFFSET(_pos,2*_chunk_size)<_stream->content_length){ - /*We shouldn't be pipelining requests with non-HTTP/1.1 servers.*/ - OP_ASSERT(_stream->pipeline); - next_end=_pos+_chunk_size; - ret|=op_sb_append_nonnegative_int64(&_stream->request,next_end-1); - /*Use a larger chunk size for our next request.*/ - _chunk_size<<=1; - /*But after a while, just request the rest of the resource.*/ - if(_chunk_size>OP_PIPELINE_CHUNK_SIZE_MAX)_chunk_size=-1; - } - else{ - /*Either this was a non-pipelined request or we were close enough to the - end to just ask for the rest.*/ - next_end=-1; - _chunk_size=-1; - } - ret|=op_sb_append(&_stream->request,"\r\n\r\n",4); - if(OP_UNLIKELY(ret<0))return ret; - /*If we don't want to block, check to see if there's enough space in the send - queue. - There's still a chance we might block, even if there is enough space, but - it's a much slimmer one. - Blocking at all is pretty unlikely, as we won't have any requests queued - when _try_not_to_block is set, so if FIONSPACE isn't available (e.g., on - Linux), just skip the test.*/ - if(_try_not_to_block){ -# if defined(FIONSPACE) - int available; - ret=ioctl(_conn->fd,FIONSPACE,&available); - if(ret<0||available<_stream->request.nbuf)return 1; -# endif - } - ret=op_http_conn_write_fully(_conn, - _stream->request.buf,_stream->request.nbuf); - if(OP_UNLIKELY(ret<0))return ret; - _conn->next_pos=_pos; - _conn->next_end=next_end; - /*Save the chunk size to use for the next request.*/ - _conn->chunk_size=_chunk_size; - _conn->nrequests_left--; - return ret; -} - -/*Handles the response to all requests after the first one. - Return: 1 if the connection was closed or timed out, 0 on success, or a - negative value on any other error.*/ -static int op_http_conn_handle_response(OpusHTTPStream *_stream, - OpusHTTPConn *_conn){ - char *next; - char *status_code; - opus_int64 range_length; - opus_int64 next_pos; - opus_int64 next_end; - int ret; - ret=op_http_conn_read_response(_conn,&_stream->response); - /*If the server just closed the connection on us, we may have just hit a - connection re-use limit, so we might want to retry.*/ - if(OP_UNLIKELY(ret<0))return ret==OP_EREAD?1:ret; - next=op_http_parse_status_line(NULL,&status_code,_stream->response.buf); - if(OP_UNLIKELY(next==NULL))return OP_FALSE; - /*We _need_ a 206 Partial Content response. - Nothing else will do.*/ - if(strncmp(status_code,"206",3)!=0){ - /*But on a 408 Request Timeout, we might want to re-try.*/ - return strncmp(status_code,"408",3)==0?1:OP_FALSE; - } - next_pos=_conn->next_pos; - next_end=_conn->next_end; - range_length=-1; - for(;;){ - char *header; - char *cdr; - ret=op_http_get_next_header(&header,&cdr,&next); - if(OP_UNLIKELY(ret<0))return ret; - if(header==NULL)break; - if(strcmp(header,"content-range")==0){ - opus_int64 range_first; - opus_int64 range_last; - /*Two Content-Range headers?*/ - if(OP_UNLIKELY(range_length>=0))return OP_FALSE; - ret=op_http_parse_content_range(&range_first,&range_last, - &range_length,cdr); - if(OP_UNLIKELY(ret<0))return ret; - /*"A response with satus code 206 (Partial Content) MUST NOT - include a Content-Range field with a byte-range-resp-spec of - '*'."*/ - if(OP_UNLIKELY(range_first<0)||OP_UNLIKELY(range_last<0))return OP_FALSE; - /*We also don't want range_last to overflow.*/ - if(OP_UNLIKELY(range_last>=OP_INT64_MAX))return OP_FALSE; - range_last++; - /*Quit if we didn't get the offset we asked for.*/ - if(range_first!=next_pos)return OP_FALSE; - if(next_end<0){ - /*We asked for the rest of the resource.*/ - if(range_length>=0){ - /*Quit if we didn't get it.*/ - if(OP_UNLIKELY(range_last!=range_length))return OP_FALSE; - } - /*If there was no length, use the end of the range.*/ - else range_length=range_last; - next_end=range_last; - } - else{ - if(range_last!=next_end)return OP_FALSE; - /*If there was no length, use the larger of the content length or the - end of this chunk.*/ - if(range_length<0){ - range_length=OP_MAX(range_last,_stream->content_length); - } - } - } - else if(strcmp(header,"content-length")==0){ - opus_int64 content_length; - /*Validate the Content-Length header, if present, against the request we - made.*/ - content_length=op_http_parse_content_length(cdr); - if(OP_UNLIKELY(content_length<0))return (int)content_length; - if(next_end<0){ - /*If we haven't seen the Content-Range header yet and we asked for the - rest of the resource, set next_end, so we can make sure they match - when we do find the Content-Range header.*/ - if(OP_UNLIKELY(next_pos>OP_INT64_MAX-content_length))return OP_FALSE; - next_end=next_pos+content_length; - } - /*Otherwise, make sure they match now.*/ - else if(OP_UNLIKELY(next_end-next_pos!=content_length))return OP_FALSE; - } - else if(strcmp(header,"connection")==0){ - ret=op_http_parse_connection(cdr); - if(OP_UNLIKELY(ret<0))return ret; - /*If the server told us it was going to close the connection, don't make - any more requests.*/ - if(OP_UNLIKELY(ret>0))_conn->nrequests_left=0; - } - } - /*No Content-Range header.*/ - if(OP_UNLIKELY(range_length<0))return OP_FALSE; - /*Update the content_length if necessary.*/ - _stream->content_length=range_length; - _conn->pos=next_pos; - _conn->end_pos=next_end; - _conn->next_pos=-1; - return 0; -} - -/*Open a new connection that will start reading at byte offset _pos. - _pos: The byte offset to start reading from. - _chunk_size: The number of bytes to ask for in the initial request, or -1 to - request the rest of the resource. - This may be more bytes than remain, in which case it will be - converted into a request for the rest.*/ -static int op_http_conn_open_pos(OpusHTTPStream *_stream, - OpusHTTPConn *_conn,opus_int64 _pos,opus_int32 _chunk_size){ - struct timeb start_time; - struct timeb end_time; - opus_int32 connect_rate; - opus_int32 connect_time; - int ret; - ret=op_http_connect(_stream,_conn,&_stream->addr_info,&start_time); - if(OP_UNLIKELY(ret<0))return ret; - ret=op_http_conn_send_request(_stream,_conn,_pos,_chunk_size,0); - if(OP_UNLIKELY(ret<0))return ret; - ret=op_http_conn_handle_response(_stream,_conn); - if(OP_UNLIKELY(ret!=0))return OP_FALSE; - ftime(&end_time); - _stream->cur_conni=_conn-_stream->conns; - OP_ASSERT(_stream->cur_conni>=0&&_stream->cur_conni<OP_NCONNS_MAX); - /*The connection has been successfully opened. - Update the connection time estimate.*/ - connect_time=op_time_diff_ms(&end_time,&start_time); - connect_rate=_stream->connect_rate; - connect_rate+=OP_MAX(connect_time,1)-connect_rate+8>>4; - _stream->connect_rate=connect_rate; - return 0; -} - -/*Read data from the current response body. - If we're pipelining and we get close to the end of this response, queue - another request. - If we've reached the end of this response body, parse the next response and - keep going. - [out] _buf: Returns the data read. - _buf_size: The size of the buffer. - Return: A positive number of bytes read on success. - 0: The connection was closed. - OP_EREAD: There was a fatal read error.*/ -static int op_http_conn_read_body(OpusHTTPStream *_stream, - OpusHTTPConn *_conn,unsigned char *_buf,int _buf_size){ - opus_int64 pos; - opus_int64 end_pos; - opus_int64 next_pos; - opus_int64 content_length; - int nread; - int pipeline; - int ret; - /*Currently this function can only be called on the LRU head. - Otherwise, we'd need a _pnext pointer if we needed to close the connection, - and re-opening it would re-organize the lists.*/ - OP_ASSERT(_stream->lru_head==_conn); - /*We should have filtered out empty reads by this point.*/ - OP_ASSERT(_buf_size>0); - pos=_conn->pos; - end_pos=_conn->end_pos; - next_pos=_conn->next_pos; - pipeline=_stream->pipeline; - content_length=_stream->content_length; - if(end_pos>=0){ - /*Have we reached the end of the current response body?*/ - if(pos>=end_pos){ - OP_ASSERT(content_length>=0); - /*If this was the end of the stream, we're done. - Also return early if a non-blocking read was requested (regardless of - whether we might be able to parse the next response without - blocking).*/ - if(content_length<=end_pos)return 0; - /*Otherwise, start on the next response.*/ - if(next_pos<0){ - /*We haven't issued another request yet.*/ - if(!pipeline||_conn->nrequests_left<=0){ - /*There are two ways to get here: either the server told us it was - going to close the connection after the last request, or we - thought we were reading the whole resource, but it grew while we - were reading it. - The only way the latter could have happened is if content_length - changed while seeking. - Open a new request to read the rest.*/ - OP_ASSERT(_stream->seekable); - /*Try to open a new connection to read another chunk.*/ - op_http_conn_close(_stream,_conn,&_stream->lru_head,1); - /*If we're not pipelining, we should be requesting the rest.*/ - OP_ASSERT(pipeline||_conn->chunk_size==-1); - ret=op_http_conn_open_pos(_stream,_conn,end_pos,_conn->chunk_size); - if(OP_UNLIKELY(ret<0))return OP_EREAD; - } - else{ - /*Issue the request now (better late than never).*/ - ret=op_http_conn_send_request(_stream,_conn,pos,_conn->chunk_size,0); - if(OP_UNLIKELY(ret<0))return OP_EREAD; - next_pos=_conn->next_pos; - OP_ASSERT(next_pos>=0); - } - } - if(next_pos>=0){ - /*We shouldn't be trying to read past the current request body if we're - seeking somewhere else.*/ - OP_ASSERT(next_pos==end_pos); - ret=op_http_conn_handle_response(_stream,_conn); - if(OP_UNLIKELY(ret<0))return OP_EREAD; - if(OP_UNLIKELY(ret>0)&&pipeline){ - opus_int64 next_end; - next_end=_conn->next_end; - /*Our request timed out or the server closed the connection. - Try re-connecting.*/ - op_http_conn_close(_stream,_conn,&_stream->lru_head,1); - /*Unless there's a bug, we should be able to convert - (next_pos,next_end) into valid (_pos,_chunk_size) parameters.*/ - OP_ASSERT(next_end<0 - ||next_end-next_pos>=0&&next_end-next_pos<=OP_INT32_MAX); - ret=op_http_conn_open_pos(_stream,_conn,next_pos, - next_end<0?-1:(opus_int32)(next_end-next_pos)); - if(OP_UNLIKELY(ret<0))return OP_EREAD; - } - else if(OP_UNLIKELY(ret!=0))return OP_EREAD; - } - pos=_conn->pos; - end_pos=_conn->end_pos; - content_length=_stream->content_length; - } - OP_ASSERT(end_pos>pos); - _buf_size=OP_MIN(_buf_size,end_pos-pos); - } - nread=op_http_conn_read(_conn,(char *)_buf,_buf_size,1); - if(OP_UNLIKELY(nread<0))return nread; - pos+=nread; - _conn->pos=pos; - OP_ASSERT(end_pos<0||content_length>=0); - /*TODO: If nrequests_left<=0, we can't make a new request, and there will be - a big pause after we hit the end of the chunk while we open a new - connection. - It would be nice to be able to start that process now, but we have no way - to do it in the background without blocking (even if we could start it, we - have no guarantee the application will return control to us in a - sufficiently timely manner to allow us to complete it, and this is - uncommon enough that it's not worth using threads just for this).*/ - if(end_pos>=0&&end_pos<content_length&&next_pos<0 - &&pipeline&&OP_LIKELY(_conn->nrequests_left>0)){ - opus_int64 request_thresh; - opus_int32 chunk_size; - /*Are we getting close to the end of the current response body? - If so, we should request more data.*/ - request_thresh=_stream->connect_rate*_conn->read_rate>>12; - /*But don't commit ourselves too quickly.*/ - chunk_size=_conn->chunk_size; - if(chunk_size>=0)request_thresh=OP_MIN(chunk_size>>2,request_thresh); - if(end_pos-pos<request_thresh){ - ret=op_http_conn_send_request(_stream,_conn,end_pos,_conn->chunk_size,1); - if(OP_UNLIKELY(ret<0))return OP_EREAD; - } - } - return nread; -} - -static int op_http_stream_read(void *_stream, - unsigned char *_ptr,int _buf_size){ - OpusHTTPStream *stream; - ptrdiff_t nread; - opus_int64 size; - opus_int64 pos; - int ci; - stream=(OpusHTTPStream *)_stream; - /*Check for an empty read.*/ - if(_buf_size<=0)return 0; - ci=stream->cur_conni; - /*No current connection => EOF.*/ - if(ci<0)return 0; - pos=stream->conns[ci].pos; - size=stream->content_length; - /*Check for EOF.*/ - if(size>=0){ - if(pos>=size)return 0; - /*Check for a short read.*/ - if(_buf_size>size-pos)_buf_size=(int)(size-pos); - } - nread=op_http_conn_read_body(stream,stream->conns+ci,_ptr,_buf_size); - if(OP_UNLIKELY(nread<=0)){ - /*We hit an error or EOF. - Either way, we're done with this connection.*/ - op_http_conn_close(stream,stream->conns+ci,&stream->lru_head,1); - stream->cur_conni=-1; - stream->pos=pos; - } - return nread; -} - -/*Discard data until we reach the _target position. - This destroys the contents of _stream->response.buf, as we need somewhere to - read this data, and that is a convenient place. - _just_read_ahead: Whether or not this is a plain fast-forward. - If 0, we need to issue a new request for a chunk at _target - and discard all the data from our current request(s). - Otherwise, we should be able to reach _target without - issuing any new requests. - _target: The stream position to which to read ahead.*/ -static int op_http_conn_read_ahead(OpusHTTPStream *_stream, - OpusHTTPConn *_conn,int _just_read_ahead,opus_int64 _target){ - opus_int64 pos; - opus_int64 end_pos; - opus_int64 next_pos; - opus_int64 next_end; - ptrdiff_t nread; - int ret; - pos=_conn->pos; - end_pos=_conn->end_pos; - next_pos=_conn->next_pos; - next_end=_conn->next_end; - if(!_just_read_ahead){ - /*We need to issue a new pipelined request. - This is the only case where we allow more than one outstanding request - at a time, so we need to reset next_pos (we'll restore it below if we - did have an outstanding request).*/ - OP_ASSERT(_stream->pipeline); - _conn->next_pos=-1; - ret=op_http_conn_send_request(_stream,_conn,_target, - OP_PIPELINE_CHUNK_SIZE,0); - if(OP_UNLIKELY(ret<0))return ret; - } - /*We can reach the target position by reading forward in the current chunk.*/ - if(_just_read_ahead&&(end_pos<0||_target<end_pos))end_pos=_target; - else if(next_pos>=0){ - opus_int64 next_next_pos; - opus_int64 next_next_end; - /*We already have a request outstanding. - Finish off the current chunk.*/ - while(pos<end_pos){ - nread=op_http_conn_read(_conn,_stream->response.buf, - (int)OP_MIN(end_pos-pos,_stream->response.cbuf),1); - /*We failed to read ahead.*/ - if(nread<=0)return OP_FALSE; - pos+=nread; - } - OP_ASSERT(pos==end_pos); - if(_just_read_ahead){ - next_next_pos=next_next_end=-1; - end_pos=_target; - } - else{ - OP_ASSERT(_conn->next_pos==_target); - next_next_pos=_target; - next_next_end=_conn->next_end; - _conn->next_pos=next_pos; - _conn->next_end=next_end; - end_pos=next_end; - } - ret=op_http_conn_handle_response(_stream,_conn); - if(OP_UNLIKELY(ret!=0))return OP_FALSE; - _conn->next_pos=next_next_pos; - _conn->next_end=next_next_end; - } - while(pos<end_pos){ - nread=op_http_conn_read(_conn,_stream->response.buf, - (int)OP_MIN(end_pos-pos,_stream->response.cbuf),1); - /*We failed to read ahead.*/ - if(nread<=0)return OP_FALSE; - pos+=nread; - } - OP_ASSERT(pos==end_pos); - if(!_just_read_ahead){ - ret=op_http_conn_handle_response(_stream,_conn); - if(OP_UNLIKELY(ret!=0))return OP_FALSE; - } - else _conn->pos=end_pos; - OP_ASSERT(_conn->pos==_target); - return 0; -} - -static int op_http_stream_seek(void *_stream,opus_int64 _offset,int _whence){ - struct timeb seek_time; - OpusHTTPStream *stream; - OpusHTTPConn *conn; - OpusHTTPConn **pnext; - OpusHTTPConn *close_conn; - OpusHTTPConn **close_pnext; - opus_int64 content_length; - opus_int64 pos; - int pipeline; - int ci; - int ret; - stream=(OpusHTTPStream *)_stream; - if(!stream->seekable)return -1; - content_length=stream->content_length; - /*If we're seekable, we should have gotten a Content-Length.*/ - OP_ASSERT(content_length>=0); - ci=stream->cur_conni; - pos=ci<0?content_length:stream->conns[ci].pos; - switch(_whence){ - case SEEK_SET:{ - /*Check for overflow:*/ - if(_offset<0)return -1; - pos=_offset; - }break; - case SEEK_CUR:{ - /*Check for overflow:*/ - if(_offset<-pos||_offset>OP_INT64_MAX-pos)return -1; - pos+=_offset; - }break; - case SEEK_END:{ - /*Check for overflow:*/ - if(_offset>content_length||_offset<content_length-OP_INT64_MAX)return -1; - pos=content_length-_offset; - }break; - default:return -1; - } - /*Mark when we deactivated the active connection.*/ - if(ci>=0){ - op_http_conn_read_rate_update(stream->conns+ci); - *&seek_time=*&stream->conns[ci].read_time; - } - else ftime(&seek_time); - /*If we seeked past the end of the stream, just disable the active - connection.*/ - if(pos>=content_length){ - stream->cur_conni=-1; - stream->pos=pos; - return 0; - } - /*First try to find a connection we can use without waiting.*/ - pnext=&stream->lru_head; - conn=stream->lru_head; - while(conn!=NULL){ - opus_int64 conn_pos; - opus_int64 end_pos; - int available; - /*If this connection has been dormant too long or has made too many - requests, close it. - This is to prevent us from hitting server limits/firewall timeouts.*/ - if(op_time_diff_ms(&seek_time,&conn->read_time)> - OP_CONNECTION_IDLE_TIMEOUT_MS - ||conn->nrequests_left<OP_PIPELINE_MIN_REQUESTS){ - op_http_conn_close(stream,conn,pnext,1); - conn=*pnext; - continue; - } - available=op_http_conn_estimate_available(conn); - conn_pos=conn->pos; - end_pos=conn->end_pos; - if(conn->next_pos>=0){ - OP_ASSERT(end_pos>=0); - OP_ASSERT(conn->next_pos==end_pos); - end_pos=conn->next_end; - } - OP_ASSERT(end_pos<0||conn_pos<=end_pos); - /*Can we quickly read ahead without issuing a new request or waiting for - any more data? - If we have an oustanding request, we'll over-estimate the amount of data - it has available (because we'll count the response headers, too), but - that probably doesn't matter.*/ - if(conn_pos<=pos&&pos-conn_pos<=available&&(end_pos<0||pos<end_pos)){ - /*Found a suitable connection to re-use.*/ - ret=op_http_conn_read_ahead(stream,conn,1,pos); - if(OP_UNLIKELY(ret<0)){ - /*The connection might have become stale, so close it and keep going.*/ - op_http_conn_close(stream,conn,pnext,1); - conn=*pnext; - continue; - } - /*Sucessfully resurrected this connection.*/ - *pnext=conn->next; - conn->next=stream->lru_head; - stream->lru_head=conn; - stream->cur_conni=conn-stream->conns; - return 0; - } - pnext=&conn->next; - conn=conn->next; - } - /*Chances are that didn't work, so now try to find one we can use by reading - ahead a reasonable amount and/or by issuing a new request.*/ - close_pnext=NULL; - close_conn=NULL; - pnext=&stream->lru_head; - conn=stream->lru_head; - pipeline=stream->pipeline; - while(conn!=NULL){ - opus_int64 conn_pos; - opus_int64 end_pos; - opus_int64 read_ahead_thresh; - int available; - int just_read_ahead; - /*Dividing by 2048 instead of 1000 scales this by nearly 1/2, biasing away - from connection re-use (and roughly compensating for the lag required to - reopen the TCP window of a connection that's been idle). - There's no overflow checking here, because it's vanishingly unlikely, and - all it would do is cause us to make poor decisions.*/ - read_ahead_thresh=OP_MAX(OP_READAHEAD_THRESH_MIN, - stream->connect_rate*conn->read_rate>>11); - available=op_http_conn_estimate_available(conn); - conn_pos=conn->pos; - end_pos=conn->end_pos; - if(conn->next_pos>=0){ - OP_ASSERT(end_pos>=0); - OP_ASSERT(conn->next_pos==end_pos); - end_pos=conn->next_end; - } - OP_ASSERT(end_pos<0||conn_pos<=end_pos); - /*Can we quickly read ahead without issuing a new request?*/ - just_read_ahead=conn_pos<=pos&&pos-conn_pos-available<=read_ahead_thresh - &&(end_pos<0||pos<end_pos); - if(just_read_ahead||pipeline&&end_pos>=0 - &&end_pos-conn_pos-available<=read_ahead_thresh){ - /*Found a suitable connection to re-use.*/ - ret=op_http_conn_read_ahead(stream,conn,just_read_ahead,pos); - if(OP_UNLIKELY(ret<0)){ - /*The connection might have become stale, so close it and keep going.*/ - op_http_conn_close(stream,conn,pnext,1); - conn=*pnext; - continue; - } - /*Sucessfully resurrected this connection.*/ - *pnext=conn->next; - conn->next=stream->lru_head; - stream->lru_head=conn; - stream->cur_conni=conn-stream->conns; - return 0; - } - close_pnext=pnext; - close_conn=conn; - pnext=&conn->next; - conn=conn->next; - } - /*No suitable connections. - Open a new one.*/ - if(stream->free_head==NULL){ - /*All connections in use. - Expire one of them (we should have already picked which one when scanning - the list).*/ - OP_ASSERT(close_conn!=NULL); - OP_ASSERT(close_pnext!=NULL); - op_http_conn_close(stream,close_conn,close_pnext,1); - } - OP_ASSERT(stream->free_head!=NULL); - conn=stream->free_head; - /*If we can pipeline, only request a chunk of data. - If we're seeking now, there's a good chance we will want to seek again - soon, and this avoids committing this connection to reading the rest of - the stream. - Particularly with SSL or proxies, issuing a new request on the same - connection can be substantially faster than opening a new one. - This also limits the amount of data the server will blast at us on this - connection if we later seek elsewhere and start reading from a different - connection.*/ - ret=op_http_conn_open_pos(stream,conn,pos, - pipeline?OP_PIPELINE_CHUNK_SIZE:-1); - if(OP_UNLIKELY(ret<0)){ - op_http_conn_close(stream,conn,&stream->lru_head,1); - return -1; - } - return 0; -} - -static opus_int64 op_http_stream_tell(void *_stream){ - OpusHTTPStream *stream; - int ci; - stream=(OpusHTTPStream *)_stream; - ci=stream->cur_conni; - return ci<0?stream->pos:stream->conns[ci].pos; -} - -static int op_http_stream_close(void *_stream){ - OpusHTTPStream *stream; - stream=(OpusHTTPStream *)_stream; - if(OP_LIKELY(stream!=NULL)){ - op_http_stream_clear(stream); - _ogg_free(stream); - } - return 0; -} - -static const OpusFileCallbacks OP_HTTP_CALLBACKS={ - op_http_stream_read, - op_http_stream_seek, - op_http_stream_tell, - op_http_stream_close -}; -#endif - -void opus_server_info_init(OpusServerInfo *_info){ - _info->name=NULL; - _info->description=NULL; - _info->genre=NULL; - _info->url=NULL; - _info->server=NULL; - _info->content_type=NULL; - _info->bitrate_kbps=-1; - _info->is_public=-1; - _info->is_ssl=0; -} - -void opus_server_info_clear(OpusServerInfo *_info){ - _ogg_free(_info->content_type); - _ogg_free(_info->server); - _ogg_free(_info->url); - _ogg_free(_info->genre); - _ogg_free(_info->description); - _ogg_free(_info->name); -} - -/*The actual URL stream creation function. - This one isn't extensible like the application-level interface, but because - it isn't public, we're free to change it in the future.*/ -static void *op_url_stream_create_impl(OpusFileCallbacks *_cb,const char *_url, - int _skip_certificate_check,const char *_proxy_host,unsigned _proxy_port, - const char *_proxy_user,const char *_proxy_pass,OpusServerInfo *_info){ - const char *path; - /*Check to see if this is a valid file: URL.*/ - path=op_parse_file_url(_url); - if(path!=NULL){ - char *unescaped_path; - void *ret; - unescaped_path=op_string_dup(path); - if(OP_UNLIKELY(unescaped_path==NULL))return NULL; - ret=op_fopen(_cb,op_unescape_url_component(unescaped_path),"rb"); - _ogg_free(unescaped_path); - return ret; - } -#if defined(OP_ENABLE_HTTP) - /*If not, try http/https.*/ - else{ - OpusHTTPStream *stream; - int ret; - stream=(OpusHTTPStream *)_ogg_malloc(sizeof(*stream)); - if(OP_UNLIKELY(stream==NULL))return NULL; - op_http_stream_init(stream); - ret=op_http_stream_open(stream,_url,_skip_certificate_check, - _proxy_host,_proxy_port,_proxy_user,_proxy_pass,_info); - if(OP_UNLIKELY(ret<0)){ - op_http_stream_clear(stream); - _ogg_free(stream); - return NULL; - } - *_cb=*&OP_HTTP_CALLBACKS; - return stream; - } -#else - (void)_skip_certificate_check; - (void)_proxy_host; - (void)_proxy_port; - (void)_proxy_user; - (void)_proxy_pass; - (void)_info; - return NULL; -#endif -} - -/*The actual implementation of op_url_stream_vcreate(). - We have to do a careful dance here to avoid potential memory leaks if - OpusServerInfo is requested, since this function is also used by - op_vopen_url() and op_vtest_url(). - Even if this function succeeds, those functions might ultimately fail. - If they do, they should return without having touched the OpusServerInfo - passed by the application. - Therefore, if this function succeeds and OpusServerInfo is requested, the - actual info will be stored in *_info and a pointer to the application's - storage will be placed in *_pinfo. - If this function fails or if the application did not request OpusServerInfo, - *_pinfo will be NULL. - Our caller is responsible for copying *_info to **_pinfo if it ultimately - succeeds, or for clearing *_info if it ultimately fails.*/ -void *op_url_stream_vcreate_impl(OpusFileCallbacks *_cb, - const char *_url,OpusServerInfo *_info,OpusServerInfo **_pinfo,va_list _ap){ - int skip_certificate_check; - const char *proxy_host; - opus_int32 proxy_port; - const char *proxy_user; - const char *proxy_pass; - OpusServerInfo *pinfo; - skip_certificate_check=0; - proxy_host=NULL; - proxy_port=8080; - proxy_user=NULL; - proxy_pass=NULL; - pinfo=NULL; - for(;;){ - ptrdiff_t request; - request=va_arg(_ap,char *)-(char *)NULL; - /*If we hit NULL, we're done processing options.*/ - if(!request)break; - switch(request){ - case OP_SSL_SKIP_CERTIFICATE_CHECK_REQUEST:{ - skip_certificate_check=!!va_arg(_ap,opus_int32); - }break; - case OP_HTTP_PROXY_HOST_REQUEST:{ - proxy_host=va_arg(_ap,const char *); - }break; - case OP_HTTP_PROXY_PORT_REQUEST:{ - proxy_port=va_arg(_ap,opus_int32); - if(proxy_port<0||proxy_port>(opus_int32)65535)return NULL; - }break; - case OP_HTTP_PROXY_USER_REQUEST:{ - proxy_user=va_arg(_ap,const char *); - }break; - case OP_HTTP_PROXY_PASS_REQUEST:{ - proxy_pass=va_arg(_ap,const char *); - }break; - case OP_GET_SERVER_INFO_REQUEST:{ - pinfo=va_arg(_ap,OpusServerInfo *); - }break; - /*Some unknown option.*/ - default:return NULL; - } - } - /*If the caller has requested server information, proxy it to a local copy to - simplify error handling.*/ - *_pinfo=NULL; - if(pinfo!=NULL){ - void *ret; - opus_server_info_init(_info); - ret=op_url_stream_create_impl(_cb,_url,skip_certificate_check, - proxy_host,proxy_port,proxy_user,proxy_pass,_info); - if(ret!=NULL)*_pinfo=pinfo; - else opus_server_info_clear(_info); - return ret; - } - return op_url_stream_create_impl(_cb,_url,skip_certificate_check, - proxy_host,proxy_port,proxy_user,proxy_pass,NULL); -} - -void *op_url_stream_vcreate(OpusFileCallbacks *_cb, - const char *_url,va_list _ap){ - OpusServerInfo info; - OpusServerInfo *pinfo; - void *ret; - ret=op_url_stream_vcreate_impl(_cb,_url,&info,&pinfo,_ap); - if(pinfo!=NULL)*pinfo=*&info; - return ret; -} - -void *op_url_stream_create(OpusFileCallbacks *_cb, - const char *_url,...){ - va_list ap; - void *ret; - va_start(ap,_url); - ret=op_url_stream_vcreate(_cb,_url,ap); - va_end(ap); - return ret; -} - -/*Convenience routines to open/test URLs in a single step.*/ - -OggOpusFile *op_vopen_url(const char *_url,int *_error,va_list _ap){ - OpusFileCallbacks cb; - OggOpusFile *of; - OpusServerInfo info; - OpusServerInfo *pinfo; - void *source; - source=op_url_stream_vcreate_impl(&cb,_url,&info,&pinfo,_ap); - if(OP_UNLIKELY(source==NULL)){ - OP_ASSERT(pinfo==NULL); - if(_error!=NULL)*_error=OP_EFAULT; - return NULL; - } - of=op_open_callbacks(source,&cb,NULL,0,_error); - if(OP_UNLIKELY(of==NULL)){ - if(pinfo!=NULL)opus_server_info_clear(&info); - (*cb.close)(source); - } - else if(pinfo!=NULL)*pinfo=*&info; - return of; -} - -OggOpusFile *op_open_url(const char *_url,int *_error,...){ - OggOpusFile *ret; - va_list ap; - va_start(ap,_error); - ret=op_vopen_url(_url,_error,ap); - va_end(ap); - return ret; -} - -OggOpusFile *op_vtest_url(const char *_url,int *_error,va_list _ap){ - OpusFileCallbacks cb; - OggOpusFile *of; - OpusServerInfo info; - OpusServerInfo *pinfo; - void *source; - source=op_url_stream_vcreate_impl(&cb,_url,&info,&pinfo,_ap); - if(OP_UNLIKELY(source==NULL)){ - OP_ASSERT(pinfo==NULL); - if(_error!=NULL)*_error=OP_EFAULT; - return NULL; - } - of=op_test_callbacks(source,&cb,NULL,0,_error); - if(OP_UNLIKELY(of==NULL)){ - if(pinfo!=NULL)opus_server_info_clear(&info); - (*cb.close)(source); - } - else if(pinfo!=NULL)*pinfo=*&info; - return of; -} - -OggOpusFile *op_test_url(const char *_url,int *_error,...){ - OggOpusFile *ret; - va_list ap; - va_start(ap,_error); - ret=op_vtest_url(_url,_error,ap); - va_end(ap); - return ret; -} diff --git a/thirdparty/opus/wincerts.c b/thirdparty/opus/wincerts.c deleted file mode 100644 index b0e35aa352..0000000000 --- a/thirdparty/opus/wincerts.c +++ /dev/null @@ -1,171 +0,0 @@ -/******************************************************************** - * * - * THIS FILE IS PART OF THE libopusfile SOFTWARE CODEC SOURCE CODE. * - * USE, DISTRIBUTION AND REPRODUCTION OF THIS LIBRARY SOURCE IS * - * GOVERNED BY A BSD-STYLE SOURCE LICENSE INCLUDED WITH THIS SOURCE * - * IN 'COPYING'. PLEASE READ THESE TERMS BEFORE DISTRIBUTING. * - * * - * THE libopusfile SOURCE CODE IS (C) COPYRIGHT 2013 * - * by the Xiph.Org Foundation and contributors http://www.xiph.org/ * - * * - ********************************************************************/ - -/*This should really be part of OpenSSL, but there's been a patch [1] sitting - in their bugtracker for over two years that implements this, without any - action, so I'm giving up and re-implementing it locally. - - [1] <http://rt.openssl.org/Ticket/Display.html?id=2158>*/ - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#include "internal.h" -#if defined(OP_ENABLE_HTTP)&&defined(_WIN32) -/*You must include windows.h before wincrypt.h and x509.h.*/ -# define WIN32_LEAN_AND_MEAN -# define WIN32_EXTRA_LEAN -# include <windows.h> -/*You must include wincrypt.h before x509.h, too, or X509_NAME doesn't get - defined properly.*/ -# include <wincrypt.h> -# include <openssl/ssl.h> -# include <openssl/err.h> -# include <openssl/x509.h> - -static int op_capi_new(X509_LOOKUP *_lu){ - HCERTSTORE h_store; - h_store=CertOpenStore(CERT_STORE_PROV_SYSTEM_A,0,0, - CERT_STORE_OPEN_EXISTING_FLAG|CERT_STORE_READONLY_FLAG| - CERT_SYSTEM_STORE_CURRENT_USER|CERT_STORE_SHARE_CONTEXT_FLAG,"ROOT"); - if(h_store!=NULL){ - _lu->method_data=(char *)h_store; - return 1; - } - return 0; -} - -static void op_capi_free(X509_LOOKUP *_lu){ - HCERTSTORE h_store; - h_store=(HCERTSTORE)_lu->method_data; -# if defined(OP_ENABLE_ASSERTIONS) - OP_ALWAYS_TRUE(CertCloseStore(h_store,CERT_CLOSE_STORE_CHECK_FLAG)); -# else - CertCloseStore(h_store,0); -# endif -} - -static int op_capi_retrieve_by_subject(X509_LOOKUP *_lu,int _type, - X509_NAME *_name,X509_OBJECT *_ret){ - X509_OBJECT *obj; - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); - obj=X509_OBJECT_retrieve_by_subject(_lu->store_ctx->objs,_type,_name); - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - if(obj!=NULL){ - _ret->type=obj->type; - memcpy(&_ret->data,&obj->data,sizeof(_ret->data)); - return 1; - } - return 0; -} - -static int op_capi_get_by_subject(X509_LOOKUP *_lu,int _type,X509_NAME *_name, - X509_OBJECT *_ret){ - HCERTSTORE h_store; - if(_name==NULL)return 0; - if(_name->bytes==NULL||_name->bytes->length<=0||_name->modified){ - if(i2d_X509_NAME(_name,NULL)<0)return 0; - OP_ASSERT(_name->bytes->length>0); - } - h_store=(HCERTSTORE)_lu->method_data; - switch(_type){ - case X509_LU_X509:{ - CERT_NAME_BLOB find_para; - PCCERT_CONTEXT cert; - X509 *x; - int ret; - /*Although X509_NAME contains a canon_enc field, that "canonical" [1] - encoding was just made up by OpenSSL. - It doesn't correspond to any actual standard, and since it drops the - initial sequence header, won't be recognized by the Crypto API. - The assumption here is that CertFindCertificateInStore() will allow any - appropriate variations in the encoding when it does its comparison. - This is, however, emphatically not true under Wine, which just compares - the encodings with memcmp(). - Most of the time things work anyway, though, and there isn't really - anything we can do to make the situation better. - - [1] A "canonical form" is defined as the one where, if you locked 10 - mathematicians in a room and asked them to come up with a - representation for something, it's the answer that 9 of them would - give you back. - I don't think OpenSSL's encoding qualifies.*/ - find_para.cbData=_name->bytes->length; - find_para.pbData=(unsigned char *)_name->bytes->data; - cert=CertFindCertificateInStore(h_store,X509_ASN_ENCODING,0, - CERT_FIND_SUBJECT_NAME,&find_para,NULL); - if(cert==NULL)return 0; - x=d2i_X509(NULL,(const unsigned char **)&cert->pbCertEncoded, - cert->cbCertEncoded); - CertFreeCertificateContext(cert); - if(x==NULL)return 0; - ret=X509_STORE_add_cert(_lu->store_ctx,x); - X509_free(x); - if(ret)return op_capi_retrieve_by_subject(_lu,_type,_name,_ret); - }break; - case X509_LU_CRL:{ - CERT_INFO cert_info; - CERT_CONTEXT find_para; - PCCRL_CONTEXT crl; - X509_CRL *x; - int ret; - ret=op_capi_retrieve_by_subject(_lu,_type,_name,_ret); - if(ret>0)return ret; - memset(&cert_info,0,sizeof(cert_info)); - cert_info.Issuer.cbData=_name->bytes->length; - cert_info.Issuer.pbData=(unsigned char *)_name->bytes->data; - memset(&find_para,0,sizeof(find_para)); - find_para.pCertInfo=&cert_info; - crl=CertFindCRLInStore(h_store,0,0,CRL_FIND_ISSUED_BY,&find_para,NULL); - if(crl==NULL)return 0; - x=d2i_X509_CRL(NULL,(const unsigned char **)&crl->pbCrlEncoded, - crl->cbCrlEncoded); - CertFreeCRLContext(crl); - if(x==NULL)return 0; - ret=X509_STORE_add_crl(_lu->store_ctx,x); - X509_CRL_free(x); - if(ret)return op_capi_retrieve_by_subject(_lu,_type,_name,_ret); - }break; - } - return 0; -} - -/*This is not const because OpenSSL doesn't allow it, even though it won't - write to it.*/ -static X509_LOOKUP_METHOD X509_LOOKUP_CAPI={ - "Load Crypto API store into cache", - op_capi_new, - op_capi_free, - NULL, - NULL, - NULL, - op_capi_get_by_subject, - NULL, - NULL, - NULL -}; - -int SSL_CTX_set_default_verify_paths_win32(SSL_CTX *_ssl_ctx){ - X509_STORE *store; - X509_LOOKUP *lu; - /*We intentionally do not add the normal default paths, as they are usually - wrong, and are just asking to be used as an exploit vector.*/ - store=SSL_CTX_get_cert_store(_ssl_ctx); - OP_ASSERT(store!=NULL); - lu=X509_STORE_add_lookup(store,&X509_LOOKUP_CAPI); - if(lu==NULL)return 0; - ERR_clear_error(); - return 1; -} - -#endif diff --git a/thirdparty/opus/winerrno.h b/thirdparty/opus/winerrno.h deleted file mode 100644 index 32a90b4ee1..0000000000 --- a/thirdparty/opus/winerrno.h +++ /dev/null @@ -1,90 +0,0 @@ -/******************************************************************** - * * - * THIS FILE IS PART OF THE libopusfile SOFTWARE CODEC SOURCE CODE. * - * USE, DISTRIBUTION AND REPRODUCTION OF THIS LIBRARY SOURCE IS * - * GOVERNED BY A BSD-STYLE SOURCE LICENSE INCLUDED WITH THIS SOURCE * - * IN 'COPYING'. PLEASE READ THESE TERMS BEFORE DISTRIBUTING. * - * * - * THE libopusfile SOURCE CODE IS (C) COPYRIGHT 2012 * - * by the Xiph.Org Foundation and contributors http://www.xiph.org/ * - * * - ********************************************************************/ -#if !defined(_opusfile_winerrno_h) -# define _opusfile_winerrno_h (1) - -# include <errno.h> -# include <winerror.h> - -/*These conflict with the MSVC errno.h definitions, but we don't need to use - the original ones in any file that deals with sockets. - We could map the WSA errors to the errno.h ones (most of which are only - available on sufficiently new versions of MSVC), but they aren't ordered the - same, and given how rarely we actually look at the values, I don't think - it's worth a lookup table.*/ -# undef EWOULDBLOCK -# undef EINPROGRESS -# undef EALREADY -# undef ENOTSOCK -# undef EDESTADDRREQ -# undef EMSGSIZE -# undef EPROTOTYPE -# undef ENOPROTOOPT -# undef EPROTONOSUPPORT -# undef EOPNOTSUPP -# undef EAFNOSUPPORT -# undef EADDRINUSE -# undef EADDRNOTAVAIL -# undef ENETDOWN -# undef ENETUNREACH -# undef ENETRESET -# undef ECONNABORTED -# undef ECONNRESET -# undef ENOBUFS -# undef EISCONN -# undef ENOTCONN -# undef ETIMEDOUT -# undef ECONNREFUSED -# undef ELOOP -# undef ENAMETOOLONG -# undef EHOSTUNREACH -# undef ENOTEMPTY - -# define EWOULDBLOCK (WSAEWOULDBLOCK-WSABASEERR) -# define EINPROGRESS (WSAEINPROGRESS-WSABASEERR) -# define EALREADY (WSAEALREADY-WSABASEERR) -# define ENOTSOCK (WSAENOTSOCK-WSABASEERR) -# define EDESTADDRREQ (WSAEDESTADDRREQ-WSABASEERR) -# define EMSGSIZE (WSAEMSGSIZE-WSABASEERR) -# define EPROTOTYPE (WSAEPROTOTYPE-WSABASEERR) -# define ENOPROTOOPT (WSAENOPROTOOPT-WSABASEERR) -# define EPROTONOSUPPORT (WSAEPROTONOSUPPORT-WSABASEERR) -# define ESOCKTNOSUPPORT (WSAESOCKTNOSUPPORT-WSABASEERR) -# define EOPNOTSUPP (WSAEOPNOTSUPP-WSABASEERR) -# define EPFNOSUPPORT (WSAEPFNOSUPPORT-WSABASEERR) -# define EAFNOSUPPORT (WSAEAFNOSUPPORT-WSABASEERR) -# define EADDRINUSE (WSAEADDRINUSE-WSABASEERR) -# define EADDRNOTAVAIL (WSAEADDRNOTAVAIL-WSABASEERR) -# define ENETDOWN (WSAENETDOWN-WSABASEERR) -# define ENETUNREACH (WSAENETUNREACH-WSABASEERR) -# define ENETRESET (WSAENETRESET-WSABASEERR) -# define ECONNABORTED (WSAECONNABORTED-WSABASEERR) -# define ECONNRESET (WSAECONNRESET-WSABASEERR) -# define ENOBUFS (WSAENOBUFS-WSABASEERR) -# define EISCONN (WSAEISCONN-WSABASEERR) -# define ENOTCONN (WSAENOTCONN-WSABASEERR) -# define ESHUTDOWN (WSAESHUTDOWN-WSABASEERR) -# define ETOOMANYREFS (WSAETOOMANYREFS-WSABASEERR) -# define ETIMEDOUT (WSAETIMEDOUT-WSABASEERR) -# define ECONNREFUSED (WSAECONNREFUSED-WSABASEERR) -# define ELOOP (WSAELOOP-WSABASEERR) -# define ENAMETOOLONG (WSAENAMETOOLONG-WSABASEERR) -# define EHOSTDOWN (WSAEHOSTDOWN-WSABASEERR) -# define EHOSTUNREACH (WSAEHOSTUNREACH-WSABASEERR) -# define ENOTEMPTY (WSAENOTEMPTY-WSABASEERR) -# define EPROCLIM (WSAEPROCLIM-WSABASEERR) -# define EUSERS (WSAEUSERS-WSABASEERR) -# define EDQUOT (WSAEDQUOT-WSABASEERR) -# define ESTALE (WSAESTALE-WSABASEERR) -# define EREMOTE (WSAEREMOTE-WSABASEERR) - -#endif diff --git a/thirdparty/pcre2/LICENCE b/thirdparty/pcre2/LICENCE index bfe3c8d528..b0f8804fff 100644 --- a/thirdparty/pcre2/LICENCE +++ b/thirdparty/pcre2/LICENCE @@ -4,11 +4,11 @@ PCRE2 LICENCE PCRE2 is a library of functions to support regular expressions whose syntax and semantics are as close as possible to those of the Perl 5 language. -Release 10 of PCRE2 is distributed under the terms of the "BSD" licence, as -specified below, with one exemption for certain binary redistributions. The -documentation for PCRE2, supplied in the "doc" directory, is distributed under -the same terms as the software itself. The data in the testdata directory is -not copyrighted and is in the public domain. +Releases 10.00 and above of PCRE2 are distributed under the terms of the "BSD" +licence, as specified below, with one exemption for certain binary +redistributions. The documentation for PCRE2, supplied in the "doc" directory, +is distributed under the same terms as the software itself. The data in the +testdata directory is not copyrighted and is in the public domain. The basic library functions are written in C and are freestanding. Also included in the distribution is a just-in-time compiler that can be used to @@ -35,7 +35,7 @@ PCRE2 JUST-IN-TIME COMPILATION SUPPORT Written by: Zoltan Herczeg Email local part: hzmester -Emain domain: freemail.hu +Email domain: freemail.hu Copyright(c) 2010-2018 Zoltan Herczeg All rights reserved. @@ -46,7 +46,7 @@ STACK-LESS JUST-IN-TIME COMPILER Written by: Zoltan Herczeg Email local part: hzmester -Emain domain: freemail.hu +Email domain: freemail.hu Copyright(c) 2009-2018 Zoltan Herczeg All rights reserved. diff --git a/thirdparty/pcre2/src/config.h b/thirdparty/pcre2/src/config.h index f738616714..89a52ef848 100644 --- a/thirdparty/pcre2/src/config.h +++ b/thirdparty/pcre2/src/config.h @@ -18,10 +18,10 @@ to set the macro values. In this case, you do not have to set -DHAVE_CONFIG_H, but if you do, default values will be taken from config.h for non-boolean macros that are not defined on the command line. -Boolean macros such as HAVE_STDLIB_H and SUPPORT_PCRE2_8 should either be defined -(conventionally to 1) for TRUE, and not defined at all for FALSE. All such -macros are listed as a commented #undef in config.h.generic. Macros such as -MATCH_LIMIT, whose actual value is relevant, have defaults defined, but are +Boolean macros such as HAVE_STDLIB_H and SUPPORT_PCRE2_8 should either be +defined (conventionally to 1) for TRUE, and not defined at all for FALSE. All +such macros are listed as a commented #undef in config.h.generic. Macros such +as MATCH_LIMIT, whose actual value is relevant, have defaults defined, but are surrounded by #ifndef/#endif lines so that the value can be overridden by -D. PCRE2 uses memmove() if HAVE_MEMMOVE is defined; otherwise it uses bcopy() if @@ -132,17 +132,18 @@ sure both macros are undefined; an emulation function will then be used. */ /* Define to 1 if you have the <zlib.h> header file. */ /* #undef HAVE_ZLIB_H */ -/* This limits the amount of memory that pcre2_match() may use while matching - a pattern. The value is in kilobytes. */ +/* This limits the amount of memory that may be used while matching a pattern. + It applies to both pcre2_match() and pcre2_dfa_match(). It does not apply + to JIT matching. The value is in kibibytes (units of 1024 bytes). */ #ifndef HEAP_LIMIT #define HEAP_LIMIT 20000000 #endif /* The value of LINK_SIZE determines the number of bytes used to store links as offsets within the compiled regex. The default is 2, which allows for - compiled patterns up to 64K long. This covers the vast majority of cases. - However, PCRE2 can also be compiled to use 3 or 4 bytes instead. This - allows for longer patterns in extreme cases. */ + compiled patterns up to 65535 code units long. This covers the vast + majority of cases. However, PCRE2 can also be compiled to use 3 or 4 bytes + instead. This allows for longer patterns in extreme cases. */ #ifndef LINK_SIZE #define LINK_SIZE 2 #endif @@ -155,7 +156,8 @@ sure both macros are undefined; an emulation function will then be used. */ /* The value of MATCH_LIMIT determines the default number of times the pcre2_match() function can record a backtrack position during a single - matching attempt. There is a runtime interface for setting a different + matching attempt. The value is also used to limit a loop counter in + pcre2_dfa_match(). There is a runtime interface for setting a different limit. The limit exists in order to catch runaway regular expressions that take for ever to determine that they do not match. The default is set very large so that it does not accidentally catch legitimate cases. */ @@ -170,7 +172,9 @@ sure both macros are undefined; an emulation function will then be used. */ MATCH_LIMIT_DEPTH provides this facility. To have any useful effect, it must be less than the value of MATCH_LIMIT. The default is to use the same value as MATCH_LIMIT. There is a runtime method for setting a different - limit. */ + limit. In the case of pcre2_dfa_match(), this limit controls the depth of + the internal nested function calls that are used for pattern recursions, + lookarounds, and atomic groups. */ #ifndef MATCH_LIMIT_DEPTH #define MATCH_LIMIT_DEPTH MATCH_LIMIT #endif @@ -210,7 +214,7 @@ sure both macros are undefined; an emulation function will then be used. */ #define PACKAGE_NAME "PCRE2" /* Define to the full name and version of this package. */ -#define PACKAGE_STRING "PCRE2 10.31" +#define PACKAGE_STRING "PCRE2 10.32" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "pcre2" @@ -219,7 +223,7 @@ sure both macros are undefined; an emulation function will then be used. */ #define PACKAGE_URL "" /* Define to the version of this package. */ -#define PACKAGE_VERSION "10.31" +#define PACKAGE_VERSION "10.32" /* The value of PARENS_NEST_LIMIT specifies the maximum depth of nested parentheses (of any kind) in a pattern. This limits the amount of system @@ -339,7 +343,7 @@ sure both macros are undefined; an emulation function will then be used. */ #endif /* Version number of package */ -#define VERSION "10.31" +#define VERSION "10.32" /* Define to 1 if on MINIX. */ /* #undef _MINIX */ diff --git a/thirdparty/pcre2/src/pcre2.h b/thirdparty/pcre2/src/pcre2.h index fffcc307d0..3d2feb7a6b 100644 --- a/thirdparty/pcre2/src/pcre2.h +++ b/thirdparty/pcre2/src/pcre2.h @@ -5,7 +5,7 @@ /* This is the public header file for the PCRE library, second API, to be #included by applications that call PCRE2 functions. - Copyright (c) 2016-2017 University of Cambridge + Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -41,10 +41,16 @@ POSSIBILITY OF SUCH DAMAGE. /* The current PCRE version information. */ -#define PCRE2_MAJOR 10 -#define PCRE2_MINOR 31 -#define PCRE2_PRERELEASE -#define PCRE2_DATE 2018-02-12 +#define PCRE2_MAJOR 10 +#define PCRE2_MINOR 32 +#define PCRE2_PRERELEASE +#define PCRE2_DATE 2018-09-10 + +/* For the benefit of systems without stdint.h, an alternative is to use +inttypes.h. The existence of these headers is checked by configure or CMake. */ + +#define PCRE2_HAVE_STDINT_H 1 +#define PCRE2_HAVE_INTTYPES_H 1 /* When an application links to a PCRE DLL in Windows, the symbols that are imported have to be identified as such. When building PCRE2, the appropriate @@ -81,12 +87,18 @@ set, we ensure here that it has no effect. */ #define PCRE2_CALL_CONVENTION #endif -/* Have to include limits.h, stdlib.h and stdint.h to ensure that size_t and -uint8_t, UCHAR_MAX, etc are defined. */ +/* Have to include limits.h, stdlib.h and stdint.h (or inttypes.h) to ensure +that size_t and uint8_t, UCHAR_MAX, etc are defined. If the system has neither +header, the relevant values must be provided by some other means. */ #include <limits.h> #include <stdlib.h> + +#if PCRE2_HAVE_STDINT_H #include <stdint.h> +#elif PCRE2_HAVE_INTTYPES_H +#include <inttypes.h> +#endif /* Allow for C++ users compiling this directly. */ @@ -269,6 +281,7 @@ pcre2_pattern_convert(). */ #define PCRE2_ERROR_INTERNAL_UNKNOWN_NEWLINE 156 #define PCRE2_ERROR_BACKSLASH_G_SYNTAX 157 #define PCRE2_ERROR_PARENS_QUERY_R_MISSING_CLOSING 158 +/* Error 159 is obsolete and should now never occur */ #define PCRE2_ERROR_VERB_ARGUMENT_NOT_ALLOWED 159 #define PCRE2_ERROR_VERB_UNKNOWN 160 #define PCRE2_ERROR_SUBPATTERN_NUMBER_TOO_BIG 161 @@ -303,6 +316,8 @@ pcre2_pattern_convert(). */ #define PCRE2_ERROR_INTERNAL_BAD_CODE_IN_SKIP 190 #define PCRE2_ERROR_NO_SURROGATES_IN_UTF16 191 #define PCRE2_ERROR_BAD_LITERAL_OPTIONS 192 +#define PCRE2_ERROR_SUPPORTED_ONLY_IN_UNICODE 193 +#define PCRE2_ERROR_INVALID_HYPHEN_IN_OPTIONS 194 /* "Expected" matching error codes: no match and partial match. */ @@ -387,6 +402,7 @@ released, the numbers must not be changed. */ #define PCRE2_ERROR_BADSERIALIZEDDATA (-62) #define PCRE2_ERROR_HEAPLIMIT (-63) #define PCRE2_ERROR_CONVERT_SYNTAX (-64) +#define PCRE2_ERROR_INTERNAL_DUPMATCH (-65) /* Request types for pcre2_pattern_info() */ diff --git a/thirdparty/pcre2/src/pcre2_auto_possess.c b/thirdparty/pcre2/src/pcre2_auto_possess.c index 23275a2e39..2ce152e952 100644 --- a/thirdparty/pcre2/src/pcre2_auto_possess.c +++ b/thirdparty/pcre2/src/pcre2_auto_possess.c @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016-2017 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -505,7 +505,7 @@ Arguments: utf TRUE in UTF mode cb compile data block base_list the data list of the base opcode - base_end the end of the data list + base_end the end of the base opcode rec_limit points to recursion depth counter Returns: TRUE if the auto-possessification is possible @@ -730,7 +730,7 @@ for(;;) if ((*xclass_flags & XCL_MAP) == 0) { /* No bits are set for characters < 256. */ - if (list[1] == 0) return TRUE; + if (list[1] == 0) return (*xclass_flags & XCL_NOT) == 0; /* Might be an empty repeat. */ continue; } @@ -1235,6 +1235,7 @@ for (;;) #endif case OP_MARK: + case OP_COMMIT_ARG: case OP_PRUNE_ARG: case OP_SKIP_ARG: case OP_THEN_ARG: diff --git a/thirdparty/pcre2/src/pcre2_chartables.c b/thirdparty/pcre2/src/pcre2_chartables.c index 203cb1a4ab..4046500c00 100644 --- a/thirdparty/pcre2/src/pcre2_chartables.c +++ b/thirdparty/pcre2/src/pcre2_chartables.c @@ -2,23 +2,24 @@ * Perl-Compatible Regular Expressions * *************************************************/ -/* This file contains character tables that are used when no external tables -are passed to PCRE2 by the application that calls it. The tables are used only -for characters whose code values are less than 256. - -This is a default version of the tables that assumes ASCII encoding. A program -called dftables (which is distributed with PCRE2) can be used to build -alternative versions of this file. This is necessary if you are running in an -EBCDIC environment, or if you want to default to a different encoding, for -example ISO-8859-1. When dftables is run, it creates these tables in the -current locale. If PCRE2 is configured with --enable-rebuild-chartables, this -happens automatically. - -The following #includes are present because without them gcc 4.x may remove the -array definition from the final binary if PCRE2 is built into a static library -and dead code stripping is activated. This leads to link errors. Pulling in the -header ensures that the array gets flagged as "someone outside this compilation -unit might reference this" and so it will always be supplied to the linker. */ +/* This file was automatically written by the dftables auxiliary +program. It contains character tables that are used when no external +tables are passed to PCRE2 by the application that calls it. The tables +are used only for characters whose code values are less than 256. */ + +/*The dftables program (which is distributed with PCRE2) can be used to +build alternative versions of this file. This is necessary if you are +running in an EBCDIC environment, or if you want to default to a different +encoding, for example ISO-8859-1. When dftables is run, it creates these +tables in the current locale. This happens automatically if PCRE2 is +configured with --enable-rebuild-chartables. */ + +/* The following #include is present because without it gcc 4.x may remove +the array definition from the final binary if PCRE2 is built into a static +library and dead code stripping is activated. This leads to link errors. +Pulling in the header ensures that the array gets flagged as "someone +outside this compilation unit might reference this" and so it will always +be supplied to the linker. */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -101,7 +102,7 @@ const uint8_t PRIV(default_tables)[] = { /* This table contains bit maps for various character classes. Each map is 32 bytes long and the bits run from the least significant end of each byte. The classes that have their own maps are: space, xdigit, digit, upper, lower, word, -graph, print, punct, and cntrl. Other classes are built from combinations. */ +graph print, punct, and cntrl. Other classes are built from combinations. */ 0x00,0x3e,0x00,0x00,0x01,0x00,0x00,0x00, 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, @@ -159,25 +160,24 @@ graph, print, punct, and cntrl. Other classes are built from combinations. */ 0x04 decimal digit 0x08 hexadecimal digit 0x10 alphanumeric or '_' - 0x80 regular expression metacharacter or binary zero */ - 0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 */ + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 0- 7 */ 0x00,0x01,0x01,0x01,0x01,0x01,0x00,0x00, /* 8- 15 */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 16- 23 */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 24- 31 */ - 0x01,0x00,0x00,0x00,0x80,0x00,0x00,0x00, /* - ' */ - 0x80,0x80,0x80,0x80,0x00,0x00,0x80,0x00, /* ( - / */ + 0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - ' */ + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* ( - / */ 0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c, /* 0 - 7 */ - 0x1c,0x1c,0x00,0x00,0x00,0x00,0x00,0x80, /* 8 - ? */ + 0x1c,0x1c,0x00,0x00,0x00,0x00,0x00,0x00, /* 8 - ? */ 0x00,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* @ - G */ 0x12,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* H - O */ 0x12,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* P - W */ - 0x12,0x12,0x12,0x80,0x80,0x00,0x80,0x10, /* X - _ */ + 0x12,0x12,0x12,0x00,0x00,0x00,0x00,0x10, /* X - _ */ 0x00,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /* ` - g */ 0x12,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* h - o */ 0x12,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /* p - w */ - 0x12,0x12,0x12,0x80,0x80,0x00,0x00,0x00, /* x -127 */ + 0x12,0x12,0x12,0x00,0x00,0x00,0x00,0x00, /* x -127 */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 128-135 */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 136-143 */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144-151 */ diff --git a/thirdparty/pcre2/src/pcre2_compile.c b/thirdparty/pcre2/src/pcre2_compile.c index 87530fb584..6bb1de3610 100644 --- a/thirdparty/pcre2/src/pcre2_compile.c +++ b/thirdparty/pcre2/src/pcre2_compile.c @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016-2017 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -63,8 +63,8 @@ POSSIBILITY OF SUCH DAMAGE. /* Other debugging code can be enabled by these defines. */ -// #define DEBUG_SHOW_CAPTURES -// #define DEBUG_SHOW_PARSED +/* #define DEBUG_SHOW_CAPTURES */ +/* #define DEBUG_SHOW_PARSED */ /* There are a few things that vary with different code unit sizes. Handle them by defining macros in order to minimize #if usage. */ @@ -250,34 +250,35 @@ is present where expected in a conditional group. */ #define META_LOOKBEHINDNOT 0x80250000u /* (?<! */ /* These must be kept in this order, with consecutive values, and the _ARG -versions of PRUNE, SKIP, and THEN immediately after their non-argument +versions of COMMIT, PRUNE, SKIP, and THEN immediately after their non-argument versions. */ #define META_MARK 0x80260000u /* (*MARK) */ #define META_ACCEPT 0x80270000u /* (*ACCEPT) */ -#define META_COMMIT 0x80280000u /* (*COMMIT) */ -#define META_FAIL 0x80290000u /* (*FAIL) */ -#define META_PRUNE 0x802a0000u /* These pairs must */ -#define META_PRUNE_ARG 0x802b0000u /* be */ -#define META_SKIP 0x802c0000u /* kept */ -#define META_SKIP_ARG 0x802d0000u /* in */ -#define META_THEN 0x802e0000u /* this */ -#define META_THEN_ARG 0x802f0000u /* order */ +#define META_FAIL 0x80280000u /* (*FAIL) */ +#define META_COMMIT 0x80290000u /* These */ +#define META_COMMIT_ARG 0x802a0000u /* pairs */ +#define META_PRUNE 0x802b0000u /* must */ +#define META_PRUNE_ARG 0x802c0000u /* be */ +#define META_SKIP 0x802d0000u /* kept */ +#define META_SKIP_ARG 0x802e0000u /* in */ +#define META_THEN 0x802f0000u /* this */ +#define META_THEN_ARG 0x80300000u /* order */ /* These must be kept in groups of adjacent 3 values, and all together. */ -#define META_ASTERISK 0x80300000u /* * */ -#define META_ASTERISK_PLUS 0x80310000u /* *+ */ -#define META_ASTERISK_QUERY 0x80320000u /* *? */ -#define META_PLUS 0x80330000u /* + */ -#define META_PLUS_PLUS 0x80340000u /* ++ */ -#define META_PLUS_QUERY 0x80350000u /* +? */ -#define META_QUERY 0x80360000u /* ? */ -#define META_QUERY_PLUS 0x80370000u /* ?+ */ -#define META_QUERY_QUERY 0x80380000u /* ?? */ -#define META_MINMAX 0x80390000u /* {n,m} repeat */ -#define META_MINMAX_PLUS 0x803a0000u /* {n,m}+ repeat */ -#define META_MINMAX_QUERY 0x803b0000u /* {n,m}? repeat */ +#define META_ASTERISK 0x80310000u /* * */ +#define META_ASTERISK_PLUS 0x80320000u /* *+ */ +#define META_ASTERISK_QUERY 0x80330000u /* *? */ +#define META_PLUS 0x80340000u /* + */ +#define META_PLUS_PLUS 0x80350000u /* ++ */ +#define META_PLUS_QUERY 0x80360000u /* +? */ +#define META_QUERY 0x80370000u /* ? */ +#define META_QUERY_PLUS 0x80380000u /* ?+ */ +#define META_QUERY_QUERY 0x80390000u /* ?? */ +#define META_MINMAX 0x803a0000u /* {n,m} repeat */ +#define META_MINMAX_PLUS 0x803b0000u /* {n,m}+ repeat */ +#define META_MINMAX_QUERY 0x803c0000u /* {n,m}? repeat */ #define META_FIRST_QUANTIFIER META_ASTERISK #define META_LAST_QUANTIFIER META_MINMAX_QUERY @@ -327,8 +328,9 @@ static unsigned char meta_extra_lengths[] = { SIZEOFFSET, /* META_LOOKBEHINDNOT */ 1, /* META_MARK - plus the string length */ 0, /* META_ACCEPT */ - 0, /* META_COMMIT */ 0, /* META_FAIL */ + 0, /* META_COMMIT */ + 1, /* META_COMMIT_ARG - plus the string length */ 0, /* META_PRUNE */ 1, /* META_PRUNE_ARG - plus the string length */ 0, /* META_SKIP */ @@ -510,17 +512,17 @@ static const short int escapes[] = { -ESC_Z, CHAR_LEFT_SQUARE_BRACKET, CHAR_BACKSLASH, CHAR_RIGHT_SQUARE_BRACKET, CHAR_CIRCUMFLEX_ACCENT, CHAR_UNDERSCORE, - CHAR_GRAVE_ACCENT, ESC_a, + CHAR_GRAVE_ACCENT, CHAR_BEL, -ESC_b, 0, - -ESC_d, ESC_e, - ESC_f, 0, + -ESC_d, CHAR_ESC, + CHAR_FF, 0, -ESC_h, 0, 0, -ESC_k, 0, 0, - ESC_n, 0, + CHAR_LF, 0, -ESC_p, 0, - ESC_r, -ESC_s, - ESC_tee, 0, + CHAR_CR, -ESC_s, + CHAR_HT, 0, -ESC_v, -ESC_w, 0, 0, -ESC_z @@ -544,22 +546,22 @@ because it is defined as 'a', which of course picks up the ASCII value. */ #endif static const short int escapes[] = { -/* 80 */ ESC_a, -ESC_b, 0, -ESC_d, ESC_e, ESC_f, 0, -/* 88 */-ESC_h, 0, 0, '{', 0, 0, 0, 0, -/* 90 */ 0, 0, -ESC_k, 0, 0, ESC_n, 0, -ESC_p, -/* 98 */ 0, ESC_r, 0, '}', 0, 0, 0, 0, -/* A0 */ 0, '~', -ESC_s, ESC_tee, 0,-ESC_v, -ESC_w, 0, -/* A8 */ 0,-ESC_z, 0, 0, 0, '[', 0, 0, -/* B0 */ 0, 0, 0, 0, 0, 0, 0, 0, -/* B8 */ 0, 0, 0, 0, 0, ']', '=', '-', -/* C0 */ '{',-ESC_A, -ESC_B, -ESC_C, -ESC_D,-ESC_E, 0, -ESC_G, -/* C8 */-ESC_H, 0, 0, 0, 0, 0, 0, 0, -/* D0 */ '}', 0, -ESC_K, 0, 0,-ESC_N, 0, -ESC_P, -/* D8 */-ESC_Q,-ESC_R, 0, 0, 0, 0, 0, 0, -/* E0 */ '\\', 0, -ESC_S, 0, 0,-ESC_V, -ESC_W, -ESC_X, -/* E8 */ 0,-ESC_Z, 0, 0, 0, 0, 0, 0, -/* F0 */ 0, 0, 0, 0, 0, 0, 0, 0, -/* F8 */ 0, 0 +/* 80 */ CHAR_BEL, -ESC_b, 0, -ESC_d, CHAR_ESC, CHAR_FF, 0, +/* 88 */ -ESC_h, 0, 0, '{', 0, 0, 0, 0, +/* 90 */ 0, 0, -ESC_k, 0, 0, CHAR_LF, 0, -ESC_p, +/* 98 */ 0, CHAR_CR, 0, '}', 0, 0, 0, 0, +/* A0 */ 0, '~', -ESC_s, CHAR_HT, 0, -ESC_v, -ESC_w, 0, +/* A8 */ 0, -ESC_z, 0, 0, 0, '[', 0, 0, +/* B0 */ 0, 0, 0, 0, 0, 0, 0, 0, +/* B8 */ 0, 0, 0, 0, 0, ']', '=', '-', +/* C0 */ '{', -ESC_A, -ESC_B, -ESC_C, -ESC_D, -ESC_E, 0, -ESC_G, +/* C8 */ -ESC_H, 0, 0, 0, 0, 0, 0, 0, +/* D0 */ '}', 0, -ESC_K, 0, 0, -ESC_N, 0, -ESC_P, +/* D8 */ -ESC_Q, -ESC_R, 0, 0, 0, 0, 0, 0, +/* E0 */ '\\', 0, -ESC_S, 0, 0, -ESC_V, -ESC_W, -ESC_X, +/* E8 */ 0, -ESC_Z, 0, 0, 0, 0, 0, 0, +/* F0 */ 0, 0, 0, 0, 0, 0, 0, 0, +/* F8 */ 0, 0 }; /* We also need a table of characters that may follow \c in an EBCDIC @@ -586,9 +588,9 @@ static const char verbnames[] = "\0" /* Empty name is a shorthand for MARK */ STRING_MARK0 STRING_ACCEPT0 - STRING_COMMIT0 STRING_F0 STRING_FAIL0 + STRING_COMMIT0 STRING_PRUNE0 STRING_SKIP0 STRING_THEN; @@ -596,11 +598,11 @@ static const char verbnames[] = static const verbitem verbs[] = { { 0, META_MARK, +1 }, /* > 0 => must have an argument */ { 4, META_MARK, +1 }, - { 6, META_ACCEPT, -1 }, /* < 0 => must not have an argument */ - { 6, META_COMMIT, -1 }, + { 6, META_ACCEPT, -1 }, /* < 0 => Optional argument, convert to pre-MARK */ { 1, META_FAIL, -1 }, { 4, META_FAIL, -1 }, - { 5, META_PRUNE, 0 }, /* Argument is optional; bump META code if found */ + { 6, META_COMMIT, 0 }, + { 5, META_PRUNE, 0 }, /* Optional argument; bump META code if found */ { 4, META_SKIP, 0 }, { 4, META_THEN, 0 } }; @@ -610,8 +612,8 @@ static const int verbcount = sizeof(verbs)/sizeof(verbitem); /* Verb opcodes, indexed by their META code offset from META_MARK. */ static const uint32_t verbops[] = { - OP_MARK, OP_ACCEPT, OP_COMMIT, OP_FAIL, OP_PRUNE, OP_PRUNE_ARG, OP_SKIP, - OP_SKIP_ARG, OP_THEN, OP_THEN_ARG }; + OP_MARK, OP_ACCEPT, OP_FAIL, OP_COMMIT, OP_COMMIT_ARG, OP_PRUNE, + OP_PRUNE_ARG, OP_SKIP, OP_SKIP_ARG, OP_THEN, OP_THEN_ARG }; /* Offsets from OP_STAR for case-independent and negative repeat opcodes. */ @@ -729,7 +731,7 @@ enum { ERR0 = COMPILE_ERROR_BASE, ERR61, ERR62, ERR63, ERR64, ERR65, ERR66, ERR67, ERR68, ERR69, ERR70, ERR71, ERR72, ERR73, ERR74, ERR75, ERR76, ERR77, ERR78, ERR79, ERR80, ERR81, ERR82, ERR83, ERR84, ERR85, ERR86, ERR87, ERR88, ERR89, ERR90, - ERR91, ERR92}; + ERR91, ERR92, ERR93, ERR94 }; /* This is a table of start-of-pattern options such as (*UTF) and settings such as (*LIMIT_MATCH=nnnn) and (*CRLF). For completeness and backward @@ -976,8 +978,8 @@ for (;;) case META_POSIX_NEG: fprintf(stderr, "META_POSIX_NEG %d", *pptr++); break; case META_ACCEPT: fprintf(stderr, "META (*ACCEPT)"); break; - case META_COMMIT: fprintf(stderr, "META (*COMMIT)"); break; case META_FAIL: fprintf(stderr, "META (*FAIL)"); break; + case META_COMMIT: fprintf(stderr, "META (*COMMIT)"); break; case META_PRUNE: fprintf(stderr, "META (*PRUNE)"); break; case META_SKIP: fprintf(stderr, "META (*SKIP)"); break; case META_THEN: fprintf(stderr, "META (*THEN)"); break; @@ -1067,6 +1069,10 @@ for (;;) fprintf(stderr, "META (*MARK:"); goto SHOWARG; + case META_COMMIT_ARG: + fprintf(stderr, "META (*COMMIT:"); + goto SHOWARG; + case META_PRUNE_ARG: fprintf(stderr, "META (*PRUNE:"); goto SHOWARG; @@ -1435,6 +1441,48 @@ else if ((i = escapes[c - ESCAPES_FIRST]) != 0) escape = -i; /* Else return a special escape */ if (cb != NULL && (escape == ESC_P || escape == ESC_p || escape == ESC_X)) cb->external_flags |= PCRE2_HASBKPORX; /* Note \P, \p, or \X */ + + /* Perl supports \N{name} for character names and \N{U+dddd} for numerical + Unicode code points, as well as plain \N for "not newline". PCRE does not + support \N{name}. However, it does support quantification such as \N{2,3}, + so if \N{ is not followed by U+dddd we check for a quantifier. */ + + if (escape == ESC_N && ptr < ptrend && *ptr == CHAR_LEFT_CURLY_BRACKET) + { + PCRE2_SPTR p = ptr + 1; + + /* \N{U+ can be handled by the \x{ code. However, this construction is + not valid in EBCDIC environments because it specifies a Unicode + character, not a codepoint in the local code. For example \N{U+0041} + must be "A" in all environments. Also, in Perl, \N{U+ forces Unicode + casing semantics for the entire pattern, so allow it only in UTF (i.e. + Unicode) mode. */ + + if (ptrend - p > 1 && *p == CHAR_U && p[1] == CHAR_PLUS) + { +#ifdef EBCDIC + *errorcodeptr = ERR93; +#else + if (utf) + { + ptr = p + 1; + escape = 0; /* Not a fancy escape after all */ + goto COME_FROM_NU; + } + else *errorcodeptr = ERR93; +#endif + } + + /* Give an error if what follows is not a quantifier, but don't override + an error set by the quantifier reader (e.g. number overflow). */ + + else + { + if (!read_repeat_counts(&p, ptrend, NULL, NULL, errorcodeptr) && + *errorcodeptr == 0) + *errorcodeptr = ERR37; + } + } } } @@ -1462,6 +1510,7 @@ else /* A number of Perl escapes are not handled by PCRE. We give an explicit error. */ + case CHAR_F: case CHAR_l: case CHAR_L: *errorcodeptr = ERR37; @@ -1719,6 +1768,9 @@ else { if (ptr < ptrend && *ptr == CHAR_LEFT_CURLY_BRACKET) { +#ifndef EBCDIC + COME_FROM_NU: +#endif if (++ptr >= ptrend || *ptr == CHAR_RIGHT_CURLY_BRACKET) { *errorcodeptr = ERR78; @@ -1852,19 +1904,6 @@ else } } -/* Perl supports \N{name} for character names, as well as plain \N for "not -newline". PCRE does not support \N{name}. However, it does support -quantification such as \N{2,3}. */ - -if (escape == ESC_N && ptr < ptrend && *ptr == CHAR_LEFT_CURLY_BRACKET && - ptrend - ptr > 2) - { - PCRE2_SPTR p = ptr + 1; - if (!read_repeat_counts(&p, ptrend, NULL, NULL, errorcodeptr) && - *errorcodeptr == 0) - *errorcodeptr = ERR37; - } - /* Set the pointer to the next character before returning. */ *ptrptr = ptr; @@ -2251,11 +2290,14 @@ typedef struct nest_save { #define NSF_RESET 0x0001u #define NSF_CONDASSERT 0x0002u -/* Of the options that are changeable within the pattern, these are tracked -during parsing. The rest are used from META_OPTIONS items when compiling. */ +/* Options that are changeable within the pattern must be tracked during +parsing. Some (e.g. PCRE2_EXTENDED) are implemented entirely during parsing, +but all must be tracked so that META_OPTIONS items set the correct values for +the main compiling phase. */ -#define PARSE_TRACKED_OPTIONS \ - (PCRE2_DUPNAMES|PCRE2_EXTENDED|PCRE2_EXTENDED_MORE|PCRE2_NO_AUTO_CAPTURE) +#define PARSE_TRACKED_OPTIONS (PCRE2_CASELESS|PCRE2_DOTALL|PCRE2_DUPNAMES| \ + PCRE2_EXTENDED|PCRE2_EXTENDED_MORE|PCRE2_MULTILINE|PCRE2_NO_AUTO_CAPTURE| \ + PCRE2_UNGREEDY) /* States used for analyzing ranges in character classes. The two OK values must be last. */ @@ -2290,6 +2332,7 @@ uint32_t *previous_callout = NULL; uint32_t *parsed_pattern = cb->parsed_pattern; uint32_t *parsed_pattern_end = cb->parsed_pattern_end; uint32_t meta_quantifier = 0; +uint32_t add_after_mark = 0; uint16_t nest_depth = 0; int after_manual_callout = 0; int expect_cond_assert = 0; @@ -2434,11 +2477,17 @@ while (ptr < ptrend) /* EITHER: not both options set */ ((options & (PCRE2_EXTENDED | PCRE2_ALT_VERBNAMES)) != (PCRE2_EXTENDED | PCRE2_ALT_VERBNAMES)) || - /* OR: character > 255 */ - c > 255 || - /* OR: not a # comment or white space */ - (c != CHAR_NUMBER_SIGN && (cb->ctypes[c] & ctype_space) == 0) - )) +#ifdef SUPPORT_UNICODE + /* OR: character > 255 AND not Unicode Pattern White Space */ + (c > 255 && (c|1) != 0x200f && (c|1) != 0x2029) || +#endif + /* OR: not a # comment or isspace() white space */ + (c < 256 && c != CHAR_NUMBER_SIGN && (cb->ctypes[c] & ctype_space) == 0 +#ifdef SUPPORT_UNICODE + /* and not CHAR_NEL when Unicode is supported */ + && c != CHAR_NEL +#endif + ))) { PCRE2_SIZE verbnamelength; @@ -2461,6 +2510,16 @@ while (ptr < ptrend) goto FAILED; } *verblengthptr = (uint32_t)verbnamelength; + + /* If this name was on a verb such as (*ACCEPT) which does not continue, + a (*MARK) was generated for the name. We now add the original verb as the + next item. */ + + if (add_after_mark != 0) + { + *parsed_pattern++ = add_after_mark; + add_after_mark = 0; + } break; case CHAR_BACKSLASH: @@ -2510,11 +2569,18 @@ while (ptr < ptrend) /* Skip over whitespace and # comments in extended mode. Note that c is a character, not a code unit, so we must not use MAX_255 to test its size - because MAX_255 tests code units and is assumed TRUE in 8-bit mode. */ + because MAX_255 tests code units and is assumed TRUE in 8-bit mode. The + whitespace characters are those designated as "Pattern White Space" by + Unicode, which are the isspace() characters plus CHAR_NEL (newline), which is + U+0085 in Unicode, plus U+200E, U+200F, U+2028, and U+2029. These are a + subset of space characters that match \h and \v. */ if ((options & PCRE2_EXTENDED) != 0) { if (c < 256 && (cb->ctypes[c] & ctype_space) != 0) continue; +#ifdef SUPPORT_UNICODE + if (c == CHAR_NEL || (c|1) == 0x200f || (c|1) == 0x2029) continue; +#endif if (c == CHAR_NUMBER_SIGN) { while (ptr < ptrend) @@ -3206,7 +3272,6 @@ while (ptr < ptrend) tempptr = ptr; escape = PRIV(check_escape)(&ptr, ptrend, &c, &errorcode, options, TRUE, cb); - if (errorcode != 0) { CLASS_ESCAPE_FAILED: @@ -3454,13 +3519,25 @@ while (ptr < ptrend) if (*ptr++ == CHAR_COLON) /* Skip past : or ) */ { - if (verbs[i].has_arg < 0) /* Argument is forbidden */ + /* Some optional arguments can be treated as a preceding (*MARK) */ + + if (verbs[i].has_arg < 0) { - errorcode = ERR59; - goto FAILED; + add_after_mark = verbs[i].meta; + *parsed_pattern++ = META_MARK; } - *parsed_pattern++ = verbs[i].meta + - ((verbs[i].meta != META_MARK)? 0x00010000u:0); + + /* The remaining verbs with arguments (except *MARK) need a different + opcode. */ + + else + { + *parsed_pattern++ = verbs[i].meta + + ((verbs[i].meta != META_MARK)? 0x00010000u:0); + } + + /* Set up for reading the name in the main loop. */ + verblengthptr = parsed_pattern++; verbnamestart = ptr; inverbname = TRUE; @@ -3521,17 +3598,39 @@ while (ptr < ptrend) else { + BOOL hyphenok = TRUE; + uint32_t oldoptions = options; + top_nest->reset_group = 0; top_nest->max_group = 0; set = unset = 0; optset = &set; + /* ^ at the start unsets imnsx and disables the subsequent use of - */ + + if (ptr < ptrend && *ptr == CHAR_CIRCUMFLEX_ACCENT) + { + options &= ~(PCRE2_CASELESS|PCRE2_MULTILINE|PCRE2_NO_AUTO_CAPTURE| + PCRE2_DOTALL|PCRE2_EXTENDED|PCRE2_EXTENDED_MORE); + hyphenok = FALSE; + ptr++; + } + while (ptr < ptrend && *ptr != CHAR_RIGHT_PARENTHESIS && *ptr != CHAR_COLON) { switch (*ptr++) { - case CHAR_MINUS: optset = &unset; break; + case CHAR_MINUS: + if (!hyphenok) + { + errorcode = ERR94; + ptr--; /* Correct the offset */ + goto FAILED; + } + optset = &unset; + hyphenok = FALSE; + break; case CHAR_J: /* Record that it changed in the external options */ *optset |= PCRE2_DUPNAMES; @@ -3591,7 +3690,7 @@ while (ptr < ptrend) /* If nothing changed, no need to record. */ - if (set != 0 || unset != 0) + if (options != oldoptions) { *parsed_pattern++ = META_OPTIONS; *parsed_pattern++ = options; @@ -3896,9 +3995,8 @@ while (ptr < ptrend) if (*ptr == CHAR_DOT) { if (++ptr >= ptrend || !IS_DIGIT(*ptr)) goto BAD_VERSION_CONDITION; - if (!read_number(&ptr, ptrend, -1, 99 , ERR79, &minor, &errorcode)) - goto FAILED; - if (minor < 10) minor *= 10; + minor = (*ptr++ - CHAR_0) * 10; + if (IS_DIGIT(*ptr)) minor += *ptr++ - CHAR_0; if (ptr >= ptrend || *ptr != CHAR_RIGHT_PARENTHESIS) goto BAD_VERSION_CONDITION; } @@ -4261,11 +4359,11 @@ goto FAILED; /************************************************* -* Find first significant op code * +* Find first significant opcode * *************************************************/ /* This is called by several functions that scan a compiled expression looking -for a fixed first character, or an anchoring op code etc. It skips over things +for a fixed first character, or an anchoring opcode etc. It skips over things that do not influence this. For some calls, it makes sense to skip negative forward and all backward assertions, and also the \b assertion; for others it does not. @@ -5472,7 +5570,7 @@ for (;; pptr++) set xclass = TRUE. Then, in the pre-compile phase, accumulate the length of the extra data and reset the pointer. This is so that very large classes that contain a zillion wide characters or Unicode property tests - do not overwrite the work space (which is on the stack). */ + do not overwrite the workspace (which is on the stack). */ if (class_uchardata > class_uchardata_base) { @@ -5563,7 +5661,7 @@ for (;; pptr++) if (class_has_8bitchar > 0) { *code++ |= XCL_MAP; - memmove(code + (32 / sizeof(PCRE2_UCHAR)), code, + (void)memmove(code + (32 / sizeof(PCRE2_UCHAR)), code, CU2BYTES(class_uchardata - code)); if (negate_class && !xclass_has_prop) for (i = 0; i < 32; i++) classbits[i] = ~classbits[i]; @@ -5655,6 +5753,7 @@ for (;; pptr++) cb->had_pruneorskip = TRUE; /* Fall through */ case META_MARK: + case META_COMMIT_ARG: VERB_ARG: *code++ = verbops[(meta - META_MARK) >> 16]; /* The length is in characters. */ @@ -6509,7 +6608,7 @@ for (;; pptr++) /* Wrap the recursion call in OP_BRA brackets. */ - memmove(previous + 1 + LINK_SIZE, previous, CU2BYTES(1 + LINK_SIZE)); + (void)memmove(previous + 1 + LINK_SIZE, previous, CU2BYTES(1 + LINK_SIZE)); op_previous = *previous = OP_BRA; PUT(previous, 1, 2 + 2*LINK_SIZE); previous[2 + 2*LINK_SIZE] = OP_KET; @@ -6589,7 +6688,7 @@ for (;; pptr++) if (repeat_max <= 1 || repeat_max == REPEAT_UNLIMITED) { - memmove(previous + 1, previous, CU2BYTES(len)); + (void)memmove(previous + 1, previous, CU2BYTES(len)); code++; if (repeat_max == 0) { @@ -6610,7 +6709,7 @@ for (;; pptr++) else { int linkoffset; - memmove(previous + 2 + LINK_SIZE, previous, CU2BYTES(len)); + (void)memmove(previous + 2 + LINK_SIZE, previous, CU2BYTES(len)); code += 2 + LINK_SIZE; *previous++ = OP_BRAZERO + repeat_type; *previous++ = OP_BRA; @@ -6811,7 +6910,7 @@ for (;; pptr++) if (*bracode == OP_COND || *bracode == OP_SCOND) { int nlen = (int)(code - bracode); - memmove(bracode + 1 + LINK_SIZE, bracode, CU2BYTES(nlen)); + (void)memmove(bracode + 1 + LINK_SIZE, bracode, CU2BYTES(nlen)); code += 1 + LINK_SIZE; nlen += 1 + LINK_SIZE; *bracode = (*bracode == OP_COND)? OP_BRAPOS : OP_SBRAPOS; @@ -7082,7 +7181,7 @@ for (;; pptr++) else { - memmove(tempcode + 1 + LINK_SIZE, tempcode, CU2BYTES(len)); + (void)memmove(tempcode + 1 + LINK_SIZE, tempcode, CU2BYTES(len)); code += 1 + LINK_SIZE; len += 1 + LINK_SIZE; tempcode[0] = OP_ONCE; @@ -7460,7 +7559,7 @@ length of the BRA and KET and any extra code units that are required at the beginning. We accumulate in a local variable to save frequent testing of lengthptr for NULL. We cannot do this by looking at the value of 'code' at the start and end of each alternative, because compiled items are discarded during -the pre-compile phase so that the work space is not exceeded. */ +the pre-compile phase so that the workspace is not exceeded. */ length = 2 + 2*LINK_SIZE + skipunits; @@ -7622,7 +7721,7 @@ for (;;) { if (cb->open_caps->flag) { - memmove(start_bracket + 1 + LINK_SIZE, start_bracket, + (void)memmove(start_bracket + 1 + LINK_SIZE, start_bracket, CU2BYTES(code - start_bracket)); *start_bracket = OP_ONCE; code += 1 + LINK_SIZE; @@ -7765,10 +7864,11 @@ do { if (!is_anchored(scode, bracket_map, cb, atomcount, TRUE)) return FALSE; } - /* Condition */ + /* Condition. If there is no second branch, it can't be anchored. */ - else if (op == OP_COND) + else if (op == OP_COND || op == OP_SCOND) { + if (scode[GET(scode,1)] != OP_ALT) return FALSE; if (!is_anchored(scode, bracket_map, cb, atomcount, inassert)) return FALSE; } @@ -8003,6 +8103,7 @@ for (;;) break; case OP_MARK: + case OP_COMMIT_ARG: case OP_PRUNE_ARG: case OP_SKIP_ARG: case OP_THEN_ARG: @@ -8221,7 +8322,7 @@ for (i = 0; i < tablecount; i++) if (crc < 0) { - memmove(slot + cb->name_entry_size, slot, + (void)memmove(slot + cb->name_entry_size, slot, CU2BYTES((tablecount - i) * cb->name_entry_size)); break; } @@ -8311,6 +8412,7 @@ for (;; pptr++) break; case META_MARK: /* Add the length of the name. */ + case META_COMMIT_ARG: case META_PRUNE_ARG: case META_SKIP_ARG: case META_THEN_ARG: @@ -8501,6 +8603,7 @@ for (;; pptr++) goto EXIT; case META_MARK: + case META_COMMIT_ARG: case META_PRUNE_ARG: case META_SKIP_ARG: case META_THEN_ARG: @@ -8572,6 +8675,32 @@ for (;; pptr++) case META_LOOKAHEADNOT: pptr = parsed_skip(pptr + 1, PSKIP_KET); if (pptr == NULL) goto PARSED_SKIP_FAILED; + + /* Also ignore any qualifiers that follow a lookahead assertion. */ + + switch (pptr[1]) + { + case META_ASTERISK: + case META_ASTERISK_PLUS: + case META_ASTERISK_QUERY: + case META_PLUS: + case META_PLUS_PLUS: + case META_PLUS_QUERY: + case META_QUERY: + case META_QUERY_PLUS: + case META_QUERY_QUERY: + pptr++; + break; + + case META_MINMAX: + case META_MINMAX_PLUS: + case META_MINMAX_QUERY: + pptr += 3; + break; + + default: + break; + } break; /* Lookbehinds can be ignored, but must themselves be checked. */ @@ -8942,6 +9071,7 @@ for (pptr = cb->parsed_pattern; *pptr != META_END; pptr++) break; case META_MARK: + case META_COMMIT_ARG: case META_PRUNE_ARG: case META_SKIP_ARG: case META_THEN_ARG: diff --git a/thirdparty/pcre2/src/pcre2_convert.c b/thirdparty/pcre2/src/pcre2_convert.c index bdf9b86df6..1dd5c337dc 100644 --- a/thirdparty/pcre2/src/pcre2_convert.c +++ b/thirdparty/pcre2/src/pcre2_convert.c @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016-2017 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -1066,11 +1066,12 @@ BOOL utf = (options & PCRE2_CONVERT_UTF) != 0; uint32_t pattype = options & TYPE_OPTIONS; if (pattern == NULL || bufflenptr == NULL) return PCRE2_ERROR_NULL; + if ((options & ~ALL_OPTIONS) != 0 || /* Undefined bit set */ (pattype & (~pattype+1)) != pattype || /* More than one type set */ pattype == 0) /* No type set */ { - *bufflenptr = 0; /* Error offset */ + *bufflenptr = 0; /* Error offset */ return PCRE2_ERROR_BADOPTION; } @@ -1081,7 +1082,11 @@ if (ccontext == NULL) ccontext = /* Check UTF if required. */ #ifndef SUPPORT_UNICODE -if (utf) return PCRE2_ERROR_UNICODE_NOT_SUPPORTED; +if (utf) + { + *bufflenptr = 0; /* Error offset */ + return PCRE2_ERROR_UNICODE_NOT_SUPPORTED; + } #else if (utf && (options & PCRE2_CONVERT_NO_UTF_CHECK) == 0) { @@ -1126,6 +1131,7 @@ for (i = 0; i < 2; i++) break; default: + *bufflenptr = 0; /* Error offset */ return PCRE2_ERROR_INTERNAL; } diff --git a/thirdparty/pcre2/src/pcre2_dfa_match.c b/thirdparty/pcre2/src/pcre2_dfa_match.c index c6184ff5e9..9b43237da7 100644 --- a/thirdparty/pcre2/src/pcre2_dfa_match.c +++ b/thirdparty/pcre2/src/pcre2_dfa_match.c @@ -181,7 +181,8 @@ static const uint8_t coptable[] = { 0, 0, 0, /* BRAZERO, BRAMINZERO, BRAPOSZERO */ 0, 0, 0, /* MARK, PRUNE, PRUNE_ARG */ 0, 0, 0, 0, /* SKIP, SKIP_ARG, THEN, THEN_ARG */ - 0, 0, 0, 0, /* COMMIT, FAIL, ACCEPT, ASSERT_ACCEPT */ + 0, 0, /* COMMIT, COMMIT_ARG */ + 0, 0, 0, /* FAIL, ACCEPT, ASSERT_ACCEPT */ 0, 0, 0 /* CLOSE, SKIPZERO, DEFINE */ }; @@ -254,7 +255,8 @@ static const uint8_t poptable[] = { 0, 0, 0, /* BRAZERO, BRAMINZERO, BRAPOSZERO */ 0, 0, 0, /* MARK, PRUNE, PRUNE_ARG */ 0, 0, 0, 0, /* SKIP, SKIP_ARG, THEN, THEN_ARG */ - 0, 0, 0, 0, /* COMMIT, FAIL, ACCEPT, ASSERT_ACCEPT */ + 0, 0, /* COMMIT, COMMIT_ARG */ + 0, 0, 0, /* FAIL, ACCEPT, ASSERT_ACCEPT */ 0, 0, 0 /* CLOSE, SKIPZERO, DEFINE */ }; @@ -292,6 +294,35 @@ typedef struct stateblock { #define INTS_PER_STATEBLOCK (int)(sizeof(stateblock)/sizeof(int)) +/* Before version 10.32 the recursive calls of internal_dfa_match() were passed +local working space and output vectors that were created on the stack. This has +caused issues for some patterns, especially in small-stack environments such as +Windows. A new scheme is now in use which sets up a vector on the stack, but if +this is too small, heap memory is used, up to the heap_limit. The main +parameters are all numbers of ints because the workspace is a vector of ints. + +The size of the starting stack vector, DFA_START_RWS_SIZE, is in bytes, and is +defined in pcre2_internal.h so as to be available to pcre2test when it is +finding the minimum heap requirement for a match. */ + +#define OVEC_UNIT (sizeof(PCRE2_SIZE)/sizeof(int)) + +#define RWS_BASE_SIZE (DFA_START_RWS_SIZE/sizeof(int)) /* Stack vector */ +#define RWS_RSIZE 1000 /* Work size for recursion */ +#define RWS_OVEC_RSIZE (1000*OVEC_UNIT) /* Ovector for recursion */ +#define RWS_OVEC_OSIZE (2*OVEC_UNIT) /* Ovector in other cases */ + +/* This structure is at the start of each workspace block. */ + +typedef struct RWS_anchor { + struct RWS_anchor *next; + unsigned int size; /* Number of ints */ + unsigned int free; /* Number of ints */ +} RWS_anchor; + +#define RWS_ANCHOR_SIZE (sizeof(RWS_anchor)/sizeof(int)) + + /************************************************* * Process a callout * @@ -354,6 +385,61 @@ return (mb->callout)(cb, mb->callout_data); /************************************************* +* Expand local workspace memory * +*************************************************/ + +/* This function is called when internal_dfa_match() is about to be called +recursively and there is insufficient working space left in the current +workspace block. If there's an existing next block, use it; otherwise get a new +block unless the heap limit is reached. + +Arguments: + rwsptr pointer to block pointer (updated) + ovecsize space needed for an ovector + mb the match block + +Returns: 0 rwsptr has been updated + !0 an error code +*/ + +static int +more_workspace(RWS_anchor **rwsptr, unsigned int ovecsize, dfa_match_block *mb) +{ +RWS_anchor *rws = *rwsptr; +RWS_anchor *new; + +if (rws->next != NULL) + { + new = rws->next; + } + +/* All sizes are in units of sizeof(int), except for mb->heaplimit, which is in +kibibytes. */ + +else + { + unsigned int newsize = rws->size * 2; + unsigned int heapleft = (unsigned int) + (((1024/sizeof(int))*mb->heap_limit - mb->heap_used)); + if (newsize > heapleft) newsize = heapleft; + if (newsize < RWS_RSIZE + ovecsize + RWS_ANCHOR_SIZE) + return PCRE2_ERROR_HEAPLIMIT; + new = mb->memctl.malloc(newsize*sizeof(int), mb->memctl.memory_data); + if (new == NULL) return PCRE2_ERROR_NOMEMORY; + mb->heap_used += newsize; + new->next = NULL; + new->size = newsize; + rws->next = new; + } + +new->free = new->size - RWS_ANCHOR_SIZE; +*rwsptr = new; +return 0; +} + + + +/************************************************* * Match a Regular Expression - DFA engine * *************************************************/ @@ -431,7 +517,8 @@ internal_dfa_match( uint32_t offsetcount, int *workspace, int wscount, - uint32_t rlevel) + uint32_t rlevel, + int *RWS) { stateblock *active_states, *new_states, *temp_states; stateblock *next_active_state, *next_new_state; @@ -788,7 +875,7 @@ for (;;) else if (match_count > 0 && ++match_count * 2 > (int)offsetcount) match_count = 0; count = ((match_count == 0)? (int)offsetcount : match_count * 2) - 2; - if (count > 0) memmove(offsets + 2, offsets, + if (count > 0) (void)memmove(offsets + 2, offsets, (size_t)count * sizeof(PCRE2_SIZE)); if (offsetcount >= 2) { @@ -2587,10 +2674,22 @@ for (;;) case OP_ASSERTBACK: case OP_ASSERTBACK_NOT: { - PCRE2_SPTR endasscode = code + GET(code, 1); - PCRE2_SIZE local_offsets[2]; int rc; - int local_workspace[1000]; + int *local_workspace; + PCRE2_SIZE *local_offsets; + PCRE2_SPTR endasscode = code + GET(code, 1); + RWS_anchor *rws = (RWS_anchor *)RWS; + + if (rws->free < RWS_RSIZE + RWS_OVEC_OSIZE) + { + rc = more_workspace(&rws, RWS_OVEC_OSIZE, mb); + if (rc != 0) return rc; + RWS = (int *)rws; + } + + local_offsets = (PCRE2_SIZE *)(RWS + rws->size - rws->free); + local_workspace = ((int *)local_offsets) + RWS_OVEC_OSIZE; + rws->free -= RWS_RSIZE + RWS_OVEC_OSIZE; while (*endasscode == OP_ALT) endasscode += GET(endasscode, 1); @@ -2600,10 +2699,13 @@ for (;;) ptr, /* where we currently are */ (PCRE2_SIZE)(ptr - start_subject), /* start offset */ local_offsets, /* offset vector */ - sizeof(local_offsets)/sizeof(PCRE2_SIZE), /* size of same */ + RWS_OVEC_OSIZE/OVEC_UNIT, /* size of same */ local_workspace, /* workspace vector */ - sizeof(local_workspace)/sizeof(int), /* size of same */ - rlevel); /* function recursion level */ + RWS_RSIZE, /* size of same */ + rlevel, /* function recursion level */ + RWS); /* recursion workspace */ + + rws->free += RWS_RSIZE + RWS_OVEC_OSIZE; if (rc < 0 && rc != PCRE2_ERROR_NOMATCH) return rc; if ((rc >= 0) == (codevalue == OP_ASSERT || codevalue == OP_ASSERTBACK)) @@ -2615,8 +2717,6 @@ for (;;) case OP_COND: case OP_SCOND: { - PCRE2_SIZE local_offsets[1000]; - int local_workspace[1000]; int codelink = (int)GET(code, 1); PCRE2_UCHAR condcode; @@ -2673,8 +2773,22 @@ for (;;) else { int rc; + int *local_workspace; + PCRE2_SIZE *local_offsets; PCRE2_SPTR asscode = code + LINK_SIZE + 1; PCRE2_SPTR endasscode = asscode + GET(asscode, 1); + RWS_anchor *rws = (RWS_anchor *)RWS; + + if (rws->free < RWS_RSIZE + RWS_OVEC_OSIZE) + { + rc = more_workspace(&rws, RWS_OVEC_OSIZE, mb); + if (rc != 0) return rc; + RWS = (int *)rws; + } + + local_offsets = (PCRE2_SIZE *)(RWS + rws->size - rws->free); + local_workspace = ((int *)local_offsets) + RWS_OVEC_OSIZE; + rws->free -= RWS_RSIZE + RWS_OVEC_OSIZE; while (*endasscode == OP_ALT) endasscode += GET(endasscode, 1); @@ -2684,10 +2798,13 @@ for (;;) ptr, /* where we currently are */ (PCRE2_SIZE)(ptr - start_subject), /* start offset */ local_offsets, /* offset vector */ - sizeof(local_offsets)/sizeof(PCRE2_SIZE), /* size of same */ + RWS_OVEC_OSIZE/OVEC_UNIT, /* size of same */ local_workspace, /* workspace vector */ - sizeof(local_workspace)/sizeof(int), /* size of same */ - rlevel); /* function recursion level */ + RWS_RSIZE, /* size of same */ + rlevel, /* function recursion level */ + RWS); /* recursion workspace */ + + rws->free += RWS_RSIZE + RWS_OVEC_OSIZE; if (rc < 0 && rc != PCRE2_ERROR_NOMATCH) return rc; if ((rc >= 0) == @@ -2702,13 +2819,25 @@ for (;;) /*-----------------------------------------------------------------*/ case OP_RECURSE: { + int rc; + int *local_workspace; + PCRE2_SIZE *local_offsets; + RWS_anchor *rws = (RWS_anchor *)RWS; dfa_recursion_info *ri; - PCRE2_SIZE local_offsets[1000]; - int local_workspace[1000]; PCRE2_SPTR callpat = start_code + GET(code, 1); uint32_t recno = (callpat == mb->start_code)? 0 : GET2(callpat, 1 + LINK_SIZE); - int rc; + + if (rws->free < RWS_RSIZE + RWS_OVEC_RSIZE) + { + rc = more_workspace(&rws, RWS_OVEC_RSIZE, mb); + if (rc != 0) return rc; + RWS = (int *)rws; + } + + local_offsets = (PCRE2_SIZE *)(RWS + rws->size - rws->free); + local_workspace = ((int *)local_offsets) + RWS_OVEC_RSIZE; + rws->free -= RWS_RSIZE + RWS_OVEC_RSIZE; /* Check for repeating a recursion without advancing the subject pointer. This should catch convoluted mutual recursions. (Some simple @@ -2732,11 +2861,13 @@ for (;;) ptr, /* where we currently are */ (PCRE2_SIZE)(ptr - start_subject), /* start offset */ local_offsets, /* offset vector */ - sizeof(local_offsets)/sizeof(PCRE2_SIZE), /* size of same */ + RWS_OVEC_RSIZE/OVEC_UNIT, /* size of same */ local_workspace, /* workspace vector */ - sizeof(local_workspace)/sizeof(int), /* size of same */ - rlevel); /* function recursion level */ + RWS_RSIZE, /* size of same */ + rlevel, /* function recursion level */ + RWS); /* recursion workspace */ + rws->free += RWS_RSIZE + RWS_OVEC_RSIZE; mb->recursive = new_recursive.prevrec; /* Done this recursion */ /* Ran out of internal offsets */ @@ -2782,10 +2913,25 @@ for (;;) case OP_SCBRAPOS: case OP_BRAPOSZERO: { + int rc; + int *local_workspace; + PCRE2_SIZE *local_offsets; PCRE2_SIZE charcount, matched_count; PCRE2_SPTR local_ptr = ptr; + RWS_anchor *rws = (RWS_anchor *)RWS; BOOL allow_zero; + if (rws->free < RWS_RSIZE + RWS_OVEC_OSIZE) + { + rc = more_workspace(&rws, RWS_OVEC_OSIZE, mb); + if (rc != 0) return rc; + RWS = (int *)rws; + } + + local_offsets = (PCRE2_SIZE *)(RWS + rws->size - rws->free); + local_workspace = ((int *)local_offsets) + RWS_OVEC_OSIZE; + rws->free -= RWS_RSIZE + RWS_OVEC_OSIZE; + if (codevalue == OP_BRAPOSZERO) { allow_zero = TRUE; @@ -2798,19 +2944,17 @@ for (;;) for (matched_count = 0;; matched_count++) { - PCRE2_SIZE local_offsets[2]; - int local_workspace[1000]; - - int rc = internal_dfa_match( + rc = internal_dfa_match( mb, /* fixed match data */ code, /* this subexpression's code */ local_ptr, /* where we currently are */ (PCRE2_SIZE)(ptr - start_subject), /* start offset */ local_offsets, /* offset vector */ - sizeof(local_offsets)/sizeof(PCRE2_SIZE), /* size of same */ + RWS_OVEC_OSIZE/OVEC_UNIT, /* size of same */ local_workspace, /* workspace vector */ - sizeof(local_workspace)/sizeof(int), /* size of same */ - rlevel); /* function recursion level */ + RWS_RSIZE, /* size of same */ + rlevel, /* function recursion level */ + RWS); /* recursion workspace */ /* Failed to match */ @@ -2827,6 +2971,8 @@ for (;;) local_ptr += charcount; /* Advance temporary position ptr */ } + rws->free += RWS_RSIZE + RWS_OVEC_OSIZE; + /* At this point we have matched the subpattern matched_count times, and local_ptr is pointing to the character after the end of the last match. */ @@ -2869,19 +3015,35 @@ for (;;) /*-----------------------------------------------------------------*/ case OP_ONCE: { - PCRE2_SIZE local_offsets[2]; - int local_workspace[1000]; + int rc; + int *local_workspace; + PCRE2_SIZE *local_offsets; + RWS_anchor *rws = (RWS_anchor *)RWS; - int rc = internal_dfa_match( + if (rws->free < RWS_RSIZE + RWS_OVEC_OSIZE) + { + rc = more_workspace(&rws, RWS_OVEC_OSIZE, mb); + if (rc != 0) return rc; + RWS = (int *)rws; + } + + local_offsets = (PCRE2_SIZE *)(RWS + rws->size - rws->free); + local_workspace = ((int *)local_offsets) + RWS_OVEC_OSIZE; + rws->free -= RWS_RSIZE + RWS_OVEC_OSIZE; + + rc = internal_dfa_match( mb, /* fixed match data */ code, /* this subexpression's code */ ptr, /* where we currently are */ (PCRE2_SIZE)(ptr - start_subject), /* start offset */ local_offsets, /* offset vector */ - sizeof(local_offsets)/sizeof(PCRE2_SIZE), /* size of same */ + RWS_OVEC_OSIZE/OVEC_UNIT, /* size of same */ local_workspace, /* workspace vector */ - sizeof(local_workspace)/sizeof(int), /* size of same */ - rlevel); /* function recursion level */ + RWS_RSIZE, /* size of same */ + rlevel, /* function recursion level */ + RWS); /* recursion workspace */ + + rws->free += RWS_RSIZE + RWS_OVEC_OSIZE; if (rc >= 0) { @@ -3063,6 +3225,7 @@ pcre2_dfa_match(const pcre2_code *code, PCRE2_SPTR subject, PCRE2_SIZE length, PCRE2_SIZE start_offset, uint32_t options, pcre2_match_data *match_data, pcre2_match_context *mcontext, int *workspace, PCRE2_SIZE wscount) { +int rc; const pcre2_real_code *re = (const pcre2_real_code *)code; PCRE2_SPTR start_match; @@ -3071,9 +3234,9 @@ PCRE2_SPTR bumpalong_limit; PCRE2_SPTR req_cu_ptr; BOOL utf, anchored, startline, firstline; - BOOL has_first_cu = FALSE; BOOL has_req_cu = FALSE; + PCRE2_UCHAR first_cu = 0; PCRE2_UCHAR first_cu2 = 0; PCRE2_UCHAR req_cu = 0; @@ -3088,6 +3251,17 @@ pcre2_callout_block cb; dfa_match_block actual_match_block; dfa_match_block *mb = &actual_match_block; +/* Set up a starting block of memory for use during recursive calls to +internal_dfa_match(). By putting this on the stack, it minimizes resource use +in the case when it is not needed. If this is too small, more memory is +obtained from the heap. At the start of each block is an anchor structure.*/ + +int base_recursion_workspace[RWS_BASE_SIZE]; +RWS_anchor *rws = (RWS_anchor *)base_recursion_workspace; +rws->next = NULL; +rws->size = RWS_BASE_SIZE; +rws->free = RWS_BASE_SIZE - RWS_ANCHOR_SIZE; + /* A length equal to PCRE2_ZERO_TERMINATED implies a zero-terminated subject string. */ @@ -3184,6 +3358,7 @@ if (mcontext == NULL) mb->memctl = re->memctl; mb->match_limit = PRIV(default_match_context).match_limit; mb->match_limit_depth = PRIV(default_match_context).depth_limit; + mb->heap_limit = PRIV(default_match_context).heap_limit; } else { @@ -3198,6 +3373,7 @@ else mb->memctl = mcontext->memctl; mb->match_limit = mcontext->match_limit; mb->match_limit_depth = mcontext->depth_limit; + mb->heap_limit = mcontext->heap_limit; } if (mb->match_limit > re->limit_match) @@ -3206,6 +3382,9 @@ if (mb->match_limit > re->limit_match) if (mb->match_limit_depth > re->limit_depth) mb->match_limit_depth = re->limit_depth; +if (mb->heap_limit > re->limit_heap) + mb->heap_limit = re->limit_heap; + mb->start_code = (PCRE2_UCHAR *)((uint8_t *)re + sizeof(pcre2_real_code)) + re->name_count * re->name_entry_size; mb->tables = re->tables; @@ -3215,6 +3394,7 @@ mb->start_offset = start_offset; mb->moptions = options; mb->poptions = re->overall_options; mb->match_call_count = 0; +mb->heap_used = 0; /* Process the \R and newline settings. */ @@ -3351,8 +3531,6 @@ a match. */ for (;;) { - int rc; - /* ----------------- Start of match optimizations ---------------- */ /* There are some optimizations that avoid running the match if a known @@ -3544,7 +3722,7 @@ for (;;) in characters, we treat it as code units to avoid spending too much time in this optimization. */ - if (end_subject - start_match < re->minlength) return PCRE2_ERROR_NOMATCH; + if (end_subject - start_match < re->minlength) goto NOMATCH_EXIT; /* If req_cu is set, we know that that code unit must appear in the subject for the match to succeed. If the first code unit is set, req_cu @@ -3621,7 +3799,8 @@ for (;;) (uint32_t)match_data->oveccount * 2, /* actual size of same */ workspace, /* workspace vector */ (int)wscount, /* size of same */ - 0); /* function recurse level */ + 0, /* function recurse level */ + base_recursion_workspace); /* initial workspace for recursion */ /* Anything other than "no match" means we are done, always; otherwise, carry on only if not anchored. */ @@ -3637,7 +3816,7 @@ for (;;) match_data->rightchar = (PCRE2_SIZE)( mb->last_used_ptr - subject); match_data->startchar = (PCRE2_SIZE)(start_match - subject); match_data->rc = rc; - return rc; + goto EXIT; } /* Advance to the next subject character unless we are at the end of a line @@ -3668,8 +3847,18 @@ for (;;) } /* "Bumpalong" loop */ +NOMATCH_EXIT: +rc = PCRE2_ERROR_NOMATCH; + +EXIT: +while (rws->next != NULL) + { + RWS_anchor *next = rws->next; + rws->next = next->next; + mb->memctl.free(next, mb->memctl.memory_data); + } -return PCRE2_ERROR_NOMATCH; +return rc; } /* End of pcre2_dfa_match.c */ diff --git a/thirdparty/pcre2/src/pcre2_error.c b/thirdparty/pcre2/src/pcre2_error.c index d98cae9963..4b3b3f1bc0 100644 --- a/thirdparty/pcre2/src/pcre2_error.c +++ b/thirdparty/pcre2/src/pcre2_error.c @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016-2017 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -107,7 +107,7 @@ static const unsigned char compile_error_texts[] = /* 35 */ "lookbehind is too complicated\0" "\\C is not allowed in a lookbehind assertion in UTF-" XSTRING(PCRE2_CODE_UNIT_WIDTH) " mode\0" - "PCRE does not support \\L, \\l, \\N{name}, \\U, or \\u\0" + "PCRE2 does not support \\F, \\L, \\l, \\N{name}, \\U, or \\u\0" "number after (?C is greater than 255\0" "closing parenthesis for (?C expected\0" /* 40 */ @@ -133,7 +133,8 @@ static const unsigned char compile_error_texts[] = "internal error: unknown newline setting\0" "\\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number\0" "(?R (recursive pattern call) must be followed by a closing parenthesis\0" - "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0" + /* "an argument is not allowed for (*ACCEPT), (*FAIL), or (*COMMIT)\0" */ + "obsolete error (should not occur)\0" /* Was the above */ /* 60 */ "(*VERB) not recognized or malformed\0" "group number is too big\0" @@ -160,7 +161,7 @@ static const unsigned char compile_error_texts[] = "using UCP is disabled by the application\0" "name is too long in (*MARK), (*PRUNE), (*SKIP), or (*THEN)\0" "character code point value in \\u.... sequence is too large\0" - "digits missing in \\x{} or \\o{}\0" + "digits missing in \\x{} or \\o{} or \\N{U+}\0" "syntax error or number too big in (?(VERSION condition\0" /* 80 */ "internal error: unknown opcode in auto_possessify()\0" @@ -178,6 +179,8 @@ static const unsigned char compile_error_texts[] = "internal error: bad code value in parsed_skip()\0" "PCRE2_EXTRA_ALLOW_SURROGATE_ESCAPES is not allowed in UTF-16 mode\0" "invalid option bits with PCRE2_LITERAL\0" + "\\N{U+dddd} is supported only in Unicode (UTF) mode\0" + "invalid hyphen in option setting\0" ; /* Match-time and UTF error texts are in the same format. */ @@ -255,11 +258,13 @@ static const unsigned char match_error_texts[] = "expected closing curly bracket in replacement string\0" "bad substitution in replacement string\0" /* 60 */ - "match with end before start is not supported\0" + "match with end before start or start moved backwards is not supported\0" "too many replacements (more than INT_MAX)\0" "bad serialized data\0" "heap limit exceeded\0" "invalid syntax\0" + /* 65 */ + "internal error - duplicate substitution match\0" ; diff --git a/thirdparty/pcre2/src/pcre2_extuni.c b/thirdparty/pcre2/src/pcre2_extuni.c index 11a0bfbdd6..237211abf7 100644 --- a/thirdparty/pcre2/src/pcre2_extuni.c +++ b/thirdparty/pcre2/src/pcre2_extuni.c @@ -129,11 +129,11 @@ while (eptr < end_subject) if ((ricount & 1) != 0) break; /* Grapheme break required */ } - /* If Extend follows E_Base[_GAZ] do not update lgb; this allows - any number of Extend before a following E_Modifier. */ + /* If Extend or ZWJ follows Extended_Pictographic, do not update lgb; this + allows any number of them before a following Extended_Pictographic. */ - if (rgb != ucp_gbExtend || - (lgb != ucp_gbE_Base && lgb != ucp_gbE_Base_GAZ)) + if ((rgb != ucp_gbExtend && rgb != ucp_gbZWJ) || + lgb != ucp_gbExtended_Pictographic) lgb = rgb; eptr += len; diff --git a/thirdparty/pcre2/src/pcre2_find_bracket.c b/thirdparty/pcre2/src/pcre2_find_bracket.c index 357385a11c..70baa1394f 100644 --- a/thirdparty/pcre2/src/pcre2_find_bracket.c +++ b/thirdparty/pcre2/src/pcre2_find_bracket.c @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -131,6 +131,7 @@ for (;;) break; case OP_MARK: + case OP_COMMIT_ARG: case OP_PRUNE_ARG: case OP_SKIP_ARG: case OP_THEN_ARG: diff --git a/thirdparty/pcre2/src/pcre2_internal.h b/thirdparty/pcre2/src/pcre2_internal.h index 3db9d604f4..8750f2f174 100644 --- a/thirdparty/pcre2/src/pcre2_internal.h +++ b/thirdparty/pcre2/src/pcre2_internal.h @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016-2017 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -165,6 +165,16 @@ by "configure". */ #define INT64_OR_DOUBLE double #endif +/* External (in the C sense) functions and tables that are private to the +libraries are always referenced using the PRIV macro. This makes it possible +for pcre2test.c to include some of the source files from the libraries using a +different PRIV definition to avoid name clashes. It also makes it clear in the +code that a non-static object is being referenced. */ + +#ifndef PRIV +#define PRIV(name) _pcre2_##name +#endif + /* When compiling for use with the Virtual Pascal compiler, these functions need to have their names changed. PCRE2 must be compiled with the -DVPCOMPAT option on the command line. */ @@ -178,50 +188,15 @@ option on the command line. */ #define memset(s,c,n) _memset(s,c,n) #else /* VPCOMPAT */ -/* To cope with SunOS4 and other systems that lack memmove() but have bcopy(), -define a macro for memmove() if HAVE_MEMMOVE is false, provided that HAVE_BCOPY -is set. Otherwise, include an emulating function for those systems that have -neither (there some non-Unix environments where this is the case). */ +/* Otherwise, to cope with SunOS4 and other systems that lack memmove(), define +a macro that calls an emulating function. */ #ifndef HAVE_MEMMOVE -#undef memmove /* some systems may have a macro */ -#ifdef HAVE_BCOPY -#define memmove(a, b, c) bcopy(b, a, c) -#else /* HAVE_BCOPY */ -static void * -pcre2_memmove(void *d, const void *s, size_t n) -{ -size_t i; -unsigned char *dest = (unsigned char *)d; -const unsigned char *src = (const unsigned char *)s; -if (dest > src) - { - dest += n; - src += n; - for (i = 0; i < n; ++i) *(--dest) = *(--src); - return (void *)dest; - } -else - { - for (i = 0; i < n; ++i) *dest++ = *src++; - return (void *)(dest - n); - } -} -#define memmove(a, b, c) pcre2_memmove(a, b, c) -#endif /* not HAVE_BCOPY */ +#undef memmove /* Some systems may have a macro */ +#define memmove(a, b, c) PRIV(memmove)(a, b, c) #endif /* not HAVE_MEMMOVE */ #endif /* not VPCOMPAT */ -/* External (in the C sense) functions and tables that are private to the -libraries are always referenced using the PRIV macro. This makes it possible -for pcre2test.c to include some of the source files from the libraries using a -different PRIV definition to avoid name clashes. It also makes it clear in the -code that a non-static object is being referenced. */ - -#ifndef PRIV -#define PRIV(name) _pcre2_##name -#endif - /* This is an unsigned int value that no UTF character can ever have, as Unicode doesn't go beyond 0x0010ffff. */ @@ -247,12 +222,17 @@ not rely on this. */ pcre2_match() is allocated on the system stack, of this size (bytes). The size must be a multiple of sizeof(PCRE2_SPTR) in all environments, so making it a multiple of 8 is best. Typical frame sizes are a few hundred bytes (it depends -on the number of capturing parentheses) so 20K handles quite a few frames. A +on the number of capturing parentheses) so 20KiB handles quite a few frames. A larger vector on the heap is obtained for patterns that need more frames. The maximum size of this can be limited. */ #define START_FRAMES_SIZE 20480 +/* Similarly, for DFA matching, an initial internal workspace vector is +allocated on the stack. */ + +#define DFA_START_RWS_SIZE 30720 + /* Define the default BSR convention. */ #ifdef BSR_ANYCRLF @@ -585,14 +565,15 @@ these tables. */ #define cbit_cntrl 288 /* [:cntrl:] */ #define cbit_length 320 /* Length of the cbits table */ -/* Bit definitions for entries in the ctypes table. */ +/* Bit definitions for entries in the ctypes table. Do not change these values +without checking pcre2_jit_compile.c, which has an assertion to ensure that +ctype_word has the value 16. */ #define ctype_space 0x01 #define ctype_letter 0x02 #define ctype_digit 0x04 -#define ctype_xdigit 0x08 +#define ctype_xdigit 0x08 /* not actually used any more */ #define ctype_word 0x10 /* alphanumeric or '_' */ -#define ctype_meta 0x80 /* regexp meta char or zero (end pattern) */ /* Offsets of the various tables from the base tables pointer, and total length of the tables. */ @@ -1267,36 +1248,6 @@ contain characters with values greater than 255. */ #define XCL_PROP 3 /* Unicode property (2-byte property code follows) */ #define XCL_NOTPROP 4 /* Unicode inverted property (ditto) */ -/* Escape items that are just an encoding of a particular data value. These -appear in the escapes[] table in pcre2_compile.c as positive numbers. */ - -#ifndef ESC_a -#define ESC_a CHAR_BEL -#endif - -#ifndef ESC_e -#define ESC_e CHAR_ESC -#endif - -#ifndef ESC_f -#define ESC_f CHAR_FF -#endif - -#ifndef ESC_n -#define ESC_n CHAR_LF -#endif - -#ifndef ESC_r -#define ESC_r CHAR_CR -#endif - -/* We can't officially use ESC_t because it is a POSIX reserved identifier -(presumably because of all the others like size_t). */ - -#ifndef ESC_tee -#define ESC_tee CHAR_HT -#endif - /* These are escaped items that aren't just an encoding of a particular data value such as \n. They must have non-zero values, as check_escape() returns 0 for a data character. In the escapes[] table in pcre2_compile.c their values @@ -1578,23 +1529,26 @@ enum { OP_THEN, /* 155 */ OP_THEN_ARG, /* 156 same, but with argument */ OP_COMMIT, /* 157 */ + OP_COMMIT_ARG, /* 158 same, but with argument */ - /* These are forced failure and success verbs */ + /* These are forced failure and success verbs. FAIL and ACCEPT do accept an + argument, but these cases can be compiled as, for example, (*MARK:X)(*FAIL) + without the need for a special opcode. */ - OP_FAIL, /* 158 */ - OP_ACCEPT, /* 159 */ - OP_ASSERT_ACCEPT, /* 160 Used inside assertions */ - OP_CLOSE, /* 161 Used before OP_ACCEPT to close open captures */ + OP_FAIL, /* 159 */ + OP_ACCEPT, /* 160 */ + OP_ASSERT_ACCEPT, /* 161 Used inside assertions */ + OP_CLOSE, /* 162 Used before OP_ACCEPT to close open captures */ /* This is used to skip a subpattern with a {0} quantifier */ - OP_SKIPZERO, /* 162 */ + OP_SKIPZERO, /* 163 */ /* This is used to identify a DEFINE group during compilation so that it can be checked for having only one branch. It is changed to OP_FALSE before compilation finishes. */ - OP_DEFINE, /* 163 */ + OP_DEFINE, /* 164 */ /* This is not an opcode, but is used to check that tables indexed by opcode are the correct length, in order to catch updating errors - there have been @@ -1650,7 +1604,7 @@ some cases doesn't actually use these names at all). */ "Cond false", "Cond true", \ "Brazero", "Braminzero", "Braposzero", \ "*MARK", "*PRUNE", "*PRUNE", "*SKIP", "*SKIP", \ - "*THEN", "*THEN", "*COMMIT", "*FAIL", \ + "*THEN", "*THEN", "*COMMIT", "*COMMIT", "*FAIL", \ "*ACCEPT", "*ASSERT_ACCEPT", \ "Close", "Skip zero", "Define" @@ -1742,7 +1696,8 @@ in UTF-8 mode. The code that uses this table must know about such things. */ 3, 1, 3, /* MARK, PRUNE, PRUNE_ARG */ \ 1, 3, /* SKIP, SKIP_ARG */ \ 1, 3, /* THEN, THEN_ARG */ \ - 1, 1, 1, 1, /* COMMIT, FAIL, ACCEPT, ASSERT_ACCEPT */ \ + 1, 3, /* COMMIT, COMMIT_ARG */ \ + 1, 1, 1, /* FAIL, ACCEPT, ASSERT_ACCEPT */ \ 1+IMM2_SIZE, 1, /* CLOSE, SKIPZERO */ \ 1 /* DEFINE */ @@ -1896,7 +1851,7 @@ extern const ucd_record PRIV(ucd_records)[]; #if PCRE2_CODE_UNIT_WIDTH == 32 extern const ucd_record PRIV(dummy_ucd_record)[]; #endif -extern const uint8_t PRIV(ucd_stage1)[]; +extern const uint16_t PRIV(ucd_stage1)[]; extern const uint16_t PRIV(ucd_stage2)[]; extern const uint32_t PRIV(ucp_gbtable)[]; extern const uint32_t PRIV(ucp_gentype)[]; @@ -1976,6 +1931,14 @@ extern int _pcre2_valid_utf(PCRE2_SPTR, PCRE2_SIZE, PCRE2_SIZE *); extern BOOL _pcre2_was_newline(PCRE2_SPTR, uint32_t, PCRE2_SPTR, uint32_t *, BOOL); extern BOOL _pcre2_xclass(uint32_t, PCRE2_SPTR, BOOL); + +/* This function is needed only when memmove() is not available. */ + +#if !defined(VPCOMPAT) && !defined(HAVE_MEMMOVE) +#define _pcre2_memmove PCRE2_SUFFIX(_pcre2_memmove) +extern void * _pcre2_memmove(void *, const void *, size_t); +#endif + #endif /* PCRE2_CODE_UNIT_WIDTH */ #endif /* PCRE2_INTERNAL_H_IDEMPOTENT_GUARD */ diff --git a/thirdparty/pcre2/src/pcre2_intmodedep.h b/thirdparty/pcre2/src/pcre2_intmodedep.h index c4c4c3adb9..62626d0a8a 100644 --- a/thirdparty/pcre2/src/pcre2_intmodedep.h +++ b/thirdparty/pcre2/src/pcre2_intmodedep.h @@ -793,11 +793,23 @@ typedef struct heapframe { uint8_t return_id; /* Where to go on in internal "return" */ uint8_t op; /* Processing opcode */ + /* At this point, the structure is 16-bit aligned. On most architectures + the alignment requirement for a pointer will ensure that the eptr field below + is 32-bit or 64-bit aligned. However, on m68k it is fine to have a pointer + that is 16-bit aligned. We must therefore ensure that what comes between here + and eptr is an odd multiple of 16 bits so as to get back into 32-bit + alignment. This happens naturally when PCRE2_UCHAR is 8 bits wide, but needs + fudges in the other cases. In the 32-bit case the padding comes first so that + the occu field itself is 32-bit aligned. Without the padding, this structure + is no longer a multiple of PCRE2_SIZE on m68k, and the check below fails. */ + #if PCRE2_CODE_UNIT_WIDTH == 8 PCRE2_UCHAR occu[6]; /* Used for other case code units */ #elif PCRE2_CODE_UNIT_WIDTH == 16 PCRE2_UCHAR occu[2]; /* Used for other case code units */ + uint8_t unused[2]; /* Ensure 32-bit alignment (see above) */ #else + uint8_t unused[2]; /* Ensure 32-bit alignment (see above) */ PCRE2_UCHAR occu[1]; /* Used for other case code units */ #endif @@ -818,6 +830,9 @@ typedef struct heapframe { PCRE2_SIZE ovector[131072]; /* Must be last in the structure */ } heapframe; +/* This typedef is a check that the size of the heapframe structure is a +multiple of PCRE2_SIZE. See various comments above. */ + typedef char check_heapframe_size[ ((sizeof(heapframe) % sizeof(PCRE2_SIZE)) == 0)? (+1):(-1)]; @@ -881,6 +896,8 @@ typedef struct dfa_match_block { PCRE2_SPTR last_used_ptr; /* Latest consulted character */ const uint8_t *tables; /* Character tables */ PCRE2_SIZE start_offset; /* The start offset value */ + PCRE2_SIZE heap_limit; /* As it says */ + PCRE2_SIZE heap_used; /* As it says */ uint32_t match_limit; /* As it says */ uint32_t match_limit_depth; /* As it says */ uint32_t match_call_count; /* Number of calls of internal function */ diff --git a/thirdparty/pcre2/src/pcre2_jit_compile.c b/thirdparty/pcre2/src/pcre2_jit_compile.c index 80ed1c4ca6..32e985b793 100644 --- a/thirdparty/pcre2/src/pcre2_jit_compile.c +++ b/thirdparty/pcre2/src/pcre2_jit_compile.c @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016-2017 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -839,6 +839,7 @@ switch(*cc) #endif case OP_MARK: + case OP_COMMIT_ARG: case OP_PRUNE_ARG: case OP_SKIP_ARG: case OP_THEN_ARG: @@ -939,6 +940,7 @@ while (cc < ccend) common->control_head_ptr = 1; /* Fall through. */ + case OP_COMMIT_ARG: case OP_PRUNE_ARG: case OP_MARK: if (common->mark_ptr == 0) @@ -1553,6 +1555,7 @@ while (cc < ccend) break; case OP_MARK: + case OP_COMMIT_ARG: case OP_PRUNE_ARG: case OP_THEN_ARG: SLJIT_ASSERT(common->mark_ptr != 0); @@ -1733,6 +1736,7 @@ while (cc < ccend) break; case OP_MARK: + case OP_COMMIT_ARG: case OP_PRUNE_ARG: case OP_THEN_ARG: SLJIT_ASSERT(common->mark_ptr != 0); @@ -2041,6 +2045,7 @@ while (cc < ccend) break; case OP_MARK: + case OP_COMMIT_ARG: case OP_PRUNE_ARG: case OP_THEN_ARG: SLJIT_ASSERT(common->mark_ptr != 0); @@ -2428,6 +2433,7 @@ while (cc < ccend) break; case OP_MARK: + case OP_COMMIT_ARG: case OP_PRUNE_ARG: case OP_THEN_ARG: SLJIT_ASSERT(common->mark_ptr != 0); @@ -3666,7 +3672,8 @@ if (!common->utf) #endif OP2(SLJIT_LSHR, TMP2, 0, TMP1, 0, SLJIT_IMM, UCD_BLOCK_SHIFT); -OP1(SLJIT_MOV_U8, TMP2, 0, SLJIT_MEM1(TMP2), (sljit_sw)PRIV(ucd_stage1)); +OP2(SLJIT_SHL, TMP2, 0, TMP2, 0, SLJIT_IMM, 1); +OP1(SLJIT_MOV_U16, TMP2, 0, SLJIT_MEM1(TMP2), (sljit_sw)PRIV(ucd_stage1)); OP2(SLJIT_AND, TMP1, 0, TMP1, 0, SLJIT_IMM, UCD_BLOCK_MASK); OP2(SLJIT_SHL, TMP2, 0, TMP2, 0, SLJIT_IMM, UCD_BLOCK_SHIFT); OP2(SLJIT_ADD, TMP1, 0, TMP1, 0, TMP2, 0); @@ -5894,6 +5901,8 @@ for (i = 0; i < 32; i++) } } +if (len == 0) return FALSE; /* Should never occur, but stops analyzers complaining. */ + i = 0; j = 0; @@ -6627,7 +6636,8 @@ if (needstype || needsscript) #endif OP2(SLJIT_LSHR, TMP2, 0, TMP1, 0, SLJIT_IMM, UCD_BLOCK_SHIFT); - OP1(SLJIT_MOV_U8, TMP2, 0, SLJIT_MEM1(TMP2), (sljit_sw)PRIV(ucd_stage1)); + OP2(SLJIT_SHL, TMP2, 0, TMP2, 0, SLJIT_IMM, 1); + OP1(SLJIT_MOV_U16, TMP2, 0, SLJIT_MEM1(TMP2), (sljit_sw)PRIV(ucd_stage1)); OP2(SLJIT_AND, TMP1, 0, TMP1, 0, SLJIT_IMM, UCD_BLOCK_MASK); OP2(SLJIT_SHL, TMP2, 0, TMP2, 0, SLJIT_IMM, UCD_BLOCK_SHIFT); OP2(SLJIT_ADD, TMP1, 0, TMP1, 0, TMP2, 0); @@ -7254,10 +7264,11 @@ while (cc < end_subject) if ((ricount & 1) != 0) break; /* Grapheme break required */ } - /* If Extend follows E_Base[_GAZ] do not update lgb; this allows - any number of Extend before a following E_Modifier. */ + /* If Extend or ZWJ follows Extended_Pictographic, do not update lgb; this + allows any number of them before a following Extended_Pictographic. */ - if (rgb != ucp_gbExtend || (lgb != ucp_gbE_Base && lgb != ucp_gbE_Base_GAZ)) + if ((rgb != ucp_gbExtend && rgb != ucp_gbZWJ) || + lgb != ucp_gbExtended_Pictographic) lgb = rgb; prevcc = cc; @@ -7309,10 +7320,11 @@ while (cc < end_subject) if ((ricount & 1) != 0) break; /* Grapheme break required */ } - /* If Extend follows E_Base[_GAZ] do not update lgb; this allows - any number of Extend before a following E_Modifier. */ + /* If Extend or ZWJ follows Extended_Pictographic, do not update lgb; this + allows any number of them before a following Extended_Pictographic. */ - if (rgb != ucp_gbExtend || (lgb != ucp_gbE_Base && lgb != ucp_gbE_Base_GAZ)) + if ((rgb != ucp_gbExtend && rgb != ucp_gbZWJ) || + lgb != ucp_gbExtended_Pictographic) lgb = rgb; cc++; @@ -10346,7 +10358,8 @@ backtrack_common *backtrack; PCRE2_UCHAR opcode = *cc; PCRE2_SPTR ccend = cc + 1; -if (opcode == OP_PRUNE_ARG || opcode == OP_SKIP_ARG || opcode == OP_THEN_ARG) +if (opcode == OP_COMMIT_ARG || opcode == OP_PRUNE_ARG || + opcode == OP_SKIP_ARG || opcode == OP_THEN_ARG) ccend += 2 + cc[1]; PUSH_BACKTRACK(sizeof(backtrack_common), cc, NULL); @@ -10358,7 +10371,7 @@ if (opcode == OP_SKIP) return ccend; } -if (opcode == OP_PRUNE_ARG || opcode == OP_THEN_ARG) +if (opcode == OP_COMMIT_ARG || opcode == OP_PRUNE_ARG || opcode == OP_THEN_ARG) { OP1(SLJIT_MOV, TMP1, 0, ARGUMENTS, 0); OP1(SLJIT_MOV, TMP2, 0, SLJIT_IMM, (sljit_sw)(cc + 2)); @@ -10677,6 +10690,7 @@ while (cc < ccend) case OP_THEN: case OP_THEN_ARG: case OP_COMMIT: + case OP_COMMIT_ARG: cc = compile_control_verb_matchingpath(common, cc, parent); break; @@ -11751,6 +11765,7 @@ while (current) break; case OP_COMMIT: + case OP_COMMIT_ARG: if (!common->local_quit_available) OP1(SLJIT_MOV, SLJIT_RETURN_REG, 0, SLJIT_IMM, PCRE2_ERROR_NOMATCH); if (common->quit_label == NULL) diff --git a/thirdparty/pcre2/src/pcre2_maketables.c b/thirdparty/pcre2/src/pcre2_maketables.c index 2c7ae84d86..537edba8c3 100644 --- a/thirdparty/pcre2/src/pcre2_maketables.c +++ b/thirdparty/pcre2/src/pcre2_maketables.c @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -141,13 +141,6 @@ for (i = 0; i < 256; i++) if (isdigit(i)) x += ctype_digit; if (isxdigit(i)) x += ctype_xdigit; if (isalnum(i) || i == '_') x += ctype_word; - - /* Note: strchr includes the terminating zero in the characters it considers. - In this instance, that is ok because we want binary zero to be flagged as a - meta-character, which in this sense is any character that terminates a run - of data characters. */ - - if (strchr("\\*+?{^.$|()[", i) != 0) x += ctype_meta; *p++ = x; } diff --git a/thirdparty/pcre2/src/pcre2_match.c b/thirdparty/pcre2/src/pcre2_match.c index 79cc93f918..8741e1432d 100644 --- a/thirdparty/pcre2/src/pcre2_match.c +++ b/thirdparty/pcre2/src/pcre2_match.c @@ -43,11 +43,11 @@ POSSIBILITY OF SUCH DAMAGE. #include "config.h" #endif -/* These defines enables debugging code */ +/* These defines enable debugging code */ -//#define DEBUG_FRAMES_DISPLAY -//#define DEBUG_SHOW_OPS -//#define DEBUG_SHOW_RMATCH +/* #define DEBUG_FRAMES_DISPLAY */ +/* #define DEBUG_SHOW_OPS */ +/* #define DEBUG_SHOW_RMATCH */ #ifdef DEBUG_FRAME_DISPLAY #include <stdarg.h> @@ -149,7 +149,7 @@ changed, the code at RETURN_SWITCH below must be updated in sync. */ enum { RM1=1, RM2, RM3, RM4, RM5, RM6, RM7, RM8, RM9, RM10, RM11, RM12, RM13, RM14, RM15, RM16, RM17, RM18, RM19, RM20, RM21, RM22, RM23, RM24, RM25, RM26, RM27, RM28, RM29, RM30, - RM31, RM32, RM33, RM34, RM35 }; + RM31, RM32, RM33, RM34, RM35, RM36 }; #ifdef SUPPORT_WIDE_CHARS enum { RM100=100, RM101 }; @@ -770,7 +770,7 @@ fprintf(stderr, "++ op=%d\n", *Fecode); /* ===================================================================== */ /* Real or forced end of the pattern, assertion, or recursion. In an assertion ACCEPT, update the last used pointer and remember the current - frame so that the captures can be fished out of it. */ + frame so that the captures and mark can be fished out of it. */ case OP_ASSERT_ACCEPT: if (Feptr > mb->last_used_ptr) mb->last_used_ptr = Feptr; @@ -1776,7 +1776,7 @@ fprintf(stderr, "++ op=%d\n", *Fecode); /* ===================================================================== */ - /* Match a bit-mapped character class, possibly repeatedly. These op codes + /* Match a bit-mapped character class, possibly repeatedly. These opcodes are used when all the characters in the class have values in the range 0-255, and either the matching is caseful, or the characters are in the range 0-127 when UTF processing is enabled. The only difference between @@ -1962,11 +1962,15 @@ fprintf(stderr, "++ op=%d\n", *Fecode); if (reptype == REPTYPE_POS) continue; /* No backtracking */ + /* After \C in UTF mode, Lstart_eptr might be in the middle of a + Unicode character. Use <= Lstart_eptr to ensure backtracking doesn't + go too far. */ + for (;;) { RMATCH(Fecode, RM201); if (rrc != MATCH_NOMATCH) RRETURN(rrc); - if (Feptr-- == Lstart_eptr) break; /* Tried at original position */ + if (Feptr-- <= Lstart_eptr) break; /* Tried at original position */ BACKCHAR(Feptr); } } @@ -2126,11 +2130,15 @@ fprintf(stderr, "++ op=%d\n", *Fecode); if (reptype == REPTYPE_POS) continue; /* No backtracking */ + /* After \C in UTF mode, Lstart_eptr might be in the middle of a + Unicode character. Use <= Lstart_eptr to ensure backtracking doesn't + go too far. */ + for(;;) { RMATCH(Fecode, RM101); if (rrc != MATCH_NOMATCH) RRETURN(rrc); - if (Feptr-- == Lstart_eptr) break; /* Tried at original position */ + if (Feptr-- <= Lstart_eptr) break; /* Tried at original position */ #ifdef SUPPORT_UNICODE if (utf) BACKCHAR(Feptr); #endif @@ -2456,7 +2464,7 @@ fprintf(stderr, "++ op=%d\n", *Fecode); /* ===================================================================== */ /* Match a single character type repeatedly. Note that the property type - does not need to be in a stack frame as it not used within an RMATCH() + does not need to be in a stack frame as it is not used within an RMATCH() loop. */ #define Lstart_eptr F->temp_sptr[0] @@ -4002,8 +4010,8 @@ fprintf(stderr, "++ op=%d\n", *Fecode); if (reptype == REPTYPE_POS) continue; /* No backtracking */ /* After \C in UTF mode, Lstart_eptr might be in the middle of a - Unicode character. Use <= pp to ensure backtracking doesn't go too far. - */ + Unicode character. Use <= Lstart_eptr to ensure backtracking doesn't + go too far. */ for(;;) { @@ -4135,7 +4143,7 @@ fprintf(stderr, "++ op=%d\n", *Fecode); } break; - /* The "byte" (i.e. "code unit") case is the same as non-UTF */ + /* The "byte" (i.e. "code unit") case is the same as non-UTF */ case OP_ANYBYTE: fc = Lmax - Lmin; @@ -5111,7 +5119,7 @@ fprintf(stderr, "++ op=%d\n", *Fecode); /* Positive assertions are like other groups except that PCRE doesn't allow the effect of (*THEN) to escape beyond an assertion; it is therefore treated as NOMATCH. (*ACCEPT) is treated as successful assertion, with its - captures retained. Any other return is an error. */ + captures and mark retained. Any other return is an error. */ #define Lframe_type F->temp_32[0] @@ -5128,6 +5136,7 @@ fprintf(stderr, "++ op=%d\n", *Fecode); (char *)assert_accept_frame + offsetof(heapframe, ovector), assert_accept_frame->offset_top * sizeof(PCRE2_SIZE)); Foffset_top = assert_accept_frame->offset_top; + Fmark = assert_accept_frame->mark; break; } if (rrc != MATCH_NOMATCH && rrc != MATCH_THEN) RRETURN(rrc); @@ -5416,7 +5425,7 @@ fprintf(stderr, "++ op=%d\n", *Fecode); Feptr -= number; } - /* Save the earliest consulted character, then skip to next op code */ + /* Save the earliest consulted character, then skip to next opcode */ if (Feptr < mb->start_used_ptr) mb->start_used_ptr = Feptr; Fecode += 1 + LINK_SIZE; @@ -5501,7 +5510,7 @@ fprintf(stderr, "++ op=%d\n", *Fecode); frame so that it points to the final branch. */ case OP_ONCE: - Fback_frame = ((char *)F - (char *)P) + frame_size; + Fback_frame = ((char *)F - (char *)P); for (;;) { uint32_t y = GET(P->ecode,1); @@ -5829,6 +5838,13 @@ fprintf(stderr, "++ op=%d\n", *Fecode); mb->verb_current_recurse = Fcurrent_recurse; RRETURN(MATCH_COMMIT); + case OP_COMMIT_ARG: + Fmark = mb->nomatch_mark = Fecode + 2; + RMATCH(Fecode + PRIV(OP_lengths)[*Fecode] + Fecode[1], RM36); + if (rrc != MATCH_NOMATCH) RRETURN(rrc); + mb->verb_current_recurse = Fcurrent_recurse; + RRETURN(MATCH_COMMIT); + case OP_PRUNE: RMATCH(Fecode + PRIV(OP_lengths)[*Fecode], RM14); if (rrc != MATCH_NOMATCH) RRETURN(rrc); @@ -5921,7 +5937,7 @@ in rrc. */ RETURN_SWITCH: if (Frdepth == 0) return rrc; /* Exit from the top level */ -F = (heapframe *)((char *)F - Fback_frame); /* Back track */ +F = (heapframe *)((char *)F - Fback_frame); /* Backtrack */ mb->cb->callout_flags |= PCRE2_CALLOUT_BACKTRACK; /* Note for callouts */ #ifdef DEBUG_SHOW_RMATCH @@ -5934,7 +5950,7 @@ switch (Freturn_id) LBL( 9) LBL(10) LBL(11) LBL(12) LBL(13) LBL(14) LBL(15) LBL(16) LBL(17) LBL(18) LBL(19) LBL(20) LBL(21) LBL(22) LBL(23) LBL(24) LBL(25) LBL(26) LBL(27) LBL(28) LBL(29) LBL(30) LBL(31) LBL(32) - LBL(33) LBL(34) LBL(35) + LBL(33) LBL(34) LBL(35) LBL(36) #ifdef SUPPORT_WIDE_CHARS LBL(100) LBL(101) @@ -6275,7 +6291,7 @@ mb->match_limit_depth = (mcontext->depth_limit < re->limit_depth)? /* If a pattern has very many capturing parentheses, the frame size may be very large. Ensure that there are at least 10 available frames by getting an initial vector on the heap if necessary, except when the heap limit prevents this. Get -fewer if possible. (The heap limit is in kilobytes.) */ +fewer if possible. (The heap limit is in kibibytes.) */ if (frame_size <= START_FRAMES_SIZE/10) { diff --git a/thirdparty/pcre2/src/pcre2_pattern_info.c b/thirdparty/pcre2/src/pcre2_pattern_info.c index 906e9198f5..a29f5eff67 100644 --- a/thirdparty/pcre2/src/pcre2_pattern_info.c +++ b/thirdparty/pcre2/src/pcre2_pattern_info.c @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016-2017 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -390,6 +390,7 @@ while (TRUE) #endif case OP_MARK: + case OP_COMMIT_ARG: case OP_PRUNE_ARG: case OP_SKIP_ARG: case OP_THEN_ARG: diff --git a/thirdparty/pcre2/src/pcre2_serialize.c b/thirdparty/pcre2/src/pcre2_serialize.c index d2cc603cbb..cec1a035d1 100644 --- a/thirdparty/pcre2/src/pcre2_serialize.c +++ b/thirdparty/pcre2/src/pcre2_serialize.c @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016-2017 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -127,7 +127,25 @@ dst_bytes += tables_length; for (i = 0; i < number_of_codes; i++) { re = (const pcre2_real_code *)(codes[i]); - memcpy(dst_bytes, (char *)re, re->blocksize); + (void)memcpy(dst_bytes, (char *)re, re->blocksize); + + /* Certain fields in the compiled code block are re-set during + deserialization. In order to ensure that the serialized data stream is always + the same for the same pattern, set them to zero here. We can't assume the + copy of the pattern is correctly aligned for accessing the fields as part of + a structure. Note the use of sizeof(void *) in the second of these, to + specify the size of a pointer. If sizeof(uint8_t *) is used (tables is a + pointer to uint8_t), gcc gives a warning because the first argument is also a + pointer to uint8_t. Casting the first argument to (void *) can stop this, but + it didn't stop Coverity giving the same complaint. */ + + (void)memset(dst_bytes + offsetof(pcre2_real_code, memctl), 0, + sizeof(pcre2_memctl)); + (void)memset(dst_bytes + offsetof(pcre2_real_code, tables), 0, + sizeof(void *)); + (void)memset(dst_bytes + offsetof(pcre2_real_code, executable_jit), 0, + sizeof(void *)); + dst_bytes += re->blocksize; } diff --git a/thirdparty/pcre2/src/pcre2_string_utils.c b/thirdparty/pcre2/src/pcre2_string_utils.c index 2a1f282629..d6be01acf5 100644 --- a/thirdparty/pcre2/src/pcre2_string_utils.c +++ b/thirdparty/pcre2/src/pcre2_string_utils.c @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016 University of Cambridge + New API code Copyright (c) 2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -51,6 +51,42 @@ functions work only on 8-bit data. */ /************************************************* +* Emulated memmove() for systems without it * +*************************************************/ + +/* This function can make use of bcopy() if it is available. Otherwise do it by +steam, as there some non-Unix environments that lack both memmove() and +bcopy(). */ + +#if !defined(VPCOMPAT) && !defined(HAVE_MEMMOVE) +void * +PRIV(memmove)(void *d, const void *s, size_t n) +{ +#ifdef HAVE_BCOPY +bcopy(s, d, n); +return d; +#else +size_t i; +unsigned char *dest = (unsigned char *)d; +const unsigned char *src = (const unsigned char *)s; +if (dest > src) + { + dest += n; + src += n; + for (i = 0; i < n; ++i) *(--dest) = *(--src); + return (void *)dest; + } +else + { + for (i = 0; i < n; ++i) *dest++ = *src++; + return (void *)(dest - n); + } +#endif /* not HAVE_BCOPY */ +} +#endif /* not VPCOMPAT && not HAVE_MEMMOVE */ + + +/************************************************* * Compare two zero-terminated PCRE2 strings * *************************************************/ diff --git a/thirdparty/pcre2/src/pcre2_study.c b/thirdparty/pcre2/src/pcre2_study.c index b92686759d..acbf98b41b 100644 --- a/thirdparty/pcre2/src/pcre2_study.c +++ b/thirdparty/pcre2/src/pcre2_study.c @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016-2017 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -707,6 +707,7 @@ for (;;) /* Skip these, but we need to add in the name length. */ case OP_MARK: + case OP_COMMIT_ARG: case OP_PRUNE_ARG: case OP_SKIP_ARG: case OP_THEN_ARG: @@ -956,6 +957,7 @@ do case OP_CIRCM: case OP_CLOSE: case OP_COMMIT: + case OP_COMMIT_ARG: case OP_COND: case OP_CREF: case OP_FALSE: @@ -1274,7 +1276,7 @@ do break; /* Single character types set the bits and stop. Note that if PCRE2_UCP - is set, we do not see these op codes because \d etc are converted to + is set, we do not see these opcodes because \d etc are converted to properties. Therefore, these apply in the case when only characters less than 256 are recognized to match the types. */ diff --git a/thirdparty/pcre2/src/pcre2_substitute.c b/thirdparty/pcre2/src/pcre2_substitute.c index 8da951fc6e..ab8d10908a 100644 --- a/thirdparty/pcre2/src/pcre2_substitute.c +++ b/thirdparty/pcre2/src/pcre2_substitute.c @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -238,10 +238,12 @@ PCRE2_SPTR repend; PCRE2_SIZE extra_needed = 0; PCRE2_SIZE buff_offset, buff_length, lengthleft, fraglength; PCRE2_SIZE *ovector; +PCRE2_SIZE ovecsave[3]; buff_offset = 0; lengthleft = buff_length = *blength; *blength = PCRE2_UNSET; +ovecsave[0] = ovecsave[1] = ovecsave[2] = PCRE2_UNSET; /* Partial matching is not valid. */ @@ -361,13 +363,33 @@ do } /* Handle a successful match. Matches that use \K to end before they start - are not supported. */ - - if (ovector[1] < ovector[0]) + or start before the current point in the subject are not supported. */ + + if (ovector[1] < ovector[0] || ovector[0] < start_offset) { rc = PCRE2_ERROR_BADSUBSPATTERN; goto EXIT; } + + /* Check for the same match as previous. This is legitimate after matching an + empty string that starts after the initial match offset. We have tried again + at the match point in case the pattern is one like /(?<=\G.)/ which can never + match at its starting point, so running the match achieves the bumpalong. If + we do get the same (null) match at the original match point, it isn't such a + pattern, so we now do the empty string magic. In all other cases, a repeat + match should never occur. */ + + if (ovecsave[0] == ovector[0] && ovecsave[1] == ovector[1]) + { + if (ovector[0] == ovector[1] && ovecsave[2] != start_offset) + { + goptions = PCRE2_NOTEMPTY_ATSTART | PCRE2_ANCHORED; + ovecsave[2] = start_offset; + continue; /* Back to the top of the loop */ + } + rc = PCRE2_ERROR_INTERNAL_DUPMATCH; + goto EXIT; + } /* Count substitutions with a paranoid check for integer overflow; surely no real call to this function would ever hit this! */ @@ -799,13 +821,18 @@ do } /* End handling a literal code unit */ } /* End of loop for scanning the replacement. */ - /* The replacement has been copied to the output. Update the start offset to - point to the rest of the subject string. If we matched an empty string, - do the magic for global matches. */ - - start_offset = ovector[1]; - goptions = (ovector[0] != ovector[1])? 0 : + /* The replacement has been copied to the output. Save the details of this + match. See above for how this data is used. If we matched an empty string, do + the magic for global matches. Finally, update the start offset to point to + the rest of the subject string. */ + + ovecsave[0] = ovector[0]; + ovecsave[1] = ovector[1]; + ovecsave[2] = start_offset; + + goptions = (ovector[0] != ovector[1] || ovector[0] > start_offset)? 0 : PCRE2_ANCHORED|PCRE2_NOTEMPTY_ATSTART; + start_offset = ovector[1]; } while ((suboptions & PCRE2_SUBSTITUTE_GLOBAL) != 0); /* Repeat "do" loop */ /* Copy the rest of the subject. */ diff --git a/thirdparty/pcre2/src/pcre2_tables.c b/thirdparty/pcre2/src/pcre2_tables.c index 9f8dc293aa..83d6f9de55 100644 --- a/thirdparty/pcre2/src/pcre2_tables.c +++ b/thirdparty/pcre2/src/pcre2_tables.c @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016-2017 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -137,9 +137,10 @@ const uint32_t PRIV(ucp_gentype)[] = { /* This table encodes the rules for finding the end of an extended grapheme cluster. Every code point has a grapheme break property which is one of the -ucp_gbXX values defined in pcre2_ucp.h. The 2-dimensional table is indexed by -the properties of two adjacent code points. The left property selects a word -from the table, and the right property selects a bit from that word like this: +ucp_gbXX values defined in pcre2_ucp.h. These changed between Unicode versions +10 and 11. The 2-dimensional table is indexed by the properties of two adjacent +code points. The left property selects a word from the table, and the right +property selects a bit from that word like this: PRIV(ucp_gbtable)[left-property] & (1 << right-property) @@ -166,49 +167,41 @@ are implementing). 6. Do not break after Prepend characters. -7. Do not break within emoji modifier sequences (E_Base or E_Base_GAZ followed - by E_Modifier). Extend characters are allowed before the modifier; this - cannot be represented in this table, the code has to deal with it. +7. Do not break within emoji modifier sequences or emoji zwj sequences. That + is, do not break between characters with the Extended_Pictographic property. + Extend and ZWJ characters are allowed between the characters; this cannot be + represented in this table, the code has to deal with it. -8. Do not break within emoji zwj sequences (ZWJ followed by Glue_After_Zwj or - E_Base_GAZ). - -9. Do not break within emoji flag sequences. That is, do not break between +8. Do not break within emoji flag sequences. That is, do not break between regional indicator (RI) symbols if there are an odd number of RI characters before the break point. This table encodes "join RI characters"; the code has to deal with checking for previous adjoining RIs. -10. Otherwise, break everywhere. +9. Otherwise, break everywhere. */ #define ESZ (1<<ucp_gbExtend)|(1<<ucp_gbSpacingMark)|(1<<ucp_gbZWJ) const uint32_t PRIV(ucp_gbtable)[] = { - (1<<ucp_gbLF), /* 0 CR */ - 0, /* 1 LF */ - 0, /* 2 Control */ - ESZ, /* 3 Extend */ - ESZ|(1<<ucp_gbPrepend)| /* 4 Prepend */ + (1<<ucp_gbLF), /* 0 CR */ + 0, /* 1 LF */ + 0, /* 2 Control */ + ESZ, /* 3 Extend */ + ESZ|(1<<ucp_gbPrepend)| /* 4 Prepend */ (1<<ucp_gbL)|(1<<ucp_gbV)|(1<<ucp_gbT)| (1<<ucp_gbLV)|(1<<ucp_gbLVT)|(1<<ucp_gbOther)| - (1<<ucp_gbRegionalIndicator)| - (1<<ucp_gbE_Base)|(1<<ucp_gbE_Modifier)| - (1<<ucp_gbE_Base_GAZ)| - (1<<ucp_gbZWJ)|(1<<ucp_gbGlue_After_Zwj), - ESZ, /* 5 SpacingMark */ - ESZ|(1<<ucp_gbL)|(1<<ucp_gbV)|(1<<ucp_gbLV)| /* 6 L */ + (1<<ucp_gbRegionalIndicator), + ESZ, /* 5 SpacingMark */ + ESZ|(1<<ucp_gbL)|(1<<ucp_gbV)|(1<<ucp_gbLV)| /* 6 L */ (1<<ucp_gbLVT), - ESZ|(1<<ucp_gbV)|(1<<ucp_gbT), /* 7 V */ - ESZ|(1<<ucp_gbT), /* 8 T */ - ESZ|(1<<ucp_gbV)|(1<<ucp_gbT), /* 9 LV */ - ESZ|(1<<ucp_gbT), /* 10 LVT */ - (1<<ucp_gbRegionalIndicator), /* 11 RegionalIndicator */ - ESZ, /* 12 Other */ - ESZ|(1<<ucp_gbE_Modifier), /* 13 E_Base */ - ESZ, /* 14 E_Modifier */ - ESZ|(1<<ucp_gbE_Modifier), /* 15 E_Base_GAZ */ - ESZ|(1<<ucp_gbGlue_After_Zwj)|(1<<ucp_gbE_Base_GAZ), /* 16 ZWJ */ - ESZ /* 12 Glue_After_Zwj */ + ESZ|(1<<ucp_gbV)|(1<<ucp_gbT), /* 7 V */ + ESZ|(1<<ucp_gbT), /* 8 T */ + ESZ|(1<<ucp_gbV)|(1<<ucp_gbT), /* 9 LV */ + ESZ|(1<<ucp_gbT), /* 10 LVT */ + (1<<ucp_gbRegionalIndicator), /* 11 RegionalIndicator */ + ESZ, /* 12 Other */ + ESZ, /* 13 ZWJ */ + ESZ|(1<<ucp_gbExtended_Pictographic) /* 14 Extended Pictographic */ }; #undef ESZ @@ -282,6 +275,7 @@ strings to make sure that UTF-8 support works on EBCDIC platforms. */ #define STRING_Cyrillic0 STR_C STR_y STR_r STR_i STR_l STR_l STR_i STR_c "\0" #define STRING_Deseret0 STR_D STR_e STR_s STR_e STR_r STR_e STR_t "\0" #define STRING_Devanagari0 STR_D STR_e STR_v STR_a STR_n STR_a STR_g STR_a STR_r STR_i "\0" +#define STRING_Dogra0 STR_D STR_o STR_g STR_r STR_a "\0" #define STRING_Duployan0 STR_D STR_u STR_p STR_l STR_o STR_y STR_a STR_n "\0" #define STRING_Egyptian_Hieroglyphs0 STR_E STR_g STR_y STR_p STR_t STR_i STR_a STR_n STR_UNDERSCORE STR_H STR_i STR_e STR_r STR_o STR_g STR_l STR_y STR_p STR_h STR_s "\0" #define STRING_Elbasan0 STR_E STR_l STR_b STR_a STR_s STR_a STR_n "\0" @@ -292,9 +286,11 @@ strings to make sure that UTF-8 support works on EBCDIC platforms. */ #define STRING_Grantha0 STR_G STR_r STR_a STR_n STR_t STR_h STR_a "\0" #define STRING_Greek0 STR_G STR_r STR_e STR_e STR_k "\0" #define STRING_Gujarati0 STR_G STR_u STR_j STR_a STR_r STR_a STR_t STR_i "\0" +#define STRING_Gunjala_Gondi0 STR_G STR_u STR_n STR_j STR_a STR_l STR_a STR_UNDERSCORE STR_G STR_o STR_n STR_d STR_i "\0" #define STRING_Gurmukhi0 STR_G STR_u STR_r STR_m STR_u STR_k STR_h STR_i "\0" #define STRING_Han0 STR_H STR_a STR_n "\0" #define STRING_Hangul0 STR_H STR_a STR_n STR_g STR_u STR_l "\0" +#define STRING_Hanifi_Rohingya0 STR_H STR_a STR_n STR_i STR_f STR_i STR_UNDERSCORE STR_R STR_o STR_h STR_i STR_n STR_g STR_y STR_a "\0" #define STRING_Hanunoo0 STR_H STR_a STR_n STR_u STR_n STR_o STR_o "\0" #define STRING_Hatran0 STR_H STR_a STR_t STR_r STR_a STR_n "\0" #define STRING_Hebrew0 STR_H STR_e STR_b STR_r STR_e STR_w "\0" @@ -330,6 +326,7 @@ strings to make sure that UTF-8 support works on EBCDIC platforms. */ #define STRING_Lydian0 STR_L STR_y STR_d STR_i STR_a STR_n "\0" #define STRING_M0 STR_M "\0" #define STRING_Mahajani0 STR_M STR_a STR_h STR_a STR_j STR_a STR_n STR_i "\0" +#define STRING_Makasar0 STR_M STR_a STR_k STR_a STR_s STR_a STR_r "\0" #define STRING_Malayalam0 STR_M STR_a STR_l STR_a STR_y STR_a STR_l STR_a STR_m "\0" #define STRING_Mandaic0 STR_M STR_a STR_n STR_d STR_a STR_i STR_c "\0" #define STRING_Manichaean0 STR_M STR_a STR_n STR_i STR_c STR_h STR_a STR_e STR_a STR_n "\0" @@ -337,6 +334,7 @@ strings to make sure that UTF-8 support works on EBCDIC platforms. */ #define STRING_Masaram_Gondi0 STR_M STR_a STR_s STR_a STR_r STR_a STR_m STR_UNDERSCORE STR_G STR_o STR_n STR_d STR_i "\0" #define STRING_Mc0 STR_M STR_c "\0" #define STRING_Me0 STR_M STR_e "\0" +#define STRING_Medefaidrin0 STR_M STR_e STR_d STR_e STR_f STR_a STR_i STR_d STR_r STR_i STR_n "\0" #define STRING_Meetei_Mayek0 STR_M STR_e STR_e STR_t STR_e STR_i STR_UNDERSCORE STR_M STR_a STR_y STR_e STR_k "\0" #define STRING_Mende_Kikakui0 STR_M STR_e STR_n STR_d STR_e STR_UNDERSCORE STR_K STR_i STR_k STR_a STR_k STR_u STR_i "\0" #define STRING_Meroitic_Cursive0 STR_M STR_e STR_r STR_o STR_i STR_t STR_i STR_c STR_UNDERSCORE STR_C STR_u STR_r STR_s STR_i STR_v STR_e "\0" @@ -364,6 +362,7 @@ strings to make sure that UTF-8 support works on EBCDIC platforms. */ #define STRING_Old_North_Arabian0 STR_O STR_l STR_d STR_UNDERSCORE STR_N STR_o STR_r STR_t STR_h STR_UNDERSCORE STR_A STR_r STR_a STR_b STR_i STR_a STR_n "\0" #define STRING_Old_Permic0 STR_O STR_l STR_d STR_UNDERSCORE STR_P STR_e STR_r STR_m STR_i STR_c "\0" #define STRING_Old_Persian0 STR_O STR_l STR_d STR_UNDERSCORE STR_P STR_e STR_r STR_s STR_i STR_a STR_n "\0" +#define STRING_Old_Sogdian0 STR_O STR_l STR_d STR_UNDERSCORE STR_S STR_o STR_g STR_d STR_i STR_a STR_n "\0" #define STRING_Old_South_Arabian0 STR_O STR_l STR_d STR_UNDERSCORE STR_S STR_o STR_u STR_t STR_h STR_UNDERSCORE STR_A STR_r STR_a STR_b STR_i STR_a STR_n "\0" #define STRING_Old_Turkic0 STR_O STR_l STR_d STR_UNDERSCORE STR_T STR_u STR_r STR_k STR_i STR_c "\0" #define STRING_Oriya0 STR_O STR_r STR_i STR_y STR_a "\0" @@ -397,6 +396,7 @@ strings to make sure that UTF-8 support works on EBCDIC platforms. */ #define STRING_Sk0 STR_S STR_k "\0" #define STRING_Sm0 STR_S STR_m "\0" #define STRING_So0 STR_S STR_o "\0" +#define STRING_Sogdian0 STR_S STR_o STR_g STR_d STR_i STR_a STR_n "\0" #define STRING_Sora_Sompeng0 STR_S STR_o STR_r STR_a STR_UNDERSCORE STR_S STR_o STR_m STR_p STR_e STR_n STR_g "\0" #define STRING_Soyombo0 STR_S STR_o STR_y STR_o STR_m STR_b STR_o "\0" #define STRING_Sundanese0 STR_S STR_u STR_n STR_d STR_a STR_n STR_e STR_s STR_e "\0" @@ -469,6 +469,7 @@ const char PRIV(utt_names)[] = STRING_Cyrillic0 STRING_Deseret0 STRING_Devanagari0 + STRING_Dogra0 STRING_Duployan0 STRING_Egyptian_Hieroglyphs0 STRING_Elbasan0 @@ -479,9 +480,11 @@ const char PRIV(utt_names)[] = STRING_Grantha0 STRING_Greek0 STRING_Gujarati0 + STRING_Gunjala_Gondi0 STRING_Gurmukhi0 STRING_Han0 STRING_Hangul0 + STRING_Hanifi_Rohingya0 STRING_Hanunoo0 STRING_Hatran0 STRING_Hebrew0 @@ -517,6 +520,7 @@ const char PRIV(utt_names)[] = STRING_Lydian0 STRING_M0 STRING_Mahajani0 + STRING_Makasar0 STRING_Malayalam0 STRING_Mandaic0 STRING_Manichaean0 @@ -524,6 +528,7 @@ const char PRIV(utt_names)[] = STRING_Masaram_Gondi0 STRING_Mc0 STRING_Me0 + STRING_Medefaidrin0 STRING_Meetei_Mayek0 STRING_Mende_Kikakui0 STRING_Meroitic_Cursive0 @@ -551,6 +556,7 @@ const char PRIV(utt_names)[] = STRING_Old_North_Arabian0 STRING_Old_Permic0 STRING_Old_Persian0 + STRING_Old_Sogdian0 STRING_Old_South_Arabian0 STRING_Old_Turkic0 STRING_Oriya0 @@ -584,6 +590,7 @@ const char PRIV(utt_names)[] = STRING_Sk0 STRING_Sm0 STRING_So0 + STRING_Sogdian0 STRING_Sora_Sompeng0 STRING_Soyombo0 STRING_Sundanese0 @@ -656,154 +663,161 @@ const ucp_type_table PRIV(utt)[] = { { 265, PT_SC, ucp_Cyrillic }, { 274, PT_SC, ucp_Deseret }, { 282, PT_SC, ucp_Devanagari }, - { 293, PT_SC, ucp_Duployan }, - { 302, PT_SC, ucp_Egyptian_Hieroglyphs }, - { 323, PT_SC, ucp_Elbasan }, - { 331, PT_SC, ucp_Ethiopic }, - { 340, PT_SC, ucp_Georgian }, - { 349, PT_SC, ucp_Glagolitic }, - { 360, PT_SC, ucp_Gothic }, - { 367, PT_SC, ucp_Grantha }, - { 375, PT_SC, ucp_Greek }, - { 381, PT_SC, ucp_Gujarati }, - { 390, PT_SC, ucp_Gurmukhi }, - { 399, PT_SC, ucp_Han }, - { 403, PT_SC, ucp_Hangul }, - { 410, PT_SC, ucp_Hanunoo }, - { 418, PT_SC, ucp_Hatran }, - { 425, PT_SC, ucp_Hebrew }, - { 432, PT_SC, ucp_Hiragana }, - { 441, PT_SC, ucp_Imperial_Aramaic }, - { 458, PT_SC, ucp_Inherited }, - { 468, PT_SC, ucp_Inscriptional_Pahlavi }, - { 490, PT_SC, ucp_Inscriptional_Parthian }, - { 513, PT_SC, ucp_Javanese }, - { 522, PT_SC, ucp_Kaithi }, - { 529, PT_SC, ucp_Kannada }, - { 537, PT_SC, ucp_Katakana }, - { 546, PT_SC, ucp_Kayah_Li }, - { 555, PT_SC, ucp_Kharoshthi }, - { 566, PT_SC, ucp_Khmer }, - { 572, PT_SC, ucp_Khojki }, - { 579, PT_SC, ucp_Khudawadi }, - { 589, PT_GC, ucp_L }, - { 591, PT_LAMP, 0 }, - { 594, PT_SC, ucp_Lao }, - { 598, PT_SC, ucp_Latin }, - { 604, PT_SC, ucp_Lepcha }, - { 611, PT_SC, ucp_Limbu }, - { 617, PT_SC, ucp_Linear_A }, - { 626, PT_SC, ucp_Linear_B }, - { 635, PT_SC, ucp_Lisu }, - { 640, PT_PC, ucp_Ll }, - { 643, PT_PC, ucp_Lm }, - { 646, PT_PC, ucp_Lo }, - { 649, PT_PC, ucp_Lt }, - { 652, PT_PC, ucp_Lu }, - { 655, PT_SC, ucp_Lycian }, - { 662, PT_SC, ucp_Lydian }, - { 669, PT_GC, ucp_M }, - { 671, PT_SC, ucp_Mahajani }, - { 680, PT_SC, ucp_Malayalam }, - { 690, PT_SC, ucp_Mandaic }, - { 698, PT_SC, ucp_Manichaean }, - { 709, PT_SC, ucp_Marchen }, - { 717, PT_SC, ucp_Masaram_Gondi }, - { 731, PT_PC, ucp_Mc }, - { 734, PT_PC, ucp_Me }, - { 737, PT_SC, ucp_Meetei_Mayek }, - { 750, PT_SC, ucp_Mende_Kikakui }, - { 764, PT_SC, ucp_Meroitic_Cursive }, - { 781, PT_SC, ucp_Meroitic_Hieroglyphs }, - { 802, PT_SC, ucp_Miao }, - { 807, PT_PC, ucp_Mn }, - { 810, PT_SC, ucp_Modi }, - { 815, PT_SC, ucp_Mongolian }, - { 825, PT_SC, ucp_Mro }, - { 829, PT_SC, ucp_Multani }, - { 837, PT_SC, ucp_Myanmar }, - { 845, PT_GC, ucp_N }, - { 847, PT_SC, ucp_Nabataean }, - { 857, PT_PC, ucp_Nd }, - { 860, PT_SC, ucp_New_Tai_Lue }, - { 872, PT_SC, ucp_Newa }, - { 877, PT_SC, ucp_Nko }, - { 881, PT_PC, ucp_Nl }, - { 884, PT_PC, ucp_No }, - { 887, PT_SC, ucp_Nushu }, - { 893, PT_SC, ucp_Ogham }, - { 899, PT_SC, ucp_Ol_Chiki }, - { 908, PT_SC, ucp_Old_Hungarian }, - { 922, PT_SC, ucp_Old_Italic }, - { 933, PT_SC, ucp_Old_North_Arabian }, - { 951, PT_SC, ucp_Old_Permic }, - { 962, PT_SC, ucp_Old_Persian }, - { 974, PT_SC, ucp_Old_South_Arabian }, - { 992, PT_SC, ucp_Old_Turkic }, - { 1003, PT_SC, ucp_Oriya }, - { 1009, PT_SC, ucp_Osage }, - { 1015, PT_SC, ucp_Osmanya }, - { 1023, PT_GC, ucp_P }, - { 1025, PT_SC, ucp_Pahawh_Hmong }, - { 1038, PT_SC, ucp_Palmyrene }, - { 1048, PT_SC, ucp_Pau_Cin_Hau }, - { 1060, PT_PC, ucp_Pc }, - { 1063, PT_PC, ucp_Pd }, - { 1066, PT_PC, ucp_Pe }, - { 1069, PT_PC, ucp_Pf }, - { 1072, PT_SC, ucp_Phags_Pa }, - { 1081, PT_SC, ucp_Phoenician }, - { 1092, PT_PC, ucp_Pi }, - { 1095, PT_PC, ucp_Po }, - { 1098, PT_PC, ucp_Ps }, - { 1101, PT_SC, ucp_Psalter_Pahlavi }, - { 1117, PT_SC, ucp_Rejang }, - { 1124, PT_SC, ucp_Runic }, - { 1130, PT_GC, ucp_S }, - { 1132, PT_SC, ucp_Samaritan }, - { 1142, PT_SC, ucp_Saurashtra }, - { 1153, PT_PC, ucp_Sc }, - { 1156, PT_SC, ucp_Sharada }, - { 1164, PT_SC, ucp_Shavian }, - { 1172, PT_SC, ucp_Siddham }, - { 1180, PT_SC, ucp_SignWriting }, - { 1192, PT_SC, ucp_Sinhala }, - { 1200, PT_PC, ucp_Sk }, - { 1203, PT_PC, ucp_Sm }, - { 1206, PT_PC, ucp_So }, - { 1209, PT_SC, ucp_Sora_Sompeng }, - { 1222, PT_SC, ucp_Soyombo }, - { 1230, PT_SC, ucp_Sundanese }, - { 1240, PT_SC, ucp_Syloti_Nagri }, - { 1253, PT_SC, ucp_Syriac }, - { 1260, PT_SC, ucp_Tagalog }, - { 1268, PT_SC, ucp_Tagbanwa }, - { 1277, PT_SC, ucp_Tai_Le }, - { 1284, PT_SC, ucp_Tai_Tham }, - { 1293, PT_SC, ucp_Tai_Viet }, - { 1302, PT_SC, ucp_Takri }, - { 1308, PT_SC, ucp_Tamil }, - { 1314, PT_SC, ucp_Tangut }, - { 1321, PT_SC, ucp_Telugu }, - { 1328, PT_SC, ucp_Thaana }, - { 1335, PT_SC, ucp_Thai }, - { 1340, PT_SC, ucp_Tibetan }, - { 1348, PT_SC, ucp_Tifinagh }, - { 1357, PT_SC, ucp_Tirhuta }, - { 1365, PT_SC, ucp_Ugaritic }, - { 1374, PT_SC, ucp_Vai }, - { 1378, PT_SC, ucp_Warang_Citi }, - { 1390, PT_ALNUM, 0 }, - { 1394, PT_PXSPACE, 0 }, - { 1398, PT_SPACE, 0 }, - { 1402, PT_UCNC, 0 }, - { 1406, PT_WORD, 0 }, - { 1410, PT_SC, ucp_Yi }, - { 1413, PT_GC, ucp_Z }, - { 1415, PT_SC, ucp_Zanabazar_Square }, - { 1432, PT_PC, ucp_Zl }, - { 1435, PT_PC, ucp_Zp }, - { 1438, PT_PC, ucp_Zs } + { 293, PT_SC, ucp_Dogra }, + { 299, PT_SC, ucp_Duployan }, + { 308, PT_SC, ucp_Egyptian_Hieroglyphs }, + { 329, PT_SC, ucp_Elbasan }, + { 337, PT_SC, ucp_Ethiopic }, + { 346, PT_SC, ucp_Georgian }, + { 355, PT_SC, ucp_Glagolitic }, + { 366, PT_SC, ucp_Gothic }, + { 373, PT_SC, ucp_Grantha }, + { 381, PT_SC, ucp_Greek }, + { 387, PT_SC, ucp_Gujarati }, + { 396, PT_SC, ucp_Gunjala_Gondi }, + { 410, PT_SC, ucp_Gurmukhi }, + { 419, PT_SC, ucp_Han }, + { 423, PT_SC, ucp_Hangul }, + { 430, PT_SC, ucp_Hanifi_Rohingya }, + { 446, PT_SC, ucp_Hanunoo }, + { 454, PT_SC, ucp_Hatran }, + { 461, PT_SC, ucp_Hebrew }, + { 468, PT_SC, ucp_Hiragana }, + { 477, PT_SC, ucp_Imperial_Aramaic }, + { 494, PT_SC, ucp_Inherited }, + { 504, PT_SC, ucp_Inscriptional_Pahlavi }, + { 526, PT_SC, ucp_Inscriptional_Parthian }, + { 549, PT_SC, ucp_Javanese }, + { 558, PT_SC, ucp_Kaithi }, + { 565, PT_SC, ucp_Kannada }, + { 573, PT_SC, ucp_Katakana }, + { 582, PT_SC, ucp_Kayah_Li }, + { 591, PT_SC, ucp_Kharoshthi }, + { 602, PT_SC, ucp_Khmer }, + { 608, PT_SC, ucp_Khojki }, + { 615, PT_SC, ucp_Khudawadi }, + { 625, PT_GC, ucp_L }, + { 627, PT_LAMP, 0 }, + { 630, PT_SC, ucp_Lao }, + { 634, PT_SC, ucp_Latin }, + { 640, PT_SC, ucp_Lepcha }, + { 647, PT_SC, ucp_Limbu }, + { 653, PT_SC, ucp_Linear_A }, + { 662, PT_SC, ucp_Linear_B }, + { 671, PT_SC, ucp_Lisu }, + { 676, PT_PC, ucp_Ll }, + { 679, PT_PC, ucp_Lm }, + { 682, PT_PC, ucp_Lo }, + { 685, PT_PC, ucp_Lt }, + { 688, PT_PC, ucp_Lu }, + { 691, PT_SC, ucp_Lycian }, + { 698, PT_SC, ucp_Lydian }, + { 705, PT_GC, ucp_M }, + { 707, PT_SC, ucp_Mahajani }, + { 716, PT_SC, ucp_Makasar }, + { 724, PT_SC, ucp_Malayalam }, + { 734, PT_SC, ucp_Mandaic }, + { 742, PT_SC, ucp_Manichaean }, + { 753, PT_SC, ucp_Marchen }, + { 761, PT_SC, ucp_Masaram_Gondi }, + { 775, PT_PC, ucp_Mc }, + { 778, PT_PC, ucp_Me }, + { 781, PT_SC, ucp_Medefaidrin }, + { 793, PT_SC, ucp_Meetei_Mayek }, + { 806, PT_SC, ucp_Mende_Kikakui }, + { 820, PT_SC, ucp_Meroitic_Cursive }, + { 837, PT_SC, ucp_Meroitic_Hieroglyphs }, + { 858, PT_SC, ucp_Miao }, + { 863, PT_PC, ucp_Mn }, + { 866, PT_SC, ucp_Modi }, + { 871, PT_SC, ucp_Mongolian }, + { 881, PT_SC, ucp_Mro }, + { 885, PT_SC, ucp_Multani }, + { 893, PT_SC, ucp_Myanmar }, + { 901, PT_GC, ucp_N }, + { 903, PT_SC, ucp_Nabataean }, + { 913, PT_PC, ucp_Nd }, + { 916, PT_SC, ucp_New_Tai_Lue }, + { 928, PT_SC, ucp_Newa }, + { 933, PT_SC, ucp_Nko }, + { 937, PT_PC, ucp_Nl }, + { 940, PT_PC, ucp_No }, + { 943, PT_SC, ucp_Nushu }, + { 949, PT_SC, ucp_Ogham }, + { 955, PT_SC, ucp_Ol_Chiki }, + { 964, PT_SC, ucp_Old_Hungarian }, + { 978, PT_SC, ucp_Old_Italic }, + { 989, PT_SC, ucp_Old_North_Arabian }, + { 1007, PT_SC, ucp_Old_Permic }, + { 1018, PT_SC, ucp_Old_Persian }, + { 1030, PT_SC, ucp_Old_Sogdian }, + { 1042, PT_SC, ucp_Old_South_Arabian }, + { 1060, PT_SC, ucp_Old_Turkic }, + { 1071, PT_SC, ucp_Oriya }, + { 1077, PT_SC, ucp_Osage }, + { 1083, PT_SC, ucp_Osmanya }, + { 1091, PT_GC, ucp_P }, + { 1093, PT_SC, ucp_Pahawh_Hmong }, + { 1106, PT_SC, ucp_Palmyrene }, + { 1116, PT_SC, ucp_Pau_Cin_Hau }, + { 1128, PT_PC, ucp_Pc }, + { 1131, PT_PC, ucp_Pd }, + { 1134, PT_PC, ucp_Pe }, + { 1137, PT_PC, ucp_Pf }, + { 1140, PT_SC, ucp_Phags_Pa }, + { 1149, PT_SC, ucp_Phoenician }, + { 1160, PT_PC, ucp_Pi }, + { 1163, PT_PC, ucp_Po }, + { 1166, PT_PC, ucp_Ps }, + { 1169, PT_SC, ucp_Psalter_Pahlavi }, + { 1185, PT_SC, ucp_Rejang }, + { 1192, PT_SC, ucp_Runic }, + { 1198, PT_GC, ucp_S }, + { 1200, PT_SC, ucp_Samaritan }, + { 1210, PT_SC, ucp_Saurashtra }, + { 1221, PT_PC, ucp_Sc }, + { 1224, PT_SC, ucp_Sharada }, + { 1232, PT_SC, ucp_Shavian }, + { 1240, PT_SC, ucp_Siddham }, + { 1248, PT_SC, ucp_SignWriting }, + { 1260, PT_SC, ucp_Sinhala }, + { 1268, PT_PC, ucp_Sk }, + { 1271, PT_PC, ucp_Sm }, + { 1274, PT_PC, ucp_So }, + { 1277, PT_SC, ucp_Sogdian }, + { 1285, PT_SC, ucp_Sora_Sompeng }, + { 1298, PT_SC, ucp_Soyombo }, + { 1306, PT_SC, ucp_Sundanese }, + { 1316, PT_SC, ucp_Syloti_Nagri }, + { 1329, PT_SC, ucp_Syriac }, + { 1336, PT_SC, ucp_Tagalog }, + { 1344, PT_SC, ucp_Tagbanwa }, + { 1353, PT_SC, ucp_Tai_Le }, + { 1360, PT_SC, ucp_Tai_Tham }, + { 1369, PT_SC, ucp_Tai_Viet }, + { 1378, PT_SC, ucp_Takri }, + { 1384, PT_SC, ucp_Tamil }, + { 1390, PT_SC, ucp_Tangut }, + { 1397, PT_SC, ucp_Telugu }, + { 1404, PT_SC, ucp_Thaana }, + { 1411, PT_SC, ucp_Thai }, + { 1416, PT_SC, ucp_Tibetan }, + { 1424, PT_SC, ucp_Tifinagh }, + { 1433, PT_SC, ucp_Tirhuta }, + { 1441, PT_SC, ucp_Ugaritic }, + { 1450, PT_SC, ucp_Vai }, + { 1454, PT_SC, ucp_Warang_Citi }, + { 1466, PT_ALNUM, 0 }, + { 1470, PT_PXSPACE, 0 }, + { 1474, PT_SPACE, 0 }, + { 1478, PT_UCNC, 0 }, + { 1482, PT_WORD, 0 }, + { 1486, PT_SC, ucp_Yi }, + { 1489, PT_GC, ucp_Z }, + { 1491, PT_SC, ucp_Zanabazar_Square }, + { 1508, PT_PC, ucp_Zl }, + { 1511, PT_PC, ucp_Zp }, + { 1514, PT_PC, ucp_Zs } }; const size_t PRIV(utt_size) = sizeof(PRIV(utt)) / sizeof(ucp_type_table); diff --git a/thirdparty/pcre2/src/pcre2_ucd.c b/thirdparty/pcre2/src/pcre2_ucd.c index ac7649b99e..275a4be2fe 100644 --- a/thirdparty/pcre2/src/pcre2_ucd.c +++ b/thirdparty/pcre2/src/pcre2_ucd.c @@ -20,7 +20,7 @@ needed. */ /* Unicode character database. */ /* This file was autogenerated by the MultiStage2.py script. */ -/* Total size: 80808 bytes, block size: 128. */ +/* Total size: 92592 bytes, block size: 128. */ /* The tables herein are needed only when UCP support is built, and in PCRE2 that happens automatically with UTF support. @@ -34,12 +34,12 @@ Instead, just supply small dummy tables. */ #ifndef SUPPORT_UNICODE const ucd_record PRIV(ucd_records)[] = {{0,0,0,0,0 }}; -const uint8_t PRIV(ucd_stage1)[] = {0}; +const uint16_t PRIV(ucd_stage1)[] = {0}; const uint16_t PRIV(ucd_stage2)[] = {0}; const uint32_t PRIV(ucd_caseless_sets)[] = {0}; #else -const char *PRIV(unicode_version) = "10.0.0"; +const char *PRIV(unicode_version) = "11.0.0"; /* If the 32-bit library is run in non-32-bit mode, character values greater than 0x10ffff may be encountered. For these we set up a @@ -104,7 +104,7 @@ const uint32_t PRIV(ucd_caseless_sets)[] = { #ifndef PCRE2_PCRE2TEST -const ucd_record PRIV(ucd_records)[] = { /* 6568 bytes, record size 8 */ +const ucd_record PRIV(ucd_records)[] = { /* 6832 bytes, record size 8 */ { 9, 0, 2, 0, 0, }, /* 0 */ { 9, 0, 1, 0, 0, }, /* 1 */ { 9, 0, 0, 0, 0, }, /* 2 */ @@ -125,1357 +125,1390 @@ const ucd_record PRIV(ucd_records)[] = { /* 6568 bytes, record size 8 */ { 33, 5, 12, 100, -32, }, /* 17 */ { 33, 5, 12, 1, -32, }, /* 18 */ { 9, 26, 12, 0, 0, }, /* 19 */ - { 33, 7, 12, 0, 0, }, /* 20 */ - { 9, 20, 12, 0, 0, }, /* 21 */ - { 9, 1, 2, 0, 0, }, /* 22 */ - { 9, 15, 12, 0, 0, }, /* 23 */ - { 9, 5, 12, 26, 775, }, /* 24 */ - { 9, 19, 12, 0, 0, }, /* 25 */ - { 33, 9, 12, 104, 32, }, /* 26 */ - { 33, 5, 12, 0, 7615, }, /* 27 */ - { 33, 5, 12, 104, -32, }, /* 28 */ - { 33, 5, 12, 0, 121, }, /* 29 */ - { 33, 9, 12, 0, 1, }, /* 30 */ - { 33, 5, 12, 0, -1, }, /* 31 */ - { 33, 9, 12, 0, 0, }, /* 32 */ - { 33, 5, 12, 0, 0, }, /* 33 */ - { 33, 9, 12, 0, -121, }, /* 34 */ - { 33, 5, 12, 1, -268, }, /* 35 */ - { 33, 5, 12, 0, 195, }, /* 36 */ - { 33, 9, 12, 0, 210, }, /* 37 */ - { 33, 9, 12, 0, 206, }, /* 38 */ - { 33, 9, 12, 0, 205, }, /* 39 */ - { 33, 9, 12, 0, 79, }, /* 40 */ - { 33, 9, 12, 0, 202, }, /* 41 */ - { 33, 9, 12, 0, 203, }, /* 42 */ - { 33, 9, 12, 0, 207, }, /* 43 */ - { 33, 5, 12, 0, 97, }, /* 44 */ - { 33, 9, 12, 0, 211, }, /* 45 */ - { 33, 9, 12, 0, 209, }, /* 46 */ - { 33, 5, 12, 0, 163, }, /* 47 */ - { 33, 9, 12, 0, 213, }, /* 48 */ - { 33, 5, 12, 0, 130, }, /* 49 */ - { 33, 9, 12, 0, 214, }, /* 50 */ - { 33, 9, 12, 0, 218, }, /* 51 */ - { 33, 9, 12, 0, 217, }, /* 52 */ - { 33, 9, 12, 0, 219, }, /* 53 */ - { 33, 5, 12, 0, 56, }, /* 54 */ - { 33, 9, 12, 5, 2, }, /* 55 */ - { 33, 8, 12, 5, 1, }, /* 56 */ - { 33, 5, 12, 5, -2, }, /* 57 */ - { 33, 9, 12, 9, 2, }, /* 58 */ - { 33, 8, 12, 9, 1, }, /* 59 */ - { 33, 5, 12, 9, -2, }, /* 60 */ - { 33, 9, 12, 13, 2, }, /* 61 */ - { 33, 8, 12, 13, 1, }, /* 62 */ - { 33, 5, 12, 13, -2, }, /* 63 */ - { 33, 5, 12, 0, -79, }, /* 64 */ - { 33, 9, 12, 17, 2, }, /* 65 */ - { 33, 8, 12, 17, 1, }, /* 66 */ - { 33, 5, 12, 17, -2, }, /* 67 */ - { 33, 9, 12, 0, -97, }, /* 68 */ - { 33, 9, 12, 0, -56, }, /* 69 */ - { 33, 9, 12, 0, -130, }, /* 70 */ - { 33, 9, 12, 0, 10795, }, /* 71 */ - { 33, 9, 12, 0, -163, }, /* 72 */ - { 33, 9, 12, 0, 10792, }, /* 73 */ - { 33, 5, 12, 0, 10815, }, /* 74 */ - { 33, 9, 12, 0, -195, }, /* 75 */ - { 33, 9, 12, 0, 69, }, /* 76 */ - { 33, 9, 12, 0, 71, }, /* 77 */ - { 33, 5, 12, 0, 10783, }, /* 78 */ - { 33, 5, 12, 0, 10780, }, /* 79 */ - { 33, 5, 12, 0, 10782, }, /* 80 */ - { 33, 5, 12, 0, -210, }, /* 81 */ - { 33, 5, 12, 0, -206, }, /* 82 */ - { 33, 5, 12, 0, -205, }, /* 83 */ - { 33, 5, 12, 0, -202, }, /* 84 */ - { 33, 5, 12, 0, -203, }, /* 85 */ - { 33, 5, 12, 0, 42319, }, /* 86 */ - { 33, 5, 12, 0, 42315, }, /* 87 */ - { 33, 5, 12, 0, -207, }, /* 88 */ - { 33, 5, 12, 0, 42280, }, /* 89 */ - { 33, 5, 12, 0, 42308, }, /* 90 */ - { 33, 5, 12, 0, -209, }, /* 91 */ - { 33, 5, 12, 0, -211, }, /* 92 */ - { 33, 5, 12, 0, 10743, }, /* 93 */ - { 33, 5, 12, 0, 42305, }, /* 94 */ - { 33, 5, 12, 0, 10749, }, /* 95 */ - { 33, 5, 12, 0, -213, }, /* 96 */ - { 33, 5, 12, 0, -214, }, /* 97 */ - { 33, 5, 12, 0, 10727, }, /* 98 */ - { 33, 5, 12, 0, -218, }, /* 99 */ - { 33, 5, 12, 0, 42282, }, /* 100 */ - { 33, 5, 12, 0, -69, }, /* 101 */ - { 33, 5, 12, 0, -217, }, /* 102 */ - { 33, 5, 12, 0, -71, }, /* 103 */ - { 33, 5, 12, 0, -219, }, /* 104 */ - { 33, 5, 12, 0, 42261, }, /* 105 */ - { 33, 5, 12, 0, 42258, }, /* 106 */ - { 33, 6, 12, 0, 0, }, /* 107 */ - { 9, 6, 12, 0, 0, }, /* 108 */ - { 3, 24, 12, 0, 0, }, /* 109 */ - { 27, 12, 3, 0, 0, }, /* 110 */ - { 27, 12, 3, 21, 116, }, /* 111 */ - { 19, 9, 12, 0, 1, }, /* 112 */ - { 19, 5, 12, 0, -1, }, /* 113 */ - { 19, 24, 12, 0, 0, }, /* 114 */ - { 9, 2, 12, 0, 0, }, /* 115 */ - { 19, 6, 12, 0, 0, }, /* 116 */ - { 19, 5, 12, 0, 130, }, /* 117 */ - { 19, 9, 12, 0, 116, }, /* 118 */ - { 19, 9, 12, 0, 38, }, /* 119 */ - { 19, 9, 12, 0, 37, }, /* 120 */ - { 19, 9, 12, 0, 64, }, /* 121 */ - { 19, 9, 12, 0, 63, }, /* 122 */ - { 19, 5, 12, 0, 0, }, /* 123 */ - { 19, 9, 12, 0, 32, }, /* 124 */ - { 19, 9, 12, 34, 32, }, /* 125 */ - { 19, 9, 12, 59, 32, }, /* 126 */ - { 19, 9, 12, 38, 32, }, /* 127 */ - { 19, 9, 12, 21, 32, }, /* 128 */ - { 19, 9, 12, 51, 32, }, /* 129 */ - { 19, 9, 12, 26, 32, }, /* 130 */ - { 19, 9, 12, 47, 32, }, /* 131 */ - { 19, 9, 12, 55, 32, }, /* 132 */ - { 19, 9, 12, 30, 32, }, /* 133 */ - { 19, 9, 12, 43, 32, }, /* 134 */ - { 19, 9, 12, 96, 32, }, /* 135 */ - { 19, 5, 12, 0, -38, }, /* 136 */ - { 19, 5, 12, 0, -37, }, /* 137 */ - { 19, 5, 12, 0, -32, }, /* 138 */ - { 19, 5, 12, 34, -32, }, /* 139 */ - { 19, 5, 12, 59, -32, }, /* 140 */ - { 19, 5, 12, 38, -32, }, /* 141 */ - { 19, 5, 12, 21, -116, }, /* 142 */ - { 19, 5, 12, 51, -32, }, /* 143 */ - { 19, 5, 12, 26, -775, }, /* 144 */ - { 19, 5, 12, 47, -32, }, /* 145 */ - { 19, 5, 12, 55, -32, }, /* 146 */ - { 19, 5, 12, 30, 1, }, /* 147 */ - { 19, 5, 12, 30, -32, }, /* 148 */ - { 19, 5, 12, 43, -32, }, /* 149 */ - { 19, 5, 12, 96, -32, }, /* 150 */ - { 19, 5, 12, 0, -64, }, /* 151 */ - { 19, 5, 12, 0, -63, }, /* 152 */ - { 19, 9, 12, 0, 8, }, /* 153 */ - { 19, 5, 12, 34, -30, }, /* 154 */ - { 19, 5, 12, 38, -25, }, /* 155 */ - { 19, 9, 12, 0, 0, }, /* 156 */ - { 19, 5, 12, 43, -15, }, /* 157 */ - { 19, 5, 12, 47, -22, }, /* 158 */ - { 19, 5, 12, 0, -8, }, /* 159 */ - { 10, 9, 12, 0, 1, }, /* 160 */ - { 10, 5, 12, 0, -1, }, /* 161 */ - { 19, 5, 12, 51, -54, }, /* 162 */ - { 19, 5, 12, 55, -48, }, /* 163 */ - { 19, 5, 12, 0, 7, }, /* 164 */ - { 19, 5, 12, 0, -116, }, /* 165 */ - { 19, 9, 12, 38, -60, }, /* 166 */ - { 19, 5, 12, 59, -64, }, /* 167 */ - { 19, 25, 12, 0, 0, }, /* 168 */ - { 19, 9, 12, 0, -7, }, /* 169 */ - { 19, 9, 12, 0, -130, }, /* 170 */ - { 12, 9, 12, 0, 80, }, /* 171 */ - { 12, 9, 12, 0, 32, }, /* 172 */ - { 12, 9, 12, 63, 32, }, /* 173 */ - { 12, 9, 12, 67, 32, }, /* 174 */ - { 12, 9, 12, 71, 32, }, /* 175 */ - { 12, 9, 12, 75, 32, }, /* 176 */ - { 12, 9, 12, 79, 32, }, /* 177 */ - { 12, 9, 12, 84, 32, }, /* 178 */ - { 12, 5, 12, 0, -32, }, /* 179 */ - { 12, 5, 12, 63, -32, }, /* 180 */ - { 12, 5, 12, 67, -32, }, /* 181 */ - { 12, 5, 12, 71, -32, }, /* 182 */ - { 12, 5, 12, 75, -32, }, /* 183 */ - { 12, 5, 12, 79, -32, }, /* 184 */ - { 12, 5, 12, 84, -32, }, /* 185 */ - { 12, 5, 12, 0, -80, }, /* 186 */ - { 12, 9, 12, 0, 1, }, /* 187 */ - { 12, 5, 12, 0, -1, }, /* 188 */ - { 12, 9, 12, 88, 1, }, /* 189 */ - { 12, 5, 12, 88, -1, }, /* 190 */ - { 12, 26, 12, 0, 0, }, /* 191 */ - { 12, 12, 3, 0, 0, }, /* 192 */ - { 12, 11, 3, 0, 0, }, /* 193 */ - { 12, 9, 12, 0, 15, }, /* 194 */ - { 12, 5, 12, 0, -15, }, /* 195 */ - { 1, 9, 12, 0, 48, }, /* 196 */ - { 1, 6, 12, 0, 0, }, /* 197 */ - { 1, 21, 12, 0, 0, }, /* 198 */ - { 1, 5, 12, 0, -48, }, /* 199 */ + { 9, 26, 14, 0, 0, }, /* 20 */ + { 33, 7, 12, 0, 0, }, /* 21 */ + { 9, 20, 12, 0, 0, }, /* 22 */ + { 9, 1, 2, 0, 0, }, /* 23 */ + { 9, 15, 12, 0, 0, }, /* 24 */ + { 9, 5, 12, 26, 775, }, /* 25 */ + { 9, 19, 12, 0, 0, }, /* 26 */ + { 33, 9, 12, 104, 32, }, /* 27 */ + { 33, 5, 12, 0, 7615, }, /* 28 */ + { 33, 5, 12, 104, -32, }, /* 29 */ + { 33, 5, 12, 0, 121, }, /* 30 */ + { 33, 9, 12, 0, 1, }, /* 31 */ + { 33, 5, 12, 0, -1, }, /* 32 */ + { 33, 9, 12, 0, 0, }, /* 33 */ + { 33, 5, 12, 0, 0, }, /* 34 */ + { 33, 9, 12, 0, -121, }, /* 35 */ + { 33, 5, 12, 1, -268, }, /* 36 */ + { 33, 5, 12, 0, 195, }, /* 37 */ + { 33, 9, 12, 0, 210, }, /* 38 */ + { 33, 9, 12, 0, 206, }, /* 39 */ + { 33, 9, 12, 0, 205, }, /* 40 */ + { 33, 9, 12, 0, 79, }, /* 41 */ + { 33, 9, 12, 0, 202, }, /* 42 */ + { 33, 9, 12, 0, 203, }, /* 43 */ + { 33, 9, 12, 0, 207, }, /* 44 */ + { 33, 5, 12, 0, 97, }, /* 45 */ + { 33, 9, 12, 0, 211, }, /* 46 */ + { 33, 9, 12, 0, 209, }, /* 47 */ + { 33, 5, 12, 0, 163, }, /* 48 */ + { 33, 9, 12, 0, 213, }, /* 49 */ + { 33, 5, 12, 0, 130, }, /* 50 */ + { 33, 9, 12, 0, 214, }, /* 51 */ + { 33, 9, 12, 0, 218, }, /* 52 */ + { 33, 9, 12, 0, 217, }, /* 53 */ + { 33, 9, 12, 0, 219, }, /* 54 */ + { 33, 5, 12, 0, 56, }, /* 55 */ + { 33, 9, 12, 5, 2, }, /* 56 */ + { 33, 8, 12, 5, 1, }, /* 57 */ + { 33, 5, 12, 5, -2, }, /* 58 */ + { 33, 9, 12, 9, 2, }, /* 59 */ + { 33, 8, 12, 9, 1, }, /* 60 */ + { 33, 5, 12, 9, -2, }, /* 61 */ + { 33, 9, 12, 13, 2, }, /* 62 */ + { 33, 8, 12, 13, 1, }, /* 63 */ + { 33, 5, 12, 13, -2, }, /* 64 */ + { 33, 5, 12, 0, -79, }, /* 65 */ + { 33, 9, 12, 17, 2, }, /* 66 */ + { 33, 8, 12, 17, 1, }, /* 67 */ + { 33, 5, 12, 17, -2, }, /* 68 */ + { 33, 9, 12, 0, -97, }, /* 69 */ + { 33, 9, 12, 0, -56, }, /* 70 */ + { 33, 9, 12, 0, -130, }, /* 71 */ + { 33, 9, 12, 0, 10795, }, /* 72 */ + { 33, 9, 12, 0, -163, }, /* 73 */ + { 33, 9, 12, 0, 10792, }, /* 74 */ + { 33, 5, 12, 0, 10815, }, /* 75 */ + { 33, 9, 12, 0, -195, }, /* 76 */ + { 33, 9, 12, 0, 69, }, /* 77 */ + { 33, 9, 12, 0, 71, }, /* 78 */ + { 33, 5, 12, 0, 10783, }, /* 79 */ + { 33, 5, 12, 0, 10780, }, /* 80 */ + { 33, 5, 12, 0, 10782, }, /* 81 */ + { 33, 5, 12, 0, -210, }, /* 82 */ + { 33, 5, 12, 0, -206, }, /* 83 */ + { 33, 5, 12, 0, -205, }, /* 84 */ + { 33, 5, 12, 0, -202, }, /* 85 */ + { 33, 5, 12, 0, -203, }, /* 86 */ + { 33, 5, 12, 0, 42319, }, /* 87 */ + { 33, 5, 12, 0, 42315, }, /* 88 */ + { 33, 5, 12, 0, -207, }, /* 89 */ + { 33, 5, 12, 0, 42280, }, /* 90 */ + { 33, 5, 12, 0, 42308, }, /* 91 */ + { 33, 5, 12, 0, -209, }, /* 92 */ + { 33, 5, 12, 0, -211, }, /* 93 */ + { 33, 5, 12, 0, 10743, }, /* 94 */ + { 33, 5, 12, 0, 42305, }, /* 95 */ + { 33, 5, 12, 0, 10749, }, /* 96 */ + { 33, 5, 12, 0, -213, }, /* 97 */ + { 33, 5, 12, 0, -214, }, /* 98 */ + { 33, 5, 12, 0, 10727, }, /* 99 */ + { 33, 5, 12, 0, -218, }, /* 100 */ + { 33, 5, 12, 0, 42282, }, /* 101 */ + { 33, 5, 12, 0, -69, }, /* 102 */ + { 33, 5, 12, 0, -217, }, /* 103 */ + { 33, 5, 12, 0, -71, }, /* 104 */ + { 33, 5, 12, 0, -219, }, /* 105 */ + { 33, 5, 12, 0, 42261, }, /* 106 */ + { 33, 5, 12, 0, 42258, }, /* 107 */ + { 33, 6, 12, 0, 0, }, /* 108 */ + { 9, 6, 12, 0, 0, }, /* 109 */ + { 3, 24, 12, 0, 0, }, /* 110 */ + { 27, 12, 3, 0, 0, }, /* 111 */ + { 27, 12, 3, 21, 116, }, /* 112 */ + { 19, 9, 12, 0, 1, }, /* 113 */ + { 19, 5, 12, 0, -1, }, /* 114 */ + { 19, 24, 12, 0, 0, }, /* 115 */ + { 9, 2, 12, 0, 0, }, /* 116 */ + { 19, 6, 12, 0, 0, }, /* 117 */ + { 19, 5, 12, 0, 130, }, /* 118 */ + { 19, 9, 12, 0, 116, }, /* 119 */ + { 19, 9, 12, 0, 38, }, /* 120 */ + { 19, 9, 12, 0, 37, }, /* 121 */ + { 19, 9, 12, 0, 64, }, /* 122 */ + { 19, 9, 12, 0, 63, }, /* 123 */ + { 19, 5, 12, 0, 0, }, /* 124 */ + { 19, 9, 12, 0, 32, }, /* 125 */ + { 19, 9, 12, 34, 32, }, /* 126 */ + { 19, 9, 12, 59, 32, }, /* 127 */ + { 19, 9, 12, 38, 32, }, /* 128 */ + { 19, 9, 12, 21, 32, }, /* 129 */ + { 19, 9, 12, 51, 32, }, /* 130 */ + { 19, 9, 12, 26, 32, }, /* 131 */ + { 19, 9, 12, 47, 32, }, /* 132 */ + { 19, 9, 12, 55, 32, }, /* 133 */ + { 19, 9, 12, 30, 32, }, /* 134 */ + { 19, 9, 12, 43, 32, }, /* 135 */ + { 19, 9, 12, 96, 32, }, /* 136 */ + { 19, 5, 12, 0, -38, }, /* 137 */ + { 19, 5, 12, 0, -37, }, /* 138 */ + { 19, 5, 12, 0, -32, }, /* 139 */ + { 19, 5, 12, 34, -32, }, /* 140 */ + { 19, 5, 12, 59, -32, }, /* 141 */ + { 19, 5, 12, 38, -32, }, /* 142 */ + { 19, 5, 12, 21, -116, }, /* 143 */ + { 19, 5, 12, 51, -32, }, /* 144 */ + { 19, 5, 12, 26, -775, }, /* 145 */ + { 19, 5, 12, 47, -32, }, /* 146 */ + { 19, 5, 12, 55, -32, }, /* 147 */ + { 19, 5, 12, 30, 1, }, /* 148 */ + { 19, 5, 12, 30, -32, }, /* 149 */ + { 19, 5, 12, 43, -32, }, /* 150 */ + { 19, 5, 12, 96, -32, }, /* 151 */ + { 19, 5, 12, 0, -64, }, /* 152 */ + { 19, 5, 12, 0, -63, }, /* 153 */ + { 19, 9, 12, 0, 8, }, /* 154 */ + { 19, 5, 12, 34, -30, }, /* 155 */ + { 19, 5, 12, 38, -25, }, /* 156 */ + { 19, 9, 12, 0, 0, }, /* 157 */ + { 19, 5, 12, 43, -15, }, /* 158 */ + { 19, 5, 12, 47, -22, }, /* 159 */ + { 19, 5, 12, 0, -8, }, /* 160 */ + { 10, 9, 12, 0, 1, }, /* 161 */ + { 10, 5, 12, 0, -1, }, /* 162 */ + { 19, 5, 12, 51, -54, }, /* 163 */ + { 19, 5, 12, 55, -48, }, /* 164 */ + { 19, 5, 12, 0, 7, }, /* 165 */ + { 19, 5, 12, 0, -116, }, /* 166 */ + { 19, 9, 12, 38, -60, }, /* 167 */ + { 19, 5, 12, 59, -64, }, /* 168 */ + { 19, 25, 12, 0, 0, }, /* 169 */ + { 19, 9, 12, 0, -7, }, /* 170 */ + { 19, 9, 12, 0, -130, }, /* 171 */ + { 12, 9, 12, 0, 80, }, /* 172 */ + { 12, 9, 12, 0, 32, }, /* 173 */ + { 12, 9, 12, 63, 32, }, /* 174 */ + { 12, 9, 12, 67, 32, }, /* 175 */ + { 12, 9, 12, 71, 32, }, /* 176 */ + { 12, 9, 12, 75, 32, }, /* 177 */ + { 12, 9, 12, 79, 32, }, /* 178 */ + { 12, 9, 12, 84, 32, }, /* 179 */ + { 12, 5, 12, 0, -32, }, /* 180 */ + { 12, 5, 12, 63, -32, }, /* 181 */ + { 12, 5, 12, 67, -32, }, /* 182 */ + { 12, 5, 12, 71, -32, }, /* 183 */ + { 12, 5, 12, 75, -32, }, /* 184 */ + { 12, 5, 12, 79, -32, }, /* 185 */ + { 12, 5, 12, 84, -32, }, /* 186 */ + { 12, 5, 12, 0, -80, }, /* 187 */ + { 12, 9, 12, 0, 1, }, /* 188 */ + { 12, 5, 12, 0, -1, }, /* 189 */ + { 12, 9, 12, 88, 1, }, /* 190 */ + { 12, 5, 12, 88, -1, }, /* 191 */ + { 12, 26, 12, 0, 0, }, /* 192 */ + { 12, 12, 3, 0, 0, }, /* 193 */ + { 12, 11, 3, 0, 0, }, /* 194 */ + { 12, 9, 12, 0, 15, }, /* 195 */ + { 12, 5, 12, 0, -15, }, /* 196 */ + { 1, 9, 12, 0, 48, }, /* 197 */ + { 1, 6, 12, 0, 0, }, /* 198 */ + { 1, 21, 12, 0, 0, }, /* 199 */ { 1, 5, 12, 0, 0, }, /* 200 */ - { 1, 17, 12, 0, 0, }, /* 201 */ - { 1, 26, 12, 0, 0, }, /* 202 */ - { 1, 23, 12, 0, 0, }, /* 203 */ - { 25, 12, 3, 0, 0, }, /* 204 */ - { 25, 17, 12, 0, 0, }, /* 205 */ - { 25, 21, 12, 0, 0, }, /* 206 */ - { 25, 7, 12, 0, 0, }, /* 207 */ - { 0, 1, 4, 0, 0, }, /* 208 */ - { 9, 1, 4, 0, 0, }, /* 209 */ - { 0, 25, 12, 0, 0, }, /* 210 */ - { 0, 21, 12, 0, 0, }, /* 211 */ - { 0, 23, 12, 0, 0, }, /* 212 */ - { 0, 26, 12, 0, 0, }, /* 213 */ - { 0, 12, 3, 0, 0, }, /* 214 */ - { 0, 1, 2, 0, 0, }, /* 215 */ - { 0, 7, 12, 0, 0, }, /* 216 */ - { 0, 13, 12, 0, 0, }, /* 217 */ - { 0, 6, 12, 0, 0, }, /* 218 */ - { 49, 21, 12, 0, 0, }, /* 219 */ - { 49, 1, 4, 0, 0, }, /* 220 */ - { 49, 7, 12, 0, 0, }, /* 221 */ - { 49, 12, 3, 0, 0, }, /* 222 */ - { 55, 7, 12, 0, 0, }, /* 223 */ - { 55, 12, 3, 0, 0, }, /* 224 */ - { 63, 13, 12, 0, 0, }, /* 225 */ - { 63, 7, 12, 0, 0, }, /* 226 */ - { 63, 12, 3, 0, 0, }, /* 227 */ - { 63, 6, 12, 0, 0, }, /* 228 */ - { 63, 26, 12, 0, 0, }, /* 229 */ - { 63, 21, 12, 0, 0, }, /* 230 */ - { 89, 7, 12, 0, 0, }, /* 231 */ - { 89, 12, 3, 0, 0, }, /* 232 */ - { 89, 6, 12, 0, 0, }, /* 233 */ - { 89, 21, 12, 0, 0, }, /* 234 */ - { 94, 7, 12, 0, 0, }, /* 235 */ - { 94, 12, 3, 0, 0, }, /* 236 */ - { 94, 21, 12, 0, 0, }, /* 237 */ - { 14, 12, 3, 0, 0, }, /* 238 */ - { 14, 10, 5, 0, 0, }, /* 239 */ - { 14, 7, 12, 0, 0, }, /* 240 */ - { 14, 13, 12, 0, 0, }, /* 241 */ - { 14, 21, 12, 0, 0, }, /* 242 */ - { 14, 6, 12, 0, 0, }, /* 243 */ - { 2, 7, 12, 0, 0, }, /* 244 */ - { 2, 12, 3, 0, 0, }, /* 245 */ - { 2, 10, 5, 0, 0, }, /* 246 */ - { 2, 10, 3, 0, 0, }, /* 247 */ - { 2, 13, 12, 0, 0, }, /* 248 */ - { 2, 23, 12, 0, 0, }, /* 249 */ - { 2, 15, 12, 0, 0, }, /* 250 */ - { 2, 26, 12, 0, 0, }, /* 251 */ - { 2, 21, 12, 0, 0, }, /* 252 */ - { 21, 12, 3, 0, 0, }, /* 253 */ - { 21, 10, 5, 0, 0, }, /* 254 */ - { 21, 7, 12, 0, 0, }, /* 255 */ - { 21, 13, 12, 0, 0, }, /* 256 */ - { 20, 12, 3, 0, 0, }, /* 257 */ - { 20, 10, 5, 0, 0, }, /* 258 */ - { 20, 7, 12, 0, 0, }, /* 259 */ - { 20, 13, 12, 0, 0, }, /* 260 */ - { 20, 21, 12, 0, 0, }, /* 261 */ - { 20, 23, 12, 0, 0, }, /* 262 */ - { 43, 12, 3, 0, 0, }, /* 263 */ - { 43, 10, 5, 0, 0, }, /* 264 */ - { 43, 7, 12, 0, 0, }, /* 265 */ - { 43, 10, 3, 0, 0, }, /* 266 */ - { 43, 13, 12, 0, 0, }, /* 267 */ - { 43, 26, 12, 0, 0, }, /* 268 */ - { 43, 15, 12, 0, 0, }, /* 269 */ - { 53, 12, 3, 0, 0, }, /* 270 */ - { 53, 7, 12, 0, 0, }, /* 271 */ - { 53, 10, 3, 0, 0, }, /* 272 */ - { 53, 10, 5, 0, 0, }, /* 273 */ - { 53, 13, 12, 0, 0, }, /* 274 */ - { 53, 15, 12, 0, 0, }, /* 275 */ - { 53, 26, 12, 0, 0, }, /* 276 */ - { 53, 23, 12, 0, 0, }, /* 277 */ - { 54, 12, 3, 0, 0, }, /* 278 */ - { 54, 10, 5, 0, 0, }, /* 279 */ - { 54, 7, 12, 0, 0, }, /* 280 */ - { 54, 13, 12, 0, 0, }, /* 281 */ - { 54, 15, 12, 0, 0, }, /* 282 */ - { 54, 26, 12, 0, 0, }, /* 283 */ - { 28, 7, 12, 0, 0, }, /* 284 */ - { 28, 12, 3, 0, 0, }, /* 285 */ - { 28, 10, 5, 0, 0, }, /* 286 */ - { 28, 10, 3, 0, 0, }, /* 287 */ - { 28, 13, 12, 0, 0, }, /* 288 */ - { 36, 12, 3, 0, 0, }, /* 289 */ - { 36, 10, 5, 0, 0, }, /* 290 */ - { 36, 7, 12, 0, 0, }, /* 291 */ - { 36, 10, 3, 0, 0, }, /* 292 */ - { 36, 7, 4, 0, 0, }, /* 293 */ - { 36, 26, 12, 0, 0, }, /* 294 */ - { 36, 15, 12, 0, 0, }, /* 295 */ - { 36, 13, 12, 0, 0, }, /* 296 */ - { 47, 10, 5, 0, 0, }, /* 297 */ - { 47, 7, 12, 0, 0, }, /* 298 */ - { 47, 12, 3, 0, 0, }, /* 299 */ - { 47, 10, 3, 0, 0, }, /* 300 */ - { 47, 13, 12, 0, 0, }, /* 301 */ - { 47, 21, 12, 0, 0, }, /* 302 */ - { 56, 7, 12, 0, 0, }, /* 303 */ - { 56, 12, 3, 0, 0, }, /* 304 */ - { 56, 7, 5, 0, 0, }, /* 305 */ - { 56, 6, 12, 0, 0, }, /* 306 */ - { 56, 21, 12, 0, 0, }, /* 307 */ - { 56, 13, 12, 0, 0, }, /* 308 */ - { 32, 7, 12, 0, 0, }, /* 309 */ - { 32, 12, 3, 0, 0, }, /* 310 */ - { 32, 7, 5, 0, 0, }, /* 311 */ - { 32, 6, 12, 0, 0, }, /* 312 */ - { 32, 13, 12, 0, 0, }, /* 313 */ - { 57, 7, 12, 0, 0, }, /* 314 */ - { 57, 26, 12, 0, 0, }, /* 315 */ - { 57, 21, 12, 0, 0, }, /* 316 */ - { 57, 12, 3, 0, 0, }, /* 317 */ - { 57, 13, 12, 0, 0, }, /* 318 */ - { 57, 15, 12, 0, 0, }, /* 319 */ - { 57, 22, 12, 0, 0, }, /* 320 */ - { 57, 18, 12, 0, 0, }, /* 321 */ - { 57, 10, 5, 0, 0, }, /* 322 */ - { 38, 7, 12, 0, 0, }, /* 323 */ - { 38, 10, 12, 0, 0, }, /* 324 */ - { 38, 12, 3, 0, 0, }, /* 325 */ - { 38, 10, 5, 0, 0, }, /* 326 */ - { 38, 13, 12, 0, 0, }, /* 327 */ - { 38, 21, 12, 0, 0, }, /* 328 */ - { 38, 26, 12, 0, 0, }, /* 329 */ - { 16, 9, 12, 0, 7264, }, /* 330 */ - { 16, 7, 12, 0, 0, }, /* 331 */ - { 16, 6, 12, 0, 0, }, /* 332 */ - { 23, 7, 6, 0, 0, }, /* 333 */ - { 23, 7, 7, 0, 0, }, /* 334 */ - { 23, 7, 8, 0, 0, }, /* 335 */ - { 15, 7, 12, 0, 0, }, /* 336 */ - { 15, 12, 3, 0, 0, }, /* 337 */ - { 15, 21, 12, 0, 0, }, /* 338 */ - { 15, 15, 12, 0, 0, }, /* 339 */ - { 15, 26, 12, 0, 0, }, /* 340 */ - { 8, 9, 12, 0, 38864, }, /* 341 */ - { 8, 9, 12, 0, 8, }, /* 342 */ - { 8, 5, 12, 0, -8, }, /* 343 */ - { 7, 17, 12, 0, 0, }, /* 344 */ - { 7, 7, 12, 0, 0, }, /* 345 */ - { 7, 21, 12, 0, 0, }, /* 346 */ - { 40, 29, 12, 0, 0, }, /* 347 */ - { 40, 7, 12, 0, 0, }, /* 348 */ - { 40, 22, 12, 0, 0, }, /* 349 */ - { 40, 18, 12, 0, 0, }, /* 350 */ - { 45, 7, 12, 0, 0, }, /* 351 */ - { 45, 14, 12, 0, 0, }, /* 352 */ - { 50, 7, 12, 0, 0, }, /* 353 */ - { 50, 12, 3, 0, 0, }, /* 354 */ - { 24, 7, 12, 0, 0, }, /* 355 */ - { 24, 12, 3, 0, 0, }, /* 356 */ - { 6, 7, 12, 0, 0, }, /* 357 */ - { 6, 12, 3, 0, 0, }, /* 358 */ - { 51, 7, 12, 0, 0, }, /* 359 */ - { 51, 12, 3, 0, 0, }, /* 360 */ - { 31, 7, 12, 0, 0, }, /* 361 */ - { 31, 12, 3, 0, 0, }, /* 362 */ - { 31, 10, 5, 0, 0, }, /* 363 */ - { 31, 21, 12, 0, 0, }, /* 364 */ - { 31, 6, 12, 0, 0, }, /* 365 */ - { 31, 23, 12, 0, 0, }, /* 366 */ - { 31, 13, 12, 0, 0, }, /* 367 */ - { 31, 15, 12, 0, 0, }, /* 368 */ - { 37, 21, 12, 0, 0, }, /* 369 */ - { 37, 17, 12, 0, 0, }, /* 370 */ - { 37, 12, 3, 0, 0, }, /* 371 */ - { 37, 1, 2, 0, 0, }, /* 372 */ - { 37, 13, 12, 0, 0, }, /* 373 */ - { 37, 7, 12, 0, 0, }, /* 374 */ - { 37, 6, 12, 0, 0, }, /* 375 */ - { 34, 7, 12, 0, 0, }, /* 376 */ - { 34, 12, 3, 0, 0, }, /* 377 */ - { 34, 10, 5, 0, 0, }, /* 378 */ - { 34, 26, 12, 0, 0, }, /* 379 */ - { 34, 21, 12, 0, 0, }, /* 380 */ - { 34, 13, 12, 0, 0, }, /* 381 */ - { 52, 7, 12, 0, 0, }, /* 382 */ - { 39, 7, 12, 0, 0, }, /* 383 */ - { 39, 13, 12, 0, 0, }, /* 384 */ - { 39, 15, 12, 0, 0, }, /* 385 */ - { 39, 26, 12, 0, 0, }, /* 386 */ - { 31, 26, 12, 0, 0, }, /* 387 */ - { 5, 7, 12, 0, 0, }, /* 388 */ - { 5, 12, 3, 0, 0, }, /* 389 */ - { 5, 10, 5, 0, 0, }, /* 390 */ - { 5, 21, 12, 0, 0, }, /* 391 */ - { 90, 7, 12, 0, 0, }, /* 392 */ - { 90, 10, 5, 0, 0, }, /* 393 */ - { 90, 12, 3, 0, 0, }, /* 394 */ - { 90, 10, 12, 0, 0, }, /* 395 */ - { 90, 13, 12, 0, 0, }, /* 396 */ - { 90, 21, 12, 0, 0, }, /* 397 */ - { 90, 6, 12, 0, 0, }, /* 398 */ - { 27, 11, 3, 0, 0, }, /* 399 */ - { 61, 12, 3, 0, 0, }, /* 400 */ - { 61, 10, 5, 0, 0, }, /* 401 */ - { 61, 7, 12, 0, 0, }, /* 402 */ - { 61, 13, 12, 0, 0, }, /* 403 */ - { 61, 21, 12, 0, 0, }, /* 404 */ - { 61, 26, 12, 0, 0, }, /* 405 */ - { 75, 12, 3, 0, 0, }, /* 406 */ - { 75, 10, 5, 0, 0, }, /* 407 */ - { 75, 7, 12, 0, 0, }, /* 408 */ - { 75, 13, 12, 0, 0, }, /* 409 */ - { 92, 7, 12, 0, 0, }, /* 410 */ - { 92, 12, 3, 0, 0, }, /* 411 */ - { 92, 10, 5, 0, 0, }, /* 412 */ - { 92, 21, 12, 0, 0, }, /* 413 */ - { 69, 7, 12, 0, 0, }, /* 414 */ - { 69, 10, 5, 0, 0, }, /* 415 */ - { 69, 12, 3, 0, 0, }, /* 416 */ - { 69, 21, 12, 0, 0, }, /* 417 */ - { 69, 13, 12, 0, 0, }, /* 418 */ - { 72, 13, 12, 0, 0, }, /* 419 */ - { 72, 7, 12, 0, 0, }, /* 420 */ - { 72, 6, 12, 0, 0, }, /* 421 */ - { 72, 21, 12, 0, 0, }, /* 422 */ - { 12, 5, 12, 63, -6222, }, /* 423 */ - { 12, 5, 12, 67, -6221, }, /* 424 */ - { 12, 5, 12, 71, -6212, }, /* 425 */ - { 12, 5, 12, 75, -6210, }, /* 426 */ - { 12, 5, 12, 79, -6210, }, /* 427 */ - { 12, 5, 12, 79, -6211, }, /* 428 */ - { 12, 5, 12, 84, -6204, }, /* 429 */ - { 12, 5, 12, 88, -6180, }, /* 430 */ - { 12, 5, 12, 108, 35267, }, /* 431 */ - { 75, 21, 12, 0, 0, }, /* 432 */ - { 9, 10, 5, 0, 0, }, /* 433 */ - { 9, 7, 12, 0, 0, }, /* 434 */ - { 12, 5, 12, 0, 0, }, /* 435 */ - { 12, 6, 12, 0, 0, }, /* 436 */ - { 33, 5, 12, 0, 35332, }, /* 437 */ - { 33, 5, 12, 0, 3814, }, /* 438 */ - { 33, 9, 12, 92, 1, }, /* 439 */ - { 33, 5, 12, 92, -1, }, /* 440 */ - { 33, 5, 12, 92, -58, }, /* 441 */ - { 33, 9, 12, 0, -7615, }, /* 442 */ - { 19, 5, 12, 0, 8, }, /* 443 */ - { 19, 9, 12, 0, -8, }, /* 444 */ - { 19, 5, 12, 0, 74, }, /* 445 */ - { 19, 5, 12, 0, 86, }, /* 446 */ - { 19, 5, 12, 0, 100, }, /* 447 */ - { 19, 5, 12, 0, 128, }, /* 448 */ - { 19, 5, 12, 0, 112, }, /* 449 */ - { 19, 5, 12, 0, 126, }, /* 450 */ - { 19, 8, 12, 0, -8, }, /* 451 */ - { 19, 5, 12, 0, 9, }, /* 452 */ - { 19, 9, 12, 0, -74, }, /* 453 */ - { 19, 8, 12, 0, -9, }, /* 454 */ - { 19, 5, 12, 21, -7173, }, /* 455 */ - { 19, 9, 12, 0, -86, }, /* 456 */ - { 19, 9, 12, 0, -100, }, /* 457 */ - { 19, 9, 12, 0, -112, }, /* 458 */ - { 19, 9, 12, 0, -128, }, /* 459 */ - { 19, 9, 12, 0, -126, }, /* 460 */ - { 27, 1, 3, 0, 0, }, /* 461 */ - { 27, 1, 16, 0, 0, }, /* 462 */ - { 9, 27, 2, 0, 0, }, /* 463 */ - { 9, 28, 2, 0, 0, }, /* 464 */ - { 9, 2, 2, 0, 0, }, /* 465 */ - { 9, 9, 12, 0, 0, }, /* 466 */ - { 9, 5, 12, 0, 0, }, /* 467 */ - { 19, 9, 12, 96, -7517, }, /* 468 */ - { 33, 9, 12, 100, -8383, }, /* 469 */ - { 33, 9, 12, 104, -8262, }, /* 470 */ - { 33, 9, 12, 0, 28, }, /* 471 */ - { 33, 5, 12, 0, -28, }, /* 472 */ - { 33, 14, 12, 0, 16, }, /* 473 */ - { 33, 14, 12, 0, -16, }, /* 474 */ - { 33, 14, 12, 0, 0, }, /* 475 */ - { 9, 26, 12, 0, 26, }, /* 476 */ - { 9, 26, 12, 0, -26, }, /* 477 */ - { 9, 26, 13, 0, 0, }, /* 478 */ - { 9, 26, 17, 0, 0, }, /* 479 */ - { 4, 26, 12, 0, 0, }, /* 480 */ - { 17, 9, 12, 0, 48, }, /* 481 */ - { 17, 5, 12, 0, -48, }, /* 482 */ - { 33, 9, 12, 0, -10743, }, /* 483 */ - { 33, 9, 12, 0, -3814, }, /* 484 */ - { 33, 9, 12, 0, -10727, }, /* 485 */ - { 33, 5, 12, 0, -10795, }, /* 486 */ - { 33, 5, 12, 0, -10792, }, /* 487 */ - { 33, 9, 12, 0, -10780, }, /* 488 */ - { 33, 9, 12, 0, -10749, }, /* 489 */ - { 33, 9, 12, 0, -10783, }, /* 490 */ - { 33, 9, 12, 0, -10782, }, /* 491 */ - { 33, 9, 12, 0, -10815, }, /* 492 */ - { 10, 5, 12, 0, 0, }, /* 493 */ - { 10, 26, 12, 0, 0, }, /* 494 */ - { 10, 12, 3, 0, 0, }, /* 495 */ - { 10, 21, 12, 0, 0, }, /* 496 */ - { 10, 15, 12, 0, 0, }, /* 497 */ - { 16, 5, 12, 0, -7264, }, /* 498 */ - { 58, 7, 12, 0, 0, }, /* 499 */ - { 58, 6, 12, 0, 0, }, /* 500 */ - { 58, 21, 12, 0, 0, }, /* 501 */ - { 58, 12, 3, 0, 0, }, /* 502 */ - { 22, 26, 12, 0, 0, }, /* 503 */ - { 22, 6, 12, 0, 0, }, /* 504 */ - { 22, 14, 12, 0, 0, }, /* 505 */ - { 23, 10, 3, 0, 0, }, /* 506 */ - { 26, 7, 12, 0, 0, }, /* 507 */ - { 26, 6, 12, 0, 0, }, /* 508 */ - { 29, 7, 12, 0, 0, }, /* 509 */ - { 29, 6, 12, 0, 0, }, /* 510 */ - { 3, 7, 12, 0, 0, }, /* 511 */ - { 23, 7, 12, 0, 0, }, /* 512 */ - { 23, 26, 12, 0, 0, }, /* 513 */ - { 29, 26, 12, 0, 0, }, /* 514 */ - { 22, 7, 12, 0, 0, }, /* 515 */ - { 60, 7, 12, 0, 0, }, /* 516 */ - { 60, 6, 12, 0, 0, }, /* 517 */ - { 60, 26, 12, 0, 0, }, /* 518 */ - { 85, 7, 12, 0, 0, }, /* 519 */ - { 85, 6, 12, 0, 0, }, /* 520 */ - { 85, 21, 12, 0, 0, }, /* 521 */ - { 76, 7, 12, 0, 0, }, /* 522 */ - { 76, 6, 12, 0, 0, }, /* 523 */ - { 76, 21, 12, 0, 0, }, /* 524 */ - { 76, 13, 12, 0, 0, }, /* 525 */ - { 12, 9, 12, 108, 1, }, /* 526 */ - { 12, 5, 12, 108, -35267, }, /* 527 */ - { 12, 7, 12, 0, 0, }, /* 528 */ - { 12, 21, 12, 0, 0, }, /* 529 */ - { 78, 7, 12, 0, 0, }, /* 530 */ - { 78, 14, 12, 0, 0, }, /* 531 */ - { 78, 12, 3, 0, 0, }, /* 532 */ - { 78, 21, 12, 0, 0, }, /* 533 */ - { 33, 9, 12, 0, -35332, }, /* 534 */ - { 33, 9, 12, 0, -42280, }, /* 535 */ - { 33, 9, 12, 0, -42308, }, /* 536 */ - { 33, 9, 12, 0, -42319, }, /* 537 */ - { 33, 9, 12, 0, -42315, }, /* 538 */ - { 33, 9, 12, 0, -42305, }, /* 539 */ - { 33, 9, 12, 0, -42258, }, /* 540 */ - { 33, 9, 12, 0, -42282, }, /* 541 */ - { 33, 9, 12, 0, -42261, }, /* 542 */ - { 33, 9, 12, 0, 928, }, /* 543 */ - { 48, 7, 12, 0, 0, }, /* 544 */ - { 48, 12, 3, 0, 0, }, /* 545 */ - { 48, 10, 5, 0, 0, }, /* 546 */ - { 48, 26, 12, 0, 0, }, /* 547 */ - { 64, 7, 12, 0, 0, }, /* 548 */ - { 64, 21, 12, 0, 0, }, /* 549 */ - { 74, 10, 5, 0, 0, }, /* 550 */ - { 74, 7, 12, 0, 0, }, /* 551 */ - { 74, 12, 3, 0, 0, }, /* 552 */ - { 74, 21, 12, 0, 0, }, /* 553 */ - { 74, 13, 12, 0, 0, }, /* 554 */ - { 68, 13, 12, 0, 0, }, /* 555 */ - { 68, 7, 12, 0, 0, }, /* 556 */ - { 68, 12, 3, 0, 0, }, /* 557 */ - { 68, 21, 12, 0, 0, }, /* 558 */ - { 73, 7, 12, 0, 0, }, /* 559 */ - { 73, 12, 3, 0, 0, }, /* 560 */ - { 73, 10, 5, 0, 0, }, /* 561 */ - { 73, 21, 12, 0, 0, }, /* 562 */ - { 83, 12, 3, 0, 0, }, /* 563 */ - { 83, 10, 5, 0, 0, }, /* 564 */ - { 83, 7, 12, 0, 0, }, /* 565 */ - { 83, 21, 12, 0, 0, }, /* 566 */ - { 83, 13, 12, 0, 0, }, /* 567 */ - { 38, 6, 12, 0, 0, }, /* 568 */ - { 67, 7, 12, 0, 0, }, /* 569 */ - { 67, 12, 3, 0, 0, }, /* 570 */ - { 67, 10, 5, 0, 0, }, /* 571 */ - { 67, 13, 12, 0, 0, }, /* 572 */ - { 67, 21, 12, 0, 0, }, /* 573 */ - { 91, 7, 12, 0, 0, }, /* 574 */ - { 91, 12, 3, 0, 0, }, /* 575 */ - { 91, 6, 12, 0, 0, }, /* 576 */ - { 91, 21, 12, 0, 0, }, /* 577 */ - { 86, 7, 12, 0, 0, }, /* 578 */ - { 86, 10, 5, 0, 0, }, /* 579 */ - { 86, 12, 3, 0, 0, }, /* 580 */ - { 86, 21, 12, 0, 0, }, /* 581 */ - { 86, 6, 12, 0, 0, }, /* 582 */ - { 33, 5, 12, 0, -928, }, /* 583 */ - { 8, 5, 12, 0, -38864, }, /* 584 */ - { 86, 13, 12, 0, 0, }, /* 585 */ - { 23, 7, 9, 0, 0, }, /* 586 */ - { 23, 7, 10, 0, 0, }, /* 587 */ - { 9, 4, 2, 0, 0, }, /* 588 */ - { 9, 3, 12, 0, 0, }, /* 589 */ - { 25, 25, 12, 0, 0, }, /* 590 */ - { 0, 24, 12, 0, 0, }, /* 591 */ - { 9, 6, 3, 0, 0, }, /* 592 */ - { 35, 7, 12, 0, 0, }, /* 593 */ - { 19, 14, 12, 0, 0, }, /* 594 */ - { 19, 15, 12, 0, 0, }, /* 595 */ - { 19, 26, 12, 0, 0, }, /* 596 */ - { 70, 7, 12, 0, 0, }, /* 597 */ - { 66, 7, 12, 0, 0, }, /* 598 */ - { 41, 7, 12, 0, 0, }, /* 599 */ - { 41, 15, 12, 0, 0, }, /* 600 */ - { 18, 7, 12, 0, 0, }, /* 601 */ - { 18, 14, 12, 0, 0, }, /* 602 */ - { 117, 7, 12, 0, 0, }, /* 603 */ - { 117, 12, 3, 0, 0, }, /* 604 */ - { 59, 7, 12, 0, 0, }, /* 605 */ - { 59, 21, 12, 0, 0, }, /* 606 */ - { 42, 7, 12, 0, 0, }, /* 607 */ - { 42, 21, 12, 0, 0, }, /* 608 */ - { 42, 14, 12, 0, 0, }, /* 609 */ - { 13, 9, 12, 0, 40, }, /* 610 */ - { 13, 5, 12, 0, -40, }, /* 611 */ - { 46, 7, 12, 0, 0, }, /* 612 */ - { 44, 7, 12, 0, 0, }, /* 613 */ - { 44, 13, 12, 0, 0, }, /* 614 */ - { 135, 9, 12, 0, 40, }, /* 615 */ - { 135, 5, 12, 0, -40, }, /* 616 */ - { 105, 7, 12, 0, 0, }, /* 617 */ - { 103, 7, 12, 0, 0, }, /* 618 */ - { 103, 21, 12, 0, 0, }, /* 619 */ - { 109, 7, 12, 0, 0, }, /* 620 */ - { 11, 7, 12, 0, 0, }, /* 621 */ - { 80, 7, 12, 0, 0, }, /* 622 */ - { 80, 21, 12, 0, 0, }, /* 623 */ - { 80, 15, 12, 0, 0, }, /* 624 */ - { 119, 7, 12, 0, 0, }, /* 625 */ - { 119, 26, 12, 0, 0, }, /* 626 */ - { 119, 15, 12, 0, 0, }, /* 627 */ - { 115, 7, 12, 0, 0, }, /* 628 */ - { 115, 15, 12, 0, 0, }, /* 629 */ - { 127, 7, 12, 0, 0, }, /* 630 */ - { 127, 15, 12, 0, 0, }, /* 631 */ - { 65, 7, 12, 0, 0, }, /* 632 */ - { 65, 15, 12, 0, 0, }, /* 633 */ - { 65, 21, 12, 0, 0, }, /* 634 */ - { 71, 7, 12, 0, 0, }, /* 635 */ - { 71, 21, 12, 0, 0, }, /* 636 */ - { 97, 7, 12, 0, 0, }, /* 637 */ - { 96, 7, 12, 0, 0, }, /* 638 */ - { 96, 15, 12, 0, 0, }, /* 639 */ - { 30, 7, 12, 0, 0, }, /* 640 */ - { 30, 12, 3, 0, 0, }, /* 641 */ - { 30, 15, 12, 0, 0, }, /* 642 */ - { 30, 21, 12, 0, 0, }, /* 643 */ - { 87, 7, 12, 0, 0, }, /* 644 */ - { 87, 15, 12, 0, 0, }, /* 645 */ - { 87, 21, 12, 0, 0, }, /* 646 */ - { 116, 7, 12, 0, 0, }, /* 647 */ - { 116, 15, 12, 0, 0, }, /* 648 */ - { 111, 7, 12, 0, 0, }, /* 649 */ - { 111, 26, 12, 0, 0, }, /* 650 */ - { 111, 12, 3, 0, 0, }, /* 651 */ - { 111, 15, 12, 0, 0, }, /* 652 */ - { 111, 21, 12, 0, 0, }, /* 653 */ - { 77, 7, 12, 0, 0, }, /* 654 */ - { 77, 21, 12, 0, 0, }, /* 655 */ - { 82, 7, 12, 0, 0, }, /* 656 */ - { 82, 15, 12, 0, 0, }, /* 657 */ - { 81, 7, 12, 0, 0, }, /* 658 */ - { 81, 15, 12, 0, 0, }, /* 659 */ - { 120, 7, 12, 0, 0, }, /* 660 */ - { 120, 21, 12, 0, 0, }, /* 661 */ - { 120, 15, 12, 0, 0, }, /* 662 */ - { 88, 7, 12, 0, 0, }, /* 663 */ - { 129, 9, 12, 0, 64, }, /* 664 */ - { 129, 5, 12, 0, -64, }, /* 665 */ - { 129, 15, 12, 0, 0, }, /* 666 */ - { 0, 15, 12, 0, 0, }, /* 667 */ - { 93, 10, 5, 0, 0, }, /* 668 */ - { 93, 12, 3, 0, 0, }, /* 669 */ - { 93, 7, 12, 0, 0, }, /* 670 */ - { 93, 21, 12, 0, 0, }, /* 671 */ - { 93, 15, 12, 0, 0, }, /* 672 */ - { 93, 13, 12, 0, 0, }, /* 673 */ - { 84, 12, 3, 0, 0, }, /* 674 */ - { 84, 10, 5, 0, 0, }, /* 675 */ - { 84, 7, 12, 0, 0, }, /* 676 */ - { 84, 21, 12, 0, 0, }, /* 677 */ - { 84, 1, 4, 0, 0, }, /* 678 */ - { 100, 7, 12, 0, 0, }, /* 679 */ - { 100, 13, 12, 0, 0, }, /* 680 */ - { 95, 12, 3, 0, 0, }, /* 681 */ - { 95, 7, 12, 0, 0, }, /* 682 */ - { 95, 10, 5, 0, 0, }, /* 683 */ - { 95, 13, 12, 0, 0, }, /* 684 */ - { 95, 21, 12, 0, 0, }, /* 685 */ - { 110, 7, 12, 0, 0, }, /* 686 */ - { 110, 12, 3, 0, 0, }, /* 687 */ - { 110, 21, 12, 0, 0, }, /* 688 */ - { 99, 12, 3, 0, 0, }, /* 689 */ - { 99, 10, 5, 0, 0, }, /* 690 */ - { 99, 7, 12, 0, 0, }, /* 691 */ - { 99, 7, 4, 0, 0, }, /* 692 */ - { 99, 21, 12, 0, 0, }, /* 693 */ - { 99, 13, 12, 0, 0, }, /* 694 */ - { 47, 15, 12, 0, 0, }, /* 695 */ - { 107, 7, 12, 0, 0, }, /* 696 */ - { 107, 10, 5, 0, 0, }, /* 697 */ - { 107, 12, 3, 0, 0, }, /* 698 */ - { 107, 21, 12, 0, 0, }, /* 699 */ - { 128, 7, 12, 0, 0, }, /* 700 */ - { 128, 21, 12, 0, 0, }, /* 701 */ - { 108, 7, 12, 0, 0, }, /* 702 */ - { 108, 12, 3, 0, 0, }, /* 703 */ - { 108, 10, 5, 0, 0, }, /* 704 */ - { 108, 13, 12, 0, 0, }, /* 705 */ - { 106, 12, 3, 0, 0, }, /* 706 */ - { 106, 10, 5, 0, 0, }, /* 707 */ - { 106, 7, 12, 0, 0, }, /* 708 */ - { 106, 10, 3, 0, 0, }, /* 709 */ - { 134, 7, 12, 0, 0, }, /* 710 */ - { 134, 10, 5, 0, 0, }, /* 711 */ - { 134, 12, 3, 0, 0, }, /* 712 */ - { 134, 21, 12, 0, 0, }, /* 713 */ - { 134, 13, 12, 0, 0, }, /* 714 */ - { 123, 7, 12, 0, 0, }, /* 715 */ - { 123, 10, 3, 0, 0, }, /* 716 */ - { 123, 10, 5, 0, 0, }, /* 717 */ - { 123, 12, 3, 0, 0, }, /* 718 */ - { 123, 21, 12, 0, 0, }, /* 719 */ - { 123, 13, 12, 0, 0, }, /* 720 */ - { 122, 7, 12, 0, 0, }, /* 721 */ - { 122, 10, 3, 0, 0, }, /* 722 */ - { 122, 10, 5, 0, 0, }, /* 723 */ - { 122, 12, 3, 0, 0, }, /* 724 */ - { 122, 21, 12, 0, 0, }, /* 725 */ - { 113, 7, 12, 0, 0, }, /* 726 */ - { 113, 10, 5, 0, 0, }, /* 727 */ - { 113, 12, 3, 0, 0, }, /* 728 */ - { 113, 21, 12, 0, 0, }, /* 729 */ - { 113, 13, 12, 0, 0, }, /* 730 */ - { 101, 7, 12, 0, 0, }, /* 731 */ - { 101, 12, 3, 0, 0, }, /* 732 */ - { 101, 10, 5, 0, 0, }, /* 733 */ - { 101, 13, 12, 0, 0, }, /* 734 */ - { 125, 7, 12, 0, 0, }, /* 735 */ - { 125, 12, 3, 0, 0, }, /* 736 */ - { 125, 10, 5, 0, 0, }, /* 737 */ - { 125, 13, 12, 0, 0, }, /* 738 */ - { 125, 15, 12, 0, 0, }, /* 739 */ - { 125, 21, 12, 0, 0, }, /* 740 */ - { 125, 26, 12, 0, 0, }, /* 741 */ - { 124, 9, 12, 0, 32, }, /* 742 */ - { 124, 5, 12, 0, -32, }, /* 743 */ - { 124, 13, 12, 0, 0, }, /* 744 */ - { 124, 15, 12, 0, 0, }, /* 745 */ - { 124, 7, 12, 0, 0, }, /* 746 */ - { 140, 7, 12, 0, 0, }, /* 747 */ - { 140, 12, 3, 0, 0, }, /* 748 */ - { 140, 10, 5, 0, 0, }, /* 749 */ - { 140, 7, 4, 0, 0, }, /* 750 */ - { 140, 21, 12, 0, 0, }, /* 751 */ - { 139, 7, 12, 0, 0, }, /* 752 */ - { 139, 12, 3, 0, 0, }, /* 753 */ - { 139, 10, 5, 0, 0, }, /* 754 */ - { 139, 7, 4, 0, 0, }, /* 755 */ - { 139, 21, 12, 0, 0, }, /* 756 */ - { 121, 7, 12, 0, 0, }, /* 757 */ - { 132, 7, 12, 0, 0, }, /* 758 */ - { 132, 10, 5, 0, 0, }, /* 759 */ - { 132, 12, 3, 0, 0, }, /* 760 */ - { 132, 21, 12, 0, 0, }, /* 761 */ - { 132, 13, 12, 0, 0, }, /* 762 */ - { 132, 15, 12, 0, 0, }, /* 763 */ - { 133, 21, 12, 0, 0, }, /* 764 */ - { 133, 7, 12, 0, 0, }, /* 765 */ - { 133, 12, 3, 0, 0, }, /* 766 */ - { 133, 10, 5, 0, 0, }, /* 767 */ - { 137, 7, 12, 0, 0, }, /* 768 */ - { 137, 12, 3, 0, 0, }, /* 769 */ - { 137, 7, 4, 0, 0, }, /* 770 */ - { 137, 13, 12, 0, 0, }, /* 771 */ - { 62, 7, 12, 0, 0, }, /* 772 */ - { 62, 14, 12, 0, 0, }, /* 773 */ - { 62, 21, 12, 0, 0, }, /* 774 */ - { 79, 7, 12, 0, 0, }, /* 775 */ - { 126, 7, 12, 0, 0, }, /* 776 */ - { 114, 7, 12, 0, 0, }, /* 777 */ - { 114, 13, 12, 0, 0, }, /* 778 */ - { 114, 21, 12, 0, 0, }, /* 779 */ - { 102, 7, 12, 0, 0, }, /* 780 */ - { 102, 12, 3, 0, 0, }, /* 781 */ - { 102, 21, 12, 0, 0, }, /* 782 */ - { 118, 7, 12, 0, 0, }, /* 783 */ - { 118, 12, 3, 0, 0, }, /* 784 */ - { 118, 21, 12, 0, 0, }, /* 785 */ - { 118, 26, 12, 0, 0, }, /* 786 */ - { 118, 6, 12, 0, 0, }, /* 787 */ - { 118, 13, 12, 0, 0, }, /* 788 */ - { 118, 15, 12, 0, 0, }, /* 789 */ - { 98, 7, 12, 0, 0, }, /* 790 */ - { 98, 10, 5, 0, 0, }, /* 791 */ - { 98, 12, 3, 0, 0, }, /* 792 */ - { 98, 6, 12, 0, 0, }, /* 793 */ - { 136, 6, 12, 0, 0, }, /* 794 */ - { 138, 6, 12, 0, 0, }, /* 795 */ - { 136, 7, 12, 0, 0, }, /* 796 */ - { 138, 7, 12, 0, 0, }, /* 797 */ - { 104, 7, 12, 0, 0, }, /* 798 */ - { 104, 26, 12, 0, 0, }, /* 799 */ - { 104, 12, 3, 0, 0, }, /* 800 */ - { 104, 21, 12, 0, 0, }, /* 801 */ - { 9, 10, 3, 0, 0, }, /* 802 */ - { 19, 12, 3, 0, 0, }, /* 803 */ - { 130, 26, 12, 0, 0, }, /* 804 */ - { 130, 12, 3, 0, 0, }, /* 805 */ - { 130, 21, 12, 0, 0, }, /* 806 */ - { 17, 12, 3, 0, 0, }, /* 807 */ - { 112, 7, 12, 0, 0, }, /* 808 */ - { 112, 15, 12, 0, 0, }, /* 809 */ - { 112, 12, 3, 0, 0, }, /* 810 */ - { 131, 9, 12, 0, 34, }, /* 811 */ - { 131, 5, 12, 0, -34, }, /* 812 */ - { 131, 12, 3, 0, 0, }, /* 813 */ - { 131, 13, 12, 0, 0, }, /* 814 */ - { 131, 21, 12, 0, 0, }, /* 815 */ - { 9, 26, 11, 0, 0, }, /* 816 */ - { 26, 26, 12, 0, 0, }, /* 817 */ - { 9, 24, 14, 0, 0, }, /* 818 */ - { 9, 26, 15, 0, 0, }, /* 819 */ - { 9, 1, 3, 0, 0, }, /* 820 */ + { 1, 5, 12, 0, -48, }, /* 201 */ + { 1, 17, 12, 0, 0, }, /* 202 */ + { 1, 26, 12, 0, 0, }, /* 203 */ + { 1, 23, 12, 0, 0, }, /* 204 */ + { 25, 12, 3, 0, 0, }, /* 205 */ + { 25, 17, 12, 0, 0, }, /* 206 */ + { 25, 21, 12, 0, 0, }, /* 207 */ + { 25, 7, 12, 0, 0, }, /* 208 */ + { 0, 1, 4, 0, 0, }, /* 209 */ + { 9, 1, 4, 0, 0, }, /* 210 */ + { 0, 25, 12, 0, 0, }, /* 211 */ + { 0, 21, 12, 0, 0, }, /* 212 */ + { 0, 23, 12, 0, 0, }, /* 213 */ + { 0, 26, 12, 0, 0, }, /* 214 */ + { 0, 12, 3, 0, 0, }, /* 215 */ + { 0, 1, 2, 0, 0, }, /* 216 */ + { 0, 7, 12, 0, 0, }, /* 217 */ + { 0, 13, 12, 0, 0, }, /* 218 */ + { 0, 6, 12, 0, 0, }, /* 219 */ + { 49, 21, 12, 0, 0, }, /* 220 */ + { 49, 1, 4, 0, 0, }, /* 221 */ + { 49, 7, 12, 0, 0, }, /* 222 */ + { 49, 12, 3, 0, 0, }, /* 223 */ + { 55, 7, 12, 0, 0, }, /* 224 */ + { 55, 12, 3, 0, 0, }, /* 225 */ + { 63, 13, 12, 0, 0, }, /* 226 */ + { 63, 7, 12, 0, 0, }, /* 227 */ + { 63, 12, 3, 0, 0, }, /* 228 */ + { 63, 6, 12, 0, 0, }, /* 229 */ + { 63, 26, 12, 0, 0, }, /* 230 */ + { 63, 21, 12, 0, 0, }, /* 231 */ + { 63, 23, 12, 0, 0, }, /* 232 */ + { 89, 7, 12, 0, 0, }, /* 233 */ + { 89, 12, 3, 0, 0, }, /* 234 */ + { 89, 6, 12, 0, 0, }, /* 235 */ + { 89, 21, 12, 0, 0, }, /* 236 */ + { 94, 7, 12, 0, 0, }, /* 237 */ + { 94, 12, 3, 0, 0, }, /* 238 */ + { 94, 21, 12, 0, 0, }, /* 239 */ + { 14, 12, 3, 0, 0, }, /* 240 */ + { 14, 10, 5, 0, 0, }, /* 241 */ + { 14, 7, 12, 0, 0, }, /* 242 */ + { 14, 13, 12, 0, 0, }, /* 243 */ + { 14, 21, 12, 0, 0, }, /* 244 */ + { 14, 6, 12, 0, 0, }, /* 245 */ + { 2, 7, 12, 0, 0, }, /* 246 */ + { 2, 12, 3, 0, 0, }, /* 247 */ + { 2, 10, 5, 0, 0, }, /* 248 */ + { 2, 10, 3, 0, 0, }, /* 249 */ + { 2, 13, 12, 0, 0, }, /* 250 */ + { 2, 23, 12, 0, 0, }, /* 251 */ + { 2, 15, 12, 0, 0, }, /* 252 */ + { 2, 26, 12, 0, 0, }, /* 253 */ + { 2, 21, 12, 0, 0, }, /* 254 */ + { 21, 12, 3, 0, 0, }, /* 255 */ + { 21, 10, 5, 0, 0, }, /* 256 */ + { 21, 7, 12, 0, 0, }, /* 257 */ + { 21, 13, 12, 0, 0, }, /* 258 */ + { 21, 21, 12, 0, 0, }, /* 259 */ + { 20, 12, 3, 0, 0, }, /* 260 */ + { 20, 10, 5, 0, 0, }, /* 261 */ + { 20, 7, 12, 0, 0, }, /* 262 */ + { 20, 13, 12, 0, 0, }, /* 263 */ + { 20, 21, 12, 0, 0, }, /* 264 */ + { 20, 23, 12, 0, 0, }, /* 265 */ + { 43, 12, 3, 0, 0, }, /* 266 */ + { 43, 10, 5, 0, 0, }, /* 267 */ + { 43, 7, 12, 0, 0, }, /* 268 */ + { 43, 10, 3, 0, 0, }, /* 269 */ + { 43, 13, 12, 0, 0, }, /* 270 */ + { 43, 26, 12, 0, 0, }, /* 271 */ + { 43, 15, 12, 0, 0, }, /* 272 */ + { 53, 12, 3, 0, 0, }, /* 273 */ + { 53, 7, 12, 0, 0, }, /* 274 */ + { 53, 10, 3, 0, 0, }, /* 275 */ + { 53, 10, 5, 0, 0, }, /* 276 */ + { 53, 13, 12, 0, 0, }, /* 277 */ + { 53, 15, 12, 0, 0, }, /* 278 */ + { 53, 26, 12, 0, 0, }, /* 279 */ + { 53, 23, 12, 0, 0, }, /* 280 */ + { 54, 12, 3, 0, 0, }, /* 281 */ + { 54, 10, 5, 0, 0, }, /* 282 */ + { 54, 7, 12, 0, 0, }, /* 283 */ + { 54, 13, 12, 0, 0, }, /* 284 */ + { 54, 15, 12, 0, 0, }, /* 285 */ + { 54, 26, 12, 0, 0, }, /* 286 */ + { 28, 7, 12, 0, 0, }, /* 287 */ + { 28, 12, 3, 0, 0, }, /* 288 */ + { 28, 10, 5, 0, 0, }, /* 289 */ + { 28, 21, 12, 0, 0, }, /* 290 */ + { 28, 10, 3, 0, 0, }, /* 291 */ + { 28, 13, 12, 0, 0, }, /* 292 */ + { 36, 12, 3, 0, 0, }, /* 293 */ + { 36, 10, 5, 0, 0, }, /* 294 */ + { 36, 7, 12, 0, 0, }, /* 295 */ + { 36, 10, 3, 0, 0, }, /* 296 */ + { 36, 7, 4, 0, 0, }, /* 297 */ + { 36, 26, 12, 0, 0, }, /* 298 */ + { 36, 15, 12, 0, 0, }, /* 299 */ + { 36, 13, 12, 0, 0, }, /* 300 */ + { 47, 10, 5, 0, 0, }, /* 301 */ + { 47, 7, 12, 0, 0, }, /* 302 */ + { 47, 12, 3, 0, 0, }, /* 303 */ + { 47, 10, 3, 0, 0, }, /* 304 */ + { 47, 13, 12, 0, 0, }, /* 305 */ + { 47, 21, 12, 0, 0, }, /* 306 */ + { 56, 7, 12, 0, 0, }, /* 307 */ + { 56, 12, 3, 0, 0, }, /* 308 */ + { 56, 7, 5, 0, 0, }, /* 309 */ + { 56, 6, 12, 0, 0, }, /* 310 */ + { 56, 21, 12, 0, 0, }, /* 311 */ + { 56, 13, 12, 0, 0, }, /* 312 */ + { 32, 7, 12, 0, 0, }, /* 313 */ + { 32, 12, 3, 0, 0, }, /* 314 */ + { 32, 7, 5, 0, 0, }, /* 315 */ + { 32, 6, 12, 0, 0, }, /* 316 */ + { 32, 13, 12, 0, 0, }, /* 317 */ + { 57, 7, 12, 0, 0, }, /* 318 */ + { 57, 26, 12, 0, 0, }, /* 319 */ + { 57, 21, 12, 0, 0, }, /* 320 */ + { 57, 12, 3, 0, 0, }, /* 321 */ + { 57, 13, 12, 0, 0, }, /* 322 */ + { 57, 15, 12, 0, 0, }, /* 323 */ + { 57, 22, 12, 0, 0, }, /* 324 */ + { 57, 18, 12, 0, 0, }, /* 325 */ + { 57, 10, 5, 0, 0, }, /* 326 */ + { 38, 7, 12, 0, 0, }, /* 327 */ + { 38, 10, 12, 0, 0, }, /* 328 */ + { 38, 12, 3, 0, 0, }, /* 329 */ + { 38, 10, 5, 0, 0, }, /* 330 */ + { 38, 13, 12, 0, 0, }, /* 331 */ + { 38, 21, 12, 0, 0, }, /* 332 */ + { 38, 26, 12, 0, 0, }, /* 333 */ + { 16, 9, 12, 0, 7264, }, /* 334 */ + { 16, 5, 12, 0, 3008, }, /* 335 */ + { 16, 6, 12, 0, 0, }, /* 336 */ + { 23, 7, 6, 0, 0, }, /* 337 */ + { 23, 7, 7, 0, 0, }, /* 338 */ + { 23, 7, 8, 0, 0, }, /* 339 */ + { 15, 7, 12, 0, 0, }, /* 340 */ + { 15, 12, 3, 0, 0, }, /* 341 */ + { 15, 21, 12, 0, 0, }, /* 342 */ + { 15, 15, 12, 0, 0, }, /* 343 */ + { 15, 26, 12, 0, 0, }, /* 344 */ + { 8, 9, 12, 0, 38864, }, /* 345 */ + { 8, 9, 12, 0, 8, }, /* 346 */ + { 8, 5, 12, 0, -8, }, /* 347 */ + { 7, 17, 12, 0, 0, }, /* 348 */ + { 7, 7, 12, 0, 0, }, /* 349 */ + { 7, 21, 12, 0, 0, }, /* 350 */ + { 40, 29, 12, 0, 0, }, /* 351 */ + { 40, 7, 12, 0, 0, }, /* 352 */ + { 40, 22, 12, 0, 0, }, /* 353 */ + { 40, 18, 12, 0, 0, }, /* 354 */ + { 45, 7, 12, 0, 0, }, /* 355 */ + { 45, 14, 12, 0, 0, }, /* 356 */ + { 50, 7, 12, 0, 0, }, /* 357 */ + { 50, 12, 3, 0, 0, }, /* 358 */ + { 24, 7, 12, 0, 0, }, /* 359 */ + { 24, 12, 3, 0, 0, }, /* 360 */ + { 6, 7, 12, 0, 0, }, /* 361 */ + { 6, 12, 3, 0, 0, }, /* 362 */ + { 51, 7, 12, 0, 0, }, /* 363 */ + { 51, 12, 3, 0, 0, }, /* 364 */ + { 31, 7, 12, 0, 0, }, /* 365 */ + { 31, 12, 3, 0, 0, }, /* 366 */ + { 31, 10, 5, 0, 0, }, /* 367 */ + { 31, 21, 12, 0, 0, }, /* 368 */ + { 31, 6, 12, 0, 0, }, /* 369 */ + { 31, 23, 12, 0, 0, }, /* 370 */ + { 31, 13, 12, 0, 0, }, /* 371 */ + { 31, 15, 12, 0, 0, }, /* 372 */ + { 37, 21, 12, 0, 0, }, /* 373 */ + { 37, 17, 12, 0, 0, }, /* 374 */ + { 37, 12, 3, 0, 0, }, /* 375 */ + { 37, 1, 2, 0, 0, }, /* 376 */ + { 37, 13, 12, 0, 0, }, /* 377 */ + { 37, 7, 12, 0, 0, }, /* 378 */ + { 37, 6, 12, 0, 0, }, /* 379 */ + { 34, 7, 12, 0, 0, }, /* 380 */ + { 34, 12, 3, 0, 0, }, /* 381 */ + { 34, 10, 5, 0, 0, }, /* 382 */ + { 34, 26, 12, 0, 0, }, /* 383 */ + { 34, 21, 12, 0, 0, }, /* 384 */ + { 34, 13, 12, 0, 0, }, /* 385 */ + { 52, 7, 12, 0, 0, }, /* 386 */ + { 39, 7, 12, 0, 0, }, /* 387 */ + { 39, 13, 12, 0, 0, }, /* 388 */ + { 39, 15, 12, 0, 0, }, /* 389 */ + { 39, 26, 12, 0, 0, }, /* 390 */ + { 31, 26, 12, 0, 0, }, /* 391 */ + { 5, 7, 12, 0, 0, }, /* 392 */ + { 5, 12, 3, 0, 0, }, /* 393 */ + { 5, 10, 5, 0, 0, }, /* 394 */ + { 5, 21, 12, 0, 0, }, /* 395 */ + { 90, 7, 12, 0, 0, }, /* 396 */ + { 90, 10, 5, 0, 0, }, /* 397 */ + { 90, 12, 3, 0, 0, }, /* 398 */ + { 90, 10, 12, 0, 0, }, /* 399 */ + { 90, 13, 12, 0, 0, }, /* 400 */ + { 90, 21, 12, 0, 0, }, /* 401 */ + { 90, 6, 12, 0, 0, }, /* 402 */ + { 27, 11, 3, 0, 0, }, /* 403 */ + { 61, 12, 3, 0, 0, }, /* 404 */ + { 61, 10, 5, 0, 0, }, /* 405 */ + { 61, 7, 12, 0, 0, }, /* 406 */ + { 61, 13, 12, 0, 0, }, /* 407 */ + { 61, 21, 12, 0, 0, }, /* 408 */ + { 61, 26, 12, 0, 0, }, /* 409 */ + { 75, 12, 3, 0, 0, }, /* 410 */ + { 75, 10, 5, 0, 0, }, /* 411 */ + { 75, 7, 12, 0, 0, }, /* 412 */ + { 75, 13, 12, 0, 0, }, /* 413 */ + { 92, 7, 12, 0, 0, }, /* 414 */ + { 92, 12, 3, 0, 0, }, /* 415 */ + { 92, 10, 5, 0, 0, }, /* 416 */ + { 92, 21, 12, 0, 0, }, /* 417 */ + { 69, 7, 12, 0, 0, }, /* 418 */ + { 69, 10, 5, 0, 0, }, /* 419 */ + { 69, 12, 3, 0, 0, }, /* 420 */ + { 69, 21, 12, 0, 0, }, /* 421 */ + { 69, 13, 12, 0, 0, }, /* 422 */ + { 72, 13, 12, 0, 0, }, /* 423 */ + { 72, 7, 12, 0, 0, }, /* 424 */ + { 72, 6, 12, 0, 0, }, /* 425 */ + { 72, 21, 12, 0, 0, }, /* 426 */ + { 12, 5, 12, 63, -6222, }, /* 427 */ + { 12, 5, 12, 67, -6221, }, /* 428 */ + { 12, 5, 12, 71, -6212, }, /* 429 */ + { 12, 5, 12, 75, -6210, }, /* 430 */ + { 12, 5, 12, 79, -6210, }, /* 431 */ + { 12, 5, 12, 79, -6211, }, /* 432 */ + { 12, 5, 12, 84, -6204, }, /* 433 */ + { 12, 5, 12, 88, -6180, }, /* 434 */ + { 12, 5, 12, 108, 35267, }, /* 435 */ + { 16, 9, 12, 0, -3008, }, /* 436 */ + { 75, 21, 12, 0, 0, }, /* 437 */ + { 9, 10, 5, 0, 0, }, /* 438 */ + { 9, 7, 12, 0, 0, }, /* 439 */ + { 12, 5, 12, 0, 0, }, /* 440 */ + { 12, 6, 12, 0, 0, }, /* 441 */ + { 33, 5, 12, 0, 35332, }, /* 442 */ + { 33, 5, 12, 0, 3814, }, /* 443 */ + { 33, 9, 12, 92, 1, }, /* 444 */ + { 33, 5, 12, 92, -1, }, /* 445 */ + { 33, 5, 12, 92, -58, }, /* 446 */ + { 33, 9, 12, 0, -7615, }, /* 447 */ + { 19, 5, 12, 0, 8, }, /* 448 */ + { 19, 9, 12, 0, -8, }, /* 449 */ + { 19, 5, 12, 0, 74, }, /* 450 */ + { 19, 5, 12, 0, 86, }, /* 451 */ + { 19, 5, 12, 0, 100, }, /* 452 */ + { 19, 5, 12, 0, 128, }, /* 453 */ + { 19, 5, 12, 0, 112, }, /* 454 */ + { 19, 5, 12, 0, 126, }, /* 455 */ + { 19, 8, 12, 0, -8, }, /* 456 */ + { 19, 5, 12, 0, 9, }, /* 457 */ + { 19, 9, 12, 0, -74, }, /* 458 */ + { 19, 8, 12, 0, -9, }, /* 459 */ + { 19, 5, 12, 21, -7173, }, /* 460 */ + { 19, 9, 12, 0, -86, }, /* 461 */ + { 19, 9, 12, 0, -100, }, /* 462 */ + { 19, 9, 12, 0, -112, }, /* 463 */ + { 19, 9, 12, 0, -128, }, /* 464 */ + { 19, 9, 12, 0, -126, }, /* 465 */ + { 27, 1, 3, 0, 0, }, /* 466 */ + { 27, 1, 13, 0, 0, }, /* 467 */ + { 9, 27, 2, 0, 0, }, /* 468 */ + { 9, 28, 2, 0, 0, }, /* 469 */ + { 9, 21, 14, 0, 0, }, /* 470 */ + { 9, 2, 2, 0, 0, }, /* 471 */ + { 9, 9, 12, 0, 0, }, /* 472 */ + { 9, 5, 12, 0, 0, }, /* 473 */ + { 19, 9, 12, 96, -7517, }, /* 474 */ + { 33, 9, 12, 100, -8383, }, /* 475 */ + { 33, 9, 12, 104, -8262, }, /* 476 */ + { 33, 9, 12, 0, 28, }, /* 477 */ + { 9, 5, 14, 0, 0, }, /* 478 */ + { 33, 5, 12, 0, -28, }, /* 479 */ + { 33, 14, 12, 0, 16, }, /* 480 */ + { 33, 14, 12, 0, -16, }, /* 481 */ + { 33, 14, 12, 0, 0, }, /* 482 */ + { 9, 25, 14, 0, 0, }, /* 483 */ + { 9, 26, 12, 0, 26, }, /* 484 */ + { 9, 26, 14, 0, 26, }, /* 485 */ + { 9, 26, 12, 0, -26, }, /* 486 */ + { 4, 26, 12, 0, 0, }, /* 487 */ + { 17, 9, 12, 0, 48, }, /* 488 */ + { 17, 5, 12, 0, -48, }, /* 489 */ + { 33, 9, 12, 0, -10743, }, /* 490 */ + { 33, 9, 12, 0, -3814, }, /* 491 */ + { 33, 9, 12, 0, -10727, }, /* 492 */ + { 33, 5, 12, 0, -10795, }, /* 493 */ + { 33, 5, 12, 0, -10792, }, /* 494 */ + { 33, 9, 12, 0, -10780, }, /* 495 */ + { 33, 9, 12, 0, -10749, }, /* 496 */ + { 33, 9, 12, 0, -10783, }, /* 497 */ + { 33, 9, 12, 0, -10782, }, /* 498 */ + { 33, 9, 12, 0, -10815, }, /* 499 */ + { 10, 5, 12, 0, 0, }, /* 500 */ + { 10, 26, 12, 0, 0, }, /* 501 */ + { 10, 12, 3, 0, 0, }, /* 502 */ + { 10, 21, 12, 0, 0, }, /* 503 */ + { 10, 15, 12, 0, 0, }, /* 504 */ + { 16, 5, 12, 0, -7264, }, /* 505 */ + { 58, 7, 12, 0, 0, }, /* 506 */ + { 58, 6, 12, 0, 0, }, /* 507 */ + { 58, 21, 12, 0, 0, }, /* 508 */ + { 58, 12, 3, 0, 0, }, /* 509 */ + { 22, 26, 12, 0, 0, }, /* 510 */ + { 22, 6, 12, 0, 0, }, /* 511 */ + { 22, 14, 12, 0, 0, }, /* 512 */ + { 23, 10, 3, 0, 0, }, /* 513 */ + { 9, 17, 14, 0, 0, }, /* 514 */ + { 26, 7, 12, 0, 0, }, /* 515 */ + { 26, 6, 12, 0, 0, }, /* 516 */ + { 29, 7, 12, 0, 0, }, /* 517 */ + { 29, 6, 12, 0, 0, }, /* 518 */ + { 3, 7, 12, 0, 0, }, /* 519 */ + { 23, 7, 12, 0, 0, }, /* 520 */ + { 23, 26, 12, 0, 0, }, /* 521 */ + { 29, 26, 12, 0, 0, }, /* 522 */ + { 22, 7, 12, 0, 0, }, /* 523 */ + { 60, 7, 12, 0, 0, }, /* 524 */ + { 60, 6, 12, 0, 0, }, /* 525 */ + { 60, 26, 12, 0, 0, }, /* 526 */ + { 85, 7, 12, 0, 0, }, /* 527 */ + { 85, 6, 12, 0, 0, }, /* 528 */ + { 85, 21, 12, 0, 0, }, /* 529 */ + { 76, 7, 12, 0, 0, }, /* 530 */ + { 76, 6, 12, 0, 0, }, /* 531 */ + { 76, 21, 12, 0, 0, }, /* 532 */ + { 76, 13, 12, 0, 0, }, /* 533 */ + { 12, 9, 12, 108, 1, }, /* 534 */ + { 12, 5, 12, 108, -35267, }, /* 535 */ + { 12, 7, 12, 0, 0, }, /* 536 */ + { 12, 21, 12, 0, 0, }, /* 537 */ + { 78, 7, 12, 0, 0, }, /* 538 */ + { 78, 14, 12, 0, 0, }, /* 539 */ + { 78, 12, 3, 0, 0, }, /* 540 */ + { 78, 21, 12, 0, 0, }, /* 541 */ + { 33, 9, 12, 0, -35332, }, /* 542 */ + { 33, 9, 12, 0, -42280, }, /* 543 */ + { 33, 9, 12, 0, -42308, }, /* 544 */ + { 33, 9, 12, 0, -42319, }, /* 545 */ + { 33, 9, 12, 0, -42315, }, /* 546 */ + { 33, 9, 12, 0, -42305, }, /* 547 */ + { 33, 9, 12, 0, -42258, }, /* 548 */ + { 33, 9, 12, 0, -42282, }, /* 549 */ + { 33, 9, 12, 0, -42261, }, /* 550 */ + { 33, 9, 12, 0, 928, }, /* 551 */ + { 48, 7, 12, 0, 0, }, /* 552 */ + { 48, 12, 3, 0, 0, }, /* 553 */ + { 48, 10, 5, 0, 0, }, /* 554 */ + { 48, 26, 12, 0, 0, }, /* 555 */ + { 64, 7, 12, 0, 0, }, /* 556 */ + { 64, 21, 12, 0, 0, }, /* 557 */ + { 74, 10, 5, 0, 0, }, /* 558 */ + { 74, 7, 12, 0, 0, }, /* 559 */ + { 74, 12, 3, 0, 0, }, /* 560 */ + { 74, 21, 12, 0, 0, }, /* 561 */ + { 74, 13, 12, 0, 0, }, /* 562 */ + { 68, 13, 12, 0, 0, }, /* 563 */ + { 68, 7, 12, 0, 0, }, /* 564 */ + { 68, 12, 3, 0, 0, }, /* 565 */ + { 68, 21, 12, 0, 0, }, /* 566 */ + { 73, 7, 12, 0, 0, }, /* 567 */ + { 73, 12, 3, 0, 0, }, /* 568 */ + { 73, 10, 5, 0, 0, }, /* 569 */ + { 73, 21, 12, 0, 0, }, /* 570 */ + { 83, 12, 3, 0, 0, }, /* 571 */ + { 83, 10, 5, 0, 0, }, /* 572 */ + { 83, 7, 12, 0, 0, }, /* 573 */ + { 83, 21, 12, 0, 0, }, /* 574 */ + { 83, 13, 12, 0, 0, }, /* 575 */ + { 38, 6, 12, 0, 0, }, /* 576 */ + { 67, 7, 12, 0, 0, }, /* 577 */ + { 67, 12, 3, 0, 0, }, /* 578 */ + { 67, 10, 5, 0, 0, }, /* 579 */ + { 67, 13, 12, 0, 0, }, /* 580 */ + { 67, 21, 12, 0, 0, }, /* 581 */ + { 91, 7, 12, 0, 0, }, /* 582 */ + { 91, 12, 3, 0, 0, }, /* 583 */ + { 91, 6, 12, 0, 0, }, /* 584 */ + { 91, 21, 12, 0, 0, }, /* 585 */ + { 86, 7, 12, 0, 0, }, /* 586 */ + { 86, 10, 5, 0, 0, }, /* 587 */ + { 86, 12, 3, 0, 0, }, /* 588 */ + { 86, 21, 12, 0, 0, }, /* 589 */ + { 86, 6, 12, 0, 0, }, /* 590 */ + { 33, 5, 12, 0, -928, }, /* 591 */ + { 8, 5, 12, 0, -38864, }, /* 592 */ + { 86, 13, 12, 0, 0, }, /* 593 */ + { 23, 7, 9, 0, 0, }, /* 594 */ + { 23, 7, 10, 0, 0, }, /* 595 */ + { 9, 4, 2, 0, 0, }, /* 596 */ + { 9, 3, 12, 0, 0, }, /* 597 */ + { 25, 25, 12, 0, 0, }, /* 598 */ + { 0, 24, 12, 0, 0, }, /* 599 */ + { 9, 6, 3, 0, 0, }, /* 600 */ + { 35, 7, 12, 0, 0, }, /* 601 */ + { 19, 14, 12, 0, 0, }, /* 602 */ + { 19, 15, 12, 0, 0, }, /* 603 */ + { 19, 26, 12, 0, 0, }, /* 604 */ + { 70, 7, 12, 0, 0, }, /* 605 */ + { 66, 7, 12, 0, 0, }, /* 606 */ + { 41, 7, 12, 0, 0, }, /* 607 */ + { 41, 15, 12, 0, 0, }, /* 608 */ + { 18, 7, 12, 0, 0, }, /* 609 */ + { 18, 14, 12, 0, 0, }, /* 610 */ + { 117, 7, 12, 0, 0, }, /* 611 */ + { 117, 12, 3, 0, 0, }, /* 612 */ + { 59, 7, 12, 0, 0, }, /* 613 */ + { 59, 21, 12, 0, 0, }, /* 614 */ + { 42, 7, 12, 0, 0, }, /* 615 */ + { 42, 21, 12, 0, 0, }, /* 616 */ + { 42, 14, 12, 0, 0, }, /* 617 */ + { 13, 9, 12, 0, 40, }, /* 618 */ + { 13, 5, 12, 0, -40, }, /* 619 */ + { 46, 7, 12, 0, 0, }, /* 620 */ + { 44, 7, 12, 0, 0, }, /* 621 */ + { 44, 13, 12, 0, 0, }, /* 622 */ + { 135, 9, 12, 0, 40, }, /* 623 */ + { 135, 5, 12, 0, -40, }, /* 624 */ + { 105, 7, 12, 0, 0, }, /* 625 */ + { 103, 7, 12, 0, 0, }, /* 626 */ + { 103, 21, 12, 0, 0, }, /* 627 */ + { 109, 7, 12, 0, 0, }, /* 628 */ + { 11, 7, 12, 0, 0, }, /* 629 */ + { 80, 7, 12, 0, 0, }, /* 630 */ + { 80, 21, 12, 0, 0, }, /* 631 */ + { 80, 15, 12, 0, 0, }, /* 632 */ + { 119, 7, 12, 0, 0, }, /* 633 */ + { 119, 26, 12, 0, 0, }, /* 634 */ + { 119, 15, 12, 0, 0, }, /* 635 */ + { 115, 7, 12, 0, 0, }, /* 636 */ + { 115, 15, 12, 0, 0, }, /* 637 */ + { 127, 7, 12, 0, 0, }, /* 638 */ + { 127, 15, 12, 0, 0, }, /* 639 */ + { 65, 7, 12, 0, 0, }, /* 640 */ + { 65, 15, 12, 0, 0, }, /* 641 */ + { 65, 21, 12, 0, 0, }, /* 642 */ + { 71, 7, 12, 0, 0, }, /* 643 */ + { 71, 21, 12, 0, 0, }, /* 644 */ + { 97, 7, 12, 0, 0, }, /* 645 */ + { 96, 7, 12, 0, 0, }, /* 646 */ + { 96, 15, 12, 0, 0, }, /* 647 */ + { 30, 7, 12, 0, 0, }, /* 648 */ + { 30, 12, 3, 0, 0, }, /* 649 */ + { 30, 15, 12, 0, 0, }, /* 650 */ + { 30, 21, 12, 0, 0, }, /* 651 */ + { 87, 7, 12, 0, 0, }, /* 652 */ + { 87, 15, 12, 0, 0, }, /* 653 */ + { 87, 21, 12, 0, 0, }, /* 654 */ + { 116, 7, 12, 0, 0, }, /* 655 */ + { 116, 15, 12, 0, 0, }, /* 656 */ + { 111, 7, 12, 0, 0, }, /* 657 */ + { 111, 26, 12, 0, 0, }, /* 658 */ + { 111, 12, 3, 0, 0, }, /* 659 */ + { 111, 15, 12, 0, 0, }, /* 660 */ + { 111, 21, 12, 0, 0, }, /* 661 */ + { 77, 7, 12, 0, 0, }, /* 662 */ + { 77, 21, 12, 0, 0, }, /* 663 */ + { 82, 7, 12, 0, 0, }, /* 664 */ + { 82, 15, 12, 0, 0, }, /* 665 */ + { 81, 7, 12, 0, 0, }, /* 666 */ + { 81, 15, 12, 0, 0, }, /* 667 */ + { 120, 7, 12, 0, 0, }, /* 668 */ + { 120, 21, 12, 0, 0, }, /* 669 */ + { 120, 15, 12, 0, 0, }, /* 670 */ + { 88, 7, 12, 0, 0, }, /* 671 */ + { 129, 9, 12, 0, 64, }, /* 672 */ + { 129, 5, 12, 0, -64, }, /* 673 */ + { 129, 15, 12, 0, 0, }, /* 674 */ + { 143, 7, 12, 0, 0, }, /* 675 */ + { 143, 12, 3, 0, 0, }, /* 676 */ + { 143, 13, 12, 0, 0, }, /* 677 */ + { 0, 15, 12, 0, 0, }, /* 678 */ + { 146, 7, 12, 0, 0, }, /* 679 */ + { 146, 15, 12, 0, 0, }, /* 680 */ + { 147, 7, 12, 0, 0, }, /* 681 */ + { 147, 12, 3, 0, 0, }, /* 682 */ + { 147, 15, 12, 0, 0, }, /* 683 */ + { 147, 21, 12, 0, 0, }, /* 684 */ + { 93, 10, 5, 0, 0, }, /* 685 */ + { 93, 12, 3, 0, 0, }, /* 686 */ + { 93, 7, 12, 0, 0, }, /* 687 */ + { 93, 21, 12, 0, 0, }, /* 688 */ + { 93, 15, 12, 0, 0, }, /* 689 */ + { 93, 13, 12, 0, 0, }, /* 690 */ + { 84, 12, 3, 0, 0, }, /* 691 */ + { 84, 10, 5, 0, 0, }, /* 692 */ + { 84, 7, 12, 0, 0, }, /* 693 */ + { 84, 21, 12, 0, 0, }, /* 694 */ + { 84, 1, 4, 0, 0, }, /* 695 */ + { 100, 7, 12, 0, 0, }, /* 696 */ + { 100, 13, 12, 0, 0, }, /* 697 */ + { 95, 12, 3, 0, 0, }, /* 698 */ + { 95, 7, 12, 0, 0, }, /* 699 */ + { 95, 10, 5, 0, 0, }, /* 700 */ + { 95, 13, 12, 0, 0, }, /* 701 */ + { 95, 21, 12, 0, 0, }, /* 702 */ + { 110, 7, 12, 0, 0, }, /* 703 */ + { 110, 12, 3, 0, 0, }, /* 704 */ + { 110, 21, 12, 0, 0, }, /* 705 */ + { 99, 12, 3, 0, 0, }, /* 706 */ + { 99, 10, 5, 0, 0, }, /* 707 */ + { 99, 7, 12, 0, 0, }, /* 708 */ + { 99, 7, 4, 0, 0, }, /* 709 */ + { 99, 21, 12, 0, 0, }, /* 710 */ + { 99, 13, 12, 0, 0, }, /* 711 */ + { 47, 15, 12, 0, 0, }, /* 712 */ + { 107, 7, 12, 0, 0, }, /* 713 */ + { 107, 10, 5, 0, 0, }, /* 714 */ + { 107, 12, 3, 0, 0, }, /* 715 */ + { 107, 21, 12, 0, 0, }, /* 716 */ + { 128, 7, 12, 0, 0, }, /* 717 */ + { 128, 21, 12, 0, 0, }, /* 718 */ + { 108, 7, 12, 0, 0, }, /* 719 */ + { 108, 12, 3, 0, 0, }, /* 720 */ + { 108, 10, 5, 0, 0, }, /* 721 */ + { 108, 13, 12, 0, 0, }, /* 722 */ + { 106, 12, 3, 0, 0, }, /* 723 */ + { 106, 10, 5, 0, 0, }, /* 724 */ + { 106, 7, 12, 0, 0, }, /* 725 */ + { 106, 10, 3, 0, 0, }, /* 726 */ + { 134, 7, 12, 0, 0, }, /* 727 */ + { 134, 10, 5, 0, 0, }, /* 728 */ + { 134, 12, 3, 0, 0, }, /* 729 */ + { 134, 21, 12, 0, 0, }, /* 730 */ + { 134, 13, 12, 0, 0, }, /* 731 */ + { 123, 7, 12, 0, 0, }, /* 732 */ + { 123, 10, 3, 0, 0, }, /* 733 */ + { 123, 10, 5, 0, 0, }, /* 734 */ + { 123, 12, 3, 0, 0, }, /* 735 */ + { 123, 21, 12, 0, 0, }, /* 736 */ + { 123, 13, 12, 0, 0, }, /* 737 */ + { 122, 7, 12, 0, 0, }, /* 738 */ + { 122, 10, 3, 0, 0, }, /* 739 */ + { 122, 10, 5, 0, 0, }, /* 740 */ + { 122, 12, 3, 0, 0, }, /* 741 */ + { 122, 21, 12, 0, 0, }, /* 742 */ + { 113, 7, 12, 0, 0, }, /* 743 */ + { 113, 10, 5, 0, 0, }, /* 744 */ + { 113, 12, 3, 0, 0, }, /* 745 */ + { 113, 21, 12, 0, 0, }, /* 746 */ + { 113, 13, 12, 0, 0, }, /* 747 */ + { 101, 7, 12, 0, 0, }, /* 748 */ + { 101, 12, 3, 0, 0, }, /* 749 */ + { 101, 10, 5, 0, 0, }, /* 750 */ + { 101, 13, 12, 0, 0, }, /* 751 */ + { 125, 7, 12, 0, 0, }, /* 752 */ + { 125, 12, 3, 0, 0, }, /* 753 */ + { 125, 10, 5, 0, 0, }, /* 754 */ + { 125, 13, 12, 0, 0, }, /* 755 */ + { 125, 15, 12, 0, 0, }, /* 756 */ + { 125, 21, 12, 0, 0, }, /* 757 */ + { 125, 26, 12, 0, 0, }, /* 758 */ + { 141, 7, 12, 0, 0, }, /* 759 */ + { 141, 10, 5, 0, 0, }, /* 760 */ + { 141, 12, 3, 0, 0, }, /* 761 */ + { 141, 21, 12, 0, 0, }, /* 762 */ + { 124, 9, 12, 0, 32, }, /* 763 */ + { 124, 5, 12, 0, -32, }, /* 764 */ + { 124, 13, 12, 0, 0, }, /* 765 */ + { 124, 15, 12, 0, 0, }, /* 766 */ + { 124, 7, 12, 0, 0, }, /* 767 */ + { 140, 7, 12, 0, 0, }, /* 768 */ + { 140, 12, 3, 0, 0, }, /* 769 */ + { 140, 10, 5, 0, 0, }, /* 770 */ + { 140, 7, 4, 0, 0, }, /* 771 */ + { 140, 21, 12, 0, 0, }, /* 772 */ + { 139, 7, 12, 0, 0, }, /* 773 */ + { 139, 12, 3, 0, 0, }, /* 774 */ + { 139, 10, 5, 0, 0, }, /* 775 */ + { 139, 7, 4, 0, 0, }, /* 776 */ + { 139, 21, 12, 0, 0, }, /* 777 */ + { 121, 7, 12, 0, 0, }, /* 778 */ + { 132, 7, 12, 0, 0, }, /* 779 */ + { 132, 10, 5, 0, 0, }, /* 780 */ + { 132, 12, 3, 0, 0, }, /* 781 */ + { 132, 21, 12, 0, 0, }, /* 782 */ + { 132, 13, 12, 0, 0, }, /* 783 */ + { 132, 15, 12, 0, 0, }, /* 784 */ + { 133, 21, 12, 0, 0, }, /* 785 */ + { 133, 7, 12, 0, 0, }, /* 786 */ + { 133, 12, 3, 0, 0, }, /* 787 */ + { 133, 10, 5, 0, 0, }, /* 788 */ + { 137, 7, 12, 0, 0, }, /* 789 */ + { 137, 12, 3, 0, 0, }, /* 790 */ + { 137, 7, 4, 0, 0, }, /* 791 */ + { 137, 13, 12, 0, 0, }, /* 792 */ + { 142, 7, 12, 0, 0, }, /* 793 */ + { 142, 10, 5, 0, 0, }, /* 794 */ + { 142, 12, 3, 0, 0, }, /* 795 */ + { 142, 13, 12, 0, 0, }, /* 796 */ + { 144, 7, 12, 0, 0, }, /* 797 */ + { 144, 12, 3, 0, 0, }, /* 798 */ + { 144, 10, 5, 0, 0, }, /* 799 */ + { 144, 21, 12, 0, 0, }, /* 800 */ + { 62, 7, 12, 0, 0, }, /* 801 */ + { 62, 14, 12, 0, 0, }, /* 802 */ + { 62, 21, 12, 0, 0, }, /* 803 */ + { 79, 7, 12, 0, 0, }, /* 804 */ + { 126, 7, 12, 0, 0, }, /* 805 */ + { 114, 7, 12, 0, 0, }, /* 806 */ + { 114, 13, 12, 0, 0, }, /* 807 */ + { 114, 21, 12, 0, 0, }, /* 808 */ + { 102, 7, 12, 0, 0, }, /* 809 */ + { 102, 12, 3, 0, 0, }, /* 810 */ + { 102, 21, 12, 0, 0, }, /* 811 */ + { 118, 7, 12, 0, 0, }, /* 812 */ + { 118, 12, 3, 0, 0, }, /* 813 */ + { 118, 21, 12, 0, 0, }, /* 814 */ + { 118, 26, 12, 0, 0, }, /* 815 */ + { 118, 6, 12, 0, 0, }, /* 816 */ + { 118, 13, 12, 0, 0, }, /* 817 */ + { 118, 15, 12, 0, 0, }, /* 818 */ + { 145, 9, 12, 0, 32, }, /* 819 */ + { 145, 5, 12, 0, -32, }, /* 820 */ + { 145, 15, 12, 0, 0, }, /* 821 */ + { 145, 21, 12, 0, 0, }, /* 822 */ + { 98, 7, 12, 0, 0, }, /* 823 */ + { 98, 10, 5, 0, 0, }, /* 824 */ + { 98, 12, 3, 0, 0, }, /* 825 */ + { 98, 6, 12, 0, 0, }, /* 826 */ + { 136, 6, 12, 0, 0, }, /* 827 */ + { 138, 6, 12, 0, 0, }, /* 828 */ + { 136, 7, 12, 0, 0, }, /* 829 */ + { 138, 7, 12, 0, 0, }, /* 830 */ + { 104, 7, 12, 0, 0, }, /* 831 */ + { 104, 26, 12, 0, 0, }, /* 832 */ + { 104, 12, 3, 0, 0, }, /* 833 */ + { 104, 21, 12, 0, 0, }, /* 834 */ + { 9, 10, 3, 0, 0, }, /* 835 */ + { 19, 12, 3, 0, 0, }, /* 836 */ + { 130, 26, 12, 0, 0, }, /* 837 */ + { 130, 12, 3, 0, 0, }, /* 838 */ + { 130, 21, 12, 0, 0, }, /* 839 */ + { 17, 12, 3, 0, 0, }, /* 840 */ + { 112, 7, 12, 0, 0, }, /* 841 */ + { 112, 15, 12, 0, 0, }, /* 842 */ + { 112, 12, 3, 0, 0, }, /* 843 */ + { 131, 9, 12, 0, 34, }, /* 844 */ + { 131, 5, 12, 0, -34, }, /* 845 */ + { 131, 12, 3, 0, 0, }, /* 846 */ + { 131, 13, 12, 0, 0, }, /* 847 */ + { 131, 21, 12, 0, 0, }, /* 848 */ + { 9, 2, 14, 0, 0, }, /* 849 */ + { 9, 26, 11, 0, 0, }, /* 850 */ + { 26, 26, 12, 0, 0, }, /* 851 */ + { 9, 24, 3, 0, 0, }, /* 852 */ + { 9, 1, 3, 0, 0, }, /* 853 */ }; -const uint8_t PRIV(ucd_stage1)[] = { /* 8704 bytes */ +const uint16_t PRIV(ucd_stage1)[] = { /* 17408 bytes */ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, /* U+0000 */ 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, /* U+0800 */ 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 41, 41, 42, 43, 44, 45, /* U+1000 */ 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, /* U+1800 */ 62, 63, 64, 65, 66, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, /* U+2000 */ - 77, 77, 66, 78, 66, 66, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, /* U+2800 */ - 89, 90, 91, 92, 93, 94, 95, 71, 96, 96, 96, 96, 96, 96, 96, 96, /* U+3000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+3800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+4000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 97, 96, 96, 96, 96, /* U+4800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+5000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+5800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+6000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+6800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+7000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+7800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+8000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+8800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+9000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 98, /* U+9800 */ - 99,100,100,100,100,100,100,100,100,101,102,102,103,104,105,106, /* U+A000 */ -107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,115, /* U+A800 */ -116,117,118,119,120,121,115,116,117,118,119,120,121,115,116,117, /* U+B000 */ -118,119,120,121,115,116,117,118,119,120,121,115,116,117,118,119, /* U+B800 */ -120,121,115,116,117,118,119,120,121,115,116,117,118,119,120,121, /* U+C000 */ -115,116,117,118,119,120,121,115,116,117,118,119,120,121,115,116, /* U+C800 */ -117,118,119,120,121,115,116,117,118,119,120,121,115,116,117,122, /* U+D000 */ -123,123,123,123,123,123,123,123,123,123,123,123,123,123,123,123, /* U+D800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+E000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+E800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F000 */ -124,124, 96, 96,125,126,127,128,129,129,130,131,132,133,134,135, /* U+F800 */ -136,137,138,139,140,141,142,143,144,145,146,140,147,147,148,140, /* U+10000 */ -149,150,151,152,153,154,155,156,157,158,140,140,159,140,140,140, /* U+10800 */ -160,161,162,163,164,165,166,140,167,168,140,169,170,171,172,140, /* U+11000 */ -140,173,140,140,174,175,140,140,176,177,178,140,140,140,140,140, /* U+11800 */ -179,179,179,179,179,179,179,180,181,179,182,140,140,140,140,140, /* U+12000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+12800 */ -183,183,183,183,183,183,183,183,184,140,140,140,140,140,140,140, /* U+13000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+13800 */ -140,140,140,140,140,140,140,140,185,185,185,185,186,140,140,140, /* U+14000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+14800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+15000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+15800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+16000 */ -187,187,187,187,188,189,190,191,140,140,140,140,140,140,192,193, /* U+16800 */ -194,194,194,194,194,194,194,194,194,194,194,194,194,194,194,194, /* U+17000 */ -194,194,194,194,194,194,194,194,194,194,194,194,194,194,194,194, /* U+17800 */ -194,194,194,194,194,194,194,194,194,194,194,194,194,194,194,195, /* U+18000 */ -194,194,194,194,194,196,140,140,140,140,140,140,140,140,140,140, /* U+18800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+19000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+19800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+1A000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+1A800 */ -197,198,199,200,200,201,140,140,140,140,140,140,140,140,140,140, /* U+1B000 */ -140,140,140,140,140,140,140,140,202,203,140,140,140,140,140,140, /* U+1B800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+1C000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+1C800 */ - 71,204,205,206,207,140,208,140,209,210,211,212,213,214,215,216, /* U+1D000 */ -217,217,217,217,218,219,140,140,140,140,140,140,140,140,140,140, /* U+1D800 */ -220,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+1E000 */ -221,222,223,140,140,140,140,140,140,140,140,140,224,225,140,140, /* U+1E800 */ -226,227,228,229,230,140,231,232,233,234,235,236,237,238,239,240, /* U+1F000 */ -241,242,243,244,140,140,140,140,140,140,140,140,140,140,140,140, /* U+1F800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+20000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+20800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+21000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+21800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+22000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+22800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+23000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+23800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+24000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+24800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+25000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+25800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+26000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+26800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+27000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+27800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+28000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+28800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+29000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+29800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96,245, 96, 96, /* U+2A000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+2A800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96,246, 96, /* U+2B000 */ -247, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+2B800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+2C000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96,248, 96, 96, /* U+2C800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+2D000 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+2D800 */ - 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, 96, /* U+2E000 */ - 96, 96, 96, 96, 96, 96, 96,249,140,140,140,140,140,140,140,140, /* U+2E800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+2F000 */ - 96, 96, 96, 96,250,140,140,140,140,140,140,140,140,140,140,140, /* U+2F800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+30000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+30800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+31000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+31800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+32000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+32800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+33000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+33800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+34000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+34800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+35000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+35800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+36000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+36800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+37000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+37800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+38000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+38800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+39000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+39800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+3A000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+3A800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+3B000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+3B800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+3C000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+3C800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+3D000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+3D800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+3E000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+3E800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+3F000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+3F800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+40000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+40800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+41000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+41800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+42000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+42800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+43000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+43800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+44000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+44800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+45000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+45800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+46000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+46800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+47000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+47800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+48000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+48800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+49000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+49800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+4A000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+4A800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+4B000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+4B800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+4C000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+4C800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+4D000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+4D800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+4E000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+4E800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+4F000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+4F800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+50000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+50800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+51000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+51800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+52000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+52800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+53000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+53800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+54000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+54800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+55000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+55800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+56000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+56800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+57000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+57800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+58000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+58800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+59000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+59800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+5A000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+5A800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+5B000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+5B800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+5C000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+5C800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+5D000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+5D800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+5E000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+5E800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+5F000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+5F800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+60000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+60800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+61000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+61800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+62000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+62800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+63000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+63800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+64000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+64800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+65000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+65800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+66000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+66800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+67000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+67800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+68000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+68800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+69000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+69800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+6A000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+6A800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+6B000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+6B800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+6C000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+6C800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+6D000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+6D800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+6E000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+6E800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+6F000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+6F800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+70000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+70800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+71000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+71800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+72000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+72800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+73000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+73800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+74000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+74800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+75000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+75800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+76000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+76800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+77000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+77800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+78000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+78800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+79000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+79800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+7A000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+7A800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+7B000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+7B800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+7C000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+7C800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+7D000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+7D800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+7E000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+7E800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+7F000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+7F800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+80000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+80800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+81000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+81800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+82000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+82800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+83000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+83800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+84000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+84800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+85000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+85800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+86000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+86800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+87000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+87800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+88000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+88800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+89000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+89800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+8A000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+8A800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+8B000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+8B800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+8C000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+8C800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+8D000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+8D800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+8E000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+8E800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+8F000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+8F800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+90000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+90800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+91000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+91800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+92000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+92800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+93000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+93800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+94000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+94800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+95000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+95800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+96000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+96800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+97000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+97800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+98000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+98800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+99000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+99800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+9A000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+9A800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+9B000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+9B800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+9C000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+9C800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+9D000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+9D800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+9E000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+9E800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+9F000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+9F800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A0000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A0800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A1000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A1800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A2000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A2800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A3000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A3800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A4000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A4800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A5000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A5800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A6000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A6800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A7000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A7800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A8000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A8800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A9000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+A9800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+AA000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+AA800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+AB000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+AB800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+AC000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+AC800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+AD000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+AD800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+AE000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+AE800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+AF000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+AF800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B0000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B0800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B1000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B1800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B2000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B2800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B3000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B3800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B4000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B4800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B5000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B5800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B6000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B6800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B7000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B7800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B8000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B8800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B9000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+B9800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+BA000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+BA800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+BB000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+BB800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+BC000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+BC800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+BD000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+BD800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+BE000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+BE800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+BF000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+BF800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C0000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C0800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C1000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C1800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C2000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C2800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C3000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C3800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C4000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C4800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C5000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C5800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C6000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C6800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C7000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C7800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C8000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C8800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C9000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+C9800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+CA000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+CA800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+CB000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+CB800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+CC000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+CC800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+CD000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+CD800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+CE000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+CE800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+CF000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+CF800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D0000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D0800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D1000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D1800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D2000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D2800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D3000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D3800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D4000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D4800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D5000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D5800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D6000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D6800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D7000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D7800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D8000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D8800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D9000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+D9800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+DA000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+DA800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+DB000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+DB800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+DC000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+DC800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+DD000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+DD800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+DE000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+DE800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+DF000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+DF800 */ -251,252,253,254,252,252,252,252,252,252,252,252,252,252,252,252, /* U+E0000 */ -252,252,252,252,252,252,252,252,252,252,252,252,252,252,252,252, /* U+E0800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E1000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E1800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E2000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E2800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E3000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E3800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E4000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E4800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E5000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E5800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E6000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E6800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E7000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E7800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E8000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E8800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E9000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+E9800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+EA000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+EA800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+EB000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+EB800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+EC000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+EC800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+ED000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+ED800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+EE000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+EE800 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+EF000 */ -140,140,140,140,140,140,140,140,140,140,140,140,140,140,140,140, /* U+EF800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F0000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F0800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F1000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F1800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F2000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F2800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F3000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F3800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F4000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F4800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F5000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F5800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F6000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F6800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F7000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F7800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F8000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F8800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F9000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+F9800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+FA000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+FA800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+FB000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+FB800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+FC000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+FC800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+FD000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+FD800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+FE000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+FE800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+FF000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,255, /* U+FF800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+100000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+100800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+101000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+101800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+102000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+102800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+103000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+103800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+104000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+104800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+105000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+105800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+106000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+106800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+107000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+107800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+108000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+108800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+109000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+109800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+10A000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+10A800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+10B000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+10B800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+10C000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+10C800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+10D000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+10D800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+10E000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+10E800 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+10F000 */ -124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,255, /* U+10F800 */ + 77, 77, 78, 79, 66, 66, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, /* U+2800 */ + 90, 91, 92, 93, 94, 95, 96, 71, 97, 97, 97, 97, 97, 97, 97, 97, /* U+3000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+3800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+4000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 98, 97, 97, 97, 97, /* U+4800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+5000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+5800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+6000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+6800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+7000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+7800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+8000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+8800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+9000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 99, /* U+9800 */ +100,101,101,101,101,101,101,101,101,102,103,103,104,105,106,107, /* U+A000 */ +108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,116, /* U+A800 */ +117,118,119,120,121,122,116,117,118,119,120,121,122,116,117,118, /* U+B000 */ +119,120,121,122,116,117,118,119,120,121,122,116,117,118,119,120, /* U+B800 */ +121,122,116,117,118,119,120,121,122,116,117,118,119,120,121,122, /* U+C000 */ +116,117,118,119,120,121,122,116,117,118,119,120,121,122,116,117, /* U+C800 */ +118,119,120,121,122,116,117,118,119,120,121,122,116,117,118,123, /* U+D000 */ +124,124,124,124,124,124,124,124,124,124,124,124,124,124,124,124, /* U+D800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+E000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+E800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F000 */ +125,125, 97, 97,126,127,128,129,130,130,131,132,133,134,135,136, /* U+F800 */ +137,138,139,140,141,142,143,144,145,146,147,141,148,148,149,141, /* U+10000 */ +150,151,152,153,154,155,156,157,158,159,160,141,161,141,162,141, /* U+10800 */ +163,164,165,166,167,168,169,141,170,171,141,172,173,174,175,141, /* U+11000 */ +176,177,141,141,178,179,141,141,180,181,182,183,141,184,141,141, /* U+11800 */ +185,185,185,185,185,185,185,186,187,185,188,141,141,141,141,141, /* U+12000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+12800 */ +189,189,189,189,189,189,189,189,190,141,141,141,141,141,141,141, /* U+13000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+13800 */ +141,141,141,141,141,141,141,141,191,191,191,191,192,141,141,141, /* U+14000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+14800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+15000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+15800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+16000 */ +193,193,193,193,194,195,196,197,141,141,141,141,198,199,200,201, /* U+16800 */ +202,202,202,202,202,202,202,202,202,202,202,202,202,202,202,202, /* U+17000 */ +202,202,202,202,202,202,202,202,202,202,202,202,202,202,202,202, /* U+17800 */ +202,202,202,202,202,202,202,202,202,202,202,202,202,202,202,203, /* U+18000 */ +202,202,202,202,202,204,141,141,141,141,141,141,141,141,141,141, /* U+18800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+19000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+19800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+1A000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+1A800 */ +205,206,207,208,208,209,141,141,141,141,141,141,141,141,141,141, /* U+1B000 */ +141,141,141,141,141,141,141,141,210,211,141,141,141,141,141,141, /* U+1B800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+1C000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+1C800 */ + 71,212,213,214,215,216,217,141,218,219,220,221,222,223,224,225, /* U+1D000 */ +226,226,226,226,227,228,141,141,141,141,141,141,141,141,141,141, /* U+1D800 */ +229,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+1E000 */ +230,231,232,141,141,141,141,141,233,234,141,141,235,236,141,141, /* U+1E800 */ +237,238,239,240,241,242,243,244,243,243,245,243,246,247,248,249, /* U+1F000 */ +250,251,252,253,254,242,242,242,242,242,242,242,242,242,242,255, /* U+1F800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+20000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+20800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+21000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+21800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+22000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+22800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+23000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+23800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+24000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+24800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+25000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+25800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+26000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+26800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+27000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+27800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+28000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+28800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+29000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+29800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97,256, 97, 97, /* U+2A000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+2A800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97,257, 97, /* U+2B000 */ +258, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+2B800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+2C000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97,259, 97, 97, /* U+2C800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+2D000 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+2D800 */ + 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, 97, /* U+2E000 */ + 97, 97, 97, 97, 97, 97, 97,260,141,141,141,141,141,141,141,141, /* U+2E800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+2F000 */ + 97, 97, 97, 97,261,141,141,141,141,141,141,141,141,141,141,141, /* U+2F800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+30000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+30800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+31000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+31800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+32000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+32800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+33000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+33800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+34000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+34800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+35000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+35800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+36000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+36800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+37000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+37800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+38000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+38800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+39000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+39800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+3A000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+3A800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+3B000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+3B800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+3C000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+3C800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+3D000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+3D800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+3E000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+3E800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+3F000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+3F800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+40000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+40800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+41000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+41800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+42000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+42800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+43000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+43800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+44000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+44800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+45000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+45800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+46000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+46800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+47000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+47800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+48000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+48800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+49000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+49800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+4A000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+4A800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+4B000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+4B800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+4C000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+4C800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+4D000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+4D800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+4E000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+4E800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+4F000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+4F800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+50000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+50800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+51000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+51800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+52000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+52800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+53000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+53800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+54000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+54800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+55000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+55800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+56000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+56800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+57000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+57800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+58000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+58800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+59000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+59800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+5A000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+5A800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+5B000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+5B800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+5C000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+5C800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+5D000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+5D800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+5E000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+5E800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+5F000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+5F800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+60000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+60800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+61000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+61800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+62000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+62800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+63000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+63800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+64000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+64800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+65000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+65800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+66000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+66800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+67000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+67800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+68000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+68800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+69000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+69800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+6A000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+6A800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+6B000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+6B800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+6C000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+6C800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+6D000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+6D800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+6E000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+6E800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+6F000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+6F800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+70000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+70800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+71000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+71800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+72000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+72800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+73000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+73800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+74000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+74800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+75000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+75800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+76000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+76800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+77000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+77800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+78000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+78800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+79000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+79800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+7A000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+7A800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+7B000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+7B800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+7C000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+7C800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+7D000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+7D800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+7E000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+7E800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+7F000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+7F800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+80000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+80800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+81000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+81800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+82000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+82800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+83000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+83800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+84000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+84800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+85000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+85800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+86000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+86800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+87000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+87800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+88000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+88800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+89000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+89800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+8A000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+8A800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+8B000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+8B800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+8C000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+8C800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+8D000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+8D800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+8E000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+8E800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+8F000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+8F800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+90000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+90800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+91000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+91800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+92000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+92800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+93000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+93800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+94000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+94800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+95000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+95800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+96000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+96800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+97000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+97800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+98000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+98800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+99000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+99800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+9A000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+9A800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+9B000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+9B800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+9C000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+9C800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+9D000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+9D800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+9E000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+9E800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+9F000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+9F800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A0000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A0800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A1000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A1800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A2000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A2800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A3000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A3800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A4000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A4800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A5000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A5800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A6000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A6800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A7000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A7800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A8000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A8800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A9000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+A9800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+AA000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+AA800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+AB000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+AB800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+AC000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+AC800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+AD000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+AD800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+AE000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+AE800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+AF000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+AF800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B0000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B0800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B1000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B1800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B2000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B2800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B3000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B3800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B4000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B4800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B5000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B5800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B6000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B6800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B7000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B7800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B8000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B8800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B9000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+B9800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+BA000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+BA800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+BB000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+BB800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+BC000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+BC800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+BD000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+BD800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+BE000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+BE800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+BF000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+BF800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C0000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C0800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C1000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C1800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C2000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C2800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C3000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C3800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C4000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C4800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C5000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C5800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C6000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C6800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C7000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C7800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C8000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C8800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C9000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+C9800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+CA000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+CA800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+CB000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+CB800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+CC000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+CC800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+CD000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+CD800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+CE000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+CE800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+CF000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+CF800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D0000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D0800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D1000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D1800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D2000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D2800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D3000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D3800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D4000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D4800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D5000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D5800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D6000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D6800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D7000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D7800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D8000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D8800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D9000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+D9800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+DA000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+DA800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+DB000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+DB800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+DC000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+DC800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+DD000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+DD800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+DE000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+DE800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+DF000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+DF800 */ +262,263,264,265,263,263,263,263,263,263,263,263,263,263,263,263, /* U+E0000 */ +263,263,263,263,263,263,263,263,263,263,263,263,263,263,263,263, /* U+E0800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E1000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E1800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E2000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E2800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E3000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E3800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E4000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E4800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E5000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E5800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E6000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E6800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E7000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E7800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E8000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E8800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E9000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+E9800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+EA000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+EA800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+EB000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+EB800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+EC000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+EC800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+ED000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+ED800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+EE000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+EE800 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+EF000 */ +141,141,141,141,141,141,141,141,141,141,141,141,141,141,141,141, /* U+EF800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F0000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F0800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F1000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F1800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F2000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F2800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F3000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F3800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F4000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F4800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F5000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F5800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F6000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F6800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F7000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F7800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F8000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F8800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F9000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+F9800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+FA000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+FA800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+FB000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+FB800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+FC000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+FC800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+FD000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+FD800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+FE000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+FE800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+FF000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,266, /* U+FF800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+100000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+100800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+101000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+101800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+102000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+102800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+103000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+103800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+104000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+104800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+105000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+105800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+106000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+106800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+107000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+107800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+108000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+108800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+109000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+109800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+10A000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+10A800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+10B000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+10B800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+10C000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+10C800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+10D000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+10D800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+10E000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+10E800 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,125, /* U+10F000 */ +125,125,125,125,125,125,125,125,125,125,125,125,125,125,125,266, /* U+10F800 */ }; -const uint16_t PRIV(ucd_stage2)[] = { /* 65536 bytes, block = 128 */ +const uint16_t PRIV(ucd_stage2)[] = { /* 68352 bytes, block = 128 */ /* block 0 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, @@ -1489,647 +1522,647 @@ const uint16_t PRIV(ucd_stage2)[] = { /* 65536 bytes, block = 128 */ /* block 1 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 3, 4, 5, 5, 5, 5, 19, 4, 14, 19, 20, 21, 8, 22, 19, 14, - 19, 8, 23, 23, 14, 24, 4, 4, 14, 23, 20, 25, 23, 23, 23, 4, - 11, 11, 11, 11, 11, 26, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, - 11, 11, 11, 11, 11, 11, 11, 8, 11, 11, 11, 11, 11, 11, 11, 27, - 16, 16, 16, 16, 16, 28, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, - 16, 16, 16, 16, 16, 16, 16, 8, 16, 16, 16, 16, 16, 16, 16, 29, + 3, 4, 5, 5, 5, 5, 19, 4, 14, 20, 21, 22, 8, 23, 20, 14, + 19, 8, 24, 24, 14, 25, 4, 4, 14, 24, 21, 26, 24, 24, 24, 4, + 11, 11, 11, 11, 11, 27, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, + 11, 11, 11, 11, 11, 11, 11, 8, 11, 11, 11, 11, 11, 11, 11, 28, + 16, 16, 16, 16, 16, 29, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, + 16, 16, 16, 16, 16, 16, 16, 8, 16, 16, 16, 16, 16, 16, 16, 30, /* block 2 */ - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 32, 33, 30, 31, 30, 31, 30, 31, 33, 30, 31, 30, 31, 30, 31, 30, - 31, 30, 31, 30, 31, 30, 31, 30, 31, 33, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 34, 30, 31, 30, 31, 30, 31, 35, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 33, 34, 31, 32, 31, 32, 31, 32, 34, 31, 32, 31, 32, 31, 32, 31, + 32, 31, 32, 31, 32, 31, 32, 31, 32, 34, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 35, 31, 32, 31, 32, 31, 32, 36, /* block 3 */ - 36, 37, 30, 31, 30, 31, 38, 30, 31, 39, 39, 30, 31, 33, 40, 41, - 42, 30, 31, 39, 43, 44, 45, 46, 30, 31, 47, 33, 45, 48, 49, 50, - 30, 31, 30, 31, 30, 31, 51, 30, 31, 51, 33, 33, 30, 31, 51, 30, - 31, 52, 52, 30, 31, 30, 31, 53, 30, 31, 33, 20, 30, 31, 33, 54, - 20, 20, 20, 20, 55, 56, 57, 58, 59, 60, 61, 62, 63, 30, 31, 30, - 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 64, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 33, 65, 66, 67, 30, 31, 68, 69, 30, 31, 30, 31, 30, 31, 30, 31, + 37, 38, 31, 32, 31, 32, 39, 31, 32, 40, 40, 31, 32, 34, 41, 42, + 43, 31, 32, 40, 44, 45, 46, 47, 31, 32, 48, 34, 46, 49, 50, 51, + 31, 32, 31, 32, 31, 32, 52, 31, 32, 52, 34, 34, 31, 32, 52, 31, + 32, 53, 53, 31, 32, 31, 32, 54, 31, 32, 34, 21, 31, 32, 34, 55, + 21, 21, 21, 21, 56, 57, 58, 59, 60, 61, 62, 63, 64, 31, 32, 31, + 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 65, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 34, 66, 67, 68, 31, 32, 69, 70, 31, 32, 31, 32, 31, 32, 31, 32, /* block 4 */ - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 70, 33, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 33, 33, 33, 33, 33, 33, 71, 30, 31, 72, 73, 74, - 74, 30, 31, 75, 76, 77, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 78, 79, 80, 81, 82, 33, 83, 83, 33, 84, 33, 85, 86, 33, 33, 33, - 83, 87, 33, 88, 33, 89, 90, 33, 91, 92, 90, 93, 94, 33, 33, 92, - 33, 95, 96, 33, 33, 97, 33, 33, 33, 33, 33, 33, 33, 98, 33, 33, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 71, 34, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 34, 34, 34, 34, 34, 34, 72, 31, 32, 73, 74, 75, + 75, 31, 32, 76, 77, 78, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 79, 80, 81, 82, 83, 34, 84, 84, 34, 85, 34, 86, 87, 34, 34, 34, + 84, 88, 34, 89, 34, 90, 91, 34, 92, 93, 91, 94, 95, 34, 34, 93, + 34, 96, 97, 34, 34, 98, 34, 34, 34, 34, 34, 34, 34, 99, 34, 34, /* block 5 */ - 99, 33, 33, 99, 33, 33, 33,100, 99,101,102,102,103, 33, 33, 33, - 33, 33,104, 33, 20, 33, 33, 33, 33, 33, 33, 33, 33,105,106, 33, - 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, -107,107,107,107,107,107,107,107,107,108,108,108,108,108,108,108, -108,108, 14, 14, 14, 14,108,108,108,108,108,108,108,108,108,108, -108,108, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, -107,107,107,107,107, 14, 14, 14, 14, 14,109,109,108, 14,108, 14, +100, 34, 34,100, 34, 34, 34,101,100,102,103,103,104, 34, 34, 34, + 34, 34,105, 34, 21, 34, 34, 34, 34, 34, 34, 34, 34,106,107, 34, + 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, +108,108,108,108,108,108,108,108,108,109,109,109,109,109,109,109, +109,109, 14, 14, 14, 14,109,109,109,109,109,109,109,109,109,109, +109,109, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, +108,108,108,108,108, 14, 14, 14, 14, 14,110,110,109, 14,109, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, /* block 6 */ -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,111,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -112,113,112,113,108,114,112,113,115,115,116,117,117,117, 4,118, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,112,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +113,114,113,114,109,115,113,114,116,116,117,118,118,118, 4,119, /* block 7 */ -115,115,115,115,114, 14,119, 4,120,120,120,115,121,115,122,122, -123,124,125,124,124,126,124,124,127,128,129,124,130,124,124,124, -131,132,115,133,124,124,134,124,124,135,124,124,136,137,137,137, -123,138,139,138,138,140,138,138,141,142,143,138,144,138,138,138, -145,146,147,148,138,138,149,138,138,150,138,138,151,152,152,153, -154,155,156,156,156,157,158,159,112,113,112,113,112,113,112,113, -112,113,160,161,160,161,160,161,160,161,160,161,160,161,160,161, -162,163,164,165,166,167,168,112,113,169,112,113,123,170,170,170, +116,116,116,116,115, 14,120, 4,121,121,121,116,122,116,123,123, +124,125,126,125,125,127,125,125,128,129,130,125,131,125,125,125, +132,133,116,134,125,125,135,125,125,136,125,125,137,138,138,138, +124,139,140,139,139,141,139,139,142,143,144,139,145,139,139,139, +146,147,148,149,139,139,150,139,139,151,139,139,152,153,153,154, +155,156,157,157,157,158,159,160,113,114,113,114,113,114,113,114, +113,114,161,162,161,162,161,162,161,162,161,162,161,162,161,162, +163,164,165,166,167,168,169,113,114,170,113,114,124,171,171,171, /* block 8 */ -171,171,171,171,171,171,171,171,171,171,171,171,171,171,171,171, -172,172,173,172,174,172,172,172,172,172,172,172,172,172,175,172, -172,176,177,172,172,172,172,172,172,172,178,172,172,172,172,172, -179,179,180,179,181,179,179,179,179,179,179,179,179,179,182,179, -179,183,184,179,179,179,179,179,179,179,185,179,179,179,179,179, -186,186,186,186,186,186,186,186,186,186,186,186,186,186,186,186, -187,188,189,190,187,188,187,188,187,188,187,188,187,188,187,188, -187,188,187,188,187,188,187,188,187,188,187,188,187,188,187,188, +172,172,172,172,172,172,172,172,172,172,172,172,172,172,172,172, +173,173,174,173,175,173,173,173,173,173,173,173,173,173,176,173, +173,177,178,173,173,173,173,173,173,173,179,173,173,173,173,173, +180,180,181,180,182,180,180,180,180,180,180,180,180,180,183,180, +180,184,185,180,180,180,180,180,180,180,186,180,180,180,180,180, +187,187,187,187,187,187,187,187,187,187,187,187,187,187,187,187, +188,189,190,191,188,189,188,189,188,189,188,189,188,189,188,189, +188,189,188,189,188,189,188,189,188,189,188,189,188,189,188,189, /* block 9 */ -187,188,191,192,192,110,110,192,193,193,187,188,187,188,187,188, -187,188,187,188,187,188,187,188,187,188,187,188,187,188,187,188, -187,188,187,188,187,188,187,188,187,188,187,188,187,188,187,188, -187,188,187,188,187,188,187,188,187,188,187,188,187,188,187,188, -194,187,188,187,188,187,188,187,188,187,188,187,188,187,188,195, -187,188,187,188,187,188,187,188,187,188,187,188,187,188,187,188, -187,188,187,188,187,188,187,188,187,188,187,188,187,188,187,188, -187,188,187,188,187,188,187,188,187,188,187,188,187,188,187,188, +188,189,192,193,193,111,111,193,194,194,188,189,188,189,188,189, +188,189,188,189,188,189,188,189,188,189,188,189,188,189,188,189, +188,189,188,189,188,189,188,189,188,189,188,189,188,189,188,189, +188,189,188,189,188,189,188,189,188,189,188,189,188,189,188,189, +195,188,189,188,189,188,189,188,189,188,189,188,189,188,189,196, +188,189,188,189,188,189,188,189,188,189,188,189,188,189,188,189, +188,189,188,189,188,189,188,189,188,189,188,189,188,189,188,189, +188,189,188,189,188,189,188,189,188,189,188,189,188,189,188,189, /* block 10 */ -187,188,187,188,187,188,187,188,187,188,187,188,187,188,187,188, -187,188,187,188,187,188,187,188,187,188,187,188,187,188,187,188, -187,188,187,188,187,188,187,188,187,188,187,188,187,188,187,188, -115,196,196,196,196,196,196,196,196,196,196,196,196,196,196,196, -196,196,196,196,196,196,196,196,196,196,196,196,196,196,196,196, -196,196,196,196,196,196,196,115,115,197,198,198,198,198,198,198, -115,199,199,199,199,199,199,199,199,199,199,199,199,199,199,199, -199,199,199,199,199,199,199,199,199,199,199,199,199,199,199,199, +188,189,188,189,188,189,188,189,188,189,188,189,188,189,188,189, +188,189,188,189,188,189,188,189,188,189,188,189,188,189,188,189, +188,189,188,189,188,189,188,189,188,189,188,189,188,189,188,189, +116,197,197,197,197,197,197,197,197,197,197,197,197,197,197,197, +197,197,197,197,197,197,197,197,197,197,197,197,197,197,197,197, +197,197,197,197,197,197,197,116,116,198,199,199,199,199,199,199, +200,201,201,201,201,201,201,201,201,201,201,201,201,201,201,201, +201,201,201,201,201,201,201,201,201,201,201,201,201,201,201,201, /* block 11 */ -199,199,199,199,199,199,199,200,115, 4,201,115,115,202,202,203, -115,204,204,204,204,204,204,204,204,204,204,204,204,204,204,204, -204,204,204,204,204,204,204,204,204,204,204,204,204,204,204,204, -204,204,204,204,204,204,204,204,204,204,204,204,204,204,205,204, -206,204,204,206,204,204,206,204,115,115,115,115,115,115,115,115, -207,207,207,207,207,207,207,207,207,207,207,207,207,207,207,207, -207,207,207,207,207,207,207,207,207,207,207,115,115,115,115,115, -207,207,207,206,206,115,115,115,115,115,115,115,115,115,115,115, +201,201,201,201,201,201,201,200,200, 4,202,116,116,203,203,204, +116,205,205,205,205,205,205,205,205,205,205,205,205,205,205,205, +205,205,205,205,205,205,205,205,205,205,205,205,205,205,205,205, +205,205,205,205,205,205,205,205,205,205,205,205,205,205,206,205, +207,205,205,207,205,205,207,205,116,116,116,116,116,116,116,116, +208,208,208,208,208,208,208,208,208,208,208,208,208,208,208,208, +208,208,208,208,208,208,208,208,208,208,208,116,116,116,116,208, +208,208,208,207,207,116,116,116,116,116,116,116,116,116,116,116, /* block 12 */ -208,208,208,208,208,209,210,210,210,211,211,212, 4,211,213,213, -214,214,214,214,214,214,214,214,214,214,214, 4,215,115,211, 4, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -108,216,216,216,216,216,216,216,216,216,216,110,110,110,110,110, -110,110,110,110,110,110,214,214,214,214,214,214,214,214,214,214, -217,217,217,217,217,217,217,217,217,217,211,211,211,211,216,216, -110,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, +209,209,209,209,209,210,211,211,211,212,212,213, 4,212,214,214, +215,215,215,215,215,215,215,215,215,215,215, 4,216,116,212, 4, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +109,217,217,217,217,217,217,217,217,217,217,111,111,111,111,111, +111,111,111,111,111,111,215,215,215,215,215,215,215,215,215,215, +218,218,218,218,218,218,218,218,218,218,212,212,212,212,217,217, +111,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, /* block 13 */ -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,211,216,214,214,214,214,214,214,214,209,213,214, -214,214,214,214,214,218,218,214,214,213,214,214,214,214,216,216, -217,217,217,217,217,217,217,217,217,217,216,216,216,213,213,216, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,212,217,215,215,215,215,215,215,215,210,214,215, +215,215,215,215,215,219,219,215,215,214,215,215,215,215,217,217, +218,218,218,218,218,218,218,218,218,218,217,217,217,214,214,217, /* block 14 */ -219,219,219,219,219,219,219,219,219,219,219,219,219,219,115,220, -221,222,221,221,221,221,221,221,221,221,221,221,221,221,221,221, -221,221,221,221,221,221,221,221,221,221,221,221,221,221,221,221, +220,220,220,220,220,220,220,220,220,220,220,220,220,220,116,221, +222,223,222,222,222,222,222,222,222,222,222,222,222,222,222,222, 222,222,222,222,222,222,222,222,222,222,222,222,222,222,222,222, -222,222,222,222,222,222,222,222,222,222,222,115,115,221,221,221, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, +223,223,223,223,223,223,223,223,223,223,223,223,223,223,223,223, +223,223,223,223,223,223,223,223,223,223,223,116,116,222,222,222, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, /* block 15 */ -223,223,223,223,223,223,223,223,223,223,223,223,223,223,223,223, -223,223,223,223,223,223,223,223,223,223,223,223,223,223,223,223, -223,223,223,223,223,223,224,224,224,224,224,224,224,224,224,224, -224,223,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -225,225,225,225,225,225,225,225,225,225,226,226,226,226,226,226, -226,226,226,226,226,226,226,226,226,226,226,226,226,226,226,226, -226,226,226,226,226,226,226,226,226,226,226,227,227,227,227,227, -227,227,227,227,228,228,229,230,230,230,228,115,115,115,115,115, +224,224,224,224,224,224,224,224,224,224,224,224,224,224,224,224, +224,224,224,224,224,224,224,224,224,224,224,224,224,224,224,224, +224,224,224,224,224,224,225,225,225,225,225,225,225,225,225,225, +225,224,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +226,226,226,226,226,226,226,226,226,226,227,227,227,227,227,227, +227,227,227,227,227,227,227,227,227,227,227,227,227,227,227,227, +227,227,227,227,227,227,227,227,227,227,227,228,228,228,228,228, +228,228,228,228,229,229,230,231,231,231,229,116,116,228,232,232, /* block 16 */ -231,231,231,231,231,231,231,231,231,231,231,231,231,231,231,231, -231,231,231,231,231,231,232,232,232,232,233,232,232,232,232,232, -232,232,232,232,233,232,232,232,233,232,232,232,232,232,115,115, -234,234,234,234,234,234,234,234,234,234,234,234,234,234,234,115, -235,235,235,235,235,235,235,235,235,235,235,235,235,235,235,235, -235,235,235,235,235,235,235,235,235,236,236,236,115,115,237,115, -221,221,221,221,221,221,221,221,221,221,221,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +233,233,233,233,233,233,233,233,233,233,233,233,233,233,233,233, +233,233,233,233,233,233,234,234,234,234,235,234,234,234,234,234, +234,234,234,234,235,234,234,234,235,234,234,234,234,234,116,116, +236,236,236,236,236,236,236,236,236,236,236,236,236,236,236,116, +237,237,237,237,237,237,237,237,237,237,237,237,237,237,237,237, +237,237,237,237,237,237,237,237,237,238,238,238,116,116,239,116, +222,222,222,222,222,222,222,222,222,222,222,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 17 */ -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,115,216,216,216,216,216,216,216,216,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,214,214,214,214,214,214,214,214,214,214,214,214, -214,214,209,214,214,214,214,214,214,214,214,214,214,214,214,214, -214,214,214,214,214,214,214,214,214,214,214,214,214,214,214,214, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,116,217,217,217,217,217,217,217,217,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,215,215,215,215,215,215,215,215,215,215,215,215,215, +215,215,210,215,215,215,215,215,215,215,215,215,215,215,215,215, +215,215,215,215,215,215,215,215,215,215,215,215,215,215,215,215, /* block 18 */ -238,238,238,239,240,240,240,240,240,240,240,240,240,240,240,240, -240,240,240,240,240,240,240,240,240,240,240,240,240,240,240,240, -240,240,240,240,240,240,240,240,240,240,240,240,240,240,240,240, -240,240,240,240,240,240,240,240,240,240,238,239,238,240,239,239, -239,238,238,238,238,238,238,238,238,239,239,239,239,238,239,239, -240,110,110,238,238,238,238,238,240,240,240,240,240,240,240,240, -240,240,238,238, 4, 4,241,241,241,241,241,241,241,241,241,241, -242,243,240,240,240,240,240,240,240,240,240,240,240,240,240,240, +240,240,240,241,242,242,242,242,242,242,242,242,242,242,242,242, +242,242,242,242,242,242,242,242,242,242,242,242,242,242,242,242, +242,242,242,242,242,242,242,242,242,242,242,242,242,242,242,242, +242,242,242,242,242,242,242,242,242,242,240,241,240,242,241,241, +241,240,240,240,240,240,240,240,240,241,241,241,241,240,241,241, +242,111,111,240,240,240,240,240,242,242,242,242,242,242,242,242, +242,242,240,240, 4, 4,243,243,243,243,243,243,243,243,243,243, +244,245,242,242,242,242,242,242,242,242,242,242,242,242,242,242, /* block 19 */ -244,245,246,246,115,244,244,244,244,244,244,244,244,115,115,244, -244,115,115,244,244,244,244,244,244,244,244,244,244,244,244,244, -244,244,244,244,244,244,244,244,244,115,244,244,244,244,244,244, -244,115,244,115,115,115,244,244,244,244,115,115,245,244,247,246, -246,245,245,245,245,115,115,246,246,115,115,246,246,245,244,115, -115,115,115,115,115,115,115,247,115,115,115,115,244,244,115,244, -244,244,245,245,115,115,248,248,248,248,248,248,248,248,248,248, -244,244,249,249,250,250,250,250,250,250,251,249,244,252,115,115, +246,247,248,248,116,246,246,246,246,246,246,246,246,116,116,246, +246,116,116,246,246,246,246,246,246,246,246,246,246,246,246,246, +246,246,246,246,246,246,246,246,246,116,246,246,246,246,246,246, +246,116,246,116,116,116,246,246,246,246,116,116,247,246,249,248, +248,247,247,247,247,116,116,248,248,116,116,248,248,247,246,116, +116,116,116,116,116,116,116,249,116,116,116,116,246,246,116,246, +246,246,247,247,116,116,250,250,250,250,250,250,250,250,250,250, +246,246,251,251,252,252,252,252,252,252,253,251,246,254,247,116, /* block 20 */ -115,253,253,254,115,255,255,255,255,255,255,115,115,115,115,255, -255,115,115,255,255,255,255,255,255,255,255,255,255,255,255,255, -255,255,255,255,255,255,255,255,255,115,255,255,255,255,255,255, -255,115,255,255,115,255,255,115,255,255,115,115,253,115,254,254, -254,253,253,115,115,115,115,253,253,115,115,253,253,253,115,115, -115,253,115,115,115,115,115,115,115,255,255,255,255,115,255,115, -115,115,115,115,115,115,256,256,256,256,256,256,256,256,256,256, -253,253,255,255,255,253,115,115,115,115,115,115,115,115,115,115, +116,255,255,256,116,257,257,257,257,257,257,116,116,116,116,257, +257,116,116,257,257,257,257,257,257,257,257,257,257,257,257,257, +257,257,257,257,257,257,257,257,257,116,257,257,257,257,257,257, +257,116,257,257,116,257,257,116,257,257,116,116,255,116,256,256, +256,255,255,116,116,116,116,255,255,116,116,255,255,255,116,116, +116,255,116,116,116,116,116,116,116,257,257,257,257,116,257,116, +116,116,116,116,116,116,258,258,258,258,258,258,258,258,258,258, +255,255,257,257,257,255,259,116,116,116,116,116,116,116,116,116, /* block 21 */ -115,257,257,258,115,259,259,259,259,259,259,259,259,259,115,259, -259,259,115,259,259,259,259,259,259,259,259,259,259,259,259,259, -259,259,259,259,259,259,259,259,259,115,259,259,259,259,259,259, -259,115,259,259,115,259,259,259,259,259,115,115,257,259,258,258, -258,257,257,257,257,257,115,257,257,258,115,258,258,257,115,115, -259,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -259,259,257,257,115,115,260,260,260,260,260,260,260,260,260,260, -261,262,115,115,115,115,115,115,115,259,257,257,257,257,257,257, +116,260,260,261,116,262,262,262,262,262,262,262,262,262,116,262, +262,262,116,262,262,262,262,262,262,262,262,262,262,262,262,262, +262,262,262,262,262,262,262,262,262,116,262,262,262,262,262,262, +262,116,262,262,116,262,262,262,262,262,116,116,260,262,261,261, +261,260,260,260,260,260,116,260,260,261,116,261,261,260,116,116, +262,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +262,262,260,260,116,116,263,263,263,263,263,263,263,263,263,263, +264,265,116,116,116,116,116,116,116,262,260,260,260,260,260,260, /* block 22 */ -115,263,264,264,115,265,265,265,265,265,265,265,265,115,115,265, -265,115,115,265,265,265,265,265,265,265,265,265,265,265,265,265, -265,265,265,265,265,265,265,265,265,115,265,265,265,265,265,265, -265,115,265,265,115,265,265,265,265,265,115,115,263,265,266,263, -264,263,263,263,263,115,115,264,264,115,115,264,264,263,115,115, -115,115,115,115,115,115,263,266,115,115,115,115,265,265,115,265, -265,265,263,263,115,115,267,267,267,267,267,267,267,267,267,267, -268,265,269,269,269,269,269,269,115,115,115,115,115,115,115,115, +116,266,267,267,116,268,268,268,268,268,268,268,268,116,116,268, +268,116,116,268,268,268,268,268,268,268,268,268,268,268,268,268, +268,268,268,268,268,268,268,268,268,116,268,268,268,268,268,268, +268,116,268,268,116,268,268,268,268,268,116,116,266,268,269,266, +267,266,266,266,266,116,116,267,267,116,116,267,267,266,116,116, +116,116,116,116,116,116,266,269,116,116,116,116,268,268,116,268, +268,268,266,266,116,116,270,270,270,270,270,270,270,270,270,270, +271,268,272,272,272,272,272,272,116,116,116,116,116,116,116,116, /* block 23 */ -115,115,270,271,115,271,271,271,271,271,271,115,115,115,271,271, -271,115,271,271,271,271,115,115,115,271,271,115,271,115,271,271, -115,115,115,271,271,115,115,115,271,271,271,115,115,115,271,271, -271,271,271,271,271,271,271,271,271,271,115,115,115,115,272,273, -270,273,273,115,115,115,273,273,273,115,273,273,273,270,115,115, -271,115,115,115,115,115,115,272,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,274,274,274,274,274,274,274,274,274,274, -275,275,275,276,276,276,276,276,276,277,276,115,115,115,115,115, +116,116,273,274,116,274,274,274,274,274,274,116,116,116,274,274, +274,116,274,274,274,274,116,116,116,274,274,116,274,116,274,274, +116,116,116,274,274,116,116,116,274,274,274,116,116,116,274,274, +274,274,274,274,274,274,274,274,274,274,116,116,116,116,275,276, +273,276,276,116,116,116,276,276,276,116,276,276,276,273,116,116, +274,116,116,116,116,116,116,275,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,277,277,277,277,277,277,277,277,277,277, +278,278,278,279,279,279,279,279,279,280,279,116,116,116,116,116, /* block 24 */ -278,279,279,279,115,280,280,280,280,280,280,280,280,115,280,280, -280,115,280,280,280,280,280,280,280,280,280,280,280,280,280,280, -280,280,280,280,280,280,280,280,280,115,280,280,280,280,280,280, -280,280,280,280,280,280,280,280,280,280,115,115,115,280,278,278, -278,279,279,279,279,115,278,278,278,115,278,278,278,278,115,115, -115,115,115,115,115,278,278,115,280,280,280,115,115,115,115,115, -280,280,278,278,115,115,281,281,281,281,281,281,281,281,281,281, -115,115,115,115,115,115,115,115,282,282,282,282,282,282,282,283, +281,282,282,282,281,283,283,283,283,283,283,283,283,116,283,283, +283,116,283,283,283,283,283,283,283,283,283,283,283,283,283,283, +283,283,283,283,283,283,283,283,283,116,283,283,283,283,283,283, +283,283,283,283,283,283,283,283,283,283,116,116,116,283,281,281, +281,282,282,282,282,116,281,281,281,116,281,281,281,281,116,116, +116,116,116,116,116,281,281,116,283,283,283,116,116,116,116,116, +283,283,281,281,116,116,284,284,284,284,284,284,284,284,284,284, +116,116,116,116,116,116,116,116,285,285,285,285,285,285,285,286, /* block 25 */ -284,285,286,286,115,284,284,284,284,284,284,284,284,115,284,284, -284,115,284,284,284,284,284,284,284,284,284,284,284,284,284,284, -284,284,284,284,284,284,284,284,284,115,284,284,284,284,284,284, -284,284,284,284,115,284,284,284,284,284,115,115,285,284,286,285, -286,286,287,286,286,115,285,286,286,115,286,286,285,285,115,115, -115,115,115,115,115,287,287,115,115,115,115,115,115,115,284,115, -284,284,285,285,115,115,288,288,288,288,288,288,288,288,288,288, -115,284,284,115,115,115,115,115,115,115,115,115,115,115,115,115, +287,288,289,289,290,287,287,287,287,287,287,287,287,116,287,287, +287,116,287,287,287,287,287,287,287,287,287,287,287,287,287,287, +287,287,287,287,287,287,287,287,287,116,287,287,287,287,287,287, +287,287,287,287,116,287,287,287,287,287,116,116,288,287,289,288, +289,289,291,289,289,116,288,289,289,116,289,289,288,288,116,116, +116,116,116,116,116,291,291,116,116,116,116,116,116,116,287,116, +287,287,288,288,116,116,292,292,292,292,292,292,292,292,292,292, +116,287,287,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 26 */ -289,289,290,290,115,291,291,291,291,291,291,291,291,115,291,291, -291,115,291,291,291,291,291,291,291,291,291,291,291,291,291,291, -291,291,291,291,291,291,291,291,291,291,291,291,291,291,291,291, -291,291,291,291,291,291,291,291,291,291,291,289,289,291,292,290, -290,289,289,289,289,115,290,290,290,115,290,290,290,289,293,294, -115,115,115,115,291,291,291,292,295,295,295,295,295,295,295,291, -291,291,289,289,115,115,296,296,296,296,296,296,296,296,296,296, -295,295,295,295,295,295,295,295,295,294,291,291,291,291,291,291, +293,293,294,294,116,295,295,295,295,295,295,295,295,116,295,295, +295,116,295,295,295,295,295,295,295,295,295,295,295,295,295,295, +295,295,295,295,295,295,295,295,295,295,295,295,295,295,295,295, +295,295,295,295,295,295,295,295,295,295,295,293,293,295,296,294, +294,293,293,293,293,116,294,294,294,116,294,294,294,293,297,298, +116,116,116,116,295,295,295,296,299,299,299,299,299,299,299,295, +295,295,293,293,116,116,300,300,300,300,300,300,300,300,300,300, +299,299,299,299,299,299,299,299,299,298,295,295,295,295,295,295, /* block 27 */ -115,115,297,297,115,298,298,298,298,298,298,298,298,298,298,298, -298,298,298,298,298,298,298,115,115,115,298,298,298,298,298,298, -298,298,298,298,298,298,298,298,298,298,298,298,298,298,298,298, -298,298,115,298,298,298,298,298,298,298,298,298,115,298,115,115, -298,298,298,298,298,298,298,115,115,115,299,115,115,115,115,300, -297,297,299,299,299,115,299,115,297,297,297,297,297,297,297,300, -115,115,115,115,115,115,301,301,301,301,301,301,301,301,301,301, -115,115,297,297,302,115,115,115,115,115,115,115,115,115,115,115, +116,116,301,301,116,302,302,302,302,302,302,302,302,302,302,302, +302,302,302,302,302,302,302,116,116,116,302,302,302,302,302,302, +302,302,302,302,302,302,302,302,302,302,302,302,302,302,302,302, +302,302,116,302,302,302,302,302,302,302,302,302,116,302,116,116, +302,302,302,302,302,302,302,116,116,116,303,116,116,116,116,304, +301,301,303,303,303,116,303,116,301,301,301,301,301,301,301,304, +116,116,116,116,116,116,305,305,305,305,305,305,305,305,305,305, +116,116,301,301,306,116,116,116,116,116,116,116,116,116,116,116, /* block 28 */ -115,303,303,303,303,303,303,303,303,303,303,303,303,303,303,303, -303,303,303,303,303,303,303,303,303,303,303,303,303,303,303,303, -303,303,303,303,303,303,303,303,303,303,303,303,303,303,303,303, -303,304,303,305,304,304,304,304,304,304,304,115,115,115,115, 5, -303,303,303,303,303,303,306,304,304,304,304,304,304,304,304,307, -308,308,308,308,308,308,308,308,308,308,307,307,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +116,307,307,307,307,307,307,307,307,307,307,307,307,307,307,307, +307,307,307,307,307,307,307,307,307,307,307,307,307,307,307,307, +307,307,307,307,307,307,307,307,307,307,307,307,307,307,307,307, +307,308,307,309,308,308,308,308,308,308,308,116,116,116,116, 5, +307,307,307,307,307,307,310,308,308,308,308,308,308,308,308,311, +312,312,312,312,312,312,312,312,312,312,311,311,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 29 */ -115,309,309,115,309,115,115,309,309,115,309,115,115,309,115,115, -115,115,115,115,309,309,309,309,115,309,309,309,309,309,309,309, -115,309,309,309,115,309,115,309,115,115,309,309,115,309,309,309, -309,310,309,311,310,310,310,310,310,310,115,310,310,309,115,115, -309,309,309,309,309,115,312,115,310,310,310,310,310,310,115,115, -313,313,313,313,313,313,313,313,313,313,115,115,309,309,309,309, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +116,313,313,116,313,116,116,313,313,116,313,116,116,313,116,116, +116,116,116,116,313,313,313,313,116,313,313,313,313,313,313,313, +116,313,313,313,116,313,116,313,116,116,313,313,116,313,313,313, +313,314,313,315,314,314,314,314,314,314,116,314,314,313,116,116, +313,313,313,313,313,116,316,116,314,314,314,314,314,314,116,116, +317,317,317,317,317,317,317,317,317,317,116,116,313,313,313,313, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 30 */ -314,315,315,315,316,316,316,316,316,316,316,316,316,316,316,316, -316,316,316,315,316,315,315,315,317,317,315,315,315,315,315,315, -318,318,318,318,318,318,318,318,318,318,319,319,319,319,319,319, -319,319,319,319,315,317,315,317,315,317,320,321,320,321,322,322, -314,314,314,314,314,314,314,314,115,314,314,314,314,314,314,314, -314,314,314,314,314,314,314,314,314,314,314,314,314,314,314,314, -314,314,314,314,314,314,314,314,314,314,314,314,314,115,115,115, -115,317,317,317,317,317,317,317,317,317,317,317,317,317,317,322, +318,319,319,319,320,320,320,320,320,320,320,320,320,320,320,320, +320,320,320,319,320,319,319,319,321,321,319,319,319,319,319,319, +322,322,322,322,322,322,322,322,322,322,323,323,323,323,323,323, +323,323,323,323,319,321,319,321,319,321,324,325,324,325,326,326, +318,318,318,318,318,318,318,318,116,318,318,318,318,318,318,318, +318,318,318,318,318,318,318,318,318,318,318,318,318,318,318,318, +318,318,318,318,318,318,318,318,318,318,318,318,318,116,116,116, +116,321,321,321,321,321,321,321,321,321,321,321,321,321,321,326, /* block 31 */ -317,317,317,317,317,316,317,317,314,314,314,314,314,317,317,317, -317,317,317,317,317,317,317,317,115,317,317,317,317,317,317,317, -317,317,317,317,317,317,317,317,317,317,317,317,317,317,317,317, -317,317,317,317,317,317,317,317,317,317,317,317,317,115,315,315, -315,315,315,315,315,315,317,315,315,315,315,315,315,115,315,315, -316,316,316,316,316, 19, 19, 19, 19,316,316,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +321,321,321,321,321,320,321,321,318,318,318,318,318,321,321,321, +321,321,321,321,321,321,321,321,116,321,321,321,321,321,321,321, +321,321,321,321,321,321,321,321,321,321,321,321,321,321,321,321, +321,321,321,321,321,321,321,321,321,321,321,321,321,116,319,319, +319,319,319,319,319,319,321,319,319,319,319,319,319,116,319,319, +320,320,320,320,320, 19, 19, 19, 19,320,320,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 32 */ -323,323,323,323,323,323,323,323,323,323,323,323,323,323,323,323, -323,323,323,323,323,323,323,323,323,323,323,323,323,323,323,323, -323,323,323,323,323,323,323,323,323,323,323,324,324,325,325,325, -325,326,325,325,325,325,325,325,324,325,325,326,326,325,325,323, -327,327,327,327,327,327,327,327,327,327,328,328,328,328,328,328, -323,323,323,323,323,323,326,326,325,325,323,323,323,323,325,325, -325,323,324,324,324,323,323,324,324,324,324,324,324,324,323,323, -323,325,325,325,325,323,323,323,323,323,323,323,323,323,323,323, +327,327,327,327,327,327,327,327,327,327,327,327,327,327,327,327, +327,327,327,327,327,327,327,327,327,327,327,327,327,327,327,327, +327,327,327,327,327,327,327,327,327,327,327,328,328,329,329,329, +329,330,329,329,329,329,329,329,328,329,329,330,330,329,329,327, +331,331,331,331,331,331,331,331,331,331,332,332,332,332,332,332, +327,327,327,327,327,327,330,330,329,329,327,327,327,327,329,329, +329,327,328,328,328,327,327,328,328,328,328,328,328,328,327,327, +327,329,329,329,329,327,327,327,327,327,327,327,327,327,327,327, /* block 33 */ -323,323,325,324,326,325,325,324,324,324,324,324,324,325,323,324, -327,327,327,327,327,327,327,327,327,327,324,324,324,325,329,329, -330,330,330,330,330,330,330,330,330,330,330,330,330,330,330,330, -330,330,330,330,330,330,330,330,330,330,330,330,330,330,330,330, -330,330,330,330,330,330,115,330,115,115,115,115,115,330,115,115, -331,331,331,331,331,331,331,331,331,331,331,331,331,331,331,331, -331,331,331,331,331,331,331,331,331,331,331,331,331,331,331,331, -331,331,331,331,331,331,331,331,331,331,331, 4,332,331,331,331, - -/* block 34 */ -333,333,333,333,333,333,333,333,333,333,333,333,333,333,333,333, -333,333,333,333,333,333,333,333,333,333,333,333,333,333,333,333, -333,333,333,333,333,333,333,333,333,333,333,333,333,333,333,333, -333,333,333,333,333,333,333,333,333,333,333,333,333,333,333,333, -333,333,333,333,333,333,333,333,333,333,333,333,333,333,333,333, -333,333,333,333,333,333,333,333,333,333,333,333,333,333,333,333, -334,334,334,334,334,334,334,334,334,334,334,334,334,334,334,334, +327,327,329,328,330,329,329,328,328,328,328,328,328,329,327,328, +331,331,331,331,331,331,331,331,331,331,328,328,328,329,333,333, 334,334,334,334,334,334,334,334,334,334,334,334,334,334,334,334, - -/* block 35 */ 334,334,334,334,334,334,334,334,334,334,334,334,334,334,334,334, -334,334,334,334,334,334,334,334,334,334,334,334,334,334,334,334, -334,334,334,334,334,334,334,334,335,335,335,335,335,335,335,335, -335,335,335,335,335,335,335,335,335,335,335,335,335,335,335,335, -335,335,335,335,335,335,335,335,335,335,335,335,335,335,335,335, -335,335,335,335,335,335,335,335,335,335,335,335,335,335,335,335, +334,334,334,334,334,334,116,334,116,116,116,116,116,334,116,116, 335,335,335,335,335,335,335,335,335,335,335,335,335,335,335,335, 335,335,335,335,335,335,335,335,335,335,335,335,335,335,335,335, +335,335,335,335,335,335,335,335,335,335,335, 4,336,335,335,335, + +/* block 34 */ +337,337,337,337,337,337,337,337,337,337,337,337,337,337,337,337, +337,337,337,337,337,337,337,337,337,337,337,337,337,337,337,337, +337,337,337,337,337,337,337,337,337,337,337,337,337,337,337,337, +337,337,337,337,337,337,337,337,337,337,337,337,337,337,337,337, +337,337,337,337,337,337,337,337,337,337,337,337,337,337,337,337, +337,337,337,337,337,337,337,337,337,337,337,337,337,337,337,337, +338,338,338,338,338,338,338,338,338,338,338,338,338,338,338,338, +338,338,338,338,338,338,338,338,338,338,338,338,338,338,338,338, + +/* block 35 */ +338,338,338,338,338,338,338,338,338,338,338,338,338,338,338,338, +338,338,338,338,338,338,338,338,338,338,338,338,338,338,338,338, +338,338,338,338,338,338,338,338,339,339,339,339,339,339,339,339, +339,339,339,339,339,339,339,339,339,339,339,339,339,339,339,339, +339,339,339,339,339,339,339,339,339,339,339,339,339,339,339,339, +339,339,339,339,339,339,339,339,339,339,339,339,339,339,339,339, +339,339,339,339,339,339,339,339,339,339,339,339,339,339,339,339, +339,339,339,339,339,339,339,339,339,339,339,339,339,339,339,339, /* block 36 */ -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,336,336,115,336,336,336,336,115,115, -336,336,336,336,336,336,336,115,336,115,336,336,336,336,115,115, -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,340,340,116,340,340,340,340,116,116, +340,340,340,340,340,340,340,116,340,116,340,340,340,340,116,116, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, /* block 37 */ -336,336,336,336,336,336,336,336,336,115,336,336,336,336,115,115, -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -336,115,336,336,336,336,115,115,336,336,336,336,336,336,336,115, -336,115,336,336,336,336,115,115,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,115,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, +340,340,340,340,340,340,340,340,340,116,340,340,340,340,116,116, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +340,116,340,340,340,340,116,116,340,340,340,340,340,340,340,116, +340,116,340,340,340,340,116,116,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,116,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, /* block 38 */ -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -336,115,336,336,336,336,115,115,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,336,336,336,336,115,115,337,337,337, -338,338,338,338,338,338,338,338,338,339,339,339,339,339,339,339, -339,339,339,339,339,339,339,339,339,339,339,339,339,115,115,115, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +340,116,340,340,340,340,116,116,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,340,340,340,340,116,116,341,341,341, +342,342,342,342,342,342,342,342,342,343,343,343,343,343,343,343, +343,343,343,343,343,343,343,343,343,343,343,343,343,116,116,116, /* block 39 */ -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -340,340,340,340,340,340,340,340,340,340,115,115,115,115,115,115, -341,341,341,341,341,341,341,341,341,341,341,341,341,341,341,341, -341,341,341,341,341,341,341,341,341,341,341,341,341,341,341,341, -341,341,341,341,341,341,341,341,341,341,341,341,341,341,341,341, -341,341,341,341,341,341,341,341,341,341,341,341,341,341,341,341, -341,341,341,341,341,341,341,341,341,341,341,341,341,341,341,341, -342,342,342,342,342,342,115,115,343,343,343,343,343,343,115,115, - -/* block 40 */ -344,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +344,344,344,344,344,344,344,344,344,344,116,116,116,116,116,116, 345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, 345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, 345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, 345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, 345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, +346,346,346,346,346,346,116,116,347,347,347,347,347,347,116,116, + +/* block 40 */ +348,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, /* block 41 */ -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, /* block 42 */ -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,346,346,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,350,350,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, /* block 43 */ -347,348,348,348,348,348,348,348,348,348,348,348,348,348,348,348, -348,348,348,348,348,348,348,348,348,348,348,349,350,115,115,115, -351,351,351,351,351,351,351,351,351,351,351,351,351,351,351,351, -351,351,351,351,351,351,351,351,351,351,351,351,351,351,351,351, -351,351,351,351,351,351,351,351,351,351,351,351,351,351,351,351, -351,351,351,351,351,351,351,351,351,351,351,351,351,351,351,351, -351,351,351,351,351,351,351,351,351,351,351, 4, 4, 4,352,352, -352,351,351,351,351,351,351,351,351,115,115,115,115,115,115,115, +351,352,352,352,352,352,352,352,352,352,352,352,352,352,352,352, +352,352,352,352,352,352,352,352,352,352,352,353,354,116,116,116, +355,355,355,355,355,355,355,355,355,355,355,355,355,355,355,355, +355,355,355,355,355,355,355,355,355,355,355,355,355,355,355,355, +355,355,355,355,355,355,355,355,355,355,355,355,355,355,355,355, +355,355,355,355,355,355,355,355,355,355,355,355,355,355,355,355, +355,355,355,355,355,355,355,355,355,355,355, 4, 4, 4,356,356, +356,355,355,355,355,355,355,355,355,116,116,116,116,116,116,116, /* block 44 */ -353,353,353,353,353,353,353,353,353,353,353,353,353,115,353,353, -353,353,354,354,354,115,115,115,115,115,115,115,115,115,115,115, -355,355,355,355,355,355,355,355,355,355,355,355,355,355,355,355, -355,355,356,356,356, 4, 4,115,115,115,115,115,115,115,115,115, -357,357,357,357,357,357,357,357,357,357,357,357,357,357,357,357, -357,357,358,358,115,115,115,115,115,115,115,115,115,115,115,115, -359,359,359,359,359,359,359,359,359,359,359,359,359,115,359,359, -359,115,360,360,115,115,115,115,115,115,115,115,115,115,115,115, +357,357,357,357,357,357,357,357,357,357,357,357,357,116,357,357, +357,357,358,358,358,116,116,116,116,116,116,116,116,116,116,116, +359,359,359,359,359,359,359,359,359,359,359,359,359,359,359,359, +359,359,360,360,360, 4, 4,116,116,116,116,116,116,116,116,116, +361,361,361,361,361,361,361,361,361,361,361,361,361,361,361,361, +361,361,362,362,116,116,116,116,116,116,116,116,116,116,116,116, +363,363,363,363,363,363,363,363,363,363,363,363,363,116,363,363, +363,116,364,364,116,116,116,116,116,116,116,116,116,116,116,116, /* block 45 */ -361,361,361,361,361,361,361,361,361,361,361,361,361,361,361,361, -361,361,361,361,361,361,361,361,361,361,361,361,361,361,361,361, -361,361,361,361,361,361,361,361,361,361,361,361,361,361,361,361, -361,361,361,361,362,362,363,362,362,362,362,362,362,362,363,363, -363,363,363,363,363,363,362,363,363,362,362,362,362,362,362,362, -362,362,362,362,364,364,364,365,364,364,364,366,361,362,115,115, -367,367,367,367,367,367,367,367,367,367,115,115,115,115,115,115, -368,368,368,368,368,368,368,368,368,368,115,115,115,115,115,115, +365,365,365,365,365,365,365,365,365,365,365,365,365,365,365,365, +365,365,365,365,365,365,365,365,365,365,365,365,365,365,365,365, +365,365,365,365,365,365,365,365,365,365,365,365,365,365,365,365, +365,365,365,365,366,366,367,366,366,366,366,366,366,366,367,367, +367,367,367,367,367,367,366,367,367,366,366,366,366,366,366,366, +366,366,366,366,368,368,368,369,368,368,368,370,365,366,116,116, +371,371,371,371,371,371,371,371,371,371,116,116,116,116,116,116, +372,372,372,372,372,372,372,372,372,372,116,116,116,116,116,116, /* block 46 */ -369,369, 4, 4,369, 4,370,369,369,369,369,371,371,371,372,115, -373,373,373,373,373,373,373,373,373,373,115,115,115,115,115,115, -374,374,374,374,374,374,374,374,374,374,374,374,374,374,374,374, -374,374,374,374,374,374,374,374,374,374,374,374,374,374,374,374, -374,374,374,375,374,374,374,374,374,374,374,374,374,374,374,374, -374,374,374,374,374,374,374,374,374,374,374,374,374,374,374,374, -374,374,374,374,374,374,374,374,374,374,374,374,374,374,374,374, -374,374,374,374,374,374,374,374,115,115,115,115,115,115,115,115, +373,373, 4, 4,373, 4,374,373,373,373,373,375,375,375,376,116, +377,377,377,377,377,377,377,377,377,377,116,116,116,116,116,116, +378,378,378,378,378,378,378,378,378,378,378,378,378,378,378,378, +378,378,378,378,378,378,378,378,378,378,378,378,378,378,378,378, +378,378,378,379,378,378,378,378,378,378,378,378,378,378,378,378, +378,378,378,378,378,378,378,378,378,378,378,378,378,378,378,378, +378,378,378,378,378,378,378,378,378,378,378,378,378,378,378,378, +378,378,378,378,378,378,378,378,378,116,116,116,116,116,116,116, /* block 47 */ -374,374,374,374,374,371,371,374,374,374,374,374,374,374,374,374, -374,374,374,374,374,374,374,374,374,374,374,374,374,374,374,374, -374,374,374,374,374,374,374,374,374,371,374,115,115,115,115,115, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,345,345,345,345,345,345,345,345,345,345, -345,345,345,345,345,345,115,115,115,115,115,115,115,115,115,115, +378,378,378,378,378,375,375,378,378,378,378,378,378,378,378,378, +378,378,378,378,378,378,378,378,378,378,378,378,378,378,378,378, +378,378,378,378,378,378,378,378,378,375,378,116,116,116,116,116, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,349,349,349,349,349,349,349,349,349,349, +349,349,349,349,349,349,116,116,116,116,116,116,116,116,116,116, /* block 48 */ -376,376,376,376,376,376,376,376,376,376,376,376,376,376,376,376, -376,376,376,376,376,376,376,376,376,376,376,376,376,376,376,115, -377,377,377,378,378,378,378,377,377,378,378,378,115,115,115,115, -378,378,377,378,378,378,378,378,378,377,377,377,115,115,115,115, -379,115,115,115,380,380,381,381,381,381,381,381,381,381,381,381, -382,382,382,382,382,382,382,382,382,382,382,382,382,382,382,382, -382,382,382,382,382,382,382,382,382,382,382,382,382,382,115,115, -382,382,382,382,382,115,115,115,115,115,115,115,115,115,115,115, +380,380,380,380,380,380,380,380,380,380,380,380,380,380,380,380, +380,380,380,380,380,380,380,380,380,380,380,380,380,380,380,116, +381,381,381,382,382,382,382,381,381,382,382,382,116,116,116,116, +382,382,381,382,382,382,382,382,382,381,381,381,116,116,116,116, +383,116,116,116,384,384,385,385,385,385,385,385,385,385,385,385, +386,386,386,386,386,386,386,386,386,386,386,386,386,386,386,386, +386,386,386,386,386,386,386,386,386,386,386,386,386,386,116,116, +386,386,386,386,386,116,116,116,116,116,116,116,116,116,116,116, /* block 49 */ -383,383,383,383,383,383,383,383,383,383,383,383,383,383,383,383, -383,383,383,383,383,383,383,383,383,383,383,383,383,383,383,383, -383,383,383,383,383,383,383,383,383,383,383,383,115,115,115,115, -383,383,383,383,383,383,383,383,383,383,383,383,383,383,383,383, -383,383,383,383,383,383,383,383,383,383,115,115,115,115,115,115, -384,384,384,384,384,384,384,384,384,384,385,115,115,115,386,386, 387,387,387,387,387,387,387,387,387,387,387,387,387,387,387,387, 387,387,387,387,387,387,387,387,387,387,387,387,387,387,387,387, +387,387,387,387,387,387,387,387,387,387,387,387,116,116,116,116, +387,387,387,387,387,387,387,387,387,387,387,387,387,387,387,387, +387,387,387,387,387,387,387,387,387,387,116,116,116,116,116,116, +388,388,388,388,388,388,388,388,388,388,389,116,116,116,390,390, +391,391,391,391,391,391,391,391,391,391,391,391,391,391,391,391, +391,391,391,391,391,391,391,391,391,391,391,391,391,391,391,391, /* block 50 */ -388,388,388,388,388,388,388,388,388,388,388,388,388,388,388,388, -388,388,388,388,388,388,388,389,389,390,390,389,115,115,391,391, 392,392,392,392,392,392,392,392,392,392,392,392,392,392,392,392, -392,392,392,392,392,392,392,392,392,392,392,392,392,392,392,392, -392,392,392,392,392,392,392,392,392,392,392,392,392,392,392,392, -392,392,392,392,392,393,394,393,394,394,394,394,394,394,394,115, -394,395,394,395,395,394,394,394,394,394,394,394,394,393,393,393, -393,393,393,394,394,394,394,394,394,394,394,394,394,115,115,394, +392,392,392,392,392,392,392,393,393,394,394,393,116,116,395,395, +396,396,396,396,396,396,396,396,396,396,396,396,396,396,396,396, +396,396,396,396,396,396,396,396,396,396,396,396,396,396,396,396, +396,396,396,396,396,396,396,396,396,396,396,396,396,396,396,396, +396,396,396,396,396,397,398,397,398,398,398,398,398,398,398,116, +398,399,398,399,399,398,398,398,398,398,398,398,398,397,397,397, +397,397,397,398,398,398,398,398,398,398,398,398,398,116,116,398, /* block 51 */ -396,396,396,396,396,396,396,396,396,396,115,115,115,115,115,115, -396,396,396,396,396,396,396,396,396,396,115,115,115,115,115,115, -397,397,397,397,397,397,397,398,397,397,397,397,397,397,115,115, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,399,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +400,400,400,400,400,400,400,400,400,400,116,116,116,116,116,116, +400,400,400,400,400,400,400,400,400,400,116,116,116,116,116,116, +401,401,401,401,401,401,401,402,401,401,401,401,401,401,116,116, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,403,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 52 */ -400,400,400,400,401,402,402,402,402,402,402,402,402,402,402,402, -402,402,402,402,402,402,402,402,402,402,402,402,402,402,402,402, -402,402,402,402,402,402,402,402,402,402,402,402,402,402,402,402, -402,402,402,402,400,401,400,400,400,400,400,401,400,401,401,401, -401,401,400,401,401,402,402,402,402,402,402,402,115,115,115,115, -403,403,403,403,403,403,403,403,403,403,404,404,404,404,404,404, -404,405,405,405,405,405,405,405,405,405,405,400,400,400,400,400, -400,400,400,400,405,405,405,405,405,405,405,405,405,115,115,115, +404,404,404,404,405,406,406,406,406,406,406,406,406,406,406,406, +406,406,406,406,406,406,406,406,406,406,406,406,406,406,406,406, +406,406,406,406,406,406,406,406,406,406,406,406,406,406,406,406, +406,406,406,406,404,405,404,404,404,404,404,405,404,405,405,405, +405,405,404,405,405,406,406,406,406,406,406,406,116,116,116,116, +407,407,407,407,407,407,407,407,407,407,408,408,408,408,408,408, +408,409,409,409,409,409,409,409,409,409,409,404,404,404,404,404, +404,404,404,404,409,409,409,409,409,409,409,409,409,116,116,116, /* block 53 */ -406,406,407,408,408,408,408,408,408,408,408,408,408,408,408,408, -408,408,408,408,408,408,408,408,408,408,408,408,408,408,408,408, -408,407,406,406,406,406,407,407,406,406,407,406,406,406,408,408, -409,409,409,409,409,409,409,409,409,409,408,408,408,408,408,408, -410,410,410,410,410,410,410,410,410,410,410,410,410,410,410,410, -410,410,410,410,410,410,410,410,410,410,410,410,410,410,410,410, -410,410,410,410,410,410,411,412,411,411,412,412,412,411,412,411, -411,411,412,412,115,115,115,115,115,115,115,115,413,413,413,413, - -/* block 54 */ +410,410,411,412,412,412,412,412,412,412,412,412,412,412,412,412, +412,412,412,412,412,412,412,412,412,412,412,412,412,412,412,412, +412,411,410,410,410,410,411,411,410,410,411,410,410,410,412,412, +413,413,413,413,413,413,413,413,413,413,412,412,412,412,412,412, 414,414,414,414,414,414,414,414,414,414,414,414,414,414,414,414, 414,414,414,414,414,414,414,414,414,414,414,414,414,414,414,414, -414,414,414,414,415,415,415,415,415,415,415,415,416,416,416,416, -416,416,416,416,415,415,416,416,115,115,115,417,417,417,417,417, -418,418,418,418,418,418,418,418,418,418,115,115,115,414,414,414, -419,419,419,419,419,419,419,419,419,419,420,420,420,420,420,420, -420,420,420,420,420,420,420,420,420,420,420,420,420,420,420,420, -420,420,420,420,420,420,420,420,421,421,421,421,421,421,422,422, +414,414,414,414,414,414,415,416,415,415,416,416,416,415,416,415, +415,415,416,416,116,116,116,116,116,116,116,116,417,417,417,417, + +/* block 54 */ +418,418,418,418,418,418,418,418,418,418,418,418,418,418,418,418, +418,418,418,418,418,418,418,418,418,418,418,418,418,418,418,418, +418,418,418,418,419,419,419,419,419,419,419,419,420,420,420,420, +420,420,420,420,419,419,420,420,116,116,116,421,421,421,421,421, +422,422,422,422,422,422,422,422,422,422,116,116,116,418,418,418, +423,423,423,423,423,423,423,423,423,423,424,424,424,424,424,424, +424,424,424,424,424,424,424,424,424,424,424,424,424,424,424,424, +424,424,424,424,424,424,424,424,425,425,425,425,425,425,426,426, /* block 55 */ -423,424,425,426,427,428,429,430,431,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -432,432,432,432,432,432,432,432,115,115,115,115,115,115,115,115, -110,110,110, 4,110,110,110,110,110,110,110,110,110,110,110,110, -110,433,110,110,110,110,110,110,110,434,434,434,434,110,434,434, -434,434,433,433,110,434,434,433,110,110,115,115,115,115,115,115, +427,428,429,430,431,432,433,434,435,116,116,116,116,116,116,116, +436,436,436,436,436,436,436,436,436,436,436,436,436,436,436,436, +436,436,436,436,436,436,436,436,436,436,436,436,436,436,436,436, +436,436,436,436,436,436,436,436,436,436,436,116,116,436,436,436, +437,437,437,437,437,437,437,437,116,116,116,116,116,116,116,116, +111,111,111, 4,111,111,111,111,111,111,111,111,111,111,111,111, +111,438,111,111,111,111,111,111,111,439,439,439,439,111,439,439, +439,439,438,438,111,439,439,438,111,111,116,116,116,116,116,116, /* block 56 */ - 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, - 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, - 33, 33, 33, 33, 33, 33,123,123,123,123,123,435,107,107,107,107, -107,107,107,107,107,107,107,107,107,107,107,107,107,107,107,107, -107,107,107,107,107,107,107,107,107,107,107,107,107,107,107,107, -107,107,107,107,107,107,107,107,107,107,107,107,107,116,116,116, -116,116,107,107,107,107,116,116,116,116,116, 33, 33, 33, 33, 33, - 33, 33, 33, 33, 33, 33, 33, 33,436,437, 33, 33, 33,438, 33, 33, + 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, + 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, + 34, 34, 34, 34, 34, 34,124,124,124,124,124,440,108,108,108,108, +108,108,108,108,108,108,108,108,108,108,108,108,108,108,108,108, +108,108,108,108,108,108,108,108,108,108,108,108,108,108,108,108, +108,108,108,108,108,108,108,108,108,108,108,108,108,117,117,117, +117,117,108,108,108,108,117,117,117,117,117, 34, 34, 34, 34, 34, + 34, 34, 34, 34, 34, 34, 34, 34,441,442, 34, 34, 34,443, 34, 34, /* block 57 */ - 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, - 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33,107,107,107,107,107, -107,107,107,107,107,107,107,107,107,107,107,107,107,107,107,107, -107,107,107,107,107,107,107,107,107,107,107,107,107,107,107,116, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,115,110,110,110,110,110, + 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, + 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34,108,108,108,108,108, +108,108,108,108,108,108,108,108,108,108,108,108,108,108,108,108, +108,108,108,108,108,108,108,108,108,108,108,108,108,108,108,117, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,116,111,111,111,111,111, /* block 58 */ - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, -439,440, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, +444,445, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, /* block 59 */ - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 33, 33, 33, 33, 33,441, 33, 33,442, 33, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 34, 34, 34, 34, 34,446, 34, 34,447, 34, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, /* block 60 */ -443,443,443,443,443,443,443,443,444,444,444,444,444,444,444,444, -443,443,443,443,443,443,115,115,444,444,444,444,444,444,115,115, -443,443,443,443,443,443,443,443,444,444,444,444,444,444,444,444, -443,443,443,443,443,443,443,443,444,444,444,444,444,444,444,444, -443,443,443,443,443,443,115,115,444,444,444,444,444,444,115,115, -123,443,123,443,123,443,123,443,115,444,115,444,115,444,115,444, -443,443,443,443,443,443,443,443,444,444,444,444,444,444,444,444, -445,445,446,446,446,446,447,447,448,448,449,449,450,450,115,115, +448,448,448,448,448,448,448,448,449,449,449,449,449,449,449,449, +448,448,448,448,448,448,116,116,449,449,449,449,449,449,116,116, +448,448,448,448,448,448,448,448,449,449,449,449,449,449,449,449, +448,448,448,448,448,448,448,448,449,449,449,449,449,449,449,449, +448,448,448,448,448,448,116,116,449,449,449,449,449,449,116,116, +124,448,124,448,124,448,124,448,116,449,116,449,116,449,116,449, +448,448,448,448,448,448,448,448,449,449,449,449,449,449,449,449, +450,450,451,451,451,451,452,452,453,453,454,454,455,455,116,116, /* block 61 */ -443,443,443,443,443,443,443,443,451,451,451,451,451,451,451,451, -443,443,443,443,443,443,443,443,451,451,451,451,451,451,451,451, -443,443,443,443,443,443,443,443,451,451,451,451,451,451,451,451, -443,443,123,452,123,115,123,123,444,444,453,453,454,114,455,114, -114,114,123,452,123,115,123,123,456,456,456,456,454,114,114,114, -443,443,123,123,115,115,123,123,444,444,457,457,115,114,114,114, -443,443,123,123,123,164,123,123,444,444,458,458,169,114,114,114, -115,115,123,452,123,115,123,123,459,459,460,460,454,114,114,115, +448,448,448,448,448,448,448,448,456,456,456,456,456,456,456,456, +448,448,448,448,448,448,448,448,456,456,456,456,456,456,456,456, +448,448,448,448,448,448,448,448,456,456,456,456,456,456,456,456, +448,448,124,457,124,116,124,124,449,449,458,458,459,115,460,115, +115,115,124,457,124,116,124,124,461,461,461,461,459,115,115,115, +448,448,124,124,116,116,124,124,449,449,462,462,116,115,115,115, +448,448,124,124,124,165,124,124,449,449,463,463,170,115,115,115, +116,116,124,457,124,116,124,124,464,464,465,465,459,115,115,116, /* block 62 */ - 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 22,461,462, 22, 22, - 9, 9, 9, 9, 9, 9, 4, 4, 21, 25, 6, 21, 21, 25, 6, 21, - 4, 4, 4, 4, 4, 4, 4, 4,463,464, 22, 22, 22, 22, 22, 3, - 4, 4, 4, 4, 4, 4, 4, 4, 4, 21, 25, 4, 4, 4, 4, 15, - 15, 4, 4, 4, 8, 6, 7, 4, 4, 4, 4, 4, 4, 4, 4, 4, + 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 23,466,467, 23, 23, + 9, 9, 9, 9, 9, 9, 4, 4, 22, 26, 6, 22, 22, 26, 6, 22, + 4, 4, 4, 4, 4, 4, 4, 4,468,469, 23, 23, 23, 23, 23, 3, + 4, 4, 4, 4, 4, 4, 4, 4, 4, 22, 26, 4,470, 4, 4, 15, + 15, 4, 4, 4, 8, 6, 7, 4, 4,470, 4, 4, 4, 4, 4, 4, 4, 4, 8, 4, 15, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, - 22, 22, 22, 22, 22,465, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, - 23,107,115,115, 23, 23, 23, 23, 23, 23, 8, 8, 8, 6, 7,107, + 23, 23, 23, 23, 23,471, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, + 24,108,116,116, 24, 24, 24, 24, 24, 24, 8, 8, 8, 6, 7,108, /* block 63 */ - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 8, 8, 8, 6, 7,115, -107,107,107,107,107,107,107,107,107,107,107,107,107,115,115,115, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 8, 8, 8, 6, 7,116, +108,108,108,108,108,108,108,108,108,108,108,108,108,116,116,116, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -110,110,110,110,110,110,110,110,110,110,110,110,110,399,399,399, -399,110,399,399,399,110,110,110,110,110,110,110,110,110,110,110, -110,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +111,111,111,111,111,111,111,111,111,111,111,111,111,403,403,403, +403,111,403,403,403,111,111,111,111,111,111,111,111,111,111,111, +111,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 64 */ - 19, 19,466, 19, 19, 19, 19,466, 19, 19,467,466,466,466,467,467, -466,466,466,467, 19,466, 19, 19, 8,466,466,466,466,466, 19, 19, - 19, 19, 19, 19,466, 19,468, 19,466, 19,469,470,466,466, 19,467, -466,466,471,466,467,434,434,434,434,467, 19, 19,467,467,466,466, - 8, 8, 8, 8, 8,466,467,467,467,467, 19, 8, 19, 19,472, 19, - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, -473,473,473,473,473,473,473,473,473,473,473,473,473,473,473,473, -474,474,474,474,474,474,474,474,474,474,474,474,474,474,474,474, + 19, 19,472, 19, 19, 19, 19,472, 19, 19,473,472,472,472,473,473, +472,472,472,473, 19,472, 19, 19, 8,472,472,472,472,472, 19, 19, + 19, 19, 20, 19,472, 19,474, 19,472, 19,475,476,472,472, 19,473, +472,472,477,472,473,439,439,439,439,478, 19, 19,473,473,472,472, + 8, 8, 8, 8, 8,472,473,473,473,473, 19, 8, 19, 19,479, 19, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, +480,480,480,480,480,480,480,480,480,480,480,480,480,480,480,480, +481,481,481,481,481,481,481,481,481,481,481,481,481,481,481,481, /* block 65 */ -475,475,475, 30, 31,475,475,475,475, 23, 19, 19,115,115,115,115, - 8, 8, 8, 8, 8, 19, 19, 19, 19, 19, 8, 8, 19, 19, 19, 19, - 8, 19, 19, 8, 19, 19, 8, 19, 19, 19, 19, 19, 19, 19, 8, 19, +482,482,482, 31, 32,482,482,482,482, 24, 19, 19,116,116,116,116, + 8, 8, 8, 8,483, 20, 20, 20, 20, 20, 8, 8, 19, 19, 19, 19, + 8, 19, 19, 8, 19, 19, 8, 19, 19, 20, 20, 19, 19, 19, 8, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 8, 8, 19, 19, 8, 19, 8, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, @@ -2148,8 +2181,8 @@ const uint16_t PRIV(ucd_stage2)[] = { /* 65536 bytes, block = 128 */ /* block 67 */ 19, 19, 19, 19, 19, 19, 19, 19, 6, 7, 6, 7, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 8, 8, 19, 19, 19, 19, 19, 19, 19, 6, 7, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 20, 20, 19, 19, 19, 19, + 8, 8, 19, 19, 19, 19, 19, 19, 20, 6, 7, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, @@ -2157,34 +2190,34 @@ const uint16_t PRIV(ucd_stage2)[] = { /* 65536 bytes, block = 128 */ 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 8, 19, 19, 19, /* block 68 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 20, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 20, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 8, 8, 8, 8, - 8, 8, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 8, 8, 19, 19, 19, 19, 19, 19, 19, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 19, 19, 19, 19, 20, 20, 20, 19, 19, 19, 19, 19, /* block 69 */ 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, + 19, 19, 19, 19, 19, 19, 19,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, /* block 70 */ - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 19, 19, 19, 19, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19,476,476,476,476,476,476,476,476,476,476, -476,476,476,476,476,476,476,476,476,476,476,476,476,476,476,476, -477,477,477,477,477,477,477,477,477,477,477,477,477,477,477,477, -477,477,477,477,477,477,477,477,477,477, 23, 23, 23, 23, 23, 23, - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, + 19, 19, 19, 19, 19, 19,484,484,484,484,484,484,484,484,484,484, +484,484,485,484,484,484,484,484,484,484,484,484,484,484,484,484, +486,486,486,486,486,486,486,486,486,486,486,486,486,486,486,486, +486,486,486,486,486,486,486,486,486,486, 24, 24, 24, 24, 24, 24, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, /* block 71 */ 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, @@ -2199,64 +2232,74 @@ const uint16_t PRIV(ucd_stage2)[] = { /* 65536 bytes, block = 128 */ /* block 72 */ 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 20, 20, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 20, 8, 19, 19, 19, 19, 19, 19, 19, 19, + 20, 8, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 8, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 8, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 8, 8, 8, 8, 8, 8, 8, 8, + 19, 19, 19, 19, 19, 19, 19, 19, 8, 8, 8,483,483,483,483, 8, /* block 73 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,478, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, -479, 19,479, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 8, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 20, 20, 20, 20, 20, 20, 19, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 19, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,483, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, /* block 74 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19,479,479, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19,478, 19, 19, 19, 19, 19, 19, + 20, 20, 20, 20, 20, 20, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, /* block 75 */ - 19, 19, 19, 19, 19, 19, 19, 19,479, 19,478,478,478,478, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19,479, 19, 19, 19, 6, 7, 6, 7, 6, 7, 6, 7, - 6, 7, 6, 7, 6, 7, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, + 20, 20, 20, 20, 20, 20, 19, 19, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 19, 20, 19, 20, 19, 19, 19, 19, 19, 19, 20, 19, 19, + 19, 20, 19, 19, 19, 19, 19, 19, 20, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 20, 20, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 20, 19, 19, 20, 19, 19, 19, 19, 20, 19, 20, 19, + 19, 19, 19, 20, 20, 20, 19, 20, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 20, 20, 20, 20, 20, 6, 7, 6, 7, 6, 7, 6, 7, + 6, 7, 6, 7, 6, 7, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, /* block 76 */ - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, - 23, 23, 23, 23, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, + 24, 24, 24, 24, 19, 20, 20, 20, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 20, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 20, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 20, 8, 8, 8, 8, 8, 6, 7, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 6, 7, 6, 7, 6, 7, 6, 7, 6, 7, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, /* block 77 */ -480,480,480,480,480,480,480,480,480,480,480,480,480,480,480,480, -480,480,480,480,480,480,480,480,480,480,480,480,480,480,480,480, -480,480,480,480,480,480,480,480,480,480,480,480,480,480,480,480, -480,480,480,480,480,480,480,480,480,480,480,480,480,480,480,480, -480,480,480,480,480,480,480,480,480,480,480,480,480,480,480,480, -480,480,480,480,480,480,480,480,480,480,480,480,480,480,480,480, -480,480,480,480,480,480,480,480,480,480,480,480,480,480,480,480, -480,480,480,480,480,480,480,480,480,480,480,480,480,480,480,480, +487,487,487,487,487,487,487,487,487,487,487,487,487,487,487,487, +487,487,487,487,487,487,487,487,487,487,487,487,487,487,487,487, +487,487,487,487,487,487,487,487,487,487,487,487,487,487,487,487, +487,487,487,487,487,487,487,487,487,487,487,487,487,487,487,487, +487,487,487,487,487,487,487,487,487,487,487,487,487,487,487,487, +487,487,487,487,487,487,487,487,487,487,487,487,487,487,487,487, +487,487,487,487,487,487,487,487,487,487,487,487,487,487,487,487, +487,487,487,487,487,487,487,487,487,487,487,487,487,487,487,487, /* block 78 */ + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8,483,483, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + +/* block 79 */ 8, 8, 8, 6, 7, 6, 7, 6, 7, 6, 7, 6, 7, 6, 7, 6, 7, 6, 7, 6, 7, 6, 7, 6, 7, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, @@ -2266,1775 +2309,1875 @@ const uint16_t PRIV(ucd_stage2)[] = { /* 65536 bytes, block = 128 */ 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 6, 7, 8, 8, -/* block 79 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, +/* block 80 */ + 19, 19, 19, 19, 19, 20, 20, 20, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 20, 20, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 19, 19, 8, 8, 8, 8, 8, 8, 19, 19, 19, + 20, 19, 19, 19, 19, 20, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19,115,115, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19,116,116, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, -/* block 80 */ +/* block 81 */ 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19,115,115, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19,116,116, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19,115, 19, 19, 19, 19, 19, 19, - 19, 19, 19,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115, 19, 19, 19, 19, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, - -/* block 81 */ -481,481,481,481,481,481,481,481,481,481,481,481,481,481,481,481, -481,481,481,481,481,481,481,481,481,481,481,481,481,481,481,481, -481,481,481,481,481,481,481,481,481,481,481,481,481,481,481,115, -482,482,482,482,482,482,482,482,482,482,482,482,482,482,482,482, -482,482,482,482,482,482,482,482,482,482,482,482,482,482,482,482, -482,482,482,482,482,482,482,482,482,482,482,482,482,482,482,115, - 30, 31,483,484,485,486,487, 30, 31, 30, 31, 30, 31,488,489,490, -491, 33, 30, 31, 33, 30, 31, 33, 33, 33, 33, 33,107,107,492,492, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19,116, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,116, /* block 82 */ -160,161,160,161,160,161,160,161,160,161,160,161,160,161,160,161, -160,161,160,161,160,161,160,161,160,161,160,161,160,161,160,161, -160,161,160,161,160,161,160,161,160,161,160,161,160,161,160,161, -160,161,160,161,160,161,160,161,160,161,160,161,160,161,160,161, -160,161,160,161,160,161,160,161,160,161,160,161,160,161,160,161, -160,161,160,161,160,161,160,161,160,161,160,161,160,161,160,161, -160,161,160,161,493,494,494,494,494,494,494,160,161,160,161,495, -495,495,160,161,115,115,115,115,115,496,496,496,496,497,496,496, +488,488,488,488,488,488,488,488,488,488,488,488,488,488,488,488, +488,488,488,488,488,488,488,488,488,488,488,488,488,488,488,488, +488,488,488,488,488,488,488,488,488,488,488,488,488,488,488,116, +489,489,489,489,489,489,489,489,489,489,489,489,489,489,489,489, +489,489,489,489,489,489,489,489,489,489,489,489,489,489,489,489, +489,489,489,489,489,489,489,489,489,489,489,489,489,489,489,116, + 31, 32,490,491,492,493,494, 31, 32, 31, 32, 31, 32,495,496,497, +498, 34, 31, 32, 34, 31, 32, 34, 34, 34, 34, 34,108,108,499,499, /* block 83 */ -498,498,498,498,498,498,498,498,498,498,498,498,498,498,498,498, -498,498,498,498,498,498,498,498,498,498,498,498,498,498,498,498, -498,498,498,498,498,498,115,498,115,115,115,115,115,498,115,115, -499,499,499,499,499,499,499,499,499,499,499,499,499,499,499,499, -499,499,499,499,499,499,499,499,499,499,499,499,499,499,499,499, -499,499,499,499,499,499,499,499,499,499,499,499,499,499,499,499, -499,499,499,499,499,499,499,499,115,115,115,115,115,115,115,500, -501,115,115,115,115,115,115,115,115,115,115,115,115,115,115,502, +161,162,161,162,161,162,161,162,161,162,161,162,161,162,161,162, +161,162,161,162,161,162,161,162,161,162,161,162,161,162,161,162, +161,162,161,162,161,162,161,162,161,162,161,162,161,162,161,162, +161,162,161,162,161,162,161,162,161,162,161,162,161,162,161,162, +161,162,161,162,161,162,161,162,161,162,161,162,161,162,161,162, +161,162,161,162,161,162,161,162,161,162,161,162,161,162,161,162, +161,162,161,162,500,501,501,501,501,501,501,161,162,161,162,502, +502,502,161,162,116,116,116,116,116,503,503,503,503,504,503,503, /* block 84 */ -336,336,336,336,336,336,336,336,336,336,336,336,336,336,336,336, -336,336,336,336,336,336,336,115,115,115,115,115,115,115,115,115, -336,336,336,336,336,336,336,115,336,336,336,336,336,336,336,115, -336,336,336,336,336,336,336,115,336,336,336,336,336,336,336,115, -336,336,336,336,336,336,336,115,336,336,336,336,336,336,336,115, -336,336,336,336,336,336,336,115,336,336,336,336,336,336,336,115, -192,192,192,192,192,192,192,192,192,192,192,192,192,192,192,192, -192,192,192,192,192,192,192,192,192,192,192,192,192,192,192,192, +505,505,505,505,505,505,505,505,505,505,505,505,505,505,505,505, +505,505,505,505,505,505,505,505,505,505,505,505,505,505,505,505, +505,505,505,505,505,505,116,505,116,116,116,116,116,505,116,116, +506,506,506,506,506,506,506,506,506,506,506,506,506,506,506,506, +506,506,506,506,506,506,506,506,506,506,506,506,506,506,506,506, +506,506,506,506,506,506,506,506,506,506,506,506,506,506,506,506, +506,506,506,506,506,506,506,506,116,116,116,116,116,116,116,507, +508,116,116,116,116,116,116,116,116,116,116,116,116,116,116,509, /* block 85 */ - 4, 4, 21, 25, 21, 25, 4, 4, 4, 21, 25, 4, 21, 25, 4, 4, - 4, 4, 4, 4, 4, 4, 4, 9, 4, 4, 9, 4, 21, 25, 4, 4, - 21, 25, 6, 7, 6, 7, 6, 7, 6, 7, 4, 4, 4, 4, 4,108, - 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 9, 9, 4, 4, 4, 4, - 9, 4, 6, 4, 4, 4, 4, 4, 4, 4,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +340,340,340,340,340,340,340,340,340,340,340,340,340,340,340,340, +340,340,340,340,340,340,340,116,116,116,116,116,116,116,116,116, +340,340,340,340,340,340,340,116,340,340,340,340,340,340,340,116, +340,340,340,340,340,340,340,116,340,340,340,340,340,340,340,116, +340,340,340,340,340,340,340,116,340,340,340,340,340,340,340,116, +340,340,340,340,340,340,340,116,340,340,340,340,340,340,340,116, +193,193,193,193,193,193,193,193,193,193,193,193,193,193,193,193, +193,193,193,193,193,193,193,193,193,193,193,193,193,193,193,193, /* block 86 */ -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,115,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,115,115,115,115,115,115,115,115,115,115,115,115, + 4, 4, 22, 26, 22, 26, 4, 4, 4, 22, 26, 4, 22, 26, 4, 4, + 4, 4, 4, 4, 4, 4, 4, 9, 4, 4, 9, 4, 22, 26, 4, 4, + 22, 26, 6, 7, 6, 7, 6, 7, 6, 7, 4, 4, 4, 4, 4,109, + 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 9, 9, 4, 4, 4, 4, + 9, 4, 6, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 87 */ -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,116,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,116,116,116,116,116,116,116,116,116,116,116,116, /* block 88 */ -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,503,503,503,503,503,503,503,503,503,503, -503,503,503,503,503,503,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, /* block 89 */ - 3, 4, 4, 4, 19,504,434,505, 6, 7, 6, 7, 6, 7, 6, 7, - 6, 7, 19, 19, 6, 7, 6, 7, 6, 7, 6, 7, 9, 6, 7, 7, - 19,505,505,505,505,505,505,505,505,505,110,110,110,110,506,506, - 9,108,108,108,108,108, 19, 19,505,505,505,504,434, 4, 19, 19, -115,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,510,510,510,510,510,510,510,510,510,510, +510,510,510,510,510,510,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,116,116,116,116, /* block 90 */ -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,115,115,110,110, 14, 14,508,508,507, - 9,509,509,509,509,509,509,509,509,509,509,509,509,509,509,509, -509,509,509,509,509,509,509,509,509,509,509,509,509,509,509,509, -509,509,509,509,509,509,509,509,509,509,509,509,509,509,509,509, -509,509,509,509,509,509,509,509,509,509,509,509,509,509,509,509, -509,509,509,509,509,509,509,509,509,509,509,509,509,509,509,509, -509,509,509,509,509,509,509,509,509,509,509, 4,108,510,510,509, + 3, 4, 4, 4, 19,511,439,512, 6, 7, 6, 7, 6, 7, 6, 7, + 6, 7, 19, 19, 6, 7, 6, 7, 6, 7, 6, 7, 9, 6, 7, 7, + 19,512,512,512,512,512,512,512,512,512,111,111,111,111,513,513, +514,109,109,109,109,109, 19, 19,512,512,512,511,439,470, 19, 19, +116,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, /* block 91 */ -115,115,115,115,115,511,511,511,511,511,511,511,511,511,511,511, -511,511,511,511,511,511,511,511,511,511,511,511,511,511,511,511, -511,511,511,511,511,511,511,511,511,511,511,511,511,511,511,115, -115,512,512,512,512,512,512,512,512,512,512,512,512,512,512,512, -512,512,512,512,512,512,512,512,512,512,512,512,512,512,512,512, -512,512,512,512,512,512,512,512,512,512,512,512,512,512,512,512, -512,512,512,512,512,512,512,512,512,512,512,512,512,512,512,512, -512,512,512,512,512,512,512,512,512,512,512,512,512,512,512,512, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,116,116,111,111, 14, 14,516,516,515, + 9,517,517,517,517,517,517,517,517,517,517,517,517,517,517,517, +517,517,517,517,517,517,517,517,517,517,517,517,517,517,517,517, +517,517,517,517,517,517,517,517,517,517,517,517,517,517,517,517, +517,517,517,517,517,517,517,517,517,517,517,517,517,517,517,517, +517,517,517,517,517,517,517,517,517,517,517,517,517,517,517,517, +517,517,517,517,517,517,517,517,517,517,517, 4,109,518,518,517, /* block 92 */ -512,512,512,512,512,512,512,512,512,512,512,512,512,512,512,115, - 19, 19, 23, 23, 23, 23, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, -511,511,511,511,511,511,511,511,511,511,511,511,511,511,511,511, -511,511,511,511,511,511,511,511,511,511,511,115,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19,115,115,115,115,115,115,115,115,115,115,115,115, -509,509,509,509,509,509,509,509,509,509,509,509,509,509,509,509, +116,116,116,116,116,519,519,519,519,519,519,519,519,519,519,519, +519,519,519,519,519,519,519,519,519,519,519,519,519,519,519,519, +519,519,519,519,519,519,519,519,519,519,519,519,519,519,519,519, +116,520,520,520,520,520,520,520,520,520,520,520,520,520,520,520, +520,520,520,520,520,520,520,520,520,520,520,520,520,520,520,520, +520,520,520,520,520,520,520,520,520,520,520,520,520,520,520,520, +520,520,520,520,520,520,520,520,520,520,520,520,520,520,520,520, +520,520,520,520,520,520,520,520,520,520,520,520,520,520,520,520, /* block 93 */ -513,513,513,513,513,513,513,513,513,513,513,513,513,513,513,513, -513,513,513,513,513,513,513,513,513,513,513,513,513,513,513,115, - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 19, 19, 19, 19, 19, 19, +520,520,520,520,520,520,520,520,520,520,520,520,520,520,520,116, + 19, 19, 24, 24, 24, 24, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, +519,519,519,519,519,519,519,519,519,519,519,519,519,519,519,519, +519,519,519,519,519,519,519,519,519,519,519,116,116,116,116,116, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 23, 23, 23, 23, 23, 23, 23, 23, - 19, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, -513,513,513,513,513,513,513,513,513,513,513,513,513,513,513,513, -513,513,513,513,513,513,513,513,513,513,513,513,513,513,513, 19, + 19, 19, 19, 19,116,116,116,116,116,116,116,116,116,116,116,116, +517,517,517,517,517,517,517,517,517,517,517,517,517,517,517,517, /* block 94 */ - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, +521,521,521,521,521,521,521,521,521,521,521,521,521,521,521,521, +521,521,521,521,521,521,521,521,521,521,521,521,521,521,521,116, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, -514,514,514,514,514,514,514,514,514,514,514,514,514,514,514,514, -514,514,514,514,514,514,514,514,514,514,514,514,514,514,514,514, -514,514,514,514,514,514,514,514,514,514,514,514,514,514,514,115, + 19, 19, 19, 19, 19, 19, 19, 19, 24, 24, 24, 24, 24, 24, 24, 24, + 19, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, +521,521,521,521,521,521,521,521,521,521,521,521,521,521,521,521, +521,521,521,521,521,521,521,521,521,521,521,521,521,521,521, 19, /* block 95 */ -514,514,514,514,514,514,514,514,514,514,514,514,514,514,514,514, -514,514,514,514,514,514,514,514,514,514,514,514,514,514,514,514, -514,514,514,514,514,514,514,514,514,514,514,514,514,514,514,514, -514,514,514,514,514,514,514,514,514,514,514,514,514,514,514,514, -514,514,514,514,514,514,514,514,514,514,514,514,514,514,514,514, -514,514,514,514,514,514,514,514, 19, 19, 19, 19, 19, 19, 19, 19, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 20, 19, 20, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, +522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, +522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, +522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,116, /* block 96 */ -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, +522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, +522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, +522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, +522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, +522,522,522,522,522,522,522,522, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, /* block 97 */ -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,115,115,115,115,115,115,115,115,115,115, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, + +/* block 98 */ +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,116,116,116,116,116,116,116,116,116,116, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, -/* block 98 */ -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, - /* block 99 */ -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,517,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 100 */ -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, -516,516,516,516,516,516,516,516,516,516,516,516,516,516,516,516, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,525,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, /* block 101 */ -516,516,516,516,516,516,516,516,516,516,516,516,516,115,115,115, -518,518,518,518,518,518,518,518,518,518,518,518,518,518,518,518, -518,518,518,518,518,518,518,518,518,518,518,518,518,518,518,518, -518,518,518,518,518,518,518,518,518,518,518,518,518,518,518,518, -518,518,518,518,518,518,518,115,115,115,115,115,115,115,115,115, -519,519,519,519,519,519,519,519,519,519,519,519,519,519,519,519, -519,519,519,519,519,519,519,519,519,519,519,519,519,519,519,519, -519,519,519,519,519,519,519,519,520,520,520,520,520,520,521,521, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, +524,524,524,524,524,524,524,524,524,524,524,524,524,524,524,524, /* block 102 */ -522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, -522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, -522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, -522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, -522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, -522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, -522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, -522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, +524,524,524,524,524,524,524,524,524,524,524,524,524,116,116,116, +526,526,526,526,526,526,526,526,526,526,526,526,526,526,526,526, +526,526,526,526,526,526,526,526,526,526,526,526,526,526,526,526, +526,526,526,526,526,526,526,526,526,526,526,526,526,526,526,526, +526,526,526,526,526,526,526,116,116,116,116,116,116,116,116,116, +527,527,527,527,527,527,527,527,527,527,527,527,527,527,527,527, +527,527,527,527,527,527,527,527,527,527,527,527,527,527,527,527, +527,527,527,527,527,527,527,527,528,528,528,528,528,528,529,529, /* block 103 */ -522,522,522,522,522,522,522,522,522,522,522,522,523,524,524,524, -522,522,522,522,522,522,522,522,522,522,522,522,522,522,522,522, -525,525,525,525,525,525,525,525,525,525,522,522,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -187,188,187,188,187,188,187,188,187,188,526,527,187,188,187,188, -187,188,187,188,187,188,187,188,187,188,187,188,187,188,187,188, -187,188,187,188,187,188,187,188,187,188,187,188,187,188,528,192, -193,193,193,529,192,192,192,192,192,192,192,192,192,192,529,436, - -/* block 104 */ -187,188,187,188,187,188,187,188,187,188,187,188,187,188,187,188, -187,188,187,188,187,188,187,188,187,188,187,188,436,436,192,192, 530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, 530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, 530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, 530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, -530,530,530,530,530,530,531,531,531,531,531,531,531,531,531,531, -532,532,533,533,533,533,533,533,115,115,115,115,115,115,115,115, +530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, +530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, +530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, +530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, + +/* block 104 */ +530,530,530,530,530,530,530,530,530,530,530,530,531,532,532,532, +530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, +533,533,533,533,533,533,533,533,533,533,530,530,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +188,189,188,189,188,189,188,189,188,189,534,535,188,189,188,189, +188,189,188,189,188,189,188,189,188,189,188,189,188,189,188,189, +188,189,188,189,188,189,188,189,188,189,188,189,188,189,536,193, +194,194,194,537,193,193,193,193,193,193,193,193,193,193,537,441, /* block 105 */ - 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, - 14, 14, 14, 14, 14, 14, 14,108,108,108,108,108,108,108,108,108, - 14, 14, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 33, 33, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, -107, 33, 33, 33, 33, 33, 33, 33, 33, 30, 31, 30, 31,534, 30, 31, +188,189,188,189,188,189,188,189,188,189,188,189,188,189,188,189, +188,189,188,189,188,189,188,189,188,189,188,189,441,441,193,193, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,539,539,539,539,539,539,539,539,539,539, +540,540,541,541,541,541,541,541,116,116,116,116,116,116,116,116, /* block 106 */ - 30, 31, 30, 31, 30, 31, 30, 31,108, 14, 14, 30, 31,535, 33, 20, - 30, 31, 30, 31, 33, 33, 30, 31, 30, 31, 30, 31, 30, 31, 30, 31, - 30, 31, 30, 31, 30, 31, 30, 31, 30, 31,536,537,538,539,536,115, -540,541,542,543, 30, 31, 30, 31,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115, 20,107,107, 33, 20, 20, 20, 20, 20, + 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, + 14, 14, 14, 14, 14, 14, 14,109,109,109,109,109,109,109,109,109, + 14, 14, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 34, 34, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, +108, 34, 34, 34, 34, 34, 34, 34, 34, 31, 32, 31, 32,542, 31, 32, /* block 107 */ -544,544,545,544,544,544,545,544,544,544,544,545,544,544,544,544, -544,544,544,544,544,544,544,544,544,544,544,544,544,544,544,544, -544,544,544,546,546,545,545,546,547,547,547,547,115,115,115,115, - 23, 23, 23, 23, 23, 23, 19, 19, 5, 19,115,115,115,115,115,115, -548,548,548,548,548,548,548,548,548,548,548,548,548,548,548,548, -548,548,548,548,548,548,548,548,548,548,548,548,548,548,548,548, -548,548,548,548,548,548,548,548,548,548,548,548,548,548,548,548, -548,548,548,548,549,549,549,549,115,115,115,115,115,115,115,115, + 31, 32, 31, 32, 31, 32, 31, 32,109, 14, 14, 31, 32,543, 34, 21, + 31, 32, 31, 32, 34, 34, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, + 31, 32, 31, 32, 31, 32, 31, 32, 31, 32,544,545,546,547,544, 34, +548,549,550,551, 31, 32, 31, 32, 31, 32,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116, 21,108,108, 34, 21, 21, 21, 21, 21, /* block 108 */ -550,550,551,551,551,551,551,551,551,551,551,551,551,551,551,551, -551,551,551,551,551,551,551,551,551,551,551,551,551,551,551,551, -551,551,551,551,551,551,551,551,551,551,551,551,551,551,551,551, -551,551,551,551,550,550,550,550,550,550,550,550,550,550,550,550, -550,550,550,550,552,552,115,115,115,115,115,115,115,115,553,553, -554,554,554,554,554,554,554,554,554,554,115,115,115,115,115,115, -238,238,238,238,238,238,238,238,238,238,238,238,238,238,238,238, -238,238,240,240,240,240,240,240,242,242,242,240,242,240,115,115, +552,552,553,552,552,552,553,552,552,552,552,553,552,552,552,552, +552,552,552,552,552,552,552,552,552,552,552,552,552,552,552,552, +552,552,552,554,554,553,553,554,555,555,555,555,116,116,116,116, + 24, 24, 24, 24, 24, 24, 19, 19, 5, 19,116,116,116,116,116,116, +556,556,556,556,556,556,556,556,556,556,556,556,556,556,556,556, +556,556,556,556,556,556,556,556,556,556,556,556,556,556,556,556, +556,556,556,556,556,556,556,556,556,556,556,556,556,556,556,556, +556,556,556,556,557,557,557,557,116,116,116,116,116,116,116,116, /* block 109 */ -555,555,555,555,555,555,555,555,555,555,556,556,556,556,556,556, -556,556,556,556,556,556,556,556,556,556,556,556,556,556,556,556, -556,556,556,556,556,556,557,557,557,557,557,557,557,557, 4,558, +558,558,559,559,559,559,559,559,559,559,559,559,559,559,559,559, 559,559,559,559,559,559,559,559,559,559,559,559,559,559,559,559, -559,559,559,559,559,559,559,560,560,560,560,560,560,560,560,560, -560,560,561,561,115,115,115,115,115,115,115,115,115,115,115,562, -333,333,333,333,333,333,333,333,333,333,333,333,333,333,333,333, -333,333,333,333,333,333,333,333,333,333,333,333,333,115,115,115, +559,559,559,559,559,559,559,559,559,559,559,559,559,559,559,559, +559,559,559,559,558,558,558,558,558,558,558,558,558,558,558,558, +558,558,558,558,560,560,116,116,116,116,116,116,116,116,561,561, +562,562,562,562,562,562,562,562,562,562,116,116,116,116,116,116, +240,240,240,240,240,240,240,240,240,240,240,240,240,240,240,240, +240,240,242,242,242,242,242,242,244,244,244,242,244,242,242,240, /* block 110 */ -563,563,563,564,565,565,565,565,565,565,565,565,565,565,565,565, -565,565,565,565,565,565,565,565,565,565,565,565,565,565,565,565, -565,565,565,565,565,565,565,565,565,565,565,565,565,565,565,565, -565,565,565,563,564,564,563,563,563,563,564,564,563,564,564,564, -564,566,566,566,566,566,566,566,566,566,566,566,566,566,115,108, -567,567,567,567,567,567,567,567,567,567,115,115,115,115,566,566, -323,323,323,323,323,325,568,323,323,323,323,323,323,323,323,323, -327,327,327,327,327,327,327,327,327,327,323,323,323,323,323,115, +563,563,563,563,563,563,563,563,563,563,564,564,564,564,564,564, +564,564,564,564,564,564,564,564,564,564,564,564,564,564,564,564, +564,564,564,564,564,564,565,565,565,565,565,565,565,565, 4,566, +567,567,567,567,567,567,567,567,567,567,567,567,567,567,567,567, +567,567,567,567,567,567,567,568,568,568,568,568,568,568,568,568, +568,568,569,569,116,116,116,116,116,116,116,116,116,116,116,570, +337,337,337,337,337,337,337,337,337,337,337,337,337,337,337,337, +337,337,337,337,337,337,337,337,337,337,337,337,337,116,116,116, /* block 111 */ -569,569,569,569,569,569,569,569,569,569,569,569,569,569,569,569, -569,569,569,569,569,569,569,569,569,569,569,569,569,569,569,569, -569,569,569,569,569,569,569,569,569,570,570,570,570,570,570,571, -571,570,570,571,571,570,570,115,115,115,115,115,115,115,115,115, -569,569,569,570,569,569,569,569,569,569,569,569,570,571,115,115, -572,572,572,572,572,572,572,572,572,572,115,115,573,573,573,573, -323,323,323,323,323,323,323,323,323,323,323,323,323,323,323,323, -568,323,323,323,323,323,323,329,329,329,323,324,325,324,323,323, +571,571,571,572,573,573,573,573,573,573,573,573,573,573,573,573, +573,573,573,573,573,573,573,573,573,573,573,573,573,573,573,573, +573,573,573,573,573,573,573,573,573,573,573,573,573,573,573,573, +573,573,573,571,572,572,571,571,571,571,572,572,571,572,572,572, +572,574,574,574,574,574,574,574,574,574,574,574,574,574,116,109, +575,575,575,575,575,575,575,575,575,575,116,116,116,116,574,574, +327,327,327,327,327,329,576,327,327,327,327,327,327,327,327,327, +331,331,331,331,331,331,331,331,331,331,327,327,327,327,327,116, /* block 112 */ -574,574,574,574,574,574,574,574,574,574,574,574,574,574,574,574, -574,574,574,574,574,574,574,574,574,574,574,574,574,574,574,574, -574,574,574,574,574,574,574,574,574,574,574,574,574,574,574,574, -575,574,575,575,575,574,574,575,575,574,574,574,574,574,575,575, -574,575,574,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,574,574,576,577,577, -578,578,578,578,578,578,578,578,578,578,578,579,580,580,579,579, -581,581,578,582,582,579,580,115,115,115,115,115,115,115,115,115, +577,577,577,577,577,577,577,577,577,577,577,577,577,577,577,577, +577,577,577,577,577,577,577,577,577,577,577,577,577,577,577,577, +577,577,577,577,577,577,577,577,577,578,578,578,578,578,578,579, +579,578,578,579,579,578,578,116,116,116,116,116,116,116,116,116, +577,577,577,578,577,577,577,577,577,577,577,577,578,579,116,116, +580,580,580,580,580,580,580,580,580,580,116,116,581,581,581,581, +327,327,327,327,327,327,327,327,327,327,327,327,327,327,327,327, +576,327,327,327,327,327,327,333,333,333,327,328,329,328,327,327, /* block 113 */ -115,336,336,336,336,336,336,115,115,336,336,336,336,336,336,115, -115,336,336,336,336,336,336,115,115,115,115,115,115,115,115,115, -336,336,336,336,336,336,336,115,336,336,336,336,336,336,336,115, - 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, - 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, 33, - 33, 33, 33,583, 33, 33, 33, 33, 33, 33, 33, 14,107,107,107,107, - 33, 33, 33, 33, 33,123,115,115,115,115,115,115,115,115,115,115, -584,584,584,584,584,584,584,584,584,584,584,584,584,584,584,584, +582,582,582,582,582,582,582,582,582,582,582,582,582,582,582,582, +582,582,582,582,582,582,582,582,582,582,582,582,582,582,582,582, +582,582,582,582,582,582,582,582,582,582,582,582,582,582,582,582, +583,582,583,583,583,582,582,583,583,582,582,582,582,582,583,583, +582,583,582,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,582,582,584,585,585, +586,586,586,586,586,586,586,586,586,586,586,587,588,588,587,587, +589,589,586,590,590,587,588,116,116,116,116,116,116,116,116,116, /* block 114 */ -584,584,584,584,584,584,584,584,584,584,584,584,584,584,584,584, -584,584,584,584,584,584,584,584,584,584,584,584,584,584,584,584, -584,584,584,584,584,584,584,584,584,584,584,584,584,584,584,584, -584,584,584,584,584,584,584,584,584,584,584,584,584,584,584,584, -578,578,578,578,578,578,578,578,578,578,578,578,578,578,578,578, -578,578,578,578,578,578,578,578,578,578,578,578,578,578,578,578, -578,578,578,579,579,580,579,579,580,579,579,581,579,580,115,115, -585,585,585,585,585,585,585,585,585,585,115,115,115,115,115,115, +116,340,340,340,340,340,340,116,116,340,340,340,340,340,340,116, +116,340,340,340,340,340,340,116,116,116,116,116,116,116,116,116, +340,340,340,340,340,340,340,116,340,340,340,340,340,340,340,116, + 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, + 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, 34, + 34, 34, 34,591, 34, 34, 34, 34, 34, 34, 34, 14,108,108,108,108, + 34, 34, 34, 34, 34,124,116,116,116,116,116,116,116,116,116,116, +592,592,592,592,592,592,592,592,592,592,592,592,592,592,592,592, /* block 115 */ -586,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,586,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,586,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,586,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -586,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, +592,592,592,592,592,592,592,592,592,592,592,592,592,592,592,592, +592,592,592,592,592,592,592,592,592,592,592,592,592,592,592,592, +592,592,592,592,592,592,592,592,592,592,592,592,592,592,592,592, +592,592,592,592,592,592,592,592,592,592,592,592,592,592,592,592, +586,586,586,586,586,586,586,586,586,586,586,586,586,586,586,586, +586,586,586,586,586,586,586,586,586,586,586,586,586,586,586,586, +586,586,586,587,587,588,587,587,588,587,587,589,587,588,116,116, +593,593,593,593,593,593,593,593,593,593,116,116,116,116,116,116, /* block 116 */ -587,587,587,587,587,587,587,587,587,587,587,587,586,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,586,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,586,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -586,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,586,587,587,587, +594,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,594,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,594,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,594,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +594,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, /* block 117 */ -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,586,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,586,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -586,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,586,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, +595,595,595,595,595,595,595,595,595,595,595,595,594,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,594,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,594,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +594,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,594,595,595,595, /* block 118 */ -587,587,587,587,587,587,587,587,586,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,586,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -586,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,586,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,586,587,587,587,587,587,587,587, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,594,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,594,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +594,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,594,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, /* block 119 */ -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,586,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -586,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,586,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,586,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, +595,595,595,595,595,595,595,595,594,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,594,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +594,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,594,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,594,595,595,595,595,595,595,595, /* block 120 */ -587,587,587,587,586,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -586,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,586,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,586,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,586,587,587,587,587,587,587,587,587,587,587,587, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,594,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +594,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,594,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,594,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, /* block 121 */ -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -586,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,586,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,586,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,586,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, +595,595,595,595,594,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +594,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,594,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,594,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,594,595,595,595,595,595,595,595,595,595,595,595, /* block 122 */ -587,587,587,587,587,587,587,587,586,587,587,587,587,587,587,587, -587,587,587,587,587,587,587,587,587,587,587,587,587,587,587,587, -587,587,587,587,115,115,115,115,115,115,115,115,115,115,115,115, -334,334,334,334,334,334,334,334,334,334,334,334,334,334,334,334, -334,334,334,334,334,334,334,115,115,115,115,335,335,335,335,335, -335,335,335,335,335,335,335,335,335,335,335,335,335,335,335,335, -335,335,335,335,335,335,335,335,335,335,335,335,335,335,335,335, -335,335,335,335,335,335,335,335,335,335,335,335,115,115,115,115, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +594,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,594,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,594,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,594,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, /* block 123 */ -588,588,588,588,588,588,588,588,588,588,588,588,588,588,588,588, -588,588,588,588,588,588,588,588,588,588,588,588,588,588,588,588, -588,588,588,588,588,588,588,588,588,588,588,588,588,588,588,588, -588,588,588,588,588,588,588,588,588,588,588,588,588,588,588,588, -588,588,588,588,588,588,588,588,588,588,588,588,588,588,588,588, -588,588,588,588,588,588,588,588,588,588,588,588,588,588,588,588, -588,588,588,588,588,588,588,588,588,588,588,588,588,588,588,588, -588,588,588,588,588,588,588,588,588,588,588,588,588,588,588,588, +595,595,595,595,595,595,595,595,594,595,595,595,595,595,595,595, +595,595,595,595,595,595,595,595,595,595,595,595,595,595,595,595, +595,595,595,595,116,116,116,116,116,116,116,116,116,116,116,116, +338,338,338,338,338,338,338,338,338,338,338,338,338,338,338,338, +338,338,338,338,338,338,338,116,116,116,116,339,339,339,339,339, +339,339,339,339,339,339,339,339,339,339,339,339,339,339,339,339, +339,339,339,339,339,339,339,339,339,339,339,339,339,339,339,339, +339,339,339,339,339,339,339,339,339,339,339,339,116,116,116,116, /* block 124 */ -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, +596,596,596,596,596,596,596,596,596,596,596,596,596,596,596,596, +596,596,596,596,596,596,596,596,596,596,596,596,596,596,596,596, +596,596,596,596,596,596,596,596,596,596,596,596,596,596,596,596, +596,596,596,596,596,596,596,596,596,596,596,596,596,596,596,596, +596,596,596,596,596,596,596,596,596,596,596,596,596,596,596,596, +596,596,596,596,596,596,596,596,596,596,596,596,596,596,596,596, +596,596,596,596,596,596,596,596,596,596,596,596,596,596,596,596, +596,596,596,596,596,596,596,596,596,596,596,596,596,596,596,596, /* block 125 */ -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,115,115, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, /* block 126 */ -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,116,116, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, /* block 127 */ - 33, 33, 33, 33, 33, 33, 33,115,115,115,115,115,115,115,115,115, -115,115,115,200,200,200,200,200,115,115,115,115,115,207,204,207, -207,207,207,207,207,207,207,207,207,590,207,207,207,207,207,207, -207,207,207,207,207,207,207,115,207,207,207,207,207,115,207,115, -207,207,115,207,207,115,207,207,207,207,207,207,207,207,207,207, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 128 */ -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,591,591,591,591,591,591,591,591,591,591,591,591,591,591, -591,591,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, + 34, 34, 34, 34, 34, 34, 34,116,116,116,116,116,116,116,116,116, +116,116,116,200,200,200,200,200,116,116,116,116,116,208,205,208, +208,208,208,208,208,208,208,208,208,598,208,208,208,208,208,208, +208,208,208,208,208,208,208,116,208,208,208,208,208,116,208,116, +208,208,116,208,208,116,208,208,208,208,208,208,208,208,208,208, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, /* block 129 */ -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,599,599,599,599,599,599,599,599,599,599,599,599,599,599, +599,599,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, /* block 130 */ -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216, 7, 6, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, /* block 131 */ -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -115,115,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -216,216,216,216,216,216,216,216,216,216,216,216,212,213,115,115, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217, 7, 6, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, /* block 132 */ -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, - 4, 4, 4, 4, 4, 4, 4, 6, 7, 4,115,115,115,115,115,115, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,192,192, - 4, 9, 9, 15, 15, 6, 7, 6, 7, 6, 7, 6, 7, 6, 7, 6, - 7, 6, 7, 6, 7, 4, 4, 6, 7, 4, 4, 4, 4, 15, 15, 15, - 4, 4, 4,115, 4, 4, 4, 4, 9, 6, 7, 6, 7, 6, 7, 4, - 4, 4, 8, 9, 8, 8, 8,115, 4, 5, 4, 4,115,115,115,115, -216,216,216,216,216,115,216,216,216,216,216,216,216,216,216,216, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +116,116,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +217,217,217,217,217,217,217,217,217,217,217,217,213,214,116,116, /* block 133 */ -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,115,115, 22, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, + 4, 4, 4, 4, 4, 4, 4, 6, 7, 4,116,116,116,116,116,116, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,193,193, + 4, 9, 9, 15, 15, 6, 7, 6, 7, 6, 7, 6, 7, 6, 7, 6, + 7, 6, 7, 6, 7, 4, 4, 6, 7, 4, 4, 4, 4, 15, 15, 15, + 4, 4, 4,116, 4, 4, 4, 4, 9, 6, 7, 6, 7, 6, 7, 4, + 4, 4, 8, 9, 8, 8, 8,116, 4, 5, 4, 4,116,116,116,116, +217,217,217,217,217,116,217,217,217,217,217,217,217,217,217,217, /* block 134 */ -115, 4, 4, 4, 5, 4, 4, 4, 6, 7, 4, 8, 4, 9, 4, 4, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,116,116, 23, + +/* block 135 */ +116, 4, 4, 4, 5, 4, 4, 4, 6, 7, 4, 8, 4, 9, 4, 4, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 4, 4, 8, 8, 8, 4, 4, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 6, 4, 7, 14, 15, 14, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 6, 8, 7, 8, 6, - 7, 4, 6, 7, 4, 4,509,509,509,509,509,509,509,509,509,509, -108,509,509,509,509,509,509,509,509,509,509,509,509,509,509,509, - -/* block 135 */ -509,509,509,509,509,509,509,509,509,509,509,509,509,509,509,509, -509,509,509,509,509,509,509,509,509,509,509,509,509,509,592,592, -512,512,512,512,512,512,512,512,512,512,512,512,512,512,512,512, -512,512,512,512,512,512,512,512,512,512,512,512,512,512,512,115, -115,115,512,512,512,512,512,512,115,115,512,512,512,512,512,512, -115,115,512,512,512,512,512,512,115,115,512,512,512,115,115,115, - 5, 5, 8, 14, 19, 5, 5,115, 19, 8, 8, 8, 8, 19, 19,115, -465,465,465,465,465,465,465,465,465, 22, 22, 22, 19, 19,115,115, + 7, 4, 6, 7, 4, 4,517,517,517,517,517,517,517,517,517,517, +109,517,517,517,517,517,517,517,517,517,517,517,517,517,517,517, /* block 136 */ -593,593,593,593,593,593,593,593,593,593,593,593,115,593,593,593, -593,593,593,593,593,593,593,593,593,593,593,593,593,593,593,593, -593,593,593,593,593,593,593,115,593,593,593,593,593,593,593,593, -593,593,593,593,593,593,593,593,593,593,593,115,593,593,115,593, -593,593,593,593,593,593,593,593,593,593,593,593,593,593,115,115, -593,593,593,593,593,593,593,593,593,593,593,593,593,593,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +517,517,517,517,517,517,517,517,517,517,517,517,517,517,517,517, +517,517,517,517,517,517,517,517,517,517,517,517,517,517,600,600, +520,520,520,520,520,520,520,520,520,520,520,520,520,520,520,520, +520,520,520,520,520,520,520,520,520,520,520,520,520,520,520,116, +116,116,520,520,520,520,520,520,116,116,520,520,520,520,520,520, +116,116,520,520,520,520,520,520,116,116,520,520,520,116,116,116, + 5, 5, 8, 14, 19, 5, 5,116, 19, 8, 8, 8, 8, 19, 19,116, +471,471,471,471,471,471,471,471,471, 23, 23, 23, 19, 19,116,116, /* block 137 */ -593,593,593,593,593,593,593,593,593,593,593,593,593,593,593,593, -593,593,593,593,593,593,593,593,593,593,593,593,593,593,593,593, -593,593,593,593,593,593,593,593,593,593,593,593,593,593,593,593, -593,593,593,593,593,593,593,593,593,593,593,593,593,593,593,593, -593,593,593,593,593,593,593,593,593,593,593,593,593,593,593,593, -593,593,593,593,593,593,593,593,593,593,593,593,593,593,593,593, -593,593,593,593,593,593,593,593,593,593,593,593,593,593,593,593, -593,593,593,593,593,593,593,593,593,593,593,115,115,115,115,115, +601,601,601,601,601,601,601,601,601,601,601,601,116,601,601,601, +601,601,601,601,601,601,601,601,601,601,601,601,601,601,601,601, +601,601,601,601,601,601,601,116,601,601,601,601,601,601,601,601, +601,601,601,601,601,601,601,601,601,601,601,116,601,601,116,601, +601,601,601,601,601,601,601,601,601,601,601,601,601,601,116,116, +601,601,601,601,601,601,601,601,601,601,601,601,601,601,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 138 */ - 4, 4, 4,115,115,115,115, 23, 23, 23, 23, 23, 23, 23, 23, 23, - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, - 23, 23, 23, 23,115,115,115, 19, 19, 19, 19, 19, 19, 19, 19, 19, -594,594,594,594,594,594,594,594,594,594,594,594,594,594,594,594, -594,594,594,594,594,594,594,594,594,594,594,594,594,594,594,594, -594,594,594,594,594,594,594,594,594,594,594,594,594,594,594,594, -594,594,594,594,594,595,595,595,595,596,596,596,596,596,596,596, +601,601,601,601,601,601,601,601,601,601,601,601,601,601,601,601, +601,601,601,601,601,601,601,601,601,601,601,601,601,601,601,601, +601,601,601,601,601,601,601,601,601,601,601,601,601,601,601,601, +601,601,601,601,601,601,601,601,601,601,601,601,601,601,601,601, +601,601,601,601,601,601,601,601,601,601,601,601,601,601,601,601, +601,601,601,601,601,601,601,601,601,601,601,601,601,601,601,601, +601,601,601,601,601,601,601,601,601,601,601,601,601,601,601,601, +601,601,601,601,601,601,601,601,601,601,601,116,116,116,116,116, /* block 139 */ -596,596,596,596,596,596,596,596,596,596,595,595,596,596,596,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115, -596,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,110,115,115, + 4, 4, 4,116,116,116,116, 24, 24, 24, 24, 24, 24, 24, 24, 24, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, + 24, 24, 24, 24,116,116,116, 19, 19, 19, 19, 19, 19, 19, 19, 19, +602,602,602,602,602,602,602,602,602,602,602,602,602,602,602,602, +602,602,602,602,602,602,602,602,602,602,602,602,602,602,602,602, +602,602,602,602,602,602,602,602,602,602,602,602,602,602,602,602, +602,602,602,602,602,603,603,603,603,604,604,604,604,604,604,604, /* block 140 */ -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +604,604,604,604,604,604,604,604,604,604,603,603,604,604,604,116, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,116,116,116,116, +604,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,111,116,116, /* block 141 */ -597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, -597,597,597,597,597,597,597,597,597,597,597,597,597,115,115,115, -598,598,598,598,598,598,598,598,598,598,598,598,598,598,598,598, -598,598,598,598,598,598,598,598,598,598,598,598,598,598,598,598, -598,598,598,598,598,598,598,598,598,598,598,598,598,598,598,598, -598,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -110, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23,115,115,115,115, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 142 */ -599,599,599,599,599,599,599,599,599,599,599,599,599,599,599,599, -599,599,599,599,599,599,599,599,599,599,599,599,599,599,599,599, -600,600,600,600,115,115,115,115,115,115,115,115,115,599,599,599, -601,601,601,601,601,601,601,601,601,601,601,601,601,601,601,601, -601,602,601,601,601,601,601,601,601,601,602,115,115,115,115,115, -603,603,603,603,603,603,603,603,603,603,603,603,603,603,603,603, -603,603,603,603,603,603,603,603,603,603,603,603,603,603,603,603, -603,603,603,603,603,603,604,604,604,604,604,115,115,115,115,115, +605,605,605,605,605,605,605,605,605,605,605,605,605,605,605,605, +605,605,605,605,605,605,605,605,605,605,605,605,605,116,116,116, +606,606,606,606,606,606,606,606,606,606,606,606,606,606,606,606, +606,606,606,606,606,606,606,606,606,606,606,606,606,606,606,606, +606,606,606,606,606,606,606,606,606,606,606,606,606,606,606,606, +606,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +111, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,116,116,116,116, /* block 143 */ -605,605,605,605,605,605,605,605,605,605,605,605,605,605,605,605, -605,605,605,605,605,605,605,605,605,605,605,605,605,605,115,606, 607,607,607,607,607,607,607,607,607,607,607,607,607,607,607,607, 607,607,607,607,607,607,607,607,607,607,607,607,607,607,607,607, -607,607,607,607,115,115,115,115,607,607,607,607,607,607,607,607, -608,609,609,609,609,609,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, - -/* block 144 */ -610,610,610,610,610,610,610,610,610,610,610,610,610,610,610,610, -610,610,610,610,610,610,610,610,610,610,610,610,610,610,610,610, -610,610,610,610,610,610,610,610,611,611,611,611,611,611,611,611, +608,608,608,608,116,116,116,116,116,116,116,116,116,607,607,607, +609,609,609,609,609,609,609,609,609,609,609,609,609,609,609,609, +609,610,609,609,609,609,609,609,609,609,610,116,116,116,116,116, 611,611,611,611,611,611,611,611,611,611,611,611,611,611,611,611, 611,611,611,611,611,611,611,611,611,611,611,611,611,611,611,611, -612,612,612,612,612,612,612,612,612,612,612,612,612,612,612,612, -612,612,612,612,612,612,612,612,612,612,612,612,612,612,612,612, -612,612,612,612,612,612,612,612,612,612,612,612,612,612,612,612, +611,611,611,611,611,611,612,612,612,612,612,116,116,116,116,116, -/* block 145 */ +/* block 144 */ 613,613,613,613,613,613,613,613,613,613,613,613,613,613,613,613, -613,613,613,613,613,613,613,613,613,613,613,613,613,613,115,115, -614,614,614,614,614,614,614,614,614,614,115,115,115,115,115,115, +613,613,613,613,613,613,613,613,613,613,613,613,613,613,116,614, 615,615,615,615,615,615,615,615,615,615,615,615,615,615,615,615, 615,615,615,615,615,615,615,615,615,615,615,615,615,615,615,615, -615,615,615,615,115,115,115,115,616,616,616,616,616,616,616,616, -616,616,616,616,616,616,616,616,616,616,616,616,616,616,616,616, -616,616,616,616,616,616,616,616,616,616,616,616,115,115,115,115, +615,615,615,615,116,116,116,116,615,615,615,615,615,615,615,615, +616,617,617,617,617,617,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, -/* block 146 */ -617,617,617,617,617,617,617,617,617,617,617,617,617,617,617,617, -617,617,617,617,617,617,617,617,617,617,617,617,617,617,617,617, -617,617,617,617,617,617,617,617,115,115,115,115,115,115,115,115, -618,618,618,618,618,618,618,618,618,618,618,618,618,618,618,618, +/* block 145 */ 618,618,618,618,618,618,618,618,618,618,618,618,618,618,618,618, 618,618,618,618,618,618,618,618,618,618,618,618,618,618,618,618, -618,618,618,618,115,115,115,115,115,115,115,115,115,115,115,619, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, - -/* block 147 */ -620,620,620,620,620,620,620,620,620,620,620,620,620,620,620,620, -620,620,620,620,620,620,620,620,620,620,620,620,620,620,620,620, -620,620,620,620,620,620,620,620,620,620,620,620,620,620,620,620, -620,620,620,620,620,620,620,620,620,620,620,620,620,620,620,620, -620,620,620,620,620,620,620,620,620,620,620,620,620,620,620,620, +618,618,618,618,618,618,618,618,619,619,619,619,619,619,619,619, +619,619,619,619,619,619,619,619,619,619,619,619,619,619,619,619, +619,619,619,619,619,619,619,619,619,619,619,619,619,619,619,619, 620,620,620,620,620,620,620,620,620,620,620,620,620,620,620,620, 620,620,620,620,620,620,620,620,620,620,620,620,620,620,620,620, 620,620,620,620,620,620,620,620,620,620,620,620,620,620,620,620, +/* block 146 */ +621,621,621,621,621,621,621,621,621,621,621,621,621,621,621,621, +621,621,621,621,621,621,621,621,621,621,621,621,621,621,116,116, +622,622,622,622,622,622,622,622,622,622,116,116,116,116,116,116, +623,623,623,623,623,623,623,623,623,623,623,623,623,623,623,623, +623,623,623,623,623,623,623,623,623,623,623,623,623,623,623,623, +623,623,623,623,116,116,116,116,624,624,624,624,624,624,624,624, +624,624,624,624,624,624,624,624,624,624,624,624,624,624,624,624, +624,624,624,624,624,624,624,624,624,624,624,624,116,116,116,116, + +/* block 147 */ +625,625,625,625,625,625,625,625,625,625,625,625,625,625,625,625, +625,625,625,625,625,625,625,625,625,625,625,625,625,625,625,625, +625,625,625,625,625,625,625,625,116,116,116,116,116,116,116,116, +626,626,626,626,626,626,626,626,626,626,626,626,626,626,626,626, +626,626,626,626,626,626,626,626,626,626,626,626,626,626,626,626, +626,626,626,626,626,626,626,626,626,626,626,626,626,626,626,626, +626,626,626,626,116,116,116,116,116,116,116,116,116,116,116,627, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, + /* block 148 */ -620,620,620,620,620,620,620,620,620,620,620,620,620,620,620,620, -620,620,620,620,620,620,620,620,620,620,620,620,620,620,620,620, -620,620,620,620,620,620,620,620,620,620,620,620,620,620,620,620, -620,620,620,620,620,620,620,115,115,115,115,115,115,115,115,115, -620,620,620,620,620,620,620,620,620,620,620,620,620,620,620,620, -620,620,620,620,620,620,115,115,115,115,115,115,115,115,115,115, -620,620,620,620,620,620,620,620,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,628, +628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,628, +628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,628, +628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,628, +628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,628, +628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,628, +628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,628, +628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,628, /* block 149 */ -621,621,621,621,621,621,115,115,621,115,621,621,621,621,621,621, -621,621,621,621,621,621,621,621,621,621,621,621,621,621,621,621, -621,621,621,621,621,621,621,621,621,621,621,621,621,621,621,621, -621,621,621,621,621,621,115,621,621,115,115,115,621,115,115,621, -622,622,622,622,622,622,622,622,622,622,622,622,622,622,622,622, -622,622,622,622,622,622,115,623,624,624,624,624,624,624,624,624, -625,625,625,625,625,625,625,625,625,625,625,625,625,625,625,625, -625,625,625,625,625,625,625,626,626,627,627,627,627,627,627,627, +628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,628, +628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,628, +628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,628, +628,628,628,628,628,628,628,116,116,116,116,116,116,116,116,116, +628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,628, +628,628,628,628,628,628,116,116,116,116,116,116,116,116,116,116, +628,628,628,628,628,628,628,628,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 150 */ -628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,628, -628,628,628,628,628,628,628,628,628,628,628,628,628,628,628,115, -115,115,115,115,115,115,115,629,629,629,629,629,629,629,629,629, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +629,629,629,629,629,629,116,116,629,116,629,629,629,629,629,629, +629,629,629,629,629,629,629,629,629,629,629,629,629,629,629,629, +629,629,629,629,629,629,629,629,629,629,629,629,629,629,629,629, +629,629,629,629,629,629,116,629,629,116,116,116,629,116,116,629, 630,630,630,630,630,630,630,630,630,630,630,630,630,630,630,630, -630,630,630,115,630,630,115,115,115,115,115,631,631,631,631,631, +630,630,630,630,630,630,116,631,632,632,632,632,632,632,632,632, +633,633,633,633,633,633,633,633,633,633,633,633,633,633,633,633, +633,633,633,633,633,633,633,634,634,635,635,635,635,635,635,635, /* block 151 */ -632,632,632,632,632,632,632,632,632,632,632,632,632,632,632,632, -632,632,632,632,632,632,633,633,633,633,633,633,115,115,115,634, -635,635,635,635,635,635,635,635,635,635,635,635,635,635,635,635, -635,635,635,635,635,635,635,635,635,635,115,115,115,115,115,636, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +636,636,636,636,636,636,636,636,636,636,636,636,636,636,636,636, +636,636,636,636,636,636,636,636,636,636,636,636,636,636,636,116, +116,116,116,116,116,116,116,637,637,637,637,637,637,637,637,637, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +638,638,638,638,638,638,638,638,638,638,638,638,638,638,638,638, +638,638,638,116,638,638,116,116,116,116,116,639,639,639,639,639, /* block 152 */ -637,637,637,637,637,637,637,637,637,637,637,637,637,637,637,637, -637,637,637,637,637,637,637,637,637,637,637,637,637,637,637,637, -638,638,638,638,638,638,638,638,638,638,638,638,638,638,638,638, -638,638,638,638,638,638,638,638,115,115,115,115,639,639,638,638, -639,639,639,639,639,639,639,639,639,639,639,639,639,639,639,639, -115,115,639,639,639,639,639,639,639,639,639,639,639,639,639,639, -639,639,639,639,639,639,639,639,639,639,639,639,639,639,639,639, -639,639,639,639,639,639,639,639,639,639,639,639,639,639,639,639, +640,640,640,640,640,640,640,640,640,640,640,640,640,640,640,640, +640,640,640,640,640,640,641,641,641,641,641,641,116,116,116,642, +643,643,643,643,643,643,643,643,643,643,643,643,643,643,643,643, +643,643,643,643,643,643,643,643,643,643,116,116,116,116,116,644, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 153 */ -640,641,641,641,115,641,641,115,115,115,115,115,641,641,641,641, -640,640,640,640,115,640,640,640,115,640,640,640,640,640,640,640, -640,640,640,640,640,640,640,640,640,640,640,640,640,640,640,640, -640,640,640,640,115,115,115,115,641,641,641,115,115,115,115,641, -642,642,642,642,642,642,642,642,115,115,115,115,115,115,115,115, -643,643,643,643,643,643,643,643,643,115,115,115,115,115,115,115, -644,644,644,644,644,644,644,644,644,644,644,644,644,644,644,644, -644,644,644,644,644,644,644,644,644,644,644,644,644,645,645,646, +645,645,645,645,645,645,645,645,645,645,645,645,645,645,645,645, +645,645,645,645,645,645,645,645,645,645,645,645,645,645,645,645, +646,646,646,646,646,646,646,646,646,646,646,646,646,646,646,646, +646,646,646,646,646,646,646,646,116,116,116,116,647,647,646,646, +647,647,647,647,647,647,647,647,647,647,647,647,647,647,647,647, +116,116,647,647,647,647,647,647,647,647,647,647,647,647,647,647, +647,647,647,647,647,647,647,647,647,647,647,647,647,647,647,647, +647,647,647,647,647,647,647,647,647,647,647,647,647,647,647,647, /* block 154 */ -647,647,647,647,647,647,647,647,647,647,647,647,647,647,647,647, -647,647,647,647,647,647,647,647,647,647,647,647,647,648,648,648, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -649,649,649,649,649,649,649,649,650,649,649,649,649,649,649,649, -649,649,649,649,649,649,649,649,649,649,649,649,649,649,649,649, -649,649,649,649,649,651,651,115,115,115,115,652,652,652,652,652, -653,653,653,653,653,653,653,115,115,115,115,115,115,115,115,115, +648,649,649,649,116,649,649,116,116,116,116,116,649,649,649,649, +648,648,648,648,116,648,648,648,116,648,648,648,648,648,648,648, +648,648,648,648,648,648,648,648,648,648,648,648,648,648,648,648, +648,648,648,648,648,648,116,116,649,649,649,116,116,116,116,649, +650,650,650,650,650,650,650,650,650,116,116,116,116,116,116,116, +651,651,651,651,651,651,651,651,651,116,116,116,116,116,116,116, +652,652,652,652,652,652,652,652,652,652,652,652,652,652,652,652, +652,652,652,652,652,652,652,652,652,652,652,652,652,653,653,654, /* block 155 */ -654,654,654,654,654,654,654,654,654,654,654,654,654,654,654,654, -654,654,654,654,654,654,654,654,654,654,654,654,654,654,654,654, -654,654,654,654,654,654,654,654,654,654,654,654,654,654,654,654, -654,654,654,654,654,654,115,115,115,655,655,655,655,655,655,655, -656,656,656,656,656,656,656,656,656,656,656,656,656,656,656,656, -656,656,656,656,656,656,115,115,657,657,657,657,657,657,657,657, -658,658,658,658,658,658,658,658,658,658,658,658,658,658,658,658, -658,658,658,115,115,115,115,115,659,659,659,659,659,659,659,659, +655,655,655,655,655,655,655,655,655,655,655,655,655,655,655,655, +655,655,655,655,655,655,655,655,655,655,655,655,655,656,656,656, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +657,657,657,657,657,657,657,657,658,657,657,657,657,657,657,657, +657,657,657,657,657,657,657,657,657,657,657,657,657,657,657,657, +657,657,657,657,657,659,659,116,116,116,116,660,660,660,660,660, +661,661,661,661,661,661,661,116,116,116,116,116,116,116,116,116, /* block 156 */ -660,660,660,660,660,660,660,660,660,660,660,660,660,660,660,660, -660,660,115,115,115,115,115,115,115,661,661,661,661,115,115,115, -115,115,115,115,115,115,115,115,115,662,662,662,662,662,662,662, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +662,662,662,662,662,662,662,662,662,662,662,662,662,662,662,662, +662,662,662,662,662,662,662,662,662,662,662,662,662,662,662,662, +662,662,662,662,662,662,662,662,662,662,662,662,662,662,662,662, +662,662,662,662,662,662,116,116,116,663,663,663,663,663,663,663, +664,664,664,664,664,664,664,664,664,664,664,664,664,664,664,664, +664,664,664,664,664,664,116,116,665,665,665,665,665,665,665,665, +666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666, +666,666,666,116,116,116,116,116,667,667,667,667,667,667,667,667, /* block 157 */ -663,663,663,663,663,663,663,663,663,663,663,663,663,663,663,663, -663,663,663,663,663,663,663,663,663,663,663,663,663,663,663,663, -663,663,663,663,663,663,663,663,663,663,663,663,663,663,663,663, -663,663,663,663,663,663,663,663,663,663,663,663,663,663,663,663, -663,663,663,663,663,663,663,663,663,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +668,668,668,668,668,668,668,668,668,668,668,668,668,668,668,668, +668,668,116,116,116,116,116,116,116,669,669,669,669,116,116,116, +116,116,116,116,116,116,116,116,116,670,670,670,670,670,670,670, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 158 */ -664,664,664,664,664,664,664,664,664,664,664,664,664,664,664,664, -664,664,664,664,664,664,664,664,664,664,664,664,664,664,664,664, -664,664,664,664,664,664,664,664,664,664,664,664,664,664,664,664, -664,664,664,115,115,115,115,115,115,115,115,115,115,115,115,115, -665,665,665,665,665,665,665,665,665,665,665,665,665,665,665,665, -665,665,665,665,665,665,665,665,665,665,665,665,665,665,665,665, -665,665,665,665,665,665,665,665,665,665,665,665,665,665,665,665, -665,665,665,115,115,115,115,115,115,115,666,666,666,666,666,666, +671,671,671,671,671,671,671,671,671,671,671,671,671,671,671,671, +671,671,671,671,671,671,671,671,671,671,671,671,671,671,671,671, +671,671,671,671,671,671,671,671,671,671,671,671,671,671,671,671, +671,671,671,671,671,671,671,671,671,671,671,671,671,671,671,671, +671,671,671,671,671,671,671,671,671,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 159 */ -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -667,667,667,667,667,667,667,667,667,667,667,667,667,667,667,667, -667,667,667,667,667,667,667,667,667,667,667,667,667,667,667,115, +672,672,672,672,672,672,672,672,672,672,672,672,672,672,672,672, +672,672,672,672,672,672,672,672,672,672,672,672,672,672,672,672, +672,672,672,672,672,672,672,672,672,672,672,672,672,672,672,672, +672,672,672,116,116,116,116,116,116,116,116,116,116,116,116,116, +673,673,673,673,673,673,673,673,673,673,673,673,673,673,673,673, +673,673,673,673,673,673,673,673,673,673,673,673,673,673,673,673, +673,673,673,673,673,673,673,673,673,673,673,673,673,673,673,673, +673,673,673,116,116,116,116,116,116,116,674,674,674,674,674,674, /* block 160 */ -668,669,668,670,670,670,670,670,670,670,670,670,670,670,670,670, -670,670,670,670,670,670,670,670,670,670,670,670,670,670,670,670, -670,670,670,670,670,670,670,670,670,670,670,670,670,670,670,670, -670,670,670,670,670,670,670,670,669,669,669,669,669,669,669,669, -669,669,669,669,669,669,669,671,671,671,671,671,671,671,115,115, -115,115,672,672,672,672,672,672,672,672,672,672,672,672,672,672, -672,672,672,672,672,672,673,673,673,673,673,673,673,673,673,673, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,669, +675,675,675,675,675,675,675,675,675,675,675,675,675,675,675,675, +675,675,675,675,675,675,675,675,675,675,675,675,675,675,675,675, +675,675,675,675,676,676,676,676,116,116,116,116,116,116,116,116, +677,677,677,677,677,677,677,677,677,677,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 161 */ -674,674,675,676,676,676,676,676,676,676,676,676,676,676,676,676, -676,676,676,676,676,676,676,676,676,676,676,676,676,676,676,676, -676,676,676,676,676,676,676,676,676,676,676,676,676,676,676,676, -675,675,675,674,674,674,674,675,675,674,674,677,677,678,677,677, -677,677,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -679,679,679,679,679,679,679,679,679,679,679,679,679,679,679,679, -679,679,679,679,679,679,679,679,679,115,115,115,115,115,115,115, -680,680,680,680,680,680,680,680,680,680,115,115,115,115,115,115, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +678,678,678,678,678,678,678,678,678,678,678,678,678,678,678,678, +678,678,678,678,678,678,678,678,678,678,678,678,678,678,678,116, /* block 162 */ -681,681,681,682,682,682,682,682,682,682,682,682,682,682,682,682, -682,682,682,682,682,682,682,682,682,682,682,682,682,682,682,682, -682,682,682,682,682,682,682,681,681,681,681,681,683,681,681,681, -681,681,681,681,681,115,684,684,684,684,684,684,684,684,684,684, -685,685,685,685,115,115,115,115,115,115,115,115,115,115,115,115, -686,686,686,686,686,686,686,686,686,686,686,686,686,686,686,686, -686,686,686,686,686,686,686,686,686,686,686,686,686,686,686,686, -686,686,686,687,688,688,686,115,115,115,115,115,115,115,115,115, +679,679,679,679,679,679,679,679,679,679,679,679,679,679,679,679, +679,679,679,679,679,679,679,679,679,679,679,679,679,680,680,680, +680,680,680,680,680,680,680,679,116,116,116,116,116,116,116,116, +681,681,681,681,681,681,681,681,681,681,681,681,681,681,681,681, +681,681,681,681,681,681,682,682,682,682,682,682,682,682,682,682, +682,683,683,683,683,684,684,684,684,684,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 163 */ -689,689,690,691,691,691,691,691,691,691,691,691,691,691,691,691, -691,691,691,691,691,691,691,691,691,691,691,691,691,691,691,691, -691,691,691,691,691,691,691,691,691,691,691,691,691,691,691,691, -691,691,691,690,690,690,689,689,689,689,689,689,689,689,689,690, -690,691,692,692,691,693,693,693,693,693,689,689,689,693,115,115, -694,694,694,694,694,694,694,694,694,694,691,693,691,693,693,693, -115,695,695,695,695,695,695,695,695,695,695,695,695,695,695,695, -695,695,695,695,695,115,115,115,115,115,115,115,115,115,115,115, +685,686,685,687,687,687,687,687,687,687,687,687,687,687,687,687, +687,687,687,687,687,687,687,687,687,687,687,687,687,687,687,687, +687,687,687,687,687,687,687,687,687,687,687,687,687,687,687,687, +687,687,687,687,687,687,687,687,686,686,686,686,686,686,686,686, +686,686,686,686,686,686,686,688,688,688,688,688,688,688,116,116, +116,116,689,689,689,689,689,689,689,689,689,689,689,689,689,689, +689,689,689,689,689,689,690,690,690,690,690,690,690,690,690,690, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,686, /* block 164 */ +691,691,692,693,693,693,693,693,693,693,693,693,693,693,693,693, +693,693,693,693,693,693,693,693,693,693,693,693,693,693,693,693, +693,693,693,693,693,693,693,693,693,693,693,693,693,693,693,693, +692,692,692,691,691,691,691,692,692,691,691,694,694,695,694,694, +694,694,116,116,116,116,116,116,116,116,116,116,116,695,116,116, 696,696,696,696,696,696,696,696,696,696,696,696,696,696,696,696, -696,696,115,696,696,696,696,696,696,696,696,696,696,696,696,696, -696,696,696,696,696,696,696,696,696,696,696,696,697,697,697,698, -698,698,697,697,698,697,698,698,699,699,699,699,699,699,698,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +696,696,696,696,696,696,696,696,696,116,116,116,116,116,116,116, +697,697,697,697,697,697,697,697,697,697,116,116,116,116,116,116, /* block 165 */ -700,700,700,700,700,700,700,115,700,115,700,700,700,700,115,700, -700,700,700,700,700,700,700,700,700,700,700,700,700,700,115,700, -700,700,700,700,700,700,700,700,700,701,115,115,115,115,115,115, -702,702,702,702,702,702,702,702,702,702,702,702,702,702,702,702, -702,702,702,702,702,702,702,702,702,702,702,702,702,702,702,702, -702,702,702,702,702,702,702,702,702,702,702,702,702,702,702,703, -704,704,704,703,703,703,703,703,703,703,703,115,115,115,115,115, -705,705,705,705,705,705,705,705,705,705,115,115,115,115,115,115, +698,698,698,699,699,699,699,699,699,699,699,699,699,699,699,699, +699,699,699,699,699,699,699,699,699,699,699,699,699,699,699,699, +699,699,699,699,699,699,699,698,698,698,698,698,700,698,698,698, +698,698,698,698,698,116,701,701,701,701,701,701,701,701,701,701, +702,702,702,702,699,700,700,116,116,116,116,116,116,116,116,116, +703,703,703,703,703,703,703,703,703,703,703,703,703,703,703,703, +703,703,703,703,703,703,703,703,703,703,703,703,703,703,703,703, +703,703,703,704,705,705,703,116,116,116,116,116,116,116,116,116, /* block 166 */ -706,706,707,707,115,708,708,708,708,708,708,708,708,115,115,708, -708,115,115,708,708,708,708,708,708,708,708,708,708,708,708,708, -708,708,708,708,708,708,708,708,708,115,708,708,708,708,708,708, -708,115,708,708,115,708,708,708,708,708,115,115,706,708,709,707, -706,707,707,707,707,115,115,707,707,115,115,707,707,707,115,115, -708,115,115,115,115,115,115,709,115,115,115,115,115,708,708,708, -708,708,707,707,115,115,706,706,706,706,706,706,706,115,115,115, -706,706,706,706,706,115,115,115,115,115,115,115,115,115,115,115, +706,706,707,708,708,708,708,708,708,708,708,708,708,708,708,708, +708,708,708,708,708,708,708,708,708,708,708,708,708,708,708,708, +708,708,708,708,708,708,708,708,708,708,708,708,708,708,708,708, +708,708,708,707,707,707,706,706,706,706,706,706,706,706,706,707, +707,708,709,709,708,710,710,710,710,706,706,706,706,710,116,116, +711,711,711,711,711,711,711,711,711,711,708,710,708,710,710,710, +116,712,712,712,712,712,712,712,712,712,712,712,712,712,712,712, +712,712,712,712,712,116,116,116,116,116,116,116,116,116,116,116, /* block 167 */ -710,710,710,710,710,710,710,710,710,710,710,710,710,710,710,710, -710,710,710,710,710,710,710,710,710,710,710,710,710,710,710,710, -710,710,710,710,710,710,710,710,710,710,710,710,710,710,710,710, -710,710,710,710,710,711,711,711,712,712,712,712,712,712,712,712, -711,711,712,712,712,711,712,710,710,710,710,713,713,713,713,713, -714,714,714,714,714,714,714,714,714,714,115,713,115,713,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +713,713,713,713,713,713,713,713,713,713,713,713,713,713,713,713, +713,713,116,713,713,713,713,713,713,713,713,713,713,713,713,713, +713,713,713,713,713,713,713,713,713,713,713,713,714,714,714,715, +715,715,714,714,715,714,715,715,716,716,716,716,716,716,715,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 168 */ -715,715,715,715,715,715,715,715,715,715,715,715,715,715,715,715, -715,715,715,715,715,715,715,715,715,715,715,715,715,715,715,715, -715,715,715,715,715,715,715,715,715,715,715,715,715,715,715,715, -716,717,717,718,718,718,718,718,718,717,718,717,717,716,717,718, -718,717,718,718,715,715,719,715,115,115,115,115,115,115,115,115, -720,720,720,720,720,720,720,720,720,720,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +717,717,717,717,717,717,717,116,717,116,717,717,717,717,116,717, +717,717,717,717,717,717,717,717,717,717,717,717,717,717,116,717, +717,717,717,717,717,717,717,717,717,718,116,116,116,116,116,116, +719,719,719,719,719,719,719,719,719,719,719,719,719,719,719,719, +719,719,719,719,719,719,719,719,719,719,719,719,719,719,719,719, +719,719,719,719,719,719,719,719,719,719,719,719,719,719,719,720, +721,721,721,720,720,720,720,720,720,720,720,116,116,116,116,116, +722,722,722,722,722,722,722,722,722,722,116,116,116,116,116,116, /* block 169 */ -721,721,721,721,721,721,721,721,721,721,721,721,721,721,721,721, -721,721,721,721,721,721,721,721,721,721,721,721,721,721,721,721, -721,721,721,721,721,721,721,721,721,721,721,721,721,721,721,722, -723,723,724,724,724,724,115,115,723,723,723,723,724,724,723,724, -724,725,725,725,725,725,725,725,725,725,725,725,725,725,725,725, -725,725,725,725,725,725,725,725,721,721,721,721,724,724,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +723,723,724,724,116,725,725,725,725,725,725,725,725,116,116,725, +725,116,116,725,725,725,725,725,725,725,725,725,725,725,725,725, +725,725,725,725,725,725,725,725,725,116,725,725,725,725,725,725, +725,116,725,725,116,725,725,725,725,725,116,111,723,725,726,724, +723,724,724,724,724,116,116,724,724,116,116,724,724,724,116,116, +725,116,116,116,116,116,116,726,116,116,116,116,116,725,725,725, +725,725,724,724,116,116,723,723,723,723,723,723,723,116,116,116, +723,723,723,723,723,116,116,116,116,116,116,116,116,116,116,116, /* block 170 */ -726,726,726,726,726,726,726,726,726,726,726,726,726,726,726,726, -726,726,726,726,726,726,726,726,726,726,726,726,726,726,726,726, -726,726,726,726,726,726,726,726,726,726,726,726,726,726,726,726, -727,727,727,728,728,728,728,728,728,728,728,727,727,728,727,728, -728,729,729,729,726,115,115,115,115,115,115,115,115,115,115,115, -730,730,730,730,730,730,730,730,730,730,115,115,115,115,115,115, -369,369,369,369,369,369,369,369,369,369,369,369,369,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +727,727,727,727,727,727,727,727,727,727,727,727,727,727,727,727, +727,727,727,727,727,727,727,727,727,727,727,727,727,727,727,727, +727,727,727,727,727,727,727,727,727,727,727,727,727,727,727,727, +727,727,727,727,727,728,728,728,729,729,729,729,729,729,729,729, +728,728,729,729,729,728,729,727,727,727,727,730,730,730,730,730, +731,731,731,731,731,731,731,731,731,731,116,730,116,730,729,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 171 */ -731,731,731,731,731,731,731,731,731,731,731,731,731,731,731,731, -731,731,731,731,731,731,731,731,731,731,731,731,731,731,731,731, -731,731,731,731,731,731,731,731,731,731,731,732,733,732,733,733, -732,732,732,732,732,732,733,732,115,115,115,115,115,115,115,115, -734,734,734,734,734,734,734,734,734,734,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +732,732,732,732,732,732,732,732,732,732,732,732,732,732,732,732, +732,732,732,732,732,732,732,732,732,732,732,732,732,732,732,732, +732,732,732,732,732,732,732,732,732,732,732,732,732,732,732,732, +733,734,734,735,735,735,735,735,735,734,735,734,734,733,734,735, +735,734,735,735,732,732,736,732,116,116,116,116,116,116,116,116, +737,737,737,737,737,737,737,737,737,737,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 172 */ -735,735,735,735,735,735,735,735,735,735,735,735,735,735,735,735, -735,735,735,735,735,735,735,735,735,735,115,115,115,736,736,736, -737,737,736,736,736,736,737,736,736,736,736,736,115,115,115,115, -738,738,738,738,738,738,738,738,738,738,739,739,740,740,740,741, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +738,738,738,738,738,738,738,738,738,738,738,738,738,738,738,738, +738,738,738,738,738,738,738,738,738,738,738,738,738,738,738,738, +738,738,738,738,738,738,738,738,738,738,738,738,738,738,738,739, +740,740,741,741,741,741,116,116,740,740,740,740,741,741,740,741, +741,742,742,742,742,742,742,742,742,742,742,742,742,742,742,742, +742,742,742,742,742,742,742,742,738,738,738,738,741,741,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 173 */ -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -742,742,742,742,742,742,742,742,742,742,742,742,742,742,742,742, -742,742,742,742,742,742,742,742,742,742,742,742,742,742,742,742, 743,743,743,743,743,743,743,743,743,743,743,743,743,743,743,743, 743,743,743,743,743,743,743,743,743,743,743,743,743,743,743,743, -744,744,744,744,744,744,744,744,744,744,745,745,745,745,745,745, -745,745,745,115,115,115,115,115,115,115,115,115,115,115,115,746, +743,743,743,743,743,743,743,743,743,743,743,743,743,743,743,743, +744,744,744,745,745,745,745,745,745,745,745,744,744,745,744,745, +745,746,746,746,743,116,116,116,116,116,116,116,116,116,116,116, +747,747,747,747,747,747,747,747,747,747,116,116,116,116,116,116, +373,373,373,373,373,373,373,373,373,373,373,373,373,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 174 */ -747,748,748,748,748,748,748,749,749,748,748,747,747,747,747,747, -747,747,747,747,747,747,747,747,747,747,747,747,747,747,747,747, -747,747,747,747,747,747,747,747,747,747,747,747,747,747,747,747, -747,747,747,748,748,748,748,748,748,749,750,748,748,748,748,751, -751,751,751,751,751,751,751,748,115,115,115,115,115,115,115,115, -752,753,753,753,753,753,753,754,754,753,753,753,752,752,752,752, -752,752,752,752,752,752,752,752,752,752,752,752,752,752,752,752, -752,752,752,752,752,752,752,752,752,752,752,752,752,752,752,752, +748,748,748,748,748,748,748,748,748,748,748,748,748,748,748,748, +748,748,748,748,748,748,748,748,748,748,748,748,748,748,748,748, +748,748,748,748,748,748,748,748,748,748,748,749,750,749,750,750, +749,749,749,749,749,749,750,749,116,116,116,116,116,116,116,116, +751,751,751,751,751,751,751,751,751,751,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 175 */ -752,752,752,752,115,115,755,755,755,755,753,753,753,753,753,753, -753,753,753,753,753,753,753,754,753,753,756,756,756,115,756,756, -756,756,756,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -757,757,757,757,757,757,757,757,757,757,757,757,757,757,757,757, -757,757,757,757,757,757,757,757,757,757,757,757,757,757,757,757, -757,757,757,757,757,757,757,757,757,757,757,757,757,757,757,757, -757,757,757,757,757,757,757,757,757,115,115,115,115,115,115,115, +752,752,752,752,752,752,752,752,752,752,752,752,752,752,752,752, +752,752,752,752,752,752,752,752,752,752,752,116,116,753,753,753, +754,754,753,753,753,753,754,753,753,753,753,753,116,116,116,116, +755,755,755,755,755,755,755,755,755,755,756,756,757,757,757,758, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 176 */ -758,758,758,758,758,758,758,758,758,115,758,758,758,758,758,758, -758,758,758,758,758,758,758,758,758,758,758,758,758,758,758,758, -758,758,758,758,758,758,758,758,758,758,758,758,758,758,758,759, -760,760,760,760,760,760,760,115,760,760,760,760,760,760,759,760, -758,761,761,761,761,761,115,115,115,115,115,115,115,115,115,115, -762,762,762,762,762,762,762,762,762,762,763,763,763,763,763,763, -763,763,763,763,763,763,763,763,763,763,763,763,763,115,115,115, -764,764,765,765,765,765,765,765,765,765,765,765,765,765,765,765, +759,759,759,759,759,759,759,759,759,759,759,759,759,759,759,759, +759,759,759,759,759,759,759,759,759,759,759,759,759,759,759,759, +759,759,759,759,759,759,759,759,759,759,759,759,760,760,760,761, +761,761,761,761,761,761,761,761,760,761,761,762,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 177 */ -765,765,765,765,765,765,765,765,765,765,765,765,765,765,765,765, -115,115,766,766,766,766,766,766,766,766,766,766,766,766,766,766, -766,766,766,766,766,766,766,766,115,767,766,766,766,766,766,766, -766,767,766,766,767,766,766,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +763,763,763,763,763,763,763,763,763,763,763,763,763,763,763,763, +763,763,763,763,763,763,763,763,763,763,763,763,763,763,763,763, +764,764,764,764,764,764,764,764,764,764,764,764,764,764,764,764, +764,764,764,764,764,764,764,764,764,764,764,764,764,764,764,764, +765,765,765,765,765,765,765,765,765,765,766,766,766,766,766,766, +766,766,766,116,116,116,116,116,116,116,116,116,116,116,116,767, /* block 178 */ -768,768,768,768,768,768,768,115,768,768,115,768,768,768,768,768, +768,769,769,769,769,769,769,769,769,769,769,768,768,768,768,768, 768,768,768,768,768,768,768,768,768,768,768,768,768,768,768,768, 768,768,768,768,768,768,768,768,768,768,768,768,768,768,768,768, -768,769,769,769,769,769,769,115,115,115,769,115,769,769,115,769, -769,769,769,769,769,769,770,769,115,115,115,115,115,115,115,115, -771,771,771,771,771,771,771,771,771,771,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +768,768,768,769,769,769,769,769,769,770,771,769,769,769,769,772, +772,772,772,772,772,772,772,769,116,116,116,116,116,116,116,116, +773,774,774,774,774,774,774,775,775,774,774,774,773,773,773,773, +773,773,773,773,773,773,773,773,773,773,773,773,773,773,773,773, +773,773,773,773,773,773,773,773,773,773,773,773,773,773,773,773, /* block 179 */ -772,772,772,772,772,772,772,772,772,772,772,772,772,772,772,772, -772,772,772,772,772,772,772,772,772,772,772,772,772,772,772,772, -772,772,772,772,772,772,772,772,772,772,772,772,772,772,772,772, -772,772,772,772,772,772,772,772,772,772,772,772,772,772,772,772, -772,772,772,772,772,772,772,772,772,772,772,772,772,772,772,772, -772,772,772,772,772,772,772,772,772,772,772,772,772,772,772,772, -772,772,772,772,772,772,772,772,772,772,772,772,772,772,772,772, -772,772,772,772,772,772,772,772,772,772,772,772,772,772,772,772, +773,773,773,773,116,116,776,776,776,776,774,774,774,774,774,774, +774,774,774,774,774,774,774,775,774,774,777,777,777,773,777,777, +777,777,777,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +778,778,778,778,778,778,778,778,778,778,778,778,778,778,778,778, +778,778,778,778,778,778,778,778,778,778,778,778,778,778,778,778, +778,778,778,778,778,778,778,778,778,778,778,778,778,778,778,778, +778,778,778,778,778,778,778,778,778,116,116,116,116,116,116,116, /* block 180 */ -772,772,772,772,772,772,772,772,772,772,772,772,772,772,772,772, -772,772,772,772,772,772,772,772,772,772,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +779,779,779,779,779,779,779,779,779,116,779,779,779,779,779,779, +779,779,779,779,779,779,779,779,779,779,779,779,779,779,779,779, +779,779,779,779,779,779,779,779,779,779,779,779,779,779,779,780, +781,781,781,781,781,781,781,116,781,781,781,781,781,781,780,781, +779,782,782,782,782,782,116,116,116,116,116,116,116,116,116,116, +783,783,783,783,783,783,783,783,783,783,784,784,784,784,784,784, +784,784,784,784,784,784,784,784,784,784,784,784,784,116,116,116, +785,785,786,786,786,786,786,786,786,786,786,786,786,786,786,786, /* block 181 */ -773,773,773,773,773,773,773,773,773,773,773,773,773,773,773,773, -773,773,773,773,773,773,773,773,773,773,773,773,773,773,773,773, -773,773,773,773,773,773,773,773,773,773,773,773,773,773,773,773, -773,773,773,773,773,773,773,773,773,773,773,773,773,773,773,773, -773,773,773,773,773,773,773,773,773,773,773,773,773,773,773,773, -773,773,773,773,773,773,773,773,773,773,773,773,773,773,773,773, -773,773,773,773,773,773,773,773,773,773,773,773,773,773,773,115, -774,774,774,774,774,115,115,115,115,115,115,115,115,115,115,115, +786,786,786,786,786,786,786,786,786,786,786,786,786,786,786,786, +116,116,787,787,787,787,787,787,787,787,787,787,787,787,787,787, +787,787,787,787,787,787,787,787,116,788,787,787,787,787,787,787, +787,788,787,787,788,787,787,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 182 */ -772,772,772,772,772,772,772,772,772,772,772,772,772,772,772,772, -772,772,772,772,772,772,772,772,772,772,772,772,772,772,772,772, -772,772,772,772,772,772,772,772,772,772,772,772,772,772,772,772, -772,772,772,772,772,772,772,772,772,772,772,772,772,772,772,772, -772,772,772,772,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +789,789,789,789,789,789,789,116,789,789,116,789,789,789,789,789, +789,789,789,789,789,789,789,789,789,789,789,789,789,789,789,789, +789,789,789,789,789,789,789,789,789,789,789,789,789,789,789,789, +789,790,790,790,790,790,790,116,116,116,790,116,790,790,116,790, +790,790,790,790,790,790,791,790,116,116,116,116,116,116,116,116, +792,792,792,792,792,792,792,792,792,792,116,116,116,116,116,116, +793,793,793,793,793,793,116,793,793,116,793,793,793,793,793,793, +793,793,793,793,793,793,793,793,793,793,793,793,793,793,793,793, /* block 183 */ -775,775,775,775,775,775,775,775,775,775,775,775,775,775,775,775, -775,775,775,775,775,775,775,775,775,775,775,775,775,775,775,775, -775,775,775,775,775,775,775,775,775,775,775,775,775,775,775,775, -775,775,775,775,775,775,775,775,775,775,775,775,775,775,775,775, -775,775,775,775,775,775,775,775,775,775,775,775,775,775,775,775, -775,775,775,775,775,775,775,775,775,775,775,775,775,775,775,775, -775,775,775,775,775,775,775,775,775,775,775,775,775,775,775,775, -775,775,775,775,775,775,775,775,775,775,775,775,775,775,775,775, +793,793,793,793,793,793,793,793,793,793,794,794,794,794,794,116, +795,795,116,794,794,795,794,795,793,116,116,116,116,116,116,116, +796,796,796,796,796,796,796,796,796,796,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 184 */ -775,775,775,775,775,775,775,775,775,775,775,775,775,775,775,775, -775,775,775,775,775,775,775,775,775,775,775,775,775,775,775,775, -775,775,775,775,775,775,775,775,775,775,775,775,775,775,775,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, +797,797,797,798,798,799,799,800,800,116,116,116,116,116,116,116, /* block 185 */ -776,776,776,776,776,776,776,776,776,776,776,776,776,776,776,776, -776,776,776,776,776,776,776,776,776,776,776,776,776,776,776,776, -776,776,776,776,776,776,776,776,776,776,776,776,776,776,776,776, -776,776,776,776,776,776,776,776,776,776,776,776,776,776,776,776, -776,776,776,776,776,776,776,776,776,776,776,776,776,776,776,776, -776,776,776,776,776,776,776,776,776,776,776,776,776,776,776,776, -776,776,776,776,776,776,776,776,776,776,776,776,776,776,776,776, -776,776,776,776,776,776,776,776,776,776,776,776,776,776,776,776, +801,801,801,801,801,801,801,801,801,801,801,801,801,801,801,801, +801,801,801,801,801,801,801,801,801,801,801,801,801,801,801,801, +801,801,801,801,801,801,801,801,801,801,801,801,801,801,801,801, +801,801,801,801,801,801,801,801,801,801,801,801,801,801,801,801, +801,801,801,801,801,801,801,801,801,801,801,801,801,801,801,801, +801,801,801,801,801,801,801,801,801,801,801,801,801,801,801,801, +801,801,801,801,801,801,801,801,801,801,801,801,801,801,801,801, +801,801,801,801,801,801,801,801,801,801,801,801,801,801,801,801, /* block 186 */ -776,776,776,776,776,776,776,776,776,776,776,776,776,776,776,776, -776,776,776,776,776,776,776,776,776,776,776,776,776,776,776,776, -776,776,776,776,776,776,776,776,776,776,776,776,776,776,776,776, -776,776,776,776,776,776,776,776,776,776,776,776,776,776,776,776, -776,776,776,776,776,776,776,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +801,801,801,801,801,801,801,801,801,801,801,801,801,801,801,801, +801,801,801,801,801,801,801,801,801,801,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 187 */ -530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, -530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, -530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, -530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, -530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, -530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, -530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, -530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, +802,802,802,802,802,802,802,802,802,802,802,802,802,802,802,802, +802,802,802,802,802,802,802,802,802,802,802,802,802,802,802,802, +802,802,802,802,802,802,802,802,802,802,802,802,802,802,802,802, +802,802,802,802,802,802,802,802,802,802,802,802,802,802,802,802, +802,802,802,802,802,802,802,802,802,802,802,802,802,802,802,802, +802,802,802,802,802,802,802,802,802,802,802,802,802,802,802,802, +802,802,802,802,802,802,802,802,802,802,802,802,802,802,802,116, +803,803,803,803,803,116,116,116,116,116,116,116,116,116,116,116, /* block 188 */ -530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, -530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, -530,530,530,530,530,530,530,530,530,530,530,530,530,530,530,530, -530,530,530,530,530,530,530,530,530,115,115,115,115,115,115,115, -777,777,777,777,777,777,777,777,777,777,777,777,777,777,777,777, -777,777,777,777,777,777,777,777,777,777,777,777,777,777,777,115, -778,778,778,778,778,778,778,778,778,778,115,115,115,115,779,779, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +801,801,801,801,801,801,801,801,801,801,801,801,801,801,801,801, +801,801,801,801,801,801,801,801,801,801,801,801,801,801,801,801, +801,801,801,801,801,801,801,801,801,801,801,801,801,801,801,801, +801,801,801,801,801,801,801,801,801,801,801,801,801,801,801,801, +801,801,801,801,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 189 */ -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -780,780,780,780,780,780,780,780,780,780,780,780,780,780,780,780, -780,780,780,780,780,780,780,780,780,780,780,780,780,780,115,115, -781,781,781,781,781,782,115,115,115,115,115,115,115,115,115,115, +804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, +804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, +804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, +804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, +804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, +804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, +804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, +804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, /* block 190 */ -783,783,783,783,783,783,783,783,783,783,783,783,783,783,783,783, -783,783,783,783,783,783,783,783,783,783,783,783,783,783,783,783, -783,783,783,783,783,783,783,783,783,783,783,783,783,783,783,783, -784,784,784,784,784,784,784,785,785,785,785,785,786,786,786,786, -787,787,787,787,785,786,115,115,115,115,115,115,115,115,115,115, -788,788,788,788,788,788,788,788,788,788,115,789,789,789,789,789, -789,789,115,783,783,783,783,783,783,783,783,783,783,783,783,783, -783,783,783,783,783,783,783,783,115,115,115,115,115,783,783,783, +804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, +804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, +804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 191 */ -783,783,783,783,783,783,783,783,783,783,783,783,783,783,783,783, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, +805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, +805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, +805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, +805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, +805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, +805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, +805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, /* block 192 */ -790,790,790,790,790,790,790,790,790,790,790,790,790,790,790,790, -790,790,790,790,790,790,790,790,790,790,790,790,790,790,790,790, -790,790,790,790,790,790,790,790,790,790,790,790,790,790,790,790, -790,790,790,790,790,790,790,790,790,790,790,790,790,790,790,790, -790,790,790,790,790,115,115,115,115,115,115,115,115,115,115,115, -790,791,791,791,791,791,791,791,791,791,791,791,791,791,791,791, -791,791,791,791,791,791,791,791,791,791,791,791,791,791,791,791, -791,791,791,791,791,791,791,791,791,791,791,791,791,791,791,115, +805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, +805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, +805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, +805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, +805,805,805,805,805,805,805,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 193 */ -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,792, -792,792,792,793,793,793,793,793,793,793,793,793,793,793,793,793, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -794,795,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, /* block 194 */ -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,538,538,538,538,538,538,538,538,538,538, +538,538,538,538,538,538,538,538,538,116,116,116,116,116,116,116, +806,806,806,806,806,806,806,806,806,806,806,806,806,806,806,806, +806,806,806,806,806,806,806,806,806,806,806,806,806,806,806,116, +807,807,807,807,807,807,807,807,807,807,116,116,116,116,808,808, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 195 */ -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +809,809,809,809,809,809,809,809,809,809,809,809,809,809,809,809, +809,809,809,809,809,809,809,809,809,809,809,809,809,809,116,116, +810,810,810,810,810,811,116,116,116,116,116,116,116,116,116,116, /* block 196 */ -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,796,796,796,796,796,796,796,796,796,796,796,796,796, -796,796,796,115,115,115,115,115,115,115,115,115,115,115,115,115, +812,812,812,812,812,812,812,812,812,812,812,812,812,812,812,812, +812,812,812,812,812,812,812,812,812,812,812,812,812,812,812,812, +812,812,812,812,812,812,812,812,812,812,812,812,812,812,812,812, +813,813,813,813,813,813,813,814,814,814,814,814,815,815,815,815, +816,816,816,816,814,815,116,116,116,116,116,116,116,116,116,116, +817,817,817,817,817,817,817,817,817,817,116,818,818,818,818,818, +818,818,116,812,812,812,812,812,812,812,812,812,812,812,812,812, +812,812,812,812,812,812,812,812,116,116,116,116,116,812,812,812, /* block 197 */ -509,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, +812,812,812,812,812,812,812,812,812,812,812,812,812,812,812,812, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 198 */ -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +819,819,819,819,819,819,819,819,819,819,819,819,819,819,819,819, +819,819,819,819,819,819,819,819,819,819,819,819,819,819,819,819, +820,820,820,820,820,820,820,820,820,820,820,820,820,820,820,820, +820,820,820,820,820,820,820,820,820,820,820,820,820,820,820,820, /* block 199 */ -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,507, -507,507,507,507,507,507,507,507,507,507,507,507,507,507,507,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, +821,821,821,821,821,821,821,821,821,821,821,821,821,821,821,821, +821,821,821,821,821,821,821,822,822,822,822,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 200 */ -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, +823,823,823,823,823,823,823,823,823,823,823,823,823,823,823,823, +823,823,823,823,823,823,823,823,823,823,823,823,823,823,823,823, +823,823,823,823,823,823,823,823,823,823,823,823,823,823,823,823, +823,823,823,823,823,823,823,823,823,823,823,823,823,823,823,823, +823,823,823,823,823,116,116,116,116,116,116,116,116,116,116,116, +823,824,824,824,824,824,824,824,824,824,824,824,824,824,824,824, +824,824,824,824,824,824,824,824,824,824,824,824,824,824,824,824, +824,824,824,824,824,824,824,824,824,824,824,824,824,824,824,116, /* block 201 */ -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,797,797,797,797, -797,797,797,797,797,797,797,797,797,797,797,797,115,115,115,115, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,825, +825,825,825,826,826,826,826,826,826,826,826,826,826,826,826,826, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +827,828,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 202 */ -798,798,798,798,798,798,798,798,798,798,798,798,798,798,798,798, -798,798,798,798,798,798,798,798,798,798,798,798,798,798,798,798, -798,798,798,798,798,798,798,798,798,798,798,798,798,798,798,798, -798,798,798,798,798,798,798,798,798,798,798,798,798,798,798,798, -798,798,798,798,798,798,798,798,798,798,798,798,798,798,798,798, -798,798,798,798,798,798,798,798,798,798,798,798,798,798,798,798, -798,798,798,798,798,798,798,798,798,798,798,115,115,115,115,115, -798,798,798,798,798,798,798,798,798,798,798,798,798,115,115,115, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, /* block 203 */ -798,798,798,798,798,798,798,798,798,115,115,115,115,115,115,115, -798,798,798,798,798,798,798,798,798,798,115,115,799,800,800,801, - 22, 22, 22, 22,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 204 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19,115,115,115,115,115,115,115,115,115,115, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,829,829,829,829,829,829,829,829,829,829,829,829,829, +829,829,829,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 205 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19,115,115, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19,802,433,110,110,110, 19, 19, 19,433,802,802, -802,802,802, 22, 22, 22, 22, 22, 22, 22, 22,110,110,110,110,110, +517,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, /* block 206 */ -110,110,110, 19, 19,110,110,110,110,110,110,110, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,110,110,110,110, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, /* block 207 */ -596,596,596,596,596,596,596,596,596,596,596,596,596,596,596,596, -596,596,596,596,596,596,596,596,596,596,596,596,596,596,596,596, -596,596,596,596,596,596,596,596,596,596,596,596,596,596,596,596, -596,596,596,596,596,596,596,596,596,596,596,596,596,596,596,596, -596,596,803,803,803,596,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, +515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, /* block 208 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19,115,115,115,115,115,115,115,115,115, - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, - 23, 23,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, /* block 209 */ -466,466,466,466,466,466,466,466,466,466,466,466,466,466,466,466, -466,466,466,466,466,466,466,466,466,466,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,467,467,467,467,467,467,467,467, -467,467,467,467,466,466,466,466,466,466,466,466,466,466,466,466, -466,466,466,466,466,466,466,466,466,466,466,466,466,466,467,467, -467,467,467,467,467,115,467,467,467,467,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,466,466,466,466,466,466,466,466, -466,466,466,466,466,466,466,466,466,466,466,466,466,466,466,466, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,830,830,830,830, +830,830,830,830,830,830,830,830,830,830,830,830,116,116,116,116, /* block 210 */ -466,466,467,467,467,467,467,467,467,467,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,467,467,467,467,466,115,466,466, -115,115,466,115,115,466,466,115,115,466,466,466,466,115,466,466, -466,466,466,466,466,466,467,467,467,467,115,467,115,467,467,467, -467,467,467,467,115,467,467,467,467,467,467,467,467,467,467,467, -466,466,466,466,466,466,466,466,466,466,466,466,466,466,466,466, -466,466,466,466,466,466,466,466,466,466,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,467,467,467,467,467,467,467,467, +831,831,831,831,831,831,831,831,831,831,831,831,831,831,831,831, +831,831,831,831,831,831,831,831,831,831,831,831,831,831,831,831, +831,831,831,831,831,831,831,831,831,831,831,831,831,831,831,831, +831,831,831,831,831,831,831,831,831,831,831,831,831,831,831,831, +831,831,831,831,831,831,831,831,831,831,831,831,831,831,831,831, +831,831,831,831,831,831,831,831,831,831,831,831,831,831,831,831, +831,831,831,831,831,831,831,831,831,831,831,116,116,116,116,116, +831,831,831,831,831,831,831,831,831,831,831,831,831,116,116,116, /* block 211 */ -467,467,467,467,466,466,115,466,466,466,466,115,115,466,466,466, -466,466,466,466,466,115,466,466,466,466,466,466,466,115,467,467, -467,467,467,467,467,467,467,467,467,467,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,466,466,115,466,466,466,466,115, -466,466,466,466,466,115,466,115,115,115,466,466,466,466,466,466, -466,115,467,467,467,467,467,467,467,467,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,467,467,467,467,466,466,466,466, -466,466,466,466,466,466,466,466,466,466,466,466,466,466,466,466, +831,831,831,831,831,831,831,831,831,116,116,116,116,116,116,116, +831,831,831,831,831,831,831,831,831,831,116,116,832,833,833,834, + 23, 23, 23, 23,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 212 */ -466,466,466,466,466,466,467,467,467,467,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,467,467,467,467,467,467,467,467, -466,466,466,466,466,466,466,466,466,466,466,466,466,466,466,466, -466,466,466,466,466,466,466,466,466,466,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,467,467,467,467,467,467,467,467, -467,467,467,467,466,466,466,466,466,466,466,466,466,466,466,466, -466,466,466,466,466,466,466,466,466,466,466,466,466,466,467,467, -467,467,467,467,467,467,467,467,467,467,467,467,467,467,467,467, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19,116,116,116,116,116,116,116,116,116,116, /* block 213 */ -467,467,467,467,467,467,467,467,466,466,466,466,466,466,466,466, -466,466,466,466,466,466,466,466,466,466,466,466,466,466,466,466, -466,466,467,467,467,467,467,467,467,467,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,467,467,467,467,466,466,466,466, -466,466,466,466,466,466,466,466,466,466,466,466,466,466,466,466, -466,466,466,466,466,466,467,467,467,467,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,467,467,467,467,467,467,467,467, -466,466,466,466,466,466,466,466,466,466,466,466,466,466,466,466, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19,116,116, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19,835,438,111,111,111, 19, 19, 19,438,835,835, +835,835,835, 23, 23, 23, 23, 23, 23, 23, 23,111,111,111,111,111, /* block 214 */ -466,466,466,466,466,466,466,466,466,466,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,467,467,467,467,467,467,467,467, -467,467,467,467,467,467,115,115,466,466,466,466,466,466,466,466, -466,466,466,466,466,466,466,466,466,466,466,466,466,466,466,466, -466, 8,467,467,467,467,467,467,467,467,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,467,467,467, 8,467,467,467,467, -467,467,466,466,466,466,466,466,466,466,466,466,466,466,466,466, -466,466,466,466,466,466,466,466,466,466,466, 8,467,467,467,467, +111,111,111, 19, 19,111,111,111,111,111,111,111, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,111,111,111,111, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 215 */ -467,467,467,467,467,467,467,467,467,467,467,467,467,467,467,467, -467,467,467,467,467, 8,467,467,467,467,467,467,466,466,466,466, -466,466,466,466,466,466,466,466,466,466,466,466,466,466,466,466, -466,466,466,466,466, 8,467,467,467,467,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,467,467,467,467,467,467,467, 8, -467,467,467,467,467,467,466,466,466,466,466,466,466,466,466,466, -466,466,466,466,466,466,466,466,466,466,466,466,466,466,466, 8, -467,467,467,467,467,467,467,467,467,467,467,467,467,467,467,467, +604,604,604,604,604,604,604,604,604,604,604,604,604,604,604,604, +604,604,604,604,604,604,604,604,604,604,604,604,604,604,604,604, +604,604,604,604,604,604,604,604,604,604,604,604,604,604,604,604, +604,604,604,604,604,604,604,604,604,604,604,604,604,604,604,604, +604,604,836,836,836,604,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 216 */ -467,467,467,467,467,467,467,467,467, 8,467,467,467,467,467,467, -466,466,466,466,466,466,466,466,466,466,466,466,466,466,466,466, -466,466,466,466,466,466,466,466,466, 8,467,467,467,467,467,467, -467,467,467,467,467,467,467,467,467,467,467,467,467,467,467,467, -467,467,467, 8,467,467,467,467,467,467,466,467,115,115, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, - 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, + 24, 24, 24, 24,116,116,116,116,116,116,116,116,116,116,116,116, /* block 217 */ -804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, -804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, -804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, -804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, -804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, -804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, -804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, -804,804,804,804,804,804,804,804,804,804,804,804,804,804,804,804, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19,116,116,116,116,116,116,116,116,116, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, + 24, 24, 24, 24, 24, 24, 24, 24, 24,116,116,116,116,116,116,116, /* block 218 */ -805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, -805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, -805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, -805,805,805,805,805,805,805,804,804,804,804,805,805,805,805,805, -805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, -805,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, -805,805,805,805,805,805,805,805,805,805,805,805,805,804,804,804, -804,804,804,804,804,805,804,804,804,804,804,804,804,804,804,804, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,472,472, +472,472,472,472,472,472,472,472,472,472,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,473,473,473,473,473,473,473,473, +473,473,473,473,472,472,472,472,472,472,472,472,472,472,472,472, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,473,473, +473,473,473,473,473,116,473,473,473,473,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,472,472,472,472,472,472,472,472, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,472,472, /* block 219 */ -804,804,804,804,805,804,804,806,806,806,806,806,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,805,805,805,805,805, -115,805,805,805,805,805,805,805,805,805,805,805,805,805,805,805, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +472,472,473,473,473,473,473,473,473,473,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,473,473,473,473,472,116,472,472, +116,116,472,116,116,472,472,116,116,472,472,472,472,116,472,472, +472,472,472,472,472,472,473,473,473,473,116,473,116,473,473,473, +473,473,473,473,116,473,473,473,473,473,473,473,473,473,473,473, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,472,472, +472,472,472,472,472,472,472,472,472,472,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,473,473,473,473,473,473,473,473, /* block 220 */ -807,807,807,807,807,807,807,115,807,807,807,807,807,807,807,807, -807,807,807,807,807,807,807,807,807,115,115,807,807,807,807,807, -807,807,115,807,807,115,807,807,807,807,807,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +473,473,473,473,472,472,116,472,472,472,472,116,116,472,472,472, +472,472,472,472,472,116,472,472,472,472,472,472,472,116,473,473, +473,473,473,473,473,473,473,473,473,473,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,472,472,116,472,472,472,472,116, +472,472,472,472,472,116,472,116,116,116,472,472,472,472,472,472, +472,116,473,473,473,473,473,473,473,473,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,473,473,473,473,472,472,472,472, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,472,472, /* block 221 */ -808,808,808,808,808,808,808,808,808,808,808,808,808,808,808,808, -808,808,808,808,808,808,808,808,808,808,808,808,808,808,808,808, -808,808,808,808,808,808,808,808,808,808,808,808,808,808,808,808, -808,808,808,808,808,808,808,808,808,808,808,808,808,808,808,808, -808,808,808,808,808,808,808,808,808,808,808,808,808,808,808,808, -808,808,808,808,808,808,808,808,808,808,808,808,808,808,808,808, -808,808,808,808,808,808,808,808,808,808,808,808,808,808,808,808, -808,808,808,808,808,808,808,808,808,808,808,808,808,808,808,808, +472,472,472,472,472,472,473,473,473,473,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,473,473,473,473,473,473,473,473, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,472,472, +472,472,472,472,472,472,472,472,472,472,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,473,473,473,473,473,473,473,473, +473,473,473,473,472,472,472,472,472,472,472,472,472,472,472,472, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,473,473, +473,473,473,473,473,473,473,473,473,473,473,473,473,473,473,473, /* block 222 */ -808,808,808,808,808,808,808,808,808,808,808,808,808,808,808,808, -808,808,808,808,808,808,808,808,808,808,808,808,808,808,808,808, -808,808,808,808,808,808,808,808,808,808,808,808,808,808,808,808, -808,808,808,808,808,808,808,808,808,808,808,808,808,808,808,808, -808,808,808,808,808,115,115,809,809,809,809,809,809,809,809,809, -810,810,810,810,810,810,810,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +473,473,473,473,473,473,473,473,472,472,472,472,472,472,472,472, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,472,472, +472,472,473,473,473,473,473,473,473,473,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,473,473,473,473,472,472,472,472, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,472,472, +472,472,472,472,472,472,473,473,473,473,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,473,473,473,473,473,473,473,473, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,472,472, /* block 223 */ -811,811,811,811,811,811,811,811,811,811,811,811,811,811,811,811, -811,811,811,811,811,811,811,811,811,811,811,811,811,811,811,811, -811,811,812,812,812,812,812,812,812,812,812,812,812,812,812,812, -812,812,812,812,812,812,812,812,812,812,812,812,812,812,812,812, -812,812,812,812,813,813,813,813,813,813,813,115,115,115,115,115, -814,814,814,814,814,814,814,814,814,814,115,115,115,115,815,815, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +472,472,472,472,472,472,472,472,472,472,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,473,473,473,473,473,473,473,473, +473,473,473,473,473,473,116,116,472,472,472,472,472,472,472,472, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,472,472, +472, 8,473,473,473,473,473,473,473,473,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,473,473,473, 8,473,473,473,473, +473,473,472,472,472,472,472,472,472,472,472,472,472,472,472,472, +472,472,472,472,472,472,472,472,472,472,472, 8,473,473,473,473, /* block 224 */ -216,216,216,216,115,216,216,216,216,216,216,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,216,216,216,216, -115,216,216,115,216,115,115,216,115,216,216,216,216,216,216,216, -216,216,216,115,216,216,216,216,115,216,115,216,115,115,115,115, -115,115,216,115,115,115,115,216,115,216,115,216,115,216,216,216, -115,216,216,115,216,115,115,216,115,216,115,216,115,216,115,216, -115,216,216,115,216,115,115,216,216,216,216,115,216,216,216,216, -216,216,216,115,216,216,216,216,115,216,216,216,216,115,216,115, +473,473,473,473,473,473,473,473,473,473,473,473,473,473,473,473, +473,473,473,473,473, 8,473,473,473,473,473,473,472,472,472,472, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,472,472, +472,472,472,472,472, 8,473,473,473,473,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,473,473,473,473,473,473,473, 8, +473,473,473,473,473,473,472,472,472,472,472,472,472,472,472,472, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,472, 8, +473,473,473,473,473,473,473,473,473,473,473,473,473,473,473,473, /* block 225 */ -216,216,216,216,216,216,216,216,216,216,115,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,115,115,115,115, -115,216,216,216,115,216,216,216,216,216,115,216,216,216,216,216, -216,216,216,216,216,216,216,216,216,216,216,216,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -210,210,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +473,473,473,473,473,473,473,473,473, 8,473,473,473,473,473,473, +472,472,472,472,472,472,472,472,472,472,472,472,472,472,472,472, +472,472,472,472,472,472,472,472,472, 8,473,473,473,473,473,473, +473,473,473,473,473,473,473,473,473,473,473,473,473,473,473,473, +473,473,473, 8,473,473,473,473,473,473,472,473,116,116, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, + 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, /* block 226 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, +837,837,837,837,837,837,837,837,837,837,837,837,837,837,837,837, +837,837,837,837,837,837,837,837,837,837,837,837,837,837,837,837, +837,837,837,837,837,837,837,837,837,837,837,837,837,837,837,837, +837,837,837,837,837,837,837,837,837,837,837,837,837,837,837,837, +837,837,837,837,837,837,837,837,837,837,837,837,837,837,837,837, +837,837,837,837,837,837,837,837,837,837,837,837,837,837,837,837, +837,837,837,837,837,837,837,837,837,837,837,837,837,837,837,837, +837,837,837,837,837,837,837,837,837,837,837,837,837,837,837,837, /* block 227 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19,115,115,115,115,115,115,115,115,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115, -115, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, -115, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, -115, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19,115,115,115,115,115,115,115,115,115,115, +838,838,838,838,838,838,838,838,838,838,838,838,838,838,838,838, +838,838,838,838,838,838,838,838,838,838,838,838,838,838,838,838, +838,838,838,838,838,838,838,838,838,838,838,838,838,838,838,838, +838,838,838,838,838,838,838,837,837,837,837,838,838,838,838,838, +838,838,838,838,838,838,838,838,838,838,838,838,838,838,838,838, +838,838,838,838,838,838,838,838,838,838,838,838,838,838,838,838, +838,838,838,838,838,838,838,838,838,838,838,838,838,837,837,837, +837,837,837,837,837,838,837,837,837,837,837,837,837,837,837,837, /* block 228 */ - 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, 23,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, +837,837,837,837,838,837,837,839,839,839,839,839,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,838,838,838,838,838, +116,838,838,838,838,838,838,838,838,838,838,838,838,838,838,838, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 229 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,816,816,816,816,816,816,816,816,816,816, -816,816,816,816,816,816,816,816,816,816,816,816,816,816,816,816, +840,840,840,840,840,840,840,116,840,840,840,840,840,840,840,840, +840,840,840,840,840,840,840,840,840,116,116,840,840,840,840,840, +840,840,116,840,840,116,840,840,840,840,840,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 230 */ -817, 19, 19,115,115,115,115,115,115,115,115,115,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115,115,115,115, - 19, 19,115,115,115,115,115,115,115,115,115,115,115,115,115,115, - 19, 19, 19, 19, 19, 19,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +841,841,841,841,841,841,841,841,841,841,841,841,841,841,841,841, +841,841,841,841,841,841,841,841,841,841,841,841,841,841,841,841, +841,841,841,841,841,841,841,841,841,841,841,841,841,841,841,841, +841,841,841,841,841,841,841,841,841,841,841,841,841,841,841,841, +841,841,841,841,841,841,841,841,841,841,841,841,841,841,841,841, +841,841,841,841,841,841,841,841,841,841,841,841,841,841,841,841, +841,841,841,841,841,841,841,841,841,841,841,841,841,841,841,841, +841,841,841,841,841,841,841,841,841,841,841,841,841,841,841,841, /* block 231 */ - 19, 19, 19, 19, 19, 19, 19, 19,479, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,479, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19,479, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, +841,841,841,841,841,841,841,841,841,841,841,841,841,841,841,841, +841,841,841,841,841,841,841,841,841,841,841,841,841,841,841,841, +841,841,841,841,841,841,841,841,841,841,841,841,841,841,841,841, +841,841,841,841,841,841,841,841,841,841,841,841,841,841,841,841, +841,841,841,841,841,116,116,842,842,842,842,842,842,842,842,842, +843,843,843,843,843,843,843,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 232 */ - 19, 19, 19, 19, 19,478, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19,479, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19,479, 19, 19, 19,479, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19,478,478,478, 19, 19,478, 19, 19,478,478,478, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,479, 19,479, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,818,818,818,818,818, +844,844,844,844,844,844,844,844,844,844,844,844,844,844,844,844, +844,844,844,844,844,844,844,844,844,844,844,844,844,844,844,844, +844,844,845,845,845,845,845,845,845,845,845,845,845,845,845,845, +845,845,845,845,845,845,845,845,845,845,845,845,845,845,845,845, +845,845,845,845,846,846,846,846,846,846,846,116,116,116,116,116, +847,847,847,847,847,847,847,847,847,847,116,116,116,116,848,848, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 233 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19,478,478, 19, 19,478,478,478,478,478,478,478,478,478,478, -478, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19,819,819,819,819, 19, 19, 19, 19,478, 19, -478,478,478,478,478,478,478,478,478, 19, 19, 19,478, 19, 19, 19, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, /* block 234 */ - 19,478,478,478, 19,478,478,478, 19, 19, 19,479, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,478, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,479,479, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 19, 24, 24, 24, + 5, 24, 24, 24, 24,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 235 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19,479, 19, 19, 19, 19,479, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19,478,478, 19, 19, 19, 19,478, 19, 19, 19, 19, 19, +217,217,217,217,116,217,217,217,217,217,217,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,217,217,217,217, +116,217,217,116,217,116,116,217,116,217,217,217,217,217,217,217, +217,217,217,116,217,217,217,217,116,217,116,217,116,116,116,116, +116,116,217,116,116,116,116,217,116,217,116,217,116,217,217,217, +116,217,217,116,217,116,116,217,116,217,116,217,116,217,116,217, +116,217,217,116,217,116,116,217,217,217,217,116,217,217,217,217, +217,217,217,116,217,217,217,217,116,217,217,217,217,116,217,116, /* block 236 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, -478, 19, 19, 19, 19,478,478, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19,479, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, +217,217,217,217,217,217,217,217,217,217,116,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,116,116,116,116, +116,217,217,217,116,217,217,217,217,217,116,217,217,217,217,217, +217,217,217,217,217,217,217,217,217,217,217,217,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +211,211,116,116,116,116,116,116,116,116,116,116,116,116,116,116, /* block 237 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19,478,478,478, 19, 19, 19,478,478,478,478,478, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,849,849,849,849, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, /* block 238 */ -479, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19,479, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19,478, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19,478,478,478, 19, 19, 19, 19, 19, 19, 19, 19, 19, -478, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,478, 19, 19, 19, - 19, 19, 19, 19, 19,115,115,115,115,115,115,115,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115,115,115,115, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20,849,849,849,849,849,849,849,849,849,849,849,849, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,849, +849, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, +849, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, +849, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20,849,849,849,849,849,849,849,849,849,849, /* block 239 */ + 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,849,849,849, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 20, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19,115,115,115,115,115,115,115,115,115,115,115,115, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,849,849,849,849, + 20, 20, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 20, 20, /* block 240 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 20, 19, + 19, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,850,850,850,850,850,850,850,850,850,850, +850,850,850,850,850,850,850,850,850,850,850,850,850,850,850,850, /* block 241 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, +851, 20, 20,849,849,849,849,849,849,849,849,849,849,849,849,849, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 20, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 20, + 19, 19, 20, 20, 20, 20, 20, 20, 20, 20, 20, 19,849,849,849,849, + 19, 19, 19, 19, 19, 19, 19, 19, 19,849,849,849,849,849,849,849, + 20, 20,849,849,849,849,849,849,849,849,849,849,849,849,849,849, + 20, 20, 20, 20, 20, 20,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, /* block 242 */ - 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, /* block 243 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19,478,478,478,478,478, 19,478,478, - 19, 19, 19, 19, 19, 19,478, 19, 19, 19, 19, 19, 19, 19, 19, 19, -478,478,478,478,478,478,478,478,478,478, 19, 19, 19,478,478,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, /* block 244 */ - 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, - 19, 19, 19, 19, 19, 19, 19, 19,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, - 19,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, - 19,478,478,478,478,478,478,478,478,478,478,478,478,478, 19, 19, - 19, 19, 19, 19, 19, 19, 19,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,852,852,852,852,852, /* block 245 */ -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 19, 19, + 19, 19, 19, 19, 19, 19, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, /* block 246 */ -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,115,115,115,115,115,115,115,115,115,115,115, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, /* block 247 */ -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,115,115, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20,849,849,849,849,849,849,849,849,849,849,849, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,849,849,849, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,849,849,849,849,849,849, /* block 248 */ -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19,849,849,849,849,849,849,849,849,849,849,849,849, /* block 249 */ -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 20, 20, 20, 20,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, /* block 250 */ -515,515,515,515,515,515,515,515,515,515,515,515,515,515,515,515, -515,515,515,515,515,515,515,515,515,515,515,515,515,515,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, -115,115,115,115,115,115,115,115,115,115,115,115,115,115,115,115, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,849,849,849,849, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19,849,849,849,849,849,849,849,849, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,849,849,849,849,849,849, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, /* block 251 */ -465, 22,465,465,465,465,465,465,465,465,465,465,465,465,465,465, -465,465,465,465,465,465,465,465,465,465,465,465,465,465,465,465, -820,820,820,820,820,820,820,820,820,820,820,820,820,820,820,820, -820,820,820,820,820,820,820,820,820,820,820,820,820,820,820,820, -820,820,820,820,820,820,820,820,820,820,820,820,820,820,820,820, -820,820,820,820,820,820,820,820,820,820,820,820,820,820,820,820, -820,820,820,820,820,820,820,820,820,820,820,820,820,820,820,820, -820,820,820,820,820,820,820,820,820,820,820,820,820,820,820,820, + 19, 19, 19, 19, 19, 19, 19, 19,849,849,849,849,849,849,849,849, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, /* block 252 */ -465,465,465,465,465,465,465,465,465,465,465,465,465,465,465,465, -465,465,465,465,465,465,465,465,465,465,465,465,465,465,465,465, -465,465,465,465,465,465,465,465,465,465,465,465,465,465,465,465, -465,465,465,465,465,465,465,465,465,465,465,465,465,465,465,465, -465,465,465,465,465,465,465,465,465,465,465,465,465,465,465,465, -465,465,465,465,465,465,465,465,465,465,465,465,465,465,465,465, -465,465,465,465,465,465,465,465,465,465,465,465,465,465,465,465, -465,465,465,465,465,465,465,465,465,465,465,465,465,465,465,465, + 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19,849,849,849,849, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 19, 20, 20, 20,849, + 20, 20, 20, 20, 20, 20, 19, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20,849,849, 20, 20, 20, 20,849,849,849, 20,849, 20, 20, 20, 20, /* block 253 */ -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20,849,849,849,849,849,849,849,849,849,849,849,849,849, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,849,849,849,849,849,849, + 20, 20, 20,849,849,849,849,849,849,849,849,849,849,849,849,849, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, /* block 254 */ -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -110,110,110,110,110,110,110,110,110,110,110,110,110,110,110,110, -465,465,465,465,465,465,465,465,465,465,465,465,465,465,465,465, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, + 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, /* block 255 */ -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,589,589, -589,589,589,589,589,589,589,589,589,589,589,589,589,589,115,115, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,849,849, +849,849,849,849,849,849,849,849,849,849,849,849,849,849,116,116, + +/* block 256 */ +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, + +/* block 257 */ +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,116,116,116,116,116,116,116,116,116,116,116, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, + +/* block 258 */ +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,116,116, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, + +/* block 259 */ +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, + +/* block 260 */ +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, + +/* block 261 */ +523,523,523,523,523,523,523,523,523,523,523,523,523,523,523,523, +523,523,523,523,523,523,523,523,523,523,523,523,523,523,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, +116,116,116,116,116,116,116,116,116,116,116,116,116,116,116,116, + +/* block 262 */ +471, 23,471,471,471,471,471,471,471,471,471,471,471,471,471,471, +471,471,471,471,471,471,471,471,471,471,471,471,471,471,471,471, +853,853,853,853,853,853,853,853,853,853,853,853,853,853,853,853, +853,853,853,853,853,853,853,853,853,853,853,853,853,853,853,853, +853,853,853,853,853,853,853,853,853,853,853,853,853,853,853,853, +853,853,853,853,853,853,853,853,853,853,853,853,853,853,853,853, +853,853,853,853,853,853,853,853,853,853,853,853,853,853,853,853, +853,853,853,853,853,853,853,853,853,853,853,853,853,853,853,853, + +/* block 263 */ +471,471,471,471,471,471,471,471,471,471,471,471,471,471,471,471, +471,471,471,471,471,471,471,471,471,471,471,471,471,471,471,471, +471,471,471,471,471,471,471,471,471,471,471,471,471,471,471,471, +471,471,471,471,471,471,471,471,471,471,471,471,471,471,471,471, +471,471,471,471,471,471,471,471,471,471,471,471,471,471,471,471, +471,471,471,471,471,471,471,471,471,471,471,471,471,471,471,471, +471,471,471,471,471,471,471,471,471,471,471,471,471,471,471,471, +471,471,471,471,471,471,471,471,471,471,471,471,471,471,471,471, + +/* block 264 */ +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, + +/* block 265 */ +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +111,111,111,111,111,111,111,111,111,111,111,111,111,111,111,111, +471,471,471,471,471,471,471,471,471,471,471,471,471,471,471,471, + +/* block 266 */ +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,597,597, +597,597,597,597,597,597,597,597,597,597,597,597,597,597,116,116, }; diff --git a/thirdparty/pcre2/src/pcre2_ucp.h b/thirdparty/pcre2/src/pcre2_ucp.h index defba4c10e..0c330edcb2 100644 --- a/thirdparty/pcre2/src/pcre2_ucp.h +++ b/thirdparty/pcre2/src/pcre2_ucp.h @@ -7,7 +7,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel Original API code Copyright (c) 1997-2012 University of Cambridge - New API code Copyright (c) 2016 University of Cambridge + New API code Copyright (c) 2016-2018 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -100,27 +100,25 @@ enum { ucp_Zs /* Space separator */ }; -/* These are grapheme break properties. */ +/* These are grapheme break properties. The Extended Pictographic property +comes from the emoji-data.txt file. */ enum { - ucp_gbCR, /* 0 */ - ucp_gbLF, /* 1 */ - ucp_gbControl, /* 2 */ - ucp_gbExtend, /* 3 */ - ucp_gbPrepend, /* 4 */ - ucp_gbSpacingMark, /* 5 */ - ucp_gbL, /* 6 Hangul syllable type L */ - ucp_gbV, /* 7 Hangul syllable type V */ - ucp_gbT, /* 8 Hangul syllable type T */ - ucp_gbLV, /* 9 Hangul syllable type LV */ - ucp_gbLVT, /* 10 Hangul syllable type LVT */ - ucp_gbRegionalIndicator, /* 11 */ - ucp_gbOther, /* 12 */ - ucp_gbE_Base, /* 13 */ - ucp_gbE_Modifier, /* 14 */ - ucp_gbE_Base_GAZ, /* 15 */ - ucp_gbZWJ, /* 16 */ - ucp_gbGlue_After_Zwj /* 17 */ + ucp_gbCR, /* 0 */ + ucp_gbLF, /* 1 */ + ucp_gbControl, /* 2 */ + ucp_gbExtend, /* 3 */ + ucp_gbPrepend, /* 4 */ + ucp_gbSpacingMark, /* 5 */ + ucp_gbL, /* 6 Hangul syllable type L */ + ucp_gbV, /* 7 Hangul syllable type V */ + ucp_gbT, /* 8 Hangul syllable type T */ + ucp_gbLV, /* 9 Hangul syllable type LV */ + ucp_gbLVT, /* 10 Hangul syllable type LVT */ + ucp_gbRegionalIndicator, /* 11 */ + ucp_gbOther, /* 12 */ + ucp_gbZWJ, /* 13 */ + ucp_gbExtended_Pictographic /* 14 */ }; /* These are the script identifications. */ @@ -274,7 +272,15 @@ enum { ucp_Masaram_Gondi, ucp_Nushu, ucp_Soyombo, - ucp_Zanabazar_Square + ucp_Zanabazar_Square, + /* New for Unicode 11.0.0 */ + ucp_Dogra, + ucp_Gunjala_Gondi, + ucp_Hanifi_Rohingya, + ucp_Makasar, + ucp_Medefaidrin, + ucp_Old_Sogdian, + ucp_Sogdian }; #endif /* PCRE2_UCP_H_IDEMPOTENT_GUARD */ diff --git a/thirdparty/pcre2/src/sljit/sljitConfigInternal.h b/thirdparty/pcre2/src/sljit/sljitConfigInternal.h index e13282c842..f5703e8e7f 100644 --- a/thirdparty/pcre2/src/sljit/sljitConfigInternal.h +++ b/thirdparty/pcre2/src/sljit/sljitConfigInternal.h @@ -66,7 +66,7 @@ SLJIT_RETURN_ADDRESS_OFFSET : a return instruction always adds this offset to the return address Other macros: - SLJIT_FUNC : calling convention attribute for both calling JIT form C and C calling back from JIT + SLJIT_FUNC : calling convention attribute for both calling JIT from C and C calling back from JIT SLJIT_W(number) : defining 64 bit constants on 64 bit architectures (compiler independent helper) */ @@ -147,17 +147,23 @@ #define SLJIT_CONFIG_UNSUPPORTED 1 #endif -#else /* !_WIN32 */ +#else /* _WIN32 */ #if defined(_M_X64) || defined(__x86_64__) #define SLJIT_CONFIG_X86_64 1 +#elif (defined(_M_ARM) && _M_ARM >= 7 && defined(_M_ARMT)) || defined(__thumb2__) +#define SLJIT_CONFIG_ARM_THUMB2 1 +#elif (defined(_M_ARM) && _M_ARM >= 7) +#define SLJIT_CONFIG_ARM_V7 1 #elif defined(_ARM_) #define SLJIT_CONFIG_ARM_V5 1 +#elif defined(_M_ARM64) || defined(__aarch64__) +#define SLJIT_CONFIG_ARM_64 1 #else #define SLJIT_CONFIG_X86_32 1 #endif -#endif /* !WIN32 */ +#endif /* !_WIN32 */ #endif /* SLJIT_CONFIG_AUTO */ #if (defined SLJIT_CONFIG_UNSUPPORTED && SLJIT_CONFIG_UNSUPPORTED) @@ -324,6 +330,11 @@ sparc_cache_flush((from), (to)) #define SLJIT_CACHE_FLUSH_OWN_IMPL 1 +#elif defined _WIN32 + +#define SLJIT_CACHE_FLUSH(from, to) \ + FlushInstructionCache(GetCurrentProcess(), (char*)(from), (char*)(to) - (char*)(from)) + #else /* Calls __ARM_NR_cacheflush on ARM-Linux. */ @@ -371,12 +382,18 @@ typedef int sljit_sw; #define SLJIT_64BIT_ARCHITECTURE 1 #define SLJIT_WORD_SHIFT 3 #ifdef _WIN32 +#ifdef __GNUC__ +/* These types do not require windows.h */ +typedef unsigned long long sljit_uw; +typedef long long sljit_sw; +#else typedef unsigned __int64 sljit_uw; typedef __int64 sljit_sw; -#else +#endif +#else /* !_WIN32 */ typedef unsigned long int sljit_uw; typedef long int sljit_sw; -#endif +#endif /* _WIN32 */ #endif typedef sljit_uw sljit_p; @@ -590,7 +607,7 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_sw sljit_exec_offset(void* ptr); #define SLJIT_NUMBER_OF_REGISTERS 26 #define SLJIT_NUMBER_OF_SAVED_REGISTERS 10 -#define SLJIT_LOCALS_OFFSET_BASE (2 * sizeof(sljit_sw)) +#define SLJIT_LOCALS_OFFSET_BASE 0 #elif (defined SLJIT_CONFIG_PPC && SLJIT_CONFIG_PPC) diff --git a/thirdparty/pcre2/src/sljit/sljitExecAllocator.c b/thirdparty/pcre2/src/sljit/sljitExecAllocator.c index f5009788f6..7c18578618 100644 --- a/thirdparty/pcre2/src/sljit/sljitExecAllocator.c +++ b/thirdparty/pcre2/src/sljit/sljitExecAllocator.c @@ -99,7 +99,14 @@ static SLJIT_INLINE void* alloc_chunk(sljit_uw size) void *retval; #ifdef MAP_ANON - retval = mmap(NULL, size, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_PRIVATE | MAP_ANON, -1, 0); + + int flags = MAP_PRIVATE | MAP_ANON; + +#ifdef MAP_JIT + flags |= MAP_JIT; +#endif + + retval = mmap(NULL, size, PROT_READ | PROT_WRITE | PROT_EXEC, flags, -1, 0); #else if (dev_zero < 0) { if (open_dev_zero()) diff --git a/thirdparty/pcre2/src/sljit/sljitLir.c b/thirdparty/pcre2/src/sljit/sljitLir.c index 5e435f0154..5bdddc10cf 100644 --- a/thirdparty/pcre2/src/sljit/sljitLir.c +++ b/thirdparty/pcre2/src/sljit/sljitLir.c @@ -26,6 +26,13 @@ #include "sljitLir.h" +#ifdef _WIN32 + +/* For SLJIT_CACHE_FLUSH, which can expand to FlushInstructionCache. */ +#include <windows.h> + +#endif /* _WIN32 */ + #if !(defined SLJIT_STD_MACROS_DEFINED && SLJIT_STD_MACROS_DEFINED) /* These libraries are needed for the macros below. */ @@ -2178,7 +2185,8 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_fmem(struct sljit_compiler *compil #endif -#if !(defined SLJIT_CONFIG_X86 && SLJIT_CONFIG_X86) +#if !(defined SLJIT_CONFIG_X86 && SLJIT_CONFIG_X86) \ + && !(defined SLJIT_CONFIG_ARM_64 && SLJIT_CONFIG_ARM_64) SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_get_local_base(struct sljit_compiler *compiler, sljit_s32 dst, sljit_sw dstw, sljit_sw offset) { diff --git a/thirdparty/pcre2/src/sljit/sljitLir.h b/thirdparty/pcre2/src/sljit/sljitLir.h index 920f6d4f78..e71890cf7b 100644 --- a/thirdparty/pcre2/src/sljit/sljitLir.h +++ b/thirdparty/pcre2/src/sljit/sljitLir.h @@ -138,7 +138,7 @@ of sljitConfigInternal.h */ be specified as scratch registers and the fifth one as saved register on the CPU above and any user code which requires four scratch registers can run unmodified. The SLJIT compiler automatically saves - the content of the two extra scrath register on the stack. Scratch + the content of the two extra scratch register on the stack. Scratch registers can also be preserved by saving their value on the stack but this needs to be done manually. @@ -746,7 +746,7 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_fast_return(struct sljit_compiler be mixed. The only exception is SLJIT_MOV32 and SLJIT_MOVU32 whose source register can hold any 32 or 64 bit value, and it is converted to a 32 bit compatible format first. This conversion is free (no instructions are - emitted) on most CPUs. A 32 bit value can also be coverted to a 64 bit + emitted) on most CPUs. A 32 bit value can also be converted to a 64 bit value by SLJIT_MOV_S32 (sign extension) or SLJIT_MOV_U32 (zero extension). Note: memory addressing always uses 64 bit values on 64 bit systems so @@ -773,8 +773,8 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_fast_return(struct sljit_compiler */ #define SLJIT_F32_OP SLJIT_I32_OP -/* Many CPUs (x86, ARM, PPC) has status flags which can be set according - to the result of an operation. Other CPUs (MIPS) does not have status +/* Many CPUs (x86, ARM, PPC) have status flags which can be set according + to the result of an operation. Other CPUs (MIPS) do not have status flags, and results must be stored in registers. To cover both architecture types efficiently only two flags are defined by SLJIT: @@ -810,14 +810,14 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_fast_return(struct sljit_compiler Using these flags can reduce the number of emitted instructions. E.g. a fast loop can be implemented by decreasing a counter register and set the - zero flag to jump back if the counter register is not reached zero. + zero flag to jump back if the counter register has not reached zero. Motivation: although CPUs can set a large number of flags, usually their values are ignored or only one of them is used. Emulating a large number of flags on systems without flag register is complicated so SLJIT instructions must specify the flag they want to use and only that flag will be emulated. The last arithmetic instruction can be repeated if - multiple flags needs to be checked. + multiple flags need to be checked. */ /* Set Zero status flag. */ @@ -884,7 +884,7 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_op0(struct sljit_compiler *compile /* Starting index of opcodes for sljit_emit_op1. */ #define SLJIT_OP1_BASE 32 -/* The MOV instruction transfer data from source to destination. +/* The MOV instruction transfers data from source to destination. MOV instruction suffixes: @@ -1156,7 +1156,7 @@ SLJIT_API_FUNC_ATTRIBUTE struct sljit_label* sljit_emit_label(struct sljit_compi #define SLJIT_FAST_CALL 25 /* Called function must be declared with the SLJIT_FUNC attribute. */ #define SLJIT_CALL 26 - /* Called function must be decalred with cdecl attribute. + /* Called function must be declared with cdecl attribute. This is the default attribute for C functions. */ #define SLJIT_CALL_CDECL 27 @@ -1210,7 +1210,7 @@ SLJIT_API_FUNC_ATTRIBUTE void sljit_set_label(struct sljit_jump *jump, struct sl /* Set the destination address of the jump to this label. */ SLJIT_API_FUNC_ATTRIBUTE void sljit_set_target(struct sljit_jump *jump, sljit_uw target); -/* Emit an indirect jump or fast call. Both direct and indirect form +/* Emit an indirect jump or fast call. Direct form: set src to SLJIT_IMM() and srcw to the address Indirect form: any other valid addressing mode type must be between SLJIT_JUMP and SLJIT_FAST_CALL @@ -1274,7 +1274,7 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_cmov(struct sljit_compiler *compil #define SLJIT_MEM_POST 0x1000 /* Emit a single memory load or store with update instruction. When the - requested instruction from is not supported by the CPU, it returns + requested instruction form is not supported by the CPU, it returns with SLJIT_ERR_UNSUPPORTED instead of emulating the instruction. This allows specializing tight loops based on the supported instruction forms (see SLJIT_MEM_SUPP flag). diff --git a/thirdparty/pcre2/src/sljit/sljitNativeARM_64.c b/thirdparty/pcre2/src/sljit/sljitNativeARM_64.c index 8a437bd6a0..27af741487 100644 --- a/thirdparty/pcre2/src/sljit/sljitNativeARM_64.c +++ b/thirdparty/pcre2/src/sljit/sljitNativeARM_64.c @@ -37,14 +37,14 @@ typedef sljit_u32 sljit_ins; #define TMP_REG1 (SLJIT_NUMBER_OF_REGISTERS + 2) #define TMP_REG2 (SLJIT_NUMBER_OF_REGISTERS + 3) #define TMP_LR (SLJIT_NUMBER_OF_REGISTERS + 4) -#define TMP_SP (SLJIT_NUMBER_OF_REGISTERS + 5) +#define TMP_FP (SLJIT_NUMBER_OF_REGISTERS + 5) #define TMP_FREG1 (SLJIT_NUMBER_OF_FLOAT_REGISTERS + 1) #define TMP_FREG2 (SLJIT_NUMBER_OF_FLOAT_REGISTERS + 2) /* r18 - platform register, currently not used */ static const sljit_u8 reg_map[SLJIT_NUMBER_OF_REGISTERS + 8] = { - 31, 0, 1, 2, 3, 4, 5, 6, 7, 11, 12, 13, 14, 15, 16, 17, 8, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 29, 9, 10, 30, 31 + 31, 0, 1, 2, 3, 4, 5, 6, 7, 11, 12, 13, 14, 15, 16, 17, 8, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 31, 9, 10, 30, 29 }; static const sljit_u8 freg_map[SLJIT_NUMBER_OF_FLOAT_REGISTERS + 3] = { @@ -68,6 +68,7 @@ static const sljit_u8 freg_map[SLJIT_NUMBER_OF_FLOAT_REGISTERS + 3] = { #define ADC 0x9a000000 #define ADD 0x8b000000 +#define ADDE 0x8b200000 #define ADDI 0x91000000 #define AND 0x8a000000 #define ANDI 0x92000000 @@ -96,7 +97,8 @@ static const sljit_u8 freg_map[SLJIT_NUMBER_OF_FLOAT_REGISTERS + 3] = { #define FSUB 0x1e603800 #define LDRI 0xf9400000 #define LDP 0xa9400000 -#define LDP_PST 0xa8c00000 +#define LDP_PRE 0xa9c00000 +#define LDR_PRE 0xf8400c00 #define LSLV 0x9ac02000 #define LSRV 0x9ac02400 #define MADD 0x9b000000 @@ -873,73 +875,51 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_enter(struct sljit_compiler *compi CHECK(check_sljit_emit_enter(compiler, options, arg_types, scratches, saveds, fscratches, fsaveds, local_size)); set_emit_enter(compiler, options, arg_types, scratches, saveds, fscratches, fsaveds, local_size); - saved_regs_size = GET_SAVED_REGISTERS_SIZE(scratches, saveds, 0); - local_size += saved_regs_size + SLJIT_LOCALS_OFFSET; + saved_regs_size = GET_SAVED_REGISTERS_SIZE(scratches, saveds, 2); + if (saved_regs_size & 0x8) + saved_regs_size += sizeof(sljit_sw); + local_size = (local_size + 15) & ~0xf; - compiler->local_size = local_size; - - if (local_size <= (63 * sizeof(sljit_sw))) { - FAIL_IF(push_inst(compiler, STP_PRE | 29 | RT2(TMP_LR) - | RN(TMP_SP) | ((-(local_size >> 3) & 0x7f) << 15))); - FAIL_IF(push_inst(compiler, ADDI | RD(SLJIT_SP) | RN(TMP_SP) | (0 << 10))); - offs = (local_size - saved_regs_size) << (15 - 3); - } else { - offs = 0 << 15; - if (saved_regs_size & 0x8) { - offs = 1 << 15; - saved_regs_size += sizeof(sljit_sw); - } - local_size -= saved_regs_size + SLJIT_LOCALS_OFFSET; - if (saved_regs_size > 0) - FAIL_IF(push_inst(compiler, SUBI | RD(TMP_SP) | RN(TMP_SP) | (saved_regs_size << 10))); - } + compiler->local_size = local_size + saved_regs_size; + + FAIL_IF(push_inst(compiler, STP_PRE | RT(TMP_FP) | RT2(TMP_LR) + | RN(SLJIT_SP) | ((-(saved_regs_size >> 3) & 0x7f) << 15))); + +#ifdef _WIN32 + if (local_size >= 4096) + FAIL_IF(push_inst(compiler, SUBI | RD(TMP_REG1) | RN(SLJIT_SP) | (1 << 10) | (1 << 22))); + else if (local_size > 256) + FAIL_IF(push_inst(compiler, SUBI | RD(TMP_REG1) | RN(SLJIT_SP) | (local_size << 10))); +#endif tmp = saveds < SLJIT_NUMBER_OF_SAVED_REGISTERS ? (SLJIT_S0 + 1 - saveds) : SLJIT_FIRST_SAVED_REG; prev = -1; + offs = 2 << 15; for (i = SLJIT_S0; i >= tmp; i--) { if (prev == -1) { - if (!(offs & (1 << 15))) { - prev = i; - continue; - } - FAIL_IF(push_inst(compiler, STRI | RT(i) | RN(TMP_SP) | (offs >> 5))); - offs += 1 << 15; + prev = i; continue; } - FAIL_IF(push_inst(compiler, STP | RT(prev) | RT2(i) | RN(TMP_SP) | offs)); + FAIL_IF(push_inst(compiler, STP | RT(prev) | RT2(i) | RN(SLJIT_SP) | offs)); offs += 2 << 15; prev = -1; } for (i = scratches; i >= SLJIT_FIRST_SAVED_REG; i--) { if (prev == -1) { - if (!(offs & (1 << 15))) { - prev = i; - continue; - } - FAIL_IF(push_inst(compiler, STRI | RT(i) | RN(TMP_SP) | (offs >> 5))); - offs += 1 << 15; + prev = i; continue; } - FAIL_IF(push_inst(compiler, STP | RT(prev) | RT2(i) | RN(TMP_SP) | offs)); + FAIL_IF(push_inst(compiler, STP | RT(prev) | RT2(i) | RN(SLJIT_SP) | offs)); offs += 2 << 15; prev = -1; } - SLJIT_ASSERT(prev == -1); + if (prev != -1) + FAIL_IF(push_inst(compiler, STRI | RT(prev) | RN(SLJIT_SP) | (offs >> 5))); - if (compiler->local_size > (63 * sizeof(sljit_sw))) { - /* The local_size is already adjusted by the saved registers. */ - if (local_size > 0xfff) { - FAIL_IF(push_inst(compiler, SUBI | RD(TMP_SP) | RN(TMP_SP) | ((local_size >> 12) << 10) | (1 << 22))); - local_size &= 0xfff; - } - if (local_size) - FAIL_IF(push_inst(compiler, SUBI | RD(TMP_SP) | RN(TMP_SP) | (local_size << 10))); - FAIL_IF(push_inst(compiler, STP_PRE | 29 | RT2(TMP_LR) - | RN(TMP_SP) | ((-(16 >> 3) & 0x7f) << 15))); - FAIL_IF(push_inst(compiler, ADDI | RD(SLJIT_SP) | RN(TMP_SP) | (0 << 10))); - } + + FAIL_IF(push_inst(compiler, ADDI | RD(TMP_FP) | RN(SLJIT_SP) | (0 << 10))); args = get_arg_count(arg_types); @@ -950,6 +930,64 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_enter(struct sljit_compiler *compi if (args >= 3) FAIL_IF(push_inst(compiler, ORR | RD(SLJIT_S2) | RN(TMP_ZERO) | RM(SLJIT_R2))); +#ifdef _WIN32 + if (local_size >= 4096) { + if (local_size < 4 * 4096) { + /* No need for a loop. */ + if (local_size >= 2 * 4096) { + FAIL_IF(push_inst(compiler, LDRI | RT(TMP_ZERO) | RN(TMP_REG1))); + FAIL_IF(push_inst(compiler, SUBI | RD(TMP_REG1) | RN(TMP_REG1) | (1 << 10) | (1 << 22))); + local_size -= 4096; + } + + if (local_size >= 2 * 4096) { + FAIL_IF(push_inst(compiler, LDRI | RT(TMP_ZERO) | RN(TMP_REG1))); + FAIL_IF(push_inst(compiler, SUBI | RD(TMP_REG1) | RN(TMP_REG1) | (1 << 10) | (1 << 22))); + local_size -= 4096; + } + + FAIL_IF(push_inst(compiler, LDRI | RT(TMP_ZERO) | RN(TMP_REG1))); + local_size -= 4096; + } + else { + FAIL_IF(push_inst(compiler, MOVZ | RD(TMP_REG2) | (((local_size >> 12) - 1) << 5))); + FAIL_IF(push_inst(compiler, LDRI | RT(TMP_ZERO) | RN(TMP_REG1))); + FAIL_IF(push_inst(compiler, SUBI | RD(TMP_REG1) | RN(TMP_REG1) | (1 << 10) | (1 << 22))); + FAIL_IF(push_inst(compiler, SUBI | (1 << 29) | RD(TMP_REG2) | RN(TMP_REG2) | (1 << 10))); + FAIL_IF(push_inst(compiler, B_CC | ((((sljit_ins) -3) & 0x7ffff) << 5) | 0x1 /* not-equal */)); + FAIL_IF(push_inst(compiler, LDRI | RT(TMP_ZERO) | RN(TMP_REG1))); + + local_size &= 0xfff; + } + + if (local_size > 256) { + FAIL_IF(push_inst(compiler, SUBI | RD(TMP_REG1) | RN(TMP_REG1) | (local_size << 10))); + FAIL_IF(push_inst(compiler, LDRI | RT(TMP_ZERO) | RN(TMP_REG1))); + } + else if (local_size > 0) + FAIL_IF(push_inst(compiler, LDR_PRE | RT(TMP_ZERO) | RN(TMP_REG1) | ((-local_size & 0x1ff) << 12))); + + FAIL_IF(push_inst(compiler, ADDI | RD(SLJIT_SP) | RN(TMP_REG1) | (0 << 10))); + } + else if (local_size > 256) { + FAIL_IF(push_inst(compiler, LDRI | RT(TMP_ZERO) | RN(TMP_REG1))); + FAIL_IF(push_inst(compiler, ADDI | RD(SLJIT_SP) | RN(TMP_REG1) | (0 << 10))); + } + else if (local_size > 0) + FAIL_IF(push_inst(compiler, LDR_PRE | RT(TMP_ZERO) | RN(SLJIT_SP) | ((-local_size & 0x1ff) << 12))); + +#else /* !_WIN32 */ + + /* The local_size does not include saved registers size. */ + if (local_size > 0xfff) { + FAIL_IF(push_inst(compiler, SUBI | RD(SLJIT_SP) | RN(SLJIT_SP) | ((local_size >> 12) << 10) | (1 << 22))); + local_size &= 0xfff; + } + if (local_size != 0) + FAIL_IF(push_inst(compiler, SUBI | RD(SLJIT_SP) | RN(SLJIT_SP) | (local_size << 10))); + +#endif /* _WIN32 */ + return SLJIT_SUCCESS; } @@ -957,13 +995,17 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_set_context(struct sljit_compiler *comp sljit_s32 options, sljit_s32 arg_types, sljit_s32 scratches, sljit_s32 saveds, sljit_s32 fscratches, sljit_s32 fsaveds, sljit_s32 local_size) { + sljit_s32 saved_regs_size; + CHECK_ERROR(); CHECK(check_sljit_set_context(compiler, options, arg_types, scratches, saveds, fscratches, fsaveds, local_size)); set_set_context(compiler, options, arg_types, scratches, saveds, fscratches, fsaveds, local_size); - local_size += GET_SAVED_REGISTERS_SIZE(scratches, saveds, 0) + SLJIT_LOCALS_OFFSET; - local_size = (local_size + 15) & ~0xf; - compiler->local_size = local_size; + saved_regs_size = GET_SAVED_REGISTERS_SIZE(scratches, saveds, 2); + if (saved_regs_size & 0x8) + saved_regs_size += sizeof(sljit_sw); + + compiler->local_size = saved_regs_size + ((local_size + 15) & ~0xf); return SLJIT_SUCCESS; } @@ -977,71 +1019,59 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_return(struct sljit_compiler *comp FAIL_IF(emit_mov_before_return(compiler, op, src, srcw)); - local_size = compiler->local_size; + saved_regs_size = GET_SAVED_REGISTERS_SIZE(compiler->scratches, compiler->saveds, 2); + if (saved_regs_size & 0x8) + saved_regs_size += sizeof(sljit_sw); - saved_regs_size = GET_SAVED_REGISTERS_SIZE(compiler->scratches, compiler->saveds, 0); - if (local_size <= (63 * sizeof(sljit_sw))) - offs = (local_size - saved_regs_size) << (15 - 3); + local_size = compiler->local_size - saved_regs_size; + + /* Load LR as early as possible. */ + if (local_size == 0) + FAIL_IF(push_inst(compiler, LDP | RT(TMP_FP) | RT2(TMP_LR) | RN(SLJIT_SP))); + else if (local_size < 63 * sizeof(sljit_sw)) { + FAIL_IF(push_inst(compiler, LDP_PRE | RT(TMP_FP) | RT2(TMP_LR) + | RN(SLJIT_SP) | (local_size << (15 - 3)))); + } else { - FAIL_IF(push_inst(compiler, LDP_PST | 29 | RT2(TMP_LR) - | RN(TMP_SP) | (((16 >> 3) & 0x7f) << 15))); - offs = 0 << 15; - if (saved_regs_size & 0x8) { - offs = 1 << 15; - saved_regs_size += sizeof(sljit_sw); - } - local_size -= saved_regs_size + SLJIT_LOCALS_OFFSET; if (local_size > 0xfff) { - FAIL_IF(push_inst(compiler, ADDI | RD(TMP_SP) | RN(TMP_SP) | ((local_size >> 12) << 10) | (1 << 22))); + FAIL_IF(push_inst(compiler, ADDI | RD(SLJIT_SP) | RN(SLJIT_SP) | ((local_size >> 12) << 10) | (1 << 22))); local_size &= 0xfff; } if (local_size) - FAIL_IF(push_inst(compiler, ADDI | RD(TMP_SP) | RN(TMP_SP) | (local_size << 10))); + FAIL_IF(push_inst(compiler, ADDI | RD(SLJIT_SP) | RN(SLJIT_SP) | (local_size << 10))); + + FAIL_IF(push_inst(compiler, LDP | RT(TMP_FP) | RT2(TMP_LR) | RN(SLJIT_SP))); } tmp = compiler->saveds < SLJIT_NUMBER_OF_SAVED_REGISTERS ? (SLJIT_S0 + 1 - compiler->saveds) : SLJIT_FIRST_SAVED_REG; prev = -1; + offs = 2 << 15; for (i = SLJIT_S0; i >= tmp; i--) { if (prev == -1) { - if (!(offs & (1 << 15))) { - prev = i; - continue; - } - FAIL_IF(push_inst(compiler, LDRI | RT(i) | RN(TMP_SP) | (offs >> 5))); - offs += 1 << 15; + prev = i; continue; } - FAIL_IF(push_inst(compiler, LDP | RT(prev) | RT2(i) | RN(TMP_SP) | offs)); + FAIL_IF(push_inst(compiler, LDP | RT(prev) | RT2(i) | RN(SLJIT_SP) | offs)); offs += 2 << 15; prev = -1; } for (i = compiler->scratches; i >= SLJIT_FIRST_SAVED_REG; i--) { if (prev == -1) { - if (!(offs & (1 << 15))) { - prev = i; - continue; - } - FAIL_IF(push_inst(compiler, LDRI | RT(i) | RN(TMP_SP) | (offs >> 5))); - offs += 1 << 15; + prev = i; continue; } - FAIL_IF(push_inst(compiler, LDP | RT(prev) | RT2(i) | RN(TMP_SP) | offs)); + FAIL_IF(push_inst(compiler, LDP | RT(prev) | RT2(i) | RN(SLJIT_SP) | offs)); offs += 2 << 15; prev = -1; } - SLJIT_ASSERT(prev == -1); + if (prev != -1) + FAIL_IF(push_inst(compiler, LDRI | RT(prev) | RN(SLJIT_SP) | (offs >> 5))); - if (compiler->local_size <= (63 * sizeof(sljit_sw))) { - FAIL_IF(push_inst(compiler, LDP_PST | 29 | RT2(TMP_LR) - | RN(TMP_SP) | (((local_size >> 3) & 0x7f) << 15))); - } else if (saved_regs_size > 0) { - FAIL_IF(push_inst(compiler, ADDI | RD(TMP_SP) | RN(TMP_SP) | (saved_regs_size << 10))); - } - - FAIL_IF(push_inst(compiler, RET | RN(TMP_LR))); - return SLJIT_SUCCESS; + /* These two can be executed in parallel. */ + FAIL_IF(push_inst(compiler, ADDI | RD(SLJIT_SP) | RN(SLJIT_SP) | (saved_regs_size << 10))); + return push_inst(compiler, RET | RN(TMP_LR)); } /* --------------------------------------------------------------------- */ @@ -1856,6 +1886,46 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_fmem(struct sljit_compiler *compil return push_inst(compiler, inst | VT(freg) | RN(mem & REG_MASK) | ((memw & 0x1ff) << 12)); } +SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_get_local_base(struct sljit_compiler *compiler, sljit_s32 dst, sljit_sw dstw, sljit_sw offset) +{ + sljit_s32 dst_reg; + sljit_ins ins; + + CHECK_ERROR(); + CHECK(check_sljit_get_local_base(compiler, dst, dstw, offset)); + + SLJIT_ASSERT (SLJIT_LOCALS_OFFSET_BASE == 0); + + dst_reg = FAST_IS_REG(dst) ? dst : TMP_REG1; + + if (offset <= 0xffffff && offset >= -0xffffff) { + ins = ADDI; + if (offset < 0) { + offset = -offset; + ins = SUBI; + } + + if (offset <= 0xfff) + FAIL_IF(push_inst(compiler, ins | RD(dst_reg) | RN(SLJIT_SP) | (offset << 10))); + else { + FAIL_IF(push_inst(compiler, ins | RD(dst_reg) | RN(SLJIT_SP) | ((offset & 0xfff000) >> (12 - 10)) | (1 << 22))); + + offset &= 0xfff; + if (offset != 0) + FAIL_IF(push_inst(compiler, ins | RD(dst_reg) | RN(dst_reg) | (offset << 10))); + } + } + else { + FAIL_IF(load_immediate (compiler, dst_reg, offset)); + /* Add extended register form. */ + FAIL_IF(push_inst(compiler, ADDE | (0x3 << 13) | RD(dst_reg) | RN(SLJIT_SP) | RM(dst_reg))); + } + + if (SLJIT_UNLIKELY(dst & SLJIT_MEM)) + return emit_op_mem(compiler, WORD_SIZE | STORE, dst_reg, dst, dstw, TMP_REG1); + return SLJIT_SUCCESS; +} + SLJIT_API_FUNC_ATTRIBUTE struct sljit_const* sljit_emit_const(struct sljit_compiler *compiler, sljit_s32 dst, sljit_sw dstw, sljit_sw init_value) { struct sljit_const *const_; diff --git a/thirdparty/pcre2/src/sljit/sljitNativeARM_T2_32.c b/thirdparty/pcre2/src/sljit/sljitNativeARM_T2_32.c index 75e7a38b5f..d7024b6d7d 100644 --- a/thirdparty/pcre2/src/sljit/sljitNativeARM_T2_32.c +++ b/thirdparty/pcre2/src/sljit/sljitNativeARM_T2_32.c @@ -110,6 +110,7 @@ static const sljit_u8 freg_map[SLJIT_NUMBER_OF_FLOAT_REGISTERS + 3] = { #define ASRSI 0x1000 #define ASR_W 0xfa40f000 #define ASR_WI 0xea4f0020 +#define BCC 0xd000 #define BICI 0xf0200000 #define BKPT 0xbe00 #define BLX 0x4780 @@ -125,6 +126,7 @@ static const sljit_u8 freg_map[SLJIT_NUMBER_OF_FLOAT_REGISTERS + 3] = { #define EORS 0x4040 #define EOR_W 0xea800000 #define IT 0xbf00 +#define LDRI 0xf8500800 #define LSLS 0x4080 #define LSLSI 0x0000 #define LSL_W 0xfa00f000 @@ -158,6 +160,7 @@ static const sljit_u8 freg_map[SLJIT_NUMBER_OF_FLOAT_REGISTERS + 3] = { #define SBCI 0xf1600000 #define SBCS 0x4180 #define SBC_W 0xeb600000 +#define SDIV 0xfb90f0f0 #define SMULL 0xfb800000 #define STR_SP 0x9000 #define SUBS 0x1a00 @@ -172,6 +175,7 @@ static const sljit_u8 freg_map[SLJIT_NUMBER_OF_FLOAT_REGISTERS + 3] = { #define SXTH 0xb200 #define SXTH_W 0xfa0ff080 #define TST 0x4200 +#define UDIV 0xfbb0f0f0 #define UMULL 0xfba00000 #define UXTB 0xb2c0 #define UXTB_W 0xfa5ff080 @@ -339,8 +343,8 @@ static SLJIT_INLINE void set_jump_instruction(struct sljit_jump *jump, sljit_sw /* Really complex instruction form for branches. */ s = (diff >> 23) & 0x1; - j1 = (~(diff >> 21) ^ s) & 0x1; - j2 = (~(diff >> 22) ^ s) & 0x1; + j1 = (~(diff >> 22) ^ s) & 0x1; + j2 = (~(diff >> 21) ^ s) & 0x1; jump_inst[0] = 0xf000 | (s << 10) | COPY_BITS(diff, 11, 0, 10); jump_inst[1] = (j1 << 13) | (j2 << 11) | (diff & 0x7ff); @@ -520,6 +524,8 @@ static sljit_s32 load_immediate(struct sljit_compiler *compiler, sljit_s32 dst, { sljit_uw tmp; + /* MOVS cannot be used since it destroy flags. */ + if (imm >= 0x10000) { tmp = get_imm(imm); if (tmp != INVALID_IMM) @@ -1032,6 +1038,9 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_enter(struct sljit_compiler *compi { sljit_s32 args, size, i, tmp; sljit_ins push = 0; +#ifdef _WIN32 + sljit_uw imm; +#endif CHECK_ERROR(); CHECK(check_sljit_emit_enter(compiler, options, arg_types, scratches, saveds, fscratches, fsaveds, local_size)); @@ -1052,12 +1061,25 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_enter(struct sljit_compiler *compi size = GET_SAVED_REGISTERS_SIZE(scratches, saveds, 1); local_size = ((size + local_size + 7) & ~7) - size; compiler->local_size = local_size; + +#ifdef _WIN32 + if (local_size >= 256) { + if (local_size > 4096) + imm = get_imm(4096); + else + imm = get_imm(local_size & ~0xff); + + SLJIT_ASSERT(imm != INVALID_IMM); + FAIL_IF(push_inst32(compiler, SUB_WI | RD4(TMP_REG1) | RN4(SLJIT_SP) | imm)); + } +#else if (local_size > 0) { if (local_size <= (127 << 2)) FAIL_IF(push_inst16(compiler, SUB_SP | (local_size >> 2))); else FAIL_IF(emit_op_imm(compiler, SLJIT_SUB | ARG2_IMM, SLJIT_SP, SLJIT_SP, local_size)); } +#endif args = get_arg_count(arg_types); @@ -1068,6 +1090,61 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_enter(struct sljit_compiler *compi if (args >= 3) FAIL_IF(push_inst16(compiler, MOV | SET_REGS44(SLJIT_S2, SLJIT_R2))); +#ifdef _WIN32 + if (local_size >= 256) { + if (local_size > 4096) { + imm = get_imm(4096); + SLJIT_ASSERT(imm != INVALID_IMM); + + if (local_size < 4 * 4096) { + if (local_size > 2 * 4096) { + FAIL_IF(push_inst32(compiler, LDRI | 0x400 | RT4(TMP_REG2) | RN4(TMP_REG1))); + FAIL_IF(push_inst32(compiler, SUB_WI | RD4(TMP_REG1) | RN4(TMP_REG1) | imm)); + local_size -= 4096; + } + + if (local_size > 2 * 4096) { + FAIL_IF(push_inst32(compiler, LDRI | 0x400 | RT4(TMP_REG2) | RN4(TMP_REG1))); + FAIL_IF(push_inst32(compiler, SUB_WI | RD4(TMP_REG1) | RN4(TMP_REG1) | imm)); + local_size -= 4096; + } + + FAIL_IF(push_inst32(compiler, LDRI | 0x400 | RT4(TMP_REG2) | RN4(TMP_REG1))); + local_size -= 4096; + + SLJIT_ASSERT(local_size > 0); + } + else { + FAIL_IF(load_immediate(compiler, SLJIT_R3, (local_size >> 12) - 1)); + FAIL_IF(push_inst32(compiler, LDRI | 0x400 | RT4(TMP_REG2) | RN4(TMP_REG1))); + FAIL_IF(push_inst32(compiler, SUB_WI | RD4(TMP_REG1) | RN4(TMP_REG1) | imm)); + SLJIT_ASSERT(reg_map[SLJIT_R3] < 7); + FAIL_IF(push_inst16(compiler, SUBSI8 | RDN3(SLJIT_R3) | 1)); + FAIL_IF(push_inst16(compiler, BCC | (0x1 << 8) /* not-equal */ | (-7 & 0xff))); + + local_size &= 0xfff; + + if (local_size != 0) + FAIL_IF(push_inst32(compiler, LDRI | 0x400 | RT4(TMP_REG2) | RN4(TMP_REG1))); + } + + if (local_size >= 256) { + imm = get_imm(local_size & ~0xff); + SLJIT_ASSERT(imm != INVALID_IMM); + + FAIL_IF(push_inst32(compiler, SUB_WI | RD4(TMP_REG1) | RN4(TMP_REG1) | imm)); + } + } + + local_size &= 0xff; + FAIL_IF(push_inst32(compiler, LDRI | 0x400 | (local_size > 0 ? 0x100 : 0) | RT4(TMP_REG2) | RN4(TMP_REG1) | local_size)); + + FAIL_IF(push_inst16(compiler, MOV | SET_REGS44(SLJIT_SP, TMP_REG1))); + } + else if (local_size > 0) + FAIL_IF(push_inst32(compiler, LDRI | 0x500 | RT4(TMP_REG1) | RN4(SLJIT_SP) | local_size)); +#endif + return SLJIT_SUCCESS; } @@ -1119,11 +1196,16 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_return(struct sljit_compiler *comp /* Operators */ /* --------------------------------------------------------------------- */ +#if !(defined __ARM_FEATURE_IDIV) && !(defined __ARM_ARCH_EXT_IDIV__) + #ifdef __cplusplus extern "C" { #endif -#if defined(__GNUC__) +#ifdef _WIN32 +extern unsigned long long __rt_udiv(unsigned int denominator, unsigned int numerator); +extern long long __rt_sdiv(int denominator, int numerator); +#elif defined(__GNUC__) extern unsigned int __aeabi_uidivmod(unsigned int numerator, int unsigned denominator); extern int __aeabi_idivmod(int numerator, int denominator); #else @@ -1134,10 +1216,14 @@ extern int __aeabi_idivmod(int numerator, int denominator); } #endif +#endif /* !__ARM_FEATURE_IDIV && !__ARM_ARCH_EXT_IDIV__ */ + SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_op0(struct sljit_compiler *compiler, sljit_s32 op) { +#if !(defined __ARM_FEATURE_IDIV) && !(defined __ARM_ARCH_EXT_IDIV__) sljit_sw saved_reg_list[3]; sljit_sw saved_reg_count; +#endif CHECK_ERROR(); CHECK(check_sljit_emit_op0(compiler, op)); @@ -1155,6 +1241,17 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_op0(struct sljit_compiler *compile | (reg_map[SLJIT_R0] << 12) | (reg_map[SLJIT_R0] << 16) | reg_map[SLJIT_R1]); +#if (defined __ARM_FEATURE_IDIV) || (defined __ARM_ARCH_EXT_IDIV__) + case SLJIT_DIVMOD_UW: + case SLJIT_DIVMOD_SW: + FAIL_IF(push_inst16(compiler, MOV | SET_REGS44(TMP_REG1, SLJIT_R0))); + FAIL_IF(push_inst32(compiler, (op == SLJIT_DIVMOD_UW ? UDIV : SDIV) | RD4(SLJIT_R0) | RN4(SLJIT_R0) | RM4(SLJIT_R1))); + FAIL_IF(push_inst32(compiler, MUL | RD4(SLJIT_R1) | RN4(SLJIT_R0) | RM4(SLJIT_R1))); + return push_inst32(compiler, SUB_W | RD4(SLJIT_R1) | RN4(TMP_REG1) | RM4(SLJIT_R1)); + case SLJIT_DIV_UW: + case SLJIT_DIV_SW: + return push_inst32(compiler, (op == SLJIT_DIV_UW ? UDIV : SDIV) | RD4(SLJIT_R0) | RN4(SLJIT_R0) | RM4(SLJIT_R1)); +#else /* !__ARM_FEATURE_IDIV && !__ARM_ARCH_EXT_IDIV__ */ case SLJIT_DIVMOD_UW: case SLJIT_DIVMOD_SW: case SLJIT_DIV_UW: @@ -1183,7 +1280,13 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_op0(struct sljit_compiler *compile } } -#if defined(__GNUC__) +#ifdef _WIN32 + FAIL_IF(push_inst16(compiler, MOV | SET_REGS44(TMP_REG1, SLJIT_R0))); + FAIL_IF(push_inst16(compiler, MOV | SET_REGS44(SLJIT_R0, SLJIT_R1))); + FAIL_IF(push_inst16(compiler, MOV | SET_REGS44(SLJIT_R1, TMP_REG1))); + FAIL_IF(sljit_emit_ijump(compiler, SLJIT_FAST_CALL, SLJIT_IMM, + ((op | 0x2) == SLJIT_DIV_UW ? SLJIT_FUNC_OFFSET(__rt_udiv) : SLJIT_FUNC_OFFSET(__rt_sdiv)))); +#elif defined(__GNUC__) FAIL_IF(sljit_emit_ijump(compiler, SLJIT_FAST_CALL, SLJIT_IMM, ((op | 0x2) == SLJIT_DIV_UW ? SLJIT_FUNC_OFFSET(__aeabi_uidivmod) : SLJIT_FUNC_OFFSET(__aeabi_idivmod)))); #else @@ -1203,6 +1306,7 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_op0(struct sljit_compiler *compile | (saved_reg_list[0] << 12) /* ldr rX, [sp], #8/16 */); } return SLJIT_SUCCESS; +#endif /* __ARM_FEATURE_IDIV || __ARM_ARCH_EXT_IDIV__ */ } return SLJIT_SUCCESS; diff --git a/thirdparty/pcre2/src/sljit/sljitNativeMIPS_32.c b/thirdparty/pcre2/src/sljit/sljitNativeMIPS_32.c index 9f9e157a05..094c9923bc 100644 --- a/thirdparty/pcre2/src/sljit/sljitNativeMIPS_32.c +++ b/thirdparty/pcre2/src/sljit/sljitNativeMIPS_32.c @@ -448,7 +448,7 @@ static sljit_s32 call_with_args(struct sljit_compiler *compiler, sljit_s32 arg_t sljit_ins ins = NOP; sljit_u8 offsets[4]; - SLJIT_ASSERT(reg_map[TMP_REG3] == 4 && freg_map[TMP_FREG1] == 12); + SLJIT_ASSERT(reg_map[TMP_REG1] == 4 && freg_map[TMP_FREG1] == 12); arg_types >>= SLJIT_DEF_SHIFT; @@ -516,7 +516,7 @@ static sljit_s32 call_with_args(struct sljit_compiler *compiler, sljit_s32 arg_t else if (arg_count != word_arg_count) ins = ADDU | S(word_arg_count) | TA(0) | DA(4 + (offsets[arg_count - 1] >> 2)); else if (arg_count == 1) - ins = ADDU | S(SLJIT_R0) | TA(0) | D(TMP_REG3); + ins = ADDU | S(SLJIT_R0) | TA(0) | DA(4); arg_count--; word_arg_count--; diff --git a/thirdparty/pcre2/src/sljit/sljitNativeMIPS_64.c b/thirdparty/pcre2/src/sljit/sljitNativeMIPS_64.c index ff6f048659..f841aef5dd 100644 --- a/thirdparty/pcre2/src/sljit/sljitNativeMIPS_64.c +++ b/thirdparty/pcre2/src/sljit/sljitNativeMIPS_64.c @@ -547,7 +547,7 @@ static sljit_s32 call_with_args(struct sljit_compiler *compiler, sljit_s32 arg_t sljit_ins prev_ins = NOP; sljit_ins ins = NOP; - SLJIT_ASSERT(reg_map[TMP_REG3] == 4 && freg_map[TMP_FREG1] == 12); + SLJIT_ASSERT(reg_map[TMP_REG1] == 4 && freg_map[TMP_FREG1] == 12); arg_types >>= SLJIT_DEF_SHIFT; @@ -591,7 +591,7 @@ static sljit_s32 call_with_args(struct sljit_compiler *compiler, sljit_s32 arg_t if (arg_count != word_arg_count) ins = DADDU | S(word_arg_count) | TA(0) | D(arg_count); else if (arg_count == 1) - ins = DADDU | S(SLJIT_R0) | TA(0) | D(TMP_REG3); + ins = DADDU | S(SLJIT_R0) | TA(0) | DA(4); arg_count--; word_arg_count--; break; diff --git a/thirdparty/pcre2/src/sljit/sljitNativeMIPS_common.c b/thirdparty/pcre2/src/sljit/sljitNativeMIPS_common.c index e108433f70..894e21304b 100644 --- a/thirdparty/pcre2/src/sljit/sljitNativeMIPS_common.c +++ b/thirdparty/pcre2/src/sljit/sljitNativeMIPS_common.c @@ -57,14 +57,14 @@ typedef sljit_u32 sljit_ins; #define RETURN_ADDR_REG 31 /* Flags are kept in volatile registers. */ -#define EQUAL_FLAG 31 +#define EQUAL_FLAG 3 #define OTHER_FLAG 1 #define TMP_FREG1 (SLJIT_NUMBER_OF_FLOAT_REGISTERS + 1) #define TMP_FREG2 (SLJIT_NUMBER_OF_FLOAT_REGISTERS + 2) static const sljit_u8 reg_map[SLJIT_NUMBER_OF_REGISTERS + 5] = { - 0, 2, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 24, 23, 22, 21, 20, 19, 18, 17, 16, 29, 3, 25, 4 + 0, 2, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 24, 23, 22, 21, 20, 19, 18, 17, 16, 29, 4, 25, 31 }; #if (defined SLJIT_CONFIG_MIPS_32 && SLJIT_CONFIG_MIPS_32) @@ -612,16 +612,17 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_enter(struct sljit_compiler *compi /* Frequent case. */ FAIL_IF(push_inst(compiler, ADDIU_W | S(SLJIT_SP) | T(SLJIT_SP) | IMM(-local_size), DR(SLJIT_SP))); base = S(SLJIT_SP); + offs = local_size - (sljit_sw)sizeof(sljit_sw); } else { - FAIL_IF(load_immediate(compiler, DR(TMP_REG1), local_size)); + FAIL_IF(load_immediate(compiler, DR(OTHER_FLAG), local_size)); FAIL_IF(push_inst(compiler, ADDU_W | S(SLJIT_SP) | TA(0) | D(TMP_REG2), DR(TMP_REG2))); - FAIL_IF(push_inst(compiler, SUBU_W | S(SLJIT_SP) | T(TMP_REG1) | D(SLJIT_SP), DR(SLJIT_SP))); + FAIL_IF(push_inst(compiler, SUBU_W | S(SLJIT_SP) | T(OTHER_FLAG) | D(SLJIT_SP), DR(SLJIT_SP))); base = S(TMP_REG2); local_size = 0; + offs = -(sljit_sw)sizeof(sljit_sw); } - offs = local_size - (sljit_sw)(sizeof(sljit_sw)); FAIL_IF(push_inst(compiler, STACK_STORE | base | TA(RETURN_ADDR_REG) | IMM(offs), MOVABLE_INS)); tmp = saveds < SLJIT_NUMBER_OF_SAVED_REGISTERS ? (SLJIT_S0 + 1 - saveds) : SLJIT_FIRST_SAVED_REG; @@ -805,7 +806,8 @@ static sljit_s32 getput_arg(struct sljit_compiler *compiler, sljit_s32 flags, sl if ((flags & MEM_MASK) <= GPR_REG && (flags & LOAD_DATA)) { tmp_ar = reg_ar; delay_slot = reg_ar; - } else { + } + else { tmp_ar = DR(TMP_REG1); delay_slot = MOVABLE_INS; } @@ -881,11 +883,39 @@ static sljit_s32 getput_arg(struct sljit_compiler *compiler, sljit_s32 flags, sl static SLJIT_INLINE sljit_s32 emit_op_mem(struct sljit_compiler *compiler, sljit_s32 flags, sljit_s32 reg_ar, sljit_s32 arg, sljit_sw argw) { + sljit_s32 tmp_ar, base, delay_slot; + if (getput_arg_fast(compiler, flags, reg_ar, arg, argw)) return compiler->error; - compiler->cache_arg = 0; - compiler->cache_argw = 0; - return getput_arg(compiler, flags, reg_ar, arg, argw, 0, 0); + + if ((flags & MEM_MASK) <= GPR_REG && (flags & LOAD_DATA)) { + tmp_ar = reg_ar; + delay_slot = reg_ar; + } + else { + tmp_ar = DR(TMP_REG1); + delay_slot = MOVABLE_INS; + } + base = arg & REG_MASK; + + if (SLJIT_UNLIKELY(arg & OFFS_REG_MASK)) { + argw &= 0x3; + + if (SLJIT_UNLIKELY(argw)) { + FAIL_IF(push_inst(compiler, SLL_W | T(OFFS_REG(arg)) | DA(tmp_ar) | SH_IMM(argw), tmp_ar)); + FAIL_IF(push_inst(compiler, ADDU_W | S(base) | TA(tmp_ar) | DA(tmp_ar), tmp_ar)); + } + else + FAIL_IF(push_inst(compiler, ADDU_W | S(base) | T(OFFS_REG(arg)) | DA(tmp_ar), tmp_ar)); + return push_inst(compiler, data_transfer_insts[flags & MEM_MASK] | SA(tmp_ar) | TA(reg_ar), delay_slot); + } + + FAIL_IF(load_immediate(compiler, tmp_ar, argw)); + + if (base != 0) + FAIL_IF(push_inst(compiler, ADDU_W | S(base) | TA(tmp_ar) | DA(tmp_ar), tmp_ar)); + + return push_inst(compiler, data_transfer_insts[flags & MEM_MASK] | SA(tmp_ar) | TA(reg_ar), delay_slot); } static SLJIT_INLINE sljit_s32 emit_op_mem2(struct sljit_compiler *compiler, sljit_s32 flags, sljit_s32 reg, sljit_s32 arg1, sljit_sw arg1w, sljit_s32 arg2, sljit_sw arg2w) diff --git a/thirdparty/pcre2/src/sljit/sljitNativeX86_32.c b/thirdparty/pcre2/src/sljit/sljitNativeX86_32.c index 8a83e273a4..074e64b9f2 100644 --- a/thirdparty/pcre2/src/sljit/sljitNativeX86_32.c +++ b/thirdparty/pcre2/src/sljit/sljitNativeX86_32.c @@ -123,34 +123,38 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_enter(struct sljit_compiler *compi #if (defined SLJIT_X86_32_FASTCALL && SLJIT_X86_32_FASTCALL) if (args > 0) { - *inst++ = MOV_r_rm; - *inst++ = MOD_REG | (reg_map[SLJIT_S0] << 3) | reg_map[SLJIT_R2]; + inst[0] = MOV_r_rm; + inst[1] = MOD_REG | (reg_map[SLJIT_S0] << 3) | reg_map[SLJIT_R2]; + inst += 2; } if (args > 1) { - *inst++ = MOV_r_rm; - *inst++ = MOD_REG | (reg_map[SLJIT_S1] << 3) | reg_map[SLJIT_R1]; + inst[0] = MOV_r_rm; + inst[1] = MOD_REG | (reg_map[SLJIT_S1] << 3) | reg_map[SLJIT_R1]; + inst += 2; } if (args > 2) { - *inst++ = MOV_r_rm; - *inst++ = MOD_DISP8 | (reg_map[SLJIT_S2] << 3) | 0x4 /* esp */; - *inst++ = 0x24; - *inst++ = sizeof(sljit_sw) * (3 + 2); /* saveds >= 3 as well. */ + inst[0] = MOV_r_rm; + inst[1] = MOD_DISP8 | (reg_map[SLJIT_S2] << 3) | 0x4 /* esp */; + inst[2] = 0x24; + inst[3] = sizeof(sljit_sw) * (3 + 2); /* saveds >= 3 as well. */ } #else if (args > 0) { - *inst++ = MOV_r_rm; - *inst++ = MOD_DISP8 | (reg_map[SLJIT_S0] << 3) | reg_map[TMP_REG1]; - *inst++ = sizeof(sljit_sw) * 2; + inst[0] = MOV_r_rm; + inst[1] = MOD_DISP8 | (reg_map[SLJIT_S0] << 3) | reg_map[TMP_REG1]; + inst[2] = sizeof(sljit_sw) * 2; + inst += 3; } if (args > 1) { - *inst++ = MOV_r_rm; - *inst++ = MOD_DISP8 | (reg_map[SLJIT_S1] << 3) | reg_map[TMP_REG1]; - *inst++ = sizeof(sljit_sw) * 3; + inst[0] = MOV_r_rm; + inst[1] = MOD_DISP8 | (reg_map[SLJIT_S1] << 3) | reg_map[TMP_REG1]; + inst[2] = sizeof(sljit_sw) * 3; + inst += 3; } if (args > 2) { - *inst++ = MOV_r_rm; - *inst++ = MOD_DISP8 | (reg_map[SLJIT_S2] << 3) | reg_map[TMP_REG1]; - *inst++ = sizeof(sljit_sw) * 4; + inst[0] = MOV_r_rm; + inst[1] = MOD_DISP8 | (reg_map[SLJIT_S2] << 3) | reg_map[TMP_REG1]; + inst[2] = sizeof(sljit_sw) * 4; } #endif @@ -170,17 +174,36 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_enter(struct sljit_compiler *compi compiler->local_size = local_size; #ifdef _WIN32 - if (local_size > 1024) { -#if (defined SLJIT_X86_32_FASTCALL && SLJIT_X86_32_FASTCALL) - FAIL_IF(emit_do_imm(compiler, MOV_r_i32 + reg_map[SLJIT_R0], local_size)); -#else - /* Space for a single argument. This amount is excluded when the stack is allocated below. */ - local_size -= sizeof(sljit_sw); - FAIL_IF(emit_do_imm(compiler, MOV_r_i32 + reg_map[SLJIT_R0], local_size)); - FAIL_IF(emit_non_cum_binary(compiler, BINARY_OPCODE(SUB), - SLJIT_SP, 0, SLJIT_SP, 0, SLJIT_IMM, sizeof(sljit_sw))); -#endif - FAIL_IF(sljit_emit_icall(compiler, SLJIT_CALL, SLJIT_ARG1(SW), SLJIT_IMM, SLJIT_FUNC_OFFSET(sljit_grow_stack))); + if (local_size > 0) { + if (local_size <= 4 * 4096) { + if (local_size > 4096) + EMIT_MOV(compiler, TMP_REG1, 0, SLJIT_MEM1(SLJIT_SP), -4096); + if (local_size > 2 * 4096) + EMIT_MOV(compiler, TMP_REG1, 0, SLJIT_MEM1(SLJIT_SP), -4096 * 2); + if (local_size > 3 * 4096) + EMIT_MOV(compiler, TMP_REG1, 0, SLJIT_MEM1(SLJIT_SP), -4096 * 3); + } + else { + EMIT_MOV(compiler, SLJIT_R0, 0, SLJIT_SP, 0); + EMIT_MOV(compiler, SLJIT_R1, 0, SLJIT_IMM, (local_size - 1) >> 12); + + SLJIT_ASSERT (reg_map[SLJIT_R0] == 0); + + EMIT_MOV(compiler, TMP_REG1, 0, SLJIT_MEM1(SLJIT_R0), -4096); + FAIL_IF(emit_non_cum_binary(compiler, BINARY_OPCODE(SUB), + SLJIT_R0, 0, SLJIT_R0, 0, SLJIT_IMM, 4096)); + FAIL_IF(emit_non_cum_binary(compiler, BINARY_OPCODE(SUB), + SLJIT_R1, 0, SLJIT_R1, 0, SLJIT_IMM, 1)); + + inst = (sljit_u8*)ensure_buf(compiler, 1 + 2); + FAIL_IF(!inst); + + INC_SIZE(2); + inst[0] = JNE_i8; + inst[1] = (sljit_s8) -16; + } + + EMIT_MOV(compiler, TMP_REG1, 0, SLJIT_MEM1(SLJIT_SP), -local_size); } #endif diff --git a/thirdparty/pcre2/src/sljit/sljitNativeX86_64.c b/thirdparty/pcre2/src/sljit/sljitNativeX86_64.c index 635ebd087c..8506565614 100644 --- a/thirdparty/pcre2/src/sljit/sljitNativeX86_64.c +++ b/thirdparty/pcre2/src/sljit/sljitNativeX86_64.c @@ -83,6 +83,8 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_enter(struct sljit_compiler *compi CHECK(check_sljit_emit_enter(compiler, options, arg_types, scratches, saveds, fscratches, fsaveds, local_size)); set_emit_enter(compiler, options, arg_types, scratches, saveds, fscratches, fsaveds, local_size); + compiler->mode32 = 0; + #ifdef _WIN64 /* Two/four register slots for parameters plus space for xmm6 register if needed. */ if (fscratches >= 6 || fsaveds >= 1) @@ -126,35 +128,39 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_enter(struct sljit_compiler *compi #ifndef _WIN64 if (args > 0) { - *inst++ = REX_W; - *inst++ = MOV_r_rm; - *inst++ = MOD_REG | (reg_map[SLJIT_S0] << 3) | 0x7 /* rdi */; + inst[0] = REX_W; + inst[1] = MOV_r_rm; + inst[2] = MOD_REG | (reg_map[SLJIT_S0] << 3) | 0x7 /* rdi */; + inst += 3; } if (args > 1) { - *inst++ = REX_W | REX_R; - *inst++ = MOV_r_rm; - *inst++ = MOD_REG | (reg_lmap[SLJIT_S1] << 3) | 0x6 /* rsi */; + inst[0] = REX_W | REX_R; + inst[1] = MOV_r_rm; + inst[2] = MOD_REG | (reg_lmap[SLJIT_S1] << 3) | 0x6 /* rsi */; + inst += 3; } if (args > 2) { - *inst++ = REX_W | REX_R; - *inst++ = MOV_r_rm; - *inst++ = MOD_REG | (reg_lmap[SLJIT_S2] << 3) | 0x2 /* rdx */; + inst[0] = REX_W | REX_R; + inst[1] = MOV_r_rm; + inst[2] = MOD_REG | (reg_lmap[SLJIT_S2] << 3) | 0x2 /* rdx */; } #else if (args > 0) { - *inst++ = REX_W; - *inst++ = MOV_r_rm; - *inst++ = MOD_REG | (reg_map[SLJIT_S0] << 3) | 0x1 /* rcx */; + inst[0] = REX_W; + inst[1] = MOV_r_rm; + inst[2] = MOD_REG | (reg_map[SLJIT_S0] << 3) | 0x1 /* rcx */; + inst += 3; } if (args > 1) { - *inst++ = REX_W; - *inst++ = MOV_r_rm; - *inst++ = MOD_REG | (reg_map[SLJIT_S1] << 3) | 0x2 /* rdx */; + inst[0] = REX_W; + inst[1] = MOV_r_rm; + inst[2] = MOD_REG | (reg_map[SLJIT_S1] << 3) | 0x2 /* rdx */; + inst += 3; } if (args > 2) { - *inst++ = REX_W | REX_B; - *inst++ = MOV_r_rm; - *inst++ = MOD_REG | (reg_map[SLJIT_S2] << 3) | 0x0 /* r8 */; + inst[0] = REX_W | REX_B; + inst[1] = MOV_r_rm; + inst[2] = MOD_REG | (reg_map[SLJIT_S2] << 3) | 0x0 /* r8 */; } #endif } @@ -163,58 +169,42 @@ SLJIT_API_FUNC_ATTRIBUTE sljit_s32 sljit_emit_enter(struct sljit_compiler *compi compiler->local_size = local_size; #ifdef _WIN64 - if (local_size > 1024) { - /* Allocate stack for the callback, which grows the stack. */ - inst = (sljit_u8*)ensure_buf(compiler, 1 + 4 + (3 + sizeof(sljit_s32))); - FAIL_IF(!inst); - INC_SIZE(4 + (3 + sizeof(sljit_s32))); - *inst++ = REX_W; - *inst++ = GROUP_BINARY_83; - *inst++ = MOD_REG | SUB | reg_map[SLJIT_SP]; - /* Allocated size for registers must be divisible by 8. */ - SLJIT_ASSERT(!(saved_register_size & 0x7)); - /* Aligned to 16 byte. */ - if (saved_register_size & 0x8) { - *inst++ = 5 * sizeof(sljit_sw); - local_size -= 5 * sizeof(sljit_sw); - } else { - *inst++ = 4 * sizeof(sljit_sw); - local_size -= 4 * sizeof(sljit_sw); - } - /* Second instruction */ - SLJIT_ASSERT(reg_map[SLJIT_R0] < 8); - *inst++ = REX_W; - *inst++ = MOV_rm_i32; - *inst++ = MOD_REG | reg_lmap[SLJIT_R0]; - sljit_unaligned_store_s32(inst, local_size); -#if (defined SLJIT_VERBOSE && SLJIT_VERBOSE) \ - || (defined SLJIT_ARGUMENT_CHECKS && SLJIT_ARGUMENT_CHECKS) - compiler->skip_checks = 1; -#endif - FAIL_IF(sljit_emit_icall(compiler, SLJIT_CALL, SLJIT_ARG1(SW), SLJIT_IMM, SLJIT_FUNC_OFFSET(sljit_grow_stack))); - } -#endif - if (local_size > 0) { - if (local_size <= 127) { - inst = (sljit_u8*)ensure_buf(compiler, 1 + 4); - FAIL_IF(!inst); - INC_SIZE(4); - *inst++ = REX_W; - *inst++ = GROUP_BINARY_83; - *inst++ = MOD_REG | SUB | reg_map[SLJIT_SP]; - *inst++ = local_size; + if (local_size <= 4 * 4096) { + if (local_size > 4096) + EMIT_MOV(compiler, TMP_REG1, 0, SLJIT_MEM1(SLJIT_SP), -4096); + if (local_size > 2 * 4096) + EMIT_MOV(compiler, TMP_REG1, 0, SLJIT_MEM1(SLJIT_SP), -4096 * 2); + if (local_size > 3 * 4096) + EMIT_MOV(compiler, TMP_REG1, 0, SLJIT_MEM1(SLJIT_SP), -4096 * 3); } else { - inst = (sljit_u8*)ensure_buf(compiler, 1 + 7); + EMIT_MOV(compiler, SLJIT_R0, 0, SLJIT_SP, 0); + EMIT_MOV(compiler, TMP_REG1, 0, SLJIT_IMM, (local_size - 1) >> 12); + + SLJIT_ASSERT (reg_map[SLJIT_R0] == 0); + + EMIT_MOV(compiler, TMP_REG2, 0, SLJIT_MEM1(SLJIT_R0), -4096); + FAIL_IF(emit_non_cum_binary(compiler, BINARY_OPCODE(SUB), + SLJIT_R0, 0, SLJIT_R0, 0, SLJIT_IMM, 4096)); + FAIL_IF(emit_non_cum_binary(compiler, BINARY_OPCODE(SUB), + TMP_REG1, 0, TMP_REG1, 0, SLJIT_IMM, 1)); + + inst = (sljit_u8*)ensure_buf(compiler, 1 + 2); FAIL_IF(!inst); - INC_SIZE(7); - *inst++ = REX_W; - *inst++ = GROUP_BINARY_81; - *inst++ = MOD_REG | SUB | reg_map[SLJIT_SP]; - sljit_unaligned_store_s32(inst, local_size); - inst += sizeof(sljit_s32); + + INC_SIZE(2); + inst[0] = JNE_i8; + inst[1] = (sljit_s8) -19; } + + EMIT_MOV(compiler, TMP_REG1, 0, SLJIT_MEM1(SLJIT_SP), -local_size); + } +#endif + + if (local_size > 0) { + FAIL_IF(emit_non_cum_binary(compiler, BINARY_OPCODE(SUB), + SLJIT_SP, 0, SLJIT_SP, 0, SLJIT_IMM, local_size)); } #ifdef _WIN64 diff --git a/thirdparty/pcre2/src/sljit/sljitNativeX86_common.c b/thirdparty/pcre2/src/sljit/sljitNativeX86_common.c index ab7b36adb2..6f02ee3e8b 100644 --- a/thirdparty/pcre2/src/sljit/sljitNativeX86_common.c +++ b/thirdparty/pcre2/src/sljit/sljitNativeX86_common.c @@ -669,23 +669,6 @@ static SLJIT_INLINE sljit_s32 emit_sse2_store(struct sljit_compiler *compiler, static SLJIT_INLINE sljit_s32 emit_sse2_load(struct sljit_compiler *compiler, sljit_s32 single, sljit_s32 dst, sljit_s32 src, sljit_sw srcw); -#ifdef _WIN32 -#include <malloc.h> - -static void SLJIT_FUNC sljit_grow_stack(sljit_sw local_size) -{ - /* Workaround for calling the internal _chkstk() function on Windows. - This function touches all 4k pages belongs to the requested stack space, - which size is passed in local_size. This is necessary on Windows where - the stack can only grow in 4k steps. However, this function just burn - CPU cycles if the stack is large enough. However, you don't know it in - advance, so it must always be called. I think this is a bad design in - general even if it has some reasons. */ - *(volatile sljit_s32*)alloca(local_size) = 0; -} - -#endif - #if (defined SLJIT_CONFIG_X86_32 && SLJIT_CONFIG_X86_32) #include "sljitNativeX86_32.c" #else diff --git a/thirdparty/rtaudio/RtAudio.cpp b/thirdparty/rtaudio/RtAudio.cpp deleted file mode 100644 index 04159776f7..0000000000 --- a/thirdparty/rtaudio/RtAudio.cpp +++ /dev/null @@ -1,10232 +0,0 @@ -#ifdef RTAUDIO_ENABLED // -GODOT- - -/************************************************************************/ -/*! \class RtAudio - \brief Realtime audio i/o C++ classes. - - RtAudio provides a common API (Application Programming Interface) - for realtime audio input/output across Linux (native ALSA, Jack, - and OSS), Macintosh OS X (CoreAudio and Jack), and Windows - (DirectSound, ASIO and WASAPI) operating systems. - - RtAudio WWW site: http://www.music.mcgill.ca/~gary/rtaudio/ - - RtAudio: realtime audio i/o C++ classes - Copyright (c) 2001-2016 Gary P. Scavone - - Permission is hereby granted, free of charge, to any person - obtaining a copy of this software and associated documentation files - (the "Software"), to deal in the Software without restriction, - including without limitation the rights to use, copy, modify, merge, - publish, distribute, sublicense, and/or sell copies of the Software, - and to permit persons to whom the Software is furnished to do so, - subject to the following conditions: - - The above copyright notice and this permission notice shall be - included in all copies or substantial portions of the Software. - - Any person wishing to distribute modifications to the Software is - asked to send the modifications to the original developer so that - they can be incorporated into the canonical version. This is, - however, not a binding provision of this license. - - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, - EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF - MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. - IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR - ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF - CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION - WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -*/ -/************************************************************************/ - -// RtAudio: Version 4.1.2 - -#include "RtAudio.h" -#include <iostream> -#include <cstdlib> -#include <cstring> -#include <climits> -#include <algorithm> - -// Static variable definitions. -const unsigned int RtApi::MAX_SAMPLE_RATES = 14; -const unsigned int RtApi::SAMPLE_RATES[] = { - 4000, 5512, 8000, 9600, 11025, 16000, 22050, - 32000, 44100, 48000, 88200, 96000, 176400, 192000 -}; - -#if defined(__WINDOWS_DS__) || defined(__WINDOWS_ASIO__) || defined(__WINDOWS_WASAPI__) - #define MUTEX_INITIALIZE(A) InitializeCriticalSection(A) - #define MUTEX_DESTROY(A) DeleteCriticalSection(A) - #define MUTEX_LOCK(A) EnterCriticalSection(A) - #define MUTEX_UNLOCK(A) LeaveCriticalSection(A) - - #include "tchar.h" - - static std::string convertCharPointerToStdString(const char *text) - { - return std::string(text); - } - - static std::string convertCharPointerToStdString(const wchar_t *text) - { - int length = WideCharToMultiByte(CP_UTF8, 0, text, -1, NULL, 0, NULL, NULL); - std::string s( length-1, '\0' ); - WideCharToMultiByte(CP_UTF8, 0, text, -1, &s[0], length, NULL, NULL); - return s; - } - -#elif defined(__LINUX_ALSA__) || defined(__LINUX_PULSE__) || defined(__UNIX_JACK__) || defined(__LINUX_OSS__) || defined(__MACOSX_CORE__) - // pthread API - #define MUTEX_INITIALIZE(A) pthread_mutex_init(A, NULL) - #define MUTEX_DESTROY(A) pthread_mutex_destroy(A) - #define MUTEX_LOCK(A) pthread_mutex_lock(A) - #define MUTEX_UNLOCK(A) pthread_mutex_unlock(A) -#else - #define MUTEX_INITIALIZE(A) abs(*A) // dummy definitions - #define MUTEX_DESTROY(A) abs(*A) // dummy definitions -#endif - -// *************************************************** // -// -// RtAudio definitions. -// -// *************************************************** // - -std::string RtAudio :: getVersion( void ) throw() -{ - return RTAUDIO_VERSION; -} - -void RtAudio :: getCompiledApi( std::vector<RtAudio::Api> &apis ) throw() -{ - apis.clear(); - - // The order here will control the order of RtAudio's API search in - // the constructor. -#if defined(__UNIX_JACK__) - apis.push_back( UNIX_JACK ); -#endif -#if defined(__LINUX_ALSA__) - apis.push_back( LINUX_ALSA ); -#endif -#if defined(__LINUX_PULSE__) - apis.push_back( LINUX_PULSE ); -#endif -#if defined(__LINUX_OSS__) - apis.push_back( LINUX_OSS ); -#endif -#if defined(__WINDOWS_ASIO__) - apis.push_back( WINDOWS_ASIO ); -#endif -#if defined(__WINDOWS_WASAPI__) - apis.push_back( WINDOWS_WASAPI ); -#endif -#if defined(__WINDOWS_DS__) - apis.push_back( WINDOWS_DS ); -#endif -#if defined(__MACOSX_CORE__) - apis.push_back( MACOSX_CORE ); -#endif -#if defined(__RTAUDIO_DUMMY__) - apis.push_back( RTAUDIO_DUMMY ); -#endif -} - -void RtAudio :: openRtApi( RtAudio::Api api ) -{ - if ( rtapi_ ) - delete rtapi_; - rtapi_ = 0; - -#if defined(__UNIX_JACK__) - if ( api == UNIX_JACK ) - rtapi_ = new RtApiJack(); -#endif -#if defined(__LINUX_ALSA__) - if ( api == LINUX_ALSA ) - rtapi_ = new RtApiAlsa(); -#endif -#if defined(__LINUX_PULSE__) - if ( api == LINUX_PULSE ) - rtapi_ = new RtApiPulse(); -#endif -#if defined(__LINUX_OSS__) - if ( api == LINUX_OSS ) - rtapi_ = new RtApiOss(); -#endif -#if defined(__WINDOWS_ASIO__) - if ( api == WINDOWS_ASIO ) - rtapi_ = new RtApiAsio(); -#endif -#if defined(__WINDOWS_WASAPI__) - if ( api == WINDOWS_WASAPI ) - rtapi_ = new RtApiWasapi(); -#endif -#if defined(__WINDOWS_DS__) - if ( api == WINDOWS_DS ) - rtapi_ = new RtApiDs(); -#endif -#if defined(__MACOSX_CORE__) - if ( api == MACOSX_CORE ) - rtapi_ = new RtApiCore(); -#endif -#if defined(__RTAUDIO_DUMMY__) - if ( api == RTAUDIO_DUMMY ) - rtapi_ = new RtApiDummy(); -#endif -} - -RtAudio :: RtAudio( RtAudio::Api api ) -{ - rtapi_ = 0; - - if ( api != UNSPECIFIED ) { - // Attempt to open the specified API. - openRtApi( api ); - if ( rtapi_ ) return; - - // No compiled support for specified API value. Issue a debug - // warning and continue as if no API was specified. - std::cerr << "\nRtAudio: no compiled support for specified API argument!\n" << std::endl; - } - - // Iterate through the compiled APIs and return as soon as we find - // one with at least one device or we reach the end of the list. - std::vector< RtAudio::Api > apis; - getCompiledApi( apis ); - for ( unsigned int i=0; i<apis.size(); i++ ) { - openRtApi( apis[i] ); - if ( rtapi_ && rtapi_->getDeviceCount() ) break; - } - - if ( rtapi_ ) return; - - // It should not be possible to get here because the preprocessor - // definition __RTAUDIO_DUMMY__ is automatically defined if no - // API-specific definitions are passed to the compiler. But just in - // case something weird happens, we'll thow an error. - std::string errorText = "\nRtAudio: no compiled API support found ... critical error!!\n\n"; - throw( RtAudioError( errorText, RtAudioError::UNSPECIFIED ) ); -} - -RtAudio :: ~RtAudio() throw() -{ - if ( rtapi_ ) - delete rtapi_; -} - -void RtAudio :: openStream( RtAudio::StreamParameters *outputParameters, - RtAudio::StreamParameters *inputParameters, - RtAudioFormat format, unsigned int sampleRate, - unsigned int *bufferFrames, - RtAudioCallback callback, void *userData, - RtAudio::StreamOptions *options, - RtAudioErrorCallback errorCallback ) -{ - return rtapi_->openStream( outputParameters, inputParameters, format, - sampleRate, bufferFrames, callback, - userData, options, errorCallback ); -} - -// *************************************************** // -// -// Public RtApi definitions (see end of file for -// private or protected utility functions). -// -// *************************************************** // - -RtApi :: RtApi() -{ - stream_.state = STREAM_CLOSED; - stream_.mode = UNINITIALIZED; - stream_.apiHandle = 0; - stream_.userBuffer[0] = 0; - stream_.userBuffer[1] = 0; - MUTEX_INITIALIZE( &stream_.mutex ); - showWarnings_ = true; - firstErrorOccurred_ = false; -} - -RtApi :: ~RtApi() -{ - MUTEX_DESTROY( &stream_.mutex ); -} - -void RtApi :: openStream( RtAudio::StreamParameters *oParams, - RtAudio::StreamParameters *iParams, - RtAudioFormat format, unsigned int sampleRate, - unsigned int *bufferFrames, - RtAudioCallback callback, void *userData, - RtAudio::StreamOptions *options, - RtAudioErrorCallback errorCallback ) -{ - if ( stream_.state != STREAM_CLOSED ) { - errorText_ = "RtApi::openStream: a stream is already open!"; - error( RtAudioError::INVALID_USE ); - return; - } - - // Clear stream information potentially left from a previously open stream. - clearStreamInfo(); - - if ( oParams && oParams->nChannels < 1 ) { - errorText_ = "RtApi::openStream: a non-NULL output StreamParameters structure cannot have an nChannels value less than one."; - error( RtAudioError::INVALID_USE ); - return; - } - - if ( iParams && iParams->nChannels < 1 ) { - errorText_ = "RtApi::openStream: a non-NULL input StreamParameters structure cannot have an nChannels value less than one."; - error( RtAudioError::INVALID_USE ); - return; - } - - if ( oParams == NULL && iParams == NULL ) { - errorText_ = "RtApi::openStream: input and output StreamParameters structures are both NULL!"; - error( RtAudioError::INVALID_USE ); - return; - } - - if ( formatBytes(format) == 0 ) { - errorText_ = "RtApi::openStream: 'format' parameter value is undefined."; - error( RtAudioError::INVALID_USE ); - return; - } - - unsigned int nDevices = getDeviceCount(); - unsigned int oChannels = 0; - if ( oParams ) { - oChannels = oParams->nChannels; - if ( oParams->deviceId >= nDevices ) { - errorText_ = "RtApi::openStream: output device parameter value is invalid."; - error( RtAudioError::INVALID_USE ); - return; - } - } - - unsigned int iChannels = 0; - if ( iParams ) { - iChannels = iParams->nChannels; - if ( iParams->deviceId >= nDevices ) { - errorText_ = "RtApi::openStream: input device parameter value is invalid."; - error( RtAudioError::INVALID_USE ); - return; - } - } - - bool result; - - if ( oChannels > 0 ) { - - result = probeDeviceOpen( oParams->deviceId, OUTPUT, oChannels, oParams->firstChannel, - sampleRate, format, bufferFrames, options ); - if ( result == false ) { - error( RtAudioError::SYSTEM_ERROR ); - return; - } - } - - if ( iChannels > 0 ) { - - result = probeDeviceOpen( iParams->deviceId, INPUT, iChannels, iParams->firstChannel, - sampleRate, format, bufferFrames, options ); - if ( result == false ) { - if ( oChannels > 0 ) closeStream(); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - } - - stream_.callbackInfo.callback = (void *) callback; - stream_.callbackInfo.userData = userData; - stream_.callbackInfo.errorCallback = (void *) errorCallback; - - if ( options ) options->numberOfBuffers = stream_.nBuffers; - stream_.state = STREAM_STOPPED; -} - -unsigned int RtApi :: getDefaultInputDevice( void ) -{ - // Should be implemented in subclasses if possible. - return 0; -} - -unsigned int RtApi :: getDefaultOutputDevice( void ) -{ - // Should be implemented in subclasses if possible. - return 0; -} - -void RtApi :: closeStream( void ) -{ - // MUST be implemented in subclasses! - return; -} - -bool RtApi :: probeDeviceOpen( unsigned int /*device*/, StreamMode /*mode*/, unsigned int /*channels*/, - unsigned int /*firstChannel*/, unsigned int /*sampleRate*/, - RtAudioFormat /*format*/, unsigned int * /*bufferSize*/, - RtAudio::StreamOptions * /*options*/ ) -{ - // MUST be implemented in subclasses! - return FAILURE; -} - -void RtApi :: tickStreamTime( void ) -{ - // Subclasses that do not provide their own implementation of - // getStreamTime should call this function once per buffer I/O to - // provide basic stream time support. - - stream_.streamTime += ( stream_.bufferSize * 1.0 / stream_.sampleRate ); - -#if defined( HAVE_GETTIMEOFDAY ) - gettimeofday( &stream_.lastTickTimestamp, NULL ); -#endif -} - -long RtApi :: getStreamLatency( void ) -{ - verifyStream(); - - long totalLatency = 0; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) - totalLatency = stream_.latency[0]; - if ( stream_.mode == INPUT || stream_.mode == DUPLEX ) - totalLatency += stream_.latency[1]; - - return totalLatency; -} - -double RtApi :: getStreamTime( void ) -{ - verifyStream(); - -#if defined( HAVE_GETTIMEOFDAY ) - // Return a very accurate estimate of the stream time by - // adding in the elapsed time since the last tick. - struct timeval then; - struct timeval now; - - if ( stream_.state != STREAM_RUNNING || stream_.streamTime == 0.0 ) - return stream_.streamTime; - - gettimeofday( &now, NULL ); - then = stream_.lastTickTimestamp; - return stream_.streamTime + - ((now.tv_sec + 0.000001 * now.tv_usec) - - (then.tv_sec + 0.000001 * then.tv_usec)); -#else - return stream_.streamTime; -#endif -} - -void RtApi :: setStreamTime( double time ) -{ - verifyStream(); - - if ( time >= 0.0 ) - stream_.streamTime = time; -} - -unsigned int RtApi :: getStreamSampleRate( void ) -{ - verifyStream(); - - return stream_.sampleRate; -} - - -// *************************************************** // -// -// OS/API-specific methods. -// -// *************************************************** // - -#if defined(__MACOSX_CORE__) - -// The OS X CoreAudio API is designed to use a separate callback -// procedure for each of its audio devices. A single RtAudio duplex -// stream using two different devices is supported here, though it -// cannot be guaranteed to always behave correctly because we cannot -// synchronize these two callbacks. -// -// A property listener is installed for over/underrun information. -// However, no functionality is currently provided to allow property -// listeners to trigger user handlers because it is unclear what could -// be done if a critical stream parameter (buffer size, sample rate, -// device disconnect) notification arrived. The listeners entail -// quite a bit of extra code and most likely, a user program wouldn't -// be prepared for the result anyway. However, we do provide a flag -// to the client callback function to inform of an over/underrun. - -// A structure to hold various information related to the CoreAudio API -// implementation. -struct CoreHandle { - AudioDeviceID id[2]; // device ids -#if defined( MAC_OS_X_VERSION_10_5 ) && ( MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_5 ) - AudioDeviceIOProcID procId[2]; -#endif - UInt32 iStream[2]; // device stream index (or first if using multiple) - UInt32 nStreams[2]; // number of streams to use - bool xrun[2]; - char *deviceBuffer; - pthread_cond_t condition; - int drainCounter; // Tracks callback counts when draining - bool internalDrain; // Indicates if stop is initiated from callback or not. - - CoreHandle() - :deviceBuffer(0), drainCounter(0), internalDrain(false) { nStreams[0] = 1; nStreams[1] = 1; id[0] = 0; id[1] = 0; xrun[0] = false; xrun[1] = false; } -}; - -RtApiCore:: RtApiCore() -{ -#if defined( AVAILABLE_MAC_OS_X_VERSION_10_6_AND_LATER ) - // This is a largely undocumented but absolutely necessary - // requirement starting with OS-X 10.6. If not called, queries and - // updates to various audio device properties are not handled - // correctly. - CFRunLoopRef theRunLoop = NULL; - AudioObjectPropertyAddress property = { kAudioHardwarePropertyRunLoop, - kAudioObjectPropertyScopeGlobal, - kAudioObjectPropertyElementMaster }; - OSStatus result = AudioObjectSetPropertyData( kAudioObjectSystemObject, &property, 0, NULL, sizeof(CFRunLoopRef), &theRunLoop); - if ( result != noErr ) { - errorText_ = "RtApiCore::RtApiCore: error setting run loop property!"; - error( RtAudioError::WARNING ); - } -#endif -} - -RtApiCore :: ~RtApiCore() -{ - // The subclass destructor gets called before the base class - // destructor, so close an existing stream before deallocating - // apiDeviceId memory. - if ( stream_.state != STREAM_CLOSED ) closeStream(); -} - -unsigned int RtApiCore :: getDeviceCount( void ) -{ - // Find out how many audio devices there are, if any. - UInt32 dataSize; - AudioObjectPropertyAddress propertyAddress = { kAudioHardwarePropertyDevices, kAudioObjectPropertyScopeGlobal, kAudioObjectPropertyElementMaster }; - OSStatus result = AudioObjectGetPropertyDataSize( kAudioObjectSystemObject, &propertyAddress, 0, NULL, &dataSize ); - if ( result != noErr ) { - errorText_ = "RtApiCore::getDeviceCount: OS-X error getting device info!"; - error( RtAudioError::WARNING ); - return 0; - } - - return dataSize / sizeof( AudioDeviceID ); -} - -unsigned int RtApiCore :: getDefaultInputDevice( void ) -{ - unsigned int nDevices = getDeviceCount(); - if ( nDevices <= 1 ) return 0; - - AudioDeviceID id; - UInt32 dataSize = sizeof( AudioDeviceID ); - AudioObjectPropertyAddress property = { kAudioHardwarePropertyDefaultInputDevice, kAudioObjectPropertyScopeGlobal, kAudioObjectPropertyElementMaster }; - OSStatus result = AudioObjectGetPropertyData( kAudioObjectSystemObject, &property, 0, NULL, &dataSize, &id ); - if ( result != noErr ) { - errorText_ = "RtApiCore::getDefaultInputDevice: OS-X system error getting device."; - error( RtAudioError::WARNING ); - return 0; - } - - dataSize *= nDevices; - AudioDeviceID deviceList[ nDevices ]; - property.mSelector = kAudioHardwarePropertyDevices; - result = AudioObjectGetPropertyData( kAudioObjectSystemObject, &property, 0, NULL, &dataSize, (void *) &deviceList ); - if ( result != noErr ) { - errorText_ = "RtApiCore::getDefaultInputDevice: OS-X system error getting device IDs."; - error( RtAudioError::WARNING ); - return 0; - } - - for ( unsigned int i=0; i<nDevices; i++ ) - if ( id == deviceList[i] ) return i; - - errorText_ = "RtApiCore::getDefaultInputDevice: No default device found!"; - error( RtAudioError::WARNING ); - return 0; -} - -unsigned int RtApiCore :: getDefaultOutputDevice( void ) -{ - unsigned int nDevices = getDeviceCount(); - if ( nDevices <= 1 ) return 0; - - AudioDeviceID id; - UInt32 dataSize = sizeof( AudioDeviceID ); - AudioObjectPropertyAddress property = { kAudioHardwarePropertyDefaultOutputDevice, kAudioObjectPropertyScopeGlobal, kAudioObjectPropertyElementMaster }; - OSStatus result = AudioObjectGetPropertyData( kAudioObjectSystemObject, &property, 0, NULL, &dataSize, &id ); - if ( result != noErr ) { - errorText_ = "RtApiCore::getDefaultOutputDevice: OS-X system error getting device."; - error( RtAudioError::WARNING ); - return 0; - } - - dataSize = sizeof( AudioDeviceID ) * nDevices; - AudioDeviceID deviceList[ nDevices ]; - property.mSelector = kAudioHardwarePropertyDevices; - result = AudioObjectGetPropertyData( kAudioObjectSystemObject, &property, 0, NULL, &dataSize, (void *) &deviceList ); - if ( result != noErr ) { - errorText_ = "RtApiCore::getDefaultOutputDevice: OS-X system error getting device IDs."; - error( RtAudioError::WARNING ); - return 0; - } - - for ( unsigned int i=0; i<nDevices; i++ ) - if ( id == deviceList[i] ) return i; - - errorText_ = "RtApiCore::getDefaultOutputDevice: No default device found!"; - error( RtAudioError::WARNING ); - return 0; -} - -RtAudio::DeviceInfo RtApiCore :: getDeviceInfo( unsigned int device ) -{ - RtAudio::DeviceInfo info; - info.probed = false; - - // Get device ID - unsigned int nDevices = getDeviceCount(); - if ( nDevices == 0 ) { - errorText_ = "RtApiCore::getDeviceInfo: no devices found!"; - error( RtAudioError::INVALID_USE ); - return info; - } - - if ( device >= nDevices ) { - errorText_ = "RtApiCore::getDeviceInfo: device ID is invalid!"; - error( RtAudioError::INVALID_USE ); - return info; - } - - AudioDeviceID deviceList[ nDevices ]; - UInt32 dataSize = sizeof( AudioDeviceID ) * nDevices; - AudioObjectPropertyAddress property = { kAudioHardwarePropertyDevices, - kAudioObjectPropertyScopeGlobal, - kAudioObjectPropertyElementMaster }; - OSStatus result = AudioObjectGetPropertyData( kAudioObjectSystemObject, &property, - 0, NULL, &dataSize, (void *) &deviceList ); - if ( result != noErr ) { - errorText_ = "RtApiCore::getDeviceInfo: OS-X system error getting device IDs."; - error( RtAudioError::WARNING ); - return info; - } - - AudioDeviceID id = deviceList[ device ]; - - // Get the device name. - info.name.erase(); - CFStringRef cfname; - dataSize = sizeof( CFStringRef ); - property.mSelector = kAudioObjectPropertyManufacturer; - result = AudioObjectGetPropertyData( id, &property, 0, NULL, &dataSize, &cfname ); - if ( result != noErr ) { - errorStream_ << "RtApiCore::probeDeviceInfo: system error (" << getErrorCode( result ) << ") getting device manufacturer."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - //const char *mname = CFStringGetCStringPtr( cfname, CFStringGetSystemEncoding() ); - int length = CFStringGetLength(cfname); - char *mname = (char *)malloc(length * 3 + 1); -#if defined( UNICODE ) || defined( _UNICODE ) - CFStringGetCString(cfname, mname, length * 3 + 1, kCFStringEncodingUTF8); -#else - CFStringGetCString(cfname, mname, length * 3 + 1, CFStringGetSystemEncoding()); -#endif - info.name.append( (const char *)mname, strlen(mname) ); - info.name.append( ": " ); - CFRelease( cfname ); - free(mname); - - property.mSelector = kAudioObjectPropertyName; - result = AudioObjectGetPropertyData( id, &property, 0, NULL, &dataSize, &cfname ); - if ( result != noErr ) { - errorStream_ << "RtApiCore::probeDeviceInfo: system error (" << getErrorCode( result ) << ") getting device name."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - //const char *name = CFStringGetCStringPtr( cfname, CFStringGetSystemEncoding() ); - length = CFStringGetLength(cfname); - char *name = (char *)malloc(length * 3 + 1); -#if defined( UNICODE ) || defined( _UNICODE ) - CFStringGetCString(cfname, name, length * 3 + 1, kCFStringEncodingUTF8); -#else - CFStringGetCString(cfname, name, length * 3 + 1, CFStringGetSystemEncoding()); -#endif - info.name.append( (const char *)name, strlen(name) ); - CFRelease( cfname ); - free(name); - - // Get the output stream "configuration". - AudioBufferList *bufferList = nil; - property.mSelector = kAudioDevicePropertyStreamConfiguration; - property.mScope = kAudioDevicePropertyScopeOutput; - // property.mElement = kAudioObjectPropertyElementWildcard; - dataSize = 0; - result = AudioObjectGetPropertyDataSize( id, &property, 0, NULL, &dataSize ); - if ( result != noErr || dataSize == 0 ) { - errorStream_ << "RtApiCore::getDeviceInfo: system error (" << getErrorCode( result ) << ") getting output stream configuration info for device (" << device << ")."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // Allocate the AudioBufferList. - bufferList = (AudioBufferList *) malloc( dataSize ); - if ( bufferList == NULL ) { - errorText_ = "RtApiCore::getDeviceInfo: memory error allocating output AudioBufferList."; - error( RtAudioError::WARNING ); - return info; - } - - result = AudioObjectGetPropertyData( id, &property, 0, NULL, &dataSize, bufferList ); - if ( result != noErr || dataSize == 0 ) { - free( bufferList ); - errorStream_ << "RtApiCore::getDeviceInfo: system error (" << getErrorCode( result ) << ") getting output stream configuration for device (" << device << ")."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // Get output channel information. - unsigned int i, nStreams = bufferList->mNumberBuffers; - for ( i=0; i<nStreams; i++ ) - info.outputChannels += bufferList->mBuffers[i].mNumberChannels; - free( bufferList ); - - // Get the input stream "configuration". - property.mScope = kAudioDevicePropertyScopeInput; - result = AudioObjectGetPropertyDataSize( id, &property, 0, NULL, &dataSize ); - if ( result != noErr || dataSize == 0 ) { - errorStream_ << "RtApiCore::getDeviceInfo: system error (" << getErrorCode( result ) << ") getting input stream configuration info for device (" << device << ")."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // Allocate the AudioBufferList. - bufferList = (AudioBufferList *) malloc( dataSize ); - if ( bufferList == NULL ) { - errorText_ = "RtApiCore::getDeviceInfo: memory error allocating input AudioBufferList."; - error( RtAudioError::WARNING ); - return info; - } - - result = AudioObjectGetPropertyData( id, &property, 0, NULL, &dataSize, bufferList ); - if (result != noErr || dataSize == 0) { - free( bufferList ); - errorStream_ << "RtApiCore::getDeviceInfo: system error (" << getErrorCode( result ) << ") getting input stream configuration for device (" << device << ")."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // Get input channel information. - nStreams = bufferList->mNumberBuffers; - for ( i=0; i<nStreams; i++ ) - info.inputChannels += bufferList->mBuffers[i].mNumberChannels; - free( bufferList ); - - // If device opens for both playback and capture, we determine the channels. - if ( info.outputChannels > 0 && info.inputChannels > 0 ) - info.duplexChannels = (info.outputChannels > info.inputChannels) ? info.inputChannels : info.outputChannels; - - // Probe the device sample rates. - bool isInput = false; - if ( info.outputChannels == 0 ) isInput = true; - - // Determine the supported sample rates. - property.mSelector = kAudioDevicePropertyAvailableNominalSampleRates; - if ( isInput == false ) property.mScope = kAudioDevicePropertyScopeOutput; - result = AudioObjectGetPropertyDataSize( id, &property, 0, NULL, &dataSize ); - if ( result != kAudioHardwareNoError || dataSize == 0 ) { - errorStream_ << "RtApiCore::getDeviceInfo: system error (" << getErrorCode( result ) << ") getting sample rate info."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - UInt32 nRanges = dataSize / sizeof( AudioValueRange ); - AudioValueRange rangeList[ nRanges ]; - result = AudioObjectGetPropertyData( id, &property, 0, NULL, &dataSize, &rangeList ); - if ( result != kAudioHardwareNoError ) { - errorStream_ << "RtApiCore::getDeviceInfo: system error (" << getErrorCode( result ) << ") getting sample rates."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // The sample rate reporting mechanism is a bit of a mystery. It - // seems that it can either return individual rates or a range of - // rates. I assume that if the min / max range values are the same, - // then that represents a single supported rate and if the min / max - // range values are different, the device supports an arbitrary - // range of values (though there might be multiple ranges, so we'll - // use the most conservative range). - Float64 minimumRate = 1.0, maximumRate = 10000000000.0; - bool haveValueRange = false; - info.sampleRates.clear(); - for ( UInt32 i=0; i<nRanges; i++ ) { - if ( rangeList[i].mMinimum == rangeList[i].mMaximum ) { - unsigned int tmpSr = (unsigned int) rangeList[i].mMinimum; - info.sampleRates.push_back( tmpSr ); - - if ( !info.preferredSampleRate || ( tmpSr <= 48000 && tmpSr > info.preferredSampleRate ) ) - info.preferredSampleRate = tmpSr; - - } else { - haveValueRange = true; - if ( rangeList[i].mMinimum > minimumRate ) minimumRate = rangeList[i].mMinimum; - if ( rangeList[i].mMaximum < maximumRate ) maximumRate = rangeList[i].mMaximum; - } - } - - if ( haveValueRange ) { - for ( unsigned int k=0; k<MAX_SAMPLE_RATES; k++ ) { - if ( SAMPLE_RATES[k] >= (unsigned int) minimumRate && SAMPLE_RATES[k] <= (unsigned int) maximumRate ) { - info.sampleRates.push_back( SAMPLE_RATES[k] ); - - if ( !info.preferredSampleRate || ( SAMPLE_RATES[k] <= 48000 && SAMPLE_RATES[k] > info.preferredSampleRate ) ) - info.preferredSampleRate = SAMPLE_RATES[k]; - } - } - } - - // Sort and remove any redundant values - std::sort( info.sampleRates.begin(), info.sampleRates.end() ); - info.sampleRates.erase( unique( info.sampleRates.begin(), info.sampleRates.end() ), info.sampleRates.end() ); - - if ( info.sampleRates.size() == 0 ) { - errorStream_ << "RtApiCore::probeDeviceInfo: No supported sample rates found for device (" << device << ")."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // CoreAudio always uses 32-bit floating point data for PCM streams. - // Thus, any other "physical" formats supported by the device are of - // no interest to the client. - info.nativeFormats = RTAUDIO_FLOAT32; - - if ( info.outputChannels > 0 ) - if ( getDefaultOutputDevice() == device ) info.isDefaultOutput = true; - if ( info.inputChannels > 0 ) - if ( getDefaultInputDevice() == device ) info.isDefaultInput = true; - - info.probed = true; - return info; -} - -static OSStatus callbackHandler( AudioDeviceID inDevice, - const AudioTimeStamp* /*inNow*/, - const AudioBufferList* inInputData, - const AudioTimeStamp* /*inInputTime*/, - AudioBufferList* outOutputData, - const AudioTimeStamp* /*inOutputTime*/, - void* infoPointer ) -{ - CallbackInfo *info = (CallbackInfo *) infoPointer; - - RtApiCore *object = (RtApiCore *) info->object; - if ( object->callbackEvent( inDevice, inInputData, outOutputData ) == false ) - return kAudioHardwareUnspecifiedError; - else - return kAudioHardwareNoError; -} - -static OSStatus xrunListener( AudioObjectID /*inDevice*/, - UInt32 nAddresses, - const AudioObjectPropertyAddress properties[], - void* handlePointer ) -{ - CoreHandle *handle = (CoreHandle *) handlePointer; - for ( UInt32 i=0; i<nAddresses; i++ ) { - if ( properties[i].mSelector == kAudioDeviceProcessorOverload ) { - if ( properties[i].mScope == kAudioDevicePropertyScopeInput ) - handle->xrun[1] = true; - else - handle->xrun[0] = true; - } - } - - return kAudioHardwareNoError; -} - -static OSStatus rateListener( AudioObjectID inDevice, - UInt32 /*nAddresses*/, - const AudioObjectPropertyAddress /*properties*/[], - void* ratePointer ) -{ - Float64 *rate = (Float64 *) ratePointer; - UInt32 dataSize = sizeof( Float64 ); - AudioObjectPropertyAddress property = { kAudioDevicePropertyNominalSampleRate, - kAudioObjectPropertyScopeGlobal, - kAudioObjectPropertyElementMaster }; - AudioObjectGetPropertyData( inDevice, &property, 0, NULL, &dataSize, rate ); - return kAudioHardwareNoError; -} - -bool RtApiCore :: probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ) -{ - // Get device ID - unsigned int nDevices = getDeviceCount(); - if ( nDevices == 0 ) { - // This should not happen because a check is made before this function is called. - errorText_ = "RtApiCore::probeDeviceOpen: no devices found!"; - return FAILURE; - } - - if ( device >= nDevices ) { - // This should not happen because a check is made before this function is called. - errorText_ = "RtApiCore::probeDeviceOpen: device ID is invalid!"; - return FAILURE; - } - - AudioDeviceID deviceList[ nDevices ]; - UInt32 dataSize = sizeof( AudioDeviceID ) * nDevices; - AudioObjectPropertyAddress property = { kAudioHardwarePropertyDevices, - kAudioObjectPropertyScopeGlobal, - kAudioObjectPropertyElementMaster }; - OSStatus result = AudioObjectGetPropertyData( kAudioObjectSystemObject, &property, - 0, NULL, &dataSize, (void *) &deviceList ); - if ( result != noErr ) { - errorText_ = "RtApiCore::probeDeviceOpen: OS-X system error getting device IDs."; - return FAILURE; - } - - AudioDeviceID id = deviceList[ device ]; - - // Setup for stream mode. - bool isInput = false; - if ( mode == INPUT ) { - isInput = true; - property.mScope = kAudioDevicePropertyScopeInput; - } - else - property.mScope = kAudioDevicePropertyScopeOutput; - - // Get the stream "configuration". - AudioBufferList *bufferList = nil; - dataSize = 0; - property.mSelector = kAudioDevicePropertyStreamConfiguration; - result = AudioObjectGetPropertyDataSize( id, &property, 0, NULL, &dataSize ); - if ( result != noErr || dataSize == 0 ) { - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") getting stream configuration info for device (" << device << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Allocate the AudioBufferList. - bufferList = (AudioBufferList *) malloc( dataSize ); - if ( bufferList == NULL ) { - errorText_ = "RtApiCore::probeDeviceOpen: memory error allocating AudioBufferList."; - return FAILURE; - } - - result = AudioObjectGetPropertyData( id, &property, 0, NULL, &dataSize, bufferList ); - if (result != noErr || dataSize == 0) { - free( bufferList ); - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") getting stream configuration for device (" << device << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Search for one or more streams that contain the desired number of - // channels. CoreAudio devices can have an arbitrary number of - // streams and each stream can have an arbitrary number of channels. - // For each stream, a single buffer of interleaved samples is - // provided. RtAudio prefers the use of one stream of interleaved - // data or multiple consecutive single-channel streams. However, we - // now support multiple consecutive multi-channel streams of - // interleaved data as well. - UInt32 iStream, offsetCounter = firstChannel; - UInt32 nStreams = bufferList->mNumberBuffers; - bool monoMode = false; - bool foundStream = false; - - // First check that the device supports the requested number of - // channels. - UInt32 deviceChannels = 0; - for ( iStream=0; iStream<nStreams; iStream++ ) - deviceChannels += bufferList->mBuffers[iStream].mNumberChannels; - - if ( deviceChannels < ( channels + firstChannel ) ) { - free( bufferList ); - errorStream_ << "RtApiCore::probeDeviceOpen: the device (" << device << ") does not support the requested channel count."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Look for a single stream meeting our needs. - UInt32 firstStream, streamCount = 1, streamChannels = 0, channelOffset = 0; - for ( iStream=0; iStream<nStreams; iStream++ ) { - streamChannels = bufferList->mBuffers[iStream].mNumberChannels; - if ( streamChannels >= channels + offsetCounter ) { - firstStream = iStream; - channelOffset = offsetCounter; - foundStream = true; - break; - } - if ( streamChannels > offsetCounter ) break; - offsetCounter -= streamChannels; - } - - // If we didn't find a single stream above, then we should be able - // to meet the channel specification with multiple streams. - if ( foundStream == false ) { - monoMode = true; - offsetCounter = firstChannel; - for ( iStream=0; iStream<nStreams; iStream++ ) { - streamChannels = bufferList->mBuffers[iStream].mNumberChannels; - if ( streamChannels > offsetCounter ) break; - offsetCounter -= streamChannels; - } - - firstStream = iStream; - channelOffset = offsetCounter; - Int32 channelCounter = channels + offsetCounter - streamChannels; - - if ( streamChannels > 1 ) monoMode = false; - while ( channelCounter > 0 ) { - streamChannels = bufferList->mBuffers[++iStream].mNumberChannels; - if ( streamChannels > 1 ) monoMode = false; - channelCounter -= streamChannels; - streamCount++; - } - } - - free( bufferList ); - - // Determine the buffer size. - AudioValueRange bufferRange; - dataSize = sizeof( AudioValueRange ); - property.mSelector = kAudioDevicePropertyBufferFrameSizeRange; - result = AudioObjectGetPropertyData( id, &property, 0, NULL, &dataSize, &bufferRange ); - - if ( result != noErr ) { - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") getting buffer size range for device (" << device << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - if ( bufferRange.mMinimum > *bufferSize ) *bufferSize = (unsigned long) bufferRange.mMinimum; - else if ( bufferRange.mMaximum < *bufferSize ) *bufferSize = (unsigned long) bufferRange.mMaximum; - if ( options && options->flags & RTAUDIO_MINIMIZE_LATENCY ) *bufferSize = (unsigned long) bufferRange.mMinimum; - - // Set the buffer size. For multiple streams, I'm assuming we only - // need to make this setting for the master channel. - UInt32 theSize = (UInt32) *bufferSize; - dataSize = sizeof( UInt32 ); - property.mSelector = kAudioDevicePropertyBufferFrameSize; - result = AudioObjectSetPropertyData( id, &property, 0, NULL, dataSize, &theSize ); - - if ( result != noErr ) { - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") setting the buffer size for device (" << device << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // If attempting to setup a duplex stream, the bufferSize parameter - // MUST be the same in both directions! - *bufferSize = theSize; - if ( stream_.mode == OUTPUT && mode == INPUT && *bufferSize != stream_.bufferSize ) { - errorStream_ << "RtApiCore::probeDeviceOpen: system error setting buffer size for duplex stream on device (" << device << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - stream_.bufferSize = *bufferSize; - stream_.nBuffers = 1; - - // Try to set "hog" mode ... it's not clear to me this is working. - if ( options && options->flags & RTAUDIO_HOG_DEVICE ) { - pid_t hog_pid; - dataSize = sizeof( hog_pid ); - property.mSelector = kAudioDevicePropertyHogMode; - result = AudioObjectGetPropertyData( id, &property, 0, NULL, &dataSize, &hog_pid ); - if ( result != noErr ) { - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") getting 'hog' state!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - if ( hog_pid != getpid() ) { - hog_pid = getpid(); - result = AudioObjectSetPropertyData( id, &property, 0, NULL, dataSize, &hog_pid ); - if ( result != noErr ) { - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") setting 'hog' state!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - } - } - - // Check and if necessary, change the sample rate for the device. - Float64 nominalRate; - dataSize = sizeof( Float64 ); - property.mSelector = kAudioDevicePropertyNominalSampleRate; - result = AudioObjectGetPropertyData( id, &property, 0, NULL, &dataSize, &nominalRate ); - if ( result != noErr ) { - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") getting current sample rate."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Only change the sample rate if off by more than 1 Hz. - if ( fabs( nominalRate - (double)sampleRate ) > 1.0 ) { - - // Set a property listener for the sample rate change - Float64 reportedRate = 0.0; - AudioObjectPropertyAddress tmp = { kAudioDevicePropertyNominalSampleRate, kAudioObjectPropertyScopeGlobal, kAudioObjectPropertyElementMaster }; - result = AudioObjectAddPropertyListener( id, &tmp, rateListener, (void *) &reportedRate ); - if ( result != noErr ) { - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") setting sample rate property listener for device (" << device << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - nominalRate = (Float64) sampleRate; - result = AudioObjectSetPropertyData( id, &property, 0, NULL, dataSize, &nominalRate ); - if ( result != noErr ) { - AudioObjectRemovePropertyListener( id, &tmp, rateListener, (void *) &reportedRate ); - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") setting sample rate for device (" << device << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Now wait until the reported nominal rate is what we just set. - UInt32 microCounter = 0; - while ( reportedRate != nominalRate ) { - microCounter += 5000; - if ( microCounter > 5000000 ) break; - usleep( 5000 ); - } - - // Remove the property listener. - AudioObjectRemovePropertyListener( id, &tmp, rateListener, (void *) &reportedRate ); - - if ( microCounter > 5000000 ) { - errorStream_ << "RtApiCore::probeDeviceOpen: timeout waiting for sample rate update for device (" << device << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - } - - // Now set the stream format for all streams. Also, check the - // physical format of the device and change that if necessary. - AudioStreamBasicDescription description; - dataSize = sizeof( AudioStreamBasicDescription ); - property.mSelector = kAudioStreamPropertyVirtualFormat; - result = AudioObjectGetPropertyData( id, &property, 0, NULL, &dataSize, &description ); - if ( result != noErr ) { - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") getting stream format for device (" << device << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Set the sample rate and data format id. However, only make the - // change if the sample rate is not within 1.0 of the desired - // rate and the format is not linear pcm. - bool updateFormat = false; - if ( fabs( description.mSampleRate - (Float64)sampleRate ) > 1.0 ) { - description.mSampleRate = (Float64) sampleRate; - updateFormat = true; - } - - if ( description.mFormatID != kAudioFormatLinearPCM ) { - description.mFormatID = kAudioFormatLinearPCM; - updateFormat = true; - } - - if ( updateFormat ) { - result = AudioObjectSetPropertyData( id, &property, 0, NULL, dataSize, &description ); - if ( result != noErr ) { - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") setting sample rate or data format for device (" << device << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - } - - // Now check the physical format. - property.mSelector = kAudioStreamPropertyPhysicalFormat; - result = AudioObjectGetPropertyData( id, &property, 0, NULL, &dataSize, &description ); - if ( result != noErr ) { - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") getting stream physical format for device (" << device << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - //std::cout << "Current physical stream format:" << std::endl; - //std::cout << " mBitsPerChan = " << description.mBitsPerChannel << std::endl; - //std::cout << " aligned high = " << (description.mFormatFlags & kAudioFormatFlagIsAlignedHigh) << ", isPacked = " << (description.mFormatFlags & kAudioFormatFlagIsPacked) << std::endl; - //std::cout << " bytesPerFrame = " << description.mBytesPerFrame << std::endl; - //std::cout << " sample rate = " << description.mSampleRate << std::endl; - - if ( description.mFormatID != kAudioFormatLinearPCM || description.mBitsPerChannel < 16 ) { - description.mFormatID = kAudioFormatLinearPCM; - //description.mSampleRate = (Float64) sampleRate; - AudioStreamBasicDescription testDescription = description; - UInt32 formatFlags; - - // We'll try higher bit rates first and then work our way down. - std::vector< std::pair<UInt32, UInt32> > physicalFormats; - formatFlags = (description.mFormatFlags | kLinearPCMFormatFlagIsFloat) & ~kLinearPCMFormatFlagIsSignedInteger; - physicalFormats.push_back( std::pair<Float32, UInt32>( 32, formatFlags ) ); - formatFlags = (description.mFormatFlags | kLinearPCMFormatFlagIsSignedInteger | kAudioFormatFlagIsPacked) & ~kLinearPCMFormatFlagIsFloat; - physicalFormats.push_back( std::pair<Float32, UInt32>( 32, formatFlags ) ); - physicalFormats.push_back( std::pair<Float32, UInt32>( 24, formatFlags ) ); // 24-bit packed - formatFlags &= ~( kAudioFormatFlagIsPacked | kAudioFormatFlagIsAlignedHigh ); - physicalFormats.push_back( std::pair<Float32, UInt32>( 24.2, formatFlags ) ); // 24-bit in 4 bytes, aligned low - formatFlags |= kAudioFormatFlagIsAlignedHigh; - physicalFormats.push_back( std::pair<Float32, UInt32>( 24.4, formatFlags ) ); // 24-bit in 4 bytes, aligned high - formatFlags = (description.mFormatFlags | kLinearPCMFormatFlagIsSignedInteger | kAudioFormatFlagIsPacked) & ~kLinearPCMFormatFlagIsFloat; - physicalFormats.push_back( std::pair<Float32, UInt32>( 16, formatFlags ) ); - physicalFormats.push_back( std::pair<Float32, UInt32>( 8, formatFlags ) ); - - bool setPhysicalFormat = false; - for( unsigned int i=0; i<physicalFormats.size(); i++ ) { - testDescription = description; - testDescription.mBitsPerChannel = (UInt32) physicalFormats[i].first; - testDescription.mFormatFlags = physicalFormats[i].second; - if ( (24 == (UInt32)physicalFormats[i].first) && ~( physicalFormats[i].second & kAudioFormatFlagIsPacked ) ) - testDescription.mBytesPerFrame = 4 * testDescription.mChannelsPerFrame; - else - testDescription.mBytesPerFrame = testDescription.mBitsPerChannel/8 * testDescription.mChannelsPerFrame; - testDescription.mBytesPerPacket = testDescription.mBytesPerFrame * testDescription.mFramesPerPacket; - result = AudioObjectSetPropertyData( id, &property, 0, NULL, dataSize, &testDescription ); - if ( result == noErr ) { - setPhysicalFormat = true; - //std::cout << "Updated physical stream format:" << std::endl; - //std::cout << " mBitsPerChan = " << testDescription.mBitsPerChannel << std::endl; - //std::cout << " aligned high = " << (testDescription.mFormatFlags & kAudioFormatFlagIsAlignedHigh) << ", isPacked = " << (testDescription.mFormatFlags & kAudioFormatFlagIsPacked) << std::endl; - //std::cout << " bytesPerFrame = " << testDescription.mBytesPerFrame << std::endl; - //std::cout << " sample rate = " << testDescription.mSampleRate << std::endl; - break; - } - } - - if ( !setPhysicalFormat ) { - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") setting physical data format for device (" << device << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - } // done setting virtual/physical formats. - - // Get the stream / device latency. - UInt32 latency; - dataSize = sizeof( UInt32 ); - property.mSelector = kAudioDevicePropertyLatency; - if ( AudioObjectHasProperty( id, &property ) == true ) { - result = AudioObjectGetPropertyData( id, &property, 0, NULL, &dataSize, &latency ); - if ( result == kAudioHardwareNoError ) stream_.latency[ mode ] = latency; - else { - errorStream_ << "RtApiCore::probeDeviceOpen: system error (" << getErrorCode( result ) << ") getting device latency for device (" << device << ")."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - } - } - - // Byte-swapping: According to AudioHardware.h, the stream data will - // always be presented in native-endian format, so we should never - // need to byte swap. - stream_.doByteSwap[mode] = false; - - // From the CoreAudio documentation, PCM data must be supplied as - // 32-bit floats. - stream_.userFormat = format; - stream_.deviceFormat[mode] = RTAUDIO_FLOAT32; - - if ( streamCount == 1 ) - stream_.nDeviceChannels[mode] = description.mChannelsPerFrame; - else // multiple streams - stream_.nDeviceChannels[mode] = channels; - stream_.nUserChannels[mode] = channels; - stream_.channelOffset[mode] = channelOffset; // offset within a CoreAudio stream - if ( options && options->flags & RTAUDIO_NONINTERLEAVED ) stream_.userInterleaved = false; - else stream_.userInterleaved = true; - stream_.deviceInterleaved[mode] = true; - if ( monoMode == true ) stream_.deviceInterleaved[mode] = false; - - // Set flags for buffer conversion. - stream_.doConvertBuffer[mode] = false; - if ( stream_.userFormat != stream_.deviceFormat[mode] ) - stream_.doConvertBuffer[mode] = true; - if ( stream_.nUserChannels[mode] < stream_.nDeviceChannels[mode] ) - stream_.doConvertBuffer[mode] = true; - if ( streamCount == 1 ) { - if ( stream_.nUserChannels[mode] > 1 && - stream_.userInterleaved != stream_.deviceInterleaved[mode] ) - stream_.doConvertBuffer[mode] = true; - } - else if ( monoMode && stream_.userInterleaved ) - stream_.doConvertBuffer[mode] = true; - - // Allocate our CoreHandle structure for the stream. - CoreHandle *handle = 0; - if ( stream_.apiHandle == 0 ) { - try { - handle = new CoreHandle; - } - catch ( std::bad_alloc& ) { - errorText_ = "RtApiCore::probeDeviceOpen: error allocating CoreHandle memory."; - goto error; - } - - if ( pthread_cond_init( &handle->condition, NULL ) ) { - errorText_ = "RtApiCore::probeDeviceOpen: error initializing pthread condition variable."; - goto error; - } - stream_.apiHandle = (void *) handle; - } - else - handle = (CoreHandle *) stream_.apiHandle; - handle->iStream[mode] = firstStream; - handle->nStreams[mode] = streamCount; - handle->id[mode] = id; - - // Allocate necessary internal buffers. - unsigned long bufferBytes; - bufferBytes = stream_.nUserChannels[mode] * *bufferSize * formatBytes( stream_.userFormat ); - // stream_.userBuffer[mode] = (char *) calloc( bufferBytes, 1 ); - stream_.userBuffer[mode] = (char *) malloc( bufferBytes * sizeof(char) ); - memset( stream_.userBuffer[mode], 0, bufferBytes * sizeof(char) ); - if ( stream_.userBuffer[mode] == NULL ) { - errorText_ = "RtApiCore::probeDeviceOpen: error allocating user buffer memory."; - goto error; - } - - // If possible, we will make use of the CoreAudio stream buffers as - // "device buffers". However, we can't do this if using multiple - // streams. - if ( stream_.doConvertBuffer[mode] && handle->nStreams[mode] > 1 ) { - - bool makeBuffer = true; - bufferBytes = stream_.nDeviceChannels[mode] * formatBytes( stream_.deviceFormat[mode] ); - if ( mode == INPUT ) { - if ( stream_.mode == OUTPUT && stream_.deviceBuffer ) { - unsigned long bytesOut = stream_.nDeviceChannels[0] * formatBytes( stream_.deviceFormat[0] ); - if ( bufferBytes <= bytesOut ) makeBuffer = false; - } - } - - if ( makeBuffer ) { - bufferBytes *= *bufferSize; - if ( stream_.deviceBuffer ) free( stream_.deviceBuffer ); - stream_.deviceBuffer = (char *) calloc( bufferBytes, 1 ); - if ( stream_.deviceBuffer == NULL ) { - errorText_ = "RtApiCore::probeDeviceOpen: error allocating device buffer memory."; - goto error; - } - } - } - - stream_.sampleRate = sampleRate; - stream_.device[mode] = device; - stream_.state = STREAM_STOPPED; - stream_.callbackInfo.object = (void *) this; - - // Setup the buffer conversion information structure. - if ( stream_.doConvertBuffer[mode] ) { - if ( streamCount > 1 ) setConvertInfo( mode, 0 ); - else setConvertInfo( mode, channelOffset ); - } - - if ( mode == INPUT && stream_.mode == OUTPUT && stream_.device[0] == device ) - // Only one callback procedure per device. - stream_.mode = DUPLEX; - else { -#if defined( MAC_OS_X_VERSION_10_5 ) && ( MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_5 ) - result = AudioDeviceCreateIOProcID( id, callbackHandler, (void *) &stream_.callbackInfo, &handle->procId[mode] ); -#else - // deprecated in favor of AudioDeviceCreateIOProcID() - result = AudioDeviceAddIOProc( id, callbackHandler, (void *) &stream_.callbackInfo ); -#endif - if ( result != noErr ) { - errorStream_ << "RtApiCore::probeDeviceOpen: system error setting callback for device (" << device << ")."; - errorText_ = errorStream_.str(); - goto error; - } - if ( stream_.mode == OUTPUT && mode == INPUT ) - stream_.mode = DUPLEX; - else - stream_.mode = mode; - } - - // Setup the device property listener for over/underload. - property.mSelector = kAudioDeviceProcessorOverload; - property.mScope = kAudioObjectPropertyScopeGlobal; - result = AudioObjectAddPropertyListener( id, &property, xrunListener, (void *) handle ); - - return SUCCESS; - - error: - if ( handle ) { - pthread_cond_destroy( &handle->condition ); - delete handle; - stream_.apiHandle = 0; - } - - for ( int i=0; i<2; i++ ) { - if ( stream_.userBuffer[i] ) { - free( stream_.userBuffer[i] ); - stream_.userBuffer[i] = 0; - } - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - - stream_.state = STREAM_CLOSED; - return FAILURE; -} - -void RtApiCore :: closeStream( void ) -{ - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiCore::closeStream(): no open stream to close!"; - error( RtAudioError::WARNING ); - return; - } - - CoreHandle *handle = (CoreHandle *) stream_.apiHandle; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - if (handle) { - AudioObjectPropertyAddress property = { kAudioHardwarePropertyDevices, - kAudioObjectPropertyScopeGlobal, - kAudioObjectPropertyElementMaster }; - - property.mSelector = kAudioDeviceProcessorOverload; - property.mScope = kAudioObjectPropertyScopeGlobal; - if (AudioObjectRemovePropertyListener( handle->id[0], &property, xrunListener, (void *) handle ) != noErr) { - errorText_ = "RtApiCore::closeStream(): error removing property listener!"; - error( RtAudioError::WARNING ); - } - } - if ( stream_.state == STREAM_RUNNING ) - AudioDeviceStop( handle->id[0], callbackHandler ); -#if defined( MAC_OS_X_VERSION_10_5 ) && ( MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_5 ) - AudioDeviceDestroyIOProcID( handle->id[0], handle->procId[0] ); -#else - // deprecated in favor of AudioDeviceDestroyIOProcID() - AudioDeviceRemoveIOProc( handle->id[0], callbackHandler ); -#endif - } - - if ( stream_.mode == INPUT || ( stream_.mode == DUPLEX && stream_.device[0] != stream_.device[1] ) ) { - if (handle) { - AudioObjectPropertyAddress property = { kAudioHardwarePropertyDevices, - kAudioObjectPropertyScopeGlobal, - kAudioObjectPropertyElementMaster }; - - property.mSelector = kAudioDeviceProcessorOverload; - property.mScope = kAudioObjectPropertyScopeGlobal; - if (AudioObjectRemovePropertyListener( handle->id[1], &property, xrunListener, (void *) handle ) != noErr) { - errorText_ = "RtApiCore::closeStream(): error removing property listener!"; - error( RtAudioError::WARNING ); - } - } - if ( stream_.state == STREAM_RUNNING ) - AudioDeviceStop( handle->id[1], callbackHandler ); -#if defined( MAC_OS_X_VERSION_10_5 ) && ( MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_5 ) - AudioDeviceDestroyIOProcID( handle->id[1], handle->procId[1] ); -#else - // deprecated in favor of AudioDeviceDestroyIOProcID() - AudioDeviceRemoveIOProc( handle->id[1], callbackHandler ); -#endif - } - - for ( int i=0; i<2; i++ ) { - if ( stream_.userBuffer[i] ) { - free( stream_.userBuffer[i] ); - stream_.userBuffer[i] = 0; - } - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - - // Destroy pthread condition variable. - pthread_cond_destroy( &handle->condition ); - delete handle; - stream_.apiHandle = 0; - - stream_.mode = UNINITIALIZED; - stream_.state = STREAM_CLOSED; -} - -void RtApiCore :: startStream( void ) -{ - verifyStream(); - if ( stream_.state == STREAM_RUNNING ) { - errorText_ = "RtApiCore::startStream(): the stream is already running!"; - error( RtAudioError::WARNING ); - return; - } - - OSStatus result = noErr; - CoreHandle *handle = (CoreHandle *) stream_.apiHandle; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - - result = AudioDeviceStart( handle->id[0], callbackHandler ); - if ( result != noErr ) { - errorStream_ << "RtApiCore::startStream: system error (" << getErrorCode( result ) << ") starting callback procedure on device (" << stream_.device[0] << ")."; - errorText_ = errorStream_.str(); - goto unlock; - } - } - - if ( stream_.mode == INPUT || - ( stream_.mode == DUPLEX && stream_.device[0] != stream_.device[1] ) ) { - - result = AudioDeviceStart( handle->id[1], callbackHandler ); - if ( result != noErr ) { - errorStream_ << "RtApiCore::startStream: system error starting input callback procedure on device (" << stream_.device[1] << ")."; - errorText_ = errorStream_.str(); - goto unlock; - } - } - - handle->drainCounter = 0; - handle->internalDrain = false; - stream_.state = STREAM_RUNNING; - - unlock: - if ( result == noErr ) return; - error( RtAudioError::SYSTEM_ERROR ); -} - -void RtApiCore :: stopStream( void ) -{ - verifyStream(); - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiCore::stopStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - OSStatus result = noErr; - CoreHandle *handle = (CoreHandle *) stream_.apiHandle; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - - if ( handle->drainCounter == 0 ) { - handle->drainCounter = 2; - pthread_cond_wait( &handle->condition, &stream_.mutex ); // block until signaled - } - - result = AudioDeviceStop( handle->id[0], callbackHandler ); - if ( result != noErr ) { - errorStream_ << "RtApiCore::stopStream: system error (" << getErrorCode( result ) << ") stopping callback procedure on device (" << stream_.device[0] << ")."; - errorText_ = errorStream_.str(); - goto unlock; - } - } - - if ( stream_.mode == INPUT || ( stream_.mode == DUPLEX && stream_.device[0] != stream_.device[1] ) ) { - - result = AudioDeviceStop( handle->id[1], callbackHandler ); - if ( result != noErr ) { - errorStream_ << "RtApiCore::stopStream: system error (" << getErrorCode( result ) << ") stopping input callback procedure on device (" << stream_.device[1] << ")."; - errorText_ = errorStream_.str(); - goto unlock; - } - } - - stream_.state = STREAM_STOPPED; - - unlock: - if ( result == noErr ) return; - error( RtAudioError::SYSTEM_ERROR ); -} - -void RtApiCore :: abortStream( void ) -{ - verifyStream(); - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiCore::abortStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - CoreHandle *handle = (CoreHandle *) stream_.apiHandle; - handle->drainCounter = 2; - - stopStream(); -} - -// This function will be called by a spawned thread when the user -// callback function signals that the stream should be stopped or -// aborted. It is better to handle it this way because the -// callbackEvent() function probably should return before the AudioDeviceStop() -// function is called. -static void *coreStopStream( void *ptr ) -{ - CallbackInfo *info = (CallbackInfo *) ptr; - RtApiCore *object = (RtApiCore *) info->object; - - object->stopStream(); - pthread_exit( NULL ); -} - -bool RtApiCore :: callbackEvent( AudioDeviceID deviceId, - const AudioBufferList *inBufferList, - const AudioBufferList *outBufferList ) -{ - if ( stream_.state == STREAM_STOPPED || stream_.state == STREAM_STOPPING ) return SUCCESS; - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiCore::callbackEvent(): the stream is closed ... this shouldn't happen!"; - error( RtAudioError::WARNING ); - return FAILURE; - } - - CallbackInfo *info = (CallbackInfo *) &stream_.callbackInfo; - CoreHandle *handle = (CoreHandle *) stream_.apiHandle; - - // Check if we were draining the stream and signal is finished. - if ( handle->drainCounter > 3 ) { - ThreadHandle threadId; - - stream_.state = STREAM_STOPPING; - if ( handle->internalDrain == true ) - pthread_create( &threadId, NULL, coreStopStream, info ); - else // external call to stopStream() - pthread_cond_signal( &handle->condition ); - return SUCCESS; - } - - AudioDeviceID outputDevice = handle->id[0]; - - // Invoke user callback to get fresh output data UNLESS we are - // draining stream or duplex mode AND the input/output devices are - // different AND this function is called for the input device. - if ( handle->drainCounter == 0 && ( stream_.mode != DUPLEX || deviceId == outputDevice ) ) { - RtAudioCallback callback = (RtAudioCallback) info->callback; - double streamTime = getStreamTime(); - RtAudioStreamStatus status = 0; - if ( stream_.mode != INPUT && handle->xrun[0] == true ) { - status |= RTAUDIO_OUTPUT_UNDERFLOW; - handle->xrun[0] = false; - } - if ( stream_.mode != OUTPUT && handle->xrun[1] == true ) { - status |= RTAUDIO_INPUT_OVERFLOW; - handle->xrun[1] = false; - } - - int cbReturnValue = callback( stream_.userBuffer[0], stream_.userBuffer[1], - stream_.bufferSize, streamTime, status, info->userData ); - if ( cbReturnValue == 2 ) { - stream_.state = STREAM_STOPPING; - handle->drainCounter = 2; - abortStream(); - return SUCCESS; - } - else if ( cbReturnValue == 1 ) { - handle->drainCounter = 1; - handle->internalDrain = true; - } - } - - if ( stream_.mode == OUTPUT || ( stream_.mode == DUPLEX && deviceId == outputDevice ) ) { - - if ( handle->drainCounter > 1 ) { // write zeros to the output stream - - if ( handle->nStreams[0] == 1 ) { - memset( outBufferList->mBuffers[handle->iStream[0]].mData, - 0, - outBufferList->mBuffers[handle->iStream[0]].mDataByteSize ); - } - else { // fill multiple streams with zeros - for ( unsigned int i=0; i<handle->nStreams[0]; i++ ) { - memset( outBufferList->mBuffers[handle->iStream[0]+i].mData, - 0, - outBufferList->mBuffers[handle->iStream[0]+i].mDataByteSize ); - } - } - } - else if ( handle->nStreams[0] == 1 ) { - if ( stream_.doConvertBuffer[0] ) { // convert directly to CoreAudio stream buffer - convertBuffer( (char *) outBufferList->mBuffers[handle->iStream[0]].mData, - stream_.userBuffer[0], stream_.convertInfo[0] ); - } - else { // copy from user buffer - memcpy( outBufferList->mBuffers[handle->iStream[0]].mData, - stream_.userBuffer[0], - outBufferList->mBuffers[handle->iStream[0]].mDataByteSize ); - } - } - else { // fill multiple streams - Float32 *inBuffer = (Float32 *) stream_.userBuffer[0]; - if ( stream_.doConvertBuffer[0] ) { - convertBuffer( stream_.deviceBuffer, stream_.userBuffer[0], stream_.convertInfo[0] ); - inBuffer = (Float32 *) stream_.deviceBuffer; - } - - if ( stream_.deviceInterleaved[0] == false ) { // mono mode - UInt32 bufferBytes = outBufferList->mBuffers[handle->iStream[0]].mDataByteSize; - for ( unsigned int i=0; i<stream_.nUserChannels[0]; i++ ) { - memcpy( outBufferList->mBuffers[handle->iStream[0]+i].mData, - (void *)&inBuffer[i*stream_.bufferSize], bufferBytes ); - } - } - else { // fill multiple multi-channel streams with interleaved data - UInt32 streamChannels, channelsLeft, inJump, outJump, inOffset; - Float32 *out, *in; - - bool inInterleaved = ( stream_.userInterleaved ) ? true : false; - UInt32 inChannels = stream_.nUserChannels[0]; - if ( stream_.doConvertBuffer[0] ) { - inInterleaved = true; // device buffer will always be interleaved for nStreams > 1 and not mono mode - inChannels = stream_.nDeviceChannels[0]; - } - - if ( inInterleaved ) inOffset = 1; - else inOffset = stream_.bufferSize; - - channelsLeft = inChannels; - for ( unsigned int i=0; i<handle->nStreams[0]; i++ ) { - in = inBuffer; - out = (Float32 *) outBufferList->mBuffers[handle->iStream[0]+i].mData; - streamChannels = outBufferList->mBuffers[handle->iStream[0]+i].mNumberChannels; - - outJump = 0; - // Account for possible channel offset in first stream - if ( i == 0 && stream_.channelOffset[0] > 0 ) { - streamChannels -= stream_.channelOffset[0]; - outJump = stream_.channelOffset[0]; - out += outJump; - } - - // Account for possible unfilled channels at end of the last stream - if ( streamChannels > channelsLeft ) { - outJump = streamChannels - channelsLeft; - streamChannels = channelsLeft; - } - - // Determine input buffer offsets and skips - if ( inInterleaved ) { - inJump = inChannels; - in += inChannels - channelsLeft; - } - else { - inJump = 1; - in += (inChannels - channelsLeft) * inOffset; - } - - for ( unsigned int i=0; i<stream_.bufferSize; i++ ) { - for ( unsigned int j=0; j<streamChannels; j++ ) { - *out++ = in[j*inOffset]; - } - out += outJump; - in += inJump; - } - channelsLeft -= streamChannels; - } - } - } - } - - // Don't bother draining input - if ( handle->drainCounter ) { - handle->drainCounter++; - goto unlock; - } - - AudioDeviceID inputDevice; - inputDevice = handle->id[1]; - if ( stream_.mode == INPUT || ( stream_.mode == DUPLEX && deviceId == inputDevice ) ) { - - if ( handle->nStreams[1] == 1 ) { - if ( stream_.doConvertBuffer[1] ) { // convert directly from CoreAudio stream buffer - convertBuffer( stream_.userBuffer[1], - (char *) inBufferList->mBuffers[handle->iStream[1]].mData, - stream_.convertInfo[1] ); - } - else { // copy to user buffer - memcpy( stream_.userBuffer[1], - inBufferList->mBuffers[handle->iStream[1]].mData, - inBufferList->mBuffers[handle->iStream[1]].mDataByteSize ); - } - } - else { // read from multiple streams - Float32 *outBuffer = (Float32 *) stream_.userBuffer[1]; - if ( stream_.doConvertBuffer[1] ) outBuffer = (Float32 *) stream_.deviceBuffer; - - if ( stream_.deviceInterleaved[1] == false ) { // mono mode - UInt32 bufferBytes = inBufferList->mBuffers[handle->iStream[1]].mDataByteSize; - for ( unsigned int i=0; i<stream_.nUserChannels[1]; i++ ) { - memcpy( (void *)&outBuffer[i*stream_.bufferSize], - inBufferList->mBuffers[handle->iStream[1]+i].mData, bufferBytes ); - } - } - else { // read from multiple multi-channel streams - UInt32 streamChannels, channelsLeft, inJump, outJump, outOffset; - Float32 *out, *in; - - bool outInterleaved = ( stream_.userInterleaved ) ? true : false; - UInt32 outChannels = stream_.nUserChannels[1]; - if ( stream_.doConvertBuffer[1] ) { - outInterleaved = true; // device buffer will always be interleaved for nStreams > 1 and not mono mode - outChannels = stream_.nDeviceChannels[1]; - } - - if ( outInterleaved ) outOffset = 1; - else outOffset = stream_.bufferSize; - - channelsLeft = outChannels; - for ( unsigned int i=0; i<handle->nStreams[1]; i++ ) { - out = outBuffer; - in = (Float32 *) inBufferList->mBuffers[handle->iStream[1]+i].mData; - streamChannels = inBufferList->mBuffers[handle->iStream[1]+i].mNumberChannels; - - inJump = 0; - // Account for possible channel offset in first stream - if ( i == 0 && stream_.channelOffset[1] > 0 ) { - streamChannels -= stream_.channelOffset[1]; - inJump = stream_.channelOffset[1]; - in += inJump; - } - - // Account for possible unread channels at end of the last stream - if ( streamChannels > channelsLeft ) { - inJump = streamChannels - channelsLeft; - streamChannels = channelsLeft; - } - - // Determine output buffer offsets and skips - if ( outInterleaved ) { - outJump = outChannels; - out += outChannels - channelsLeft; - } - else { - outJump = 1; - out += (outChannels - channelsLeft) * outOffset; - } - - for ( unsigned int i=0; i<stream_.bufferSize; i++ ) { - for ( unsigned int j=0; j<streamChannels; j++ ) { - out[j*outOffset] = *in++; - } - out += outJump; - in += inJump; - } - channelsLeft -= streamChannels; - } - } - - if ( stream_.doConvertBuffer[1] ) { // convert from our internal "device" buffer - convertBuffer( stream_.userBuffer[1], - stream_.deviceBuffer, - stream_.convertInfo[1] ); - } - } - } - - unlock: - //MUTEX_UNLOCK( &stream_.mutex ); - - RtApi::tickStreamTime(); - return SUCCESS; -} - -const char* RtApiCore :: getErrorCode( OSStatus code ) -{ - switch( code ) { - - case kAudioHardwareNotRunningError: - return "kAudioHardwareNotRunningError"; - - case kAudioHardwareUnspecifiedError: - return "kAudioHardwareUnspecifiedError"; - - case kAudioHardwareUnknownPropertyError: - return "kAudioHardwareUnknownPropertyError"; - - case kAudioHardwareBadPropertySizeError: - return "kAudioHardwareBadPropertySizeError"; - - case kAudioHardwareIllegalOperationError: - return "kAudioHardwareIllegalOperationError"; - - case kAudioHardwareBadObjectError: - return "kAudioHardwareBadObjectError"; - - case kAudioHardwareBadDeviceError: - return "kAudioHardwareBadDeviceError"; - - case kAudioHardwareBadStreamError: - return "kAudioHardwareBadStreamError"; - - case kAudioHardwareUnsupportedOperationError: - return "kAudioHardwareUnsupportedOperationError"; - - case kAudioDeviceUnsupportedFormatError: - return "kAudioDeviceUnsupportedFormatError"; - - case kAudioDevicePermissionsError: - return "kAudioDevicePermissionsError"; - - default: - return "CoreAudio unknown error"; - } -} - - //******************** End of __MACOSX_CORE__ *********************// -#endif - -#if defined(__UNIX_JACK__) - -// JACK is a low-latency audio server, originally written for the -// GNU/Linux operating system and now also ported to OS-X. It can -// connect a number of different applications to an audio device, as -// well as allowing them to share audio between themselves. -// -// When using JACK with RtAudio, "devices" refer to JACK clients that -// have ports connected to the server. The JACK server is typically -// started in a terminal as follows: -// -// .jackd -d alsa -d hw:0 -// -// or through an interface program such as qjackctl. Many of the -// parameters normally set for a stream are fixed by the JACK server -// and can be specified when the JACK server is started. In -// particular, -// -// .jackd -d alsa -d hw:0 -r 44100 -p 512 -n 4 -// -// specifies a sample rate of 44100 Hz, a buffer size of 512 sample -// frames, and number of buffers = 4. Once the server is running, it -// is not possible to override these values. If the values are not -// specified in the command-line, the JACK server uses default values. -// -// The JACK server does not have to be running when an instance of -// RtApiJack is created, though the function getDeviceCount() will -// report 0 devices found until JACK has been started. When no -// devices are available (i.e., the JACK server is not running), a -// stream cannot be opened. - -#include <jack/jack.h> -#include <unistd.h> -#include <cstdio> - -// A structure to hold various information related to the Jack API -// implementation. -struct JackHandle { - jack_client_t *client; - jack_port_t **ports[2]; - std::string deviceName[2]; - bool xrun[2]; - pthread_cond_t condition; - int drainCounter; // Tracks callback counts when draining - bool internalDrain; // Indicates if stop is initiated from callback or not. - - JackHandle() - :client(0), drainCounter(0), internalDrain(false) { ports[0] = 0; ports[1] = 0; xrun[0] = false; xrun[1] = false; } -}; - -static void jackSilentError( const char * ) {}; - -RtApiJack :: RtApiJack() -{ - // Nothing to do here. -#if !defined(__RTAUDIO_DEBUG__) - // Turn off Jack's internal error reporting. - jack_set_error_function( &jackSilentError ); -#endif -} - -RtApiJack :: ~RtApiJack() -{ - if ( stream_.state != STREAM_CLOSED ) closeStream(); -} - -unsigned int RtApiJack :: getDeviceCount( void ) -{ - // See if we can become a jack client. - jack_options_t options = (jack_options_t) ( JackNoStartServer ); //JackNullOption; - jack_status_t *status = NULL; - jack_client_t *client = jack_client_open( "RtApiJackCount", options, status ); - if ( client == 0 ) return 0; - - const char **ports; - std::string port, previousPort; - unsigned int nChannels = 0, nDevices = 0; - ports = jack_get_ports( client, NULL, NULL, 0 ); - if ( ports ) { - // Parse the port names up to the first colon (:). - size_t iColon = 0; - do { - port = (char *) ports[ nChannels ]; - iColon = port.find(":"); - if ( iColon != std::string::npos ) { - port = port.substr( 0, iColon + 1 ); - if ( port != previousPort ) { - nDevices++; - previousPort = port; - } - } - } while ( ports[++nChannels] ); - free( ports ); - } - - jack_client_close( client ); - return nDevices; -} - -RtAudio::DeviceInfo RtApiJack :: getDeviceInfo( unsigned int device ) -{ - RtAudio::DeviceInfo info; - info.probed = false; - - jack_options_t options = (jack_options_t) ( JackNoStartServer ); //JackNullOption - jack_status_t *status = NULL; - jack_client_t *client = jack_client_open( "RtApiJackInfo", options, status ); - if ( client == 0 ) { - errorText_ = "RtApiJack::getDeviceInfo: Jack server not found or connection error!"; - error( RtAudioError::WARNING ); - return info; - } - - const char **ports; - std::string port, previousPort; - unsigned int nPorts = 0, nDevices = 0; - ports = jack_get_ports( client, NULL, NULL, 0 ); - if ( ports ) { - // Parse the port names up to the first colon (:). - size_t iColon = 0; - do { - port = (char *) ports[ nPorts ]; - iColon = port.find(":"); - if ( iColon != std::string::npos ) { - port = port.substr( 0, iColon ); - if ( port != previousPort ) { - if ( nDevices == device ) info.name = port; - nDevices++; - previousPort = port; - } - } - } while ( ports[++nPorts] ); - free( ports ); - } - - if ( device >= nDevices ) { - jack_client_close( client ); - errorText_ = "RtApiJack::getDeviceInfo: device ID is invalid!"; - error( RtAudioError::INVALID_USE ); - return info; - } - - // Get the current jack server sample rate. - info.sampleRates.clear(); - - info.preferredSampleRate = jack_get_sample_rate( client ); - info.sampleRates.push_back( info.preferredSampleRate ); - - // Count the available ports containing the client name as device - // channels. Jack "input ports" equal RtAudio output channels. - unsigned int nChannels = 0; - ports = jack_get_ports( client, info.name.c_str(), NULL, JackPortIsInput ); - if ( ports ) { - while ( ports[ nChannels ] ) nChannels++; - free( ports ); - info.outputChannels = nChannels; - } - - // Jack "output ports" equal RtAudio input channels. - nChannels = 0; - ports = jack_get_ports( client, info.name.c_str(), NULL, JackPortIsOutput ); - if ( ports ) { - while ( ports[ nChannels ] ) nChannels++; - free( ports ); - info.inputChannels = nChannels; - } - - if ( info.outputChannels == 0 && info.inputChannels == 0 ) { - jack_client_close(client); - errorText_ = "RtApiJack::getDeviceInfo: error determining Jack input/output channels!"; - error( RtAudioError::WARNING ); - return info; - } - - // If device opens for both playback and capture, we determine the channels. - if ( info.outputChannels > 0 && info.inputChannels > 0 ) - info.duplexChannels = (info.outputChannels > info.inputChannels) ? info.inputChannels : info.outputChannels; - - // Jack always uses 32-bit floats. - info.nativeFormats = RTAUDIO_FLOAT32; - - // Jack doesn't provide default devices so we'll use the first available one. - if ( device == 0 && info.outputChannels > 0 ) - info.isDefaultOutput = true; - if ( device == 0 && info.inputChannels > 0 ) - info.isDefaultInput = true; - - jack_client_close(client); - info.probed = true; - return info; -} - -static int jackCallbackHandler( jack_nframes_t nframes, void *infoPointer ) -{ - CallbackInfo *info = (CallbackInfo *) infoPointer; - - RtApiJack *object = (RtApiJack *) info->object; - if ( object->callbackEvent( (unsigned long) nframes ) == false ) return 1; - - return 0; -} - -// This function will be called by a spawned thread when the Jack -// server signals that it is shutting down. It is necessary to handle -// it this way because the jackShutdown() function must return before -// the jack_deactivate() function (in closeStream()) will return. -static void *jackCloseStream( void *ptr ) -{ - CallbackInfo *info = (CallbackInfo *) ptr; - RtApiJack *object = (RtApiJack *) info->object; - - object->closeStream(); - - pthread_exit( NULL ); -} -static void jackShutdown( void *infoPointer ) -{ - CallbackInfo *info = (CallbackInfo *) infoPointer; - RtApiJack *object = (RtApiJack *) info->object; - - // Check current stream state. If stopped, then we'll assume this - // was called as a result of a call to RtApiJack::stopStream (the - // deactivation of a client handle causes this function to be called). - // If not, we'll assume the Jack server is shutting down or some - // other problem occurred and we should close the stream. - if ( object->isStreamRunning() == false ) return; - - ThreadHandle threadId; - pthread_create( &threadId, NULL, jackCloseStream, info ); - std::cerr << "\nRtApiJack: the Jack server is shutting down this client ... stream stopped and closed!!\n" << std::endl; -} - -static int jackXrun( void *infoPointer ) -{ - JackHandle *handle = (JackHandle *) infoPointer; - - if ( handle->ports[0] ) handle->xrun[0] = true; - if ( handle->ports[1] ) handle->xrun[1] = true; - - return 0; -} - -bool RtApiJack :: probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ) -{ - JackHandle *handle = (JackHandle *) stream_.apiHandle; - - // Look for jack server and try to become a client (only do once per stream). - jack_client_t *client = 0; - if ( mode == OUTPUT || ( mode == INPUT && stream_.mode != OUTPUT ) ) { - jack_options_t jackoptions = (jack_options_t) ( JackNoStartServer ); //JackNullOption; - jack_status_t *status = NULL; - if ( options && !options->streamName.empty() ) - client = jack_client_open( options->streamName.c_str(), jackoptions, status ); - else - client = jack_client_open( "RtApiJack", jackoptions, status ); - if ( client == 0 ) { - errorText_ = "RtApiJack::probeDeviceOpen: Jack server not found or connection error!"; - error( RtAudioError::WARNING ); - return FAILURE; - } - } - else { - // The handle must have been created on an earlier pass. - client = handle->client; - } - - const char **ports; - std::string port, previousPort, deviceName; - unsigned int nPorts = 0, nDevices = 0; - ports = jack_get_ports( client, NULL, NULL, 0 ); - if ( ports ) { - // Parse the port names up to the first colon (:). - size_t iColon = 0; - do { - port = (char *) ports[ nPorts ]; - iColon = port.find(":"); - if ( iColon != std::string::npos ) { - port = port.substr( 0, iColon ); - if ( port != previousPort ) { - if ( nDevices == device ) deviceName = port; - nDevices++; - previousPort = port; - } - } - } while ( ports[++nPorts] ); - free( ports ); - } - - if ( device >= nDevices ) { - errorText_ = "RtApiJack::probeDeviceOpen: device ID is invalid!"; - return FAILURE; - } - - // Count the available ports containing the client name as device - // channels. Jack "input ports" equal RtAudio output channels. - unsigned int nChannels = 0; - unsigned long flag = JackPortIsInput; - if ( mode == INPUT ) flag = JackPortIsOutput; - ports = jack_get_ports( client, deviceName.c_str(), NULL, flag ); - if ( ports ) { - while ( ports[ nChannels ] ) nChannels++; - free( ports ); - } - - // Compare the jack ports for specified client to the requested number of channels. - if ( nChannels < (channels + firstChannel) ) { - errorStream_ << "RtApiJack::probeDeviceOpen: requested number of channels (" << channels << ") + offset (" << firstChannel << ") not found for specified device (" << device << ":" << deviceName << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Check the jack server sample rate. - unsigned int jackRate = jack_get_sample_rate( client ); - if ( sampleRate != jackRate ) { - jack_client_close( client ); - errorStream_ << "RtApiJack::probeDeviceOpen: the requested sample rate (" << sampleRate << ") is different than the JACK server rate (" << jackRate << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - stream_.sampleRate = jackRate; - - // Get the latency of the JACK port. - ports = jack_get_ports( client, deviceName.c_str(), NULL, flag ); - if ( ports[ firstChannel ] ) { - // Added by Ge Wang - jack_latency_callback_mode_t cbmode = (mode == INPUT ? JackCaptureLatency : JackPlaybackLatency); - // the range (usually the min and max are equal) - jack_latency_range_t latrange; latrange.min = latrange.max = 0; - // get the latency range - jack_port_get_latency_range( jack_port_by_name( client, ports[firstChannel] ), cbmode, &latrange ); - // be optimistic, use the min! - stream_.latency[mode] = latrange.min; - //stream_.latency[mode] = jack_port_get_latency( jack_port_by_name( client, ports[ firstChannel ] ) ); - } - free( ports ); - - // The jack server always uses 32-bit floating-point data. - stream_.deviceFormat[mode] = RTAUDIO_FLOAT32; - stream_.userFormat = format; - - if ( options && options->flags & RTAUDIO_NONINTERLEAVED ) stream_.userInterleaved = false; - else stream_.userInterleaved = true; - - // Jack always uses non-interleaved buffers. - stream_.deviceInterleaved[mode] = false; - - // Jack always provides host byte-ordered data. - stream_.doByteSwap[mode] = false; - - // Get the buffer size. The buffer size and number of buffers - // (periods) is set when the jack server is started. - stream_.bufferSize = (int) jack_get_buffer_size( client ); - *bufferSize = stream_.bufferSize; - - stream_.nDeviceChannels[mode] = channels; - stream_.nUserChannels[mode] = channels; - - // Set flags for buffer conversion. - stream_.doConvertBuffer[mode] = false; - if ( stream_.userFormat != stream_.deviceFormat[mode] ) - stream_.doConvertBuffer[mode] = true; - if ( stream_.userInterleaved != stream_.deviceInterleaved[mode] && - stream_.nUserChannels[mode] > 1 ) - stream_.doConvertBuffer[mode] = true; - - // Allocate our JackHandle structure for the stream. - if ( handle == 0 ) { - try { - handle = new JackHandle; - } - catch ( std::bad_alloc& ) { - errorText_ = "RtApiJack::probeDeviceOpen: error allocating JackHandle memory."; - goto error; - } - - if ( pthread_cond_init(&handle->condition, NULL) ) { - errorText_ = "RtApiJack::probeDeviceOpen: error initializing pthread condition variable."; - goto error; - } - stream_.apiHandle = (void *) handle; - handle->client = client; - } - handle->deviceName[mode] = deviceName; - - // Allocate necessary internal buffers. - unsigned long bufferBytes; - bufferBytes = stream_.nUserChannels[mode] * *bufferSize * formatBytes( stream_.userFormat ); - stream_.userBuffer[mode] = (char *) calloc( bufferBytes, 1 ); - if ( stream_.userBuffer[mode] == NULL ) { - errorText_ = "RtApiJack::probeDeviceOpen: error allocating user buffer memory."; - goto error; - } - - if ( stream_.doConvertBuffer[mode] ) { - - bool makeBuffer = true; - if ( mode == OUTPUT ) - bufferBytes = stream_.nDeviceChannels[0] * formatBytes( stream_.deviceFormat[0] ); - else { // mode == INPUT - bufferBytes = stream_.nDeviceChannels[1] * formatBytes( stream_.deviceFormat[1] ); - if ( stream_.mode == OUTPUT && stream_.deviceBuffer ) { - unsigned long bytesOut = stream_.nDeviceChannels[0] * formatBytes(stream_.deviceFormat[0]); - if ( bufferBytes < bytesOut ) makeBuffer = false; - } - } - - if ( makeBuffer ) { - bufferBytes *= *bufferSize; - if ( stream_.deviceBuffer ) free( stream_.deviceBuffer ); - stream_.deviceBuffer = (char *) calloc( bufferBytes, 1 ); - if ( stream_.deviceBuffer == NULL ) { - errorText_ = "RtApiJack::probeDeviceOpen: error allocating device buffer memory."; - goto error; - } - } - } - - // Allocate memory for the Jack ports (channels) identifiers. - handle->ports[mode] = (jack_port_t **) malloc ( sizeof (jack_port_t *) * channels ); - if ( handle->ports[mode] == NULL ) { - errorText_ = "RtApiJack::probeDeviceOpen: error allocating port memory."; - goto error; - } - - stream_.device[mode] = device; - stream_.channelOffset[mode] = firstChannel; - stream_.state = STREAM_STOPPED; - stream_.callbackInfo.object = (void *) this; - - if ( stream_.mode == OUTPUT && mode == INPUT ) - // We had already set up the stream for output. - stream_.mode = DUPLEX; - else { - stream_.mode = mode; - jack_set_process_callback( handle->client, jackCallbackHandler, (void *) &stream_.callbackInfo ); - jack_set_xrun_callback( handle->client, jackXrun, (void *) &handle ); - jack_on_shutdown( handle->client, jackShutdown, (void *) &stream_.callbackInfo ); - } - - // Register our ports. - char label[64]; - if ( mode == OUTPUT ) { - for ( unsigned int i=0; i<stream_.nUserChannels[0]; i++ ) { - snprintf( label, 64, "outport %d", i ); - handle->ports[0][i] = jack_port_register( handle->client, (const char *)label, - JACK_DEFAULT_AUDIO_TYPE, JackPortIsOutput, 0 ); - } - } - else { - for ( unsigned int i=0; i<stream_.nUserChannels[1]; i++ ) { - snprintf( label, 64, "inport %d", i ); - handle->ports[1][i] = jack_port_register( handle->client, (const char *)label, - JACK_DEFAULT_AUDIO_TYPE, JackPortIsInput, 0 ); - } - } - - // Setup the buffer conversion information structure. We don't use - // buffers to do channel offsets, so we override that parameter - // here. - if ( stream_.doConvertBuffer[mode] ) setConvertInfo( mode, 0 ); - - return SUCCESS; - - error: - if ( handle ) { - pthread_cond_destroy( &handle->condition ); - jack_client_close( handle->client ); - - if ( handle->ports[0] ) free( handle->ports[0] ); - if ( handle->ports[1] ) free( handle->ports[1] ); - - delete handle; - stream_.apiHandle = 0; - } - - for ( int i=0; i<2; i++ ) { - if ( stream_.userBuffer[i] ) { - free( stream_.userBuffer[i] ); - stream_.userBuffer[i] = 0; - } - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - - return FAILURE; -} - -void RtApiJack :: closeStream( void ) -{ - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiJack::closeStream(): no open stream to close!"; - error( RtAudioError::WARNING ); - return; - } - - JackHandle *handle = (JackHandle *) stream_.apiHandle; - if ( handle ) { - - if ( stream_.state == STREAM_RUNNING ) - jack_deactivate( handle->client ); - - jack_client_close( handle->client ); - } - - if ( handle ) { - if ( handle->ports[0] ) free( handle->ports[0] ); - if ( handle->ports[1] ) free( handle->ports[1] ); - pthread_cond_destroy( &handle->condition ); - delete handle; - stream_.apiHandle = 0; - } - - for ( int i=0; i<2; i++ ) { - if ( stream_.userBuffer[i] ) { - free( stream_.userBuffer[i] ); - stream_.userBuffer[i] = 0; - } - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - - stream_.mode = UNINITIALIZED; - stream_.state = STREAM_CLOSED; -} - -void RtApiJack :: startStream( void ) -{ - verifyStream(); - if ( stream_.state == STREAM_RUNNING ) { - errorText_ = "RtApiJack::startStream(): the stream is already running!"; - error( RtAudioError::WARNING ); - return; - } - - JackHandle *handle = (JackHandle *) stream_.apiHandle; - int result = jack_activate( handle->client ); - if ( result ) { - errorText_ = "RtApiJack::startStream(): unable to activate JACK client!"; - goto unlock; - } - - const char **ports; - - // Get the list of available ports. - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - result = 1; - ports = jack_get_ports( handle->client, handle->deviceName[0].c_str(), NULL, JackPortIsInput); - if ( ports == NULL) { - errorText_ = "RtApiJack::startStream(): error determining available JACK input ports!"; - goto unlock; - } - - // Now make the port connections. Since RtAudio wasn't designed to - // allow the user to select particular channels of a device, we'll - // just open the first "nChannels" ports with offset. - for ( unsigned int i=0; i<stream_.nUserChannels[0]; i++ ) { - result = 1; - if ( ports[ stream_.channelOffset[0] + i ] ) - result = jack_connect( handle->client, jack_port_name( handle->ports[0][i] ), ports[ stream_.channelOffset[0] + i ] ); - if ( result ) { - free( ports ); - errorText_ = "RtApiJack::startStream(): error connecting output ports!"; - goto unlock; - } - } - free(ports); - } - - if ( stream_.mode == INPUT || stream_.mode == DUPLEX ) { - result = 1; - ports = jack_get_ports( handle->client, handle->deviceName[1].c_str(), NULL, JackPortIsOutput ); - if ( ports == NULL) { - errorText_ = "RtApiJack::startStream(): error determining available JACK output ports!"; - goto unlock; - } - - // Now make the port connections. See note above. - for ( unsigned int i=0; i<stream_.nUserChannels[1]; i++ ) { - result = 1; - if ( ports[ stream_.channelOffset[1] + i ] ) - result = jack_connect( handle->client, ports[ stream_.channelOffset[1] + i ], jack_port_name( handle->ports[1][i] ) ); - if ( result ) { - free( ports ); - errorText_ = "RtApiJack::startStream(): error connecting input ports!"; - goto unlock; - } - } - free(ports); - } - - handle->drainCounter = 0; - handle->internalDrain = false; - stream_.state = STREAM_RUNNING; - - unlock: - if ( result == 0 ) return; - error( RtAudioError::SYSTEM_ERROR ); -} - -void RtApiJack :: stopStream( void ) -{ - verifyStream(); - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiJack::stopStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - JackHandle *handle = (JackHandle *) stream_.apiHandle; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - - if ( handle->drainCounter == 0 ) { - handle->drainCounter = 2; - pthread_cond_wait( &handle->condition, &stream_.mutex ); // block until signaled - } - } - - jack_deactivate( handle->client ); - stream_.state = STREAM_STOPPED; -} - -void RtApiJack :: abortStream( void ) -{ - verifyStream(); - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiJack::abortStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - JackHandle *handle = (JackHandle *) stream_.apiHandle; - handle->drainCounter = 2; - - stopStream(); -} - -// This function will be called by a spawned thread when the user -// callback function signals that the stream should be stopped or -// aborted. It is necessary to handle it this way because the -// callbackEvent() function must return before the jack_deactivate() -// function will return. -static void *jackStopStream( void *ptr ) -{ - CallbackInfo *info = (CallbackInfo *) ptr; - RtApiJack *object = (RtApiJack *) info->object; - - object->stopStream(); - pthread_exit( NULL ); -} - -bool RtApiJack :: callbackEvent( unsigned long nframes ) -{ - if ( stream_.state == STREAM_STOPPED || stream_.state == STREAM_STOPPING ) return SUCCESS; - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiCore::callbackEvent(): the stream is closed ... this shouldn't happen!"; - error( RtAudioError::WARNING ); - return FAILURE; - } - if ( stream_.bufferSize != nframes ) { - errorText_ = "RtApiCore::callbackEvent(): the JACK buffer size has changed ... cannot process!"; - error( RtAudioError::WARNING ); - return FAILURE; - } - - CallbackInfo *info = (CallbackInfo *) &stream_.callbackInfo; - JackHandle *handle = (JackHandle *) stream_.apiHandle; - - // Check if we were draining the stream and signal is finished. - if ( handle->drainCounter > 3 ) { - ThreadHandle threadId; - - stream_.state = STREAM_STOPPING; - if ( handle->internalDrain == true ) - pthread_create( &threadId, NULL, jackStopStream, info ); - else - pthread_cond_signal( &handle->condition ); - return SUCCESS; - } - - // Invoke user callback first, to get fresh output data. - if ( handle->drainCounter == 0 ) { - RtAudioCallback callback = (RtAudioCallback) info->callback; - double streamTime = getStreamTime(); - RtAudioStreamStatus status = 0; - if ( stream_.mode != INPUT && handle->xrun[0] == true ) { - status |= RTAUDIO_OUTPUT_UNDERFLOW; - handle->xrun[0] = false; - } - if ( stream_.mode != OUTPUT && handle->xrun[1] == true ) { - status |= RTAUDIO_INPUT_OVERFLOW; - handle->xrun[1] = false; - } - int cbReturnValue = callback( stream_.userBuffer[0], stream_.userBuffer[1], - stream_.bufferSize, streamTime, status, info->userData ); - if ( cbReturnValue == 2 ) { - stream_.state = STREAM_STOPPING; - handle->drainCounter = 2; - ThreadHandle id; - pthread_create( &id, NULL, jackStopStream, info ); - return SUCCESS; - } - else if ( cbReturnValue == 1 ) { - handle->drainCounter = 1; - handle->internalDrain = true; - } - } - - jack_default_audio_sample_t *jackbuffer; - unsigned long bufferBytes = nframes * sizeof( jack_default_audio_sample_t ); - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - - if ( handle->drainCounter > 1 ) { // write zeros to the output stream - - for ( unsigned int i=0; i<stream_.nDeviceChannels[0]; i++ ) { - jackbuffer = (jack_default_audio_sample_t *) jack_port_get_buffer( handle->ports[0][i], (jack_nframes_t) nframes ); - memset( jackbuffer, 0, bufferBytes ); - } - - } - else if ( stream_.doConvertBuffer[0] ) { - - convertBuffer( stream_.deviceBuffer, stream_.userBuffer[0], stream_.convertInfo[0] ); - - for ( unsigned int i=0; i<stream_.nDeviceChannels[0]; i++ ) { - jackbuffer = (jack_default_audio_sample_t *) jack_port_get_buffer( handle->ports[0][i], (jack_nframes_t) nframes ); - memcpy( jackbuffer, &stream_.deviceBuffer[i*bufferBytes], bufferBytes ); - } - } - else { // no buffer conversion - for ( unsigned int i=0; i<stream_.nUserChannels[0]; i++ ) { - jackbuffer = (jack_default_audio_sample_t *) jack_port_get_buffer( handle->ports[0][i], (jack_nframes_t) nframes ); - memcpy( jackbuffer, &stream_.userBuffer[0][i*bufferBytes], bufferBytes ); - } - } - } - - // Don't bother draining input - if ( handle->drainCounter ) { - handle->drainCounter++; - goto unlock; - } - - if ( stream_.mode == INPUT || stream_.mode == DUPLEX ) { - - if ( stream_.doConvertBuffer[1] ) { - for ( unsigned int i=0; i<stream_.nDeviceChannels[1]; i++ ) { - jackbuffer = (jack_default_audio_sample_t *) jack_port_get_buffer( handle->ports[1][i], (jack_nframes_t) nframes ); - memcpy( &stream_.deviceBuffer[i*bufferBytes], jackbuffer, bufferBytes ); - } - convertBuffer( stream_.userBuffer[1], stream_.deviceBuffer, stream_.convertInfo[1] ); - } - else { // no buffer conversion - for ( unsigned int i=0; i<stream_.nUserChannels[1]; i++ ) { - jackbuffer = (jack_default_audio_sample_t *) jack_port_get_buffer( handle->ports[1][i], (jack_nframes_t) nframes ); - memcpy( &stream_.userBuffer[1][i*bufferBytes], jackbuffer, bufferBytes ); - } - } - } - - unlock: - RtApi::tickStreamTime(); - return SUCCESS; -} - //******************** End of __UNIX_JACK__ *********************// -#endif - -#if defined(__WINDOWS_ASIO__) // ASIO API on Windows - -// The ASIO API is designed around a callback scheme, so this -// implementation is similar to that used for OS-X CoreAudio and Linux -// Jack. The primary constraint with ASIO is that it only allows -// access to a single driver at a time. Thus, it is not possible to -// have more than one simultaneous RtAudio stream. -// -// This implementation also requires a number of external ASIO files -// and a few global variables. The ASIO callback scheme does not -// allow for the passing of user data, so we must create a global -// pointer to our callbackInfo structure. -// -// On unix systems, we make use of a pthread condition variable. -// Since there is no equivalent in Windows, I hacked something based -// on information found in -// http://www.cs.wustl.edu/~schmidt/win32-cv-1.html. - -#include "asiosys.h" -#include "asio.h" -#include "iasiothiscallresolver.h" -#include "asiodrivers.h" -#include <cmath> - -static AsioDrivers drivers; -static ASIOCallbacks asioCallbacks; -static ASIODriverInfo driverInfo; -static CallbackInfo *asioCallbackInfo; -static bool asioXRun; - -struct AsioHandle { - int drainCounter; // Tracks callback counts when draining - bool internalDrain; // Indicates if stop is initiated from callback or not. - ASIOBufferInfo *bufferInfos; - HANDLE condition; - - AsioHandle() - :drainCounter(0), internalDrain(false), bufferInfos(0) {} -}; - -// Function declarations (definitions at end of section) -static const char* getAsioErrorString( ASIOError result ); -static void sampleRateChanged( ASIOSampleRate sRate ); -static long asioMessages( long selector, long value, void* message, double* opt ); - -RtApiAsio :: RtApiAsio() -{ - // ASIO cannot run on a multi-threaded appartment. You can call - // CoInitialize beforehand, but it must be for appartment threading - // (in which case, CoInitilialize will return S_FALSE here). - coInitialized_ = false; - HRESULT hr = CoInitialize( NULL ); - if ( FAILED(hr) ) { - errorText_ = "RtApiAsio::ASIO requires a single-threaded appartment. Call CoInitializeEx(0,COINIT_APARTMENTTHREADED)"; - error( RtAudioError::WARNING ); - } - coInitialized_ = true; - - drivers.removeCurrentDriver(); - driverInfo.asioVersion = 2; - - // See note in DirectSound implementation about GetDesktopWindow(). - driverInfo.sysRef = GetForegroundWindow(); -} - -RtApiAsio :: ~RtApiAsio() -{ - if ( stream_.state != STREAM_CLOSED ) closeStream(); - if ( coInitialized_ ) CoUninitialize(); -} - -unsigned int RtApiAsio :: getDeviceCount( void ) -{ - return (unsigned int) drivers.asioGetNumDev(); -} - -RtAudio::DeviceInfo RtApiAsio :: getDeviceInfo( unsigned int device ) -{ - RtAudio::DeviceInfo info; - info.probed = false; - - // Get device ID - unsigned int nDevices = getDeviceCount(); - if ( nDevices == 0 ) { - errorText_ = "RtApiAsio::getDeviceInfo: no devices found!"; - error( RtAudioError::INVALID_USE ); - return info; - } - - if ( device >= nDevices ) { - errorText_ = "RtApiAsio::getDeviceInfo: device ID is invalid!"; - error( RtAudioError::INVALID_USE ); - return info; - } - - // If a stream is already open, we cannot probe other devices. Thus, use the saved results. - if ( stream_.state != STREAM_CLOSED ) { - if ( device >= devices_.size() ) { - errorText_ = "RtApiAsio::getDeviceInfo: device ID was not present before stream was opened."; - error( RtAudioError::WARNING ); - return info; - } - return devices_[ device ]; - } - - char driverName[32]; - ASIOError result = drivers.asioGetDriverName( (int) device, driverName, 32 ); - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::getDeviceInfo: unable to get driver name (" << getAsioErrorString( result ) << ")."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - info.name = driverName; - - if ( !drivers.loadDriver( driverName ) ) { - errorStream_ << "RtApiAsio::getDeviceInfo: unable to load driver (" << driverName << ")."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - result = ASIOInit( &driverInfo ); - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::getDeviceInfo: error (" << getAsioErrorString( result ) << ") initializing driver (" << driverName << ")."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // Determine the device channel information. - long inputChannels, outputChannels; - result = ASIOGetChannels( &inputChannels, &outputChannels ); - if ( result != ASE_OK ) { - drivers.removeCurrentDriver(); - errorStream_ << "RtApiAsio::getDeviceInfo: error (" << getAsioErrorString( result ) << ") getting channel count (" << driverName << ")."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - info.outputChannels = outputChannels; - info.inputChannels = inputChannels; - if ( info.outputChannels > 0 && info.inputChannels > 0 ) - info.duplexChannels = (info.outputChannels > info.inputChannels) ? info.inputChannels : info.outputChannels; - - // Determine the supported sample rates. - info.sampleRates.clear(); - for ( unsigned int i=0; i<MAX_SAMPLE_RATES; i++ ) { - result = ASIOCanSampleRate( (ASIOSampleRate) SAMPLE_RATES[i] ); - if ( result == ASE_OK ) { - info.sampleRates.push_back( SAMPLE_RATES[i] ); - - if ( !info.preferredSampleRate || ( SAMPLE_RATES[i] <= 48000 && SAMPLE_RATES[i] > info.preferredSampleRate ) ) - info.preferredSampleRate = SAMPLE_RATES[i]; - } - } - - // Determine supported data types ... just check first channel and assume rest are the same. - ASIOChannelInfo channelInfo; - channelInfo.channel = 0; - channelInfo.isInput = true; - if ( info.inputChannels <= 0 ) channelInfo.isInput = false; - result = ASIOGetChannelInfo( &channelInfo ); - if ( result != ASE_OK ) { - drivers.removeCurrentDriver(); - errorStream_ << "RtApiAsio::getDeviceInfo: error (" << getAsioErrorString( result ) << ") getting driver channel info (" << driverName << ")."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - info.nativeFormats = 0; - if ( channelInfo.type == ASIOSTInt16MSB || channelInfo.type == ASIOSTInt16LSB ) - info.nativeFormats |= RTAUDIO_SINT16; - else if ( channelInfo.type == ASIOSTInt32MSB || channelInfo.type == ASIOSTInt32LSB ) - info.nativeFormats |= RTAUDIO_SINT32; - else if ( channelInfo.type == ASIOSTFloat32MSB || channelInfo.type == ASIOSTFloat32LSB ) - info.nativeFormats |= RTAUDIO_FLOAT32; - else if ( channelInfo.type == ASIOSTFloat64MSB || channelInfo.type == ASIOSTFloat64LSB ) - info.nativeFormats |= RTAUDIO_FLOAT64; - else if ( channelInfo.type == ASIOSTInt24MSB || channelInfo.type == ASIOSTInt24LSB ) - info.nativeFormats |= RTAUDIO_SINT24; - - if ( info.outputChannels > 0 ) - if ( getDefaultOutputDevice() == device ) info.isDefaultOutput = true; - if ( info.inputChannels > 0 ) - if ( getDefaultInputDevice() == device ) info.isDefaultInput = true; - - info.probed = true; - drivers.removeCurrentDriver(); - return info; -} - -static void bufferSwitch( long index, ASIOBool /*processNow*/ ) -{ - RtApiAsio *object = (RtApiAsio *) asioCallbackInfo->object; - object->callbackEvent( index ); -} - -void RtApiAsio :: saveDeviceInfo( void ) -{ - devices_.clear(); - - unsigned int nDevices = getDeviceCount(); - devices_.resize( nDevices ); - for ( unsigned int i=0; i<nDevices; i++ ) - devices_[i] = getDeviceInfo( i ); -} - -bool RtApiAsio :: probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ) -{//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// - - bool isDuplexInput = mode == INPUT && stream_.mode == OUTPUT; - - // For ASIO, a duplex stream MUST use the same driver. - if ( isDuplexInput && stream_.device[0] != device ) { - errorText_ = "RtApiAsio::probeDeviceOpen: an ASIO duplex stream must use the same device for input and output!"; - return FAILURE; - } - - char driverName[32]; - ASIOError result = drivers.asioGetDriverName( (int) device, driverName, 32 ); - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: unable to get driver name (" << getAsioErrorString( result ) << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Only load the driver once for duplex stream. - if ( !isDuplexInput ) { - // The getDeviceInfo() function will not work when a stream is open - // because ASIO does not allow multiple devices to run at the same - // time. Thus, we'll probe the system before opening a stream and - // save the results for use by getDeviceInfo(). - this->saveDeviceInfo(); - - if ( !drivers.loadDriver( driverName ) ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: unable to load driver (" << driverName << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - result = ASIOInit( &driverInfo ); - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: error (" << getAsioErrorString( result ) << ") initializing driver (" << driverName << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - } - - // keep them before any "goto error", they are used for error cleanup + goto device boundary checks - bool buffersAllocated = false; - AsioHandle *handle = (AsioHandle *) stream_.apiHandle; - unsigned int nChannels; - - - // Check the device channel count. - long inputChannels, outputChannels; - result = ASIOGetChannels( &inputChannels, &outputChannels ); - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: error (" << getAsioErrorString( result ) << ") getting channel count (" << driverName << ")."; - errorText_ = errorStream_.str(); - goto error; - } - - if ( ( mode == OUTPUT && (channels+firstChannel) > (unsigned int) outputChannels) || - ( mode == INPUT && (channels+firstChannel) > (unsigned int) inputChannels) ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: driver (" << driverName << ") does not support requested channel count (" << channels << ") + offset (" << firstChannel << ")."; - errorText_ = errorStream_.str(); - goto error; - } - stream_.nDeviceChannels[mode] = channels; - stream_.nUserChannels[mode] = channels; - stream_.channelOffset[mode] = firstChannel; - - // Verify the sample rate is supported. - result = ASIOCanSampleRate( (ASIOSampleRate) sampleRate ); - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: driver (" << driverName << ") does not support requested sample rate (" << sampleRate << ")."; - errorText_ = errorStream_.str(); - goto error; - } - - // Get the current sample rate - ASIOSampleRate currentRate; - result = ASIOGetSampleRate( ¤tRate ); - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: driver (" << driverName << ") error getting sample rate."; - errorText_ = errorStream_.str(); - goto error; - } - - // Set the sample rate only if necessary - if ( currentRate != sampleRate ) { - result = ASIOSetSampleRate( (ASIOSampleRate) sampleRate ); - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: driver (" << driverName << ") error setting sample rate (" << sampleRate << ")."; - errorText_ = errorStream_.str(); - goto error; - } - } - - // Determine the driver data type. - ASIOChannelInfo channelInfo; - channelInfo.channel = 0; - if ( mode == OUTPUT ) channelInfo.isInput = false; - else channelInfo.isInput = true; - result = ASIOGetChannelInfo( &channelInfo ); - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: driver (" << driverName << ") error (" << getAsioErrorString( result ) << ") getting data format."; - errorText_ = errorStream_.str(); - goto error; - } - - // Assuming WINDOWS host is always little-endian. - stream_.doByteSwap[mode] = false; - stream_.userFormat = format; - stream_.deviceFormat[mode] = 0; - if ( channelInfo.type == ASIOSTInt16MSB || channelInfo.type == ASIOSTInt16LSB ) { - stream_.deviceFormat[mode] = RTAUDIO_SINT16; - if ( channelInfo.type == ASIOSTInt16MSB ) stream_.doByteSwap[mode] = true; - } - else if ( channelInfo.type == ASIOSTInt32MSB || channelInfo.type == ASIOSTInt32LSB ) { - stream_.deviceFormat[mode] = RTAUDIO_SINT32; - if ( channelInfo.type == ASIOSTInt32MSB ) stream_.doByteSwap[mode] = true; - } - else if ( channelInfo.type == ASIOSTFloat32MSB || channelInfo.type == ASIOSTFloat32LSB ) { - stream_.deviceFormat[mode] = RTAUDIO_FLOAT32; - if ( channelInfo.type == ASIOSTFloat32MSB ) stream_.doByteSwap[mode] = true; - } - else if ( channelInfo.type == ASIOSTFloat64MSB || channelInfo.type == ASIOSTFloat64LSB ) { - stream_.deviceFormat[mode] = RTAUDIO_FLOAT64; - if ( channelInfo.type == ASIOSTFloat64MSB ) stream_.doByteSwap[mode] = true; - } - else if ( channelInfo.type == ASIOSTInt24MSB || channelInfo.type == ASIOSTInt24LSB ) { - stream_.deviceFormat[mode] = RTAUDIO_SINT24; - if ( channelInfo.type == ASIOSTInt24MSB ) stream_.doByteSwap[mode] = true; - } - - if ( stream_.deviceFormat[mode] == 0 ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: driver (" << driverName << ") data format not supported by RtAudio."; - errorText_ = errorStream_.str(); - goto error; - } - - // Set the buffer size. For a duplex stream, this will end up - // setting the buffer size based on the input constraints, which - // should be ok. - long minSize, maxSize, preferSize, granularity; - result = ASIOGetBufferSize( &minSize, &maxSize, &preferSize, &granularity ); - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: driver (" << driverName << ") error (" << getAsioErrorString( result ) << ") getting buffer size."; - errorText_ = errorStream_.str(); - goto error; - } - - if ( isDuplexInput ) { - // When this is the duplex input (output was opened before), then we have to use the same - // buffersize as the output, because it might use the preferred buffer size, which most - // likely wasn't passed as input to this. The buffer sizes have to be identically anyway, - // So instead of throwing an error, make them equal. The caller uses the reference - // to the "bufferSize" param as usual to set up processing buffers. - - *bufferSize = stream_.bufferSize; - - } else { - if ( *bufferSize == 0 ) *bufferSize = preferSize; - else if ( *bufferSize < (unsigned int) minSize ) *bufferSize = (unsigned int) minSize; - else if ( *bufferSize > (unsigned int) maxSize ) *bufferSize = (unsigned int) maxSize; - else if ( granularity == -1 ) { - // Make sure bufferSize is a power of two. - int log2_of_min_size = 0; - int log2_of_max_size = 0; - - for ( unsigned int i = 0; i < sizeof(long) * 8; i++ ) { - if ( minSize & ((long)1 << i) ) log2_of_min_size = i; - if ( maxSize & ((long)1 << i) ) log2_of_max_size = i; - } - - long min_delta = std::abs( (long)*bufferSize - ((long)1 << log2_of_min_size) ); - int min_delta_num = log2_of_min_size; - - for (int i = log2_of_min_size + 1; i <= log2_of_max_size; i++) { - long current_delta = std::abs( (long)*bufferSize - ((long)1 << i) ); - if (current_delta < min_delta) { - min_delta = current_delta; - min_delta_num = i; - } - } - - *bufferSize = ( (unsigned int)1 << min_delta_num ); - if ( *bufferSize < (unsigned int) minSize ) *bufferSize = (unsigned int) minSize; - else if ( *bufferSize > (unsigned int) maxSize ) *bufferSize = (unsigned int) maxSize; - } - else if ( granularity != 0 ) { - // Set to an even multiple of granularity, rounding up. - *bufferSize = (*bufferSize + granularity-1) / granularity * granularity; - } - } - - /* - // we don't use it anymore, see above! - // Just left it here for the case... - if ( isDuplexInput && stream_.bufferSize != *bufferSize ) { - errorText_ = "RtApiAsio::probeDeviceOpen: input/output buffersize discrepancy!"; - goto error; - } - */ - - stream_.bufferSize = *bufferSize; - stream_.nBuffers = 2; - - if ( options && options->flags & RTAUDIO_NONINTERLEAVED ) stream_.userInterleaved = false; - else stream_.userInterleaved = true; - - // ASIO always uses non-interleaved buffers. - stream_.deviceInterleaved[mode] = false; - - // Allocate, if necessary, our AsioHandle structure for the stream. - if ( handle == 0 ) { - try { - handle = new AsioHandle; - } - catch ( std::bad_alloc& ) { - errorText_ = "RtApiAsio::probeDeviceOpen: error allocating AsioHandle memory."; - goto error; - } - handle->bufferInfos = 0; - - // Create a manual-reset event. - handle->condition = CreateEvent( NULL, // no security - TRUE, // manual-reset - FALSE, // non-signaled initially - NULL ); // unnamed - stream_.apiHandle = (void *) handle; - } - - // Create the ASIO internal buffers. Since RtAudio sets up input - // and output separately, we'll have to dispose of previously - // created output buffers for a duplex stream. - if ( mode == INPUT && stream_.mode == OUTPUT ) { - ASIODisposeBuffers(); - if ( handle->bufferInfos ) free( handle->bufferInfos ); - } - - // Allocate, initialize, and save the bufferInfos in our stream callbackInfo structure. - unsigned int i; - nChannels = stream_.nDeviceChannels[0] + stream_.nDeviceChannels[1]; - handle->bufferInfos = (ASIOBufferInfo *) malloc( nChannels * sizeof(ASIOBufferInfo) ); - if ( handle->bufferInfos == NULL ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: error allocating bufferInfo memory for driver (" << driverName << ")."; - errorText_ = errorStream_.str(); - goto error; - } - - ASIOBufferInfo *infos; - infos = handle->bufferInfos; - for ( i=0; i<stream_.nDeviceChannels[0]; i++, infos++ ) { - infos->isInput = ASIOFalse; - infos->channelNum = i + stream_.channelOffset[0]; - infos->buffers[0] = infos->buffers[1] = 0; - } - for ( i=0; i<stream_.nDeviceChannels[1]; i++, infos++ ) { - infos->isInput = ASIOTrue; - infos->channelNum = i + stream_.channelOffset[1]; - infos->buffers[0] = infos->buffers[1] = 0; - } - - // prepare for callbacks - stream_.sampleRate = sampleRate; - stream_.device[mode] = device; - stream_.mode = isDuplexInput ? DUPLEX : mode; - - // store this class instance before registering callbacks, that are going to use it - asioCallbackInfo = &stream_.callbackInfo; - stream_.callbackInfo.object = (void *) this; - - // Set up the ASIO callback structure and create the ASIO data buffers. - asioCallbacks.bufferSwitch = &bufferSwitch; - asioCallbacks.sampleRateDidChange = &sampleRateChanged; - asioCallbacks.asioMessage = &asioMessages; - asioCallbacks.bufferSwitchTimeInfo = NULL; - result = ASIOCreateBuffers( handle->bufferInfos, nChannels, stream_.bufferSize, &asioCallbacks ); - if ( result != ASE_OK ) { - // Standard method failed. This can happen with strict/misbehaving drivers that return valid buffer size ranges - // but only accept the preferred buffer size as parameter for ASIOCreateBuffers. eg. Creatives ASIO driver - // in that case, let's be naïve and try that instead - *bufferSize = preferSize; - stream_.bufferSize = *bufferSize; - result = ASIOCreateBuffers( handle->bufferInfos, nChannels, stream_.bufferSize, &asioCallbacks ); - } - - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: driver (" << driverName << ") error (" << getAsioErrorString( result ) << ") creating buffers."; - errorText_ = errorStream_.str(); - goto error; - } - buffersAllocated = true; - stream_.state = STREAM_STOPPED; - - // Set flags for buffer conversion. - stream_.doConvertBuffer[mode] = false; - if ( stream_.userFormat != stream_.deviceFormat[mode] ) - stream_.doConvertBuffer[mode] = true; - if ( stream_.userInterleaved != stream_.deviceInterleaved[mode] && - stream_.nUserChannels[mode] > 1 ) - stream_.doConvertBuffer[mode] = true; - - // Allocate necessary internal buffers - unsigned long bufferBytes; - bufferBytes = stream_.nUserChannels[mode] * *bufferSize * formatBytes( stream_.userFormat ); - stream_.userBuffer[mode] = (char *) calloc( bufferBytes, 1 ); - if ( stream_.userBuffer[mode] == NULL ) { - errorText_ = "RtApiAsio::probeDeviceOpen: error allocating user buffer memory."; - goto error; - } - - if ( stream_.doConvertBuffer[mode] ) { - - bool makeBuffer = true; - bufferBytes = stream_.nDeviceChannels[mode] * formatBytes( stream_.deviceFormat[mode] ); - if ( isDuplexInput && stream_.deviceBuffer ) { - unsigned long bytesOut = stream_.nDeviceChannels[0] * formatBytes( stream_.deviceFormat[0] ); - if ( bufferBytes <= bytesOut ) makeBuffer = false; - } - - if ( makeBuffer ) { - bufferBytes *= *bufferSize; - if ( stream_.deviceBuffer ) free( stream_.deviceBuffer ); - stream_.deviceBuffer = (char *) calloc( bufferBytes, 1 ); - if ( stream_.deviceBuffer == NULL ) { - errorText_ = "RtApiAsio::probeDeviceOpen: error allocating device buffer memory."; - goto error; - } - } - } - - // Determine device latencies - long inputLatency, outputLatency; - result = ASIOGetLatencies( &inputLatency, &outputLatency ); - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::probeDeviceOpen: driver (" << driverName << ") error (" << getAsioErrorString( result ) << ") getting latency."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING); // warn but don't fail - } - else { - stream_.latency[0] = outputLatency; - stream_.latency[1] = inputLatency; - } - - // Setup the buffer conversion information structure. We don't use - // buffers to do channel offsets, so we override that parameter - // here. - if ( stream_.doConvertBuffer[mode] ) setConvertInfo( mode, 0 ); - - return SUCCESS; - - error: - if ( !isDuplexInput ) { - // the cleanup for error in the duplex input, is done by RtApi::openStream - // So we clean up for single channel only - - if ( buffersAllocated ) - ASIODisposeBuffers(); - - drivers.removeCurrentDriver(); - - if ( handle ) { - CloseHandle( handle->condition ); - if ( handle->bufferInfos ) - free( handle->bufferInfos ); - - delete handle; - stream_.apiHandle = 0; - } - - - if ( stream_.userBuffer[mode] ) { - free( stream_.userBuffer[mode] ); - stream_.userBuffer[mode] = 0; - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - } - - return FAILURE; -}//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// - -void RtApiAsio :: closeStream() -{ - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiAsio::closeStream(): no open stream to close!"; - error( RtAudioError::WARNING ); - return; - } - - if ( stream_.state == STREAM_RUNNING ) { - stream_.state = STREAM_STOPPED; - ASIOStop(); - } - ASIODisposeBuffers(); - drivers.removeCurrentDriver(); - - AsioHandle *handle = (AsioHandle *) stream_.apiHandle; - if ( handle ) { - CloseHandle( handle->condition ); - if ( handle->bufferInfos ) - free( handle->bufferInfos ); - delete handle; - stream_.apiHandle = 0; - } - - for ( int i=0; i<2; i++ ) { - if ( stream_.userBuffer[i] ) { - free( stream_.userBuffer[i] ); - stream_.userBuffer[i] = 0; - } - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - - stream_.mode = UNINITIALIZED; - stream_.state = STREAM_CLOSED; -} - -bool stopThreadCalled = false; - -void RtApiAsio :: startStream() -{ - verifyStream(); - if ( stream_.state == STREAM_RUNNING ) { - errorText_ = "RtApiAsio::startStream(): the stream is already running!"; - error( RtAudioError::WARNING ); - return; - } - - AsioHandle *handle = (AsioHandle *) stream_.apiHandle; - ASIOError result = ASIOStart(); - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::startStream: error (" << getAsioErrorString( result ) << ") starting device."; - errorText_ = errorStream_.str(); - goto unlock; - } - - handle->drainCounter = 0; - handle->internalDrain = false; - ResetEvent( handle->condition ); - stream_.state = STREAM_RUNNING; - asioXRun = false; - - unlock: - stopThreadCalled = false; - - if ( result == ASE_OK ) return; - error( RtAudioError::SYSTEM_ERROR ); -} - -void RtApiAsio :: stopStream() -{ - verifyStream(); - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiAsio::stopStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - AsioHandle *handle = (AsioHandle *) stream_.apiHandle; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - if ( handle->drainCounter == 0 ) { - handle->drainCounter = 2; - WaitForSingleObject( handle->condition, INFINITE ); // block until signaled - } - } - - stream_.state = STREAM_STOPPED; - - ASIOError result = ASIOStop(); - if ( result != ASE_OK ) { - errorStream_ << "RtApiAsio::stopStream: error (" << getAsioErrorString( result ) << ") stopping device."; - errorText_ = errorStream_.str(); - } - - if ( result == ASE_OK ) return; - error( RtAudioError::SYSTEM_ERROR ); -} - -void RtApiAsio :: abortStream() -{ - verifyStream(); - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiAsio::abortStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - // The following lines were commented-out because some behavior was - // noted where the device buffers need to be zeroed to avoid - // continuing sound, even when the device buffers are completely - // disposed. So now, calling abort is the same as calling stop. - // AsioHandle *handle = (AsioHandle *) stream_.apiHandle; - // handle->drainCounter = 2; - stopStream(); -} - -// This function will be called by a spawned thread when the user -// callback function signals that the stream should be stopped or -// aborted. It is necessary to handle it this way because the -// callbackEvent() function must return before the ASIOStop() -// function will return. -static unsigned __stdcall asioStopStream( void *ptr ) -{ - CallbackInfo *info = (CallbackInfo *) ptr; - RtApiAsio *object = (RtApiAsio *) info->object; - - object->stopStream(); - _endthreadex( 0 ); - return 0; -} - -bool RtApiAsio :: callbackEvent( long bufferIndex ) -{ - if ( stream_.state == STREAM_STOPPED || stream_.state == STREAM_STOPPING ) return SUCCESS; - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiAsio::callbackEvent(): the stream is closed ... this shouldn't happen!"; - error( RtAudioError::WARNING ); - return FAILURE; - } - - CallbackInfo *info = (CallbackInfo *) &stream_.callbackInfo; - AsioHandle *handle = (AsioHandle *) stream_.apiHandle; - - // Check if we were draining the stream and signal if finished. - if ( handle->drainCounter > 3 ) { - - stream_.state = STREAM_STOPPING; - if ( handle->internalDrain == false ) - SetEvent( handle->condition ); - else { // spawn a thread to stop the stream - unsigned threadId; - stream_.callbackInfo.thread = _beginthreadex( NULL, 0, &asioStopStream, - &stream_.callbackInfo, 0, &threadId ); - } - return SUCCESS; - } - - // Invoke user callback to get fresh output data UNLESS we are - // draining stream. - if ( handle->drainCounter == 0 ) { - RtAudioCallback callback = (RtAudioCallback) info->callback; - double streamTime = getStreamTime(); - RtAudioStreamStatus status = 0; - if ( stream_.mode != INPUT && asioXRun == true ) { - status |= RTAUDIO_OUTPUT_UNDERFLOW; - asioXRun = false; - } - if ( stream_.mode != OUTPUT && asioXRun == true ) { - status |= RTAUDIO_INPUT_OVERFLOW; - asioXRun = false; - } - int cbReturnValue = callback( stream_.userBuffer[0], stream_.userBuffer[1], - stream_.bufferSize, streamTime, status, info->userData ); - if ( cbReturnValue == 2 ) { - stream_.state = STREAM_STOPPING; - handle->drainCounter = 2; - unsigned threadId; - stream_.callbackInfo.thread = _beginthreadex( NULL, 0, &asioStopStream, - &stream_.callbackInfo, 0, &threadId ); - return SUCCESS; - } - else if ( cbReturnValue == 1 ) { - handle->drainCounter = 1; - handle->internalDrain = true; - } - } - - unsigned int nChannels, bufferBytes, i, j; - nChannels = stream_.nDeviceChannels[0] + stream_.nDeviceChannels[1]; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - - bufferBytes = stream_.bufferSize * formatBytes( stream_.deviceFormat[0] ); - - if ( handle->drainCounter > 1 ) { // write zeros to the output stream - - for ( i=0, j=0; i<nChannels; i++ ) { - if ( handle->bufferInfos[i].isInput != ASIOTrue ) - memset( handle->bufferInfos[i].buffers[bufferIndex], 0, bufferBytes ); - } - - } - else if ( stream_.doConvertBuffer[0] ) { - - convertBuffer( stream_.deviceBuffer, stream_.userBuffer[0], stream_.convertInfo[0] ); - if ( stream_.doByteSwap[0] ) - byteSwapBuffer( stream_.deviceBuffer, - stream_.bufferSize * stream_.nDeviceChannels[0], - stream_.deviceFormat[0] ); - - for ( i=0, j=0; i<nChannels; i++ ) { - if ( handle->bufferInfos[i].isInput != ASIOTrue ) - memcpy( handle->bufferInfos[i].buffers[bufferIndex], - &stream_.deviceBuffer[j++*bufferBytes], bufferBytes ); - } - - } - else { - - if ( stream_.doByteSwap[0] ) - byteSwapBuffer( stream_.userBuffer[0], - stream_.bufferSize * stream_.nUserChannels[0], - stream_.userFormat ); - - for ( i=0, j=0; i<nChannels; i++ ) { - if ( handle->bufferInfos[i].isInput != ASIOTrue ) - memcpy( handle->bufferInfos[i].buffers[bufferIndex], - &stream_.userBuffer[0][bufferBytes*j++], bufferBytes ); - } - - } - } - - // Don't bother draining input - if ( handle->drainCounter ) { - handle->drainCounter++; - goto unlock; - } - - if ( stream_.mode == INPUT || stream_.mode == DUPLEX ) { - - bufferBytes = stream_.bufferSize * formatBytes(stream_.deviceFormat[1]); - - if (stream_.doConvertBuffer[1]) { - - // Always interleave ASIO input data. - for ( i=0, j=0; i<nChannels; i++ ) { - if ( handle->bufferInfos[i].isInput == ASIOTrue ) - memcpy( &stream_.deviceBuffer[j++*bufferBytes], - handle->bufferInfos[i].buffers[bufferIndex], - bufferBytes ); - } - - if ( stream_.doByteSwap[1] ) - byteSwapBuffer( stream_.deviceBuffer, - stream_.bufferSize * stream_.nDeviceChannels[1], - stream_.deviceFormat[1] ); - convertBuffer( stream_.userBuffer[1], stream_.deviceBuffer, stream_.convertInfo[1] ); - - } - else { - for ( i=0, j=0; i<nChannels; i++ ) { - if ( handle->bufferInfos[i].isInput == ASIOTrue ) { - memcpy( &stream_.userBuffer[1][bufferBytes*j++], - handle->bufferInfos[i].buffers[bufferIndex], - bufferBytes ); - } - } - - if ( stream_.doByteSwap[1] ) - byteSwapBuffer( stream_.userBuffer[1], - stream_.bufferSize * stream_.nUserChannels[1], - stream_.userFormat ); - } - } - - unlock: - // The following call was suggested by Malte Clasen. While the API - // documentation indicates it should not be required, some device - // drivers apparently do not function correctly without it. - ASIOOutputReady(); - - RtApi::tickStreamTime(); - return SUCCESS; -} - -static void sampleRateChanged( ASIOSampleRate sRate ) -{ - // The ASIO documentation says that this usually only happens during - // external sync. Audio processing is not stopped by the driver, - // actual sample rate might not have even changed, maybe only the - // sample rate status of an AES/EBU or S/PDIF digital input at the - // audio device. - - RtApi *object = (RtApi *) asioCallbackInfo->object; - try { - object->stopStream(); - } - catch ( RtAudioError &exception ) { - std::cerr << "\nRtApiAsio: sampleRateChanged() error (" << exception.getMessage() << ")!\n" << std::endl; - return; - } - - std::cerr << "\nRtApiAsio: driver reports sample rate changed to " << sRate << " ... stream stopped!!!\n" << std::endl; -} - -static long asioMessages( long selector, long value, void* /*message*/, double* /*opt*/ ) -{ - long ret = 0; - - switch( selector ) { - case kAsioSelectorSupported: - if ( value == kAsioResetRequest - || value == kAsioEngineVersion - || value == kAsioResyncRequest - || value == kAsioLatenciesChanged - // The following three were added for ASIO 2.0, you don't - // necessarily have to support them. - || value == kAsioSupportsTimeInfo - || value == kAsioSupportsTimeCode - || value == kAsioSupportsInputMonitor) - ret = 1L; - break; - case kAsioResetRequest: - // Defer the task and perform the reset of the driver during the - // next "safe" situation. You cannot reset the driver right now, - // as this code is called from the driver. Reset the driver is - // done by completely destruct is. I.e. ASIOStop(), - // ASIODisposeBuffers(), Destruction Afterwards you initialize the - // driver again. - std::cerr << "\nRtApiAsio: driver reset requested!!!" << std::endl; - ret = 1L; - break; - case kAsioResyncRequest: - // This informs the application that the driver encountered some - // non-fatal data loss. It is used for synchronization purposes - // of different media. Added mainly to work around the Win16Mutex - // problems in Windows 95/98 with the Windows Multimedia system, - // which could lose data because the Mutex was held too long by - // another thread. However a driver can issue it in other - // situations, too. - // std::cerr << "\nRtApiAsio: driver resync requested!!!" << std::endl; - asioXRun = true; - ret = 1L; - break; - case kAsioLatenciesChanged: - // This will inform the host application that the drivers were - // latencies changed. Beware, it this does not mean that the - // buffer sizes have changed! You might need to update internal - // delay data. - std::cerr << "\nRtApiAsio: driver latency may have changed!!!" << std::endl; - ret = 1L; - break; - case kAsioEngineVersion: - // Return the supported ASIO version of the host application. If - // a host application does not implement this selector, ASIO 1.0 - // is assumed by the driver. - ret = 2L; - break; - case kAsioSupportsTimeInfo: - // Informs the driver whether the - // asioCallbacks.bufferSwitchTimeInfo() callback is supported. - // For compatibility with ASIO 1.0 drivers the host application - // should always support the "old" bufferSwitch method, too. - ret = 0; - break; - case kAsioSupportsTimeCode: - // Informs the driver whether application is interested in time - // code info. If an application does not need to know about time - // code, the driver has less work to do. - ret = 0; - break; - } - return ret; -} - -static const char* getAsioErrorString( ASIOError result ) -{ - struct Messages - { - ASIOError value; - const char*message; - }; - - static const Messages m[] = - { - { ASE_NotPresent, "Hardware input or output is not present or available." }, - { ASE_HWMalfunction, "Hardware is malfunctioning." }, - { ASE_InvalidParameter, "Invalid input parameter." }, - { ASE_InvalidMode, "Invalid mode." }, - { ASE_SPNotAdvancing, "Sample position not advancing." }, - { ASE_NoClock, "Sample clock or rate cannot be determined or is not present." }, - { ASE_NoMemory, "Not enough memory to complete the request." } - }; - - for ( unsigned int i = 0; i < sizeof(m)/sizeof(m[0]); ++i ) - if ( m[i].value == result ) return m[i].message; - - return "Unknown error."; -} - -//******************** End of __WINDOWS_ASIO__ *********************// -#endif - - -#if defined(__WINDOWS_WASAPI__) // Windows WASAPI API - -// Authored by Marcus Tomlinson <themarcustomlinson@gmail.com>, April 2014 -// - Introduces support for the Windows WASAPI API -// - Aims to deliver bit streams to and from hardware at the lowest possible latency, via the absolute minimum buffer sizes required -// - Provides flexible stream configuration to an otherwise strict and inflexible WASAPI interface -// - Includes automatic internal conversion of sample rate and buffer size between hardware and the user - -#ifndef INITGUID - #define INITGUID -#endif -#include <audioclient.h> -#include <avrt.h> -#include <mmdeviceapi.h> -#include <functiondiscoverykeys_devpkey.h> - -//============================================================================= - -#define SAFE_RELEASE( objectPtr )\ -if ( objectPtr )\ -{\ - objectPtr->Release();\ - objectPtr = NULL;\ -} - -typedef HANDLE ( __stdcall *TAvSetMmThreadCharacteristicsPtr )( LPCWSTR TaskName, LPDWORD TaskIndex ); - -//----------------------------------------------------------------------------- - -// WASAPI dictates stream sample rate, format, channel count, and in some cases, buffer size. -// Therefore we must perform all necessary conversions to user buffers in order to satisfy these -// requirements. WasapiBuffer ring buffers are used between HwIn->UserIn and UserOut->HwOut to -// provide intermediate storage for read / write synchronization. -class WasapiBuffer -{ -public: - WasapiBuffer() - : buffer_( NULL ), - bufferSize_( 0 ), - inIndex_( 0 ), - outIndex_( 0 ) {} - - ~WasapiBuffer() { - free( buffer_ ); - } - - // sets the length of the internal ring buffer - void setBufferSize( unsigned int bufferSize, unsigned int formatBytes ) { - free( buffer_ ); - - buffer_ = ( char* ) calloc( bufferSize, formatBytes ); - - bufferSize_ = bufferSize; - inIndex_ = 0; - outIndex_ = 0; - } - - // attempt to push a buffer into the ring buffer at the current "in" index - bool pushBuffer( char* buffer, unsigned int bufferSize, RtAudioFormat format ) - { - if ( !buffer || // incoming buffer is NULL - bufferSize == 0 || // incoming buffer has no data - bufferSize > bufferSize_ ) // incoming buffer too large - { - return false; - } - - unsigned int relOutIndex = outIndex_; - unsigned int inIndexEnd = inIndex_ + bufferSize; - if ( relOutIndex < inIndex_ && inIndexEnd >= bufferSize_ ) { - relOutIndex += bufferSize_; - } - - // "in" index can end on the "out" index but cannot begin at it - if ( inIndex_ <= relOutIndex && inIndexEnd > relOutIndex ) { - return false; // not enough space between "in" index and "out" index - } - - // copy buffer from external to internal - int fromZeroSize = inIndex_ + bufferSize - bufferSize_; - fromZeroSize = fromZeroSize < 0 ? 0 : fromZeroSize; - int fromInSize = bufferSize - fromZeroSize; - - switch( format ) - { - case RTAUDIO_SINT8: - memcpy( &( ( char* ) buffer_ )[inIndex_], buffer, fromInSize * sizeof( char ) ); - memcpy( buffer_, &( ( char* ) buffer )[fromInSize], fromZeroSize * sizeof( char ) ); - break; - case RTAUDIO_SINT16: - memcpy( &( ( short* ) buffer_ )[inIndex_], buffer, fromInSize * sizeof( short ) ); - memcpy( buffer_, &( ( short* ) buffer )[fromInSize], fromZeroSize * sizeof( short ) ); - break; - case RTAUDIO_SINT24: - memcpy( &( ( S24* ) buffer_ )[inIndex_], buffer, fromInSize * sizeof( S24 ) ); - memcpy( buffer_, &( ( S24* ) buffer )[fromInSize], fromZeroSize * sizeof( S24 ) ); - break; - case RTAUDIO_SINT32: - memcpy( &( ( int* ) buffer_ )[inIndex_], buffer, fromInSize * sizeof( int ) ); - memcpy( buffer_, &( ( int* ) buffer )[fromInSize], fromZeroSize * sizeof( int ) ); - break; - case RTAUDIO_FLOAT32: - memcpy( &( ( float* ) buffer_ )[inIndex_], buffer, fromInSize * sizeof( float ) ); - memcpy( buffer_, &( ( float* ) buffer )[fromInSize], fromZeroSize * sizeof( float ) ); - break; - case RTAUDIO_FLOAT64: - memcpy( &( ( double* ) buffer_ )[inIndex_], buffer, fromInSize * sizeof( double ) ); - memcpy( buffer_, &( ( double* ) buffer )[fromInSize], fromZeroSize * sizeof( double ) ); - break; - } - - // update "in" index - inIndex_ += bufferSize; - inIndex_ %= bufferSize_; - - return true; - } - - // attempt to pull a buffer from the ring buffer from the current "out" index - bool pullBuffer( char* buffer, unsigned int bufferSize, RtAudioFormat format ) - { - if ( !buffer || // incoming buffer is NULL - bufferSize == 0 || // incoming buffer has no data - bufferSize > bufferSize_ ) // incoming buffer too large - { - return false; - } - - unsigned int relInIndex = inIndex_; - unsigned int outIndexEnd = outIndex_ + bufferSize; - if ( relInIndex < outIndex_ && outIndexEnd >= bufferSize_ ) { - relInIndex += bufferSize_; - } - - // "out" index can begin at and end on the "in" index - if ( outIndex_ < relInIndex && outIndexEnd > relInIndex ) { - return false; // not enough space between "out" index and "in" index - } - - // copy buffer from internal to external - int fromZeroSize = outIndex_ + bufferSize - bufferSize_; - fromZeroSize = fromZeroSize < 0 ? 0 : fromZeroSize; - int fromOutSize = bufferSize - fromZeroSize; - - switch( format ) - { - case RTAUDIO_SINT8: - memcpy( buffer, &( ( char* ) buffer_ )[outIndex_], fromOutSize * sizeof( char ) ); - memcpy( &( ( char* ) buffer )[fromOutSize], buffer_, fromZeroSize * sizeof( char ) ); - break; - case RTAUDIO_SINT16: - memcpy( buffer, &( ( short* ) buffer_ )[outIndex_], fromOutSize * sizeof( short ) ); - memcpy( &( ( short* ) buffer )[fromOutSize], buffer_, fromZeroSize * sizeof( short ) ); - break; - case RTAUDIO_SINT24: - memcpy( buffer, &( ( S24* ) buffer_ )[outIndex_], fromOutSize * sizeof( S24 ) ); - memcpy( &( ( S24* ) buffer )[fromOutSize], buffer_, fromZeroSize * sizeof( S24 ) ); - break; - case RTAUDIO_SINT32: - memcpy( buffer, &( ( int* ) buffer_ )[outIndex_], fromOutSize * sizeof( int ) ); - memcpy( &( ( int* ) buffer )[fromOutSize], buffer_, fromZeroSize * sizeof( int ) ); - break; - case RTAUDIO_FLOAT32: - memcpy( buffer, &( ( float* ) buffer_ )[outIndex_], fromOutSize * sizeof( float ) ); - memcpy( &( ( float* ) buffer )[fromOutSize], buffer_, fromZeroSize * sizeof( float ) ); - break; - case RTAUDIO_FLOAT64: - memcpy( buffer, &( ( double* ) buffer_ )[outIndex_], fromOutSize * sizeof( double ) ); - memcpy( &( ( double* ) buffer )[fromOutSize], buffer_, fromZeroSize * sizeof( double ) ); - break; - } - - // update "out" index - outIndex_ += bufferSize; - outIndex_ %= bufferSize_; - - return true; - } - -private: - char* buffer_; - unsigned int bufferSize_; - unsigned int inIndex_; - unsigned int outIndex_; -}; - -//----------------------------------------------------------------------------- - -// In order to satisfy WASAPI's buffer requirements, we need a means of converting sample rate -// between HW and the user. The convertBufferWasapi function is used to perform this conversion -// between HwIn->UserIn and UserOut->HwOut during the stream callback loop. -// This sample rate converter favors speed over quality, and works best with conversions between -// one rate and its multiple. -void convertBufferWasapi( char* outBuffer, - const char* inBuffer, - const unsigned int& channelCount, - const unsigned int& inSampleRate, - const unsigned int& outSampleRate, - const unsigned int& inSampleCount, - unsigned int& outSampleCount, - const RtAudioFormat& format ) -{ - // calculate the new outSampleCount and relative sampleStep - float sampleRatio = ( float ) outSampleRate / inSampleRate; - float sampleStep = 1.0f / sampleRatio; - float inSampleFraction = 0.0f; - - outSampleCount = ( unsigned int ) roundf( inSampleCount * sampleRatio ); - - // frame-by-frame, copy each relative input sample into it's corresponding output sample - for ( unsigned int outSample = 0; outSample < outSampleCount; outSample++ ) - { - unsigned int inSample = ( unsigned int ) inSampleFraction; - - switch ( format ) - { - case RTAUDIO_SINT8: - memcpy( &( ( char* ) outBuffer )[ outSample * channelCount ], &( ( char* ) inBuffer )[ inSample * channelCount ], channelCount * sizeof( char ) ); - break; - case RTAUDIO_SINT16: - memcpy( &( ( short* ) outBuffer )[ outSample * channelCount ], &( ( short* ) inBuffer )[ inSample * channelCount ], channelCount * sizeof( short ) ); - break; - case RTAUDIO_SINT24: - memcpy( &( ( S24* ) outBuffer )[ outSample * channelCount ], &( ( S24* ) inBuffer )[ inSample * channelCount ], channelCount * sizeof( S24 ) ); - break; - case RTAUDIO_SINT32: - memcpy( &( ( int* ) outBuffer )[ outSample * channelCount ], &( ( int* ) inBuffer )[ inSample * channelCount ], channelCount * sizeof( int ) ); - break; - case RTAUDIO_FLOAT32: - memcpy( &( ( float* ) outBuffer )[ outSample * channelCount ], &( ( float* ) inBuffer )[ inSample * channelCount ], channelCount * sizeof( float ) ); - break; - case RTAUDIO_FLOAT64: - memcpy( &( ( double* ) outBuffer )[ outSample * channelCount ], &( ( double* ) inBuffer )[ inSample * channelCount ], channelCount * sizeof( double ) ); - break; - } - - // jump to next in sample - inSampleFraction += sampleStep; - } -} - -//----------------------------------------------------------------------------- - -// A structure to hold various information related to the WASAPI implementation. -struct WasapiHandle -{ - IAudioClient* captureAudioClient; - IAudioClient* renderAudioClient; - IAudioCaptureClient* captureClient; - IAudioRenderClient* renderClient; - HANDLE captureEvent; - HANDLE renderEvent; - - WasapiHandle() - : captureAudioClient( NULL ), - renderAudioClient( NULL ), - captureClient( NULL ), - renderClient( NULL ), - captureEvent( NULL ), - renderEvent( NULL ) {} -}; - -//============================================================================= - -RtApiWasapi::RtApiWasapi() - : coInitialized_( false ), deviceEnumerator_( NULL ) -{ - // WASAPI can run either apartment or multi-threaded - HRESULT hr = CoInitialize( NULL ); - if ( !FAILED( hr ) ) - coInitialized_ = true; - - // Instantiate device enumerator - hr = CoCreateInstance( __uuidof( MMDeviceEnumerator ), NULL, - CLSCTX_ALL, __uuidof( IMMDeviceEnumerator ), - ( void** ) &deviceEnumerator_ ); - - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::RtApiWasapi: Unable to instantiate device enumerator"; - error( RtAudioError::DRIVER_ERROR ); - } -} - -//----------------------------------------------------------------------------- - -RtApiWasapi::~RtApiWasapi() -{ - if ( stream_.state != STREAM_CLOSED ) - closeStream(); - - SAFE_RELEASE( deviceEnumerator_ ); - - // If this object previously called CoInitialize() - if ( coInitialized_ ) - CoUninitialize(); -} - -//============================================================================= - -unsigned int RtApiWasapi::getDeviceCount( void ) -{ - unsigned int captureDeviceCount = 0; - unsigned int renderDeviceCount = 0; - - IMMDeviceCollection* captureDevices = NULL; - IMMDeviceCollection* renderDevices = NULL; - - // Count capture devices - errorText_.clear(); - HRESULT hr = deviceEnumerator_->EnumAudioEndpoints( eCapture, DEVICE_STATE_ACTIVE, &captureDevices ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceCount: Unable to retrieve capture device collection."; - goto Exit; - } - - hr = captureDevices->GetCount( &captureDeviceCount ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceCount: Unable to retrieve capture device count."; - goto Exit; - } - - // Count render devices - hr = deviceEnumerator_->EnumAudioEndpoints( eRender, DEVICE_STATE_ACTIVE, &renderDevices ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceCount: Unable to retrieve render device collection."; - goto Exit; - } - - hr = renderDevices->GetCount( &renderDeviceCount ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceCount: Unable to retrieve render device count."; - goto Exit; - } - -Exit: - // release all references - SAFE_RELEASE( captureDevices ); - SAFE_RELEASE( renderDevices ); - - if ( errorText_.empty() ) - return captureDeviceCount + renderDeviceCount; - - error( RtAudioError::DRIVER_ERROR ); - return 0; -} - -//----------------------------------------------------------------------------- - -RtAudio::DeviceInfo RtApiWasapi::getDeviceInfo( unsigned int device ) -{ - RtAudio::DeviceInfo info; - unsigned int captureDeviceCount = 0; - unsigned int renderDeviceCount = 0; - std::string defaultDeviceName; - bool isCaptureDevice = false; - - PROPVARIANT deviceNameProp; - PROPVARIANT defaultDeviceNameProp; - - IMMDeviceCollection* captureDevices = NULL; - IMMDeviceCollection* renderDevices = NULL; - IMMDevice* devicePtr = NULL; - IMMDevice* defaultDevicePtr = NULL; - IAudioClient* audioClient = NULL; - IPropertyStore* devicePropStore = NULL; - IPropertyStore* defaultDevicePropStore = NULL; - - WAVEFORMATEX* deviceFormat = NULL; - WAVEFORMATEX* closestMatchFormat = NULL; - - // probed - info.probed = false; - - // Count capture devices - errorText_.clear(); - RtAudioError::Type errorType = RtAudioError::DRIVER_ERROR; - HRESULT hr = deviceEnumerator_->EnumAudioEndpoints( eCapture, DEVICE_STATE_ACTIVE, &captureDevices ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to retrieve capture device collection."; - goto Exit; - } - - hr = captureDevices->GetCount( &captureDeviceCount ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to retrieve capture device count."; - goto Exit; - } - - // Count render devices - hr = deviceEnumerator_->EnumAudioEndpoints( eRender, DEVICE_STATE_ACTIVE, &renderDevices ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to retrieve render device collection."; - goto Exit; - } - - hr = renderDevices->GetCount( &renderDeviceCount ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to retrieve render device count."; - goto Exit; - } - - // validate device index - if ( device >= captureDeviceCount + renderDeviceCount ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Invalid device index."; - errorType = RtAudioError::INVALID_USE; - goto Exit; - } - - // determine whether index falls within capture or render devices - if ( device >= renderDeviceCount ) { - hr = captureDevices->Item( device - renderDeviceCount, &devicePtr ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to retrieve capture device handle."; - goto Exit; - } - isCaptureDevice = true; - } - else { - hr = renderDevices->Item( device, &devicePtr ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to retrieve render device handle."; - goto Exit; - } - isCaptureDevice = false; - } - - // get default device name - if ( isCaptureDevice ) { - hr = deviceEnumerator_->GetDefaultAudioEndpoint( eCapture, eConsole, &defaultDevicePtr ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to retrieve default capture device handle."; - goto Exit; - } - } - else { - hr = deviceEnumerator_->GetDefaultAudioEndpoint( eRender, eConsole, &defaultDevicePtr ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to retrieve default render device handle."; - goto Exit; - } - } - - hr = defaultDevicePtr->OpenPropertyStore( STGM_READ, &defaultDevicePropStore ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to open default device property store."; - goto Exit; - } - PropVariantInit( &defaultDeviceNameProp ); - - hr = defaultDevicePropStore->GetValue( PKEY_Device_FriendlyName, &defaultDeviceNameProp ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to retrieve default device property: PKEY_Device_FriendlyName."; - goto Exit; - } - - defaultDeviceName = convertCharPointerToStdString(defaultDeviceNameProp.pwszVal); - - // name - hr = devicePtr->OpenPropertyStore( STGM_READ, &devicePropStore ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to open device property store."; - goto Exit; - } - - PropVariantInit( &deviceNameProp ); - - hr = devicePropStore->GetValue( PKEY_Device_FriendlyName, &deviceNameProp ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to retrieve device property: PKEY_Device_FriendlyName."; - goto Exit; - } - - info.name =convertCharPointerToStdString(deviceNameProp.pwszVal); - - // is default - if ( isCaptureDevice ) { - info.isDefaultInput = info.name == defaultDeviceName; - info.isDefaultOutput = false; - } - else { - info.isDefaultInput = false; - info.isDefaultOutput = info.name == defaultDeviceName; - } - - // channel count - hr = devicePtr->Activate( __uuidof( IAudioClient ), CLSCTX_ALL, NULL, ( void** ) &audioClient ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to retrieve device audio client."; - goto Exit; - } - - hr = audioClient->GetMixFormat( &deviceFormat ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::getDeviceInfo: Unable to retrieve device mix format."; - goto Exit; - } - - if ( isCaptureDevice ) { - info.inputChannels = deviceFormat->nChannels; - info.outputChannels = 0; - info.duplexChannels = 0; - } - else { - info.inputChannels = 0; - info.outputChannels = deviceFormat->nChannels; - info.duplexChannels = 0; - } - - // sample rates - info.sampleRates.clear(); - - // allow support for all sample rates as we have a built-in sample rate converter - for ( unsigned int i = 0; i < MAX_SAMPLE_RATES; i++ ) { - info.sampleRates.push_back( SAMPLE_RATES[i] ); - } - info.preferredSampleRate = deviceFormat->nSamplesPerSec; - - // native format - info.nativeFormats = 0; - - if ( deviceFormat->wFormatTag == WAVE_FORMAT_IEEE_FLOAT || - ( deviceFormat->wFormatTag == WAVE_FORMAT_EXTENSIBLE && - ( ( WAVEFORMATEXTENSIBLE* ) deviceFormat )->SubFormat == KSDATAFORMAT_SUBTYPE_IEEE_FLOAT ) ) - { - if ( deviceFormat->wBitsPerSample == 32 ) { - info.nativeFormats |= RTAUDIO_FLOAT32; - } - else if ( deviceFormat->wBitsPerSample == 64 ) { - info.nativeFormats |= RTAUDIO_FLOAT64; - } - } - else if ( deviceFormat->wFormatTag == WAVE_FORMAT_PCM || - ( deviceFormat->wFormatTag == WAVE_FORMAT_EXTENSIBLE && - ( ( WAVEFORMATEXTENSIBLE* ) deviceFormat )->SubFormat == KSDATAFORMAT_SUBTYPE_PCM ) ) - { - if ( deviceFormat->wBitsPerSample == 8 ) { - info.nativeFormats |= RTAUDIO_SINT8; - } - else if ( deviceFormat->wBitsPerSample == 16 ) { - info.nativeFormats |= RTAUDIO_SINT16; - } - else if ( deviceFormat->wBitsPerSample == 24 ) { - info.nativeFormats |= RTAUDIO_SINT24; - } - else if ( deviceFormat->wBitsPerSample == 32 ) { - info.nativeFormats |= RTAUDIO_SINT32; - } - } - - // probed - info.probed = true; - -Exit: - // release all references - PropVariantClear( &deviceNameProp ); - PropVariantClear( &defaultDeviceNameProp ); - - SAFE_RELEASE( captureDevices ); - SAFE_RELEASE( renderDevices ); - SAFE_RELEASE( devicePtr ); - SAFE_RELEASE( defaultDevicePtr ); - SAFE_RELEASE( audioClient ); - SAFE_RELEASE( devicePropStore ); - SAFE_RELEASE( defaultDevicePropStore ); - - CoTaskMemFree( deviceFormat ); - CoTaskMemFree( closestMatchFormat ); - - if ( !errorText_.empty() ) - error( errorType ); - return info; -} - -//----------------------------------------------------------------------------- - -unsigned int RtApiWasapi::getDefaultOutputDevice( void ) -{ - for ( unsigned int i = 0; i < getDeviceCount(); i++ ) { - if ( getDeviceInfo( i ).isDefaultOutput ) { - return i; - } - } - - return 0; -} - -//----------------------------------------------------------------------------- - -unsigned int RtApiWasapi::getDefaultInputDevice( void ) -{ - for ( unsigned int i = 0; i < getDeviceCount(); i++ ) { - if ( getDeviceInfo( i ).isDefaultInput ) { - return i; - } - } - - return 0; -} - -//----------------------------------------------------------------------------- - -void RtApiWasapi::closeStream( void ) -{ - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiWasapi::closeStream: No open stream to close."; - error( RtAudioError::WARNING ); - return; - } - - if ( stream_.state != STREAM_STOPPED ) - stopStream(); - - // clean up stream memory - SAFE_RELEASE( ( ( WasapiHandle* ) stream_.apiHandle )->captureAudioClient ) - SAFE_RELEASE( ( ( WasapiHandle* ) stream_.apiHandle )->renderAudioClient ) - - SAFE_RELEASE( ( ( WasapiHandle* ) stream_.apiHandle )->captureClient ) - SAFE_RELEASE( ( ( WasapiHandle* ) stream_.apiHandle )->renderClient ) - - if ( ( ( WasapiHandle* ) stream_.apiHandle )->captureEvent ) - CloseHandle( ( ( WasapiHandle* ) stream_.apiHandle )->captureEvent ); - - if ( ( ( WasapiHandle* ) stream_.apiHandle )->renderEvent ) - CloseHandle( ( ( WasapiHandle* ) stream_.apiHandle )->renderEvent ); - - delete ( WasapiHandle* ) stream_.apiHandle; - stream_.apiHandle = NULL; - - for ( int i = 0; i < 2; i++ ) { - if ( stream_.userBuffer[i] ) { - free( stream_.userBuffer[i] ); - stream_.userBuffer[i] = 0; - } - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - - // update stream state - stream_.state = STREAM_CLOSED; -} - -//----------------------------------------------------------------------------- - -void RtApiWasapi::startStream( void ) -{ - verifyStream(); - - if ( stream_.state == STREAM_RUNNING ) { - errorText_ = "RtApiWasapi::startStream: The stream is already running."; - error( RtAudioError::WARNING ); - return; - } - - // update stream state - stream_.state = STREAM_RUNNING; - - // create WASAPI stream thread - stream_.callbackInfo.thread = ( ThreadHandle ) CreateThread( NULL, 0, runWasapiThread, this, CREATE_SUSPENDED, NULL ); - - if ( !stream_.callbackInfo.thread ) { - errorText_ = "RtApiWasapi::startStream: Unable to instantiate callback thread."; - error( RtAudioError::THREAD_ERROR ); - } - else { - SetThreadPriority( ( void* ) stream_.callbackInfo.thread, stream_.callbackInfo.priority ); - ResumeThread( ( void* ) stream_.callbackInfo.thread ); - } -} - -//----------------------------------------------------------------------------- - -void RtApiWasapi::stopStream( void ) -{ - verifyStream(); - - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiWasapi::stopStream: The stream is already stopped."; - error( RtAudioError::WARNING ); - return; - } - - // inform stream thread by setting stream state to STREAM_STOPPING - stream_.state = STREAM_STOPPING; - - // wait until stream thread is stopped - while( stream_.state != STREAM_STOPPED ) { - Sleep( 1 ); - } - - // Wait for the last buffer to play before stopping. - Sleep( 1000 * stream_.bufferSize / stream_.sampleRate ); - - // stop capture client if applicable - if ( ( ( WasapiHandle* ) stream_.apiHandle )->captureAudioClient ) { - HRESULT hr = ( ( WasapiHandle* ) stream_.apiHandle )->captureAudioClient->Stop(); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::stopStream: Unable to stop capture stream."; - error( RtAudioError::DRIVER_ERROR ); - return; - } - } - - // stop render client if applicable - if ( ( ( WasapiHandle* ) stream_.apiHandle )->renderAudioClient ) { - HRESULT hr = ( ( WasapiHandle* ) stream_.apiHandle )->renderAudioClient->Stop(); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::stopStream: Unable to stop render stream."; - error( RtAudioError::DRIVER_ERROR ); - return; - } - } - - // close thread handle - if ( stream_.callbackInfo.thread && !CloseHandle( ( void* ) stream_.callbackInfo.thread ) ) { - errorText_ = "RtApiWasapi::stopStream: Unable to close callback thread."; - error( RtAudioError::THREAD_ERROR ); - return; - } - - stream_.callbackInfo.thread = (ThreadHandle) NULL; -} - -//----------------------------------------------------------------------------- - -void RtApiWasapi::abortStream( void ) -{ - verifyStream(); - - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiWasapi::abortStream: The stream is already stopped."; - error( RtAudioError::WARNING ); - return; - } - - // inform stream thread by setting stream state to STREAM_STOPPING - stream_.state = STREAM_STOPPING; - - // wait until stream thread is stopped - while ( stream_.state != STREAM_STOPPED ) { - Sleep( 1 ); - } - - // stop capture client if applicable - if ( ( ( WasapiHandle* ) stream_.apiHandle )->captureAudioClient ) { - HRESULT hr = ( ( WasapiHandle* ) stream_.apiHandle )->captureAudioClient->Stop(); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::abortStream: Unable to stop capture stream."; - error( RtAudioError::DRIVER_ERROR ); - return; - } - } - - // stop render client if applicable - if ( ( ( WasapiHandle* ) stream_.apiHandle )->renderAudioClient ) { - HRESULT hr = ( ( WasapiHandle* ) stream_.apiHandle )->renderAudioClient->Stop(); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::abortStream: Unable to stop render stream."; - error( RtAudioError::DRIVER_ERROR ); - return; - } - } - - // close thread handle - if ( stream_.callbackInfo.thread && !CloseHandle( ( void* ) stream_.callbackInfo.thread ) ) { - errorText_ = "RtApiWasapi::abortStream: Unable to close callback thread."; - error( RtAudioError::THREAD_ERROR ); - return; - } - - stream_.callbackInfo.thread = (ThreadHandle) NULL; -} - -//----------------------------------------------------------------------------- - -bool RtApiWasapi::probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int* bufferSize, - RtAudio::StreamOptions* options ) -{ - bool methodResult = FAILURE; - unsigned int captureDeviceCount = 0; - unsigned int renderDeviceCount = 0; - - IMMDeviceCollection* captureDevices = NULL; - IMMDeviceCollection* renderDevices = NULL; - IMMDevice* devicePtr = NULL; - WAVEFORMATEX* deviceFormat = NULL; - unsigned int bufferBytes; - stream_.state = STREAM_STOPPED; - - // create API Handle if not already created - if ( !stream_.apiHandle ) - stream_.apiHandle = ( void* ) new WasapiHandle(); - - // Count capture devices - errorText_.clear(); - RtAudioError::Type errorType = RtAudioError::DRIVER_ERROR; - HRESULT hr = deviceEnumerator_->EnumAudioEndpoints( eCapture, DEVICE_STATE_ACTIVE, &captureDevices ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::probeDeviceOpen: Unable to retrieve capture device collection."; - goto Exit; - } - - hr = captureDevices->GetCount( &captureDeviceCount ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::probeDeviceOpen: Unable to retrieve capture device count."; - goto Exit; - } - - // Count render devices - hr = deviceEnumerator_->EnumAudioEndpoints( eRender, DEVICE_STATE_ACTIVE, &renderDevices ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::probeDeviceOpen: Unable to retrieve render device collection."; - goto Exit; - } - - hr = renderDevices->GetCount( &renderDeviceCount ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::probeDeviceOpen: Unable to retrieve render device count."; - goto Exit; - } - - // validate device index - if ( device >= captureDeviceCount + renderDeviceCount ) { - errorType = RtAudioError::INVALID_USE; - errorText_ = "RtApiWasapi::probeDeviceOpen: Invalid device index."; - goto Exit; - } - - // determine whether index falls within capture or render devices - if ( device >= renderDeviceCount ) { - if ( mode != INPUT ) { - errorType = RtAudioError::INVALID_USE; - errorText_ = "RtApiWasapi::probeDeviceOpen: Capture device selected as output device."; - goto Exit; - } - - // retrieve captureAudioClient from devicePtr - IAudioClient*& captureAudioClient = ( ( WasapiHandle* ) stream_.apiHandle )->captureAudioClient; - - hr = captureDevices->Item( device - renderDeviceCount, &devicePtr ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::probeDeviceOpen: Unable to retrieve capture device handle."; - goto Exit; - } - - hr = devicePtr->Activate( __uuidof( IAudioClient ), CLSCTX_ALL, - NULL, ( void** ) &captureAudioClient ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::probeDeviceOpen: Unable to retrieve device audio client."; - goto Exit; - } - - hr = captureAudioClient->GetMixFormat( &deviceFormat ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::probeDeviceOpen: Unable to retrieve device mix format."; - goto Exit; - } - - stream_.nDeviceChannels[mode] = deviceFormat->nChannels; - captureAudioClient->GetStreamLatency( ( long long* ) &stream_.latency[mode] ); - } - else { - if ( mode != OUTPUT ) { - errorType = RtAudioError::INVALID_USE; - errorText_ = "RtApiWasapi::probeDeviceOpen: Render device selected as input device."; - goto Exit; - } - - // retrieve renderAudioClient from devicePtr - IAudioClient*& renderAudioClient = ( ( WasapiHandle* ) stream_.apiHandle )->renderAudioClient; - - hr = renderDevices->Item( device, &devicePtr ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::probeDeviceOpen: Unable to retrieve render device handle."; - goto Exit; - } - - hr = devicePtr->Activate( __uuidof( IAudioClient ), CLSCTX_ALL, - NULL, ( void** ) &renderAudioClient ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::probeDeviceOpen: Unable to retrieve device audio client."; - goto Exit; - } - - hr = renderAudioClient->GetMixFormat( &deviceFormat ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::probeDeviceOpen: Unable to retrieve device mix format."; - goto Exit; - } - - stream_.nDeviceChannels[mode] = deviceFormat->nChannels; - renderAudioClient->GetStreamLatency( ( long long* ) &stream_.latency[mode] ); - } - - // fill stream data - if ( ( stream_.mode == OUTPUT && mode == INPUT ) || - ( stream_.mode == INPUT && mode == OUTPUT ) ) { - stream_.mode = DUPLEX; - } - else { - stream_.mode = mode; - } - - stream_.device[mode] = device; - stream_.doByteSwap[mode] = false; - stream_.sampleRate = sampleRate; - stream_.bufferSize = *bufferSize; - stream_.nBuffers = 1; - stream_.nUserChannels[mode] = channels; - stream_.channelOffset[mode] = firstChannel; - stream_.userFormat = format; - stream_.deviceFormat[mode] = getDeviceInfo( device ).nativeFormats; - - if ( options && options->flags & RTAUDIO_NONINTERLEAVED ) - stream_.userInterleaved = false; - else - stream_.userInterleaved = true; - stream_.deviceInterleaved[mode] = true; - - // Set flags for buffer conversion. - stream_.doConvertBuffer[mode] = false; - if ( stream_.userFormat != stream_.deviceFormat[mode] || - stream_.nUserChannels != stream_.nDeviceChannels ) - stream_.doConvertBuffer[mode] = true; - else if ( stream_.userInterleaved != stream_.deviceInterleaved[mode] && - stream_.nUserChannels[mode] > 1 ) - stream_.doConvertBuffer[mode] = true; - - if ( stream_.doConvertBuffer[mode] ) - setConvertInfo( mode, 0 ); - - // Allocate necessary internal buffers - bufferBytes = stream_.nUserChannels[mode] * stream_.bufferSize * formatBytes( stream_.userFormat ); - - stream_.userBuffer[mode] = ( char* ) calloc( bufferBytes, 1 ); - if ( !stream_.userBuffer[mode] ) { - errorType = RtAudioError::MEMORY_ERROR; - errorText_ = "RtApiWasapi::probeDeviceOpen: Error allocating user buffer memory."; - goto Exit; - } - - if ( options && options->flags & RTAUDIO_SCHEDULE_REALTIME ) - stream_.callbackInfo.priority = 15; - else - stream_.callbackInfo.priority = 0; - - ///! TODO: RTAUDIO_MINIMIZE_LATENCY // Provide stream buffers directly to callback - ///! TODO: RTAUDIO_HOG_DEVICE // Exclusive mode - - methodResult = SUCCESS; - -Exit: - //clean up - SAFE_RELEASE( captureDevices ); - SAFE_RELEASE( renderDevices ); - SAFE_RELEASE( devicePtr ); - CoTaskMemFree( deviceFormat ); - - // if method failed, close the stream - if ( methodResult == FAILURE ) - closeStream(); - - if ( !errorText_.empty() ) - error( errorType ); - return methodResult; -} - -//============================================================================= - -DWORD WINAPI RtApiWasapi::runWasapiThread( void* wasapiPtr ) -{ - if ( wasapiPtr ) - ( ( RtApiWasapi* ) wasapiPtr )->wasapiThread(); - - return 0; -} - -DWORD WINAPI RtApiWasapi::stopWasapiThread( void* wasapiPtr ) -{ - if ( wasapiPtr ) - ( ( RtApiWasapi* ) wasapiPtr )->stopStream(); - - return 0; -} - -DWORD WINAPI RtApiWasapi::abortWasapiThread( void* wasapiPtr ) -{ - if ( wasapiPtr ) - ( ( RtApiWasapi* ) wasapiPtr )->abortStream(); - - return 0; -} - -//----------------------------------------------------------------------------- - -void RtApiWasapi::wasapiThread() -{ - // as this is a new thread, we must CoInitialize it - CoInitialize( NULL ); - - HRESULT hr; - - IAudioClient* captureAudioClient = ( ( WasapiHandle* ) stream_.apiHandle )->captureAudioClient; - IAudioClient* renderAudioClient = ( ( WasapiHandle* ) stream_.apiHandle )->renderAudioClient; - IAudioCaptureClient* captureClient = ( ( WasapiHandle* ) stream_.apiHandle )->captureClient; - IAudioRenderClient* renderClient = ( ( WasapiHandle* ) stream_.apiHandle )->renderClient; - HANDLE captureEvent = ( ( WasapiHandle* ) stream_.apiHandle )->captureEvent; - HANDLE renderEvent = ( ( WasapiHandle* ) stream_.apiHandle )->renderEvent; - - WAVEFORMATEX* captureFormat = NULL; - WAVEFORMATEX* renderFormat = NULL; - float captureSrRatio = 0.0f; - float renderSrRatio = 0.0f; - WasapiBuffer captureBuffer; - WasapiBuffer renderBuffer; - - // declare local stream variables - RtAudioCallback callback = ( RtAudioCallback ) stream_.callbackInfo.callback; - BYTE* streamBuffer = NULL; - unsigned long captureFlags = 0; - unsigned int bufferFrameCount = 0; - unsigned int numFramesPadding = 0; - unsigned int convBufferSize = 0; - bool callbackPushed = false; - bool callbackPulled = false; - bool callbackStopped = false; - int callbackResult = 0; - - // convBuffer is used to store converted buffers between WASAPI and the user - char* convBuffer = NULL; - unsigned int convBuffSize = 0; - unsigned int deviceBuffSize = 0; - - errorText_.clear(); - RtAudioError::Type errorType = RtAudioError::DRIVER_ERROR; - - // Attempt to assign "Pro Audio" characteristic to thread - HMODULE AvrtDll = LoadLibrary( (LPCTSTR) "AVRT.dll" ); - if ( AvrtDll ) { - DWORD taskIndex = 0; - TAvSetMmThreadCharacteristicsPtr AvSetMmThreadCharacteristicsPtr = ( TAvSetMmThreadCharacteristicsPtr ) GetProcAddress( AvrtDll, "AvSetMmThreadCharacteristicsW" ); - AvSetMmThreadCharacteristicsPtr( L"Pro Audio", &taskIndex ); - FreeLibrary( AvrtDll ); - } - - // start capture stream if applicable - if ( captureAudioClient ) { - hr = captureAudioClient->GetMixFormat( &captureFormat ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to retrieve device mix format."; - goto Exit; - } - - captureSrRatio = ( ( float ) captureFormat->nSamplesPerSec / stream_.sampleRate ); - - // initialize capture stream according to desire buffer size - float desiredBufferSize = stream_.bufferSize * captureSrRatio; - REFERENCE_TIME desiredBufferPeriod = ( REFERENCE_TIME ) ( ( float ) desiredBufferSize * 10000000 / captureFormat->nSamplesPerSec ); - - if ( !captureClient ) { - hr = captureAudioClient->Initialize( AUDCLNT_SHAREMODE_SHARED, - AUDCLNT_STREAMFLAGS_EVENTCALLBACK, - desiredBufferPeriod, - desiredBufferPeriod, - captureFormat, - NULL ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to initialize capture audio client."; - goto Exit; - } - - hr = captureAudioClient->GetService( __uuidof( IAudioCaptureClient ), - ( void** ) &captureClient ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to retrieve capture client handle."; - goto Exit; - } - - // configure captureEvent to trigger on every available capture buffer - captureEvent = CreateEvent( NULL, FALSE, FALSE, NULL ); - if ( !captureEvent ) { - errorType = RtAudioError::SYSTEM_ERROR; - errorText_ = "RtApiWasapi::wasapiThread: Unable to create capture event."; - goto Exit; - } - - hr = captureAudioClient->SetEventHandle( captureEvent ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to set capture event handle."; - goto Exit; - } - - ( ( WasapiHandle* ) stream_.apiHandle )->captureClient = captureClient; - ( ( WasapiHandle* ) stream_.apiHandle )->captureEvent = captureEvent; - } - - unsigned int inBufferSize = 0; - hr = captureAudioClient->GetBufferSize( &inBufferSize ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to get capture buffer size."; - goto Exit; - } - - // scale outBufferSize according to stream->user sample rate ratio - unsigned int outBufferSize = ( unsigned int ) ( stream_.bufferSize * captureSrRatio ) * stream_.nDeviceChannels[INPUT]; - inBufferSize *= stream_.nDeviceChannels[INPUT]; - - // set captureBuffer size - captureBuffer.setBufferSize( inBufferSize + outBufferSize, formatBytes( stream_.deviceFormat[INPUT] ) ); - - // reset the capture stream - hr = captureAudioClient->Reset(); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to reset capture stream."; - goto Exit; - } - - // start the capture stream - hr = captureAudioClient->Start(); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to start capture stream."; - goto Exit; - } - } - - // start render stream if applicable - if ( renderAudioClient ) { - hr = renderAudioClient->GetMixFormat( &renderFormat ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to retrieve device mix format."; - goto Exit; - } - - renderSrRatio = ( ( float ) renderFormat->nSamplesPerSec / stream_.sampleRate ); - - // initialize render stream according to desire buffer size - float desiredBufferSize = stream_.bufferSize * renderSrRatio; - REFERENCE_TIME desiredBufferPeriod = ( REFERENCE_TIME ) ( ( float ) desiredBufferSize * 10000000 / renderFormat->nSamplesPerSec ); - - if ( !renderClient ) { - hr = renderAudioClient->Initialize( AUDCLNT_SHAREMODE_SHARED, - AUDCLNT_STREAMFLAGS_EVENTCALLBACK, - desiredBufferPeriod, - desiredBufferPeriod, - renderFormat, - NULL ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to initialize render audio client."; - goto Exit; - } - - hr = renderAudioClient->GetService( __uuidof( IAudioRenderClient ), - ( void** ) &renderClient ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to retrieve render client handle."; - goto Exit; - } - - // configure renderEvent to trigger on every available render buffer - renderEvent = CreateEvent( NULL, FALSE, FALSE, NULL ); - if ( !renderEvent ) { - errorType = RtAudioError::SYSTEM_ERROR; - errorText_ = "RtApiWasapi::wasapiThread: Unable to create render event."; - goto Exit; - } - - hr = renderAudioClient->SetEventHandle( renderEvent ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to set render event handle."; - goto Exit; - } - - ( ( WasapiHandle* ) stream_.apiHandle )->renderClient = renderClient; - ( ( WasapiHandle* ) stream_.apiHandle )->renderEvent = renderEvent; - } - - unsigned int outBufferSize = 0; - hr = renderAudioClient->GetBufferSize( &outBufferSize ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to get render buffer size."; - goto Exit; - } - - // scale inBufferSize according to user->stream sample rate ratio - unsigned int inBufferSize = ( unsigned int ) ( stream_.bufferSize * renderSrRatio ) * stream_.nDeviceChannels[OUTPUT]; - outBufferSize *= stream_.nDeviceChannels[OUTPUT]; - - // set renderBuffer size - renderBuffer.setBufferSize( inBufferSize + outBufferSize, formatBytes( stream_.deviceFormat[OUTPUT] ) ); - - // reset the render stream - hr = renderAudioClient->Reset(); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to reset render stream."; - goto Exit; - } - - // start the render stream - hr = renderAudioClient->Start(); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to start render stream."; - goto Exit; - } - } - - if ( stream_.mode == INPUT ) { - convBuffSize = ( size_t ) ( stream_.bufferSize * captureSrRatio ) * stream_.nDeviceChannels[INPUT] * formatBytes( stream_.deviceFormat[INPUT] ); - deviceBuffSize = stream_.bufferSize * stream_.nDeviceChannels[INPUT] * formatBytes( stream_.deviceFormat[INPUT] ); - } - else if ( stream_.mode == OUTPUT ) { - convBuffSize = ( size_t ) ( stream_.bufferSize * renderSrRatio ) * stream_.nDeviceChannels[OUTPUT] * formatBytes( stream_.deviceFormat[OUTPUT] ); - deviceBuffSize = stream_.bufferSize * stream_.nDeviceChannels[OUTPUT] * formatBytes( stream_.deviceFormat[OUTPUT] ); - } - else if ( stream_.mode == DUPLEX ) { - convBuffSize = std::max( ( size_t ) ( stream_.bufferSize * captureSrRatio ) * stream_.nDeviceChannels[INPUT] * formatBytes( stream_.deviceFormat[INPUT] ), - ( size_t ) ( stream_.bufferSize * renderSrRatio ) * stream_.nDeviceChannels[OUTPUT] * formatBytes( stream_.deviceFormat[OUTPUT] ) ); - deviceBuffSize = std::max( stream_.bufferSize * stream_.nDeviceChannels[INPUT] * formatBytes( stream_.deviceFormat[INPUT] ), - stream_.bufferSize * stream_.nDeviceChannels[OUTPUT] * formatBytes( stream_.deviceFormat[OUTPUT] ) ); - } - - convBuffer = ( char* ) malloc( convBuffSize ); - stream_.deviceBuffer = ( char* ) malloc( deviceBuffSize ); - if ( !convBuffer || !stream_.deviceBuffer ) { - errorType = RtAudioError::MEMORY_ERROR; - errorText_ = "RtApiWasapi::wasapiThread: Error allocating device buffer memory."; - goto Exit; - } - - // stream process loop - while ( stream_.state != STREAM_STOPPING ) { - if ( !callbackPulled ) { - // Callback Input - // ============== - // 1. Pull callback buffer from inputBuffer - // 2. If 1. was successful: Convert callback buffer to user sample rate and channel count - // Convert callback buffer to user format - - if ( captureAudioClient ) { - // Pull callback buffer from inputBuffer - callbackPulled = captureBuffer.pullBuffer( convBuffer, - ( unsigned int ) ( stream_.bufferSize * captureSrRatio ) * stream_.nDeviceChannels[INPUT], - stream_.deviceFormat[INPUT] ); - - if ( callbackPulled ) { - // Convert callback buffer to user sample rate - convertBufferWasapi( stream_.deviceBuffer, - convBuffer, - stream_.nDeviceChannels[INPUT], - captureFormat->nSamplesPerSec, - stream_.sampleRate, - ( unsigned int ) ( stream_.bufferSize * captureSrRatio ), - convBufferSize, - stream_.deviceFormat[INPUT] ); - - if ( stream_.doConvertBuffer[INPUT] ) { - // Convert callback buffer to user format - convertBuffer( stream_.userBuffer[INPUT], - stream_.deviceBuffer, - stream_.convertInfo[INPUT] ); - } - else { - // no further conversion, simple copy deviceBuffer to userBuffer - memcpy( stream_.userBuffer[INPUT], - stream_.deviceBuffer, - stream_.bufferSize * stream_.nUserChannels[INPUT] * formatBytes( stream_.userFormat ) ); - } - } - } - else { - // if there is no capture stream, set callbackPulled flag - callbackPulled = true; - } - - // Execute Callback - // ================ - // 1. Execute user callback method - // 2. Handle return value from callback - - // if callback has not requested the stream to stop - if ( callbackPulled && !callbackStopped ) { - // Execute user callback method - callbackResult = callback( stream_.userBuffer[OUTPUT], - stream_.userBuffer[INPUT], - stream_.bufferSize, - getStreamTime(), - captureFlags & AUDCLNT_BUFFERFLAGS_DATA_DISCONTINUITY ? RTAUDIO_INPUT_OVERFLOW : 0, - stream_.callbackInfo.userData ); - - // Handle return value from callback - if ( callbackResult == 1 ) { - // instantiate a thread to stop this thread - HANDLE threadHandle = CreateThread( NULL, 0, stopWasapiThread, this, 0, NULL ); - if ( !threadHandle ) { - errorType = RtAudioError::THREAD_ERROR; - errorText_ = "RtApiWasapi::wasapiThread: Unable to instantiate stream stop thread."; - goto Exit; - } - else if ( !CloseHandle( threadHandle ) ) { - errorType = RtAudioError::THREAD_ERROR; - errorText_ = "RtApiWasapi::wasapiThread: Unable to close stream stop thread handle."; - goto Exit; - } - - callbackStopped = true; - } - else if ( callbackResult == 2 ) { - // instantiate a thread to stop this thread - HANDLE threadHandle = CreateThread( NULL, 0, abortWasapiThread, this, 0, NULL ); - if ( !threadHandle ) { - errorType = RtAudioError::THREAD_ERROR; - errorText_ = "RtApiWasapi::wasapiThread: Unable to instantiate stream abort thread."; - goto Exit; - } - else if ( !CloseHandle( threadHandle ) ) { - errorType = RtAudioError::THREAD_ERROR; - errorText_ = "RtApiWasapi::wasapiThread: Unable to close stream abort thread handle."; - goto Exit; - } - - callbackStopped = true; - } - } - } - - // Callback Output - // =============== - // 1. Convert callback buffer to stream format - // 2. Convert callback buffer to stream sample rate and channel count - // 3. Push callback buffer into outputBuffer - - if ( renderAudioClient && callbackPulled ) { - if ( stream_.doConvertBuffer[OUTPUT] ) { - // Convert callback buffer to stream format - convertBuffer( stream_.deviceBuffer, - stream_.userBuffer[OUTPUT], - stream_.convertInfo[OUTPUT] ); - - } - - // Convert callback buffer to stream sample rate - convertBufferWasapi( convBuffer, - stream_.deviceBuffer, - stream_.nDeviceChannels[OUTPUT], - stream_.sampleRate, - renderFormat->nSamplesPerSec, - stream_.bufferSize, - convBufferSize, - stream_.deviceFormat[OUTPUT] ); - - // Push callback buffer into outputBuffer - callbackPushed = renderBuffer.pushBuffer( convBuffer, - convBufferSize * stream_.nDeviceChannels[OUTPUT], - stream_.deviceFormat[OUTPUT] ); - } - else { - // if there is no render stream, set callbackPushed flag - callbackPushed = true; - } - - // Stream Capture - // ============== - // 1. Get capture buffer from stream - // 2. Push capture buffer into inputBuffer - // 3. If 2. was successful: Release capture buffer - - if ( captureAudioClient ) { - // if the callback input buffer was not pulled from captureBuffer, wait for next capture event - if ( !callbackPulled ) { - WaitForSingleObject( captureEvent, INFINITE ); - } - - // Get capture buffer from stream - hr = captureClient->GetBuffer( &streamBuffer, - &bufferFrameCount, - &captureFlags, NULL, NULL ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to retrieve capture buffer."; - goto Exit; - } - - if ( bufferFrameCount != 0 ) { - // Push capture buffer into inputBuffer - if ( captureBuffer.pushBuffer( ( char* ) streamBuffer, - bufferFrameCount * stream_.nDeviceChannels[INPUT], - stream_.deviceFormat[INPUT] ) ) - { - // Release capture buffer - hr = captureClient->ReleaseBuffer( bufferFrameCount ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to release capture buffer."; - goto Exit; - } - } - else - { - // Inform WASAPI that capture was unsuccessful - hr = captureClient->ReleaseBuffer( 0 ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to release capture buffer."; - goto Exit; - } - } - } - else - { - // Inform WASAPI that capture was unsuccessful - hr = captureClient->ReleaseBuffer( 0 ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to release capture buffer."; - goto Exit; - } - } - } - - // Stream Render - // ============= - // 1. Get render buffer from stream - // 2. Pull next buffer from outputBuffer - // 3. If 2. was successful: Fill render buffer with next buffer - // Release render buffer - - if ( renderAudioClient ) { - // if the callback output buffer was not pushed to renderBuffer, wait for next render event - if ( callbackPulled && !callbackPushed ) { - WaitForSingleObject( renderEvent, INFINITE ); - } - - // Get render buffer from stream - hr = renderAudioClient->GetBufferSize( &bufferFrameCount ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to retrieve render buffer size."; - goto Exit; - } - - hr = renderAudioClient->GetCurrentPadding( &numFramesPadding ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to retrieve render buffer padding."; - goto Exit; - } - - bufferFrameCount -= numFramesPadding; - - if ( bufferFrameCount != 0 ) { - hr = renderClient->GetBuffer( bufferFrameCount, &streamBuffer ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to retrieve render buffer."; - goto Exit; - } - - // Pull next buffer from outputBuffer - // Fill render buffer with next buffer - if ( renderBuffer.pullBuffer( ( char* ) streamBuffer, - bufferFrameCount * stream_.nDeviceChannels[OUTPUT], - stream_.deviceFormat[OUTPUT] ) ) - { - // Release render buffer - hr = renderClient->ReleaseBuffer( bufferFrameCount, 0 ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to release render buffer."; - goto Exit; - } - } - else - { - // Inform WASAPI that render was unsuccessful - hr = renderClient->ReleaseBuffer( 0, 0 ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to release render buffer."; - goto Exit; - } - } - } - else - { - // Inform WASAPI that render was unsuccessful - hr = renderClient->ReleaseBuffer( 0, 0 ); - if ( FAILED( hr ) ) { - errorText_ = "RtApiWasapi::wasapiThread: Unable to release render buffer."; - goto Exit; - } - } - } - - // if the callback buffer was pushed renderBuffer reset callbackPulled flag - if ( callbackPushed ) { - callbackPulled = false; - // tick stream time - RtApi::tickStreamTime(); - } - - } - -Exit: - // clean up - CoTaskMemFree( captureFormat ); - CoTaskMemFree( renderFormat ); - - free ( convBuffer ); - - CoUninitialize(); - - // update stream state - stream_.state = STREAM_STOPPED; - - if ( errorText_.empty() ) - return; - else - error( errorType ); -} - -//******************** End of __WINDOWS_WASAPI__ *********************// -#endif - - -#if defined(__WINDOWS_DS__) // Windows DirectSound API - -// Modified by Robin Davies, October 2005 -// - Improvements to DirectX pointer chasing. -// - Bug fix for non-power-of-two Asio granularity used by Edirol PCR-A30. -// - Auto-call CoInitialize for DSOUND and ASIO platforms. -// Various revisions for RtAudio 4.0 by Gary Scavone, April 2007 -// Changed device query structure for RtAudio 4.0.7, January 2010 - -#include <dsound.h> -#include <assert.h> -#include <algorithm> - -#if defined(__MINGW32__) - // missing from latest mingw winapi -#define WAVE_FORMAT_96M08 0x00010000 /* 96 kHz, Mono, 8-bit */ -#define WAVE_FORMAT_96S08 0x00020000 /* 96 kHz, Stereo, 8-bit */ -#define WAVE_FORMAT_96M16 0x00040000 /* 96 kHz, Mono, 16-bit */ -#define WAVE_FORMAT_96S16 0x00080000 /* 96 kHz, Stereo, 16-bit */ -#endif - -#define MINIMUM_DEVICE_BUFFER_SIZE 32768 - -#ifdef _MSC_VER // if Microsoft Visual C++ -#pragma comment( lib, "winmm.lib" ) // then, auto-link winmm.lib. Otherwise, it has to be added manually. -#endif - -static inline DWORD dsPointerBetween( DWORD pointer, DWORD laterPointer, DWORD earlierPointer, DWORD bufferSize ) -{ - if ( pointer > bufferSize ) pointer -= bufferSize; - if ( laterPointer < earlierPointer ) laterPointer += bufferSize; - if ( pointer < earlierPointer ) pointer += bufferSize; - return pointer >= earlierPointer && pointer < laterPointer; -} - -// A structure to hold various information related to the DirectSound -// API implementation. -struct DsHandle { - unsigned int drainCounter; // Tracks callback counts when draining - bool internalDrain; // Indicates if stop is initiated from callback or not. - void *id[2]; - void *buffer[2]; - bool xrun[2]; - UINT bufferPointer[2]; - DWORD dsBufferSize[2]; - DWORD dsPointerLeadTime[2]; // the number of bytes ahead of the safe pointer to lead by. - HANDLE condition; - - DsHandle() - :drainCounter(0), internalDrain(false) { id[0] = 0; id[1] = 0; buffer[0] = 0; buffer[1] = 0; xrun[0] = false; xrun[1] = false; bufferPointer[0] = 0; bufferPointer[1] = 0; } -}; - -// Declarations for utility functions, callbacks, and structures -// specific to the DirectSound implementation. -static BOOL CALLBACK deviceQueryCallback( LPGUID lpguid, - LPCTSTR description, - LPCTSTR module, - LPVOID lpContext ); - -static const char* getErrorString( int code ); - -static unsigned __stdcall callbackHandler( void *ptr ); - -struct DsDevice { - LPGUID id[2]; - bool validId[2]; - bool found; - std::string name; - - DsDevice() - : found(false) { validId[0] = false; validId[1] = false; } -}; - -struct DsProbeData { - bool isInput; - std::vector<struct DsDevice>* dsDevices; -}; - -RtApiDs :: RtApiDs() -{ - // Dsound will run both-threaded. If CoInitialize fails, then just - // accept whatever the mainline chose for a threading model. - coInitialized_ = false; - HRESULT hr = CoInitialize( NULL ); - if ( !FAILED( hr ) ) coInitialized_ = true; -} - -RtApiDs :: ~RtApiDs() -{ - if ( coInitialized_ ) CoUninitialize(); // balanced call. - if ( stream_.state != STREAM_CLOSED ) closeStream(); -} - -// The DirectSound default output is always the first device. -unsigned int RtApiDs :: getDefaultOutputDevice( void ) -{ - return 0; -} - -// The DirectSound default input is always the first input device, -// which is the first capture device enumerated. -unsigned int RtApiDs :: getDefaultInputDevice( void ) -{ - return 0; -} - -unsigned int RtApiDs :: getDeviceCount( void ) -{ - // Set query flag for previously found devices to false, so that we - // can check for any devices that have disappeared. - for ( unsigned int i=0; i<dsDevices.size(); i++ ) - dsDevices[i].found = false; - - // Query DirectSound devices. - struct DsProbeData probeInfo; - probeInfo.isInput = false; - probeInfo.dsDevices = &dsDevices; - HRESULT result = DirectSoundEnumerate( (LPDSENUMCALLBACK) deviceQueryCallback, &probeInfo ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::getDeviceCount: error (" << getErrorString( result ) << ") enumerating output devices!"; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - } - - // Query DirectSoundCapture devices. - probeInfo.isInput = true; - result = DirectSoundCaptureEnumerate( (LPDSENUMCALLBACK) deviceQueryCallback, &probeInfo ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::getDeviceCount: error (" << getErrorString( result ) << ") enumerating input devices!"; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - } - - // Clean out any devices that may have disappeared (code update submitted by Eli Zehngut). - for ( unsigned int i=0; i<dsDevices.size(); ) { - if ( dsDevices[i].found == false ) dsDevices.erase( dsDevices.begin() + i ); - else i++; - } - - return static_cast<unsigned int>(dsDevices.size()); -} - -RtAudio::DeviceInfo RtApiDs :: getDeviceInfo( unsigned int device ) -{ - RtAudio::DeviceInfo info; - info.probed = false; - - if ( dsDevices.size() == 0 ) { - // Force a query of all devices - getDeviceCount(); - if ( dsDevices.size() == 0 ) { - errorText_ = "RtApiDs::getDeviceInfo: no devices found!"; - error( RtAudioError::INVALID_USE ); - return info; - } - } - - if ( device >= dsDevices.size() ) { - errorText_ = "RtApiDs::getDeviceInfo: device ID is invalid!"; - error( RtAudioError::INVALID_USE ); - return info; - } - - HRESULT result; - if ( dsDevices[ device ].validId[0] == false ) goto probeInput; - - LPDIRECTSOUND output; - DSCAPS outCaps; - result = DirectSoundCreate( dsDevices[ device ].id[0], &output, NULL ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::getDeviceInfo: error (" << getErrorString( result ) << ") opening output device (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - goto probeInput; - } - - outCaps.dwSize = sizeof( outCaps ); - result = output->GetCaps( &outCaps ); - if ( FAILED( result ) ) { - output->Release(); - errorStream_ << "RtApiDs::getDeviceInfo: error (" << getErrorString( result ) << ") getting capabilities!"; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - goto probeInput; - } - - // Get output channel information. - info.outputChannels = ( outCaps.dwFlags & DSCAPS_PRIMARYSTEREO ) ? 2 : 1; - - // Get sample rate information. - info.sampleRates.clear(); - for ( unsigned int k=0; k<MAX_SAMPLE_RATES; k++ ) { - if ( SAMPLE_RATES[k] >= (unsigned int) outCaps.dwMinSecondarySampleRate && - SAMPLE_RATES[k] <= (unsigned int) outCaps.dwMaxSecondarySampleRate ) { - info.sampleRates.push_back( SAMPLE_RATES[k] ); - - if ( !info.preferredSampleRate || ( SAMPLE_RATES[k] <= 48000 && SAMPLE_RATES[k] > info.preferredSampleRate ) ) - info.preferredSampleRate = SAMPLE_RATES[k]; - } - } - - // Get format information. - if ( outCaps.dwFlags & DSCAPS_PRIMARY16BIT ) info.nativeFormats |= RTAUDIO_SINT16; - if ( outCaps.dwFlags & DSCAPS_PRIMARY8BIT ) info.nativeFormats |= RTAUDIO_SINT8; - - output->Release(); - - if ( getDefaultOutputDevice() == device ) - info.isDefaultOutput = true; - - if ( dsDevices[ device ].validId[1] == false ) { - info.name = dsDevices[ device ].name; - info.probed = true; - return info; - } - - probeInput: - - LPDIRECTSOUNDCAPTURE input; - result = DirectSoundCaptureCreate( dsDevices[ device ].id[1], &input, NULL ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::getDeviceInfo: error (" << getErrorString( result ) << ") opening input device (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - DSCCAPS inCaps; - inCaps.dwSize = sizeof( inCaps ); - result = input->GetCaps( &inCaps ); - if ( FAILED( result ) ) { - input->Release(); - errorStream_ << "RtApiDs::getDeviceInfo: error (" << getErrorString( result ) << ") getting object capabilities (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // Get input channel information. - info.inputChannels = inCaps.dwChannels; - - // Get sample rate and format information. - std::vector<unsigned int> rates; - if ( inCaps.dwChannels >= 2 ) { - if ( inCaps.dwFormats & WAVE_FORMAT_1S16 ) info.nativeFormats |= RTAUDIO_SINT16; - if ( inCaps.dwFormats & WAVE_FORMAT_2S16 ) info.nativeFormats |= RTAUDIO_SINT16; - if ( inCaps.dwFormats & WAVE_FORMAT_4S16 ) info.nativeFormats |= RTAUDIO_SINT16; - if ( inCaps.dwFormats & WAVE_FORMAT_96S16 ) info.nativeFormats |= RTAUDIO_SINT16; - if ( inCaps.dwFormats & WAVE_FORMAT_1S08 ) info.nativeFormats |= RTAUDIO_SINT8; - if ( inCaps.dwFormats & WAVE_FORMAT_2S08 ) info.nativeFormats |= RTAUDIO_SINT8; - if ( inCaps.dwFormats & WAVE_FORMAT_4S08 ) info.nativeFormats |= RTAUDIO_SINT8; - if ( inCaps.dwFormats & WAVE_FORMAT_96S08 ) info.nativeFormats |= RTAUDIO_SINT8; - - if ( info.nativeFormats & RTAUDIO_SINT16 ) { - if ( inCaps.dwFormats & WAVE_FORMAT_1S16 ) rates.push_back( 11025 ); - if ( inCaps.dwFormats & WAVE_FORMAT_2S16 ) rates.push_back( 22050 ); - if ( inCaps.dwFormats & WAVE_FORMAT_4S16 ) rates.push_back( 44100 ); - if ( inCaps.dwFormats & WAVE_FORMAT_96S16 ) rates.push_back( 96000 ); - } - else if ( info.nativeFormats & RTAUDIO_SINT8 ) { - if ( inCaps.dwFormats & WAVE_FORMAT_1S08 ) rates.push_back( 11025 ); - if ( inCaps.dwFormats & WAVE_FORMAT_2S08 ) rates.push_back( 22050 ); - if ( inCaps.dwFormats & WAVE_FORMAT_4S08 ) rates.push_back( 44100 ); - if ( inCaps.dwFormats & WAVE_FORMAT_96S08 ) rates.push_back( 96000 ); - } - } - else if ( inCaps.dwChannels == 1 ) { - if ( inCaps.dwFormats & WAVE_FORMAT_1M16 ) info.nativeFormats |= RTAUDIO_SINT16; - if ( inCaps.dwFormats & WAVE_FORMAT_2M16 ) info.nativeFormats |= RTAUDIO_SINT16; - if ( inCaps.dwFormats & WAVE_FORMAT_4M16 ) info.nativeFormats |= RTAUDIO_SINT16; - if ( inCaps.dwFormats & WAVE_FORMAT_96M16 ) info.nativeFormats |= RTAUDIO_SINT16; - if ( inCaps.dwFormats & WAVE_FORMAT_1M08 ) info.nativeFormats |= RTAUDIO_SINT8; - if ( inCaps.dwFormats & WAVE_FORMAT_2M08 ) info.nativeFormats |= RTAUDIO_SINT8; - if ( inCaps.dwFormats & WAVE_FORMAT_4M08 ) info.nativeFormats |= RTAUDIO_SINT8; - if ( inCaps.dwFormats & WAVE_FORMAT_96M08 ) info.nativeFormats |= RTAUDIO_SINT8; - - if ( info.nativeFormats & RTAUDIO_SINT16 ) { - if ( inCaps.dwFormats & WAVE_FORMAT_1M16 ) rates.push_back( 11025 ); - if ( inCaps.dwFormats & WAVE_FORMAT_2M16 ) rates.push_back( 22050 ); - if ( inCaps.dwFormats & WAVE_FORMAT_4M16 ) rates.push_back( 44100 ); - if ( inCaps.dwFormats & WAVE_FORMAT_96M16 ) rates.push_back( 96000 ); - } - else if ( info.nativeFormats & RTAUDIO_SINT8 ) { - if ( inCaps.dwFormats & WAVE_FORMAT_1M08 ) rates.push_back( 11025 ); - if ( inCaps.dwFormats & WAVE_FORMAT_2M08 ) rates.push_back( 22050 ); - if ( inCaps.dwFormats & WAVE_FORMAT_4M08 ) rates.push_back( 44100 ); - if ( inCaps.dwFormats & WAVE_FORMAT_96M08 ) rates.push_back( 96000 ); - } - } - else info.inputChannels = 0; // technically, this would be an error - - input->Release(); - - if ( info.inputChannels == 0 ) return info; - - // Copy the supported rates to the info structure but avoid duplication. - bool found; - for ( unsigned int i=0; i<rates.size(); i++ ) { - found = false; - for ( unsigned int j=0; j<info.sampleRates.size(); j++ ) { - if ( rates[i] == info.sampleRates[j] ) { - found = true; - break; - } - } - if ( found == false ) info.sampleRates.push_back( rates[i] ); - } - std::sort( info.sampleRates.begin(), info.sampleRates.end() ); - - // If device opens for both playback and capture, we determine the channels. - if ( info.outputChannels > 0 && info.inputChannels > 0 ) - info.duplexChannels = (info.outputChannels > info.inputChannels) ? info.inputChannels : info.outputChannels; - - if ( device == 0 ) info.isDefaultInput = true; - - // Copy name and return. - info.name = dsDevices[ device ].name; - info.probed = true; - return info; -} - -bool RtApiDs :: probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ) -{ - if ( channels + firstChannel > 2 ) { - errorText_ = "RtApiDs::probeDeviceOpen: DirectSound does not support more than 2 channels per device."; - return FAILURE; - } - - size_t nDevices = dsDevices.size(); - if ( nDevices == 0 ) { - // This should not happen because a check is made before this function is called. - errorText_ = "RtApiDs::probeDeviceOpen: no devices found!"; - return FAILURE; - } - - if ( device >= nDevices ) { - // This should not happen because a check is made before this function is called. - errorText_ = "RtApiDs::probeDeviceOpen: device ID is invalid!"; - return FAILURE; - } - - if ( mode == OUTPUT ) { - if ( dsDevices[ device ].validId[0] == false ) { - errorStream_ << "RtApiDs::probeDeviceOpen: device (" << device << ") does not support output!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - } - else { // mode == INPUT - if ( dsDevices[ device ].validId[1] == false ) { - errorStream_ << "RtApiDs::probeDeviceOpen: device (" << device << ") does not support input!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - } - - // According to a note in PortAudio, using GetDesktopWindow() - // instead of GetForegroundWindow() is supposed to avoid problems - // that occur when the application's window is not the foreground - // window. Also, if the application window closes before the - // DirectSound buffer, DirectSound can crash. In the past, I had - // problems when using GetDesktopWindow() but it seems fine now - // (January 2010). I'll leave it commented here. - // HWND hWnd = GetForegroundWindow(); - HWND hWnd = GetDesktopWindow(); - - // Check the numberOfBuffers parameter and limit the lowest value to - // two. This is a judgement call and a value of two is probably too - // low for capture, but it should work for playback. - int nBuffers = 0; - if ( options ) nBuffers = options->numberOfBuffers; - if ( options && options->flags & RTAUDIO_MINIMIZE_LATENCY ) nBuffers = 2; - if ( nBuffers < 2 ) nBuffers = 3; - - // Check the lower range of the user-specified buffer size and set - // (arbitrarily) to a lower bound of 32. - if ( *bufferSize < 32 ) *bufferSize = 32; - - // Create the wave format structure. The data format setting will - // be determined later. - WAVEFORMATEX waveFormat; - ZeroMemory( &waveFormat, sizeof(WAVEFORMATEX) ); - waveFormat.wFormatTag = WAVE_FORMAT_PCM; - waveFormat.nChannels = channels + firstChannel; - waveFormat.nSamplesPerSec = (unsigned long) sampleRate; - - // Determine the device buffer size. By default, we'll use the value - // defined above (32K), but we will grow it to make allowances for - // very large software buffer sizes. - DWORD dsBufferSize = MINIMUM_DEVICE_BUFFER_SIZE; - DWORD dsPointerLeadTime = 0; - - void *ohandle = 0, *bhandle = 0; - HRESULT result; - if ( mode == OUTPUT ) { - - LPDIRECTSOUND output; - result = DirectSoundCreate( dsDevices[ device ].id[0], &output, NULL ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") opening output device (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - DSCAPS outCaps; - outCaps.dwSize = sizeof( outCaps ); - result = output->GetCaps( &outCaps ); - if ( FAILED( result ) ) { - output->Release(); - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") getting capabilities (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Check channel information. - if ( channels + firstChannel == 2 && !( outCaps.dwFlags & DSCAPS_PRIMARYSTEREO ) ) { - errorStream_ << "RtApiDs::getDeviceInfo: the output device (" << dsDevices[ device ].name << ") does not support stereo playback."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Check format information. Use 16-bit format unless not - // supported or user requests 8-bit. - if ( outCaps.dwFlags & DSCAPS_PRIMARY16BIT && - !( format == RTAUDIO_SINT8 && outCaps.dwFlags & DSCAPS_PRIMARY8BIT ) ) { - waveFormat.wBitsPerSample = 16; - stream_.deviceFormat[mode] = RTAUDIO_SINT16; - } - else { - waveFormat.wBitsPerSample = 8; - stream_.deviceFormat[mode] = RTAUDIO_SINT8; - } - stream_.userFormat = format; - - // Update wave format structure and buffer information. - waveFormat.nBlockAlign = waveFormat.nChannels * waveFormat.wBitsPerSample / 8; - waveFormat.nAvgBytesPerSec = waveFormat.nSamplesPerSec * waveFormat.nBlockAlign; - dsPointerLeadTime = nBuffers * (*bufferSize) * (waveFormat.wBitsPerSample / 8) * channels; - - // If the user wants an even bigger buffer, increase the device buffer size accordingly. - while ( dsPointerLeadTime * 2U > dsBufferSize ) - dsBufferSize *= 2; - - // Set cooperative level to DSSCL_EXCLUSIVE ... sound stops when window focus changes. - // result = output->SetCooperativeLevel( hWnd, DSSCL_EXCLUSIVE ); - // Set cooperative level to DSSCL_PRIORITY ... sound remains when window focus changes. - result = output->SetCooperativeLevel( hWnd, DSSCL_PRIORITY ); - if ( FAILED( result ) ) { - output->Release(); - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") setting cooperative level (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Even though we will write to the secondary buffer, we need to - // access the primary buffer to set the correct output format - // (since the default is 8-bit, 22 kHz!). Setup the DS primary - // buffer description. - DSBUFFERDESC bufferDescription; - ZeroMemory( &bufferDescription, sizeof( DSBUFFERDESC ) ); - bufferDescription.dwSize = sizeof( DSBUFFERDESC ); - bufferDescription.dwFlags = DSBCAPS_PRIMARYBUFFER; - - // Obtain the primary buffer - LPDIRECTSOUNDBUFFER buffer; - result = output->CreateSoundBuffer( &bufferDescription, &buffer, NULL ); - if ( FAILED( result ) ) { - output->Release(); - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") accessing primary buffer (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Set the primary DS buffer sound format. - result = buffer->SetFormat( &waveFormat ); - if ( FAILED( result ) ) { - output->Release(); - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") setting primary buffer format (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Setup the secondary DS buffer description. - ZeroMemory( &bufferDescription, sizeof( DSBUFFERDESC ) ); - bufferDescription.dwSize = sizeof( DSBUFFERDESC ); - bufferDescription.dwFlags = ( DSBCAPS_STICKYFOCUS | - DSBCAPS_GLOBALFOCUS | - DSBCAPS_GETCURRENTPOSITION2 | - DSBCAPS_LOCHARDWARE ); // Force hardware mixing - bufferDescription.dwBufferBytes = dsBufferSize; - bufferDescription.lpwfxFormat = &waveFormat; - - // Try to create the secondary DS buffer. If that doesn't work, - // try to use software mixing. Otherwise, there's a problem. - result = output->CreateSoundBuffer( &bufferDescription, &buffer, NULL ); - if ( FAILED( result ) ) { - bufferDescription.dwFlags = ( DSBCAPS_STICKYFOCUS | - DSBCAPS_GLOBALFOCUS | - DSBCAPS_GETCURRENTPOSITION2 | - DSBCAPS_LOCSOFTWARE ); // Force software mixing - result = output->CreateSoundBuffer( &bufferDescription, &buffer, NULL ); - if ( FAILED( result ) ) { - output->Release(); - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") creating secondary buffer (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - } - - // Get the buffer size ... might be different from what we specified. - DSBCAPS dsbcaps; - dsbcaps.dwSize = sizeof( DSBCAPS ); - result = buffer->GetCaps( &dsbcaps ); - if ( FAILED( result ) ) { - output->Release(); - buffer->Release(); - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") getting buffer settings (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - dsBufferSize = dsbcaps.dwBufferBytes; - - // Lock the DS buffer - LPVOID audioPtr; - DWORD dataLen; - result = buffer->Lock( 0, dsBufferSize, &audioPtr, &dataLen, NULL, NULL, 0 ); - if ( FAILED( result ) ) { - output->Release(); - buffer->Release(); - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") locking buffer (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Zero the DS buffer - ZeroMemory( audioPtr, dataLen ); - - // Unlock the DS buffer - result = buffer->Unlock( audioPtr, dataLen, NULL, 0 ); - if ( FAILED( result ) ) { - output->Release(); - buffer->Release(); - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") unlocking buffer (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - ohandle = (void *) output; - bhandle = (void *) buffer; - } - - if ( mode == INPUT ) { - - LPDIRECTSOUNDCAPTURE input; - result = DirectSoundCaptureCreate( dsDevices[ device ].id[1], &input, NULL ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") opening input device (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - DSCCAPS inCaps; - inCaps.dwSize = sizeof( inCaps ); - result = input->GetCaps( &inCaps ); - if ( FAILED( result ) ) { - input->Release(); - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") getting input capabilities (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Check channel information. - if ( inCaps.dwChannels < channels + firstChannel ) { - errorText_ = "RtApiDs::getDeviceInfo: the input device does not support requested input channels."; - return FAILURE; - } - - // Check format information. Use 16-bit format unless user - // requests 8-bit. - DWORD deviceFormats; - if ( channels + firstChannel == 2 ) { - deviceFormats = WAVE_FORMAT_1S08 | WAVE_FORMAT_2S08 | WAVE_FORMAT_4S08 | WAVE_FORMAT_96S08; - if ( format == RTAUDIO_SINT8 && inCaps.dwFormats & deviceFormats ) { - waveFormat.wBitsPerSample = 8; - stream_.deviceFormat[mode] = RTAUDIO_SINT8; - } - else { // assume 16-bit is supported - waveFormat.wBitsPerSample = 16; - stream_.deviceFormat[mode] = RTAUDIO_SINT16; - } - } - else { // channel == 1 - deviceFormats = WAVE_FORMAT_1M08 | WAVE_FORMAT_2M08 | WAVE_FORMAT_4M08 | WAVE_FORMAT_96M08; - if ( format == RTAUDIO_SINT8 && inCaps.dwFormats & deviceFormats ) { - waveFormat.wBitsPerSample = 8; - stream_.deviceFormat[mode] = RTAUDIO_SINT8; - } - else { // assume 16-bit is supported - waveFormat.wBitsPerSample = 16; - stream_.deviceFormat[mode] = RTAUDIO_SINT16; - } - } - stream_.userFormat = format; - - // Update wave format structure and buffer information. - waveFormat.nBlockAlign = waveFormat.nChannels * waveFormat.wBitsPerSample / 8; - waveFormat.nAvgBytesPerSec = waveFormat.nSamplesPerSec * waveFormat.nBlockAlign; - dsPointerLeadTime = nBuffers * (*bufferSize) * (waveFormat.wBitsPerSample / 8) * channels; - - // If the user wants an even bigger buffer, increase the device buffer size accordingly. - while ( dsPointerLeadTime * 2U > dsBufferSize ) - dsBufferSize *= 2; - - // Setup the secondary DS buffer description. - DSCBUFFERDESC bufferDescription; - ZeroMemory( &bufferDescription, sizeof( DSCBUFFERDESC ) ); - bufferDescription.dwSize = sizeof( DSCBUFFERDESC ); - bufferDescription.dwFlags = 0; - bufferDescription.dwReserved = 0; - bufferDescription.dwBufferBytes = dsBufferSize; - bufferDescription.lpwfxFormat = &waveFormat; - - // Create the capture buffer. - LPDIRECTSOUNDCAPTUREBUFFER buffer; - result = input->CreateCaptureBuffer( &bufferDescription, &buffer, NULL ); - if ( FAILED( result ) ) { - input->Release(); - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") creating input buffer (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Get the buffer size ... might be different from what we specified. - DSCBCAPS dscbcaps; - dscbcaps.dwSize = sizeof( DSCBCAPS ); - result = buffer->GetCaps( &dscbcaps ); - if ( FAILED( result ) ) { - input->Release(); - buffer->Release(); - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") getting buffer settings (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - dsBufferSize = dscbcaps.dwBufferBytes; - - // NOTE: We could have a problem here if this is a duplex stream - // and the play and capture hardware buffer sizes are different - // (I'm actually not sure if that is a problem or not). - // Currently, we are not verifying that. - - // Lock the capture buffer - LPVOID audioPtr; - DWORD dataLen; - result = buffer->Lock( 0, dsBufferSize, &audioPtr, &dataLen, NULL, NULL, 0 ); - if ( FAILED( result ) ) { - input->Release(); - buffer->Release(); - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") locking input buffer (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Zero the buffer - ZeroMemory( audioPtr, dataLen ); - - // Unlock the buffer - result = buffer->Unlock( audioPtr, dataLen, NULL, 0 ); - if ( FAILED( result ) ) { - input->Release(); - buffer->Release(); - errorStream_ << "RtApiDs::probeDeviceOpen: error (" << getErrorString( result ) << ") unlocking input buffer (" << dsDevices[ device ].name << ")!"; - errorText_ = errorStream_.str(); - return FAILURE; - } - - ohandle = (void *) input; - bhandle = (void *) buffer; - } - - // Set various stream parameters - DsHandle *handle = 0; - stream_.nDeviceChannels[mode] = channels + firstChannel; - stream_.nUserChannels[mode] = channels; - stream_.bufferSize = *bufferSize; - stream_.channelOffset[mode] = firstChannel; - stream_.deviceInterleaved[mode] = true; - if ( options && options->flags & RTAUDIO_NONINTERLEAVED ) stream_.userInterleaved = false; - else stream_.userInterleaved = true; - - // Set flag for buffer conversion - stream_.doConvertBuffer[mode] = false; - if (stream_.nUserChannels[mode] != stream_.nDeviceChannels[mode]) - stream_.doConvertBuffer[mode] = true; - if (stream_.userFormat != stream_.deviceFormat[mode]) - stream_.doConvertBuffer[mode] = true; - if ( stream_.userInterleaved != stream_.deviceInterleaved[mode] && - stream_.nUserChannels[mode] > 1 ) - stream_.doConvertBuffer[mode] = true; - - // Allocate necessary internal buffers - long bufferBytes = stream_.nUserChannels[mode] * *bufferSize * formatBytes( stream_.userFormat ); - stream_.userBuffer[mode] = (char *) calloc( bufferBytes, 1 ); - if ( stream_.userBuffer[mode] == NULL ) { - errorText_ = "RtApiDs::probeDeviceOpen: error allocating user buffer memory."; - goto error; - } - - if ( stream_.doConvertBuffer[mode] ) { - - bool makeBuffer = true; - bufferBytes = stream_.nDeviceChannels[mode] * formatBytes( stream_.deviceFormat[mode] ); - if ( mode == INPUT ) { - if ( stream_.mode == OUTPUT && stream_.deviceBuffer ) { - unsigned long bytesOut = stream_.nDeviceChannels[0] * formatBytes( stream_.deviceFormat[0] ); - if ( bufferBytes <= (long) bytesOut ) makeBuffer = false; - } - } - - if ( makeBuffer ) { - bufferBytes *= *bufferSize; - if ( stream_.deviceBuffer ) free( stream_.deviceBuffer ); - stream_.deviceBuffer = (char *) calloc( bufferBytes, 1 ); - if ( stream_.deviceBuffer == NULL ) { - errorText_ = "RtApiDs::probeDeviceOpen: error allocating device buffer memory."; - goto error; - } - } - } - - // Allocate our DsHandle structures for the stream. - if ( stream_.apiHandle == 0 ) { - try { - handle = new DsHandle; - } - catch ( std::bad_alloc& ) { - errorText_ = "RtApiDs::probeDeviceOpen: error allocating AsioHandle memory."; - goto error; - } - - // Create a manual-reset event. - handle->condition = CreateEvent( NULL, // no security - TRUE, // manual-reset - FALSE, // non-signaled initially - NULL ); // unnamed - stream_.apiHandle = (void *) handle; - } - else - handle = (DsHandle *) stream_.apiHandle; - handle->id[mode] = ohandle; - handle->buffer[mode] = bhandle; - handle->dsBufferSize[mode] = dsBufferSize; - handle->dsPointerLeadTime[mode] = dsPointerLeadTime; - - stream_.device[mode] = device; - stream_.state = STREAM_STOPPED; - if ( stream_.mode == OUTPUT && mode == INPUT ) - // We had already set up an output stream. - stream_.mode = DUPLEX; - else - stream_.mode = mode; - stream_.nBuffers = nBuffers; - stream_.sampleRate = sampleRate; - - // Setup the buffer conversion information structure. - if ( stream_.doConvertBuffer[mode] ) setConvertInfo( mode, firstChannel ); - - // Setup the callback thread. - if ( stream_.callbackInfo.isRunning == false ) { - unsigned threadId; - stream_.callbackInfo.isRunning = true; - stream_.callbackInfo.object = (void *) this; - stream_.callbackInfo.thread = _beginthreadex( NULL, 0, &callbackHandler, - &stream_.callbackInfo, 0, &threadId ); - if ( stream_.callbackInfo.thread == 0 ) { - errorText_ = "RtApiDs::probeDeviceOpen: error creating callback thread!"; - goto error; - } - - // Boost DS thread priority - SetThreadPriority( (HANDLE) stream_.callbackInfo.thread, THREAD_PRIORITY_HIGHEST ); - } - return SUCCESS; - - error: - if ( handle ) { - if ( handle->buffer[0] ) { // the object pointer can be NULL and valid - LPDIRECTSOUND object = (LPDIRECTSOUND) handle->id[0]; - LPDIRECTSOUNDBUFFER buffer = (LPDIRECTSOUNDBUFFER) handle->buffer[0]; - if ( buffer ) buffer->Release(); - object->Release(); - } - if ( handle->buffer[1] ) { - LPDIRECTSOUNDCAPTURE object = (LPDIRECTSOUNDCAPTURE) handle->id[1]; - LPDIRECTSOUNDCAPTUREBUFFER buffer = (LPDIRECTSOUNDCAPTUREBUFFER) handle->buffer[1]; - if ( buffer ) buffer->Release(); - object->Release(); - } - CloseHandle( handle->condition ); - delete handle; - stream_.apiHandle = 0; - } - - for ( int i=0; i<2; i++ ) { - if ( stream_.userBuffer[i] ) { - free( stream_.userBuffer[i] ); - stream_.userBuffer[i] = 0; - } - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - - stream_.state = STREAM_CLOSED; - return FAILURE; -} - -void RtApiDs :: closeStream() -{ - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiDs::closeStream(): no open stream to close!"; - error( RtAudioError::WARNING ); - return; - } - - // Stop the callback thread. - stream_.callbackInfo.isRunning = false; - WaitForSingleObject( (HANDLE) stream_.callbackInfo.thread, INFINITE ); - CloseHandle( (HANDLE) stream_.callbackInfo.thread ); - - DsHandle *handle = (DsHandle *) stream_.apiHandle; - if ( handle ) { - if ( handle->buffer[0] ) { // the object pointer can be NULL and valid - LPDIRECTSOUND object = (LPDIRECTSOUND) handle->id[0]; - LPDIRECTSOUNDBUFFER buffer = (LPDIRECTSOUNDBUFFER) handle->buffer[0]; - if ( buffer ) { - buffer->Stop(); - buffer->Release(); - } - object->Release(); - } - if ( handle->buffer[1] ) { - LPDIRECTSOUNDCAPTURE object = (LPDIRECTSOUNDCAPTURE) handle->id[1]; - LPDIRECTSOUNDCAPTUREBUFFER buffer = (LPDIRECTSOUNDCAPTUREBUFFER) handle->buffer[1]; - if ( buffer ) { - buffer->Stop(); - buffer->Release(); - } - object->Release(); - } - CloseHandle( handle->condition ); - delete handle; - stream_.apiHandle = 0; - } - - for ( int i=0; i<2; i++ ) { - if ( stream_.userBuffer[i] ) { - free( stream_.userBuffer[i] ); - stream_.userBuffer[i] = 0; - } - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - - stream_.mode = UNINITIALIZED; - stream_.state = STREAM_CLOSED; -} - -void RtApiDs :: startStream() -{ - verifyStream(); - if ( stream_.state == STREAM_RUNNING ) { - errorText_ = "RtApiDs::startStream(): the stream is already running!"; - error( RtAudioError::WARNING ); - return; - } - - DsHandle *handle = (DsHandle *) stream_.apiHandle; - - // Increase scheduler frequency on lesser windows (a side-effect of - // increasing timer accuracy). On greater windows (Win2K or later), - // this is already in effect. - timeBeginPeriod( 1 ); - - buffersRolling = false; - duplexPrerollBytes = 0; - - if ( stream_.mode == DUPLEX ) { - // 0.5 seconds of silence in DUPLEX mode while the devices spin up and synchronize. - duplexPrerollBytes = (int) ( 0.5 * stream_.sampleRate * formatBytes( stream_.deviceFormat[1] ) * stream_.nDeviceChannels[1] ); - } - - HRESULT result = 0; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - - LPDIRECTSOUNDBUFFER buffer = (LPDIRECTSOUNDBUFFER) handle->buffer[0]; - result = buffer->Play( 0, 0, DSBPLAY_LOOPING ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::startStream: error (" << getErrorString( result ) << ") starting output buffer!"; - errorText_ = errorStream_.str(); - goto unlock; - } - } - - if ( stream_.mode == INPUT || stream_.mode == DUPLEX ) { - - LPDIRECTSOUNDCAPTUREBUFFER buffer = (LPDIRECTSOUNDCAPTUREBUFFER) handle->buffer[1]; - result = buffer->Start( DSCBSTART_LOOPING ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::startStream: error (" << getErrorString( result ) << ") starting input buffer!"; - errorText_ = errorStream_.str(); - goto unlock; - } - } - - handle->drainCounter = 0; - handle->internalDrain = false; - ResetEvent( handle->condition ); - stream_.state = STREAM_RUNNING; - - unlock: - if ( FAILED( result ) ) error( RtAudioError::SYSTEM_ERROR ); -} - -void RtApiDs :: stopStream() -{ - verifyStream(); - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiDs::stopStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - HRESULT result = 0; - LPVOID audioPtr; - DWORD dataLen; - DsHandle *handle = (DsHandle *) stream_.apiHandle; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - if ( handle->drainCounter == 0 ) { - handle->drainCounter = 2; - WaitForSingleObject( handle->condition, INFINITE ); // block until signaled - } - - stream_.state = STREAM_STOPPED; - - MUTEX_LOCK( &stream_.mutex ); - - // Stop the buffer and clear memory - LPDIRECTSOUNDBUFFER buffer = (LPDIRECTSOUNDBUFFER) handle->buffer[0]; - result = buffer->Stop(); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::stopStream: error (" << getErrorString( result ) << ") stopping output buffer!"; - errorText_ = errorStream_.str(); - goto unlock; - } - - // Lock the buffer and clear it so that if we start to play again, - // we won't have old data playing. - result = buffer->Lock( 0, handle->dsBufferSize[0], &audioPtr, &dataLen, NULL, NULL, 0 ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::stopStream: error (" << getErrorString( result ) << ") locking output buffer!"; - errorText_ = errorStream_.str(); - goto unlock; - } - - // Zero the DS buffer - ZeroMemory( audioPtr, dataLen ); - - // Unlock the DS buffer - result = buffer->Unlock( audioPtr, dataLen, NULL, 0 ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::stopStream: error (" << getErrorString( result ) << ") unlocking output buffer!"; - errorText_ = errorStream_.str(); - goto unlock; - } - - // If we start playing again, we must begin at beginning of buffer. - handle->bufferPointer[0] = 0; - } - - if ( stream_.mode == INPUT || stream_.mode == DUPLEX ) { - LPDIRECTSOUNDCAPTUREBUFFER buffer = (LPDIRECTSOUNDCAPTUREBUFFER) handle->buffer[1]; - audioPtr = NULL; - dataLen = 0; - - stream_.state = STREAM_STOPPED; - - if ( stream_.mode != DUPLEX ) - MUTEX_LOCK( &stream_.mutex ); - - result = buffer->Stop(); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::stopStream: error (" << getErrorString( result ) << ") stopping input buffer!"; - errorText_ = errorStream_.str(); - goto unlock; - } - - // Lock the buffer and clear it so that if we start to play again, - // we won't have old data playing. - result = buffer->Lock( 0, handle->dsBufferSize[1], &audioPtr, &dataLen, NULL, NULL, 0 ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::stopStream: error (" << getErrorString( result ) << ") locking input buffer!"; - errorText_ = errorStream_.str(); - goto unlock; - } - - // Zero the DS buffer - ZeroMemory( audioPtr, dataLen ); - - // Unlock the DS buffer - result = buffer->Unlock( audioPtr, dataLen, NULL, 0 ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::stopStream: error (" << getErrorString( result ) << ") unlocking input buffer!"; - errorText_ = errorStream_.str(); - goto unlock; - } - - // If we start recording again, we must begin at beginning of buffer. - handle->bufferPointer[1] = 0; - } - - unlock: - timeEndPeriod( 1 ); // revert to normal scheduler frequency on lesser windows. - MUTEX_UNLOCK( &stream_.mutex ); - - if ( FAILED( result ) ) error( RtAudioError::SYSTEM_ERROR ); -} - -void RtApiDs :: abortStream() -{ - verifyStream(); - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiDs::abortStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - DsHandle *handle = (DsHandle *) stream_.apiHandle; - handle->drainCounter = 2; - - stopStream(); -} - -void RtApiDs :: callbackEvent() -{ - if ( stream_.state == STREAM_STOPPED || stream_.state == STREAM_STOPPING ) { - Sleep( 50 ); // sleep 50 milliseconds - return; - } - - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiDs::callbackEvent(): the stream is closed ... this shouldn't happen!"; - error( RtAudioError::WARNING ); - return; - } - - CallbackInfo *info = (CallbackInfo *) &stream_.callbackInfo; - DsHandle *handle = (DsHandle *) stream_.apiHandle; - - // Check if we were draining the stream and signal is finished. - if ( handle->drainCounter > stream_.nBuffers + 2 ) { - - stream_.state = STREAM_STOPPING; - if ( handle->internalDrain == false ) - SetEvent( handle->condition ); - else - stopStream(); - return; - } - - // Invoke user callback to get fresh output data UNLESS we are - // draining stream. - if ( handle->drainCounter == 0 ) { - RtAudioCallback callback = (RtAudioCallback) info->callback; - double streamTime = getStreamTime(); - RtAudioStreamStatus status = 0; - if ( stream_.mode != INPUT && handle->xrun[0] == true ) { - status |= RTAUDIO_OUTPUT_UNDERFLOW; - handle->xrun[0] = false; - } - if ( stream_.mode != OUTPUT && handle->xrun[1] == true ) { - status |= RTAUDIO_INPUT_OVERFLOW; - handle->xrun[1] = false; - } - int cbReturnValue = callback( stream_.userBuffer[0], stream_.userBuffer[1], - stream_.bufferSize, streamTime, status, info->userData ); - if ( cbReturnValue == 2 ) { - stream_.state = STREAM_STOPPING; - handle->drainCounter = 2; - abortStream(); - return; - } - else if ( cbReturnValue == 1 ) { - handle->drainCounter = 1; - handle->internalDrain = true; - } - } - - HRESULT result; - DWORD currentWritePointer, safeWritePointer; - DWORD currentReadPointer, safeReadPointer; - UINT nextWritePointer; - - LPVOID buffer1 = NULL; - LPVOID buffer2 = NULL; - DWORD bufferSize1 = 0; - DWORD bufferSize2 = 0; - - char *buffer; - long bufferBytes; - - MUTEX_LOCK( &stream_.mutex ); - if ( stream_.state == STREAM_STOPPED ) { - MUTEX_UNLOCK( &stream_.mutex ); - return; - } - - if ( buffersRolling == false ) { - if ( stream_.mode == DUPLEX ) { - //assert( handle->dsBufferSize[0] == handle->dsBufferSize[1] ); - - // It takes a while for the devices to get rolling. As a result, - // there's no guarantee that the capture and write device pointers - // will move in lockstep. Wait here for both devices to start - // rolling, and then set our buffer pointers accordingly. - // e.g. Crystal Drivers: the capture buffer starts up 5700 to 9600 - // bytes later than the write buffer. - - // Stub: a serious risk of having a pre-emptive scheduling round - // take place between the two GetCurrentPosition calls... but I'm - // really not sure how to solve the problem. Temporarily boost to - // Realtime priority, maybe; but I'm not sure what priority the - // DirectSound service threads run at. We *should* be roughly - // within a ms or so of correct. - - LPDIRECTSOUNDBUFFER dsWriteBuffer = (LPDIRECTSOUNDBUFFER) handle->buffer[0]; - LPDIRECTSOUNDCAPTUREBUFFER dsCaptureBuffer = (LPDIRECTSOUNDCAPTUREBUFFER) handle->buffer[1]; - - DWORD startSafeWritePointer, startSafeReadPointer; - - result = dsWriteBuffer->GetCurrentPosition( NULL, &startSafeWritePointer ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::callbackEvent: error (" << getErrorString( result ) << ") getting current write position!"; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - result = dsCaptureBuffer->GetCurrentPosition( NULL, &startSafeReadPointer ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::callbackEvent: error (" << getErrorString( result ) << ") getting current read position!"; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - while ( true ) { - result = dsWriteBuffer->GetCurrentPosition( NULL, &safeWritePointer ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::callbackEvent: error (" << getErrorString( result ) << ") getting current write position!"; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - result = dsCaptureBuffer->GetCurrentPosition( NULL, &safeReadPointer ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::callbackEvent: error (" << getErrorString( result ) << ") getting current read position!"; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - if ( safeWritePointer != startSafeWritePointer && safeReadPointer != startSafeReadPointer ) break; - Sleep( 1 ); - } - - //assert( handle->dsBufferSize[0] == handle->dsBufferSize[1] ); - - handle->bufferPointer[0] = safeWritePointer + handle->dsPointerLeadTime[0]; - if ( handle->bufferPointer[0] >= handle->dsBufferSize[0] ) handle->bufferPointer[0] -= handle->dsBufferSize[0]; - handle->bufferPointer[1] = safeReadPointer; - } - else if ( stream_.mode == OUTPUT ) { - - // Set the proper nextWritePosition after initial startup. - LPDIRECTSOUNDBUFFER dsWriteBuffer = (LPDIRECTSOUNDBUFFER) handle->buffer[0]; - result = dsWriteBuffer->GetCurrentPosition( ¤tWritePointer, &safeWritePointer ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::callbackEvent: error (" << getErrorString( result ) << ") getting current write position!"; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - handle->bufferPointer[0] = safeWritePointer + handle->dsPointerLeadTime[0]; - if ( handle->bufferPointer[0] >= handle->dsBufferSize[0] ) handle->bufferPointer[0] -= handle->dsBufferSize[0]; - } - - buffersRolling = true; - } - - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - - LPDIRECTSOUNDBUFFER dsBuffer = (LPDIRECTSOUNDBUFFER) handle->buffer[0]; - - if ( handle->drainCounter > 1 ) { // write zeros to the output stream - bufferBytes = stream_.bufferSize * stream_.nUserChannels[0]; - bufferBytes *= formatBytes( stream_.userFormat ); - memset( stream_.userBuffer[0], 0, bufferBytes ); - } - - // Setup parameters and do buffer conversion if necessary. - if ( stream_.doConvertBuffer[0] ) { - buffer = stream_.deviceBuffer; - convertBuffer( buffer, stream_.userBuffer[0], stream_.convertInfo[0] ); - bufferBytes = stream_.bufferSize * stream_.nDeviceChannels[0]; - bufferBytes *= formatBytes( stream_.deviceFormat[0] ); - } - else { - buffer = stream_.userBuffer[0]; - bufferBytes = stream_.bufferSize * stream_.nUserChannels[0]; - bufferBytes *= formatBytes( stream_.userFormat ); - } - - // No byte swapping necessary in DirectSound implementation. - - // Ahhh ... windoze. 16-bit data is signed but 8-bit data is - // unsigned. So, we need to convert our signed 8-bit data here to - // unsigned. - if ( stream_.deviceFormat[0] == RTAUDIO_SINT8 ) - for ( int i=0; i<bufferBytes; i++ ) buffer[i] = (unsigned char) ( buffer[i] + 128 ); - - DWORD dsBufferSize = handle->dsBufferSize[0]; - nextWritePointer = handle->bufferPointer[0]; - - DWORD endWrite, leadPointer; - while ( true ) { - // Find out where the read and "safe write" pointers are. - result = dsBuffer->GetCurrentPosition( ¤tWritePointer, &safeWritePointer ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::callbackEvent: error (" << getErrorString( result ) << ") getting current write position!"; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - - // We will copy our output buffer into the region between - // safeWritePointer and leadPointer. If leadPointer is not - // beyond the next endWrite position, wait until it is. - leadPointer = safeWritePointer + handle->dsPointerLeadTime[0]; - //std::cout << "safeWritePointer = " << safeWritePointer << ", leadPointer = " << leadPointer << ", nextWritePointer = " << nextWritePointer << std::endl; - if ( leadPointer > dsBufferSize ) leadPointer -= dsBufferSize; - if ( leadPointer < nextWritePointer ) leadPointer += dsBufferSize; // unwrap offset - endWrite = nextWritePointer + bufferBytes; - - // Check whether the entire write region is behind the play pointer. - if ( leadPointer >= endWrite ) break; - - // If we are here, then we must wait until the leadPointer advances - // beyond the end of our next write region. We use the - // Sleep() function to suspend operation until that happens. - double millis = ( endWrite - leadPointer ) * 1000.0; - millis /= ( formatBytes( stream_.deviceFormat[0]) * stream_.nDeviceChannels[0] * stream_.sampleRate); - if ( millis < 1.0 ) millis = 1.0; - Sleep( (DWORD) millis ); - } - - if ( dsPointerBetween( nextWritePointer, safeWritePointer, currentWritePointer, dsBufferSize ) - || dsPointerBetween( endWrite, safeWritePointer, currentWritePointer, dsBufferSize ) ) { - // We've strayed into the forbidden zone ... resync the read pointer. - handle->xrun[0] = true; - nextWritePointer = safeWritePointer + handle->dsPointerLeadTime[0] - bufferBytes; - if ( nextWritePointer >= dsBufferSize ) nextWritePointer -= dsBufferSize; - handle->bufferPointer[0] = nextWritePointer; - endWrite = nextWritePointer + bufferBytes; - } - - // Lock free space in the buffer - result = dsBuffer->Lock( nextWritePointer, bufferBytes, &buffer1, - &bufferSize1, &buffer2, &bufferSize2, 0 ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::callbackEvent: error (" << getErrorString( result ) << ") locking buffer during playback!"; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - - // Copy our buffer into the DS buffer - CopyMemory( buffer1, buffer, bufferSize1 ); - if ( buffer2 != NULL ) CopyMemory( buffer2, buffer+bufferSize1, bufferSize2 ); - - // Update our buffer offset and unlock sound buffer - dsBuffer->Unlock( buffer1, bufferSize1, buffer2, bufferSize2 ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::callbackEvent: error (" << getErrorString( result ) << ") unlocking buffer during playback!"; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - nextWritePointer = ( nextWritePointer + bufferSize1 + bufferSize2 ) % dsBufferSize; - handle->bufferPointer[0] = nextWritePointer; - } - - // Don't bother draining input - if ( handle->drainCounter ) { - handle->drainCounter++; - goto unlock; - } - - if ( stream_.mode == INPUT || stream_.mode == DUPLEX ) { - - // Setup parameters. - if ( stream_.doConvertBuffer[1] ) { - buffer = stream_.deviceBuffer; - bufferBytes = stream_.bufferSize * stream_.nDeviceChannels[1]; - bufferBytes *= formatBytes( stream_.deviceFormat[1] ); - } - else { - buffer = stream_.userBuffer[1]; - bufferBytes = stream_.bufferSize * stream_.nUserChannels[1]; - bufferBytes *= formatBytes( stream_.userFormat ); - } - - LPDIRECTSOUNDCAPTUREBUFFER dsBuffer = (LPDIRECTSOUNDCAPTUREBUFFER) handle->buffer[1]; - long nextReadPointer = handle->bufferPointer[1]; - DWORD dsBufferSize = handle->dsBufferSize[1]; - - // Find out where the write and "safe read" pointers are. - result = dsBuffer->GetCurrentPosition( ¤tReadPointer, &safeReadPointer ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::callbackEvent: error (" << getErrorString( result ) << ") getting current read position!"; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - - if ( safeReadPointer < (DWORD)nextReadPointer ) safeReadPointer += dsBufferSize; // unwrap offset - DWORD endRead = nextReadPointer + bufferBytes; - - // Handling depends on whether we are INPUT or DUPLEX. - // If we're in INPUT mode then waiting is a good thing. If we're in DUPLEX mode, - // then a wait here will drag the write pointers into the forbidden zone. - // - // In DUPLEX mode, rather than wait, we will back off the read pointer until - // it's in a safe position. This causes dropouts, but it seems to be the only - // practical way to sync up the read and write pointers reliably, given the - // the very complex relationship between phase and increment of the read and write - // pointers. - // - // In order to minimize audible dropouts in DUPLEX mode, we will - // provide a pre-roll period of 0.5 seconds in which we return - // zeros from the read buffer while the pointers sync up. - - if ( stream_.mode == DUPLEX ) { - if ( safeReadPointer < endRead ) { - if ( duplexPrerollBytes <= 0 ) { - // Pre-roll time over. Be more agressive. - int adjustment = endRead-safeReadPointer; - - handle->xrun[1] = true; - // Two cases: - // - large adjustments: we've probably run out of CPU cycles, so just resync exactly, - // and perform fine adjustments later. - // - small adjustments: back off by twice as much. - if ( adjustment >= 2*bufferBytes ) - nextReadPointer = safeReadPointer-2*bufferBytes; - else - nextReadPointer = safeReadPointer-bufferBytes-adjustment; - - if ( nextReadPointer < 0 ) nextReadPointer += dsBufferSize; - - } - else { - // In pre=roll time. Just do it. - nextReadPointer = safeReadPointer - bufferBytes; - while ( nextReadPointer < 0 ) nextReadPointer += dsBufferSize; - } - endRead = nextReadPointer + bufferBytes; - } - } - else { // mode == INPUT - while ( safeReadPointer < endRead && stream_.callbackInfo.isRunning ) { - // See comments for playback. - double millis = (endRead - safeReadPointer) * 1000.0; - millis /= ( formatBytes(stream_.deviceFormat[1]) * stream_.nDeviceChannels[1] * stream_.sampleRate); - if ( millis < 1.0 ) millis = 1.0; - Sleep( (DWORD) millis ); - - // Wake up and find out where we are now. - result = dsBuffer->GetCurrentPosition( ¤tReadPointer, &safeReadPointer ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::callbackEvent: error (" << getErrorString( result ) << ") getting current read position!"; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - - if ( safeReadPointer < (DWORD)nextReadPointer ) safeReadPointer += dsBufferSize; // unwrap offset - } - } - - // Lock free space in the buffer - result = dsBuffer->Lock( nextReadPointer, bufferBytes, &buffer1, - &bufferSize1, &buffer2, &bufferSize2, 0 ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::callbackEvent: error (" << getErrorString( result ) << ") locking capture buffer!"; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - - if ( duplexPrerollBytes <= 0 ) { - // Copy our buffer into the DS buffer - CopyMemory( buffer, buffer1, bufferSize1 ); - if ( buffer2 != NULL ) CopyMemory( buffer+bufferSize1, buffer2, bufferSize2 ); - } - else { - memset( buffer, 0, bufferSize1 ); - if ( buffer2 != NULL ) memset( buffer + bufferSize1, 0, bufferSize2 ); - duplexPrerollBytes -= bufferSize1 + bufferSize2; - } - - // Update our buffer offset and unlock sound buffer - nextReadPointer = ( nextReadPointer + bufferSize1 + bufferSize2 ) % dsBufferSize; - dsBuffer->Unlock( buffer1, bufferSize1, buffer2, bufferSize2 ); - if ( FAILED( result ) ) { - errorStream_ << "RtApiDs::callbackEvent: error (" << getErrorString( result ) << ") unlocking capture buffer!"; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - handle->bufferPointer[1] = nextReadPointer; - - // No byte swapping necessary in DirectSound implementation. - - // If necessary, convert 8-bit data from unsigned to signed. - if ( stream_.deviceFormat[1] == RTAUDIO_SINT8 ) - for ( int j=0; j<bufferBytes; j++ ) buffer[j] = (signed char) ( buffer[j] - 128 ); - - // Do buffer conversion if necessary. - if ( stream_.doConvertBuffer[1] ) - convertBuffer( stream_.userBuffer[1], stream_.deviceBuffer, stream_.convertInfo[1] ); - } - - unlock: - MUTEX_UNLOCK( &stream_.mutex ); - RtApi::tickStreamTime(); -} - -// Definitions for utility functions and callbacks -// specific to the DirectSound implementation. - -static unsigned __stdcall callbackHandler( void *ptr ) -{ - CallbackInfo *info = (CallbackInfo *) ptr; - RtApiDs *object = (RtApiDs *) info->object; - bool* isRunning = &info->isRunning; - - while ( *isRunning == true ) { - object->callbackEvent(); - } - - _endthreadex( 0 ); - return 0; -} - -static BOOL CALLBACK deviceQueryCallback( LPGUID lpguid, - LPCTSTR description, - LPCTSTR /*module*/, - LPVOID lpContext ) -{ - struct DsProbeData& probeInfo = *(struct DsProbeData*) lpContext; - std::vector<struct DsDevice>& dsDevices = *probeInfo.dsDevices; - - HRESULT hr; - bool validDevice = false; - if ( probeInfo.isInput == true ) { - DSCCAPS caps; - LPDIRECTSOUNDCAPTURE object; - - hr = DirectSoundCaptureCreate( lpguid, &object, NULL ); - if ( hr != DS_OK ) return TRUE; - - caps.dwSize = sizeof(caps); - hr = object->GetCaps( &caps ); - if ( hr == DS_OK ) { - if ( caps.dwChannels > 0 && caps.dwFormats > 0 ) - validDevice = true; - } - object->Release(); - } - else { - DSCAPS caps; - LPDIRECTSOUND object; - hr = DirectSoundCreate( lpguid, &object, NULL ); - if ( hr != DS_OK ) return TRUE; - - caps.dwSize = sizeof(caps); - hr = object->GetCaps( &caps ); - if ( hr == DS_OK ) { - if ( caps.dwFlags & DSCAPS_PRIMARYMONO || caps.dwFlags & DSCAPS_PRIMARYSTEREO ) - validDevice = true; - } - object->Release(); - } - - // If good device, then save its name and guid. - std::string name = convertCharPointerToStdString( description ); - //if ( name == "Primary Sound Driver" || name == "Primary Sound Capture Driver" ) - if ( lpguid == NULL ) - name = "Default Device"; - if ( validDevice ) { - for ( unsigned int i=0; i<dsDevices.size(); i++ ) { - if ( dsDevices[i].name == name ) { - dsDevices[i].found = true; - if ( probeInfo.isInput ) { - dsDevices[i].id[1] = lpguid; - dsDevices[i].validId[1] = true; - } - else { - dsDevices[i].id[0] = lpguid; - dsDevices[i].validId[0] = true; - } - return TRUE; - } - } - - DsDevice device; - device.name = name; - device.found = true; - if ( probeInfo.isInput ) { - device.id[1] = lpguid; - device.validId[1] = true; - } - else { - device.id[0] = lpguid; - device.validId[0] = true; - } - dsDevices.push_back( device ); - } - - return TRUE; -} - -static const char* getErrorString( int code ) -{ - switch ( code ) { - - case DSERR_ALLOCATED: - return "Already allocated"; - - case DSERR_CONTROLUNAVAIL: - return "Control unavailable"; - - case DSERR_INVALIDPARAM: - return "Invalid parameter"; - - case DSERR_INVALIDCALL: - return "Invalid call"; - - case DSERR_GENERIC: - return "Generic error"; - - case DSERR_PRIOLEVELNEEDED: - return "Priority level needed"; - - case DSERR_OUTOFMEMORY: - return "Out of memory"; - - case DSERR_BADFORMAT: - return "The sample rate or the channel format is not supported"; - - case DSERR_UNSUPPORTED: - return "Not supported"; - - case DSERR_NODRIVER: - return "No driver"; - - case DSERR_ALREADYINITIALIZED: - return "Already initialized"; - - case DSERR_NOAGGREGATION: - return "No aggregation"; - - case DSERR_BUFFERLOST: - return "Buffer lost"; - - case DSERR_OTHERAPPHASPRIO: - return "Another application already has priority"; - - case DSERR_UNINITIALIZED: - return "Uninitialized"; - - default: - return "DirectSound unknown error"; - } -} -//******************** End of __WINDOWS_DS__ *********************// -#endif - - -#if defined(__LINUX_ALSA__) - -#include <alsa/asoundlib.h> -#include <unistd.h> - - // A structure to hold various information related to the ALSA API - // implementation. -struct AlsaHandle { - snd_pcm_t *handles[2]; - bool synchronized; - bool xrun[2]; - pthread_cond_t runnable_cv; - bool runnable; - - AlsaHandle() - :synchronized(false), runnable(false) { xrun[0] = false; xrun[1] = false; } -}; - -static void *alsaCallbackHandler( void * ptr ); - -RtApiAlsa :: RtApiAlsa() -{ - // Nothing to do here. -} - -RtApiAlsa :: ~RtApiAlsa() -{ - if ( stream_.state != STREAM_CLOSED ) closeStream(); -} - -unsigned int RtApiAlsa :: getDeviceCount( void ) -{ - unsigned nDevices = 0; - int result, subdevice, card; - char name[64]; - snd_ctl_t *handle; - - // Count cards and devices - card = -1; - snd_card_next( &card ); - while ( card >= 0 ) { - sprintf( name, "hw:%d", card ); - result = snd_ctl_open( &handle, name, 0 ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::getDeviceCount: control open, card = " << card << ", " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - goto nextcard; - } - subdevice = -1; - while( 1 ) { - result = snd_ctl_pcm_next_device( handle, &subdevice ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::getDeviceCount: control next device, card = " << card << ", " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - break; - } - if ( subdevice < 0 ) - break; - nDevices++; - } - nextcard: - snd_ctl_close( handle ); - snd_card_next( &card ); - } - - result = snd_ctl_open( &handle, "default", 0 ); - if (result == 0) { - nDevices++; - snd_ctl_close( handle ); - } - - return nDevices; -} - -RtAudio::DeviceInfo RtApiAlsa :: getDeviceInfo( unsigned int device ) -{ - RtAudio::DeviceInfo info; - info.probed = false; - - unsigned nDevices = 0; - int result, subdevice, card; - char name[64]; - snd_ctl_t *chandle; - - // Count cards and devices - card = -1; - subdevice = -1; - snd_card_next( &card ); - while ( card >= 0 ) { - sprintf( name, "hw:%d", card ); - result = snd_ctl_open( &chandle, name, SND_CTL_NONBLOCK ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::getDeviceInfo: control open, card = " << card << ", " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - goto nextcard; - } - subdevice = -1; - while( 1 ) { - result = snd_ctl_pcm_next_device( chandle, &subdevice ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::getDeviceInfo: control next device, card = " << card << ", " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - break; - } - if ( subdevice < 0 ) break; - if ( nDevices == device ) { - sprintf( name, "hw:%d,%d", card, subdevice ); - goto foundDevice; - } - nDevices++; - } - nextcard: - snd_ctl_close( chandle ); - snd_card_next( &card ); - } - - result = snd_ctl_open( &chandle, "default", SND_CTL_NONBLOCK ); - if ( result == 0 ) { - if ( nDevices == device ) { - strcpy( name, "default" ); - goto foundDevice; - } - nDevices++; - } - - if ( nDevices == 0 ) { - errorText_ = "RtApiAlsa::getDeviceInfo: no devices found!"; - error( RtAudioError::INVALID_USE ); - return info; - } - - if ( device >= nDevices ) { - errorText_ = "RtApiAlsa::getDeviceInfo: device ID is invalid!"; - error( RtAudioError::INVALID_USE ); - return info; - } - - foundDevice: - - // If a stream is already open, we cannot probe the stream devices. - // Thus, use the saved results. - if ( stream_.state != STREAM_CLOSED && - ( stream_.device[0] == device || stream_.device[1] == device ) ) { - snd_ctl_close( chandle ); - if ( device >= devices_.size() ) { - errorText_ = "RtApiAlsa::getDeviceInfo: device ID was not present before stream was opened."; - error( RtAudioError::WARNING ); - return info; - } - return devices_[ device ]; - } - - int openMode = SND_PCM_ASYNC; - snd_pcm_stream_t stream; - snd_pcm_info_t *pcminfo; - snd_pcm_info_alloca( &pcminfo ); - snd_pcm_t *phandle; - snd_pcm_hw_params_t *params; - snd_pcm_hw_params_alloca( ¶ms ); - - // First try for playback unless default device (which has subdev -1) - stream = SND_PCM_STREAM_PLAYBACK; - snd_pcm_info_set_stream( pcminfo, stream ); - if ( subdevice != -1 ) { - snd_pcm_info_set_device( pcminfo, subdevice ); - snd_pcm_info_set_subdevice( pcminfo, 0 ); - - result = snd_ctl_pcm_info( chandle, pcminfo ); - if ( result < 0 ) { - // Device probably doesn't support playback. - goto captureProbe; - } - } - - result = snd_pcm_open( &phandle, name, stream, openMode | SND_PCM_NONBLOCK ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::getDeviceInfo: snd_pcm_open error for device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - goto captureProbe; - } - - // The device is open ... fill the parameter structure. - result = snd_pcm_hw_params_any( phandle, params ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::getDeviceInfo: snd_pcm_hw_params error for device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - goto captureProbe; - } - - // Get output channel information. - unsigned int value; - result = snd_pcm_hw_params_get_channels_max( params, &value ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::getDeviceInfo: error getting device (" << name << ") output channels, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - goto captureProbe; - } - info.outputChannels = value; - snd_pcm_close( phandle ); - - captureProbe: - stream = SND_PCM_STREAM_CAPTURE; - snd_pcm_info_set_stream( pcminfo, stream ); - - // Now try for capture unless default device (with subdev = -1) - if ( subdevice != -1 ) { - result = snd_ctl_pcm_info( chandle, pcminfo ); - snd_ctl_close( chandle ); - if ( result < 0 ) { - // Device probably doesn't support capture. - if ( info.outputChannels == 0 ) return info; - goto probeParameters; - } - } - else - snd_ctl_close( chandle ); - - result = snd_pcm_open( &phandle, name, stream, openMode | SND_PCM_NONBLOCK); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::getDeviceInfo: snd_pcm_open error for device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - if ( info.outputChannels == 0 ) return info; - goto probeParameters; - } - - // The device is open ... fill the parameter structure. - result = snd_pcm_hw_params_any( phandle, params ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::getDeviceInfo: snd_pcm_hw_params error for device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - if ( info.outputChannels == 0 ) return info; - goto probeParameters; - } - - result = snd_pcm_hw_params_get_channels_max( params, &value ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::getDeviceInfo: error getting device (" << name << ") input channels, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - if ( info.outputChannels == 0 ) return info; - goto probeParameters; - } - info.inputChannels = value; - snd_pcm_close( phandle ); - - // If device opens for both playback and capture, we determine the channels. - if ( info.outputChannels > 0 && info.inputChannels > 0 ) - info.duplexChannels = (info.outputChannels > info.inputChannels) ? info.inputChannels : info.outputChannels; - - // ALSA doesn't provide default devices so we'll use the first available one. - if ( device == 0 && info.outputChannels > 0 ) - info.isDefaultOutput = true; - if ( device == 0 && info.inputChannels > 0 ) - info.isDefaultInput = true; - - probeParameters: - // At this point, we just need to figure out the supported data - // formats and sample rates. We'll proceed by opening the device in - // the direction with the maximum number of channels, or playback if - // they are equal. This might limit our sample rate options, but so - // be it. - - if ( info.outputChannels >= info.inputChannels ) - stream = SND_PCM_STREAM_PLAYBACK; - else - stream = SND_PCM_STREAM_CAPTURE; - snd_pcm_info_set_stream( pcminfo, stream ); - - result = snd_pcm_open( &phandle, name, stream, openMode | SND_PCM_NONBLOCK); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::getDeviceInfo: snd_pcm_open error for device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // The device is open ... fill the parameter structure. - result = snd_pcm_hw_params_any( phandle, params ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::getDeviceInfo: snd_pcm_hw_params error for device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // Test our discrete set of sample rate values. - info.sampleRates.clear(); - for ( unsigned int i=0; i<MAX_SAMPLE_RATES; i++ ) { - if ( snd_pcm_hw_params_test_rate( phandle, params, SAMPLE_RATES[i], 0 ) == 0 ) { - info.sampleRates.push_back( SAMPLE_RATES[i] ); - - if ( !info.preferredSampleRate || ( SAMPLE_RATES[i] <= 48000 && SAMPLE_RATES[i] > info.preferredSampleRate ) ) - info.preferredSampleRate = SAMPLE_RATES[i]; - } - } - if ( info.sampleRates.size() == 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::getDeviceInfo: no supported sample rates found for device (" << name << ")."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // Probe the supported data formats ... we don't care about endian-ness just yet - snd_pcm_format_t format; - info.nativeFormats = 0; - format = SND_PCM_FORMAT_S8; - if ( snd_pcm_hw_params_test_format( phandle, params, format ) == 0 ) - info.nativeFormats |= RTAUDIO_SINT8; - format = SND_PCM_FORMAT_S16; - if ( snd_pcm_hw_params_test_format( phandle, params, format ) == 0 ) - info.nativeFormats |= RTAUDIO_SINT16; - format = SND_PCM_FORMAT_S24; - if ( snd_pcm_hw_params_test_format( phandle, params, format ) == 0 ) - info.nativeFormats |= RTAUDIO_SINT24; - format = SND_PCM_FORMAT_S32; - if ( snd_pcm_hw_params_test_format( phandle, params, format ) == 0 ) - info.nativeFormats |= RTAUDIO_SINT32; - format = SND_PCM_FORMAT_FLOAT; - if ( snd_pcm_hw_params_test_format( phandle, params, format ) == 0 ) - info.nativeFormats |= RTAUDIO_FLOAT32; - format = SND_PCM_FORMAT_FLOAT64; - if ( snd_pcm_hw_params_test_format( phandle, params, format ) == 0 ) - info.nativeFormats |= RTAUDIO_FLOAT64; - - // Check that we have at least one supported format - if ( info.nativeFormats == 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::getDeviceInfo: pcm device (" << name << ") data format not supported by RtAudio."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // Get the device name - char *cardname; - result = snd_card_get_name( card, &cardname ); - if ( result >= 0 ) { - sprintf( name, "hw:%s,%d", cardname, subdevice ); - free( cardname ); - } - info.name = name; - - // That's all ... close the device and return - snd_pcm_close( phandle ); - info.probed = true; - return info; -} - -void RtApiAlsa :: saveDeviceInfo( void ) -{ - devices_.clear(); - - unsigned int nDevices = getDeviceCount(); - devices_.resize( nDevices ); - for ( unsigned int i=0; i<nDevices; i++ ) - devices_[i] = getDeviceInfo( i ); -} - -bool RtApiAlsa :: probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ) - -{ -#if defined(__RTAUDIO_DEBUG__) - snd_output_t *out; - snd_output_stdio_attach(&out, stderr, 0); -#endif - - // I'm not using the "plug" interface ... too much inconsistent behavior. - - unsigned nDevices = 0; - int result, subdevice, card; - char name[64]; - snd_ctl_t *chandle; - - if ( options && options->flags & RTAUDIO_ALSA_USE_DEFAULT ) - snprintf(name, sizeof(name), "%s", "default"); - else { - // Count cards and devices - card = -1; - snd_card_next( &card ); - while ( card >= 0 ) { - sprintf( name, "hw:%d", card ); - result = snd_ctl_open( &chandle, name, SND_CTL_NONBLOCK ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::probeDeviceOpen: control open, card = " << card << ", " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - return FAILURE; - } - subdevice = -1; - while( 1 ) { - result = snd_ctl_pcm_next_device( chandle, &subdevice ); - if ( result < 0 ) break; - if ( subdevice < 0 ) break; - if ( nDevices == device ) { - sprintf( name, "hw:%d,%d", card, subdevice ); - snd_ctl_close( chandle ); - goto foundDevice; - } - nDevices++; - } - snd_ctl_close( chandle ); - snd_card_next( &card ); - } - - result = snd_ctl_open( &chandle, "default", SND_CTL_NONBLOCK ); - if ( result == 0 ) { - if ( nDevices == device ) { - strcpy( name, "default" ); - goto foundDevice; - } - nDevices++; - } - - if ( nDevices == 0 ) { - // This should not happen because a check is made before this function is called. - errorText_ = "RtApiAlsa::probeDeviceOpen: no devices found!"; - return FAILURE; - } - - if ( device >= nDevices ) { - // This should not happen because a check is made before this function is called. - errorText_ = "RtApiAlsa::probeDeviceOpen: device ID is invalid!"; - return FAILURE; - } - } - - foundDevice: - - // The getDeviceInfo() function will not work for a device that is - // already open. Thus, we'll probe the system before opening a - // stream and save the results for use by getDeviceInfo(). - if ( mode == OUTPUT || ( mode == INPUT && stream_.mode != OUTPUT ) ) // only do once - this->saveDeviceInfo(); - - snd_pcm_stream_t stream; - if ( mode == OUTPUT ) - stream = SND_PCM_STREAM_PLAYBACK; - else - stream = SND_PCM_STREAM_CAPTURE; - - snd_pcm_t *phandle; - int openMode = SND_PCM_ASYNC; - result = snd_pcm_open( &phandle, name, stream, openMode ); - if ( result < 0 ) { - if ( mode == OUTPUT ) - errorStream_ << "RtApiAlsa::probeDeviceOpen: pcm device (" << name << ") won't open for output."; - else - errorStream_ << "RtApiAlsa::probeDeviceOpen: pcm device (" << name << ") won't open for input."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Fill the parameter structure. - snd_pcm_hw_params_t *hw_params; - snd_pcm_hw_params_alloca( &hw_params ); - result = snd_pcm_hw_params_any( phandle, hw_params ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: error getting pcm device (" << name << ") parameters, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - return FAILURE; - } - -#if defined(__RTAUDIO_DEBUG__) - fprintf( stderr, "\nRtApiAlsa: dump hardware params just after device open:\n\n" ); - snd_pcm_hw_params_dump( hw_params, out ); -#endif - - // Set access ... check user preference. - if ( options && options->flags & RTAUDIO_NONINTERLEAVED ) { - stream_.userInterleaved = false; - result = snd_pcm_hw_params_set_access( phandle, hw_params, SND_PCM_ACCESS_RW_NONINTERLEAVED ); - if ( result < 0 ) { - result = snd_pcm_hw_params_set_access( phandle, hw_params, SND_PCM_ACCESS_RW_INTERLEAVED ); - stream_.deviceInterleaved[mode] = true; - } - else - stream_.deviceInterleaved[mode] = false; - } - else { - stream_.userInterleaved = true; - result = snd_pcm_hw_params_set_access( phandle, hw_params, SND_PCM_ACCESS_RW_INTERLEAVED ); - if ( result < 0 ) { - result = snd_pcm_hw_params_set_access( phandle, hw_params, SND_PCM_ACCESS_RW_NONINTERLEAVED ); - stream_.deviceInterleaved[mode] = false; - } - else - stream_.deviceInterleaved[mode] = true; - } - - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: error setting pcm device (" << name << ") access, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Determine how to set the device format. - stream_.userFormat = format; - snd_pcm_format_t deviceFormat = SND_PCM_FORMAT_UNKNOWN; - - if ( format == RTAUDIO_SINT8 ) - deviceFormat = SND_PCM_FORMAT_S8; - else if ( format == RTAUDIO_SINT16 ) - deviceFormat = SND_PCM_FORMAT_S16; - else if ( format == RTAUDIO_SINT24 ) - deviceFormat = SND_PCM_FORMAT_S24; - else if ( format == RTAUDIO_SINT32 ) - deviceFormat = SND_PCM_FORMAT_S32; - else if ( format == RTAUDIO_FLOAT32 ) - deviceFormat = SND_PCM_FORMAT_FLOAT; - else if ( format == RTAUDIO_FLOAT64 ) - deviceFormat = SND_PCM_FORMAT_FLOAT64; - - if ( snd_pcm_hw_params_test_format(phandle, hw_params, deviceFormat) == 0) { - stream_.deviceFormat[mode] = format; - goto setFormat; - } - - // The user requested format is not natively supported by the device. - deviceFormat = SND_PCM_FORMAT_FLOAT64; - if ( snd_pcm_hw_params_test_format( phandle, hw_params, deviceFormat ) == 0 ) { - stream_.deviceFormat[mode] = RTAUDIO_FLOAT64; - goto setFormat; - } - - deviceFormat = SND_PCM_FORMAT_FLOAT; - if ( snd_pcm_hw_params_test_format(phandle, hw_params, deviceFormat ) == 0 ) { - stream_.deviceFormat[mode] = RTAUDIO_FLOAT32; - goto setFormat; - } - - deviceFormat = SND_PCM_FORMAT_S32; - if ( snd_pcm_hw_params_test_format(phandle, hw_params, deviceFormat ) == 0 ) { - stream_.deviceFormat[mode] = RTAUDIO_SINT32; - goto setFormat; - } - - deviceFormat = SND_PCM_FORMAT_S24; - if ( snd_pcm_hw_params_test_format(phandle, hw_params, deviceFormat ) == 0 ) { - stream_.deviceFormat[mode] = RTAUDIO_SINT24; - goto setFormat; - } - - deviceFormat = SND_PCM_FORMAT_S16; - if ( snd_pcm_hw_params_test_format(phandle, hw_params, deviceFormat ) == 0 ) { - stream_.deviceFormat[mode] = RTAUDIO_SINT16; - goto setFormat; - } - - deviceFormat = SND_PCM_FORMAT_S8; - if ( snd_pcm_hw_params_test_format(phandle, hw_params, deviceFormat ) == 0 ) { - stream_.deviceFormat[mode] = RTAUDIO_SINT8; - goto setFormat; - } - - // If we get here, no supported format was found. - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: pcm device " << device << " data format not supported by RtAudio."; - errorText_ = errorStream_.str(); - return FAILURE; - - setFormat: - result = snd_pcm_hw_params_set_format( phandle, hw_params, deviceFormat ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: error setting pcm device (" << name << ") data format, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Determine whether byte-swaping is necessary. - stream_.doByteSwap[mode] = false; - if ( deviceFormat != SND_PCM_FORMAT_S8 ) { - result = snd_pcm_format_cpu_endian( deviceFormat ); - if ( result == 0 ) - stream_.doByteSwap[mode] = true; - else if (result < 0) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: error getting pcm device (" << name << ") endian-ness, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - return FAILURE; - } - } - - // Set the sample rate. - result = snd_pcm_hw_params_set_rate_near( phandle, hw_params, (unsigned int*) &sampleRate, 0 ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: error setting sample rate on device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Determine the number of channels for this device. We support a possible - // minimum device channel number > than the value requested by the user. - stream_.nUserChannels[mode] = channels; - unsigned int value; - result = snd_pcm_hw_params_get_channels_max( hw_params, &value ); - unsigned int deviceChannels = value; - if ( result < 0 || deviceChannels < channels + firstChannel ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: requested channel parameters not supported by device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - result = snd_pcm_hw_params_get_channels_min( hw_params, &value ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: error getting minimum channels for device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - return FAILURE; - } - deviceChannels = value; - if ( deviceChannels < channels + firstChannel ) deviceChannels = channels + firstChannel; - stream_.nDeviceChannels[mode] = deviceChannels; - - // Set the device channels. - result = snd_pcm_hw_params_set_channels( phandle, hw_params, deviceChannels ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: error setting channels for device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Set the buffer (or period) size. - int dir = 0; - snd_pcm_uframes_t periodSize = *bufferSize; - result = snd_pcm_hw_params_set_period_size_near( phandle, hw_params, &periodSize, &dir ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: error setting period size for device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - return FAILURE; - } - *bufferSize = periodSize; - - // Set the buffer number, which in ALSA is referred to as the "period". - unsigned int periods = 0; - if ( options && options->flags & RTAUDIO_MINIMIZE_LATENCY ) periods = 2; - if ( options && options->numberOfBuffers > 0 ) periods = options->numberOfBuffers; - if ( periods < 2 ) periods = 4; // a fairly safe default value - result = snd_pcm_hw_params_set_periods_near( phandle, hw_params, &periods, &dir ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: error setting periods for device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // If attempting to setup a duplex stream, the bufferSize parameter - // MUST be the same in both directions! - if ( stream_.mode == OUTPUT && mode == INPUT && *bufferSize != stream_.bufferSize ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: system error setting buffer size for duplex stream on device (" << name << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - stream_.bufferSize = *bufferSize; - - // Install the hardware configuration - result = snd_pcm_hw_params( phandle, hw_params ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: error installing hardware configuration on device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - return FAILURE; - } - -#if defined(__RTAUDIO_DEBUG__) - fprintf(stderr, "\nRtApiAlsa: dump hardware params after installation:\n\n"); - snd_pcm_hw_params_dump( hw_params, out ); -#endif - - // Set the software configuration to fill buffers with zeros and prevent device stopping on xruns. - snd_pcm_sw_params_t *sw_params = NULL; - snd_pcm_sw_params_alloca( &sw_params ); - snd_pcm_sw_params_current( phandle, sw_params ); - snd_pcm_sw_params_set_start_threshold( phandle, sw_params, *bufferSize ); - snd_pcm_sw_params_set_stop_threshold( phandle, sw_params, ULONG_MAX ); - snd_pcm_sw_params_set_silence_threshold( phandle, sw_params, 0 ); - - // The following two settings were suggested by Theo Veenker - //snd_pcm_sw_params_set_avail_min( phandle, sw_params, *bufferSize ); - //snd_pcm_sw_params_set_xfer_align( phandle, sw_params, 1 ); - - // here are two options for a fix - //snd_pcm_sw_params_set_silence_size( phandle, sw_params, ULONG_MAX ); - snd_pcm_uframes_t val; - snd_pcm_sw_params_get_boundary( sw_params, &val ); - snd_pcm_sw_params_set_silence_size( phandle, sw_params, val ); - - result = snd_pcm_sw_params( phandle, sw_params ); - if ( result < 0 ) { - snd_pcm_close( phandle ); - errorStream_ << "RtApiAlsa::probeDeviceOpen: error installing software configuration on device (" << name << "), " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - return FAILURE; - } - -#if defined(__RTAUDIO_DEBUG__) - fprintf(stderr, "\nRtApiAlsa: dump software params after installation:\n\n"); - snd_pcm_sw_params_dump( sw_params, out ); -#endif - - // Set flags for buffer conversion - stream_.doConvertBuffer[mode] = false; - if ( stream_.userFormat != stream_.deviceFormat[mode] ) - stream_.doConvertBuffer[mode] = true; - if ( stream_.nUserChannels[mode] < stream_.nDeviceChannels[mode] ) - stream_.doConvertBuffer[mode] = true; - if ( stream_.userInterleaved != stream_.deviceInterleaved[mode] && - stream_.nUserChannels[mode] > 1 ) - stream_.doConvertBuffer[mode] = true; - - // Allocate the ApiHandle if necessary and then save. - AlsaHandle *apiInfo = 0; - if ( stream_.apiHandle == 0 ) { - try { - apiInfo = (AlsaHandle *) new AlsaHandle; - } - catch ( std::bad_alloc& ) { - errorText_ = "RtApiAlsa::probeDeviceOpen: error allocating AlsaHandle memory."; - goto error; - } - - if ( pthread_cond_init( &apiInfo->runnable_cv, NULL ) ) { - errorText_ = "RtApiAlsa::probeDeviceOpen: error initializing pthread condition variable."; - goto error; - } - - stream_.apiHandle = (void *) apiInfo; - apiInfo->handles[0] = 0; - apiInfo->handles[1] = 0; - } - else { - apiInfo = (AlsaHandle *) stream_.apiHandle; - } - apiInfo->handles[mode] = phandle; - phandle = 0; - - // Allocate necessary internal buffers. - unsigned long bufferBytes; - bufferBytes = stream_.nUserChannels[mode] * *bufferSize * formatBytes( stream_.userFormat ); - stream_.userBuffer[mode] = (char *) calloc( bufferBytes, 1 ); - if ( stream_.userBuffer[mode] == NULL ) { - errorText_ = "RtApiAlsa::probeDeviceOpen: error allocating user buffer memory."; - goto error; - } - - if ( stream_.doConvertBuffer[mode] ) { - - bool makeBuffer = true; - bufferBytes = stream_.nDeviceChannels[mode] * formatBytes( stream_.deviceFormat[mode] ); - if ( mode == INPUT ) { - if ( stream_.mode == OUTPUT && stream_.deviceBuffer ) { - unsigned long bytesOut = stream_.nDeviceChannels[0] * formatBytes( stream_.deviceFormat[0] ); - if ( bufferBytes <= bytesOut ) makeBuffer = false; - } - } - - if ( makeBuffer ) { - bufferBytes *= *bufferSize; - if ( stream_.deviceBuffer ) free( stream_.deviceBuffer ); - stream_.deviceBuffer = (char *) calloc( bufferBytes, 1 ); - if ( stream_.deviceBuffer == NULL ) { - errorText_ = "RtApiAlsa::probeDeviceOpen: error allocating device buffer memory."; - goto error; - } - } - } - - stream_.sampleRate = sampleRate; - stream_.nBuffers = periods; - stream_.device[mode] = device; - stream_.state = STREAM_STOPPED; - - // Setup the buffer conversion information structure. - if ( stream_.doConvertBuffer[mode] ) setConvertInfo( mode, firstChannel ); - - // Setup thread if necessary. - if ( stream_.mode == OUTPUT && mode == INPUT ) { - // We had already set up an output stream. - stream_.mode = DUPLEX; - // Link the streams if possible. - apiInfo->synchronized = false; - if ( snd_pcm_link( apiInfo->handles[0], apiInfo->handles[1] ) == 0 ) - apiInfo->synchronized = true; - else { - errorText_ = "RtApiAlsa::probeDeviceOpen: unable to synchronize input and output devices."; - error( RtAudioError::WARNING ); - } - } - else { - stream_.mode = mode; - - // Setup callback thread. - stream_.callbackInfo.object = (void *) this; - - // Set the thread attributes for joinable and realtime scheduling - // priority (optional). The higher priority will only take affect - // if the program is run as root or suid. Note, under Linux - // processes with CAP_SYS_NICE privilege, a user can change - // scheduling policy and priority (thus need not be root). See - // POSIX "capabilities". - pthread_attr_t attr; - pthread_attr_init( &attr ); - pthread_attr_setdetachstate( &attr, PTHREAD_CREATE_JOINABLE ); - -#ifdef SCHED_RR // Undefined with some OSes (eg: NetBSD 1.6.x with GNU Pthread) - if ( options && options->flags & RTAUDIO_SCHEDULE_REALTIME ) { - // We previously attempted to increase the audio callback priority - // to SCHED_RR here via the attributes. However, while no errors - // were reported in doing so, it did not work. So, now this is - // done in the alsaCallbackHandler function. - stream_.callbackInfo.doRealtime = true; - int priority = options->priority; - int min = sched_get_priority_min( SCHED_RR ); - int max = sched_get_priority_max( SCHED_RR ); - if ( priority < min ) priority = min; - else if ( priority > max ) priority = max; - stream_.callbackInfo.priority = priority; - } -#endif - - stream_.callbackInfo.isRunning = true; - result = pthread_create( &stream_.callbackInfo.thread, &attr, alsaCallbackHandler, &stream_.callbackInfo ); - pthread_attr_destroy( &attr ); - if ( result ) { - stream_.callbackInfo.isRunning = false; - errorText_ = "RtApiAlsa::error creating callback thread!"; - goto error; - } - } - - return SUCCESS; - - error: - if ( apiInfo ) { - pthread_cond_destroy( &apiInfo->runnable_cv ); - if ( apiInfo->handles[0] ) snd_pcm_close( apiInfo->handles[0] ); - if ( apiInfo->handles[1] ) snd_pcm_close( apiInfo->handles[1] ); - delete apiInfo; - stream_.apiHandle = 0; - } - - if ( phandle) snd_pcm_close( phandle ); - - for ( int i=0; i<2; i++ ) { - if ( stream_.userBuffer[i] ) { - free( stream_.userBuffer[i] ); - stream_.userBuffer[i] = 0; - } - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - - stream_.state = STREAM_CLOSED; - return FAILURE; -} - -void RtApiAlsa :: closeStream() -{ - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiAlsa::closeStream(): no open stream to close!"; - error( RtAudioError::WARNING ); - return; - } - - AlsaHandle *apiInfo = (AlsaHandle *) stream_.apiHandle; - stream_.callbackInfo.isRunning = false; - MUTEX_LOCK( &stream_.mutex ); - if ( stream_.state == STREAM_STOPPED ) { - apiInfo->runnable = true; - pthread_cond_signal( &apiInfo->runnable_cv ); - } - MUTEX_UNLOCK( &stream_.mutex ); - pthread_join( stream_.callbackInfo.thread, NULL ); - - if ( stream_.state == STREAM_RUNNING ) { - stream_.state = STREAM_STOPPED; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) - snd_pcm_drop( apiInfo->handles[0] ); - if ( stream_.mode == INPUT || stream_.mode == DUPLEX ) - snd_pcm_drop( apiInfo->handles[1] ); - } - - if ( apiInfo ) { - pthread_cond_destroy( &apiInfo->runnable_cv ); - if ( apiInfo->handles[0] ) snd_pcm_close( apiInfo->handles[0] ); - if ( apiInfo->handles[1] ) snd_pcm_close( apiInfo->handles[1] ); - delete apiInfo; - stream_.apiHandle = 0; - } - - for ( int i=0; i<2; i++ ) { - if ( stream_.userBuffer[i] ) { - free( stream_.userBuffer[i] ); - stream_.userBuffer[i] = 0; - } - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - - stream_.mode = UNINITIALIZED; - stream_.state = STREAM_CLOSED; -} - -void RtApiAlsa :: startStream() -{ - // This method calls snd_pcm_prepare if the device isn't already in that state. - - verifyStream(); - if ( stream_.state == STREAM_RUNNING ) { - errorText_ = "RtApiAlsa::startStream(): the stream is already running!"; - error( RtAudioError::WARNING ); - return; - } - - MUTEX_LOCK( &stream_.mutex ); - - int result = 0; - snd_pcm_state_t state; - AlsaHandle *apiInfo = (AlsaHandle *) stream_.apiHandle; - snd_pcm_t **handle = (snd_pcm_t **) apiInfo->handles; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - state = snd_pcm_state( handle[0] ); - if ( state != SND_PCM_STATE_PREPARED ) { - result = snd_pcm_prepare( handle[0] ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::startStream: error preparing output pcm device, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - goto unlock; - } - } - } - - if ( ( stream_.mode == INPUT || stream_.mode == DUPLEX ) && !apiInfo->synchronized ) { - result = snd_pcm_drop(handle[1]); // fix to remove stale data received since device has been open - state = snd_pcm_state( handle[1] ); - if ( state != SND_PCM_STATE_PREPARED ) { - result = snd_pcm_prepare( handle[1] ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::startStream: error preparing input pcm device, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - goto unlock; - } - } - } - - stream_.state = STREAM_RUNNING; - - unlock: - apiInfo->runnable = true; - pthread_cond_signal( &apiInfo->runnable_cv ); - MUTEX_UNLOCK( &stream_.mutex ); - - if ( result >= 0 ) return; - error( RtAudioError::SYSTEM_ERROR ); -} - -void RtApiAlsa :: stopStream() -{ - verifyStream(); - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiAlsa::stopStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - stream_.state = STREAM_STOPPED; - MUTEX_LOCK( &stream_.mutex ); - - int result = 0; - AlsaHandle *apiInfo = (AlsaHandle *) stream_.apiHandle; - snd_pcm_t **handle = (snd_pcm_t **) apiInfo->handles; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - if ( apiInfo->synchronized ) - result = snd_pcm_drop( handle[0] ); - else - result = snd_pcm_drain( handle[0] ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::stopStream: error draining output pcm device, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - goto unlock; - } - } - - if ( ( stream_.mode == INPUT || stream_.mode == DUPLEX ) && !apiInfo->synchronized ) { - result = snd_pcm_drop( handle[1] ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::stopStream: error stopping input pcm device, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - goto unlock; - } - } - - unlock: - apiInfo->runnable = false; // fixes high CPU usage when stopped - MUTEX_UNLOCK( &stream_.mutex ); - - if ( result >= 0 ) return; - error( RtAudioError::SYSTEM_ERROR ); -} - -void RtApiAlsa :: abortStream() -{ - verifyStream(); - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiAlsa::abortStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - stream_.state = STREAM_STOPPED; - MUTEX_LOCK( &stream_.mutex ); - - int result = 0; - AlsaHandle *apiInfo = (AlsaHandle *) stream_.apiHandle; - snd_pcm_t **handle = (snd_pcm_t **) apiInfo->handles; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - result = snd_pcm_drop( handle[0] ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::abortStream: error aborting output pcm device, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - goto unlock; - } - } - - if ( ( stream_.mode == INPUT || stream_.mode == DUPLEX ) && !apiInfo->synchronized ) { - result = snd_pcm_drop( handle[1] ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::abortStream: error aborting input pcm device, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - goto unlock; - } - } - - unlock: - apiInfo->runnable = false; // fixes high CPU usage when stopped - MUTEX_UNLOCK( &stream_.mutex ); - - if ( result >= 0 ) return; - error( RtAudioError::SYSTEM_ERROR ); -} - -void RtApiAlsa :: callbackEvent() -{ - AlsaHandle *apiInfo = (AlsaHandle *) stream_.apiHandle; - if ( stream_.state == STREAM_STOPPED ) { - MUTEX_LOCK( &stream_.mutex ); - while ( !apiInfo->runnable ) - pthread_cond_wait( &apiInfo->runnable_cv, &stream_.mutex ); - - if ( stream_.state != STREAM_RUNNING ) { - MUTEX_UNLOCK( &stream_.mutex ); - return; - } - MUTEX_UNLOCK( &stream_.mutex ); - } - - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiAlsa::callbackEvent(): the stream is closed ... this shouldn't happen!"; - error( RtAudioError::WARNING ); - return; - } - - int doStopStream = 0; - RtAudioCallback callback = (RtAudioCallback) stream_.callbackInfo.callback; - double streamTime = getStreamTime(); - RtAudioStreamStatus status = 0; - if ( stream_.mode != INPUT && apiInfo->xrun[0] == true ) { - status |= RTAUDIO_OUTPUT_UNDERFLOW; - apiInfo->xrun[0] = false; - } - if ( stream_.mode != OUTPUT && apiInfo->xrun[1] == true ) { - status |= RTAUDIO_INPUT_OVERFLOW; - apiInfo->xrun[1] = false; - } - doStopStream = callback( stream_.userBuffer[0], stream_.userBuffer[1], - stream_.bufferSize, streamTime, status, stream_.callbackInfo.userData ); - - if ( doStopStream == 2 ) { - abortStream(); - return; - } - - MUTEX_LOCK( &stream_.mutex ); - - // The state might change while waiting on a mutex. - if ( stream_.state == STREAM_STOPPED ) goto unlock; - - int result; - char *buffer; - int channels; - snd_pcm_t **handle; - snd_pcm_sframes_t frames; - RtAudioFormat format; - handle = (snd_pcm_t **) apiInfo->handles; - - if ( stream_.mode == INPUT || stream_.mode == DUPLEX ) { - - // Setup parameters. - if ( stream_.doConvertBuffer[1] ) { - buffer = stream_.deviceBuffer; - channels = stream_.nDeviceChannels[1]; - format = stream_.deviceFormat[1]; - } - else { - buffer = stream_.userBuffer[1]; - channels = stream_.nUserChannels[1]; - format = stream_.userFormat; - } - - // Read samples from device in interleaved/non-interleaved format. - if ( stream_.deviceInterleaved[1] ) - result = snd_pcm_readi( handle[1], buffer, stream_.bufferSize ); - else { - void *bufs[channels]; - size_t offset = stream_.bufferSize * formatBytes( format ); - for ( int i=0; i<channels; i++ ) - bufs[i] = (void *) (buffer + (i * offset)); - result = snd_pcm_readn( handle[1], bufs, stream_.bufferSize ); - } - - if ( result < (int) stream_.bufferSize ) { - // Either an error or overrun occured. - if ( result == -EPIPE ) { - snd_pcm_state_t state = snd_pcm_state( handle[1] ); - if ( state == SND_PCM_STATE_XRUN ) { - apiInfo->xrun[1] = true; - result = snd_pcm_prepare( handle[1] ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::callbackEvent: error preparing device after overrun, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - } - } - else { - errorStream_ << "RtApiAlsa::callbackEvent: error, current state is " << snd_pcm_state_name( state ) << ", " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - } - } - else { - errorStream_ << "RtApiAlsa::callbackEvent: audio read error, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - } - error( RtAudioError::WARNING ); - goto tryOutput; - } - - // Do byte swapping if necessary. - if ( stream_.doByteSwap[1] ) - byteSwapBuffer( buffer, stream_.bufferSize * channels, format ); - - // Do buffer conversion if necessary. - if ( stream_.doConvertBuffer[1] ) - convertBuffer( stream_.userBuffer[1], stream_.deviceBuffer, stream_.convertInfo[1] ); - - // Check stream latency - result = snd_pcm_delay( handle[1], &frames ); - if ( result == 0 && frames > 0 ) stream_.latency[1] = frames; - } - - tryOutput: - - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - - // Setup parameters and do buffer conversion if necessary. - if ( stream_.doConvertBuffer[0] ) { - buffer = stream_.deviceBuffer; - convertBuffer( buffer, stream_.userBuffer[0], stream_.convertInfo[0] ); - channels = stream_.nDeviceChannels[0]; - format = stream_.deviceFormat[0]; - } - else { - buffer = stream_.userBuffer[0]; - channels = stream_.nUserChannels[0]; - format = stream_.userFormat; - } - - // Do byte swapping if necessary. - if ( stream_.doByteSwap[0] ) - byteSwapBuffer(buffer, stream_.bufferSize * channels, format); - - // Write samples to device in interleaved/non-interleaved format. - if ( stream_.deviceInterleaved[0] ) - result = snd_pcm_writei( handle[0], buffer, stream_.bufferSize ); - else { - void *bufs[channels]; - size_t offset = stream_.bufferSize * formatBytes( format ); - for ( int i=0; i<channels; i++ ) - bufs[i] = (void *) (buffer + (i * offset)); - result = snd_pcm_writen( handle[0], bufs, stream_.bufferSize ); - } - - if ( result < (int) stream_.bufferSize ) { - // Either an error or underrun occured. - if ( result == -EPIPE ) { - snd_pcm_state_t state = snd_pcm_state( handle[0] ); - if ( state == SND_PCM_STATE_XRUN ) { - apiInfo->xrun[0] = true; - result = snd_pcm_prepare( handle[0] ); - if ( result < 0 ) { - errorStream_ << "RtApiAlsa::callbackEvent: error preparing device after underrun, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - } - else - errorText_ = "RtApiAlsa::callbackEvent: audio write error, underrun."; - } - else { - errorStream_ << "RtApiAlsa::callbackEvent: error, current state is " << snd_pcm_state_name( state ) << ", " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - } - } - else { - errorStream_ << "RtApiAlsa::callbackEvent: audio write error, " << snd_strerror( result ) << "."; - errorText_ = errorStream_.str(); - } - error( RtAudioError::WARNING ); - goto unlock; - } - - // Check stream latency - result = snd_pcm_delay( handle[0], &frames ); - if ( result == 0 && frames > 0 ) stream_.latency[0] = frames; - } - - unlock: - MUTEX_UNLOCK( &stream_.mutex ); - - RtApi::tickStreamTime(); - if ( doStopStream == 1 ) this->stopStream(); -} - -static void *alsaCallbackHandler( void *ptr ) -{ - CallbackInfo *info = (CallbackInfo *) ptr; - RtApiAlsa *object = (RtApiAlsa *) info->object; - bool *isRunning = &info->isRunning; - -#ifdef SCHED_RR // Undefined with some OSes (eg: NetBSD 1.6.x with GNU Pthread) - if ( info->doRealtime ) { - pthread_t tID = pthread_self(); // ID of this thread - sched_param prio = { info->priority }; // scheduling priority of thread - pthread_setschedparam( tID, SCHED_RR, &prio ); - } -#endif - - while ( *isRunning == true ) { - pthread_testcancel(); - object->callbackEvent(); - } - - pthread_exit( NULL ); -} - -//******************** End of __LINUX_ALSA__ *********************// -#endif - -#if defined(__LINUX_PULSE__) - -// Code written by Peter Meerwald, pmeerw@pmeerw.net -// and Tristan Matthews. - -#include <pulse/error.h> -#include <pulse/simple.h> -#include <cstdio> - -static const unsigned int SUPPORTED_SAMPLERATES[] = { 8000, 16000, 22050, 32000, - 44100, 48000, 96000, 0}; - -struct rtaudio_pa_format_mapping_t { - RtAudioFormat rtaudio_format; - pa_sample_format_t pa_format; -}; - -static const rtaudio_pa_format_mapping_t supported_sampleformats[] = { - {RTAUDIO_SINT16, PA_SAMPLE_S16LE}, - {RTAUDIO_SINT32, PA_SAMPLE_S32LE}, - {RTAUDIO_FLOAT32, PA_SAMPLE_FLOAT32LE}, - {0, PA_SAMPLE_INVALID}}; - -struct PulseAudioHandle { - pa_simple *s_play; - pa_simple *s_rec; - pthread_t thread; - pthread_cond_t runnable_cv; - bool runnable; - PulseAudioHandle() : s_play(0), s_rec(0), runnable(false) { } -}; - -RtApiPulse::~RtApiPulse() -{ - if ( stream_.state != STREAM_CLOSED ) - closeStream(); -} - -unsigned int RtApiPulse::getDeviceCount( void ) -{ - return 1; -} - -RtAudio::DeviceInfo RtApiPulse::getDeviceInfo( unsigned int /*device*/ ) -{ - RtAudio::DeviceInfo info; - info.probed = true; - info.name = "PulseAudio"; - info.outputChannels = 2; - info.inputChannels = 2; - info.duplexChannels = 2; - info.isDefaultOutput = true; - info.isDefaultInput = true; - - for ( const unsigned int *sr = SUPPORTED_SAMPLERATES; *sr; ++sr ) - info.sampleRates.push_back( *sr ); - - info.preferredSampleRate = 48000; - info.nativeFormats = RTAUDIO_SINT16 | RTAUDIO_SINT32 | RTAUDIO_FLOAT32; - - return info; -} - -static void *pulseaudio_callback( void * user ) -{ - CallbackInfo *cbi = static_cast<CallbackInfo *>( user ); - RtApiPulse *context = static_cast<RtApiPulse *>( cbi->object ); - volatile bool *isRunning = &cbi->isRunning; - - while ( *isRunning ) { - pthread_testcancel(); - context->callbackEvent(); - } - - pthread_exit( NULL ); -} - -void RtApiPulse::closeStream( void ) -{ - PulseAudioHandle *pah = static_cast<PulseAudioHandle *>( stream_.apiHandle ); - - stream_.callbackInfo.isRunning = false; - if ( pah ) { - MUTEX_LOCK( &stream_.mutex ); - if ( stream_.state == STREAM_STOPPED ) { - pah->runnable = true; - pthread_cond_signal( &pah->runnable_cv ); - } - MUTEX_UNLOCK( &stream_.mutex ); - - pthread_join( pah->thread, 0 ); - if ( pah->s_play ) { - pa_simple_flush( pah->s_play, NULL ); - pa_simple_free( pah->s_play ); - } - if ( pah->s_rec ) - pa_simple_free( pah->s_rec ); - - pthread_cond_destroy( &pah->runnable_cv ); - delete pah; - stream_.apiHandle = 0; - } - - if ( stream_.userBuffer[0] ) { - free( stream_.userBuffer[0] ); - stream_.userBuffer[0] = 0; - } - if ( stream_.userBuffer[1] ) { - free( stream_.userBuffer[1] ); - stream_.userBuffer[1] = 0; - } - - stream_.state = STREAM_CLOSED; - stream_.mode = UNINITIALIZED; -} - -void RtApiPulse::callbackEvent( void ) -{ - PulseAudioHandle *pah = static_cast<PulseAudioHandle *>( stream_.apiHandle ); - - if ( stream_.state == STREAM_STOPPED ) { - MUTEX_LOCK( &stream_.mutex ); - while ( !pah->runnable ) - pthread_cond_wait( &pah->runnable_cv, &stream_.mutex ); - - if ( stream_.state != STREAM_RUNNING ) { - MUTEX_UNLOCK( &stream_.mutex ); - return; - } - MUTEX_UNLOCK( &stream_.mutex ); - } - - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiPulse::callbackEvent(): the stream is closed ... " - "this shouldn't happen!"; - error( RtAudioError::WARNING ); - return; - } - - RtAudioCallback callback = (RtAudioCallback) stream_.callbackInfo.callback; - double streamTime = getStreamTime(); - RtAudioStreamStatus status = 0; - int doStopStream = callback( stream_.userBuffer[OUTPUT], stream_.userBuffer[INPUT], - stream_.bufferSize, streamTime, status, - stream_.callbackInfo.userData ); - - if ( doStopStream == 2 ) { - abortStream(); - return; - } - - MUTEX_LOCK( &stream_.mutex ); - void *pulse_in = stream_.doConvertBuffer[INPUT] ? stream_.deviceBuffer : stream_.userBuffer[INPUT]; - void *pulse_out = stream_.doConvertBuffer[OUTPUT] ? stream_.deviceBuffer : stream_.userBuffer[OUTPUT]; - - if ( stream_.state != STREAM_RUNNING ) - goto unlock; - - int pa_error; - size_t bytes; - if (stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - if ( stream_.doConvertBuffer[OUTPUT] ) { - convertBuffer( stream_.deviceBuffer, - stream_.userBuffer[OUTPUT], - stream_.convertInfo[OUTPUT] ); - bytes = stream_.nDeviceChannels[OUTPUT] * stream_.bufferSize * - formatBytes( stream_.deviceFormat[OUTPUT] ); - } else - bytes = stream_.nUserChannels[OUTPUT] * stream_.bufferSize * - formatBytes( stream_.userFormat ); - - if ( pa_simple_write( pah->s_play, pulse_out, bytes, &pa_error ) < 0 ) { - errorStream_ << "RtApiPulse::callbackEvent: audio write error, " << - pa_strerror( pa_error ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - } - } - - if ( stream_.mode == INPUT || stream_.mode == DUPLEX) { - if ( stream_.doConvertBuffer[INPUT] ) - bytes = stream_.nDeviceChannels[INPUT] * stream_.bufferSize * - formatBytes( stream_.deviceFormat[INPUT] ); - else - bytes = stream_.nUserChannels[INPUT] * stream_.bufferSize * - formatBytes( stream_.userFormat ); - - if ( pa_simple_read( pah->s_rec, pulse_in, bytes, &pa_error ) < 0 ) { - errorStream_ << "RtApiPulse::callbackEvent: audio read error, " << - pa_strerror( pa_error ) << "."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - } - if ( stream_.doConvertBuffer[INPUT] ) { - convertBuffer( stream_.userBuffer[INPUT], - stream_.deviceBuffer, - stream_.convertInfo[INPUT] ); - } - } - - unlock: - MUTEX_UNLOCK( &stream_.mutex ); - RtApi::tickStreamTime(); - - if ( doStopStream == 1 ) - stopStream(); -} - -void RtApiPulse::startStream( void ) -{ - PulseAudioHandle *pah = static_cast<PulseAudioHandle *>( stream_.apiHandle ); - - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiPulse::startStream(): the stream is not open!"; - error( RtAudioError::INVALID_USE ); - return; - } - if ( stream_.state == STREAM_RUNNING ) { - errorText_ = "RtApiPulse::startStream(): the stream is already running!"; - error( RtAudioError::WARNING ); - return; - } - - MUTEX_LOCK( &stream_.mutex ); - - stream_.state = STREAM_RUNNING; - - pah->runnable = true; - pthread_cond_signal( &pah->runnable_cv ); - MUTEX_UNLOCK( &stream_.mutex ); -} - -void RtApiPulse::stopStream( void ) -{ - PulseAudioHandle *pah = static_cast<PulseAudioHandle *>( stream_.apiHandle ); - - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiPulse::stopStream(): the stream is not open!"; - error( RtAudioError::INVALID_USE ); - return; - } - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiPulse::stopStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - stream_.state = STREAM_STOPPED; - MUTEX_LOCK( &stream_.mutex ); - - if ( pah && pah->s_play ) { - int pa_error; - if ( pa_simple_drain( pah->s_play, &pa_error ) < 0 ) { - errorStream_ << "RtApiPulse::stopStream: error draining output device, " << - pa_strerror( pa_error ) << "."; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - } - - stream_.state = STREAM_STOPPED; - MUTEX_UNLOCK( &stream_.mutex ); -} - -void RtApiPulse::abortStream( void ) -{ - PulseAudioHandle *pah = static_cast<PulseAudioHandle*>( stream_.apiHandle ); - - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiPulse::abortStream(): the stream is not open!"; - error( RtAudioError::INVALID_USE ); - return; - } - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiPulse::abortStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - stream_.state = STREAM_STOPPED; - MUTEX_LOCK( &stream_.mutex ); - - if ( pah && pah->s_play ) { - int pa_error; - if ( pa_simple_flush( pah->s_play, &pa_error ) < 0 ) { - errorStream_ << "RtApiPulse::abortStream: error flushing output device, " << - pa_strerror( pa_error ) << "."; - errorText_ = errorStream_.str(); - MUTEX_UNLOCK( &stream_.mutex ); - error( RtAudioError::SYSTEM_ERROR ); - return; - } - } - - stream_.state = STREAM_STOPPED; - MUTEX_UNLOCK( &stream_.mutex ); -} - -bool RtApiPulse::probeDeviceOpen( unsigned int device, StreamMode mode, - unsigned int channels, unsigned int firstChannel, - unsigned int sampleRate, RtAudioFormat format, - unsigned int *bufferSize, RtAudio::StreamOptions *options ) -{ - PulseAudioHandle *pah = 0; - unsigned long bufferBytes = 0; - pa_sample_spec ss; - - if ( device != 0 ) return false; - if ( mode != INPUT && mode != OUTPUT ) return false; - if ( channels != 1 && channels != 2 ) { - errorText_ = "RtApiPulse::probeDeviceOpen: unsupported number of channels."; - return false; - } - ss.channels = channels; - - if ( firstChannel != 0 ) return false; - - bool sr_found = false; - for ( const unsigned int *sr = SUPPORTED_SAMPLERATES; *sr; ++sr ) { - if ( sampleRate == *sr ) { - sr_found = true; - stream_.sampleRate = sampleRate; - ss.rate = sampleRate; - break; - } - } - if ( !sr_found ) { - errorText_ = "RtApiPulse::probeDeviceOpen: unsupported sample rate."; - return false; - } - - bool sf_found = 0; - for ( const rtaudio_pa_format_mapping_t *sf = supported_sampleformats; - sf->rtaudio_format && sf->pa_format != PA_SAMPLE_INVALID; ++sf ) { - if ( format == sf->rtaudio_format ) { - sf_found = true; - stream_.userFormat = sf->rtaudio_format; - stream_.deviceFormat[mode] = stream_.userFormat; - ss.format = sf->pa_format; - break; - } - } - if ( !sf_found ) { // Use internal data format conversion. - stream_.userFormat = format; - stream_.deviceFormat[mode] = RTAUDIO_FLOAT32; - ss.format = PA_SAMPLE_FLOAT32LE; - } - - // Set other stream parameters. - if ( options && options->flags & RTAUDIO_NONINTERLEAVED ) stream_.userInterleaved = false; - else stream_.userInterleaved = true; - stream_.deviceInterleaved[mode] = true; - stream_.nBuffers = 1; - stream_.doByteSwap[mode] = false; - stream_.nUserChannels[mode] = channels; - stream_.nDeviceChannels[mode] = channels + firstChannel; - stream_.channelOffset[mode] = 0; - std::string streamName = "RtAudio"; - - // Set flags for buffer conversion. - stream_.doConvertBuffer[mode] = false; - if ( stream_.userFormat != stream_.deviceFormat[mode] ) - stream_.doConvertBuffer[mode] = true; - if ( stream_.nUserChannels[mode] < stream_.nDeviceChannels[mode] ) - stream_.doConvertBuffer[mode] = true; - - // Allocate necessary internal buffers. - bufferBytes = stream_.nUserChannels[mode] * *bufferSize * formatBytes( stream_.userFormat ); - stream_.userBuffer[mode] = (char *) calloc( bufferBytes, 1 ); - if ( stream_.userBuffer[mode] == NULL ) { - errorText_ = "RtApiPulse::probeDeviceOpen: error allocating user buffer memory."; - goto error; - } - stream_.bufferSize = *bufferSize; - - if ( stream_.doConvertBuffer[mode] ) { - - bool makeBuffer = true; - bufferBytes = stream_.nDeviceChannels[mode] * formatBytes( stream_.deviceFormat[mode] ); - if ( mode == INPUT ) { - if ( stream_.mode == OUTPUT && stream_.deviceBuffer ) { - unsigned long bytesOut = stream_.nDeviceChannels[0] * formatBytes( stream_.deviceFormat[0] ); - if ( bufferBytes <= bytesOut ) makeBuffer = false; - } - } - - if ( makeBuffer ) { - bufferBytes *= *bufferSize; - if ( stream_.deviceBuffer ) free( stream_.deviceBuffer ); - stream_.deviceBuffer = (char *) calloc( bufferBytes, 1 ); - if ( stream_.deviceBuffer == NULL ) { - errorText_ = "RtApiPulse::probeDeviceOpen: error allocating device buffer memory."; - goto error; - } - } - } - - stream_.device[mode] = device; - - // Setup the buffer conversion information structure. - if ( stream_.doConvertBuffer[mode] ) setConvertInfo( mode, firstChannel ); - - if ( !stream_.apiHandle ) { - PulseAudioHandle *pah = new PulseAudioHandle; - if ( !pah ) { - errorText_ = "RtApiPulse::probeDeviceOpen: error allocating memory for handle."; - goto error; - } - - stream_.apiHandle = pah; - if ( pthread_cond_init( &pah->runnable_cv, NULL ) != 0 ) { - errorText_ = "RtApiPulse::probeDeviceOpen: error creating condition variable."; - goto error; - } - } - pah = static_cast<PulseAudioHandle *>( stream_.apiHandle ); - - int error; - if ( options && !options->streamName.empty() ) streamName = options->streamName; - switch ( mode ) { - case INPUT: - pa_buffer_attr buffer_attr; - buffer_attr.fragsize = bufferBytes; - buffer_attr.maxlength = -1; - - pah->s_rec = pa_simple_new( NULL, streamName.c_str(), PA_STREAM_RECORD, NULL, "Record", &ss, NULL, &buffer_attr, &error ); - if ( !pah->s_rec ) { - errorText_ = "RtApiPulse::probeDeviceOpen: error connecting input to PulseAudio server."; - goto error; - } - break; - case OUTPUT: - pah->s_play = pa_simple_new( NULL, streamName.c_str(), PA_STREAM_PLAYBACK, NULL, "Playback", &ss, NULL, NULL, &error ); - if ( !pah->s_play ) { - errorText_ = "RtApiPulse::probeDeviceOpen: error connecting output to PulseAudio server."; - goto error; - } - break; - default: - goto error; - } - - if ( stream_.mode == UNINITIALIZED ) - stream_.mode = mode; - else if ( stream_.mode == mode ) - goto error; - else - stream_.mode = DUPLEX; - - if ( !stream_.callbackInfo.isRunning ) { - stream_.callbackInfo.object = this; - stream_.callbackInfo.isRunning = true; - if ( pthread_create( &pah->thread, NULL, pulseaudio_callback, (void *)&stream_.callbackInfo) != 0 ) { - errorText_ = "RtApiPulse::probeDeviceOpen: error creating thread."; - goto error; - } - } - - stream_.state = STREAM_STOPPED; - return true; - - error: - if ( pah && stream_.callbackInfo.isRunning ) { - pthread_cond_destroy( &pah->runnable_cv ); - delete pah; - stream_.apiHandle = 0; - } - - for ( int i=0; i<2; i++ ) { - if ( stream_.userBuffer[i] ) { - free( stream_.userBuffer[i] ); - stream_.userBuffer[i] = 0; - } - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - - return FAILURE; -} - -//******************** End of __LINUX_PULSE__ *********************// -#endif - -#if defined(__LINUX_OSS__) - -#include <unistd.h> -#include <sys/ioctl.h> -#include <unistd.h> -#include <fcntl.h> -#include <sys/soundcard.h> -#include <errno.h> -#include <math.h> - -static void *ossCallbackHandler(void * ptr); - -// A structure to hold various information related to the OSS API -// implementation. -struct OssHandle { - int id[2]; // device ids - bool xrun[2]; - bool triggered; - pthread_cond_t runnable; - - OssHandle() - :triggered(false) { id[0] = 0; id[1] = 0; xrun[0] = false; xrun[1] = false; } -}; - -RtApiOss :: RtApiOss() -{ - // Nothing to do here. -} - -RtApiOss :: ~RtApiOss() -{ - if ( stream_.state != STREAM_CLOSED ) closeStream(); -} - -unsigned int RtApiOss :: getDeviceCount( void ) -{ - int mixerfd = open( "/dev/mixer", O_RDWR, 0 ); - if ( mixerfd == -1 ) { - errorText_ = "RtApiOss::getDeviceCount: error opening '/dev/mixer'."; - error( RtAudioError::WARNING ); - return 0; - } - - oss_sysinfo sysinfo; - if ( ioctl( mixerfd, SNDCTL_SYSINFO, &sysinfo ) == -1 ) { - close( mixerfd ); - errorText_ = "RtApiOss::getDeviceCount: error getting sysinfo, OSS version >= 4.0 is required."; - error( RtAudioError::WARNING ); - return 0; - } - - close( mixerfd ); - return sysinfo.numaudios; -} - -RtAudio::DeviceInfo RtApiOss :: getDeviceInfo( unsigned int device ) -{ - RtAudio::DeviceInfo info; - info.probed = false; - - int mixerfd = open( "/dev/mixer", O_RDWR, 0 ); - if ( mixerfd == -1 ) { - errorText_ = "RtApiOss::getDeviceInfo: error opening '/dev/mixer'."; - error( RtAudioError::WARNING ); - return info; - } - - oss_sysinfo sysinfo; - int result = ioctl( mixerfd, SNDCTL_SYSINFO, &sysinfo ); - if ( result == -1 ) { - close( mixerfd ); - errorText_ = "RtApiOss::getDeviceInfo: error getting sysinfo, OSS version >= 4.0 is required."; - error( RtAudioError::WARNING ); - return info; - } - - unsigned nDevices = sysinfo.numaudios; - if ( nDevices == 0 ) { - close( mixerfd ); - errorText_ = "RtApiOss::getDeviceInfo: no devices found!"; - error( RtAudioError::INVALID_USE ); - return info; - } - - if ( device >= nDevices ) { - close( mixerfd ); - errorText_ = "RtApiOss::getDeviceInfo: device ID is invalid!"; - error( RtAudioError::INVALID_USE ); - return info; - } - - oss_audioinfo ainfo; - ainfo.dev = device; - result = ioctl( mixerfd, SNDCTL_AUDIOINFO, &ainfo ); - close( mixerfd ); - if ( result == -1 ) { - errorStream_ << "RtApiOss::getDeviceInfo: error getting device (" << ainfo.name << ") info."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // Probe channels - if ( ainfo.caps & PCM_CAP_OUTPUT ) info.outputChannels = ainfo.max_channels; - if ( ainfo.caps & PCM_CAP_INPUT ) info.inputChannels = ainfo.max_channels; - if ( ainfo.caps & PCM_CAP_DUPLEX ) { - if ( info.outputChannels > 0 && info.inputChannels > 0 && ainfo.caps & PCM_CAP_DUPLEX ) - info.duplexChannels = (info.outputChannels > info.inputChannels) ? info.inputChannels : info.outputChannels; - } - - // Probe data formats ... do for input - unsigned long mask = ainfo.iformats; - if ( mask & AFMT_S16_LE || mask & AFMT_S16_BE ) - info.nativeFormats |= RTAUDIO_SINT16; - if ( mask & AFMT_S8 ) - info.nativeFormats |= RTAUDIO_SINT8; - if ( mask & AFMT_S32_LE || mask & AFMT_S32_BE ) - info.nativeFormats |= RTAUDIO_SINT32; - if ( mask & AFMT_FLOAT ) - info.nativeFormats |= RTAUDIO_FLOAT32; - if ( mask & AFMT_S24_LE || mask & AFMT_S24_BE ) - info.nativeFormats |= RTAUDIO_SINT24; - - // Check that we have at least one supported format - if ( info.nativeFormats == 0 ) { - errorStream_ << "RtApiOss::getDeviceInfo: device (" << ainfo.name << ") data format not supported by RtAudio."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - return info; - } - - // Probe the supported sample rates. - info.sampleRates.clear(); - if ( ainfo.nrates ) { - for ( unsigned int i=0; i<ainfo.nrates; i++ ) { - for ( unsigned int k=0; k<MAX_SAMPLE_RATES; k++ ) { - if ( ainfo.rates[i] == SAMPLE_RATES[k] ) { - info.sampleRates.push_back( SAMPLE_RATES[k] ); - - if ( !info.preferredSampleRate || ( SAMPLE_RATES[k] <= 48000 && SAMPLE_RATES[k] > info.preferredSampleRate ) ) - info.preferredSampleRate = SAMPLE_RATES[k]; - - break; - } - } - } - } - else { - // Check min and max rate values; - for ( unsigned int k=0; k<MAX_SAMPLE_RATES; k++ ) { - if ( ainfo.min_rate <= (int) SAMPLE_RATES[k] && ainfo.max_rate >= (int) SAMPLE_RATES[k] ) { - info.sampleRates.push_back( SAMPLE_RATES[k] ); - - if ( !info.preferredSampleRate || ( SAMPLE_RATES[k] <= 48000 && SAMPLE_RATES[k] > info.preferredSampleRate ) ) - info.preferredSampleRate = SAMPLE_RATES[k]; - } - } - } - - if ( info.sampleRates.size() == 0 ) { - errorStream_ << "RtApiOss::getDeviceInfo: no supported sample rates found for device (" << ainfo.name << ")."; - errorText_ = errorStream_.str(); - error( RtAudioError::WARNING ); - } - else { - info.probed = true; - info.name = ainfo.name; - } - - return info; -} - - -bool RtApiOss :: probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ) -{ - int mixerfd = open( "/dev/mixer", O_RDWR, 0 ); - if ( mixerfd == -1 ) { - errorText_ = "RtApiOss::probeDeviceOpen: error opening '/dev/mixer'."; - return FAILURE; - } - - oss_sysinfo sysinfo; - int result = ioctl( mixerfd, SNDCTL_SYSINFO, &sysinfo ); - if ( result == -1 ) { - close( mixerfd ); - errorText_ = "RtApiOss::probeDeviceOpen: error getting sysinfo, OSS version >= 4.0 is required."; - return FAILURE; - } - - unsigned nDevices = sysinfo.numaudios; - if ( nDevices == 0 ) { - // This should not happen because a check is made before this function is called. - close( mixerfd ); - errorText_ = "RtApiOss::probeDeviceOpen: no devices found!"; - return FAILURE; - } - - if ( device >= nDevices ) { - // This should not happen because a check is made before this function is called. - close( mixerfd ); - errorText_ = "RtApiOss::probeDeviceOpen: device ID is invalid!"; - return FAILURE; - } - - oss_audioinfo ainfo; - ainfo.dev = device; - result = ioctl( mixerfd, SNDCTL_AUDIOINFO, &ainfo ); - close( mixerfd ); - if ( result == -1 ) { - errorStream_ << "RtApiOss::getDeviceInfo: error getting device (" << ainfo.name << ") info."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Check if device supports input or output - if ( ( mode == OUTPUT && !( ainfo.caps & PCM_CAP_OUTPUT ) ) || - ( mode == INPUT && !( ainfo.caps & PCM_CAP_INPUT ) ) ) { - if ( mode == OUTPUT ) - errorStream_ << "RtApiOss::probeDeviceOpen: device (" << ainfo.name << ") does not support output."; - else - errorStream_ << "RtApiOss::probeDeviceOpen: device (" << ainfo.name << ") does not support input."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - int flags = 0; - OssHandle *handle = (OssHandle *) stream_.apiHandle; - if ( mode == OUTPUT ) - flags |= O_WRONLY; - else { // mode == INPUT - if (stream_.mode == OUTPUT && stream_.device[0] == device) { - // We just set the same device for playback ... close and reopen for duplex (OSS only). - close( handle->id[0] ); - handle->id[0] = 0; - if ( !( ainfo.caps & PCM_CAP_DUPLEX ) ) { - errorStream_ << "RtApiOss::probeDeviceOpen: device (" << ainfo.name << ") does not support duplex mode."; - errorText_ = errorStream_.str(); - return FAILURE; - } - // Check that the number previously set channels is the same. - if ( stream_.nUserChannels[0] != channels ) { - errorStream_ << "RtApiOss::probeDeviceOpen: input/output channels must be equal for OSS duplex device (" << ainfo.name << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - flags |= O_RDWR; - } - else - flags |= O_RDONLY; - } - - // Set exclusive access if specified. - if ( options && options->flags & RTAUDIO_HOG_DEVICE ) flags |= O_EXCL; - - // Try to open the device. - int fd; - fd = open( ainfo.devnode, flags, 0 ); - if ( fd == -1 ) { - if ( errno == EBUSY ) - errorStream_ << "RtApiOss::probeDeviceOpen: device (" << ainfo.name << ") is busy."; - else - errorStream_ << "RtApiOss::probeDeviceOpen: error opening device (" << ainfo.name << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // For duplex operation, specifically set this mode (this doesn't seem to work). - /* - if ( flags | O_RDWR ) { - result = ioctl( fd, SNDCTL_DSP_SETDUPLEX, NULL ); - if ( result == -1) { - errorStream_ << "RtApiOss::probeDeviceOpen: error setting duplex mode for device (" << ainfo.name << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - } - */ - - // Check the device channel support. - stream_.nUserChannels[mode] = channels; - if ( ainfo.max_channels < (int)(channels + firstChannel) ) { - close( fd ); - errorStream_ << "RtApiOss::probeDeviceOpen: the device (" << ainfo.name << ") does not support requested channel parameters."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Set the number of channels. - int deviceChannels = channels + firstChannel; - result = ioctl( fd, SNDCTL_DSP_CHANNELS, &deviceChannels ); - if ( result == -1 || deviceChannels < (int)(channels + firstChannel) ) { - close( fd ); - errorStream_ << "RtApiOss::probeDeviceOpen: error setting channel parameters on device (" << ainfo.name << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - stream_.nDeviceChannels[mode] = deviceChannels; - - // Get the data format mask - int mask; - result = ioctl( fd, SNDCTL_DSP_GETFMTS, &mask ); - if ( result == -1 ) { - close( fd ); - errorStream_ << "RtApiOss::probeDeviceOpen: error getting device (" << ainfo.name << ") data formats."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Determine how to set the device format. - stream_.userFormat = format; - int deviceFormat = -1; - stream_.doByteSwap[mode] = false; - if ( format == RTAUDIO_SINT8 ) { - if ( mask & AFMT_S8 ) { - deviceFormat = AFMT_S8; - stream_.deviceFormat[mode] = RTAUDIO_SINT8; - } - } - else if ( format == RTAUDIO_SINT16 ) { - if ( mask & AFMT_S16_NE ) { - deviceFormat = AFMT_S16_NE; - stream_.deviceFormat[mode] = RTAUDIO_SINT16; - } - else if ( mask & AFMT_S16_OE ) { - deviceFormat = AFMT_S16_OE; - stream_.deviceFormat[mode] = RTAUDIO_SINT16; - stream_.doByteSwap[mode] = true; - } - } - else if ( format == RTAUDIO_SINT24 ) { - if ( mask & AFMT_S24_NE ) { - deviceFormat = AFMT_S24_NE; - stream_.deviceFormat[mode] = RTAUDIO_SINT24; - } - else if ( mask & AFMT_S24_OE ) { - deviceFormat = AFMT_S24_OE; - stream_.deviceFormat[mode] = RTAUDIO_SINT24; - stream_.doByteSwap[mode] = true; - } - } - else if ( format == RTAUDIO_SINT32 ) { - if ( mask & AFMT_S32_NE ) { - deviceFormat = AFMT_S32_NE; - stream_.deviceFormat[mode] = RTAUDIO_SINT32; - } - else if ( mask & AFMT_S32_OE ) { - deviceFormat = AFMT_S32_OE; - stream_.deviceFormat[mode] = RTAUDIO_SINT32; - stream_.doByteSwap[mode] = true; - } - } - - if ( deviceFormat == -1 ) { - // The user requested format is not natively supported by the device. - if ( mask & AFMT_S16_NE ) { - deviceFormat = AFMT_S16_NE; - stream_.deviceFormat[mode] = RTAUDIO_SINT16; - } - else if ( mask & AFMT_S32_NE ) { - deviceFormat = AFMT_S32_NE; - stream_.deviceFormat[mode] = RTAUDIO_SINT32; - } - else if ( mask & AFMT_S24_NE ) { - deviceFormat = AFMT_S24_NE; - stream_.deviceFormat[mode] = RTAUDIO_SINT24; - } - else if ( mask & AFMT_S16_OE ) { - deviceFormat = AFMT_S16_OE; - stream_.deviceFormat[mode] = RTAUDIO_SINT16; - stream_.doByteSwap[mode] = true; - } - else if ( mask & AFMT_S32_OE ) { - deviceFormat = AFMT_S32_OE; - stream_.deviceFormat[mode] = RTAUDIO_SINT32; - stream_.doByteSwap[mode] = true; - } - else if ( mask & AFMT_S24_OE ) { - deviceFormat = AFMT_S24_OE; - stream_.deviceFormat[mode] = RTAUDIO_SINT24; - stream_.doByteSwap[mode] = true; - } - else if ( mask & AFMT_S8) { - deviceFormat = AFMT_S8; - stream_.deviceFormat[mode] = RTAUDIO_SINT8; - } - } - - if ( stream_.deviceFormat[mode] == 0 ) { - // This really shouldn't happen ... - close( fd ); - errorStream_ << "RtApiOss::probeDeviceOpen: device (" << ainfo.name << ") data format not supported by RtAudio."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Set the data format. - int temp = deviceFormat; - result = ioctl( fd, SNDCTL_DSP_SETFMT, &deviceFormat ); - if ( result == -1 || deviceFormat != temp ) { - close( fd ); - errorStream_ << "RtApiOss::probeDeviceOpen: error setting data format on device (" << ainfo.name << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Attempt to set the buffer size. According to OSS, the minimum - // number of buffers is two. The supposed minimum buffer size is 16 - // bytes, so that will be our lower bound. The argument to this - // call is in the form 0xMMMMSSSS (hex), where the buffer size (in - // bytes) is given as 2^SSSS and the number of buffers as 2^MMMM. - // We'll check the actual value used near the end of the setup - // procedure. - int ossBufferBytes = *bufferSize * formatBytes( stream_.deviceFormat[mode] ) * deviceChannels; - if ( ossBufferBytes < 16 ) ossBufferBytes = 16; - int buffers = 0; - if ( options ) buffers = options->numberOfBuffers; - if ( options && options->flags & RTAUDIO_MINIMIZE_LATENCY ) buffers = 2; - if ( buffers < 2 ) buffers = 3; - temp = ((int) buffers << 16) + (int)( log10( (double)ossBufferBytes ) / log10( 2.0 ) ); - result = ioctl( fd, SNDCTL_DSP_SETFRAGMENT, &temp ); - if ( result == -1 ) { - close( fd ); - errorStream_ << "RtApiOss::probeDeviceOpen: error setting buffer size on device (" << ainfo.name << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - stream_.nBuffers = buffers; - - // Save buffer size (in sample frames). - *bufferSize = ossBufferBytes / ( formatBytes(stream_.deviceFormat[mode]) * deviceChannels ); - stream_.bufferSize = *bufferSize; - - // Set the sample rate. - int srate = sampleRate; - result = ioctl( fd, SNDCTL_DSP_SPEED, &srate ); - if ( result == -1 ) { - close( fd ); - errorStream_ << "RtApiOss::probeDeviceOpen: error setting sample rate (" << sampleRate << ") on device (" << ainfo.name << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - - // Verify the sample rate setup worked. - if ( abs( srate - sampleRate ) > 100 ) { - close( fd ); - errorStream_ << "RtApiOss::probeDeviceOpen: device (" << ainfo.name << ") does not support sample rate (" << sampleRate << ")."; - errorText_ = errorStream_.str(); - return FAILURE; - } - stream_.sampleRate = sampleRate; - - if ( mode == INPUT && stream_.mode == OUTPUT && stream_.device[0] == device) { - // We're doing duplex setup here. - stream_.deviceFormat[0] = stream_.deviceFormat[1]; - stream_.nDeviceChannels[0] = deviceChannels; - } - - // Set interleaving parameters. - stream_.userInterleaved = true; - stream_.deviceInterleaved[mode] = true; - if ( options && options->flags & RTAUDIO_NONINTERLEAVED ) - stream_.userInterleaved = false; - - // Set flags for buffer conversion - stream_.doConvertBuffer[mode] = false; - if ( stream_.userFormat != stream_.deviceFormat[mode] ) - stream_.doConvertBuffer[mode] = true; - if ( stream_.nUserChannels[mode] < stream_.nDeviceChannels[mode] ) - stream_.doConvertBuffer[mode] = true; - if ( stream_.userInterleaved != stream_.deviceInterleaved[mode] && - stream_.nUserChannels[mode] > 1 ) - stream_.doConvertBuffer[mode] = true; - - // Allocate the stream handles if necessary and then save. - if ( stream_.apiHandle == 0 ) { - try { - handle = new OssHandle; - } - catch ( std::bad_alloc& ) { - errorText_ = "RtApiOss::probeDeviceOpen: error allocating OssHandle memory."; - goto error; - } - - if ( pthread_cond_init( &handle->runnable, NULL ) ) { - errorText_ = "RtApiOss::probeDeviceOpen: error initializing pthread condition variable."; - goto error; - } - - stream_.apiHandle = (void *) handle; - } - else { - handle = (OssHandle *) stream_.apiHandle; - } - handle->id[mode] = fd; - - // Allocate necessary internal buffers. - unsigned long bufferBytes; - bufferBytes = stream_.nUserChannels[mode] * *bufferSize * formatBytes( stream_.userFormat ); - stream_.userBuffer[mode] = (char *) calloc( bufferBytes, 1 ); - if ( stream_.userBuffer[mode] == NULL ) { - errorText_ = "RtApiOss::probeDeviceOpen: error allocating user buffer memory."; - goto error; - } - - if ( stream_.doConvertBuffer[mode] ) { - - bool makeBuffer = true; - bufferBytes = stream_.nDeviceChannels[mode] * formatBytes( stream_.deviceFormat[mode] ); - if ( mode == INPUT ) { - if ( stream_.mode == OUTPUT && stream_.deviceBuffer ) { - unsigned long bytesOut = stream_.nDeviceChannels[0] * formatBytes( stream_.deviceFormat[0] ); - if ( bufferBytes <= bytesOut ) makeBuffer = false; - } - } - - if ( makeBuffer ) { - bufferBytes *= *bufferSize; - if ( stream_.deviceBuffer ) free( stream_.deviceBuffer ); - stream_.deviceBuffer = (char *) calloc( bufferBytes, 1 ); - if ( stream_.deviceBuffer == NULL ) { - errorText_ = "RtApiOss::probeDeviceOpen: error allocating device buffer memory."; - goto error; - } - } - } - - stream_.device[mode] = device; - stream_.state = STREAM_STOPPED; - - // Setup the buffer conversion information structure. - if ( stream_.doConvertBuffer[mode] ) setConvertInfo( mode, firstChannel ); - - // Setup thread if necessary. - if ( stream_.mode == OUTPUT && mode == INPUT ) { - // We had already set up an output stream. - stream_.mode = DUPLEX; - if ( stream_.device[0] == device ) handle->id[0] = fd; - } - else { - stream_.mode = mode; - - // Setup callback thread. - stream_.callbackInfo.object = (void *) this; - - // Set the thread attributes for joinable and realtime scheduling - // priority. The higher priority will only take affect if the - // program is run as root or suid. - pthread_attr_t attr; - pthread_attr_init( &attr ); - pthread_attr_setdetachstate( &attr, PTHREAD_CREATE_JOINABLE ); -#ifdef SCHED_RR // Undefined with some OSes (eg: NetBSD 1.6.x with GNU Pthread) - if ( options && options->flags & RTAUDIO_SCHEDULE_REALTIME ) { - struct sched_param param; - int priority = options->priority; - int min = sched_get_priority_min( SCHED_RR ); - int max = sched_get_priority_max( SCHED_RR ); - if ( priority < min ) priority = min; - else if ( priority > max ) priority = max; - param.sched_priority = priority; - pthread_attr_setschedparam( &attr, ¶m ); - pthread_attr_setschedpolicy( &attr, SCHED_RR ); - } - else - pthread_attr_setschedpolicy( &attr, SCHED_OTHER ); -#else - pthread_attr_setschedpolicy( &attr, SCHED_OTHER ); -#endif - - stream_.callbackInfo.isRunning = true; - result = pthread_create( &stream_.callbackInfo.thread, &attr, ossCallbackHandler, &stream_.callbackInfo ); - pthread_attr_destroy( &attr ); - if ( result ) { - stream_.callbackInfo.isRunning = false; - errorText_ = "RtApiOss::error creating callback thread!"; - goto error; - } - } - - return SUCCESS; - - error: - if ( handle ) { - pthread_cond_destroy( &handle->runnable ); - if ( handle->id[0] ) close( handle->id[0] ); - if ( handle->id[1] ) close( handle->id[1] ); - delete handle; - stream_.apiHandle = 0; - } - - for ( int i=0; i<2; i++ ) { - if ( stream_.userBuffer[i] ) { - free( stream_.userBuffer[i] ); - stream_.userBuffer[i] = 0; - } - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - - return FAILURE; -} - -void RtApiOss :: closeStream() -{ - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiOss::closeStream(): no open stream to close!"; - error( RtAudioError::WARNING ); - return; - } - - OssHandle *handle = (OssHandle *) stream_.apiHandle; - stream_.callbackInfo.isRunning = false; - MUTEX_LOCK( &stream_.mutex ); - if ( stream_.state == STREAM_STOPPED ) - pthread_cond_signal( &handle->runnable ); - MUTEX_UNLOCK( &stream_.mutex ); - pthread_join( stream_.callbackInfo.thread, NULL ); - - if ( stream_.state == STREAM_RUNNING ) { - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) - ioctl( handle->id[0], SNDCTL_DSP_HALT, 0 ); - else - ioctl( handle->id[1], SNDCTL_DSP_HALT, 0 ); - stream_.state = STREAM_STOPPED; - } - - if ( handle ) { - pthread_cond_destroy( &handle->runnable ); - if ( handle->id[0] ) close( handle->id[0] ); - if ( handle->id[1] ) close( handle->id[1] ); - delete handle; - stream_.apiHandle = 0; - } - - for ( int i=0; i<2; i++ ) { - if ( stream_.userBuffer[i] ) { - free( stream_.userBuffer[i] ); - stream_.userBuffer[i] = 0; - } - } - - if ( stream_.deviceBuffer ) { - free( stream_.deviceBuffer ); - stream_.deviceBuffer = 0; - } - - stream_.mode = UNINITIALIZED; - stream_.state = STREAM_CLOSED; -} - -void RtApiOss :: startStream() -{ - verifyStream(); - if ( stream_.state == STREAM_RUNNING ) { - errorText_ = "RtApiOss::startStream(): the stream is already running!"; - error( RtAudioError::WARNING ); - return; - } - - MUTEX_LOCK( &stream_.mutex ); - - stream_.state = STREAM_RUNNING; - - // No need to do anything else here ... OSS automatically starts - // when fed samples. - - MUTEX_UNLOCK( &stream_.mutex ); - - OssHandle *handle = (OssHandle *) stream_.apiHandle; - pthread_cond_signal( &handle->runnable ); -} - -void RtApiOss :: stopStream() -{ - verifyStream(); - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiOss::stopStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - MUTEX_LOCK( &stream_.mutex ); - - // The state might change while waiting on a mutex. - if ( stream_.state == STREAM_STOPPED ) { - MUTEX_UNLOCK( &stream_.mutex ); - return; - } - - int result = 0; - OssHandle *handle = (OssHandle *) stream_.apiHandle; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - - // Flush the output with zeros a few times. - char *buffer; - int samples; - RtAudioFormat format; - - if ( stream_.doConvertBuffer[0] ) { - buffer = stream_.deviceBuffer; - samples = stream_.bufferSize * stream_.nDeviceChannels[0]; - format = stream_.deviceFormat[0]; - } - else { - buffer = stream_.userBuffer[0]; - samples = stream_.bufferSize * stream_.nUserChannels[0]; - format = stream_.userFormat; - } - - memset( buffer, 0, samples * formatBytes(format) ); - for ( unsigned int i=0; i<stream_.nBuffers+1; i++ ) { - result = write( handle->id[0], buffer, samples * formatBytes(format) ); - if ( result == -1 ) { - errorText_ = "RtApiOss::stopStream: audio write error."; - error( RtAudioError::WARNING ); - } - } - - result = ioctl( handle->id[0], SNDCTL_DSP_HALT, 0 ); - if ( result == -1 ) { - errorStream_ << "RtApiOss::stopStream: system error stopping callback procedure on device (" << stream_.device[0] << ")."; - errorText_ = errorStream_.str(); - goto unlock; - } - handle->triggered = false; - } - - if ( stream_.mode == INPUT || ( stream_.mode == DUPLEX && handle->id[0] != handle->id[1] ) ) { - result = ioctl( handle->id[1], SNDCTL_DSP_HALT, 0 ); - if ( result == -1 ) { - errorStream_ << "RtApiOss::stopStream: system error stopping input callback procedure on device (" << stream_.device[0] << ")."; - errorText_ = errorStream_.str(); - goto unlock; - } - } - - unlock: - stream_.state = STREAM_STOPPED; - MUTEX_UNLOCK( &stream_.mutex ); - - if ( result != -1 ) return; - error( RtAudioError::SYSTEM_ERROR ); -} - -void RtApiOss :: abortStream() -{ - verifyStream(); - if ( stream_.state == STREAM_STOPPED ) { - errorText_ = "RtApiOss::abortStream(): the stream is already stopped!"; - error( RtAudioError::WARNING ); - return; - } - - MUTEX_LOCK( &stream_.mutex ); - - // The state might change while waiting on a mutex. - if ( stream_.state == STREAM_STOPPED ) { - MUTEX_UNLOCK( &stream_.mutex ); - return; - } - - int result = 0; - OssHandle *handle = (OssHandle *) stream_.apiHandle; - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - result = ioctl( handle->id[0], SNDCTL_DSP_HALT, 0 ); - if ( result == -1 ) { - errorStream_ << "RtApiOss::abortStream: system error stopping callback procedure on device (" << stream_.device[0] << ")."; - errorText_ = errorStream_.str(); - goto unlock; - } - handle->triggered = false; - } - - if ( stream_.mode == INPUT || ( stream_.mode == DUPLEX && handle->id[0] != handle->id[1] ) ) { - result = ioctl( handle->id[1], SNDCTL_DSP_HALT, 0 ); - if ( result == -1 ) { - errorStream_ << "RtApiOss::abortStream: system error stopping input callback procedure on device (" << stream_.device[0] << ")."; - errorText_ = errorStream_.str(); - goto unlock; - } - } - - unlock: - stream_.state = STREAM_STOPPED; - MUTEX_UNLOCK( &stream_.mutex ); - - if ( result != -1 ) return; - error( RtAudioError::SYSTEM_ERROR ); -} - -void RtApiOss :: callbackEvent() -{ - OssHandle *handle = (OssHandle *) stream_.apiHandle; - if ( stream_.state == STREAM_STOPPED ) { - MUTEX_LOCK( &stream_.mutex ); - pthread_cond_wait( &handle->runnable, &stream_.mutex ); - if ( stream_.state != STREAM_RUNNING ) { - MUTEX_UNLOCK( &stream_.mutex ); - return; - } - MUTEX_UNLOCK( &stream_.mutex ); - } - - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApiOss::callbackEvent(): the stream is closed ... this shouldn't happen!"; - error( RtAudioError::WARNING ); - return; - } - - // Invoke user callback to get fresh output data. - int doStopStream = 0; - RtAudioCallback callback = (RtAudioCallback) stream_.callbackInfo.callback; - double streamTime = getStreamTime(); - RtAudioStreamStatus status = 0; - if ( stream_.mode != INPUT && handle->xrun[0] == true ) { - status |= RTAUDIO_OUTPUT_UNDERFLOW; - handle->xrun[0] = false; - } - if ( stream_.mode != OUTPUT && handle->xrun[1] == true ) { - status |= RTAUDIO_INPUT_OVERFLOW; - handle->xrun[1] = false; - } - doStopStream = callback( stream_.userBuffer[0], stream_.userBuffer[1], - stream_.bufferSize, streamTime, status, stream_.callbackInfo.userData ); - if ( doStopStream == 2 ) { - this->abortStream(); - return; - } - - MUTEX_LOCK( &stream_.mutex ); - - // The state might change while waiting on a mutex. - if ( stream_.state == STREAM_STOPPED ) goto unlock; - - int result; - char *buffer; - int samples; - RtAudioFormat format; - - if ( stream_.mode == OUTPUT || stream_.mode == DUPLEX ) { - - // Setup parameters and do buffer conversion if necessary. - if ( stream_.doConvertBuffer[0] ) { - buffer = stream_.deviceBuffer; - convertBuffer( buffer, stream_.userBuffer[0], stream_.convertInfo[0] ); - samples = stream_.bufferSize * stream_.nDeviceChannels[0]; - format = stream_.deviceFormat[0]; - } - else { - buffer = stream_.userBuffer[0]; - samples = stream_.bufferSize * stream_.nUserChannels[0]; - format = stream_.userFormat; - } - - // Do byte swapping if necessary. - if ( stream_.doByteSwap[0] ) - byteSwapBuffer( buffer, samples, format ); - - if ( stream_.mode == DUPLEX && handle->triggered == false ) { - int trig = 0; - ioctl( handle->id[0], SNDCTL_DSP_SETTRIGGER, &trig ); - result = write( handle->id[0], buffer, samples * formatBytes(format) ); - trig = PCM_ENABLE_INPUT|PCM_ENABLE_OUTPUT; - ioctl( handle->id[0], SNDCTL_DSP_SETTRIGGER, &trig ); - handle->triggered = true; - } - else - // Write samples to device. - result = write( handle->id[0], buffer, samples * formatBytes(format) ); - - if ( result == -1 ) { - // We'll assume this is an underrun, though there isn't a - // specific means for determining that. - handle->xrun[0] = true; - errorText_ = "RtApiOss::callbackEvent: audio write error."; - error( RtAudioError::WARNING ); - // Continue on to input section. - } - } - - if ( stream_.mode == INPUT || stream_.mode == DUPLEX ) { - - // Setup parameters. - if ( stream_.doConvertBuffer[1] ) { - buffer = stream_.deviceBuffer; - samples = stream_.bufferSize * stream_.nDeviceChannels[1]; - format = stream_.deviceFormat[1]; - } - else { - buffer = stream_.userBuffer[1]; - samples = stream_.bufferSize * stream_.nUserChannels[1]; - format = stream_.userFormat; - } - - // Read samples from device. - result = read( handle->id[1], buffer, samples * formatBytes(format) ); - - if ( result == -1 ) { - // We'll assume this is an overrun, though there isn't a - // specific means for determining that. - handle->xrun[1] = true; - errorText_ = "RtApiOss::callbackEvent: audio read error."; - error( RtAudioError::WARNING ); - goto unlock; - } - - // Do byte swapping if necessary. - if ( stream_.doByteSwap[1] ) - byteSwapBuffer( buffer, samples, format ); - - // Do buffer conversion if necessary. - if ( stream_.doConvertBuffer[1] ) - convertBuffer( stream_.userBuffer[1], stream_.deviceBuffer, stream_.convertInfo[1] ); - } - - unlock: - MUTEX_UNLOCK( &stream_.mutex ); - - RtApi::tickStreamTime(); - if ( doStopStream == 1 ) this->stopStream(); -} - -static void *ossCallbackHandler( void *ptr ) -{ - CallbackInfo *info = (CallbackInfo *) ptr; - RtApiOss *object = (RtApiOss *) info->object; - bool *isRunning = &info->isRunning; - - while ( *isRunning == true ) { - pthread_testcancel(); - object->callbackEvent(); - } - - pthread_exit( NULL ); -} - -//******************** End of __LINUX_OSS__ *********************// -#endif - - -// *************************************************** // -// -// Protected common (OS-independent) RtAudio methods. -// -// *************************************************** // - -// This method can be modified to control the behavior of error -// message printing. -void RtApi :: error( RtAudioError::Type type ) -{ - errorStream_.str(""); // clear the ostringstream - - RtAudioErrorCallback errorCallback = (RtAudioErrorCallback) stream_.callbackInfo.errorCallback; - if ( errorCallback ) { - // abortStream() can generate new error messages. Ignore them. Just keep original one. - - if ( firstErrorOccurred_ ) - return; - - firstErrorOccurred_ = true; - const std::string errorMessage = errorText_; - - if ( type != RtAudioError::WARNING && stream_.state != STREAM_STOPPED) { - stream_.callbackInfo.isRunning = false; // exit from the thread - abortStream(); - } - - errorCallback( type, errorMessage ); - firstErrorOccurred_ = false; - return; - } - - if ( type == RtAudioError::WARNING && showWarnings_ == true ) - std::cerr << '\n' << errorText_ << "\n\n"; - else if ( type != RtAudioError::WARNING ) - throw( RtAudioError( errorText_, type ) ); -} - -void RtApi :: verifyStream() -{ - if ( stream_.state == STREAM_CLOSED ) { - errorText_ = "RtApi:: a stream is not open!"; - error( RtAudioError::INVALID_USE ); - } -} - -void RtApi :: clearStreamInfo() -{ - stream_.mode = UNINITIALIZED; - stream_.state = STREAM_CLOSED; - stream_.sampleRate = 0; - stream_.bufferSize = 0; - stream_.nBuffers = 0; - stream_.userFormat = 0; - stream_.userInterleaved = true; - stream_.streamTime = 0.0; - stream_.apiHandle = 0; - stream_.deviceBuffer = 0; - stream_.callbackInfo.callback = 0; - stream_.callbackInfo.userData = 0; - stream_.callbackInfo.isRunning = false; - stream_.callbackInfo.errorCallback = 0; - for ( int i=0; i<2; i++ ) { - stream_.device[i] = 11111; - stream_.doConvertBuffer[i] = false; - stream_.deviceInterleaved[i] = true; - stream_.doByteSwap[i] = false; - stream_.nUserChannels[i] = 0; - stream_.nDeviceChannels[i] = 0; - stream_.channelOffset[i] = 0; - stream_.deviceFormat[i] = 0; - stream_.latency[i] = 0; - stream_.userBuffer[i] = 0; - stream_.convertInfo[i].channels = 0; - stream_.convertInfo[i].inJump = 0; - stream_.convertInfo[i].outJump = 0; - stream_.convertInfo[i].inFormat = 0; - stream_.convertInfo[i].outFormat = 0; - stream_.convertInfo[i].inOffset.clear(); - stream_.convertInfo[i].outOffset.clear(); - } -} - -unsigned int RtApi :: formatBytes( RtAudioFormat format ) -{ - if ( format == RTAUDIO_SINT16 ) - return 2; - else if ( format == RTAUDIO_SINT32 || format == RTAUDIO_FLOAT32 ) - return 4; - else if ( format == RTAUDIO_FLOAT64 ) - return 8; - else if ( format == RTAUDIO_SINT24 ) - return 3; - else if ( format == RTAUDIO_SINT8 ) - return 1; - - errorText_ = "RtApi::formatBytes: undefined format."; - error( RtAudioError::WARNING ); - - return 0; -} - -void RtApi :: setConvertInfo( StreamMode mode, unsigned int firstChannel ) -{ - if ( mode == INPUT ) { // convert device to user buffer - stream_.convertInfo[mode].inJump = stream_.nDeviceChannels[1]; - stream_.convertInfo[mode].outJump = stream_.nUserChannels[1]; - stream_.convertInfo[mode].inFormat = stream_.deviceFormat[1]; - stream_.convertInfo[mode].outFormat = stream_.userFormat; - } - else { // convert user to device buffer - stream_.convertInfo[mode].inJump = stream_.nUserChannels[0]; - stream_.convertInfo[mode].outJump = stream_.nDeviceChannels[0]; - stream_.convertInfo[mode].inFormat = stream_.userFormat; - stream_.convertInfo[mode].outFormat = stream_.deviceFormat[0]; - } - - if ( stream_.convertInfo[mode].inJump < stream_.convertInfo[mode].outJump ) - stream_.convertInfo[mode].channels = stream_.convertInfo[mode].inJump; - else - stream_.convertInfo[mode].channels = stream_.convertInfo[mode].outJump; - - // Set up the interleave/deinterleave offsets. - if ( stream_.deviceInterleaved[mode] != stream_.userInterleaved ) { - if ( ( mode == OUTPUT && stream_.deviceInterleaved[mode] ) || - ( mode == INPUT && stream_.userInterleaved ) ) { - for ( int k=0; k<stream_.convertInfo[mode].channels; k++ ) { - stream_.convertInfo[mode].inOffset.push_back( k * stream_.bufferSize ); - stream_.convertInfo[mode].outOffset.push_back( k ); - stream_.convertInfo[mode].inJump = 1; - } - } - else { - for ( int k=0; k<stream_.convertInfo[mode].channels; k++ ) { - stream_.convertInfo[mode].inOffset.push_back( k ); - stream_.convertInfo[mode].outOffset.push_back( k * stream_.bufferSize ); - stream_.convertInfo[mode].outJump = 1; - } - } - } - else { // no (de)interleaving - if ( stream_.userInterleaved ) { - for ( int k=0; k<stream_.convertInfo[mode].channels; k++ ) { - stream_.convertInfo[mode].inOffset.push_back( k ); - stream_.convertInfo[mode].outOffset.push_back( k ); - } - } - else { - for ( int k=0; k<stream_.convertInfo[mode].channels; k++ ) { - stream_.convertInfo[mode].inOffset.push_back( k * stream_.bufferSize ); - stream_.convertInfo[mode].outOffset.push_back( k * stream_.bufferSize ); - stream_.convertInfo[mode].inJump = 1; - stream_.convertInfo[mode].outJump = 1; - } - } - } - - // Add channel offset. - if ( firstChannel > 0 ) { - if ( stream_.deviceInterleaved[mode] ) { - if ( mode == OUTPUT ) { - for ( int k=0; k<stream_.convertInfo[mode].channels; k++ ) - stream_.convertInfo[mode].outOffset[k] += firstChannel; - } - else { - for ( int k=0; k<stream_.convertInfo[mode].channels; k++ ) - stream_.convertInfo[mode].inOffset[k] += firstChannel; - } - } - else { - if ( mode == OUTPUT ) { - for ( int k=0; k<stream_.convertInfo[mode].channels; k++ ) - stream_.convertInfo[mode].outOffset[k] += ( firstChannel * stream_.bufferSize ); - } - else { - for ( int k=0; k<stream_.convertInfo[mode].channels; k++ ) - stream_.convertInfo[mode].inOffset[k] += ( firstChannel * stream_.bufferSize ); - } - } - } -} - -void RtApi :: convertBuffer( char *outBuffer, char *inBuffer, ConvertInfo &info ) -{ - // This function does format conversion, input/output channel compensation, and - // data interleaving/deinterleaving. 24-bit integers are assumed to occupy - // the lower three bytes of a 32-bit integer. - - // Clear our device buffer when in/out duplex device channels are different - if ( outBuffer == stream_.deviceBuffer && stream_.mode == DUPLEX && - ( stream_.nDeviceChannels[0] < stream_.nDeviceChannels[1] ) ) - memset( outBuffer, 0, stream_.bufferSize * info.outJump * formatBytes( info.outFormat ) ); - - int j; - if (info.outFormat == RTAUDIO_FLOAT64) { - Float64 scale; - Float64 *out = (Float64 *)outBuffer; - - if (info.inFormat == RTAUDIO_SINT8) { - signed char *in = (signed char *)inBuffer; - scale = 1.0 / 127.5; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Float64) in[info.inOffset[j]]; - out[info.outOffset[j]] += 0.5; - out[info.outOffset[j]] *= scale; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT16) { - Int16 *in = (Int16 *)inBuffer; - scale = 1.0 / 32767.5; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Float64) in[info.inOffset[j]]; - out[info.outOffset[j]] += 0.5; - out[info.outOffset[j]] *= scale; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT24) { - Int24 *in = (Int24 *)inBuffer; - scale = 1.0 / 8388607.5; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Float64) (in[info.inOffset[j]].asInt()); - out[info.outOffset[j]] += 0.5; - out[info.outOffset[j]] *= scale; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT32) { - Int32 *in = (Int32 *)inBuffer; - scale = 1.0 / 2147483647.5; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Float64) in[info.inOffset[j]]; - out[info.outOffset[j]] += 0.5; - out[info.outOffset[j]] *= scale; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_FLOAT32) { - Float32 *in = (Float32 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Float64) in[info.inOffset[j]]; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_FLOAT64) { - // Channel compensation and/or (de)interleaving only. - Float64 *in = (Float64 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = in[info.inOffset[j]]; - } - in += info.inJump; - out += info.outJump; - } - } - } - else if (info.outFormat == RTAUDIO_FLOAT32) { - Float32 scale; - Float32 *out = (Float32 *)outBuffer; - - if (info.inFormat == RTAUDIO_SINT8) { - signed char *in = (signed char *)inBuffer; - scale = (Float32) ( 1.0 / 127.5 ); - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Float32) in[info.inOffset[j]]; - out[info.outOffset[j]] += 0.5; - out[info.outOffset[j]] *= scale; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT16) { - Int16 *in = (Int16 *)inBuffer; - scale = (Float32) ( 1.0 / 32767.5 ); - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Float32) in[info.inOffset[j]]; - out[info.outOffset[j]] += 0.5; - out[info.outOffset[j]] *= scale; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT24) { - Int24 *in = (Int24 *)inBuffer; - scale = (Float32) ( 1.0 / 8388607.5 ); - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Float32) (in[info.inOffset[j]].asInt()); - out[info.outOffset[j]] += 0.5; - out[info.outOffset[j]] *= scale; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT32) { - Int32 *in = (Int32 *)inBuffer; - scale = (Float32) ( 1.0 / 2147483647.5 ); - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Float32) in[info.inOffset[j]]; - out[info.outOffset[j]] += 0.5; - out[info.outOffset[j]] *= scale; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_FLOAT32) { - // Channel compensation and/or (de)interleaving only. - Float32 *in = (Float32 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = in[info.inOffset[j]]; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_FLOAT64) { - Float64 *in = (Float64 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Float32) in[info.inOffset[j]]; - } - in += info.inJump; - out += info.outJump; - } - } - } - else if (info.outFormat == RTAUDIO_SINT32) { - Int32 *out = (Int32 *)outBuffer; - if (info.inFormat == RTAUDIO_SINT8) { - signed char *in = (signed char *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int32) in[info.inOffset[j]]; - out[info.outOffset[j]] <<= 24; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT16) { - Int16 *in = (Int16 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int32) in[info.inOffset[j]]; - out[info.outOffset[j]] <<= 16; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT24) { - Int24 *in = (Int24 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int32) in[info.inOffset[j]].asInt(); - out[info.outOffset[j]] <<= 8; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT32) { - // Channel compensation and/or (de)interleaving only. - Int32 *in = (Int32 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = in[info.inOffset[j]]; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_FLOAT32) { - Float32 *in = (Float32 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int32) (in[info.inOffset[j]] * 2147483647.5 - 0.5); - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_FLOAT64) { - Float64 *in = (Float64 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int32) (in[info.inOffset[j]] * 2147483647.5 - 0.5); - } - in += info.inJump; - out += info.outJump; - } - } - } - else if (info.outFormat == RTAUDIO_SINT24) { - Int24 *out = (Int24 *)outBuffer; - if (info.inFormat == RTAUDIO_SINT8) { - signed char *in = (signed char *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int32) (in[info.inOffset[j]] << 16); - //out[info.outOffset[j]] <<= 16; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT16) { - Int16 *in = (Int16 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int32) (in[info.inOffset[j]] << 8); - //out[info.outOffset[j]] <<= 8; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT24) { - // Channel compensation and/or (de)interleaving only. - Int24 *in = (Int24 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = in[info.inOffset[j]]; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT32) { - Int32 *in = (Int32 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int32) (in[info.inOffset[j]] >> 8); - //out[info.outOffset[j]] >>= 8; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_FLOAT32) { - Float32 *in = (Float32 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int32) (in[info.inOffset[j]] * 8388607.5 - 0.5); - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_FLOAT64) { - Float64 *in = (Float64 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int32) (in[info.inOffset[j]] * 8388607.5 - 0.5); - } - in += info.inJump; - out += info.outJump; - } - } - } - else if (info.outFormat == RTAUDIO_SINT16) { - Int16 *out = (Int16 *)outBuffer; - if (info.inFormat == RTAUDIO_SINT8) { - signed char *in = (signed char *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int16) in[info.inOffset[j]]; - out[info.outOffset[j]] <<= 8; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT16) { - // Channel compensation and/or (de)interleaving only. - Int16 *in = (Int16 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = in[info.inOffset[j]]; - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT24) { - Int24 *in = (Int24 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int16) (in[info.inOffset[j]].asInt() >> 8); - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT32) { - Int32 *in = (Int32 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int16) ((in[info.inOffset[j]] >> 16) & 0x0000ffff); - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_FLOAT32) { - Float32 *in = (Float32 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int16) (in[info.inOffset[j]] * 32767.5 - 0.5); - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_FLOAT64) { - Float64 *in = (Float64 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (Int16) (in[info.inOffset[j]] * 32767.5 - 0.5); - } - in += info.inJump; - out += info.outJump; - } - } - } - else if (info.outFormat == RTAUDIO_SINT8) { - signed char *out = (signed char *)outBuffer; - if (info.inFormat == RTAUDIO_SINT8) { - // Channel compensation and/or (de)interleaving only. - signed char *in = (signed char *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = in[info.inOffset[j]]; - } - in += info.inJump; - out += info.outJump; - } - } - if (info.inFormat == RTAUDIO_SINT16) { - Int16 *in = (Int16 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (signed char) ((in[info.inOffset[j]] >> 8) & 0x00ff); - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT24) { - Int24 *in = (Int24 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (signed char) (in[info.inOffset[j]].asInt() >> 16); - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_SINT32) { - Int32 *in = (Int32 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (signed char) ((in[info.inOffset[j]] >> 24) & 0x000000ff); - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_FLOAT32) { - Float32 *in = (Float32 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (signed char) (in[info.inOffset[j]] * 127.5 - 0.5); - } - in += info.inJump; - out += info.outJump; - } - } - else if (info.inFormat == RTAUDIO_FLOAT64) { - Float64 *in = (Float64 *)inBuffer; - for (unsigned int i=0; i<stream_.bufferSize; i++) { - for (j=0; j<info.channels; j++) { - out[info.outOffset[j]] = (signed char) (in[info.inOffset[j]] * 127.5 - 0.5); - } - in += info.inJump; - out += info.outJump; - } - } - } -} - -//static inline uint16_t bswap_16(uint16_t x) { return (x>>8) | (x<<8); } -//static inline uint32_t bswap_32(uint32_t x) { return (bswap_16(x&0xffff)<<16) | (bswap_16(x>>16)); } -//static inline uint64_t bswap_64(uint64_t x) { return (((unsigned long long)bswap_32(x&0xffffffffull))<<32) | (bswap_32(x>>32)); } - -void RtApi :: byteSwapBuffer( char *buffer, unsigned int samples, RtAudioFormat format ) -{ - char val; - char *ptr; - - ptr = buffer; - if ( format == RTAUDIO_SINT16 ) { - for ( unsigned int i=0; i<samples; i++ ) { - // Swap 1st and 2nd bytes. - val = *(ptr); - *(ptr) = *(ptr+1); - *(ptr+1) = val; - - // Increment 2 bytes. - ptr += 2; - } - } - else if ( format == RTAUDIO_SINT32 || - format == RTAUDIO_FLOAT32 ) { - for ( unsigned int i=0; i<samples; i++ ) { - // Swap 1st and 4th bytes. - val = *(ptr); - *(ptr) = *(ptr+3); - *(ptr+3) = val; - - // Swap 2nd and 3rd bytes. - ptr += 1; - val = *(ptr); - *(ptr) = *(ptr+1); - *(ptr+1) = val; - - // Increment 3 more bytes. - ptr += 3; - } - } - else if ( format == RTAUDIO_SINT24 ) { - for ( unsigned int i=0; i<samples; i++ ) { - // Swap 1st and 3rd bytes. - val = *(ptr); - *(ptr) = *(ptr+2); - *(ptr+2) = val; - - // Increment 2 more bytes. - ptr += 2; - } - } - else if ( format == RTAUDIO_FLOAT64 ) { - for ( unsigned int i=0; i<samples; i++ ) { - // Swap 1st and 8th bytes - val = *(ptr); - *(ptr) = *(ptr+7); - *(ptr+7) = val; - - // Swap 2nd and 7th bytes - ptr += 1; - val = *(ptr); - *(ptr) = *(ptr+5); - *(ptr+5) = val; - - // Swap 3rd and 6th bytes - ptr += 1; - val = *(ptr); - *(ptr) = *(ptr+3); - *(ptr+3) = val; - - // Swap 4th and 5th bytes - ptr += 1; - val = *(ptr); - *(ptr) = *(ptr+1); - *(ptr+1) = val; - - // Increment 5 more bytes. - ptr += 5; - } - } -} - - // Indentation settings for Vim and Emacs - // - // Local Variables: - // c-basic-offset: 2 - // indent-tabs-mode: nil - // End: - // - // vim: et sts=2 sw=2 - -#endif // RTAUDIO_ENABLED -GODOT- diff --git a/thirdparty/rtaudio/RtAudio.h b/thirdparty/rtaudio/RtAudio.h deleted file mode 100644 index aab109d907..0000000000 --- a/thirdparty/rtaudio/RtAudio.h +++ /dev/null @@ -1,1183 +0,0 @@ -// -GODOT- Start - -#ifdef RTAUDIO_ENABLED - -#if defined(OSX_ENABLED) - #define __MACOSX_CORE__ -#elif defined(UNIX_ENABLED) - #define __LINUX_ALSA__ -#elif defined(WINDOWS_ENABLED) - #if defined(UWP_ENABLED) - #define __RTAUDIO_DUMMY__ - #else - #define __WINDOWS_DS__ - #endif -#endif - -// -GODOT- End - -/************************************************************************/ -/*! \class RtAudio - \brief Realtime audio i/o C++ classes. - - RtAudio provides a common API (Application Programming Interface) - for realtime audio input/output across Linux (native ALSA, Jack, - and OSS), Macintosh OS X (CoreAudio and Jack), and Windows - (DirectSound, ASIO and WASAPI) operating systems. - - RtAudio WWW site: http://www.music.mcgill.ca/~gary/rtaudio/ - - RtAudio: realtime audio i/o C++ classes - Copyright (c) 2001-2016 Gary P. Scavone - - Permission is hereby granted, free of charge, to any person - obtaining a copy of this software and associated documentation files - (the "Software"), to deal in the Software without restriction, - including without limitation the rights to use, copy, modify, merge, - publish, distribute, sublicense, and/or sell copies of the Software, - and to permit persons to whom the Software is furnished to do so, - subject to the following conditions: - - The above copyright notice and this permission notice shall be - included in all copies or substantial portions of the Software. - - Any person wishing to distribute modifications to the Software is - asked to send the modifications to the original developer so that - they can be incorporated into the canonical version. This is, - however, not a binding provision of this license. - - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, - EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF - MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. - IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR - ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF - CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION - WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -*/ -/************************************************************************/ - -/*! - \file RtAudio.h - */ - -#ifndef __RTAUDIO_H -#define __RTAUDIO_H - -#define RTAUDIO_VERSION "4.1.2" - -#include <string> -#include <vector> -#include <exception> -#include <iostream> - -/*! \typedef typedef unsigned long RtAudioFormat; - \brief RtAudio data format type. - - Support for signed integers and floats. Audio data fed to/from an - RtAudio stream is assumed to ALWAYS be in host byte order. The - internal routines will automatically take care of any necessary - byte-swapping between the host format and the soundcard. Thus, - endian-ness is not a concern in the following format definitions. - - - \e RTAUDIO_SINT8: 8-bit signed integer. - - \e RTAUDIO_SINT16: 16-bit signed integer. - - \e RTAUDIO_SINT24: 24-bit signed integer. - - \e RTAUDIO_SINT32: 32-bit signed integer. - - \e RTAUDIO_FLOAT32: Normalized between plus/minus 1.0. - - \e RTAUDIO_FLOAT64: Normalized between plus/minus 1.0. -*/ -typedef unsigned long RtAudioFormat; -static const RtAudioFormat RTAUDIO_SINT8 = 0x1; // 8-bit signed integer. -static const RtAudioFormat RTAUDIO_SINT16 = 0x2; // 16-bit signed integer. -static const RtAudioFormat RTAUDIO_SINT24 = 0x4; // 24-bit signed integer. -static const RtAudioFormat RTAUDIO_SINT32 = 0x8; // 32-bit signed integer. -static const RtAudioFormat RTAUDIO_FLOAT32 = 0x10; // Normalized between plus/minus 1.0. -static const RtAudioFormat RTAUDIO_FLOAT64 = 0x20; // Normalized between plus/minus 1.0. - -/*! \typedef typedef unsigned long RtAudioStreamFlags; - \brief RtAudio stream option flags. - - The following flags can be OR'ed together to allow a client to - make changes to the default stream behavior: - - - \e RTAUDIO_NONINTERLEAVED: Use non-interleaved buffers (default = interleaved). - - \e RTAUDIO_MINIMIZE_LATENCY: Attempt to set stream parameters for lowest possible latency. - - \e RTAUDIO_HOG_DEVICE: Attempt grab device for exclusive use. - - \e RTAUDIO_ALSA_USE_DEFAULT: Use the "default" PCM device (ALSA only). - - By default, RtAudio streams pass and receive audio data from the - client in an interleaved format. By passing the - RTAUDIO_NONINTERLEAVED flag to the openStream() function, audio - data will instead be presented in non-interleaved buffers. In - this case, each buffer argument in the RtAudioCallback function - will point to a single array of data, with \c nFrames samples for - each channel concatenated back-to-back. For example, the first - sample of data for the second channel would be located at index \c - nFrames (assuming the \c buffer pointer was recast to the correct - data type for the stream). - - Certain audio APIs offer a number of parameters that influence the - I/O latency of a stream. By default, RtAudio will attempt to set - these parameters internally for robust (glitch-free) performance - (though some APIs, like Windows Direct Sound, make this difficult). - By passing the RTAUDIO_MINIMIZE_LATENCY flag to the openStream() - function, internal stream settings will be influenced in an attempt - to minimize stream latency, though possibly at the expense of stream - performance. - - If the RTAUDIO_HOG_DEVICE flag is set, RtAudio will attempt to - open the input and/or output stream device(s) for exclusive use. - Note that this is not possible with all supported audio APIs. - - If the RTAUDIO_SCHEDULE_REALTIME flag is set, RtAudio will attempt - to select realtime scheduling (round-robin) for the callback thread. - - If the RTAUDIO_ALSA_USE_DEFAULT flag is set, RtAudio will attempt to - open the "default" PCM device when using the ALSA API. Note that this - will override any specified input or output device id. -*/ -typedef unsigned int RtAudioStreamFlags; -static const RtAudioStreamFlags RTAUDIO_NONINTERLEAVED = 0x1; // Use non-interleaved buffers (default = interleaved). -static const RtAudioStreamFlags RTAUDIO_MINIMIZE_LATENCY = 0x2; // Attempt to set stream parameters for lowest possible latency. -static const RtAudioStreamFlags RTAUDIO_HOG_DEVICE = 0x4; // Attempt grab device and prevent use by others. -static const RtAudioStreamFlags RTAUDIO_SCHEDULE_REALTIME = 0x8; // Try to select realtime scheduling for callback thread. -static const RtAudioStreamFlags RTAUDIO_ALSA_USE_DEFAULT = 0x10; // Use the "default" PCM device (ALSA only). - -/*! \typedef typedef unsigned long RtAudioStreamStatus; - \brief RtAudio stream status (over- or underflow) flags. - - Notification of a stream over- or underflow is indicated by a - non-zero stream \c status argument in the RtAudioCallback function. - The stream status can be one of the following two options, - depending on whether the stream is open for output and/or input: - - - \e RTAUDIO_INPUT_OVERFLOW: Input data was discarded because of an overflow condition at the driver. - - \e RTAUDIO_OUTPUT_UNDERFLOW: The output buffer ran low, likely producing a break in the output sound. -*/ -typedef unsigned int RtAudioStreamStatus; -static const RtAudioStreamStatus RTAUDIO_INPUT_OVERFLOW = 0x1; // Input data was discarded because of an overflow condition at the driver. -static const RtAudioStreamStatus RTAUDIO_OUTPUT_UNDERFLOW = 0x2; // The output buffer ran low, likely causing a gap in the output sound. - -//! RtAudio callback function prototype. -/*! - All RtAudio clients must create a function of type RtAudioCallback - to read and/or write data from/to the audio stream. When the - underlying audio system is ready for new input or output data, this - function will be invoked. - - \param outputBuffer For output (or duplex) streams, the client - should write \c nFrames of audio sample frames into this - buffer. This argument should be recast to the datatype - specified when the stream was opened. For input-only - streams, this argument will be NULL. - - \param inputBuffer For input (or duplex) streams, this buffer will - hold \c nFrames of input audio sample frames. This - argument should be recast to the datatype specified when the - stream was opened. For output-only streams, this argument - will be NULL. - - \param nFrames The number of sample frames of input or output - data in the buffers. The actual buffer size in bytes is - dependent on the data type and number of channels in use. - - \param streamTime The number of seconds that have elapsed since the - stream was started. - - \param status If non-zero, this argument indicates a data overflow - or underflow condition for the stream. The particular - condition can be determined by comparison with the - RtAudioStreamStatus flags. - - \param userData A pointer to optional data provided by the client - when opening the stream (default = NULL). - - To continue normal stream operation, the RtAudioCallback function - should return a value of zero. To stop the stream and drain the - output buffer, the function should return a value of one. To abort - the stream immediately, the client should return a value of two. - */ -typedef int (*RtAudioCallback)( void *outputBuffer, void *inputBuffer, - unsigned int nFrames, - double streamTime, - RtAudioStreamStatus status, - void *userData ); - -/************************************************************************/ -/*! \class RtAudioError - \brief Exception handling class for RtAudio. - - The RtAudioError class is quite simple but it does allow errors to be - "caught" by RtAudioError::Type. See the RtAudio documentation to know - which methods can throw an RtAudioError. -*/ -/************************************************************************/ - -class RtAudioError : public std::exception -{ - public: - //! Defined RtAudioError types. - enum Type { - WARNING, /*!< A non-critical error. */ - DEBUG_WARNING, /*!< A non-critical error which might be useful for debugging. */ - UNSPECIFIED, /*!< The default, unspecified error type. */ - NO_DEVICES_FOUND, /*!< No devices found on system. */ - INVALID_DEVICE, /*!< An invalid device ID was specified. */ - MEMORY_ERROR, /*!< An error occured during memory allocation. */ - INVALID_PARAMETER, /*!< An invalid parameter was specified to a function. */ - INVALID_USE, /*!< The function was called incorrectly. */ - DRIVER_ERROR, /*!< A system driver error occured. */ - SYSTEM_ERROR, /*!< A system error occured. */ - THREAD_ERROR /*!< A thread error occured. */ - }; - - //! The constructor. - RtAudioError( const std::string& message, Type type = RtAudioError::UNSPECIFIED ) throw() : message_(message), type_(type) {} - - //! The destructor. - virtual ~RtAudioError( void ) throw() {} - - //! Prints thrown error message to stderr. - virtual void printMessage( void ) const throw() { std::cerr << '\n' << message_ << "\n\n"; } - - //! Returns the thrown error message type. - virtual const Type& getType(void) const throw() { return type_; } - - //! Returns the thrown error message string. - virtual const std::string& getMessage(void) const throw() { return message_; } - - //! Returns the thrown error message as a c-style string. - virtual const char* what( void ) const throw() { return message_.c_str(); } - - protected: - std::string message_; - Type type_; -}; - -//! RtAudio error callback function prototype. -/*! - \param type Type of error. - \param errorText Error description. - */ -typedef void (*RtAudioErrorCallback)( RtAudioError::Type type, const std::string &errorText ); - -// **************************************************************** // -// -// RtAudio class declaration. -// -// RtAudio is a "controller" used to select an available audio i/o -// interface. It presents a common API for the user to call but all -// functionality is implemented by the class RtApi and its -// subclasses. RtAudio creates an instance of an RtApi subclass -// based on the user's API choice. If no choice is made, RtAudio -// attempts to make a "logical" API selection. -// -// **************************************************************** // - -class RtApi; - -class RtAudio -{ - public: - - //! Audio API specifier arguments. - enum Api { - UNSPECIFIED, /*!< Search for a working compiled API. */ - LINUX_ALSA, /*!< The Advanced Linux Sound Architecture API. */ - LINUX_PULSE, /*!< The Linux PulseAudio API. */ - LINUX_OSS, /*!< The Linux Open Sound System API. */ - UNIX_JACK, /*!< The Jack Low-Latency Audio Server API. */ - MACOSX_CORE, /*!< Macintosh OS-X Core Audio API. */ - WINDOWS_WASAPI, /*!< The Microsoft WASAPI API. */ - WINDOWS_ASIO, /*!< The Steinberg Audio Stream I/O API. */ - WINDOWS_DS, /*!< The Microsoft Direct Sound API. */ - RTAUDIO_DUMMY /*!< A compilable but non-functional API. */ - }; - - //! The public device information structure for returning queried values. - struct DeviceInfo { - bool probed; /*!< true if the device capabilities were successfully probed. */ - std::string name; /*!< Character string device identifier. */ - unsigned int outputChannels; /*!< Maximum output channels supported by device. */ - unsigned int inputChannels; /*!< Maximum input channels supported by device. */ - unsigned int duplexChannels; /*!< Maximum simultaneous input/output channels supported by device. */ - bool isDefaultOutput; /*!< true if this is the default output device. */ - bool isDefaultInput; /*!< true if this is the default input device. */ - std::vector<unsigned int> sampleRates; /*!< Supported sample rates (queried from list of standard rates). */ - unsigned int preferredSampleRate; /*!< Preferred sample rate, eg. for WASAPI the system sample rate. */ - RtAudioFormat nativeFormats; /*!< Bit mask of supported data formats. */ - - // Default constructor. - DeviceInfo() - :probed(false), outputChannels(0), inputChannels(0), duplexChannels(0), - isDefaultOutput(false), isDefaultInput(false), preferredSampleRate(0), nativeFormats(0) {} - }; - - //! The structure for specifying input or ouput stream parameters. - struct StreamParameters { - unsigned int deviceId; /*!< Device index (0 to getDeviceCount() - 1). */ - unsigned int nChannels; /*!< Number of channels. */ - unsigned int firstChannel; /*!< First channel index on device (default = 0). */ - - // Default constructor. - StreamParameters() - : deviceId(0), nChannels(0), firstChannel(0) {} - }; - - //! The structure for specifying stream options. - /*! - The following flags can be OR'ed together to allow a client to - make changes to the default stream behavior: - - - \e RTAUDIO_NONINTERLEAVED: Use non-interleaved buffers (default = interleaved). - - \e RTAUDIO_MINIMIZE_LATENCY: Attempt to set stream parameters for lowest possible latency. - - \e RTAUDIO_HOG_DEVICE: Attempt grab device for exclusive use. - - \e RTAUDIO_SCHEDULE_REALTIME: Attempt to select realtime scheduling for callback thread. - - \e RTAUDIO_ALSA_USE_DEFAULT: Use the "default" PCM device (ALSA only). - - By default, RtAudio streams pass and receive audio data from the - client in an interleaved format. By passing the - RTAUDIO_NONINTERLEAVED flag to the openStream() function, audio - data will instead be presented in non-interleaved buffers. In - this case, each buffer argument in the RtAudioCallback function - will point to a single array of data, with \c nFrames samples for - each channel concatenated back-to-back. For example, the first - sample of data for the second channel would be located at index \c - nFrames (assuming the \c buffer pointer was recast to the correct - data type for the stream). - - Certain audio APIs offer a number of parameters that influence the - I/O latency of a stream. By default, RtAudio will attempt to set - these parameters internally for robust (glitch-free) performance - (though some APIs, like Windows Direct Sound, make this difficult). - By passing the RTAUDIO_MINIMIZE_LATENCY flag to the openStream() - function, internal stream settings will be influenced in an attempt - to minimize stream latency, though possibly at the expense of stream - performance. - - If the RTAUDIO_HOG_DEVICE flag is set, RtAudio will attempt to - open the input and/or output stream device(s) for exclusive use. - Note that this is not possible with all supported audio APIs. - - If the RTAUDIO_SCHEDULE_REALTIME flag is set, RtAudio will attempt - to select realtime scheduling (round-robin) for the callback thread. - The \c priority parameter will only be used if the RTAUDIO_SCHEDULE_REALTIME - flag is set. It defines the thread's realtime priority. - - If the RTAUDIO_ALSA_USE_DEFAULT flag is set, RtAudio will attempt to - open the "default" PCM device when using the ALSA API. Note that this - will override any specified input or output device id. - - The \c numberOfBuffers parameter can be used to control stream - latency in the Windows DirectSound, Linux OSS, and Linux Alsa APIs - only. A value of two is usually the smallest allowed. Larger - numbers can potentially result in more robust stream performance, - though likely at the cost of stream latency. The value set by the - user is replaced during execution of the RtAudio::openStream() - function by the value actually used by the system. - - The \c streamName parameter can be used to set the client name - when using the Jack API. By default, the client name is set to - RtApiJack. However, if you wish to create multiple instances of - RtAudio with Jack, each instance must have a unique client name. - */ - struct StreamOptions { - RtAudioStreamFlags flags; /*!< A bit-mask of stream flags (RTAUDIO_NONINTERLEAVED, RTAUDIO_MINIMIZE_LATENCY, RTAUDIO_HOG_DEVICE, RTAUDIO_ALSA_USE_DEFAULT). */ - unsigned int numberOfBuffers; /*!< Number of stream buffers. */ - std::string streamName; /*!< A stream name (currently used only in Jack). */ - int priority; /*!< Scheduling priority of callback thread (only used with flag RTAUDIO_SCHEDULE_REALTIME). */ - - // Default constructor. - StreamOptions() - : flags(0), numberOfBuffers(0), priority(0) {} - }; - - //! A static function to determine the current RtAudio version. - static std::string getVersion( void ) throw(); - - //! A static function to determine the available compiled audio APIs. - /*! - The values returned in the std::vector can be compared against - the enumerated list values. Note that there can be more than one - API compiled for certain operating systems. - */ - static void getCompiledApi( std::vector<RtAudio::Api> &apis ) throw(); - - //! The class constructor. - /*! - The constructor performs minor initialization tasks. An exception - can be thrown if no API support is compiled. - - If no API argument is specified and multiple API support has been - compiled, the default order of use is JACK, ALSA, OSS (Linux - systems) and ASIO, DS (Windows systems). - */ - RtAudio( RtAudio::Api api=UNSPECIFIED ); - - //! The destructor. - /*! - If a stream is running or open, it will be stopped and closed - automatically. - */ - ~RtAudio() throw(); - - //! Returns the audio API specifier for the current instance of RtAudio. - RtAudio::Api getCurrentApi( void ) throw(); - - //! A public function that queries for the number of audio devices available. - /*! - This function performs a system query of available devices each time it - is called, thus supporting devices connected \e after instantiation. If - a system error occurs during processing, a warning will be issued. - */ - unsigned int getDeviceCount( void ) throw(); - - //! Return an RtAudio::DeviceInfo structure for a specified device number. - /*! - - Any device integer between 0 and getDeviceCount() - 1 is valid. - If an invalid argument is provided, an RtAudioError (type = INVALID_USE) - will be thrown. If a device is busy or otherwise unavailable, the - structure member "probed" will have a value of "false" and all - other members are undefined. If the specified device is the - current default input or output device, the corresponding - "isDefault" member will have a value of "true". - */ - RtAudio::DeviceInfo getDeviceInfo( unsigned int device ); - - //! A function that returns the index of the default output device. - /*! - If the underlying audio API does not provide a "default - device", or if no devices are available, the return value will be - 0. Note that this is a valid device identifier and it is the - client's responsibility to verify that a device is available - before attempting to open a stream. - */ - unsigned int getDefaultOutputDevice( void ) throw(); - - //! A function that returns the index of the default input device. - /*! - If the underlying audio API does not provide a "default - device", or if no devices are available, the return value will be - 0. Note that this is a valid device identifier and it is the - client's responsibility to verify that a device is available - before attempting to open a stream. - */ - unsigned int getDefaultInputDevice( void ) throw(); - - //! A public function for opening a stream with the specified parameters. - /*! - An RtAudioError (type = SYSTEM_ERROR) is thrown if a stream cannot be - opened with the specified parameters or an error occurs during - processing. An RtAudioError (type = INVALID_USE) is thrown if any - invalid device ID or channel number parameters are specified. - - \param outputParameters Specifies output stream parameters to use - when opening a stream, including a device ID, number of channels, - and starting channel number. For input-only streams, this - argument should be NULL. The device ID is an index value between - 0 and getDeviceCount() - 1. - \param inputParameters Specifies input stream parameters to use - when opening a stream, including a device ID, number of channels, - and starting channel number. For output-only streams, this - argument should be NULL. The device ID is an index value between - 0 and getDeviceCount() - 1. - \param format An RtAudioFormat specifying the desired sample data format. - \param sampleRate The desired sample rate (sample frames per second). - \param *bufferFrames A pointer to a value indicating the desired - internal buffer size in sample frames. The actual value - used by the device is returned via the same pointer. A - value of zero can be specified, in which case the lowest - allowable value is determined. - \param callback A client-defined function that will be invoked - when input data is available and/or output data is needed. - \param userData An optional pointer to data that can be accessed - from within the callback function. - \param options An optional pointer to a structure containing various - global stream options, including a list of OR'ed RtAudioStreamFlags - and a suggested number of stream buffers that can be used to - control stream latency. More buffers typically result in more - robust performance, though at a cost of greater latency. If a - value of zero is specified, a system-specific median value is - chosen. If the RTAUDIO_MINIMIZE_LATENCY flag bit is set, the - lowest allowable value is used. The actual value used is - returned via the structure argument. The parameter is API dependent. - \param errorCallback A client-defined function that will be invoked - when an error has occured. - */ - void openStream( RtAudio::StreamParameters *outputParameters, - RtAudio::StreamParameters *inputParameters, - RtAudioFormat format, unsigned int sampleRate, - unsigned int *bufferFrames, RtAudioCallback callback, - void *userData = NULL, RtAudio::StreamOptions *options = NULL, RtAudioErrorCallback errorCallback = NULL ); - - //! A function that closes a stream and frees any associated stream memory. - /*! - If a stream is not open, this function issues a warning and - returns (no exception is thrown). - */ - void closeStream( void ) throw(); - - //! A function that starts a stream. - /*! - An RtAudioError (type = SYSTEM_ERROR) is thrown if an error occurs - during processing. An RtAudioError (type = INVALID_USE) is thrown if a - stream is not open. A warning is issued if the stream is already - running. - */ - void startStream( void ); - - //! Stop a stream, allowing any samples remaining in the output queue to be played. - /*! - An RtAudioError (type = SYSTEM_ERROR) is thrown if an error occurs - during processing. An RtAudioError (type = INVALID_USE) is thrown if a - stream is not open. A warning is issued if the stream is already - stopped. - */ - void stopStream( void ); - - //! Stop a stream, discarding any samples remaining in the input/output queue. - /*! - An RtAudioError (type = SYSTEM_ERROR) is thrown if an error occurs - during processing. An RtAudioError (type = INVALID_USE) is thrown if a - stream is not open. A warning is issued if the stream is already - stopped. - */ - void abortStream( void ); - - //! Returns true if a stream is open and false if not. - bool isStreamOpen( void ) const throw(); - - //! Returns true if the stream is running and false if it is stopped or not open. - bool isStreamRunning( void ) const throw(); - - //! Returns the number of elapsed seconds since the stream was started. - /*! - If a stream is not open, an RtAudioError (type = INVALID_USE) will be thrown. - */ - double getStreamTime( void ); - - //! Set the stream time to a time in seconds greater than or equal to 0.0. - /*! - If a stream is not open, an RtAudioError (type = INVALID_USE) will be thrown. - */ - void setStreamTime( double time ); - - //! Returns the internal stream latency in sample frames. - /*! - The stream latency refers to delay in audio input and/or output - caused by internal buffering by the audio system and/or hardware. - For duplex streams, the returned value will represent the sum of - the input and output latencies. If a stream is not open, an - RtAudioError (type = INVALID_USE) will be thrown. If the API does not - report latency, the return value will be zero. - */ - long getStreamLatency( void ); - - //! Returns actual sample rate in use by the stream. - /*! - On some systems, the sample rate used may be slightly different - than that specified in the stream parameters. If a stream is not - open, an RtAudioError (type = INVALID_USE) will be thrown. - */ - unsigned int getStreamSampleRate( void ); - - //! Specify whether warning messages should be printed to stderr. - void showWarnings( bool value = true ) throw(); - - protected: - - void openRtApi( RtAudio::Api api ); - RtApi *rtapi_; -}; - -// Operating system dependent thread functionality. -#if defined(__WINDOWS_DS__) || defined(__WINDOWS_ASIO__) || defined(__WINDOWS_WASAPI__) - - #ifndef NOMINMAX - #define NOMINMAX - #endif - #include <windows.h> - #include <process.h> - - typedef uintptr_t ThreadHandle; - typedef CRITICAL_SECTION StreamMutex; - -#elif defined(__LINUX_ALSA__) || defined(__LINUX_PULSE__) || defined(__UNIX_JACK__) || defined(__LINUX_OSS__) || defined(__MACOSX_CORE__) - // Using pthread library for various flavors of unix. - #include <pthread.h> - - typedef pthread_t ThreadHandle; - typedef pthread_mutex_t StreamMutex; - -#else // Setup for "dummy" behavior - - #define __RTAUDIO_DUMMY__ - typedef int ThreadHandle; - typedef int StreamMutex; - -#endif - -// This global structure type is used to pass callback information -// between the private RtAudio stream structure and global callback -// handling functions. -struct CallbackInfo { - void *object; // Used as a "this" pointer. - ThreadHandle thread; - void *callback; - void *userData; - void *errorCallback; - void *apiInfo; // void pointer for API specific callback information - bool isRunning; - bool doRealtime; - int priority; - - // Default constructor. - CallbackInfo() - :object(0), callback(0), userData(0), errorCallback(0), apiInfo(0), isRunning(false), doRealtime(false) {} -}; - -// **************************************************************** // -// -// RtApi class declaration. -// -// Subclasses of RtApi contain all API- and OS-specific code necessary -// to fully implement the RtAudio API. -// -// Note that RtApi is an abstract base class and cannot be -// explicitly instantiated. The class RtAudio will create an -// instance of an RtApi subclass (RtApiOss, RtApiAlsa, -// RtApiJack, RtApiCore, RtApiDs, or RtApiAsio). -// -// **************************************************************** // - -#pragma pack(push, 1) -class S24 { - - protected: - unsigned char c3[3]; - - public: - S24() {} - - S24& operator = ( const int& i ) { - c3[0] = (i & 0x000000ff); - c3[1] = (i & 0x0000ff00) >> 8; - c3[2] = (i & 0x00ff0000) >> 16; - return *this; - } - - S24( const S24& v ) { *this = v; } - S24( const double& d ) { *this = (int) d; } - S24( const float& f ) { *this = (int) f; } - S24( const signed short& s ) { *this = (int) s; } - S24( const char& c ) { *this = (int) c; } - - int asInt() { - int i = c3[0] | (c3[1] << 8) | (c3[2] << 16); - if (i & 0x800000) i |= ~0xffffff; - return i; - } -}; -#pragma pack(pop) - -#if defined( HAVE_GETTIMEOFDAY ) - #include <sys/time.h> -#endif - -#include <sstream> - -class RtApi -{ -public: - - RtApi(); - virtual ~RtApi(); - virtual RtAudio::Api getCurrentApi( void ) = 0; - virtual unsigned int getDeviceCount( void ) = 0; - virtual RtAudio::DeviceInfo getDeviceInfo( unsigned int device ) = 0; - virtual unsigned int getDefaultInputDevice( void ); - virtual unsigned int getDefaultOutputDevice( void ); - void openStream( RtAudio::StreamParameters *outputParameters, - RtAudio::StreamParameters *inputParameters, - RtAudioFormat format, unsigned int sampleRate, - unsigned int *bufferFrames, RtAudioCallback callback, - void *userData, RtAudio::StreamOptions *options, - RtAudioErrorCallback errorCallback ); - virtual void closeStream( void ); - virtual void startStream( void ) = 0; - virtual void stopStream( void ) = 0; - virtual void abortStream( void ) = 0; - long getStreamLatency( void ); - unsigned int getStreamSampleRate( void ); - virtual double getStreamTime( void ); - virtual void setStreamTime( double time ); - bool isStreamOpen( void ) const { return stream_.state != STREAM_CLOSED; } - bool isStreamRunning( void ) const { return stream_.state == STREAM_RUNNING; } - void showWarnings( bool value ) { showWarnings_ = value; } - - -protected: - - static const unsigned int MAX_SAMPLE_RATES; - static const unsigned int SAMPLE_RATES[]; - - enum { FAILURE, SUCCESS }; - - enum StreamState { - STREAM_STOPPED, - STREAM_STOPPING, - STREAM_RUNNING, - STREAM_CLOSED = -50 - }; - - enum StreamMode { - OUTPUT, - INPUT, - DUPLEX, - UNINITIALIZED = -75 - }; - - // A protected structure used for buffer conversion. - struct ConvertInfo { - int channels; - int inJump, outJump; - RtAudioFormat inFormat, outFormat; - std::vector<int> inOffset; - std::vector<int> outOffset; - }; - - // A protected structure for audio streams. - struct RtApiStream { - unsigned int device[2]; // Playback and record, respectively. - void *apiHandle; // void pointer for API specific stream handle information - StreamMode mode; // OUTPUT, INPUT, or DUPLEX. - StreamState state; // STOPPED, RUNNING, or CLOSED - char *userBuffer[2]; // Playback and record, respectively. - char *deviceBuffer; - bool doConvertBuffer[2]; // Playback and record, respectively. - bool userInterleaved; - bool deviceInterleaved[2]; // Playback and record, respectively. - bool doByteSwap[2]; // Playback and record, respectively. - unsigned int sampleRate; - unsigned int bufferSize; - unsigned int nBuffers; - unsigned int nUserChannels[2]; // Playback and record, respectively. - unsigned int nDeviceChannels[2]; // Playback and record channels, respectively. - unsigned int channelOffset[2]; // Playback and record, respectively. - unsigned long latency[2]; // Playback and record, respectively. - RtAudioFormat userFormat; - RtAudioFormat deviceFormat[2]; // Playback and record, respectively. - StreamMutex mutex; - CallbackInfo callbackInfo; - ConvertInfo convertInfo[2]; - double streamTime; // Number of elapsed seconds since the stream started. - -#if defined(HAVE_GETTIMEOFDAY) - struct timeval lastTickTimestamp; -#endif - - RtApiStream() - :apiHandle(0), deviceBuffer(0) { device[0] = 11111; device[1] = 11111; } - }; - - typedef S24 Int24; - typedef signed short Int16; - typedef signed int Int32; - typedef float Float32; - typedef double Float64; - - std::ostringstream errorStream_; - std::string errorText_; - bool showWarnings_; - RtApiStream stream_; - bool firstErrorOccurred_; - - /*! - Protected, api-specific method that attempts to open a device - with the given parameters. This function MUST be implemented by - all subclasses. If an error is encountered during the probe, a - "warning" message is reported and FAILURE is returned. A - successful probe is indicated by a return value of SUCCESS. - */ - virtual bool probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ); - - //! A protected function used to increment the stream time. - void tickStreamTime( void ); - - //! Protected common method to clear an RtApiStream structure. - void clearStreamInfo(); - - /*! - Protected common method that throws an RtAudioError (type = - INVALID_USE) if a stream is not open. - */ - void verifyStream( void ); - - //! Protected common error method to allow global control over error handling. - void error( RtAudioError::Type type ); - - /*! - Protected method used to perform format, channel number, and/or interleaving - conversions between the user and device buffers. - */ - void convertBuffer( char *outBuffer, char *inBuffer, ConvertInfo &info ); - - //! Protected common method used to perform byte-swapping on buffers. - void byteSwapBuffer( char *buffer, unsigned int samples, RtAudioFormat format ); - - //! Protected common method that returns the number of bytes for a given format. - unsigned int formatBytes( RtAudioFormat format ); - - //! Protected common method that sets up the parameters for buffer conversion. - void setConvertInfo( StreamMode mode, unsigned int firstChannel ); -}; - -// **************************************************************** // -// -// Inline RtAudio definitions. -// -// **************************************************************** // - -inline RtAudio::Api RtAudio :: getCurrentApi( void ) throw() { return rtapi_->getCurrentApi(); } -inline unsigned int RtAudio :: getDeviceCount( void ) throw() { return rtapi_->getDeviceCount(); } -inline RtAudio::DeviceInfo RtAudio :: getDeviceInfo( unsigned int device ) { return rtapi_->getDeviceInfo( device ); } -inline unsigned int RtAudio :: getDefaultInputDevice( void ) throw() { return rtapi_->getDefaultInputDevice(); } -inline unsigned int RtAudio :: getDefaultOutputDevice( void ) throw() { return rtapi_->getDefaultOutputDevice(); } -inline void RtAudio :: closeStream( void ) throw() { return rtapi_->closeStream(); } -inline void RtAudio :: startStream( void ) { return rtapi_->startStream(); } -inline void RtAudio :: stopStream( void ) { return rtapi_->stopStream(); } -inline void RtAudio :: abortStream( void ) { return rtapi_->abortStream(); } -inline bool RtAudio :: isStreamOpen( void ) const throw() { return rtapi_->isStreamOpen(); } -inline bool RtAudio :: isStreamRunning( void ) const throw() { return rtapi_->isStreamRunning(); } -inline long RtAudio :: getStreamLatency( void ) { return rtapi_->getStreamLatency(); } -inline unsigned int RtAudio :: getStreamSampleRate( void ) { return rtapi_->getStreamSampleRate(); } -inline double RtAudio :: getStreamTime( void ) { return rtapi_->getStreamTime(); } -inline void RtAudio :: setStreamTime( double time ) { return rtapi_->setStreamTime( time ); } -inline void RtAudio :: showWarnings( bool value ) throw() { rtapi_->showWarnings( value ); } - -// RtApi Subclass prototypes. - -#if defined(__MACOSX_CORE__) - -#include <CoreAudio/AudioHardware.h> - -class RtApiCore: public RtApi -{ -public: - - RtApiCore(); - ~RtApiCore(); - RtAudio::Api getCurrentApi( void ) { return RtAudio::MACOSX_CORE; } - unsigned int getDeviceCount( void ); - RtAudio::DeviceInfo getDeviceInfo( unsigned int device ); - unsigned int getDefaultOutputDevice( void ); - unsigned int getDefaultInputDevice( void ); - void closeStream( void ); - void startStream( void ); - void stopStream( void ); - void abortStream( void ); - long getStreamLatency( void ); - - // This function is intended for internal use only. It must be - // public because it is called by the internal callback handler, - // which is not a member of RtAudio. External use of this function - // will most likely produce highly undesireable results! - bool callbackEvent( AudioDeviceID deviceId, - const AudioBufferList *inBufferList, - const AudioBufferList *outBufferList ); - - private: - - bool probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ); - static const char* getErrorCode( OSStatus code ); -}; - -#endif - -#if defined(__UNIX_JACK__) - -class RtApiJack: public RtApi -{ -public: - - RtApiJack(); - ~RtApiJack(); - RtAudio::Api getCurrentApi( void ) { return RtAudio::UNIX_JACK; } - unsigned int getDeviceCount( void ); - RtAudio::DeviceInfo getDeviceInfo( unsigned int device ); - void closeStream( void ); - void startStream( void ); - void stopStream( void ); - void abortStream( void ); - long getStreamLatency( void ); - - // This function is intended for internal use only. It must be - // public because it is called by the internal callback handler, - // which is not a member of RtAudio. External use of this function - // will most likely produce highly undesireable results! - bool callbackEvent( unsigned long nframes ); - - private: - - bool probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ); -}; - -#endif - -#if defined(__WINDOWS_ASIO__) - -class RtApiAsio: public RtApi -{ -public: - - RtApiAsio(); - ~RtApiAsio(); - RtAudio::Api getCurrentApi( void ) { return RtAudio::WINDOWS_ASIO; } - unsigned int getDeviceCount( void ); - RtAudio::DeviceInfo getDeviceInfo( unsigned int device ); - void closeStream( void ); - void startStream( void ); - void stopStream( void ); - void abortStream( void ); - long getStreamLatency( void ); - - // This function is intended for internal use only. It must be - // public because it is called by the internal callback handler, - // which is not a member of RtAudio. External use of this function - // will most likely produce highly undesireable results! - bool callbackEvent( long bufferIndex ); - - private: - - std::vector<RtAudio::DeviceInfo> devices_; - void saveDeviceInfo( void ); - bool coInitialized_; - bool probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ); -}; - -#endif - -#if defined(__WINDOWS_DS__) - -class RtApiDs: public RtApi -{ -public: - - RtApiDs(); - ~RtApiDs(); - RtAudio::Api getCurrentApi( void ) { return RtAudio::WINDOWS_DS; } - unsigned int getDeviceCount( void ); - unsigned int getDefaultOutputDevice( void ); - unsigned int getDefaultInputDevice( void ); - RtAudio::DeviceInfo getDeviceInfo( unsigned int device ); - void closeStream( void ); - void startStream( void ); - void stopStream( void ); - void abortStream( void ); - long getStreamLatency( void ); - - // This function is intended for internal use only. It must be - // public because it is called by the internal callback handler, - // which is not a member of RtAudio. External use of this function - // will most likely produce highly undesireable results! - void callbackEvent( void ); - - private: - - bool coInitialized_; - bool buffersRolling; - long duplexPrerollBytes; - std::vector<struct DsDevice> dsDevices; - bool probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ); -}; - -#endif - -#if defined(__WINDOWS_WASAPI__) - -struct IMMDeviceEnumerator; - -class RtApiWasapi : public RtApi -{ -public: - RtApiWasapi(); - ~RtApiWasapi(); - - RtAudio::Api getCurrentApi( void ) { return RtAudio::WINDOWS_WASAPI; } - unsigned int getDeviceCount( void ); - RtAudio::DeviceInfo getDeviceInfo( unsigned int device ); - unsigned int getDefaultOutputDevice( void ); - unsigned int getDefaultInputDevice( void ); - void closeStream( void ); - void startStream( void ); - void stopStream( void ); - void abortStream( void ); - -private: - bool coInitialized_; - IMMDeviceEnumerator* deviceEnumerator_; - - bool probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int* bufferSize, - RtAudio::StreamOptions* options ); - - static DWORD WINAPI runWasapiThread( void* wasapiPtr ); - static DWORD WINAPI stopWasapiThread( void* wasapiPtr ); - static DWORD WINAPI abortWasapiThread( void* wasapiPtr ); - void wasapiThread(); -}; - -#endif - -#if defined(__LINUX_ALSA__) - -class RtApiAlsa: public RtApi -{ -public: - - RtApiAlsa(); - ~RtApiAlsa(); - RtAudio::Api getCurrentApi() { return RtAudio::LINUX_ALSA; } - unsigned int getDeviceCount( void ); - RtAudio::DeviceInfo getDeviceInfo( unsigned int device ); - void closeStream( void ); - void startStream( void ); - void stopStream( void ); - void abortStream( void ); - - // This function is intended for internal use only. It must be - // public because it is called by the internal callback handler, - // which is not a member of RtAudio. External use of this function - // will most likely produce highly undesireable results! - void callbackEvent( void ); - - private: - - std::vector<RtAudio::DeviceInfo> devices_; - void saveDeviceInfo( void ); - bool probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ); -}; - -#endif - -#if defined(__LINUX_PULSE__) - -class RtApiPulse: public RtApi -{ -public: - ~RtApiPulse(); - RtAudio::Api getCurrentApi() { return RtAudio::LINUX_PULSE; } - unsigned int getDeviceCount( void ); - RtAudio::DeviceInfo getDeviceInfo( unsigned int device ); - void closeStream( void ); - void startStream( void ); - void stopStream( void ); - void abortStream( void ); - - // This function is intended for internal use only. It must be - // public because it is called by the internal callback handler, - // which is not a member of RtAudio. External use of this function - // will most likely produce highly undesireable results! - void callbackEvent( void ); - - private: - - std::vector<RtAudio::DeviceInfo> devices_; - void saveDeviceInfo( void ); - bool probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ); -}; - -#endif - -#if defined(__LINUX_OSS__) - -class RtApiOss: public RtApi -{ -public: - - RtApiOss(); - ~RtApiOss(); - RtAudio::Api getCurrentApi() { return RtAudio::LINUX_OSS; } - unsigned int getDeviceCount( void ); - RtAudio::DeviceInfo getDeviceInfo( unsigned int device ); - void closeStream( void ); - void startStream( void ); - void stopStream( void ); - void abortStream( void ); - - // This function is intended for internal use only. It must be - // public because it is called by the internal callback handler, - // which is not a member of RtAudio. External use of this function - // will most likely produce highly undesireable results! - void callbackEvent( void ); - - private: - - bool probeDeviceOpen( unsigned int device, StreamMode mode, unsigned int channels, - unsigned int firstChannel, unsigned int sampleRate, - RtAudioFormat format, unsigned int *bufferSize, - RtAudio::StreamOptions *options ); -}; - -#endif - -#if defined(__RTAUDIO_DUMMY__) - -class RtApiDummy: public RtApi -{ -public: - - RtApiDummy() { errorText_ = "RtApiDummy: This class provides no functionality."; error( RtAudioError::WARNING ); } - RtAudio::Api getCurrentApi( void ) { return RtAudio::RTAUDIO_DUMMY; } - unsigned int getDeviceCount( void ) { return 0; } - RtAudio::DeviceInfo getDeviceInfo( unsigned int /*device*/ ) { RtAudio::DeviceInfo info; return info; } - void closeStream( void ) {} - void startStream( void ) {} - void stopStream( void ) {} - void abortStream( void ) {} - - private: - - bool probeDeviceOpen( unsigned int /*device*/, StreamMode /*mode*/, unsigned int /*channels*/, - unsigned int /*firstChannel*/, unsigned int /*sampleRate*/, - RtAudioFormat /*format*/, unsigned int * /*bufferSize*/, - RtAudio::StreamOptions * /*options*/ ) { return false; } -}; - -#endif - -#endif - -// Indentation settings for Vim and Emacs -// -// Local Variables: -// c-basic-offset: 2 -// indent-tabs-mode: nil -// End: -// -// vim: et sts=2 sw=2 - -#endif // RTAUDIO_ENABLED -GODOT- diff --git a/thirdparty/tinyexr/tinyexr.h b/thirdparty/tinyexr/tinyexr.h index b3a7ee00c2..3c19391850 100644 --- a/thirdparty/tinyexr/tinyexr.h +++ b/thirdparty/tinyexr/tinyexr.h @@ -274,6 +274,12 @@ extern int LoadEXR(float **out_rgba, int *width, int *height, const char *filename, const char **err); // @deprecated { to be removed. } +// Simple wrapper API for ParseEXRHeaderFromFile. +// checking given file is a EXR file(by just look up header) +// @return TINYEXR_SUCCEES for EXR image, TINYEXR_ERROR_INVALID_HEADER for others +extern int IsEXR(const char *filename); + +// @deprecated { to be removed. } // Saves single-frame OpenEXR image. Assume EXR image contains RGB(A) channels. // components must be 1(Grayscale), 3(RGB) or 4(RGBA). // Input image format is: `float x width x height`, or `float x RGB(A) x width x @@ -6998,6 +7004,10 @@ static void swap2(unsigned short *val) { #endif } +#ifdef __clang__ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wunused-function" +#endif static void cpy4(int *dst_val, const int *src_val) { unsigned char *dst = reinterpret_cast<unsigned char *>(dst_val); const unsigned char *src = reinterpret_cast<const unsigned char *>(src_val); @@ -7028,6 +7038,10 @@ static void cpy4(float *dst_val, const float *src_val) { dst[3] = src[3]; } +#ifdef __clang__ +#pragma clang diagnostic pop +#endif + static void swap4(unsigned int *val) { #ifdef MINIZ_LITTLE_ENDIAN (void)val; @@ -8840,7 +8854,8 @@ static bool getCode(int po, int rlc, long long &c, int &lc, const char *&in, if (out + cs > oe) return false; // Bounds check for safety - if ((out - 1) <= ob) return false; + // Issue 100. + if ((out - 1) < ob) return false; unsigned short s = out[-1]; while (cs-- > 0) *out++ = s; @@ -10721,6 +10736,15 @@ static int DecodeChunk(EXRImage *exr_image, const EXRHeader *exr_header, int data_width = exr_header->data_window[2] - exr_header->data_window[0] + 1; int data_height = exr_header->data_window[3] - exr_header->data_window[1] + 1; + if ((data_width < 0) || (data_height < 0)) { + if (err) { + std::stringstream ss; + ss << "Invalid data width or data height: " << data_width << ", " << data_height << std::endl; + (*err) += ss.str(); + } + return TINYEXR_ERROR_INVALID_DATA; + } + size_t num_blocks = offsets.size(); std::vector<size_t> channel_offset_list; @@ -10816,6 +10840,17 @@ static int DecodeChunk(EXRImage *exr_image, const EXRHeader *exr_header, } } else { // scanline format + // Don't allow too large image(256GB * pixel_data_size or more). Workaround for #104. + size_t data_len = size_t(data_width) * size_t(data_height) * size_t(num_channels); + if ((data_len == 0) || (data_len >= 0x4000000000)) { + if (err) { + std::stringstream ss; + ss << "Image data size is zero or too large: width = " << data_width << ", height = " << data_height << ", channels = " << num_channels << std::endl; + (*err) += ss.str(); + } + return TINYEXR_ERROR_INVALID_DATA; + } + exr_image->images = tinyexr::AllocateImage( num_channels, exr_header->channels, exr_header->requested_pixel_types, data_width, data_height); @@ -11155,7 +11190,6 @@ int LoadEXR(float **out_rgba, int *width, int *height, const char *filename, static_cast<size_t>(exr_image.height))); if (exr_header.tiled) { - // todo.implement this for (int it = 0; it < exr_image.num_tiles; it++) { for (int j = 0; j < exr_header.tile_size_y; j++) { @@ -11284,6 +11318,17 @@ int LoadEXR(float **out_rgba, int *width, int *height, const char *filename, return TINYEXR_SUCCESS; } +int IsEXR(const char *filename) { + EXRVersion exr_version; + + int ret = ParseEXRVersionFromFile(&exr_version, filename); + if (ret != TINYEXR_SUCCESS) { + return TINYEXR_ERROR_INVALID_HEADER; + } + + return TINYEXR_SUCCESS; +} + int ParseEXRHeaderFromMemory(EXRHeader *exr_header, const EXRVersion *version, const unsigned char *memory, size_t size, const char **err) { @@ -11380,75 +11425,128 @@ int LoadEXRFromMemory(float **out_rgba, int *width, int *height, } } - if (idxR == -1) { - tinyexr::SetErrorMessage("R channel not found", err); - - // @todo { free exr_image } - return TINYEXR_ERROR_INVALID_DATA; - } - - if (idxG == -1) { - tinyexr::SetErrorMessage("G channel not found", err); - // @todo { free exr_image } - return TINYEXR_ERROR_INVALID_DATA; - } + // TODO(syoyo): Refactor removing same code as used in LoadEXR(). + if (exr_header.num_channels == 1) { + // Grayscale channel only. - if (idxB == -1) { - tinyexr::SetErrorMessage("B channel not found", err); - // @todo { free exr_image } - return TINYEXR_ERROR_INVALID_DATA; - } + (*out_rgba) = reinterpret_cast<float *>( + malloc(4 * sizeof(float) * static_cast<size_t>(exr_image.width) * + static_cast<size_t>(exr_image.height))); - (*out_rgba) = reinterpret_cast<float *>( - malloc(4 * sizeof(float) * static_cast<size_t>(exr_image.width) * - static_cast<size_t>(exr_image.height))); + if (exr_header.tiled) { - if (exr_header.tiled) { - for (int it = 0; it < exr_image.num_tiles; it++) { - for (int j = 0; j < exr_header.tile_size_y; j++) - for (int i = 0; i < exr_header.tile_size_x; i++) { - const int ii = - exr_image.tiles[it].offset_x * exr_header.tile_size_x + i; - const int jj = - exr_image.tiles[it].offset_y * exr_header.tile_size_y + j; - const int idx = ii + jj * exr_image.width; + for (int it = 0; it < exr_image.num_tiles; it++) { + for (int j = 0; j < exr_header.tile_size_y; j++) { + for (int i = 0; i < exr_header.tile_size_x; i++) { + const int ii = + exr_image.tiles[it].offset_x * exr_header.tile_size_x + i; + const int jj = + exr_image.tiles[it].offset_y * exr_header.tile_size_y + j; + const int idx = ii + jj * exr_image.width; - // out of region check. - if (ii >= exr_image.width) { - continue; - } - if (jj >= exr_image.height) { - continue; - } - const int srcIdx = i + j * exr_header.tile_size_x; - unsigned char **src = exr_image.tiles[it].images; - (*out_rgba)[4 * idx + 0] = - reinterpret_cast<float **>(src)[idxR][srcIdx]; - (*out_rgba)[4 * idx + 1] = - reinterpret_cast<float **>(src)[idxG][srcIdx]; - (*out_rgba)[4 * idx + 2] = - reinterpret_cast<float **>(src)[idxB][srcIdx]; - if (idxA != -1) { + // out of region check. + if (ii >= exr_image.width) { + continue; + } + if (jj >= exr_image.height) { + continue; + } + const int srcIdx = i + j * exr_header.tile_size_x; + unsigned char **src = exr_image.tiles[it].images; + (*out_rgba)[4 * idx + 0] = + reinterpret_cast<float **>(src)[0][srcIdx]; + (*out_rgba)[4 * idx + 1] = + reinterpret_cast<float **>(src)[0][srcIdx]; + (*out_rgba)[4 * idx + 2] = + reinterpret_cast<float **>(src)[0][srcIdx]; (*out_rgba)[4 * idx + 3] = - reinterpret_cast<float **>(src)[idxA][srcIdx]; - } else { - (*out_rgba)[4 * idx + 3] = 1.0; + reinterpret_cast<float **>(src)[0][srcIdx]; } } + } + } else { + for (int i = 0; i < exr_image.width * exr_image.height; i++) { + const float val = reinterpret_cast<float **>(exr_image.images)[0][i]; + (*out_rgba)[4 * i + 0] = val; + (*out_rgba)[4 * i + 1] = val; + (*out_rgba)[4 * i + 2] = val; + (*out_rgba)[4 * i + 3] = val; + } } + } else { - for (int i = 0; i < exr_image.width * exr_image.height; i++) { - (*out_rgba)[4 * i + 0] = - reinterpret_cast<float **>(exr_image.images)[idxR][i]; - (*out_rgba)[4 * i + 1] = - reinterpret_cast<float **>(exr_image.images)[idxG][i]; - (*out_rgba)[4 * i + 2] = - reinterpret_cast<float **>(exr_image.images)[idxB][i]; - if (idxA != -1) { - (*out_rgba)[4 * i + 3] = - reinterpret_cast<float **>(exr_image.images)[idxA][i]; - } else { - (*out_rgba)[4 * i + 3] = 1.0; + // TODO(syoyo): Support non RGBA image. + + if (idxR == -1) { + tinyexr::SetErrorMessage("R channel not found", err); + + // @todo { free exr_image } + return TINYEXR_ERROR_INVALID_DATA; + } + + if (idxG == -1) { + tinyexr::SetErrorMessage("G channel not found", err); + // @todo { free exr_image } + return TINYEXR_ERROR_INVALID_DATA; + } + + if (idxB == -1) { + tinyexr::SetErrorMessage("B channel not found", err); + // @todo { free exr_image } + return TINYEXR_ERROR_INVALID_DATA; + } + + (*out_rgba) = reinterpret_cast<float *>( + malloc(4 * sizeof(float) * static_cast<size_t>(exr_image.width) * + static_cast<size_t>(exr_image.height))); + + if (exr_header.tiled) { + for (int it = 0; it < exr_image.num_tiles; it++) { + for (int j = 0; j < exr_header.tile_size_y; j++) + for (int i = 0; i < exr_header.tile_size_x; i++) { + const int ii = + exr_image.tiles[it].offset_x * exr_header.tile_size_x + i; + const int jj = + exr_image.tiles[it].offset_y * exr_header.tile_size_y + j; + const int idx = ii + jj * exr_image.width; + + // out of region check. + if (ii >= exr_image.width) { + continue; + } + if (jj >= exr_image.height) { + continue; + } + const int srcIdx = i + j * exr_header.tile_size_x; + unsigned char **src = exr_image.tiles[it].images; + (*out_rgba)[4 * idx + 0] = + reinterpret_cast<float **>(src)[idxR][srcIdx]; + (*out_rgba)[4 * idx + 1] = + reinterpret_cast<float **>(src)[idxG][srcIdx]; + (*out_rgba)[4 * idx + 2] = + reinterpret_cast<float **>(src)[idxB][srcIdx]; + if (idxA != -1) { + (*out_rgba)[4 * idx + 3] = + reinterpret_cast<float **>(src)[idxA][srcIdx]; + } else { + (*out_rgba)[4 * idx + 3] = 1.0; + } + } + } + } else { + for (int i = 0; i < exr_image.width * exr_image.height; i++) { + (*out_rgba)[4 * i + 0] = + reinterpret_cast<float **>(exr_image.images)[idxR][i]; + (*out_rgba)[4 * i + 1] = + reinterpret_cast<float **>(exr_image.images)[idxG][i]; + (*out_rgba)[4 * i + 2] = + reinterpret_cast<float **>(exr_image.images)[idxB][i]; + if (idxA != -1) { + (*out_rgba)[4 * i + 3] = + reinterpret_cast<float **>(exr_image.images)[idxA][i]; + } else { + (*out_rgba)[4 * i + 3] = 1.0; + } } } } |